All Blog Posts (967)

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies (Black Hat Conference 2018)

Computer malware in all its forms is nearly as old as the first PCs running commodity OSes, dating back at least 30 years. However, the number and the variety of "computing devices" dramatically increased during the last several years. Therefore, the focus of malware authors and operators slowly but steadily started shifting or expanding towards Internet of Things (IoT) malware.

Unfortunately, at present there is no publicly available comprehensive study and methodology that…

Continue

Added by Shubham Gupta on October 1, 2018 at 2:16pm — No Comments

Legal Liability for IOT Cybersecurity Vulnerabilities (Black Hat Conference 2018)

There has been much discussion of "software liability," and whether new laws are needed to encourage or require safer software. My presentation will discuss how -- regardless of whether new laws are passed -- a tidal wave of litigation over defective IoT cybersecurity is just over the horizon. 



The presentation will focus on a well-known example: Charlie Miller and Chris Valasek's 2015 Jeep hack. I'm lead counsel in the ongoing federal litigation over…

Continue

Added by Shubham Gupta on October 1, 2018 at 2:11pm — No Comments

From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation for Arbitrary Types of Kernel Vulnerabilities (Black Hat Conference 2018)

Writing a working exploit for a vulnerability is generally challenging, time-consuming, and labor-intensive. To address this issue, automated exploit generation techniques can be adopted. In practice, existing techniques however exhibit an insufficient ability to craft exploits, particularly for the kernel vulnerabilities. On the one hand, this is because their technical approaches explore exploitability only in the context of a crashing process whereas generating an exploit…

Continue

Added by Shubham Gupta on October 1, 2018 at 2:07pm — No Comments

Automated Discovery of Deserialization Gadget Chains (Black Hat Conference 2018)

Although vulnerabilities stemming from the deserialization of untrusted data have been understood for many years, unsafe deserialization continues to be a vulnerability class that isn't going away. Attention on Java deserialization vulnerabilities skyrocketed in 2015 when Frohoff and Lawrence published an RCE gadget chain in the Apache Commons library and as recently as last year's Black Hat, Muñoz and Miroshis presented a survey of dangerous JSON deserialization libraries.…

Continue

Added by Shubham Gupta on October 1, 2018 at 1:59pm — No Comments

Exploitation of a Modern Smartphone Baseband (Black Hat Conference 2018)

In this talk, we will explore the baseband of a modern smartphone, discussing the design and the security countermeasures that are implemented. We will then move on and explain how to find memory corruption bugs and exploit them. As a case study, we will explain in details our 2017 Mobile Pwn2Own entry, where we gained RCE (Remote Code Execution) with a 0-day on the baseband of a smartphone, which was among the target of the competition. We exploited successfully the phone…

Continue

Added by Shubham Gupta on October 1, 2018 at 1:53pm — No Comments

Wrangling with the Ghost: An Inside Story of Mitigating Speculative Execution Side Channel Vulnerabilities (Black Hat Conference 2018)

2018 started off with a bang as the world was introduced to a new class of hardware vulnerability which became known as Meltdown and Spectre. New classes of vulnerabilities are exceedingly rare and this one came with ramifications for the security boundaries that web browsers, operating systems, and cloud providers rely on for isolation to protect customer data. Now, rewind back to the summer of 2017. This disclosure and the industry response were months in the making. A new…

Continue

Added by Shubham Gupta on October 1, 2018 at 1:21pm — No Comments

WebAssembly: A New World of Native Exploits on the Browser (Black Hat Conference 2018)

WebAssembly (WASM) is a new technology being developed by the major browser vendors through the W3C. A direct descendent of NaCl and Asm.js, the idea is to allow web developers to run native (e.g. C/C++) code in a web page at near-native performance. WASM is already widely supported in the latest versions of all major browsers, and new use case examples are constantly popping up in the wild. Notable examples include 3D model rendering, interface design, visual data processing, and…

Continue

Added by Shubham Gupta on October 1, 2018 at 1:15pm — No Comments

Protecting the Protector, Hardening Machine Learning Defenses Against Adversarial Attacks (Black Hat Conference 2018)

Humans are susceptible to social engineering. Machines are susceptible to tampering. Machine learning is vulnerable to adversarial attacks. Researchers have been able to successfully attack deep learning models used to classify malware to completely change their predictions by only accessing the output label of the model for the input samples fed by the attacker. Moreover, we've also seen attackers attempting to poison our training data for ML models by sending fake telemetry…

Continue

Added by Shubham Gupta on October 1, 2018 at 12:36pm — No Comments

Outsmarting the Smart City (Black Hat Conference 2018)

The term "smart city" evokes imagery of flying cars, shop windows that double as informational touchscreens, and other retro-futuristic fantasies of what the future may hold. Stepping away from the smart city fantasy, the reality is actually much more mundane. Many of these technologies have already quietly been deployed in cities across the world. In this talk, we examine the security of a cross-section of smart city devices currently in use today to reveal how deeply flawed…

Continue

Added by Shubham Gupta on October 1, 2018 at 12:19pm — No Comments

Stealth Mango and the Prevalence of Mobile Surveillanceware (Black Hat Conference 2018)

In this talk, we will unveil the new in-house capabilities of a nation state actor who has been observed deploying both Android and iOS surveillance tooling, known as Stealth Mango and Tangelo. The actor behind these offensive capabilities has successfully compromised the devices of government officials and military personnel in numerous countries with some directly impacting Western interests. Our research indicates this capability has been created by freelance developers who…

Continue

Added by Shubham Gupta on October 1, 2018 at 12:13pm — No Comments

Stealth Mango and the Prevalence of Mobile Surveillanceware (Black Hat Conference 2018)

In this talk, we will unveil the new in-house capabilities of a nation state actor who has been observed deploying both Android and iOS surveillance tooling, known as Stealth Mango and Tangelo. The actor behind these offensive capabilities has successfully compromised the devices of government officials and military personnel in numerous countries with some directly impacting Western interests. Our research indicates this capability has been created by freelance developers who…

Continue

Added by Shubham Gupta on October 1, 2018 at 12:13pm — No Comments

GOD MODE UNLOCKED - Hardware Backdoors in x86 CPUs (Black Hat Conference 2018)

Complexity is increasing. Trust eroding. In the wake of Spectre and Meltdown, when it seems that things cannot get any darker for processor security, the last light goes out. This talk will demonstrate what everyone has long feared but never proven: there are hardware backdoors in some x86 processors, and they're buried deeper than we ever imagined possible. While this research specifically examines a third-party processor, we use this as a stepping stone to explore the…

Continue

Added by Shubham Gupta on October 1, 2018 at 12:05pm — No Comments

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels (Black Hat Conference 2018)

OpenPGP and S/MIME are the two prime standards for providing end-to-end security for emails. From today's viewpoint this is surprising as both standards rely on outdated cryptographic primitives that were responsible for vulnerabilities in major cryptographic standards. The belief in email security is likely based on the fact that email is non-interactive and thus an attacker cannot directly exploit vulnerability types present in TLS, SSH, or IPsec.



We…

Continue

Added by Shubham Gupta on September 28, 2018 at 1:27pm — No Comments

Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform Capabilities (Black Hat Conference 2018)

Until recently, major public cloud providers have offered relatively basic toolsets for identifying suspicious activity occurring inside customer accounts that may indicate a compromise. Some organizations have invested significant resources to build their own tools or have leveraged industry vendor offerings to provide this visibility. The reality is, that barrier has meant that a large number of organizations haven't dedicated those resources to this problem and therefore…

Continue

Added by Shubham Gupta on September 28, 2018 at 1:23pm — No Comments

A Deep Dive into macOS MDM (and How it can be Compromised) (Black Hat Conference 2018)

On macOS, DEP (Device Enrollment Program) and MDM (Mobile Device Management) are the recommended methods for automating the initial setup & configuration of new devices. MDM can offer sophisticated system configuration options, including privileged operations such as adding new trusted root CA certificates to the System Keychain. Apple's MDM implementation has gained popularity in the enterprise world recently due to their richer feature set.

The recent introduction of…

Continue

Added by Shubham Gupta on September 28, 2018 at 1:15pm — No Comments

AI & ML in Cyber Security - Why Algorithms are Dangerous (Black Hat Conference 2018)

Every single security company is talking in some way or another about how they are applying machine learning. Companies go out of their way to make sure they mention machine learning and not statistics when they explain how they work. Recently, that's not enough anymore either. As a security company you have to claim artificial intelligence to be even part of the conversation.



Guess what. It's all baloney. We have entered a state in cyber security that…

Continue

Added by Shubham Gupta on September 28, 2018 at 1:00pm — No Comments

Your Voice is My Passport (Black Hat Conference 2018)

Financial institutions, home automation products, and hi-tech offices have increasingly used voice fingerprinting as a method for authentication. Recent advances in machine learning have shown that text-to-speech systems can generate synthetic, high-quality audio of subjects using audio recordings of their speech. Are current techniques for audio generation enough to spoof voice authentication algorithms? We demonstrate, using freely available machine learning models and…

Continue

Added by Shubham Gupta on September 28, 2018 at 12:35pm — No Comments

Snooping on Cellular Gateways and Their Critical Role in ICS (Black Hat Conference 2018)

To keep up with the growing demand of always-on and available-anywhere connectivity, the use of cellular, in comparison to its wireless mobile connectivity counterpart in the electromagnetic spectrum, is rapidly expanding. My research in the IoT space led me down the path of discovering a variety of vulnerabilities related to cellular devices manufactured by Sierra Wireless and many others. Proper disclosures have occurred; however, many manufactures have been slow to respond.…

Continue

Added by Shubham Gupta on September 28, 2018 at 12:23pm — No Comments

Kernel Mode Threats and Practical Defenses (Black Hat Conference 2018)

Recent advancements in OS security from Microsoft such as PatchGuard, Driver Signature Enforcement, and SecureBoot have helped curtail once-widespread commodity kernel mode malware such as TDL4 and ZeroAccess. However, advanced attackers have found ways of evading these protections and continue to leverage kernel mode malware to stay one step ahead of the defenders. We will examine the techniques from malware such as DoublePulsar, SlingShot, and Turla that help attackers evade…

Continue

Added by Shubham Gupta on September 28, 2018 at 12:16pm — No Comments

The Problems and Promise of WebAssembly (Black Hat Conference 2018)

WebAssembly is a new standard that allows assembly-like code to run in browsers at near-native speed. But how does WebAssembly work, and how does it execute code while maintaining the security guarantees of a browser? This presentation gives an overview of the features of WebAssembly, as well as examples of vulnerabilities that occur in each feature. It will also discuss the future of WebAssembly, and emerging areas of security concern. Learn to find bugs in one of the newest…

Continue

Added by Shubham Gupta on September 28, 2018 at 12:11pm — No Comments

Monthly Archives

2019

2018

2017

2016

2015

2014

2013

2012

1999

Follow Us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2019   Created by CISO Platform   |   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

Related Posts