The Chaos Communication Congress is an annual conference organized by the Chaos Computer Club . The congress features a variety of lectures and workshops on technical and political issues related to security, cryptography, privacy and online freedom of speech . The event takes place regularly at the end of the year since 1984.
Topics: ccc, hacker, hacker conference, chaos communication congress, chaos communication club
The Chaos Communication Congress is an annual conference organized by the Chaos Computer Club . The congress features a variety of lectures and workshops on technical and political issues related to security, cryptography, privacy and online freedom of speech . The event takes place regularly at the end of the year since 1984.
Topics: ccc, hacker, hacker conference, chaos communication congress, chaos communication club
91
91
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 91
favorite 0
comment 0
Over the last year, synchronized and coordinated attacks against critical infrastructure have taken center stage. Remote cyber intrusions at three Ukrainian regional electric power distribution companies in December 2015 left approximately 225,000 customers without power. Malware, like BlackEnergy, is being specially developed to target supervisory control and data acquisition (SCADA) systems. Specifically, adversaries are focusing their efforts on obtaining access to the human-machine...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
68
68
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 68
favorite 0
comment 0
Responsible Incident: Covert Keys Against Subverted Technology Latencies, Especially Yubikey LosT We're no strangers to love You know the rules and so do I A full commitment's what I'm thinking of You wouldn't get this from any other guy I just wanna tell you how I'm feeling Gotta make you understand Never gonna give you up Never gonna let you down Never gonna run around and desert you Never gonna make you cry Never gonna say goodbye Never gonna tell a lie and hurt you LosT also runs the annual...
Topics: Youtube, video, Science & Technology, DEF CON (Conference Series), DEF CON Video Series, DEF...
92
92
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 92
favorite 0
comment 0
Materials Available Here: https://media.defcon.org/DEF CON 23/DEF CON 23 presentations/DEFCON-23-Aaron-Grattafiori-Linux-Containers-Future-or-Fantasy-UPDATED.pdf Linux Containers: Future or Fantasy? Aaron Grattafiori Principal Security Consultant, iSEC Partners/NCC Group Containers, a pinnacle of fast and secure deployment or a panacea of false security? In recent years Linux containers have developed from an insecure and loose collection of Linux kernel namespaces to a production-ready OS...
Topics: Youtube, video, Science & Technology, DEF CON Video Series, DEF CON Conference, Conference...
48
48
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 48
favorite 0
comment 0
Working together to keep the Internet safe and secure Alejandro Mayorkas Deputy Secretary of Homeland Security We all have a role to play when it comes to ensuring the safety and security of the Internet, whether you are a federal employee, the CEO of a company, or a private citizen. Today’s threats require the engagement of our entire society. This shared responsibility means that we have to work with each other in ways that is often new for the government and the private sector. This means...
Topics: Youtube, video, Science & Technology, DEF CON Video Series, DEF CON Conference, Conference...
56
56
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 56
favorite 0
comment 0
Materials Available Here: ; /redirect?redir_token=WERQ52A1H7A4vP3-aqPh_3Mk1hx8MTUwNzMxNTE1MEAxNTA3MjI4NzUw&v=6wiBl3lohu4&q=https%3A%2F%2Fmedia.defcon.org%2FDEF%2520CON%252023%2FDEF%2520CON%252023%2520presentations%2FDEFCON-23-Amit-Ashbel-Maty-Siman-Game-of-Hacks-Play-Hack-and-Track-UPDATED.pdf&event=video_description Game of Hacks: Play, Hack & Track Amit Ashbel Product Evangelist Checkmarx Maty Siman CTO and Founder Checkmarx Fooling around with some ideas we found ourselves...
Topics: Youtube, video, Science & Technology, DEF CON Video Series, DEF CON Conference, Conference...
