Tag Archive

DeepSec 2017 Talk: Hacking The Brain For Fun And Profit – Stefan Hager

Published on October 2, 2017 By sanna

You are what you think. At least we think so. Is this mental model the right way to explore our surroundings and our interconnected world? Well, let’s find out by thinking about it. When we’re talking and thinking about security, we very often have a rather fixed mindset and keep using what we think are […]

Social Engineering: Cold Call Warning (EHS, EHM)

Published on September 8, 2015 By lynx

While we have a workshop on social engineering for you at DeepSec 2015, we do not do any trainings or exercises before the DeepSec event starts. A speaker alerted us that he got a cold call from a company offering cheap rates for accommodation. In case you have received any call from Exhibition Housing Management […]

DeepSec 2014 Talk: An innovative and comprehensive Framework for Social Vulnerability Assessment

Published on September 11, 2014 By lynx

Do you get a lot of email? Do customers and business partners send you documents? Do you talk to people on the phone? Then you might be interested in an assessment of your vulnerability by social interactions. We are proud to host a presentation by Enrico Frumento of CEFRIEL covering this topic. As anyone probably […]

BSidesLondon is near!

Published on April 25, 2014 By lynx

We will attend the BSidesLondon event, and we are looking forward to meet you there! DeepSec is again sponsoring the rookie track. We believe that information security can only benefit from fresh perspectives and newcomers that take a hard look at “well established” facts. This is why we support young infosec researchers and welcome their […]

DeepSec 2013 Video: Prism Break – The Value Of Online Identities

Published on February 21, 2014 By lynx

Everything you do online creates a stream of data. Given the right infrastructure this data trails can be mined to get a profile of who you are, what you do, what your opinions are and what you like or do not like. Online profiles have become a highly desirable good which can be traded and […]

DeepSec 2013 Video: Trusted Friend Attack – (When) Guardian Angels Strike

Published on February 6, 2014 By lynx

We live in a culture where everybody can have thousands of friends. Social media can catapult your online presence into celebrity status. While your circle of true friends may be smaller than your browser might suggest, there is one thing that plays a crucial role when it comes to social interaction: trust. Did you ever […]

DeepSec 2013 Talk: Trusted Friend Attack – Guardian Angels Strike

Published on November 5, 2013 By lynx

Have you ever forgotten a password? It’s a safe bet to assume a yes. Sometimes we forget things. When it comes to logins there is usually a procedure to restore access and change the forgotten password to a known new one. This Forgot Your Password functionality is built into many applications. The mechanism is to […]

DeepSec 2013 Workshop: Social Engineering Awareness Training – Win A Free Ticket!

Published on September 25, 2013 By lynx

“If a tree falls in a forest and no one is around to hear it, does it make a sound?” You probably know this question. It’s a philosophical thought experiment questioning observation and knowledge of reality. There is a similar gedankenexperiment for information security: “If your organisation receives a spear phishing e-mail and no one […]

DeepSec 2012 Talk: I’m the guy your CSO warned you about

Published on October 15, 2012 By lynx

Social engineering has a bit of a soft touch. Mostly people think of it as “you can get into trouble by talking to strangers”, remember the “don’t talk to strangers” advice from their parents, dismiss all warnings and will get bitten by social security leaks anyway. You have to talk to people, right? You are […]

DeepSec 2012 Workshop: Social Engineering Testing for IT Security Professionals

Published on October 2, 2012 By lynx

Social engineering has been big in the news yet again this year.  In September, security researchers discovered an attack against Germany’s chipTAN banking system, in which bank customers were tricked into approving fraudulent transfers from their own accounts. In August, tech journalist Mat Honan had his digital life erased, as hackers social engineered Apple and […]

A Word about Conference Conduct

Published on August 7, 2012 By lynx

You have probably been to conferences, and might even have seen hackers in the wild attending events. When it comes to events where IT security is discussed, everyone needs a friendly atmosphere so you can trust the people you meet. The DeepSec conference aims to be a place where these criteria are met. We want […]

The Internet: Agora or Boudoir?

Published on June 10, 2012 By mika

Some people believe the Internet is like the Agora of ancient Greek cities where everybody meets and everything happens in public and open sight while others regard it is as their boudoir where they can pursue their private business without anyone peeping through the keyhole. The challenge is that the Internet is both and this […]

DeepSec 2011 – Post-Con Party at the Metalab

Published on November 18, 2011 By lynx

Since DeepSec 2011 has ended and we still want to have a chat with you, let’s meet at the party! It takes place at the Metalab, a local hacker space next to the town hall. We have music, we have stuff to drink, we got access to the Intertubes, we got lots of nice people, […]

Workshop: Social Engineering for IT Security Professionals

Published on October 12, 2011 By lynx

Social Engineering has been around for a long time and predates the Internet. The method of the Nigerian scams today dates back to the 16th century. It is much more widespread today. Social networking sites supply attackers with a rich source of information. They may even get hold of confidential information without any effort (as […]

Workshop: Social Engineering for IT Security Professionals

Published on September 28, 2011 By lynx

Social Engineering engagements can appear to be easy, especially to someone who already has experience in the Information Security industry.  All InfoSec consultants have experienced situations where they’ve been let into a meeting or to perform an onsite engagement without the correct paperwork or permission, and we’ve all heard the stories of successful Social Engineering […]