[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FD] New Speakers at PHDays IV: How to Hack Gmail and WordPress and Spy through TV

To: "fulldisclosure@xxxxxxxxxxxx" <fulldisclosure@xxxxxxxxxxxx>
Subject: [FD] New Speakers at PHDays IV: How to Hack Gmail and WordPress and Spy through TV
From: Alexander Lashkov <ALashkov@xxxxxxxxxxxxxx>
Date: Fri, 28 Mar 2014 09:10:58 +0000
Hacking emails of authoritative users is usually accompanied by debates about 
the identity of such email correspondence that became available on the 
Internet. Until now, we thought that a correct DKIM signature indicates at the 
author of the correspondence containing this signature. But can we trust this 
authentication mechanism? Vulnerabilities in Google, Yandex and Mail.Ru will be 
discussed at the international information security forum Positive Hack Days 
IV, which will be held on May 21 and 22 in Moscow.

Secure protocols are used insecurely

The number of Google, Yandex and Mail.Ru users approaches one billion; hundreds 
of experts from all over the world are involved in security analysis of these 
services. However, no one is secured against vulnerabilities. Vladimir Dubrovin 
(3APA3A), the founder of Securityvulns.com and developer of the 3proxy server, 
one of the most outstanding representatives of the Russian old school, will 
speak on the misuse of both well-known (SSL/TLS and Onion Routing) and recent 
protocols insuring privacy, integrity and data encryption. Vladimir will also 
present new attack vectors aimed at accessing data that are processed by 
various services, including email.

A smart spy in your house

At the beginning TV were just supposed to be TV. They were used to make 
people's life happier. Nowadays, TV are fully-featured PC, having a proper OS, 
camera, microphone, web browser, and applications. They still make people 
happy. Especially the malicious ones.

Donato Ferrante and Luigi Auriemma , the founders of ReVuln, known for 
discovering vulnerabilities in SCADA and multiplayer games, will speak on the 
current status of Smart TV, exploring their attack surface, detailing possible 
areas of interest, and demonstrating some issues the speakers found while 
assessing the security of Smart TV from different vendors.

ARM exploitation

Participants of Aseem Jakhar's workshop will take their laptops and plunge into 
security issues of ARM. Aseem Jakhar is a researcher at Payatu Technologies and 
one of the founders of Nullcon. He will consider low-level programming starting 
right from the ARM assembly, shellcoding, buffer overflows, reverse engineering 
to сode injection.

The workshop has a lot of hands-on to get the participants comfortable with ARM 
assembly and understand the issues involved in exploitation of ARM-based Linux 
systems. To make the workshop more interesting, it uses Android as the platform 
for learning ARM exploitation and hence it covers Android OS specific 
developing and security concepts.

How to bug a conversation held on the other side of the planet

Lately, phone communications records can be found in the Internet and even be 
heard on TV. It is obvious that such records were obtained without the 
knowledge of the subscribers. Many of us received weird text messages and, 
after that, long bills for mobile services.

Sergey Puzankov, an expert at Positive Technologies specializing in mobile 
networks safety, will consider the possibilities of an intruder who has access 
to SS7. The author will speak about algorithms of attacks aimed at: disclosure 
of subscriber’s sensitive data and his or her location, changing dialing 
numbers of enabled services, call redirection, unauthorized intrusion into 
communication channel. Attacks are performed using recorded signaling messages. 
The research also consider proactive protection against such attacks and 
methods of investigating incidents related to vulnerabilities in a signaling 
network.

Moloch the investigator

Thousands of years ago, people made human sacrifice to Moloch, an ancient god. 
The report about Moloch as a highly scalable and open source full packet 
capture system does not contain such bloodthirsty elements (intruders might 
think otherwise). The system can capture from the wire live for use as a 
network forensics tool to investigate compromises. It also serves as a great 
way for searching and interacting with large PCAP repositories for research 
(malware traffic, exploit/scanning traffic) Its web API also makes it extremely 
easy to integrate with existing SEIM’s or other alerting tools/consoles to help 
speed up analysis.

Andy Wick and Eoin Miller are members of AOL’s Computer Emergency Response 
Team. The hands/on lab will be focused on how AOL uses Moloch combined with IDS 
systems (Suricata/Snort) feeding alerting into consoles/SEIM’s (Sguil/ArcSight) 
to help defend their employees, users and the Internet at large. The experts 
will also run Moloch to capture the traffic that is occurring during PHDays CTF 
and analyze all the incidents.

Industrial cybersecurity and critical infrastructure protection in Europe

The events that have taken place during the last years (from 9/11 attacks to 
WikiLeaks and the Stuxnet malware) have made the governments to include in 
their agendas the development of national cybersecurity strategies to protect 
their critical infrastructures.

Ignacio Paredes, Studies and Research Manager at the Industrial Cybersecurity 
Center in Spain, says that hundreds of thousands of industrial infrastructures 
across Europe are at stake. The report will consider the relation between 
industrial and corporate environments and its impact in key organizations for 
the survival of a country as well as current trends in the convergence between 
industrial and corporate systems, threats and countermeasures.

WordPress security

With approximately 19% of the web running on WordPress, it comes as no surprise 
that the security of this content management system has an enormous impact on a 
large number of users. Despite being open source, and reviewed by security 
researchers, WordPress is—just as any other software—prone to errors and 
vulnerabilities.

Tom Van Goethem, a PhD student at KU Leuven (Belgium), will tell PHDays IV 
participants how the unexpected behavior of MySQL led to the discovery of a PHP 
Object Injection vulnerability in the WordPress core. The author will also 
demonstrate how this vulnerability can be exploited.

If you want to present your report 
(http://www.phdays.com/program/call_for_papers/) at the international 
information security forum, you must hurry up, because you can submit your 
application till March 31. Anyways, there are other ways to join PHDays IV (see 
here http://www.phdays.com/how_to_join/).

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Prev by Date: Re: [FD] Adventure with Stack Smashing Protector (SSP)
Next by Date: [FD] OT Crazy SAT encoding of md4 preimage
Previous by thread: [FD] Angie's List Auth Bypass
Next by thread: [FD] OT Crazy SAT encoding of md4 preimage
Index(es):
- Date
- Thread