| Security News from 'DeepSec' |
|
| Showing 'Security News from 'DeepSec'' from 1 to 10 |
| |
ROOTS_How_Androids_UI_Security_is_Undermined_by_Accessibility 25th Dec 2018 [27 days ago] from DeepSec Androids accessibility API was designed to assist users with disabilities, or temporarily preoccupied users unable to interact with a device, e.g., while driving a car. Nowadays, many Android apps rely on the accessibility API for other... |
Efail And Other Failures With Encryption And E-Mail 21st Dec 2018 [one month ago] from DeepSec The Efail bug against encrypted e-mails showed a variety of problems with the interaction of outdated cryptography and HTML e-mails. This talk will give an overview of the flaws that led to Efail and some other fun attacks that followed... |
ROOTS - Kernel-Assisted Debugging Of Linux Applications 19th Dec 2018 [one month ago] from DeepSec On Linux, most---if not all---debuggers use the ptrace debugging API to control their target processes. However, ptrace proves unsatisfactory for many malware analysis and reverse engineering tasks: So-called split-personality malware often... |
ROOTS - Library And Function Identification By Optimized Pattern Matching On Compressed Databases 19th Dec 2018 [one month ago] from DeepSec The goal of library and function identification is to find the original library and function to a given machine-code snippet. These snippets commonly arise from penetration tests attacking a remote executable, static malware analysis or... |
ROOTS 2018 - The Swift Language From A Reverse Engineering Perspective 19th Dec 2018 [one month ago] from DeepSec Over the last decade, mobile devices have taken over the consumer market for computer hardware. Almost all these mobile devices run either Android or iOS as their operating systems. In 2014, Apple introduced the Swift programming language... |
Attacks On Mobile Operators 19th Dec 2018 [one month ago] from DeepSec "Id like to talk about telecom security. My research contains information about security of mobile operators: classic and new (or very rare) attack vectors and vulnerabilities. This presentation will consist of three main parts: First,... |
ROOTS_Keynote: Automatic Exploitation - The DARPA Cyber Grand Challenge, What Came After, And What Is Next 19th Dec 2018 [one month ago] from DeepSec The automatic exploitation of vulnerabilities has long been a holy grail for software security. However, even manual exploitation by experienced security analysts and researchers has become ever more challenging due to the increased complexity... |
DeepSec2017 - The Future Of The Internet 4th Jan 2018 [one year ago] from DeepSec Where are we headed with all our things as they become connected to the internet? Everything is already so vulnerable, but companies are building convenient products and services so fast without thinking about the security issues. This... |
DeepSec2017 - Uncovering And Visualizing Botnet Infrastructure And Behavior 4th Jan 2018 [one year ago] from DeepSec How much information about a botnet can one find using a single IP address, domain name or indicator of compromise (IOC)? What kind of behavior can be determined when looking at attacker and victim infrastructure? In an attempt to discover... |
DeepSec2017 - XFLTReaT: A New Dimension In Tunnelling 4th Jan 2018 [one year ago] from DeepSec This presentation will sum up how to do tunnelling with different protocols and will feature different perspectives in detail. For example, companies are fighting hard to block exfiltration from their network: They use http(s) proxies,... |
|
| 1 2 Older » |
|
