2110, 2015

Nikhil Mittal has two Black Hat Europe passes for his attendees

Mika/ October 21, 2015/ Conference, Schedule

Nikhil Mittal offers two passes for Black Hat Europe, Amsterdam, Nov. 10-13 for his workshop attendees at our DeepSec in Vienna. If more than two are interested we will make a raffle or a sweepstake. Workshop: Powershell for Penetration testers Deadline is in two weeks, when we make final decisions about our workshops. So if you are interested in Powershell and have spare-time in November it’s a good time to book for DeepSec and visit Black Hat Europe for free: DeepSec Registration Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes penetration testing, attack research, defence strategies and post exploitation research. He has 6+ years of experience in Penetration Testing for his clients, including many global corporate giants. He is also a member of Red teams of selected

Read More

2110, 2015

DeepSec Talk: Got RATs? Enter Barn Cat (OSint)

Mika/ October 21, 2015/ Conference, Schedule

We are happy to have John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center) on stage to present his new Open Source Intelligence Project Barn Cat. OSINT Barn Cat: Mining Malware for Intelligence at Scale I like the name of the project: Barn cats are the best mousers and this new project is targeted to catch (not only) RATs. In reality we have a hard time to keep track and ensure up-to-date signatures, with half a million unique samples pouring into the analysis machinery of the AV-industry and signature producers every day. Barn cat has a new approach: Instead of learning every time from scratch how a new mouse looks like, Barn Cat monitors the criminal infrastructure to detect undesired activity in your network. It’s like a true barn cat couching in front of

Read More

0210, 2014

RandomPic XSA-108

Mika/ October 2, 2014/ High Entropy, RandomPic

What a couple of Infosec people thought about XSA-108. Apparently some were a little bit disappointed that XSA-108 affects “only” HVM. Sorry, not another catastrophy, not another heartbleed, Shellshock or something in this class. Only a vulnerability which potentially allows access to other VMs. Anyway, time for an update! (Idea shamelessly stolen from aloria)

3005, 2014

New Use Cases for Bitcoin

Mika/ May 30, 2014/ Security, Stories

Although I’m new in the Bitcoin world I had a quite promising start. Earlier this month I was able to visit the Bitcoin Conference in Amsterdam and had some very good conversations with core developers from the Bitcoin Foundation and to my honor also the chance to talk to Gavin Andreesen, long-time lead developer and now chief scientist of the Bitcoin Foundation. At DeepSec our first contact with Bitcoin was in 2012 when John Matonis, now Executive Director and Board Member of the Bitcoin Foundation, talked about the evolution of e-Money.  But since then we hadn’t intense contact. Tomorrow I will visit the Bitcoin Expo in Vienna and hope to meet new people in the community and discuss the latest trends and developments. The fascinating thing about Bitcoin and the global block-chain is the

Read More

1707, 2013

Musings about PRISM and the Like, or an Appeal to Reasoning

Mika/ July 17, 2013/ Discussion, Mission Statement, Security Intelligence

Spying and Distrust are not new, Full Stop. We are old enough to have witnessed many large spying programs in “real time”, starting in the 90ies and continuing until now. Everybody spies on everybody else, everybody tries to use every resource available to gain any kind of intelligence useful for the very own benefit. Alliances, treaties and promises (or vows if you take it more seriously) only have secondary value when it’s about the own advantage. This is true for most aspects of our life, be it private, business or international political affairs. Spouses (sometimes) distrust each other. Business partners (sometimes) negotiate with most detailed contracts to leave as little room as possible to deviate from the expectations, trusting in legal frameworks, lawyers and neutral judges to enforce the expectations. In international affairs (sometimes)

Read More

0104, 2013

Accounts receivable and payable

Mika/ April 1, 2013/ Administrivia, Legal

From now on all incoming and outgoing payments for DeepSec and DeepINTEL tickets, sponsor packages, speaker travel reimbursements, hotel, accommodation, catering, support for the community etc. will only be accepted resp. paid in Bitcoins. As we do not trust electronic money transfers (hey, guys – we conduct a security conference!) the following rules will apply: Tickets will only be sold only on-site. We will accept Bitcoins only in cash. Please have the exact amount available as we cannot give change. Bitcoins for speaker travel reimbursements will be sent to the speaker’s home address with registered mail in a neutral envelope. Payments for hotel, accommodation, sponsor packages and other goods and services will be transferred in a inconspicuous suitcase by a courier wearing dark sunglasses. We made this decision because every year we have to

Read More

2801, 2013

A Security Conference is not a Flashmob

Mika/ January 28, 2013/ Mission Statement

Suddenly: Security Speakers! (This is the first part of a series which can be regarded as our “Mission Statements”.) No, this is not what a conference should be like: By some obscure coincidence 32 speakers emerge with a talk in their pockets and hit the stage, one after the other. Rather this is true: We are shaping our DeepSec and DeepINTEL events and those who know us a little bit closer are not surprised. We are searching for topics, we are soliciting submissions and we invite people to our stage whom we find interesting, ground-breaking, promising, surprising or just plain ingenious. Additionally we read our CfP submissions very carefully and often we discuss the submissions with the speakers if we are not fully confident where the talk leads to. We also discuss submissions with

