POPULARITY
En este nuevo episodio tuvimos la oportunidad de entrevistar a los coordinadores de 3 de las Villages que van a estar en los 20 años de Ekoparty. En esta oportunidad hablamos con Danilo Erazo de la Car Hacking Village, con Mariano Marino de la Hardware Hacking Village y con Seba Wilke y Chris Gehmlich de la Cyberfinance Village. Otro capítulo imperdible!
En este increíble episodio tuvimos el honor de recibir a dos personajes muy reconocidas en el ámbito de la ciberseguridad: Federico K, experto en ciberseguridad con más de 20 años de experiencia en la industria, CEO y cofundador de Faraday Security y Leonardo Pigner, CEO y Co-Founder en Ekoparty.
Hoy estuvimos en el primer día de la Ekoparty, y les cuento un tema muy importante a tener en cuenta, ademas; #Samsung cumple 54 años y realiza un gran festejo en su país natal; El plan de voz de $ 5 de Siri de Apple Music parece estar acabado y mucho más... Los temas del día: #Samsung cumple 54 años y realiza un gran festejo en su país natal https://infosertecla.com/2023/11/01/samsung-cumple-54-anos-y-realiza-un-gran-festejo-en-su-pais-natal/ YouTube está tomando medidas enérgicas contra los bloqueadores de publicidad a nivel mundial https://www.engadget.com/youtube-is-taking-its-fight-against-ad-blockers-global-122041223.html? WeChat y Kaspersky prohibidos en dispositivos móviles emitidos por el gobierno https://www.canada.ca/en/treasury-board-secretariat/news/2023/10/minister-anand-announces-a-ban-on-the-use-of-wechat-and-kaspersky-suite-of-applications-on-government-mobile-devices.html El plan de voz de $ 5 de Siri de Apple Music parece estar acabado https://www.engadget.com/apple-musics-siri-only-5-voice-plan-appears-to-be-toast-195051054.html? Hoy estuvimos en el primer día de la Ekoparty 2023 Hoy les cuento sobre una excelente propuesta para desarrolladores Argentinos desde binary studio academy https://bit.ly/3MiiolB APOYANOS DESDE PAYPAL https://www.paypal.me/arielmcorg APOYANOS DESDE PATREON https://www.patreon.com/radiogeek APOYANOS DESDE CAFECITO https://cafecito.app/radiogeek Podes seguirme desde Twitter @arielmcorg (www.twitter.com/arielmcorg) También desde Instagram @arielmcorg (www.instagram.com/arielmcorg) Sumate al canal de Telegram #Radiogeekpodcast (http://telegram.me/Radiogeekpodcast)
Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Faraday chief executive Federico 'Fede' Kirschbaum joins the show to talk about building a startup in the vulnerability management space, the intricacies of the Argentinian hacking culture, stories of exploit writers and mercenary hackers, and the overwhelming U.S.-centric view of the cybersecurity industry.
Kenn Bro, una eminencia del mundo de OSINT, nos habla de la importancia de la privacidad en Internet ¿somos realmente conscientes? Se dedica profesionalmente a OSINT, sí, es posible y comparte un poquito en este episodio. Ha desarrollado iKy (https://kennbroorg.gitlab.io/ikyweb/) y es parte de la organización de la EKOPARTY. ¿Quién será la siguiente persona entrevistada? Puedes encontrarle en RRSS en: https://twitter.com/kennbroorg https://kennbroorg.gitlab.io/ikyweb/ No sólo estamos en tus oídos, puedes seguirnos en otras RRSS para no perderte nada:
Latin America #cybersecurity @ekoparty #metaverse
En este episodio hablamos de RetroComputación, Ciberseguridad y otras yerbas junto al groso de Nahuel Grisolía @cintainfinita. Recorrimos desde sus inicios, primeros pasos en Ciberseguridad, la importancia que tuvo la #Ekoparty y su actividad hoy en día, siendo uno de los referentes en la región. Staff: Marcos "Situ" Garcia @artsweb Carlos "Chicho" Garay @Chgaray Maxi Soler @maxisoler Emiliano Piscitelli @emilianox
Los programas de bug bounties o caza de errores le permiten a las personas que trabajan en seguridad informática no solo denunciar vulnerabilidades sino también ganar dinero por hacerlo, de forma legal y ordenada. En este episodio Axel Marazzi y Valentín Muro conversaron al respecto con Denise Giusto Bilic, Security Researcher Senior en Dreamlab Technologies y con Alan Levy, conocido como El Mago en el mundo de la tecnología y quien es el Principal Security Consultant de Cinta Infinita, y también forma parte del equipo organizador del programa de Bug Bounty de la Ekoparty, la conferencia de seguridad informática más importante de América Latina.
In this episode of Hack Chat, we dive deep into finding bugs, fuzzing and how Pedram Amini started ZDI while also discussing how he’s bootstrapped two companies. Pedram is a security researcher, published author, founder, investor, advisor, and hacker of all things. He has a strong background in reverse engineering and creative problem-solving skills. He has presented a variety of research at security conferences such as BlackHat, DefCon, RECon, Ekoparty, Microsoft Bluehat, ShmooCon, ToorCon, Virus Bulletin; and taught numerous sold-out courses on reverse engineering. Learn more about Hack Chat: https://www.sentinelone.com/lp/hackchat Learn more about SentinelOne: https://www.sentinelone.com
(05-03-21) Hablamos con Federico Pacheco, Director de Ekoparty Hackademy y especialista en ciberseguridad con más de 20 años de experiencia como docente e investigador. Ekoparty nació en 2001 como punto de encuentro y fuente de inspiración para la comunidad hacker de Latinoamérica. A través de sucesivos encuentros, se convirtieron en referentes en la materia y ahora redoblan la apuesta con la creación de Ekoparty Hackademy, una academia especializada en ciberseguridad alineada a los más altos estándares internacionales (NIST), con un enfoque teórico-práctico que permite desarrollar y explotar todas las habilidades técnicas con contenidos orientados a las necesidades actuales del mercado. #TPLT
Entrevistamos a Sabrina Pagnotta, Periodista y responsable de comunicacion de la Ekoparty. Nos contó sobre las actividades que tendrá esta edicion remota 2020 de la conferencia y como fue el desafío de organizar el evento en medio de la pandemia. Conducción: Daniel Monastersky, Emiliano Piscitelli y Facundo Malaureille.
Entrevistamos a Leonardo Pigñer, uno de los fundadores y actual CEO de Ekoparty. Nos contó sobre los orígenes del evento hacker y como se estan reventando en épocas de cuarentena. Conducción: Daniel Monastersky, Emiliano Piscitelli y Facundo Malaureille.
Federico es uno de los fundadores de la Ekoparty, un clásico porteño que se exporta al mundo y donde abordan sin rodeos la ciberseguridad. Palabra autorizada en la materia, nos pone en alerta: muchas veces la tecnología somos nosotros y debe haber concientización acerca del uso de apps en los teléfonos.
En esta edición les dejamos una cobertura completa sobre la decimocuarta Eko Party, una de las convenciones de seguridad informática más grande de nuestro país. Charlamos con su organizador Federico Kirschbaum (@fede_k), con Fabian Cucchietti un experto en seguridad que encontró una manera de robar datos a través de y Daniel Monastersky (@identidadrobada) que organizó un hackatón solidario para encontrar niños perdidos.
