IoT Security – Executing an Effective Security Testing Process

•Als PPT, PDF herunterladen•

1 gefällt mir•2,178 views

Deral Heiland CISSP, serves as a the Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 10+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on a numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.

Technologie

IoT Security – Executing an Effective
Security Testing Process

Introduction
Deral Heiland – IoT Research Lead Rapid7
•25+ years IT
•15 years security
•8+ years security consultant pentesters
www.hackerhalted.com

IoT Ecosystem
IoT Testing Methodologies
IoT Research & Results
Questions
Agenda

Embedded Hardware
Mobile & Control Applications
Cloud APIs & Web Services
Network Communication
Data
IoT Ecosystem

Help Identify exposure footprint
Threat modeling for risk
Determine Impact across ecosystem
Conducting security testing
Ecosystem Approach

Functional Evaluation
Device Reconnaissance
Cloud & Web APIs
Mobile & Control Applications
Network
Physical Embedded hardware Inspection
Physical Device Attacks
Radio (RF)
Testing Methodology Structure

Standard deployment
Two environments
Map out
Features
Functions
Components
Communication paths
Functional Evaluation

Welcome to my real world lab
Use the product to its full capacity
Functional Evaluation

Component versions
Software versions
Vulnerability history
Open source data
White labeled product history
User Manuals
Component data/spec sheets
FCC Data
Device Reconnaissance

Eview Panic Button Reconnaissance
User manual very revealing

Encryption (storage and transfer)
Authentication
Access rights
Communication protocols
SSL pinning
Mobile & Control Applications

Mobile Application
Wink Hub 2 Unencrypted Storage of Credentials

Insteon Smart Hub
Unencrypted Storage of Credentials

Encryption (storage and transfer)
Authentication and session management
Common web vulnerabilities
XSS
CSRF
Injection attacks ( SQLi etc..)
Business logic attacks
Cloud & Web APIs

Cloud API’s
Wink Hub 2 Failure to Revoke Oauth Token

Exposed services
Authentication
Access rights
Encryption
Intra product “ecosystem” communication
Network

Network
Device Local Mode Security
Loss of internet access
Lack of authentication
Lack of encryption

Osram Lightify
Over The Air (OTA) Firmware Captures with Wireshark

Chips
CPU
Memory
Communication
Physical ports
Ethernet
USB
Serial
Circuitry connection
UART
JTAG
SPI
Physical Embedded hardware Inspection

JTAG/SWD
UART
SPI
Memory extraction
Firmware
configurations
Physical Device Attacks

Gathering RF Configuration Data
from Inter Chip Communication

1100101010000001
1100110001100111
1000000000111110
1010011111011000
1100010001110111
1100001001101100
1001011010000000
1001100001000100
1000001000011000
1100000011100000
Gathering RF Configuration Data
from Inter Chip Communication

Firmware Extraction
embedded Multi-Media Controller (eMMC)

Encryption
Pairing
Access control
Command and control
Replay attacks.
Radio (RF)

RF Analysis
Insteon Vulnerable to Replay Attacks

Circle back around for more Insteon RF recon
•Peter Shipley
•Defcon23 (False Security and Deceptive Documentation)
•https://github.com/evilpete/insteonrf
Appears this issues have never been correctly, specially the
unencrypted communication – even on their own products
Insteon RF Analysis Reconnaissance

Reduced issues
Reduced risk
Better products
Deeper understanding
Conclusion

Questions
Deral Heiland - Research Lead (IoT)
deral_heiland@rapid7
@percent_x
http://www.rapid7.com

Weitere ähnliche Inhalte

Was ist angesagt?

IoT/M2M Security

Yu-Hsin Hung

Understanding what is IoT security What is the scope of IoT security Uses of IoT and where do we see it in our daily life Possible attack surface and likelihood of IoT-related attacks IoT specific security assessment (understanding approach, IoT protocols, how it is a combination of different type assessments) The myths of IoT security and the way it has progressed in past few years and how far fetched it can be. Available Resources and Tools

IoT Security Risks and Challenges

OWASP Delhi

Iot Security

MAITREYA MISRA

IoT Security

Narudom Roongsiriwong, CISSP

Presentation on IOT SECURITY

The Avi Sharma

IoT Security

Peter Waher

We did not predict the Internet, the Web, social networking, Facebook, Twitter, millions of apps for smart-phones, etc. New research problems arise due to the large scale of devices, the connection of the physical and cyber worlds, the openness of the systems of systems, and continuing problems of privacy and security. It is hoped that there is more cooperation between the research communities in order to solve the myriad of problems sooner as well as to avoid re-inventing the wheel when a particular community solves a problem.

