- 188
- 125 066
DEFCON Switzerland
Switzerland
Приєднався 12 жов 2010
Defeating Behavior Detection Of Remote Code Injection - Rafael Salema Marques
Rafael Salema Marques / SWaNk
The injection of arbitrary code in a remote process is a well-know technique exploited by malwares. As defenders continue to intensify their efforts to uncover these actions, attackers must come up with new techniques and attack variations to evade detection. In this talk, I will present a novel approach to remote code injection that utilizes shared sections and handle inheritance between generations of processes to defeat behavior detection techniques. Additionally, I will be providing a detailed explanation and a proof of concept (PoC).
The injection of arbitrary code in a remote process is a well-know technique exploited by malwares. As defenders continue to intensify their efforts to uncover these actions, attackers must come up with new techniques and attack variations to evade detection. In this talk, I will present a novel approach to remote code injection that utilizes shared sections and handle inheritance between generations of processes to defeat behavior detection techniques. Additionally, I will be providing a detailed explanation and a proof of concept (PoC).
Переглядів: 151
Відео
Public Cloud Public Attacks: A Summary Of Attacks Seen By CloudIntel - Himanshu Anand
Переглядів 105Місяць тому
Himanshu Anand In an era where cloud computing is ubiquitous, the security of cloud environments has never been more critical. Our presentation delves into the intricate landscape of cloud security through an exhaustive analysis of data from CloudIntel, a comprehensive dataset of cloud-based attacks. This dataset, accessible at github.com/unknownhad/CloudIntel, offers a unique window into the t...
Phishing The Resistant: Phishing For Primary Refresh Tokens In Microsoft Entra - Dirk-Jan Mollema
Переглядів 2,7 тис.Місяць тому
Dirk-Jan Mollema (Outsider Security) Microsoft Entra ID (formerly Azure AD) offers many options to harden your tenant against attackers. Most of these options are enforced using Conditional Access policies, which for example allow you to restrict users to authenticate with only phishing resistant MFA methods such as Yubikeys and Windows Hello for Business. These MFA methods are resistant agains...
Actionable Incident Response Documentation: When The Ink Meets The Road - Gergana Karadzhova-Dangela
Переглядів 97Місяць тому
Gergana Karadzhova-Dangela (Cisco Talos) This presentation will be a bold attempt to highlight the primordial importance of actionable incident response documentation for the overall response readiness of an organization. The audience will be challenged to think critically about their attitudes towards the creation of procedures and documentation, which are often associated with compliance audi...
Technical Deep Dive Into The XZ Backdoor - Timo Schmid
Переглядів 182Місяць тому
Timo Schmid (Google) In March 2024 a backdoor was discovered in xz-utils packages of Debian and Fedora, originating from the upstream XZ project. This talk will take a deeper look into the techniques used by the backdoor to infect its primary target sshd and the different evasion techniques employed in an attempt to hide itself and why these ultimately led to the backdoors discovery.
Digital Self Defense For Investigative Journalists - Rico
Переглядів 82Місяць тому
Rico (SRF) In today's digital age, investigative journalists face unprecedented threats to their work and their sources. As an IT Security Engineer working for the public Swiss radio and television (SRF) I’m working on privacy solutions and secure communication methods with potential sources. I'll share practical strategies for journalists to navigate the digital realm securely. Topics include ...
Machine Learning For Enhanced Malware Detection & Classification - Solomon Sonya
Переглядів 127Місяць тому
Solomon Sonya Malware continues to increase in prevalence and sophistication. VirusTotal reported a daily submission of 2M malware samples. Of those 2 million malware daily submissions, over 1 million were unique malware samples. Successfully exploiting networks and systems has become a highly profitable operation for malicious threat actors. Traditional detection mechanisms including antivirus...
Efficiency vs Security: Unveiling The Risks In Cloud-Based Endpoint Management - Oleksandr Kazymyrov
Переглядів 41Місяць тому
Oleksandr Kazymyrov As organizations shift to cloud environments, they increasingly rely on tools like Microsoft Intune for efficient endpoint management. This transition from traditional to cloud-based infrastructures introduces a complex array of risks, including possible misconfigurations and new vulnerabilities. This presentation encapsulates our comprehensive examination of transitioning t...
Shells At Midnight: Turning A Spam Filter Against Itself - Michael Imfeld
Переглядів 82Місяць тому
Michael Imfeld (modzero) The RFCs for email addresses are surprisingly flexible in regards to what is considered a valid address - a fact that is most often overlooked by developers. In this talk, we will show that attackers can abuse assumptions of what developers consider safe input and how this can be exploited. Using a real-world example, we will disclose multiple vulnerabilities which we i...
