Events for tag "Security"

All Your Gesundheitsakten Are Belong To Us

"So sicher wie beim Online-Banking": Die elektronische…

• 61 min
• 2018-12-27
• 4743
• Martin Tschirsich

Attacking Chrome IPC

Reliably finding bugs to escape the Chrome sandbox

• 54 min
• 2018-12-29
• 3109
• nedwill

Taking Bluetooth lockpicking to the next level

...or the 37th floor of a Hotel

• 46 min
• 2019-08-23
• 564
• Ray and mh

Du kannst alles hacken – du darfst dich nur nicht erwischen lassen.

OpSec für Datenreisende

• 57 min
• 2018-12-29
• 27809
• Linus Neumann and Thorsten Schröder

Ladeinfrastruktur für Elektroautos: Ausbau statt Sicherheit

Warum das Laden eines Elektroautos unsicher ist

• 52 min
• 2017-12-27
• 22793
• Mathias Dalheimer

Sichere Netzwerke mit pfSense

• 61 min
• 2018-08-26
• 2755
• Hagen Bauer

SCADA - Gateway to (s)hell

Hacking industrial control gateways

• 45 min
• 2017-12-30
• 5494
• Thomas Roth

OpenVPN im Unternehmenseinsatz

Realisierung einer Hochverfügbarkeitslösung mit dynamischem…

• 37 min
• 2011-08-20
• 107
• Dominik Fischer and Oliver Dumschat-Hötte

Web-based Cryptojacking in the Wild

When your browser is mining coins for other people

• 39 min
• 2018-12-29
• 1519
• Marius Musch

Internet of Dongs

A long way to a vibrant future

• 32 min
• 2018-12-29
• 6546
• Werner Schober

Skalierbares Auditing

• 54 min
• 2019-08-11
• 152
• Philipp Krenn

Build your own NSA

How private companies leak your personal data into the…

• 60 min
• 2016-12-28
• 15989
• Andreas Dewes and @sveckert

From Zero to Zero Day

• 48 min
• 2018-12-29
• 3215
• Jonathan Jacobi

A Dozen Years of Shellphish

From DEFCON to the DARPA Cyber Grand Challenge

• 57 min
• 2015-12-29
• 18756
• Antonio Bianchi, Jacopo Corbetta and Andrew Dutcher

DNSSEC

• 45 min
• 2016-08-21
• 202
• Christoph Egger

Running your own 3G/3.5G network

OpenBSC reloaded

• 56 min
• 2015-12-27
• 10842
• LaForge

Venenerkennung hacken

Vom Fall der letzten Bastion biometrischer Systeme

• 39 min
• 2018-12-27
• 13721
• starbug and Julian

(Un)Sicherheit von App-basierten TAN-Verfahren im Onlinebanking

• 60 min
• 2015-12-28
• 151687
• Vincent Haupert

Downgrading iOS: From past to present

• 52 min
• 2016-12-28
• 3029
• tihmstar

Building and Breaking Wireless Security

Wireless Physical Layer Security & More...

• 29 min
• 2015-12-29
• 76530
• jiska

Console Hacking 2016

PS4: PC Master Race

• 53 min
• 2016-12-27
• 42219
• marcan

Sicherheit von 125kHz Transpondern am Beispiel Hitag S

• 60 min
• 2015-12-28
• 19033
• Ralf Spenneberg, Hendrik Schwartke and Oguzhan Cicek

How Do I Crack Satellite and Cable Pay TV?

• 62 min
• 2016-12-27
• 13540
• Chris Gerlinsky

Dissecting Broadcom Bluetooth

• 43 min
• 2018-12-30
• 2252
• jiska and mantz

Turris: secure open source router

Who is the root on your router?

• 52 min
• 2018-08-26
• 95
• Michal Hrusecky

Electromagnetic Threats for Information Security

Ways to Chaos in Digital and Analogue Electronics

• 49 min
• 2017-12-28
• 1167
• @EMHacktivity and José Lopes Esteves

How hackers grind an MMORPG: by taking it apart!

An introduction to reverse engineering network protocols

• 54 min
• 2015-12-28
• 58632
• Rink Springer

Breaking Honeypots for Fun and Profit

• 54 min
• 2015-12-30
• 56157
• DeanSysman, Gadi Evron and Itamar Sher

Rowhammer.js: Root privileges for web apps?

A tale of fault attacks on DRAM and attacks on CPU caches

• 30 min
• 2015-12-28
• 25618
• Clémentine Maurice and Daniel Gruss

Die fabelhafte Welt des Mobilebankings

• 33 min
• 2017-12-27
• 18133
• Vincent Haupert

Untrusting the CPU

A proposal for secure computing in an age where we cannot…

• 61 min
• 2016-12-27
• 1856
• jaseg

radare demystified

after 1.0

• 62 min
• 2016-12-29
• 3580
• pancake

PQCHacks

A gentle introduction to post-quantum cryptography

• 60 min
• 2015-12-27
• 12314
• djb and Tanja Lange

Self-encrypting deception

weaknesses in the encryption of solid state drives (SSDs)

• 58 min
• 2018-12-29
• 1993
• Carlo Meijer

In Soviet Russia Smart Card Hacks You

• 38 min
• 2018-12-29
• 1636
• Eric Sesterhenn

wallet.fail

Hacking the most popular cryptocurrency hardware wallets

• 61 min
• 2018-12-27
• 24550
• Thomas Roth, Dmitry Nedospasov and Josh Datko

Deploying TLS 1.3: the great, the good and the bad

Improving the encrypted the web, one round-trip at a time

• 61 min
• 2016-12-27
• 5151
• Filippo Valsorda and Nick Sullivan

Decoding Contactless (Card) Payments

An Exploration of NFC Transactions and Explanation How…

• 58 min
• 2017-12-29
• 3075
• Simon Eumes

Doping your Fitbit

On Fitbit Firmware Modifications and Data Extraction

• 22 min
• 2017-12-27
• 6584
• jiska and DanielAW

Console Security - Switch

Homebrew on the Horizon

• 56 min
• 2017-12-28
• 18312
• plutoo, derrek and naehrwert

Shut Up and Take My Money!

The Red Pill of N26 Security

• 30 min
• 2016-12-27
• 47851
• Vincent Haupert

Hacking Containers and Kubernetes

Exploiting and protecting containers with a few lines of…

• 43 min
• 2019-08-21
• 1372
• Thomas Fricke

Sicher Programmieren mit Ruby on Rails

• 53 min
• 2015-08-23
• 142
• Mario Manno

Talking Behind Your Back

On the Privacy & Security of the Ultrasound Tracking…

• 59 min
• 2016-12-29
• 4903
• Vasilios Mavroudis and Federico Maggi

Memory Deduplication: The Curse that Keeps on Giving

A tale of 3 different memory deduplication based…

• 59 min
• 2016-12-29
• 2460
• Ben Gras, Kaveh Razavi, brainsmoke and Antonio Barresi

Web-App-Encryption

Is your data secure by default? How Django can be used to…

• 63 min
• 2014-08-23
• 263
• Didi Hoffmann

Tapping into the core

• 31 min
• 2016-12-28
• 2173
• Maxim Goryachy and Mark Ermolov

Jailbreaking iOS

From past to present

• 47 min
• 2018-12-28
• 2769
• tihmstar

GDPR and ePrivacy: Compliance Nightmares for Open-Source Projects?

