When the pandemic required everyone to work from home we saw a huge growth on the video conferencing market. It was this movement that made the organisation behind the Pwn2Own competition decide to add an ‘Enterprise Communications’ category to this year’s competition. Demonstrating a zero-day attack against the Zoom client would be rewarded with $200,000. […]
Category Archives: Talk
Why Attackers in Code Packages are Getting a Pass
Supply chain attacks are gaining popularity and we wanted to examine, from an attacker’s point of view, the difficulty of poising OSS packages. We found many alarming practices that hold back the security community from detecting those attackers. This is an invitation and a wake-up call for researchers to start examining new developments in the […]
Bypassing Windows Hello for Business and Pleasure
Windows Hello is the most popular passwordless solution that includes authentication by either PIN code or biometric authentication. Windows Hello promises better security – but is it the truth? In this session, we’ll introduce our research that shows how an attacker can bypass Windows Hello.
Automated 0-day Discovery in 2021 – Squashing the Low-Hanging Fruit
In past years, publicly available infrastructures such as Ghidra, AFL and Angr have put the “holy grail” of vulnerability research within our grasp: real-world automated 0-day identification, without any reliance on source code and with zero/minimal pre-configuration. After quickly presenting the INFRA:HALT vulnerabilities (affecting HCC embedded TCP/IP stack) and discussing exploitation techniques for the most […]
Eclectic Research, Esoteric Results
In this talk, Pedro will present some of his previous research, ranging from data exfiltration to IoT, from Android apps to back-end servers, exploring the barrier between the enthusiasm of the findings and the external perception of the results. He will talk about research results and their implications, explain the vulnerabilities themselves, the intellectual challenges, […]
How to Systematically Find 0-days in Open-Source Packages
In the realm of open-source packages, it’s sometimes easier for an attacker to find many less-sophisticated 0-days that affect many packages, rather than spending weeks or months to find a single hard-core 0-day vulnerability. In this talk, I’ll walk you through the processes we built for that.
1-Click to Infiltrate your Organization via Vulnerable VS Code Extensions
Attackers have looked all around for means to compromise organizations through developers: malicious 3rd party packages, leaked credentials, unpatched vulnerabilities, and more. But the place that has become the new threat laid under their nose: the IDE.