Llego el Episodio especial Ekoparty!!!. Aprovechando nuestro Stand del CTFSocial de OSINT en uno de los eventos más importantes de Seguridad, nos pusimos manos a la obra y grabamos junto a colegas y amigos el Episodio 014 en la Ekoparty 14 (coincidencia ¿?¿?¿?). Esperamos lo disfruten como lo hicimos nosotros. Invitados: Matias S Choren Osvaldo Falabella Maximiliano Macedo Marcelo Temperini Walter Riveros Jorge Martin Vila Daniel Monastersky Matías A. Ré Medina Edgardo Padwan Antonio Mazza Marcelo Romero Abigail Kauf Edith Paliza Baltasar Satriano Staff presente: Marcos Garcia Carlos Loyo Emiliano Piscitelli
Llegó el café informativo de sysarmy. Noticias del mundo Linux, Administración de sistemas y DevOps, mezclado con novedades sobre eventos, meetups, etc. == Pedí tus remeras y merchandising de sysarmy == remeras[at]sysarmy.com.ar == Búsquedas laborales == Sysarmy en LinkedIn: https://goo.gl/1QMlCv Medallia Systems Administrator: https://jobs.lever.co/medallia/3c3f5d... Edrans - Systems Engineer: https://www.edrans.com/#/bolsa-de-tra... Mulesoft - DevOps y Devops Manager: https://www.mulesoft.com/careers/job-... == En este episodio == Discutimos de todo, arrancando por las busquedas laborales del momento, los festejos por la adminfest, las noticias del mes, en donde repasamos algunas de las ultimas caidas de grandes empresas, el partnership de Atlassian y slack, novedades del dataceter acuatico de Microsoft, los 25 años de Wine y de Slackware, vulnerabilidades en tcp y openssh, la actualidad de Python y un repaso por los proximos eventos cerrando con una mesa llena de polémica con las invitadas especiales. == Mencionados en este episodio == Encuesta de sueldo: https://goo.gl/gqESHk Atlassian + Slack: https://www.atlassian.com/blog/announ... Microsoft Datacenter submarino: https://natick.research.microsoft.com/ Wine cumplió 25 años: https://www.theregister.co.uk/2018/07... Slackware 25 años: https://opensource.com/article/18/7/s... Problemas financieros de Pat: https://www.linuxquestions.org/questi... Y: https://www.paypal.me/volkerdi TCP stack vulnerable a DDOS: https://www.kb.cert.org/vuls/id/962459 The default OpenSSH key encryption is bad: https://latacora.singles/2018/08/03/t... Guido Van Rossum se baja como BDFL de Python: https://mail.python.org/pipermail/pyt... == Eventos y meetups == nerdear.la: 30 de agosto al 1 de septiembre: https://nerdear.la/ Museo de Informatica: Sigue la muestra Gamer. NotPinkCon: Vie 24 ago. 2018 https://www.eventbrite.es/e/entradas-... Ekoparty: 26 - 28 de septiembre https://www.ekoparty.org/ == Organizaciones == Museo de Informatica: http://museodeinformatica.org.ar/ Museo de Informatica en Facebook: https://goo.gl/TaASu3 EkoSpace: http://eko.space/ EkoSpace en Facebook: https://goo.gl/VOzYle EkoSpace en Twitter: https://goo.gl/umJHVp == Encontranos en == Web: http://sysar.my Twitter: @sysarmy Facebook: https://goo.gl/tGcpcw IRC en Freenode: #sysarmy Ivoox: https://goo.gl/GtISQ9 Pocketcast: http://pca.st/D3H0 iTunes: https://goo.gl/Nrt22g == Conducen este episodio == Ariel Jolo: @ajolo Jorge Abreu: @ar_jorge1987 == Invitadas == Vero Ovando: @verovand Regina Loustau: @Rhapsody_Girl
Novedades en el Eventos de Seguridad Ekoparty, los automóviles autónomos, voto electrónico. Consejos de Jerónimo Basaldúa sobre qué medidas de seguridad toma con respecto al manejo de sus cuentas.