• 45 min
• 2019-08-11
• 128
• Giannis Konstantinidis

iOS kernel exploitation archaeology

• 54 min
• 2017-12-27
• 2392
• argp

The Noise Protocol Framework

• 32 min
• 2017-12-28
• 952
• Trevor Perrin

SiliVaccine: North Korea's Weapon of Mass Detection

How I Learned to Stop Worrying and Love the Backdoor

• 52 min
• 2018-12-27
• 7184
• Mark Lechtik

Cloud Storage Encryption with Cryptomator

Cryptomator is a multi-platform, client-side encryption…

• 57 min
• 2015-08-23
• 442
• Sebastian Stenzel and Tobias Hagemann

Gone in 60 Milliseconds

Intrusion and Exfiltration in Server-less Architectures

• 33 min
• 2016-12-28
• 10358
• Rich Jones

Einführung zu Blockchains

• 61 min
• 2016-12-28
• 13747
• vimja

Mehr-Faktor-Authentifizierung am Puls der Zeit

Was ist neu in privacyIDEA

• 59 min
• 2016-08-21
• 107
• Cornelius Kölbel

PLC-Blaster

Ein Computerwurm für PLCs

• 58 min
• 2015-12-27
• 42698
• Maik Brüggemann and Ralf Spenneberg

Microarchitectural Attacks on Trusted Execution Environments

• 55 min
• 2017-12-27
• 915
• Keegan Ryan

1-day exploit development for Cisco IOS

• 45 min
• 2017-12-27
• 3513
• Artem Kondratenko

LO! An LLVM Obfuscator

• 45 min
• 2019-08-24
• 153
• Klondike

Check your privileges!

How to drop more of your privileges to reduce attack…

• 60 min
• 2015-12-29
• 76949
• Fefe

Provable Security

How I learned to stop worrying and love the backdoor

• 59 min
• 2018-12-29
• 1374
• FJW and Lukas

DPRK Consumer Technology

Facts to fight lore

• 31 min
• 2017-12-27
• 4599
• Will Scott and Gabe Edwards

Updates from the Onion

The Road to Mobile Tor and Improved Censorship Circumvention

• 43 min
• 2019-08-23
• 324
• GeKo

Tor onion services: more useful than you think

• 60 min
• 2015-12-29
• 81504
• Roger, David Goulet and asn

Attacking IoT Telemetry

A study of weaknesses in the pipeline of rapidly advancing…

• 70 min
• 2015-08-22
• 268
• Michael Schloh von Bennewitz

Intercoms Hacking

Call the frontdoor to install your backdoors

• 40 min
• 2016-12-28
• 2117
• Sebastien Dudek

Nintendo Hacking 2016

Game Over

• 61 min
• 2016-12-27
• 9557
• derrek, nedwill and naehrwert

Dissecting modern (3G/4G) cellular modems

• 58 min
• 2016-12-29
• 6823
• LaForge and holger

Inside Android’s SafetyNet Attestation: Attack and Defense

• 59 min
• 2017-12-28
• 1046
• Collin Mulliner

Circumventing video identification using augmented reality

• 30 min
• 2018-12-29
• 1079
• Jan Garcia

Microsofts Windows 10 Botnet

• 60 min
• 2015-12-30
• 121645
• ruedi

Exploiting PHP7 unserialize

teaching a new dog old tricks

• 44 min
• 2016-12-27
• 3924
• Yannay Livneh

Automated security testing for Software Developers who dont know security!

secure your apps and servers through continuous integration

• 49 min
• 2019-08-22
• 338
• cy

Modchips of the State

Hardware implants in the supply-chain

• 36 min
• 2018-12-27
• 4012
• Trammell Hudson

The Layman's Guide to Zero-Day Engineering

A demystification of the exploit development lifecycle

• 57 min
• 2018-12-28
• 2200
• Markus Gaasedelen and Amy (itszn)

Beyond your cable modem

How not to do DOCSIS networks

• 60 min
• 2015-12-27
• 218412
• Alexander Graf

Tales from Hardware Security Research

From Research over Vulnerability Discovery to Public…

• 45 min
• 2019-08-22
• 302
• Johannes and marc

Modern Windows Userspace Exploitation

• 50 min
• 2018-12-28
• 3433
• Saar Amar

A deep dive into the world of DOS viruses

Explaining in detail just how those little COM files…

• 38 min
• 2018-12-28
• 5999
• Ben Cartwright-Cox

eMMC hacking, or: how I fixed long-dead Galaxy S3 phones

A journey on how to fix broken proprietary hardware by…

• 56 min
• 2017-12-27
• 2243
• oranav

Where in the World Is Carmen Sandiego?

Becoming a secret travel agent

• 59 min
• 2016-12-27
• 23375
• Karsten Nohl and Nemanja Nikodijevic

Sichere Softwareentwicklung

Ein praktischer Einstieg

• 54 min
• 2016-08-21
• 209
• Stephan Kaps

What The Fax?!

Hacking your network likes it's 1980 again

• 46 min
• 2018-12-27
• 17469
• Yaniv Balmas and Eyal Itkin

The Rocky Road to TLS 1.3 and better Internet Encryption

• 60 min
• 2018-12-27
• 5478
• hanno

Everything you always wanted to know about Certificate Transparency

(but were afraid to ask)

• 60 min
• 2016-12-27
• 2882
• Martin Schmiedecker

Inside the AMD Microcode ROM

(Ab)Using AMD Microcode for fun and security

• 37 min
• 2018-12-27
• 7775
• Benjamin Kollenda and Philipp Koppe

Thunderstrike 2

• 43 min
• 2015-12-27
• 8453
• Trammell Hudson

Wallet Security

How (not) to protect private keys

• 35 min
• 2018-12-28
• 1333
• Stephan Verbücheln

Compromising online accounts by cracking voicemail systems

• 42 min
• 2018-12-27
• 5206
• Martin Vigo

Truly cardless: Jackpotting an ATM using auxiliary devices.

• 35 min
• 2018-12-29
• 5404
• Olga Kochetova and Alexey Osipov

Squeezing a key through a carry bit

• 50 min
• 2017-12-27
• 1249
• Filippo Valsorda

Bootstraping a slightly more secure laptop

• 47 min
• 2016-12-27
• 6565
• Trammell Hudson

De-anonymizing Programmers

Large Scale Authorship Attribution from Executable Binaries…

• 59 min
• 2015-12-29
• 39432
• Aylin

AppArmor Crashkurs

Lerne in unter einer Stunde, AppArmor-Profile zu erstellen…

• 45 min
• 2019-08-10
• 119
• Christian Boltz

Privacy leaks in smart devices: Extracting data from used smart home devices

• 51 min
• 2019-08-21
• 503
• Dennis Giese

Resilienced Kryptographie

• 59 min
• 2017-12-29
• 2355
• ruedi and cforler

Viva la Vita Vida

Hacking the most secure handheld console

• 56 min
• 2018-12-29
• 3594
• Yifan Lu and Davee

How to drift with any car

(without your mom yelling at you)

