Communiqué de Presse: Attaques « low-tech »: Infrastructures Critiques mal Sécurisées – Les Attaques contre Colonial Pipeline reposaient sur des outils d’accès standard

Sanna/ June 7, 2021/ Conference, Press/ 0 comments

En mai, l’entreprise américaine Colonial Pipeline a été victime d’une attaque par ransomware. Après de tels événements, il y a toujours une demande en sécurité accrue et en nouvelles mesures. Pourtant, l’analyse de ces attaques révèle souvent des lacunes dans la sécurité de base. Il n’est souvent pas nécessaire d’utiliser des outils compliqués et sophistiqués pour cibler des infrastructures critiques. Les attaquants aiment utiliser des outils standards, disponibles partout, pour éviter d’être détectés. Ceci est rendu possible par une sécurité de base insuffisante. Un camouflage adapté Pour défendre ses propres systèmes et réseaux, il est nécessaire de connaître en profondeur les particularités de son infrastructure. Les groupes organisés qui ciblent les entreprises recherchent exactement ce qu’utilise la cible avant d’attaquer. Suite à cette phase de planification, ils utilisent seulement des outils que la victime

Read More

First DeepSec 2021 Trainings published

René Pfeiffer/ May 12, 2021/ Conference, Training/ 0 comments

We dug through the submissions and selected trainings for the preliminary schedule. It’s just the trainings, and the intention is to give you some information for planning the rest of the year. We intend the trainings to be on site at the conference hotel. We will also explore ways to offer a virtual training or to attend the course virtually. The topics range from attacking modern desktop applications, in-depth network security (mobile networks and traffic analysis), penetration testing industrial control systems over to how to break and secure single-sign on systems. The entire collection of content aims to educate your IT department and your development team regarding the current state of affairs in companies with employees connected in home office. All technologies and tools are vital parts of the workplace. We included attacking industrial

Read More

ROOTS 2021 – Call for Papers

René Pfeiffer/ May 10, 2021/ Conference/ 0 comments

The Reversing and Offensive-oriented Trends Symposium, an academic workshop, is again co-located with the DeepSec conference in its fifth year. ROOTS solicits contributions that focus on theorems and root shells: In security, two things you absolutely cannot argue with. Security is hard to define. Most often, security is defined by its absence. For scientists, this is particularly unsatisfactory. A lack of definition increases the difficulty to find suitable quantitive and qualitative models. Even though the overall landscape is blurry at best; exploitation, reverse engineering, and offensive techniques have their place. ROOTS aims to explore this territory. The first European symposium of its kind, ROOTS aims to provide an industry-friendly academic platform to discuss trends in exploitation, reversing, offensive techniques, and effective protections. Submissions should provide novel attack forms, describe novel reversing techniques, or effective

Read More

DeepSec, ROOTS and DeepINTEL Update – Call for Papers open

René Pfeiffer/ April 19, 2021/ Administrivia, Call for Papers, Conference, DeepIntel/ 0 comments

Planning events is still challenging. The COVID-19 pandemic celebrated its first birthday. Despite efforts not to have the second birthday of the pandemic, the ever changing regulations and statues updates regarding the infections make preparations for conferences very hard. We know you want to plan as well, therefore we have an update for you. DeepSec, ROOTS, and DeepINTEL will happen on-site here in Vienna. We closely coordinate with our conference hotel. Their staff is eager to reopen. Everything depends on the rate of vaccination and the regulations issued by the European and Austrian authorities. There is not much we can influence. Given our health protection measure we worked out last year, we are well prepared to handle everything short of a total lockdown. We don’t do any forecasts at the moment. The next months

Read More

Software Architecture, Code, and Information Security

René Pfeiffer/ April 8, 2021/ Conference/ 0 comments

Information security is tightly linked with the code running on platforms and decisions made during the software architecture planning phase. One can trace a lot of results in penetration tests to workarounds caused by inadequate tools, bad design choices, trends in software development, legacy applications, and too optimistic testing strategies. Let’s visit some of the accident sites by example. Implementing the basic principles of information security can be hard. The dreaded undefined behaviour or the lack of graceful failures in error conditions happens frequently. A recent presentation about autonomous systems illustrates what we expected from your code – it must be completely self-reliant. Doing n restarts and halting is not the best way of dealing with unexpected situations. Rejecting dangerous states and input is always an option, but sysadmins frequently need to bash applications

Read More

DeepSec 2021 – Call for Papers is open

René Pfeiffer/ March 1, 2021/ Call for Papers, Conference/ 0 comments

DeepSec 2021 is looking for your ideas, solutions, incident reports, insights, and expertise. The call for papers is open. You can submit your contribution via our call for papers manager online. If you have questions or want to submit additional material, please use the online form and send an email to us. DeepSec has always presented a mix of attack and defence presentations. The motto for 2021 connects both approaches. Studying how adversaries work, what tools they employ, how they plan their attack, and what they do once they get access is vital to your defence. IT infrastructure has grown over the years. Defence has a lot to take care of. If you have any ideas how to help the defenders, please let us know. Topics covering attacks should always contain some advice on

Read More

Translated Article: EU Directive for “High-Class Cybersecurity” with Duplicate Keys

