January TASK: The Art of Denying Service in GraphQL APIs / Modern Attacks Against the Windows Kernel

Join us for our next TASK live and in-person on Wednesday, January 31!
Time: 6:00 PM
Location: Room 317, Centre for Urban Innovation, TMU, 44 Gerrard Street East
Register: Not required


Topic: Turning Servers into Couch Potatoes: The Art of Denying Service in GraphQL APIs

Speakers: Dolev Farhi and Nick Aleks

In this presentation, we'll delve into the robust query language of GraphQL. We'll start by covering the fundamentals of GraphQL and then take a detailed look at different vectors for GraphQL Denial of Service (DoS) attacks. Following that, we'll showcase demonstrations of DoS attacks and their consequential effects on GraphQL servers.

Additionally, we'll share insights into our journey as security professionals, outlining the comprehensive learning process we undertook to master GraphQL. We'll shed light on the research dedicated to understanding the offensive security dimensions of GraphQL, a venture that ultimately culminated in the publication of "Black Hat GraphQL", a No Starch Press book.

Dolev Farhi is a security engineer and author of Black Hat GraphQL (No Starch Press, 2023) with extensive experience leading security engineering teams in the fintech and cybersecurity industries. Currently, he is a Distinguished Security Engineer at Palo Alto Networks, building defenses for the largest cybersecurity company in the world.

Nick Aleks is a prominent cybersecurity leader, whose work has been vital in protecting the financial data of millions of Canadians. He is the Senior Director of Security at Wealthsimple and has served as a patented Distinguished Security Engineer at TD Bank. Nick is also the Chief Hacking Officer at ASEC.IO and author of Black Hat GraphQL (No Starch Press, 2023), and serves as a Senior Advisory Board Member for the University of Guelph and George Brown’s cybersecurity programs. Nick specializes in offensive security, penetration testing and has over a decade of experience hacking everything from websites, safes, locks, cars, drones and even smart buildings.


Topic: Modern Attacks Against the Windows Kernel

Speaker: Lee Kegan

With modern Windows 10 and 11 operating systems, attacks aimed at compromising the kernel, loading drivers and the like, has become much harder to do. However, this does not mean it's impossible. In fact, with the popularity gaining traction from offensive resources such as Bring Your Own Vulnerable Driver (BYOVD) and the LOLDrivers project, security researchers have opened up another relatively low barrier of entry against the realm of kernel land.

In this talk, we'll explore the existing and more current defensive measures in place to guard the kernel and ring 0 as a whole. Then walk through and demonstrate various evasions, bypasses and ways to abuse the Windows kernel beginning from hardware and working our way down to compromise it from user land. This is a technical talk however no special prerequisite knowledge is required.

Lee Kagan is a research and development specialist with 14 years experience in information security. Specialized in low-level research and analysis to assist organizations in assessing security controls, training customer internal offensive and defensive engineers, and security program maturation exercises and assessments. Experienced in offensive tool development, threat hunting, detection engineering, evasion and bypass research, malware analysis, Active Directory security, Microsoft Windows internals & security, and Microsoft Azure security.

Lee is a former senior researcher at Symantec and is currently a senior consultant at Lares.

We look forward to see you all there!
The TASK Steering Committee

Previous
Previous

February TASK: Celebrating Security Community in Toronto

Next
Next

November TASK: Working with MSSPs and Malware Analysis