Skip to main content

More right-solid
More right-solid
More right-solid
SHOW DETAILS
eye
Title
Date Archived
Creator
DEFCON 24
movies
eye 44
favorite 0
comment 0
Following recent security issues discovered in Android, Google made a number of changes to tighten security across its fragmented landscape. However, Google is not alone in the struggle to keep Android safe. Qualcomm, a supplier of 80% of the chipsets in the Android ecosystem, has almost as much effect on Android’s security as Google. With this in mind, we decided to examine Qualcomm’s code in Android devices. During our research, we found multiple privilege escalation vulnerabilities in...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DC24, DC-24, defcon security conference,...
DEFCON 25
movies
eye 9
favorite 0
comment 0
Closing Ceremonies Source: https://www.youtube.com/watch?v=Ly7uurZ2d9A Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
Google products have a good reputation and are synonymous with reasonably high and reliable levels of security. However, in this talk, Fabian and Gonzalo will focus to show a case of how Google Earth will be the vector attack to make an antimalware evasion by a technique of malware injection into memory, and evading the Google Earth sandbox. Three scopes will be covered during the conference: - Google Session Hijacking - Remote Code Execution (Remote Shell) - Javascript malware execution...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON China, DEFCON, DEFCON China, hackers,...
Hacking and InfoSec stuff
movies
eye 2
favorite 0
comment 0
Incorporating natural elements, complex fabrication techniques, and components rarely seen by the outside world, the DEF CON 27 Badge brings our community together through Technology's Promise. Join DEF CON's original electronic badge designer Joe Grand on a behind-the-scenes journey of this year's development process and the challenges, risks, and adventures he faced along the way. Joe Grand (Kingpin) Joe Grand, also known as Kingpin, is a computer engineer, hardware hacker, DEF CON badge...
Topics: Youtube, video, Science & Technology, DEF, CON, DEFCON, DEF CON 27, DC27, DEF CON 2019, hacker,...
DEFCON 25
by DEFCONConference
movies
eye 8
favorite 0
comment 0
Welcome to DEF CON 25! Source: https://www.youtube.com/watch?v=ZCUlwHsT6QA Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 10
favorite 0
comment 0
Wind farms are becoming a leading source for renewable energy. The increased reliance on wind energy makes wind farm control systems attractive targets for attackers. This talk explains how wind farm control networks work and how they can be attacked in order to negatively influence wind farm operations (e.g., wind turbine hijacking). Specifically, implementations of the IEC 61400-25 family of communications protocols are investigated (i.e., OPC XML-DA). This research is based on an empirical...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 11
favorite 0
comment 0
How to forensic, how to fuck forensics and how to un-fuck cyber forensics. Defense: WTF is a RoP, why I care and how to detect it statically from memory. Counteract "Gargoyle" attacks. Defense: For one of DEF CON 24's more popular anti-forensics talks (see int0x80 - Anti Forensics). In memory (passive debugging) techniques that allows for covert debugging of attackers (active passive means that we will (try hard to) not use events or methods that facilities are detectable by...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 12
favorite 0
comment 0
Psychographic targeting and the so called "Weaponized AI Propaganda Machine" have been blamed for swaying public opinion in recent political campaigns. But how effective are they? Why are people so divided on certain topics? And what influences their views? This talk presents the results of five studies exploring each of these questions. The studies examined authoritarianism, threat perception, personality-targeted advertising and biases in relation to support for communication...
Topics: Youtube, video, Science & Technology, DEFCON, DEF CON, DEFCON25, DEF CON 25, DEFCON2017, hack,...
DEFCON 25
movies
eye 15
favorite 0
comment 0
Traditional techniques for C2 channels, exfiltration, surveillance, and exploitation are often frustrated by the growing sophistication and prevalence of security protections, monitoring solutions, and controls. Whilst all is definitely not lost, from an attacker's perspective - we constantly see examples of attackers creatively bypassing such protections - it is always beneficial to have more weapons in one's arsenal, particularly when coming up against heavily-defended networks and...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 10
favorite 0
comment 0
Is Net Neutrality on the up or down? Is DRM rising or falling? Is crypto being banned, or will it win, and if it does, will its major application be ransomware or revolution? Is the arc of history bending toward justice, or snapping abruptly and plummeting toward barbarism? It's complicated. A better world isn't a product, it's a process. The right question isn't, "Does the internet make us better or worse," its: "HOW DO WE MAKE AN INTERNET THAT MAKES THE WORLD BETTER?" We...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 9
favorite 0
comment 0
Do you have a collection of vulnerable programs that you have not yet been able to exploit? There may yet still be hope. This talk will show you how to look deeper (lower level). If you've ever heard experts say how x86 assembly language is just a one-to-one relationship to its machine-code, then we need to have a talk. This is that talk; gruesome detail on how an assembly instruction can have multiple valid representations in machine-code and vice versa. You can also just take my word for it,...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 7
favorite 0
comment 0
Source: https://www.youtube.com/watch?v=5FMSedKwekE Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 6
favorite 0
comment 0
There are more cloud service providers offering serverless or Function-as-a-service platforms for quickly deploying and scaling applications without the need for dedicated server instances and the overhead of system administration. This technical talk will cover the basic concepts of microservices and FaaS, and how to use them to scale time consuming offensive security testing tasks. Attacks that were previously considered impractical due to time and resource constraints can now be considered...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 31
favorite 0
comment 0
Get over it!" as Scott McNeeley said - unhelpfully. Only if we understand why it is gone and not coming back do we have a shot at rethinking what privacy means in a new context. Thieme goes deep and wide as he rethinks the place of privacy in the new social/cultural context and challenges contemporary discussions to stop using 20th century frames. Pictures don't fit those frames, including pictures of "ourselves." We have always known we were cells in a body, but we emphasized...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 37
favorite 0
comment 0
Windows Server has introduced major advances in remote management hardening in recent years through PowerShell Just Enough Administration ("JEA"). When set up correctly, hardened JEA endpoints can provide a formidable barrier for attackers: whitelisted commands, with no administrative access to the underlying operating system. In this presentation, watch as we show how to systematically destroy these hardened endpoints by exploiting insecure coding practices and administrative...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 23
movies
eye 8
favorite 0
comment 0
Recent hacks to IaaS platforms reveled that we need to master the attack vectors used: Automation and API attack vector, insecure instances and management dashboard with wide capabilities. Those attack vectors are not unique to Cloud Computing but there are magnified due to the cloud characteristics. The fact is that IaaS instance lifecycle is accelerating, nowadays we can find servers that are installed, launched, process data and terminate - all within a range of minutes. This new accelerated...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DEFCON, DC23, DC-23, hack, hacker,...