• 51 min
• 2017-12-28
• 8062
• Guillaume Heilles and P1kachu

TAPS Transport Services API

Retiring the BSD Socket API

• 44 min
• 2019-08-22
• 74
• phils

CloudABI

Cloud computing meets fine-grained capabilities

• 57 min
• 2015-08-22
• 54
• Ed Schouten

Defeating (Not)Petya's Cryptography

• 54 min
• 2017-12-27
• 1060
• Sebastian Eschweiler

Predicting and Abusing WPA2/802.11 Group Keys

• 60 min
• 2016-12-27
• 1391
• Mathy Vanhoef

Datengarten 50

ZigBee

• 93 min
• 2015-04-14
• 912
• Stephan

Console Hacking

Breaking the 3DS

• 72 min
• 2015-12-27
• 72207
• plutoo, derrek and smea

Mit dem Getränkeautomaten in die Cloud

Über die (Un-)Sicherheit eines Bezahlsystems

• 30 min
• 2019-08-23
• 1103
• Janis Streib

To Make Hearts Bleed

A Native Developer's Account On SSL

• 57 min
• 2014-08-24
• 126
• Daniel Molkentin

Sneaking In Network Security

Enforcing strong network segmentation, without anyone…

• 60 min
• 2018-12-29
• 2042
• Maximilian Burkhardt

Beyond Anti Evil Maid

Making it easier to avoid low-level compromise, and why…

• 60 min
• 2015-12-29
• 42358
• Matthew Garrett

Mobile Data Interception from the Interconnection Link

• 48 min
• 2017-12-28
• 1601
• Dr. Silke Holtmanns

Implementing an LLVM based Dynamic Binary Instrumentation framework

• 60 min
• 2017-12-28
• 1065
• Charles Hubain and Cédric Tessier

Introduction to (home) network security.

A beginner-friendly guide to network segmentation for…

• 41 min
• 2019-08-21
• 1920
• Egor

Intel ME: Myths and reality

• 62 min
• 2017-12-28
• 3909
• Igor Skochinsky and Nicola Corna

Domain Name System

Hierarchical decentralized naming system used since 30 years

• 42 min
• 2018-12-29
• 1398
• Hannes Mehnert

BootStomp: On the Security of Bootloaders in Mobile Devices

• 28 min
• 2017-12-27
• 1103
• Audrey Dutcher

Ghidra - An Open Source Reverse Engineering Tool

How the NSA open-sourced all software in 2019

• 60 min
• 2019-08-10
• 220
• larsborn

We should share our secrets

Shamir secret sharing: How it works and how to implement it

• 59 min
• 2017-12-28
• 917
• Daan Sprenkels

Dissecting VoLTE

Exploiting Free Data Channels and Security Problems

• 49 min
• 2015-12-28
• 16933
• Dongkwan and Hongil Kim

Are all BSDs created equally?

A survey of BSD kernel vulnerabilities.

• 58 min
• 2017-12-29
• 6185
• Ilja van Sprundel

How not to use OAuth

New security recommendations for OAuth

• 56 min
• 2019-08-10
• 229
• Dr. Daniel Fett

LinOTP und Single Sign On

Zwei-Faktor Authentisierung in der Praxis

• 53 min
• 2014-08-23
• 244
• Rainer Endres

Math Protected Social Interactions

• 38 min
• 2019-08-21
• 207
• ruedi

TrustZone is not enough

Hijacking debug components for embedded security

• 31 min
• 2017-12-30
• 486
• Pascal Cotret

On Smart Cities, Smart Energy, And Dumb Security

• 45 min
• 2016-12-29
• 3271
• Netanel Rubin

Windows drivers attack surface

some 'new' insights

• 60 min
• 2015-12-27
• 8984
• Ilja van Sprundel

Die DSGVO als Chance nutzen

Ein Fahrplan für ein mehr an Informationssicherheit in…

• 59 min
• 2019-08-11
• 88
• Hagen Bauer

Everything-as-Code – Anything Secure?

• 47 min
• 2019-08-10
• 74
• Jan Sudmeyer

CloudABI

Pure capability-based security for UNIX

• 62 min
• 2015-12-28
• 8625
• Ed Schouten

Visiting The Bear Den

A Journey in the Land of (Cyber-)Espionage

• 59 min
• 2016-12-27
• 2487
• Jessy Campos

Reversing UEFI by execution

• 60 min
• 2015-12-29
• 8637
• Jethro Beekman

Beyond the Pile of Knobs

Redesigning NoScript’s UX

• 46 min
• 2019-08-22
• 193
• Eileen Wagner

The plain simple reality of entropy

Or how I learned to stop worrying and love urandom

• 60 min
• 2015-12-29
• 17447
• Filippo Valsorda

Praktische Einführung in HashiCorp Vault

• 56 min
• 2018-08-26
• 312
• Timo Stankowitz

The Perl Jam 2

The Camel Strikes Back

• 60 min
• 2015-12-28
• 46789
• Netanel Rubin

Das Privoxy-Ökosystem

• 69 min
• 2016-08-21
• 166
• Fabian

Enclosure-PUF

Tamper Proofing Commodity Hardware and other Applications

• 61 min
• 2018-12-29
• 806
• Christian Zenger, David Holin and Lars Steinschulte