Programa emitido el viernes 29/09/2017. Te mostramos en EXCLUSIVA la nueva SNES Mini o Super Nintendo, el mismo día que salió a la venta en todo el mundo, la prendimos, la usamos, jugamos y te contamos todo. Además, vinieron los chicos de Ghoakhan, un grupo de combate medieval que nos contó todo sobre esta disciplina, reseñamos el nuevo Blackberry KEYone, la nueva apuesta de la marca, y debatimos sobre los juegos gratis de PlayStation Plus y los Games with Gold de Octubre. Repasamos todo lo que nos dejó la Ekoparty, la convención hacker más importante de la región y las noticias más importantes de videojuegos, tecnología, cine y series. EN VIVO en radioledonline.com o escuchanos también en vivo con tu smartphone desde las apps NOBEX, TUNE IN y STITCHER! La casa del gamer, el patio de atrás del geek y la herramienta principal para los que quieren entender un poquito más de tecnología. www.culturageek.com.ar FB: culturageek.com.ar TW: @culturageek IG: culturageek.com.ar CONDUCCIÓN: Augusto Finocchiaro Preci con Agustina Montillo, Jorge Abreu, Estefanía Barth, Jose Argañaraz, Laura Romero, Claudio Villalba y Juan Asenjo.
Llegó el café informativo de sysarmy. Noticias del mundo Linux, Administración de sistemas y DevOps, mezclado con novedades sobre eventos, meetups, etc. Leaks, leaks, hacks, hacks, y alguna que otra caida. ¿Que pasó en este ultimo mes? De todo: TestingAR sacó su propio podcast llamado SyntaxError, nos visitó Alfredo Ortega, un consultor en Seguridad Informatica que la tiene clarisima para charlar sobre su experiencia en la DEFCON y sobre el Voto Electronico en Argentina. Se cayó internet en Argentina por el corte de unos cables en Las Toninas, pasó el dia de la Neutralidad en la Red, se cayó New Relic y muchas empresas durante 2 horas no tenian visibilidad de logs, se cayó el servicio de HBO Go (basicamente todos los domingos que sale un episodio nuevo de Game Of Thrones), hackearon servidores de HBO, leakearon episodios de Game Of Thrones, leakearon guiones de series de HBO, y hasta mails y telefonos de actores. Hackearon a Taringa, en Google un Dev con pocas luces distribuyó un memo en contra de sus pares mujeres, Microsoft y el Paint un solo corazon, Nerdearla, Sysarmy, EuroPython, de todo, ¡esperamos que les guste! == Mencionados en este episodio == Caída de Las Toninas: https://goo.gl/rVXdPq Net Neutrality Day: https://goo.gl/22ntxN Caida New Relic: https://goo.gl/uuL52J Caída de HBO Go: https://goo.gl/pYYCLk HBO Leak de capítulos: https://goo.gl/ZQytxC Hackeo a HBO: https://goo.gl/H6oShb Hackeo Taringa: https://goo.gl/s2KMbD Memo interno de Google: https://goo.gl/cHeKj2 Microsoft y Paint: https://goo.gl/ovNqLb Nerdear.la Online: https://www.youtube.com/user/nerdearla Sysarmy 5 años: https://www.youtube.com/watch?v=qc4o0... Europython: https://ep2017.europython.eu/en/ OpenQube: http://openqube.io/ Encuesta de Sueldos: https://t.co/87XZKWvIyl == Eventos y meetups == Ekoparty: https://www.ekoparty.org Meetarmy 31/8 en Edrans: https://goo.gl/tCqBAc Hackathon devs4good: http://www.laburojoven.com/ == Búsquedas laborales == Conexión HR: https://goo.gl/Ujpc1q Medallia: https://goo.gl/GfKMUK Despegar: https://goo.gl/6ui6Wq sysarmy en LinkedIn: https://goo.gl/1QMlCv == Otros mencionados == EkoSpace en Facebook: https://goo.gl/VOzYle EkoSpace en Twitter: https://goo.gl/umJHVp == Encontranos en == Web: http://sysar.my Twitter: @sysarmy Facebook: Elección Root IRC en Freenode: #sysarmy Ivoox: https://goo.gl/GtISQ9 Pocketcast: http://pca.st/D3H0 iTunes: https://goo.gl/Nrt22g ==Conducen este episodio== Ariel Jolo: @ajolo Jorge Abreu: @ar_jorge1987 ==Producción== Regina Loustau: @Rhapsody_Girl ==Invitados== Alfredo Ortega: @ortegaalfredo
En este genial episodio hablamos de los eventos de abril y mayo como GeekOut Fest y Flisol, de la empresa ADA con Celeste Medina de invitada, que busca darle un empujón a las mujeres que se quieren dedicar al desarrollo web, de la DrupalCon, de la caída de WhatsApp y de WannaCry, el Ransomware que puso en pánico a medio mundo, con otro invitado especial: Federico Kirschbaum. == Mencionados en este episodio == Ubuntu disponible en la Windows Store: http://www.muylinux.com/2017/05/12/ub... Canonical starts IPO path: http://www.zdnet.com/article/canonica... Caída de WhatsApp: http://www.redusers.com/noticias/mala... WannaCry: http://www.bbc.com/news/technology-39... ADA: http://www.ada.com.ar Programá tu futuro: http://www.buenosaires.gob.ar/educaci... == Eventos y meetups == nerdear.la: https://nerdear.la Ekoparty: https://www.ekoparty.org == Búsquedas laborales == Talent IT up: https://goo.gl/skUvhh OLX: https://goo.gl/BaWy8l Medallia: https://goo.gl/b5fU8F sysarmy en LinkedIn: https://goo.gl/1QMlCv == Otros mencionados == EkoSpace en Facebook: https://goo.gl/VOzYle EkoSpace en Twitter: https://goo.gl/umJHVp == Encontranos en == Web: http://sysar.my Twitter: @sysarmy Facebook: Elección Root IRC en Freenode: #sysarmy Ivoox: https://goo.gl/GtISQ9 Pocketcast: http://pca.st/D3H0 iTunes: https://goo.gl/Nrt22g ==Conducen este episodio== Ariel Jolo: @ajolo Jorge Abreu: @ar_jorge1987 ==Producción== Regina Loustau: @Rhapsody_Girl ==Invitados== Celes Medina: @celes_medina Federico Kirschbaum: @fede_k