47
47
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 47
favorite 0
comment 0
Materials Available here:/redirect?q=https%3A%2F%2Fmedia.defcon.org%2FDEF%2520CON%252023%2FDEF%2520CON%252023%2520presentations%2FDEFCON-23-Atlas-Fun-With-Symboliks.pdf&v=9HL6MljOX0o&event=video_description&redir_token=zp9forkij3SZgqefAwFPCw9-otl8MTUwNzMxNTcxNkAxNTA3MjI5MzE2 Fun with Symboliks atlas dude at Grimm Asking the hard questions... and getting answer! Oh binary, where art thine vulns? Symbolic analysis has been a "thing" for 20 years, and yet it's still left...
Topics: Youtube, video, Science & Technology, DEF CON Video Series, DEF CON Conference, Conference...
183
183
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 183
favorite 0
comment 0
Although the hacking of automobiles is a topic often discussed, details regarding successful attacks, if ever made public, are non-comprehensive at best. The ambiguous nature of automotive security leads to narratives that are polar opposites: either we’re all going to die or our cars are perfectly safe. In this talk, we will show the reality of car hacking by demonstrating exactly how a remote attack works against an unaltered, factory vehicle. Starting with remote exploitation, we will show...
Topics: Youtube, video, Science & Technology, Vehicle (Product Category), hacking, DEF CON (Conference...
89
89
Sep 21, 2016
09/16
by
DEFCONConference
movies
eye 89
favorite 0
comment 0
Have you ever wanted to kill someone? Do you want to get rid of your partner, your boss or your arch nemesis? Perhaps you want to enjoy your life insurance payout whilst you’re still alive. Do you have rich elderly parents that just won’t die quick enough? Or do you want a “Do Over” new identity. Then, this presentation is for you! I’ll provide you with the insight and techniques on how to “kill” someone and obtain a real death certificate and shutdown their lives. It focuses on...
Topics: Youtube, video, Science & Technology, DEF CON (Conference Series), birth, death certificate,...
51
51
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 51
favorite 0
comment 0
Materials Available here: /redirect?q=https%3A%2F%2Fmedia.defcon.org%2FDEF%2520CON%252023%2FDEF%2520CON%252023%2520presentations%2FDEFCON-23-Chris-Sistrunk-NSM-101-for-ICS.pdf&event=video_description&redir_token=K8vPOhWePGLx5rcK9yEU9cPWnaZ8MTUwNzMxNjgwNUAxNTA3MjMwNDA1&v=H6AWRziR028 NSM 101 for ICS Chris Sistrunk Sr. ICS Security Consultant, FireEye Is your ICS breached? Are you sure? How do you know? The current state of security in Industrial Control Systems is a widely publicized...
Topics: Youtube, video, Science & Technology, DEF CON Video Series, DEF CON Conference, Conference...
30
30
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 30
favorite 0
comment 0
Vulnerability Assessment is, by some, regarded as one of the least “sexy” capabilities in information security. However, it is the presenter’s view that it is also a key component of any successful infosec program, and one that is often overlooked. Doing so serves an injustice to the organization and results in many missed opportunities to help ensure success in protecting critical information assets. The presenter will explore how Vulnerability Assessment can be leveraged “Beyond the...
Topics: Youtube, video, Science & Technology, Vulnerability Assessment (Competitive Space), DEF CON...
58
58
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 58
favorite 0
comment 0
Materials Available here: /redirect?v=XF_5t547Qfg&event=video_description&redir_token=AyQOHvc5eUBGuavUOuLvsBQY2pp8MTUwNzMxNTA1M0AxNTA3MjI4NjUz&q=https%3A%2F%2Fmedia.defcon.org%2FDEF%2520CON%252023%2FDEF%2520CON%252023%2520presentations%2FDEFCON-23-David-An-When-the-Secretary-of-State-says-Stop-Hacking-us.pdf When the Secretary of State says: “Please Stop Hacking Us…” David An Former U.S. State Department Senior American officials routinely hold dialogues with foreign officials...
Topics: Youtube, video, Science & Technology, DEF CON Video Series, DEF CON Conference, Conference...
23
23
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 23
favorite 0
comment 0
Access control systems are everywhere. They are used to protect everything from residential communities to commercial offices. People depend on these to work properly, but what if I had complete control over your access control solution just by using my phone? Or perhaps I input a secret keypad combination that unlocks your front door? You may not be as secure as you think. The world relies on access control systems to ensure that secured areas are only accessible to authorized users. Usually,...
