SlideShare a Scribd company logo

DEFCON: Burning the Lookout

Silas Cutler
Silas Cutler

Talk from the DEFCON 26 Packet Hacking Village (PHV) detailing the use of the lawful intercept system Vigia in Brazil.

Technology
1 of 20
Download to read offline
Burning the Lookout
● Senior Security Researcher @ CrowdStrike ● Project Director / Intern @ MalShare ● Project Director @ Project 25499 ● Twitter: @SilasCutler ● Email: silascutler@riseup.net > whoami
Crash course in Lawful Intercept
● Process, Tools, Ability for Law Enforcement to collect as part of investigations (wiretaps) ○ CALEA (Communications Assistance for Law Enforcement Act) ○ ESTI (European Telecommunications Standards Institute) ● Standard deployment ○ Intercept Access Point (IAP) ○ Mediation Device ○ Lawful Intercept Administration (LIA) Crash course on Lawful Intercept Cell Tower/Modem Provider Network Internet
Vigia
● Pastebin 2015 ● Poster claimed to have hacked Brazilian Army after they did a CTF ● Post included: ○ 7000 Credentials ○ 3 Websites Backstory
● Lawful Intercept Suite developed by SunTech Brazil ● (Mediation Device) ○ View intercepted data from service providers ○ Add new surveillance targets ● Where’s it used? Vigia
Hunting for Vigia ● What are distinct artifacts from these systems? ○ SSL ○ DNS ○ Page Content ● Censys / Shodan / Scans.io / Passive DNS for static patterns ○ /vigia/ or /suntech/ present in SSL certificates ○ vigia.<provider domain>
Why it matters
Why it matters ● Potential for unauthorized eavesdropping ● Previous targeting by foreign and domestic attackers ● Likely other similar systems in the wild
211,046,525
Questions
Thank you // Fin

Recommended

TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Privacy for Journalists Introduction
Privacy for Journalists IntroductionPrivacy for Journalists Introduction
Privacy for Journalists IntroductionGabor Szathmari
 
REQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsREQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsJim Fenton
 
Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...
Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...
Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...Ahmed Mekkawy
 
Vault: Beyond secret storage - Using Vault to harden your infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructureVault: Beyond secret storage - Using Vault to harden your infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructureOpenCredo
 
Purple Team Use Case - Security Weekly
Purple Team Use Case - Security WeeklyPurple Team Use Case - Security Weekly
Purple Team Use Case - Security WeeklyJorge Orchilles
 
Evolution of Offensive Assessments - SecureWV Conference
Evolution of Offensive Assessments - SecureWV ConferenceEvolution of Offensive Assessments - SecureWV Conference
Evolution of Offensive Assessments - SecureWV ConferenceJorge Orchilles
 
Purple Team Exercises - GRIMMCon
Purple Team Exercises - GRIMMConPurple Team Exercises - GRIMMCon
Purple Team Exercises - GRIMMConJorge Orchilles
 

Recommended

TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Privacy for Journalists Introduction
Privacy for Journalists IntroductionPrivacy for Journalists Introduction
Privacy for Journalists IntroductionGabor Szathmari
 
REQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsREQUIRETLS: Sender Control of TLS Requirements
REQUIRETLS: Sender Control of TLS RequirementsJim Fenton
 
Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...
Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...
Securing Governmental Public Services with Free/Open Source Tools - Egyptian ...Ahmed Mekkawy
 
Vault: Beyond secret storage - Using Vault to harden your infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructureVault: Beyond secret storage - Using Vault to harden your infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructureOpenCredo
 
Purple Team Use Case - Security Weekly
Purple Team Use Case - Security WeeklyPurple Team Use Case - Security Weekly
Purple Team Use Case - Security WeeklyJorge Orchilles
 
Evolution of Offensive Assessments - SecureWV Conference
Evolution of Offensive Assessments - SecureWV ConferenceEvolution of Offensive Assessments - SecureWV Conference
Evolution of Offensive Assessments - SecureWV ConferenceJorge Orchilles
 
Purple Team Exercises - GRIMMCon
Purple Team Exercises - GRIMMConPurple Team Exercises - GRIMMCon
Purple Team Exercises - GRIMMConJorge Orchilles
 
Purple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHatPurple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHatJorge Orchilles
 
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLockerDEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLockerJorge Orchilles
 
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...JosephTesta9
 
Purple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFPurple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFJorge Orchilles
 
8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 Matrix8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 MatrixJorge Orchilles
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
Cyber security and ISMS
Cyber security and ISMSCyber security and ISMS
Cyber security and ISMSPhilippe Cohen
 
Simplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your CompanySimplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your CompanyDrew Gorton
 
Jcj corporate blind overview november 19 2012 1-1
Jcj corporate blind overview november 19 2012 1-1Jcj corporate blind overview november 19 2012 1-1
Jcj corporate blind overview november 19 2012 1-1ashk4n
 
Blockchain and IOT and the GxP Lab Slides
Blockchain and IOT and the GxP Lab SlidesBlockchain and IOT and the GxP Lab Slides
Blockchain and IOT and the GxP Lab SlidesPistoia Alliance
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
19BCP072_Presentation_Final.pdf
19BCP072_Presentation_Final.pdf19BCP072_Presentation_Final.pdf
19BCP072_Presentation_Final.pdfKunjJoshi14
 
SPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud DeutschlandSPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud DeutschlandNCCOMMS
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networkskontakt.io
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsTrustArc
 
Blockade.io : One Click Browser Defense
Blockade.io : One Click Browser DefenseBlockade.io : One Click Browser Defense
Blockade.io : One Click Browser DefenseRiskIQ, Inc.
 
Evolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConEvolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConJorge Orchilles
 
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Amélie Gyrard
 
Toronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsToronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsAlexandra N. Martinez
 
Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29Jorge Orchilles
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

More Related Content

Similar to DEFCON: Burning the Lookout

Purple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHatPurple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHatJorge Orchilles
 
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLockerDEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLockerJorge Orchilles
 
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...JosephTesta9
 
Purple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFPurple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFJorge Orchilles
 
8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 Matrix8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 MatrixJorge Orchilles
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
Cyber security and ISMS
Cyber security and ISMSCyber security and ISMS
Cyber security and ISMSPhilippe Cohen
 
Simplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your CompanySimplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your CompanyDrew Gorton
 
Jcj corporate blind overview november 19 2012 1-1
Jcj corporate blind overview november 19 2012 1-1Jcj corporate blind overview november 19 2012 1-1
Jcj corporate blind overview november 19 2012 1-1ashk4n
 
Blockchain and IOT and the GxP Lab Slides
Blockchain and IOT and the GxP Lab SlidesBlockchain and IOT and the GxP Lab Slides
Blockchain and IOT and the GxP Lab SlidesPistoia Alliance
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
19BCP072_Presentation_Final.pdf
19BCP072_Presentation_Final.pdf19BCP072_Presentation_Final.pdf
19BCP072_Presentation_Final.pdfKunjJoshi14
 
SPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud DeutschlandSPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud DeutschlandNCCOMMS
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networkskontakt.io
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsTrustArc
 
Blockade.io : One Click Browser Defense
Blockade.io : One Click Browser DefenseBlockade.io : One Click Browser Defense
Blockade.io : One Click Browser DefenseRiskIQ, Inc.
 
Evolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConEvolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConJorge Orchilles
 
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Amélie Gyrard
 
Toronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsToronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsAlexandra N. Martinez
 
Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29Jorge Orchilles
 

Similar to DEFCON: Burning the Lookout (20)

Purple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHatPurple Team Exercise Hands-On Workshop #GrayHat
Purple Team Exercise Hands-On Workshop #GrayHat
 
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLockerDEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
DEFCON Safe Mode - Red Team Village - Emulating Evil Corp and WastedLocker
 
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...
BSides Rochester 2018: Jonathan Myers: IoT Malware Detection with Machine Lea...
 
Purple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEFPurple Team Exercise Framework Workshop #PTEF
Purple Team Exercise Framework Workshop #PTEF
 
8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 Matrix8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 Matrix
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
Cyber security and ISMS
Cyber security and ISMSCyber security and ISMS
Cyber security and ISMS
 
Simplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your CompanySimplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your Company
 
Jcj corporate blind overview november 19 2012 1-1
Jcj corporate blind overview november 19 2012 1-1Jcj corporate blind overview november 19 2012 1-1
Jcj corporate blind overview november 19 2012 1-1
 
Blockchain and IOT and the GxP Lab Slides
Blockchain and IOT and the GxP Lab SlidesBlockchain and IOT and the GxP Lab Slides
Blockchain and IOT and the GxP Lab Slides
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
19BCP072_Presentation_Final.pdf
19BCP072_Presentation_Final.pdf19BCP072_Presentation_Final.pdf
19BCP072_Presentation_Final.pdf
 
SPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud DeutschlandSPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud Deutschland
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networks
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
 
Blockade.io : One Click Browser Defense
Blockade.io : One Click Browser DefenseBlockade.io : One Click Browser Defense
Blockade.io : One Click Browser Defense
 
Evolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootConEvolution of Offensive Assessments - RootCon
Evolution of Offensive Assessments - RootCon
 
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
 
Toronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsToronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and Threats
 
Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29Cuddling the Cozy Bear Emulating APT29
Cuddling the Cozy Bear Emulating APT29
 

Recently uploaded

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

DEFCON: Burning the Lookout

  • 2. ● Senior Security Researcher @ CrowdStrike ● Project Director / Intern @ MalShare ● Project Director @ Project 25499 ● Twitter: @SilasCutler ● Email: silascutler@riseup.net > whoami
  • 3. Crash course in Lawful Intercept
  • 4. ● Process, Tools, Ability for Law Enforcement to collect as part of investigations (wiretaps) ○ CALEA (Communications Assistance for Law Enforcement Act) ○ ESTI (European Telecommunications Standards Institute) ● Standard deployment ○ Intercept Access Point (IAP) ○ Mediation Device ○ Lawful Intercept Administration (LIA) Crash course on Lawful Intercept Cell Tower/Modem Provider Network Internet
  • 6. ● Pastebin 2015 ● Poster claimed to have hacked Brazilian Army after they did a CTF ● Post included: ○ 7000 Credentials ○ 3 Websites Backstory
  • 7.
  • 8.
  • 9.
  • 10. ● Lawful Intercept Suite developed by SunTech Brazil ● (Mediation Device) ○ View intercepted data from service providers ○ Add new surveillance targets ● Where’s it used? Vigia
  • 11. Hunting for Vigia ● What are distinct artifacts from these systems? ○ SSL ○ DNS ○ Page Content ● Censys / Shodan / Scans.io / Passive DNS for static patterns ○ /vigia/ or /suntech/ present in SSL certificates ○ vigia.<provider domain>
  • 12.
  • 13.
  • 14.
  • 16.
  • 17. Why it matters ● Potential for unauthorized eavesdropping ● Previous targeting by foreign and domestic attackers ● Likely other similar systems in the wild