Talk - Infectious Media with Rubber Ducky

Name: Talk - Infectious Media with Rubber Ducky
Start: 2015-11-27T07:30:00+13:00
End: 2015-11-27T07:37:00+13:00
Location: Speight’s Ale House, Function Room, 263 Bealey Avenue, Christchurch

Kim Carter

Abstract

This talk is based on the Infectious Media section in the People chapter of Kims new book Holistic Infosec for Web Developers and also demonstrated in Kim’s Kiwicon training.

Date

Nov 27, 2015 07:30 AM — 07:37 AM

Event

Toastmasters (Boaters)

Location

Speight’s Ale House, Function Room, 263 Bealey Avenue, Christchurch

In this talk Kim walks through the psychology of why humans succumb to infectious media attacks and how the attacker is easily able to leverage the human weaknesses to do their bidding. This is a very useful and effective approach at getting inside a target organisation with no physical or network access.

When the human weaknesses are coupled with the inherent trust of Human Interface Devices (HID) we have a recipe for success, or disaster depending on which side of the equation you are on.

Kim walks through:

Ducky Script
Encoding the payload
Loading the SD card and card into the device
Distributing the devices
Launching attacks

The community contributed attacks are also discussed and how to extend them.

Finally mitigation techniques are explored. Including using the device of compromise to train potential targets how not to be targets.

talk hacking cybersecurity holistic-info-sec-for-web-developers information-security infosec people-security physical-security security security-weaknesses

Kim Carter

Technologist / Engineer, Information Security Professional

Technologist / Engineer, Information Security Professional, Entrepreneur and the founder of BinaryMist Ltd and PurpleTeam-Labs. Ex OWASP NZ Chapter Leader of eight years. Certified Scrum Master. Facilitator, mentor and motivator of cross functional, self managing teams. With a solid 20 years of commercial industry experience across many domains.