Finding And Exploiting Bugs In TLS Libraries Used By “Smart” UPS Devices by Yuval Sarel and Gal Levy

preview_player
Показать описание
Abstract:
------------------
UPS devices are becoming “Smart”, connected devices that can be controlled by the Cloud. This offers advanced features, but also exposes an attack surface through which attackers may be able to remotely take over the power lifeline of an organization. This talk will detail a number of zero-click preauthentication vulnerabilities we’ve discovered in a prominent UPS vendor. In addition we will explore the physical threats involved with controlling a sensitive battery-powered device, and demo an attack that can literally “blow up”.

Speaker Bio:
----------------------
Yuval Sarel is a security research team lead at Armis, responsible for hunting zero days, reverse engineering and developing innovative solutions. Formerly an R&D team lead in the IDF, Yuval's main focus today is finding new topics to research to raise awareness about cyber security in a fun and interesting way.

#SmartUPS #vulnerability #NullconBerlin
-------------------------------------------------------------------------
  1. nullcon
  2. Nullcon
  3. Nullcon Berlin
  4. Smart UPS
  5. threat actors
  6. cybersecurity
Рекомендации по теме
DEF CON Safe 0:41:38

DEF CON Safe Mode - Jack Baker - Finding and Exploiting Bugs in Multiplayer Game Engines

DEF CON Safe 0:29:58

DEF CON Safe Mode -Jack Baker - Finding and Exploiting Bugs in Multiplayer Game Engines Q&A

LevelUpX - Series 0:45:29

LevelUpX - Series 14: Finding and Exploiting Hidden Functionality in Windows DLLs with Nerdwell

Finding And Exploiting 0:51:13

Finding And Exploiting Bugs In TLS Libraries Used By “Smart” UPS Devices by Yuval Sarel and Gal Levy...

Hacking Knowledge 0:00:27

Hacking Knowledge

The Most Dangerous 0:27:21

The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders

h@cktivitycon 2020: The 0:12:15

h@cktivitycon 2020: The journey of finding and exploiting a bug in GitLab

Finding and exploiting 9:43:10

Finding and exploiting a bug (LPE) in an old Android phone (Part 1/2)

Finding and exploiting 3:41:03

Finding and exploiting a bug (LPE) in an old Android phone (Part 2/2)

How To Find 0:04:21

How To Find First Bug in Bug Bounty | Ethical Hacking

How to find 0:23:03

How to find Zero Day exploits

HEXACON2023 - Finding 0:27:19

HEXACON2023 - Finding and exploiting an old XNU logic bug by Eloi Benoist-Vanderbeken

Finding And Exploiting 0:51:13

Finding And Exploiting Bugs In TLS Libraries Used By Smart UPS Devices by Yuval Sarel and Gal Levy

The Bugs Are 0:00:25

The Bugs Are There Mapping Your Hacking #shorts

DEF CON 26 0:35:12

DEF CON 26 - Fuzzing Malware For Fun & Profit - Find and Exploit Bugs in Modern Malware

Hacking APIs: Fuzzing 0:13:29

Hacking APIs: Fuzzing 101

Finding and Exploiting 0:54:50

Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces

Nmap Tutorial to 0:17:09

Nmap Tutorial to find Network Vulnerabilities

Hacking when all 0:18:53

Hacking when all the bugs have been found?

Live Hacking Tutorial: 0:33:40

Live Hacking Tutorial: How to Think Like a Bug Bounty Hunter

Quick Tip: Level 0:00:28

Quick Tip: Level Up Your Hacking Skills

Hacking 🔥 Expectation 0:00:31

Hacking 🔥 Expectation vs Reality | Coding Status For WhatsApp

When you first 0:00:32

When you first time install Kali linux for hacking 😄😄 #hacker #shorts

Exploiting Project Zomboid, 0:00:16

Exploiting Project Zomboid, Exercise Bug. MASSIVE GAINS