当前位置:首页 > 报告详情

弗拉德斯拉夫·巴布金_保护网络设备新技术和旧挑战.pdf

上传人: 张** 编号:175505 2024-09-13 27页 3.13MB

1、#BHUSA BlackHatEventsSecuring Network AppliancesSecuring Network Appliances:New Technologies and Old ChallengesSpeaker:Vladyslav Babkin#BHUSA BlackHatEvents$whoamiVladyslav Babkin(“hotab”)Network&Web Hacker,Web Developer Long-time CTF player(team dcua)Security Researcher Eclypsium Twitter:HotabZero#

2、BHUSA BlackHatEventsHOW DID NETWORK DEVICES EVOLVE?#BHUSA BlackHatEvents2005 First Cisco Rootkit2008 Operation Cisco Raider2015 SYNFUL Knock Cisco ROMMON Attack Juniper Backdoors 2016 Shadow Brokers2017 Vault 7 leak2018 VPNFilter Campaign Cisco Backdoors2019 FortiOS Vulnerability Echobot Solarwinds

3、Attack#BHUSA BlackHatEvents2020 Citrix Vulnerability Pulse VPN Campaign Fox Kitten Campaign Sophos Zero-Day F5 1st 10.0 CVSS Netwalker Attacks Chinese Attacks2021 Cring Ransomware Pulse Secure Vulnerability F5 Vulnerabilities SonicWall Vulnerabilities Fortinet Attacks2022 Cyclops Blink F5 BI-IP Vuln

4、erability Citrix APT Campaign FortiGate Zero-Day2023 Fortinet Zero-Day Jaguar Tooth Malware Zyxel-based Botnet Volt Typhoon CISA Directive Citrix Zero-Day Akira and Lockbit BlackTech Cisco Zero-Days2024 Ivanti Zero-Days SOHO Router Attacks Fortinet Zero-Day XZ Implant#BHUSA BlackHatEventsExtra Conte

5、xtMany attacks have tweet-sized PoC(like CVE-2022-1388)Issues are basic web app problemsSimilar problems shared with BMC(Baseboard Management Controller)Modern devices are in some cases full x86-64 server platforms,so all Server/PC/web app issues apply.#BHUSA BlackHatEventsWe got much more powerful

6、platforms on-board the devices.This means dynamic languages on IoT devices(Lua,PHP,etc)-with their staple problems Bigger devices and central management appliances can have databases on them Full scale linux with a single user.Of course,root.Everything is root like in the good ol times!Full set of o

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要探讨了网络设备安全的新技术挑战与旧问题。演讲者Vladyslav Babkin分享了他的专业背景,包括作为网络与Web黑客、Web开发者、长期CTF玩家以及安全研究员的经历。他详细列举了近年来针对网络设备的攻击事件,如Cisco Rootkit、Operation Cisco Raider、SYNFUL Knock等,并指出许多攻击利用的是基本Web应用问题。 Babkin指出,现代设备在某些情况下是完整的x86-64服务器平台,具有动态语言和数据库,但这也带来了新的安全挑战。他还提到了CISA和DARPA关于软件产品内存安全性和隔离的倡议,并以F5 BIG-IP平台为例,说明了使用k8s和Go语言可以提升设备安全性。 然而,Babkin也指出,尽管有这些改进,但仍存在诸如SSRF、SQL注入、XSS等漏洞。他通过实际漏洞案例,如CVE-2024-21793和CVE-2024-26026,说明了即使采用了现代技术,设备配置中的安全问题仍然存在。最后,Babkin认为,要解决这些问题,需要更好地应用软件工程原则,并确保软件供应链的安全。
挑战与新技术" "如何应对网络设备中的旧挑战与新威胁?" 是网络设备安全的银弹吗?"
客服
商务合作
小程序
服务号
折叠