Archive for June, 2011

Reminder – Call for Papers DeepSec 2011 – deadline approaching

June 30, 2011

In case you have not yet prepared a submission for DeepSec 2011, please consider to do so. The deadline is approaching! We have already received submissions, but we have a hard time believing that everything is secure out there. That can’t be, you know it, and we know it. Submit your in-depths talks and workshops, […]

Tags: , ,
Posted in Administrivia, Conference Comments Off on Reminder – Call for Papers DeepSec 2011 – deadline approaching

Some Slides from DeepSec 2009

June 24, 2011

Some of you might already noticed the videos from the DeepSec 2009 conference on Vimeo. Sadly we don’t have all the slides for all talks, but here are some documents from our archive. #TwitterRisks: Bot C&C, Data Loss, Intel Collection & More by Ben Feinstein – Slides Dynamic Binary Instrumentation for Deobfuscation and Unpacking by […]

Tags: ,
Posted in Administrivia, Conference Comments Off on Some Slides from DeepSec 2009

Photographs from B Sides Vienna / Ninjacon

June 19, 2011

We’ve put some photographs from B Sides Vienna / Ninjacon online. You can view them at our Flickr page. The event was very cool, the security was tight(ly hacked), everyone had a lot of fun. We have not photographed the creative „Kinderhacks“, maybe someone else has some pictures.

Tags: , , ,
Posted in Conference, Veranstaltung Comments Off on Photographs from B Sides Vienna / Ninjacon

Talk: Data Exfiltration – not just for Hollywood

June 18, 2011

Iftach Ian Amit discusses infiltration of networks and exfiltration of data. Imagine you have completed the infiltration, data targeting and acquisition phase. You have secured the data you were looking for. Now what? How do you get to „your“ data out of highly secured environments? You need to avoid data loss protection (DLP) tools, avoid IPS/IDS, avoid […]

Tags: , , ,
Posted in Security Comments Off on Talk: Data Exfiltration – not just for Hollywood

Talk: Attack UPnP – The Useful plug and pwn protocols

June 18, 2011

Most firewall admins are quite allergic to Universal Plug and Play (UPnP). This is why it is usually turned off. Arron „Finux“ Finnon explains what UPnP can do. Its intended use is to facilitate data transmissions of UPnP-capable devices, meaning that these devices and software can use UPnP to poke holes into NAT devices and […]

Tags: , ,
Posted in Security Comments Off on Talk: Attack UPnP – The Useful plug and pwn protocols

Talk: Hacking Digital Measuring Devices

June 18, 2011

We just listened to the talk by Franz Lehner about „Hacking Digital Measuring Devices“. Smart meters are ubiquitous. A lot of measuring devices have turned digital and are composed of a small CPU with some memory and connections to sensors or data outlets. Calibration is always involved when you measure something. Having access to the […]

Tags: , ,
Posted in Security Comments Off on Talk: Hacking Digital Measuring Devices

See you at Ninjacon 2011 / BSidesVienna!

June 15, 2011

On June 18th the Ninjacon 2011 and the B Sides Vienna will take place. We will be present, help with the organisation, watch as many talks as possible and blog about it (at least we’ll send some tweets). If you got some time to spare, drop by (make sure you get a ticket first) or […]

Tags: , , , ,
Posted in Conference, Security Comments Off on See you at Ninjacon 2011 / BSidesVienna!

Is your car on the Internet?

June 14, 2011

We published some press releases in the past that dealt with networked subsystems in cars. Security researchers connected to the Controller-Area Network (CAN) and tried to inject commands (which worked scarily well). We claimed that automobile manufacturer were way behind in security compared to everyone who has to secure systems in the Internet. The claim […]

Tags: , , , ,
Posted in Security, Stories Comments Off on Is your car on the Internet?

DeepSec 2011 Focus: Usable Security

June 13, 2011

A few days ago we uploaded the keynote speech held by Matt Watchinski at DeepSec 2009. The title was: „Technology Won’t Save You, Only People Will“ This statement can be turned into the opposite: Technology won’t threaten you, people will. We’re not talking about threats from insiders turned rogue. We are talking about holes in […]

Tags: ,
Posted in Administrivia, Conference 2 Comments »

Tips for Conference Speakers

June 5, 2011

We’ve been through four DeepSec conferences already, and MiKa and me have talked in person at other events. Given the feedback we received about past DeepSec speakers, the video recordings and our own experience, we’d like to give everyone who is thinking about submitting a talk some advise. It really doesn’t matter if you are […]

Tags: , , ,
Posted in Discussion Comments Off on Tips for Conference Speakers

Registration for DeepSec 2011 is now open!

June 1, 2011

The registration for DeepSec 2011 is now officially open. You can register for the conference, workshops or both. We offer three booking phases: Early Bird, Regular and Last Minute. Please keep in mind that the Early Bird tickets are the cheapest. The longer you wait, the more you have to pay. Since the Call for […]

Tags: , , , ,
Posted in Administrivia, Conference Comments Off on Registration for DeepSec 2011 is now open!