41
41
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 41
favorite 0
comment 0
As bandwidth, computing power, and software advancements have improved over the years, we've begun to see larger and larger DDoS attacks against organizations. Often times these attacks employ techniques such as DNS Amplification to take advantage of servers with very large uplinks. This talk explores a similar technique targeting commonly used throughput testing software typically running on very large uplinks. We will explore the process of attacking this software, eventually compromising it...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
37
37
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 37
favorite 0
comment 0
Over the last year, synchronized and coordinated attacks against critical infrastructure have taken center stage. Remote cyber intrusions at three Ukrainian regional electric power distribution companies in December 2015 left approximately 225,000 customers without power. Malware, like BlackEnergy, is being specially developed to target supervisory control and data acquisition (SCADA) systems. Specifically, adversaries are focusing their efforts on obtaining access to the human-machine...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
14
14
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 14
favorite 0
comment 0
When the machines rise up and take away our freedom to communicate we're going to need a way out. Exfiltration of data across trust boundaries will be our only means of communication. How do we do that when the infrastructure we built to defend ourselves is the very boundary we must defeat? We use the same pathways we used to, but bend the rules to meet our needs. Whether its breaking protocol, attaching payloads, or pirating the airwaves we'll find a way. We'll cover using a custom server...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
43
43
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 43
favorite 0
comment 0
So, you think you want to be a penetration tester, or you already are and don’t understand what the difference between you and all the other “so called” penetration testers out there. Think you know the difference between a Red Team, Penetration Test and a Vulnerability assessment? Know how to write a report your clients will actually read and understand? Can you leverage the strengths of your team mates to get through tough roadblocks, migrate, pivot, own and pillage? No? well this talk...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
36
36
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 36
favorite 0
comment 0
Over the past year, Apple has consistently added features to prevent exploitation of the iOS kernel. These features, while largely misunderstood, provide a path for understanding of the iOS security model going forward. This talk will examine the history of iOS’s exploit mitigations from iOS 8 to iOS 9.3 in order to teach important features of the architecture. This talk will cover various enhancements that stop attackers from dynamically modifying the functionality of system services, but...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
58
58
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 58
favorite 0
comment 0
In this talk, we’ll cover some novel USB-level attacks, that can provide remote command and control of, even air-gapped machines, with a minimal forensic footprint, and release an open-source toolset using freely available hardware. In 2000, Microsoft published its 10 Immutable laws of security [1]. One of which was “if a bad guy has unrestricted access to your computer, it’s not your computer anymore.” This has been robustly demonstrated over the years. Examples include numerous...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
38
38
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 38
favorite 0
comment 0
Much of the time and attention dedicated to modern network security focuses on detecting the contemporary vulnerabilities and exploits which power the breaches that make the headlines. With almost all of the emphasis is placed around the endless cycle of new entry points, we are often overlooking what is perhaps one of the most profoundly interesting aspects of modern network breaches; the post-exploit communication of a compromised system to the attacker—known as command and control. Once...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
51
51
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 51
favorite 0
comment 0
Since these last few years our world has been getting smarter and smarter. We may ask ourselves: what does smart mean? It is the possibility of building systems which are nodes of a more complex network, digitally connected to the internet and to the final users. Our cities are becoming one of those networks and over time more and more elements are getting connected to such network: from traffic lights to information signs, from traffic and surveillance cameras to transport systems. This last...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
45
45
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 45
favorite 0
comment 0
Last year, DARPA ran the qualifying event for the Cyber Grand Challenge to usher in the era of automated hacking. Shellphish, a rag-tag team of disorganized hackers mostly from UC Santa Barbara, decided to join the competition about ten minutes before the signups closed. Characteristically, we proceeded to put everything off until the last minute, and spent 3 sleepless weeks preparing our Cyber Reasoning System for the contest. Our efforts paid off and, as we talked about last DEF CON , against...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
30
30
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 30
favorite 0
comment 0
Yes, we did, we made our own DEF CON black badges. Why? Because we didn't want to wait in line ever again-- Not really. We are a bunch of hackers that always look for a challenge, and what better challenge is there than to try and reverse engineer from scratch three DEF CON black badges? In this talk we will go through the 2 year long process of making the DC14, DC22 and DC23 Black badges which include amazing hacking techniques like social engineering, patience, reverse engineering, EAGLE...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
103
103
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 103
favorite 0
comment 0
As stated in my bio, besides computer security I also love flight simulators and mountain biking. Last year I gave a talk about hacking a flight simulator (among other games), it was only fitting to research something related to my other hobby too. Old day's bike speedometers have evolved quite a bit, and nowadays a lot of bikers (swimmers, runners, ers) do their sport with tiny computers attached to them. These computers do much more than measuring speed: they have GPS, they can store your...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, security...
