John Sheehy, IOActive Senior Vice President Research & Strategy, will join a panel discussion, ‘Cybersecurity and AI in the Aviation Environment,’ at this year’s 24th Annual AAAE Aviation Security Summit taking place December 3 – 4 in Washington, DC.

“The 24th Annual AAAE Aviation Security Summit will continue the tradition of AAAE and federal aviation security policymakers coming together at a joint summit to review the complex issues surrounding aviation security today. The issues and challenges facing airport operators, airlines and aviation security professionals, and the leadership at TSA, DHS, and CBP are many, including new cyber threat vectors, surging return travel volumes, and an already strained workforce.”

Ehab Hussein, IOActive Principal Artificial Intelligence Engineer, and Mohamed Samy, IOActive Senior Security Consultant, will be participating in this year’s Cairo ICT, taking place 17 – 20 November at the Egypt Exhibition Center, New Cairo. Both IOActive representatives will be on a panel discussion, ‘AI and cyber security: How is the world doing today and what’s in tomorrow,’ and will also be a judges for the event’s hackathon.

“For 27 years, Cairo ICT has been the leading platform for technological advancements in the Middle East and Africa. This year, under the theme “The Next Wave,” we continue to push the boundaries of what’s possible, showcasing the latest technologies and exploring future trends.

Our Mission has been and continues to provide a dynamic platform where innovation thrives, knowledge is shared, and connections are made. At Cairo ICT ’24, our focus is on “The Next Wave” of technological advancements. This year’s event will delve into transformative technologies reshaping industries, economies, and societies. …”

IOActive is a proud sponsor of this year’s National Motor Freight Traffic Association (NMFTA) Cybersecurity Conference taking place October 27 – 29 in Cleveland, Ohio.

“The National Motor Freight Traffic Association, Inc. (NMFTA)™  Cybersecurity Conference, formally known as the Digital Solutions Conference on Cybersecurity,  is our annual event that merges all parts of the trucking security ecosystem.

Whether you’re an IT pro on the front lines, a trucking executive seeking strategic guidance, or a cybersecurity researcher pushing boundaries, the NMFTA Cybersecurity Conference has something for you.“

IOActive will be going to this year’s Black Hat Europe in London, UK, taking place on 11 – 12 December. Let us know if you will be there and book a meeting in advance!

—

“Black Hat Europe returns to the ExCeL in London with a four-day program this December 9-12, 2024. The event will open with two-and four-day options of deeply technical hands-on cybersecurity Trainings, with courses available for all skill levels.

The two-day main conference on December 11 & 12 boasts Briefings featuring the latest in research, developments, and trends in cybersecurity, along with dozens of open-source tool demos in Arsenal, a robust Business Hall, networking, and social events, and much more. Briefings will also be recorded and available for on-demand purchase one week after the event.”

IOActive Senior Information Security Consultant, Mohamed Samy, will give a talk, Fuzzmania – API Fuzzing with GenAI, during this year’s Black Hat MEA (Middle East and Africa) through the ‘Briefings’ track. Black Hat MEA will take place in Malham, Saudi Arabia, between 26 – 28 November.

Abstract:

APIs are the backbone of modern software development, but they also introduce new attack surfaces. Traditional manual testing methods can be time-consuming and inefficient, making it difficult to identify vulnerabilities in complex APIs.

In this session, we’ll introduce “Fuzzmania”, a novel tool and approach that leverages Large Language Models (LLMs) to fuzz web APIs in a semi-automated way. By combining the power of LLMs with automated testing, Fuzzmania enables users to identify vulnerabilities in their API with unprecedented efficiency.

I’ll demonstrate how Fuzzmania works, showcasing its key features and benefits:

1. The potential of using LLMs for API testing.

2. How Fuzzmania streamlines the fuzzing process, reducing time and effort required for traditional manual testing methods.

3. Notable success stories and case studies where Fuzzmania helped identify API vulnerabilities.

IOActive Principal Security Consultants, Krzysztof Okupski and Enrique Nissim, will be presenting their recent research on the AMD ‘Sinkclose’ vulnerability at this year’s Ekoparty taking place in Buenos Aires, Argentina on November 13 – 15.

