Overview
Explore a riveting DEF CON 32 security talk that uncovers a personal investigation turned major vulnerability discovery after a Christmas Day modem hack in 2021. Follow along a three-year journey of web research into ISP security, beginning with a suspicious traffic replay from an unknown IP address and culminating in the discovery of critical vulnerabilities affecting millions of broadband devices. Learn about the increasing centralization of broadband equipment and its security implications, while gaining insights into how these vulnerabilities enable passive monitoring, configuration manipulation, and remote command execution on affected devices. Delve into the methodical investigation process, technical findings, and broader implications for ISP infrastructure security in this 25-minute presentation.
Syllabus
Intro
Who am I
Who hacked my modem
Hacking millions of modems
Centralization
References
Taught by
DEFCONConference