Dinis Cruz, founder of The Cyber Boardroom, will present “Keep Calm and Don’t Get Your GenAI Hacked,” an exploration into the security risks posed by Generative AI (GenAI) models that learn and adapt, especially when these models are opaque and connected to internal APIs without proper safeguards.

Dinis will highlight the perils of exposing learning AI models to potential attackers and advocates for making GenAI models read-only + deterministic to prevent unpredictable behavior. All of this stresses the importance of adopting a breach assumption mindset, emphasizing strategies to mitigate risks, such as traditional AppSec/DevSecOps practices, together with effective stakeholder graph-based communication and risk acceptance.

Join us for the next Women, Wisdom & Wine in Seattle!

Women, Wisdom & Wine is a casual and informal event – offering a chance to get together as industry professionals to relax, share our experiences, network and catch up with the local security community. It’s the perfect opportunity to see your security sector friends and acquaintances, and meet new ones.

This is a complimentary event for women and non-binary individuals working in security and privacy. We welcome you to invite others in your circle to extend our collective network.

Please register to join us on April 25, 2024. We hope to see you soon!

*Please note the event is being held at a new location at the Washington Athletic Club in Seattle; we have moved the event from the previous location at the Hotel Theodore.

Nick Dunn, IOActive Senior Security Consultant, will present an exploration of the legacy vulnerabilities of the AS/400 systems.

The AS/400 (also known as iSeries) is an IBM system in use since the late 1980s. Large numbers of these systems remain in use, performing vital back-office functionality in the financial sector, and in other sectors. While they’re not frequently exposed to the wider internet and usually encountered on internal networks, they offer a number of interesting services that can make them vulnerable to an attacker.

Nick will provide an introduction to the system and its history and its broad attack surface, and proceed to show steps in carrying out a security assessment – wwith the goals to better defend such a system.

hack::soho is a monthly event hosted at our London, UK office for the cybersecurity and hacking community to discuss all things security over food and refreshments.

Mastering the Pitch: Strategic Insights for Presenting Cybersecurity Benefits to the Board and Executive Team

IOActive will host Vanessa Pegeuros, an esteemed board member and former CISO. This event will follow a dynamic, conversational-style interview – offering valuable insights on effectively steering contemporary cybersecurity conversations with your board and executive team for optimal results. Bridging the divide between the technical community and corporate leadership is a common challenge, and Vanessa will generously share her proven tips and advice that have fueled success throughout her illustrious career. Don’t miss this opportunity to gain actionable strategies for navigating the intricate landscape of cybersecurity discussions.

Strategic Discussion Points:

• Unveiling the business lens: the significance of framing cybersecurity with a business mindset
• Bottom-line impact: illuminating the board and leadership on the business consequences of cybersecurity
• Bridging communication gaps: navigating discrepencies between CISO messaging and board leadership perceptions
• Decoding SEC cybersecurity rules: understanding and addressing their business implications.

Drinks and heavy hors d’oeuvres will be served. Please RSVP quickly as space is limited.

We would like to welcome our security friends in the Cheltenham, UK region, to join us for the next hack::CHELTENHAM.

Nick Dunn, IOActive Senior Security Consultant, will present an exploration into SOSL injection vulnerabilities.

The Salesforce platform allows a platform-specific vulnerability within the Apex code, known as SOSL injection; while conceptually similar to SQL injection, the testing and exploitation entails different payloads and approaches.

With concerns stemming from the minimal documentation available online, the exploration will attempt to shed light on the Apex code and custom API issue – its consequences and the working methods for detecting and confirming the existence of the vulnerabilities found within; probing in detail the different payloads useful for detection and exploitation, the consequences of a vulnerable site and finally, discussions on solutions to fix the occurrences of the issue.

hack::CHELTENHAM is a new event hosted at our Cheltenham Hardware Lab for the cybersecurity and hacking community to discuss all things security over food and refreshments.

We hope you can join us for our second hack::cheltenham!

Peter Winter-Smith, an offensive tool developer, will be presenting at hack::soho in February.

Peter has been working on the wSAST (wienerSAST) project for the past four years – with the long term goal of creating a framework which is capable of providing cheap (currently free), community supported, reusable modern multi-language static analysis which is easily extensible and be integrated into any consultants toolset for code review and appsec delivery.

