First ZeroNights 2019 talks are approved!
Just to remind — our keynotes are Alex Matrosov and Matt Suishe. Now meet our first speakers and their talks.
Ke Liu with a talk titled “Two Bytes to Rule Adobe Reader Twice: The Black Magic Behind the Byte Order Mark”
Ke Liu is a senior security researcher of Tencent Security Xuanwu Lab. He has found hundreds of vulnerabilities in the world’s most popular PDF readers which affect the products of Adobe, Apple, Foxit, Google, and Microsoft. He was one of the nominees of the Pwnie Awards 2017 (Epic Achievement). He once spoke at Black Hat Asia 2017. He successfully pwned Adobe Reader at Tianfu Cup 2018. He’s also in MSRC top 100 list in 2016, 2017, and 2018.
Pwn Adobe Reader with malformed strings just like decades ago. This presentation will discuss the following topics in detail:
- Root cause analysis of the vulnerabilities
- Methods to discover this kind of vulnerabilities
- Tricks to write working exploits for the vulnerabilities
Hossein Lotfi with a talk titled “A Monkey in the Sandbox: Exploiting Firefox Through IonMonkey JIT and Kernel Sandbox Escapes”
Hossein Lotfi is a senior vulnerability researcher at Trend Micro’s Zero Day Initiative (ZDI). Hossein’s recent research on Microsoft Windows GDI and font processing resulted in more than a dozen CVE assignments and vulnerability disclosures. He is in the list of Microsoft Security Response Center most valuable security researchers for 2018 and 2019.
Browser exploits still occur, and thanks to unique sandbox escapes, they can allow an attacker a path to execute code with System-level privileges. This talk examines two such scenarios in the Mozilla Firefox web browser. Both of these exploit chains were used in the latest Pwn2Own competition.
LimitedResults with a talk titled “Fatal Fury on ESP32: Time to release Hardware Exploits”
A researcher nicknamed LimitedResults, a hardware hacker, will present, in a methodical way, how to defeat one by one the ESP32 security features, having physical access to the device and using low-cost hardware techniques such as voltage glitching, analog side-channel, micro-soldering and Reverse (of course).
To the best of my knowledge, Built-in ESP32 security features such as Secure boot and Flash Encryption were never broken until now.
Pavel Cheremushkin with a talk titled “Opwnsource: VNC vulnerability research”
Pavel Cheremushkin is a security researcher focused on software vulnerabilities, fuzzing, reverse engineering as well as the exploitation of binary vulnerabilities, currently working at the position of a security researcher at Kaspersky Lab’s ICS CERT.
Pavel has discovered more than 40 security vulnerabilities in different VNC implementations and the research is still going on. During the talk he is going to demonstrate: both server-side and client-side vulnerabilities within different VNC implementations, «vulnerability plague» that was caused by developers copy-pasting vulnerable code without thinking, remote code execution PoC on a client machine connecting to a malicious or compromised server.
Md4 with a talk titled “CiscoASA: From Zero to ID=0”
A researcher nicknamed Md4 is CTF player in 0ops Security, a researcher in Dbappsecurity for network devices including Cisco, Checkpoint, TP-link, Netgear. Bug hunter in web&&pwn (CVE-2018-11481, CVE-2018-11482, CVE-2016-7781, CVE-2016-7782, CVE-2016-7783, CVE-2016-7788 etc.)
The presentation will disclose an 0-day vulnerability affecting the major version of the Cisco ASA devices, as well as discuss a new kind of exploit technique, which can remote code execute in the Cisco ASA with an authenticated user.
CFP ZeroNights 2019 is closed on October 10.
Don’t wait till the last day to join ZeroNights 2019 heroes!
