54
54
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 54
favorite 0
comment 0
I got myself a new toy: A solar array… With it, a little device by a top tier manufacturer that manages its performance and reports SLAs to the cloud. After spending a little time describing why it tickled me pink, I’ll walk you through my research and yes, root is involved! Armed with the results of this pen test, we will cover the vendor’s reaction to the bee sting: ostrich strategy, denial, panic, shooting the messenger and more. Finally, not because I know you get it, but because the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
28
28
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 28
favorite 0
comment 0
Modern web applications generate a ton of logs. Suites like ELK (Elasticsearch, Logstash, Kibana) exist to help manage these logs, and more people are turning to them for their log analysis needs. These logs contain a treasure trove of information regarding bad actors on your site, but surfacing that information in a timely manner can be difficult. When Etsy moved over from Splunk to ELK in mid-2014, we realized that ELK lacked necessary functionality for real-time alerting. We needed a...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
39
39
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 39
favorite 0
comment 0
Electronic locks are becoming increasingly common on consumer-grade safes, particularly those used to secure guns. This talk explores vulnerabilities of several UL-listed Type 1 "High Security" electronic safe locks. Using side-channel attacks, we recover the owner-configured keycodes on two models of these locks from outside of locked safes without any damage to the locks or safes. Discussion includes power-line analysis, timing attacks, and lockout-defeat strategies on embedded...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
28
28
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 28
favorite 0
comment 0
Strong end-to-end encryption is legal in the United States today, thanks to our victory in what’s come to be known as the Crypto Wars of the 1990s. But in the wake of Paris and San Bernardino, there is increasing pressure from law enforcement and policy makers, both here and abroad, to mandate so-called backdoors in encryption products. In this presentation, I will discuss in brief the history of the first Crypto Wars, and the state of the law coming into 2016. I will then discuss what...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
133
133
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 133
favorite 0
comment 0
As stated in my bio, besides computer security I also love flight simulators and mountain biking. Last year I gave a talk about hacking a flight simulator (among other games), it was only fitting to research something related to my other hobby too. Old day's bike speedometers have evolved quite a bit, and nowadays a lot of bikers (swimmers, runners, ers) do their sport with tiny computers attached to them. These computers do much more than measuring speed: they have GPS, they can store your...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, security...
35
35
Aug 14, 2017
08/17
by
DEFCONConference
movies
eye 35
favorite 0
comment 0
Almost everyone is aware about the Technical Support SCAM calls. “Hi, your PC is infected”” is a known phrase – but sometimes they are calling the wrong person who decides to make fun of the caller.” BIO: Mattias is working for WSP | PB in a global role and also a freelance security professional. He is a Certified Ethical Hacker and always working on increasing his Social-Engineering skills. 34 years old and spent most of his time, booth professional and private, ín the IT field. He...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, Social...
50
50
Aug 14, 2017
08/17
by
DEFCONConference
movies
eye 50
favorite 0
comment 0
There are nonverbal movements and actions, that if you master, can make your target more compliant, easier to influence and even happier to comply with your wishes. BIO: Chris is the sole defender of those who do not want to hear Hornsby. His passion for SE is only match by his passion for the NoHornsby movement. Source: https://www.youtube.com/watch?v=VFnCRVWBISY Uploader: DEFCONConference Upload date: 2017-01-04
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DEFCON, DC24, DC-24, Social...
106
106
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 106
favorite 0
comment 0
In this talk, I'll share how I won 4 Twitter contests per day, every day, for 9 months straight. I'll discuss the methods I used, the delightfully random and surprising things I won, and how to run a Twitter contest to prevent people like me from winning. Bio: Hunter Scott is an electrical and computer engineer with over 7 years of experience designing and implementing hardware systems. He has lead electrical development on a variety of projects, from robotics to communication systems. He has...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
42
42
Aug 14, 2017
08/17
by
DEFCONConference
movies
eye 42
favorite 0
comment 0
US Army Interrogation techniques and training is the Irish Twin of Social Engineering. Objectives for both Match, obtain information from a source or target. Techniques for both match: Lying and Deception at the Source or Target Sincere and Convincing to the Source or Target Building Rapport and Confidence with the Source or Target The speaker will establish the synergy between both practices and provide insight into how to utilize this information in Social Engineering pentesting and defense...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
118
118
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 118
favorite 0
comment 0
If you’re interested in vulnerability research for fun or profit, or if you’re a beginner and you’re not sure how to progress, it can be difficult to sift through the firehose of technical information that’s out there. Plus there are all sorts of non-technical things that established researchers seem to just know. There are many different things to learn, but nobody really talks about the different paths you can take on your journey. We will provide an overview of key concepts in...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
195
195
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 195
favorite 0
comment 0
Direct from the mind of the guy who bought you the "I will kill you" presentation at DEF CON 23, is another mind bending, entertaining talk. This time it’s bigger and badder than before. Are you sick and tired of your government? Can’t wait another 4 years for an election? Or do you want to be like the CIA and overthrow a government overseas for profit or fun? If you answered yes to one or more of these questions than this talk is for you! Why not create your own cyber mercenary...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DEFCON, DEFCON 24, DC 24, DC24,...
