Author: Ben

Karsten Nohl will be presenting on BadUSB at PacSec in Tokyo on Nov 12 2014.

This talk introduces a new form of malware that operates from controller chips inside USB devices. Peripherals can be reprogrammed in order to take control of a computer, exfiltrate data, or spy on the user. We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses.

Karsten Nohl will be presenting on BadUSB at POC in Seoul on Nov 6 2014.

This talk introduces a new form of malware that operates from controller chips inside USB devices. Peripherals can be reprogrammed in order to take control of a computer, exfiltrate data, or spy on the user. We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses.

Karsten Nohl and Jakob Lell will be presenting BadUSB at BlackHat 2014 in August 2014

USB has become so commonplace that we rarely worry about its security implications. USB sticks undergo the occasional virus scan, but we consider USB to be otherwise perfectly safe — until now.

This talk introduces a new form of malware that operates from controller chips inside USB devices. USB sticks, as an example, can be reprogrammed to spoof various other device types in order to take control of a computer, exfiltrate data, or spy on the user.

We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses.

We then dive into the USB stack and assess where protection from USB malware can and should be anchored.

Karsten Nohl will be presenting on Mobile network attack evolution at Positive Hack Days in Moscow, May 21-22 2014.

Mobile networks should protect users on several fronts: Calls need to be encrypted, customer data protected, and SIM cards shielded from malware.

Many networks are still reluctant to implement appropriate protection measures in legacy systems. But even those who add mitigations often fail to fully capture attacks: They target symptoms instead of solving the core issue.

This talk discusses mobile network and SIM card attacks that circumvent common protection techniques to illustrate the ongoing mobile attack evolution.

Linus Neumann and Ben Schlabs will be presenting On our fear and apathy towards smartphone attacks at Re:publica on May 7th 2014.

Smartphones are migrating from lifestyle object to the epicenter of communication on the individual and societal level. Equipped with cameras and microphones and constantly connected to communication networks, the phones are also becoming an attractive target for spies and data thieves. The fear among smartphone users grows without their knowing if and how they are actually being attacked.

This talk aims to take the fear factor out of the smartphone security discussion: We explain how phone attacks work and which ones you should be worried about, what you should demand from your network operator, and how you can protect yourself. To further drive mobile security evolution, we introduce a crowdsourced way to measure mobile network protection around the world.