Security News from 'DeepSec' |
|
Showing 'Security News from 'DeepSec'' from 1 to 10 |
|
What’s Wrong With WebSocket APIs - Unveiling Vulnerabilities In WebSocket APIs - Mikhail Egorov 17th Mar 2020 [11 months ago] from DeepSec WebSocket protocol is many times more efficient than HTTP. In recent years we can observe that developers tend to implement functionality in the form of WebSocket APIs instead of traditional REST APIs, that use HTTP. Modern technologies... |
What Has Data Science Got To Do With It - Thordis Thorsteins 17th Mar 2020 [11 months ago] from DeepSec In this talk I want to shed some light on data science’s place within security. You can expect to learn how to see through common data science jargon that’s used in the industry, as well as to get a high level understanding of what’s... |
Well, That Escalated Quickly - A Penetration Testers Approach To Windows Privilege Escalation - Khalil Bijjou 17th Mar 2020 [11 months ago] from DeepSec Companies engage security experts to penetrate their infrastructures and systems in order to find vulnerabilities before malicious persons do. During these penetration tests, security experts often encounter Windows endpoints or servers... |
The Turtle Gone Ninja - Investigation Of An Unusual Crypto-Mining Campaign - Ophir Harpaz And Daniel Goldberg 17th Mar 2020 [11 months ago] from DeepSec At first sight, Nansh0u is yet another attack campaign aiming to mine a marginal crypto-currency named TurtleCoin. However, things get much more interesting once you gain full access to the attacker’s infrastructure. Our investigation... |
The Future Is Here - Modern Attack Surface On Automotive - Lior Yaari 17th Mar 2020 [11 months ago] from DeepSec Working as a security researcher for the automotive industry, I received futuristic equipment to test. Test? Hack! In two or three years from now, our vehicles will be full of communication interfaces to the outside world. V2X technologies,... |
Lauschgerät - Gets In The Way Of Your Victims Traffic And Out Of Yours - Adrian Vollmer 17th Mar 2020 [11 months ago] from DeepSec The talk will present a new tool for pentesters called "Lauschgerät". This python script acts as a convenient man-in-the-middle tool to sniff traffic, terminate TLS encryption, host malicious services and bypass 802.1X - provided you have... |
IPFS As A Distributed Alternative To Logs Collection - Fabio Nigi 17th Mar 2020 [11 months ago] from DeepSec We want access to as much logs as possible. Historically the approach is to replicate logs to a central location. The cost of storage is the bottleneck on Siem solution, hard to be maintained at scale, leading to reduce the amount of information... |
How To Create A Botnet Of GSM-devices - Aleksandr Kolchanov 17th Mar 2020 [11 months ago] from DeepSec GSM-devices become more popular. Users can set them up fast, use them without landline internet and Wi-Fi, and control them remotely. But now they are also an interesting target for hackers. Usually, GSM-devices have a menu for calls (IVR... |
Extracting A 19-Year-Old Code Execution From WinRAR - Nadav Grossman 17th Mar 2020 [11 months ago] from DeepSec |
Emoji, How Do They Even Work And How They Break Security - MacLemon 17th Mar 2020 [11 months ago] from DeepSec Emoji are used everywhere these days and cannot be retracted from our daily communication. But how do the work and where did Emoji originate from? Join this talk and learn about their security relevance and the semiotics in the 21st century.... |
|
1 2 3 4 5 6 7 8 Older » |
|