Security issues and solutions : IoT

Jinia Bhowmik

A survey in privacy and security in Internet of Things IOT

University of Ontario Institute of Technology (UOIT)

Security in IoT

gr9293

IOT Security

Sylvain Martinez

IoT security

YashKesharwani2

Introduction to ICS/SCADA security

Cysinfo Cyber Security Community

SOC Architecture - Building the NextGen SOC

Priyanka Aash

Security in Cyber-Physical Systems

Bob Marcus

Cyber Threat Intelligence

mohamed nasri

Security Requirements in IoT Architecture - Security in Enabling Technologies - Security Concerns in IoT Applications. Security Architecture in the Internet of Things - Security Requirements in IoT - Insufficient Authentication/Authorization - Insecure Access Control - Threats to Access Control, Privacy, and Availability - Attacks Specific to IoT. Vulnerabilities – Secrecy and Secret-Key Capacity - Authentication/Authorization for Smart Devices - Transport Encryption

Security Requirements in IoT Architecture

Vrince Vimal

Cyber Security Layers - Defense in Depth

Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master

Regulatory compliance mandates have historically focused on IT & endpoint security as the primary means to protect data. However, as our digital economy has increasingly become software dependent, standards bodies have dutifully added requirements as they relate to development and deployment practices. Enterprise applications and cloud-based services constantly store and transmit data; yet, they are often difficult to understand and assess for compliance. This webcast will present a practical approach towards mapping application security practices to common compliance frameworks. It will discuss how to define and enact a secure, repeatable software development lifecycle (SDLC) and highlight activities that can be leveraged across multiple compliance controls. Topics include: * Consolidating security and compliance controls * Creating application security standards for development and operations teams * Identifying and remediating gaps between current practices and industry accepted "best practices”

Aligning Application Security to Compliance

Security Innovation

Cybersecurity Awareness Posters - Set #2

NetLockSmith

Information security governance

Koen Maris

Was ist angesagt? (20)

IoT/M2M Security

IoT Security Risks and Challenges

Iot Security

IoT Security

Presentation on IOT SECURITY

IoT Security

Security issues and solutions : IoT

A survey in privacy and security in Internet of Things IOT

Security in IoT

IOT Security

IoT security

Introduction to ICS/SCADA security

SOC Architecture - Building the NextGen SOC

Security in Cyber-Physical Systems

Cyber Threat Intelligence

Security Requirements in IoT Architecture

Cyber Security Layers - Defense in Depth

Aligning Application Security to Compliance

Cybersecurity Awareness Posters - Set #2

Information security governance

Ähnlich wie IoT Security – Executing an Effective Security Testing Process

IoT security-arrow-roadshow #iotconfua

Andy Shutka

Removing Security Roadblocks to IoT Deployment Success

Microsoft Tech Community

The 300 Leonidas Solution

matthew.maisel

Mobile Devices & BYOD Security – Deployment & Best Practices

Cisco Canada

Endpoint Security for Mobile Devices

David Shepherd

IoT summit - Building flexible & secure IoT solutions

Eric Larcheveque

IoT-Device-Security-DRAFT-slide-presentation

AuliaArifWardana

Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...

Mahmud Hossain

This talk briefly discusses strategies and methodologies than can be employed when assessing IoT devices. We look at how to develop credible threat scenarios for different IoT device and systems, perform static and dynamic attack surface mapping, perform static firmware analysis, perform static hardware analysis, undertake a dynamic device security analysis, sources of supporting information, supporting capability requirements and establishment, Execution of dynamic device analysis and approaches around network protocol analysis.

Practical Security Assessments of IoT Devices and Systems

Ollie Whitehouse

BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...

Mahmud Hossain

IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...

Seungjoo Kim

With nearly every embedded device and enterprise management solution serving up a web console for management, we are faced with the question (does that web service properly filter incoming data?). Unfortunately, the answer to that question is No. My research has shown that simple name data is often overlooked. This includes, SSIDs, SNMP sysDesc and Hostnames, just to name a few, which are consumed by the applications and embedded devices without proper filtering. Over the last 4 years I have researched this issue, and discovered that nearly 50% of products tested were vulnerable to injection attacks via this vector. During this presentation I will be discussing these various injection vectors, and the attacks that I have successfully developed against targeted systems using these exploits.

