See you in San Francisco for RSAC!

By -


See you in San Francisco for RSAC!

GRIMM and SCYTHE are packing our bags and heading to the RSA Conference. We have a busy week planned and are excited to see new and familiar faces. We would be happy to connect one-on-one to talk about the ways your organization can benefit from CROSSBOW.
Our teams will be in full force - here are a few places you will find us throughout the week:

Mayhem at the Mint

Join SCYTHE and Bugcrowd at the historic SF Mint for an evening of luxurious InfoSec networking and partying. We’ll have two bars and over 10 rooms of fun - this is the RSAC event you don’t want to miss, guaranteed.
  • Tuesday, April 17th from 8pm to Midnight
  • RSVP Required for Entry
  • Located Two Blocks from the Moscone Center at 88 5th St., San Francisco, CA 94103

ICS Sandbox

Bryson recently launched the non-profit ICS Village with several other ICS stalwarts (Tom VanNorman, Larry Vandenaweele, Beau Woods) which will kick off its first public event at RSAC 2018. Please stop by the ICS Village (located in the RSA Sandbox in the Marriott Marquis) for a tour, a hands on demo of GRIMM’s “Howdy Neighbor” model smarthome.
Sandbox Schedule:
  • Tuesday, April 17th from 4:30 PM – 6:00 PM (opens with CyBEER Ops - access included for Full Conference passholders, guest tickets available for purchase)
  • Wednesday, April 18th from  8:00 AM – 5:00 PM (open to all badge types)
  • Thursday, April 19th from 8:00 AM – 3:30 PM (open to all badge types)

Speaking Sessions

Bryson will present a demonstration of common smart-home security risks in his session, No IOUs with IoT, on Wednesday, April 18 at 11:00am PT. More than showing how a smart thermostat can take over your home, this session will present Howdy Neighbor - GRIMM’s miniature model home, “smart” from kitchen to garage, to the wider RSAC audience. Bryson will show off our test-bed for reverse engineering and hacking distinct consumer-focused smart devices to demonstrate how the (in)security of individual devices can impact the safety of your home.
Attendees will have the opportunity to:
1: Understand how the (in)security of IoT can impact the consumer.
2: Learn challenges in development, configuration, deployment and use of IoT devices.
3: Explore current IoT threat intelligence.
Stay tuned to our Twitter feeds (@Scythe_io@grimmcyber@ICS_Village) for live updates throughout the week. Also, if you’d like to schedule a one-on-one meeting with a representative from GRIMM or SCYTHE, please contact us at info@scythe.io.

Popular posts from this blog

New Old Bugs in the Linux Kernel

By Anonymous -
Image
  Introduction Dusting off a few new (old) vulns Have you ever been casually perusing the source code of the Linux kernel and thought to yourself "Wait a minute, that can’t be right"? That’s the position we found ourselves in when we found three bugs in a forgotten corner of the mainline Linux kernel that turned out to be about 15 years old. Unlike most things that we find gathering dust, these bugs turned out to still be good, and one turned out to be useable as a Local Privilege Escalation (LPE) in multiple Linux environments. Who you calling SCSI? The particular subsystem in question is the SCSI (Small Computer System Interface) data transport, which is a standard for transferring data made for connecting computers with peripheral devices, originally via a physical cable, like hard drives. SCSI is a venerable standard originally published in 1986 and was the go-to for server setups, and iSCSI is basically SCSI over TCP. SCSI is still in use today, especially
Read more

Automated Struct Identification with Ghidra

By Anonymous -
Image
At GRIMM, we do a lot of vulnerability and binary analysis research. As such, we often seek to automate some of the analysis steps and ease the burden on the individual researcher. One task which can be very mundane and time consuming for certain types of programs (C++, firmware, etc), is identifying structures' fields and applying the structure types to the corresponding functions within the decompiler. Thus, this summer we gave one of our interns,  Alex Lin , the task of developing a Ghidra plugin to automatically identify a binary's structs and mark up the decompilation accordingly. Alex's writeup below describes the results of the project, GEARSHIFT, which automates struct identification of function parameters by symbolically interpreting Ghidra's P-Code to determine how each parameter is accessed. The Ghidra plugin described in this blog can be found in our GEARSHIFT repository . Background Ghidra is a binary reverse engineering tool developed by the National Sec
Read more

SOHO Device Exploitation

By Anonymous -
Image
Netgear R7000 SOHO Device Exploitation After a long day of hard research, it’s fun to relax, kick back, and do something easy. While modern software development processes have vastly improved the quality of commercial software as compared to 10-15 years ago, consumer network devices have largely been left behind. Thus, when it’s time for some quick fun and a nice confidence boost, I like to analyze Small Office/Home Office (SOHO) devices. This blog describes one such session of auditing the Netgear R7000 router , analyzing the resulting vulnerability, and the exploit development process that followed. The write-up and code for the vulnerability described in this blog post can be found in our NotQuite0DayFriday repository. Initial Analysis The first step when analyzing a SOHO device is to obtain the firmware. Thankfully, Netgear’s support website hosts all of the firmwares for the R7000. The Netgear R7000 version 1.0.9.88 firmware used in this blog post can be downloaded from this web
Read more