In the spirit of community involvement and open communication, members of our Incident Response team recently attended hack.lu 2018 in Luxembourg. The conference included a single presentation track and hands-on workshops across three days. The talks offered at the conference ranged from the technical, to the practical, to the purely theoretical. The presenters also represented a diverse background of researchers, practitioners (both attack and defense), and enthusiasts. Here are a few highlights from the conference:
- Hypervisor-level debugger: benefits and challenges(Mathieu Tarral) – Mr. Tarral presented on the benefits of debugging at a hypervisor level and some of the issues and pitfalls with prior attempts at this. Mr. Tarral also presented on his current research into developing a better process and set of tools for debugging. His tools and research could prove to be very useful for our own efforts here at Adobe.
- WHAT THE FAX?!(Eyal Itkin, Yaniv Balmas) – Mr. Itkin and Mr. Balmas gave a dynamic and entertaining presentation on the continual vulnerability presented by the use of FAX (facsimile) technology in an unsecured and often forgotten manner. Their presentation certainly raised awareness that the FAX technology is still a viable attack surface in many infrastructures and one that needs to be accounted for.
- Finding the best threat intelligence provider for a specific purpose: trials and tribulations(Alicia Hickey, Dror-John Roecher) – Ms. Hickey and Mr. Roecher presented on their journey through choosing a threat intelligence provider and their systematic approach to the process. They chose to evaluate on multiple criteria ranging from amount, quality, and consistency of intel. This knowledge will help us better decisions at Adobe when it comes to threat intelligence providers.
- Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!(Orange Tsai) – Mr. Tsai presented on his research into exploitation of modern web frameworks through a long standing set of vulnerabilities numerous developers have ignored. Unfortunately, this presentation presented a rather disturbing picture of how many platforms could still be vulnerable to this particular set of exploits. This knowledge is useful in helping our teams further reduce risk by being aware of the inherent issues still present in many web application frameworks and tools.
I think Hack.lu gave the team a good exposure to thoughts and ideas from around the world. The presentations were interesting, informative, and helpful and the conference was, overall, a valuable experience.
Nick Pachis
Security Engineer