Home
Search results “Non cryptographic protocol vulnerabilities pdf viewer”
Will Quantum Computers break encryption?
 
15:45
How do you secure messages over the internet? How do quantum computers break it? How do you fix it? Why don't you watch the video to find out? Why does this description have so many questions? Why are you still reading? What is the meaning of life? Facebook: https://www.facebook.com/frameofessence Twitter: https://twitter.com/frameofessence YouTube: https://www.youtube.com/user/frameofessence CLARIFICATIONS: You don't actually need a quantum computer to do quantum-safe encryption. As briefly mentioned at 7:04 , there are encryption schemes that can be run on regular computers that can't be broken by quantum computers. CORRECTIONS: [2:18] Technically, you can use any key to encrypt or decrypt whatever you want. But there's a specific way to use them that's useful, which is what's shown in the video. [5:36] In RSA, depending on exactly what you mean by "private key", neither key is actually derivable from the other. When they are created, they are generated together from a common base (not just the public key from the private key). But typically, the file that stores the "private key" actually contains a bit more information than just the private key. For example, in PKCS #1 RSA private key format ( https://tools.ietf.org/html/rfc3447#appendix-A.1.2 ), the file technically contains the entire public key too. So in short, you technically can't get the public key from the private key or vice versa, but the file that contains the private key can hold more than just the private key alone, making it possible to retrieve the public key from it. Video links: Encryption and HUGE numbers - Numberphile https://youtu.be/M7kEpw1tn50 The No Cloning Theorem - minutephysics https://youtu.be/owPC60Ue0BE Quantum Entanglement & Spooky Action at a Distance - Veritasium https://youtu.be/ZuvK-od647c Sources: Quantum Computing for Computer Scientists http://books.google.ca/books/about/Quantum_Computing_for_Computer_Scientist.html?id=eTT0FsHA5DAC Random person talking about Quantum MITM attacks http://crypto.stackexchange.com/questions/2719/is-quantum-key-distribution-safe-against-mitm-attacks-too The Ekert Protocol (i.e. E91) http://www.ux1.eiu.edu/~nilic/Nina's-article.pdf Annealing vs. Universal Quantum Computers https://medium.com/quantum-bits/what-s-the-difference-between-quantum-annealing-and-universal-gate-quantum-computers-c5e5099175a1 Images, Documents, and Screenshots: Post-Quantum Cryptography initiatives http://csrc.nist.gov/groups/ST/post-quantum-crypto/cfp-announce-dec2016.html http://pqcrypto.eu.org/docs/initial-recommendations.pdf Internet map (Carna Botnet) http://census2012.sourceforge.net/ Quantum network maps https://www.slideshare.net/ADVAOpticalNetworking/how-to-quantumsecure-optical-networks http://www.secoqc.net/html/press/pressmedia.html IBM Quantum http://research.ibm.com/ibm-q/ Music: YouTube audio library: Blue Skies Incompetech: Jay Jay Pamgaea The House of Leaves Premium Beat: Cutting Edge Technology Second Time Around Swoosh 1 sound effect came from here: http://soundbible.com/682-Swoosh-1.html ...and is under this license: https://creativecommons.org/licenses/sampling+/1.0/
Views: 615112 Frame of Essence
16. Side-Channel Attacks
 
01:22:16
MIT 6.858 Computer Systems Security, Fall 2014 View the complete course: http://ocw.mit.edu/6-858F14 Instructor: Nickolai Zeldovich In this lecture, Professor Zeldovich discusses side-channel attacks, specifically timing attacks. License: Creative Commons BY-NC-SA More information at http://ocw.mit.edu/terms More courses at http://ocw.mit.edu
Views: 11245 MIT OpenCourseWare
Malware Analysis   Quick PDF Analysis
 
02:27
Ring Ø Labs report and sample download here: http://www.ringzerolabs.com/2017/08/we-show-how-to-quickly-analyze.html Ring Ø Labs Analysis Environment Setup: https://www.youtube.com/edit?o=U&video_id=Onqql1Zz3OE Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet. www.RingZeroLabs.com Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 718 H4rM0n1cH4cK
How the Krack Hack Breaks Wi-Fi Security
 
06:26
To support SciShow and learn more about Brilliant, go to https://brilliant.org/Scishow. After 14 years of going unnoticed, a vulnerability in Wi-Fi security was published last week. It's a serious problem, but it's already in the process of being fixed. We're conducting a survey of our viewers! If you have time, please give us feedback: https://www.surveymonkey.com/r/SciShowSurvey2017 Hosted by: Stefan Chin ---------- Support SciShow by becoming a patron on Patreon: https://www.patreon.com/scishow ---------- Dooblydoo thanks go to the following Patreon supporters: Kevin Bealer, Mark Terrio-Cameron, KatieMarie Magnone, Inerri, D.A. Noe, Charles Southerland, Fatima Iqbal, سلطان الخليفي, Nicholas Smith, Tim Curwick, Scott Satovsky Jr, Philippe von Bergen, Bella Nash, Chris Peters, Patrick D. Ashmore, Piya Shedden, Charles George ---------- Looking for SciShow elsewhere on the internet? Facebook: http://www.facebook.com/scishow Twitter: http://www.twitter.com/scishow Tumblr: http://scishow.tumblr.com Instagram: http://instagram.com/thescishow ---------- Sources: https://www.krackattacks.com/?_ga=2.191235242.1088205245.1508159331-752582413.1498767319 https://papers.mathyvanhoef.com/ccs2017.pdf https://www.youtube.com/watch?v=9M8kVYFhMDw https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/ https://www.lifewire.com/what-is-wpa2-818352 https://www.techopedia.com/definition/27188/four-way-handshake https://www.wired.com/story/krack-wi-fi-iot-security-broken/ http://smallbusiness.chron.com/s-https-stand-for-64240.html
Views: 366641 SciShow
SSL Certificate Error Fix
 
03:01
This is a tutorial on how to fix the ssl error or 107 error,in google applications.
Views: 631553 Ilya Novickij
KRACK - Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
 
10:04
KRACK: https://www.krackattacks.com Read the paper! https://papers.mathyvanhoef.com/ccs2017.pdf Some interesting discussion about the formal protocol verification: https://blog.cryptographyengineering.com/2017/10/16/falling-through-the-kracks/ -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #SecurityResearch #WifiHacking
Views: 58285 LiveOverflow
The Supply Chain - Security Now 684
 
02:08:47
China Chip Hack, Google+ --An October Surprise of a different sort - Windows 10 update deletes users' files --A security researcher has massively weaponzied the existing MicroTik vulnerability and released it as a proof-of-concept --A clever voicemail WhatsApp OTP bypass --What happened with that recent Google+ breach? --Google tightens up its Chrome extensions security policies --WiFi radio protocol designations finally switch to simple version numbering --Intel unwraps its 9th-generation processors --Head-spinning PDF updates from Adobe and Foxit (this isn't a competition, guys!) --Bloomberg's earth-shaking controversial report on Chinese hardware hacking We invite you to read our show notes. Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Views: 3995 Security Now
Hack Whatsapp without victim's mobile? SS7 Hack Attacks Explained [Hindi]
 
04:09
In this video we will understand Signaling System 7(SS7) hack attacks. We will see what is SS7, how it works and what are its flaws and how hackers use it to hack your mobile phone. We will also find out if Whatsapp is safe from this attack or not and how can a hacker hack into anyone's whatsapp without victim's mobile using this SS7 hack. Extra info: Signalling System No. 7 (SS7) is a set of telephony signaling protocols developed in 1975, which is used to set up and tear down most of the world's public switched telephone network (PSTN) telephone calls. It also performs number translation, local number portability, prepaid billing, Short Message Service (SMS), and other mass market services. In North America it is often referred to as CCSS7, abbreviated for Common Channel Signalling System 7. In the United Kingdom, it is called C7 (CCITT number 7), number 7 and CCIS7 (Common Channel Interoffice Signaling 7). In Germany, it is often called N7 (Signalisierungssystem Nummer 7). The only international SS7 protocol is defined by ITU-T's Q.700-series recommendations in 1988. Of the many national variants of the SS7 protocols, most are based on variants of the international protocol as standardized by ANSI and ETSI. National variants with striking characteristics are the Chinese and Japanese (TTC) national variants. The Internet Engineering Task Force (IETF) has defined the SIGTRAN protocol suite that implements levels 2, 3, and 4 protocols compatible with SS7. Sometimes also called Pseudo SS7, it is layered on the Stream Control Transmission Protocol (SCTP) transport mechanism. WhatsApp Messenger is a freeware, cross-platform and end-to-end encrypted instant messaging application for smartphones. It uses the Internet to make voice calls, one to one video calls; send text messages, images, GIF, videos, documents, user location, audio files, phone contacts and voice notes to other users using standard cellular mobile numbers. It also incorporates a feature called Status, which allows users to upload photos and videos to a 24-hours-lifetime feed that, by default, are visible to all contacts, similar to Snapchat, Facebook and Instagram Stories. WhatsApp Inc., based in Mountain View, California, was acquired by Facebook in February 2014 for approximately US$19.3 billion. By February 2016, WhatsApp had a user base of over one billion, making it the most popular messaging application at the time. -------------------------------------------------------------------------------------- Like our Facebook page: https://www.facebook.com/DesiScientistReal/ Follow us on Twitter: https://twitter.com/DS_Asli
Views: 324028 Desi Scientist
Movie Line Monday - Poodle Attack: 1,632 Cloud Apps Vulnerable
 