Towards (reasonably) trustworthy x86 laptops

• 62 min
• 2015-12-27
• 32016
• Joanna Rutkowska

500.000 Recalled Pacemakers, 2 Billion $ Stock Value Loss

The Story Behind

• 44 min
• 2019-08-22
• 421
• Tobias Zillner

Pegasus internals

Technical Teardown of the Pegasus malware and Trident…

• 29 min
• 2016-12-27
• 2265
• Max Bazaliy

What could possibly go wrong with <insert x86 instruction here>?

Side effects include side-channel attacks and bypassing…

• 55 min
• 2016-12-27
• 4997
• Clémentine Maurice and Moritz Lipp

Inside Intel Management Engine

• 51 min
• 2017-12-27
• 6477
• Maxim Goryachy and Mark Ermolov

Hardware-Trojaner in Security-Chips

Eine Reise auf die dunkle Seite

• 60 min
• 2015-12-27
• 63222
• Peter Laackmann and Marcus Janke

Fast Global Internet Scanning - Challenges and new Approaches

Or how to become your own ISP

• 42 min
• 2019-08-24
• 234
• Johannes Klick 'Garak'

How do we know our PRNGs work properly?

• 58 min
• 2016-12-29
• 2566
• Vladimir Klebanov and Felix Dörre

Architecture of secure IoT devices

Security by design

• 48 min
• 2019-08-24
• 255
• frehberg

IT-Unsicherheit in der Gebäudeautomation

Eine Bestandsaufnahme

• 58 min
• 2014-08-24
• 389
• Daniel Arenz

Modern Security Model for Embedded Linux Distributions

• 64 min
• 2016-08-21
• 60
• Aleksander Zdyb

The year in post-quantum crypto

• 70 min
• 2018-12-28
• 4689
• djb and Tanja Lange

Bitcoin

Open Sourcing Money

• 64 min
• 2014-08-24
• 477
• Levin Keller

avatar²

Towards an open source binary firmware analysis framework

• 55 min
• 2017-12-29
• 1173
• nsr

ASLR on the line

Practical cache attacks on the MMU

• 44 min
• 2017-12-28
• 2093
• brainsmoke

Physical Unclonable Functions: The Future Technology for Physical Security Enclosures?

• 47 min
• 2019-08-24
• 120
• Johannes

LatticeHacks

Fun with lattices in cryptography and cryptanalysis

• 65 min
• 2017-12-28
• 2929
• djb, Tanja Lange and Nadia Heninger

New memory corruption attacks: why can't we have nice things?

• 54 min
• 2015-12-27
• 7381
• gannimo and npc@berkeley.edu

Uncovering vulnerabilities in Hoermann BiSecur

An AES encrypted radio system

• 51 min
• 2017-12-28
• 773
• Markus Muellner and Markus Kammerstetter

Domain computers have accounts, too!

Owning machines through relaying and delegation

• 40 min
• 2019-08-23
• 328
• JaGoTu

A look into the Mobile Messaging Black Box

A gentle introduction to mobile messaging and subsequent…

• 63 min
• 2016-12-28
• 7225
• Roland Schilling and Frieder Steinmetz

Memsad

why clearing memory is hard.

• 61 min
• 2018-12-29
• 2188
• Ilja van Sprundel

First Sednit UEFI Rootkit Unveiled

• 40 min
• 2018-12-27
• 4006
• Frédéric Vachon

Recount 2016: An Uninvited Security Audit of the U.S. Presidential Election

• 60 min
• 2016-12-28
• 2681
• Matt Bernhard and J. Alex Halderman

ATMs how to break them to stop the fraud

• 54 min
• 2016-12-28
• 3326
• Olga Kochetova and Alexey Osipov

Sichere Webanwendungen mit Clojure

• 46 min
• 2016-08-21
• 125
• Joy Clark and Simon Kölsch

IT-Sicherheit in vernetzten Gebäuden

Was kann man noch retten, wenn langlebigen Strukturen…

• 46 min
• 2019-08-23
• 637
• Simeon

A Christmas Carol - The Spectres of the Past, Present, and Future

• 61 min
• 2018-12-28
• 1459
• Moritz Lipp, Michael Schwarz, Daniel Gruss and Claudio Canella

Anykernels meet fuzzing

how to make NetBSD a better software for you and me

• 43 min
• 2019-08-22
• 284
• Akat1 Majorana

Kernel Tracing With eBPF

Unlocking God Mode on Linux

• 54 min
• 2018-12-30
• 1731
• Jeff Dileo and Andy Olsen

(In)Security of Embedded Devices' Firmware - Fast and Furious at Large Scale

• 59 min
• 2015-12-29
• 87456
• Andrei Costin

KRACKing WPA2 by Forcing Nonce Reuse

• 61 min
• 2017-12-27
• 2935
• Mathy Vanhoef

Attacking end-to-end email encryption

Efail, other attacks and lessons learned.

• 60 min
• 2018-12-28
• 4575
• Sebastian Schinzel

Do as I Say not as I Do: Stealth Modification of Programmable Logic Controllers I/O by…

• 60 min
• 2016-12-29
• 856
• Ali Abbasi and Majid

SD-WAN a New Hop

How to hack software defined network and keep your sanity?

• 49 min
• 2018-12-27
• 1774
• Sergey Gordeychik

The long road to reproducible builds

why+how to create bit by bit identical binary packages

• 41 min
• 2015-08-23
• 110
• Holger 'h01ger' Levsen

Neither Snow Nor Rain Nor MITM… The State of Email Security in 2015

• 49 min
• 2015-12-29
• 14404
• Zakir Durumeric

DoH or Don't

The dilemma of DNS privacy protocols

• 43 min
• 2019-08-21
• 489
• Carsten Strotmann

Logjam: Diffie-Hellman, discrete logs, the NSA, and you

• 61 min
• 2015-12-28
• 69932
• J. Alex Halderman and Nadia Heninger

APT Reports and OPSEC Evolution, or: These are not the APT reports you are looking for

How advanced threat actors learn and change with innovation…

• 60 min
• 2015-12-27
• 32956
• Inbar Raz and Gadi Evron

Code BROWN in the Air

A systemic update of sensitive information that you sniff…

• 37 min
• 2016-12-28
• 934
• miaoski

The DROWN Attack

Breaking TLS using SSLv2

• 55 min
• 2016-12-27
• 1806
• Sebastian Schinzel

Fighting back against Libra - Decentralizing Facebook Connect

Nym Anonymous Authentication Credentials

• 41 min
• 2019-08-25
• 180
• Harry Halpin

Lets break modern binary code obfuscation

A semantics based approach

• 60 min
• 2017-12-27
• 2182
• Tim Blazytko and Moritz Contag

Virtual Secure Boot

Secure Boot support in qemu, kvm and ovmf.

• 51 min
• 2016-12-30
• 1982
• Gerd Hoffmann

Type confusion: discovery, abuse, and protection

• 56 min
• 2017-12-30
• 839
• gannimo

Unpatchable

Living with a vulnerable implanted device

• 60 min
• 2015-12-28
• 44667
• Marie Moe and Eireann Leverett

Security in open source projects

• 50 min
• 2019-08-11
• 60
• Jose Manuel Ortega

Taking a scalpel to QNX

Analyzing & Breaking Exploit Mitigations and Secure Random…

• 46 min
• 2017-12-28
• 788
• Jos Wetzels and Ali Abbasi

On the Security and Privacy of Modern Single Sign-On in the Web

(Not Only) Attacks on OAuth and OpenID Connect

• 64 min
• 2016-12-28
• 1848
• Guido Schmitz (gtrs) and dfett

Integration einer FIDO U2F basierten Zwei-Faktor-Authentifizierung mit LinOTP

• 55 min
• 2015-08-23
• 263
• Christian Pommranz

Kerberos und OTP

Nur einmal authentisiert - aber stark!

