PRESS RELEASE Company: Hack In The Box / HITBSecConf Date of Issue: 10th April 2013 Release Summary: Members of the @Evad3rs will hold a press conference at the fourth annual Hack In The Box Security Conference on the 11th of April at the Okura Hotel, Amsterdam. The press conference will focus on their renowned evasi0n jailbreak and will also be streamed live. URL: http://conference.hitb.org/hitbsecconf2013ams/evad3rs-press-conference/ Evad3rs Press Conference at HITBSecConf2013 -- Amsterdam...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, press conference, press...
KEYNOTE MATERIALS: http://conference.hitb.org/hitbsecconf2013ams/materials/ KEYNOTE ABSTRACT: Organized criminals, nation-state groups and hacktivists continue to wreak havoc within organizations of all sizes in spite of their security teams' best efforts. Are security teams just not getting it? No -- it's just that security teams today must face unknown and unexpected attacks when there is a legacy over-reliance on antiquated incident management processes, an over-dependence on obsolete...
Topics: Youtube, video, Science & Technology, amsterdam, analytics, big data analytics, hitbsecconf,...
KEYNOTE MATERIALS: http://conference.hitb.org/hitbsecconf2013ams/materials/ KEYNOTE ABSTRACT: Reading the headlines today, we see that security issues frequently involve employees, their accounts, and their machines. And yet many security professionals view their employees as a lost cause. Between bad passwords, phishing, and lost machines, these users seem to present unbounded risk. And managing that risk often creates tensions between business needs and security needs. In this keynote I'll...
Topics: Youtube, video, Science & Technology, bob lord, twitter, phishing, experimental results, hitb,...
EVENT WEBSITE: http://conference.hitb.org/hitbsecconf2014kul/ Promo video for our final HITB Security Conference in Malaysia taking place at Intercontinental Kuala Lumpur from the 13th - 16th of October. Keynote speakers include Marcia Hofmann, Katie Moussouris and the legendary Richard Thieme Source: https://www.youtube.com/watch?v=-jvUVPe-q9s Uploader: Hack In The Box Security Conference
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2014kul, malaysia,...
Due to changes in Richard’s schedule, the closing keynote was delivered via a video link. PRESENTATION MATERIALS FROM OTHER TALKS & PRESENTATIONS : http://conference.hitb.org/hitbsecconf2014kul/materials KEYNOTE ABSTRACT: “In my end is my beginning,” said T. S. Eliot in The Four Quartets, and he might have been talking about hacking. Because radical hacking is a state of mind, an approach to life, the universe, everything, a practice that must be understood with humility, explored...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, richard thieme,...
Radio timing service, such as GPS, BPC, JJY, WWVB, DCF77, WWVH have been widely used as a basic time source for industry or individual systems. These signals are used by millions of people to synchronize consumer electronic products like wall clocks, clock radios, and wristwatches. NTP sever also use these signals to get a precise time. In this presentation we show how these signals can be forged with a low cost circuit. If hackers take this device to the target region and emit the fake signal,...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, sdr, ntp, hitb2016ams
The Women In Cyber Security Woman Of The Year 2016 award ceremony held at the Hack In The Box security conference on 26th May 2016. Twitter: @WomenInCyber @Platform_ECP Source: https://www.youtube.com/watch?v=HNMhbB0PsnY Uploader: Hack In The Box Security Conference
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, wics, womanoftheyear,...
This talk will describe first the landscape of side channel vulnerabilities, the types which are possible given different virtualization circumstances, and the basic primitives of an side-channel attack. This survey will contrast against the specific exploitation of the cloud based environment. We then look closely at the attack surface of common, cloud-based, hardware side channels. This includes the full hardware stack shared between supposedly isolated hosts and the similarities and...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, keynote,...
Closing comments from Martin Knobloch of NIXU ====== Martin is Principal Consultant at Nixu BeNeLux (https://www.nixu.com/en/nixubenelux). His main working area is (software) security in general, from awareness to implementation. In his daily work, he is responsible for education in application security matters, advise and implementation of application security measures. Martin is a frequent speaker at universities, hacker spaces and various conferences. Source:...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, commsec, hitb2016ams,...
IoT devices frequently include obscure RF transceivers with little or no documentation, which can hinder the reverse engineering research process. Fortunately, regulatory bodies like the United States’ FCC contain a wealth of useful information. In order to certify wireless devices for sale in different markets, manufacturers must submit their products to test labs which evaluate the behavior of their RF emissions. The test reports often contain detailed physical layer operating...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec, iot
The security community is trying to solve insecurity caused by bugs and flaws in software for many years now, but with what success? We almost never look in successes and failures experiences in other areas, but we could really learn from. This talk is inspired by Ernesto Sirolli’s TED talk “Want to help someone? Shut up and listen” about failures in the aid program’s around the world. Listening to Ernesto Sirolli, you cannot miss the similarity with the security community trying to...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec,...
On Feb 16th, Google published CVE-2015-7547: glibc getaddrinfo vulnerability that affects all SW compiled with GLIBC for many versions. As this vulnerability is in the code used to parse network addresses it is possible, in theory, to remotely exploit it. The Google team published a crashing POC but chose not to disclose an exploit. Our team has been studying the vulnerability and developed a technique to exploit this vulnerability and achieve remote code execution. The technique applies to...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec,...
ChatOps, a concept originating from Github, is chatroom-driven DevOps for distributed teams, using chatbots (like Hubot) to execute custom scripts and plugins. We have applied the concept of ChatOps to the penetration testing workflow, and found that it fits outstandingly – for everything from routine scanning to spearphishing to pentest gamification. This talk discusses the tools that we use (RocketChat, Hubot, Gitlab, pentesting tools), and provides battle stories of using Pentesting...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec,...
The upcoming era of hyper connectivity is characterized by technologies like IoT, wearables, drones, software agents, artificial intelligence, data analytics etc. Whilst looking for needles in a haystack we create an overkill of information which is virtually impossible to digest. How to resolve these paradoxical challenges? In my presentation I will illuminate the challenges at hand from a joint legal and technical perspective. ====== Elisabeth is a thought leader, strategist, innovator,...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec
In this talk I will be discussing the tactics used by APTs and Nation State threat actors. Starting with the basics of who is responsible for attacks we will move swiftly on to the top 2% of attacks which can be classed as APTs: State Sponsored Hackers, Organised Crime and Intelligence Services. I will briefly cover the history of industrial espionage starting with the theft of Lockheed Martin’s jet designs and the subsequent suspiciously similar MIG which was produced in 1998. Moving on I...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec, apt
CTF contests are designed to serve as an educational exercise to give participants experience in securing machines, as well as conducting and reacting to the sort of attacks found in the real world. Reverse-engineering, network sniffing, protocol analysis, system administration, programming, and cryptanalysis are all skills which are generally refined and tested through CTFs. Facebook has recently launched a new open-source Capture the Flag platform, a standalone CTF site that can be used by...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec,...
In the past few years hackerspaces came to the world to create a creative and hacky environment for the people but we need something for the younger ones. Let’s call them mini-hackers, junior-nerds, the techchilds or the coding-kids. Most kids aren’t exposed to interesting hacking stuff at their schools and the situation is pretty much the same here in The Netherlands – the main subject is always general studies. These junior-nerds and techchilds don’t fit in to this square hole and...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec,...
The process behind analyzing mobile applications, specially Android ones, is still in a maturing stage requiring the penetration tester to run a series of long laborious tasks, especially when you are doing a blackbox test. In the absence of the application’s source code, knowing the nuances of the application’s behavior at runtime is quite costly and requires the knowledge of complex tools such as a debugger (eg. JDB). Inpseckage, an open source tool that aims to help the consultant...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec,...
Ok, parking meters, they’ve been discussed, hacked, torn down, even had EEPROM data read off of them with the use of electron microscope and aid of neural-network image processing. What makes my talk different? The talk will cover the background of the manufacturer, some initial communications with them, and of course the hardware itself. The hardware portion includes a tear down of a “smart” parking meter, as seen in San Francisco and many other US metropolitan cities, with mobile...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec,...
When an end user reports some “strange looking file names”, which, after investigating, you discover include several hundreds of Gigabytes of encrypted data, you of course know you are going to have a bad day. Your AV solution has failed you, your firewall has failed you, and your SIEM has failed you. Basically every piece of security infrastructure you have put your trust (and money) into has left you out in the cold and you thank (deity of choice) that at least the nightly backup was...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, commsec,...
KVM-Qemu and Docker containers are important components of virtualization technology and are widely used by mainstream cloud vendors. KVM-Qemu is a full virtualization solution for Linux on x86 hardware which contains virtualization extensions (Intel VT or AMD-V) and devices emulated by QEMU in user components. Docker is an open-source and light-weight project that automates the development of applications inside software containers by providing an additional layer of abstraction and automation...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, qihoo360,...
Exploit kits are one of the threats that is ever present on the Internet. Indiscriminately compromising users that are simply surfing websites. As ransomware has exploded so has the proliferation of these exploit kits. This combination of ransomware, tor, and bitcoin has created a financially lucrative monster. One of the challenges with investigating exploit kits is how quickly they move and pivot to other systems. For the last year Talos has been systematically diving into each exploit kit...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, cisco, talos,...
Analyzing network traffic is a task that comes up often in the context of malware analysis: both before infection, in malware delivery from sites and after infection, in the communication with the C&C servers. Having this information is vital when doing dynamic analysis. However, the current solutions to this issue involve either adding a root CA (certificate authority) to the machine, splitting the traffic and resigning certificates on-the-fly or modifying crypto libraries to log extra...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, telescope,...
The observer effect (commonly confused with Heisenberg’s Uncertainty principle) tells us that in particle physics, the act of observing an event changes its behavior. This is true in computer systems as well, and can be used by an attacker to determine if they are being monitored or introspected upon from on high. This talk will begin by examining architectural “tells” that can be utilized to detect the presence of analysis tools, even those with higher privilege/stealth capabilities than...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, pufs, cots,...
As a key foundation of cloud computing, virtualization technology plays an increasingly significant role, while cloud platforms are also widely and rapidly developing. However, in recent years, we’ve seen an increase in high-risk vulnerabilities in virtualization systems, which could cause some significant challenges to cloud security implementations. This talk will introduce Qihoo 360’s Virtualized Security Research Team’s fuzzing framework for virtualization systems and a comprehensive...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams,...
LTE is a more advanced mobile network but not absolutely secure. In this presentation, we will introduce a method which jointly exploits the vulnerabilities in tracking area update procedure, attach procedure, and RRC redirection procedure in LTE networks resulting in the ability to force a targeted LTE cellphone to downgrade into a malicious GSM network where an attacker can subsequently eavesdrop its voice calls and GPRS data. We used LTE software plus USRP to verify this attack. Some open...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, lte,...
We have witnessed many kernel vulnerabilities of Android devices. They have already been utilized by underground businesses in malware and APTs. Unfortunately, some of these vulnerabilities remain unfixed for years, partly due to the time-consuming patching and verification procedures, or probably because the vendors care more about innovating new products than securing existing devices. As such, there are still a lot devices all over the world subject to root attacks. In this talk, we will...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, kernel, live patching,...
Content Security Policy (CSP) is a defense-in-depth mechanism to restrict resources that can be loaded, embedded and executed in a web application, significantly reducing the risk and impact of injections. It is supported by most modern browsers, and it already is at its third iteration – yet, adoption in the web is struggling. In this presentation we will highlight the major roadblocks that make CSP deployment difficult, common mistakes, talk about what works and what doesn’t in different...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, csp,...
