SlideShare a Scribd company logo

BlueHat v17 || 10 Years of Targeted Credential Phishing | Billy Leonard

BlueHat Security Conference
BlueHat Security Conference

While it's not kernel 0days or EMET bypasses, credential phishing has been a go-to in attackers toolboxes for many years, rising to prominence during the run up to the 2016 US Presidential Elections. Being able to access a target's email or files stored in the cloud without burning your prized 0day has proven to be too much for even the most advanced attackers to pass up. In this talk, we will look at how attackers have evolved and adapted their credential phishing operations over the past 10 years, from changes in delivery mechanisms to changes in persistence and exfiltration and how defenses have evolved during that same time.

Technology
1 of 54
Download to read offline
Threat Analysis Group November 2017 - @billyleonard 10 Years of Targeted Credential Phishing
Threat Analysis Group Billy Leonard Threat Analysis Group
Threat Analysis Group But first, ….
Threat Analysis Group What we don't see in targeted phishing.
Threat Analysis Group
Threat Analysis Group Targeted attacks are all really advanced.
Threat Analysis Group
Threat Analysis Group
Threat Analysis Group The Early Days.
Threat Analysis Group
Threat Analysis Group Source: https://productforums.google.com/forum/?hl=en#!category-topic/gmail/reading-and-receiving-messages/EndXvDGLoe0
Threat Analysis Group Source: http://contagiodump.blogspot.com/2011/02/targeted-attacks-against-personal.html
Threat Analysis Group Source: http://contagiodump.blogspot.com/2011/02/targeted-attacks-against-personal.html
Threat Analysis Group
Threat Analysis Group
Threat Analysis Group
Threat Analysis Group The Middle Ages.
Threat Analysis Group
Threat Analysis Group Password Alert.
Threat Analysis Group
Threat Analysis Group Two Factor Bypass.
Threat Analysis Group Source: https://breakingdefense.com/2015/06/strike-back-at-chinese-for-opm-hack-build-a-cyber-strategy/, http://www.seleniumhq.org/, http://phantomjs.org/
Threat Analysis Group SMS Interception.
Threat Analysis Group
Threat Analysis Group Source: https://techcrunch.com/2016/07/25/nist-declares-the-age-of-sms-based-2-factor-authentication-over/, https://www.wired.com/2016/06/hey-stop-using-texts-two-factor-authentication/, https://www.howtogeek.com/310418/why-you-shouldnt-use-sms-for-two-factor-authentication/
Threat Analysis Group Source: https://www.fredericjacobs.com/blog/2016/01/14/sms-login/, https://www.fredericjacobs.com/blog/2016/04/30/more-on-sms-logins/
Threat Analysis Group Source: https://www.fredericjacobs.com/blog/2016/04/30/more-on-sms-logins/
Threat Analysis Group Security Keys.
Threat Analysis Group Source: https://www.yubico.com/products/yubikey-hardware/fido-u2f-security-key/, https://www.ftsafe.com/products/FIDO/Multi
Threat Analysis Group OAuth.
Threat Analysis Group Source: https://msdn.microsoft.com/en-us/office/office365/api/mail-rest-operations, https://developers.google.com/gmail/api/guides/
Threat Analysis Group
Threat Analysis Group Source: https://www.bankinfosecurity.com/attackers-unleash-oauth-worm-via-google-docs-app-a-9888, https://qz.com/975002/dont-click-the-google-docs-link-in-that-suspicious-email-you-probably-just-got/
Threat Analysis Group
Threat Analysis Group Present Day.
Threat Analysis Group
Threat Analysis Group
Threat Analysis Group
Threat Analysis Group Source: https://bitly.com/, https://ngrok.com/, https://www.mailstore.com/en/products/mailstore-home/, https://takeout.google.com/
Threat Analysis Group Source: https://breakdev.org/evilginx-1-0-update-up-your-game-in-2fa-phishing/
Threat Analysis Group Who else do we see targeted?
Threat Analysis Group
Threat Analysis Group
Threat Analysis Group More Recently.
Threat Analysis Group
Threat Analysis Group
Threat Analysis Group Next Gen Password Alert
Threat Analysis Group
Threat Analysis Group Advanced Protection Program
Threat Analysis Group
Threat Analysis Group Old habits die hard.
Threat Analysis Group
Threat Analysis Group Lot's of thanks ... Threat Analysis Group Counter Abuse Technologies Jigsaw SafeBrowsing Chrome MSTIC Yahoo/Apple/FB Intel Teams OGs … and a whole cast of characters that are Kind of a Big Deal.
Threat Analysis Group Questions?