DEFCON 25
movies
eye 7
favorite 0
comment 0
Everything is impossible until it isn't. Every undertaking, defined by the hard limitations at the edges of our possible achievement. Lossless electrical conductivity, human travel beyond the sound 'barrier', running a four-minute mile...each, seen as some unassailable foe until, one-by-one, these milestones were not just approached and then attained, but very often surpassed. With time, these limits transition from the superlative, to the standard, and what once was thought of as impossible,...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 3
favorite 0
comment 0
The FTC recently conducted a challenge competition aimed at facilitating security updates to home IoT devices. We'll share what we've learned from the challenge, and we hope to announce the winner. We will also give an update on efforts the FTC has taken in the past year to help protect consumers including efforts on Smart TVs and more. Source: https://www.youtube.com/watch?v=VeiVYob-ioM Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 15
favorite 0
comment 0
The hacking continues on from last year! Three interesting applications will be demonstrated, and their underlying theory and design explained. The audience will be exposed to some novel GNU Radio tips and DSP tricks. INMARSAT Aero will be revisited to show (in Google Earth) spatial information, such as waypoints and flight plans, that are transmitted from airline ground operations to airborne flights. A good chunk of the VHF band is used for airline communications; plane spotters enjoy...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 11
favorite 0
comment 0
In this talk, we recount how we found the first SHA-1 collision. We delve into the challenges we faced from developing a meaningful payload, to scaling the computation to that massive scale, to solving unexpected cryptanalytic challenges that occurred during this endeavor. We discuss the aftermath of the release including the positive changes it brought and its unforeseen consequences. For example it was discovered that SVN is vulnerable to SHA-1 collision attacks only after the WebKit SVN...
Topics: Youtube, video, Science & Technology, DEFCON, DEF CON, DEF CON 25, DC25, DC-25, hack, hackers,...
DEFCON 25
movies
eye 6
favorite 0
comment 0
Currently, all known IoT botnets harvest zombies through telnet with hardcoded or weak credentials. Once this bubble bursts, the next step will be exploiting other, more evolved vulnerabilities that can provide control over a large number of devices. In this talk, we'll take a glimpse into that future showing our research on a RCE vulnerability that affects more than 175k devices worldwide Source: https://www.youtube.com/watch?v=UpxNkBvejf8 Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 6
favorite 0
comment 0
Keynote Source: https://www.youtube.com/watch?v=NB4fPiCc-jc Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 11
favorite 0
comment 0
Through sharing experiences learned first hand and through work on the Dangerous Minds Podcast, c00p3r will be introducing you to implantable technology, explaining the basic products that are available on the market now, from where, as well as provide a show and tell experience of what it is like to become one of the augmentives. Come to learn, and stay to laugh and become a part of this new world of cyborgs. Source: https://www.youtube.com/watch?v=VyJftVIjDNo Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 3
favorite 0
comment 0
The “Internet of Things” (IoT) is taking over our lives, so we should be constantly questioning the security and integrity of these technologies. As an IoT researcher, this is precisely what I do. During this presentation, I will be sharing details of my day-to-day research, covering the various processes and methodologies around researching (attacking) various IoT technologies that we all use every day. I will be discussing the various structures of an IoT ecosystem and showing how each...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 2
favorite 0
comment 0
Tinder. The Final Frontier. Pick gorgeous (or not so gorgeous) members of your desired sex with the tip of your finger, at the comfort of your sofa, your bed, and let’s admit it - your toilet seat. Research shows that there are 50 million active users on Tinder, who check their accounts 11 times per day and spend an average of 90 minutes per day on the app. Even celebrities, it seems… Source: https://www.youtube.com/watch?v=d5eV36wR5Ew Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 6
favorite 0
comment 0
How prepared is your incident response team for a worst case scenario? Waiting for a crisis to happen before training for a crisis is a losing approach. For things that must become muscle memory, instinctive, you must simulate the event and go through the motions. This talk is a deep-dive technical discussion on how you can build your own DFIR simulation. Best part -- almost all of this can be accomplished with open source tools and inexpensive equipment, but I'll also share tips and tricks on...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 4
favorite 0
comment 0
A massive attack against old magnetic stripe information could be executed with precision implementing new technology. In the past, a malicious individual could spoof magstripe data but in a slow and difficult way. Also brute force attacks were tedious and time-consuming. Technology like Bluetooth could be used today to make a persistent attack in multiple magnetic card readers at the same time with audio spoof. Private companies, banks, trains, subways, hotels, schools and many others services...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 4