Cloud-native Software Supply Chain Security: The Hard Truth - Daniel Drack
Переглядів 35Місяць тому
Daniel Drack Everybody is talking about SBOM, attestation, MFA, signatures and other security measures - but who is actually implementing them? This session will provide you with a technical overview of current cloud-native software supply chain security best-practices. Plus it will give you an idea of the adoption of said best-practices in the industry.
The CTF To Career Pipeline - Jam (Vie) Polintan
Переглядів 168Місяць тому
Jam (Vie) Polintan (Google) CTFs are a fantastic way to learn about and develop one’s skills into cybersecurity. They’re accessible, open-source most of the time, and consistently offer top-tier challenges to improve your hacking acumen. But are they realistic? When someone wants to make the jump into their cybersecurity career, they’ll often find themselves asking the same questions and wonder...
Mastering Supply Chain Attacks With Client-Side Monitoring - Juerg Fischer and Dai Littlewood
Переглядів 73Місяць тому
Juerg Fischer (Splunk) Dai Littlewood (Splunk) We often say in the cyber security world, you can’t detect what you can’t see. In the SOC, visibility is everything, and the days of relying solely on the network perimeter and server-side monitoring is no longer enough. Today, breaches are plenty and with it comes reputational damage and hefty fines. So as defenders, what can we do? Dive deep into...
Guardians Of The Grid: Purple Playoffs In OT Adversary Emulation - Jeroen Vandeleur and Nick Foulon
Переглядів 40Місяць тому
Jeroen Vandeleur Nick Foulon (NVISO) This session dives deep into the evolution of cyber defense tactics, laying bare the necessity of a holistic approach where offensive and defensive techniques are harmoniously amalgamated. By juxtaposing IT and OT, we unravel their innate intricacies and spotlight the compelling need for a harmonized security blueprint, especially during those critical junct...
New Stories Of Money: Crypto, DeFi, Hacks & Attacks - Marco Preuss
Переглядів 58Місяць тому
Marco Preuss (Kaspersky) With current Bitcoin price increase, Crypto got more attention in the public, again - though underlying misuse, attacks and hacks are going on for many years. In this talk I will dig into different recent attacks, problems and common “how to behave”. I will cover starting from the more common attack methods to advanced and stepping into DeFi.
Call On Me, Unify! Hacking Desktop Phones - Michael Oelke
Переглядів 37Місяць тому
Call On Me, Unify! Hacking Desktop Phones - Michael Oelke
Intelligence-Driven Threat Hunting: Exposing The Invisible Enemy - Sylvain Hirsch
Переглядів 61Місяць тому
Intelligence-Driven Threat Hunting: Exposing The Invisible Enemy - Sylvain Hirsch
Reconsidering Self-XSS And Exploring Novel Attacks With Cookie Tossing - Thomas Houhou
Переглядів 149Місяць тому
Reconsidering Self-XSS And Exploring Novel Attacks With Cookie Tossing - Thomas Houhou
Automating Malware Development: A Red Teamer's Journey - Gian Demarmels
Переглядів 490Місяць тому
Automating Malware Development: A Red Teamer's Journey - Gian Demarmels
Shufflecake, AKA Truecrypt On Steroids For Linux - Tommaso Gagliardoni
Переглядів 66Місяць тому
Shufflecake, AKA Truecrypt On Steroids For Linux - Tommaso Gagliardoni
Armored Witness: Building A Trusted Notary For Bare Metal - Andrea Barisani
Переглядів 47Місяць тому
Armored Witness: Building A Trusted Notary For Bare Metal - Andrea Barisani
Insert Coin: Hacking Arcades For Fun - Ignacio Navarro
Переглядів 127Місяць тому
Insert Coin: Hacking Arcades For Fun - Ignacio Navarro
Nearing The EPOcalypse: A Tale Of Vulnerabilities & Incentives In The Infosec Industry - Alain Mowat
Переглядів 62Місяць тому
Nearing The EPOcalypse: A Tale Of Vulnerabilities & Incentives In The Infosec Industry - Alain Mowat
Action Anomalies: A Hackers Guide To Github Actions - Elliot Ward
Переглядів 112Місяць тому
Action Anomalies: A Hackers Guide To Github Actions - Elliot Ward
Switching 400'000 Volts With A TCP Packet - Cyrill Brunschwiler
Переглядів 347Місяць тому
Switching 400'000 Volts With A TCP Packet - Cyrill Brunschwiler
Keynote: Hacker's Perspective on New Risks: Revising the Cybersecurity Priorities for 2024
Переглядів 458Місяць тому
Keynote: Hacker's Perspective on New Risks: Revising the Cybersecurity Priorities for 2024
Building A Red Team - The Best Defense Is A Good Offense by Daniel Fabian
Переглядів 4,6 тис.2 роки тому
Building A Red Team - The Best Defense Is A Good Offense by Daniel Fabian
Security Content Creator Panel by Carl Svensson, Robbe van Roey and Thomas Roth
Переглядів 1942 роки тому
Security Content Creator Panel by Carl Svensson, Robbe van Roey and Thomas Roth
Truly an excellent talk, thanks a lot !
