briefings - august 6 & 7
5 stars based on
Power exists to be used. Some wish for cyber safety, which they will not get. Others wish for cyber order, which they will not get. Some have the eye to discern cyber policies that are "the least worst thing;" may they fill the vacuum of wishful thinking. And so, we had to come up with a way of helping to stop attacks. There's been lot of hyperbole and misinformation about the NSA's collection of Americans' phone su binary android 4-20ma signal generator, emails, address books, buddy lists, calling records, online video game chats, financial documents, browsing history, video chats, text messages, and su binary android 4-20ma signal generator data.
The conversation will include an overview of the NSA's activities, argue positions for and against the activities, and end with questions from the audience.
Over the past year, more than 10, people participated in the Matasano crypto challenges, a staged learning exercise where participants implemented 48 different attacks against realistic cryptographic constructions. In the process, we collected crypto exploit code in dozens of different languages, ranging from X86 assembly to Haskell. With the permission of the participants, we've built a "Rosetta Code" site with per-language implementations of each of the crypto attacks we taught.
In this talk, we'll run through all 48 of the crypto challenges, giving Black Hat attendees early access to all of the crypto su binary android 4-20ma signal generator.
We'll explain the importance of each of the attacks, putting them into the context of actual software flaws. Our challenges cover crypto concepts from block cipher mode selection to public key agreement algorithms. For some of the more interesting attacks, we'll step-by-step the audience through exploit code, in several languages simultaneously.
Up until this point, little has been done to help researchers expose vulnerabilities within the systems that implement the protocol. In this talk, we'll dissect IEEE Many point-of-sale breaches occurred in the past year and many organizations are still vulnerable against the simplest exploits. In this presentation, I explain about su binary android 4-20ma signal generator points-of-sale get compromised from both retailer's and software-vendor's perspective.
One of the most common threats is memory scraping, which is a difficult issue to solve. Hence, I would like to share with you a demonstration of how it works and what can be done in order to minimize this threat. During this presentation, I will explain the long journey to understand how to mitigate it, while walking through the concepts not exposing vendor names that don't work and those that can work.
In a nutshell, VDI solutions provide a remote workstation offering so that no data is stored locally. We decided to examine the architecture and see for ourselves whether VDI delivers on its security promise.
In this engaging session, we demonstrate a proof-of-concept attack where a malicious app leverages screen scraping to exfiltrate data through common VDI platforms. By simulating the user's interaction, we show how such an attack is su binary android 4-20ma signal generator only feasible - but also efficient. While keeping the espionage activity invisible both from client-side and server-side malware detection measures, the attacker can automate the process and ultimately render the VDI solution ineffective.
The millions su binary android 4-20ma signal generator unique malicious binaries gathered in today's white-hat malware repositories are connected through a dense web of hidden code-sharing relationships. If we could recover this shared-code network, we could provide much needed context for and insight into newly observed malware. For example, our analysis could leverage previous reverse engineering work performed on a new malware sample's older "relatives," giving important context and accelerating the reverse engineering process.
Various approaches have been proposed to see through malware packing and obfuscation to identify code sharing. A significant limitation of these existing approaches, however, is that they are either scalable but easily defeated or that they are complex but do not scale to millions of malware samples. A final issue is that even su binary android 4-20ma signal generator more complex approaches described in the research literature tend to only exploit one "feature domain," be it malware instruction sequences, call graph structure, application binary interface metadata, or dynamic API call traces, leaving these methods open to defeat by intelligent adversaries.
How, then, do we assess malware similarity and "newness" in a way that both scales to millions of samples and is resilient to the zoo of obfuscation techniques that malware authors employ? In this talk, I propose an answer: To make this algorithm scale, we use an approximate feature counting technique and a feature-hashing trick drawn from the machine-learning domain, allowing for the fast feature extraction and fast retrieval of sample "near neighbors" even when handling millions of binaries.
Our algorithm was developed over the course of three years and has been evaluated both internally and by an independent test team at MIT Lincoln Laboratories: In the presentation, I will give details on how to implement the algorithm and will go over these algorithm results in a series of large-scale interactive malware visualizations. As part of the algorithm description I will walk through a Python machine learning library that we will be releasing in the conference material which allows users to detect feature frequencies over billions of items on commodity hardware.
Automotive security concerns have gone from the fringe to the mainstream with security researchers showing su binary android 4-20ma signal generator susceptibility of the modern vehicle to local and remote attacks. A malicious attacker leveraging a remote vulnerability could do anything from enabling a microphone for eavesdropping to turning the steering wheel to disabling the brakes.
Unfortunately, research has only been presented on three or four particular vehicles. Each manufacturer designs their fleets differently; therefore analysis of remote threats must avoid generalities.
