Home 2° Aperitech
SPEAKER: Lorenzo 'lopoc' Cococcia and Michelangelo 'pinguin0' Morrillo
TITLE: Hidden in the cloud? Even there, You Can't Cheat Time
BIO lopoc: Lopoc is a child of two worlds: computing and physics. He began his journey in cracking and later moved into malware analysis, incident response, and cyber threat intelligence. He is interested in the intersection of physics and mathematics with the world of hacking and computing, and believes that curiosity remains the true value in this field.
BIO pinguin0: A DevOps Engineer with over 5 years of experience, he currently works at Arduino, focusing on the Cloud. A member of the Metro Olografix association, he took his first steps into the world of open source and hacking by participating in MOCA 2012.
ABSTRACT: The Cloud has radically transformed the approach to infrastructure and software, introducing new tools for cyber threat intelligence actors. The use of CDNs, such as Cloudfront, to hide C2 (Command and Control) has become increasingly common. This reduces detectability and masks the real location simply and economically. Spoiler alert: the idea that a simple ping and a few clicks on various IP geolocation services are sufficient is dead. During the presentation, we will examine how CDNs work, understanding why they can be exploited by malicious actors, how they function, and what they allow.
The research, starting from a highly theoretical approach to trilateration, aims to demonstrate that despite the complexities of the Cloud and the underlying Internet, there is a way to obtain useful information on the location of something behind a CDN—a valuable insight for Cyber Threat Intelligence with many unexpected ramifications. Presented as "Latency Trilateration" at DEF CON in Las Vegas last August, this technique leverages some unbreakable principles of physics, a bit of mathematics, and a few lines of code! It challenges the notion that "nothing can be done" in the face of certain problems, but hackers have never been fond of that idea!
WHEN: 22/12/23 - 18:30
WHERE: BearIT, Strada Prati 67, Pescara