28
28
Aug 14, 2017
08/17
by
DEFCONConference
movies
eye 28
favorite 0
comment 0
As a Japanese security consultant, one of my research questions in social engineering is whether or not cultural difference becomes the barrier for social engineering. It is because the malicious practice of social engineering is different between in Japan and the U.S. I think it is true. Since I have the both experience of being the company in Japan and the U.S., I would like to consider various technique of social engineering from both cultural glasses, such as tailgating, phishing or vishing...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DC24, DC-24, hack, Hackers, Hacking,...
46
46
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 46
favorite 0
comment 0
There has been much buzz about car hacking, but what about the larger heavy-duty brother, the big rig? Heavy trucks are increasingly networked, connected and susceptible to attack. Networks inside trucks frequently use Internet connected devices even on safety-critical networks where access to brakes and engine control is possible. Unfortunately, tools for doing analysis on heavy trucks are expensive and proprietary. Six_Volts and Haystack have put together a set of tools that include open...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
168
168
Sep 22, 2016
09/16
by
DEFCONConference
movies
eye 168
favorite 1
comment 0
Take a look at weaknesses in Point of sale systems and the foundation of hotel key data and the Property management systems that manage the keys. Using a modified MST injection method Weston will demonstrate several attacks on POS and Hotel keys including brute forcing other guest’s keys from your card information as a start point. And methods of injecting keystrokes into POS systems just as if you had a keyboard plugged into the system. This includes injecting keystrokes to open cash drawer...
Topics: Youtube, video, Science & Technology, def con, defcon, DEF CON 24, Dc24, DC 24, DC-24, weston...
143
143
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 143
favorite 0
comment 0
MR. ROBOT is a rare treat - a network television show whose hacker protagonist is a fully realized character with a realistically attainable set of skills. No hyper-typing, no gibberish masquerading as tech jargon, no McGuffins to magically paper over plot holes with hacker dust. MR. ROBOT takes the tech as seriously as the drama. One of the main reasons for this verisimilitude is the work of Kor Adana, MR. ROBOT's advisor on all things hackish. His fingerprints are on every terminal window in...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, Panel, security...
33
33
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 33
favorite 0
comment 0
The Internet of Things is filled with vulnerabilities, would you expect the Internet of Vibrating Things to be any different? As teledildonics come into the mainstream, human sexual pleasure has become connected with the concerns of privacy and security already familiar to those who previously only wanted to turn on their lights, rather than their lover. Do you care if someone else knows if you or your lover is wearing a remote control vibrator? Do you care if the manufacturer is tracking your...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
85
85
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 85
favorite 0
comment 0
In this presentation we are going to explain and demonstrate step by step in a real attack scenario how a remote attacker could elevate privileges in order to take control remotely in a production seismological network located at 183mts under the sea. We found several seismographs in production connected to the public internet providing graphs and data to anyone who connects to the embed web server running at port 80. The seismographs provide real time data based in the perturbations from earth...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
160
160
Sep 22, 2016
09/16
by
DEFCONConference
movies
eye 160
favorite 1
comment 0
This is not just another "I found a problem in a single IOT device" talk. Focusing on attacking three major consumer product lines that have grown rapidly in the past years, Zack and Erin will review flaws they’ve discovered and weaponized against home Windows installs, DIY security solutions, personal fitness tracking devices, and digital notification devices. We’ll review the security of these popular products and services in a ‘consumer reports’ style walkthrough, the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, DC 24, Zack...