favorite 0
comment 0
How do you prepare for Internet privacy at college? This talk will provide an overview of what the threats are and how to defend against them. Following the talk, the kids can jump right in to do the privacy hacks & privacy defenses at the workstations. Source: https://www.youtube.com/watch?v=fAo3_Jl74j4 Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 8
favorite 0
comment 0
Among ‘Internet of Things’ security research, there is one branch that no one has wanted to touch, until now: The Internet of Dongs. Internet connected sex toys in all shapes, sizes and capabilities are available on the market with many more being developed. Like many IoT devices, IoD devices suffer a great many security and privacy vulnerabilities. These issues are all the more important when you consider the private and intimate nature of these devices. To research this, the Internet of...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 15
favorite 0
comment 0
Taking a modern day look on the 20 year anniversary of Craig Rowland's article on Covert TCP, we explore current day methods of covert communications and demonstrate that we are not much better off at stopping these exploits as we were 20 years ago. With the explosion of networked devices using a plethora of new wired and wireless protocols, the covert communication exploit surface is paving new paths for covert data exfiltration and secret communications. In this session, we will explore uPnP,...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 8
favorite 0
comment 0
It's hard not to use a service now days that doesn't track your every move and keystroke if you absolutely must use these systems why not give them the most useless information possible. Along with the fact that several companies are tracking their customers online now they are taking it to physical brick and mortar stores this talk will be geared looking at the attack surface of instore tracking and attacking these systems for the purpose of overloading their systems or making the information...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 17
favorite 0
comment 0
We will go over the history of the 1990s cypherpunks and major topics discussed during that period -- including remailers, the first discussions of crypto currencies, and various forms of anonymous electronic markets. In addition, we will present a free archive of the mailing list and topics for future research. Source: https://www.youtube.com/watch?v=l0q37IJi-CQ Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 6
favorite 0
comment 0
In an era of rapidly evolving technological advances, the ethical and regulatory frameworks are always playing catch up. Biohacking may have consequences that much more serious than traditional technologies. It is critical that as a community we discuss and try and address the ethical implications of biohacking. A wide range of topics will be discussed by the panel and the audience including: What are the ethical implications of the hacker mindset, the ability to experiment outside of...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 9
favorite 0
comment 0
You've planned this engagement for weeks. Everything's mapped out. You have tested all your proxy and VPN connections. You are confident your anonymity will be protected. You fire off the first round and begin attacking your target. Suddenly something goes south. Your access to the target site is completely blocked no matter what proxy or VPN you use. Soon, your ISP contacts you reminding you of their TOS while referencing complaints from the target of your engagement. You quickly switch MAC...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 8
favorite 0
comment 0
In October of 2016, a teenage hacker triggered DTDoS attacks against 9-1-1 centers across the United States with five lines of code and a tweet. This talk provides an in-depth look at the attack, and reviews and critiques the latest academic works on TDoS attacks directed at 9-1-1 systems. It then discusses potential mitigation strategies for legacy TDM and future all-IP access networks, as well as disaggregated "over-the-top" originating services and the devices on which both the...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 8
favorite 0
comment 0
Last year, DARPA hosted the Cyber Grand Challenge, the culmination of humanity's research into autonomous detection, exploitation, and mitigation of software vulnerabilities. Imagine the CGC from the outside: huge racks of servers battling it out on stage, throwing exploit after exploit at each other while humans watch helplessly from the sidelines. But that vantage point misses the program analysis methods used, the subtle trade-offs made, and the actual capabilities of these systems. It also...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 23
movies
eye 9
favorite 0
comment 0
Do you know how many Bluetooth-enabled devices are currently present in the world? With the beginning of the IoT (Internet of Things) and Smart Bluetooth (Low energy) we find in our hands almost a zillion of them. Are they secure? What if I tell you I can unlock your Smartphone? What if I tell you I'm able to open the new shiny SmartLock you are using to secure your house's door? In this talk we will explain briefly how the Bluetooth (BDR/EDR/LE) protocols work, focusing on security aspects. We...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DEFCON, DC23, DC 23, DC-23, hack,...
