Events for tag "Security"

Du kannst alles hacken – du darfst dich nur nicht erwischen lassen.

OpSec für Datenreisende

• 57 min
• 2018-12-29
• 27093
• Linus Neumann and Thorsten Schröder

Smart Home - Smart Hack

Wie der Weg ins digitale Zuhause zum Spaziergang wird

• 51 min
• 2018-12-28
• 22054
• Michael Steigerwald

500.000 Recalled Pacemakers, 2 Billion $ Stock Value Loss

The Story Behind

• 44 min
• 2019-08-22
• 366
• Tobias Zillner

avatar²

Towards an open source binary firmware analysis framework

• 55 min
• 2017-12-29
• 1137
• nsr

Introduction to (home) network security.

A beginner-friendly guide to network segmentation for…

• 41 min
• 2019-08-21
• 1788
• Egor

Intel ME: Myths and reality

• 62 min
• 2017-12-28
• 3852
• Igor Skochinsky and Nicola Corna

Attacking Chrome IPC

Reliably finding bugs to escape the Chrome sandbox

• 54 min
• 2018-12-29
• 3070
• nedwill

Taking Bluetooth lockpicking to the next level

...or the 37th floor of a Hotel

• 46 min
• 2019-08-23
• 456
• Ray and mh

Resilienced Kryptographie

• 59 min
• 2017-12-29
• 2343
• ruedi and cforler

Mobile Data Interception from the Interconnection Link

• 48 min
• 2017-12-28
• 1582
• Dr. Silke Holtmanns

Fast Global Internet Scanning - Challenges and new Approaches

Or how to become your own ISP

• 42 min
• 2019-08-24
• 199
• Johannes Klick 'Garak'

wallet.fail

Hacking the most popular cryptocurrency hardware wallets

• 61 min
• 2018-12-27
• 24229
• Thomas Roth, Dmitry Nedospasov and Josh Datko

Decoding the LoRa PHY

Dissecting a Modern Wireless Network for the Internet of…

• 64 min
• 2016-12-29
• 14954
• Matt Knight

Where in the World Is Carmen Sandiego?

Becoming a secret travel agent

• 59 min
• 2016-12-27
• 23295
• Karsten Nohl and Nemanja Nikodijevic

Bootstraping a slightly more secure laptop

• 47 min
• 2016-12-27
• 6510
• Trammell Hudson

(Un)Sicherheit von App-basierten TAN-Verfahren im Onlinebanking

• 60 min
• 2015-12-28
• 151611
• Vincent Haupert

Updates from the Onion

The Road to Mobile Tor and Improved Censorship Circumvention

• 43 min
• 2019-08-23
• 286
• GeKo

A look into the Mobile Messaging Black Box

A gentle introduction to mobile messaging and subsequent…

• 63 min
• 2016-12-28
• 7193
• Roland Schilling and Frieder Steinmetz

Self-encrypting deception

weaknesses in the encryption of solid state drives (SSDs)

• 58 min
• 2018-12-29
• 1960
• Carlo Meijer

CloudABI

Pure capability-based security for UNIX

• 62 min
• 2015-12-28
• 8624
• Ed Schouten

Shut Up and Take My Money!

