My WHCD exam experience
IntroductionMy story starts in July in Budapest, summer is hot. Way too hot. I am working in the cozy air-conditioned office room and look at my daily schedule. I have a business lunch with Sándor Fehér, co-founder & CEO at White Hat IT Security at an Italian restaurant. This will ... Read More
The RastaLabs experience
IntroductionIt was 20 November, and I was just starting to wonder what I would do during the next month. I had already left my previous job, and the new one would only start in January. Playing with PS4 all month might sound fun for some people, but I knew I ... Read More
Hacktivity 2018 badge – quick start guide for beginners
You either landed on this blog post because you are a huge fan of Hacktivityyou bought this badge around a year agoyou are just interested in hacker conference badge hacking. or maybe all of the above. Whatever the reasons, this guide should be helpful for those who never had any ... Read More
How to build a "burner device" for DEF CON in one easy step
TL;DR: Don't build a burner device. Probably this is not the risk you are looking for.IntroductionEvery year before DEF CON people starts to give advice to attendees to bring "burner devices" to DEF CON. Some people also start to create long lists on how to build burner devices, especially laptops. But the ... Read More
Recovering data from an old encrypted Time Machine backup
Recovering data from a backup should be an easy thing to do. At least this is what you expect. Yesterday I had a problem which should have been easy to solve, but it was not. I hope this blog post can help others who face the same problem.The problem1. I ... Read More
Why (I believe) WADA was not hacked by the Russians
Disclaimer: This is my personal opinion. I am not an expert in attribution. But as it turns out, not many people in the world are good at attribution. I know this post lacks real evidence and is mostly based on speculation.Let's start with the main facts we know about the ... Read More
One reason why InfoSec sucked in the past 20 years – the "security tips" myth
From time to time, I get disappointed how much effort and money is put into securing computers, networks, mobile phones, ... and yet in 2016 here we are, where not much has changed on the defensive side. There are many things I personally blame for this situation, and one of ... Read More
How I hacked my IP camera, and found this backdoor account
The time has come. I bought my second IoT device - in the form of a cheap IP camera. As it was the most affordable among all others, my expectations regarding security was low. But this camera was still able to surprise me.Maybe I will disclose the camera model used ... Read More
How to secure your home against "Internet of Things" and FUD
TL;DR, most of the security news about IoT is full of FUD. Always put the risks in context - who can exploit this and what can the attacker do with it. Most story only covers the latter.IntroductionThere is rarely a day without news that another "Internet of Things" got hacked ... Read More
Mythbusters: Is an open (unencrypted) WiFi more dangerous than a WPA2-PSK? Actually, it is not.
IntroductionWhenever security professionals recommend the 5 most important IT security practices to average users, one of the items is usually something like: “Avoid using open Wifi” or “Always use VPN while using open WiFi” or “Avoid sensitive websites (e.g. online banking) while using open WiFI”, etc.What I think about this? ... Read More
