A look at the sessions covering IoT edge, enterprise edge, connected vehicles, and Industry 4.0 product security this week in Vegas.
Your Car is My Car
Sector: Automotive
Location: Track 1
Speakers: Jmaxxz
Saturday, August 10th at 11:00
Listen to one software engineer (and hacker at heart) as he describes what he learned when he looked inside a remote access system for a car.
Weaponizing Hypervisors to Fight and Beat Car and Medical Devices Attacks
Sector: IoT
Location: Track 1
Speakers: Ali Islam, CEO Numen Inc. Dan Regalado (DanuX) CTO Numen Inc
Saturday, August 10th at 10:00
Learn about the steps needed to setup a framework running on Xilinx ZCU102 boards and to eliminate malicious threats – and much, much more.
Reverse Engineering 17+ Cars in Less Than 10 Minutes
Sector: Automotive
Location: Track 1
Speakers: Brent Stone
Saturday, August 10th at 16:00
Think you work fast? In this demo, Brent Stone, a US military cyber officer, will show how he can reverse engineer 17 or more unknown passenger vehicle CAN networks in under 10 minutes.
Reverse-Engineering 4g Hotspots for Fun, Bugs and Net Financial Loss
Sector: Enterprise Edge
Location: Track 2
Speakers: g richter
Saturday, August 10th at 15:00
Pen Test Partners Senior Researcher g richter will discuss how malleable, frustrating, and insecure consumer 4G routers really are.
Vacuum Cleaning Security - Pinky and the Brain Edition
Sector: Consumer IoT
Location: Track 4
Speakers: jiska TU Darmstadt, Secure Mobile Networking Lab clou (Fabian Ullrich)
Saturday, August 10th at 16:00
Take a dive into the security of Neato and Vorwerk ecosystems – and how they can be bypassed.
Exploiting Qualcomm WLAN and Modem Over The Air
Sector: Enterprise Edge
Location: Track 3
Speakers: Xiling Gong, Peter Pi
Sunday, August 11th at 11:00
Tencent and NCC researchers will highlight their research into exploiting Qualcomm WLAN as well as the zero-days they found on the attack surfaces of WLAN firmware.
Say Cheese—How I Ransomwared Your DSLR Camera
Sector: Consumer IoT
Location: Track 4
Speakers: Eyal Itkin
Sunday, August 11th at 11:00
A Check Point researcher will demonstrate how an attacker can infect a DSLR camera with ransomware and encrypt the photos.
Adventures In Smart Buttplug Penetration (testing)
Sector: Consumer IoT
Location: Track 2
Speakers: Smea
Sunday, August 11th at 10:00
Hope you’re sitting down for this one. Actually, maybe not. In this talk, smea will look at how the security of connected sex toys can be bypassed.
HVACking: Understand the Difference Between Security and Reality!
Sector: Industry 4.0
Location: Track 2
Speakers: Douglas McKee, Mark Bereza
Friday, August 9th at 13:00
McAfee researchers will examine the 0-day vulnerability they found in a major building controller and how an attack could play out in a critical scenario.
Malproxying: Leave Your Malware at Home
Sector: Enterprise Edge
Location: Track 2
Sunday, August 11th at 12:00
Researchers will show a new approach to allow malicious code to bypass most endpoint protection measures, a technique they’re calling “malproxing.”
SDR Against Smart TVs: URL and Channel Injection Attacks
Sector: Consumer IoT
Location: Track 2
Speakers: Pedro Cabrera Camara
Sunday, August 11th at 11:00
Get a detailed look at how you can use low cost SDR devices to attack the HbbTV platform of Smart TV.
Intro to Embedded Hacking—How you too can find a decade old bug in widely deployed devices. [REDACTED] Deskphones, a case study.
Sector: Enterprise Edge
Location: DC 101, Paris Theatre
Speakers: Philippe Laulheret
Thurday, August 8th at 1:00pm
Senior McAfee researcher Philippe Laulheret will present an introduction to hardware hacking and show how secure those VOIP phones at your work are – or aren’t.
All the 4G Modules Could Be Hacked
Sector: IoT
Location: Track 3
Speakers: XiaoHuiHui, Ye Zhang, ZhengHuang
Friday, August 9th at 11:00
Baidu researchers will showcase their research on the safety of the major brand 4G modules built into IoT devices, and the vulnerabilities that were rife with all of them.
HackPac: Hacking Pointer Authentication in iOS User Space
Sector: Consumer IoT
Location: Track 1
Speakers: Xiaolong Bai, Min (Spark) Zheng
Friday, August 9th at 13:00
This presentation will look at the fatal flaw found in the implementation of iOS PAuth, and how it can make user-space system services vulnerable to code-reuse attacks.