DEFCON 25
movies
eye 8
favorite 0
comment 0
Disclosing vulnerabilities to a vendor, especially one that doesn't seem to prioritize security the same way we do, can be a source of pain. We may even find ourselves viewing the product vendor as an enemy during this process. But we are faced with a future in which people will interact with connected devices whether they intend to do so or not. Imagine worrying about the security of a connected "smart" showerhead in your hotel room. Silly, isn’t it? Yet such devices will be...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 11
favorite 0
comment 0
Imagine that you're accused of a crime, and the basis of the accusation is a log entry generated by a piece of custom software. You might have some questions: does the software work? how accurate is it? how did it get the results that it did? Unfortunately, the software isn't available to the public. And you can't get access to the source code or even a working instance of the software. All you get are assurances that the software is in use by investigators around the globe, and doesn't do...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
by DEFCONConference
movies
eye 20
favorite 0
comment 0
What do the Dallas tornado siren attack, hacked electric skateboards, and insecure smart door locks have in common? Vulnerable wireless protocols. Exploitation of wireless devices is growing increasingly common, thanks to the proliferation of radio frequency protocols driven by mobile and IoT. While non-Wi-Fi and non-Bluetooth RF protocols remain a mystery to many security practitioners, exploiting them is easier than one might think. Join us as we walk through the fundamentals of radio...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 42
favorite 0
comment 0
On April 16 2016, an army of bots stormed upon Wix servers, creating new accounts and publishing shady websites in mass. The attack was carried by a malicious Chrome extension, installed on tens of thousands of devices, sending HTTP requests simultaneously. This "Extension Bot" has used Wix websites platform and Facebook messaging service, to distribute itself among users. Two months later, same attackers strike again. This time they used infectious notifications, popping up on...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
Hacking and InfoSec stuff
by DEFCONConference
movies
eye 10
favorite 0
comment 0
This topic describes some ways for inducing victims to log into an attacker's account on the Internet, which can result in some vulnerabilities and attack scenarios.Meanwhile, this topic will also mention how to fix it.This kind of security risk is often overlooked, while it can provide important help for some use of vulnerabilities, even combining some of the low-risk vulnerabilities or features of CSRF, selfxss, OAuth, and SSO, etc. to steal login credentials, bind third-party backdoors...
Topics: Youtube, video, Science & Technology, DEF, CON, def con, DEF CON China, defcon, hacker,...
DEFCON 25
movies
eye 14
favorite 0
comment 0
The Car Hacking Village is a group of Professional and Hobbyist car hackers who work together to provide hands-on, interactive car hacking learning, talks, hardware, and interactive contests. Source: https://www.youtube.com/watch?v=-aJUUdKRy_k Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 23
movies
eye 5
favorite 0
comment 0
In a world full of targeted attacks and complex exploits this talk explores an attack that can simplified so even the most non-technical person can understand, yet the potential impact is massive: Ever wonder what would happen if one of the millions of bits in memory flipped value from a 0 to a 1 or vice versa? This talk will explore abusing that specific memory error, called a bit flip, via DNS. The talk will cover the various hurdles involved in exploiting these errors, as well as the costs...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DC23, DC-23, DC 23, hack, hacking,...
DEFCON 25
movies
eye 11
favorite 0
comment 0
Biotech companies have historically been started by professors from prestigious institutions with millions of dollars of investment funding. Today, with the lowering cost of research and increasing amount of resources driven by Moore's law, robotics, software and efficiencies in bioproduction, anyone with an insight can start a biotech company for a fraction of the cost, be they PhD or biohacker. At IndieBio, the world's largest biotech accelerator started just under 3 years ago, we've funded...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 8
favorite 0
comment 0
Since the release of Windows 10 and especially in the Anniversary and Creators Updates, Microsoft has continued to introduce exploit mitigations to the Windows kernel. These include full scale KASLR and blocking kernel pointer leaks. This presentation picks up the mantle and reviews the powerful read and write kernel primitives that can still be leveraged despite the most recent hardening mitigations. The presented techniques include abusing the kernel-mode Window and Bitmap objects, which...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 8
favorite 0
comment 0
2016 was the year of Java deserialization apocalypse. Although Java Deserialization attacks were known for years, the publication of the Apache Commons Collection Remote Code Execution (RCE from now on) gadget finally brought this forgotten vulnerability to the spotlight and motivated the community to start finding and fixing these issues. One of the most suggested solutions for avoiding Java deserialization issues was to move away from Java Deserialization altogether and use safer formats such...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 12
favorite 0
comment 0
Whether you do wide scope pentesting or bounty hunting, domain discovery is the 1st method of expanding your scope. Join Jason as he walks you through his tool chain for discovery including; subdomain scraping, bruteforce, ASN discovery, permutation scanning, automation, and more… Source: https://www.youtube.com/watch?v=NUsJpquFq0Q Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 35
favorite 0
comment 0
Privacy is fairly cut and dry when it’s US verses THEM, but what if it’s ME verses YOU within US? What are YOUR Privacy Rights, in the context of OUR relationship? Am I your non-trusting girlfriend? Am I your controlling boyfriend? Am I your snooping wife? Am I your abusive husband? How do YOU protect your privacy from ME? I will be providing tips, techniques, and resources to enable someone (anyone – even YOU) to protect their Privacy in a relationship, perhaps even one with ME....
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 11
favorite 0
comment 0
On March 17th, Cisco Systems Inc. made a public announcement that over 300 of the switches it manufactures are prone to a critical vulnerability that allows a potential attacker to take full control of the network equipment. This damaging public announcement was preceded by Wikileaks' publication of documents codenamed as "Vault 7" which contained information on vulnerabilities and description of tools needed to access phones, network equipment and even IOT devices. Cisco Systems Inc....
