Tag: Black Hat

Mobile Network Hacking, IP Edition

By Karsten Nohl, Luca Melette & Sina Yazdanmehr We explore which protection measures are missing from the mobile network and discuss how to best bring them over from the IT security domain into mobile networks. Full Abstract & Presentation Materials:...

/ January 15, 2020

Investigating Malware Using Memory Forensics – A Practical Approach

This presentation mainly focuses on the practical concept of memory forensics and shows how to use memory forensics to detect, investigate and understand the capabilities of malicious software. In addition to that, with the help of various demonstrations, the presentation...

/ January 15, 2020

Hardening Hyper-V through Offensive Security Research

Virtualization technology is fast becoming the backbone of the security strategy for modern computing platforms. Hyper-V, Microsoft’s virtualization stack, is no exception and is therefore held to a high security standard, as is demonstrated by its $250,000 public bug bounty...

/ January 15, 2020

Understanding and Exploiting Implanted Medical Devices

This presentation is the culmination of an 18-month independent case study in implanted medical devices. The presenters will provide detailed technical findings on remote exploitation of a pacemaker systems, pacemaker infrastructure, and a neurostimulator system. Exploitation of these vulnerabilities allow...

/ January 15, 2020

Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library

This talk will give you the tools to expose what Android malware authors are trying to hide. By Maddie Stone Full Abstract & Presentation Materials: https://www.blackhat.com/us-18/briefings/schedule/index.html#unpacking-the-packed-unpacker-reverse-engineering-an-android-anti-analysis-native-library-10795

/ January 15, 2020

Return of Bleichenbacher’s Oracle Threat (ROBOT)

We’ll show how we found one of the oldest TLS vulnerabilities in products of 10 different vendors and how we practically exploited it on famous sites. We’ll also discuss how the countermeasures introduced back in TLS 1.0 and expanded over...

/ January 15, 2020

Windows Offender: Reverse Engineering Windows Defender’s Antivirus Emulator

In this presentation, we’ll look at Defender’s emulator for analysis of potentially malicious Windows PE binaries on the endpoint. To the best of my knowledge, there has never been a conference talk or publication on reverse engineering the internals of...

/ January 15, 2020

An Inside Story of Mitigating Speculative Execution Side Channel Vulnerabilities

In this presentation, we will describe Microsoft’s approach to researching and mitigating speculative execution side channel vulnerabilities. This approach involved bringing experts from across Microsoft, hiring an industry expert to accelerate our understanding of the issues, and collaborating across the...

/ January 15, 2020

So I became a Domain Controller

While SAMBA did implement Active Directory replication protocol for years, it was not easy to abuse it, especially on the Windows OS. The lsadump::DCSync feature in mimikatz was a first breakout in this area. Red teamers could extract secrets needed...

/ January 15, 2020

The Finest Penetration Testing Framework for Software-Defined Networks

In this talk, we introduce a powerful penetration testing tool for SDN called DELTA, which is officially supported by Open Networking Foundation (ONF). By Jinwoo Kim + Seungsoo Lee + Seungwon Shin + Seungwon Woo Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#the-finest-penetration-testing-framework-for-software-defined-networks–10101

/ January 15, 2020

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

Computer malware in all its forms is nearly as old as the first PCs running commodity OSes, dating back at least 30 years. However, the number and the variety of “computing devices” dramatically increased during the last several years. Therefore,...

/ January 15, 2020

An Attacker Looks at Docker: Approaching Multi-Container Applications

The goal of this talk is to provide a penetration tester experienced in exploitation and post-exploitation of networks and systems with an exposure to containerization and the implications it has on offensive operations. Docker is used as a concrete example...

/ January 15, 2020