Friday, August 23, 2013

IE heaps at Nordic Security Conference

By Chris Valasek @nudehaberdasher

Remember when I used to be the Windows Heap guy? Yeah, me neither ;). I just wanted to give everyone a heads up regarding my upcoming presentation “An Examination of String Allocations: IE-9 Edition” at Nordic Security Conference ( The presentation title is a bit vague so I figured I would give a quick overview.

Tuesday, August 20, 2013

FDA Medical Device Guidance

Gunter Ollmann - @gollmann

Last week the US Food and Drug Administration (FDA) finally released a couple of important documents. The first being their guidance on using radio frequency wireless technology in medical devices (replacing a draft from January 3,2007), and a second being their new (draft) guidance on premarket submission for management of cybersecurity in medical devices.

The wireless technology guidance document seeks to address many of the risks and vulnerabilities that have been disclosed in medical devices (embedded or otherwise) in recent years - in particular those with embedded RF wireless functionality...

Monday, August 5, 2013

Car Hacking: The Content

By  Chris Valasek @nudehaberdasher  and Charlie Miller @0xcharlie

Hi Everyone, 
As promised, Charlie and I are releasing all of our tools and data, along with our white paper. We hope that these items will help others get involved in automotive security research. The paper is pretty refined but the tools are a snapshot of what we had. There are probably some things that are deprecated or do not work, but things like ECOMCat and ecomcat_api should really be all you need to start with your projects. Thanks again for all the support!