Archive for September, 2018

DeepSec 2018 Training: Malware Analysis Intro – Christian Wojner

September 28, 2018

With malware (malicious software) featuring crypto-trojans (ransomware), banking-trojans, information- and credential-stealers, bot-nets of various specifications, and, last but not least, industry- or even state-driven cyber espionage, the analysis of this kind of software ıs becoming more and more important these days. With a naturally strong focus on Microsoft Windows based systems this entertaining first-contact workshop […]

Tags: , , , , , , , ,
Posted in Conference, Security, Training No Comments »

DeepSec 2018 Training: ERP Security: Assess, Exploit and Defend SAP Platforms – Pablo Artuso & Yvan Genuer

September 27, 2018

Your SAP platform contains the business crown jewels of your company. However, while leading organizations are protecting their systems from new types of SAP threats, still many are prone to SAP-specific vulnerabilities that are exposing their business to espionage, sabotage and financial fraud risks. Gaston’s and Pablo’s training empowers Security Managers, Internal/External Auditors and InfoSec […]

Tags: , , , , ,
Posted in Conference, Security, Training No Comments »

DeepSec 2018 Talk: IoD – Internet of Dildos, a Long Way to a Vibrant Future – Werner Schober

September 26, 2018

The Internet of Things has grown. Interconnected devices have now their own search engine. Besides power plants, air conditioning systems, smart (or not so smart) TV sets, refrigerators, and other devices there are a lot smaller and more personal things connected to the Internet. Your smartphone includes a lot of personal conversations, most probably pictures, […]

Tags: , , , ,
Posted in Conference, Internet, Security No Comments »

DeepSec 2018 Talk: Global Deep Scans – Measuring Vulnerability Levels across Organizations, Industries, and Countries – Luca Melette & Fabian Bräunlein

September 25, 2018

Metrics are plentiful, but they are hard to come by when it comes to meaningful numbers. This is why we were amazed by the submission of Luca Melette and Fabian Bräunlein. Why? This is why: “We introduce global deep scans that provide insights into the security hygiene of all organizations exposed to the Internet. Our […]

Tags: , , , ,
Posted in Conference, Internet, Security No Comments »

DeepSec 2018 Training: Professional Bug Hunting for Early Bird Millionaires – Sensitive Data Exposure

September 24, 2018

DeepSec’s Early Bird Tariff is still valid for today. If you are interested in bug hunting for money, i.e. bug bounties, then you should hurry. Dawid Czagan is conducting a training at DeepSec 2018 where you can learn all you need to get started. If you don’t know what to expect, we recommend one of […]

Tags: , , ,
Posted in Training No Comments »

DeepSec 2018 Training: Advanced Penetration Testing in the Real World – Davy Douhine & Guillaume Lopes

September 24, 2018

Guillaume and Davy, senior pentesters, will share many techniques, tips and tricks with pentesters, red teamers, bug bounty researchers or even defenders during a 2-day 100% “hands-on” workshop. This is the very training you’d like to have instead of wasting your precious time trying and failing while pentesting. The main topics of the training are: […]

Tags: , , , , , , , , , ,
Posted in Conference, Security, Training No Comments »

DeepSec 2018 Talk: Information, Threat Intelligence, and Human Factors – John Bryk

September 21, 2018

“Across the ICS spectrum, organizations are gathering threat data (information) to protect themselves from incoming cyber intrusions and to maintain a secure operational posture.”, says John. “Organizations are also sharing information; along with the data collected internally, organizations need external information to have a comprehensive view of the threat landscape. Cyber threat information comes from […]

Tags: , , , ,
Posted in Conference, Security, Security Intelligence No Comments »

DeepSec 2018 Talk: Injecting Security Controls into Software Applications – Katy Anton

September 20, 2018

“SQL Injection was first mentioned in a 1998 article in Phrack Magazine. Twenty years later, injection is still a common occurrence in software applications (No.1 in latest OWASP Top 10 2017). For the last 20 years, we have been focusing on vulnerabilities from an attacker’s point of view and SQL injection is still King. Something […]

Tags: , , , , , , , , ,
Posted in Conference, Security No Comments »

DeepSec 2018 Talk: New Attack Vectors for the Mobile Core Networks – Dr. Silke Holtmanns / Isha Singh

September 19, 2018

DeepSec has a long tradition of tackling the security of mobile networks and devices alike. The first DeepSec conference featured a presentation about the A5/1 crack. Later one we offered trainings covering mobile network security and weaknesses. So we are proud to announce Isha Singh’s and Silke Holtmanns’ talk about new attack vectors. Here is […]

Tags: , , , , , , , , ,
Posted in Conference No Comments »

DeepSec 2018 Talk: Pure In-Memory (Shell)Code Injection in Linux Userland – reenz0h

September 18, 2018

A lot of research has been conducted in recent years on performing code injection in the Windows operating system without touching the disk. The same cannot be said about *NIX (and Linux specifically). Imagine yourself sitting in front of a blinking cursor, using a shell on a freshly compromised Linux server, and you want to […]

Tags: , , , , , ,
Posted in Conference, Security No Comments »

DeepSec 2018 Talk: Orchestrating Security Tools with AWS Step Functions – Jules Denardou & Justin Massey

September 17, 2018

Increasingly frequent deployments make it impossible for security teams to manually review all of the code before it is released. Jules Denardou and Justin Massey wrote a Terraform-deployed application to solve this problem by tightly integrating into the developer workflow. The plugin-based application has three core components, each represented by at least one Lambda function: […]

Tags: , , , , ,
Posted in Conference No Comments »

DeepSec 2018 Talk: Without a Trace – Cybercrime, Who are the Offenders? – Edith Huber & Bettina Pospisil

September 14, 2018

Cybercrime is a worldwide and diverse phenomenon, which needs multidisciplinary and global prevention and intervention strategies. Regarding the situation in Austria, no evidence-based scientific analysis exists that depicts the bright field of Cybercrime. Therefore an interdisciplinary research group investigated the phenomenon cybercrime regarding the questions – Edith Huber and Bettina Prospisil will present their findings at […]

Tags: , , , , ,
Posted in Conference, Security No Comments »

DeepSec 2018 Talk: Left of Boom – Brian Contos

September 13, 2018

By Brian Contos, CISO of Verodin: “The idea for my presentation “Left of Boom” was based on conversations I was having with some of my co-workers at Verodin. Many people on our team are former military and some served in Iraq and Afghanistan where they engaged in anti-IED (Improvised Explosive Device) missions. During these conversations […]

Tags: , , , , ,
Posted in Conference, Discussion, Security No Comments »

Translated Press Release: Bug Bounty Programs – Vulnerabilities as a worthwhile Investment

September 12, 2018

DeepSec Conference offers trainings for security researchers Vienna (pts010 / 04.09.2018 / 08:30) – This year, in addition to lectures about the failing of security measures, the DeepSec In-Depth Security Conference will offer a workshop for finding vulnerabilities. Unfortunately the testing of software in the context of quality assurance is no longer sufficient in the […]

Tags: , ,
Posted in Conference, Press No Comments »

Translated Press Release: Intelligence Agencies want to abolish Information Security

September 11, 2018

https://www.pressetext.com/news/deepsec-konferenz-veroeffentlicht-programm-fuer-2018.html DeepSec Conference criticizes the open Attack on secure End-to-End Encryption Vienna (pts014/21.08.2018/09:25) – Ever since security measures have been in existence, there have been discussions about their benefits and their strength. In digital communication, the topic of back doors keeps coming up. In the analog world high quality locks are desired to protect against […]

Tags: , ,
Posted in Conference, Press No Comments »