Recommended

Cyber espionage nation state-apt_attacks_on_the_rise
Cyber espionage nation state-apt_attacks_on_the_riseCyber espionage nation state-apt_attacks_on_the_rise
Cyber espionage nation state-apt_attacks_on_the_riseCyphort
 
Understanding ransomware
Understanding ransomwareUnderstanding ransomware
Understanding ransomwarePrathan Phongthiproek
 
Targeted attacks
Targeted attacksTargeted attacks
Targeted attacksRahul
 
Inside Attacker: An Overview
Inside Attacker: An OverviewInside Attacker: An Overview
Inside Attacker: An OverviewDustin Collins
 
blackhole.pdf
blackhole.pdfblackhole.pdf
blackhole.pdfJonathanOliver26
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Andrew Manoske
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Securitysumit dimri
 
C:\Fakepath\Ethical Hacking
C:\Fakepath\Ethical HackingC:\Fakepath\Ethical Hacking
C:\Fakepath\Ethical Hackingsumit dimri
 

Recommended

Cyber espionage nation state-apt_attacks_on_the_rise
Cyber espionage nation state-apt_attacks_on_the_riseCyber espionage nation state-apt_attacks_on_the_rise
Cyber espionage nation state-apt_attacks_on_the_riseCyphort
 
Understanding ransomware
Understanding ransomwareUnderstanding ransomware
Understanding ransomwarePrathan Phongthiproek
 
Targeted attacks
Targeted attacksTargeted attacks
Targeted attacksRahul
 
Inside Attacker: An Overview
Inside Attacker: An OverviewInside Attacker: An Overview
Inside Attacker: An OverviewDustin Collins
 
blackhole.pdf
blackhole.pdfblackhole.pdf
blackhole.pdfJonathanOliver26
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Andrew Manoske
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Securitysumit dimri
 
C:\Fakepath\Ethical Hacking
C:\Fakepath\Ethical HackingC:\Fakepath\Ethical Hacking
C:\Fakepath\Ethical Hackingsumit dimri
 
ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackVladyslav Radetsky
 
Modern phishing-techniques
Modern phishing-techniquesModern phishing-techniques
Modern phishing-techniquesFarkhad Badalov
 
Social Engineering the CEO
Social Engineering the CEOSocial Engineering the CEO
Social Engineering the CEOKevin Duffey
 
Network security
Network securityNetwork security
Network securityLukeDaniel12
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinPhillip Maddux
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinPhillip Maddux
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Valerie Lanzone
 
An Underground education
An Underground educationAn Underground education
An Underground educationgrugq
 
10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security RisksHeimdal Security
 
Phreaknic14
Phreaknic14Phreaknic14
Phreaknic14James Ruffer
 
Phreaknic14
Phreaknic14Phreaknic14
Phreaknic14James Ruffer
 
Malware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial TrojansMalware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial TrojansCyphort
 
What Are Script Kiddies.pdf
What Are Script Kiddies.pdfWhat Are Script Kiddies.pdf
What Are Script Kiddies.pdfuzair
 