The Red Pill of N26 Security

• 30 min
• 2016-12-27
• 47604
• Vincent Haupert

SCADA - Gateway to (s)hell

Hacking industrial control gateways

• 45 min
• 2017-12-30
• 5441
• Thomas Roth

Mit dem Getränkeautomaten in die Cloud

Über die (Un-)Sicherheit eines Bezahlsystems

• 30 min
• 2019-08-23
• 1017
• Janis Streib

Console Hacking 2016

PS4: PC Master Race

• 53 min
• 2016-12-27
• 42031
• marcan

(In)Security of Embedded Devices' Firmware - Fast and Furious at Large Scale

• 59 min
• 2015-12-29
• 87452
• Andrei Costin

Compromising online accounts by cracking voicemail systems

• 42 min
• 2018-12-27
• 5175
• Martin Vigo

Exploiting PHP7 unserialize

teaching a new dog old tricks

• 44 min
• 2016-12-27
• 3898
• Yannay Livneh

Anykernels meet fuzzing

how to make NetBSD a better software for you and me

• 43 min
• 2019-08-22
• 257
• Akat1 Majorana

First Sednit UEFI Rootkit Unveiled

• 40 min
• 2018-12-27
• 3994
• Frédéric Vachon

We should share our secrets

Shamir secret sharing: How it works and how to implement it

• 59 min
• 2017-12-28
• 911
• Daan Sprenkels

IT-Sicherheit in vernetzten Gebäuden

Was kann man noch retten, wenn langlebigen Strukturen…

• 46 min
• 2019-08-23
• 573
• Simeon

The Noise Protocol Framework

• 32 min
• 2017-12-28
• 943
• Trevor Perrin

How Do I Crack Satellite and Cable Pay TV?

• 62 min
• 2016-12-27
• 13456
• Chris Gerlinsky

Web-based Cryptojacking in the Wild

When your browser is mining coins for other people

• 39 min
• 2018-12-29
• 1506
• Marius Musch

Console Security - Switch

Homebrew on the Horizon

• 56 min
• 2017-12-28
• 18217
• plutoo, derrek and naehrwert

What The Fax?!

Hacking your network likes it's 1980 again

• 46 min
• 2018-12-27
• 17330
• Yaniv Balmas and Eyal Itkin

From Zero to Zero Day

• 48 min
• 2018-12-29
• 3167
• Jonathan Jacobi

A Christmas Carol - The Spectres of the Past, Present, and Future

• 47 min
• 2019-04-27
• 56
• Claudio Canella, Daniel Gruss, Michael Schwarz and Moritz Lipp

Jailbreaking iOS

From past to present

• 47 min
• 2018-12-28
• 2741
• tihmstar

SD-WAN a New Hop

How to hack software defined network and keep your sanity?

• 49 min
• 2018-12-27
• 1757
• Sergey Gordeychik

The Layman's Guide to Zero-Day Engineering

A demystification of the exploit development lifecycle

• 57 min
• 2018-12-28
• 2164
• Markus Gaasedelen and Amy (itszn)

Circumventing video identification using augmented reality

• 30 min
• 2018-12-29
• 1062
• Jan Garcia

Sichere Softwareentwicklung

Ein praktischer Einstieg

• 54 min
• 2016-08-21
• 207
• Stephan Kaps

How not to use OAuth

New security recommendations for OAuth

• 56 min
• 2019-08-10
• 202
• Dr. Daniel Fett

Math Protected Social Interactions

• 38 min
• 2019-08-21
• 199
• ruedi

Modern Windows Userspace Exploitation

• 50 min
• 2018-12-28
• 3395
• Saar Amar

Logjam: Diffie-Hellman, discrete logs, the NSA, and you

• 61 min
• 2015-12-28
• 69926
• J. Alex Halderman and Nadia Heninger

Intercoms Hacking

Call the frontdoor to install your backdoors

• 40 min
• 2016-12-28
• 2111
• Sebastien Dudek

DANEn lügen nicht

SSL/TLS Zertifikate mit DNSSEC absichern

• 61 min
• 2014-08-23
• 428
• Carsten Strotmann

Doping your Fitbit

On Fitbit Firmware Modifications and Data Extraction

• 22 min
• 2017-12-27
• 6516
• jiska and DanielAW

Code BROWN in the Air

A systemic update of sensitive information that you sniff…

• 37 min
• 2016-12-28
• 933
• miaoski

How hackers grind an MMORPG: by taking it apart!

