Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'DeepSec' | www.SecurityPhresh.com
Security News from 'DeepSec'
Showing 'Security News from 'DeepSec'' from 1 to 10
What’s Wrong With WebSocket APIs - Unveiling Vulnerabilities In WebSocket APIs - Mikhail Egorov
17th Mar 2020 [one year ago] from DeepSec
WebSocket protocol is many times more efficient than HTTP. In recent years we can observe that developers tend to implement functionality in the form of WebSocket APIs instead of traditional REST APIs, that use HTTP. Modern technologies...
What Has Data Science Got To Do With It - Thordis Thorsteins
17th Mar 2020 [one year ago] from DeepSec
In this talk I want to shed some light on data science’s place within security. You can expect to learn how to see through common data science jargon that’s used in the industry, as well as to get a high level understanding of what’s...
Well, That Escalated Quickly - A Penetration Testers Approach To Windows Privilege Escalation - Khalil Bijjou
17th Mar 2020 [one year ago] from DeepSec
Companies engage security experts to penetrate their infrastructures and systems in order to find vulnerabilities before malicious persons do. During these penetration tests, security experts often encounter Windows endpoints or servers...
The Turtle Gone Ninja - Investigation Of An Unusual Crypto-Mining Campaign - Ophir Harpaz And Daniel Goldberg
17th Mar 2020 [one year ago] from DeepSec
At first sight, Nansh0u is yet another attack campaign aiming to mine a marginal crypto-currency named TurtleCoin. However, things get much more interesting once you gain full access to the attacker’s infrastructure. Our investigation...
The Future Is Here - Modern Attack Surface On Automotive - Lior Yaari
17th Mar 2020 [one year ago] from DeepSec
Working as a security researcher for the automotive industry, I received futuristic equipment to test. Test? Hack! In two or three years from now, our vehicles will be full of communication interfaces to the outside world. V2X technologies,...
Lauschgerät - Gets In The Way Of Your Victims Traffic And Out Of Yours - Adrian Vollmer
17th Mar 2020 [one year ago] from DeepSec
The talk will present a new tool for pentesters called "Lauschgerät". This python script acts as a convenient man-in-the-middle tool to sniff traffic, terminate TLS encryption, host malicious services and bypass 802.1X - provided you have...
IPFS As A Distributed Alternative To Logs Collection - Fabio Nigi
17th Mar 2020 [one year ago] from DeepSec
We want access to as much logs as possible. Historically the approach is to replicate logs to a central location. The cost of storage is the bottleneck on Siem solution, hard to be maintained at scale, leading to reduce the amount of information...
How To Create A Botnet Of GSM-devices - Aleksandr Kolchanov
17th Mar 2020 [one year ago] from DeepSec
GSM-devices become more popular. Users can set them up fast, use them without landline internet and Wi-Fi, and control them remotely. But now they are also an interesting target for hackers. Usually, GSM-devices have a menu for calls (IVR...
Extracting A 19-Year-Old Code Execution From WinRAR - Nadav Grossman
17th Mar 2020 [one year ago] from DeepSec
Half a billion users worldwide use WinRAR for creating and extracting archives. This usually is assumed to be a safe procedure, however, we found a critical vulnerability that results in RCE by simply using WinRAR to extract an archive....
Emoji, How Do They Even Work And How They Break Security - MacLemon
17th Mar 2020 [one year ago] from DeepSec
Emoji are used everywhere these days and cannot be retracted from our daily communication. But how do the work and where did Emoji originate from? Join this talk and learn about their security relevance and the semiotics in the 21st century....
1 2 3 4 5 6 7 8 Older »