Author Archive

ROOTS 2017, DeepSec, and DeepINTEL Call for Papers are still open

June 26, 2017

Our wonderful world of technology is full of surprises, bugs, intentional weaknesses, adversaries, defenders, vendors, and users. Some software just got more lines of code instead of a decent audit or refactoring. Everything is turning smart, but no one knows what smart really means. Big Data is all the fashion, Big Knowledge still isn’t. So […]

Tags: , , , ,
Posted in Call for Papers, Internet, Security, Security Intelligence No Comments »

BSidesLondon 2017 – Sharing is indeed Caring

June 20, 2017

When airport security meets information security it’s usually BSidesLondon time. It was a great experience. And since DeepSec sponsors the Rookie Track we had a very tough decision to make. It’s really hard to pick a winner. A lot of presentations were excellent, and the presenters made the most out of the 15 minutes. The […]

Tags: , ,
Posted in Discussion, High Entropy No Comments »

The Future of Entangled Security States – Quantum Computing Conference in Berlin

May 25, 2017

Quantum computing is a fashionable term these days. Some IT news articles are talking about post-quantum cryptography, qbits, and more quantum stuff. If you don’t know how the terms relate to each other, what entangled states in quantum physics are, and what everything has to do with computing, then you will have a hard time […]

Tags: , , , ,
Posted in Conference, Security No Comments »

Biometrics and Failures in understanding Security – Copy & Paste Iris Scans

May 23, 2017

Biometrics has an irresistible attraction. Simply by mentioning the fact that you can measure parts (or surfaces) of the body and convert them to numbers a lot of people are impressed out of their mind. Literally. In theory biometric information serves as a second set of data to be used for any purposes. A common […]

Tags: , ,
Posted in High Entropy, Security No Comments »

Disinformation Warfare – Attribution makes you Wannacry

May 16, 2017

After the Wannacry malware wreaked havoc in networks, ticket vending machines, companies, and hospitals the clean-up has begun. This also means that the blame game has started. The first round of blame was distributed between Microsoft and the alleged inspiration for the code. The stance on vulnerabilities of security researchers is quite clear. Weaknesses in […]

Tags: , , ,
Posted in Discussion, High Entropy, Security Intelligence No Comments »

Wannacry, Code Red, and „Cyber“ Warfare

May 14, 2017

Society and businesses increasingly rely on networked infrastructure. This is not news. Worms that used networks to spread to new hosts in order to infect them is also not news. Code Red did this back in 2001. There is a new worm going around. Its name is Wannacry, and it is allegedly based on published […]

Tags: , , , ,
Posted in High Entropy, Security No Comments »

DeepSec welcomes SEC Consult as Sponsor for 2017!

May 12, 2017

Testing products, production code, security measures, or the overall security of infrastructure is hard work. The typical needs in term of information technology for a company or an organisation has become a variety of components that need to be maintained and hardened against attacks. The devil is in the details. In order to find critical […]

Tags: , ,
Posted in Conference, Security No Comments »

DeepSec welcomes Digital Guardian as Sponsor for 2017

May 11, 2017

No event can be done with supporters, and so we welcome Digital Guardian as sponsor for the upcoming DeepSec 2017 conference! If you have data in your organisation, then you might be interested in talking to Digital Guardian’s experts, because they know a lot about what data does, where it lives, what endpoints really are, […]

Tags: , , , ,
Posted in Conference, Security No Comments »

Call for Papers: 1st Reversing and Offensive-Oriented Trends Symposium (ROOTs) 2017

May 1, 2017

ROOTs 2017 The first Reversing and Offensive-Oriented Trends Symposium (ROOTs) 2017 opens its call for papers. ROOTs is the first European symposium of its kind. ROOTS aims to provide an industry-friendly academic platform to discuss trends in exploitation, reversing, offensive techniques, and effective protections. Submissions should provide novel attack forms, describe novel reversing techniques or […]

Tags: , , , ,
Posted in Call for Papers, Conference No Comments »

DeepINTEL Update, Science First Campaign, Early Birds, and other News

April 28, 2017

The Easter break is over. We didn’t sleep (much), and we did not look for Easter eggs in software either. Instead we did a bit of work behind the scenes. DeepSec 2017 will have some more content due to the co-hosted ROOTs workshop. The full call for papers will be ready on 1 May 2017. […]

Tags: , , , ,
Posted in Administrivia, Conference No Comments »

Applied Crypto Hardening Project is looking for Help

April 25, 2017

Hopefully many of you know the Applied Crypto Hardening (ACH) project, also known as BetterCrypto.org. The project was announced at DeepSec 2013. The idea was (and is) to compile hands-on advice for system administrators, dev ops, developers, and others when it comes to selecting the right crypto configuration for an application. The BetterCrypto.org document covers […]

Tags: , ,
Posted in High Entropy, Internet No Comments »

SS8 – Replacement for Insecure Signalling System No. 7 (SS7) Protocol revealed

April 1, 2017

The ageing SS7 protocol has reached it’s end of life. Security experts around the world have criticised vulnerabilities a long time ago. SS7 even facilitated unsolicited surveillance attacks. What’s more, it has its own talks at the annual Chaos Communication Congress – which is a clear sign of fail if there is more than one presentation […]

Tags: ,
Posted in High Entropy No Comments »

DeepINTEL / DeepSec News for 2017 and Call for Papers

March 27, 2017

Changing code, layout or designs have something in common – deadlines. But you cannot rush creativity, and so the new design of the DeepSec web site took some time. The old design has served us well. We basically did not change much and used it since 2007. The new design follows the stickers we use […]

Tags: , , ,
Posted in Administrivia, Call for Papers, Conference No Comments »

Submit your Talk – Call for Papers for BSidesLondon

March 14, 2017

The Call for Papers for BSidesLondon is still running! If you haven’t submitted your talk yet, please do! The deadline is 27 March 2017. Don’t miss it! The Wonderful World of Cyber is full of stuff to talk about. There is broken software all over the Internet (of Things). 0days await. Infrastructure is ready to […]

Tags: , ,
Posted in Call for Papers No Comments »

Putting the Science into Security – Infosec with Style

January 27, 2017

The world of information security is full of publications. It’s like being in a maze of twisted little documents, all of them alike. Sometimes these works of art lack structure, deep analysis, or simply reproducibility. Others are perfectly researched, contain (a defence of) arguments, proofs of concept, and solid code or documentation to make a point. […]

Tags: , , , ,
Posted in Discussion, Security No Comments »