Scanned by CamScannerWRTG 391 Writing Assignment .docx
Scanned by CamScannerWRTG 391 Writing Assignment .docxScanned by CamScannerWRTG 391 Writing Assignment .docx
Scanned by CamScannerWRTG 391 Writing Assignment .docxanhlodge
 
Peerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetPeerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetAbhinav Mishra
 
EG2009 RLC on Social Media Ppt
EG2009 RLC on Social Media PptEG2009 RLC on Social Media Ppt
EG2009 RLC on Social Media PptDarah Darrington
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018Panda Security
 
A Strategic Path from Secure Code Reviews to Threat Modeling (101)
A Strategic Path from Secure Code Reviews to Threat Modeling (101)A Strategic Path from Secure Code Reviews to Threat Modeling (101)
A Strategic Path from Secure Code Reviews to Threat Modeling (101)Deepam Kanjani
 
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...BlueHat Security Conference
 
BlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Security Conference
 

More Related Content

Similar to BlueHat v17 || 10 Years of Targeted Credential Phishing | Billy Leonard

ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackVladyslav Radetsky
 
Modern phishing-techniques
Modern phishing-techniquesModern phishing-techniques
Modern phishing-techniquesFarkhad Badalov
 
Social Engineering the CEO
Social Engineering the CEOSocial Engineering the CEO
Social Engineering the CEOKevin Duffey
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinPhillip Maddux
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinPhillip Maddux
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Valerie Lanzone
 
An Underground education
An Underground educationAn Underground education
An Underground educationgrugq
 
10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security RisksHeimdal Security
 
Malware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial TrojansMalware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial TrojansCyphort
 
What Are Script Kiddies.pdf
What Are Script Kiddies.pdfWhat Are Script Kiddies.pdf
What Are Script Kiddies.pdfuzair
 
Scanned by CamScannerWRTG 391 Writing Assignment .docx
Scanned by CamScannerWRTG 391 Writing Assignment .docxScanned by CamScannerWRTG 391 Writing Assignment .docx
Scanned by CamScannerWRTG 391 Writing Assignment .docxanhlodge
 
Peerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetPeerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetAbhinav Mishra
 
EG2009 RLC on Social Media Ppt
EG2009 RLC on Social Media PptEG2009 RLC on Social Media Ppt
EG2009 RLC on Social Media PptDarah Darrington
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018Panda Security
 
A Strategic Path from Secure Code Reviews to Threat Modeling (101)
A Strategic Path from Secure Code Reviews to Threat Modeling (101)A Strategic Path from Secure Code Reviews to Threat Modeling (101)
A Strategic Path from Secure Code Reviews to Threat Modeling (101)Deepam Kanjani
 

Similar to BlueHat v17 || 10 Years of Targeted Credential Phishing | Billy Leonard (20)

ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attack
 
Modern phishing-techniques
Modern phishing-techniquesModern phishing-techniques
Modern phishing-techniques
 
Social Engineering the CEO
Social Engineering the CEOSocial Engineering the CEO
Social Engineering the CEO
 
Network security
Network securityNetwork security
Network security
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and Frankenstein
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and Frankenstein
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?
 
An Underground education
An Underground educationAn Underground education
An Underground education
 
10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks
 
Phreaknic14
Phreaknic14Phreaknic14
Phreaknic14
 
Phreaknic14
Phreaknic14Phreaknic14
Phreaknic14
 
Malware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial TrojansMalware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial Trojans
 
What Are Script Kiddies.pdf
What Are Script Kiddies.pdfWhat Are Script Kiddies.pdf
What Are Script Kiddies.pdf
 
Scanned by CamScannerWRTG 391 Writing Assignment .docx
Scanned by CamScannerWRTG 391 Writing Assignment .docxScanned by CamScannerWRTG 391 Writing Assignment .docx
Scanned by CamScannerWRTG 391 Writing Assignment .docx
 
Peerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetPeerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter Meet
 
