COMMSEC: Detecting Botnets via DNS Traffic Analysis Using Machine Learning
Botnets represent a substantial cyber threat, frequently employed in illicit activities such as Distributed Denial of Service (DDoS) attacks and data theft. These botnets adeptly evade detection through the continual advancement of techniques designed to obscure their command and control (C&C) servers. This study introduces a methodology for the detection of botnet-infected devices via the […]
HITB LAB: Build Your Own Drone Attacking Device
This is a two hrs intensive workshop about building a device to attack consumer drones. It includes the common attack vectors from internal to external and modules on understanding drone signals. Attack Vectors (common methods for drone hacking) Firmware – modify or obfuscate the firmware Applications – hijacking of the mobile devices or mal-application Radio […]
HITB LAB: Bring Your Own SOAR: Automated Incident Response
Incident response involves processes beyond investigations like alert management, tuning detections, communication, tracking incident-related metrics, handoffs, etc, that can be tedious, repetitive, and time consuming, especially considering our all-remote environment at GitLab. For that purpose, our incident response team has developed a set of (mostly) Slack-based tools to standardize the process for incident response management […]
COMMSEC: Breaking Fake Voice Detection with Speaker-Irrelative Features
PRESENTATION SLIDES Voice is a vital medium for transmitting information. The advancement of speech synthesis technology has resulted in high-quality synthesized voices indistinguishable from human ears. These fake voices have been widely used in natural Deepfake production and other malicious activities, raising serious concerns regarding security and privacy. To deal with this situation, there have […]
KEYNOTE 2: TBA
TBA
COMMSEC: Who’s the Author? How Automated Malware Attribution Engines Work
PRESENTATION SLIDES In an ever-changing cyber threat landscape, malware analysis is an effective tool that can help both in responding to incidents and in predicting future attacks. For the latter, attribution of malware samples is well suited, allowing one to identify a cybercriminal group. This information, especially obtained in the early stages of an attack, […]
Dragon Slaying Guide: Bug Hunting In VMware Device Virtualization
PRESENTATION SLIDES VMware Workstation/ESXi is one of the most popular commercial virtualization software on the market. Its complex virtualization system design and critical position in infrastructure have made it a top target for hackers over the long term. For security researchers, discovering virtualization escape vulnerabilities in the VMware hypervisor is as challenging as confronting a […]
Silencing Spies: Revealing Microphone Nonlinear Behavior and Building an Ultrasonic Jammer
PRESENTATION SLIDES In the contemporary digital age, where privacy and information security are under constant threat, the ubiquitous presence of sound sensors in devices has become a double-edged sword. These sensors, while integral to modern conveniences, also pose a significant risk as malicious entities can exploit them to monitor and record private activities covertly. This […]
COMMSEC: Flash Loans: The Blessing or Curse of DeFi
PRESENTATION SLIDES We will talk about a comprehensive analysis of flash loan attacks within the DeFi ecosystem. This includes understanding the mechanics of flash loans, exploring how these attacks are executed, analyzing notable case studies, and discussing the impact of these attacks. Additionally, the paper aims to provide effective mitigation strategies and best practices for […]
Secret Scanning in Open Source at Scale (in-depth)
PRESENTATION SLIDES Supply chain security conversation is booming these days after attacks like log4j came to the scene. In this in-house research, we have conducted research on publicly available open-source assets like (JS packages), WordPress Plugins, and Ruby Gems to find out the presence of mistakenly or deliberately publicly exposed secrets (including private API keys […]
