Bestand wählen
Filter anzeigen Filter ausblenden

Suche eingrenzen

1-12 von 29 Ergebnissen
Anzeige anpassen
  • Sortieren nach:
45:24 Hacktivity Englisch 2015

Post-its, post-its, post-its everywhere (and how they relate to physical keys)

A password shouldn’t be on a post-it note. In plain view. On the console. The password to a locked door is called a key. So if a reporter wants to get the point across that certain people shouldn't have access to a particular key, would it be wise for said reporter to show that key to the world? This talk show how not to run this story, why we should care and maybe make you rethink your physical security a bit.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
46:00 Hacktivity Englisch 2015

Layer 1 encryption and decryption

Ha a fizikai rétegrol beszélünk, mindenki drótokra és optikai kapcsolatokra gondol, miközben a modern kommunikáció jelentos része vezeték nélkül zajlik. A rendelkezésre álló frekvenciaspektrum jobb kihasználáshoz az eszközök frekvenciaugratásos technikákat használnak, azaz mind a leadó-, mind a vevo-berendezés másodpercenként több ezerszer vált frekvenciát. A megfelelo kommunikáció biztosításához a leadót és a vevot szinkronban kell tartani. A kereskedelmi használatban ezt frekvenciaugratásos eloírások biztosítják. Ha a kommunikációt tovább akarjuk titkosítani, csak annyit kell tennünk, hogy nem szabványos eloírást használunk, így harmadik fél nem tudja veszteség nélkül összegyojteni az átvitt adatokat, ez a veszteség pedig megakadályozza a tartalom titkosítását megfejtését. A digitális jelfeldolgozás új eszközt biztosít minden átvitt karakterfüzér azonosítására és összegyujtésére.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
41:37 Hacktivity Englisch 2015

Defend PowerShell Attacks When All Else Fails

PowerShell has gained considerable attention over the past few years in response to increased task automation in the Windows environment. Regardless of PowerShell’s capability to address administrators’ day-to-day operations, it is widely used for penetration testing and even attacking purposes. Specifically designed post-exploitation attacks and payloads by utilizing PowerShell are difficult to prevent on the condition that as the attackers gain privilege accounts. All protections ranging from the control on Execution Policy, Constrained PowerShell to customize the remote endpoints, AppLocker to allow or deny applications from running, to the control of objects with PSLockdownPolicy in PowerShell V3 could be, in some ways, tampered or bypassed to run malicious PowerShell script. Security monitoring by enabling subtle details in PowerShell Event Logs is able to collect useful information when PowerShell is called, but attackers could find a way to alter or disable those legitimately. So far no major study exists to corroborate such a conclusion on about the defense against PowerShell attacks in this condition. Until such a study is undertaken or a new feature is introduced, we have built a PowerShade platform, a prototype in python script to observe, capture, and neutralise PowerShell post-exploitation attacks.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
30:47 Hacktivity Englisch 2015

Modification of the prime generation method of the OpenSSL library

Random numbers are very important in many fields of computer science, especially in cryptography. One of the most important usages of pseudorandom number generators (PRNG) are is key generation methods for cryptographic purposes. In this presentation a modification of the prime generation method of the OpenSSL library will be presented. The modified version of the library passes every well-known statistical tests (e.g NIST test, DIEHARD test), however while an adversary is still able to reconstruct the prime numbers (P,Q) from the public key. The method can be used for malicious purposes as a sophisticated backdoor. The presented research is based on the theory of kleptography and a recently published research paper.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
54:53 Hacktivity Englisch 2015

Rocking the pocket book: hacking chemical plant for competition and extortion

Fear of cyber-attacks with catastrophic physical consequences easily capture public imagination. The appeal of hacking a physical process is dreaming about physical damage attacks lighting up the sky in a shower of goodness. Let's face it, after such elite hacking action nobody is going to let one present it at a public conference. As a poor substitute, this presentation will use a simulated plant for Vinyl Acetate production for demonstrating a complete attack, from start to end, directed at persistent economic damage to a production site while avoiding attribution of production loss to a cyber-event. Such an attack scenario could be useful to a manufacturer aiming at putting competitors out of business or as a strong argument in an extortion attack. Designing an attack scenario is a matter of art as much as economic consideration: the cost of an attack can quickly exceed damage worth. The talk will elaborate on multiple factors which constitute attack costs and how to optimize them.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
45:56 Hacktivity Englisch 2015

BAB0: A custom sample that bypassed cutting-edge APT attack detection tools

In this talk, we present BAB0, a custom sample that we developed for testing purposes and that bypassed 5 cutting-edge APT attack detection tools. We explain why BAB0 escaped detection both in the phase of infecting the victim and later during continuous communications with a remote C&C server. We show the tricks that we designed and implemented in BAB0 and try to make some demonstrations as well. We also elaborate on the problems of testing anti-APT products in general, and give some hints on new testing methodologies that are currently emerging within the AV test community.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
41:44 Hacktivity Englisch 2015