An introduction to reverse engineering network protocols

• 54 min
• 2015-12-28
• 58607
• Rink Springer

All Your Gesundheitsakten Are Belong To Us

"So sicher wie beim Online-Banking": Die elektronische…

• 61 min
• 2018-12-27
• 4350
• Martin Tschirsich

Privacy leaks in smart devices: Extracting data from used smart home devices

• 51 min
• 2019-08-21
• 440
• Dennis Giese

Beyond Anti Evil Maid

Making it easier to avoid low-level compromise, and why…

• 60 min
• 2015-12-29
• 42339
• Matthew Garrett

Sneaking In Network Security

Enforcing strong network segmentation, without anyone…

• 60 min
• 2018-12-29
• 2015
• Maximilian Burkhardt

Nintendo Hacking 2016

Game Over

• 61 min
• 2016-12-27
• 9531
• derrek, nedwill and naehrwert

What the flag is CTF?

• 41 min
• 2018-12-30
• 1729
• Andy

What could possibly go wrong with <insert x86 instruction here>?

Side effects include side-channel attacks and bypassing…

• 55 min
• 2016-12-27
• 4983
• Clémentine Maurice and Moritz Lipp

Virtual Secure Boot

Secure Boot support in qemu, kvm and ovmf.

• 51 min
• 2016-12-30
• 1982
• Gerd Hoffmann

Attacking end-to-end email encryption

Efail, other attacks and lessons learned.

• 60 min
• 2018-12-28
• 4524
• Sebastian Schinzel

Die fabelhafte Welt des Mobilebankings

• 33 min
• 2017-12-27
• 18021
• Vincent Haupert

Hacking Containers and Kubernetes

Exploiting and protecting containers with a few lines of…

• 43 min
• 2019-08-21
• 1270
• Thomas Fricke

The year in post-quantum crypto

• 70 min
• 2018-12-28
• 4639
• djb and Tanja Lange

Mehr-Faktor-Authentifizierung am Puls der Zeit

Was ist neu in privacyIDEA

• 59 min
• 2016-08-21
• 107
• Cornelius Kölbel

Sicherheit von 125kHz Transpondern am Beispiel Hitag S

• 60 min
• 2015-12-28
• 19029
• Ralf Spenneberg, Hendrik Schwartke and Oguzhan Cicek

Einführung zu Blockchains

• 61 min
• 2016-12-28
• 13683
• vimja

Ladeinfrastruktur für Elektroautos: Ausbau statt Sicherheit

Warum das Laden eines Elektroautos unsicher ist

• 52 min
• 2017-12-27
• 22708
• Mathias Dalheimer

The Rocky Road to TLS 1.3 and better Internet Encryption

• 60 min
• 2018-12-27
• 5438
• hanno

Inside the AMD Microcode ROM

(Ab)Using AMD Microcode for fun and security

• 37 min
• 2018-12-27
• 7738
• Benjamin Kollenda and Philipp Koppe

Talking Behind Your Back

On the Privacy & Security of the Ultrasound Tracking…

• 59 min
• 2016-12-29
• 4835
• Vasilios Mavroudis and Federico Maggi

LO! An LLVM Obfuscator

• 45 min
• 2019-08-24
• 134
• Klondike

Sichere Netzwerke mit pfSense

• 61 min
• 2018-08-26
• 2526
• Hagen Bauer

What you see is not what you get - when homographs attack

• 29 min
• 2019-08-23
• 188
• Julio

De-anonymizing Programmers

Large Scale Authorship Attribution from Executable Binaries…

• 59 min
• 2015-12-29
• 39429
• Aylin

Reversing UEFI by execution

• 60 min
• 2015-12-29
• 8633
• Jethro Beekman

Key-logger, Video, Mouse

How to turn your KVM into a raging key-logging monster

• 49 min
• 2015-12-27
• 28774
• Yaniv Balmas

Beyond your cable modem

How not to do DOCSIS networks

• 60 min
• 2015-12-27
• 218307
• Alexander Graf

A deep dive into the world of DOS viruses

Explaining in detail just how those little COM files…

• 38 min
• 2018-12-28
• 5940
• Ben Cartwright-Cox

Die DSGVO als Chance nutzen

Ein Fahrplan für ein mehr an Informationssicherheit in…

• 59 min
• 2019-08-11
• 86
• Hagen Bauer

Dissecting modern (3G/4G) cellular modems

• 58 min
• 2016-12-29
• 6765
• LaForge and holger

Venenerkennung hacken

Vom Fall der letzten Bastion biometrischer Systeme

• 39 min
• 2018-12-27
• 13583
• starbug and Julian

Tor onion services: more useful than you think

• 60 min
• 2015-12-29
• 81435
• Roger, David Goulet and asn

ATMs how to break them to stop the fraud

• 54 min
• 2016-12-28
• 3322
• Olga Kochetova and Alexey Osipov

Praktische Einführung in HashiCorp Vault

• 56 min
• 2018-08-26
• 302
• Timo Stankowitz

Provable Security

How I learned to stop worrying and love the backdoor

• 59 min
• 2018-12-29
• 1353
• FJW and Lukas

SiliVaccine: North Korea's Weapon of Mass Detection

How I Learned to Stop Worrying and Love the Backdoor

• 52 min
• 2018-12-27
• 7140
• Mark Lechtik

Automated security testing for Software Developers who dont know security!

secure your apps and servers through continuous integration

• 49 min
• 2019-08-22
• 299
• cy

Gone in 60 Milliseconds

Intrusion and Exfiltration in Server-less Architectures

• 33 min
• 2016-12-28
• 10306
• Rich Jones

Internet of Dongs

A long way to a vibrant future

• 32 min
• 2018-12-29
• 6451
• Werner Schober

PQCHacks

A gentle introduction to post-quantum cryptography

• 60 min
• 2015-12-27
• 12300
• djb and Tanja Lange

Architecture of secure IoT devices

Security by design

• 48 min
• 2019-08-24
• 215
• frehberg

Beyond the Pile of Knobs

Redesigning NoScript’s UX

• 46 min
• 2019-08-22
• 176
• Eileen Wagner

Exploring fraud in telephony networks

• 62 min
• 2018-12-28
• 3655
• Merve Sahin and Aurélien Francillon

Domain Name System

Hierarchical decentralized naming system used since 30 years

• 42 min
• 2018-12-29
• 1377
• Hannes Mehnert

Decoding Contactless (Card) Payments

An Exploration of NFC Transactions and Explanation How…

• 58 min
• 2017-12-29
• 3047
• Simon Eumes

Introduction to Mix Networks and Katzenpost

a new anonymity movement

• 47 min
• 2019-08-23
• 260
• David Stainton and mo

Datengarten 50

ZigBee

• 93 min
• 2015-04-14
• 907
• Stephan

Defeating (Not)Petya's Cryptography

• 54 min
• 2017-12-27
• 1057
• Sebastian Eschweiler

Building and Breaking Wireless Security

Wireless Physical Layer Security & More...

• 29 min
• 2015-12-29
• 76520
• jiska

Viva la Vita Vida

Hacking the most secure handheld console

• 56 min
• 2018-12-29
• 3534
• Yifan Lu and Davee

Everything-as-Code – Anything Secure?

• 47 min
• 2019-08-10
• 68
• Jan Sudmeyer

TAPS Transport Services API

Retiring the BSD Socket API

• 44 min
• 2019-08-22
• 70
• phils

A Christmas Carol - The Spectres of the Past, Present, and Future

• 61 min
• 2018-12-28
• 1449
• Moritz Lipp, Michael Schwarz, Daniel Gruss and Claudio Canella

Everything you want to know about x86 microcode, but might have been afraid to ask

