Archives

Malware Protocol Simulations in Distributed Networks

PRESENTATION SLIDES (PDF) Discovering and identifying malicious activities in large networks is challenging as they can blend in, use commercial services or just go under radar with newer protocols. Another challenge is while defensive teams expect Red Team to assist on simulations, Red Team goes for their own objectives. Furthermore, cyber defence teams using real […]

Summer of Fuzz: MacOS

PRESENTATION SLIDES (PDF) Thinking of fuzzing applications on OS X can quickly lead to a passing conversation of “ooh exotic Mac stuff”, “lets fuzz the kernel” or it can otherwise not be thought of as an exciting target, at least for looking for crashes in stuff other than Safari or the iPhone. While there are […]

Gazing Ahead: What Modern RF Combat Looks Like in the Next Decade

PRESENTATION SLIDES (PDF) Imagine robotic tanks that maneuver themselves across desert terrain, avoiding landmines; drones with enough artificial intelligence to carry out strikes without human operators, and next-generation uniforms to monitor soldiers’ heart rates and hydration levels… or provide early warning alarms for chemical attacks. If you Google the Internet of Things, you only find […]

The Art of Exploiting UAF by Ret2bpf in Android Kernel

PRESENTATION SLIDES (PDF) In early 2021, an external researcher reported to Google three lines of code indicating the xt_qtaguid kernel module, used for monitoring network socket status, had a Use-After-Free vulnerability (CVE-2021-0399) for 10 years. Unfortunately, the researcher did not provide any additional information or a PoC and stated the vulnerability was not exploitable on […]

Scaling Up Offensive Pipelines

PRESENTATION SLIDES (PDF) In this talk, we will discuss the essentials of offensive pipeline and present our innovative approach, while referring to the challenges we solved, and demonstrate how you can leverage our offensive CI/CD framework to empower red team and purple team operations. Evolving endpoint protection software with enhanced detection capabilities and greater visibility […]

KEYNOTE 1: Security Technology Arms Race 2021 – Medal Event

PRESENTATION SLIDES (PDF) The investment into both offensive and defensive technologies has grown dramatically in line with the Internet’s rise as the pivotal system for communications, critical infrastructure, and global finance. Security of the Internet, cloud data, and personal devices, once an afterthought, is now a significant expense and stress on governments, organisations, corporations and […]

ShadowPad: A Masterpiece of Privately Sold Malware in Chinese Espionage

PRESENTATION SLIDES (PDF) SHADOWPAD emerged in 2015 as the successor to PlugX. However, it was not until several infamous supply-chain attack incidents happened – CCleaner, NetSarang and ShadowHammer – that it started to receive wide discussions in public. Unlike publicly-sold PlugX, SHADOWPAD is privately shared among a limited set of customers. Its plugin-based design and […]

Practical AI Red Teaming: A Facial Recognition Case Study

PRESENTATION SLIDES (PDF) Facial recognition technology has grown in prevalence, and today you can find it in different areas of human activity, including social media, smart homes, ATMs, and stores. Recently, researchers have discovered that AI algorithms are prone to adversarial attacks which involve changing an image and staying undetectable to the human eye. While […]

KEYNOTE 2: Protective DNS – Why It Matters and How to Deploy It With No Cloud Needed

PRESENTATION SLIDES (PDF) Many cloud DNS providers including opendns, heimdal, dnsfilter, cloudflare, and quad9 offer dns filtering whereby questions or answers deemed dangerous are answered dishonestly. this constructive dishonesty is a valuable security feature, and one which the US government recommended universally in an announcement in March 2021. However, managed private networks who use DNS […]