Gå offline med appen Player FM !
ThinkstScapes Research Roundup - Q4 - 2022
Manage episode 355667153 series 3290432
Hacking the Cloud with SAML
Felix Wilhelm
Announcing GUAC, a great pairing with SLSA (and SBOM)!
Brandon Lum, Mihai Maruseac, Isaac Hepworth, Google Open Source Security Team
[Blog] [Code] [Presentation]
We sign code now
William Woodruff
Knockout Win Against TCC - 20+ NEW Ways to Bypass Your MacOS Privacy Mechanisms
Csaba Fitzl and Wojciech Regula
[Slides]
Farming The Apple Orchards: Living Off The Land Techniques
Cedric Owens and Chris Ross
LOLBINed — Using Kaspersky Endpoint Security “KES” Installer to Execute Arbitrary Commands
Nasreddine Bencherchali
[Blog]
POPKORN: Popping Windows Kernel Drivers At Scale
Rajat Gupta, Lukas Patrick Dresel, Noah Spahn, Giovanni Vigna, Christopher Kruegel, and Taesoo Kim
RC4 Is Still Considered Harmful
James Forshaw
[Blog]
Kerberos’ RC4-HMAC broken in practice: spoofing PACs with MD5 collisions
Tom Tervoort
Exploring Ancient Ruins to Find Modern Bugs: Discovering a 0-Day in MS-RPC service
Ophir Harpaz and Stiv Kupchik
Decentralized Identity Attack Surface
Shaked Reiner
Drone Authentication via Acoustic Fingerprint
Yufeng Diao, Yichi Zhang, Guodong Zhao, and Mohamed Khamis
On the Implications of Spoofing and Jamming Aviation Datalink Applications
Harshad Sathaye, Guevara Noubir, and Aanjhan Ranganathan
{JS-ON: Security-OFF}: Abusing JSON-Based SQL Queries
Noam Moshe
[Slides] [SQLMap patch] [Blog]
Are There Wireless Hidden Cameras Spying on Me?
Jeongyoon Heo, Sangwon Gil, Youngman Jung, Jinmok Kim, Donguk Kim,
Woojin Park, Yongdae Kim, Kang G. Shin, and Choong-Hoon Lee
12 episoder
Manage episode 355667153 series 3290432
Hacking the Cloud with SAML
Felix Wilhelm
Announcing GUAC, a great pairing with SLSA (and SBOM)!
Brandon Lum, Mihai Maruseac, Isaac Hepworth, Google Open Source Security Team
[Blog] [Code] [Presentation]
We sign code now
William Woodruff
Knockout Win Against TCC - 20+ NEW Ways to Bypass Your MacOS Privacy Mechanisms
Csaba Fitzl and Wojciech Regula
[Slides]
Farming The Apple Orchards: Living Off The Land Techniques
Cedric Owens and Chris Ross
LOLBINed — Using Kaspersky Endpoint Security “KES” Installer to Execute Arbitrary Commands
Nasreddine Bencherchali
[Blog]
POPKORN: Popping Windows Kernel Drivers At Scale
Rajat Gupta, Lukas Patrick Dresel, Noah Spahn, Giovanni Vigna, Christopher Kruegel, and Taesoo Kim
RC4 Is Still Considered Harmful
James Forshaw
[Blog]
Kerberos’ RC4-HMAC broken in practice: spoofing PACs with MD5 collisions
Tom Tervoort
Exploring Ancient Ruins to Find Modern Bugs: Discovering a 0-Day in MS-RPC service
Ophir Harpaz and Stiv Kupchik
Decentralized Identity Attack Surface
Shaked Reiner
Drone Authentication via Acoustic Fingerprint
Yufeng Diao, Yichi Zhang, Guodong Zhao, and Mohamed Khamis
On the Implications of Spoofing and Jamming Aviation Datalink Applications
Harshad Sathaye, Guevara Noubir, and Aanjhan Ranganathan
{JS-ON: Security-OFF}: Abusing JSON-Based SQL Queries
Noam Moshe
[Slides] [SQLMap patch] [Blog]
Are There Wireless Hidden Cameras Spying on Me?
Jeongyoon Heo, Sangwon Gil, Youngman Jung, Jinmok Kim, Donguk Kim,
Woojin Park, Yongdae Kim, Kang G. Shin, and Choong-Hoon Lee
12 episoder
Alle episoder
×Velkommen til Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.