DEF CON 25 - Yuwue Zheng and Lin Huang - Ghost Telephonist Impersonates You Through LTE CSFB
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube. ... https://www.youtube.com/watch?v=BiQ-3FofdoI
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=WuKaa1fIdwg
How not to do DOCSIS networks
Did you ever want to have access to a few hundred thousand network end points? Or a few hundred thousand phone numbers? A short look behind the curtains of how not to do network security.
...
https://www.youtube.com/watch?v=asUFte4JU-M
Brent provides a live demonstration reversing engineering 17 or more unknown passenger vehicle CAN networks in under 10 minutes using new automated techniques. These unsupervised techniques are over 90% accurate and consistent when tested using production CAN networks and different driving conditions. He then introduces the Python and R code used for the demo and posted to his public GitHub repository at https://github.com/brent-stone/CAN_Reverse_Engineering
The Dissertation explaining how the code works is also posted.
...
https://www.youtube.com/watch?v=jh_H9LIvQIs
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=Sa16RZiIU84
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=XVQdUCmTeFU
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=x2d4NlGWbT4
In 2017, a sophisticated threat actor deployed the TRITON attack framework engineered to manipulate industrial safety systems at a critical infrastructure facility. This talk offers new insights into TRITON attack framework which became an unprecedented milestone in the history of cyber-warfare as it is the first publicly observed malware that specifically targets protection functions meant to safeguard human lives. While the attack was discovered before its ultimate goal was achieved, that is, disruption of the physical process, TRITON is a wakeup call regarding the need to urgently improve ICS cybersecurity.
This analysis and presentation will cover:
- How the threat actors could have obtained the targeted equipment, firmware and documentation, based on our own experience,
- The level of resources (time, money, expertise) required to develop a sophisticated embedded implant like TRITON,
- The advanced methods used by the malware for a multi-stage injection of the backdoor into the controller of the Schneider Electric Triconex safety shutdown system, derived from both static and dynamic analysis of the code,
- A demo of how the TRITON malware executes on a running Triconex controller,
- Why did the attacker possibly failed to inject payload.
We will conclude with an appeal to vendors about the urgent need for equipment auditing and forensic tools. These tools must be developed before TRITON-like attacks become mass-scale and the time to start working on them is now; hacking is a fashion industry, as soon as a new exploitation technique becomes available, everybody jumps on the bandwagon.
This session will thus provide comprehensive insights into how one of the most sophisticated attacks on an ICS system to date was developed and how it could be detected during and post exploitation. This is important information for anyone seeking to secure critical infrastructure.
Black Hat USA 2018
...
https://www.youtube.com/watch?v=_7YNz7DqWWE
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=xeTpRrr__C0
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=1TFqaV6jMHQ