読者です 読者をやめる 読者になる 読者になる

あうとぷっと

Security, Research, CTF, SOC, Incident, Malware, Analysis, OSINT

BlackHat USA 2015 / DEFCON 23 Summary (日本語/English)

BlackHat DEFCON Summary

公開されている情報を中心に、
2015年のBlackHat USAとDEFCONについてまとめてみます。


カテゴリ別記事まとめ(Category)



<<2015/08/26 08:00現在>>

1. カンファレンス概要(Overview)

BlackHat USA 2015
期間:2015/8/1 - 8/6 (8/1-4はトレーニング期間)
会場:Manladay Bay hotels

DEFCON 23
期間:2015/8/6 - 8/9
会場:Paris hotels

2. 言及されている記事(Related Article)

briefings - august 5-6
BlackHat USA 2015のプレゼン資料が公開されています。
https://www.blackhat.com/us-15/briefings.html

基調講演(Keynote)

ソフトウェアの欠陥が、航空機や自動車の欠陥や事故と同一視される時代がくる
http://scan.netsecurity.ne.jp/article/2015/08/06/37052.html
平等・自由・オープンであるはずのインターネットの自由が奪われている
http://scan.netsecurity.ne.jp/article/2015/08/06/37057.html
世界最大級のセキュリティ・カンファレンス「Black Hat USA 2015」 速報
http://csi.sproutgroup.co.jp/archives/000141.html

Dream of Internet freedom dying, Black Hat keynoter says
http://www.zdnet.com/article/dream-of-internet-freedom-dying-black-hat-keynoter-says/
IT security staff have a job for life – possibly a grim, frustrating life
http://www.theregister.co.uk/2015/08/05/it_security_jobs_grim_in_future/

Android

「Stagefright」のバグに起因するAndroid脆弱性― 携帯電話ベンダは対応に苦慮
http://blog.f-secure.jp/archives/50752606.html
「Black Hat 2015」でAndroidの新たな脆弱性が報告される
http://ascii.jp/elem/000/001/037/1037817/
Androidから指紋流出、特権悪用も――セキュリティ問題続々
http://www.itmedia.co.jp/enterprise/articles/1508/07/news064.html
グーグルとサムスン、「アンドロイド」の安全対策を毎月提供へ
http://jp.reuters.com/article/2015/08/07/idJPL3N10I1DV20150807

Check Point: Certifi-Gate-based attacks could take complete control of Android devices
http://www.zdnet.com/article/certifi-gate-big-android-security-trouble-for-hundreds-of-millions-of-users/
Hackers can remotely steal fingerprints from Android phones
http://www.zdnet.com/article/hackers-can-remotely-steal-fingerprints-from-android-phones/
After Stagefright, Samsung and LG join Google with monthly Android patches
http://www.zdnet.com/article/after-stagefright-samsung-and-lg-join-google-with-monthly-android-patches/
Black Hat 2015: Researcher exploits Android bug to take complete control of device
http://www.scmagazine.com/black-hat-2015-researcher-exploits-android-bug-to-take-complete-control-of-device/article/431220/
Biggest security update in history coming up: Google patches Android hijack bug Stagefright
http://www.theregister.co.uk/2015/08/05/android_software_update/
HTC caught storing fingerprints AS WORLD-READABLE CLEARTEXT
http://www.theregister.co.uk/2015/08/10/htc_caught_storing_fingerprints_as_worldreadable_cleartext/
Black Hat 2015: Vulnerability enables complete takeover of any Android device
http://www.scmagazine.com/black-hat-2015-vulnerability-enables-complete-takeover-of-any-android-device/article/431227/

Cloud

クラウドを狙う中間者攻撃「MITC」が浮上、Black Hatで報告
http://www.itmedia.co.jp/enterprise/articles/1508/07/news124.html

Attackers can access Dropbox, Google Drive, OneDrive files without a user's password
http://www.zdnet.com/article/dropbox-google-drive-onedrive-files-man-cloud-attack/
BlackHat 2015: Keeping up with the security of an evolving cloud
http://www.scmagazine.com/blackhat-2015-keeping-up-with-the-security-of-an-evolving-cloud/article/430715/
Imperva demos cloudy man-in-the-middle attack
http://www.theregister.co.uk/2015/08/07/imperva_cloud_maninthemiddle_attack/

