• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Bad Sites   »   Black Hat Europe 2013 in Amsterdam

Black Hat Europe 2013 in Amsterdam

  • Posted on:March 31, 2013 at 4:20 pm
  • Posted in:Bad Sites
  • Author:
    Rainer Link (Senior Threat Researcher)
0

Black Hat Europe is a series of highly technical security conferences that gathers professionals, researchers, and leaders of the infosec industry. Below are some of my thoughts about the interesting discussions I attended, which include a compelling talk by Trend Micro threat researcher Kyle Wilhoit about ICS/SCADA.

Day 1

My colleague Kyle and I joined the first session of the full-day vehicle networks workshop. Robert Leale of www.canbushack.com gave a nice introduction to controller area network (CAN) bus and other bus systems by, in which he gave basic information on the types of networks found in modern vehicles. I went to the next talk, “Let’s Play – Applanting” by Ajit Hatti, the co-founder of “null -Open security community,” where he described an attack to silently install an app in a user’s device (this has already been fixed by Google). As it turns out, a lot of people in India use their smartphones for online banking.

“XML out-of-band data retrieval” from Alexey Osipov and Timur Yunusov, which I attended later, showed how to retrieve data from an internal machine and network using several web applications.

Because I own a Huawei USB UMTS/4G stick, I went to the talk “Huawei – From China with Love” from Nikita Tarakanov and Oleg Kupreev. From the discussion, I gathered that the software (available for Windows and Mac) seems to be a mess, security-wise.

One of the better conferences of the day, Tobias Jeske presented the results of his research about floating car data from smartphones, based from Google Navigation and Waze. For his research, he reversed engineered the protocols with an MiTM proxy and source code and later explained to us the several possible attacks that can be launched.

Day 2

The first talk for the day was “The Sandbox Roulette”, which we can summarize as “for an application sandbox (Sandboxie, Chrome, Adobe X) the weakest link is the Windows kernel. An hypervisor sandbox is more secure than an application sandbox.”

The next presentation I attended was Kyle’s. Entitled “Who’s Really Attacking Your ICS Equipment,” the study focused on who are really targeting Internet-facing ICS-SCADA, which are known critical infrastructure for industrial processes. His talk was interesting and I think overall he did a great job. For more details about this talk, you can read his paper here.

I also enjoyed Brad Antoniewicz’s talk about the (in)security of proximity cards. He showed us how to attack this system from RFID read, to the controller and backend system. Too bad there was a slight problem with his demo kit, as he momentarily forgot about the different voltage in US and Europe. The second kit he tried to bring to Amsterdam was stuck at the airport. I guess customs were not sure if it was dangerous or not.

To cap the day, I attended Jacob Williams’ discussion about Dropbox. He demonstrated how a malware could use DropBox as a C2 infrastructure to steal sensitive data. This is interesting, given that most organization allows the use of DropBox, and firewalls / Data Loss Prevention (DLP) solutions might not detect this attack.

For more details about the conferences, you can visit Black Hat’s official website.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:
ENTERPRISE »
SMALL BUSINESS»
HOME»
Tags: BlackHatSCADAsecurity conference

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Recent Posts

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
  • August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild
  • Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.