Przejdź do trybu offline z Player FM !
ThinkstScapes Research Roundup - Q4 - 2022
Manage episode 355667153 series 3290432
Hacking the Cloud with SAML
Felix Wilhelm
Announcing GUAC, a great pairing with SLSA (and SBOM)!
Brandon Lum, Mihai Maruseac, Isaac Hepworth, Google Open Source Security Team
[Blog] [Code] [Presentation]
We sign code now
William Woodruff
Knockout Win Against TCC - 20+ NEW Ways to Bypass Your MacOS Privacy Mechanisms
Csaba Fitzl and Wojciech Regula
[Slides]
Farming The Apple Orchards: Living Off The Land Techniques
Cedric Owens and Chris Ross
LOLBINed — Using Kaspersky Endpoint Security “KES” Installer to Execute Arbitrary Commands
Nasreddine Bencherchali
[Blog]
POPKORN: Popping Windows Kernel Drivers At Scale
Rajat Gupta, Lukas Patrick Dresel, Noah Spahn, Giovanni Vigna, Christopher Kruegel, and Taesoo Kim
RC4 Is Still Considered Harmful
James Forshaw
[Blog]
Kerberos’ RC4-HMAC broken in practice: spoofing PACs with MD5 collisions
Tom Tervoort
Exploring Ancient Ruins to Find Modern Bugs: Discovering a 0-Day in MS-RPC service
Ophir Harpaz and Stiv Kupchik
Decentralized Identity Attack Surface
Shaked Reiner
Drone Authentication via Acoustic Fingerprint
Yufeng Diao, Yichi Zhang, Guodong Zhao, and Mohamed Khamis
On the Implications of Spoofing and Jamming Aviation Datalink Applications
Harshad Sathaye, Guevara Noubir, and Aanjhan Ranganathan
{JS-ON: Security-OFF}: Abusing JSON-Based SQL Queries
Noam Moshe
[Slides] [SQLMap patch] [Blog]
Are There Wireless Hidden Cameras Spying on Me?
Jeongyoon Heo, Sangwon Gil, Youngman Jung, Jinmok Kim, Donguk Kim,
Woojin Park, Yongdae Kim, Kang G. Shin, and Choong-Hoon Lee
12 odcinków
Manage episode 355667153 series 3290432
Hacking the Cloud with SAML
Felix Wilhelm
Announcing GUAC, a great pairing with SLSA (and SBOM)!
Brandon Lum, Mihai Maruseac, Isaac Hepworth, Google Open Source Security Team
[Blog] [Code] [Presentation]
We sign code now
William Woodruff
Knockout Win Against TCC - 20+ NEW Ways to Bypass Your MacOS Privacy Mechanisms
Csaba Fitzl and Wojciech Regula
[Slides]
Farming The Apple Orchards: Living Off The Land Techniques
Cedric Owens and Chris Ross
LOLBINed — Using Kaspersky Endpoint Security “KES” Installer to Execute Arbitrary Commands
Nasreddine Bencherchali
[Blog]
POPKORN: Popping Windows Kernel Drivers At Scale
Rajat Gupta, Lukas Patrick Dresel, Noah Spahn, Giovanni Vigna, Christopher Kruegel, and Taesoo Kim
RC4 Is Still Considered Harmful
James Forshaw
[Blog]
Kerberos’ RC4-HMAC broken in practice: spoofing PACs with MD5 collisions
Tom Tervoort
Exploring Ancient Ruins to Find Modern Bugs: Discovering a 0-Day in MS-RPC service
Ophir Harpaz and Stiv Kupchik
Decentralized Identity Attack Surface
Shaked Reiner
Drone Authentication via Acoustic Fingerprint
Yufeng Diao, Yichi Zhang, Guodong Zhao, and Mohamed Khamis
On the Implications of Spoofing and Jamming Aviation Datalink Applications
Harshad Sathaye, Guevara Noubir, and Aanjhan Ranganathan
{JS-ON: Security-OFF}: Abusing JSON-Based SQL Queries
Noam Moshe
[Slides] [SQLMap patch] [Blog]
Are There Wireless Hidden Cameras Spying on Me?
Jeongyoon Heo, Sangwon Gil, Youngman Jung, Jinmok Kim, Donguk Kim,
Woojin Park, Yongdae Kim, Kang G. Shin, and Choong-Hoon Lee
12 odcinków
Wszystkie odcinki
×Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.