DEF CON 26 — Thiago Alves — Hacking PLCs and Causing Havoc on Critical Infrastructures
Programmable Logic Controllers (PLCs) are devices used on a variety of industrial plants, from small factories to critical infrastructures like…Подробнее
DEFCON
DEF CON 26 — Steven Danneman — Your Banks Digital Side Door
Why does my bank’s website require my MFA token but Quicken sync does not? How is using Quicken or any…Подробнее
DEF CON 26 — Ruo Ando — Asura PCAP File Analyzer for Anomaly Packets Detection
Recently, the inspection of huge traffic log is imposing a great burden on security analysts. Unfortunately, there have been few…Подробнее
DEF CON 26 — Lane Broadbent — Trouble in the Tubes How Internet Routing Security Breaks Down
We all protect our home networks, but how safe is your data once it leaves on its journey to the…Подробнее
DEF CON 26 — Bui and Rao — Last mile authentication problem Exploiting the missing link
With «Trust none over the Internet» mindset, securing all communication between a client and a server with protocols such as…Подробнее
DEF CON 26 — West and Campbell — barcOwned Popping Shells with Your Cereal Box
Barcodes and barcode scanners are ubiquitous in many industries and work with untrusted data on labels, boxes, and even phone…Подробнее
DEF CON 26 — Dr Matthews and Panel — A DEF CON Guide to Adversarial Testing of Software
Software is increasingly used to make huge decisions about people’s lives and often these decisions are made with little transparency…Подробнее
DEF CON 26 — Maksim Shudrak — Fuzzing Malware For Fun and Profit
Practice shows that even the most secure software written by the best engineers contain bugs. Malware is not an exception.…Подробнее
DEF CON 26 — Gabriel Ryan — Bypassing Port Security In 2018 Defeating MacSEC and 802 1x 2010
Existing techniques for bypassing wired port security are limited to attacking 802.1x-2004, which does not provide encryption or the ability…Подробнее
DEF CON 26 = Richard Thieme — The Road to Resilience How Real Hacking Redeems a Damnable Profession
Two years ago Richard Thieme spoke on “Playing Through the Pain: The Impact of Dark Knowledge on Security and Intelligence…Подробнее
DEF CON 26 — Orange Tsai — Breaking Parser Logic Take Your Path Normalization Off and Pop 0Days Out
We propose a new exploit technique that brings a whole-new attack surface to defeat path normalization, which is complicated in…Подробнее
DEF CON 26 — Sanat Sharma — House of Roman a Leakless Heap Fengshui to Achieve RCE on PIE Binaries
Regarding ptmalloc2, many heap exploitation techniques have been invented in the recent years, well documented on the famous how2heap repository,…Подробнее
DEF CON 26 — The Tarquin — Weaponizing Unicode Homographs Beyond IDNs
Most people are familiar with homograph attacks due to phishing or other attack campaigns using Internationalized Domain Names with look-alike…Подробнее
DEF CON 26 — Sheng Hao Ma — Playing Malware Injection with Exploit Thoughts
In the past, when hackers did malicious program code injection, they used to adopt RunPE, AtomBombing, cross-process creation threads, and…Подробнее
DEF CON 26 — Damien virtualabs Cauquil — You had better secure your BLE devices
Sniffing and attacking Bluetooth Low Energy devices has always been a real pain. Proprietary tools do the job but cannot…Подробнее
DEF CON 26 — Bai and Zheng — Analyzing and Attacking Apple Kernel Drivers
Though many security mechanisms are deployed in Apple’s macOS and iOS systems, some old-fashioned or poor-quality kernel code still leaves…Подробнее
DEF CON 26 — Maggie Mayhem — Sex Work After SESTA FOSTA
Surveillance had been a fact of life for sex workers wherever they have faced prohibition. Only two elements, communication and…Подробнее
DEF CON 26 — Daniel Zolnikov — A Politicians Successful Efforts to Fight Surveillance
Orwell’s concept of 1984 has more to do with government misuse of technology than technology itself. New technology allows for…Подробнее
DEF CON 26 — Patrick Wardle — Fire and Ice Making and Breaking macOS Firewalls
In the ever raging battle between malicious code and anti-malware tools, firewalls play an essential role. Many a malware has…Подробнее
DEF CON 26 — Paternotte and van Ommeren — It WISNt Me Attacking Industrial Wireless Mesh Networks
Wireless sensor networks are commonly thought of as IoT devices communicating using familiar short-range wireless protocols like Zigbee, MiWi, Thread…Подробнее
DEF CON 26 — Sean Metcalf — Exploiting Active Directory Administrator Insecurities
Defenders have been slowly adapting to the new reality: Any organization is a target. They bought boxes that blink and…Подробнее
DEF CON 26 — zenofex — Dissecting the Teddy Ruxpin Reverse Engineering the Smart Bear
The Teddy Ruxpin is an iconic toy from the 1980’s featuring an animatronic teddy bear that reads stories from cassette…Подробнее
DEF CON 26 — Christopher Domas — GOD MODE UNLOCKED Hardware Backdoors in redacted x86
Complexity is increasing. Trust eroding. In the wake of Spectre and Meltdown, when it seems that things cannot get any…Подробнее
DEF CON 26 — Rousseau and Seymour — Finding Xori Malware Analysis Triage with Automated Disassembly
In a world of high volume malware and limited researchers we need a dramatic improvement in our ability to process…Подробнее
DEF CON 26 — Dr Holtmanns and Singh — 4G Who is Paying Your Cellular Phone Bill Video
Cellular networks are connected with each other through a worldwide private, but not unaccessible network, called IPX network. Through this…Подробнее
DEF CON 26 — Galloway, Yunusov — For the Love of Money Finding and Exploiting Vulns in mPOS Systems
These days it’s hard to find a business that doesn’t accept faster payments. Mobile Point of Sales (mPOS) terminals have…Подробнее
DEF CON 26 — George Tarnovsky — You Can Run but You Cant Hide Reverse Engineering Using X-Ray
Most of us have knowledge of PCB construction. In the past reversing someone’s design was an easy task due to…Подробнее
DEF CON 26 — Seamus Burke — A Journey Into Hexagon Dissecting a Qualcomm Baseband
Mobile phones are quite complicated and feature multiple embedded processors handling wifi, cellular connectivity, bluetooth, and other signal processing in…Подробнее
DEF CON 26 — Jeanette Manfra — Securing our Nations Election Infrastructure
Fair elections are at the core of every democracy and are of paramount importance to our national security. The confidence…Подробнее