Matt Belvedere
Matthew is a principal security consultant within the Proactive Labs team, with over 15 year’s
experience in the Information Technology industry, and with 8 years in offensive security.
Matthew regularly develops bespoke tooling for engagements, and has
also performed other technical roles outside of penetration testing, including development of
open-source collection systems, and technical advisory for uplifting large government organisations.
Session
Have you ever blamed cosmic rays for a computer misbehaving? It’s more common than you think! Join us on our practical adventure of measuring bitflips in DNS traffic, resulting in over a years' worth of collected data from bitflips in a very prominent Australian top-level domain.
Bitsquatting is a form of cybersquatting which relies on bit-flip errors that occur during the process of making a DNS request – and has been known about for over 14 years. Practically, this results in machines resolving DNS incorrectly, with a potentially attacker-controlled DNS server.
We explore our data collected for a specific dataset of Australian domains and offer insights into the practical side of exploiting systems in weird ways, including coerced authentication between system-to-system integrations.