Details on Femtocell hacking, Mactans, and SCADA Honeypots
This is the week of the Blackhat and Defcon security conferences; two of the biggest security research conferences of the year. So rather than quickly summarize InfoSec news—like I do most weeks—I’ll share details about three of my favorite talks from this year’s Blackhat show (Defcon is going on now).
Two of my favorite presentations fill in details about stories from past episodes. Both the researchers that hacked a Verizon femtocell, and the ones that created a malicious iOS charger, shared the technical details around these attacks. Want to learn how it’s done? Watch below.
The third interesting talk centers around using honeypots to learn who are attacking our SCADA systems. While the attacker profile data shared in the presentation was interesting, I was more concerned with how the researcher profiled his attackers. Essentially, he hacked them back. His hack back technique was at best legally grey area, and at worst totally illegal. And this researcher’s actions were not the exception. I attended a few talks this year where researchers used hacking techniques to out their attacks. Perhaps the industry is adopting “strike back” after all.
In any case, if you’d like a quick glimpse of some of my favorite presentations from the show, be sure to click play below. I will also post some written summaries about the talks I attended in the next few days. Finally, though I didn’t have time to cover the regular Infosec news this week, be sure to check the Reference section for links to a few fairly important industry stories.
(Episode Runtime: 15:15)
Direct YouTube Link: https://www.youtube.com/watch?v=-xBHxQUVJnU
- Blackhat Briefing Abstracts - Blackhat
- ISC fixes a serious BIND DoS vulnerability - ISC
- Snowden discloses NSA’s Xkeyscore data mining program - The Guardian