PRESS

PRESENTATION: Assessing and Exploiting XML Schemas Vulnerabilities PRESENTER(S): Fernando Arnaboldi, Senior Security Consultant for IOActive CONFERENCE: OWASP AppSec USA 2016 LOCATION: Renaissance Washington, Washington, DC, USA DATE & TIME: October 13, 2016 at 9:30AM ET   Specifications for XML and XML schemas have been designed with multiple security flaws. At the same time, these specifications provide the tools required to protect XML applications. This provides a complex scenario for developers and a fun environment for hackers. Even though XML schemas are used to define the security of XML documents, they…

PRESENTATION: Converting Cyber Attacks into Successful Cyber-Physical Attacks PRESENTER(S): Cedric Levy-Bencheton, Managing Consultant for IOActive CONFERENCE: 3rd Annual Industrial Control Cyber Security Europe LOCATION: Copthorne Tara Kensington, London, UK DATE & TIME: September 28, 2016 at 9:35 AM   Access to a control network does not itself constitute an attack. Somehow this important fact is often omitted from public documentation. Cédric Lévy-Bencheton will address an attacker’s challenges in designing disruptive assaults on physical infrastructure or operations. This talk draws from Lévy-Bencheton’s extensive experience in offensive cyber-physical security,…

PRESENTATION: Beyond the ’Cript: Practical iOS Reverse Engineering PRESENTER(S): Michael Allen, Security Consultant for IOActive CONFERENCE: DerbyCon 6.0 LOCATION: The Hyatt Regency, Louisville, KY, USA DATE & TIME: September 23, 2016 at 4:00 PM   Today there is an app for almost everything. But all apps come with security vulnerabilities, many of which have been relatively easy to find with the help of increasingly available frameworks. So developers are now generally better about hardening apps against the most common issues using jailbreak detection and best practices, and many of the known…

PRESENTATION: How to fool an ADC, Part II…Aattacks against Sigma-Delta Data Converters PRESENTER(S): Alexander Bolshev, Security Consultant for IOActive CONFERENCE: hardware.io LOCATION: Hotel NH Den Haag, The Hague, Netherlands DATE & TIME: September 23, 2016 at 10:00 AM   We live in an analog world, but program and develop in digital systems. ADCs (analog-to-digital converters) are small integrated circuits (IC) that transform physical variables (amperage or voltage) into bytes in order to connect the worlds of analog and digital. Those bytes are then interpreted by most modern…

PRESENTATION: Antikernel: A Decentralized Secure Hardware-Software Operating System Architecture PRESENTER(S): Dr. Andrew Zonenberg, Senior Security Consultant for IOActive CONFERENCE: Cryptographic Hardware and Embedded Systems 2016 Conference LOCATION: University of California Santa Barbara, Campbell Hall DATE & TIME: August 18, 2016 at 9:50 AM   Dr. Andrew Zonenberg will co-present with Bulent Yener, Professor of Computer Science at Rensselaer Polytechnic Institute, on Antikernel, a novel operating system architecture consisting of both hardware and software components and designed to be fundamentally more secure than the state of the art. The “kernel” model…