Conference:  Defcon 31

Authors: Harley Geiger Counsel, Venable LLP, Hannah Zhao Staff Attorney with the Electronic Frontier Foundation, Charley Snyder Head of Security Policy, Google, Kurt Opsahl Associate General Counsel for Cybersecurity and Civil Liberties Policy, Filecoin Foundation., Miles McCain Stanford University

2023-08-01

The hacker community has long conducted important security research that skates the edge of legality. This has led to charges and lawsuits, bogus and serious alike, against hackers. In this panel, we’ll hear from a hacker that faced legal challenges, we’ll describe what legal counseling for hackers looks like in practice, and we’ll discuss a new resource for the hacker community: the Security Research Legal Defense Fund. Legal issues can arise for good faith hackers because computer or software owners want to prevent security research or vulnerability disclosure. Security researchers have rights and defenses against legal claims, but don’t always have access to representation or resources to defend themselves. EFF provides free legal counseling, ideally in advance of security researchers conducting their work so they can steer clear of problematic activity or at least mitigate the risk of legal threats. In litigation, EFF tries to find cases that will advance legal rights for the entire community, but many individuals will need representation even when their particular cases will not have a broader impact. In those cases, EFF endeavors to refer people to cooperating counsel, which can be difficult if funds are not available. What is it like, as a hacker, to face legal threats? What are the common ways hackers encounter legal threats? When that happens, what should hackers do? What is it really like to provide legal representation to hackers? Are there areas of the world with greater or lesser access to legal rights and representation? What resources can hackers leverage to protect themselves, their rights, and others in the community? Join us and find out!

Conference:  Black Hat Asia 2023

Authors: Rohan Aggarwal

2023-05-11

With the increasing popularity of games having a competitive element, cheats have become a common method for hackers to gain an advantage. These cheats could range from a sniper bullet that felt just a little too accurate to a player teleporting across the map, and chances are that you must have been outsmarted by some sort of cheat code. Some of the most common methods include Aimbot, Wallhack, SpeedHack, DropHack, etc.Game developers like Fortnite, PUBG, and Apex Legends constantly face pressure to prevent hackers from cheating. The result? Probably spending millions of dollars on Security and Anti-cheats, but are still being outsmarted by hackers.Due to the limited supply of skilled hackers and a huge demand, Game Cheat development has grown to be now a multi-million-dollar industry. It's very challenging for hackers to keep coming up with new bypasses as Anti-Cheats are improving daily and are extremely invasive, making it harder for cheats to stay undetected.In this talk, we will share the current state of Cheats and Anti Cheat mechanisms. This talk is an outcome of our research that lasted several months, analyzing various anti-cheat leaders in the markets and us discovering multiple bypassing techniques. The talk will also dive deep into the history of anti-cheats, how they actually work, and several techniques hackers are using to bypass them.During our research, we also developed a kernel-mode and External Hardware cheat for some top twitch streaming games and will be showcasing it. The session will end with the release of a basic External Hardware cheat that can be used as a learning resource for bypassing different anti-cheats in the market.The adage, 'cheaters never win' may be moralistic but cheaters very often win in competitive games, join us to see how hackers have been hacking against anti-cheat mechanisms.

Conference:  KubeCon + CloudNativeCon Europe 2023

Authors: Carlos Panato, Hendrik Brueckner, Melissa Kilby, Jason Dellaluce, Luca Guerra

2023-04-19

The presentation discusses the use of Falco, a behavioral tool for cybersecurity, and provides tips for improving its effectiveness and addressing false positives. It also addresses the possibility of updating the ruleset to catch new vulnerabilities and the use of user space drivers for data collection.

• Falco is a behavioral tool for cybersecurity that detects actions that happen
• Tips for improving Falco's effectiveness include being clear about what's important for the organization, tuning detection based on parent process lineages, and excluding values from fields in the check
• The default Falco ruleset doesn't get updated for every new CVE, but it is possible to write rules to catch new vulnerabilities
• User space drivers for data collection are possible but not currently in the roadmap for Falco maintainers
• Collaboration with the community is encouraged for developing new projects