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 20
favorite 0
comment 0
Building rapport is essential in life, and critical in Social Engineering. A lesson learned while tending bar on the Las Vegas Strip taught me something that everyone has in common: Everybody is from somewhere. Find out how to use this idea on engagements and in everyday life. Source: https://www.youtube.com/watch?v=e_TQTDrRyWI Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 13
favorite 0
comment 0
Andrew 'r0d3nt' Strutt as an amateur radio operator, has hosted the only DEFCON POCSAG Pager Network, with single cell ranges of over 50 miles. This presentation will detail the legalities, hardware and software requirements to host the infrastructure and foxhunt contest. This will be the 5th year hosting the pager network. Source: https://www.youtube.com/watch?v=TeJptg1vKY8 Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 10
favorite 0
comment 0
When I started my path down becoming a professional social engineer my vision was something like a modern day version of Sneakers. Instead I was taken down a road that crossed paths with human traffickers, child pornography and the darkest filth on the planet. Out of that darkness I have had the chance to do some truly remarkable things that it is time to share….. Source: https://www.youtube.com/watch?v=PNuPkpLuaws Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 23
movies
eye 10
favorite 0
comment 0
The HDMI (High Definition Multimedia Interface) standard has gained extensive market penetration. Nearly every piece of modern home theater equipment has HDMI support and most modern mobile devices actually have HDMI-capable outputs, though it may not be obvious. Lurking inside most modern HDMI-compatible devices is something called HDMI-CEC, or Consumer Electronics Control. This is the functionality that allows a media device to, for example, turn on your TV and change the TV’s input. That...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 23, DC23, Hack, Hacker, Hacking,...
DEFCON 25
movies
eye 16
favorite 0
comment 0
802.11ac networks present a significant challenge for scalable packet sniffing and analysis. With projected speeds in the Gigabit range, USB Wi-Fi card based solutions are now obsolete! In this workshop, we will look at how to build a custom monitoring solution for 802.11ac using off the shelf access points and open source software. Our "Hacker Gadget" will address 802.11ac monitoring challenges such as channel bonding, DFS channels, spatial streams and high throughput data rates. We...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 3,213
favorite 0
comment 0
In theme with this year's DEF CON this presentation goes through a 20 year history of exploiting massively multiplayer online role-playing games (MMORPGs). The presentation technically analyzes some of the virtual economy-devastating, low-hanging-fruit exploits that are common in nearly every MMORPG released to date. The presenter, Manfred (@_EBFE), goes over his adventures in hacking online games starting with 1997's Ultima Online and subsequent games such as Dark Age of Camelot, Anarchy...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 20
favorite 0
comment 0
At Cloudflare we deal with DDoS attacks every day. Over the years, we've gained a lot of experience in defending from all different kinds of threats. We have found that the largest attacks that cause the internet infrastructure to burn are only possible due to IP spoofing. In this talk we'll discuss what we learned about the L3 (Layer 3 OSI stack) IP spoofing. We'll explain why L3 attacks are even possible in today's internet and what direct and reflected L3 attacks look like. We'll describe...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 23
by DEFCONConference
movies
eye 66
favorite 1
comment 0
When the latest and greatest vulnerability is announced, the media and PR frenzy can be dizzying. However, when the dust settles, how do we actually measure the risk represented by a given vulnerability. When pen testers find holes in an organization, is it really “ZOMG, you’re SO 0WNED!” or is it something more manageable and controlled? When you’re attempting to convince the boss of the necessity of the latest security technology, how do really rank the importance of the technology...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DC 23, DEFCON, DC-23, hack, hacker,...
DEFCON 25
movies
eye 7
favorite 0
comment 0
Meow will be presenting on the capabilities for biological weapons that are currently able to be produced in home or community bio labs. He will explore the role that emerging technologies play in drastically reducing the technological and cost barriers to creating these constructs, and suggest ways that legislation and regulation may be employed to ensure maximum freedoms and innovation coupled with effective monitoring. Make sure to get your vaccinations before attending please. Source:...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 12
favorite 0
comment 0
Attention Red Teamers, Penetration Testers, and Offensive Security Operators, isn't the overhead of fighting attribution, spinning up infrastructure, and having to constantly re-write malware an absolute pain and timesink!?! It was for us too, so we're fixing that for good (well, maybe for evil). Join us for the public unveiling and open source release of our latest project, MEATPISTOL, a modular malware framework for implant creation, infrastructure automation, and shell interaction. This...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 10
favorite 0
comment 0
Over the next ten years, blockchain and distributed ledger technologies will fundamentally change the delivery of care around the globe. The blockchain provides a technical framework where trust is moved from central controlling intermediaries to the open source protocol, freeing data and assets from the control of traditional corporate interests. The great hope is that this evolution will result in the empowerment of consumers, communities, and markets centered on sustainable wellness and...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 9
favorite 0
comment 0
Portia: it's a new tool we have written at SpiderLabs to aid in internal penetration testing test engagements. The tool allows you to supply a username and password that you have captured and cracked from Responder or other sources as well as an IP ranges, subnet or list of IP addresses. The tool finds its way around the network and attempts to gain access into the hosts, finds and dumps the passwords/hashes, reuses them to compromise other hosts in the network. In short, the tool helps with...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 23
movies
eye 2
favorite 0
comment 0
Exploring the phone system was once the new and exciting realm of “phone phreaks,” an ancestor of today’s computer “hackers.” The first phreaks “owned” and explored the vague mysteries of the telephone network for a time until their activities drew too much attention from the phone companies and law enforcement. The phone system evolved, somewhat, in an attempt to shut them out, and phreaking became both difficult and legally dangerous. Such events paralleled a new personal...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 23, DC23, DC-23, DC 23, hack,...
