Skip to main content

HITB2013AMS

Hackers turn a Canon EOS-1D X camera into a remote surveillance tool

posted onApril 15, 2013
by l33tdawg

The high-end Canon EOS-1D X camera can be hacked for use as a remote surveillance tool, with images remotely downloaded, erased and uploaded, a researcher said during the Hack in the Box security conference in Amsterdam on Wednesday.

The digital SLR camera has a Ethernet port and also supports wireless connection via a WLAN adapter. That connectivity is particularly useful for photojournalists who can quickly upload the photos to a FTP server or a tablet, according to German security researcher Daniel Mende of ERNW.

Hackers could start abusing electric car chargers to cripple the grid

posted onApril 15, 2013
by l33tdawg

L33tdawg: Ofer's slides along with all other presentation materials can be downloaded from http://conference.hitb.org/hitbsecconf2013ams/materials/

Hackers could use vulnerable charging stations to prevent the charging of electric vehicles in a certain area, or possibly even use the vulnerabilities to cripple parts of the electricity grid, a security researcher said during the Hack in the Box conference in Amsterdam on Thursday.

Beyond TSA checkpoints: Weaponizing everyday items sold in airports

posted onApril 15, 2013
by l33tdawg

So if the TSA confiscated your dangerous tube of toothpaste over 3 ounces, or perhaps took possession of another object on the prohibited items list, it’s all “for the safety and security of the traveling public.” Right? Well the answer is no, not so much, especially after seeing a presentation that showed just how easily a person can make a weapon after going through TSA airport security.

Hacks to turn your wireless IP surveillance cameras against you

posted onApril 15, 2013
by l33tdawg

L33tdawg: Presentation slides from Sergey and Artem's #HITB2013AMS presentation is here.

Sergey Shekyan and Artem Harutyunyan, researchers from the security firm Qualys, said the search engine Shodan shows about 100,000 wireless IP cameras that have "little or no emphasis on security." At the recent Hack in the Box security conference in Amsterdam, the researchers presented,

The Evolution of Exploit Sophistication

posted onApril 5, 2013
by l33tdawg

When we look at the exploits that Adobe patched from February and March of this year, it is clear that today’s zero-day exploits are increasingly more sophisticated. This increase in sophistication is not limited to the skills needed to find and exploit the vulnerability. The code used to exploit the environment is also more robust in terms of code quality and testing. In short, exploit creation today requires the same level of rigor as professional software engineering projects.