Track 4 / CommSec Archives - Page 2 of 3 - HITBSecConf2020 - Amsterdam HITBSecConf2020

Apr 22 2019

COMMSEC: Chaining Up Mobile and Web Vulnerabilities to Take Control Over an Application

This talk will be live streamed on the HITBSecConf Youtube Channel Mobile and Web applications play a vital role in every modern organization. An organization that does not properly secure its web and mobile apps may be vulnerable to attacks. This can lead to damage in business functionality, data breach and economical loss. Most organization […]

Apr 22 2019

COMMSEC: All Bourbon Is Whiskey, But Not All Whiskey Is Bourbon

This talk will be live streamed on the HITBSecConf Youtube Channel From a logging perspective, in either classic or big data scenarios, anomalies are events that occur very rarely in a dataset. Malicious events share a similar trait, in the sense that, if most of the infrastructure is well-secured, they are also infrequent entries when […]

Apr 21 2019

COMMSEC: Army of Undead – Tailored Firmware Emulation

This talk will be live streamed on the HITBSecConf Youtube Channel The exploding number of embedded systems, like network cameras, routers and programmable logic controllers (PLCs) of the past years raise the question how secure these devices are and which connections are established in the background. As these devices are often concepted as closed systems, […]

Oct 18 2017

AFTERNOON COFFEE BREAK

Oct 18 2017

LUNCH

FOR PAID CONFERENCE DELEGATES

Oct 16 2017

COMMSEC: From man-in-the-middle to privesc and RCE: exploiting the Netlogon protocol

This talk will be live streamed on the HITBSecConf Youtube Channel The talk ======== In this talk I would explain an attack I discovered against the Netlogon Remote Protocol (CVE-2019-1424; patched by Microsoft in November 2019), which allows a man-in-the-middle attacker to log in as any (local administrator) user to a domain-joined Windows system. This […]

Oct 16 2017

MORNING COFFEE BREAK

Oct 16 2017

COMMSEC: Vulnerable Patterns in Modern Web Environments

This talk will be live streamed on the HITBSecConf Youtube Channel As the world turns and we’re suddenly in the 20’s the landscape for Web applications continues to turn as well. Monolithic Web apps are being replaced by microservice driven environments of interconnected applications which bring their own types of pitfalls and vulnerabilities. In the […]

Oct 16 2017

AFTERNOON COFFEE BREAK

Oct 16 2017

COMMSEC: High Speed in the Slow Lane: Attacking High Speed Interfaces on the Cheap

This talk will be live streamed on the HITBSecConf Youtube Channel The past decade of hardware hacking is mostly a story about open windows, unlocked doors, and keys left in plain sight. Physical access and a little know-how made sniffing and manipulating low-speed inter-chip interfaces like UART, SPI and I2C trivial – like stealing a […]