Breaking the Laws of Robotics: Attacking Automated Manufacturing Systems

Automated manufacturing systems (particularly within the paradigm of so-called Industry 4.0) are complex and critical cyber-physical systems. They use robots (highly sophisticated systems themselves, with multiple complex embedded controllers), several types of industrial controllers, and are often interconnected with other computers in the factory network, safety systems, and to the Internet for remote monitoring and […]

Read more

Hacking & Securing Clinical Technology

This talk highlights the security challenges of securing the clinical and IT infrastructure of healthcare delivery organizations. We’ll dive into two examples of FDA approved devices that connect to clinical equipment common in hospitals today and walk the audience through the development of full device compromise and the discovery of multiple CVEs.

Read more

Automating Threat Detection and Response with Azure Sentinel

As more businesses move to Azure for their cloud computing, there is a growing gap in visibility of the security of cloud resources. Azure Sentinel is the cloud native SIEM solution from Microsoft. Turning it on potentially means another location for piles of logs and noise. Attend this session to learn how to get the […]

Read more

Common NGINX Misconfigurations That Leave Your Web Server Open to Attack

NGINX is the web server powering one-third of all websites in the world. Detectify’s Security Research team analyzed almost 50,000 unique NGINX configuration files downloaded from GitHub with Google BigQuery and discovered common misconfigurations that, if left unchecked, leave your web site vulnerable to attack. This training will walk through the most common issues, including […]

Read more

Broken Brokers in Boxes: Fuzzing Breaks Everything, Even Erlang

Behind the scenes of a trio of recently disclosed vulnerabilities are two innovations. First, putting fuzzing targets in containers makes memory exhaustion much easier to observe. Second, widening our definition of failure makes it possible to locate vulnerabilities even in “safe” environments like Erlang. This presentation begins with a brief review of fuzzing, focusing on […]

Read more

Harder, Better, Faster, Stronger – Privacy Laws and the Anatomy of a Breach Response

In late 2020, the Canadian government proposed the Digital Charter Implementation Act, intending to modernize the framework for the protection of personal information in the private sector. Stemming from this Act, the Privacy Commissioner of Canada is set to receive more power to investigate privacy infractions and issue orders and fines. Simultaneously, Ontario is developing […]

Read more

Moving Upstream, Securing the GitOps Workflow

A recent study suggests that cloud misconfiguration is the number one risk to cloud environments in 2021. As more developers deploy infrastructure across clouds using infrastructure-as-code, the security risk is only going to grow. To quote Albert Einstein: “Intellectuals solve problems, geniuses prevent them.” With IaC, we have an opportunity to scalably prevent security risks […]

Read more

Introducing a New Construct for Advanced Interactive Volatile Memory Analysis

Malware continues to advance in sophistication and prevalence. Well-engineered malware can obfuscate itself from the user, network, and even the operating system running host-based security applications. One place malware cannot easily hide itself is within volatile computer memory (RAM). Although an essential part of detection engineering and exploit development, memory analysis is not trivial to […]

Read more

Speeding Up AWS IAM Least Privileges with CloudSplaining & Elastic Stack

In talking about Cloud Security, I believe that there are 3 main points to take care of: IAM Permissions, Control Plane Configuration (AWS API), and Cloudtrail for Control Plane Monitoring. When we are talking about Cloud Misconfiguration, Permissions, and Monitoring, we are mostly talking about second stage attacks (unless some configurations that make information public) […]

Read more

Explore Adventures in the Underland: Forensic Techniques Against Hackers

Cybercrime is a very lucrative business not just because of the potential financial return, but because it is quite easy to get away with it. Sometimes hackers get caught, but most of the time they still run free. When it comes to the operating system and after-attack traces, it is not that bad as all […]

Read more

Adventures in Underland: What Your System Stores on the Disk Without Telling You

Even though you are the only person using a computer, you are not the only one writing to your disk drive! Surprisingly, your disk drive contains a lot of juicy information that can reveal a lot of secrets and history about what you did in the past. There are also places where data can be […]

Read more

Attacker Techniques: Data Exfiltration

Data exfiltration, or data theft, is a common event that occurs during a breach. This talk will go into detail on specific tools and techniques that attackers have used to exfiltrate data from victim organizations and the ways that we can identify evidence of data access, data staging or data theft. By understanding how attackers […]

Read more

Building Security Champions

With security teams being vastly outnumbered many organizations have responded to this challenge with different program scaling methods, including building security champions programs. Which leads us to questions: How does a security champions program work? How do you select your champions? And once you have them, what do you DO with them?  This session will […]

Read more

Tools for InfoSec, but Not the Ones You Think

Ask anyone about “infosec tools” and the list will depend on red/blue perspective and experience but will usually include the likes of BloodHound, Metasploit, Burp, Mimikatz, Cobalt Strike, Nmap, and Netcat. These are all great but, too often we ignore that there is a separate side to infosec: there is a “non-technical” dimension we all […]

Read more

hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day

In this session, we present hAFL1 and provide the implementation bits required to write a Hyper-V fuzzer. We uncover a critical 0-day in Hyper-V vmswitch which was found using our fuzzer – an arbitrary read vulnerability. Finally, we show a live demo of exploiting this vulnerability, which until only a few weeks ago could take […]

Read more

Full Circle Detection: From Hunting to Actionable Detection

How do you create new efficient, accurate, and resilient detection rules? There are a lot of steps to follow. This talk will take you through what I call Full Circle Detection. I’ll start with where to get hunting ideas and then to giving a turnkey alert for your Security Analysts using a real-world step by […]

Read more

FAIL – Notorious* Number 9

Lessons learned over the course of a protracted global emergency that has fundamentally altered society and how we do business are not being well learned and are not yet reflected in how we manage and assess our work. Time to talk through the 9th round of fails with our panel of distinguished guest speakers!

Read more

Large-Scale Security Analysis of IoT Firmware

Today, the number of IoT devices in both the private and corporate sectors are steadily increasing. IoT devices like IP cameras, routers, printers, and IP phones have become ubiquitous in our modern homes and enterprises. To evaluate the security of these devices, a security analysis must be performed for every single device. Since manual analysis […]

Read more

Ghost Misdetection Attacks Against Tesla Model X & Mobileye 630 PRO

Many studies have discussed the implications of using a training process to develop artificial intelligence: the significant computing capabilities required, the energy wasted, the high cost, the time required for training, the size of the dataset needed. However, the fact that automated driving is considered safer than manual driving proves that the training process is […]

Read more

Detecting Illicit Drone Filming

In an “open skies” era in which drones fly among us, a new question arises: how can we tell whether a passing drone is being used by its operator for a legitimate purpose (e.g., delivering pizza) or an illegitimate purpose (e.g., peeking at a person showering in his/her own house)? In this talk, I present […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!