Archive for September, 2019

DeepSec 2019 Training: IoT/Embedded Development – Attack and Defense Lior Yaari

September 19, 2019

Every developer makes mistakes. If you are unlucky, these mistakes result in a security vulnerability, an almost untraceable bug for the normal developer. Going around the world, helping developers to find and understand the vulnerabilities they’ve accidentally created, we learned that unlike bugs, vulnerabilities are invisible to the eye, mind and UT. No one teaches […]

Tags: , , , , ,
Posted in Training No Comments »

DeepSec 2019 Training: Analysing Intrusions with Suricata – Peter Manev & Eric Leblond

September 18, 2019

Defending your network starts with understanding your traffic. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In this course, attendees will learn the skills required to identify, respond and protect against threats in their network day to […]

Tags: , , , , , , , , , ,
Posted in Security, Training No Comments »

DeepSec 2019 Talk: New Tales of Wireless Input Devices – Matthias Deeg

September 13, 2019

You can’t do much with computer without input devices. Microphones do not count, yet. This leaves the classic selection of human input. How secure are these devices? Did you ever wonder when typing, moving the mouse pointer, or attaching a presenting tool? Well, your questions will be answered at DeepSec 2019. Matthias Deeg will hold […]

Tags: , , , , ,
Posted in Conference No Comments »

DeepSec 2019 Talk: Lauschgerät – Gets in the Way of Your Victim’s Traffic and Out of Yours – Adrian Vollmer

September 11, 2019

The talk will present a new tool for pentesters called „Lauschgerät“. This python script acts as a convenient man-in-the-middle tool to sniff traffic, terminate TLS encryption, host malicious services and bypass 802.1X – provided you have physical access to the victim machine, or at least its network cable. There are three ways to run it: […]

Tags: , , ,
Posted in Conference, Security No Comments »

Industrial Espionage and Data Tapping are commonplace in IT – DeepSec Conference provides Training for early Detection, Analysis and Mitigation

September 10, 2019

The excitement used to be great when organizations, parties, celebrities, companies, or government agencies reported intrusions into their own or outsourced digital infrastructure. Meanwhile, reports of data leaks and compromised systems are almost a part of the weather forecast. Security applications on smartphones or portals offer this information to allow the user to check if […]

Tags: , , , , , , , , ,
Posted in Conference, Security No Comments »

DeepSec 2019 Talk: Once upon a Time in the West – A Story on DNS Attacks – Valentina Palacín, Ruth Esmeralda Barbacil

September 9, 2019

The Internet is the new frontier for some. So just like in Old West movies, we are going through a land riddled with well-known gunmen: OceanLotus, DNSpionage and OilRig, who roam at ease, while the security cowboys sleep. This presentation will uncover the toolset and techniques used by these gunmen, taking a closer look at […]

Tags: , , , ,
Posted in Conference No Comments »

DeepSec Press Release: Internet of Facts and Fear in the Name of IT Security – Bits, Bytes, Security and Geopolitics

September 5, 2019

(Original press release was published on 29 August 2019 via pressetext.com) Nobody is an island. This statement is attributed to the English writer John Donne. The sentence became known in the 17th century. In the meantime, this has changed as a result of digitization. The modern version of the statement should read: There are no […]

Tags: , , , , ,
Posted in Conference, DeepIntel, Press, Schedule, Security, Security Intelligence No Comments »

DeepSec 2019 Talk: Well, That Escalated Quickly! – A Penetration Tester’s Approach to Windows Privilege Escalation – Khalil Bijjou

September 4, 2019

Since the early stages of operating systems, users and privileges were separated. Implemented security mechanisms prevent unauthorized access and usage of data and functions. These security mechanisms have been circumvented a number of times, which has led to steady improvements. Nevertheless, attackers find new vulnerabilities and security holes. Security experts often encounter Mirosoft® Windows endpoints […]

Tags: , , , , ,
Posted in Conference, Security No Comments »

DeepSec2019 Talk: SD-WAN Secure Communications Design and Vulnerabilities – Denis Kolegov

September 2, 2019

Hardening communication protocols against network attacks is hard. And yet a lot of products are available on the market that allow you to transport data and messages. Since virtualisation entered the world of technology all things software-definded (SD) have become popular. Denis Kolegov will explain at DeepSec 2019 what the state of affairs in terms […]

Tags: , , , ,
Posted in Conference, Security No Comments »