Hacking cars in the style of Stuxnet

We believe that the most important impact of Stuxnet in the long run is that it provides a blueprint for carrying out similar attacks in different embedded computing environments. To demonstrate this, we started experimenting with attacking cars in the same style as Stuxnet attacked uranium centrifuges. Our experiments show that it is relatively easy to perform dangerous modifications to the settings of different car electronic control units. by sSimply infecting the mechanic's PC or laptop that runs the diagnostic software used to manage those ECUs in the car, and replacing the DLL responsible for communications between the diagnostic software and the CAN bus with a malicious DLL, that we can implements man-in-the-middle type attacks (e.g., replay or modification of commands). As a proof-of-concept, we managed to forge a message that switches off the airbag of an Audi TT without the mechanic noticing the misdeed.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
42:06 Hacktivity Englisch 2015

Why Nation-State Malwares Target Telco Networks: Dissection Technical Capabilities of Regin and Its Counterparts

The recent research in malware analysis suggests state actors allegedly use cyber espionage campaigns against GSM networks. Analysis of state-sponsored malwares such as Flame, Duqu, Uruborus and the Regin revealed that these were designed to sustain long-term intelligence-gathering operations by remaining under the radar. Antivirus companies made a great job in revealing technical details of the attack campaigns, however, they have almost exclusively focused on the executables or the memory dump of the infected systems - the research hasn't been simulated in a real environment. In this talk, we are going to break down the Regin framework stages from a reverse engineering perspective - kernel driver infection scheme, virtual file system and its encryption scheme, kernel mode manager- while analyzing its behaviors on a GSM network and making technical comparison of its counterparts - such as TDL4, Uruborus, Duqu2.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
44:20 Hacktivity Englisch 2015

Semi-automated mapping of iOS binaries

Black-box iOS application pentesting is a growing and hot topic. For most pentests, the most pain and effort is are consumed by the initial phases of the work, i.ei.e. basic mapping of the application features and where the individual features are implemented within the binary. We describe a MobileSubstrate based, semi-automatic approach for mapping security related features, such as encryption, jailbreak detection, keychain usage.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
37:06 Hacktivity Englisch 2015

Memory corruption vulnerabilities, runtime mitigations and their bypasses

Memory corruption vulnerabilities are ubiquitous and unavoidable issues of our complex applications. There are many exploitation and exploit mitigation techniques offor them as well as bypass methods of for the used or proposed defenses. For instance beyond in addition to the nowadays classic defenses of Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), there are newer more recent proposals like Control Flow Integrity (CFI) and fine-grained ASLR, even if these solutions are not frequently used in practice today mainly for performance and compatibility reasons. The aim of this talk is to provide an overview of the main achievements of the state -of -the -art academic research in this field, and also to demonstrate and discuss some concrete uses of evasion techniques for bypassing runtime mitigations, like the Enhanced Mitigation Experience Toolkit (EMET) of Microsoft.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
47:15 Hacktivity Englisch 2015

The Network Behavior of Targeted Attacks

The network patterns of Targeted Attacks are very different from usual malware because of the different goals of the attackers. Therefore, it is difficult to detect targeted attacks looking for DNS anomalies, DGA traffic or HTTP patterns. However, our analysis of targeted attacks reveals novel patterns in their network communication. These patterns were incorporated into our Stratosphere IPS in order to model, identify and detect the traffic of targeted attacks. With this knowledge it is possible to alert attacks in the network within a short time, independently of the malware used. The Stratosphere project analyzes the inherent patterns of malware actions in the network using Machine Learning. It uses Markov Chain's algorithms to find patterns that are independent of static features. These patterns are used to build behavioral models of malware actions that are later used to detect similar traffic in the network. The tool and datasets are freely published.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
37:01 Hacktivity Englisch 2015

Sandbox detection for the masses: leak, abuse, test

Manual processing of malware samples became impossible years ago. Sandboxes are used to automate the analysis of malware samples to gather information about the dynamic behaviour of the malware, both at AV companies and at enterprises. During my research I invented new approaches to detect these sandboxes. I developed a tool, which can collect a lot of interesting information from these sandboxes to create statistics how the current technologies work. I will demonstrate tricks to detect sandboxes. Some sandboxes are not interacting with the Internet in order to block data extraction, but with some DNS-fu the information can be extracted from these appliances as well. If you already have or plan to buy a “magic” malware analysis/detection sandbox, this is a must -see presentation for you. The sandbox detection techniques used in “APT”s like BlackEnergy or DOUBLEFANTASY can be considered old, outdated and lacking in creativeness compared to these new techniques.
  • Erscheinungsjahr: 2015
  • Herausgeber: Hacktivity
  • Sprache: Englisch
von 3 Seiten
Loading...
Feedback