The call for papers for Hardwear.io USA 2024 is open. It will take place May 31st through June 1, 2024.
a5538868f308cd9bb2ec3f056b3154503e81c208c926ca7d137401dabae1f61a
EuskalHack Security Congress seventh edition is a new proposal from the EuskalHack Computer Security Association, with the aim to promote the community growth and the culture in the digital security field. As usual, in this new edition proximity to our public and technical quality will be our hallmarks. With an estimated capacity of 200 people, EuskalHack Security Congress has established itself as the most relevant congress specialized in computer security in the Basque Country, and as a national reference. The profile of attendees include specialized companies, public organisms, professionals, hobbyists and students in the area of security and Information Technology. The congress will take place on the 21st and 22nd of June 2024 in the lovely city of Donostia San Sebastian (Gipuzkoa).
a72344689ad4897e2e6442ffc7f6807d041770096f4a804c22960c580db6927b
In this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel: SSH channel integrity (INT-PST) is broken for three widely used encryption modes. This allows prefix truncation attacks where some encrypted packets at the beginning of the SSH channel can be deleted without the client or server noticing it. They demonstrate several real-world applications of this attack. They show that they can fully break SSH extension negotiation (RFC 8308), such that an attacker can downgrade the public key algorithms for user authentication or turn off a new countermeasure against keystroke timing attacks introduced in OpenSSH 9.5. They also identified an implementation flaw in AsyncSSH that, together with prefix truncation, allows an attacker to redirect the victim's login into a shell controlled by the attacker. Related proof of concept code from their github has been added to this archive.
3d6be8cc2a9c624a06990226485956c5d92675a632da2182c2546e4af814ff93
BSidesSF is soliciting submissions for presentations and panels for BSidesSF 2024 in San Francisco on May 4 and 5 2024.
75e553207fcfe4803295c83bffc1e8269caff8e7f6dcc22679181410a2cfe306
Whitepaper titled BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses. It presents six novel attacks affecting chips from many major Bluetooth vendors.
348467e3c5ed34a3d7601f57132defd129109109224ba2966ff023f2babfce33
The Nullcon Berlin 2024 Call For Papers is open. It will take place March 14th through the 15th, 2024 in Berlin, Germany. Training courses are March 11th through the 13th.
9d898d2e9216636ff0ee2829f5372248546c6aacbe8d6ffd65fd875822b51870
The !CVE Project is an initiative to track and identify security issues that are not acknowledged by vendors but still are important for the security community.
b048c73843bf5ec0efa0043743dba221a703c3a314b73dbc5a6b254795d5cb61
This whitepaper demonstrates that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation. In prior work, this was not believed to be possible for the SSH protocol because the signature included information like the shared Diffie-Hellman secret that would not be available to a passive network observer. The paper shows that for the signature parameters commonly in use for SSH, there is an efficient lattice attack to recover the private key in case of a signature fault. The authors provide a security analysis of the SSH, IKEv1, and IKEv2 protocols in this scenario, and use their attack to discover hundreds of compromised keys in the wild from several independently vulnerable implementations.
481aab67e2963f899f4d0981c2be3f03e3ff14965119cb78e929b36c27b58597
BOOTSTRAP24, a hacker conference with that is heavy with hands-on participation, will take play February 24, 2024 in Austin, Texas, USA. The prior evening will be a mixer.
b1f9172e7f5d4b6075f403a3456e89348d944d9a2ffa74762c3f4765a53d55f8
Whitepaper called Everlasting ROBOT: the Marvin Attack. In this paper, the author shows that Bleichenbacher-style attacks on RSA decryption are not only still possible, but also that vulnerable implementations are common. The Marvin Attack is a return of a 25 year old vulnerability that allows performing RSA decryption and signing operations as an attacker with the ability to observe only the time of the decryption operation performed with the private key.
11fd5f5eb17765f91bb0b2d7fe6530d7a6e1e20781250cc9cc5e701006d329c9
Whitepaper called Cybersecurity in Industry 4.0 and Smart Manufacturing: The Rise of Security in the Age of IoT, IIoT, ICS, and SCADA. This article examines Industry 4.0's relationship with the rapidly developing technologies Internet of Things (IoT), Industrial Internet of Things (IIoT), Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) and why cyber security is important in these areas.
0458410365974be314b620bd7944a4541658322fd5a9cee88134e46a6317b29b
nullcon Goa 2023 will be having a live bug hunting competition to win money. Registration deadline is September 7, 2023. The conference will be held September 22nd through the 24th, 2023.