94
94
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 94
favorite 0
comment 0
For 48 years, 9-1-1 has been /the/ emergency telephone number in the United States. It’s also been mired in 48-year-old technology. So let’s just put that on the internet, right? What could possibly go wrong? Without the radical segmentation of the PSTN, the move to IP networks (even the private, managed kind) will bring new 9-1-1 capabilities AND new vulnerabilities. This talk builds on the work of quad, r3plicant, and Peter Hefley (see &lquo;Hacking 911: Adventures in Destruction,...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
17
17
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 17
favorite 0
comment 0
With minimal to no effort, we can gain SYSTEM level access to hundreds, if not, thousands of machines on the internet [remotely]. No, this is not a new super 1337 exploit and no this is not even a new technique. No super fancy website with poorly designed logo is necessary, there is nothing new here. Tim and Dennis have discovered that something only stupid sysadmins would do turns out to be much more prevalent than expected. What starts off as a sysadmin’s innocent attempt to fix an issue,...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
33
33
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 33
favorite 0
comment 0
On Friday morning, August 5th, DARPA will announce the prize winners and recognize the parties responsible for building and competing in the Cyber Grand Challenge (CGC), the world's first all-machine hacking tournament, which was completed August 4th. Seven high performance computers will have completed an all-machine Capture the Flag contest, reverse engineering unknown binary software, authoring new IDS signatures, probing the security of opponent software, and re-mixing defended services...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
31
31
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 31
favorite 0
comment 0
The use cases for hooking code execution are abundant and this topic is very expansive. EhTracing (pronounced Tracing) is technique that allows monitoring/altering of code execution at a high rate with several distinct advantages. Full context (registers, stack & system state) hooking can be logged without needing to know a function prototype and changes to execution flow can be made as desired. Traditional detours like hooking requires a length disassembly engine than direct binary .text...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
19
19
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 19
favorite 0
comment 0
Samsung announced many layers of security to its Pay app. Without storing or sharing any type of user’s credit card information, Samsung Pay is trying to become one of the securest approaches offering functionality and simplicity for its customers. This app is a complex mechanism which has some limitations relating security. Using random tokenize numbers and implementing Magnetic Secure Transmission (MST) technology, which do not guarantee that every token generated with Samsung Pay would be...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
80
80
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 80
favorite 0
comment 0
As a matter of fact, it is all about time to reverse engineer the most complex piece of code. Code complicity techniques are usually used just to increase the time and effort needed for reverse engineering. The desired effect of code complicity can be magnified using mechanisms that decrease and narrow the allowed time frame for any reverse engineering attempt into few milliseconds. Such approach can be applied using a metamorphic engine that is aware of the time dimension. Beyond metamorphic...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
36
36
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 36
favorite 0
comment 0
We are releasing a new tool for discovering bluetooth devices and automatically probing them for information. Effectively we have created a new tool with an airodump-ng like display for nearby bluetooth and bluetooth low energy devices. We will discuss the challenges with finding bluetooth devices, as well as how we have overcome them using both standard bluetooth adapters and optionally ubertooth hardware. If you have ever wondered why no one released an effective tool to see all the bluetooth...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, dc24, dc-24, computer...
57
57
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 57
favorite 0
comment 0
Network telescopes are collections of unused but BGP-announced IP addresses. They collect the pollution of the Internet: scanning, misconfigurations, backscatter from DoS attacks, bugs, etc. For example, several historical studies used network telescopes to examine worm outbreaks. In this talk I will discuss phenomena that have recently induced many sources to send traffic to network telescopes. By examining this pollution we find a wealth of security-related data. Specifically, I’ll touch on...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
35
35
Aug 14, 2017
08/17
by
DEFCONConference
movies
eye 35
favorite 0
comment 0
Description: Social engineering is quickly becoming more prevalent in the InfoSec industry. Users are becoming more educated about social engineering attempts, but they still fall victim to attacks. Why? Well, like all in all industries, with great improvement to technology comes great improvement to exploitation, and maybe not so great improvement to security. This presentation explores the subtleties involved in wordcrafting, tone of voice, and adaptability during – shudder – human...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DEFCON, DC-24, DC24, Social...
51
51
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 51
favorite 0
comment 0
We’ve all worked on ‘closed systems’ with little to no direct Internet access. And we’ve all struggled with the limitations those systems put on us in the form of available tools or software we want to use. I didn’t like struggling, so I came up with a method to load whatever I wanted on to a closed system without triggering any common security alerts. To do this I had to avoid accessing the Internet or using mag media. In the end all I needed was an office multi-function machine and...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
21
21
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 21
favorite 0
comment 0
As a defender, have you ever been asked ‘do they win?’ How about ‘what products or capabilities should I buy to even the odds?’ Mapping the functionality to a standard list of desired capabilities only gets you so far. And, many vendors require an organization to pay for a framework, or for access to a framework, to enable tactical and strategic campaigns. Wouldn’t it be great to have an open source way to pick strategies? So what do you do? Build out your own defensive campaigns...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
42
42
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 42
favorite 0
comment 0
As introduced in our former series of talks ‘LTE vs. Darwin‘ there are quite a few of holes in the LTE specs. Now, having our own Macro BaseStation (an eNodeB) on the desk, we will demonstrate practical approaches to and attacks on real life devices. More and more devices are using mobile radio networks such as GSM, UMTS and LTE and there has already been quite a bit of research on (in)securities on the radio part, but only few people have had a look behind the scenes. Luckily, we had the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
30
30
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 30
favorite 0
comment 0
Cloud service providers offer their customers the ability to deploy virtual machines in a multi-tenant environment. These virtual machines are typically connected to the physical network via a virtualized network configuration. This could be as simple as a bridged interface to each virtual machine or as complicated as a virtual switch providing more robust networking features such as VLANs, QoS, and monitoring. At DEF CON 23, we presented how attacks known to be successful on physical switches...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
38
38
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 38
favorite 0
comment 0
Machines are getting smarter – so consumer protection enforcers like the Federal Trade Commission need to get smarter too. The FTC is the lead federal agency for protecting the privacy rights and data security of American consumers. In the last year, it brought several enforcement actions against companies for violating consumer privacy and data security and launched new initiatives – PrivacyCon, Start with Security, and a new Office of Technology Research and Investigation– to improve...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DEFCON, DC24, DC-24, hack, hackers,...
28
28
Aug 14, 2017
08/17
by
DEFCONConference
movies
eye 28
favorite 0
comment 0
Description: You are being manipulated. There is constant pressure coming from companies, people, and attackers. Millions are spent researching and studying your weaknesses. The attack vectors are subtle. Most times we don’t realize that manipulation has occurred until it is too late. Fear not, we can harden our defenses. We can put safeguards in place to help avoid being the victim. For me, the answer came from an unlikely source: my daughter. Small children are fantastic. Society has not...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DC-24, DC24, DEFCON, social...
23
23
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 23
favorite 1
comment 0
Security products should make our computers more secure, not less. Little Snitch is the de facto personal firewall for OS X that aims to secure a Mac by blocking unauthorized network traffic. Unfortunately bypassing this firewall's network monitoring mechanisms is trivial...and worse yet, the firewall's kernel core was found to contain an exploitable ring-0 heap-overflow. #fail Though briefly touching on generic firewall bypass techniques, this talk will largely focus on the kernel-mode...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
36
36
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 36
favorite 0
comment 0
While some domainers allegedly brainstorm ideas for new domains to register while taking a shower, the more successful domain portfolio managers, working at scale, are believed to be ‘data driven.’ DNS queries are a material source of intelligence about domainer opportunities and operations, and also help us to understand the operational constraints around potentially combating domainers, should we want to do so. In this presentation co-authored with Farsight Security Scientist Dr. Joe St...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
28
28
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 28
favorite 0
comment 0
It's recently become easier and less expensive to create malicious GSM Base Transceiver Station (BTS) devices, capable of intercepting and recording phone and sms traffic. Detection methods haven't evolved to be as fast and easy to implement. Wireless situational awareness has a number of challenges. Categorically, these challenges are usually classified under Time, Money, or a lot of both. Provisioning sensors takes time, and the fast stuff usually isn’t cheap. Iterative improvements...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
90
90
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 90
favorite 0
comment 0
Last year, DARPA ran the qualifying event for the Cyber Grand Challenge to usher in the era of automated hacking. Shellphish, a rag-tag team of disorganized hackers mostly from UC Santa Barbara, decided to join the competition about ten minutes before the signups closed. Characteristically, we proceeded to put everything off until the last minute, and spent 3 sleepless weeks preparing our Cyber Reasoning System for the contest. Our efforts paid off and, as we talked about last DEF CON , against...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
22
22
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 22
favorite 0
comment 0
At DEF CON 16 in 2008, we released the original BSODomizer (www.bsodomizer.com), an open source VGA pranking tool and introductory hacking platform for the multicore Propeller micro-controller. Hours of productivity were replaced with rage and frustration as unwitting computer users were confronted with fake Blue Screens of Death and revolting ASCII art. But, the world has changed. The machines have risen in capability. HDMI is the graphical transmission protocol of choice and hacking with...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
68
68
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 68
favorite 0
comment 0
Is the Internet going to live up to its promise as the greatest force for individual freedom that the world has ever known? Or is the hope for a global community of creative intellectual interaction lost…for now? In last year’s Black Hat keynote—entitled “Lifecycle of a Revolution”—noted privacy and civil liberties advocate Jennifer Granick told the story of the Internet utopians, people who believed that Internet technology could greatly enhance creative and intellectual freedom....
