SecureStrux attends DEFCON in Las Vegas, Nevada this year. The objective was to research new trends and methods within the hacking community as well as potentially looking to expand next year’s presence at DEFCON 25. Below, is a short list of some of the presentations that were demonstrated live on stage and where to find some additional information.
Red Teaming Active Directory: https://adsecurity.org
- Discussion on using PowerShell as an attack vector, how to prevent PowerShell from being used as an attack vector and how to retrieve sensitive information from an AD.
Hacking HDMI signals: http://www.grandideastudio.com/bsodomizer (There is a presentation at bottom of the website)
- Using a concept based on an HDMI signal interceptor (BSODomizer), false HDMI display information can be displayed on static monitors, fooling users into thinking all systems/processes are operating normally.
Six Degrees of Domain Admin: https://github.com/adaptivethreat/BloodHound
- Using open source software called BloodHound to determine the shortest path to a target computer and what admin credentials are needed to “jump computers”. Also shows what credentials are stored on certain computers, none of which require admin rights.
Hacking BlueTooth home locks: https://techcrunch.com/2016/08/08/smart-locks-yield-to-simple-hacker-tricks/
- Lack of basic software security controls on home security devices lead to easily exploitable locks that can be hacked from up to 1/4 mile away using a high gain antenna.
USB Attacks and Driver spoofing:
- Using HID generic driver signing, USB’s can be configured to log keystrokes and or/ act as a remote agent with shell.
- **WARNING** Presentation contained WikiLeaks classified documents. Viewing or downloading files marked with security classifications still constitute a data spill.**
Loading malicious software into air gapped networks:
- Using QRC, scanners (Printer/Copier/Scanners) can read pages full of QRC which is translated into Hex. Using Visual Basic and Excel developer mode, software can be installed by translating the hex from the QRC and ran in Excel. Most malicious software can take up to 150 pages of code.
Network attacks against physical systems: http://www.psialliance.org/
- Physical security systems are becoming more TCP/IP centric and require different levels and types of security controls. One standard is the Physical Security Interoperability Alliance standards.
- DoS can shutdown DVR camera systems there is little encryption on video streams allowing “loop playback”.
- UDP can be used to access HID door controllers, with around 13% of known controllers currently patched
SecureStrux, LLC is a woman-owned, small cybersecurity consulting firm which focuses on providing specialized services in the areas of compliance, vulnerability management, cybersecurity strategies and engineering solutions. SecureStrux offers a comprehensive range of services that provides clients with proven methods and common-sense approaches to secure their data, build trust with their Clients, and remain compliant with DoD, Federal, and Industry standards.