Presentation on the need to re-examine how we engineer systems (taking service providers as an example) and the implications on how we quantify cyber risk if we want to take this message into the board room (as given at BT’s SnoopCon 2019 and Cisco’s June 2019 Knowledge Network webinar for service providers). Continue reading
Presentation on building an effective operational security capability (as given at Cisco Live US/Talos Threat Research Summit 2019). Continue reading
Presentation on Zero Trust and the importance of identity in breach response and recovery (as given at InfoSec Europe 2019 on the tech talk track). Continue reading
Presentation on building effective SOCs (as given at InfoSec Europe 2019 on the interactive workshop track). Continue reading
By way of an introduction to our talk at Black Hat Europe, Security Advisory EMEAR would like to share the background on our recent research into some common Active Directory integration solutions. Just as with Windows, these solutions can be utilized to join UNIX infrastructure to enterprises’ Active Directory forests. Continue reading
Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018). Continue reading
Presentation on 0-RTT in TLS 1.3 (as given at DEF CON 26 and Black Hat 2018). Continue reading
Secure communications are one of the most important topics in information security and the Transport Layer Security (TLS) protocol is currently the most used protocol to provide secure communications on Internet. For example, when you are connecting to your online banking application, your favorite instant message application or social networks, all those communications are being transmitted using TLS. With TLS the information sent by the browser and the service is secured and encrypted, meaning that the information cannot be modified or tampered with by an attacker. Moreover the communications are verified to ensure that the browser is connected to the right endpoint (e.g. Wikipedia). Continue reading
Presentation on “interesting” features of the Intel x86[_64] platform (as given at 44CON 2017).
A lot of recent work has gone into the discovery, analysis, and (on occasion) marketing of hardware weaknesses in the Intel x86[_64] platform particularly with respect to how it is often implemented as part of specific motherboard designs. Some, such as the recent speculative execution borne attacks, are issues in the architecture itself. Other issues, however, affect individual implementations. This talk will take a wide-coverage “state of play” look at x86[_64] platform security covering:
- Architectural failings in hardware design
- Identifying security issues with modern computer hardware (treat it just like IoT devices!)
- Attempts at restoring privacy, ownership, and security
- Code and data persistence
- How secure hardware can be re-used
Presentation on finding implementation* bugs outside the mainstream (as given at Securi-Tay 2017). Continue reading