All Articles

Software is increasingly used to make huge decisions about people's lives and often these decisions are made with little transparency or accountability to individuals. If there is any place where transparency, third-party review, adversarial testing

While you may not always be aware of them or even have heard of them, Crestron devices are everywhere. They can be found in universities, modern office buildings, sports arenas, and even high-end Las Vegas hotel rooms. If an environment has a lot of

When purchasing a new domain name you would expect that you are the only one who can obtain a valid SSL certificate for it, however that is not always the case. When the domain had a prior owner(s), even several years prior, they may still possess a

Although vulnerabilities stemming from the deserialization of untrusted data have been understood for many years, unsafe deserialization continues to be a vulnerability class that isn't going away. Attention on Java deserialization vulnerabilities sk

In his notorious book Leviathan, the XVII century English philosopher Thomas Hobbes stated that: we should give our obedience to an unaccountable sovereign otherwise what awaits us is a state of nature that closely resembles civil war—a situation of

With a surge in the production of internet of things (IoT) devices, embedded development tools are becoming commonplace and the software they run on is often trusted to run in escalated modes. However, some of the embedded development tools on the ma

Hack a lock and get free rides! (No free beer yet though...). This talk will explore the ever growing ride sharing economy and look at how the BLE "Smart" locks on shared bicycles work. The entire solution will be deconstructed and examined, from the

In the past two years, smart speakers have become the most popular IoT device, Amazon_ Google and Apple have introduced their own smart speaker products. Most of these smart speakers have natural language recognition, chat, music playback, IoT device

When it comes to taking advantage of SMB connections, most tools available to penetration testers aim for system enumeration or for performing relay attacks to gain RCE. If signatures are required, or if the victims relayed are not local admins anywh

Though many security mechanisms are deployed in Apple's macOS and iOS systems, some old-fashioned or poor-quality kernel code still leaves the door widely open to attackers. Especially, as kernel's critical components, device drivers are frequently e

Containerization, such as that provided by Docker, is becoming very popular among developers of large-scale applications. The good news: this is likely to make your life easier as an attacker.

While exploitation and manipulation of traditional mono

With "Trust none over the Internet" mindset, securing all communication between a client and a server with protocols such as TLS has become a common practice. However, while the communication over Internet is routinely secured, there is still an area

Programmable Logic Controllers (PLCs) are devices used on a variety of industrial plants, from small factories to critical infrastructures like nuclear power plants, dams and wastewater systems. Although PLCs were made robust to sustain tough environ

Most people are familiar with homograph attacks due to phishing or other attack campaigns using Internationalized Domain Names with look-alike characters. But homograph attacks exist against wide variety of systems that have gotten far less attention

In 2014, we released the mana rogue AP toolkit at DEF CON 22. This fixed KARMA attacks which no longer worked against modern devices, added new capabilities such as KARMA against some EAP networks and provided an easy to use toolkit for conducting Mi

Blockchain adaptation has reached a fever pitch, andthe community is late to the game of securing these platforms against attack. With the open source community enamored with the success of Ethereum, the enterprise community has been quietly building

The 3DS was one of Nintendo's first serious attempts at security, featuring a cool microkernel based OS and actual exploit mitigations. That didn't stop it from getting hacked pretty hard, making it possible for people to write their own homebrew sof

Most of modern OS are using sandboxing in order to prevent malicious apps from affecting other apps or even harming the OS itself. Google is constantly reinforcing Android’s sandbox protection, introducing new features to prevent any kind of sandbox

Cellular networks are connected with each other through a worldwide private, but not unaccessible network, called IPX network. Through this network user related information is exchanged for roaming purposes or for cross-network communication. This pr

Are you a malware developer for Android devices? We have very bad news for you: the Android-SDK packager (aapt) is leaking your time zone! We have found a bug inside this Android-SDK's component that relies in not properly setting the value of a vari