Bishop Fox to Demonstrate Three Innovative Tools at Black Hat Tools Arsenal in Las Vegas

Las Vegas, NV (PRWEB) July 31, 2014

Bishop Fox IT security researchers plan to unveil three new tools at the Black Hat Tools Arsenal in Las Vegas this week. The Tools Arsenal is a tool/demonstration area where independent researchers and the open-source community can showcase new tools or weapons that can help the security community keep up with the threat landscape.

Dan Petro, Senior Security Analyst at Bishop Fox, will present Rickrolling Your Neighbors with Google Chromecast on Wednesday, Aug. 6 at 12:45 PM PST at Mandalay Bay. Dan designed the Rickmote Controller, which illustrates how attackers can easily hijack users Chromecast-enabled televisions and play any video of their choice.

My research is intended to show a fun pranking tool, but Chromecast is a flagship Google product used by millions of people, said Petro. This is a case of security coming second to usability, and there are likely similar issues with other smart devices. I wouldn’t be surprised if the Chromecast exploit worked against them as well.


Joe DeMesy, Senior Security Associate at Bishop Fox, is presenting his iSPY iOS security assessment toolkit at the Arsenal. iSPY is an automated toolkit for advanced iOS hacking, reversing, and debugging. DeMesy will release a reverse sandbox that can run iOS apps on jail-broken devices. Hell also demonstrate how to defeat common anti-jail breaking checks in minutes.

For years, security researchers have unveiled new iOS hacking research and tools at Black Hat. ISPY is not just any iOS toolkit; Ill be introducing the world to a new, improved breed, DeMesy added.

Oops, I RFIDID It Again

Fran Brown, Partner at Bishop Fox, will be presenting Oops, I RFIDID It

Again at the Black Hat Arsenal. This presentation serves as a follow-up to Browns RFID research at Black Hat 2013. In this second installment, Brown will hack high-frequency (HF) and ultra-high frequency (UHF) systems, and explain how to build a RFID penetration toolkit.

The applications for HF and UHF technologies extend beyond the realm of physical access control. They can be found in credit cards, e-Passports, enhanced drivers licenses, ski passes, NFC reward cards, public transit passes, and are even used as the foundation of Disneys new MyMagic+ initiative.

Brown will also release a slew of new and free RFID hacking tools made from Arduino microcontrollers, Raspberry Pis, phone/tablet apps, and 3-D printing. On a closing note, he will discuss how to defend against HF/UHF RFID hacking threats.

RFID security hasnt changed much in the past year since I presented my research at Black Hat, Brown said. My further research in this area shows the increased implications of hacking high frequency and ultra-high frequency systems, and why we can no longer ignore this problem.

About Bishop Fox

Bishop Fox is a global security consulting firm. They are the trusted advisors to the Fortune 1000, financial institutions, and high-tech startups helping to secure their commerce, data, IT infrastructure, and intellectual property. Founded in 2005, their team consists of dedicated individuals with a combined 400+ years of experience working in both corporate America and global security.

In addition to authoring several best-selling security books, writing numerous industry articles, and being cited in well-respected journals, the Bishop Fox team has been presenting its security research for more than a decade. Bishop Fox speakers have been featured at many top security industry venues, including Black Hat, DEF CON, RSA, InfoSecWorld, OWASP, SANS, and Microsoft BlueHat.

Leave a Reply