Cómo se pueden vulnerar los sistemas electrónicos, informe de la entrevista a Javier Smaldone [@mis2centavos] e Ivan Ariel Barrera Oro [@HacKanCuBa]
CampusParty y Ekoparty: Voto electronico, redes wifi y seguridad Videollamadas en whatsapp
ThunderStrike 2: Sith Strike Trammel Hudson Vice President, Two Sigma Investments Xeno Kovah Co-founder, LegbaCore, LLC Corey Kallenberg Co-Founder, LegbaCore, LLC The number of vulnerabilities in firmware disclosed as affecting Wintel PC vendors has been rising over the past few years. Although several attacks have been presented against Mac firmware, unlike their PC counterparts, all of them required physical presence to perform. Interestingly, when contacted with the details of previously disclosed PC firmware attacks, Apple systematically declared themselves not vulnerable. This talk will provide conclusive evidence that Mac's are in fact vulnerable to many of the software only firmware attacks that also affect PC systems. In addition, to emphasize the consequences of successful exploitation of these attack vectors, we will demonstrate the power of the dark side by showing what Mac firmware malware is capable of. Trammell Hudsonenjoys taking things apart and understanding how they work. He presented the Thunderstrike firmware vulnerability at 31C3, created the Magic Lantern firmware for Canon cameras, and teaches classes at the Brooklyn hackerspace NYC Resistor. Twitter: @qrs Web: https://trmm.net/ Xeno Kovah's speciality area is stealth malware and its ability to hide from security software and force security software to lie. To combat such attacks he researches trusted computing systems that can provide much stronger security guarantees than normal COTS. He co-founded LegbaCore in 2014 to help improve security at the foundation of computing systems. He is also the founder and lead contributor to OpenSecurityTraining.info. He has posted 9 full days of class material material on x86 assembly, architecture, binary formats (PE and ELF), and Windows rootkits to OpenSecurityTraining.info. Twitter: @XenoKovah Twitter: @legbacore Corey Kallenberg is a co-founder of LegbaCore, a consultancy focused on evaluating and improving host security at the lowest levels. His specialty areas are trusted computing, vulnerability research and low level development. In particular, Corey has spent several years using his vulnerability research expertise to evaluate limitations in current trusted computing implementations. In addition, he has used his development experience to create and improve upon trusted computing applications. Among these are a timing based attestation agent designed to improve firmware integrity reporting, and an open source Trusted Platform Module driver for Windows. Corey is also an experienced trainer, having created and delivered several technical courses. He is an internationally recognized speaker who has presented at BlackHat USA, DEF CON, CanSecWest, Hack in the Box, NoSuchCon, SyScan, EkoParty and Ruxcon. Twitter: @CoreyKal Twitter: @legbacore
Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Andres-Blanco-802.11-Massive-Monitoring-UPDATED.pdf 802.11 Massive Monitoring Andres Blanco Sr Researcher, Core Security Andres Gazzoli Sr Developer, Core Security Wireless traffic analysis has been commonplace for quite a while now, frequently used in penetration testing and various areas of research. But what happens when channel hopping just doesn't cut it anymore -- can we monitor all 802.11 channels? In this presentation we describe the analysis, different approaches and the development of a system to monitor and inject frames using routers running OpenWRT as wireless workers. At the end of this presentation we will release the tool we used to solve this problem. Andrés Blanco is a researcher at CoreLabs, the research arm of Core Security. His research is mainly focused on wireless, network security and privacy. He has presented at Black Hat USA Arsenal, Hacklu and Ekoparty, and has published several security advisories. Twitter: @6e726d Andrés Gazzoli works at Core Security and is part of the Core Impact Pro developer team. He is a C++ developer with extensive experience in UI development. He enjoys everything related to wireless technologies and privacy.
