While popular during the "bootkit" craze more than a decade ago, boot-time persistence has once again quieted down, thanks in part to the rise of various security technologies that Microsoft and vendors have been pushing out. Read more...
Virtual machines play a crucial role in modern computing. They are often used to isolate multiple customers with instances on the same physical server. Virtual machines are also used by researchers and security practitioners to isolate potentially harmful code for analysis and review. Read more...
Make no mistake, security is about finding and exploiting vulnerabilities, not the ones everyone already knows about. The keen dream of the presenters is to build a machine that eats code on a large scale and outputs accurate information about all the ways in which this program exposes itself to the attacker, fails to be cautious about the input it receives, and leaks information. Read more...
This talk goes beyond describing a particular attack and lets you inside the attacker’s mind when exploiting a “dumb” embedded device. A “dumb” embedded device has a microcontroller which senses and/or controls hardware circuitry, but doesn't have any wireless connectivity. Read more...
On Windows 10 there is a continuous development and adoption of kernel memory corruption mitigations. This has resulted in a race to data-only attack methodologies, mainly by abusing kernel objects. Read more...
QNX is a proprietary, real-time operating system used in many sensitive and critical embedded devices in different industry verticals from networking and automotive equipment to military and industrial control systems. Read more...
For UEFI firmware, the barbarians are at the gate -- and the gate is open. On the one hand, well-intentioned researchers are increasingly active in the UEFI security space; on the other hand, so are attackers. Read more...
Control Flow Integrity (CFI) is a popular topic in the world of exploit mitigations these days. As Microsoft was the first company to ship a platform-wide, and enabled by default CFI solution, we’ve learned a lot of hard but valuable lessons. Read more...
The current state of web security and phishing protection is not state of the art: some might even say this is an understatement. Still, there are continuous efforts to improve the situation. Read more...
Linux has been in active use worldwide both on servers and on client machines, on mobile devices (Android OS) and on various smart devices. A great number of mechanisms that protect against vulnerability exploitation have emerged since the Linux kernel has been created. Read more...
User Mode Code Integrity (UMCI) restricts what executables can be run based on the signer. UMCI was introduced with the ARM based Windows RT in 2012, however ways of bypassing the signing restrictions were quickly discovered. Read more...
This talk is about the journey of how we discovered a remote pre-authentication vulnerability in Cisco ASA firewalls in the AnyConnect service and how we exploited it to achieve remote code execution to obtain a Cisco shell. Read more...
Compilers of interpreter languages were developed in order to speed up execution in the race for web browser performance. Various different compilers and analysis stages are involved to aggressively transform JavaScript code into machine code of the architecture the browser runs on. Read more...
Automated run-time testing has always been the easiest and most efficient approach accounting for the largest share of discovered kernel vulnerabilities. Read more...