Although embedded hardware hacking seems to be an out-of-date technique, it is still dangerous and effective. I created a project called “IRON-HID” – a platform for security validation that can create various types of USB devices such as HID (Human Interface Device) type, mass-storage type, and vendor-specific type. The IRON-HID contains installable software that enables you to gain full control of the target machine. You can then perform whatever actions you want on the target device via...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, iron-hid,...
In the era of cyberwarfare, it becomes a norm to see cyber criminals use multi-level attacks to penetrate a multi-layered protected network infrastructure. We often see APT attackers manipulate 0-day or N-day Windows kernel vulnerabilities in order to guarantee a successful full system compromise. It would be a surprise if we do not see Windows kernel exploit involved in such targeted attacks. It is also worth noting that beside APT attackers, the botnet operators also seize the opportunity to...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, exploit,...
Recently Apple introduced “Sign In With Apple Account” Development track, allowing anyone to write application for an i-Device and execute it, under the radar, no identification process required (e.g. anonymously). In this presentation I will show new vulnerabilities that are now re-introduced into the Apple devices eco-system. I will demonstrate how easy it is to create an iOS evil client / malware application that targets both the personal and the corporate markets. Evil client can be...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, ios,...
“Next-Generation” firewalls provide functionality well beyond the traditional filtering capabilities. They offer deep protocol inspection, application identification, user based filtering, VPN functionality and more. While this significantly increases the attack surface of these devices, little public research is available. In this talk I will present an in-depth analysis of one of the leading NGFW solutions: PAN-OS. Besides describing the overall system architecture, I will discuss and...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, ernw, palo alto,...
Automotive security is a hot research area but up till now, research has only centered around how to attack with no single complete solution for defense. After 2 years of research, I have developed a machine learning based IDS for automobiles to detect abnormal traffic on the CANBUS and built a very low-cost device that can be used to capture raw CAN traffic and wirelessly transmit the data to a computer, mobile phone, or a central server for further analysis. I call this device CANsee – an...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, qihoo360, automotive,...
In a casual conversation with Thomas “Halvar Flake” Dullien I suggested that performance counters could be used as a software mitigation for the row hammer exploit he and Mark Seaborn had developed. Thomas encouraged me to research it and it became suggestion for a software solution for row hammer. I presented this research with Nishat Herath during Black Hat 2015. While researching row hammer I noticed that the methodology I was developing could be important in mitigating cache side...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, intel, cache, cpu, row...
In this session, we will reveal and demonstrate perfect exfiltration via indirect covert channels (i.e. the communicating parties don’t directly exchange network packets). This is a family of techniques to exfiltrate data (low throughput) from an enterprise in a manner indistinguishable from genuine traffic. Using HTTP and exploiting a byproduct of how some websites choose to cache their pages, we will demonstrate how data can be leaked without raising any suspicion. These techniques are...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams,...
The Xen is a widely used virtualization platform powering some of the largest clouds in production today. For the purpose of cloud platform security reinforcement, our team have looked into the implementation of Xen hypervisor and found a series of highly critical vulnerabilities that could be used to exploit the host machine. For example, the XSA-148/CVE-2015-7825, a 7 year old bug disclosed by our team two months ago, is one of the worst vulnerabilities ever hit to the Xen Project. This...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, alibaba, xen,...
It’s 2016. WiFi is more widespread than ever. Every average household has one or several WiFi access points, often provided by their Internet Service Provider. Sadly, after many years.. many of these router/modem/access points ship with a default set of WiFi credentials (that is unique to the specific box) that can be recovered by clever attackers. In this talk we’ll walk you through how the algorithm for generating ESSID and WPA2-PSK keys for a widespread modem was recovered and...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, ctf,...
The past few years have seen a leap in fuzzing technology. The original paradigm established a decade ago resulted in two widely deployed approaches to fuzzing: sample based mutation and model based generation. Thanks to ever-increasing computational performance and better engineering, newer guided fuzzing approaches have proven to be supremely effective with a low cost of deployment. This talk will explore a few different approaches to guided fuzzing through dynamic analysis including code...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, fuzzing,...
The majority of applications written in Java use Object-relational Mapping (ORM) libraries for working with underlying relational database management systems (RDBMS). Java has API for utilizing ORM functionality called Java Persistence API (JPA), which is the part of J2SE and J2EE specifications since version 5. Usage of ORM simplifies database programming and gives solid benefits to the developer over plain JDBC, like providing database and schema independence, leveraging object oriented...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, orm...
Perf has been added into Linux kernel since 2.6.3x to provide a framework for all things performance analysis. It covers hardware level (CPU/PMU, Performance Monitoring Unit) features and software features (software counters, trace points) as well. Among the supported perf measurable event list, there is a small set of common hardware events monikers which get mapped onto an actual events provided by the CPU, if they exists, otherwise the event cannot be used. So there is no surprise CPU...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, perf,...
In a world where governments are demanding exceptional (and unprecedented) access to systems under the guise of national security and the looming specter of terrorism, recent events have resurfaced the conflict between privacy and security. While some believe this to be a new battle of the Internet age, it’s just a continuation of the unending crypto war between technologists and law enforcement. Mr Adams will give a brief overview of the recent FBI vs. Apple debate, how companies with large...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, keynote
Everything must be connected right now! Go! Do it! It’ll be great…. Then I’ll be able to order my Iced Half Caff Ristretto Venti 4-Pump Sugar Free Cinnamon Dolce Soy Skinny Latte so I can pick it up on the way to work as I cycle past the coffeee shop without breaking a sweat… Marvelous! Wait, did I say “I’ll be able to order”? Sorry, what I meant was: “My bicycle will be able to order”, because, obviously, my bicycle saddle is connected to my home WiFi, so when it detects my...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, keynote
Cybersecurity: A Dance Between Governments, Companies and Hacker Communities The digital domain makes our lives easier in so many aspects, but our dependence on it also makes us and our vital processes more vulnerable. Just like cyber, cybercrime has become mainstream. To make optimal use of the chances that the digital domain has to offer, we need to work together: governments, companies and hacker communities, nationally and internationally, to strengthen our digital security. ========...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2016ams, welcome...
Source: https://www.youtube.com/watch?v=ewx96PsgL0s Uploader: Hack In The Box Security Conference
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2017ams, closing...
Are you excited to learn all about the latest security research? So are we! The security researchers in this video give you a sneak preview about what they’ll be sharing with you at #HITB2017AMS. We’ll have talks, workshops and trainings for you from renowned experts in the field, who will give you all the details. Discuss topics with speakers and other participants of this leading security conference. If you’re into security, you will want to be there, since not only will it give you a...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2017ams, markus...
ECMAScript is the standard used to implement JavaScript in browsers and script engines. As new features are added, new tools become available to manipulate browsers’ underlying native code leading to new and exciting bugs. This talk discusses some of the more interesting parts of the ECMAScript specification, and how they led to bugs in Microsoft’s Chakra JavaScript Engine. A keynote recommended for people who want to find more or better browser bugs! === Natalie Silvanovich is a security...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, Natalie Silvanovich,...
We have built (a prototype of) a passive listing ransomware detector that is able to guard network data shares against ransomware in real world operation. Ransomware is a variation of malware that takes partial or full control of the victim’s computer, often through encryption or locking the computer itself behind an alternative desktop. The end goal is to extort the owner of the computer into paying a ransom in order to undo or avoid further damage. In contrary to most malware-practices,...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2017ams, don muders,...