Car Hack

ドライバーに衝撃:走行中のジープの乗っ取りに成功
https://blog.kaspersky.co.jp/remote-car-hack/8332/
米テスラ車をハッカーが乗っ取り、今のところ車内から
http://jp.wsj.com/articles/SB10685294686418064255204581155863237245414

OPM wins Pwnie, Google on Android security, DoJ on CFAA: Black Hat 2015 roundup
http://www.zdnet.com/article/opm-wins-pwnie-google-on-android-security-doj-on-cfaa-black-hat-2015-roundup/
Regulators left in dark over Chrysler security flaw for 18 months
http://www.zdnet.com/article/regulators-left-in-dark-over-chrysler-security-flaw-for-18-months/
Death certificates, safes, weapons and Teslas: DEF CON 23
http://www.zdnet.com/article/death-certificates-safes-weapons-and-teslas-def-con-23/
News from DEF CON 23: fake deaths, DHS and Tesla court hackers
http://www.zdnet.com/article/news-from-def-con-23-fake-deaths-dhs-and-tesla-court-hackers/
Hacker-friendly Chrysler hauled into court for class-action showdown
http://www.theregister.co.uk/2015/08/06/chrysler_lawsuit_wireless_car_hacking/

OS

Windows patches can be intercepted and injected with malware
http://www.zdnet.com/article/windows-update-intercept-inject-malware/
Slippery Windows Updates' SOAP bubbles up SYSTEM priveleges
http://www.theregister.co.uk/2015/08/07/slippery_windows_updates_soap_bubbles_up_system_priveleges/

Malware

15時間で侵入? 機械学習マルウェア検出システムに浮上した“不都合な真実” (1/2)
http://techtarget.itmedia.co.jp/tt/news/1508/19/news07.html
Black Hat 2015: Mac OS X malware is mediocre, but could be better
http://www.scmagazine.com/black-hat-2015-mac-os-x-malware-is-mediocre-but-could-be-better/article/430953/
Global cybercrime fraud boss ran secret pro-Moscow intel sorties
http://www.theregister.co.uk/2015/08/06/100m_business_gang_foxit_report/
Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it
http://www.theregister.co.uk/2015/08/11/memory_hole_roots_intel_processors/
Borg blacklist assimilates Cryptolocker domain name generators
http://www.theregister.co.uk/2015/08/10/borg_malware_blacklist_assimilates_cryptolocker_domain_name_generators/

Exploit

1997年から2010年までのインテル製CPUに脆弱性ルートキット埋め込み可能で対策はほとんどなし
http://japanese.engadget.com/2015/08/10/1997-2010-cpu/
Update Firefox NOW to foil FILE-STEALING vulnerability exploit, warns Mozilla
http://www.theregister.co.uk/2015/08/07/update_firefox_to_foil_russian_filestealing_vuln_exploit/

Crypt

Researchers look sideways to crack SIM card AES-128 encryption
http://www.theregister.co.uk/2015/08/06/researchers_crack_sim_card_aes128_encryption_in_10_minutes_for_cloning/

Hardware

Squareリーダーのハードとソフトの脆弱性を解析
http://scan.netsecurity.ne.jp/article/2015/08/07/37068.html

Square reader to card skimmer in less than 10 minutes
http://www.zdnet.com/article/square-reader-to-card-skimmer-in-less-than-10-minutes/

IoT

ハッカーが30m圏内にいる場合は利用を控えてください」
http://ascii.jp/elem/000/001/039/1039597/
近所のエロ少年が飛ばすドローンを合法的に撃退したい件
http://ascii.jp/elem/000/001/040/1040152/
Critical IoT security flaw leaves connected home devices vulnerable
http://www.zdnet.com/article/critical-security-flaws-leave-connected-home-devices-vulnerable/
Oh no ZigBee, as another front opens on home networking insecurity
http://www.theregister.co.uk/2015/08/06/zigbee_insecurity_home_networking_oit/


