�ݺ�ߣshows by User: 44Con

�ݺ�ߣshows by User: 44Con / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: 44Con / Thu, 11 Oct 2018 13:26:55 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: 44Con They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzog - 44CON 2018 /slideshow/theyre-all-scorpions-successful-secops-in-a-hostile-workplace-pete-herzog-44con-2018/119116888 peteherzog-theyreallscorpions-succesfulsecopsinahostileworkplace-181011132655
Your job is to secure operations. But nobody listens to you. There’s no budget. Management keeps making bad security decisions that seem to sabotage your efforts. Do you flee or do you try harder? The security books, blogs, and tweeting pundits out there tell us we need to learn the language of business. We need to put risk in terms of money that management understands. We need to be like the management we’re trying to protect. And that’s where it all falls apart. The security to business relationship is often textbook abusive codependency. You do well and nobody notices. You fail and you get fired or worse- shamed by your peers over social media for whatever the company releases as the statement for the breach. So how do you do SecOps under those conditions? This talk will focus on new ways to approach SecOps to face the challenges you have today with business demands. We will look at new security research that will make a difference for how you do your job. Most of all we will show you technical security practices to help you sustain your new found stance.]]>
Your job is to secure operations. But nobody listens to you. There’s no budget. Management keeps making bad security decisions that seem to sabotage your efforts. Do you flee or do you try harder? The security books, blogs, and tweeting pundits out there tell us we need to learn the language of business. We need to put risk in terms of money that management understands. We need to be like the management we’re trying to protect. And that’s where it all falls apart. The security to business relationship is often textbook abusive codependency. You do well and nobody notices. You fail and you get fired or worse- shamed by your peers over social media for whatever the company releases as the statement for the breach. So how do you do SecOps under those conditions? This talk will focus on new ways to approach SecOps to face the challenges you have today with business demands. We will look at new security research that will make a difference for how you do your job. Most of all we will show you technical security practices to help you sustain your new found stance.]]> Thu, 11 Oct 2018 13:26:55 GMT /slideshow/theyre-all-scorpions-successful-secops-in-a-hostile-workplace-pete-herzog-44con-2018/119116888 44Con@slideshare.net(44Con) They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzog - 44CON 2018 44Con Your job is to secure operations. But nobody listens to you. There’s no budget. Management keeps making bad security decisions that seem to sabotage your efforts. Do you flee or do you try harder? The security books, blogs, and tweeting pundits out there tell us we need to learn the language of business. We need to put risk in terms of money that management understands. We need to be like the management we’re trying to protect. And that’s where it all falls apart. The security to business relationship is often textbook abusive codependency. You do well and nobody notices. You fail and you get fired or worse- shamed by your peers over social media for whatever the company releases as the statement for the breach. So how do you do SecOps under those conditions? This talk will focus on new ways to approach SecOps to face the challenges you have today with business demands. We will look at new security research that will make a difference for how you do your job. Most of all we will show you technical security practices to help you sustain your new found stance. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/peteherzog-theyreallscorpions-succesfulsecopsinahostileworkplace-181011132655-thumbnail.jpg?width=120&height=120&fit=bounds" /> Your job is to secure operations. But nobody listens to you. There’s no budget. Management keeps making bad security decisions that seem to sabotage your efforts. Do you flee or do you try harder? The security books, blogs, and tweeting pundits out there tell us we need to learn the language of business. We need to put risk in terms of money that management understands. We need to be like the management we’re trying to protect. And that’s where it all falls apart. The security to business relationship is often textbook abusive codependency. You do well and nobody notices. You fail and you get fired or worse- shamed by your peers over social media for whatever the company releases as the statement for the breach. So how do you do SecOps under those conditions? This talk will focus on new ways to approach SecOps to face the challenges you have today with business demands. We will look at new security research that will make a difference for how you do your job. Most of all we will show you technical security practices to help you sustain your new found stance.

They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzog - 44CON 2018 from 44CON