Everybody knows about Apple iCloud backups — how to disable this feature, or (if you are on the other side) how to download the data. However, iCloud is not just about backups. There is quite a lot of data that is also being *synced* across all the devices, and so stored in the iCloud — including contacts, calendars, notes, media files, documents, 3rd party application data, passwords, credit card numbers and much more (e.g. mail signatures and custom text shortcuts). Even if you disable...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, vladimir katalov,...
This talk will present a new disarming flaw that can be used to prevent all anti-ROP checks in EMET 5.5x from ever being performed. The disarming condition is caused by the fact that references to the read-only CONFIG_STRUCT are always retrieved from the process heap (which has a PAGE_READWRITE protection). This is obfuscated by the usage of DecodePointer throughout EMET. Presentation Outline Short introduction of EMET Short introduction of info leak / RW-primitive requirement Recap of...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2017ams, emet
For the past ten years the KARMA attack has been the industry standard for causing a Wi-Fi client to automatically connect to an attacker-controlled Access Point. In the KARMA attack the attacker introduces an access point that bares the same characteristics as a (open) network which the client has connected to in the past (and will continue to connect to if given the chance, due to automatic association rules). Information about such networks were leaked to nearby stations during the Wi-Fi...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, George Chatzisofroniou,...
Today’s standard embedded technology is not resilient against basic hardware fault injection attacks. Such attacks alter the intended behavior of a chip by manipulating its environmental conditions. Typically this is done by manipulating the power supply voltage, but more advanced techniques use electro-magnetic or optical pulses. Code bases which are executed at the highest privilege level are of special interest to attackers, because modified behavior can have much impact on the security of...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, niek timmers, albert...
Monitoring the radio spectrum usage is an important way to keep track of wireless devices in your organisation. Whether it’s an unauthorised IoT device or an implanted device exfiltrating data, we want to keep an eye on RF devices within out infrastructure. Over the past few months a group of open source software developers have been working on tools to allow low cost SDR platforms to rapidly sweep frequencies in order to monitor the spectrum around us. Our base platform is HackRF and we are...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, dominic spill,...
Say hello to KeRanger, Eleanor, Keydnap, Mokes, and more! 2016 was a busy year for Mac malware authors who released a variety of new macOS malware creations. Sure adware remained common, but 2016 also saw the first ‘real’ ransomware targeting Macs, plus a variety of persistent RATs and backdoors. And unfortunately the majority of this malware was initially undetected by all traditional antivirus products leaving mac users exposed! The talk will begin by providing a technical overview of...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, patrick wardle, synack,...
In this talk Miika will be discussing the steps it took to own a bank’s infrastructure years ago. He will be describing how he gained the initial foothold in DMZ, what it took to get past the forbidding firewall and AV into the internal network and how he finally ended up in the DC. Along the way he will be reflecting on the features (weaknesses), tools and techniques and discuss how they have changed over the years. === Miika has worked as a technical security specialist in Nixu for almost...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, miika turkia,...
The Age of the Radio is upon us: wireless protocols are a dime a dozen thanks to the explosion of the Internet of Things. While proprietary wireless solutions may offer performance benefits and cost savings over standards like 802.11 or Bluetooth, their security features are rarely well-exercised due to a lack of access to these interfaces. The adoption of Software Defined Radio (SDR) by the security research community has helped shift this balance, however SDR remains a boutique skillset. Join...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, hitb2017ams, marc...
In 2005 an incredible story called the ‘Athens Affair’ exposed an advanced telco hack obviously carried out by a state actor. The sophistication of the attack came as a huge surprise in a pre-Snowden world. To this day the case was never solved, even though it involved phone tapping of government officials and resulted in the suspicious death of a key witness. Whoever did this was never heard from again. Until now. During a routine security audit of a mobile network operator, suspicious...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, emmanuel gadaix, emx,...
