Developing consolidating and secure
Our adversaries are no longer motivated only by money, personal data or competitive intelligence, but are now driven to use the critical technologies of our lives to arrest journalists and activists, to suppress democracy and manipulate public opinion.
In these times, our community has a responsibility to the people of the world that goes beyond traditional facets of information security.
Furthermore, Telephonist Attack can obtain the victim's phone number and then use the phone number to make advanced attack, e.g. The victim will not sense being attacked since no 4G or 2G fake base station is used and no cell re-selection.
These attacks can randomly choose victims or target a given victim.
This is a very general attack approach, in which we used in combination with our own fuzzing tool to discover many 0days in built-in libraries of very widely-used programming languages, including Python, PHP, Perl, Ruby, Java, Java Script, Wget and c URL.
In the CSFB procedure, we found the authentication step is missing.
Even worse, an adversary understanding the usage of regular building automation protocol functions for malicious purposes may not only create chaos within the breached building but can potentially even peak into internal networks over building protocols which are otherwise not reachable.
This talk describes prototypic attack scenarios through building automation systems one should consider, and how even without exploits, a number of protocol functions in common building automation protocols like BACnet/IP and KNXnet/IP can support a malicious adversary going for those scenarious.
Soon after founding P/BA, the principals reached out to several experienced criminal justice and health care professionals, who joined P/BA as senior associates.
Since then, P/BA has served more than 60 clients in 28 states plus the District of Columbia and Commonwealth of Puerto Rico — successfully providing innovative, comprehensive solutions to criminal justice, juvenile justice, and forensic health care problems.