13:48
http://www.netskope.com - As most of you have read, there’s another SSL exploit out there. As announced by OpenSSL.org (https://www.openssl.org/~bodo/ssl-poodle.pdf), the Poodle attack has been designed to take advantage of a vulnerability in the SSL V 3.0 protocol using the CBC mode encryption. Though a few other vulnerabilities were disclosed (https://www.openssl.org/news/secadv_20141015.txt), the Poodle attack seems to have gained much more attention. To be more specific about the vulnerability, the attack exploits the vulnerability found in the implementation of the CBC mode in SSL V 3.0 where in the padding bytes are not checked against any value nor covered by the message digest (MAC). The attack itself is complicated to carry out as it involves a client downgrade dance along with the attacker being the man-in-middle and having the ability to control/modify the traffic from the client to a server. Though the attack involves intricacy in execution, it is easy to carry out given today’s computing resources. - See more at: https://www.netskope.com/blog/poodle-attack-vulnerable-cloud-app-count/#sthash.BNPpGKM8.dpuf
Views: 3623 Netskope
New Directions in Cryptography - Papers We Love
 
58:37
Speaker: Vishnu Prem "New Directions in Cryptography" also known as Diffie–Hellman–Merkle key exchange (https://www-ee.stanford.edu/~hellman/publications/24.pdf) Event Page: https://www.facebook.com/events/223807567956217/ Produced by Engineers.SG Help us caption & translate this video! http://amara.org/v/IHJf/
Views: 251 Engineers.SG
DEF CON 23 - Eijah - Crypto for Hackers
 
55:52
Hacking is hard. It takes passion, dedication, and an unwavering attention to detail. Hacking requires a breadth of knowledge spread across many domains. We need to have experience with different platforms, operating systems, software packages, tools, programming languages, and technology trends. Being overly deficient in any one of these areas can add hours to our hack, or even worse, bring us total failure. And while all of these things are important for a well-rounded hacker, one of the key areas that is often overlooked is cryptography. In an era dominated by security breaches, an understanding of encryption and hashing algorithms provides a tremendous advantage. We can better hone our attack vectors, especially when looking for security holes. A few years ago I released the first Blu-Ray device key, AA856A1BA814AB99FFDEBA6AEFBE1C04, by exploiting a vulnerability in an implementation of the AACS protocol. As hacks go, it was a simple one. But it was the knowledge of crypto that made it all possible. This presentation is an overview of the most common crypto routines helpful to hackers. We'll review the strengths and weaknesses of each algorithm, which ones to embrace, and which ones to avoid. You'll get C++ code examples, high-level wrapper classes, and an open-source library that implements all the algorithms. We'll even talk about creative ways to merge algorithms to further increase entropy and key strength. If you've ever wanted to learn how crypto can give you an advantage as a hacker, then this talk is for you. With this information you'll be able to maximize your hacks and better protect your personal data. Speaker Bio: Eijah is the founder of demonsaw, a secure and anonymous content sharing platform, and a Senior Programmer at a world-renowned game development studio. He has over 15 years of software development and IT Security experience. His career has covered a broad range of Internet and mid-range technologies, core security, and system architecture. Eijah has been a faculty member at multiple colleges, has spoken about security and development at conferences, and holds a master’s degree in Computer Science. Eijah is an active member of the hacking community and is an avid proponent of Internet freedom.
Views: 47944 DEFCONConference
DTNS 3138 - Just say no to KRACK
 
52:51
What you need to know about the KRACK WiFi vulnerability plus the RSA key debacle and progress on a virtual pancreas. With Tom Merritt, Sarah Lane, Roger Chang, Veronica Belmont and Patrick Norton Support the show at http://dailytechnewsshow.com/support/ Introduction: https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ https://techcrunch.com/2017/10/16/apple-denied-motions-in-virnetx-patent-infringement-case-slapped-with-a-440m-final-judgement/ https://www.androidheadlines.com/2017/10/htc-holding-a-november-2-event-u11-plus-reportedly-coming.html Top Stories: https://www.theverge.com/circuitbreaker/2017/10/16/16481242/huawei-mate-10-pro-announcement-specs-price-ai-features http://fortune.com/2017/10/16/ibm-blockchain-stellar/ https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/ http://fortune.com/2017/10/16/microsoft-trump-administration-doj-supreme-court/ https://www.engadget.com/2017/10/16/artificial-pancreas-uses-your-phone-to-counter-diabetes/ http://dailytechheadlines.com http://anchor.fm Discussion Story: https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ https://www.theverge.com/2017/10/16/16481136/wpa2-wi-fi-krack-vulnerability https://papers.mathyvanhoef.com/ccs2017.pdf https://www.theverge.com/2017/10/16/16481252/wi-fi-hack-attack-android-wpa-2-details http://fortune.com/2017/10/16/wifi-security-has-been-breached/ https://techcrunch.com/2017/10/16/wpa2-shown-to-be-vulnerable-to-key-reinstallation-attacks/?ncid=rss https://www.theverge.com/2017/10/16/16481818/wi-fi-attack-response-security-patches https://www.krackattacks.com https://arstechnica.com/information-technology/2017/10/how-the-krack-attack-destroys-nearly-all-wi-fi-security/ https://techcrunch.com/2017/10/16/heres-what-you-can-do-to-protect-yourself-from-the-krack-wifi-vulnerability/ News from you: http://dailytechnewsshow.reddit.com Pick of the day: http://www.dailytechnewsshow.com/picks Today’s guest: https://www.avexcel.com http://patreon.com/tekthing http://hak5.org @patricknorton https://irlpodcast.org http://www.growbot.io http://veronicabelmont.com http://botzine.org https://botwiki.org https://botmakers.org https://about.me/veronica http://swordandlaser.com @Veronica Next guest: http://www.patreon.com/ThePhileasClub http://frenchspin.com http://patreon.com/RDVtech @NotPatrick https://lenperaltastore.com/products/daily-tech-news-show-year-2-commemorative-poster-limited-edition-naming-rights http://dtns.bigcartel.com http://www.dailytechnewsshow.com/support http://www.technology.fm/dtns http://dtns.tv/wiki http://sarahlane.com https://twitter.com/sarahlane http://tommerrittbooks.com/blog/2016/4/9/pilot-x http://swordandlaser.com/store http://frogpants.com/currentgeek http://www.cordkillers.com http://www.damnfinepodcast.com
Views: 3575 Daily Tech News Show
ICO Review: Sentinel Protocol (UPP)  - Security Intelligence Platform For Blockchain
 
06:04
Sentinel Protocol aims to create a secure ecosystem for cryptocurrency by utilizing a collective intelligence system. Learn more: https://crushcrypto.com/sentinel-protocol-ico-review/ Project website: https://sentinelprotocol.io White paper: https://sentinelprotocol.io/Sentinel%20Protocol%20Whitepaper%20English.pdf Download the PDF version of the presentation: https://crushcrypto.com/wp-content/uploads/2018/04/CrushCrypto-ICO-Review-Sentinel-Protocol-UPP.pdf Download the free ICO Guide which contains 6 simple steps for analyzing any ICOs to find the winning projects: https://crushcrypto.com/youtube/ Note: This is not a paid review. We do not offer promotional or advertising services. Our content is based on our own research, analysis and personal opinion. _______________________________________ What does the company/project do? Sentinel Protocol aims to create a secure ecosystem for cryptocurrency by utilizing a collective intelligence system to perform threat analysis. Currently, the most popular type of hacking is phishing – users entering the wrong website or are approached by a fake admin and send the cryptocurrency to a scam address. Blockchain is a system that shares information transparently. Through careful analysis, it is possible to track down illegal use of cryptocurrencies. The flow of cryptocurrency transactions that has been hijacked by cybercrime is actually easily traceable. Eventually, in order to monetize the hijacked assets, hackers need to send such assets to exchanges. This applies even to coins with anonymity features, such as Monero, Dash, and Zcash. Sentinel Protocol has three security features: threat reputation database, machine learning engine integrated security wallet, and distributed malware analysis sandbox. _______________________________________ What are the tokens used for and how can token holders make money? UPP tokens are used as a currency for goods and services provided by Sentinel Protocol, including the advanced security features of the security wallet. It can also be used for detailed cyber forensic service, consultancy, vulnerability assessment, and/or other activities requiring The Sentinel Protocols’ help. To incentivize the early participants or early Sentinels, the initial inflation ratio will be set between 3 to 7% per year, decreasing gradually each year. Similarly, the rewards of UPP tokens for performing similar contributions will gradually reduce. 30% of UPP revenues will go towards community contributors. _______________________________________ Opportunities - Security is one of the most important issues concerning the growth of cryptocurrencies. There are countless scam attempts on Telegram, Twitter, Slack, and so on. If successful, the potential for the project can be huge. - Most people focus on how not to get scammed/hacked in the first place, whereas Sentinel Protocol focuses on tracing the transactions/wallets of hackers. There is no competing project that we know of, therefore the project has a first mover advantage. - The project plans to partner up with exchanges to prevent hackers converting their stolen coins back to fiat. This provides a clear go-to-market strategy for quick adoption of the project. _______________________________________ Concerns - The project relies on network effect to create a rich database of threats. The protocol’s usefulness is limited if not a lot of people report scam addresses/transactions. - Because the project requires manual and real-time verification of fraudulent addresses/transactions, we believe the system would be fairly labor intensive. _______________________________________ Disclaimer The information in this video is for educational purposes only and is not investment advice. Please do your own research before making any investment decisions. Cryptocurrency investments are volatile and high risk in nature. Don't invest more than what you can afford to lose. Crush Crypto makes no representations, warranties, or assurances as to the accuracy, currency or completeness of the content contained in this video or any sites linked to or from this video.
Views: 3940 Crush Crypto
Heartbleed bug: How this dangerous computer security vulnerability works
 