DEFCON 25
movies
eye 4
favorite 0
comment 0
Source: https://www.youtube.com/watch?v=k0mRkhbptiA Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 8
favorite 1
comment 0
In this presentation I start off asking the question "How come there are only a handful of BSD security kernel bugs advisories released every year?" and then proceed to try and look at some data from several sources. It should come as no surprise that those sources are fairly limited and somewhat outdated. The presentation then moves on to try and collect some data ourselves. This is done by actively investigating and auditing. Code review, fuzzing, runtime testing on all 3 major BSD...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 14
favorite 0
comment 0
One vulnerability in CSFB (Circuit Switched Fallback) in 4G LTE network will be presented. In the CSFB procedure, we found the authentication step is missing. This results in that an attacker can hijack the victim's communication. We named this attack as 'Ghost Telephonist'. Several exploitations can be made based on this vulnerability. When the call or SMS is not encrypted, or weakly encrypted, the attacker can impersonate the victim to receive the "Mobile Terminated" calls and...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 12
favorite 0
comment 0
Enabling better communications between geeks and management. As humans, we have had 60,000 years to perfect communication, but those of us working in IT, regardless of which side (Blue or Red Team), still struggle with this challenge. We have done our best over the centuries to yell "FIRE!" in a manner befitting our surroundings, yet today we seem utterly incapable of providing that very basic communication capability inside organizations. This talk will endeavor to explain HOW we can...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 24
movies
eye 18
favorite 0
comment 0
After the Rise of the Machines they'll need to communicate. And we'll need to listen in. The problem is that proprietary protocols are hard to break. If Wireshark barfs then we're done. Or can we listen in, break their Robot Overlord messages and spill it all to the meat-space rebels? Attend this talk to learn techniques for taking network data, identifying unknown protocols, and breaking them down to something you can exploit. Rebels unite! Bios: Tim Estell, a hacker since learning how to mod...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 24, DEFCON 24, hack, hackers,...
DEFCON 23
movies
eye 4
favorite 0
comment 0
At the end of 2013, an international export control regime known as the Wassenaar Arrangement was updated to include controls on technology related to “Intrusion Software" and “IP Network Surveillance Systems." Earlier this year, the US Government announced a draft interpretation of these new controls, which has kicked off a firestorm of controversy within the information security community. Questions abound regarding what the exact scope of the proposed rules is, and what impact...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DEFCON, DC 23, DC-23, DC23, hack,...
DEFCON 25
movies
eye 4
favorite 0
comment 0
The late 80's and early 90's played a pivotal role in the forming of the Israeli tech scene as we know it today, producing companies like Checkpoint, Waze, Wix, Mobileye, Viber and billions of dollars in fundraising and exits. The people who would later build that industry were in anywhere from elementary school to high school, and their paths included some of the best hacking stories of the time (certainly in the eyes of the locals). The combination of extremely expensive Internet and...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 23
movies
eye 4
favorite 0
comment 0
For 22 years, the best binary ninjas in the world have gathered at DEF CON to play the world’s most competitive Capture-the-Flag. At DEF CON 24, DARPA will challenge machines to play this game for the first time, with the winner taking home a $2 million prize. This talk will include a first public look at the machines, teams, technology, and visualization behind Cyber Grand Challenge. The technology: machines that discover bugs and build patches? We’re bringing our qualifier results to show...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DC23, DC-23, DEFCON, hack, hacker,...
DEFCON 25
movies
eye 10
favorite 0
comment 0
GoTenna is a wireless communication tool, popular for providing encrypted "off-the-grid" communications on unlicensed MURS channels. Using SDR, GNU Radio, and scapy we developed a tool to capture packets from all the channels, simultaneously. This allowed us to characterize device behavior, study the packet protocol, and passively monitor communications. In this talk, we will explain or methodologies, demonstrate our tools live, and show how to preform link analysis: who is talking...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 24
movies
eye 8
favorite 0
comment 0
Description: You are being manipulated. There is constant pressure coming from companies, people, and attackers. Millions are spent researching and studying your weaknesses. The attack vectors are subtle. Most times we don’t realize that manipulation has occurred until it is too late. Fear not, we can harden our defenses. We can put safeguards in place to help avoid being the victim. For me, the answer came from an unlikely source: my daughter. Small children are fantastic. Society has not...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 24, DC-24, DC24, DEFCON, social...
DEFCON 25
movies
eye 5
favorite 0
comment 0
Credentials have always served as a favorite target for advanced attackers, since these allow to efficiently traverse a network, without using any exploits. Moreover, compromising the network might not be sufficient, as attackers strive to obtain persistency, which requires the use of advanced techniques to evade the security mechanisms installed along the way. One of the challenges adversaries must face is: How to create threats that will continuously evade security mechanisms, and even if...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 23
movies
eye 7
favorite 0
comment 0
Shims offer a powerful rootkit-like framework that is natively implemented in most all modern Windows Operating Systems. This talk will focus on the wide array of post-exploitation options that a novice attacker could utilize to subvert the integrity of virtually any Windows application. I will demonstrate how Shim Database Files (sdb files / shims) are simple to create, easy to install, flexible, and stealthy. I will also show that there are other far more advanced applications such as...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DEFCON, DC23, DC-23, hack, hacker,...