Topics: Youtube, video, Science & Technology, physical security, Access Control, DEF CON (Conference...
91
91
Oct 5, 2017
10/17
by
DEFCONConference
movies
eye 91
favorite 0
comment 0
Materials Available here: /redirect?q=https%3A%2F%2Fmedia.defcon.org%2FDEF%2520CON%252023%2FDEF%2520CON%252023%2520presentations%2FDEFCON-23-Mickey-Shkatov-Jesse-Michael-Scared-poopless-LTE-and-your-laptop-UPDATED.pdf&redir_token=bUXEn8hFCjy3hNMxSxVZeWrXNcB8MTUwNzMyMTQxNUAxNTA3MjM1MDE1&event=video_description&v=q4pRYZjzL_E Scared Poopless – LTE and *your* laptop Mickey Shkatov Security researcher, Intel Advanced Threat Research. Jesse Michael Security researcher With today’s...
Topics: Youtube, video, Science & Technology, DEF CON Video Series, DEF CON Conference, Conference...
51
51
Apr 19, 2018
04/18
by
DEFCONConference
movies
eye 51
favorite 0
comment 0
Global Honeypot Trends Elliot Brink Many of my computer systems are constantly compromised, attacked, hacked, 24/7. How do I know this? I've been allowing it. This presentation will cover over one year of research running several vulnerable systems (or honeypots) in multiple countries including the USA, mainland China, Russia and others. We'll be taking a look at: a brief introduction to honeypots, common attacker trends (both sophisticated and script kiddie), brief malware analysis and the...
Topics: Youtube, video, Science & Technology, DEF CON Video Series, DEF CON Conference, Conference...
37
37
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 37
favorite 0
comment 0
Rogue access points provide attackers with powerful capabilities, but in 2016 modern privacy protections such as HTTPS Everywhere, free TLS certificates and HSTS are de-facto standards. Surely our encrypted traffic is now safe on the local coffee shop network? If not, my VPN will definitely protect me… right? In this talk we’ll reveal how recent improvements in online security and privacy can be undermined by decades old design flaws in obscure specifications. These design weakness can be...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
63
63
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 63
favorite 0
comment 0
TASBot is an augmented Nintendo R.O.B. robot that can play video games without any of the button mashing limitations us humans have. By pretending to be a controller connected to a game console, TASBot triggers glitches and exploits weaknesses to execute arbitrary opcodes and rewrite games. This talk will cover how these exploits were found and will explore the idea that breaking video games using Tool-Assisted emulators can be a fun way to learn the basics of discovering security...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
80
80
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 80
favorite 0
comment 0
As a matter of fact, it is all about time to reverse engineer the most complex piece of code. Code complicity techniques are usually used just to increase the time and effort needed for reverse engineering. The desired effect of code complicity can be magnified using mechanisms that decrease and narrow the allowed time frame for any reverse engineering attempt into few milliseconds. Such approach can be applied using a metamorphic engine that is aware of the time dimension. Beyond metamorphic...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
63
63
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 63
favorite 0
comment 0
So, you think you want to be a penetration tester, or you already are and don’t understand what the difference between you and all the other “so called” penetration testers out there. Think you know the difference between a Red Team, Penetration Test and a Vulnerability assessment? Know how to write a report your clients will actually read and understand? Can you leverage the strengths of your team mates to get through tough roadblocks, migrate, pivot, own and pillage? No? well this talk...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
56
56
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 56
favorite 0
comment 0
Active Directory domain privilege escalation is a critical component of most penetration tests and red team assessments, but standard methodology dictates a manual and often tedious process – gather credentials, analyze new systems we now have admin rights on, pivot, and repeat until we reach our objective. Then — and only then — we can look back and see the path we took in its entirety. But that may not be the only, nor shortest path we could have taken. By combining our concept of...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
44
44
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 44
favorite 0
comment 0
There are multiple x86 processors in your monitor! OSD, or on-screen-display controllers are ubiquitous components in nearly all modern monitors. OSDs are typically used to generate simple menus on the monitor, allowing the user to change settings like brightness, contrast and input source. However, OSDs are effectively independent general-purpose computers that can: read the content of the screen, change arbitrary pixel values, and execute arbitrary code supplied through numerous control...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
46
46
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 46
favorite 0
comment 0
Many Bluetooth Low Energy (BLE) enabled deadbolts and padlocks have hit the market recently. These devices promise convenience and security through smartphone control. We investigated sixteen of these products from multiple vendors and discovered wireless vulnerabilities in most of them. Using a $50 antenna, we successfully picked vulnerable locks from over 400 meters away. In this presentation we introduce open source tools to crack each of the vulnerable BLE locks. Furthermore, after...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