EG2009 RLC on Social Media Ppt
EG2009 RLC on Social Media PptEG2009 RLC on Social Media Ppt
EG2009 RLC on Social Media Ppt
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
 
A Strategic Path from Secure Code Reviews to Threat Modeling (101)
A Strategic Path from Secure Code Reviews to Threat Modeling (101)A Strategic Path from Secure Code Reviews to Threat Modeling (101)
A Strategic Path from Secure Code Reviews to Threat Modeling (101)
 

More from BlueHat Security Conference

BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...BlueHat Security Conference
 
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One StoryBlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One StoryBlueHat Security Conference
 
BlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
BlueHat Seattle 2019 || Kubernetes Practical Attack and DefenseBlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
BlueHat Seattle 2019 || Kubernetes Practical Attack and DefenseBlueHat Security Conference
 
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come aloneBlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come aloneBlueHat Security Conference
 
BlueHat Seattle 2019 || Modern Binary Analysis with ILs
BlueHat Seattle 2019 || Modern Binary Analysis with ILsBlueHat Seattle 2019 || Modern Binary Analysis with ILs
BlueHat Seattle 2019 || Modern Binary Analysis with ILsBlueHat Security Conference
 
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.BlueHat Security Conference
 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Security Conference
 
BlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
BlueHat Seattle 2019 || Autopsies of Recent DFIR InvestigationsBlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
BlueHat Seattle 2019 || Autopsies of Recent DFIR InvestigationsBlueHat Security Conference
 
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...BlueHat Security Conference
 
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...BlueHat Security Conference
 
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...BlueHat Security Conference
 
BlueHat v18 || First strontium uefi rootkit unveiled
BlueHat v18 || First strontium uefi rootkit unveiledBlueHat v18 || First strontium uefi rootkit unveiled
BlueHat v18 || First strontium uefi rootkit unveiledBlueHat Security Conference
 
BlueHat v18 || WSL reloaded - Let's try to do better fuzzing
BlueHat v18 || WSL reloaded - Let's try to do better fuzzingBlueHat v18 || WSL reloaded - Let's try to do better fuzzing
BlueHat v18 || WSL reloaded - Let's try to do better fuzzingBlueHat Security Conference
 
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxyBlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxyBlueHat Security Conference
 
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windowsBlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windowsBlueHat Security Conference
 
BlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat Security Conference
 
BlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat Security Conference
 
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat Security Conference
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat Security Conference
 

More from BlueHat Security Conference (20)

BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
 
BlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || Keynote
 
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One StoryBlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
 
BlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
BlueHat Seattle 2019 || Kubernetes Practical Attack and DefenseBlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
BlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
 
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come aloneBlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
 
BlueHat Seattle 2019 || Modern Binary Analysis with ILs
BlueHat Seattle 2019 || Modern Binary Analysis with ILsBlueHat Seattle 2019 || Modern Binary Analysis with ILs
BlueHat Seattle 2019 || Modern Binary Analysis with ILs
 
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
 
BlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
BlueHat Seattle 2019 || Autopsies of Recent DFIR InvestigationsBlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
BlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
 
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
 
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
 
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
 
BlueHat v18 || First strontium uefi rootkit unveiled
BlueHat v18 || First strontium uefi rootkit unveiledBlueHat v18 || First strontium uefi rootkit unveiled
BlueHat v18 || First strontium uefi rootkit unveiled
 
BlueHat v18 || WSL reloaded - Let's try to do better fuzzing
BlueHat v18 || WSL reloaded - Let's try to do better fuzzingBlueHat v18 || WSL reloaded - Let's try to do better fuzzing
BlueHat v18 || WSL reloaded - Let's try to do better fuzzing
 
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxyBlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
 
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windowsBlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
 
BlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and well
 
BlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without device
 
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deception
 

Recently uploaded

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 

Recently uploaded (20)

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

BlueHat v17 || 10 Years of Targeted Credential Phishing | Billy Leonard