]]> 437 6 https://cdn.slidesharecdn.com/ss_thumbnails/peteherzog-theyreallscorpions-succesfulsecopsinahostileworkplace-181011132655-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus Schmeh - 44CON 2018 /slideshow/how-to-explain-postquantum-cryptography-to-a-middle-school-student-klaus-schmeh-44con-2018/119116874 klauseschmeh44con-2018-post-quantum-181011132646
One of the hottest topics in current crypto research is Post-Quantum Cryptography. This branch of cryptography addresses asymmetric crypto systems that are not prone to quantum computers. Virtually all asymmetric crypto systems currently in use (Diffie-Hellman, RSA, DSA, and Elliptic Curve Crypto Systems) are not Post-Quantum. They will be useless, once advanced quantum computers will be available. Quantum computer technology has made considerable progress in recent years, with major organisations, like Google, NSA, and NASA, investing in it. Post-Quantum Cryptography uses advanced mathematical concepts. Even if one knows the basics of current asymmetric cryptography (integer factorisation, discrete logarithms, …), Post-Quantum algorithms are hard to understand. The goal of this presentation is to explain Post-Quantum Cryptography in a way that is comprehensible for non-mathematicians. Five families of crypto systems (as good as all known Post-Quantum algorithms belong to these) will be introduced: Lattice-based systems: The concept of lattice-based asymmetric encryption will be explained with a two-dimensional grid (real-world implementations use 250 dimensions and more). Some lattice-based ciphers (e.g., New Hope) make use of the Learning with Error (LWE) concept. I will demonstrate LWE encryption in a way that is understandable to somebody who knows Gaussian elimination (this is taught at middle school). Other lattice-based systems (especially NTRU) use truncated polynomials, which I will also explain in a simple way. Code-based systems: McEliece and a few other asymmetric ciphers are based on error correction codes. While teaching the whole McEliece algorithm might be too complex for a 44CON presentation, it is certainly possible to explain error correction codes and the main McEliece fundamentals. Non-commutative systems: There are nice ways to explain non-commutative groups and the crypto systems based on these, using everyday-life examples. Especially, twisting a Rubik’s Cube and plaiting a braid are easy-to-understand group operations a crypto system can be built on. Multivariate systems: Multivariate crypto can be explained to somebody who knows Gaussian elimination. Hash-based signatures: If properly explained, Hash-based signatures are easier to understand than any other asymmetric crypto scheme. I will explain these systems with cartoons, drawings, photographs, a Rubik’s Cube and other items. In addition, I will give a short introduction to quantum computers and the current Post-Quantum Crypto Competition (organised by US authority NIST).]]>
One of the hottest topics in current crypto research is Post-Quantum Cryptography. This branch of cryptography addresses asymmetric crypto systems that are not prone to quantum computers. Virtually all asymmetric crypto systems currently in use (Diffie-Hellman, RSA, DSA, and Elliptic Curve Crypto Systems) are not Post-Quantum. They will be useless, once advanced quantum computers will be available. Quantum computer technology has made considerable progress in recent years, with major organisations, like Google, NSA, and NASA, investing in it. Post-Quantum Cryptography uses advanced mathematical concepts. Even if one knows the basics of current asymmetric cryptography (integer factorisation, discrete logarithms, …), Post-Quantum algorithms are hard to understand. The goal of this presentation is to explain Post-Quantum Cryptography in a way that is comprehensible for non-mathematicians. Five families of crypto systems (as good as all known Post-Quantum algorithms belong to these) will be introduced: Lattice-based systems: The concept of lattice-based asymmetric encryption will be explained with a two-dimensional grid (real-world implementations use 250 dimensions and more). Some lattice-based ciphers (e.g., New Hope) make use of the Learning with Error (LWE) concept. I will demonstrate LWE encryption in a way that is understandable to somebody who knows Gaussian elimination (this is taught at middle school). Other lattice-based systems (especially NTRU) use truncated polynomials, which I will also explain in a simple way. Code-based systems: McEliece and a few other asymmetric ciphers are based on error correction codes. While teaching the whole McEliece algorithm might be too complex for a 44CON presentation, it is certainly possible to explain error correction codes and the main McEliece fundamentals. Non-commutative systems: There are nice ways to explain non-commutative groups and the crypto systems based on these, using everyday-life examples. Especially, twisting a Rubik’s Cube and plaiting a braid are easy-to-understand group operations a crypto system can be built on. Multivariate systems: Multivariate crypto can be explained to somebody who knows Gaussian elimination. Hash-based signatures: If properly explained, Hash-based signatures are easier to understand than any other asymmetric crypto scheme. I will explain these systems with cartoons, drawings, photographs, a Rubik’s Cube and other items. In addition, I will give a short introduction to quantum computers and the current Post-Quantum Crypto Competition (organised by US authority NIST).]]> Thu, 11 Oct 2018 13:26:46 GMT /slideshow/how-to-explain-postquantum-cryptography-to-a-middle-school-student-klaus-schmeh-44con-2018/119116874 44Con@slideshare.net(44Con) How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus Schmeh - 44CON 2018 44Con One of the hottest topics in current crypto research is Post-Quantum Cryptography. This branch of cryptography addresses asymmetric crypto systems that are not prone to quantum computers. Virtually all asymmetric crypto systems currently in use (Diffie-Hellman, RSA, DSA, and Elliptic Curve Crypto Systems) are not Post-Quantum. They will be useless, once advanced quantum computers will be available. Quantum computer technology has made considerable progress in recent years, with major organisations, like Google, NSA, and NASA, investing in it. Post-Quantum Cryptography uses advanced mathematical concepts. Even if one knows the basics of current asymmetric cryptography (integer factorisation, discrete logarithms, …), Post-Quantum algorithms are hard to understand. The goal of this presentation is to explain Post-Quantum Cryptography in a way that is comprehensible for non-mathematicians. Five families of crypto systems (as good as all known Post-Quantum algorithms belong to these) will be introduced: Lattice-based systems: The concept of lattice-based asymmetric encryption will be explained with a two-dimensional grid (real-world implementations use 250 dimensions and more). Some lattice-based ciphers (e.g., New Hope) make use of the Learning with Error (LWE) concept. I will demonstrate LWE encryption in a way that is understandable to somebody who knows Gaussian elimination (this is taught at middle school). Other lattice-based systems (especially NTRU) use truncated polynomials, which I will also explain in a simple way. Code-based systems: McEliece and a few other asymmetric ciphers are based on error correction codes. While teaching the whole McEliece algorithm might be too complex for a 44CON presentation, it is certainly possible to explain error correction codes and the main McEliece fundamentals. Non-commutative systems: There are nice ways to explain non-commutative groups and the crypto systems based on these, using everyday-life examples. Especially, twisting a Rubik’s Cube and plaiting a braid are easy-to-understand group operations a crypto system can be built on. Multivariate systems: Multivariate crypto can be explained to somebody who knows Gaussian elimination. Hash-based signatures: If properly explained, Hash-based signatures are easier to understand than any other asymmetric crypto scheme. I will explain these systems with cartoons, drawings, photographs, a Rubik’s Cube and other items. In addition, I will give a short introduction to quantum computers and the current Post-Quantum Crypto Competition (organised by US authority NIST). <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/klauseschmeh44con-2018-post-quantum-181011132646-thumbnail.jpg?width=120&height=120&fit=bounds" /> One of the hottest topics in current crypto research is Post-Quantum Cryptography. This branch of cryptography addresses asymmetric crypto systems that are not prone to quantum computers. Virtually all asymmetric crypto systems currently in use (Diffie-Hellman, RSA, DSA, and Elliptic Curve Crypto Systems) are not Post-Quantum. They will be useless, once advanced quantum computers will be available. Quantum computer technology has made considerable progress in recent years, with major organisations, like Google, NSA, and NASA, investing in it. Post-Quantum Cryptography uses advanced mathematical concepts. Even if one knows the basics of current asymmetric cryptography (integer factorisation, discrete logarithms, …), Post-Quantum algorithms are hard to understand. The goal of this presentation is to explain Post-Quantum Cryptography in a way that is comprehensible for non-mathematicians. Five families of crypto systems (as good as all known Post-Quantum algorithms belong to these) will be introduced: Lattice-based systems: The concept of lattice-based asymmetric encryption will be explained with a two-dimensional grid (real-world implementations use 250 dimensions and more). Some lattice-based ciphers (e.g., New Hope) make use of the Learning with Error (LWE) concept. I will demonstrate LWE encryption in a way that is understandable to somebody who knows Gaussian elimination (this is taught at middle school). Other lattice-based systems (especially NTRU) use truncated polynomials, which I will also explain in a simple way. Code-based systems: McEliece and a few other asymmetric ciphers are based on error correction codes. While teaching the whole McEliece algorithm might be too complex for a 44CON presentation, it is certainly possible to explain error correction codes and the main McEliece fundamentals. Non-commutative systems: There are nice ways to explain non-commutative groups and the crypto systems based on these, using everyday-life examples. Especially, twisting a Rubik’s Cube and plaiting a braid are easy-to-understand group operations a crypto system can be built on. Multivariate systems: Multivariate crypto can be explained to somebody who knows Gaussian elimination. Hash-based signatures: If properly explained, Hash-based signatures are easier to understand than any other asymmetric crypto scheme. I will explain these systems with cartoons, drawings, photographs, a Rubik’s Cube and other items. In addition, I will give a short introduction to quantum computers and the current Post-Quantum Crypto Competition (organised by US authority NIST).

How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus Schmeh - 44CON 2018 from 44CON