1cd891b4b4f7b63a38bb73250b01e63e89e37a5c67f9dcf2487b0a4a3db90a52
This paper focuses on using Windows APIs to exploit and bypass modern day defense systems. The idea here is to understand the approach of how a modern day threat adversary would definitely help blue teamers to improve their defense mechanism. This article is useful for both blue and red teamers.
a08987a70023a852cfeef5c85e21b3ba9fa78f1aa30066467583fa799fdca5e3
This archive holds a whitepaper called Introduction to Web Pentesting. It provides basic configuration for Burpsuite Proxy along with basic exploitation cross site scripting, SQL injection, cross site request forgery, and open redirects. Two copies of the whitepaper are included. One is in English and one is in Bulgarian.
1f0745a5f6bf458420ce54f01247d5149ab58cb8886e6f6c015a8dbfc0d9a6de
The call for papers for Hardwear.io 2023 in the Netherlands is now open. It will take place November 2nd through the 3rd, 2023 at the Marriott Hotel, The Hague, Netherlands.
ec87fd1f62c43c5094a8b7edcbb92181ee748aea83102c2abf02a405cf32899b
Whitepaper titled Everyone Knows SAP, Everyone Uses SAP, Everyone Uses RFC, No One Knows RFC: From RFC to RCE 16 Years Later.
ec3e058c8f83be6779103d8bb8f9cdbd4b8c1663435f67a9d7c36923c7afe54a
The expressiveness of Turing-complete blockchains implies that verifying a transaction's validity requires executing it on the current blockchain state. Transaction fees are designed to compensate actors for resources expended on transactions, but can only be charged from transactions included in blocks. In this work, the authors show that adversaries can craft malicious transactions that decouple the work imposed on blockchain actors from the compensation offered in return by introducing three attacks.
68b4adbac9a02de43d43f0c0b285dc603d363d3be1f6185ba4fe1c00129c1969
Whitepaper called Bughunter's Life-Style: A DIY guide to become an alone long time bughunter for ordinary people. Written in Spanish.
492728ae51fe482711c11af1be87bba75442f0506b3f42fe800bfc028dd68d50
In this paper, the authors present the efforts behind building a Special Interest Group (SIG) that seeks to develop a completely data-driven exploit scoring system that produces scores for all known vulnerabilities, that is freely available, and which adapts to new information.
8226a3dc718a8972e22524b28b782a704c31078e7997a2ddd07aeb9c9608798f
The Call For Papers for nullcon Goa 2023 is now open. Nullcon is an information security conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place September 23rd through the 24th, 2023 at the Birla Institute of Technology and Science (BITS) Pilani, Goa.
4a4d540392f90a1bf90132873bf5cebdace3aaa1fb17e07615a0a45bb57e9928
In this paper, the authors provide an in-depth analysis of the Not-Too-Safe Boot technique, which has been designed to bypass Endpoint Security Solutions like antivirus (AV), endpoint detection and response (EDR) and anti-tampering mechanisms remotely. This method builds on a local execution technique first published in 2007 and later utilized in a real world scenario by a ransomware in 2019.
4ab12a59151aa94280a3b9d4b96f18a83bea50df9c1d7059e19c8266fbd31001
This whitepaper illustrates different machine learning techniques for anomaly detection relating to bank transactions.
7c0d7aa12a9030c384da45dec3261c2fd038115e1291526f413603a7bf272956
The World Cryptologic Competition (WCC) 2023 is a fully-online and open competition using GitHub. The language of the competition is English. The WCC 2023 has a total duration of 295 days, from Sunday January 1st 2023 to Monday October 23rd 2023. Teams and Judges must complete registration before Wednesday June 1st.
12848db5eecde474ede8125eed53f5c8e8e8198f50e1cd86053ead35891713eb
B-Sides Ljubljana will be held June 16, 2023 in Ljubljana, Slovenia.
a8a7fd33b3af62a91c8455b5929954ee7b0ebda0b1976fcd6027df433714ce33
This paper describes a vulnerability in several implementations of the Secure Hash Algorithm 3 (SHA-3) that have been released by its designers. The vulnerability has been present since the final-round update of Keccak was submitted to the National Institute of Standards and Technology (NIST) SHA-3 hash function competition in January 2011, and is present in the eXtended Keccak Code Package (XKCP) of the Keccak team. It affects all software projects that have integrated this code, such as the scripting languages Python and PHP Hypertext Preprocessor (PHP). The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (without any restrictions on values to be XORed and even far beyond the location of the original buffer), thereby making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective.
e5ce94c802fc96b96a37593074295283819a7abf859a04a1c1cbfcdb566dcdb1