Summary: John Nye from http://endisnye.com (https://twitter.com/EndisNye_com) and Christian Johnson (https://twitter.com/TheWizBM) joins Jim (https://twitter.com/jcollison) for show #180 of Home Gadget Geeks brought to you by the Average Guy Network, part of http://thegeeksnetwork.com/ community. Support the Average Guy Tech Scholarship Fund: http://theAverageGuy.tv/amazon WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at http://theAverageGuy.tv/subscribe Join us for the show live each Thursday at 8pmC/9E/1UTC at http://theAverageGuy.tv/live or call in your questions or comments to be played on the show at (402) 478-8450 Listen Mobile: Home Server Show Meetup in Indy - Sep 20 – register - http://homeservershow.com/forums/index.php?/topic/7748-meetup-2014-registration-and-info/ DefCon and Black Hat notes for The Average Guy: Home Gadget Geeks Podcast John Nye - john.r.nye@gmail.com -or- @endisnye_com -or- endisnye.com Black Hat Archives https://www.blackhat.com/us-14/archives.html Defcon Archives, (no 2014 slides yet) https://www.defcon.org/html/links/dc-archives.html Black Hat Information and Links Time Magazine Article about The DarkTangent (a.k.a. Jeff Moss) the founder of Black Hat and Defcon: https://time.com/3103530/defcon-hackers-dark-tangent/ Blackhat Keynote “Cybersecurity as Realpolitik” - http://geer.tinho.net/geer.blackhat.6viii14.txt Video (https://www.youtube.com/watch?v=nT-TGvYOBpI) Talks that I saw and wanted to say a few things about: BadUSB – On Accessories that Turn Evil - USB has become so commonplace that we rarely worry about its security implications. USB sticks undergo the occasional virus scan, but we consider USB to be otherwise perfectly safe - until now. This talk introduces a new form of malware that operates from controller chips inside USB devices. USB sticks, as an example, can be reprogrammed to spoof various other device types in order to take control of a computer, exfiltrate data, or spy on the user. We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses. We then dive into the USB stack and assess where protection from USB malware can and should be anchored. http://www.androidauthority.com/badusb-hack-412902/ http://www.pcmag.com/article2/0,2817,2461717,00.asp Extreme Privilege Escalation on Windows 8/UEFI Systems: The UEFI specification has more tightly coupled the bonds of the operating system and the platform firmware by providing the well-defined "runtime services" interface between the operating system and the firmware. This interface is more expansive than the interface that existed in the days of conventional BIOS, which has inadvertently increased the attack surface against the platform firmware. Furthermore, Windows 8 has introduced APIs that allow accessing this UEFI interface from a userland process. Vulnerabilities in this interface can potentially allow a userland process to escalate its privileges from "ring 3" all the way up to that of the platform firmware, which includes permanently attaining control of the very-powerful System Management Mode (SMM). This talk will disclose two of these vulnerabilities that were discovered in the Intel provided UEFI reference implementation, and detail the unusual techniques needed to successfully exploit them. Whitepaper: https://www.blackhat.com/docs/us-14/materials/us-14-Kallenberg-Extreme-Privilege-Escalation-On-Windows8-UEFI-Systems-WP.pdf Slide Deck: https://www.blackhat.com/docs/us-14/materials/us-14-Kallenberg-Extreme-Privilege-Escalation-On-Windows8-UEFI-Systems.pdf 802.1x and Beyond (HIGHLY Technical) https://www.youtube.com/watch?v=gDOadcq_fFQ Abusing Microsoft Kerberos: Sorry You Guys Don’t Get It. (Slide Deck) http://www.slideshare.net/gentilkiwi/abusing-microsoft-kerberos-sorry-you-guys-dont-get-it Defcon Information and Links DEFCON Documentary: https://www.
