COMMSEC: Upgrading Rollback Agnostic Replay Attacks
PRESENTATION SLIDES (PDF) This talk is about “Car Hacking” – in particular it will be aimed at explaining radio frequencies and BLE (Bluetooth Low Energy) including an exhaustive analysis of Rolling Codes, breaking them down and analysing them in detail. The presentation will cover the logic and operation of these attacks, details and steps to […]
COMMSEC: API Security in the Age of Microservices
PRESENTATION SLIDES (PDF) As more organizations adopt microservices architectures, API security becomes even more critical. This talk will explore the unique challenges of securing APIs in a microservices environment and provide strategies for mitigating risks. Microservices architecture requires a fundamentally different approach to API security compared to traditional monolithic architectures. In a monolithic architecture, security […]
LOCKNOTE: The Hand That Strikes, Also Blocks
PRESENTATION SLIDES (PDF) “We are not so different, you and I. We’ve both spent our lives looking for the weaknesses in one anothers’ systems.” – George Smiley, Tinker, Tailor, Soldier, Spy For over two decades, working as an cybersecurity entrepreneur, researcher and instructor, I have heard over and over again that attacks and defense are […]
Poisoned Apples: Current State of iOS Malware Detection
PRESENTATION SLIDES (PDF) This talk is an overview about recent iOS 0-1 Click Malware and focuses on the current technical capabilities that we have when it comes to detecting malware on iOS. I will start again with the analysis of the four main samples of iOS Malware that are known to the public as of […]
XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars
PRESENTATION SLIDES (PDF) XRP token is one of the most popular cryptocurrencies in the world. It was rated 6th with a market capitalization of about 40 billion dollars among all crypto currencies. Tokens with a value of billions of dollars are being traded every single day. In this presentation, we’ll uncover an 8-year-old P2P RCE […]
Windows Syscalls in Shellcode: Advanced Techniques for Malicious Functionality
PRESENTATION SLIDES (PDF) Windows syscalls for many years had virtually never been used due to the portability problem associated with syscall system service numbers (SSNs), as they can change from one OS Build, to the next, and Windows 10 already has more than a dozen OS Builds. Thus, it was not practical to use Windows […]
3 Years in China: A Tale of Building a REAL Full Speed Anti-Censorship Router
PRESENTATION SLIDES (PDF) Reversing GFW (Great FireWALLl) is not a new topic, but it evolved over the years. Especially these past 3 years, things have changed and the WALL has become greater and stronger. As a person staying in China since 28th Jan 2020, this talk is to share the knowledge behind and over the […]
The Next Generation of Virtualization-based Obfuscators
PRESENTATION SLIDES (PDF) Code obfuscation has become a vital tool to protect, for example, intellectual property against the prying eyes of competitors. Generally speaking, obfuscation makes program code more complex and thus less intelligible. In our talk, we first give an overview of contemporary code obfuscation schemes. We focus on the design & architecture of […]
Resurrecting Zombies – Leveraging Advanced Techniques of DMA Reentrancy to Escape QEMU
PRESENTATION SLIDES (PDF) Vulnerabilities in the processing of I/O requests are usually an important reason for escaping QEMU. However, the normal code in I/O handlers were extensively audited, so hackers turn to focusing a new attack surface which called DMA MMIO reentrancy issue in recent years. Although these vulnerabilities were disclosed and security researchers have […]
Automated Black-box Security Testing of “Smart” Embedded Devices
PRESENTATION SLIDES (PDF) Black-box fuzzing is often the only viable automated testing option in several scenarios. This is particularly important in the domain of Internet of Things (IoT) and embedded devices, due to the difficulties in obtaining or extracting custom firmware. Unfortunately, when applied naively, black-box fuzzing mostly produces invalid inputs, which are quickly discarded […]