]]> 485 5 https://cdn.slidesharecdn.com/ss_thumbnails/klauseschmeh44con-2018-post-quantum-181011132646-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CON 2018 /slideshow/using-smartnics-to-provide-better-data-center-security-jack-matheson-44con-2018/119116864 jamesmathesonsmartnicsareawesome-181011132641
Data Center security has been forced to reinvent itself as software complexity increases, networking capabilities grow more agile, and attack complexity turns unmanageable. With this change, the need for security policy enforcement to be handled at the edge has pushed functionality onto host compute systems, resulting in inherent performance loss and security weakness due to consolidation of resources. In the first part of the talk we will be presenting a SmartNIC-based model for data-center security that solves both the performance problem and the security problems of edge-centric policy models. The model features a more robust isolation of responsibilities, superior offload capabilities, significantly better scaling of policy, and unique visibility opportunities. To illustrate this, we present a SmartNIC-based reference architecture for network layout, as well as examples of SmartNIC security controls and their resulting threat models. The second part of the talk will unveil a new innovative technique for tamper proof host introspection as SmartNICs are in a unique position to analyze and inspect the memory of the host to which they are attached. Normally, this functionality is reserved for a hypervisor, where it is known as ‘guest introspection’ or ‘virtual-machine introspection’. With host introspection, security controls no longer live in the hypervisor, but on the SmartNIC itself, on a separate trust domain. In this way, the visibility normally achieved with guest introspection can be performed for the entire host memory in an isolated and secure area. In order for host introspection to work in the same way as guest introspection, memory is DMA transferred in bursts over the PCI-e bus that attaches the SmartNIC to the host. As this method can be subverted to hide unwanted software, we will demonstrate a novel approach to tamper proof the acquisition of memory and for performing live introspection. Host introspection complements the network controls implemented using the SmartNIC by enabling the measurement of the integrity and the behavior of workloads (virtual machines, containers, bare metal servers) to identify possible indicators of compromise. The visibility and context gained also enhances the granularity of network controls, resulting in measurably better security for the data center compared to traditional software-only based controls.]]>
Data Center security has been forced to reinvent itself as software complexity increases, networking capabilities grow more agile, and attack complexity turns unmanageable. With this change, the need for security policy enforcement to be handled at the edge has pushed functionality onto host compute systems, resulting in inherent performance loss and security weakness due to consolidation of resources. In the first part of the talk we will be presenting a SmartNIC-based model for data-center security that solves both the performance problem and the security problems of edge-centric policy models. The model features a more robust isolation of responsibilities, superior offload capabilities, significantly better scaling of policy, and unique visibility opportunities. To illustrate this, we present a SmartNIC-based reference architecture for network layout, as well as examples of SmartNIC security controls and their resulting threat models. The second part of the talk will unveil a new innovative technique for tamper proof host introspection as SmartNICs are in a unique position to analyze and inspect the memory of the host to which they are attached. Normally, this functionality is reserved for a hypervisor, where it is known as ‘guest introspection’ or ‘virtual-machine introspection’. With host introspection, security controls no longer live in the hypervisor, but on the SmartNIC itself, on a separate trust domain. In this way, the visibility normally achieved with guest introspection can be performed for the entire host memory in an isolated and secure area. In order for host introspection to work in the same way as guest introspection, memory is DMA transferred in bursts over the PCI-e bus that attaches the SmartNIC to the host. As this method can be subverted to hide unwanted software, we will demonstrate a novel approach to tamper proof the acquisition of memory and for performing live introspection. Host introspection complements the network controls implemented using the SmartNIC by enabling the measurement of the integrity and the behavior of workloads (virtual machines, containers, bare metal servers) to identify possible indicators of compromise. The visibility and context gained also enhances the granularity of network controls, resulting in measurably better security for the data center compared to traditional software-only based controls.]]> Thu, 11 Oct 2018 13:26:41 GMT /slideshow/using-smartnics-to-provide-better-data-center-security-jack-matheson-44con-2018/119116864 44Con@slideshare.net(44Con) Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CON 2018 44Con Data Center security has been forced to reinvent itself as software complexity increases, networking capabilities grow more agile, and attack complexity turns unmanageable. With this change, the need for security policy enforcement to be handled at the edge has pushed functionality onto host compute systems, resulting in inherent performance loss and security weakness due to consolidation of resources. In the first part of the talk we will be presenting a SmartNIC-based model for data-center security that solves both the performance problem and the security problems of edge-centric policy models. The model features a more robust isolation of responsibilities, superior offload capabilities, significantly better scaling of policy, and unique visibility opportunities. To illustrate this, we present a SmartNIC-based reference architecture for network layout, as well as examples of SmartNIC security controls and their resulting threat models. The second part of the talk will unveil a new innovative technique for tamper proof host introspection as SmartNICs are in a unique position to analyze and inspect the memory of the host to which they are attached. Normally, this functionality is reserved for a hypervisor, where it is known as ‘guest introspection’ or ‘virtual-machine introspection’. With host introspection, security controls no longer live in the hypervisor, but on the SmartNIC itself, on a separate trust domain. In this way, the visibility normally achieved with guest introspection can be performed for the entire host memory in an isolated and secure area. In order for host introspection to work in the same way as guest introspection, memory is DMA transferred in bursts over the PCI-e bus that attaches the SmartNIC to the host. As this method can be subverted to hide unwanted software, we will demonstrate a novel approach to tamper proof the acquisition of memory and for performing live introspection. Host introspection complements the network controls implemented using the SmartNIC by enabling the measurement of the integrity and the behavior of workloads (virtual machines, containers, bare metal servers) to identify possible indicators of compromise. The visibility and context gained also enhances the granularity of network controls, resulting in measurably better security for the data center compared to traditional software-only based controls. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/jamesmathesonsmartnicsareawesome-181011132641-thumbnail.jpg?width=120&height=120&fit=bounds" /> Data Center security has been forced to reinvent itself as software complexity increases, networking capabilities grow more agile, and attack complexity turns unmanageable. With this change, the need for security policy enforcement to be handled at the edge has pushed functionality onto host compute systems, resulting in inherent performance loss and security weakness due to consolidation of resources. In the first part of the talk we will be presenting a SmartNIC-based model for data-center security that solves both the performance problem and the security problems of edge-centric policy models. The model features a more robust isolation of responsibilities, superior offload capabilities, significantly better scaling of policy, and unique visibility opportunities. To illustrate this, we present a SmartNIC-based reference architecture for network layout, as well as examples of SmartNIC security controls and their resulting threat models. The second part of the talk will unveil a new innovative technique for tamper proof host introspection as SmartNICs are in a unique position to analyze and inspect the memory of the host to which they are attached. Normally, this functionality is reserved for a hypervisor, where it is known as ‘guest introspection’ or ‘virtual-machine introspection’. With host introspection, security controls no longer live in the hypervisor, but on the SmartNIC itself, on a separate trust domain. In this way, the visibility normally achieved with guest introspection can be performed for the entire host memory in an isolated and secure area. In order for host introspection to work in the same way as guest introspection, memory is DMA transferred in bursts over the PCI-e bus that attaches the SmartNIC to the host. As this method can be subverted to hide unwanted software, we will demonstrate a novel approach to tamper proof the acquisition of memory and for performing live introspection. Host introspection complements the network controls implemented using the SmartNIC by enabling the measurement of the integrity and the behavior of workloads (virtual machines, containers, bare metal servers) to identify possible indicators of compromise. The visibility and context gained also enhances the granularity of network controls, resulting in measurably better security for the data center compared to traditional software-only based controls.

Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CON 2018 from 44CON

]]> 425 4 https://cdn.slidesharecdn.com/ss_thumbnails/jamesmathesonsmartnicsareawesome-181011132641-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else - Guy Barnhart-Magen & Ezra Caltum - 44CON 2018 /slideshow/jarvis-never-saw-it-coming-hacking-machine-learning-ml-in-speech-text-and-face-recognition-and-frankly-everywhere-else-guy-barnhartmagen-ezra-caltum-44con-2018/119116812 guybarnhart-magenandezracaltum-jarvisneversawitcoming-181011132612
Exploits, Backdoors, and Hacks: words we do not commonly hear when speaking of Machine Learning (ML). In this talk, I will present the relatively new field of hacking and manipulate machine learning systems and the potential these techniques pose for active offensive research. The study of Adversarial ML allows us to leverage the techniques used by these algorithms to find weak points and exploit them in order to achieve: Unexpected consequences (why did it decide this rifle is a banana?) Data leakage (how did they know Joe has diabetes) Memory corruption and other exploitation techniques (boom! RCE) Influence the output In other words, while ML is great at identifying and classifying patterns, an attacker can take advantage of this and take control of the system. This talk is an extension of research made by many people, including presenters at DefCon, CCC, and others – a live demo will be shown on stage! Garbage In, RCE Out :)]]>
Exploits, Backdoors, and Hacks: words we do not commonly hear when speaking of Machine Learning (ML). In this talk, I will present the relatively new field of hacking and manipulate machine learning systems and the potential these techniques pose for active offensive research. The study of Adversarial ML allows us to leverage the techniques used by these algorithms to find weak points and exploit them in order to achieve: Unexpected consequences (why did it decide this rifle is a banana?) Data leakage (how did they know Joe has diabetes) Memory corruption and other exploitation techniques (boom! RCE) Influence the output In other words, while ML is great at identifying and classifying patterns, an attacker can take advantage of this and take control of the system. This talk is an extension of research made by many people, including presenters at DefCon, CCC, and others – a live demo will be shown on stage! Garbage In, RCE Out :)]]> Thu, 11 Oct 2018 13:26:12 GMT /slideshow/jarvis-never-saw-it-coming-hacking-machine-learning-ml-in-speech-text-and-face-recognition-and-frankly-everywhere-else-guy-barnhartmagen-ezra-caltum-44con-2018/119116812 44Con@slideshare.net(44Con) JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else - Guy Barnhart-Magen & Ezra Caltum - 44CON 2018 44Con Exploits, Backdoors, and Hacks: words we do not commonly hear when speaking of Machine Learning (ML). In this talk, I will present the relatively new field of hacking and manipulate machine learning systems and the potential these techniques pose for active offensive research. The study of Adversarial ML allows us to leverage the techniques used by these algorithms to find weak points and exploit them in order to achieve: Unexpected consequences (why did it decide this rifle is a banana?) Data leakage (how did they know Joe has diabetes) Memory corruption and other exploitation techniques (boom! RCE) Influence the output In other words, while ML is great at identifying and classifying patterns, an attacker can take advantage of this and take control of the system. This talk is an extension of research made by many people, including presenters at DefCon, CCC, and others – a live demo will be shown on stage! Garbage In, RCE Out :) <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/guybarnhart-magenandezracaltum-jarvisneversawitcoming-181011132612-thumbnail.jpg?width=120&height=120&fit=bounds" /> Exploits, Backdoors, and Hacks: words we do not commonly hear when speaking of Machine Learning (ML). In this talk, I will present the relatively new field of hacking and manipulate machine learning systems and the potential these techniques pose for active offensive research. The study of Adversarial ML allows us to leverage the techniques used by these algorithms to find weak points and exploit them in order to achieve: Unexpected consequences (why did it decide this rifle is a banana?) Data leakage (how did they know Joe has diabetes) Memory corruption and other exploitation techniques (boom! RCE) Influence the output In other words, while ML is great at identifying and classifying patterns, an attacker can take advantage of this and take control of the system. This talk is an extension of research made by many people, including presenters at DefCon, CCC, and others – a live demo will be shown on stage! Garbage In, RCE Out :)

JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else - Guy Barnhart-Magen & Ezra Caltum - 44CON 2018 from 44CON

]]> 252 4 https://cdn.slidesharecdn.com/ss_thumbnails/guybarnhart-magenandezracaltum-jarvisneversawitcoming-181011132612-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON 2018 /44Con/reverse-engineering-and-bug-hunting-on-kmdf-drivers-enrique-nissim-44con-2018 enriquenissimreverseengineeringandbughuntingonkmdfdrivers-181011132611
Numerous technical articles, presentations, and even books exists about reverse engineering the Windows Driver Model (WDM) for purposes that vary from simply understanding how a specific driver works, to malware analysis and bug hunting. On the other hand, Microsoft has been providing the Kernel Mode Driver Framework (KMDF) for quite a while and we now see more and more drivers shifting to this framework instead of interacting directly with the OS like in the old WDM times. Yet, there is close to no information on how to approach this model from a reverse engineering and offensive standpoint. In this presentation, I will first do a quick recap on WDM drivers, its common structures, and how to identify its entry points. Then I’ll introduce KMDF with all its relevant functions for reverse engineering through a set of case-studies. I’ll describe how to interact with a KMDF device object through SetupDI api and how to find and analyze the different IO queues dispatch routines. Does the framework actually enhances security? We’ll come to a conclusion after revealing some major vendor implementation problems. Armed with this knowledge, you will be able to run your own bug hunting session over any KMDF driver.]]>
Numerous technical articles, presentations, and even books exists about reverse engineering the Windows Driver Model (WDM) for purposes that vary from simply understanding how a specific driver works, to malware analysis and bug hunting. On the other hand, Microsoft has been providing the Kernel Mode Driver Framework (KMDF) for quite a while and we now see more and more drivers shifting to this framework instead of interacting directly with the OS like in the old WDM times. Yet, there is close to no information on how to approach this model from a reverse engineering and offensive standpoint. In this presentation, I will first do a quick recap on WDM drivers, its common structures, and how to identify its entry points. Then I’ll introduce KMDF with all its relevant functions for reverse engineering through a set of case-studies. I’ll describe how to interact with a KMDF device object through SetupDI api and how to find and analyze the different IO queues dispatch routines. Does the framework actually enhances security? We’ll come to a conclusion after revealing some major vendor implementation problems. Armed with this knowledge, you will be able to run your own bug hunting session over any KMDF driver.]]> Thu, 11 Oct 2018 13:26:11 GMT /44Con/reverse-engineering-and-bug-hunting-on-kmdf-drivers-enrique-nissim-44con-2018 44Con@slideshare.net(44Con) Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON 2018 44Con Numerous technical articles, presentations, and even books exists about reverse engineering the Windows Driver Model (WDM) for purposes that vary from simply understanding how a specific driver works, to malware analysis and bug hunting. On the other hand, Microsoft has been providing the Kernel Mode Driver Framework (KMDF) for quite a while and we now see more and more drivers shifting to this framework instead of interacting directly with the OS like in the old WDM times. Yet, there is close to no information on how to approach this model from a reverse engineering and offensive standpoint. In this presentation, I will first do a quick recap on WDM drivers, its common structures, and how to identify its entry points. Then I’ll introduce KMDF with all its relevant functions for reverse engineering through a set of case-studies. I’ll describe how to interact with a KMDF device object through SetupDI api and how to find and analyze the different IO queues dispatch routines. Does the framework actually enhances security? We’ll come to a conclusion after revealing some major vendor implementation problems. Armed with this knowledge, you will be able to run your own bug hunting session over any KMDF driver. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/enriquenissimreverseengineeringandbughuntingonkmdfdrivers-181011132611-thumbnail.jpg?width=120&height=120&fit=bounds" /> Numerous technical articles, presentations, and even books exists about reverse engineering the Windows Driver Model (WDM) for purposes that vary from simply understanding how a specific driver works, to malware analysis and bug hunting. On the other hand, Microsoft has been providing the Kernel Mode Driver Framework (KMDF) for quite a while and we now see more and more drivers shifting to this framework instead of interacting directly with the OS like in the old WDM times. Yet, there is close to no information on how to approach this model from a reverse engineering and offensive standpoint. In this presentation, I will first do a quick recap on WDM drivers, its common structures, and how to identify its entry points. Then I’ll introduce KMDF with all its relevant functions for reverse engineering through a set of case-studies. I’ll describe how to interact with a KMDF device object through SetupDI api and how to find and analyze the different IO queues dispatch routines. Does the framework actually enhances security? We’ll come to a conclusion after revealing some major vendor implementation problems. Armed with this knowledge, you will be able to run your own bug hunting session over any KMDF driver.

Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON 2018 from 44CON

]]> 497 3 https://cdn.slidesharecdn.com/ss_thumbnails/enriquenissimreverseengineeringandbughuntingonkmdfdrivers-181011132611-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 The UK's Code of Practice for Security in Consumer IoT Products and Services - David Rogers - 44CON 2018 /slideshow/the-uks-code-of-practice-for-security-in-consumer-iot-products-and-services-david-rogers-44con-2018/119116808 davidrogerscodeofpracticeforiotsecurity-davidrogers16x9-181011132610
In March 2018, the UK launched its Secure by Design report in order to help defend against security threats, especially for consumer Internet of Things products and services. Over the past few years, poorly secured IoT devices have been hijacked in both targeted as well as large-scale DDoS attacks such as Mirai. In addition to this, poor security can threaten both privacy and safety. The speaker, David Rogers authored the UK’s ‘Code of Practice for Security in Consumer IoT Products and Associated Services’, in collaboration with DCMS, NCSC, ICO and industry colleagues with extensive support from the security research community. David will discuss the guidelines within the Code of Practice, why these were prioritised and why the top three became dealing with the password problem, implementing vulnerability disclosure and acting on it and addressing software updates. David will also look at what’s next: what will the challenges be and will the Code of Practice succeed in its aims? How can IoT products possibly be certified and how will the threat landscape change in response to improving security?]]>
In March 2018, the UK launched its Secure by Design report in order to help defend against security threats, especially for consumer Internet of Things products and services. Over the past few years, poorly secured IoT devices have been hijacked in both targeted as well as large-scale DDoS attacks such as Mirai. In addition to this, poor security can threaten both privacy and safety. The speaker, David Rogers authored the UK’s ‘Code of Practice for Security in Consumer IoT Products and Associated Services’, in collaboration with DCMS, NCSC, ICO and industry colleagues with extensive support from the security research community. David will discuss the guidelines within the Code of Practice, why these were prioritised and why the top three became dealing with the password problem, implementing vulnerability disclosure and acting on it and addressing software updates. David will also look at what’s next: what will the challenges be and will the Code of Practice succeed in its aims? How can IoT products possibly be certified and how will the threat landscape change in response to improving security?]]> Thu, 11 Oct 2018 13:26:10 GMT /slideshow/the-uks-code-of-practice-for-security-in-consumer-iot-products-and-services-david-rogers-44con-2018/119116808 44Con@slideshare.net(44Con) The UK's Code of Practice for Security in Consumer IoT Products and Services - David Rogers - 44CON 2018 44Con In March 2018, the UK launched its Secure by Design report in order to help defend against security threats, especially for consumer Internet of Things products and services. Over the past few years, poorly secured IoT devices have been hijacked in both targeted as well as large-scale DDoS attacks such as Mirai. In addition to this, poor security can threaten both privacy and safety. The speaker, David Rogers authored the UK’s ‘Code of Practice for Security in Consumer IoT Products and Associated Services’, in collaboration with DCMS, NCSC, ICO and industry colleagues with extensive support from the security research community. David will discuss the guidelines within the Code of Practice, why these were prioritised and why the top three became dealing with the password problem, implementing vulnerability disclosure and acting on it and addressing software updates. David will also look at what’s next: what will the challenges be and will the Code of Practice succeed in its aims? How can IoT products possibly be certified and how will the threat landscape change in response to improving security? <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/davidrogerscodeofpracticeforiotsecurity-davidrogers16x9-181011132610-thumbnail.jpg?width=120&height=120&fit=bounds" /> In March 2018, the UK launched its Secure by Design report in order to help defend against security threats, especially for consumer Internet of Things products and services. Over the past few years, poorly secured IoT devices have been hijacked in both targeted as well as large-scale DDoS attacks such as Mirai. In addition to this, poor security can threaten both privacy and safety. The speaker, David Rogers authored the UK’s ‘Code of Practice for Security in Consumer IoT Products and Associated Services’, in collaboration with DCMS, NCSC, ICO and industry colleagues with extensive support from the security research community. David will discuss the guidelines within the Code of Practice, why these were prioritised and why the top three became dealing with the password problem, implementing vulnerability disclosure and acting on it and addressing software updates. David will also look at what’s next: what will the challenges be and will the Code of Practice succeed in its aims? How can IoT products possibly be certified and how will the threat landscape change in response to improving security?

The UK's Code of Practice for Security in Consumer IoT Products and Services - David Rogers - 44CON 2018 from 44CON

]]> 263 2 https://cdn.slidesharecdn.com/ss_thumbnails/davidrogerscodeofpracticeforiotsecurity-davidrogers16x9-181011132610-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Weak analogies make poor realities – are we sitting on a Security Debt Crisis? - Charl Van Der Walt - 44CON 2018 /slideshow/weak-analogies-make-poor-realities-are-we-sitting-on-a-security-debt-crisis-charl-van-der-walt-44con-2018/119116805 charlvanderwalt-weakanalogiesmakepoorrealities-181011132609
Cyber Security is often framed in terms of ‘Risk’- the possibility of suffering harm or loss – and the ‘Management’ of Risk to reduce uncertainty. This is familiar territory for businesses. Cyber Security falls in neatly under Risk Management, is assigned a suitable place on the organigramme, tossed some spare budget and granted a few paragraphs in the board report. NIST defines Risk as a ‘function of the likelihood of a given threat-source’s exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organisation’. Key theme: This presentation explores the idea that making cyber security analogous to risk is holding us back. How about we talk about security ‘debt’ instead? Technical Debt is already a well understood concept in software development – the cost of additional rework caused by choosing an easy solution now instead of using a better approach that would take longer or cost more. Changing our language changes how we think and how we behave. This presentation argues that such a change could have a significant impact on software security. In this presentation we will comment on the power of ‘analogies’ and how they’ve shaped our industry. We’ll then consider the difference between the ‘security as risk’ and the ‘security as debt’ paradigms and explore how changing paradigms may change the way we think about, talk about and measure software security. We believe this could have a very empowering effect on development managers and other security professionals who are struggling to articulate the relative benefits of security (or a lack of security) to a software product.]]>
Cyber Security is often framed in terms of ‘Risk’- the possibility of suffering harm or loss – and the ‘Management’ of Risk to reduce uncertainty. This is familiar territory for businesses. Cyber Security falls in neatly under Risk Management, is assigned a suitable place on the organigramme, tossed some spare budget and granted a few paragraphs in the board report. NIST defines Risk as a ‘function of the likelihood of a given threat-source’s exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organisation’. Key theme: This presentation explores the idea that making cyber security analogous to risk is holding us back. How about we talk about security ‘debt’ instead? Technical Debt is already a well understood concept in software development – the cost of additional rework caused by choosing an easy solution now instead of using a better approach that would take longer or cost more. Changing our language changes how we think and how we behave. This presentation argues that such a change could have a significant impact on software security. In this presentation we will comment on the power of ‘analogies’ and how they’ve shaped our industry. We’ll then consider the difference between the ‘security as risk’ and the ‘security as debt’ paradigms and explore how changing paradigms may change the way we think about, talk about and measure software security. We believe this could have a very empowering effect on development managers and other security professionals who are struggling to articulate the relative benefits of security (or a lack of security) to a software product.]]> Thu, 11 Oct 2018 13:26:09 GMT /slideshow/weak-analogies-make-poor-realities-are-we-sitting-on-a-security-debt-crisis-charl-van-der-walt-44con-2018/119116805 44Con@slideshare.net(44Con) Weak analogies make poor realities – are we sitting on a Security Debt Crisis? - Charl Van Der Walt - 44CON 2018 44Con Cyber Security is often framed in terms of ‘Risk’- the possibility of suffering harm or loss – and the ‘Management’ of Risk to reduce uncertainty. This is familiar territory for businesses. Cyber Security falls in neatly under Risk Management, is assigned a suitable place on the organigramme, tossed some spare budget and granted a few paragraphs in the board report. NIST defines Risk as a ‘function of the likelihood of a given threat-source’s exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organisation’. Key theme: This presentation explores the idea that making cyber security analogous to risk is holding us back. How about we talk about security ‘debt’ instead? Technical Debt is already a well understood concept in software development – the cost of additional rework caused by choosing an easy solution now instead of using a better approach that would take longer or cost more. Changing our language changes how we think and how we behave. This presentation argues that such a change could have a significant impact on software security. In this presentation we will comment on the power of ‘analogies’ and how they’ve shaped our industry. We’ll then consider the difference between the ‘security as risk’ and the ‘security as debt’ paradigms and explore how changing paradigms may change the way we think about, talk about and measure software security. We believe this could have a very empowering effect on development managers and other security professionals who are struggling to articulate the relative benefits of security (or a lack of security) to a software product. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/charlvanderwalt-weakanalogiesmakepoorrealities-181011132609-thumbnail.jpg?width=120&height=120&fit=bounds" /> Cyber Security is often framed in terms of ‘Risk’- the possibility of suffering harm or loss – and the ‘Management’ of Risk to reduce uncertainty. This is familiar territory for businesses. Cyber Security falls in neatly under Risk Management, is assigned a suitable place on the organigramme, tossed some spare budget and granted a few paragraphs in the board report. NIST defines Risk as a ‘function of the likelihood of a given threat-source’s exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organisation’. Key theme: This presentation explores the idea that making cyber security analogous to risk is holding us back. How about we talk about security ‘debt’ instead? Technical Debt is already a well understood concept in software development – the cost of additional rework caused by choosing an easy solution now instead of using a better approach that would take longer or cost more. Changing our language changes how we think and how we behave. This presentation argues that such a change could have a significant impact on software security. In this presentation we will comment on the power of ‘analogies’ and how they’ve shaped our industry. We’ll then consider the difference between the ‘security as risk’ and the ‘security as debt’ paradigms and explore how changing paradigms may change the way we think about, talk about and measure software security. We believe this could have a very empowering effect on development managers and other security professionals who are struggling to articulate the relative benefits of security (or a lack of security) to a software product.