00:56
A bug was reported in the OpenSSL protocol, which up to two-thirds of websites rely on, late Monday evening that has serious and wide-ranging ramifications, according to a report by CNN. Internet traffic is typically easy for anyone to view, but using a protocol called SSL, the traffic between servers is encrypted. The newly discovered bug, dubbed "Heartbleed", however, opens a window of opportunity for a hacker to listen in on the traffic between computers. Using the bug, a hacker could randomly fish for data in the hopes of finding something valuable. While this process may seem tedious, hackers have tools at their disposal to sift through all the data files easily. Google, Microsoft and Apple have patched their systems, while Yahoo is said to be halfway through. There are other major tech companies that are still in the process of patching their systems, however. OpenSSL 1.0.1g patches the bug, but it will take some time before all IT departments in the world can apply the fix to their systems. Technology website The Verge reported that most banks, webapps and web hosting companies made the switch immediately and users are unlikely to face any immediate security threats. The reported bug, however, is nearly 2 years old, and there is no way of telling if it has been exploited before. Security experts are recommending that netizens change their passwords anyplace where sensitive data is currently stored.
Views: 1079 News Direct
Aleksey Tiurin  - MITM Attacks on HTTPS Another Perspective
 
57:22
The purpose of TLS/HTTPS is to protect from MITM attacks. We used to think about attacks on TLS/HTTPS from cryptographic perspective. But what if we look at basic architectural solutions of TLS? For example, certificate authentication is only possible until certain level at specific host or, even wider, group of hosts. Remember that TLS/HTTPS is not a self-sufficient entity, and modern systems consist of a number of interconnected technologies, protocols and services. Lets add a little logic, a pinch of tricks and we have the opportunity to make a MITM attack on HTTPS! Slides - https://2017.zeronights.org/wp-content/uploads/materials/ZN17_Aleksei%20Tiurin_MITM%20Attacks%20on%20HTTPS%20Another%20Perspective.pdf
Views: 314 ZeroNights
Critical .zip vulnerabilities? - Zip Slip and ZipperDown
 
12:30
What is going on with .zip files. What is this new critical vulnerability that seems to affect everything? ... old is new again. Resources: - ZipperDown: https://zipperdown.org/ - Zip Slip: https://snyk.io/research/zip-slip-vulnerability - Zip Specification: https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT - The Complete Guide to Hacking WWIV: http://phrack.org/issues/34/5.html#article - Go library Fix Bypass: https://github.com/mholt/archiver/pull/65#issuecomment-395988244 Gynvael: - Hacking Livestream #53: The ZIP file format https://www.youtube.com/watch?v=X7j2sisMKzk - Ten thousand security pitfalls: the ZIP file format http://gynvael.coldwind.pl/?id=682 - GynvaelEN Channel: https://www.youtube.com/GynvaelEN - Twitter: https://twitter.com/gynvael Ange Albertini / Corkami - Funky Fileformats Talk: https://www.youtube.com/watch?v=hdCs6bPM4is - Funky Fileformats Slides: https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2562/original/Funky_File_Formats.pdf - Twitter: https://twitter.com/angealbertini / https://twitter.com/corkami -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #CVE #SecurityResearch
Views: 78376 LiveOverflow
HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128
 
15:47
URLs are surprisingly hard to read. Chrome Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=841105 Orange Tsai: https://twitter.com/orange_8361 A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages! - CODE BLUE: https://www.youtube.com/watch?v=2MslLrPinm0 Slides: https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #CVE #SecurityResearch
Views: 133032 LiveOverflow
DEF CON 23 - Chris Sistrunk - NSM 101 for ICS - 101 Track
 
38:47
Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Chris-Sistrunk-NSM-101-for-ICS.pdf NSM 101 for ICS Chris Sistrunk Sr. ICS Security Consultant, FireEye Is your ICS breached? Are you sure? How do you know? The current state of security in Industrial Control Systems is a widely publicized issue, but fixes to ICS security issues are long cycle, with some systems and devices that will unfortunately never have patches available. In this environment, visibility into security threats to ICS is critical, and almost all of ICS monitoring has been focused on compliance, rather than looking for indicators/evidence of compromise. The non-intrusive nature of Network Security Monitoring (NSM) is a perfect fit for ICS. This presentation will show how NSM should be part of ICS defense and response strategy, various options for implementing NSM, and some of the capabilities that NSM can bring to an ICS security program. Free tools such as Security Onion, Snort IDS, Bro IDS, NetworkMiner, and Wireshark will be used to look at the ICS environment for anomalies. It will be helpful if attendees have read these books (but they aren't required): The Cuckoo's Egg by Cliff Stoll, The Practice of Network Security Monitoring by Richard Bejtlich, and Applied Network Security Monitoring by Chris Sanders and Jason Smith. Chris Sistrunk is a Senior Consultant at Mandiant, focusing on cyber security for industrial control systems (ICS) and critical infrastructure. Prior to joining Mandiant, Chris was a Senior Engineer at Entergy (over 11 years) where he was the Subject Matter Expert (SME) for SCADA systems. He has 10 years of experience in SCADA systems with tasks such as standards development, system design, database configuration, testing, commissioning, troubleshooting, and training. He was the co-overseer of the SCADA, relay, and cyber security labs at Entergy for 6 years. Chris has been working with Adam Crain of Automatak on Project Robus, an ICS protocol fuzzing project that has found and helped fix many implementation vulnerabilities in DNP3, Modbus, and Telegyr 8979. Chris helped organize the first ICS Village, which debuted at DEF CON 22. He is a Senior Member of IEEE, Mississippi Infragard President, member of the DNP Users Group, and also is a registered PE in Louisiana. He holds a BS in Electrical Engineering and MS in Engineering and Technology Management from Louisiana Tech University. Chris also founded and organizes BSidesJackson, Mississippi's only cyber security conference. Twitter: @chrissistrunk https://www.facebook.com/chrissistrunk
Views: 3465 DEFCONConference
27c3: Chip and PIN is Broken (en)
 
57:43
Speaker: Steven J. Murdoch Vulnerabilities in the EMV Protocol EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation. Known to bank customers as "Chip and PIN", it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN. In this paper we describe and demonstrate a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card's PIN, and to remain undetected even when the merchant has an online connection to the banking network. The fraudster performs a man-in-the-middle attack to trick the terminal into believing the PIN verified correctly, while telling the issuing bank that no PIN was entered at all. The paper considers how the flaws arose, why they remained unknown despite EMV's wide deployment for the best part of a decade, and how they might be fixed. Because we have found and validated a practical attack against the core functionality of EMV, we conclude that the protocol is broken. This failure is significant in the field of protocol design, and also has important public policy implications, in light of growing reports of fraud on stolen EMV cards. Frequently, banks deny such fraud victims a refund, asserting that a card cannot be used without the correct PIN, and concluding that the customer must be grossly negligent or lying. Our attack can explain a number of these cases, and exposes the need for further research to bridge the gap between the theoretical and practical security of bank payment systems. Smart cards have gradually replaced magnetic strip cards for point-of-sale and ATM transactions in many countries. The leading system, EMV (named after Europay, MasterCard, and Visa), has been deployed throughout most of Europe, and is currently being rolled out in Canada. As of early 2008, there were over 730 million EMV compliant smart cards in circulation worldwide. In EMV, customers authorize a credit or debit card transaction by inserting their card and entering a PIN into a point-of-sale terminal; the PIN is typically verified by the smart card chip, which is in turn authenticated to the terminal by a digital certificate. The transaction details are also authenticated by a cryptographic message authentication code (MAC), using a symmetric key shared between the payment card and the bank that issued the card to the customer (the issuer). EMV was heavily promoted under the "Chip and PIN" brand during its national rollout in the UK. The technology was advertised as a solution to increasing card fraud: a chip to prevent card counterfeiting, and a PIN to prevent abuse of stolen cards. Since its introduction in the UK the fraud landscape has changed significantly: lost and stolen card fraud is down, and counterfeit card fraud experienced a two year lull. But no type of fraud has been eliminated, and the overall fraud levels have actually risen (see Figure 1). The likely explanation for this is that EMV has simply moved fraud, not eliminated it. One goal of EMV was to externalise the costs of dispute from the issuing bank, in that if a disputed transaction has been authorised by a manuscript signature, it would be charged to the merchant, while if it had been authorised by a PIN then it would be charged to the customer. The net effect is that the banking industry, which was responsible for the design of the system, carries less liability for the fraud. The industry describes this as a 'liability shift'. In the past few years, the UK media have reported numerous cases where cardholders' complaints have been rejected by their bank and by government-approved mediators such as the Financial Ombudsman Service, using stock excuses such as 'Your card was CHIP read and a PIN was used so you must have been negligent.' Interestingly, an increasing number of complaints from believable witnesses indicate that their EMV cards were fraudulently used shortly after being stolen, despite there having been no possibility that the thief could have learned the PIN. In this paper, we describe a potential explanation. We have demonstrated how criminals can use stolen "Chip and PIN" (EMV) smart cards without knowing the PIN. Since "verified by PIN" -- the essence of the system -- does not work, we declare the Chip and PIN system to be broken. For more information visit:http://bit.ly/27c3_information To download the video visit: http://bit.ly/27c3_videos
Views: 16516 Christiaan008
Cryptography, Cryptographic Security Controls & Cryptography Security Techniques Explained
 