This is a game changer. Thanks for sharing
very nice intro! (though we can't see him...) also incredibly good for a second time speaker!
Marry me! 💍
hi
Nice talk
Thanks
Gratuliere Cyrill!
Good Talk Cyrill! Thanks for sharing
Thank you Salvatore. I hope it will contribute to the general understanding how TCP packets influence public safety and foster critical thinking and risk thinking within the pentesting community. We need be very carful at throwing complexity to solutions.
Ich hoffe die Toilette wurde gut gereinigt, nachdem Fabian sich dort die Seele aus dem Leib gekotzt hat
Great presentation
overall very nice talk! the first half was a bit boring tho
what? lol
Great lecture and some very good animations throughout the presentation. Besides, this is important topic that can help others. Are there any updates about the new smart dream application security disclousure and about the concept of mandatory installation of blocking application in South Korea?
Awesome presentation . Greatly helped me connect the dots that I was missing during my red team exercise . This presentation really is a blue print for effectively manage a red team program
Cool to see LiveOverflow here!
I swear I've heard this voice somewhere else
Thanks, it's very informative!
Anyone has that guy Twitter or LinkedIn?
@dobinrutis
thnks!
Hallo John ich bin’s Angela ..liebe Grüße von Can
Awesome tool 👍
I'm proud of you Dagmawi!! Love you 😍
nice share
Good info
Daddy Phillip
I need help with an app.
Отличный доклад про фаззинг сетевых приложений.
useful video, appreciate
Thanksf for sharing this. What an open community. I thought she is from Maine.
are modern USB keyloggers still undetectable ?
\m/ Mikko Rocks! \m/
Learned much.
sina war meine brieffreundin von ich glaub 1996 bis 2000. wir haben uns bei chatcity kennen gelernt, 1995, wo noch kaum jemand internet zuhause hatte.
composer?
Thank you!
really well synthesized - or encoded - the gan concept, thanks :)
this is a fight back example on audio www.asvspoof.org/
As a fellow Romanian of Costin Raiu, I can notice that his English accent is now influenced by the Russian language. Costin Raiu was the original developer of a quite good romanian antivirus, RAV, which was sold, after the Costin departure for Kasperky, in 2003 to Microsoft. I can't comment the reasons for which Costin chose to move to Russia, but I remember that in those times I started to consider China as a first future threat, while Russia seemed to come to its senses. About Guccifer 2, I saw his answers in Romanian and it was clear for me that he wasn't a native Romanian speaker, not even from Republic of Moldova (an independent country now, but which was initially romanian territory, with a romanian population in an overwhelming majority, taken first by the Russian Empire and then by the Soviet Union).
im too dumb for this
haha le rm -rf pour le gdpr :)
hé mais.... pascal :)
If my employer offered to pay my OSCP I would probably have a stroke!
At 27:15, NUS is the *National* University of Singapore, sorry for that mishap
The slides are available here: www.slideshare.net/epokh1/the-future-of-threat-intelligence-platforms
This is an amazing tool! Fantastic, Daniel!
Though the video is quite encouraging and informative ,but ever since I joined Mr Collins’s mining pool ,I have been earning a good block reward ,that with his system, we can mine about 1.5 BTC within the maximum of two weeks ,So I recommend you contact him through whatsapp if you need a reliable mining pool +447537181939
Wow Mr Collins's mining pool must be so nice, how does it work? I have a blockchain wallet, can i mine directly into it?
Mr Collins’s mining pool is the best i have ever seen,Its a very profitable system of mining you can mine directly into your Blockchain wallet, contact him for more info on how to start earning pretty well
I'm grateful to all of those who posted about Mr Collins, I'm making what I never believed I could make too, i was so surprised how i mined over 0.5 with very little amount.
That's great,You can contact him on whatsapp throught the number i dropped in my comment.
LiveOverflow!!!!!!!!!!
Love him man..big big fan
chateau?
Very interesting. This would be better as a 2 hour lecture.
nice work!