IO Shield is a personal platform to share Cyber Security expertise, offering:
- Resources to build field kit for CyberSecurity researcher
- IOT devices Reversing experiences
- Pentesting and auditing Services
- Cheat sheets
How to consider an IOT device ? What are the interesting fields ? What kind of services are connected and distributed in the cloud ?
December 2016 :
Bears in the Midst: Intrusion into the Democratic National Committee, by crowdstrike : APT29 ( COZY BEAR, CozyDuke), APT28 (FANCY BEAR,Sofacy)
Trust me, trust me not ...
How Google detect local interception in French private network ?
In dec 2013, French Government ANSSI responsible of a MITM against Google SSL-TLS ? ... Not Exactly ...
- Superfish, installed on somes lenovo devices, uncrypted HTTPS stream for proper advertissment. The same certificate and and key for all targets.
- Privdog, intercept server certificate and replace it by his own (signed by his own root) . Create a certificate and a key on each device.
- FREAK (Factoring RSA Export Keys) CVE-2015-0204, ex the Kaspersky Anti-Virus with a bad implementation of TLS and no HPKP
- CRIME (Compression Ratio Info-Leak Made Easy) CVE-2012-4929 , ex Kaspersky Anti-Virus 220.127.116.114
- An firefox addon to check if your HTTPS stream is intercepted.
- SSLsplit MITM attacks against SSL/TLS encrypted network connections (available in kali)
- Let's Encrypt
- HSTS - HTTP Strict Transport Security - web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking
- HPKP - HTTP Public Key Pinning - security mechanism which allows HTTPS websites to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates (Not supported by IE !)
- Weak Ciphers auditing : on server side with nmap ssl-enum-ciphers and on client side with SSL Cipher suites of your browser