Save the Date
6.-7.June 2024

As most RAT's are often detected by anti Malware services, it is useful to create your own RAT for RedTeaming engagements. It is important to consider a few key design decisions, or it will end badly. I will show some parts of my RAT, Antnium. It is designed to bypass certain EDR solutions, which requires it to bypass AV. And lastly, what influence does this have on SIEM.

Why would an attacker operate their own command and control infrastructure when they can abuse something that already exists? Instead of using an attacker-controlled server, attackers are abusing popular cloud applications, including messaging apps, webmail apps, cloud storage apps, and social media apps for command and control (C2). C2 over cloud apps is less likely to be detected since abusing a popular cloud application has the advantage of blending in with everyday traffic and evading traditional command and control defenses. This talk will explore this new threat landscape, show real-world examples of attacks exploiting cloud services, review some of the most abused cloud applications, present novel tactics, and share behavior-based defenses for these attacks. This talk will equip the listener with the information to spot these attacks and strategies to reduce their attack surface.

In the european Power Grid are several mechanism and dependencies to stabelize the powergrid. I will talk about how these works in general as a background to understand the effects of the vulnerabilities that i will show. The vulnerabilities in a solar power inverter in combination with other attack methods will bring an different view. Renewable and green energy is good for the environment, if implemented in a secure way. But often, this is not the case.

In this talk, we share our journey into Valve's Source Engine, which powers some of the most popular multiplayer games that attract millions of monthly players. We layout how to find, validate and exploit bugs and share details of a 100 percent reliable, wormable 1-click RCE chain.

Passwordless solutions promise greater security and convenience by allowing users to login to Windows systems with only their smartphone. But what's going on behind the scenes and how could a domain's security stance be worsened by such a solution? In this talk I will explain how these solutions are implemented and detail the vulnerabilities and weaknesses discovered in three tested products.

Hearing aids are becoming more and more interconnected. They communicate via Bluetooth with mobile phones and PCs. For example, audiologists use their PCs to fit hearing aids to the patient's hearing loss. This even works remotely, routed via internet and the patient's mobile phone. Unfortunately, Bluetooth does not provide the necessary security mechanisms, e.g. neither access control nor cloud-based authentication. To this end, we have developed a proprietary security protocol, because existing security protocols cannot be used due to the limited communication bandwidth and hardware resources. But as we all know, proprietary security protocols have a higher likelihood of containing undetected security flaws. Formal verification allows us to gain confidence in the protocols by formally proving the desired security properties. We take you along in our journey of designing and implementing our protocol, and finally, tell you how a Bachelor's thesis student achieved to also formally verify its security properties.

When we first inspected the Meeting Owl Pro ( https://owllabs.de/), it appeared like a well-designed video conferencing camera with a meaningful use case and some security measurements in place. A closer look revealed a security nightmare allowing attackers to locate devices, collect sensitive data, and use it as a gateway into corporate networks. h00t! h00t!