SCADA/ICS

Nuclear nightmare: Industrial control switches need fixing, now
http://www.zdnet.com/article/nuclear-nightmare-industrial-control-switches-need-fixing-now/
Black Hat 2015: Honeypots gather data on gas pump monitoring system attacks
http://www.scmagazine.com/uptick-in-interest-in-scada-systems-spur-researchers-to-set-up-honeypots/article/431018/
Crackpot hackpots pop top of GasPots
http://www.theregister.co.uk/2015/08/07/gaspot_experiement_trend_micro/
I could spoof Globalstar satellite messages, boasts infosec bod
http://www.theregister.co.uk/2015/08/05/globalstar_satellite_comms_hacking/

Web Application

Major web template flaw lets miscreants break out of sandboxes
http://www.theregister.co.uk/2015/08/05/web_security_megavuln/

Compliance

Black Hat 2015: USA Freedom Act sparks debate
http://www.scmagazine.com/black-hat-2015-usa-freedom-act-sparks-debate/article/431424/
Black Hat 2015: Justice Dept. not gunning for security researchers
http://www.scmagazine.com/dojs-bailey-assures-cautions-security-researchers/article/431234/
Black Hat 2015: DHS deputy secretary discusses the future of information sharing
http://www.scmagazine.com/black-hat-2015-dhs-deputy-secretary-discusses-the-future-of-information-sharing/article/431312/
Black Hat 2015: Defending, malware and other security trends
http://www.scmagazine.com/black-hat-2015-defending-malware-and-other-security-trends/article/430921/
DEF CON 23: DHS deputy secretary's suggestions for building trust between hackers, gov't
http://www.scmagazine.com/def-con-23-dhs-deputy-secretarys-suggestions-for-building-trust-between-hackers-govt/article/431587/

Business

NRIセキュア、ソリトンのEDR技術導入で米国の監視サービスを強化
http://scan.netsecurity.ne.jp/article/2015/08/06/37061.html
FBIが「サイバー犯罪と戦う人物」を「指名手配」
http://scan.netsecurity.ne.jp/article/2015/08/07/37069.html
ハッカー攻撃機能付きドローン、米デフコンで公開
http://www.afpbb.com/articles/-/3056944
ハッカーのワールドカップで韓国が初優勝
http://japanese.donga.com/srv/service.php3?biid=2015081167528

Microsoft raises the bar for Bug Bounty programs
http://www.zdnet.com/article/microsoft-raises-the-bar-for-bug-bounty-programs/
Chinese hackers hijack commercial VPN service to launch cyberattacks
http://www.zdnet.com/article/chinese-hackers-hijack-commercial-vpn-service-to-launch-cyberattacks/
Chinese hackers lay cybersnares for US, UK firms
http://www.zdnet.com/article/chinese-hackers-lay-cybersnares-for-us-uk-firm/
Black Hat 2015: Vulnerabilities in the first half of 2015
http://www.scmagazine.com/black-hat-2015-vulnerabilities-in-the-first-half-of-2015/article/431320/
Black Hat 2015: Onapsis CTO JP Perez demonstrates Oracle, SAP attack vectors
http://www.scmagazine.com/black-hat-2015-onapsis-cto-jp-perez-demonstrates-oracle-sap-attack-vectors/article/431311/
Ransacked US OPM wins Pwnie Award for 'Most EPIC Fail'
http://www.theregister.co.uk/2015/08/06/opm_pwnie_award_most_epic_fail/
White hat finds vulnerability in white box switches
http://www.theregister.co.uk/2015/08/06/white_hat_finds_vulnerability_in_white_box_switches/
Hacking Team Flash exploit leak revealed lightning reflexes of malware toolkit crafters
http://www.theregister.co.uk/2015/08/05/hacking_team_zero_day_speedy_exploit_kit_authors/
How the Arab Spring blew the lid off the commercial spyware
http://www.theregister.co.uk/2015/08/06/arab_spring_commercial_spyware_industry/
Terracotta: The Chinese VPN that hides Beijing's hackers with pwned biz
http://www.theregister.co.uk/2015/08/05/terracotta_vpn_rsa_research/