Weak analogies make poor realities – are we sitting on a Security Debt Crisis? - Charl Van Der Walt - 44CON 2018 from 44CON

]]> 286 2 https://cdn.slidesharecdn.com/ss_thumbnails/charlvanderwalt-weakanalogiesmakepoorrealities-181011132609-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Pwning the 44CON Nerf Tank /slideshow/pwning-the-44con-nerf-tank/119116514 christopherwade-nerftank-181011132235
Con speakers fear the Nerf gun. Overrun your talk time at your peril; Steve will shoot your arse with extreme prejudice until you STFU. We had to find a way to pwn the gun and shoot him back. That’s when we found the Nerf Terrascout: a remote tank gun controlled over 2.4GHz, with a video feed to the remote, complete with crosshairs. At first, we thought this would be a trivial job: figure out the RF and take control. It turned in to a mammoth hardware, firmware and RF reversing project. This puppy is so over-specced it would drive you to tears. The talk will cover the fails, hair loss and eventual success. There won’t be any smart dildos in it, though some of the techniques used are equally suited to teledildonics exploitation, if that’s your thing. Reversing RF in a high frequency environment using SDRs is challenging. We’ll discuss how we worked around these issues using hardware reversing skills. We had to import hardware from China for this project, which we could then programme ourselves using SPI, impersonate the legitimate controller and ‘jack the tank gun. This talk will of course include a live demonstration of hijacking the tank gun and (possibly) shooting Steve.]]>
Con speakers fear the Nerf gun. Overrun your talk time at your peril; Steve will shoot your arse with extreme prejudice until you STFU. We had to find a way to pwn the gun and shoot him back. That’s when we found the Nerf Terrascout: a remote tank gun controlled over 2.4GHz, with a video feed to the remote, complete with crosshairs. At first, we thought this would be a trivial job: figure out the RF and take control. It turned in to a mammoth hardware, firmware and RF reversing project. This puppy is so over-specced it would drive you to tears. The talk will cover the fails, hair loss and eventual success. There won’t be any smart dildos in it, though some of the techniques used are equally suited to teledildonics exploitation, if that’s your thing. Reversing RF in a high frequency environment using SDRs is challenging. We’ll discuss how we worked around these issues using hardware reversing skills. We had to import hardware from China for this project, which we could then programme ourselves using SPI, impersonate the legitimate controller and ‘jack the tank gun. This talk will of course include a live demonstration of hijacking the tank gun and (possibly) shooting Steve.]]> Thu, 11 Oct 2018 13:22:34 GMT /slideshow/pwning-the-44con-nerf-tank/119116514 44Con@slideshare.net(44Con) Pwning the 44CON Nerf Tank 44Con Con speakers fear the Nerf gun. Overrun your talk time at your peril; Steve will shoot your arse with extreme prejudice until you STFU. We had to find a way to pwn the gun and shoot him back. That’s when we found the Nerf Terrascout: a remote tank gun controlled over 2.4GHz, with a video feed to the remote, complete with crosshairs. At first, we thought this would be a trivial job: figure out the RF and take control. It turned in to a mammoth hardware, firmware and RF reversing project. This puppy is so over-specced it would drive you to tears. The talk will cover the fails, hair loss and eventual success. There won’t be any smart dildos in it, though some of the techniques used are equally suited to teledildonics exploitation, if that’s your thing. Reversing RF in a high frequency environment using SDRs is challenging. We’ll discuss how we worked around these issues using hardware reversing skills. We had to import hardware from China for this project, which we could then programme ourselves using SPI, impersonate the legitimate controller and ‘jack the tank gun. This talk will of course include a live demonstration of hijacking the tank gun and (possibly) shooting Steve. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/christopherwade-nerftank-181011132235-thumbnail.jpg?width=120&height=120&fit=bounds" /> Con speakers fear the Nerf gun. Overrun your talk time at your peril; Steve will shoot your arse with extreme prejudice until you STFU. We had to find a way to pwn the gun and shoot him back. That’s when we found the Nerf Terrascout: a remote tank gun controlled over 2.4GHz, with a video feed to the remote, complete with crosshairs. At first, we thought this would be a trivial job: figure out the RF and take control. It turned in to a mammoth hardware, firmware and RF reversing project. This puppy is so over-specced it would drive you to tears. The talk will cover the fails, hair loss and eventual success. There won’t be any smart dildos in it, though some of the techniques used are equally suited to teledildonics exploitation, if that’s your thing. Reversing RF in a high frequency environment using SDRs is challenging. We’ll discuss how we worked around these issues using hardware reversing skills. We had to import hardware from China for this project, which we could then programme ourselves using SPI, impersonate the legitimate controller and ‘jack the tank gun. This talk will of course include a live demonstration of hijacking the tank gun and (possibly) shooting Steve.

Pwning the 44CON Nerf Tank from 44CON

]]> 170 1 https://cdn.slidesharecdn.com/ss_thumbnails/christopherwade-nerftank-181011132235-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Security module for php7 – Killing bugclasses and virtual-patching the rest! - 44CON 2018 /slideshow/security-module-for-php7-killing-bugclasses-and-virtualpatching-the-rest-44con-2018/114250996 44con2018-180913111141
Presented by: Julien Voisin and Thibault Koechlin Suhosin is a great PHP module, but unfortunately, it’s getting old, new ways have been found to compromise PHP applications, and some aren’t working anymore; and it doesn’t play well with the shiny new PHP 7. As a secure web-hosting company, we needed a reliable and future-proof solution to address the flow of new vulnerabilities that are published every day. This is why we developed Snuffleupagus, a new (and open-source!) PHP security module, that provides several features that we needed: passively killing several PHP-specific bug classes, but also implementing virtual-patching at the PHP level, allowing to patch vulnerabilities in a precise, false-positive-free, ultra-low overhead way, without even touching the applications’ code.]]>
Presented by: Julien Voisin and Thibault Koechlin Suhosin is a great PHP module, but unfortunately, it’s getting old, new ways have been found to compromise PHP applications, and some aren’t working anymore; and it doesn’t play well with the shiny new PHP 7. As a secure web-hosting company, we needed a reliable and future-proof solution to address the flow of new vulnerabilities that are published every day. This is why we developed Snuffleupagus, a new (and open-source!) PHP security module, that provides several features that we needed: passively killing several PHP-specific bug classes, but also implementing virtual-patching at the PHP level, allowing to patch vulnerabilities in a precise, false-positive-free, ultra-low overhead way, without even touching the applications’ code.]]> Thu, 13 Sep 2018 11:11:41 GMT /slideshow/security-module-for-php7-killing-bugclasses-and-virtualpatching-the-rest-44con-2018/114250996 44Con@slideshare.net(44Con) Security module for php7 – Killing bugclasses and virtual-patching the rest! - 44CON 2018 44Con Presented by: Julien Voisin and Thibault Koechlin Suhosin is a great PHP module, but unfortunately, it’s getting old, new ways have been found to compromise PHP applications, and some aren’t working anymore; and it doesn’t play well with the shiny new PHP 7. As a secure web-hosting company, we needed a reliable and future-proof solution to address the flow of new vulnerabilities that are published every day. This is why we developed Snuffleupagus, a new (and open-source!) PHP security module, that provides several features that we needed: passively killing several PHP-specific bug classes, but also implementing virtual-patching at the PHP level, allowing to patch vulnerabilities in a precise, false-positive-free, ultra-low overhead way, without even touching the applications’ code. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/44con2018-180913111141-thumbnail.jpg?width=120&height=120&fit=bounds" /> Presented by: Julien Voisin and Thibault Koechlin Suhosin is a great PHP module, but unfortunately, it’s getting old, new ways have been found to compromise PHP applications, and some aren’t working anymore; and it doesn’t play well with the shiny new PHP 7. As a secure web-hosting company, we needed a reliable and future-proof solution to address the flow of new vulnerabilities that are published every day. This is why we developed Snuffleupagus, a new (and open-source!) PHP security module, that provides several features that we needed: passively killing several PHP-specific bug classes, but also implementing virtual-patching at the PHP level, allowing to patch vulnerabilities in a precise, false-positive-free, ultra-low overhead way, without even touching the applications’ code.

Security module for php7 – Killing bugclasses and virtual-patching the rest! - 44CON 2018 from 44CON

]]> 237 2 https://cdn.slidesharecdn.com/ss_thumbnails/44con2018-180913111141-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images /slideshow/44con-london-2015-stegosploit-driveby-browser-exploits-using-only-images/53053668 keepcalmandstegosploit44con2015-3-150922092300-lva1-app6892
Stegosploit - Drive-by Browser Exploits using only Images by Saumil Shah]]>
Stegosploit - Drive-by Browser Exploits using only Images by Saumil Shah]]> Tue, 22 Sep 2015 09:23:00 GMT /slideshow/44con-london-2015-stegosploit-driveby-browser-exploits-using-only-images/53053668 44Con@slideshare.net(44Con) 44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images 44Con Stegosploit - Drive-by Browser Exploits using only Images by Saumil Shah <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/keepcalmandstegosploit44con2015-3-150922092300-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /> Stegosploit - Drive-by Browser Exploits using only Images by Saumil Shah

44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images from 44CON

]]> 2041 5 https://cdn.slidesharecdn.com/ss_thumbnails/keepcalmandstegosploit44con2015-3-150922092300-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - Is there an EFI monster inside your apple? /slideshow/44con-london-2015-is-there-an-efi-monster-inside-your-apple/53053410 44con2015-efimonstersjhashdjdhasdiwqo39sncsyshfgdudgsj749467eixjxgsks-150922091514-lva1-app6891
Is there an EFI monster inside your apple? by Pedro Vilaça]]>
Is there an EFI monster inside your apple? by Pedro Vilaça]]> Tue, 22 Sep 2015 09:15:14 GMT /slideshow/44con-london-2015-is-there-an-efi-monster-inside-your-apple/53053410 44Con@slideshare.net(44Con) 44CON London 2015 - Is there an EFI monster inside your apple? 44Con Is there an EFI monster inside your apple? by Pedro Vilaça <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/44con2015-efimonstersjhashdjdhasdiwqo39sncsyshfgdudgsj749467eixjxgsks-150922091514-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds" /> Is there an EFI monster inside your apple? by Pedro Vilaça

44CON London 2015 - Is there an EFI monster inside your apple? from 44CON

]]> 973 8 https://cdn.slidesharecdn.com/ss_thumbnails/44con2015-efimonstersjhashdjdhasdiwqo39sncsyshfgdudgsj749467eixjxgsks-150922091514-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - Indicators of Compromise: From malware analysis to eradication /slideshow/44con-london-2015-indicators-of-compromise-from-malware-analysis-to-eradication/53052675 indicatorsofcompromise-frommalwareanalysistoeradication-150922085608-lva1-app6892
Indicators of Compromise: From malware analysis to eradication by Michael Boman]]>
Indicators of Compromise: From malware analysis to eradication by Michael Boman]]> Tue, 22 Sep 2015 08:56:07 GMT /slideshow/44con-london-2015-indicators-of-compromise-from-malware-analysis-to-eradication/53052675 44Con@slideshare.net(44Con) 44CON London 2015 - Indicators of Compromise: From malware analysis to eradication 44Con Indicators of Compromise: From malware analysis to eradication by Michael Boman <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/indicatorsofcompromise-frommalwareanalysistoeradication-150922085608-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /> Indicators of Compromise: From malware analysis to eradication by Michael Boman

44CON London 2015 - Indicators of Compromise: From malware analysis to eradication from 44CON

]]> 1051 8 https://cdn.slidesharecdn.com/ss_thumbnails/indicatorsofcompromise-frommalwareanalysistoeradication-150922085608-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - How to drive a malware analyst crazy /slideshow/44con-london-2015-how-to-drive-a-malware-analyst-crazy/53052671 howtodriveamalwareanalystcrazy-150922085602-lva1-app6892
How to drive a malware analyst crazy by Michael Boman]]>
How to drive a malware analyst crazy by Michael Boman]]> Tue, 22 Sep 2015 08:56:02 GMT /slideshow/44con-london-2015-how-to-drive-a-malware-analyst-crazy/53052671 44Con@slideshare.net(44Con) 44CON London 2015 - How to drive a malware analyst crazy 44Con How to drive a malware analyst crazy by Michael Boman <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/howtodriveamalwareanalystcrazy-150922085602-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /> How to drive a malware analyst crazy by Michael Boman

44CON London 2015 - How to drive a malware analyst crazy from 44CON

]]> 1364 7 https://cdn.slidesharecdn.com/ss_thumbnails/howtodriveamalwareanalystcrazy-150922085602-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - 15-Minute Linux Incident Response Live Analysis /slideshow/44con-london-2015-15minute-linux-incident-response-live-analysis/53052667 44con2015-phil-polstra-live-linux-forensics-150922085557-lva1-app6892
15-Minute Linux Incident Response Live Analysis by Philip Polstra]]>
15-Minute Linux Incident Response Live Analysis by Philip Polstra]]> Tue, 22 Sep 2015 08:55:57 GMT /slideshow/44con-london-2015-15minute-linux-incident-response-live-analysis/53052667 44Con@slideshare.net(44Con) 44CON London 2015 - 15-Minute Linux Incident Response Live Analysis 44Con 15-Minute Linux Incident Response Live Analysis by Philip Polstra <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/44con2015-phil-polstra-live-linux-forensics-150922085557-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /> 15-Minute Linux Incident Response Live Analysis by Philip Polstra