An introduction into reverse-engineering x86 microcode and…

• 57 min
• 2017-12-28
• 11429
• Benjamin Kollenda and Philipp Koppe

Build your own NSA

How private companies leak your personal data into the…

• 60 min
• 2016-12-28
• 15891
• Andreas Dewes and @sveckert

Microsofts Windows 10 Botnet

• 60 min
• 2015-12-30
• 121627
• ruedi

To Make Hearts Bleed

A Native Developer's Account On SSL

• 57 min
• 2014-08-24
• 126
• Daniel Molkentin

DoH or Don't

The dilemma of DNS privacy protocols

• 43 min
• 2019-08-21
• 438
• Carsten Strotmann

Dissecting Broadcom Bluetooth

• 43 min
• 2018-12-30
• 2226
• jiska and mantz

Breaking Honeypots for Fun and Profit

• 54 min
• 2015-12-30
• 56148
• DeanSysman, Gadi Evron and Itamar Sher

In Soviet Russia Smart Card Hacks You

• 38 min
• 2018-12-29
• 1609
• Eric Sesterhenn

1-day exploit development for Cisco IOS

• 45 min
• 2017-12-27
• 3496
• Artem Kondratenko

Windows drivers attack surface

some 'new' insights

• 60 min
• 2015-12-27
• 8978
• Ilja van Sprundel

On Smart Cities, Smart Energy, And Dumb Security

• 45 min
• 2016-12-29
• 3252
• Netanel Rubin

PLC-Blaster

Ein Computerwurm für PLCs

• 58 min
• 2015-12-27
• 42695
• Maik Brüggemann and Ralf Spenneberg

radare demystified

after 1.0

• 62 min
• 2016-12-29
• 3545
• pancake

Modchips of the State

Hardware implants in the supply-chain

• 36 min
• 2018-12-27
• 3969
• Trammell Hudson

Recount 2016: An Uninvited Security Audit of the U.S. Presidential Election

• 60 min
• 2016-12-28
• 2680
• Matt Bernhard and J. Alex Halderman

Console Hacking

Breaking the 3DS

• 72 min
• 2015-12-27
• 72195
• plutoo, derrek and smea

The plain simple reality of entropy

Or how I learned to stop worrying and love urandom

• 60 min
• 2015-12-29
• 17422
• Filippo Valsorda

Memory Deduplication: The Curse that Keeps on Giving

A tale of 3 different memory deduplication based…

• 59 min
• 2016-12-29
• 2455
• Ben Gras, Kaveh Razavi, brainsmoke and Antonio Barresi

eMMC hacking, or: how I fixed long-dead Galaxy S3 phones

A journey on how to fix broken proprietary hardware by…

• 56 min
• 2017-12-27
• 2221
• oranav

Security in open source projects

• 50 min
• 2019-08-11
• 58
• Jose Manuel Ortega

Cloud Storage Encryption with Cryptomator

Cryptomator is a multi-platform, client-side encryption…

• 57 min
• 2015-08-23
• 441
• Sebastian Stenzel and Tobias Hagemann

Do as I Say not as I Do: Stealth Modification of Programmable Logic Controllers I/O by…

• 60 min
• 2016-12-29
• 855
• Ali Abbasi and Majid

Truly cardless: Jackpotting an ATM using auxiliary devices.