44
44
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 44
favorite 0
comment 0
As a matter of fact, it is all about time to reverse engineer the most complex piece of code. Code complicity techniques are usually used just to increase the time and effort needed for reverse engineering. The desired effect of code complicity can be magnified using mechanisms that decrease and narrow the allowed time frame for any reverse engineering attempt into few milliseconds. Such approach can be applied using a metamorphic engine that is aware of the time dimension. Beyond metamorphic...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
75
75
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 75
favorite 0
comment 0
The CAN bus is really mainstream, and every now and then there are new tools coming out to deal with it. Everyone wants to control vehicles and already knows that you can make the horn honk by replaying that frame you captured. But is this all that there is on this topic? Reversing OEM and third party tools, capturing firmware update files on the fly, and hijacking Security Sessions on a bus are just a few examples of things that can be done as well. For this and more, we will introduce to you...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
26
26
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 26
favorite 0
comment 0
After the Rise of the Machines they'll need to communicate. And we'll need to listen in. The problem is that proprietary protocols are hard to break. If Wireshark barfs then we're done. Or can we listen in, break their Robot Overlord messages and spill it all to the meat-space rebels? Attend this talk to learn techniques for taking network data, identifying unknown protocols, and breaking them down to something you can exploit. Rebels unite! Bios: Tim Estell, a hacker since learning how to mod...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DEFCON 24, hack, hackers,...
8
8.0
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 8
favorite 0
comment 0
Samsung announced many layers of security to its Pay app. Without storing or sharing any type of user’s credit card information, Samsung Pay is trying to become one of the securest approaches offering functionality and simplicity for its customers. This app is a complex mechanism which has some limitations relating security. Using random tokenize numbers and implementing Magnetic Secure Transmission (MST) technology, which do not guarantee that every token generated with Samsung Pay would be...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
31
31
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 31
favorite 0
comment 0
LTE is a more advanced mobile network but not absolutely secure. Recently there already some papers those exposed the vulnerabilities of LTE network. In this presentation, we will introduce one method which jointly exploits the vulnerabilities in tracking area update procedure, attach procedure, and RRC redirection procedure, and finally can force a targeted LTE cellphone to downgrade into a malicious GSM network, then consequently can eavesdrop its data traffic or even voice call. This attack...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
62
62
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 62
favorite 0
comment 0
Drone related applications have sprung up in the recent years, and the drone security has also became a hot topic in the security industry. This talk will introduce some general security issues of the drones, including vulnerabilities existing in the radio signals, WiFi, Chipset, FPV system, GPS, App, and SDK. The most famous and popular drone product will be used to demonstrate the security vulnerabilities of each aspects, and recommendation of enforcements. The talk will also demo how to take...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
32
32
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 32
favorite 0
comment 0
There have been over 20,000 data breaches disclosed exposing over 4.8 billion records, with over 4,000 breaches in 2015 alone. It is clear there is no slowdown at all and the state of security is embarrassing. The total cybercrime cost estimates have been astronomical and law enforcement has been struggling to track down even a fraction of the criminals, as usual. Attribution in computer compromises continues to be a surprisingly complex task that ultimately isn’t definitive in most cases....
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
10
10.0
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 10
favorite 0
comment 0
With minimal to no effort, we can gain SYSTEM level access to hundreds, if not, thousands of machines on the internet [remotely]. No, this is not a new super 1337 exploit and no this is not even a new technique. No super fancy website with poorly designed logo is necessary, there is nothing new here. Tim and Dennis have discovered that something only stupid sysadmins would do turns out to be much more prevalent than expected. What starts off as a sysadmin’s innocent attempt to fix an issue,...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
62
62
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 62
favorite 0
comment 0
What if your wireless mouse was an effective attack vector? Research reveals this to be the case for mice from Logitech, Microsoft, Dell, Lenovo, Hewlett-Packard, Gigabyte, and Amazon. Dubbed 'MouseJack', this class of security vulnerabilities allows keystroke injection into non-Bluetooth wireless mice. Imagine you are catching up on some work at the airport, and you reach into your laptop bag to pull out your phone charger. As you glance back at your screen, you see the tail end of an ASCII...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DC24, DEFCON 24, DEF CON 2016,...