It’s All In The Name - Deral Heiland

EC-Council

Cyber securityppt

Sachin Roy

SMART CITY 3 novembre

canaleenergia

IoT security zigbee -- Null Meet bangalore

veerababu penugonda(Mr-IoT)

Microsoft CSP(Cloud Solution Provider) 한컴MDS에서 Azure IoT를 소개합니다. 1. Azure IoT Overview 2. SaaS - Azure IoT Central 3. PaaS - Azure IoT Solutions Accelerator - Azure IoT Components 4. Azure IoT Edge 5. Case Study - 화재 감지 모니터링 - Kiosk 상태 모니터링 및 디바이스 관리 - 여객/화물/물료 업계 대상 PoC - 환자정보 모니터링 PoC - 문의: 한컴MDS ES사업부 essupport@hancommds.com

한컴MDS_Microsoft Azure IoT Overview

HANCOM MDS

IoT-Device-Security.pptx

ZahidHussainqaisar

Enable the smart factory with IO Link

Dan Rossek

A modern approach to safeguarding your ICS and SCADA systems

Alane Moran

IoT on azure

Joanna Lamch

Ähnlich wie IoT Security – Executing an Effective Security Testing Process (20)

IoT security-arrow-roadshow #iotconfua

Removing Security Roadblocks to IoT Deployment Success

The 300 Leonidas Solution

Mobile Devices & BYOD Security – Deployment & Best Practices

Endpoint Security for Mobile Devices

IoT summit - Building flexible & secure IoT solutions

IoT-Device-Security-DRAFT-slide-presentation

Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...

Practical Security Assessments of IoT Devices and Systems

BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...

IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...

It’s All In The Name - Deral Heiland

Cyber securityppt

SMART CITY 3 novembre

IoT security zigbee -- Null Meet bangalore

한컴MDS_Microsoft Azure IoT Overview

IoT-Device-Security.pptx

Enable the smart factory with IO Link

A modern approach to safeguarding your ICS and SCADA systems

IoT on azure

Mehr von EC-Council

CyberOm - Hacking the Wellness Code in a Chaotic Cyber World

EC-Council

Whether people admit or not, everyone is moving to the cloud and all future business will run somewhere on the internet. Moving to the cloud requires different set of architecture and mindset. Data is stored, accessed and processed on different platforms and devices. Employees are working anywhere from the world, corporate data is no more under company IT custody. CISOs and CIOs need to think differently and set new Cloud Security Architecture. This session will try to draw the main areas of concern from Security perspective while moving to the cloud.

Cloud Security Architecture - a different approach

EC-Council

Phases of Incident Response

EC-Council

Weaponizing OSINT – Hacker Halted 2019 – Michael James

EC-Council

Hacking Your Career – Hacker Halted 2019 – Keith Turpin

EC-Council

Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee

EC-Council

Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver

EC-Council

DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...

EC-Council

Data in cars can be creepy – Hacker Halted 2019 – Andrea Amico

EC-Council

Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel Nader

EC-Council

Are your cloud servers under attack?– Hacker Halted 2019 – Brian Hileman

EC-Council

War Game: Ransomware – Global CISO Forum 2019

EC-Council

How to become a Security Behavior Alchemist – Global CISO Forum 2019 – Perry ...

EC-Council

Introduction to FAIR Risk Methodology – Global CISO Forum 2019 – Donna Gall...

EC-Council

Alexa is a snitch! Hacker Halted 2019 - Wes Widner

EC-Council

Hacker Halted 2018: Don't Panic! Big Data Analytics vs. Law Enforcement

EC-Council

Hacker Halted 2018: HACKING TRILLIAN: A 42-STEP SOLUTION TO EXPLOIT POST-VOGA...

EC-Council

Hacker Halted 2018: Breaking the Bad News: How to Prevent Your IR Messages fr...

EC-Council

Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...

EC-Council

Hacker Halted 2018: SE vs Predator: Using Social Engineering in ways I never ...

EC-Council

Mehr von EC-Council (20)

CyberOm - Hacking the Wellness Code in a Chaotic Cyber World

Cloud Security Architecture - a different approach

Phases of Incident Response

Weaponizing OSINT – Hacker Halted 2019 – Michael James

Hacking Your Career – Hacker Halted 2019 – Keith Turpin

Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee

Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver

DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...

Data in cars can be creepy – Hacker Halted 2019 – Andrea Amico

Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel Nader

Are your cloud servers under attack?– Hacker Halted 2019 – Brian Hileman

War Game: Ransomware – Global CISO Forum 2019

How to become a Security Behavior Alchemist – Global CISO Forum 2019 – Perry ...

Introduction to FAIR Risk Methodology – Global CISO Forum 2019 – Donna Gall...

Alexa is a snitch! Hacker Halted 2019 - Wes Widner

Hacker Halted 2018: Don't Panic! Big Data Analytics vs. Law Enforcement

Hacker Halted 2018: HACKING TRILLIAN: A 42-STEP SOLUTION TO EXPLOIT POST-VOGA...

Hacker Halted 2018: Breaking the Bad News: How to Prevent Your IR Messages fr...

Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...

Hacker Halted 2018: SE vs Predator: Using Social Engineering in ways I never ...

Kürzlich hochgeladen

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Delhi Call girls

CNv6 Instructor Chapter 6 Quality of Service

giselly40

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Histor y of HAM Radio presentation slide

vu2urc

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

Microsoft's Threat Matrix for Kubernetes helps organizations understand the attack surface a Kubernetes deployment introduces to their environments. This ensures that adequate detections and mitigations are in place. By covering over 40 different attacker techniques, defenders can learn about Kubernetes-specific mitigations and controls to deploy to their environments. In this session, we will explore the MS-TA9013 Host Path Mount technique, which is commonly used by attackers to perform privilege escalation in a Kubernetes cluster. Attendees will learn how attackers and defenders can: * Escape the container's host volume mount to gain persistence on an underlying node * Move laterally from the underlying node into the customer's cloud environment * Analyze Kubernetes audit logs to detect pods deployed with a hostPath mount * Deploy an admission controller that prevents new pods from using a hostPath mount

Breaking the Kubernetes Kill Chain: Host Path Mount

Puma Security, LLC

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

🐬 The future of MySQL is Postgres 🐘

RTylerCroy

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

Presentation on how to chat with PDF using ChatGPT code interpreter

naman860154

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

Explore 'The Codex of Business: Writing Software for Real-World Solutions,' a compelling SlideShare presentation that delves into digital transformation in healthcare. Discover through a detailed case study how Agile methodologies empower healthcare providers to develop, iterate, and refine digital solutions that address real-world challenges. Learn how strategic planning, user feedback, and continuous improvement drive success in deploying technologies that enhance patient care and operational efficiency. Ideal for healthcare professionals, IT specialists, and digital transformation advocates seeking actionable insights and practical examples of technology making a real difference.

The Codex of Business Writing Software for Real-World Solutions 2.pptx

Malak Abu Hammad

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “The Role of Taxonomy and Ontology in Semantic Layers” at a webinar hosted by Progress Semaphore on April 16, 2024. Taxonomies at their core enable effective tagging and retrieval of content, and combined with ontologies they extend to the management and understanding of related data. There are even greater benefits of taxonomies and ontologies to enhance your enterprise information architecture when applying them to a semantic layer. A survey by DBP-Institute found that enterprises using a semantic layer see their business outcomes improve by four times, while reducing their data and analytics costs. Extending taxonomies to a semantic layer can be a game-changing solution, allowing you to connect information silos, alleviate knowledge gaps, and derive new insights. Hedden, who specializes in taxonomy design and implementation, presented how the value of taxonomies shouldn’t reside in silos but be integrated with ontologies into a semantic layer. Learn about: - The essence and purpose of taxonomies and ontologies in information and knowledge management; - Advantages of semantic layers leveraging organizational taxonomies; and - Components and approaches to creating a semantic layer, including the integration of taxonomies and ontologies

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Enterprise Knowledge

08448380779 Call Girls In Friends Colony Women Seeking Men

Delhi Call girls

Kürzlich hochgeladen (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

CNv6 Instructor Chapter 6 Quality of Service

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Histor y of HAM Radio presentation slide

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

GenCyber Cyber Security Day Presentation

A Domino Admins Adventures (Engage 2024)

Artificial Intelligence: Facts and Myths

Scaling API-first – The story of a global engineering organization

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Breaking the Kubernetes Kill Chain: Host Path Mount

How to Troubleshoot Apps for the Modern Connected Worker

🐬 The future of MySQL is Postgres 🐘

Axa Assurance Maroc - Insurer Innovation Award 2024

Presentation on how to chat with PDF using ChatGPT code interpreter

Data Cloud, More than a CDP by Matt Robison

The Codex of Business Writing Software for Real-World Solutions 2.pptx

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

08448380779 Call Girls In Friends Colony Women Seeking Men

IoT Security – Executing an Effective Security Testing Process

1. IoT Security – Executing an Effective Security Testing Process

2. Introduction Deral Heiland – IoT Research Lead Rapid7 •25+ years IT •15 years security •8+ years security consultant pentesters www.hackerhalted.com

3. IoT Ecosystem IoT Testing Methodologies IoT Research & Results Questions Agenda

4. The IoT Ecosystem

5. Embedded Hardware Mobile & Control Applications Cloud APIs & Web Services Network Communication Data IoT Ecosystem

6. Help Identify exposure footprint Threat modeling for risk Determine Impact across ecosystem Conducting security testing Ecosystem Approach

7. IoT Testing Methodologies

8. Functional Evaluation Device Reconnaissance Cloud & Web APIs Mobile & Control Applications Network Physical Embedded hardware Inspection Physical Device Attacks Radio (RF) Testing Methodology Structure

9. Standard deployment Two environments Map out Features Functions Components Communication paths Functional Evaluation

10. Welcome to my real world lab Use the product to its full capacity Functional Evaluation

11. Component versions Software versions Vulnerability history Open source data White labeled product history User Manuals Component data/spec sheets FCC Data Device Reconnaissance

12. Device Reconnaissance

13. Eview Panic Button Reconnaissance User manual very revealing

14. Encryption (storage and transfer) Authentication Access rights Communication protocols SSL pinning Mobile & Control Applications

15. Mobile Application Wink Hub 2 Unencrypted Storage of Credentials

16. Insteon Smart Hub Unencrypted Storage of Credentials

17. Encryption (storage and transfer) Authentication and session management Common web vulnerabilities XSS CSRF Injection attacks ( SQLi etc..) Business logic attacks Cloud & Web APIs

18. Cloud API’s Wink Hub 2

19. Cloud API’s Wink Hub 2 Failure to Revoke Oauth Token

20. Exposed services Authentication Access rights Encryption Intra product “ecosystem” communication Network

21. Network Device Local Mode Security Loss of internet access Lack of authentication Lack of encryption

22. Osram Lightify Over The Air (OTA) Firmware Captures with Wireshark

23. Chips CPU Memory Communication Physical ports Ethernet USB Serial Circuitry connection UART JTAG SPI Physical Embedded hardware Inspection

24. JTAG/SWD UART SPI Memory extraction Firmware configurations Physical Device Attacks

25. Flash Memory Extraction on Wink Hub 2

26.

27. Flash Memory Extraction on Wink Hub 2

28. Gathering RF Configuration Data from Inter Chip Communication

29. Gathering RF Configuration Data from Inter Chip Communication

30. 1100101010000001 1100110001100111 1000000000111110 1010011111011000 1100010001110111 1100001001101100 1001011010000000 1001100001000100 1000001000011000 1100000011100000 Gathering RF Configuration Data from Inter Chip Communication

31. Firmware Extraction embedded Multi-Media Controller (eMMC)

32. Firmware Extraction embedded Multi-Media Controller (eMMC)

33. Firmware Extraction embedded Multi-Media Controller (eMMC)

34. Encryption Pairing Access control Command and control Replay attacks. Radio (RF)

35. RF Analysis Insteon Vulnerable to Replay Attacks

36. Circle back around for more Insteon RF recon •Peter Shipley •Defcon23 (False Security and Deceptive Documentation) •https://github.com/evilpete/insteonrf Appears this issues have never been correctly, specially the unencrypted communication – even on their own products Insteon RF Analysis Reconnaissance

37. Reduced issues Reduced risk Better products Deeper understanding Conclusion

38. Questions Deral Heiland - Research Lead (IoT) deral_heiland@rapid7 @percent_x http://www.rapid7.com

Hinweis der Redaktion

Use camera to examine and discuss board layout technology
Use camera to examine and discuss board layout technology
Use camera to examine and discuss board layout technology
Demo breakdown of uart on osram device video
Demo breakdown of uart on osram device video
Demo breakdown of uart on osram device video
Demo breakdown of uart on osram device video

IoT Security – Executing an Effective Security Testing Process

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie IoT Security – Executing an Effective Security Testing Process

Ähnlich wie IoT Security – Executing an Effective Security Testing Process (20)

Mehr von EC-Council

Mehr von EC-Council (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

IoT Security – Executing an Effective Security Testing Process

Hinweis der Redaktion