Attacking Hypervisors Using Firmware and Hardware Yuriy Bulygin Advanced Threat Research, Intel Security Mikhail Gorobets Advanced Threat Research, Intel Security Alexander Matrosov Advanced Threat Research, Intel Security Oleksandr Bazhaniuk Advanced Threat Research, Intel Security Andrew Furtak Security Researcher In this presentation, we explore the attack surface of modern hypervisors from the perspective of vulnerabilities in system firmware such as BIOS and in hardware emulation. We will demonstrate a number of new attacks on hypervisors based on system firmware vulnerabilities with impacts ranging from VMM DoS to hypervisor privilege escalation to SMM privilege escalation from within the virtual machines. We will also show how a firmware rootkit based on these vulnerabilities could expose secrets within virtual machines and explain how firmware issues can be used for analysis of hypervisor-protected content such as VMCS structures, EPT tables, host physical addresses (HPA) map, IOMMU page tables etc. To enable further hypervisor security testing, we will also be releasing new modules in the open source CHIPSEC framework to test issues in hypervisors when virtualizing hardware. Mikhail Gorobets is a security researcher in the Advanced Threat Research team. His area of expertise includes hardware security, virtualization technologies, reverse engineering, and vulnerability analysis. Previously, he led a team of security researchers working on Intel Virtualization Technology (VTx) and Intel Atom core security evaluation. Mikhail holds a MS in computing machines, systems, and networks from the Moscow Institute of Electronics and Mathematics. Alexander Matrosov has more than ten years of experience with malware analysis, reverse engineering, and advanced exploitation techniques. He is currently a senior security researcher in the Advanced Threat Research team at Intel Security Group. Prior to this role, he spent four years focused on advanced malware research at ESET. He is co-author of numerous research papers, including “Stuxnet Under the Microscope,” “The Evolution of TDL: Conquering x64,” and "Mind the Gapz: The most complex bootkit ever analyzed?". Alexander is frequently invited to speak at security conferences such as REcon, Ekoparty, Zeronigths, AVAR, CARO, and Virus Bulletin. Nowadays, he specializes in the comprehensive analysis of advanced threats, modern vectors of exploitation, and hardware security research. Oleksandr Bazhaniuk is a security researcher in the Advanced Threat Research team. His primary interests are low-level hardware security, bios/uefi security, and automation of binary vulnerability analysis. His work has been presented at world-renowned conferences, including Black Hat USA, Hack In The Box, Hackito Ergo Sum, Positive Hack Days, Toorcon, CanSecWest. He is also a co-founder of DCUA, the first DEF CON group in Ukraine. Andrew Furtak is a security researcher focusing on security analysis of firmware and hardware of modern computing platforms. He was previously a security software engineer. Andrew holds a MS in applied mathematics and physics from the Moscow Institute of Physics and Technology. Yuriy Bulygin is chief threat researcher at Intel Security Group where he is leading the Advanced Threat Research team in identifying and analyzing new threats impacting modern platforms and researching mitigations in hardware and software against these threats. He joined Intel’s Security Center of Excellence in 2006, where he was responsible for conducting security analysis and penetration testing of microprocessors, chipsets, graphics, and various other components, firmware, and technologies on Intel PCs, servers, and mobile devices. Yuriy is also a member of the core security architecture team reviewing Intel’s future products. Prior to joining Intel, he was teaching undergrad seminars in information security at Moscow Institute of Physics and Technology. Twitter: @c7zero
Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Kallenberg/DEFCON-22-Corey-Kallenberg-Extreme-Privilage-Escalation.pdf Additional Materials available here: https://defcon.org/images/defcon-22/dc-22-presentations/Kallenberg/DEFCON-22-Corey-Kallenberg-Extreme-Privilage-Escalation-WP-UPDATED.pdf Extreme Privilege Escalation On Windows 8/UEFI Systems Corey Kallenberg MITRE Xeno Kovah MITRE It has come to light that state actors install implants in the BIOS. Let no one ever again question whether BIOS malware is practical or present in the wild. However, in practice attackers can install such implants without ever having physical access to the box. Exploits against the BIOS can allow an attacker to inject arbitrary code into the platform firmware. This talk will describe two such exploits we developed against the latest UEFI firmware. The UEFI specification has more tightly coupled the bonds of the operating system and the platform firmware by providing the well-defined "runtime services" interface between the OS and the firmware. This interface is more expansive than the interface that existed in the days of conventional BIOS, which has inadvertently increased the attack surface against the platform firmware. Furthermore, Windows 8 has introduced APIs that allow accessing this UEFI interface from a userland process. Vulnerabilities in this interface can potentially allow a userland process to escalate its privileges from "ring 3" all the way up to that of the platform firmware, which includes permanently attaining control of the very-powerful System Management Mode (SMM). This talk will disclose two vulnerabilities that were discovered in the Intel provided UEFI reference implementation, and detail the unusual techniques needed to successfully exploit them. Corey Kallenberg is a security researcher for The MITRE Corporation who has spent several years investigating operating system and firmware security on Intel computers. In 2012 he coauthored work presented at DEF CON and IEEE S&P on using timing based attestation to detect Windows kernel hooks. In 2013 he helped discover critical problems with current implementations of the Trusted Computing Group's "Static Root of Trust for Measurement" and co-presented this work at NoSuchCon and Blackhat USA. Later, he discovered several vulnerabilities which allowed bypassing of "signed BIOS enforcement" on a number of systems, allowing an attacker to make malicious modifications to the platform firmware. These attacks were presented at EkoParty, HITB, and PacSec. Recently, Corey has presented attacks against the UEFI "Secure Boot" feature. Corey is currently continuing to research the security of UEFI and the Intel architecture. twitter: @coreykal Xeno Kovah is a Lead InfoSec Engineer at The MITRE Corporation, a non-profit company that runs 6 federally funded research and development centers (FFRDCs) as well as manages CVE. He is the team lead for the BIOS Analysis for Detection of Advanced System Subversion project. On the predecessor project, Checkmate, he investigated kernel/userspace memory integrity verification & timing-based attestation. Both projects have a special emphasis on how to make it so that the measurement agent can't just be made to lie by an attacker. Xeno is also the founder and leading contributor to OpenSecurityTraining.info. twitter: @xenokovah Special thanks to the contributing researchers for their help in co-authoring: John Butterworth is a security researcher at The MITRE Corporation who currently specializes in Intel firmware security. In 2012 he co-authored the whitepaper "New Results for Timing-Based Attestation" which used timing based attestation to detect Windows kernel hooks. This research was presented at DEF CON and the 2012 IEEE Symposium on Security and Policy. In 2013 he and his colleagues authored "BIOS Chronomancy:Fixing the Static Root of Trust for Measurement" which proposed using Timing-Based Attestation during the BIOS boot process to resolve critical problems which they had found with current implementations of the Trusted Computing Group's "Static Root of Trust for Measurement". He has presented this research at NoSuchCon, Black Hat USA, SecTor, SEC-T, Breakpoint, and Ruxcon. Following this he has created a tool called Copernicus designed to determine just how prevalent vulnerable BIOS is in industry. John is currently continuing to research the security of BIOS/UEFI and the Intel architecture. Sam Cornwell is a Sr. InfoSec Engineer at The MITRE Corporation, a not-for-profit company that runs 6 federally funded research and development centers (FFRDCs) as well as manages CVE. Since 2011 he has been working on projects such as Checkmate (a kernel and userspace memory integrity verification & timing-based attestation tool), Copernicus, a (BIOS extractor and configuration checker), and several other private security sensors designed to combat sophisticated threats. He has also researched and developed attacks against UEFI SecureBoot.
