DEF CON 30 - Sam Quinn, Steve Povolny - Perimeter Breached Hacking an Access Control System
The first critical component to any attack is an entry point. As we lock down firewalls and routers, it can be easy to overlook the network-connected physical access control systems. A study done by IBM in 2021 showed that the average cost of a physical security compromise is $3.54 million and takes an average of 223 days to identify a breach. HID Mercury is a global distributor of access control systems with more than 20 OEM partners, deployed across multiple industries and certified for use in federal and state government facilities. Trellix's Advanced Threat Research team uncovered 4 unique 0-day vulnerabilities and 4 additional undisclosed vulnerabilities leading to remote, unauthenticated code execution on multiple HID Mercury access control panels. These findings lead to full system control including the ability for an attacker to remotely manipulate door locks. During this presentation, we will briefly cover the hardware debugging process, leading to a root shell on the target. We will explore in greater depth the vulnerability discovery techniques, including emulation, fuzzing, static and dynamic reverse engineering, and a detailed walkthrough of several of the most critical vulnerabilities. We’ll address our approach to exploitation using simplistic malware we designed to control system functionality and culminate the talk with a live demo featuring full system control, unlocking doors remotely without triggering any software notification

DEF CON 33 - Cash, Drugs, and Guns - Why Your Safes Aren't Safe - Mark Omo, James Rowley

DEFCON 19: Steal Everything, Kill Everyone, Cause Total Financial Ruin! (w speaker)

Cybersecurity Insider Sessions: A Practical Guide to Preparing for Mythos

Babak Javadi - Basics of Hacking Physical Access Control Systems - DEF CON 27 Wireless Village

DEF CON 33 - Unmasking the Snitch Puck: IoT surveillance tech in the school bathroom - Reynaldo, nyx

Kristopher Reese

Black Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood Hacker

Integrated SSDs Should Be Illegal, But Why Would They Care!

DEF CON 30 - Lennert Wouters - A Black-Box Security Evaluation of SpaceX Starlink User Terminal

Is Russia Actually Losing?

DEF CON 30 - Roger Dingledine - How Russia is trying to block Tor

Eyes of a Thief at Big Sky Cyber Summit at LMG

CompTIA Network+ Certification Video Course N10-006

Radio Hacking: Cars, Hardware, and more! - Samy Kamkar - AppSec California 2016

DEF CON 22 - Deviant Ollam & Howard Payne - Elevator Hacking - From the Pit to the Penthouse

Why Israel is the World's Top Hacking Nation | VICE: Cyberwar | Blueprint

DEF CON 23 - Dennis Maldonado - Are We Really Safe? - Bypassing Access Control Systems

DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox

Using NMAP Like a Red Team Operator (OPSEC Matters!)

