BLACK HAT LOGO

Hacked iPhones, pipelines, power grids – Tips for Black Hat USA 2013

If you can’t digest the whole thing, we’ve selected a few highlights:

  • Day 1 Keynote Gen. Keith Alexander, U.S. Cyber Command Chief and NSA Director – the top US cyber warrior, on the offensive and on the defensive.
  • Why Vulnerability Statistics Suck Android more affected than iOS? Linux safer than Windows? Don’t believe the stats unless you’ve faked them yourself. Brian Martin and Steve Christey take the veil off the numbers: “As maintainers of two well-known vulnerability information repositories, we’re sick of hearing about sloppy research after it’s been released, and we’re not going to take it any more.”
  • Injecting Malware via Malicious Chargers Don’t even trust the charger. An iPhone can be hacked within one minute of being plugged into a malicious charge. Details of the vulnerability wil be disclosed on-site.
  • Rooting SIM cards  This talk ends this myth of unbreakable SIM cards – the tiny chips you get from your carrier and insert into your mobile in order to prove your identity. Karsten Nohl will illustrate that the cards — like any other computing system — are plagued by implementation and configuration bugs.
  • Compromising Industrial Facilities Wireless sensors and transmitters used in factories, pipelines and nuclear plants can be attacked over-the-air, and the measurements used to make critical decisions can be spoofed,  Lucas Apa and Carlos Mario Penagos demonstrate vulnerabilities in industrial automation and control systems (IACS).
  • Orchestrated Blackouts Widespread blackouts are far easier to orchestrate than you would suspect. Cyrill Brunschwiler will disclose new flaws in wireless smart meters, which can be coaxed into an orchestrated remote disconnect which poses a severe risk to the elecctricity grid.

,,,

If you can’t digest the whole thing, we’ve selected a few highlights:

  • Day 1 Keynote Gen. Keith Alexander, U.S. Cyber Command Chief and NSA Director – the top US cyber warrior, on the offensive and on the defensive.
  • Why Vulnerability Statistics Suck Android more affected than iOS? Linux safer than Windows? Don’t believe the stats unless you’ve faked them yourself. Brian Martin and Steve Christey take the veil off the numbers: “As maintainers of two well-known vulnerability information repositories, we’re sick of hearing about sloppy research after it’s been released, and we’re not going to take it any more.”
  • Injecting Malware via Malicious Chargers Don’t even trust the charger. An iPhone can be hacked within one minute of being plugged into a malicious charge. Details of the vulnerability wil be disclosed on-site.
  • Rooting SIM cards  This talk ends this myth of unbreakable SIM cards – the tiny chips you get from your carrier and insert into your mobile in order to prove your identity. Karsten Nohl will illustrate that the cards — like any other computing system — are plagued by implementation and configuration bugs.
  • Compromising Industrial Facilities Wireless sensors and transmitters used in factories, pipelines and nuclear plants can be attacked over-the-air, and the measurements used to make critical decisions can be spoofed,  Lucas Apa and Carlos Mario Penagos demonstrate vulnerabilities in industrial automation and control systems (IACS).
  • Orchestrated Blackouts Widespread blackouts are far easier to orchestrate than you would suspect. Cyrill Brunschwiler will disclose new flaws in wireless smart meters, which can be coaxed into an orchestrated remote disconnect which poses a severe risk to the elecctricity grid.