DeepSec 2013 Schedule published

René Pfeiffer/ August 31, 2013/ Administrivia, Conference

The pretty final schedule of DeepSec 2013 has been published. It took us some time, because we received a lot of submissions! Every speaker has confirmed. Let’s hope we don’t run into late cancellations. We hope you will get your share of entertainment and scare out of the selected content. As in the years before we will publish a blog article about every workshop and every talk in order to give you a better insight what every speaker intends to address (we started with the first one already). Abstracts are fine, context is better. We will also point out links to related fields provided that possible leaked content doesn’t destroy our publication schedule 😉 In case you haven’t booked yet, the early bird tariffs are still valid. Get your DeepSec tickets while they are

Read More

DeepSec 2013 Talk: Automation in Android & iOS Application Security Review

René Pfeiffer/ August 30, 2013/ Conference, Security

Even if you do not want to follow the Bring Your Own Device (BYOD) hype you might have to deal with mobile operating systems and applications running on them. Once you have a need to deploy a system, you need to know how to review the security. Hemil Shah will explain in his talk how you can deal with this problem. Mobile application hacking and its security is becoming a major concern in today’s world – especially with BYOD and user’s jailbreaking/rooting their devices. In the last few years we have seen a range of new attack vectors and methods of exploitation for these devices. Mobile applications are vulnerable to various sets of different attacks like local storage, user data harvesting, activity spying, unauthorized event injection, UI jacking, tab jacking, traffic redirection, logical attacks,

Read More

DeepINTEL Schedule Update: New Talk – “Advanced Security through Network Intelligence”

René Pfeiffer/ August 30, 2013/ Administrivia, Conference, Security Intelligence

Due to personal reasons one of our DeepINTEL speakers had to unfortunately cancel his appearance. Therefore we present a new talk held by Caroline Krohn. The title is “Advanced Security through Network Intelligence”. „Network Intelligence“ is the sum of findings extracted from people’s activities in the internet. Information related to people can be either, restricted and protected by any kind of encryption, or public and available to everybody. Nowadays, it is almost sufficient to collect data from open sources to put together a precise profile on a person of interest. Transparency does not only occur through own postings on so-called social networks, such as Facebook, Xing, LinkedIn, Twitter. Third party mentions and pictures other people post and tag, etc. also help following people’s activities outside the internet. Even the decision not to appear on

Read More

DeepINTEL 2013 – New Talk: “Hackers NG” – Dealing with the Security Skills Shortage

René Pfeiffer/ August 11, 2013/ Conference, Security Intelligence

Cooling temperatures in Vienna bring new talks to DeepINTEL. We are proud to announce a talk by Colin McLean, lecturer in Computing at the University of Abertay Dundee in Scotland. He discussed the problem of finding hackers with security skills (and who probably do not possess the attributes Mr Hayden sees in his own IT staff). The abstract reads as follows: There is a cyber security skills shortage and it’s becoming a world-wide concern with many stakeholders warning of impending doom. Browsing the Internet shows that this concern is not only expressed from the USA, and the UK, but all over the world. Mark Weatherford of the US Department of Homeland Security has stated “The lack of people with cyber security skills requires urgent attention. The DoHS can’t find enough people to hire.”. The

Read More

DeepINTEL 2013 – New Talk „Mutually Assured Pwnage“

René Pfeiffer/ August 5, 2013/ Conference, Security Intelligence

We have added a new talk to the DeepINTEL 2013 schedule. Karin Kosina will talk about „Mutually Assured Pwnage“ and critically explore what Cold War analogies can and cannot teach us about war in the 5th domain. “Cyberwar” has become a thing (never mind that no-one seems to really know what that thing really is). Along with the militarisation of cyberspace – or “the fifth domain of warfare” – there has been a flurry of attempts to draw analogies to other models of conflict. While this is understandable to a certain extent – What worked in the past may work again in the future, right? And let’s not be so cynical here to speak about hammers and things that look like nails… –, it has in many cases only added to the confusion around an already confused

Read More