I have made a ‘magic mirror’ – (an example of what that is: https://www.raspberrypi.org/blog/magic-mirror/ (Disclaimer: This is NOT mine!). This talk will cover how to build your own with a Raspberry Pi after which I will discuss how I made mine more secure. The last part of the talk will discuss some further enhancements I want to make to create a device that is more like something like we see in science fiction movies/novels. === I’m a Software and Security Tester with 15 years of...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, Steven Wierckx, magic...
Modern Intel CPUs allow using JTAG-like interface through USB 3.0, it available on numerous platforms. These make it possible to control a system totally, making the technology attractive not only for debugging and research. Starting with Skylake, Intel introduced Direct Connect Interface(DCI) technology, and you can find a rather superficial description of it in the docs. Exist two types of connection: using a specific device, the so-called Intel SVT Closed Chassis Adapter, or a common USB3...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, mark ermalov, maxim...
IoT is an emerging field and exploding with new products and innovation. The security of IoT products is still lagging behind for various reasons. One of the important reasons from security researcher’s perspective is the availability of security tools. If you have been pen testing IoT products you would agree that there are too many different tools required for the job and there is no single silver bullet. And when it comes to Smart Infrastructure, we do not have any existing solution...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, Aseem Jakhar, iot,...
Sandboxing is a popular modern technique used by vendors to minimize the damages that attackers might inflict on a compromised system by restricting the application’s trust boundaries. Sandboxing raises the bar for exploitation because the compromised application is now “contained”, and typically need at least another vulnerability to escape the sandbox container to achieve the same level of system compromise. As a testament of its effectiveness, popular applications that have adopted...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, yong chuan koh, mwr,...
This talk will give researchers insight into a program’s perspective on bug bounty. First, we identify characteristics of a successful bug bounty researcher. Then we’ll dive into some specific example reports with the goal of understanding why some reports are more valuable than others – researchers should expect to understand which types of reports are highest ROI for their time and effort. Finally, we will give researchers insight into the why/how around our recent program updates....
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, rob fletcher, uber, bug...
From a functional programming perspective, Erlang is an excellent language that substantially reduces risk when writing code. What many developers don’t understand is that Erlang is built on an architecture and within ecosystem that contains many subtle security flaws. One such set of flaws allows anyone with the ability to interact with a remote Erlang node to compromise that node by abusing the underlying BEAM Virtual Machine and the services required to run Erlang. The author’s previous...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, don bailey, erlang,...
In his talk Chris van den Hooven explores the relationship between CISO’s and hackers. Where hackers have their fun hacking applications and networks while finding and reporting vulnerabilities, CISO’s face their own challenges. Next to assessing the risk of getting hacked there is always the question where to put the company’s money. How can the hacker help the CISO? === Chris holds a bachelor degree in Engineering and he did his Master in Management &ICT. He has more than 15 years...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, Chris van den Hooven,...
In this lecture, Mr. Bailey will present the security attributes of an exciting new processing architecture, RISC-V. Pronounced “Risk Five”, this architecture offers exceptional opportunities for a new generation of computing platforms by providing a fully open source Instruction Set Architecture (ISA) to the professional community. This move substantially decreases the cost of building new processing units by removing the price boundary often seen in common computing architectures. RISC-V...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, don bailey, risc,...
Drammer is an attack that exploits the Rowhammer [1] hardware vulnerability on Android devices. It is the first Android root exploit that requires no user permissions and relies on no software vulnerability. Drammer is an instance of the FFS [2] exploitation technique. Drammer was published and presented as a scientific paper at the ACM Conference on Computer and Communications Security (CCS) in Vienna, October 2016. Both ArsTechnica and WIRED published an article about it. Paper:...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, victor van der veen,...
Follow me on a journey where we pwn one of the most secure platforms on earth – a giant mammoth that to this day powers the most critical business functions around the world: The Mainframe! Be it a wire transfer, an ATM withdrawal, or flight booking, you can be sure that you’ve used the trusted services of a mainframe at least once during the last 24 hours. CICS or the Customer Information Control System was developed by IBM to host and develop interactive application mainly on z/OS as well...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, ayoub elaassal, cics,...