• 49 min
• 2013-08-25
• 167
• Cornelius Kölbel

Key-logger, Video, Mouse

How to turn your KVM into a raging key-logging monster

• 49 min
• 2015-12-27
• 28777
• Yaniv Balmas

PostgreSQL Security

• 41 min
• 2019-04-27
• 91
• Hans-Jürgen Schönig

The Great Train Cyber Robbery

• 54 min
• 2015-12-27
• 19176
• Sergey Gordeychik, Aleksandr Timorin and repdet

Everything you want to know about x86 microcode, but might have been afraid to ask

An introduction into reverse-engineering x86 microcode and…

• 57 min
• 2017-12-28
• 11459
• Benjamin Kollenda and Philipp Koppe

MQA - A clever stealth DRM-Trojan

A critical look on a new audio Format

• 60 min
• 2017-12-30
• 1827
• Christoph Engemann and Anton.schlesinger@studio-singer.de

Alles meins!

Zugänge und Daten mit privacyIDEA absichern

• 59 min
• 2015-08-23
• 335
• Cornelius Kölbel

Container for Desktops

Security und Privacy mit LXC et.al. - auch auf…

• 61 min
• 2016-08-21
• 265
• Robert Matzinger

A Christmas Carol - The Spectres of the Past, Present, and Future

• 47 min
• 2019-04-27
• 57
• Claudio Canella, Daniel Gruss, Michael Schwarz and Moritz Lipp

Sanitizing PCAPs

Fun and games until someone uses IPv6 or TCP

• 43 min
• 2015-12-28
• 7745
• Jasper Bongertz

Container - Alles sicher oder was?

• 34 min
• 2019-04-27
• 73
• Martin Maurer

You can -j REJECT but you can not hide: Global scanning of the IPv6 Internet

Finding interesting targets in 128bit of entropy

• 46 min
• 2016-12-27
• 3774
• Tobias Fiebig

Introduction to Mix Networks and Katzenpost

a new anonymity movement

• 47 min
• 2019-08-23
• 307
• David Stainton and mo

IT-Sicherheit in mittelständischen Unternehmen

• 127 min
• 2015-04-29
• 3148
• Mirar

Gibberish Detection 102

• 58 min
• 2015-12-29
• 21322
• Ben H.

DANEn lügen nicht

SSL/TLS Zertifikate mit DNSSEC absichern

• 61 min
• 2014-08-23
• 428
• Carsten Strotmann

Exploring fraud in telephony networks

• 62 min
• 2018-12-28
• 3695
• Merve Sahin and Aurélien Francillon

Shopshifting

The potential for payment system abuse

• 60 min
• 2015-12-27
• 98312
• Karsten Nohl, Fabian Bräunlein and dexter

What you see is not what you get - when homographs attack

• 29 min
• 2019-08-23
• 209
• Julio

Wheel of Fortune

Analyzing Embedded OS Random Number Generators

• 36 min
• 2016-12-28
• 1498
• Jos Wetzels and Ali Abbasi

What the flag is CTF?

• 41 min
• 2018-12-30
• 1740
• Andy

Decoding the LoRa PHY

Dissecting a Modern Wireless Network for the Internet of…

• 64 min
• 2016-12-29
• 15505
• Matt Knight

Smart Home - Smart Hack

Wie der Weg ins digitale Zuhause zum Spaziergang wird

• 51 min
• 2018-12-28
• 23018
• Michael Steigerwald