Archive for November, 2014

DeepSec 2014 Opening – Would you like to know more?

November 20, 2014

DeepSec 2014 is open. Right now we start the two tracks with all the presentations found in our schedule. It was hard to find a selection, because we received a lot of submissions with top quality content. We hope that the talks you attend give you some new perspectives, fresh information, and new ideas how […]

Tags: , ,
Posted in Conference, High Entropy 6 Comments »

BIOS-based Hypervisor Threats

November 20, 2014

The DeepSec 2014 schedule features a presentation about (hidden) hypervisors in server BIOS environments. The research is based on a Russian analysis of a Malicious BIOS Loaded Hypervisor (conducted between 2007 and 2010) and studies published by the University of Michigan in 2005/2006 as well as 2012/2013. The latter publications discuss the capabilities of a […]

Tags: , , , ,
Posted in Discussion, High Entropy, Security 7 Comments »

DeepSec 2014 Talk: Why IT Security Is ████ed Up And What We Can Do About It

November 15, 2014

Given the many colourful vulnerabilities published (with or without logo) and attacks seen in the past 12 months, one wonders if IT Security works at all. Of course, 100% of all statistics are fake, and only looking at the things that went wrong gives a biased impression. So what’s ████ed up with IT Security? Are […]

Tags: , , , ,
Posted in Conference, High Entropy 2 Comments »

New Article for the DeepSec Proceedings Publication

November 15, 2014

In cooperation with the Magdeburger Institut für Sicherheitsforschung (MIS) we publish selected articles covering topics of past DeepSec conferences. The publication offers an in-depth description which extend the conference presentation and includes a follow-up with updated information. Latest addition is Marco Lancini’s article titled Social Authentication: Vulnerabilities, Mitigations, and Redesign. High-value services have introduced two-factor […]

Tags: , ,
Posted in Conference, Security 3 Comments »

DeepSec 2014 Talk: The IPv6 Snort Plugin

November 12, 2014

The deployment of the new Internet Protocol Version 6 (IPv6) is gathering momentum. A lot of applications now have IPv6 capabilities. This includes security software. Routers and firewall systems were first, now there are also plugins and filters available for intrusion detection software such as Snort. Martin Schütte will present the IPv6 Snort Plugin at […]

Tags: , , ,
Posted in Conference, Internet 1 Comment »