17
17
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 17
favorite 0
comment 0
Almost everyone is familiar with feature codes, also known as star codes, such as *67 to block caller ID or *69 to find out who called you last. What if the feature codes could be used as a weapon? Caller ID spoofing, tDOSing (Call flooding), and SMS flooding are known attacks on phone networks, but what happens when they become as easy to launch as dialing *40? Weaponize Your Feature Codes will first take the audience through a brief history of feature codes and common usage, and then...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
49
49
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 49
favorite 0
comment 0
Is the Internet going to live up to its promise as the greatest force for individual freedom that the world has ever known? Or is the hope for a global community of creative intellectual interaction lost…for now? In last year’s Black Hat keynote—entitled “Lifecycle of a Revolution”—noted privacy and civil liberties advocate Jennifer Granick told the story of the Internet utopians, people who believed that Internet technology could greatly enhance creative and intellectual freedom....
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
17
17
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 17
favorite 0
comment 0
Get the latest information about how the law is racing to catch up with technological change from staffers at the Electronic Frontier Foundation, the nation’s premiere digital civil liberties group fighting for freedom and privacy in the computer age. This session will include updates on current EFF issues such as surveillance online, encryption (and backdoors), and fighting efforts to use intellectual property claims to shut down free speech and halt innovation, discussion of our technology...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
35
35
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 35
favorite 0
comment 0
We’ve all worked on ‘closed systems’ with little to no direct Internet access. And we’ve all struggled with the limitations those systems put on us in the form of available tools or software we want to use. I didn’t like struggling, so I came up with a method to load whatever I wanted on to a closed system without triggering any common security alerts. To do this I had to avoid accessing the Internet or using mag media. In the end all I needed was an office multi-function machine and...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
36
36
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 36
favorite 0
comment 0
HTTP is everywhere, everybody wants to write an HTTP server. So I wrote mine :-) But mine not fast, and come with an HTTP client which sends very bad HTTP queries. My tool is a stress tester for HTTP servers and proxies, and I wrote it because I found flaws in all HTTP agents that I have checked in the last year i.e. nodejs, golang, Apache httpd, FreeBSD http, Nginx, Varnish and even Haproxy. This presentation will try to explain how flaws in HTTP parsers can be exploited for bad things; we'll...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
54
54
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 54
favorite 0
comment 0
Ever dreamed of cleaning up at poker, but afraid that you are not good enough to do it on your own? Fear not! The chinese underground got you covered with high-tech concealed cheating devices that automatically read marked cards and whisper them in your ear through an ear-piece. Seems too good to be true? Well those James Bond devices are the real deal: we were able to get our hands onto one of those pricey gadget and they really work. They even come with additional gizmos, like a camera hidden...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
12
12
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 12
favorite 0
comment 0
At DEF CON 16 in 2008, we released the original BSODomizer (www.bsodomizer.com), an open source VGA pranking tool and introductory hacking platform for the multicore Propeller micro-controller. Hours of productivity were replaced with rage and frustration as unwitting computer users were confronted with fake Blue Screens of Death and revolting ASCII art. But, the world has changed. The machines have risen in capability. HDMI is the graphical transmission protocol of choice and hacking with...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
14
14
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 14
favorite 0
comment 0
As a defender, have you ever been asked ‘do they win?’ How about ‘what products or capabilities should I buy to even the odds?’ Mapping the functionality to a standard list of desired capabilities only gets you so far. And, many vendors require an organization to pay for a framework, or for access to a framework, to enable tactical and strategic campaigns. Wouldn’t it be great to have an open source way to pick strategies? So what do you do? Build out your own defensive campaigns...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
28
28
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 28
favorite 0
comment 0
This presentation is the screaming goat anti-forensics version of those ‘Stupid Pet Tricks’ segments on late night US talk shows. Nothing ground-breaking here, but we’ll cover new (possibly) and trolly (definitely) techniques that forensic investigators haven’t considered or encountered. Intended targets cover a variety of OS platforms. Bio: int0x80 is the rapper in Dual Core. Drink all the booze, hack all the things! Source: https://www.youtube.com/watch?v=_fZfDGWpP4U Uploader:...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
39
39
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 39
favorite 0
comment 0
Deep learning and neural networks have gained incredible popularity in recent years. The technology has grown to be the most talked-about and least well-understood branch of machine learning. Aside from it’s highly publicized victories in playing Go, numerous successful applications of deep learning in image and speech recognition has kickstarted movements to integrate it into critical fields like medical imaging and self-driving cars. In the security field, deep learning has shown good...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
26
26
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 26
favorite 0
comment 0
Machines are getting smarter – so consumer protection enforcers like the Federal Trade Commission need to get smarter too. The FTC is the lead federal agency for protecting the privacy rights and data security of American consumers. In the last year, it brought several enforcement actions against companies for violating consumer privacy and data security and launched new initiatives – PrivacyCon, Start with Security, and a new Office of Technology Research and Investigation– to improve...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DEFCON, DC24, DC-24, hack, hackers,...