16:57
Thanks For Watching This Video, I Hope You Must Have Liked It. If yes then please hit the subscribe button as I will be uploading a lot of IT security related training videos on this channel and if you will be my subscriber then you my friend will be the first one who will be notified about all my new videos my friend. If you have any questions for the topic that I have discussed in this video then please feel free to comment my friend and I will be happy to respond back to your queries... Please note that - all ISO 27001 documents and standards are completely owned intellectual property & copyright of ISO. So in case if by any chance you are interested to study more about the standard that I have discussed here then please go to the official ISO website in order to purchase the standards. This channel is only created to generate awareness and best practices for Information Security in general and if by any chance you wish to implement any of the standards that I have discussed here then you have to first purchase them from official ISO website. This channel is only created to help anyone who is currently studying or planning to study about ISMS Information Security Management System ISO 27001 Implementation. I want to make my contribution in the information security community.This channel is only created to generate awareness and best practices for Information Security in general. Disclaimer: Since ISO 27001 is a very vast topic and the implementation varies for all organization's so I can't ever call myself an "expert" in this field, all the knowledge and information that I am sharing here is only based upon my past experience in information security field and may not be directly applicable within your organization as such. So please use your judgement before implementing anything based upon my suggestions. I request you not to rely on anything that I say here, I do my best to be as accurate and as complete information that I can provide you “but” only the published standards are definitive. Only the published ISO standards stand above any information that I have shared in any of my videos. Thanks, Your IT Security Friend Luv Johar Website : http://aajkatech.com/ iso 27001 explained, iso 27001 awareness trainings, iso 27001 free trainings online, Iso 27001 free tutorials, ISO 27001 training material free, lead auditor free training course, lead implementer free training course, ISMS training free, information security management system training free,
IOHK | Research; Prof. Elias Koutsoupias, Why game theory?
 
50:10
Developing Cardano is no small feat. There is no other project that has ever been built to these parameters, combining peer reviewed cryptographic research with an implementation in highly secure Haskell code. This is not the copy and paste code seen in so many other blockchains. Instead, Cardano was designed with input from a large global team including leading experts and professors in the fields of computer programming languages, network design and cryptography. We are extremely proud of Cardano, which required a months-long meticulous and painstaking development process by our talented engineers. Filmed on location at the IOHK summit 2018, Lisboa, Portugal 2018. https://iohk.io/blog/iohk-celebrates-a-successful-global-summit/ Elias Koutsoupias is a professor of computer science at the University of Oxford. His research interests include algorithmic aspects of game theory, economics and networks, online algorithms, decision-making under uncertainty, design and analysis of algorithms, computational complexity. He received the Gödel Prize of theoretical computer science in 2012 for his work on the price of anarchy, in reference to laying the foundations of algorithmic game theory. He is also the recipient of the ERC Advanced Grant “Algorithms, Games, Mechanisms, and the Price of Anarchy”. He previously held faculty positions at the University of California, Los Angeles (UCLA) and the University of Athens. He studied at the National Technical University of Athens (B.S. in electrical engineering) and the University of California, San Diego (Ph.D. in computer science). https://iohk.io/team/elias-koutsoupias/ http://www.cs.ox.ac.uk/people/elias.koutsoupias/Personal/ Selected Publications Worst−case equilibria Elias Koutsoupias and Christos H. Papadimitriou In Computer Science Review. Vol. 3. No. 2. Pages 65−69. 2009. Details about Worst−case equilibria | BibTeX data for Worst−case equilibria The k−server problem Elias Koutsoupias In Computer Science Review. Vol. 3. No. 2. Pages 105−118. 2009. Details about The k−server problem | BibTeX data for The k−server problem Activities Online Algorithms, Foundational Issues in Computational Learning, Algorithms At Large, Algorithmic Game Theory and Computational Economics -- See more at: https://iohk.io Get our latest news updates: https://iohk.io/blog/ Meet the team: https://iohk.io/team/ Learn about our projects: https://iohk.io/projects/cardano/ Read our papers: http://iohk.link/paper-ouroboros Visit our library: https://iohk.io/research/library/ In the press: https://iohk.io/press/ Work with us: https://iohk.io/careers/ See more on Cardano: https://iohk.io/projects/cardano/ -- The Cardano PortfolioThe Cardano HubThe source for all things Cardano https://www.cardanohub.org/en/home/ Cardano Blockchain Explorer An open source block explorer for the Cardano project https://cardanoexplorer.com Cardano Documentation Full technical documentation of the project https://cardanodocs.com Cardano Roadmap Development path of the Cardano project https://cardanoroadmap.com Why Cardano The philosophy behind the project https://whycardano.com Daedalus Platform Open source platform https://daedaluswallet.io The Cardano Foundation Supervisory and educational body for the Cardano Protocol https://cardanofoundation.org Cardano Foundation YouTube All the latest videos & tutorials https://www.youtube.com/channel/UCbQ9... Cardano Foundation Follow the Foundation https://twitter.com/CardanoStiftung Cardano Slack Join the conversation https://cardano.herokuapp.com Cardano reddit Join the conversation https://www.reddit.com/r/cardano/ IOHK Development partner https://iohk.io IOHK blog Read about the latest technology advancements https://iohk.io/blog/ —
Views: 4033 IOHK
CompTIA A+ PracticeTest 220-901.   1198 questions.  Exam Simulator. Free
 
04:48
If you are not prepared for COMPTIA certification 220-901 exam questions and want to get some help so, now you do not need to take tension. You can pass CompTIA A+ certification exam very simply and easily with our free 220-901 dumps. =================================================== ► BlueStacks Download Link: https://www.bluestacks.com/download.h... ► A+VCE Player 5.7.4 Cracked Download link: https://drive.google.com/file/d/1BL4drGfc8AzAEYuhKuoK-S9qRRH7fnHx/view?usp=sharing ► EXAM TEST CompTIA A+ http://gratisexam.com/ ====================================================== ► How to install BlueStacks: https://youtu.be/NXO5vPj515Y ====================================================== CompTIA. BrainDumps. CompTIA A+ Certification Exam CompTIA A+ Practical Application CompTIA A+ Essentials A+ Depot Technician Designation A+ Remote Support Technician Designation How To Open VCE Files Online - Best VCE File Viewer or Opener How to install BlueStacks How to open VCE file in bluestack and android device NEW QUESTION 1 Which of the following BEST describes the offensive participants in a tabletop exercise? A. Red team B. Blue team C. System administrators D. Security analysts E. Operations team Answer: A NEW QUESTION 2 After analyzing and correlating activity from multiple sensors, the security analyst has determined a group from a high-risk country is responsible for a sophisticated breach of the company network and continuous administration of targeted attacks for the past three months. Until now, the attacks went unnoticed. This is an example of ____. A. privilege escalation B. advanced persistent threat C. malicious insider threat D. spear phishing Answer: B NEW QUESTION 3 A system administrator who was using an account with elevated privileges deleted a large amount of log files generated by a virtual hypervisor in order to free up disk space. These log files are needed by the security team to analyze the health of the virtual machines. Which of the following compensating controls would help prevent this from reoccurring? (Select two.) A. Succession planning B. Separation of duties C. Mandatory vacation D. Personnel training E. Job rotation Answer: BD NEW QUESTION 4 A security analyst received a compromised workstation. The workstation's hard drive may contain evidence of criminal activities. Which of the following is the FIRST thing the analyst must do to ensure the integrity of the hard drive while performing the analysis? A. Make a copy of the hard drive. B. Use write blockers. C. Runrm -Rcommand to create a hash. D. Install it on a different machine and explore the content. Answer: B NEW QUESTION 5 File integrity monitoring states the following files have been changed without a written request or approved change. The following change has been made: chmod 777 -Rv /usr Which of the following may be occurring? A. The ownership pf /usr has been changed to the current user. B. Administrative functions have been locked from users. C. Administrative commands have been made world readable/writable. D. The ownership of/usr has been changed to the root user. Answer: C NEW QUESTION 6 A security analyst has created an image of a drive from an incident. Which of the following describes what the analyst should do NEXT? A. The analyst should create a backup of the drive and then hash the drive. B. The analyst should begin analyzing the image and begin to report findings. C. The analyst should create a hash of the image and compare it to the original drive's hash. D. The analyst should create a chain of custody document and notify stakeholders. Answer: C NEW QUESTION 7 An organization is requesting the development of a disaster recovery plan. The organization has grown and so has its infrastructure. Documentation, policies, and procedures do not exist. Which of the following steps should be taken to assist in the development of the disaster recovery plan? A. Conduct a risk assessment. B. Develop a data retention policy. C. Execute vulnerability scanning. D. Identify assets. Answer: D NEW QUESTION 8 ...... NEW QUESTION 9 An analyst was tasked with providing recommendations of technologies that are PKI X.509 compliant for a variety of secure functions. Which of the following technologies meet the compatibility requirement? (Select three.) A. 3DES B. AES C. IDEA D. PKCS E. PGP F. SSL/TLS G. TEMPEST Answer: BDF NEW QUESTION 10 After completing a vulnerability scan, the following output was noted: CVE-2011-3389 QID 42366 – SSLv3.0 / TLSv1.0 Protocol weak CBC mode Server side vulnerability Check with: openssl s_client -connect qualys.jive.mobile.com:443 – tlsl -cipher “AES:CAMELLIA:SEED:3DES:DES” Which of the following vulnerabilities has been identified? A. PKI transfer vulnerability. B. Active Directory encryption vulnerability. C. Web application cryptography vulnerability. D. VPN tunnel vulnerability. Answer: A
Wireless Vulnerabilities
 
08:54
NSA provides guidance on how to safeguard mobile products from external cyber threats. https://www.nsa.gov/resources/everyone/digital-media-center/video-audio/information-assurance/assets/files/wireless-vulnerabilities-transcript.pdf
TLS 1.2 Upgrade Testing - You Can't Sell Online Without TLS 1.2
 
03:42
Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL TLS 1.2 is coming so make sure you're payment processing is compatible with this TLS update. If it's not then you won't be able to process payments through your payment gateway. I show you how to test it in this short tutorial. TLS 1.2 Upgrade Testing - You Can't Sell Online Without TLS 1.2 https://youtu.be/RsQg7ySZ6Po Stop brute force attacks before they happen with this workshop: https://wplearninglab.com/brute-force-eliminator-workshop Grab your free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL Download your exclusive 10-Point WP Security Checklist: http://bit.ly/10point-wordpress-hardening-checklist I hope this information helps you! If you have any questions leave a comment below or ping me @WPLearningLab on Twitter. -------------- If you want more excellent WordPress information check out our website where we post WordPress tutorials daily. https://wplearninglab.com/ Connect with us: WP Learning Lab Channel: http://www.youtube.com/subscription_center?add_user=wplearninglab Facebook: https://www.facebook.com/wplearninglab Twitter: https://twitter.com/WPLearningLab Google Plus: http://google.com/+Wplearninglab Pinterest: http://www.pinterest.com/wplearninglab/
Malware Analysis - Word Document VBS Downloader
 
14:04
Ring Ø Labs -------------------- REPORT+SAMPLE: http://www.ringzerolabs.com/2017/09/triaging-malicious-word-document.html MALWARE ANALYSIS LAB SETUP: https://www.youtube.com/playlist?list=PLrJFR89Z-9SBDMiCtDT2_4SJxkFpc-k7P Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet :) Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 1181 H4rM0n1cH4cK
🌐 Sentinel Protocol ICO Review & Investment Analysis [UPP] Security for the Blockchain (NEW)
 
17:32
This ICO Review of Sentinel Protocol with in-depth coin analysis and ICO rating aims to provide valuable Investment advice to help us Investors find the right investing strategy. Sentinel Protocol aim to create a secure ecosystem for all crypto currencies Website: https://sentinelprotocol.io/ Whitepaper: https://sentinelprotocol.io/Sentinel%20Protocol%20Whitepaper%20English-2.pdf ▬▬▬▬▬▬▬▬JOIN TEAM EUROPE▬▬▬▬▬▬▬▬▬▬▬▬▬▬ LINKS: Download the presentation: https://drive.google.com/file/d/1aFmVbjDrFuecfDL3wDJBpjXZLKS93yrN/view?usp=sharing Subscribe: https://www.youtube.com/channel/UCULl8NCosaguwu85E018CBQ TWITTER: https://twitter.com/TeamEuropeBI ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Our Content is time sensitive, so don´t forget to subscribe and activate the notification for new videos! Latest information for the Top 3 undervalued Altcoins at the moment: https://www.youtube.com/watch?v=xXNuF... Watch our latest ICO Review about Yggdrash (YEED): https://youtu.be/AFm_CfGnyPY Watch our latest ICO Review about Mainframe (MFT): https://youtu.be/3sYsuPkvAps Watch our latest ICO Review about OPEN Platform: https://youtu.be/t64O1q_qWOc Watch our latest ICO Review about HybridBlock (HYB): https://youtu.be/9PIW-FGseCI Subscribe to our Playlist about all our ICO Reviews: https://www.youtube.com/playlist?list... Subscribe to our Playlist about our Top Altcoin Picks: https://www.youtube.com/playlist?list... ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Who is Team Europe? Watch our Intro Video here: https://youtu.be/NwNO0cWNsQE We are a young dedicated team from Austria with multiple university degrees, who realized the unique investment opportunities which offer us Bitcoin, Cryptocurrencies, Blockchain and, above all, decentralization. Our experience and networking in the financial sector and start-up area helped us in 2017 to benefit from the incredible hype about Bitcoin, Altcoins, and ICOs. Since then we are full-time investors in the blockchain area. Soon we move to the Crypto Valley in Zug, Switzerland to be the first Youtubers there to bring you insider information and interviews from the brightest minds in the blockchain industry. We strongly believe in the blockchain technology and that we will experience another hype so that ICOs can bring us once more the biggest profits. ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ In this channel, we filter all the unnecessary information that is irrelevant to investors and present you with only the relevant to find the right investment for each one of you. - No complicated explanations of the technology. - No lengthy talk without relevant information for your investment! - Only the most important numbers and information for investors! - We explain what you have to pay attention to! - How do I recognize a SCAM! ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ What can you expect in this video? Our videos are kept short to give you a quick overview of the project presented. After that, we will present you the most important facts for investors. Investing yes or no is the most common question. We can not answer this but will provide you with all the necessary information. ▬▬▬▬▬▬▬ICO GRADING:▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ PROTOTYPE: Without a prototype, most ICOs are not a good investment strategy. Which does not mean that we should not invest later in the project. TOKEN METRICS: Does the team just want our money or is the hard cap we want reasonable. TEAM: We analyze the team and see if they have the necessary knowledge and experience. HYPE: The most important factor in making money fast in an ICO! COMPETITION: How strong is it and what POTENTIAL does the project have? ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ THE BEST EXCHANGE FOR ALTCOINS: Binance (https://www.binance.com/) Cheapest EXCHANGE FOR BITCOIN: Bitstamp (https://www.bitstamp.net/) ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ DISCLAIMER I am not a financial advisor and anything that I say on this YouTube channel should not be seen as financial advice. I am only sharing my biased opinion based off of speculation and my personal experience. You should always understand that with investing there is always a risk. You should always do your own research before making any investment.
Views: 158 BIG Crypto
Blackhat 2012 EUROPE  - The Heavy Metal That Poisoned the Droid
 
53:09
This video is part of the Infosec Video Collection at SecurityTube.net: http://www.securitytube.net Blackhat 2012 EUROPE - The Heavy Metal That Poisoned the Droid https://media.blackhat.com/bh-eu-12/Erasmus/bh-eu-12-Erasmus-Heavy-Metal_Poisoned_Droid-WP.pdf https://media.blackhat.com/bh-eu-12/Erasmus/bh-eu-12-Erasmus-Heavy-Metal_Poisoned_Droid-Slides.pdf The widely publicised malware on the Android Marketplace relies on the fact that users do not review permissions when installing applications. A lesser known fact is that an installed application with no special permissions will often be able to access a user's most sensitive data regardless. Upon reviewing multiple Android handsets and applications, the sheer number of information disclosure vulnerabilities found was alarming. A live demonstration will be conducted on well-known Android phones, showing how a person's most sensitive data can be compromised by an attacker. After discovering many vulnerabilities in Android applications that allows information to be leaked and privileges to be escalated, it was clear that there was a need for a tool that allows security specialists to view the attack surface of applications from an unprivileged context and interact with them in an intuitive manner. Mercury is a tool that allows its user to dynamically examine the attack surface of applications that reside on a device and exploit them. It is split into two parts, using a client/server model in order to meet its goals. The design of the system works by placing a low-privileged server application that is deployed on the Android device which interacts with a command-line interface on the user's computer. This model provides users with a rich experience that will not disappoint. This class of tool is very different from source code analysis is as it is aimed to be a practical interactive platform for Android bug hunters. The main objective of Mercury is to be an auditing tool that can be used for many purposes. Some features which make this possible are the following: The ease with which a user can find relevant information about exposed application attack vectors Command-line interaction with applications on the device in order to find vulnerabilities The ability to write proof-of-concept exploits for vulnerabilities using a range of pre-defined commands. This effectively removes the need for custom application writing in order to perform tests against the target vulnerability. MWR Labs research that allows the exploitation of debuggable applications, SQL injection on content providers and various other privilege escalation techniques The exploitation wing of Mercury is currently under heavy development, finding innovative ways of escalating privileges from an unprivileged context. It is the hope that this tool will be released to the public as part of Tyrone's talk at BlackHat EU 2012. This talk would present multiple vulnerabilities found in Android handsets and techniques for exploiting different applications using Mercury.
Views: 2982 SecurityTubeCons
28c3: The coming war on general computation
 
54:35
Download hiqh quality version: http://bit.ly/sTTFyt Description: http://events.ccc.de/congress/2011/Fahrplan/events/4848.en.html Cory Doctorow: The coming war on general computation The copyright war was just the beginning The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The coming century will be dominated by war against the general purpose computer, and the stakes are the freedom, fortune and privacy of the entire human race. The problem is twofold: first, there is no known general-purpose computer that can execute all the programs we can think of except the naughty ones; second, general-purpose computers have replaced every other device in our world. There are no airplanes, only computers that fly. There are no cars, only computers we sit in. There are no hearing aids, only computers we put in our ears. There are no 3D printers, only computers that drive peripherals. There are no radios, only computers with fast ADCs and DACs and phased-array antennas. Consequently anything you do to "secure" anything with a computer in it ends up undermining the capabilities and security of every other corner of modern human society. And general purpose computers can cause harm -- whether it's printing out AR15 components, causing mid-air collisions, or snarling traffic. So the number of parties with legitimate grievances against computers are going to continue to multiply, as will the cries to regulate PCs. The primary regulatory impulse is to use combinations of code-signing and other "trust" mechanisms to create computers that run programs that users can't inspect or terminate, that run without users' consent or knowledge, and that run even when users don't want them to. The upshot: a world of ubiquitous malware, where everything we do to make things better only makes it worse, where the tools of liberation become tools of oppression. Our duty and challenge is to devise systems for mitigating the harm of general purpose computing without recourse to spyware, first to keep ourselves safe, and second to keep computers safe from the regulatory impulse. Transcript: https://github.com/jwise/28c3-doctorow/blob/master/transcript.md (CC-BY by Joshua Wise) SRT file with detailed timings (created automatically by YouTube) https://gist.github.com/3193854
Views: 229800 28c3
Lecture -3 TCP/IP - Part-1
 
59:59
Lecture Series on Internet Technologies by Prof.I.Sengupta, Department of Computer Science & Engineering ,IIT Kharagpur. For more details on NPTEL visit http://nptel.iitm.ac.in
Views: 294063 nptelhrd
CSS Keylogger - old is new again
 
11:29
This is "well known" research that resurfaces every other year. Let me tell you a story how I have heard about this in 2012 and putting it into perspective. Research "Scriptless Attacks – Stealing the Pie Without Touching the Sill" (2012): + Paper: https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf + Slides: https://www.slideshare.net/x00mario/stealing-the-pie + Talk recording: https://channel9.msdn.com/Events/Blue-Hat-Security-Briefings/BlueHat-Security-Briefings-Fall-2012-Sessions/BH1203 CSS Keylogger: https://github.com/maxchehab/CSS-Keylogging Stealing Data With CSS - Attack and Defense: https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense Twitter: + https://twitter.com/0x6D6172696F + https://twitter.com/sirdarckcat + https://twitter.com/garethheyes + https://twitter.com/thornmaker + https://twitter.com/mlgualtieri -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #SecurityResearch
Views: 216268 LiveOverflow
Deep Dive into Ethereum Classic (ETC)
 
10:03
Everything you need to know about Ethereum Classic, a distributed computing platform and operating system featuring smart contract functionality. Learn more: https://crushcrypto.com/ethereum-classic-analysis/ Website: https://ethereumclassic.org/ Community whitepaper: https://coss.io/documents/white-papers/ethereum-classic.pdf Technical documentation: https://ethereum-classic-guide.readthedocs.io/en/latest Join the official Crush Crypto Telegram channel for our latest publications and updates: https://t.me/joinchat/AAAAAESrVCwzd19x1DvDOQ Download the PDF version of the presentation: https://crushcrypto.com/wp-content/uploads/2018/09/CrushCrypto-Deep-Dive-into-Ethereum-Classic.pdf Download the free ICO Guide which contains 6 simple steps for analyzing any ICOs to find the winning projects: https://crushcrypto.com/youtube/ Note: This is not a paid review. We do not offer promotional or advertising services. Our content is based on our own research, analysis and personal opinion. _______________________________________ What is Ethereum Classic? After the DAO hack, there were three options for the Ethereum blockchain: do nothing, implement a soft fork, or implement a hard fork. Each choice had its pros and cons, although the Ethereum Foundation ending up deciding to do a hard fork to return funds lost in the hack to an account available to the original investors of the DAO, and most of the community agreed with this choice. Considering most of the community agreed with the hard fork, the new version of the chain was remained to be named Ethereum. Those opposed to the hard fork decided to remain on the old chain and coined the name Ethereum Classic. _______________________________________ Token Economics ETC is the native token of the Ethereum Classic blockchain – it is used as gas that incentivizes the network miners through fees from transactions and smart contracts. Up until block 1,920,000, ETH and ETC were the same currency, meaning all transactions before that block are shared between each network. The hard fork diverted ETH tokens into a new blockchain and the ETC ticker was created for the separate blockchain. Unlike Ethereum, ETC switched to a fixed token supply system in late 2017, with a hard cap around 210 million ETC to ever be created. _______________________________________ Strengths - Ethereum Classic is one of the more decentralized blockchains, with multiple development teams working on the protocol (ETCDEV, IOHK, and Ethereum Commonwealth), software for running a node, block explorers, wallets, etc. - Ethereum Classic benefits from inheriting the Ethereum codebase – the Ethereum Virtual Machine enables developers to create and test smart contracts that power decentralized applications. - Immutability – Ethereum Classic has shown that it values the “code is law” rule, meaning there is true immutability on the network and no transactions will ever be reversed. - Ethereum Classic is not bound to a governing entity like the Ethereum Foundation, and there is not one person with significant influence over the protocol. This is good from a decentralization standpoint. For Ethereum, the foundation plays a huge part in the future of the network, and people like Vitalik Buterin are viewed as critical to its success. _______________________________________ Weaknesses - Ethereum Classic has a relatively small community as compared to Ethereum and some other smart contract platforms. As a result, the development activity for Ethereum Classic is far less active than Ethereum. - Judging from the relative hash power compared to Ethereum, Ethereum Classic has a relatively low number of nodes and miners when compared to Ethereum. As a result, the network is more susceptible to 51% attacks and other attack vectors. - There are very few dApps running on Ethereum Classic. - The network is slow and faces the same scalability issue that Ethereum is facing. In the roadmap, the team will be exploring sharding and sidechain as a scaling option. However, no concrete work has been done yet as far as we know. - The immutability feature is both good and bad; transactions will never be reversed on Ethereum Classic but bad actors like the DAO hacker will get to keep their stolen funds. _______________________________________ Disclaimer The information in this video is for educational purposes only and is not investment advice. Please do your own research before making any investment decisions. Cryptocurrency investments are volatile and high risk in nature. Don't invest more than what you can afford to lose. Crush Crypto makes no representations, warranties, or assurances as to the accuracy, currency or completeness of the content contained in this video or any sites linked to or from this video.
Views: 2657 Crush Crypto
Malware Analysis - Malicious Office Document Metadata
 
08:06
Ring Ø Labs -------------------- WEBSITE: https://RingZeroLabs.com MALWARE ANALYSIS LAB SETUP: https://www.youtube.com/playlist?list=PLrJFR89Z-9SBDMiCtDT2_4SJxkFpc-k7P REDDIT: https://www.reddit.com/r/RingZero/ TWITTER: https://twitter.com/RingZeroLabs FACEBOOK: https://www.facebook.com/Ring-Zero-Labs-110227123029488 GOOGLE+: https://plus.google.com/b/117437081620745642342/117437081620745642342 Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet :) Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 631 H4rM0n1cH4cK
Malware Analysis - Malicious Link Files
 
14:59
Ring Ø Labs -------------------- WEBSITE: https://RingZeroLabs.com : REPORT: http://www.ringzerolabs.com/2017/12/malicious-link-files.html MALWARE ANALYSIS LAB SETUP: https://www.youtube.com/playlist?list=PLrJFR89Z-9SBDMiCtDT2_4SJxkFpc-k7P Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet :) Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case, you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 554 H4rM0n1cH4cK
27C3 OMG WTF PDF - Julia Wolf (3/4)
 
15:01
OMG WTF PDF What you didn't know about Acrobat Ambiguities in the PDF specification means that no two PDF parsers will see a file in the same way. This leads to many opportunities for exploit obfuscation. PDFs are currently the greatest vector for drive-by (malware installing) attacks and targeted attacks on business and government. A/V technology is extraordinarily poor at detecting these. The PDF format itself is so diverse and vague, that an A/V would need to be 100% bug-compatible with the parser in the vulnerable PDF reader. You can also do cool tricks like make a single PDF file that displays completely differently in several different readers. 27C3 OMG WTF PDF - Julia Wolf (3/4) |Uploaded with TubeShack http://www.shacksoftware.com
Views: 794 HackingCons
Malware Analysis - Bypassing Malicious Word Document VBA Password Protection
 
19:23
Ring Ø Labs -------------------- REPORT+SAMPLE: http://www.ringzerolabs.com/2017/08/bypassing-anti-analysis-technique-in.html ANALYSIS SETUP: https://youtu.be/Onqql1Zz3OE WEBSITE: http://RingZeroLabs.com Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet :) Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 952 H4rM0n1cH4cK
Malware Analysis CVE2017 0199 RTF Document
 
17:32
Ring Ø Labs Analysis Environment Setup: https://www.youtube.com/edit?o=U&video_id=Onqql1Zz3OE Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet. www.RingZeroLabs.com Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 559 H4rM0n1cH4cK
DEF CON 24 - Marc Newlin - MouseJack: Injecting Keystrokes into Wireless Mice
 
42:35
What if your wireless mouse was an effective attack vector? Research reveals this to be the case for mice from Logitech, Microsoft, Dell, Lenovo, Hewlett-Packard, Gigabyte, and Amazon. Dubbed 'MouseJack', this class of security vulnerabilities allows keystroke injection into non-Bluetooth wireless mice. Imagine you are catching up on some work at the airport, and you reach into your laptop bag to pull out your phone charger. As you glance back at your screen, you see the tail end of an ASCII art progress bar followed by your shell history getting cleared. Before you realize what has happened, an attacker has already installed malware on your laptop. Or maybe they just exfiltrated a git repository and your SSH keys. In the time it took you to plug in your phone, you got MouseJacked. The attacker is camped out at the other end of the terminal, equipped with a commodity USB radio dongle and a directional patch antenna hidden in a backpack, and boards her plane as soon as the deed is done. The reality of MouseJack is that an attacker can inject keystrokes into your wireless mouse dongle from over 200 meters away, at a rate of up to 7500 keystrokes per minute (one every 8ms). Most wireless keyboards encrypt the data going between the keyboard and computer in order to deter sniffing, but wireless mouse traffic is generally unencrypted. The result is that wireless mice and keyboards ship with USB dongles that can support both encrypted and unencrypted RF packets. A series of implementation flaws makes it possible for an attacker to inject keystrokes directly into a victim's USB dongle using easily accessible, cheap hardware, in most cases only requiring that the user has a wireless mouse. The majority of affected USB dongles are unpatchable, making it likely that vulnerable computers will be common in the wild for the foreseeable future. This talk will explain the research process that lead to the discovery of these vulnerabilities, covering specific tools and techniques. Results of the research will be detailed, including protocol behavior, packet formats, and technical specifics of each vulnerability. Additional vulnerabilities affecting 14 vendors are currently in disclosure, and will be revealed during this talk. Marc is a security researcher and software engineer at Bastille Networks, where he focuses on RF/IoT threats present in enterprise environments. He has been hacking on software defined radios since 2013, when he competed as a finalist in the DARPA Spectrum Challenge. In 2011, he wrote software to reassemble shredded documents for the DARPA Shredder Challenge, finishing the competition in third place out of 9000 teams. Twitter: @marcnewlin
Views: 46051 DEFCONConference
Penetration Tester Consultant – Home Based
 