DEFCON 25
movies
eye 16
favorite 0
comment 0
Koadic C3, or COM Command & Control, is a Windows post-exploitation tool similar to other penetration testing rootkits such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using the Windows Script Host (a.k.a. JScript/VBScript), with compatibility in the core to support a default installation of Windows 2000 with no service packs (and potentially even versions of NT4) all the way through Windows 10. An in-depth view of default COM...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 30
favorite 0
comment 0
Millions of people around the world use Tor every day to protect themselves from surveillance and censorship. While most people use Tor to reach ordinary websites more safely, a tiny fraction of Tor traffic makes up what overhyped journalists like to call the "dark web". Tor onion services (formerly known as Tor hidden services) let people run Internet services such as websites in a way where both the service and the people reaching it can get stronger security and privacy. I wrote...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 23
movies
eye 29
favorite 0
comment 0
Recently there have been several highly publicized talks about satellite hacking. However, most only touch on the theoretical rather than demonstrate actual vulnerabilities and real world attack scenarios. This talk will demystify some of the technologies behind satellite communications and do what no one has done before - take the audience step-by-step from reverse engineering to exploitation of the GlobalStar simplex satcom protocol and demonstrate a full blown signals intelligence collection...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DC23, DC 23, DC-23, DEFCON, hack,...
DEFCON 23
movies
eye 32
favorite 0
comment 0
Whether we want it to be or not, the Internet of Things is upon us. Network interfaces are the racing stripes of today's consumer device market. And if you put a network interface on a device, you have to make it do something right? That's where a Simple Object Access Protocol (SOAP) service comes in. SOAP services are designed with ease-of-access in mind, many times at the expense of security. Ludicrous amounts of control over device functionality, just about every category of vulnerability...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DC23, DC-23, DEFCON, hack, hackers,...
DEFCON 25
movies
eye 10
favorite 0
comment 0
Source: https://www.youtube.com/watch?v=gCMEi7gTh0A Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 23
movies
eye 25
favorite 0
comment 0
Ubiquity or "Everything, Everywhere” - Apple uses this term describe iCloud related items and its availability across all devices. iCloud enables us to have our data synced with every Mac, iPhone, iPad, PC as well as accessible with your handy web browser. You can access your email, documents, contacts, browsing history, notes, keychains, photos, and more all with just a click of the mouse or a tap of the finger - on any device, all synced within seconds. Much of this data gets cached on...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DC23, DC-23, hack, hacker, hacking,...
DEFCON 23
movies
eye 61
favorite 0
comment 0
Build a free cellular traffic capture tool with a vxworks based femoto Yuwei Zheng Senior security researcher, Qihoo 360 Technology Co. Ltd. Haoqi Shan Wireless/hardware security researcher, Qihoo 360 Technology Co. Ltd. In recent years, more and more products, are integrated with cellular modem, such as cars of BMW, Tesla, wearable devices, remote meters, i.e. Internet of things. Through this way, manufactories can offer remote service and develop a lot of attractive functions to make their...
Topics: Youtube, video, Science & Technology, DEF CON, DEF CON 23, DC23, DC-23, hack, hacker, Hacking,...
DEFCON 25
movies
eye 14
favorite 0
comment 0
Ethereum is gaining a significant popularity in the blockchain community, mainly due to fact that it is design in a way that enables developers to write decentralized applications (Dapps) and smart-contract using blockchain technology. Ethereum blockchain is a consensus-based globally executed virtual machine, also referred as Ethereum Virtual Machine (EVM) by implemented its own micro-kernel supporting a handful number of instructions, its own stack, memory and storage. This enables the...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 23
movies
eye 16
favorite 0
comment 0
The Harness toolset aims to give penetration testers and red teams the ability to pull a remote powershell interface with all the same features of the native Powershell CLI and more. Several tools and utilities have been released to solve the powershell weaponization problem, but no freely available tool give operators the full capabilities of powershell through a remote interface. We’ll start the talk with a quick survey of the previous methods of weaponizing powershell, and then move into...
Topics: Youtube, video, Science & Technology, DEF CON, DEFCON, DEF CON 23, DC23, DC-23, hack, hacker,...