98
98
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 98
favorite 0
comment 0
Managed Code Rootlets (MCRs) are terrifying post-exploitation attacks that open the doors for cementing and expanding a foothold in a target network. While the concept isn’t new, practical tools for developing MCRs don’t currently exist. Ere Metula released ReFrameworker in 2010 with the ability to inject attack modules into the C# runtime, paving the way for MCRs, but the tool requires the attacker to have knowledge of intermediate languages, does not support other runtimes, and is no...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
84
84
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 84
favorite 0
comment 0
In this presentation we are going to explain and demonstrate step by step in a real attack scenario how a remote attacker could elevate privileges in order to take control remotely in a production seismological network located at 183mts under the sea. We found several seismographs in production connected to the public internet providing graphs and data to anyone who connects to the embed web server running at port 80. The seismographs provide real time data based in the perturbations from earth...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
31
31
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 31
favorite 0
comment 0
Security assessments of embedded and IoT devices often begin with testing how an attacker could recover firmware from the device. When developers have done their job well you’ll find JTAG locked-up, non-responsive serial ports, locked-down boot, and perhaps even a home brewed secure-boot solution. In this session you’ll learn details of a useful hardware/software penetration technique to attempt when you’ve run out of easier options. We’ve used this technique on two commercial device...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
64
64
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 64
favorite 0
comment 0
Much of the time and attention dedicated to modern network security focuses on detecting the contemporary vulnerabilities and exploits which power the breaches that make the headlines. With almost all of the emphasis is placed around the endless cycle of new entry points, we are often overlooking what is perhaps one of the most profoundly interesting aspects of modern network breaches; the post-exploit communication of a compromised system to the attacker—known as command and control. Once...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
38
38
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 38
favorite 0
comment 0
Through cooperation between browser vendors and standards bodies in the recent past, numerous standards have been created to enforce stronger client-side control for web applications. As web appsec practitioners continue to shift from mitigating vulnerabilities to implementing proactive controls, each new standard adds another layer of defense for attack patterns previously accepted as risks. With the most basic controls complete, attention is shifting toward mitigating more complex threats. As...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
94
94
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 94
favorite 0
comment 0
For 48 years, 9-1-1 has been /the/ emergency telephone number in the United States. It’s also been mired in 48-year-old technology. So let’s just put that on the internet, right? What could possibly go wrong? Without the radical segmentation of the PSTN, the move to IP networks (even the private, managed kind) will bring new 9-1-1 capabilities AND new vulnerabilities. This talk builds on the work of quad, r3plicant, and Peter Hefley (see &lquo;Hacking 911: Adventures in Destruction,...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
105
105
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 105
favorite 0
comment 0
It is not uncommon that a software reverse engineer finds themselves desiring to execute a bit of code they are studying in order to better understand that code or alternatively to have that code perform some bit of useful work related to the reverse engineering task at hand. This generally requires access to an execution environment capable of supporting the machine code being studied, both at an architectural level (CPU type) and a packaging level (file container type). Unfortunately, this is...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
45
45
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 45
favorite 0
comment 0
Deep learning and neural networks have gained incredible popularity in recent years. The technology has grown to be the most talked-about and least well-understood branch of machine learning. Aside from it’s highly publicized victories in playing Go, numerous successful applications of deep learning in image and speech recognition has kickstarted movements to integrate it into critical fields like medical imaging and self-driving cars. In the security field, deep learning has shown good...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
73
73
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 73
favorite 0
comment 0
DEF CON has changed for the better since the days at the Alexis Park. It has evolved from a few speaking tracks to an event that still offers the speakers, but also Villages, where you can get hands-on experience and Demo Labs where you can see tools in action. Of course, there is still the Entertainment and Contest Area, as well as Capture The Flag. There is so much more to DEF CON than there was in the past and it is our goal to help you get the best experience possible. In addition to...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
