Black Hat Sessions 2018 - Keynote Recent Research regarding the security of SSL certificates in the Netherlands and the security of 4G voice communication (VoLTE) by Ralph Moonen, Technical Director Secura
Titled 'Vulnerable!', Ralph Moonen, CTO at Secura, showed during Black Hat Sessions 2018 how vulnerable people and systems have been, and are still today. The size of the digital threat landscape is ever-increasing due to systems and networks becoming progressively more interconnected. Actors often have a financial or espionage based motive to find and exploit vulnerabilities, which may lead to loss of business, or sometimes even life itself. Below you will find a brief report by Berry Busser, intern at Secura, of the keynote by Ralph Moonen. Here you will find the link to all brief reports and recordings.
Secura continuously aims to find vulnerabilities in order to responsibly disclose (RD) these issues to concerned parties. Ralph presented a few examples of found vulnerabilities. The first example included the investigation of Dutch TLS certificates, half of the certificates which were investigated were not valid, and quite a few used insecure algorithms and schemes. The second example consisted of RCE vulnerabilities which can gain control over other systems, often found during penetration tests.
Lastly, one of Ralph's personal interests involves weaknesses in telephony systems. 'Phreaking' is now made possible again due the emergence of Voice over 4G (VoLTE). A combination of own research and customer work resulted in several findings such as SMS spoofing, and the leakage of information including location data.
Ralph concluded that it was difficult to get attention from vendors in order to resolve vulnerabilities, even though these large vendors have RD policies. Additionally, finding vulnerabilities is not exclusive to pentesting, longer research is often necessary to successfully discover them. Furthermore, testing should include source code review and red teaming, while software development should adhere to security by design.