Hacking and auditing LoRaWAN networks
We are going to describe the common security problems we found on LoRaWAN deployments. Also we’re going to provide step by step guidelines on how and what to test on LoRaWan networks indicating what hard&soft to use, and we will be releasing new tools to test the security of LoRaWan networks.
Free rides! SUBE, REDBUS, SATBUS and others.
Have you ever wondered how the MIFARE cards work? In this talk we will show 3 different implementations behind the public transport systems, and how to exploit each one of them in order to travel free on 3 mayor cities of argentina: Buenos Aires, Cordoba and Rio Cuarto.
Harnessing Weapons of Mac Destruction.
Why write your own malware when you can simply repurpose existing specimens!? We’ll illustrate the process of weaponizing existing macOS malware such as ransomware, crypto-miners, & backdoors - for own surreptitious purposes!
Synthetically Breaking macOS.
macOS suffers from a subtle code-signing flaw that allows unprivileged attackers to programmatically interact with the UI. As such, it’s trivial to side-step Apple’s “anti-click” protections to generically bypass many of Mojave’s foundational security mechanisms with a single (synthetic) click!
Internet-Scale analysis of AWS Cognito Security
This talk will show the results of an internet-scale analysis of the security of AWS Cognito configurations. During this research it was possible to identify 2500 identity pools, which were used to gain access to more than 13000 S3 buckets, 1200 DynamoDB tables and 1500 Lambda functions.
Introduction to reverse engineering of radio signals
I’m a guy that wanted to reverse the radio signal of a friggin’ russian satellite from scratch, that built his own antenna with copper tubing and coded his own blind-FEC-identification software. This talk is about what I went through until I finally managed to pwn the satellite signal.
Receta Práctica y Económica de un Implante de Hardware
Esta receta tiene todos los ingredientes para el éxito. Un poco de hardware, una pizca de firmware y ese olorcito a estaño recién soldado. Después de 50 minutos los presentes van a poder cocinar sus propios implantes de hardware.
Trashing like it’s 1999 - Unsolicited forensics on GPS trackers
Hidden in a dark corner, in the bottom shelf of a huge rack full of old industrial cooking equipment and other weird objects, a bucket full of secrets was awaiting to be found. Join me in this journey of discovery, that will make you think: what other scary details are being dumped in the trash?
20 devices in 45 seconds: Automated Bug Hunting in IoT Devices
We cover program analysis for vulnerability discovery, demonstrating how to find new and previously known bugs across 20 IoT devices, and how tooling augments a researcher. Attendees will receive an understanding of challenges in analyzing firmware and of bug class patterns for memory corruption.
Backdooring Hardware Devices by Injecting Malicious Payloads on Microcontrollers
Is targeting microcontrollers worth the effort? This talk explains how microcontrollers can be backdoored to manipulate the hardware internal data and make a re-transmission to a peripheral that we can monitor externally. Likewise, other manipulations of hardware behavior will be shown.
Unveiling the underground world of Anti-Cheats
In a world where billion players spend money in games while playing, it was obvious that a parallel market had to come out of it. We will immerse you in a world where Cheat and Anti-Cheat Developers fight in an endless holy war to see who will be the last standing defending champion.
Arbitrary Code Mitigations and Remote Procedure Code Reuse Attacks
In this talk the goal is to show that, even if attackers are forced to rely exclusively on code reuse techniques such as ROP, they can still develop complex, reusable and maintainable payloads by adopting a scheme based on the RPC model of computation, keeping exploit development costs low.
Pwning Oracle EBS for Real Profit a.k.a. “Show Me The Money”
ERP’s, such as Oracle E-Business Suite, control the bank accounts of the biggest companies in the world, and are responsible for moving millions of dollars a week. Focused on Oracle EBS, we’ll present two critical vulnerabilities, which an attacker could use to steal money without getting noticed.
Modern Secure Boot Attacks: Bypassing Hardware Root of Trust from Software
Many hardware vendors are armoring modern Secure Boot by moving Root of Trust to the hardware. In this presentation, I’ll explain new security issues to bypass a specific implementation of Intel Boot Guard technology in one of the most common enterprise vendors.
The Advanced Threats Evolution: REsearchers Arm Race
This talk will look over the prism of the evolution of advanced threats to evolution or lack of evolution of the tools for forensics and reverse engineering.
The quest to memory safety
Hace más de 20 años fue publicado "Smashing the stack for fun and profit". Desde entonces, se volvió costumbre encontrar y explotar vulnerabilidades en programas.