HITB Lockdown Live Streaming Schedule – Summary

Schedule for Day 1 – Saturday, 25th of April

Session 1: 10:00am – 60 CVEs in 60 days  –> by Eran Shimony

MTE, a complementary approach to Fuzzing; DLL Hijacking, Symlinks abuse for privilege escalation / DoS. Automating these techniques and finding new vulnerabilities!

Session 2: 11:00am – The state of ICS security: then and now —> by Praveen Son & Ashish Gahlot

ICS / SCADA -focus on a lab-scale test bed for a 3 phase power distribution system under PLC control, supervised by an industrial SCADA system.  Case studies of vulnerability assessments, exploits and implications, mitigation techniques.

Session 3: 12:00 – Pwning ADOBE Reader multiple times with malformed strings  —> by KE LIU

Malformed strings vulnerabilities, exploitable ones! Modern SDLC should prevent them, but what happens when developers don’t follow up security controls/functions, or use them incorrectly? Leveraging conditions to achieve information disclosure / code execution!

Session 4: 14:00 – Open the gates – THE (IN)SECURITY OF Cloudless Door Systems —> by Jorg Schneider, Sebastian Nerf & Julian Beier

Ringing the bell – intercom world meets the IP world (for larger building intercoms, with IP-Gateways between the intercom bus systems and online. Using two devices for a closer look, used without the cloud – to take a closer look.

Session 5: 15:00 – Hiding in plain sight: analyzing recent evolutions in malware loaders —> by Holger Unterbrink & Edmund Brugmahin

Over the past year, there’s a significant increase in the volume / variety of malware loaders distributed worldwide. DNew generation of malware loaders feature increased  obfuscation, modularization, and maximum flexibility – for the operators of the botnets created, versus older methods. Discussing in more depth the shift in malware distribution, and evading detection. Techniques on how to threat hunt for these loaders and how to easier analyze them will be discussed!

Session 6: 16:00 – Vulnerable patterns in modern web environments —> by Joern Schneeweisz

Starting with comparing well known attack vectors between monolithic applications and microservice based architectures to understand the differences from both an attacker’s and defender’s perspective. Then looking at some surprising vulnerabilities which are not bound to single components but span more than one app or service.Examples showcasing general issue patterns underneath and exploit techniques (offensive) will be demonstrated and generalized such that they can be applied on other environments as well.  Countermeasures and protection mechanisms  (defensive) against these attacks within microservice architectures.

Session 7 17:00 – Exploiting directory permission on MacOS —> by Csaba Fitzl

How macOS and applications on macOS can be exploited, where directory / file permissions are incorrectly set. Incorrect settings are not trivial at first sight; bugs from simple arbitrary overwrites to file disclosures and privilege escalations will be reviewed. Different techniques will also be covered on how to control contents of file, when  direct write access is there (concepts apply to *nix based systems but focus is on macOS bugs).

Schedule for Day 2 – Sundat, 26th of April