Slides here: https://defcon.org/images/defcon-22/dc-22-presentations/Cerrudo/DEFCON-22-Cesar-Cerrudo-Hacking-Traffic-Control-Systems-UPDATED.pdf Hacking US (and UK, Australia, France, etc.) traffic control systems Cesar Cerrudo CTO, IOACTIVE LABS Probably many of us have seen that scene from "Live Free or Die Hard" (Die Hard 4) were the "terrorist hackers" manipulate traffic signals by just hitting Enter key or typing a few keys, I wanted to do that! so I started to look around and of course I couldn't get to do the same, that's too Hollywood style! but I got pretty close. I found some interesting devices used by traffic control systems on important cities such as Washington DC, Seattle, New York, San Francisco, Los Angeles, etc. and I could hack them :) I also found that these devices are also used in cities from UK, France, Australia, China, etc. making them even more interesting. This presentation will tell the whole story from how the devices were acquired, the research, on site testing demos (at Seattle, New York and Washington DC), vulnerabilities found and how they can be exploited, and finally some possible NSA style attacks (or should I say cyberwar style attacks?) Oh, I almost forgot, after this presentation anyone will be able to hack these devices and mess traffic control systems since there is no patch available (sorry didn't want to say 0day ;)) I hope that after this I still be allowed to enter (or leave?) the US Cesar Cerrudo is CTO at IOActive Labs where he leads the team in producing ongoing cutting edge research in the areas of SCADA, mobile device, application security and more. Formerly the founder and CEO of Argeniss Consulting, acquired by IOActive, Cesar is a world renown security researcher and specialist in application security. Throughout his career, Cesar is credited with discovering and helping to eliminate dozens of vulnerabilities in leading applications including Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft BizTalk Server, Microsoft Commerce Server, Microsoft Windows, Yahoo! Messenger, etc. In addition, Cesar has authored several white papers on database, application security, attacks and exploitation techniques and he has been invited to present at a variety of companies and conferences including Microsoft, Black Hat, Bellua, CanSecWest, EuSecWest, WebSec, HITB, Microsoft BlueHat, EkoParty, FRHACK, H2HC, Defcon, Infiltrate, etc. Cesar collaborates with and is regularly quoted in print and online publications including eWeek, ComputerWorld, and other leading journals. Twitter: @cesarcer
1 hora e 4 minutos Eventos Videos da Ekoparty 2007 (de novo, mas agora sim: Todos os videos do YSTS 1.0) Videos da Shmoocon Um monte de outros videos de conferencias Shmoocon CFP 21st First CFP Malware Challenge Notícias World's first unclonable RFID chip UAE banks hit by surge in ATM fraud MI6 Camera With Secret Images Bought on eBay for $30 Captcha Duca Chip permitirá controlar filhos jovens ao volante Asus admits Eee Box mini PC shipped with virus Russian researchers achieve 100-fold increase in WPA2 cracking speed WarGames: 25 Years Later