Presented at
BSidesLV 2023,
Aug. 8, 2023, 3 p.m.
(45 minutes).
Phishing attacks and weak passwords aren't the only things that are keeping Blue teams up at night. Imagine a nearly undetectable device in the user's keyboard stealthily leaking out information or acting as a malicious user. Welcome to the nightmare game of HIDe-N-SEEK.
In our public talks about the Injectyll-HIDe project, we were limited by our fear of showing our real capabilities. Unlike our other talks about this implant, in this Skytalks presentation we will go off the record and take a candid deep dive into why the Injectyll-HIDe project is the thing of nightmares. We will be taking an uncensored look at the inner workings that make it so dangerous and why you might need to start walking your enterprise halls with bug sweepers. Audience participation is highly encouraged.
Audiences will leave with a deeper understanding of how the project works, a new platform to use for future Red Team operations, some fun stories, and even some nightmares. Warning, I am not to blame for any loss of sleep after this talk.
Presenters:
-
Jonathan Fischer
Jonathan Fischer is a hardware and IoT security enthusiast that started off designing, programming, and implementing electronic controls for industrial control systems and off-highway machinery. After a decade in that industry, Jonathan obtained his BS in Computer Science and transitioned over to the cyber security industry where he has been working as a Red Team consultant and researcher for more than five years at a Fortune 500. Since joining the cyber security industry, Jonathan has earned various industry certifications (OSCP, GXPN, etc.) and continues to leverage his unique experience in his research into hardware hacking. Jonathan has presented his research at conferences such as ShmooCon, DEF CON Demo Labs, BSides LV, and Hardware Hacking Village. He is also the co-creator of Injectyll-HIDe, an open-source hardware implant designed for use by red teams.
Links:
Similar Presentations: