2020-08-07 ~ 2020-08-09
Presentations (with video): 35 (25)
DEF CON (also written as DEFCON, Defcon or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied, and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat.
Sort by:
Most recent
Conference: Defcon 28
Authors:
2020-08-01
tldr - powered by Generative AI
The speaker discusses their experience in finding vulnerabilities and their current project of creating a tool for reflectively loading assemblies. They also express interest in researching Kubernetes and advise others to focus on niche topics in infosec.
- Speaker emphasizes the importance of looking for niche topics in infosec and going deep until understanding is achieved
- Speaker discusses their experience in finding vulnerabilities and the frustration of getting stuck in code when the solution can be found through a simple Google search
- Speaker talks about their current project of creating a tool for reflectively loading assemblies using Golang and good dev practices
- Speaker expresses interest in researching Kubernetes and exploring potential vulnerabilities
- Speaker advises those interested in infosec to break into it by giving talks, doing research, and looking for abandoned niche topics
Tags:
Conference: Defcon 28
Authors:
2020-08-01
Domain Name System (DNS) is an ubiquitous and essential component of the Internet. It performs translations between identifiers and resources (mostly domain names and computers, but not only), yet remains often invisible to the user. But DNS is not harmless: although not intended to be a general purpose database, it has been extended to incorporate additional types of information. Including information that should not be there.
In this talk we show how to exploit DNSSEC zone walking to perform advanced recon operations, on a real case, namely to obtain client private information from a large European cloud provider. This constitutes the first practical zone walking attack at such a scale.
Using this exploit we collected a substantial amount of private information, enough to share some interesting statistics. By the end of this talk, you will have everything you need to know to perform similar attacks -- and resist them.
Tags:
Conference: Defcon 28
Authors:
2020-08-01
In this panel discussion, the BADASS army team will be talking about the intersection between security and sex, the problem of online exploitation and harassment, and what needs to be done to address these issues. After an introduction to the org and the culture of NOn Consensual Pornography, The panel will be a free form conversation with audience participation, covering a wide variety of topics related to NCP and online sexual abuse.
Tags:
Conference: Defcon 28
Authors:
2020-08-01
To a hacker, making a bug-ridden IoT device directly accessible to the Internet sounds like an insanely bad idea. But what's *truly* insane is that millions of IoT devices are shipping with features that expose them to the Internet the moment they come online, even in the presence of NAT and firewalls. P2P, or “peer-to-peer”, is a convenience feature designed to make the lives of users easier, but has the nasty side effect of making attackers’ lives easier as well.
Come for the story of how supply chain vulnerabilities in modern IP cameras, baby monitors, and even alarm systems are putting millions at risk for eavesdropping and remote compromise. We'll talk about the hoards of IoT devices that exist outside of Shodan's reach and the botnet-like infrastructure they rely on. Learn how to find P2P networks and how to exploit them to jump firewalls, steal camera passwords over the Internet, and correlate devices to physical addresses. We'll demonstrate how to snoop on someone's video simply by using your own camera – and how someone may be snooping on your video, too.
Tags:
Conference: Defcon 28
Authors:
2020-08-01
tldr - powered by Generative AI
The presentation discusses the vulnerabilities and potential attacks on hybrid cloud systems, specifically focusing on Microsoft Cloud and its integration with on-premises infrastructure. The speaker covers topics such as virtualization, compromised domain controllers, cloud administration, and identity access management.
- Hybrid cloud refers to the integration of on-premises infrastructure with cloud services
- Virtualization is a foundational concept of the cloud
- Compromising physical domain controllers can lead to compromising the entire system
- Azure AD Seamless Single Sign-On can be compromised by gaining access to the computer account password
- Azure AD Connect's password hash sync permissions can be exploited to compromise the server and ultimately Active Directory
- Identity access management is important in cloud environments and roles provide different levels of access
- Overscoped roles can provide escalation capability and lead to privilege escalation
Tags:
Conference: Defcon 28
Authors:
2020-08-01
Non-Volatile Memory. EVERY computer has it, from the chip that stores your BIOS to the controller that runs your laptop trackpad and even your new fancy USB-C monitor. These small nooks of storage can be (ab)used by anyone to store data or code without causing any side effects and none would be the wiser. We will show you more than one example of how this is possible and walk through everything you need to know to do it, too.
In this talk, we will describe how to hide persistence in these obscure memory chips using simple tools that we are releasing as open source. We will show multiple ways to accomplish this without detection. On the defensive front, we’ll discuss what can be done to detect and lock down systems.
Tags:
Conference: Defcon 28
Authors:
2020-08-01
Wireless coexistence enables high-performance communication on platforms with a small form factor despite overlapping frequency bands. On-chip coexistence is essential to combine wireless technologies, and manufacturers implement various proprietary solutions. This presentation demonstrates multiple attacks on two coexistence features of Broadcom and Cypress Wi-Fi/Bluetooth combo chips. Various popular devices that were released over a decade are affected, such as the Google Nexus 5 and iPhone 6, but also the newest iPhone 11 and Samsung Galaxy S20.
On the analyzed chips, Wi-Fi and Bluetooth run on separate processing cores, but various information leaks and even code execution become possible through their coexistence interfaces. As these escalations concern an internal chip interface, the operating system cannot prevent them. However, coexistence exploitation widens the possibilities to escalate into drivers and the operating system on top.
Tags:
Conference: Defcon 28
Authors:
2020-08-01
It is certainly a time of discovery- though the truths revealed by the COVID-19 crisis can be bitter and bleak.
At a time when all attention is focused on the ERs and ICUs that make up the battle’s front lines, it is easy
to cast aside old warnings to focus solely on the clinical war. But the need for safety and security only
increases in the face of a pandemic- and healthcare cybersecurity is no different. From testing to ventilators,
every facet of our response to COVID-19 depends on trustworthy and reliable technology.
D0 No H4rm- DEF CON’s continuing conversation on healthcare returns for another up close (but not too close)
and personal dialogue between hackers at the top of their fields- from the halls of the FDA to the cutting
edge of medical devices security research for an all-encompassing look at what we need to focus on in the age
of COVID. Moderated by physician hackers quaddi and r3plicant, this perennially packed event aims to recruit
the talent, ingenuity, and vision of the DEF CON family for the challenges we face both now and after the
immediate crisis passes.
Tags:
Conference: Defcon 28
Authors:
2020-08-01
tldr - powered by Generative AI
The presentation discusses the concept of hidden property abuse (HPA) in Node.js applications and how it can be exploited by attackers to manipulate internal states of the program.
- Node.js is a powerful runtime execution engine used for executing JavaScript outside of browsers and is widely used in web-based applications.
- Object sharing is a common feature in Node.js applications that allows for the communication of complex data structures.
- Hidden property abuse (HPA) is a type of attack vector that leverages object sharing in Node.js to manipulate internal states of the program.
- There are two types of HPA attack vectors: app-specific attribute manipulation and event handler attack.
- HPA can be used to access arbitrary data in the database, leak credential user data, and cause denial of service.
- Developers should be aware of hidden properties and implement proper validation and sanitization techniques to prevent HPA attacks.
Tags:
Conference: Defcon 28
Authors:
2020-08-01
tldr - powered by Generative AI
Efforts to detect and prevent cell site simulator abuse
- Cell site simulators exploit vulnerabilities in 4G networks
- Previous MC catcher detector apps are ineffective
- EFF has developed a new method to detect cell site simulators
- More incentives needed for standards organizations to prioritize user privacy
- Goal is to protect people, broaden community understanding of threats and defenses, expose bad actors, and make better laws and norms
Tags: