The agenda for talks at this year's HITB Security Conference in Amsterdam have been announced! Taking place on the 13th and 14th of April, the conference is packed as always with a wide range of talks covering everything from attacks against medical devices to hands-on sessions on using machine learning for security applications to malicious document analysis and attacking Bluetooth locks!
The 8th annual Hack In The Box Security Conference in Amsterdam will feature brand new 2 and 3-day hands-on technical trainings covering a wide variety of topics from Linux kernel exploitation techniques to advanced malware analysis and more.
L33tdawg: The slides and whitepaper from Bernhard's #HITBGSEC talk is available here: http://gsec.hitb.org/sg2016/sessions/attacking-software-tokens/
Mobile apps that generate on-screen tokens for two-factor authentication can be examined and cloned by malware, a security researcher warns.
Fraudsters and crooks can take these clones and generate the codes necessary to login into bank accounts and other online services as their victims.
This talk will describe first the landscape of side channel vulnerabilities, the types which are possible given different virtualization circumstances, and the basic primitives of an side-channel attack. This survey will contrast against the specific exploitation of the cloud based environment.
Automotive security is a hot research area but up till now, research has only centered around how to attack with no single complete solution for defense.
Radio timing service, such as GPS, BPC, JJY, WWVB, DCF77, WWVH have been widely used as a basic time source for industry or individual systems. These signals are used by millions of people to synchronize consumer electronic products like wall clocks, clock radios, and wristwatches. NTP sever also use these signals to get a precise time.
Everything must be connected right now! Go! Do it! It’ll be great….
Then I’ll be able to order my Iced Half Caff Ristretto Venti 4-Pump Sugar Free Cinnamon Dolce Soy Skinny Latte so I can pick it up on the way to work as I cycle past the coffeee shop without breaking a sweat… Marvelous!
LTE is a more advanced mobile network but not absolutely secure.
In this presentation, we will introduce a method which jointly exploits the vulnerabilities in tracking area update procedure, attach procedure, and RRC redirection procedure in LTE networks resulting in the ability to force a targeted LTE cellphone to downgrade into a malicious GSM network where an attacker can subsequently eavesdrop its voice calls and GPRS data.
Exploit kits are one of the threats that is ever present on the Internet. Indiscriminately compromising users that are simply surfing websites. As ransomware has exploded so has the proliferation of these exploit kits. This combination of ransomware, tor, and bitcoin has created a financially lucrative monster.