01:05
View our opportunity online: http://www.haigand.co/penetration-tester-consultant Penetration Tester Consultant – Home Based Haig&Co Cyber Security Practice is searching for an experienced Penetration Tester Consultant for a national CESG Cyber Security Consultancy based out of Bristol, but operating UK wide. The consultancy is headed up by a former military professional who has a formal HMG Security Clearance allowing him to provide clients with information assurance advice on systems processing information up to the highest level of clearance. The Role: We are looking for a seasoned Penetration Tester to partner with our client, working on white & black box penetration testing project across both private and public sectors. Working closely with the companies MD and Information Security Expert, you will insure that IT projects are delivered securely, on time and compliant with the relevant policies and standards. The candidate: You will be CHECK and/or CREST certified and will have a widespread of experience delivering on complex penetration testing projects. As well as assessing InfoSec infrastructures, reviewing systems and providing detailed risk reports inline with InfoSec policies, procedures, and standards. Key Responsibilities: Complete responsible for managing complex multi-faceted technical assessment projects Performing a variety of security testing assignments, including infrastructure and applications on both private & public sectors Detailed understanding of web applications, network /internet/mobile device security, including low-level knowledge of network traffic /protocols, Windows/Unix operating systems, firewalls, IDS etc. Collaborating with an information security matter expert, delivering exceptional results and services to clients whilst promoting and upselling business Knowledge and Experience: CREST and/or CHECK registered/certified tester (essential) TIGER QSTM/SST (desirable) Proven track record of managing application and network vulnerability assessments Experience developing custom scripts or tools used for vulnerability scanning and identification Experience with red teaming tests, physical security testing, phishing and social engineering techniques Experience of reviewing system design documentation; including Detailed Infrastructure Designs, Service Acceptance Criteria, and Non Functional Requirements etc. Ability to provide input to security requirements for complex IT operations Able to gain UK government SC clearance On Offer: An exciting opportunity is up for grabs, to support and grow with a successful UK security consultancy, working with a leading security professional who has worked on the UK DII project (Defence Information Infrastructure), the Type 45 Destroyer and Watchkeeper - the unmanned aerial vehicle, along with a competitive salary and flexible working hours. Tag words. cyber crime cyber attack cyber security cyber archive security analysis security awareness security alert security code Home Working Digital Investigations Audit Compliance Bristol Consultancy Defence RCA Data CESG Cyber Penetration Tester Encryption Type 45 Destroyer Defence Information Infrastructure Watchkeeper Forensics Healthcare job advert career opportunity
Views: 672 Haig&Co
Breaking ECDSA (Elliptic Curve Cryptography) - rhme2 Secure Filesystem v1.92r1 (crypto 150)
 
08:19
We are going to recover a ECDSA private key from bad signatures. Same issue the Playstation 3 had that allowed it to be hacked. -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #CTF #Cryptography
Views: 29832 LiveOverflow
Fastest Malware Analysis Lab Setup With FREE VM and Tools
 
13:37
Windows 90 Day VM Preview: https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ FLAREs Automatic Malware Analysis Lab Setup: https://github.com/fireeye/flare-vm Ring Ø Labs -------------------- WEBSITE: http://RingZeroLabs.com ANALYSIS LAB SETUP: https://youtu.be/qW-LzlVQyCg ANALYSIS TOOLS: https://youtu.be/Onqql1Zz3OE Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet :) Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 4569 H4rM0n1cH4cK
What is SUPPLEMENTAL ACCESS CONTROL? What does SUPPLEMENTAL ACCESS CONTROL mean?
 
03:12
What is SUPPLEMENTAL ACCESS CONTROL? What does SUPPLEMENTAL ACCESS CONTROL mean? SUPPLEMENTAL ACCESS CONTROL meaning - SUPPLEMENTAL ACCESS CONTROL definition - SUPPLEMENTAL ACCESS CONTROL explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ Supplemental Access Control (SAC) is a set of security features defined by ICAO for protecting data contained in electronic travel documents (e.g. electronic passports). SAC specifies the Password Authenticated Connection Establishment (PACE) protocol, which supplements and improves ICAO's Basic Access Control (BAC). PACE, like BAC, prevents two types of attacks: Skimming (online attack that consists in reading the RFID chip without physical access to the document and without the holder's approval). Prior to reading the chip, the inspection system needs to know some data that is printed on the document (e.g. the MRZ) or a key that is known only to the holder (personal identification number (PIN)), which means he has willingly handed the document for inspection. While BAC works only with the MRZ, PACE allows using card access numbers (short keys printed on the document) and PINs. Eavesdropping (offline attack that starts by recording the data exchanged between the reader and the chip, to be analyzed later). The inspection system uses PACE for establishing a secure communication channel with the contactless chip, but using stronger cryptography than BAC. PACE offers an excellent protection against offline attacks, raising the security of documents containing contactless chips to the level of documents using contact chips. With the implementation of PACE begins the third generation of electronic passports. EU members must implement PACE in electronic passports by the end of 2014. States, for the sake of global interoperability, must not implement PACE without implementing BAC, and inspection systems should implement PACE and use it if supported by the MRTD chip. Thus, it is important that global interoperability is achieved, to make the enhancement reliable for the document verification process. To achieve interoperability, there are so called Interoperability Tests. The results of the last test focusing on SAC describe the current state of implementation in the field. Version 1.1 (April 2014) of ICAO's "Supplemental Access Control" Technical Report introduces the Chip Authentication protocol as an alternative to Active Authentication and integrates it with PACE, achieving a new protocol (Chip Authentication Mapping, PACE-CAM ) which allows faster execution than the separate protocols.
Views: 55 The Audiopedia
Where To Download Malware For Analysis
 
03:46
Ring Ø Labs -------------------- WEBSITE: http://RingZeroLabs.com ANALYSIS LAB SETUP: https://youtu.be/qW-LzlVQyCg ANALYSIS TOOLS: https://youtu.be/Onqql1Zz3OE Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet :) Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 858 H4rM0n1cH4cK
DEFCON 15: (un)Smashing the Stack: Overflows, Countermeasures, and the Real World
 
57:06
Speaker: Shawn Moyer Chief Researcher, SpearTip Technologies As of today, Vista, XP, 2K03, OS X, every major Linux distro, and each of the BSD's either contain some facet of (stack|buffer|heap) protection, or have one available that's relatively trivial to implement/enable. So, this should mean the end of memory corruption-based attacks as we know it, right? Sorry, thanks for playing. The fact remains that many (though not all) implementations are incomplete at best, and at worst are simply bullet points in marketing documents that provide a false sense of safety. This talk will cover the current state of software and hardware based memory corruption mitigation techniques today, and demystify the myriad of approaches available, with a history of how they've been proven, or disproved. We'll then walk through some real-world analysis of attacks against vulnerable code, and look at how effective the various protection mechanisms are at stopping them. As an addition to this talk, I thought I'd put my money where my mouth is, so I'm offering a shiny new server up for "Øwn the box? Own the box!", running two services with known vulnerabilities that, hopefully, are protected by the countermeasures described in the talk. If it's compromised before the talk, the winner should be prepared to come up on stage and share how he / she succeeded. For more information visit: http://bit.ly/defcon15_information To download the video visit: http://bit.ly/defcon15_videos
Views: 1754 Christiaan008
DEF CON 22- David Wyde - Client-Side HTTP Cookie Security: Attack and Defense
 
33:19
Slides: https://defcon.org/images/defcon-22/dc-22-presentations/Wyde/DEFCON-22-David-Wyde-Client-Side-HTTP-Cookie-Security.pdf Client-Side HTTP Cookie Security: Attack and Defense David Wyde SOFTWARE ENGINEER, CISCO HTTP cookies are an important part of trust on the web. Users often trade their login credentials for a cookie, which is then used to authenticate subsequent requests. Cookies are valuable to attackers: passwords can be fortified by two-factor authentication and "new login location detected" emails, but session cookies typically bypass these measures. This talk will explore the security implications of how popular browsers store cookies, ways in which cookies can be stolen, and potential mitigations. David Wyde is a security researcher at Cisco Systems, with a background in web application development. His favorite type of cookie is double chocolate chip, but HTTP cookies are a close second. When he's not working with software, he enjoys playing chess, dodgeball, ping pong, and N64 Super Smash Bros. Website: http://davidwyde.com
Views: 6762 DEFCONConference
Bruce Schneier: "Click Here to Kill Everybody" | Talks at Google
 
