Hot Topics

ZeroNights

ZeroNights 2018, Eric Sesterhenn’s, Luis Merino’s, Markus Vervier’s ‘Zero Fax Given’

| | Conferences, education, Hardware Security, Information Security, ZeroNights
From The Video Description: FAX machines, although being a reminiscent of a not-so-far past, are still present in lots of office spaces and can be frequently used for business and legal communications ...
Infosecurity.US

ZeroNights 2018, Junyu Zhou’s, Wenxu Wu’s ‘Attack Surfaces Against GIT Web Servers Used By Thousands Of Developers’

| | Conferences, education, Information Security, ZeroNights
From The Video Description: We, Tencent Security Xuanwu Lab, have successfully carried out serveral remote attacks on the most popular git web servers in 2018. This time we are willing to share ...
Infosecurity.US

ZeroNights 2018, HC Ma’s ‘Massive Scale USB Device Driver Fuzz WITHOUT Device’

| | Conferences, education, Hardware Security, Information Security, ZeroNights
From the Video Description: USB is one of the most common interfaces supported on modern computers. Modern OSes offer tons of USB drivers to support frequently used USB device classes. For other ...
Infosecurity.US

ZeroNights 2018, Jianing Wang’s & Junyu Zhous’ ‘NTLM Relay Reloaded: Attack Methods You Do Not Know’

| | Conferences, Information Security, ZeroNights
From the Video Description: It has been years since NTLM authentication protocol is introduced in Windows. NTLM relay is one of the most famous attacks, which attacker can act as the victim ...
Infosecurity.US

ZeroNights 2018, David Baptiste’s ‘Vulnerability In Compiler Leads To Stealth Backdoor In Software’

| | backdoors, Conferences, education, Information Security, Secure Coding, Secure Compiling, ZeroNights
From The Video Description: It is a fact, software has bugs and compilers (software which build other software) are not an exception. The CVE-2018-8232 discloses a vulnerability found in ML compiler from ...
Infosecurity.US

ZeroNights 2018, Joxean Koret’s ‘Diffing C Source Codes To Binaries’

| | Conferences, Diff, education, Information Security, ZeroNights
From The Video Description: "Often, when doing reverse engineering projects, one needs to import symbols from Open Source or «leaked» code bases into IDA databases. What everybody does is to compile to ...
Infosecurity.US

ZeroNights 2018, Vladimir Dashchenko’s ‘Denial, Anger, Bargaining, Depression, Acceptance – Reporting 0days To Vendors’

| | 0day Reporting, Conferences, education, Information Security, ZeroNights
From The video Description: The substitution of foreign ICS systems is an interesting process from the point of view of vulnerability searching. On the one hand, foreign companies have already made much ...
Infosecurity.US

ZeroNights 2018, Alexandre Gazet’s, Fabien (0xf4b) Perigaud’s & Joffrey (@_Sn0rkY) Czarny’s ‘Turning Your BMC Into A Revolving Door’

| | Conferences, education, Hardware Security, iLO Security, Information Security, Infrastructure Security, ZeroNights
From The Video Description: "Unmonitored and unpatched BMC (remote administration hardware feature for servers) are an almost certain source of chaos. They have the potential to completely undermined the security of complex ...
Infosecurity.US