This talk will explore Intel Processor Trace, the new hardware branch tracing feature included in Intel Skylake processors. We will explain the design of Intel Processor trace and detail how the current generation implementation works including the various filtering modes and output configurations. This year we designed and developed the first opensource Intel PT driver for the Microsoft Windows operating system. We will discuss the architecture of the driver and the large number of low level...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, richard johnson,...
In recent years, security vendors have increased their product offerings in order to accommodate the security needs of the corporate environment in addition to desktop Anti-Virus (AV). Solutions such as end-point security, web browsing security, cloud security, server mail security, data loss prevention and so on have become an integral part of many corporate networks. Although the latest security research has focused mainly on consumer AV products, evasion techniques and scan engine...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, roberto suggi liverani,...
Last year we proved that the whitelist-based approach of Content Security Policy (CSP) is flawed and proposed an alternative based on ‘strict-dynamic’ in combination with nonces or hashes. This approach makes CSP radically easier to deploy and, at the same time, unleashes its full potential as an XSS mitigation mechanism. In our academic paper (CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy, ACM CCS, 2016), we demonstrated, using...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, Lukas Weichselbaum,...
There is no doubt that mobile contactless payments has grown exponentially and Host Card Emulation – the possibility to emulate payment cards on a mobile device, without dependency on special Secure Element hardware, has also significantly boosted the number of applications. HCE support for Android is usually delivered as an external, certified “black-box” library to compile in your application. Obviously vendors promise “highest level of security” – including: card data...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, Slawomir Jasek, android,...
Physical access trumps digital access and we’ve all seen lockpicking explained at several security venues. You might even have tried it yourself. But what if you need to open a lock a number of times? Wouldn’t it be great to have an opening technique that would supply you with a working key in the process? A method to do this has existed for quite some time, but until recently it has remained quite unknown. Some time ago impressioning locks got “re-invented” by the lockpick community...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, jos weyers, key...
Protection mechanisms running in the kernel-level (Ring 0) cannot completely prevent security threats such as rootkits and kernel exploits, because the threats can subvert the protections with the same privileges. Protections need to be provided with higher privileges. Creating Ring -1 is plausible using VT such as ARM TrustZone, Intel VT-x, and AMD AMD-v. The existing VT (Virtualization Technologies) has support to separate worlds in a host (secure world, ring -1) and a guest (normal world,...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, seunghun han, shadow...
Cryptographic primitives and protocols are typically treated as mathematical components that represent the following provable security property: theoretically secure with an established formal security proof. However, in real-world applications, provable security is more often than not weakened by the actual implementation and the properties of the device / system / Operating system on which cryptographic primitives and protocols are deployed – are often exploitable by a side-channel...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, najwa aaraj, darkmatter,...
With security as one of its design fundamentals, Microsoft Edge browser is one of the most secure browsers around. How difficult is it to find remote code execution exploits in the Edge browser? To answer this question we spent time researching various attack surfaces in the Edge browser and came away with an answer – go in through the ChakraCore engine. ChakraCore is the core of Microsoft’s next generation Javascript Engine that powers Microsoft Edge. Since it is open sourced, we can...
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, Long Liu, linan hao,...
Heads is an open source custom firmware and OS configuration for laptops and servers that aims to provide slightly better physical security and protection for data on the system. Unlike Tails, which aims to be a stateless OS that leaves no trace on the computer of its presence, Heads is intended for the case where you need to store data and state on the computer. It targets specific models of commodity hardware and takes advantage of lessons learned from several years of vulnerability research....
Topics: Youtube, video, Science & Technology, hitb, hitbsecconf, hackinthebox, trammel hudson,...
Live Music Archive
Librivox Free Audio
Metropolitan Museum
Cleveland Museum of Art
Internet Arcade
Console Living Room
Books to Borrow
Open Library
TV News
Understanding 9/11
