Archive for October, 2015

DeepSec 2015 Talk: Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library – Bernhard Göschlberger & Sebastian Göttfert

October 8, 2015

Upgrading existing infrastructure and migrating from one architecture to another is often the way to keep your information technology up-to-date. Changing major revisions of software is not for the faint of heart. Many sysadmins sacrificed a good portion of their life force just to jump to the next version. Sometimes you are simply stuck. Code […]

Tags: , , , , ,
Posted in Conference, Development, Security Comments Off on DeepSec 2015 Talk: Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library – Bernhard Göschlberger & Sebastian Göttfert

DeepSec 2015 Workshop: Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices – Alexander Bolshev & Boris Ryutin

October 7, 2015

The Internet of Things (IoT), more common known as the Internet of Stuff, is all around us. You don’t have to wait for it any more. Take a peek at the search results from Shodan and you will see that lots of devices are connected to the Internet. Since your refrigerator does not run high […]

Tags: , , , , ,
Posted in Conference, Training 3 Comments »

DeepSec 2015 Workshop: Crypto Attacks – Juraj Somorovsky & Tibor Jager

October 5, 2015

Fvcelsiuetwq lcv xlt hsyhv xd kexh yw pdp, tlkli? Well, yes and no. ITEzISqbI1ABITAhITAhLZzQFsQ6JnkhMTMhpNK5F5rF9dctkiExMyEv9Fh1ITMzIaX2VCJpEQc= , and that’s where it often goes wrong. Your cryptographic defence can be attacked just as any other barrier you can come up with. Attackers never sleep, you know. Crypto attacks are often facilitated by a simple psychological bias: Since cryptographic […]

Tags: , ,
Posted in Conference, Training 5 Comments »

DeepSec 2015 Workshop: Practical Incident Handling – Felix Schallock

October 4, 2015

Things go wrong or break, it’s just a matter of time. Ask your sysadmin about this. Apart from wear and tear, there are information security incidents that tend to ruin your perfect day at the office. What happens next? What do you do when noticing that your infrastructure has been compromised? Where do you start? […]

Tags: , , , , ,
Posted in Conference, Security, Training Comments Off on DeepSec 2015 Workshop: Practical Incident Handling – Felix Schallock

DeepSec 2015 Talk: Continuous Intrusion – Why CI Tools Are an Attacker’s Best Friend – Nikhil Mittal

October 3, 2015

In information security pessimism rules. Unfortunately. Extreme Programming might breed extreme problems, too. The short-lived app software cycle is a prime example. If your main goal is to hit the app store as soon and as often as possible, then critical bugs will show up faster than you can spell XCodeGhost. The development infrastructure has […]

Tags: , , , , , , ,
Posted in Conference, Development, Security 1 Comment »

DeepSec 2015 Talk: Visualizing Wi-Fi Packets the Hacker’s Way – Milan Gabor

October 2, 2015

Silent service was the name many submarine services gave themselves. U-boats have the habit of hiding, usually in large bodies of water. How Not To Be Seen remains the prime directive of attackers throughout the age. For the submarines this changed with the introduction of ASDIC and SONAR. You know these technologies from the acoustic […]

Tags: , , , , ,
Posted in Conference, Internet 3 Comments »

DeepSec2015 Talk: Hacking Cookies in Modern Web Applications and Browsers – a short Interview with Dawid Czagan

October 1, 2015

You don’t have to be the cookie monster to see cookies all around us. The World Wide Web is full of it. Make sure not to underestimate their impact on information security. Dawid Czagan will tell you why. 1) Please tell us the top 5 facts about your talk. The following topics will be presented: […]

Tags: , , , , , , , ,
Posted in Discussion, Interview, Security 1 Comment »