PHDays talks to include eavesdropping on videoconferences, new version of GhostTunnel, and Java Card attacks
Our review board has been hard at work sorting through proposals for talks at Positive Hack Days. We encourage would-be speakers to apply soon: the call for papers closes on March 31. Recently we announced a highlighted speaker at PHDays 9, prominent GSM security researcher Karsten Nohl. Today we present the first group of speakers whose talks have already made the cut.
Yamila Vanesa Levalle, security researcher at ElevenPaths, will be making her PHDays debut. She will speak about two open-source Python tools that automate attacks on Cisco Meeting Server (CMS).
Many companies use the CMS platform for video and audio conferences to discuss important corporate issues. Users connect to meetings through different clients or via WebRTC and a browser. Despite its convenience, the platform can present a potential security threat. Testing of CMS revealed that it is possible—remotely and without authentication—to obtain the name of a conference, its ID, video address, and conference passcode. Security of CMS already made the news in 2016, when Cisco patched a critical vulnerability that allowed attackers to log in as a different user.
At PHDays, Yamila Vanesa Levalle will use the two tools to demonstrate how an attacker can determine CMS URLs, access conferences, and even record conferences using a browser.
Another PHDays speaker is Yongtao Wang, senior security researcher at 360 Technology, who specializes in penetration testing and wireless security research. He will speak about GhostTunnel, which is designed for covert data transmission in isolated environments. Attendees will learn about a new version of GhostTunnel for servers and Windows (written in C/C++) developed several months ago. Using Bluetooth, GhostTunnel can simultaneously create several tunnels between the client and the server.
Sergei Volokitin, security analyst at Riscure in the Netherlands, will give his third PHDays talk. Sergei's work is focused on security evaluation of embedded systems and security testing of smart card platforms, TEE-based solutions, and secure devices. At PHDays 7 he spoke about attacks on Java-based smart card containers allowing attackers to steal cryptographic keys and PIN codes of other applets installed on the card. This year Sergei will speak about a novel attack method that compromises the applet isolation implemented by modern smart cards as well as security mechanisms on the Java Card platform. Also he will demonstrate other attacks involving disclosure of critical private data and propose potential countermeasures.