Abstract:

System Management Mode (SMM) is one of the most powerful execution modes in the x86 architecture and code at this level is invisible to the Hypervisor and OS-level protections, including anti-cheat engines and anti-virus systems. While the BIOS ecosystem’s complexity has led to a multitude of vulnerabilities in firmware over time, vendors are now making strides in delivering patches with greater speed and efficiency. Unfortunately, these efforts are not enough in the presence of a CPU vulnerability.

When studying the documentation of the AMD processor, our team noticed a flaw in one of the critical components required for securing SMM. This silicon-level issue appears to have remained undetected for nearly two decades.

This presentation starts by providing an introduction to SMM and the security mechanisms that the AMD processor provides to support it. Subsequently, it delves into the CPU design flaw and the complete methodology and engineering used to create a universal ring -2 privilege escalation exploit.

IOActive is a proud sponsor for the Cyber Pitch Battle Royale hosted by Bare Knuckles and Brass Tacks, taking place on October 9 at Improper City in Denver, Colorado.

“​Did you ever want to boo a cyber seller that says “single pane of glass”? Now’s your chance! The irreverent and brutally honest cybersecurity podcast, Bare Knuckles and Brass Tacks is bringing street level energy to cyber. We’re bringing you a vendor pitch contest with the vibes and energy of a comedy roast and a freestyle rap battle!”

IOActive Senior Security Consultant, Mohamed Samy, will present ‘Fuzzmania – API Fuzzing with GenAI’ at this year’s Arab Security Conference 2024, taking place on September 22 – 23 in Cario, Egypt.

The “Arab Security Conference was founded in 2017 to raise awareness about Cybersecurity in the Arab world. Since that time, it has annually brought together leaders from industry, government, academics & security researchers.”

IOActive Principal Security Consultants, Krzysztof Okupski and Enrique Nissim, will be presenting their recent research on the AMD ‘Sinkclose’ vulnerability at this year’s Hexacon taking place in Paris, France, on October 4 – 5.

Abstract:

System Management Mode (SMM) is one of the most powerful execution modes in the x86 architecture and code at this level is invisible to the Hypervisor and OS-level protections, including anti-cheat engines and anti-virus systems. While the BIOS ecosystem’s complexity has led to a multitude of vulnerabilities in firmware over time, vendors are now making strides in delivering patches with greater speed and efficiency. Unfortunately, these efforts are not enough in the presence of a CPU vulnerability.

When studying the documentation of the AMD processor, our team noticed a flaw in one of the critical components required for securing SMM. This silicon-level issue appears to have remained undetected for nearly two decades.

This presentation starts by providing an introduction to SMM and the security mechanisms that the AMD processor provides to support it. Subsequently, it delves into the CPU design flaw and the complete methodology and engineering used to create a universal ring -2 privilege escalation exploit.

Elvin Gentiles, IOActive Security Consultant, will be presenting ‘Seeing is Not Believing: Bypassing Facial Liveness Detection by Fooling the Sensor‘ on September 26th at this year’s ROOTCON 18 taking place in Tagaytay, Philippines.

Abstract:

Given facial recognition’s continued popularity as a form of identity verification, organizations are grappling with the real threat of facial spoofing attacks, particularly in light of the rapid pace of development in AI and deepfakes. To combat fraudsters, organizations introduced “facial liveness detection” to ensure the end-user is a live person; but can these systems trust the evidence from their own sensors?

This presentation will demonstrate how to bypass facial liveness detection systems on different platforms by fooling the camera/sensor. While previous research in this area has relied on hardware modules, the method demonstrated here leverages open-source software and is simple, free, and not time or resource-intensive. The talk will also cover the tools used, the setup process, and demonstrations of the bypasses using different platforms. The pros and cons of this approach will also be considered, as well as the threats it poses, particularly, how videos posted on social media platforms could help fraudsters abuse this method. The presentation will conclude with recommendations to help organizations combat such an attack.

The main takeaways from this research are:
– How easy it is to bypass facial liveness detection using publicly and readily available tools
– How fraudsters could use what is posted on social media platforms
– How this attack could be mitigated for organizations to improve their algorithms/detection, and inform users on what to look for when choosing an identity verification provider.

The main objective of this topic is to provide awareness to users about the risk involved with posting their videos on social media platforms and inform organizations on how easy to bypass facial liveness detection to improve their systems.