We are a bit late with the summaries from our event. Let’s start with some public information from DeepINTEL 2022. The conference is a closed event where security experts can openly discuss updates on threats, capabilities of potential adversaries, and all kinds of intelligence information related to information security. Steph Shample, an expert from the Middle East Institute (MEI), gave an update on Iran’s capabilities in past and present APT, cybercrime, ransomware, and cryptocurrency. The connections of Iran with China and Russia were discussed, too. Given the invasion of Ukraine, Russia is trying to get support for its digital operations. Mohammed Soliman, also from the Middle East Institute, presented his research on the technology containment strategy by the US administration. The stance regarding 5G serves as a blueprint. It is important to emphasise that
The DeepSec Conference 2022 has started. We will be busy handling the presentation tracks, the TraceLabs OSINT CTF event, and the ROOTS track. We covered most of the presentations in brief interviews on this blog. There is more to come after the conference has ended. The live streams from the conference are available to registered attendees. The recordings will be published on our video platform after post-precessing. Updates from the event will be posted to our Twitter and Mastodon accounts. In case you want to be part of the conversation, please use the #DeepSec hashtag.
We often abuse the term big picture as an analogy for a better perspective on things. With security intelligence, this is true. The DeepINTEL conference covers the strategic aspects of IT security, analyses the capabilities of potential (and actual) adversaries, and helps to bridge the gap between individual experiences of security researchers and targets. DeepINTEL 2022 has started. Topic-wise advanced persistent threats, the current geopolitical situation, psychological warfare with digital means, and techniques of malicious software in attacks are the primary focus. Selected aspects will be published in articles on this blog after the conference, because the DeepINTEL is a TLP:AMBER event.
A race condition attack is one of the most dangerous and underestimated attacks on modern web applications. It’s related to concurrency and multi-threading. Because of this attack, an attacker who has $1000 in his bank account can transfer more than $1000 from his bank account. This is just one example, but it clearly shows how dangerous this attack is. In a free video Dawid Czagan (DeepSec instructor) will show you step by step how this attack works and will tell you how to prevent this attack from happening. Watch this free video and feel the taste of Dawid Czagan’s live online training ”Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation”- Because of our hybrid configuration of DeepSec for trainings and the conference, the Mastering Web Attacks with Full-Stack Exploitation
The DeepSec trainings have started. Today is the first day. The topics cover attacking modern desktop applications, network threat hunting, incident response, creating malicious office documents for offensive tests, and secure code review. The spectrum covers a lot of content, and it will be very helpful for defending the information security landscape. One of our trainings can still be booked. The workshop titled “Web Hacking Expert: Full-Stack Exploitation Mastery” by Dawid Czagan has been postponed to 28/29 November 2022. It will be an online training. You can take part virtually. Bookings are still possible via our ticket shop.
Complex systems is not a term indicating that you have stopped to understand something. The colloquial phrase „it’s complicated“ is often used as a joke. Complex systems have their own science. Information technology has managed to make our daily life easier. Applications manage vast amount of data, communication protocols transport countless numbers of messages, systems just work, and everything is fine. The problem is that code usually grows and never shrinks. This has implication for software development and for information security. The keynote will take you on a tour through complex systems, complexity, the limits of growth, and how the consequences can be managed in a sane way. The presentation will also try to remind you to ask questions, think twice about selecting appropriate metrics, and how to apply this approach to the tools
The swinging moods of billionaires have hit Twitter. 230 million users have switched ownership and now follow the erratic decisions of a single person. „Mars first!”, or something. DeepSec is using Twitter as a channel to link to blog posts and to share information about ongoing events. This will not change for the moment. However, we have created a new Mastodon account to be on the safe side. The account name is already visible on our Twitter profile page. Please follow us, if you want to receive further news without interruption. DeepSec is fond of decentralised communication channels. While this means more effort to filter and selecting sources, it is true to the original character of the Internet. We also maintain our own mailing lists which cover press releases, random scuttlebutt behind the scenes,
[Of course, this is the August 2022 article from the DeepSec Scuttlebutt mailing list. We publish the postings one month later on our blog. For timely scuttlebutt, please subscribe to the mailing list.] Dear readers, the Summer is burning Europe and other parts of the world. The climate is changing and poses the biggest challenge to all aspects of our society. And this is without other man-made catastrophes, such as war, lack of raw materials, logistics, health protection, and many more trouble spots. DeepSec is about information security, so I will stick to the digital parts of the story. There are already too much “experts” on social media. No need to add more. Have you ever wondered what amount of energy is used for digital security measures? Have you ever tried an estimate? I
44CON is back! Make sure that you get your ticket, because information security is all about getting the edge over your adversaries. This is best done by keeping up-to-date. 44CON has the right schedule for you. It’s full of goodies dealing with Kerberos, forensic code-breaking, attacks on e-ticketing portals, incident response with the Log4J showcase, kernel exploits, and sensibly using security scanners on AWS. The programme also features a hands-on exercise in the form of Trace Labs’ Capture the Flag. 44CON begins on 15 September 2022 at 0915 (BST).
If you are a regular visitor of our conference or our blog, then you probably know about the different phases of our schedule. We are now in the preliminary stage. Reviews are still being done, and we sort out questions to and answer from our speakers. You may have noticed the free slots. These are still under review. Hopefully, we will have everything sorted out in the course of the next weeks. DeepSec has some internal rules for reviewing presentation submissions. We usually do not accept persons of the same organisation, so that one organisation can have one presentation in the programme. This makes the reviews hard, because you always send us top quality material. We could easily conduct two or three conferences instead of one. For 2022, we have accepted multiple speakers from
The yearly review of submissions is the hardest task of the year. Thanks a lot for your contributions. DeepSec would need to be a full week to accommodate all submitted material. Thanks a lot! We are still stuck in the final reviews, so it will take a week or two to fill all the slots. You may have noticed that the schedule on our website is already alive and kicking. There will be some more rearrangements regarding the presentation slots. The DeepINTEL schedule is available on request since DeepINTEL is a TLP:AMBER event. We have some interesting insights into current campaigns and the capabilities of selected adversaries for you. Effective defence needs well-prepared data and reconnaissance. So we highly recommend attending DeepINTEL 2022. Looking forward to see you in Vienna!
Our calls for papers have official closed. We are currently in the final phase of reviewing all your submissions. Thanks for all your efforts to send us your material on time. Our goal is to publish the preliminary schedule within the next two weeks. In case you missed the deadline, we will still accept your submissions. You can use our call for papers manager to send us your proposal. We will review your contribution. We will just start with all earlier submissions first.
Did you find some interesting bugs lately? Have you broken something which wasn’t supposed to be broken? Can you hack a nation state just by using a phone call? Do you dream of writing a smartphone app in Malbolge just for fun? If the answer is yes, then you should definitely submit a presentation for DeepSec 2022! We are still looking for your contribution. Share your insights, enlighten our audience. We are also looking for talks for DeepINTEL 2022. We would like to explore the geopolitical side of information security again. Attacks on critical infrastructure, gauging capabilities of adversaries, digital operations in terms of disinformation, and strategic defence of digital infrastructure are the focus of our next security intelligence event. If you work in this field, please get in touch with us. Security research
We have been radio silent for quite a while. This is not because of the lack of content or ideas. Information security has long attained mainstream status. We all rely on software and hardware all the time. Instead, we were stuck in administrative tasks. We have found a new location for the conference. In addition, we are working behind the scenes on code updates of our web page. The call for papers manager, the functions that create the schedule and render the website have aged. Speaking of the call for papers, it is still open! We are looking for presentations about the current state of security. If you found a bug or a design flaw, let’s hear about it. There are lots of applications out there. There must be something that’s broken. CVE has