We are proud to announce that a number of Context staff have been invited to present at Black Hat USA 2016 as well as DEF CON 24:
Black Hat USA 2016
VOIP WARS: THE PHREAKERS AWAKEN – Fatih Ozavci, Principal Managing Consultant
Larger organisations are using VoIP within their commercial services and corporate communications and the take up of cloud based Unified Communications (UC) solutions is rising every day. However, response teams and security testers still only have limited knowledge of VoIP attack surfaces and threats, leaving corporate communication infrastructures and services susceptible to attacks. The talk aims to arm response and security testing teams with knowledge of cutting-edge attacks, tools and vulnerabilities for VoIP networks. In addition, the business impact of these attacks will be explained for various implementations.
DEF CON 24
VOIP WARS: The Live Workshop – Fatih Ozavci, Principal Managing Consultant
VoIP attacks have evolved, and are targeting Unified Communications (UC), commercial services, hosted environment and call centres, using major vendor specific and protocol vulnerabilities. This hands-on workshop is designed to experience these cutting edge VoIP attacks, and improve the VoIP skills of the incident response teams, penetration testers and network engineers. Attack scenarios will be discussed for various types of UC implementations to cover business services such as call centres, service operator networks and cloud services.
Windows Breakout and Privilege Escalation Workshop – Ruben Boonen, Lead Security Consultant and Francesco Mifsud, Security Consultant
This workshop, available to attendees of all levels, will provide the required knowledge to perform post-exploitation actions on locked down Windows machines. Tools, tips and techniques will be shared to break out of restrictive execution environments and escalate privileges from low level user to SYSTEM on modern Windows operating systems. The workshop aims to provide hands-on knowledge which can be directly applied against locked down environments in the field and will have real-world examples that attendees can get their hands dirty with in order to solidify the theory.
Toxic Proxies - Bypassing HTTPS and VPNs to pwn your online identity – Alex Chapman, Principal Researcher and Paul Stone, Principal Researcher
In this talk we’ll reveal how recent improvements in online security and privacy can be undermined by decades old design flaws in obscure specifications. These design weaknesses can be exploited to intercept HTTPS URLs and proxy VPN tunnelled traffic.
We will demonstrate how a rogue access point or local network attacker can use these new techniques to bypass encryption, monitor your search history and take over your online accounts.
Good luck to everyone and well done!
Black Hat is the most technical and relevant global information security event series in the world, providing a premier venue for elite security researchers and trainers to share the very latest in information security research, development, and trends, in a strictly vendor-neutral environment. Black Hat USA 2016 will take place July 30th – August 4th at the Mandalay Bay Convention Center, Las Vegas.
DEF CON is the world’s longest running and largest underground hacking conference, aimed at sharing cutting edge hacking research amongst hackers, corporate IT professionals and three letter government agencies. DEF CON 24 will take place August 4th – 7th at Paris/Bally’s in Las Vegas.