It is a consultant-focused SAST framework which is capable of performing full end-to-end source to sink dataflow analysis. It is designed to support multiple languages by converting code written in any oriented/procedural language into an intermediate WSIL language which is then analysed and over which execution can be simulated. At the moment only Java support is completed, but C and C++ support is mostly completed.

wSAST allows common sources and sinks to be added for any framework via an XML-based Common Rules Engine plugin; this plugin supports function, variable and data-based sources and sinks, and annotation-based sources to be expressed as XML. More convoluted sources and sinks can be written in .NET and exposed to wSAST as plugins which enable more intricate, multi-step, sources and sinks to be composed.

HACK::SOHO is a monthly event hosted at our London, UK office for the cybersecurity and hacking community to discuss all things security over food and refreshments.

Krzysztof Okupski, IOActive Associate Principal Security Consultant, will be presenting ‘Back to the Future with Platform Security‘ at our next hack::soho in January.

In the last decade the industry has seen a significant amount of research released around Intel platform security. Since the release of CHIPSEC, the industry has had a tool to quickly analyze the Intel platform against a secure baseline for misconfigurations – as a result, it has become more difficult to find misconfigured Intel platforms from major OEMs. As IOActive dove into the platform security realm, it was clear there was a lack of attention and analysis of the AMD platform – given the popularity and the growing market share of the AMD platform, this was unexpected.

Our research started with an overview of how secure boot worked under the hood and exposed the various vulnerabilities and implementation mistakes our team found; also assessing the architectural differences across Intel and AMD that make up for the security of the platforms.

Presenting the details and proof of concepts for the several vulnerabilities found in the targeted platforms; these included unlocked SMRAM regions, SPI flash misconfigurations, as well as memory corruption and race conditions issues in SMM modules. Our efforts led to developing a tool that can be used by end users to quickly verify that their systems are free from common misconfigurations with the AMD platform.

HACK::SOHO is a monthly event hosted at our London, UK office for the cybersecurity and hacking community to discuss all things security over food and refreshments.

For our security friends in London, our holiday, last HACK::SOHO of the year will be held on 16 December.

Our UK IOActive team will be running a light-hearted cybersecurity quiz to keep you all entertained – as we close out a great year of hack::sohos, socializing with our friends in London.

We will have the usual mix of networking, music, food and refreshments for the social.

HACK::SOHO is a monthly event hosted at our London, UK office for the cybersecurity and hacking community to discuss all things security over food and refreshments.

We are hosting our next ‘An Evening with IOActive’ at a new location: Block 41, in the lively Belltown neighborhood in Seattle. Please join us for an engaging community event to discuss the ‘Impact of AI on SDLC’ – our CTO, and highly-experienced AI Security guru, Gunter Ollmann, will lead the presentation and discussion.

Gunter will cover how AI brings many new unknowns to cybersecurity, and the decades of tiime before we determine the net positive or negative impact. Delving deeper below the media hype of ChatGPT, LLMs, and the flurry of copilot and augmented assistants, AI will inevitably bring rapid change to modern software development and secure SDLC practices.

Historically, it required great effort and determination from the security leaders to make slow and stilted progress in getting security practice adoption to “shift left” in the SDLC. Current and immediate-future AI technology adoption will almost assuredly rewrite the SDLC play book – perhaps to the point it is impossible to even write insecure code.

This event will be held Thursday, November 30, 6pm – 8pm (PT), and is open to all in the security community, please share with your friends and colleagues, and let’s engage in this very critical discussion of the impact of AI on security services.

For our security friends in London, our next HACK::SOHO event will be held on 23, November.

Andreea-Ina Radu will present the intricacies of the security issues surrounding contactless mobile payments. Demos will show how vulnerabilities within the EMV (Europay, Mastercard, Visa) payment protocols, together with suboptimal design choices can lead to unauthorised access to payment wallets without any user intervention; specifically, reviewing the concept of relay attacks, wherein malicious actors intercept and relay messages between a contactless EMV bank card and a shop reader, effectively enabling wireless pickpocketing. While mobile payments initially seemed like a security enhancement, due to the necessity of unlocking the device, we will explore how the demands of modern, fast-paced lifestyles and the desire for convenience have counteracted this security progress.

The presentation will finish with a discussion of the vendor responses to responsible disclosure of these issues, and delving into potential remedial measures that could be implemented by any of the parties involved in the mobile payment ecosystem.

HACK::SOHO is a monthly event hosted at our London, UK office for the cybersecurity and hacking community to discuss all things security over food and refreshments.