![]() Prior to Jack’s research, embedded systems such as ATMs were widely (but incorrectly) thought to be beyond the scope of potential hack attacks. Either exploitable vulnerabilities in an ATM’s remote management system or unauthorised physical access to a machine (perhaps facilitated by a corrupt insider) might be used to carry out an attack. ![]() The end result involved injecting malware into the operating system of cash dispensing machines, causing them to dish out bank notes fraudulently. Jackpotting – as the attack later became known – involved a targeted assault on the software running on ATMs. Hitting the Jackpotīarnaby Jack’s live hack demo on an ATM set the benchmark for spectacular hacks and cutting-edge security research. It remains a testament to the late security researcher, who sadly passed away in April 2021, prompting an outpouring of tributes to a true infosec great characterized by “kindness, boundless energy, and positivity”. The security researcher worked with DNS vendors for months to fix the critical vulnerability before laying the problem bare during Black Hat 2008. Cache from chaosĭan Kaminsky’s reveal of a cache poisoning flaw affecting the software of multiple DNS vendors back in 2008 remains a landmark event in networking security. This prompted his decision to resign in order to present his findings. ISS agreed to a request from the networking giant, but Lunn disagreed. Cisco issued a security fix to its firmware prior to the talk, but not many organizations had applied it by the time it rolled around.Ĭisco initially gave the go-ahead for the talk but had second thoughts with the event imminent. The security researcher demonstrated an exploit – which opened the door to a range of attacks from eavesdropping to disabling the compromised device – while withholding any details. Lunn resigned from his employment with Internet Security Systems in order to deliver a talk on a critical vulnerability in router technology from Cisco. Michael Lunn’s 2005 talk on the security shortcomings of Cisco’s networking technology was important not only because of the potential impact of his discovery, but because it served as an example of an attempt to suppress security research. Without further ado (and in no particular order) here are our top picks from past Black Hat and DEF CON events… Panic in the Cisco Now that Covid-related restrictions have largely been lifted, the 2022 edition promises to be something of a grand reopening of arguably the single most important event in the infosec calendar. This year’s Black Hat – which is again taking place as a hybrid event – and DEF CON offerings are sure to add to the already impressive roster of ground-breaking talks from years gone by. Over the years there’s been thrills, spills, and (of course) ‘sploits, as the top researchers in the security world have descended on Las Vegas for Black Hat USA and DEF CON – a security double bill that’s hard to beat. ![]() ![]() The events are enumerated, and the 2018 event is known as DEFCON 26.Hacker Summer Camp is only days away, so in order to whet your appetite, The Daily Swig has compiled a list of some of the best talks of years past. The Wireless Village is a parallel track within DEFCON focused on wireless security, and features technical presentations, demos and exhibits, and a Wireless-Capture-the-Flag (WCTF) contest. In recent years there has been rapidly growing activity around wireless security research. In 2017, it was estimated that 25,000 people attended the event. It features technical training workshops, technical papers and presentations, and sponsor exhibits. ![]() DEFCON is one of the world's largest hacker and security conventions. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |