BSidesSATX 2023

Homophonic Collisions: Hold Me Closer, Tony Danza
2023-06-10, 14:30–14:55, Track 1 (UC Conference Rm A)

We’ll demonstrate a few practical approaches to exploiting human misunderstanding as a result of homophones to passively collect sensitive information, along with some redacted real-world examples. Domains registered for soundsquatting purposes are likely to be missed by typosquatting detection tools like DNSTwist. We will release defensive and detection mechanisms to help find vulnerable use cases within registered domains, language packaging pipelines, and social media handles.

This talk will delve into the risks posed by homophonic collisions, an understudied vector for cybersecurity threats. Despite extensive research on domain generation algorithms for homoglyphs and typosquatting, there has been relatively little research on homophonic collisions, which take advantage of human audible misinterpretations.

The talk will examine the practical implications of homophonic collisions and discuss existing vulnerabilities in human perception and our systems. Attendees will learn about the limitations of current detection tools and gain insights into new detection methodologies that account for human misunderstandings.

Real-world examples of the risks associated with homophonic collisions will be shared, and strategies for protecting brand and critical assets will be covered. We will demo our tooling to detect soundsquatted entities.

This talk is relevant to cybersecurity professionals and anyone interested in the latest developments in cybersecurity threats. It will provide valuable insights into this rapidly-evolving field and equip attendees with practical skills for detecting and mitigating the risks associated with homophonic collisions.

Reagan Short is a Technical Director on the Operations Innovation team for Managed Security Services at BlueVoyant. He primarily works alongside SOC, detection content, threat intel, and platform engineering teams to build and refine technologies and processes. Working with queries, graphs, pivot tables, mind maps, and diagrams, he enjoys applying innovation to detect, analyze, and mitigate evil at scale.

Justin Ibarra is the leader of the Threat Research and Detection Engineering team at Elastic, where he was previously a principal security research engineer. He focuses on many aspects of offensive and defensive security research, including endpoint, cloud, and web based technologies. He spends a lot of time in telemetry and building detection capabilities, while also continually looking for ways to advance and evolve detection engineering approaches and principles.