The past few years Compiled HTML (CHM) Help files have been utilized by malware authors to sneak malicious downloader code into files making them harder to detect. The CHM format is often used for software documentation. Attackers use Microsoft Compiled HTML .chm file as trojan attached to spam messages. Packing the software with malicious help file or tricking the user to replace genuine chm can result in compromise of target system.

Internet of Things (IoT) products proliferate the market today. They manifest in different forms – right from a pacemaker inside a human body, to an oil and gas rig monitoring device in the remotest locations on the planet. IoT products use small hardware devices and are strict low power consumption requirements. An IoT product should be developed considering these shortcomings. The IEEE 802.15.4 is a standard developed for low-rate wireless personal area networks (LR-WPANs) mainly used in Industrial IoT (IIoT). The base specification of the standard does not specify how to secure the traffic between the IoT devices and the backend infrastructure, so there are often vulnerabilities in the design and implementation. In this presentation, we show how it is possible to use publicly available hardware and software tools to sniff, capture and inject packets in an IEEE 802.15.4 based wireless sensor network and also the defence mechanism that are effective against these attacks.

The Embedded Industry evolved revolutionary in to connected world. The Internet of Things are not only capable of sharing analytical information on the network but has artificial intelligence for fault tolerance for the given environmental inputs. But at the same time these devices used frameworks and technologies which are not on security by design. These devices can be controlled over the Internet through conventional protocols. The development of many of these connected devices are archived by combining, rebuilding & and evolving the existing technologies and frameworks. The deep insight analysis of the technology used can provide us broaden scope for security loopholes in to these devices. And when a device in connected environment got hacked, it exposes entire enterprise/home network into attack. Therefor it is an immense need of defense in depth for connected IoT devices, starting from software technologies to in depth of hardware components. An embedded electronic system with computational or storage capacity which can share the information or status to other system or controlled by other system over the network called and IoT device. The embedded device stack for security consist of Application, platform, Transmission Protocols, Bootloader, firmware, Kernel, RootFS, Hardware Protocols, Hardware SoC components. There is scope for hardening for security in each layer of the stack accordingly, because each layer of the stack has its possibility of exploitation. The layered approach of secure implementation for Embedded device can make the world a better place for security. So, it starts from secure practices of protocols configurations to secure implementation of hardware components. The in-depth approach for encryption, encoding, obfuscation, symmetric keys and Public key infrastructure in different layers of architecture can assure the robustness of the complexity of security in Connected Embedded devices for integrity, privacy, protection & safety. The optimized level of protection needed for every layer of architecture since the business requirement of every system varies from one device to another and one component to another.

The Health Care Industry has evolved exponentially over the last decade. It's no secret that advancement in technology & it's adoption was the driving force behind this positive growth. Initially, interfaces between medical devices were custom designed & posed a huge challenge as far as interoperability was concerned. HealthCare standards like HL7 & DICOM standards have come to the rescue by providing interoperability to store, manage & exchange information among one or more devices, product, systems etc. HL7 is a set of international standards for the exchange, integration, sharing, and retrieval of electronic health information. DICOM (Digital Imaging & Communications in Medicine) is the international standard for the communication and storage of medical images and related data. Both of the standards are supported by the majority of vendors & hospitals however secure implementation of these standards is still a concern as security risks were given less importance while designing products (software & hardware) for healthcare services. This presentation will be primarily focused on HL7 2.x & DICOM messages, their implementation, the sensitivity of the information and how to attack these messages. The talk will also cover penetration testing of the medical devices / system in the hospital network and the approach that needs to be taken to pentest the medical devices / system. The talk will be concluded by sharing insights on the proper implementation of these standards to better defend healthcare devices & systems against cyber-attacks.

Is your product or application has a mobile app? Do you use any of AWS services? Are your product security engineers working on mobile application security? Looking for information about the importance of mobile app security? If your answer is yes to any of these questions then this talk is for you! This talk will discuss recent case studies of critical findings in mobile apps and also help to adopt skills required to perform penetration testing / security audit of iOS applications using free an open source tool - OWASP iGoat.

A small handheld device today stores more PII information than what you might have on your desktop, laptop or cloud. Mobile devices have become ubiquitous, and people of all sections of society have become highly dependent on them. Even though the usage of Android phones has increased drastically, the awareness about the risks that we have exposed ourselves to, is still limited. Every time we download an app from the Play Store, and every time we grant a permission to an unknown app, do we really know what's happening in the background? Modern mobile applications are now using web components to establish connections over the Internet through several API calls. Our mobile apps are using both, client-side and server-side components, to provide us with the rich user experiences that make us highly effective and efficient in conducting our day-to-day tasks. While on one hand, we are becoming technologically advanced, on the other hand, we are losing control of our own digital identities. The attack surface is increasing multifold; security weaknesses are lurking around us in multiple forms; and attackers are waiting to exploit the security flaws that might have surfaced due to security misconfigurations. Android users are constantly under the threat of security vulnerabilities that could lead to data theft and code execution issues. In this information era, data is everything and we cannot afford to leak our personal details to someone with malicious intentions. As security professionals, we must play our part in reducing the attack surface for our mobile users by first becoming aware of the security weaknesses and then spreading that awareness amongst those in our vicinity. The takeaways from this talk would be: 1. Understanding the components of an Android application 1. Activities 2. Intents 3. Broadcast Receivers 4. Services 5. Content Providers 2. Understanding OWASP Mobile Top 10 1. What is the security flaw 2. Why does it matter 3. How to test the vulnerability 3. Understanding what could be done to secure Android applications