COMMSEC: Say What You Want – Building a Full-Speed Anti-Censorship Router

Since this talk was presented in #HITB2023AMS, I have been receiving email and tweet DMs asking for more information. So I decided to bring this talk back to HITB2023HKT. With additional stories. Reversing GFW (Great FireWALLl) is not a new topic, but it evolved over the years. Especially these past 3 years, things have changed […]

HITB LAB: Build Your Own Drone Attacking Device

This is a two hrs intensive workshop about building a device to attack consumer drones.  It includes the common attack vectors from internal to external and modules on understanding drone signals. Attack Vectors (common methods for drone hacking) Firmware – modify or obfuscate the firmware Applications – hijacking of the mobile devices or mal-application Radio […]

HITB LAB: Bring Your Own SOAR: Automated Incident Response

Incident response involves processes beyond investigations like alert management, tuning detections, communication, tracking incident-related metrics, handoffs, etc, that can be tedious, repetitive, and time consuming, especially considering our all-remote environment at GitLab. For that purpose, our incident response team has developed a set of (mostly) Slack-based tools to standardize the process for incident response management […]

COMMSEC: Shining a Light On Solar System Cyber Security

In this talk, I will present serious issues with residential & commercial hardware used to control critical elements of the power sector. A sustained attack on the energy sector would be catastrophic, to say the very least. With novel scenarios such as ripple detectors, negative power demand, automatic street transformer tap changers, and the risk […]

COMMSEC: Bugs in Blocks

Love it or hate it, blockchain has become a playground for techies. The chains also fuel criminal ecosystems through major hacking incidents. Blockchain bugs present unique challenges for developers and security testers. In this talk, we shed light on the most common bug types found in one of the main blockchain frameworks and provide insights […]

gVisor: Modern Linux Sandboxing Technology

Sandboxing is very important in information security and while the Linux world has a lot of sandbox solutions and also sandboxing primitives, there is no dominating sandbox solution, and every one has it’s own set of advantages and disadvantages. An ideal sandbox solution should be easy to use, security focused, and also offer “full observablity […]

Exploiting the Lexmark PostScript Stack

Lexmark printers implement a custom closed source PostScript stack called `pagemaker` that NCC Group’s Exploit  Development Group exploited two different times during the Pwn2Own Toronto 2022 contest. This talk will cover some internals of the Lexmark PostScript stack, an introduction to the PostScript language and related functionality required to understand exploitation of the discovered bugs, […]

It Was Harder to Sniff Bluetooth Through My Mask During The Pandemic

During the pandemic I took up Bluetooth (BT) sniffing as a way to get out of the house. I didn’t know what was out there for BT devices, but it felt important to know what the implications were of the new over-the-air, no-auth, cross-device, firmware-level exploits on BT chips that my wife and others had […]

How to Design Your Own Electronic Attack Device

Many security attacks and tests are hardware-related. For example, using a portable small computer for network attacks, using a Wi-Fi card with monitor mode for Wi-Fi cracking, using a BadUSB device to gain target privileges, or using a phishing Wi-Fi to steal passwords. These attack methods are usually effective, but there are two problems: they […]