Tuesday, September 20 2016
Black Hat EU November, London UK.
ARMAGEDDON: HOW YOUR SMARTPHONE CPU BREAKS SOFTWARE-LEVEL SECURITY AND PRIVACY
Speaker: Clementine Maurice, Moritz Lipp.
DETACH ME NOT - DOS ATTACKS AGAINST 4G CELLULAR USERS WORLDWIDE FROM YOUR DESK
Speaker: Bhanu Kotte, Dr. Silke Holtmanns, Siddharth Rao.
MOBILE ESPIONAGE IN THE WILD: PEGASUS AND NATION-STATE LEVEL ATTACKS
Speaker: Max Bazaliy, Seth Hardy.
POCKET-SIZED BADNESS: WHY RANSOMWARE COMES AS A PLOT TWIST IN THE CAT-MOUSE GAME
Speaker: Federico Maggi, Stefano Zanero.
ROOTING EVERY ANDROID: FROM EXTENSION TO EXPLOITATION
Speaker: Di Shen, Jiahong (James) Fang.
SIGNING INTO ONE BILLION MOBILE APP ACCOUNTS EFFORTLESSLY WITH OAUTH2.0
Speaker: Ronghai Yang, Wing Cheong Lau.
STUMPING THE MOBILE CHIPSET
Speaker: Adam Donenfeld.
WIFI-BASED IMSI CATCHER
Speaker: Piers O'Hanlon, Ravishankar Borgaonkar.
The most interesting read this week was The bumpy road towards iPhone 5c NAND mirroring a paper by Sergei Skorobogatov. In this paper he shows how to implement a NAND mirroring attack against an iPhone 5C. The basic idea behind this attack is erase the PIN failure counter between each set of tries to avoid the artificial brute force delay and to avoid data deletion after N failed PINs. The paper goes into great detail on various problems he encountered while implementing the attack. I highly recommend reading this paper. The picture below is taken from this paper.
PacSec Tokyo Japan, October.
Demystifying the Secure Enclave Processor by Mathew Solnik.
Google's Project Zero now has an Android "Prize" for achieving RCE on a Nexus device with only knowing
it's email address or phone number. Apparently you can't use a BTS (via @jduck) for this attack. Overall this looks interesting, I wonder if anybody is going to claim the money soon. Announcement: Project Zero Prize.