logo

2018-08-04 ~ 2018-08-09

Presentations (with video): 118 (114)

Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days of technical Trainings (August 4 – 7) followed by the two-day main conference (August 8 – 9) featuring Briefings, Arsenal, Business Hall, and more.

Sort by:  

Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

The importance of using paper and conducting post-election audits in ensuring the credibility of elections, particularly in the United States.
  • Article 21.3 of the Declaration for Human Rights states that a genuine and credible election is a human right
  • Technology increases the attack surface of voting systems, making them vulnerable to cyber attacks and alleged cyber attacks
  • Post-election audits using paper ballots are a good means of generating trust and confidence in the election result
  • Risk limiting audits, pioneered by Philip Stark, require a secure paper trail and a random sample of ballots to be drawn in order to gain confidence in the election result
  • Only the state of Colorado has implemented risk limiting audits, while some states still use machines without paper evidence
  • Voter-verified paper evidence is crucial in ensuring the accuracy and integrity of the election result
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

The presentation discusses the vulnerabilities of ATM machines and the different types of physical and logical attacks that can be used to exploit them. It also explores the different interfaces used to connect dispensers to PCs and the potential security risks associated with them.
  • ATM machines are vulnerable to physical and logical attacks
  • Physical attacks include brute force attacks and resonant attacks
  • Logical attacks include malware attacks and black box attacks
  • Different interfaces are used to connect dispensers to PCs, including RS-232, SDC bus, and USB
  • USB is the most common and complex interface, with a lot of abstractions and the need for a hardware sniffer to see data at a low level
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

Meltdown is a CPU vulnerability that breaks memory isolation and allows any program to access system memory, including secrets of other programs and the operating system. The talk discusses the basics, details, consequences, and countermeasures of Meltdown.
  • Meltdown breaks memory isolation and allows any program to access system memory
  • The talk discusses the basics of microarchitectural side effects and out-of-order execution on modern processors
  • The talk presents a behind-the-scenes timeline of the research on Meltdown and how it allowed reading arbitrary kernel-memory locations including personal data and passwords
  • The talk shows how Meltdown is mitigated in software using the KAISER defense mechanism
  • The talk discusses the situation around the patches, Meltdown variants, yet undisclosed attacks, and further proposed mitigations
  • The talk concludes with the need to find a trade-off between security and performance for new designs
  • A proof of concept implementation of Meltdown is published on GitHub
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

The presentation discusses the exploitability of the common truncation vulnerability in SSO systems, with a focus on the identity provider (IDP) and its configurations.
  • GitLab's vulnerability to the common truncation vulnerability is used as a case study for exploitation
  • The IDP's features and configurations greatly influence exploitability
  • Two-factor authentication may not completely eliminate the vulnerability
  • Self-registration and mutable identities increase the impact of the vulnerability
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

The presentation discusses the process of impersonating a target's voice using machine learning and the broader context of machine learning for offense in cybersecurity.
  • Impersonating a target's voice requires scraping data from a publicly available source, selecting high-quality samples, transcribing and chunking the audio, and using data augmentation techniques such as shifting pitch.
  • The quality and quantity of data are important, but scraping data from a public source limits the amount of high-quality data available.
  • Data augmentation techniques can multiply the training data set and reduce the amount of manual transcription required, but can also introduce potential overfitting.
  • The presentation also discusses the broader context of machine learning for offense in cybersecurity, including adversarial attacks, poisoning the well, and attacks using machine learning systems.
  • An anecdote is given about the potential security implications of adversarial attacks on self-driving systems.
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

The challenges of detecting malicious behavior in a cloud environment and the importance of understanding the shared responsibility model and API layer.
  • Cloud environments have highly dynamic inventory and heavy focus on automation, which can amplify human error.
  • Traditional approaches to detecting malicious behavior don't work in a cloud native environment.
  • The shared responsibility model includes a missing layer at the API level.
  • Understanding the API layer is crucial for detecting threats and understanding the responsibility boundary.
  • Cloud providers release services quickly, so it's important to keep up with their offerings.
  • Key takeaways include the importance of taking advantage of cloud provider APIs and exploring learning resources.
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

The presentation discusses the findings of a project that assessed the security of various card readers and vendors. The project found that over half of the readers were affected by vulnerabilities and all vendors were affected by the findings. The presentation recommends that manufacturers implement strong security practices in the development process and that merchants avoid swipe transactions.
  • Over half of the card readers assessed were affected by vulnerabilities
  • All vendors were affected by the findings
  • Manufacturers should implement strong security practices in the development process
  • Merchants should avoid swipe transactions
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

Deception technologies are becoming more effective and widespread in mature organizations, but there are key weaknesses that persistent attackers can exploit. The speaker provides guidelines, tactics, and an open-source tool for red teams to avoid getting trapped during engagements.
  • Deception technologies are a legitimate and effective security layer of defense
  • Deception technologies feature a variety of traps, deceits, and lures distributed across the enterprise's internal environment
  • Adversaries will inevitably adapt to deception technologies
  • There are key weaknesses in deception technologies that persistent attackers can exploit
  • The speaker provides guidelines, tactics, and an open-source tool for red teams to avoid getting trapped during engagements
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

The presentation discusses the security flaws in smart city technology and the potential consequences of these vulnerabilities. It also explores the privacy concerns of smart cities and the future of smart city technology.
  • Smart city technology encompasses a range of different technologies, including industrial systems, urban automation, public safety and emergency management technology, intelligent transportation systems, and metropolitan area networks.
  • There are serious privacy concerns with smart city technology, as citizens may not have the same choices they have in their own private homes.
  • The presentation focuses on newly discovered pre-auth attacks against multiple smart city devices from different categories of smart city technology.
  • The implications of successful attacks on smart city technology could have serious consequences.
  • Implantable medical devices offer lessons for smart city technology vendors, as updating these devices can be difficult once they are implanted.
  • The vendors of the smart city devices responded positively to the disclosure of the vulnerabilities and issued patches to fix them.
  • Testing smart city devices could be expanded as a public service.
  • The future of smart city technology is discussed.
Tags:
Conference:  BlackHat USA 2018
Authors:
2018-08-09

tldr - powered by Generative AI

The presentation discusses the security measures and mitigations implemented in Hyper-V components, including moving more components into user mode and implementing hardware-based security features.
  • Hyper-V components are being moved into user mode for better security posture
  • Mitigations such as hvc and K CFG are being implemented for general hardening
  • Investment in hardware-based security features such as CT is being made
  • VSPs in the worker process provide isolation on a per VM basis
  • Worker process is being further hardened to prevent escalation to kernel level
  • Hyper-V Avanti bounty program offers high rewards for finding vulnerabilities
Tags: