Shuttling Through Secret Pipes: Unveiling Vulnerabilities in Leading VPNs

September 27, 2024 (GMT +8)
13:45
Ballroom 1 & 2
     

Join us at the "Cellular Assault Village" for an eye-opening presentation. In this talk, we will dive deep into the vulnerabilities that lurk within our everyday mobile communications, revealing how both voice calls and SMS messages can be intercepted. We’ll explore the mechanics behind passive and active interceptors, shedding light on how these tools can be used to eavesdrop on seemingly secure conversations. You’ll see how the Cellular Assault Village team has developed custom hardware that mimics the functionalities of expensive commercial interceptors, leveraging Software-Defined Radios (SDRs) and other innovative techniques to achieve similar results at a fraction of the cost. The presentation will also cover the dangers of SMS phishing, including demonstrations of spoofed number attacks and other deceptive tactics used to manipulate unsuspecting users. By the end of this session, you'll have a comprehensive understanding of the threats facing mobile security today and the creative solutions that can be employed to counteract them. Whether you’re a security professional, a hacker, or just someone interested in the dark side of mobile technology, this presentation will equip you with the knowledge to better protect yourself and others from these pervasive threats.

Speaker

Zeze Lin Zeze, a Windows security specialist working with TeamT5. He's credited with discovering and reporting numerous CVEs pertaining to Windows. In addition to his role at TeamT5, Zeze serves as a volunteer staff member at HITCON and actively participates in CTF games. Notably, he clinched the 3rd place position with TWN48 in DEF CON CTF 2023 (and qualified to DEF CON CTF 2024 with the team "if this works we'll get fewer for next year"). Moreover, Zeze is a speaker having presented at esteemed conferences such as CodeBlue, HITCON, VXCON, and CYBERSEC.

« Back