21
21
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 21
favorite 0
comment 0
Security assessments of embedded and IoT devices often begin with testing how an attacker could recover firmware from the device. When developers have done their job well you’ll find JTAG locked-up, non-responsive serial ports, locked-down boot, and perhaps even a home brewed secure-boot solution. In this session you’ll learn details of a useful hardware/software penetration technique to attempt when you’ve run out of easier options. We’ve used this technique on two commercial device...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
71
71
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 71
favorite 0
comment 0
As our homes become smarter and more connected we come up with new ways of reasoning about our privacy and security. Vendors promise security, but provide little technical information to back up their claims. Further complicating the matter, many of these devices are closed systems which can be difficult to assess. This talk will explore the validity of claims made by one smart lock manufacturer about the security of their product. The entire solution will be deconstructed and examined all the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
92
92
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 92
favorite 0
comment 0
The Internet of Things is expected to be involved in the near future in all major aspects of our modern society. On that front, we argue that 6LoWPAN is a protocol that will be a dominant player as it is the only IoT-capable protocol that brings a full IP stack to the smallest devices. As evidence of this, we can highlight the fact that even the latest ZigBee Smart Energy standard is based on ZigBee IP which itself relies on 6LoWPAN, a competitor of the initial ZigBee protocol. Efficient...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
32
32
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 32
favorite 0
comment 0
Many Bluetooth Low Energy (BLE) enabled deadbolts and padlocks have hit the market recently. These devices promise convenience and security through smartphone control. We investigated sixteen of these products from multiple vendors and discovered wireless vulnerabilities in most of them. Using a $50 antenna, we successfully picked vulnerable locks from over 400 meters away. In this presentation we introduce open source tools to crack each of the vulnerable BLE locks. Furthermore, after...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
54
54
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 54
favorite 0
comment 0
In this presentation we are going to explain and demonstrate step by step in a real attack scenario how a remote attacker could elevate privileges in order to take control remotely in a production seismological network located at 183mts under the sea. We found several seismographs in production connected to the public internet providing graphs and data to anyone who connects to the embed web server running at port 80. The seismographs provide real time data based in the perturbations from earth...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
42
42
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 42
favorite 0
comment 0
“Super Smash Bros: Melee.” - Furrowed brows, pain in your thumbs, trash talk your Mom would blush to hear. That sweet rush of power you once knew as you beat all the kids on your block will be but a distant memory as SmashBot challenges you to a duel for your pride — live on stage. SmashBot is the Artificial Intelligence I created that plays the cult classic video game Smash Bros optimally. It can’t be bargained with. It can’t be reasoned with. It doesn’t feel pity, remorse, or...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
23
23
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 23
favorite 0
comment 0
The Internet of Things is filled with vulnerabilities, would you expect the Internet of Vibrating Things to be any different? As teledildonics come into the mainstream, human sexual pleasure has become connected with the concerns of privacy and security already familiar to those who previously only wanted to turn on their lights, rather than their lover. Do you care if someone else knows if you or your lover is wearing a remote control vibrator? Do you care if the manufacturer is tracking your...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
36
36
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 36
favorite 0
comment 0
TASBot is an augmented Nintendo R.O.B. robot that can play video games without any of the button mashing limitations us humans have. By pretending to be a controller connected to a game console, TASBot triggers glitches and exploits weaknesses to execute arbitrary opcodes and rewrite games. This talk will cover how these exploits were found and will explore the idea that breaking video games using Tool-Assisted emulators can be a fun way to learn the basics of discovering security...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
135
135
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 135
favorite 0
comment 0
Direct from the mind of the guy who bought you the "I will kill you" presentation at DEF CON 23, is another mind bending, entertaining talk. This time it’s bigger and badder than before. Are you sick and tired of your government? Can’t wait another 4 years for an election? Or do you want to be like the CIA and overthrow a government overseas for profit or fun? If you answered yes to one or more of these questions than this talk is for you! Why not create your own cyber mercenary...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DEFCON, DEFCON 24, DC 24, DC24,...
23
23
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 23
favorite 0
comment 0
The number of IMSI-catchers (rogue cell towers) has been steadily increasing in use by hackers and governments around the world. Rogue cell towers, which can be as small as your home router, pose a large security risk to anyone with a phone. If in range, your phone will automatically connect to the rogue tower with no indication to you that anything has happened. At that point, your information passes through the rogue tower and can leak sensitive information about you and your device....
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
18
18
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 18
favorite 0
comment 0
Cloud service providers offer their customers the ability to deploy virtual machines in a multi-tenant environment. These virtual machines are typically connected to the physical network via a virtualized network configuration. This could be as simple as a bridged interface to each virtual machine or as complicated as a virtual switch providing more robust networking features such as VLANs, QoS, and monitoring. At DEF CON 23, we presented how attacks known to be successful on physical switches...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
23
23
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 23
favorite 0
comment 0
We are releasing a new tool for discovering bluetooth devices and automatically probing them for information. Effectively we have created a new tool with an airodump-ng like display for nearby bluetooth and bluetooth low energy devices. We will discuss the challenges with finding bluetooth devices, as well as how we have overcome them using both standard bluetooth adapters and optionally ubertooth hardware. If you have ever wondered why no one released an effective tool to see all the bluetooth...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, dc24, dc-24, computer...
22
22
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 22
favorite 0
comment 0
Through cooperation between browser vendors and standards bodies in the recent past, numerous standards have been created to enforce stronger client-side control for web applications. As web appsec practitioners continue to shift from mitigating vulnerabilities to implementing proactive controls, each new standard adds another layer of defense for attack patterns previously accepted as risks. With the most basic controls complete, attention is shifting toward mitigating more complex threats. As...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
43
43
Oct 3, 2017
10/17
Oct 3, 2017
by
DEFCONConference
movies
eye 43
favorite 0
comment 0
Secure Channel (Schannel) is Microsoft's standard SSL/TLS Library underpinning services like RDP, Outlook, Internet Explorer, Windows Update, SQL Server, LDAPS, Skype and many third party applications. Schannel has been the subject of scrutiny in the past several years from an external perspective due to reported vulnerabilities, including a RCE. What about the internals? How does Schannel guard its secrets? This talk looks at how Schannel leverages Microsoft's CryptoAPI-NG (CNG) to cache the...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
13
13
Aug 14, 2017
08/17
Aug 14, 2017
by
DEFCONConference
movies
eye 13
favorite 0
comment 0
Almost everyone is aware about the Technical Support SCAM calls. “Hi, your PC is infected”” is a known phrase – but sometimes they are calling the wrong person who decides to make fun of the caller.” BIO: Mattias is working for WSP | PB in a global role and also a freelance security professional. He is a Certified Ethical Hacker and always working on increasing his Social-Engineering skills. 34 years old and spent most of his time, booth professional and private, ín the IT field. He...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, Social...
20
20
Aug 14, 2017
08/17
Aug 14, 2017
by
DEFCONConference
movies
eye 20
favorite 0
comment 0
Description: You are being manipulated. There is constant pressure coming from companies, people, and attackers. Millions are spent researching and studying your weaknesses. The attack vectors are subtle. Most times we don’t realize that manipulation has occurred until it is too late. Fear not, we can harden our defenses. We can put safeguards in place to help avoid being the victim. For me, the answer came from an unlikely source: my daughter. Small children are fantastic. Society has not...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DC-24, DC24, DEFCON, social...
21
21
Aug 14, 2017
08/17
Aug 14, 2017
by
DEFCONConference
movies
eye 21
favorite 0
comment 0
There are nonverbal movements and actions, that if you master, can make your target more compliant, easier to influence and even happier to comply with your wishes. BIO: Chris is the sole defender of those who do not want to hear Hornsby. His passion for SE is only match by his passion for the NoHornsby movement. Source: https://www.youtube.com/watch?v=VFnCRVWBISY Uploader: DEFCONConference Upload date: 2017-01-04
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DEFCON, DC24, DC-24, Social...
39
39
Aug 14, 2017
08/17
Aug 14, 2017
by
DEFCONConference
movies
eye 39
favorite 0
comment 0
We’ve all seen the Wizard of Oz in some form regardless if it was the old classic or the recreations or story books as children. Oscar Diggs or also known as Oz the Great and Terrible was the most stunning wizard in all of Oz. His wizardry known through all of the land, except Oz was a fake and his entire wizardry an illusion. We are seeing a number of breaches come down to human interaction and the ability to create a fake Oz landscape in order to coax victims into opening a document or...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DC24, DC-24, Social...
17
17
Aug 14, 2017
08/17
Aug 14, 2017
by
DEFCONConference
movies
eye 17
favorite 0
comment 0
US Army Interrogation techniques and training is the Irish Twin of Social Engineering. Objectives for both Match, obtain information from a source or target. Techniques for both match: Lying and Deception at the Source or Target Sincere and Convincing to the Source or Target Building Rapport and Confidence with the Source or Target The speaker will establish the synergy between both practices and provide insight into how to utilize this information in Social Engineering pentesting and defense...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, Hacking, Hacker Conference, Computer...