DEFCON 25
movies
eye 4
favorite 0
comment 0
With 313 million active users and approximately 500 million Tweets sent per day, Twitter has plenty of low-hanging fruit ripe for OSINT picking. Learn from an experienced information professional how to craft advanced searches to retrieve data from this popular social media platform. Understand the search commands that Twitter uses, tips and techniques for extracting data, examine some of the lesser-known features of Twitter, and get a glimpse of some of the resources that work in conjunction...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 12
favorite 0
comment 0
What is cognitive memory? How can you “implant” a password into it? Is this truly secure? Curiosity around these questions prompted exploration of the research and concepts surrounding the idea of making the authentication process more secure by implanting passwords into an individual’s memory. The result? The idea is that you are not able to reveal your credentials under duress but you are still able to authenticate to a system. This talk will cover the stages of memory pertaining to...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 7
favorite 0
comment 0
Precise location data can reveal the most sensitive details of a person's life. But, in an emergency, its the most important part of saving that life. This talk will detail how 9-1-1 systems acquire, use, and store sensitive location data today, and how that process will change as we transition to an all-IP Next Generation 9-1-1 world. Source: https://www.youtube.com/watch?v=foeFGczCun8 Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 2
favorite 0
comment 0
Phone systems have been long forgotten in favor of more modern technology. The phreakers of the past left us a wealth of information, however while moving forward the environments as a whole have become more complex. As a result they are often forgotten, side tracked or neglected to be thoroughly tested. We’ll cover the VoIP landscape, how to test the various components while focussing on PBX and IVR testing. The security issues that may be encountered are mapped to the relative OWASP...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 6
favorite 0
comment 0
You are on the inside of the perimeter. And maybe you want to exfiltrate data, download a tool, or execute commands on your command and control server (C2). Problem is - the first leg of connectivity to your C2 is denied. Your DNS and ICMP traffic is being monitored. Access to your cloud drives is restricted. You've implemented domain fronting for your C2 only to discover it is ranked low by the content proxy, which is only allowing access to a handful of business related websites on the...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 14
favorite 0
comment 0
Much of next-gen AV relies on machine learning to generalize to never-before-seen malware. Less well appreciated, however, is that machine learning can be susceptible to attack by, ironically, other machine learning models. In this talk, we demonstrate an AI agent trained through reinforcement learning to modify malware to evade machine learning malware detection. Reinforcement learning has produced game-changing AI's that top human level performance in the game of Go and a myriad of hacked...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 15
favorite 0
comment 0
operating system (and set of application programs) built on the digital molecules DNA and RNA. The genome has thousands of publicly documented, unpatchable security vulnerabilities, previously called "genetic diseases." Because emerging DNA/RNA technologies, including CRISPR-Cas9 and especially those arising from the Cancer Moonshot program, will create straightforward methods to digitally reprogram the genome in free-living humans, malicious exploitation of genomic vulnerabilities...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 16
favorite 0
comment 0
Why can't microscopes diagnose disease? What if they could? For the past four years our team from NYU Tandon School of Engineering has been building an IoT system capable of turning a standard microscope into a digital imaging tool. And the goal is to connect every laboratory in the world into a global network. We call our device the Auto Diagnostic Assistant, or ADA, in honor of Ada Lovelace, who likely died from undiagnosed cervical cancer. We think the biohacking village will enjoy learning...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 4
favorite 0
comment 0
Back in 2016, it was very new the way how the Facebook mobile application implements content through ““Instant articles””. A user can view content from third parties directly in the Facebook platform without requiring to open the Browser, for instance. This content can also be shared, saved, opened in browser and so on. In this talk, we will share how this Instant articles, and the way the were shared, lead us to the possibility to access Facebook accounts and how through internet...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 11
favorite 0
comment 0
This presentation will walk audience through and explain recently developed Kismet features that greatly benefit multiple radio cards setup. Support for multiple devices allows smarter splitting across them, including separate discovery and tracking activities, as well as dedicating certain radios to targeted bands and channels ranges. Coming Kismet release (currently under development, slated to be released shortly) has new and very flexible configuration options targeting utilization of...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 6
favorite 0
comment 0
What is cognitive memory? How can you "implant" a password into it? Is this truly secure? Curiosity around these questions prompted exploration of the research and concepts surrounding the idea of making the authentication process more secure by implanting passwords into an individual's memory. The result? The idea is that you are not able to reveal your credentials under duress but you are still able to authenticate to a system. We will begin with an understanding of cognitive...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 7
favorite 0
comment 0
The Infusion Pumps Market is expected to be worth $10.84 Billion USD by 2021 per "Market and Markets" forecast. The Infusion Pump is a costly and sensitive medical device used to deliver fluids, medications, blood and blood products to adult, pediatric or neonatal patients in a manual or automated way, yes, automated way, any malfunction either intended or unexpected could severely harm humans. We did the investment and bought an IV Pump Unit and IV Pump module made by Bectron since...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 11
favorite 1
comment 0
Source: https://www.youtube.com/watch?v=c5Sen9CBCu0 Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 4
favorite 0
comment 0
One software product that red teamers will almost certainly find on any compromised workstation is Microsoft Office. This talk will discuss the ways that native functionality within Office can be abused to obtain persistence. The following opportunities for Office-based persistence will be discussed: (1) WLL and XLL add-ins for Word and Excel - a legacy add-in that allows arbitrary DLL loading. (2) VBA add-ins for Excel and PowerPoint - an alternative to backdoored template files, which...
Topics: Youtube, video, Science & Technology, DEF CON 2017, DEF CON 25, DEF CON, DC25, hackers,...
DEFCON 25
movies
eye 8
favorite 0
comment 0
Is hacking in your blood? Do you see projects where others simply see problems? If something is "broken," do you try to fix it yourself before you ask for help or consider throwing it away? That's awesome, but, there are hurdles to face when embarking on projects... sometimes, the hardest problems to overcome happen right at the start: finding the right tools and parts to use! This talk will offer some tips, tricks, and stories to help you get what you need while avoiding obstacles...
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...
DEFCON 25
movies
eye 4
favorite 0
comment 0
You can't protect yourself unless you know what you own. Find out how an attacker finds the hidden parts of companies to know where to attack. Source: https://www.youtube.com/watch?v=zPjgUqeQbVA Uploader: DEFCONConference
Topics: Youtube, video, Science & Technology, DEF, CON, DEF CON 2017, DEF CON 25, DEF CON, DC25,...