44CON London 2015 - 15-Minute Linux Incident Response Live Analysis from 44CON

]]> 998 7 https://cdn.slidesharecdn.com/ss_thumbnails/44con2015-phil-polstra-live-linux-forensics-150922085557-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - Going AUTH the Rails on a Crazy Train /slideshow/44con-london-2015-going-auth-the-rails-on-a-crazy-train/53052660 44con-goingauthrails-rabczak-jarmoc-2-150922085553-lva1-app6892
Going AUTH the Rails on a Crazy Train by Tomek Rabczak & Jeff Jarmoc]]>
Going AUTH the Rails on a Crazy Train by Tomek Rabczak & Jeff Jarmoc]]> Tue, 22 Sep 2015 08:55:52 GMT /slideshow/44con-london-2015-going-auth-the-rails-on-a-crazy-train/53052660 44Con@slideshare.net(44Con) 44CON London 2015 - Going AUTH the Rails on a Crazy Train 44Con Going AUTH the Rails on a Crazy Train by Tomek Rabczak & Jeff Jarmoc <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/44con-goingauthrails-rabczak-jarmoc-2-150922085553-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /> Going AUTH the Rails on a Crazy Train by Tomek Rabczak & Jeff Jarmoc

44CON London 2015 - Going AUTH the Rails on a Crazy Train from 44CON

]]> 848 4 https://cdn.slidesharecdn.com/ss_thumbnails/44con-goingauthrails-rabczak-jarmoc-2-150922085553-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - Software Defined Networking (SDN) Security /slideshow/44con-london-2015-software-defined-networking-sdn-security/53052658 201509-44con-150922085548-lva1-app6891
Software Defined Networking (SDN) Security by David Jorm]]>
Software Defined Networking (SDN) Security by David Jorm]]> Tue, 22 Sep 2015 08:55:48 GMT /slideshow/44con-london-2015-software-defined-networking-sdn-security/53052658 44Con@slideshare.net(44Con) 44CON London 2015 - Software Defined Networking (SDN) Security 44Con Software Defined Networking (SDN) Security by David Jorm <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/201509-44con-150922085548-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds" /> Software Defined Networking (SDN) Security by David Jorm

44CON London 2015 - Software Defined Networking (SDN) Security from 44CON

]]> 980 6 https://cdn.slidesharecdn.com/ss_thumbnails/201509-44con-150922085548-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - DDoS mitigation EPIC FAIL collection /slideshow/44con-london-2015-ddos-mitigation-epic-fail-collection/52883135 ddosmitigationepicfailcollection-44con-150917095056-lva1-app6892
DDoS mitigation EPIC FAIL collection by Moshe Zioni]]>
DDoS mitigation EPIC FAIL collection by Moshe Zioni]]> Thu, 17 Sep 2015 09:50:56 GMT /slideshow/44con-london-2015-ddos-mitigation-epic-fail-collection/52883135 44Con@slideshare.net(44Con) 44CON London 2015 - DDoS mitigation EPIC FAIL collection 44Con DDoS mitigation EPIC FAIL collection by Moshe Zioni <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/ddosmitigationepicfailcollection-44con-150917095056-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /> DDoS mitigation EPIC FAIL collection by Moshe Zioni

44CON London 2015 - DDoS mitigation EPIC FAIL collection from 44CON

]]> 1056 5 https://cdn.slidesharecdn.com/ss_thumbnails/ddosmitigationepicfailcollection-44con-150917095056-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - Hunting Asynchronous Vulnerabilities /slideshow/44con-london-2015-hunting-asynchronous-vulnerabilities/52808770 huntingasynchronousvulnerabilities-150915153355-lva1-app6891
Hunting Asynchronous Vulnerabilities by James Kettle]]>
Hunting Asynchronous Vulnerabilities by James Kettle]]> Tue, 15 Sep 2015 15:33:55 GMT /slideshow/44con-london-2015-hunting-asynchronous-vulnerabilities/52808770 44Con@slideshare.net(44Con) 44CON London 2015 - Hunting Asynchronous Vulnerabilities 44Con Hunting Asynchronous Vulnerabilities by James Kettle <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/huntingasynchronousvulnerabilities-150915153355-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds" /> Hunting Asynchronous Vulnerabilities by James Kettle

44CON London 2015 - Hunting Asynchronous Vulnerabilities from 44CON

]]> 953 8 https://cdn.slidesharecdn.com/ss_thumbnails/huntingasynchronousvulnerabilities-150915153355-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - Reverse engineering and exploiting font rasterizers: the OpenType saga /slideshow/44con-london-2015-reverse-engineering-and-exploiting-font-rasterizers-the-opentype-saga/52794976 44con2015-150915104829-lva1-app6892
Reverse engineering and exploiting font rasterizers: the OpenType saga by Mateusz Jurczyk]]>
Reverse engineering and exploiting font rasterizers: the OpenType saga by Mateusz Jurczyk]]> Tue, 15 Sep 2015 10:48:29 GMT /slideshow/44con-london-2015-reverse-engineering-and-exploiting-font-rasterizers-the-opentype-saga/52794976 44Con@slideshare.net(44Con) 44CON London 2015 - Reverse engineering and exploiting font rasterizers: the OpenType saga 44Con Reverse engineering and exploiting font rasterizers: the OpenType saga by Mateusz Jurczyk <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/44con2015-150915104829-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /> Reverse engineering and exploiting font rasterizers: the OpenType saga by Mateusz Jurczyk

44CON London 2015 - Reverse engineering and exploiting font rasterizers: the OpenType saga from 44CON

]]> 1431 9 https://cdn.slidesharecdn.com/ss_thumbnails/44con2015-150915104829-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root /slideshow/44con-london-2015-jtagsploitation-5-wires-5-ways-to-root/52793673 jtagsploitation-150915101405-lva1-app6891
Jtagsploitation: 5 wires, 5 ways to root by Joe FitzPatrick & Matt King]]>
Jtagsploitation: 5 wires, 5 ways to root by Joe FitzPatrick & Matt King]]> Tue, 15 Sep 2015 10:14:05 GMT /slideshow/44con-london-2015-jtagsploitation-5-wires-5-ways-to-root/52793673 44Con@slideshare.net(44Con) 44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root 44Con Jtagsploitation: 5 wires, 5 ways to root by Joe FitzPatrick & Matt King <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/jtagsploitation-150915101405-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds" /> Jtagsploitation: 5 wires, 5 ways to root by Joe FitzPatrick & Matt King

44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root from 44CON

]]> 1729 4 https://cdn.slidesharecdn.com/ss_thumbnails/jtagsploitation-150915101405-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-44Con-48x48.jpg?cb=1539264136 London Information Security Conference sign up to the 44CON mailing list for advance notice of the 2016 event. 44con.com https://cdn.slidesharecdn.com/ss_thumbnails/peteherzog-theyreallscorpions-succesfulsecopsinahostileworkplace-181011132655-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/theyre-all-scorpions-successful-secops-in-a-hostile-workplace-pete-herzog-44con-2018/119116888 They're All Scorpions ... https://cdn.slidesharecdn.com/ss_thumbnails/klauseschmeh44con-2018-post-quantum-181011132646-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/how-to-explain-postquantum-cryptography-to-a-middle-school-student-klaus-schmeh-44con-2018/119116874 How to Explain Post-Qu... https://cdn.slidesharecdn.com/ss_thumbnails/jamesmathesonsmartnicsareawesome-181011132641-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/using-smartnics-to-provide-better-data-center-security-jack-matheson-44con-2018/119116864 Using SmartNICs to Pro...