72
72
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 72
favorite 0
comment 0
“Super Smash Bros: Melee.” - Furrowed brows, pain in your thumbs, trash talk your Mom would blush to hear. That sweet rush of power you once knew as you beat all the kids on your block will be but a distant memory as SmashBot challenges you to a duel for your pride — live on stage. SmashBot is the Artificial Intelligence I created that plays the cult classic video game Smash Bros optimally. It can’t be bargained with. It can’t be reasoned with. It doesn’t feel pity, remorse, or...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
91
91
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 91
favorite 0
comment 0
Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and bonnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content. We present a recurrent neural network that learns to...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
36
36
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 36
favorite 0
comment 0
While some domainers allegedly brainstorm ideas for new domains to register while taking a shower, the more successful domain portfolio managers, working at scale, are believed to be ‘data driven.’ DNS queries are a material source of intelligence about domainer opportunities and operations, and also help us to understand the operational constraints around potentially combating domainers, should we want to do so. In this presentation co-authored with Farsight Security Scientist Dr. Joe St...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
114
114
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 114
favorite 0
comment 0
A group of highly-armed individuals has just stormed into your office. They are looking to pull data from your computers which are protected with full disk encryption. In order to prevent your screen saver from activating they will likely immediately insert a mouse jiggler to prevent your screensaver lock from activating. This talk will present ways of detecting and defending against such assaults on your system by mouse jiggler wielding individuals. It will also show you how to build your own...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
95
95
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 95
favorite 1
comment 0
Ever dreamed of cleaning up at poker, but afraid that you are not good enough to do it on your own? Fear not! The chinese underground got you covered with high-tech concealed cheating devices that automatically read marked cards and whisper them in your ear through an ear-piece. Seems too good to be true? Well those James Bond devices are the real deal: we were able to get our hands onto one of those pricey gadget and they really work. They even come with additional gizmos, like a camera hidden...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
54
54
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 54
favorite 0
comment 0
I got myself a new toy: A solar array… With it, a little device by a top tier manufacturer that manages its performance and reports SLAs to the cloud. After spending a little time describing why it tickled me pink, I’ll walk you through my research and yes, root is involved! Armed with the results of this pen test, we will cover the vendor’s reaction to the bee sting: ostrich strategy, denial, panic, shooting the messenger and more. Finally, not because I know you get it, but because the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
106
106
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 106
favorite 0
comment 0
Common hotspot software like Chilispot and Sputnik allow anyone to set up a restricted WiFi router or Ethernet network with a captive portal, asking for money, advertising, or personal information in exchange for access to the Internet. In this talk I take a look at how these and similar restrictive networks work, how they identify and restrict users, and how with a little preparation we can reach the Internet regardless of what barriers they throw up. Bio: Grant Bugher has been hacking and...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
88
88
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 88
favorite 0
comment 0
LTE is a more advanced mobile network but not absolutely secure. Recently there already some papers those exposed the vulnerabilities of LTE network. In this presentation, we will introduce one method which jointly exploits the vulnerabilities in tracking area update procedure, attach procedure, and RRC redirection procedure, and finally can force a targeted LTE cellphone to downgrade into a malicious GSM network, then consequently can eavesdrop its data traffic or even voice call. This attack...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
41
41
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 41
favorite 0
comment 0
As introduced in our former series of talks ‘LTE vs. Darwin‘ there are quite a few of holes in the LTE specs. Now, having our own Macro BaseStation (an eNodeB) on the desk, we will demonstrate practical approaches to and attacks on real life devices. More and more devices are using mobile radio networks such as GSM, UMTS and LTE and there has already been quite a bit of research on (in)securities on the radio part, but only few people have had a look behind the scenes. Luckily, we had the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
105
105
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 105
