Tag Archive

DeepSec2016 Workshop: IoT Hacking: Linux Embedded, Bluetooth Smart, KNX Home Automation – Slawomir Jasek

Published on October 31, 2016 By sanna

“The ongoing rise of the machines leaves no doubt – we have to face them”, says Slawomir Jasek, and adds: “It is hard not to agree with one of the greatest military strategists Sun Tzu: “If you know your enemies and know yourself, you will not be put at risk even in a hundred battles”. […]

DeepSec2016 Workshop: Offensive PowerShell for Red and Blue Teams – Nikhil Mittal

Published on October 14, 2016 By sanna

Penetration Tests and Red Team operations for secured environments need altered approaches, says Nikhil Mittal. You cannot afford to touch disks, throw executables and use memory corruption exploits without the risk of being ineffective as a simulated adversary. To enhance offensive tactics and methodologies, PowerShell is the tool of choice. PowerShell has changed the way […]

DeepSec 2016 Workshop: Fundamentals of Routing and Switching from a Blue and Red Team Perspective – Paul Coggin

Published on October 12, 2016 By sanna

Penetrating networks has never been easier. Given the network topology of most companies and organisations, security has been reduced to flat networks. There is an outside and an inside. If you are lucky there is an extra network for exposed services. Few departments have retained the skills to properly harden network equipment – and we […]

DeepSec 2016 Talk: Fuzzing Remote Interfaces for System Services in Android – Alexandru Blanda

Published on September 23, 2016 By sanna

When in doubt, go for the core. This statement is true for most Star Wars films. It is also valid for any kind of security research. Modern software has tons of dependencies, metric or otherwise. In addition, most platforms provide a set of basic components accessible by API. The wheel has been invented already. So […]

DeepSec2016 Workshop: Secure Web Development – Marcus Niemietz

Published on September 21, 2016 By sanna

The World Wide Web is everywhere. It has become the standard protocol for transferring data, accessing applications, configuring devices, controlling software, or even multimedia streaming. Most software development can’t be done without web applications. Despite the easy concept the technologies used in „HTTP/HTTPS“ have grown in very complex beasts. Few get it right, lots of […]

DeepSec 2016 Workshop: Deploying Secure Applications with TLS – Juraj Somorovsky

Published on September 9, 2016 By sanna

Cryptography is all around us. It has become something like the background radiation of the networked world. We use it on a daily basis. Since nothing usually comes into existence by mistake, there must be someone responsible for deploying this crypto stuff. You are right. Software developers, mathematicians, engineers, system administrators, and many more people […]

DeepSec2016 Workshop: Offensive iOS Exploitation – Marco Lancini

Published on September 4, 2016 By sanna

If an iPhone gets exploited in the forest and no one is around to 0wn it, does it worry you? This philosophical question has been answered sufficiently by the latest Pegasus incident. All smartphone should worry you. The iPhone and its operating system is no exception. Actually breaking a smartphone give an attacker a lot […]

DeepSec 2016 Workshop: Penetration Testing Humans – Bethany Ward & Cyni Winegard

Published on September 3, 2016 By sanna

Do you know the film where the victim gets an unsuspecting phone call and dies three days later? No? Relax, it happens in the real world, too. The difference is that you get a quite normal phone call at the office and three days later some of your data has been copied. The technical term […]

Buy your ticket for 44CON – and go to prison for free!

Published on August 31, 2016 By lynx

Forget Winter! 44CON is coming! The conference will be 14 to 16 September 2016 in London. The schedule is online. Take a look! This year’s 44CON also features a Capture The Flag (CTF) contest. It is hosted by the UK Ministry of Justice. Your mission, should you decide to accept it, consists of breaking into […]

DeepSec 2016 Call for Papers – Reminder – 24h to go!

Published on July 30, 2016 By lynx

The Call for Papers for the tenth DeepSec conference officially ends in 24 hours. This is a gentle reminder to submit your presentation or your kick-ass workshop.

Nikhil Mittal has two Black Hat Europe passes for his attendees

Published on October 21, 2015 By mika

Nikhil Mittal offers two passes for Black Hat Europe, Amsterdam, Nov. 10-13 for his workshop attendees at our DeepSec in Vienna. If more than two are interested we will make a raffle or a sweepstake. Workshop: Powershell for Penetration testers Deadline is in two weeks, when we make final decisions about our workshops. So if […]

DeepSec Workshops: Digitale Verteidigung – Wissen ist Macht

Published on October 20, 2015 By lynx

Wann haben Sie Ihren letzten Geschäftsbrief geschrieben? Und wann haben Sie das letzte Mal Stift und Papier dazu benutzt? Es macht nichts wenn Sie sich nicht daran erinnern können: Digitale Kommunikation ist Teil unseres Alltagslebens, nicht nur in der Geschäftswelt. Wir haben uns so sehr daran gewöhnt ständig online zu kommunizieren, das offline sein sich […]

Defence – Beating the Odds with Knowledge

Published on October 13, 2015 By lynx

When did you write your last business letter? You probably don’t recall, because you write one all of the time. When did you last use ink and paper to do this? If you can’t remember the answer to this question, don’t bother trying. Digital communication is part of our daily life, not only in the […]

DeepSec 2015 Workshop: Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices – Alexander Bolshev & Boris Ryutin

Published on October 7, 2015 By sanna

The Internet of Things (IoT), more common known as the Internet of Stuff, is all around us. You don’t have to wait for it any more. Take a peek at the search results from Shodan and you will see that lots of devices are connected to the Internet. Since your refrigerator does not run high […]

DeepSec 2015 Workshop: Crypto Attacks – Juraj Somorovsky & Tibor Jager

Published on October 5, 2015 By sanna

Fvcelsiuetwq lcv xlt hsyhv xd kexh yw pdp, tlkli? Well, yes and no. ITEzISqbI1ABITAhITAhLZzQFsQ6JnkhMTMhpNK5F5rF9dctkiExMyEv9Fh1ITMzIaX2VCJpEQc= , and that’s where it often goes wrong. Your cryptographic defence can be attacked just as any other barrier you can come up with. Attackers never sleep, you know. Crypto attacks are often facilitated by a simple psychological bias: Since cryptographic […]