Whether you're a security researcher, a developer looking for some security guidance when writing these drivers, or just generally curious about driver internals, there's something here for all. In this talk, we will present a novel and effective multi-pronged strategy to catch malware at the DNS and IP level, as well as our unique 3D visualization engine. Although time has shown that these security measures are not perfect, and some may in fact be bypassed while actively running, an alternative approach is to subvert the system by running code before any of the security features kick. We even saw Trojans inserted in the supply chain. The speaker will demonstrate how to profit, steal sensitive information, and establish a persistent hold on the devices, and also how a seemingly modest attack could be used as part of a more advanced how to earn money mining bitcoins attack chain. We then detail the protocols associated with the example usage scenarios, and discuss the security implications of our proposed design.
On the other hand, ripe NCC has reached its last /8 IPv4 address space quite some time ago. Special support for embedding into firmware or OS kernel. Presented by Mikko Hypponen While on vacation Joe saw something weird happen on his machine, and thinks he might be owned. With mptcp network security is changed: how do you secure traffic when you can't see it all and when the endpoint addresses change in the middle of a connection? The session will also cover methods for identifying attempts to detect human behaviors, and recipes for bypassing these detection attempts. The first one relies on a long-known cryptographic weakness in the protocol that can be combined with long-known issues in TLS implementations to re-enable a flavor of the 2009 renegotiation attack that was thought to be fixed. In particular, we take a trip down memory lane and examine vulnerabilities found in all the popular hypervisors that have led to break-outs.