BlueHat IL 2018 - John Lambert - The New Paradigm of Security Controls
https://youtu.be/OpTGFcJXL8g
We are seeing a new approach to security that is rippling across network defenders, products, and attackers alike. The world is moving from security on data to security from data. Defenders are transitioning from appliances that shrink data volumes to cloud approaches that capture more data than ever before. Innovators are seeking signals across user, device, and application activity, and building learning systems to master security insights from them. Users are central to this new world, as security solutions adapt from placing controls on them to creating controls from them. Attackers are adapting to these data driven systems as well. This talk will discuss these trends as well as new risks that arise from them.https://youtu.be/OpTGFcJXL8g
YouTube
BlueHat IL 2018 - John Lambert - The New Paradigm of Security Controls
We are seeing a new approach to security that is rippling across network defenders, products, and attackers alike. The world is moving from security on data ...
BlueHat IL 2018 - Gunter Ollmann - Extracting Secrets from Silicon: A New Generation of Bug Hunting
https://youtu.be/jxve5hrtwnI
🕴🏼 @Phantasm_Lab
Understanding your adversary lies at the crux of every defensive strategy. This session reviews the current generation of tools and techniques used by professional hacking entities to extract the magic numbers, proprietary algorithms, and WORN (Write Once, Read Never) secrets from the chips themselves.https://youtu.be/jxve5hrtwnI
🕴🏼 @Phantasm_Lab
YouTube
BlueHat IL 2018 - Gunter Ollmann - Extracting Secrets from Silicon: A New Generation of Bug Hunting
As reverse engineering tools and hacking techniques have improved over the years, software engineers have been forced to bury their secrets deeper down the stack – securing keys and intellectual property first in software, then drivers, on to custom firmware…
BlueHat IL 2018 - Jordan Rabet - Browser Security Beyond Sandboxing
https://youtu.be/sheeWKC6CuM
🕴🏼 @Phantasm_Lab
Security is now a strong differentiator in picking the right browser - a single compromise through a web browser can have catastrophic results. Much of recent browser security development has been focused on improving sandboxing, but we can't lose sight of how damaging remote code execution (RCE) exploits can be, even when they remain contained to a single process. This talk will interactively walk through the discovery of RCE bugs in Google's Chrome browser, the exploitation of one of them, and finally, the capabilities a savvy attacker can attain from that, culminating in a live pwning demo.https://youtu.be/sheeWKC6CuM
🕴🏼 @Phantasm_Lab
YouTube
BlueHat IL 2018 - Jordan Rabet - Browser Security Beyond Sandboxing
Security is now a strong differentiator in picking the right browser - a single compromise through a web browser can have catastrophic results. Much of recen...
BlueHat IL 2018 - Saar Amar - Linux Vulnerabilities Windows Exploits: Escalating Privileges with WSL
https://youtu.be/3deJvbBHET4
🕴🏼 @Phantasm_Lab
WSL (Windows Subsystem for Linux) is an impressive mechanism integrated recently into the Windows 10 kernel. This subsystem allows Linux executables to run without modifications on a Windows machine, using the same system calls, file system layout and executable format — an enormous attack surface by all means. Like any other new, large, and complex codebase, it is a greenfield for vulnerability researchers, hindered only by the lack of documentation, and by a single massive .sys file just waiting to be reverse engineered.https://youtu.be/3deJvbBHET4
🕴🏼 @Phantasm_Lab
YouTube
BlueHat IL 2018 - Saar Amar - Linux Vulnerabilities Windows Exploits: Escalating Privileges with WSL
WSL (Windows Subsystem for Linux) is an impressive mechanism integrated recently into the Windows 10 kernel. This subsystem allows Linux executables to run w...