32C3 - Logjam Diffie Hellman discrete logs the NSA and you
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube. ... https://www.youtube.com/watch?v=D2-N2SBH2I0
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=ijfilioyTZI
For the past 3 years d4rkm4tter has been obsessed with monitoring the wireless networks at DEF CON. This talk will take you on a journey through the successes and failures that lead to the creation of the WiFiCactus and the over 1 TB of data captured. A history of each capture project including a summary of the most interesting pieces of data will be shown.
Many people spread a lot of fear, uncertainty and doubt about the wireless environments during DEF CON. This presentation aims to bring some clarity to what is really happening in the airwaves during one of the largest hacker conferences in the world. This will include presenting data on the attacks and sensitive information that exists in the airwaves. This presentation will demonstrate the risks of using wireless networks and information leaks that can be captured by anyone who is passively listening. Countermeasures and protection strategies will be provided to help you avoid having your data captured by those who might be listening.
With the number of connected devices around us, there has never been a better time to start wardriving or warwalking. Everyone is capable of profiling wireless data around them thanks to cheap hardware and open source tools. As hackers it is important for us to discover issues and vulnerabilities while validating claims of security by software and hardware vendors. Monitoring wireless communication is a great way to start validating those claims. All of the hardware and methods used will be provided so that anyone can do this type of monitoring on their own. Hack the Planet!
...
https://www.youtube.com/watch?v=QIIvQZAgolU
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=0LA8tTKAfK0
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=C90-GwLTW7w
Dr. PhilProfessor, Bloomsburg University of Pennsylvania
A group of highly-armed individuals has just stormed into your office. They are looking to pull data from your computers which are protected with full disk encryption. In order to prevent your screen saver from activating they will likely immediately insert a mouse jiggler to prevent your screensaver lock from activating. This talk will present ways of detecting and defending against such assaults on your system by mouse jiggler wielding individuals. It will also show you how to build your own simple mouse jiggler. Nothing beyond basic Linux usage is required to understand this talk. Attendees will leave with several ways to defend against mouse jigglers and the knowledge of how to create their own mouse jigglers.
Phil was born at an early age. He cleaned out his savings as a boy in order to buy a TI99-4A computer for the sum of $450. Two years later he learned 6502 assembly and has been hacking computers and electronics ever since.
Dr. Phil currently works as a professor at Bloomsburg University of Pennsylvania. His research focus over the last few years has been on the use of microcontrollers and small embedded computers for forensics and pentesting. Phil has developed a custom pentesting Linux distro and related hardware to allow an inexpensive army of remote pentesting drones to be built using the BeagleBone Black computer boards. This work is described in detail in Phil's book "Hacking and Penetration Testing With Low Power Devices" (Syngress, 2015). Phil has also published books on Linux Forensics (Pentester Academy, 2015), USB Forensics (Pentester Academy, 2016), and Windows Forensics (Pentester Academy, 2016).
Prior to entering academia, Phil held several high level positions at well-known US companies. He holds a couple of the usual certs one might expect for someone in his position. When not working, he likes to spend time with his family, fly, hack electronics (find his Daddy and Daughter Electronics show on YouTube), and has been known to build airplanes.
...
https://www.youtube.com/watch?v=kYtAf-9tpSk
Adam Donenfeld Senior Security Researcher, Check Point
Following recent security issues discovered in Android, Google made a number of changes to tighten security across its fragmented landscape. However, Google is not alone in the struggle to keep Android safe. Qualcomm, a supplier of 80% of the chipsets in the Android ecosystem, has almost as much effect on Android’s security as Google. With this in mind, we decided to examine Qualcomm’s code in Android devices. During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems. In this presentation we will review not only the privilege escalation vulnerabilities we found, but also demonstrate and present a detailed exploitation, overcoming all the existing mitigations in Android’s Linux kernel to run kernel-code, elevating privileges and thus gaining root privileges and completely bypassing SELinux.
Adam Donenfeld is a lead mobile security researcher at Check Point with vast experience in the mobile research field. From a young age he has been hacking and reverse engineering for fun and profit. Prior to Check Point Adam served in an Israeli elite intelligence unit, as a security researcher. In his free time, Adam studies German.
...
https://www.youtube.com/watch?v=fFXs8x9gr1s
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
...
https://www.youtube.com/watch?v=Rboeh0EAF4c
Recent advancements in OS security from Microsoft such as PatchGuard, Driver Signature Enforcement, and SecureBoot have helped curtail once-widespread commodity kernel mode malware such as TDL4 and ZeroAccess. However, advanced attackers have found ways of evading these protections and continue to leverage kernel mode malware to stay one step ahead of the defenders. We will examine the techniques from malware such as DoublePulsar, SlingShot, and Turla that help attackers evade endpoint defenses. We will also reveal a novel method to execute a fully kernel mode implant without hitting disk or being detected by security products. The method builds on publicly available tools which makes it easily within grasp of novice adversaries.
While attacker techniques have evolved to evade endpoint protections, the current state of the art in kernel malware detection has also advanced to hinder these new kernel mode threats. We will discuss these new defensive techniques to counter kernel mode threats, including real-time detection techniques that leverage hypervisors along with an innovative hardware assisted approach that utilizes performance monitoring units. In addition, we will discuss on-demand techniques that leverage page table entry remapping to hunt for kernel malware at scale. To give defenders a leg up, we will release a tool that is effective at thwarting advanced kernel mode threats. Kernel mode threats will only continue to grow in prominence and impact. This talk will provide both the latest attacker techniques in this area, and a new tool to curtail these attacks, proving real-world strategies for immediate implementation.
...
https://www.youtube.com/watch?v=2m-joHxmqSQ