BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: HandPwning: "Your Hand is your Passport. Verify me. 
 Now let me\n   in!"\n   When: Friday\, Aug 9\, 13:00 - 13:25 PDT\n   Where
 : LVCC West/Floor 1/Hall 3/HW3-06-05 - [1]Map\n\n   Description:\n\n   Bio
 metrics applied to PACS (Physical Access Control Systems) has been\n   an 
 hot-topic for a few years now. The spread of fingerprint or face\n   recog
 nition based access control and time attendance systems among\n   corporat
 e\, industrial and military environments has surged. And with\n   it\, als
 o the number of potential attack vectors has increased. In this\n   talk\,
  after a brief overview of the state of art of available PACS\n   utilizin
 g biometrics to authenticate and authorize users\, we will\n   investigate
  one technology among others (usually perceived\n   less-invasive) that ha
 s been widely used in some specific fields (e.g.\n   industrial plants\, a
 irports\, food industry\, etc.): the handpunch\n   access control and time
  attendance systems. The handpunch PACS are\n   based on the hand-geometry
  recognition. In this presentation we will\n   have a look how this tech w
 orks and\, in particular\, we will focus our\n   attention on reviewing so
 me of existing handpunch devices: from a\n   physical security POV until r
 eversing the communication protocol.\n   Moreover\, during the presentatio
 n will be demonstrated how to remotely\n   push a new super-admin user int
 o it (i.e. persistent backdoor)\, how to\n   dump existing users credentia
 ls and will be also released an\n   opensource tool-suite: HandScan & Hand
 Pwner.\n\n   Eventually\, thanks the cooperation with Shodan’s creator\,
  it has\n   been confirmed that more than 1800 of these vulnerable devices
  were\n   found exposed on the Internet. Finally\, we will conclude the ta
 lk with\n   practical and actionable countermeasures to prevent these atta
 cks and\n   how to harden these devices.\n\n   SpeakerBio:  Luca "CYBERANT
 ANI" Bongiorni\, Founder at We Hack In\n   Disguise (WHID)\n   Luca Bongio
 rni is working as Director of a CyberSecurity Lab and is\n   Founder of WH
 ID - We Hack In Disguise: a cybersecurity boutique\n   focused on R&D offe
 nsive hardware implants and IIoT Security. Luca is\n   also actively invol
 ved in InfoSec where his main fields of research\n   are: Radio Networks\,
  Hardware Hacking\, Internet of Things\, and\n   Physical Security. At the
  moment\, he is focusing his researches on\n   bypassing biometric access 
 control systems\, IIoT Security & Forensics\,\n   Air-Gapped Environments 
 and IoOT (Internet of Offensive Things).\n   '\n\n   1. #LVCCW_Level1_Hall
 3\n\n\n
DTEND:20240809T202500Z
DTSTART:20240809T200000Z
LOCATION:ICSV - LVCC West/Floor 1/Hall 3/HW3-06-05
SUMMARY:HandPwning: "Your Hand is your Passport. Verify me. Now let me in!"
END:VEVENT
END:VCALENDAR