I’ve been at Black Hat Vegas last week and in the following I’ll shortly discuss some talks I’ve attended and which I found interesting.Continue reading
Given the CfP for Black Hat US in Vegas ends in a few days – and as apparently some people have already started to think about their TR18 submissions – I’ll quickly provide some loose recommendations on how to write a submission here. There’s quite some reasonable advice out there already (the BH CfP site lists this and this which you should both read as well) but some of you might find it useful to get (yet) another perspective. Continue reading “Some Quick Tips for Submitting a Talk to Black Hat or TROOPERS”Continue reading
A few months ago I had the opportunity to visit this year’s Black Hat in Las Vegas. Due to a few weeks of vacation following the conference here are my delayed 2 cents (part 1)
Abusing Bleeding Edge Web Standards For AppSec Glory – Bryant Zadegan & Ryan Lester (Slides)
Bryant and Ryan talked about new web standards which are already implemented in parts of the current browser jungle. Namely these standard were:Continue reading
Just a few days ago I had a blast again at this year’s Black Hat. Some of the talks were really worth listening to, so I wanted to point them out and give a short summary.
USING UNDOCUMENTED CPU BEHAVIOR TO SEE INTO KERNEL MODE AND BREAK KASLR IN THE PROCESS – Anders Fogh & Daniel Gruss
They had the last slot at the last day of Black Hat which resulted in a kind of empty room, but in my opinion it was an awesome talk and I even had the pleasure to meet these two guys at our ERNW dinner.
The talk was about a very weirdly documented Intel instruction which does not check for privileges or throw exceptions:Continue reading
I won’t be in Vegas for Black Hat this year as there’s a direct conflict with one of my kids’ birthdays, but I thought one or another reader might find it helpful to get some inspiration as for selecting the talks to catch (not least as there’s so many interesting ones). I hence decided to quickly write this post.Continue reading
While searching for some photos for my last blog post on Thinkst Canary I found a couple more from our recent trip to Black Hat USA and DEF CON, which I consider worth sharing. Nothing too technical, just some visual impressions and comments from my side. Let’s get it on!Continue reading
What is a Miner’s Canary?
Well, it’s a canary (these cute yellow songbirds some people have as a pet), and its main feature is that it dies before you will.
What the hack [pun intended]? And by the way… what has this to do with IT Security? Well… let me first quote Wikipedia on the birds:Continue reading
This year’s Black Hat US saw a number of quite interesting talks in the context of Windows or Active Directory Security. For those of you too lazy to search for themselves 😉 and for our own Windows/AD Sec team (who couldn’t send anyone to Vegas due to heavy project load) I’ve compiled a little list of those.Continue reading
Information security conferences are known to be attended because of several reasons. For some it’s the technical content, for others the networking potential and for some others simply meeting old friends. Pinpointing our motives is clearly a challenging task, but the following wrap-up ought to share our personal highlights of the week we spent visiting Black Hat USA 2014 and DEFCON 22 in Las Vegas.Continue reading
Last week we had the opportunity and pleasure to present some of our research results at BlackHat US 2014 (besides of meeting a lot of old friends and having a great researchers’ dinner).
Enno and Antonios gave their presentation on IDPS evasion by IPv6 Extension Headers, described here.
Ayhan and me presented our results of the security analysis of Cisco’s EnergyWise protocol. The protocol enables network-wide power monitoring and control (ie turning servers off or on, putting phones to standby — basically controlling the power state of all EnergyWise-enabled or PoE devices). The main problem (besides a DoS vulnerability we found in IOS, see official Cisco advisory) is its PSK-based authentication model, which enables an attacker to cause large-scale blackouts in data centers if the deployment is lacking certain controls (for example our good old favorite, segmentation…). There will be a longer blogpost/newsletter on this topic soon.
The material can be found here: Slides & tools