• 35 min
• 2018-12-29
• 3637
• Olga Kochetova and Alexey Osipov

AppArmor Crashkurs

Lerne in unter einer Stunde, AppArmor-Profile zu erstellen…

• 45 min
• 2019-08-10
• 109
• Christian Boltz

Shopshifting

The potential for payment system abuse

• 60 min
• 2015-12-27
• 98296
• Karsten Nohl, Fabian Bräunlein and dexter

Predicting and Abusing WPA2/802.11 Group Keys

• 60 min
• 2016-12-27
• 1391
• Mathy Vanhoef

Implementing an LLVM based Dynamic Binary Instrumentation framework

• 60 min
• 2017-12-28
• 1046
• Charles Hubain and Cédric Tessier

Lets break modern binary code obfuscation

A semantics based approach

• 60 min
• 2017-12-27
• 2174
• Tim Blazytko and Moritz Contag

Unpatchable

Living with a vulnerable implanted device

• 60 min
• 2015-12-28
• 44658
• Marie Moe and Eireann Leverett

The Perl Jam 2

The Camel Strikes Back

• 60 min
• 2015-12-28
• 46766
• Netanel Rubin

Tales from Hardware Security Research

From Research over Vulnerability Discovery to Public…

• 45 min
• 2019-08-22
• 270
• Johannes and marc

Visiting The Bear Den

A Journey in the Land of (Cyber-)Espionage

• 59 min
• 2016-12-27
• 2486
• Jessy Campos

Domain computers have accounts, too!

Owning machines through relaying and delegation

• 40 min
• 2019-08-23
• 299
• JaGoTu

Are all BSDs created equally?

A survey of BSD kernel vulnerabilities.

• 58 min
• 2017-12-29
• 6161
• Ilja van Sprundel

Sichere Webanwendungen mit Clojure

• 46 min
• 2016-08-21
• 123
• Joy Clark and Simon Kölsch

Container - Alles sicher oder was?

• 34 min
• 2019-04-27
• 66
• Martin Maurer

Web-App-Encryption

Is your data secure by default? How Django can be used to…

• 63 min
• 2014-08-23
• 263
• Didi Hoffmann

How to drift with any car

(without your mom yelling at you)

• 51 min
• 2017-12-28
• 8021
• Guillaume Heilles and P1kachu

Ghidra - An Open Source Reverse Engineering Tool

How the NSA open-sourced all software in 2019

• 60 min
• 2019-08-10
• 165
• larsborn

IT-Sicherheit in mittelständischen Unternehmen

• 127 min
• 2015-04-29
• 3135
• Mirar

Sanitizing PCAPs

Fun and games until someone uses IPv6 or TCP

• 43 min
• 2015-12-28
• 7745
• Jasper Bongertz

Type confusion: discovery, abuse, and protection

• 56 min
• 2017-12-30
• 837
• gannimo

Physical Unclonable Functions: The Future Technology for Physical Security Enclosures?

• 47 min
• 2019-08-24
• 96
• Johannes

Modern Security Model for Embedded Linux Distributions

• 64 min
• 2016-08-21
• 60
• Aleksander Zdyb

The Great Train Cyber Robbery

• 54 min
• 2015-12-27
• 19173
• Sergey Gordeychik, Aleksandr Timorin and repdet

Integration einer FIDO U2F basierten Zwei-Faktor-Authentifizierung mit LinOTP

• 55 min
• 2015-08-23
• 262
• Christian Pommranz

BootStomp: On the Security of Bootloaders in Mobile Devices

• 28 min
• 2017-12-27
• 1100
• Audrey Dutcher

Deploying TLS 1.3: the great, the good and the bad

Improving the encrypted the web, one round-trip at a time

• 61 min
• 2016-12-27
• 5136
• Filippo Valsorda and Nick Sullivan

OpenVPN im Unternehmenseinsatz

Realisierung einer Hochverfügbarkeitslösung mit dynamischem…

• 37 min
• 2011-08-20
• 106
• Dominik Fischer and Oliver Dumschat-Hötte

Check your privileges!

How to drop more of your privileges to reduce attack…

• 60 min
• 2015-12-29
• 76936
• Fefe

Untrusting the CPU

A proposal for secure computing in an age where we cannot…

• 61 min
• 2016-12-27
• 1851
• jaseg

Enclosure-PUF

Tamper Proofing Commodity Hardware and other Applications

• 61 min
• 2018-12-29
• 771
• Christian Zenger, David Holin and Lars Steinschulte

