Skip to content
BLACKOUT
☰

Fingerprinting at the Frontier: How Edge Cases and Ambiguities can help Attribute Digital Attacks 🇬🇧

6Jul2024
Time: 13:30 > 14:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage

Can an ambiguity in a popular file format be used to geolocate customers of a spyware platform? Can an improperly handled edge case in the IP protocol illuminate exports of network attack tools? Yes, and yes! In this talk, we will present several concrete examples of what we call “fingerprinting at the frontier”: building fingerprints to track digital attacks based on the unique ways in which ambiguities and edge cases in specifications and standards may affect attackers. We will show how this technique can sometimes provide valuable context that can even indicate those who may be responsible for attacks. The goal of this talk is to inspire OSINT and threat intelligence practitioners to consider a method that they may not have previously thought of.

Bill Marczak

Bill Marczak is a Senior Researcher at the University of Toronto’s Citizen Lab where he investigates novel surveillance and censorship tools that threaten Internet freedom. Bill received his PhD in Computer Science from UC Berkeley. Some of Bill’s greatest hits include leading the first public report about NSO Group’s Pegasus spyware, and the capture of the ForcedEntry and BlastPass iOS zero-click exploits. Coverage of Bill’s work has been featured in Vanity Fair, the New York Times, and on CNN and 60 Minutes.

https://x.com/billmarczak

https://www.linkedin.com/in/bill-marczak-46535456/

More OSINT VILLAGE

Dernières Nouvelles

Call for Papers has ended!

We received a large number of submissions, bear with us while we’re scooping across the stack!
We’ll update you on your submission status ASAP!

Thank you!

leHACK:2024 – BOOK YOUR SEAT!

Early Birds had been raffled!

STANDARD TICKETS are still available but flying away, quick!

> COME GET SOME <

leHACK 2024 CFP is opened!

For the 20th year, leHACK will host a prestigious talk lineup.

Wether you are a security researcher, a hacker,a freak, or a unicorn, you can come on stage and share your unique knowledge with your pairs.

Si vous voulez présenter un talk @ leHACK2024, RTFM