Pritha's Blog – November 2016 Archive (8)

Demystifying Secure enclave processor (Black Hat Conference 2016)

Demystifying Secure enclave processor

The secure enclave processor (SEP) was introduced by Apple as part of the A7 SOC with the release of the iPhone 5S, most notably to support their fingerprint technology, Touch ID. SEP is designed as a security circuit configured to perform secure services for the rest of the SOC, with with no direct access from the main processor. In fact, the secure enclave processor runs it own fully functional operating…

Continue

Added by pritha on November 25, 2016 at 12:02pm — No Comments

Breaking hardware enforced security with hypervisors (Black Hat Conference 2016)

Breaking hardware enforced security with hypervisors

Hardware-Enforced Security is touted as the panacea solution to many modern computer security challenges. While certainly adding robust options to the defenders toolset, they are not without their own weaknesses. In this talk we will demonstrate how low-level technologies such as hypervisors can be used to subvert the claims of security made by these mechanisms. Specifically, we will show how…

Continue

Added by pritha on November 25, 2016 at 11:58am — No Comments

Breaking Kernal address space layout rendomization: KASLAR with Intel TSX (Black Hat Conference 2016)

Breaking Kernal address space layout rendomization: KASLAR with Intel TSX

Kernel hardening has been an important topic, as many applications and security mechanisms often consider the kernel their Trusted Computing Base (TCB). Among various hardening techniques, kernel address space layout randomization (KASLR) is the most effective and widely adopted technique that can practically mitigate various memory corruption vulnerabilities, such as…

Continue

Added by pritha on November 25, 2016 at 11:49am — No Comments

Recover A RSA Private key from a TLS session with perfect forward secrecy (Black Hat Conference 2016)

Recover A RSA Private key from a TLS session with perfect forward secrecy

They always taught us that the only thing that can be pulled out from a SSL/TLS session using strong authentication and latest Perferct Forward Secrecy ciphersuites is the public key of the certificate exchanged during the handshake - an insufficient condition to place a MiTM attack without to generate alarms on the validity of the TLS connection and certificate itself.…

Continue

Added by pritha on November 25, 2016 at 11:43am — No Comments

TCP injection attacks in the wild: A large scale case study (Black Hat Conference 2016)

TCP injection attacks in the wild: A large scale case study

In this work we present a massively large-scale survey of Internet traffic that studies the practice of false content injections on the web. We examined more than 1.5 Peta-bits of data from over 1.5 million distinct IP addresses. Earlier this year we have shown that false content injection is practiced by network operators for commercial purposes. These network operators inject…

Continue

Added by pritha on November 25, 2016 at 11:40am — No Comments

Attacking SDN infrastructure: Are we ready for the Next Gen networking (Black Hat Conference 2016)

Attacking SDN infrastructure: Are we ready for the Next Gen networking

Software-Defined Networking (SDN), by decoupling the control logic from the closed and proprietary implementations of traditional network devices, allows researchers and practitioners to design new innovative network functions/protocols in a much easier, more flexible, and powerful way. This technology has gained significant attentions from both industry and academia, and it…

Continue

Added by pritha on November 25, 2016 at 11:33am — No Comments

HEIST: HTTP encrypted information can be stolen through TCP windows (Black Hat Conference 2016)

HEIST: HTTP encrypted information can be stolen through TCP windows

Over the last few years, a worryingly number of attacks against SSL/TLS and other secure channels have been discovered. Fortunately, at least from a defenders perspective, these attacks require an adversary capable of observing or manipulating network traffic. This prevented a wide and easy exploitation of these vulnerabilities. In contrast, we introduce HEIST, a set of…

Continue

Added by pritha on November 25, 2016 at 11:14am — No Comments

CASB: A CISO's Guide To Top Considerations Before Buying

A Cloud Access Security Broker (CASB) is a solution to secure SaaS apps end-to-end, from cloud to device. Today, most CASBs focus only on software as a service (SaaS), although they can enforce best practices and security policies across all cloud services, including infrastructure (IaaS) and platforms (PaaS)

CASBs are generally designed for the following use cases from security perspective:

  • Visibility: Who is doing what and where are the…
Continue

Added by pritha on November 25, 2016 at 10:00am — No Comments

Monthly Archives

2019

2018

2017

2016

2015

2014

2013

2012

1999

© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service