Inside Intel Management Engine

• 51 min
• 2017-12-27
• 6454
• Maxim Goryachy and Mark Ermolov

Wheel of Fortune

Analyzing Embedded OS Random Number Generators

• 36 min
• 2016-12-28
• 1498
• Jos Wetzels and Ali Abbasi

Tapping into the core

• 31 min
• 2016-12-28
• 2171
• Maxim Goryachy and Mark Ermolov

Taking a scalpel to QNX

Analyzing & Breaking Exploit Mitigations and Secure Random…

• 46 min
• 2017-12-28
• 784
• Jos Wetzels and Ali Abbasi

You can -j REJECT but you can not hide: Global scanning of the IPv6 Internet

Finding interesting targets in 128bit of entropy

• 46 min
• 2016-12-27
• 3769
• Tobias Fiebig

Downgrading iOS: From past to present

• 52 min
• 2016-12-28
• 3019
• tihmstar

LinOTP und Single Sign On

Zwei-Faktor Authentisierung in der Praxis

• 53 min
• 2014-08-23
• 244
• Rainer Endres

DPRK Consumer Technology

Facts to fight lore

• 31 min
• 2017-12-27
• 4583
• Will Scott and Gabe Edwards

KRACKing WPA2 by Forcing Nonce Reuse

• 61 min
• 2017-12-27
• 2923
• Mathy Vanhoef

Bitcoin

Open Sourcing Money

• 64 min
• 2014-08-24
• 476
• Levin Keller

Hardware-Trojaner in Security-Chips

Eine Reise auf die dunkle Seite

• 60 min
• 2015-12-27
• 63214
• Peter Laackmann and Marcus Janke

TrustZone is not enough

Hijacking debug components for embedded security

• 31 min
• 2017-12-30
• 479
• Pascal Cotret

Neither Snow Nor Rain Nor MITM… The State of Email Security in 2015

• 49 min
• 2015-12-29
• 14404
• Zakir Durumeric

LatticeHacks

Fun with lattices in cryptography and cryptanalysis

• 65 min
• 2017-12-28
• 2904
• djb, Tanja Lange and Nadia Heninger

Microarchitectural Attacks on Trusted Execution Environments

• 55 min
• 2017-12-27
• 912
• Keegan Ryan

GDPR and ePrivacy: Compliance Nightmares for Open-Source Projects?

• 45 min
• 2019-08-11
• 123
• Giannis Konstantinidis

Das Privoxy-Ökosystem

• 69 min
• 2016-08-21
• 166
• Fabian

Electromagnetic Threats for Information Security

Ways to Chaos in Digital and Analogue Electronics

• 49 min
• 2017-12-28
• 1166
• @EMHacktivity and José Lopes Esteves

The DROWN Attack

Breaking TLS using SSLv2

• 55 min
• 2016-12-27
• 1801
• Sebastian Schinzel

Alles meins!

Zugänge und Daten mit privacyIDEA absichern

• 59 min
• 2015-08-23
• 335
• Cornelius Kölbel

ASLR on the line

Practical cache attacks on the MMU

• 44 min
• 2017-12-28
• 2089
• brainsmoke

PostgreSQL Security

• 41 min
• 2019-04-27
• 89
• Hans-Jürgen Schönig

Turris: secure open source router

Who is the root on your router?

• 52 min
• 2018-08-26
• 95
• Michal Hrusecky

Memsad

why clearing memory is hard.

• 61 min
• 2018-12-29
• 2171
• Ilja van Sprundel

Skalierbares Auditing

• 54 min
• 2019-08-11
• 147
• Philipp Krenn

Pegasus internals

Technical Teardown of the Pegasus malware and Trident…

• 29 min
• 2016-12-27
• 2254
• Max Bazaliy

Attacking IoT Telemetry

A study of weaknesses in the pipeline of rapidly advancing…

• 70 min
• 2015-08-22
• 267
• Michael Schloh von Bennewitz

New memory corruption attacks: why can't we have nice things?