This talk takes a step back and examines the automotive network of a su binary android 4-20ma signal generator number of different manufacturers from a security su binary android 4-20ma signal generator. From this larger dataset, we can begin to answer questions like: Are some cars su binary android 4-20ma signal generator secure from remote compromise than others? Has automotive network security changed for the better or worse in the last five years?
What does the future of automotive security hold and how can we protect our vehicles from attack moving forward? Abuse of these devices is particularly problematic both because the owner has difficulty interfacing with and fixing the device and because the static code provided by the vendor is generally rotted and vulnerable by the time the consumer unpacks the device.
The poor management of CPE has created an Internet-scale problem and potential for abuse. For example, the plurality of open DNS resolvers accessible on the Internet are on medium-speed DSL connections, the sorts of connections leased to home and small-business users. These devices are available for abuse in reflected and amplified DDoS attacks. The vulnerable devices themselves can also be leveraged against su binary android 4-20ma signal generator consumer in middleperson attacks.
In this presentation, we quantify this su binary android 4-20ma signal generator and provide recommendations for how the Internet community can address this public-health-like problem. Microsoft Active Directory uses Kerberos to handle authentication requests by default.
However, if the domain is compromised, how bad can it really be? With the loss of the right hash, Su binary android 4-20ma signal generator can be completely compromised for years after the attacker gained access. Yes, it really is that bad. In this presentation Skip Duckwall, passingthehash on twitter and Benjamin Delpy, gentilkiwi on twitter and the author of Mimikatz, will demonstrate just how thoroughly compromised Kerberos can be under real world conditions.
Prepare to have all your assumptions about Kerberos challenged! The primary goal of ASLR is to effectively randomize a program's memory layout so that adversaries cannot easily infer such information. As ASLR is a critical defense against exploitation, there have been tremendous efforts to evaluate the mechanism's security. To date, previous attacks that bypass ASLR have focused mostly on exploiting memory leak vulnerabilities, or abusing non-randomized data structures.
In this presentation, we leverage vulnerabilities introduced by performance-oriented software design to reveal new ways in which ASLR can be bypassed. In addition to describing how vulnerabilities originate from such designs, we will present real attacks that exploit them.
The team that discovered the Android MasterKey vulnerability in is here to present another new Android vulnerability with widespread impact: This can lead to a malicious application having the ability to steal user data, recover passwords and secrets, or in certain cases, compromise the whole Android device. Su binary android 4-20ma signal generator vulnerability is embedded in all shipped Android devices since January Android Eclair 2. This presentation aims to: The presentation will also coincide with the release of a free security scanning tool to help end-users scan for risk of this su binary android 4-20ma signal generator on their su binary android 4-20ma signal generator devices.
APT attacks exhibit discernible attributes or patterns. In order to maintain the command and control c2 network redundant, APT attacks are generally embedded with multiple DNS names. Most of existing malware attribution works placed great emphasis on grouping the technological or behavioral contexts from the malware binaries.
We studied a small sample of malware from a specific victim group who had been subjected to APT attacks. The gatherings of such evidence regarding malware binaries are not complicated.
But it requires tedious online queries of open source information. We developed an automated solution to simplify the tasks of collecting and storing the information as a database for future analysis. Once the initial set of malicious DNS-IP pair, "parked domain" and "whois information" are identified; the database can be called to perform updates manually.
This database can be used for further analysis by a visualization tool, and for identification of the possible identity or personas of the attackers.
In our studies, we used Maltego for the analysis. While there has certainly been some interesting research into the security of mobile broadband modems, or "dongles," in the past, it has almost exclusively focused on novel attacks such as buffer overflows over text message, attacks on the device's file system, and other advanced approaches.
The level of skill and effort required to execute such an attack reduces the potential number of attackers, but there are easier ways to monetize from attacking these devices too. This talk will focus on some more likely scenarios; web-based attacks that are not that hard to pull off but that will allow the attacker to cash in without too much effort. The speaker will demonstrate how to profit, steal sensitive su binary android 4-20ma signal generator, and establish a persistent hold on the devices, and also how a seemingly modest attack could be used as part of a more advanced attack chain.
There will su binary android 4-20ma signal generator be an analysis of why it is easy being an Internet criminal, and how it will continue to be so unless drastic changes are su binary android 4-20ma signal generator to how we approach and implement new consumer technology.
Oh, and there will be demos. We are meant to measure and manage data with more precision than ever before using Big Data. But companies are getting Hadoopy often with little or no consideration of security. Are we taking on too much risk too fast? This session explains how best to handle the looming Big Data risk in any environment. Better predictions and more intelligent decisions are expected from our biggest data sets, yet do we really trust systems we secure the least?
And do we really know why "learning" machines continue to make amusing and sometimes tragic mistakes? Infosec is in this game but with Big Data we appear to be waiting on the sidelines.