favorite 0
comment 0
In this talk, I'll share how I won 4 Twitter contests per day, every day, for 9 months straight. I'll discuss the methods I used, the delightfully random and surprising things I won, and how to run a Twitter contest to prevent people like me from winning. Bio: Hunter Scott is an electrical and computer engineer with over 7 years of experience designing and implementing hardware systems. He has lead electrical development on a variety of projects, from robotics to communication systems. He has...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
67
67
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 67
favorite 0
comment 0
Secure Channel (Schannel) is Microsoft's standard SSL/TLS Library underpinning services like RDP, Outlook, Internet Explorer, Windows Update, SQL Server, LDAPS, Skype and many third party applications. Schannel has been the subject of scrutiny in the past several years from an external perspective due to reported vulnerabilities, including a RCE. What about the internals? How does Schannel guard its secrets? This talk looks at how Schannel leverages Microsoft's CryptoAPI-NG (CNG) to cache the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
42
42
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 42
favorite 0
comment 0
There have been over 20,000 data breaches disclosed exposing over 4.8 billion records, with over 4,000 breaches in 2015 alone. It is clear there is no slowdown at all and the state of security is embarrassing. The total cybercrime cost estimates have been astronomical and law enforcement has been struggling to track down even a fraction of the criminals, as usual. Attribution in computer compromises continues to be a surprisingly complex task that ultimately isn’t definitive in most cases....
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
24
24
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 24
favorite 0
comment 0
A number of toolsets have been around for a while which propose methods for identifying vulnerabilities in kernels, in particular POSIX kernels. However, none of these identified a method for generic fuzzing across Windows and POSIX kernels and have not been updated for some time. This presentation will outline the research which has occurred in order to find exploitable bugs across both Windows and POSIX kernels, focusing on fuzzing system calls and library calls in the Windows environment....
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
126
126
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 126
favorite 0
comment 0
The CAN bus is really mainstream, and every now and then there are new tools coming out to deal with it. Everyone wants to control vehicles and already knows that you can make the horn honk by replaying that frame you captured. But is this all that there is on this topic? Reversing OEM and third party tools, capturing firmware update files on the fly, and hijacking Security Sessions on a bus are just a few examples of things that can be done as well. For this and more, we will introduce to you...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
76
76
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 76
favorite 0
comment 0
You want to phish your company or your client. You’ve never done this for work before, you’ve got a week to do it, and you figure that’s plenty of time. Then someone objects to the pretext at the last minute. Or spam filters block everything. Or you decide to send slowly, to avoid detection, but the third recipient alerts the entire company. Or you can only find 5 target addresses. We’ve all been there on our first professional phishing exercise. What should be as easy as building a two...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
47
47
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 47
favorite 1
comment 0
Does the FBI have to tell Apple of the vuln it used to break their iPhone? How many 0days every year go into the NSA arsenal — dozens, hundreds or thousands? Are there any grown-ups in Washington DC watching over FBI or NSA as they decide what vulns to disclose to vendors and which to keep to themselves? These are all key questions which have dominated so much of 2016, yet there’s been relatively little reliable information for us to go on, to learn what the Feds are up to and whether it...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
67
67
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 67
favorite 0
comment 0
Is the Internet going to live up to its promise as the greatest force for individual freedom that the world has ever known? Or is the hope for a global community of creative intellectual interaction lost…for now? In last year’s Black Hat keynote—entitled “Lifecycle of a Revolution”—noted privacy and civil liberties advocate Jennifer Granick told the story of the Internet utopians, people who believed that Internet technology could greatly enhance creative and intellectual freedom....
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
159
159
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 159
favorite 0
comment 0
As our homes become smarter and more connected we come up with new ways of reasoning about our privacy and security. Vendors promise security, but provide little technical information to back up their claims. Further complicating the matter, many of these devices are closed systems which can be difficult to assess. This talk will explore the validity of claims made by one smart lock manufacturer about the security of their product. The entire solution will be deconstructed and examined all the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