• 54 min
• 2015-12-27
• 7380
• gannimo and npc@berkeley.edu

MQA - A clever stealth DRM-Trojan

A critical look on a new audio Format

• 60 min
• 2017-12-30
• 1814
• Christoph Engemann and Anton.schlesinger@studio-singer.de

Inside Android’s SafetyNet Attestation: Attack and Defense

• 59 min
• 2017-12-28
• 1022
• Collin Mulliner

A Dozen Years of Shellphish

From DEFCON to the DARPA Cyber Grand Challenge

• 57 min
• 2015-12-29
• 18753
• Antonio Bianchi, Jacopo Corbetta and Andrew Dutcher

On the Security and Privacy of Modern Single Sign-On in the Web

(Not Only) Attacks on OAuth and OpenID Connect

• 64 min
• 2016-12-28
• 1846
• Guido Schmitz (gtrs) and dfett

The long road to reproducible builds

why+how to create bit by bit identical binary packages

• 41 min
• 2015-08-23
• 110
• Holger 'h01ger' Levsen

Uncovering vulnerabilities in Hoermann BiSecur

An AES encrypted radio system

• 51 min
• 2017-12-28
• 764
• Markus Muellner and Markus Kammerstetter

Wallet Security

How (not) to protect private keys

• 35 min
• 2018-12-28
• 1320
• Stephan Verbücheln

iOS kernel exploitation archaeology

• 54 min
• 2017-12-27
• 2386
• argp

Running your own 3G/3.5G network

OpenBSC reloaded

• 56 min
• 2015-12-27
• 10834
• LaForge

Dissecting VoLTE

Exploiting Free Data Channels and Security Problems

• 49 min
• 2015-12-28
• 16929
• Dongkwan and Hongil Kim

How do we know our PRNGs work properly?

• 58 min
• 2016-12-29
• 2562
• Vladimir Klebanov and Felix Dörre

Fighting back against Libra - Decentralizing Facebook Connect

Nym Anonymous Authentication Credentials

• 41 min
• 2019-08-25
• 163
• Harry Halpin

Thunderstrike 2

• 43 min
• 2015-12-27
• 8449
• Trammell Hudson

Squeezing a key through a carry bit

• 50 min
• 2017-12-27
• 1238
• Filippo Valsorda

Towards (reasonably) trustworthy x86 laptops

• 62 min
• 2015-12-27
• 32008
• Joanna Rutkowska

CloudABI

Cloud computing meets fine-grained capabilities

• 57 min
• 2015-08-22
• 54
• Ed Schouten

Kernel Tracing With eBPF

Unlocking God Mode on Linux

• 54 min
• 2018-12-30
• 1700
• Jeff Dileo and Andy Olsen

Gibberish Detection 102

• 58 min
• 2015-12-29
• 21319
• Ben H.

IT-Unsicherheit in der Gebäudeautomation

Eine Bestandsaufnahme

• 58 min
• 2014-08-24
• 388
• Daniel Arenz

Rowhammer.js: Root privileges for web apps?

A tale of fault attacks on DRAM and attacks on CPU caches

• 30 min
• 2015-12-28
• 25613
• Clémentine Maurice and Daniel Gruss

Kerberos und OTP

Nur einmal authentisiert - aber stark!

• 49 min
• 2013-08-25
• 161
• Cornelius Kölbel

Container for Desktops

Security und Privacy mit LXC et.al. - auch auf…

• 61 min
• 2016-08-21
• 264
• Robert Matzinger

Sicher Programmieren mit Ruby on Rails

• 53 min
• 2015-08-23
• 142
• Mario Manno

DNSSEC

• 45 min
• 2016-08-21
• 198
• Christoph Egger

Everything you always wanted to know about Certificate Transparency

(but were afraid to ask)

• 60 min
• 2016-12-27
• 2880
• Martin Schmiedecker

APT Reports and OPSEC Evolution, or: These are not the APT reports you are looking for

How advanced threat actors learn and change with innovation…

• 60 min
• 2015-12-27
• 32956
• Inbar Raz and Gadi Evron