52:52
Computer security professional, privacy specialist and writer Bruce Schneier discusses "Click Here to Kill Everybody", his latest book exploring the risks and security implications of our new, hyper-connected era. Bruce lays out common-sense policies that will allow us to enjoy the benefits of this omnipotent age without falling prey to the consequences of its insecurity. Get the book here: https://goo.gl/YDaVUX
Views: 17251 Talks at Google
Blackhat 2012 EUROPE  - HDMI - Hacking Displays Made Interesting
 
50:30
This video is part of the Infosec Video Collection at SecurityTube.net: http://www.securitytube.net Blackhat 2012 EUROPE - HDMI - Hacking Displays Made Interesting https://media.blackhat.com/bh-eu-12/Davis/bh-eu-12-Davis-HDMI-WP.pdf https://media.blackhat.com/bh-eu-12/Davis/bh-eu-12-Davis-HDMI-Slides.pdf Picture this scene, which happens thousands of times every day all around the world: Someone walks into a meeting room, sees a video cable and plugs it into their laptop. The other end of the cable is out of sight . it just disappears through a hole in the table. What is it connected to? Presumably the video projector bolted to the ceiling, but can it be trusted to just display their PowerPoint presentation?... This presentation discusses the security of video drivers which interpret and process data supplied to them by external displays, projectors and KVM switches. It covers all the main video standards, including VGA, DVI, HDMI and DisplayPort. It also details the construction of a hardware-based EDID fuzzer using an Arduino Microcontroller and a discussion of some of its findings.
Views: 2963 SecurityTubeCons
Malware Analysis - Obfuscated Locky Ransomware Downloader
 
10:25
Ring Ø Labs -------------------- REPORT+SAMPLE: http://www.ringzerolabs.com/2017/08/analyzing-several-layers-of-obfuscation.html ANALYSIS LAB SETUP: https://youtu.be/qW-LzlVQyCg ANALYSIS TOOLS: https://youtu.be/Onqql1Zz3OE Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet :) Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 780 H4rM0n1cH4cK
The Curse of Cross-Origin Stylesheets - Web Security Research
 
19:58
In 2017 a cool bug was reported by a researcher, which lead me down a rabbit hole to a 2014 and even 2009 bug. This provides interesting insight into how web security research looks like. cgvwzq's Bug (2017): https://bugs.chromium.org/p/chromium/issues/detail?id=788936 filedescriptor's Bug (2014): https://bugs.chromium.org/p/chromium/issues/detail?id=419383 scarybeasts' Bug (2009): https://bugs.chromium.org/p/chromium/issues/detail?id=9877 GynvaelEN: https://www.youtube.com/user/GynvaelEN Efail Stream: https://www.youtube.com/watch?v=VC_ItSQaUx4 -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #SecurityResearch
Views: 52006 LiveOverflow
From Bitcoin To Hashgraph (Documentary) Hidden Secrets Of Money Episode 8
 
01:14:26
Bonus Features: http://www.hiddensecretsofmoney.com Today, mankind stands at a crossroads, and the path that humanity chooses may have a greater impact on our freedom and prosperity than any event in history. In 2008 a new technology was introduced that is so important that its destiny, and the destiny of mankind are inextricably linked. It is so powerful that if captured and controlled, it could enslave all of humanity. But if allowed to remain free and flourish - it could foster unimaginable levels of peace and prosperity. It has the power to replace all financial systems globally, to supplant ninety percent of Wall St, and to provide some functions of government. It has no agenda. It's always fair and impartial. It can not be manipulated, subverted, corrupted or cheated. And - it inverts the power structure and places control of one's destiny in the hands of the individual. In the future, when we look back at the 2.6 million-year timeline of human development and the major turning points that led to modern civilization - the creation of farming, the domestication of animals, the invention of the wheel, the harnessing of electricity and the splitting of the atom - the sixty year development of computers, the internet and this new technology will be looked upon as a single event...a turning point that will change the course of human history. It's called Full Consensus Distibuted Ledger Technology, and so far its major use has been for cryptocurrencies such as Bitcoin....but its potential goes far, far beyond that. The Crypto Revolution: From Bitcoin to Hashgraph is our latest episode of Hidden Secrets of Money. It’s about the evolution of cryptocurrencies and full consensus distributed ledger technology, and how they will change our world. I believe that this video is by far the easiest way for the average person to gain an understanding of what cryptocurrencies are and how they work, but more importantly, the immense power of full consensus distributed ledger technology and the impact it will have on our daily lives. I have an absolute passion for monetary history and economics, and I love teaching them. Cryptocurrencies are our future, and there is no escaping it… this is the way everything will be done from now on. But, we now stand at a crucial turning point in history. Full consensus ledgers such as Blockchain and Hashgraph have the power to enslave us, or free us… it all depends on how we choose to use them. If we choose to support centralized versions issued by governments and the financial sector we will be granting them more control over our daily lives. Politicians and bureaucrats will be able raise taxes instantly, whenever they want, on every dollar you make as you make them, and every dollar you spend as you spend them. If they think the economy needs stimulating they'll be able to enforce huge negative interest rates, effectively punishing you for not spending everything you earn before you earn it. They'll be able to decide where you can go and where you can’t, what you can buy and what you can’t, and what you can do and whatever they decide you can’t do… and if they don't like you, they can just disconnect you from the monetary system. So, will the monetary system become fully distributed and help to free mankind, or will it be centralized and enslave us? The choice is in front of us right now, and our decisions will create our future. I believe that this will be a binary outcome, there is no middle ground, it will either be one future or the other. The question is, will it be the future we want? Or the future they want? I’m a precious metals dealer and one thing I’ve learned is that gold, silver, and now free market decentralized cryptocurrencies, represent freedom. Because of this knowledge I started investing in crypto currencies long ago and also became one of the first precious metals dealers to accept bitcoin as payment for gold and silver. I would really appreciate it if you could share this video with everyone you know. I think it’s very important that as many people as possible find out about the changes to the global monetary system that are happening right now… nothing will affect us more, and everyone’s future depends on it. Thanks, Mike If you enjoyed watching this video, be sure to pick up a free copy of Mike's bestselling book, Guide to Investing in Gold & Silver: https://goldsilver.com/buy-online/investing-in-gold-and-silver/ (Want to contribute closed captions in your language for our videos? Visit this link: http://www.youtube.com/timedtext_cs_panel?tab=2&c=UCThv5tYUVaG4ZPA3p6EXZbQ)
Malware Analysis - Choda Ransomware - The Lazy Malware
 
07:04
You can find a full write-up along with the analyzed sample here: http://www.ringzerolabs.com/2017/08/choda-ransomware-lazy-malware.html Ring Ø Labs Analysis Environment Setup: https://www.youtube.com/edit?o=U&video_id=Onqql1Zz3OE Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware and researching emergent threats. www.RingZeroLabs.com Here are some approaches in reverse engineering a malware sample: Reverse engineer: The most obvious approach is to completely reverse engineer a piece of malware. This obviously takes a great amount of time, so other approaches are more practical. Exploitation techniques: Another approach you can take is to focus on the exploitation techniques of a piece of malware. Occasionally you will see a piece of malware that is using a new exploitation technique, or is exploiting a zero-day vulnerability. In this case you may be interested only in the specific exploitation technique so you can timebox your analysis and only look at the exploitation mechanisms. Obfuscation: Malware will often obfuscate itself and make itself difficult to analyze. You might come across malware that you have seen before without obfuscation. In that case you may only want to focus on reverse engineering the new parts. Encryption methods: A common type of malware these days is ransomware. Ransomware essentially encrypts the victim's files and locks them up so that they can't be accessed or read. Oftentimes the authors of ransomware will make mistakes when they implement the encryption mechanisms. So if you focus your research on the encryption mechanisms you might be able to find weaknesses in their implementation and/or you might be able to find hard-coded keys or weak algorithms. C&C communication: This is something that is pretty commonly done when looking at malware. Analysts often want to figure out what the communication protocol is between a piece of malware on the client's side and the server on the command and control side. The communication protocol can actually give you a lot of hints about the malware’s capabilities. Attribution: Murky area - kind of like a dark art. It usually involves a lot of guesswork, knowledge of malicious hacking teams and looking at more than one piece of malware. Categorization and clustering: You can reverse engineer malware from a broader point of view. This involves looking at malware in bulk and doing a broad-stroke analysis on lots of different malware, rather than doing a deep dive. Techniques Now, let’s look at techniques that can be utilized while analyzing malware. First of all, we use static analysis. This is the process of analyzing malware or binaries without actually running them. It can be as simple as looking at metadata from a file. It can range from doing disassembly or decompilation of malware code to symbolic execution, which is something like virtual execution of a binary without actually executing it in a real environment. Conversely, dynamic analysis is the process of analyzing a piece of malware when you are running it in a live environment. In this case, you are often looking at the behavior of the malware and looking at the side effects of what it is doing. You are running tools like process monitor and sysmon to see what kinds of artifacts a piece of malware produces after it is run. We also use automated analysis. Oftentimes if you are looking at malware you want to automate things just to speed up the process to save time. However, use caution, as with automated analysis sometimes things get missed because you are trying to do things generically. If a piece of malware contains things like anti-debugging routines or anti-analysis mechanisms, you may want to perform a manual analysis. You need to pick the right tools for the job. DISCLAIMER: Our videos are strictly for documentary, educational, and entertainment purposes only. Imitation or the use of any acts depicted in these videos is solely AT YOUR OWN RISK. We (including YouTube) will not be held liable for any injury to yourself or damage to others resulting from attempting anything shown in any our videos. We do not endorse any specific product and this video is not an attempt to sell you a good or service. These videos are free to watch and if anyone attempts to charge for this video notify us immediately. By viewing or flagging this video you are acknowledging the above.
Views: 582 H4rM0n1cH4cK