Written by Jeromie Jackson Published on Friday, 06 August 2010 16:52
Blackhat and Defcon always are a great time in Las Vegas for security practitioners and hackers alike. True to form, this year hit the mark again! Here's a rundown on some of the more interesting findings/talks during the conventions. The Electronic Frontier Foundation (EFF) is an organization focused on defending free speech, privacy, innovation, and consumer rights. I have seen their services in action and I highly endorse their activities. At Defcon there was a mohawk fund raiser for EFF, quite a few roaming the halls during the event.
ATM Hacking
A presentation was given showing security weaknesses within a couple of ATMs. In one of the hacks he exploits the machine via the network. In the other he exposes a USB connection on the device which allows him to install malware. Here's a video of his presentation.
GSM Exploits
There were a couple presentations about GSM exploitation. In one discussion Chris Paget discussed an IMSI (International Mobile Identity Subscriber) catcher he developed for about $1500.00 that allowed him to impersonate a cell tower. Here's a video of his presentation. Phones would see the tower, which had a high signal strength, then connect allowing for interception of phone conversations.
Drivesploit
Most of us heard a ton about the Aurora attack that happened not too long ago. A presentation at B-Sides discussed a new Metasploit module that will allow script kiddies to easily conduct drive-by attacks. Here is a copy of the presentation discussing the topic and tool.
Parties
Technology Integration Group (TIG) threw a great party at the Hardwood Suite in the Palms. It was a long hard night, but I had to take one for the team and made it to be slightly before sunrise.
Netwitness had a nice event at the top of the Pure Nightclub in Cesears Palace. Thanks go out to Scott Williams of Netwitness for the hook-up!
Rapid7 threw down another great party at the Playboy Suite in the Palms. If you know these guys they are VERY high energy. They make Nexpose, one of my preferred tools in my penetration testing and vulnerability assessment toolbag.
Ninja Party was off the hook. An invite only party which creates some very cool badges for entry. A HUGE venue. Here's a 360 video of the event that night.
B-Sides is an event held alongside Defcon & Blackhat in Las Vegas. Lots of hardcore talks were held, as usual, however the location was definitely kicked-up this year. An estate not too far from the strip, the location rocked. Here's a link to the details along with the presentations. Here's a video of the event from the cabana in the middle of the pools.
A great event with friends, prospects, and customers. When you're ready to address security for your organization, you know who to call.