Read More

0811, 2012

Conference seats are running low…

Mika/ November 8, 2012/ Conference

Honestly: We have such a big interest this year, which is beyond any expectations that we might need to close our ticket sales one or two weeks before the conference. If the trend continues like past years we will exceed the capacity for the conference rooms and the restaurant.We are negotiating with the hotel and do our best to accommodate everyone who wants to attend. Booking is still open at: https://deepsec.net/register.html We have already exceeded the room contingency at our hotel, The Imperial Riding School (Renaissance Vienna Hotel), which grants an attractive room rate, incl breakfast etc… The rate is EUR115,- per night (single person) inc. all fees and taxes, inc. American breakfast and a cancellation possible until 6 PM on the arrival date. Cheaper offers on travel-booking sites typically don’t include breakfast or

Read More

0511, 2012

Alien Technology in our Datacenters

Mika/ November 5, 2012/ High Entropy, Security, Stories

Sometimes when I watch administrators at work, especially when I start to ask questions, I get an uneasy feeling: “this is not right”. As it turns out many of the people who maintain, manage and configure IT or communication equipment don’t understand the technology they are using. At least not in depth. Mostly they have a rough idea what it’s all about but cannot explain in detail how it works and cannot predict what will happen if a few changes are made to the setup. Although I couldn’t put my finger on it I had a familiar feeling, something like a déjà-vu. Just recently when I browsed through my bookshelves it suddenly became clear: I reached for a science fiction classic, “Gateway” by Frederic Pohl which describes an alien race, the “Heechee”, which have

Read More

2010, 2012

Groundhog Day (Not a Film Review)

Mika/ October 20, 2012/ High Entropy, Security

Recently there was a re-run of the movie “Groundhog Day” on German TV and after a while I felt a familiar feeling: Our security efforts are a lot like the story. The protagonist is caught in something like a time-loop until he gets everything right. A previously cynical, disrespecting, arrogant and selfish news reporter wakes up every morning to the same scene: The alarm clock switches to 6:00 in the morning, the radio plays “I got you babe” and the same day repeats over and over again. During the first iterations he doesn’t change his behavior, being quite a discomforting guy until he realizes that slight changes can make a big difference. He is only relieved from this situation after he gets everything right: Being nice to his former school schoolmate, changing the tires

Read More

1110, 2012

High Availability is not Redundancy

Mika/ October 11, 2012/ High Entropy, Odd

This is about the “A” in the CIA triad of security: Confidentiality, Integrity, Availability Just recently I was a witness of an incident where the failure of a perceived redundant system caused an outage of more than 5 hours of the central IT services of a multinational/intercontinental enterprise. Vital services like VoIP calls and conference bridges (which were interrupted with high profile customers) , SAP, e-mail, central file services, CAD, order processing, printing of delivery notes and therefore loading of trucks, processing of EDIFACT-based orders and invoices, etc. were unavailable for most of the 20.000 employees and customers worldwide during this black-out. What happened? Some when in the morning we noticed a lot of commotion in the department (open plan office) and quite soon it was obvious that all network based services were out

Read More

2706, 2012

“The early bird gets the worm” or “Can you be faster than FUD?”

Mika/ June 27, 2012/ Conference, Security Intelligence

This is an old saying and like most old sayings it bears some truth: the first one to notice an opportunity does indeed have an advantage. But I don’t want to philosophize about “ancient wisdom” or something the like but I want to address a quite up-to-date topic: 0-day prevention, early warning systems, heuristic detection and how fast you have to be to catch worms and 0-day exploits. A lot of security vendors and open source security projects provide a very fast response to emerging threats. New worms and malware are detected quickly after appearance in the wild and signature patterns are updated a couple of times daily. So you should be safe. Really? How much of your resources would you spend on 0-day prevention and how effective is it? We have learned from

Read More

1006, 2012

The Internet: Agora or Boudoir?

Mika/ June 10, 2012/ Discussion, Internet

Some people believe the Internet is like the Agora of ancient Greek cities where everybody meets and everything happens in public and open sight while others regard it is as their boudoir where they can pursue their private business without anyone peeping through the keyhole. The challenge is that the Internet is both and this calls for rules, which will satisfy both expectations. If you didn’t guess it already: I’m talking about telecommunications data retention and the recent act in the European Union which requires service providers to log details about communications on the Internet and retain the data for a minimum of six months. But why do I bring up this topic? Because I believe this discussion affects the security and privacy (also known as confidentiality) of organizations and private persons. The European

Read More

3105, 2012

What to expect from DeepINTEL

Mika/ May 31, 2012/ Conference, Security Intelligence

Preliminary schedule soon (CFP is still open) DeepINTEL will be a conference about security intelligence on September 3rd and 4th 2012 in the heart of Europe. We have prepared this project for a long time and we were monitoring the security intelligence landscape for quite a while. During the last year we had many chances to discuss different approaches and talk to many people involved in security intelligence, either on the provider, research or customer side. Our vision is now clear and here are some details which might have been covered here and here or which might be new: Our understanding of security intelligence We know quite well that security intelligence isn’t defined very clearly. Methods and tools differ as wildly as expectations and goals do. We find almost as many approaches as we

Read More

2702, 2012

Security in the Trenches (or how to get dirty and stay clean)

Mika/ February 27, 2012/ Security, Stories

Sometimes you have to get dirty, sometimes it’s fun to get dirty. No it’s not what might come to mind, it’s about the dirty business of information security: you have to break things to see if they are secure enough and to learn about weak points. But what to break? Your own systems? Someone else’s systems? Best is to stay clean when selecting your target for the dirty business (we talked about offensive security recently). Most fun are “Capture the Flags” challenges, also known as war-games, which are frequently offered to the security community to test abilities and learn new stuff. I recently found a CtF challenge that looked quite fun and we started a 2-day session at the Metalab, the Hackerspace in Vienna with a group of 6 or 7 people with different

Read More