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
46
46
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 46
favorite 0
comment 0
Deep learning and neural networks have gained incredible popularity in recent years. The technology has grown to be the most talked-about and least well-understood branch of machine learning. Aside from it’s highly publicized victories in playing Go, numerous successful applications of deep learning in image and speech recognition has kickstarted movements to integrate it into critical fields like medical imaging and self-driving cars. In the security field, deep learning has shown good...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
35
35
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 35
favorite 0
comment 0
Any novice in the security field can tell you the importance of sanitizing input that is being read into computer systems. But what steps do most of us take in sanitizing the input that is read into the computer systems known as our brains? This presentation will go over the attack vector that is known as Propaganda. By studying works such as Manufacturing Consent (by Noam Chomsky and Ed Herman) we can learn of the various manipulations that happen to media before it reaches the end reader....
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, Hack, hackers,...
18
18
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 18
favorite 0
comment 0
Closing Ceremonies of DEF CON 24 Source: https://www.youtube.com/watch?v=bfuRKriDDYQ Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
71
71
Aug 14, 2017
08/17
by
DEFCONConference
movies
eye 71
favorite 0
comment 0
We’ve all seen the Wizard of Oz in some form regardless if it was the old classic or the recreations or story books as children. Oscar Diggs or also known as Oz the Great and Terrible was the most stunning wizard in all of Oz. His wizardry known through all of the land, except Oz was a fake and his entire wizardry an illusion. We are seeing a number of breaches come down to human interaction and the ability to create a fake Oz landscape in order to coax victims into opening a document or...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, Social...
38
38
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 38
favorite 0
comment 0
Through cooperation between browser vendors and standards bodies in the recent past, numerous standards have been created to enforce stronger client-side control for web applications. As web appsec practitioners continue to shift from mitigating vulnerabilities to implementing proactive controls, each new standard adds another layer of defense for attack patterns previously accepted as risks. With the most basic controls complete, attention is shifting toward mitigating more complex threats. As...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
51
51
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 51
favorite 0
comment 0
Source: https://www.youtube.com/watch?v=A9ew4jdLjYY Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, def con, defcon, defcon 24, def con 24, conference,...
91
91
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 91
favorite 0
comment 0
Many industries, provide consumers with data about the quality, content, and cost of ownership of products, but the software industry leaves consumers with very little data to act upon. In fact when it comes to how secure or weak a product is from a security perspective, there is no meaningful consumer facing data. There has long been a call for the establishment of an independent organization to address this need. Last year, Mudge (from DARPA, Google, and L0pht fame) announced that after...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
108
108
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 108
favorite 0
comment 0
Common hotspot software like Chilispot and Sputnik allow anyone to set up a restricted WiFi router or Ethernet network with a captive portal, asking for money, advertising, or personal information in exchange for access to the Internet. In this talk I take a look at how these and similar restrictive networks work, how they identify and restrict users, and how with a little preparation we can reach the Internet regardless of what barriers they throw up. Bio: Grant Bugher has been hacking and...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
88
88
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 88
favorite 0
comment 0
What if your wireless mouse was an effective attack vector? Research reveals this to be the case for mice from Logitech, Microsoft, Dell, Lenovo, Hewlett-Packard, Gigabyte, and Amazon. Dubbed 'MouseJack', this class of security vulnerabilities allows keystroke injection into non-Bluetooth wireless mice. Imagine you are catching up on some work at the airport, and you reach into your laptop bag to pull out your phone charger. As you glance back at your screen, you see the tail end of an ASCII...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DC24, DEFCON 24, DEF CON 2016,...
86
86
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 86
favorite 0
comment 0
Spend some time hacking hardware and you’ll eventually render a piece of equipment unusable either by accident or intentionally. Between us, we’ve got decades of bricking experience that we’d like to share. We’ll document the most common ways of temporarily or permanently damaging your hardware and ways to recover, if possible. We’ll also talk about tips on how to avoid bricking your projects in the first place. If you’re getting into hardware hacking and worried about messing...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
132
132
Oct 3, 2017
10/17
by
DEFCONConference
movies
eye 132
favorite 0
comment 0
Inexpensive universal DMA attacking is the new reality of today! In this talk I will explore and demonstrate how it is possible to take total control of operating system kernels by DMA code injection. Once control of the kernel has been gained I will execute code and dump gigabytes of memory in seconds. Full disk encryption will be defeated, authentication will be bypassed and shells will be spawned. This will all be made possible using a $100 piece of hardware together with the easy to use...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEFCON24, DEF CON 24, DC24, DC-24, hack,...