Sanna/ December 29, 2020/ Conference, Security, Stories/ 1 comments

EU-Richtlinie für „hochklassige Cybersicherheit“ mit Nachschlüsseln by Erich Moechel for fm4.ORF.at. The key message of the Council of Ministers’ resolution against secure encryption has already arrived in a first draft directive. For this reason here’s a historical outline of the new Crypto Wars since 2014. The resolution of the EU Council of Ministers against secure encryption, which resulted in so much criticism, has already appeared in a first draft directive. A corresponding passage can be found in the new draft directive on “Measures for high-quality cybersecurity in the Union”. The date of December 16 of the document shows that it was already drawn up before the Council resolution was passed (on December 19). Here, too, it is claimed that secure end-to-end encryption remains intact if duplicate keys are generated for third parties. Meanwhile the EU

Read More

DeepSec 2020 Mission Control – Behind the Scenes

René Pfeiffer/ November 20, 2020/ Administrivia, Conference

The fully virtual DeepSec conference was very different from the usual configuration and setting. While we learned a lot over the years, there is one constant: What’s the difference between hardware and software? Well, hardware can be kicked. There is always one converter, one computer, one network devices, one USB device, or something else that doesn’t quite fit into the ensemble. Then there are the many desktop oddities and multimedia formats. So we had to do some damage control during the first day of streaming (having damage control teams and replacement parts ready is not just for ships). Networking did its own magic by introducing delays between the speaker’s feed and the live stream. Fortunately the stream connections held, and we had no losses in terms of connectivity. Mission control at the office used

Read More

Thanks for attending and contributing to DeepSec 2020!

René Pfeiffer/ November 20, 2020/ Conference

The past four days were quite busy for the DeepSec Organisation Team. We had to prepare the realspace implementation of our mission control in our office. We had to fight some gremlins in hardware and software, but we managed to create the stream feeds. We hope you enjoyed the presentations! The streams were recorded, and we will start with the post-processing. Due to the dual-track – and the ROOTS event – one always has to decide which presentation to watch. In our long-time tradition attendees and speakers will get to watch the videos first (for quality assurance), and then we will release the whole DeepSec 2020 collection. We recommend your favourite lounge, drink, and company for watching the recordings later. A very big thanks go to everyone contributing content, being part of the events,

Read More

Administrivia: New Stream Link for DeepSec 2020 Right Pirouette!

René Pfeiffer/ November 19, 2020/ Conference

The stream link for the DeepSec 2020 Right Pirouette track has changed. Somehow the cloud ate our old link (end event). No recordings were lost, just the link to the streaming platform. We apologies for this change, but there is not much we can investigate. The password is the same. For a complete list: DeepSec 2020 Right Pirouette track – https://vimeo.com/481384818 DeepSec 2020 Left Pirouette track – https://vimeo.com/event/475468 The closing presentation will be after the last presentation in the Right Pirouette (as always when on-site at the conference hotel).

DeepSec 2020 Talk: Old Pareto had a Chart: How to achieve 80% of Threat Modelling Benefits with 20% of the Efforts – Irene Michlin

Sanna/ November 18, 2020/ Conference

The earlier in the lifecycle you pay attention to security, the better are the outcomes. Threat modelling is one of the best techniques for improving the security of your software. It is a structured method for identifying weaknesses on design level. However, it is often perceived by the organisations as too expensive to introduce, or too slow to fit modern lifecycles, be it Agile, Lean, or DevOps. This talk will show how to fit threat modelling in fast-paced software development, without requiring every developer to become an expert. The outcomes should be immediately applicable, hopefully empowering you to try it at work the day after the conference. We asked Irene a few more questions about his talk. Please tell us the top 5 facts about your talk. Based on my experience introducing threat modeling

Read More

DeepSec Schedule updated, Time-Shift introduced, Theory of General Relativity still valid

René Pfeiffer/ November 18, 2020/ Conference

We have verified the DeepSec schedule and did some changes. The layout looks a bit shifted. The reason is a time-shift between the two DeepSec main tracks Left Pirouette and Right Pirouette (named after the rooms in our long-time conference hotel). Since we have set up our mission control in our office and lack the space to have two session chairs use the stage and the camera feed simultaneously the two tracks need to be time-shifted. The presentations in the Left Pirouette start 20 minutes later than the presentations in the Right Pirouette. We tried hard to avoid this, but the current configuration requires adding this feature to the schedule. The two tracks overlap any way, so if you are interested in either talk, then you have to make up your mind with or

Read More

DeepSec Keynote: DevSecBioLawOps and the current State of Information Security

René Pfeiffer/ November 13, 2020/ Conference

Technology is evolving. This is especially true for computer science and the related information technology branch. When everything is outdated after a couple of months, the wind of change turns into a storm. It also affects the way we work, processes which enable us to get work done, and changes perspectives how we see the world, code, and its applications. Dev, DevOps, and DevSecOps is a good example how these changes look like at the top of the iceberg. Subjectively information security is always a few steps behind the bleeding edge. The word „bleeding“ is a good indication of why this is the case. However, security professionals cannot turn back time and ignore the way the world works. New technology will always get pushed into all areas of our lives until its creators realise

Read More

Press Release: Presenting new Ways in Information Security

Sanna/ November 11, 2020/ Conference

Like every year, DeepSec and DeepINTEL get to the bottom of the current state of information security. So far, 2020 has shown that surprises and critical events are always to be expected. Information security still knows no break. On the contrary: weak points in software, hardware, legislature and infrastructure are a permanent threat to digital information. So that those affected still have better chances against constant attacks, the DeepSec and DeepINTEL conferences will take place this year completely digitally via the Internet. Security can only be achieved through joint efforts. Therefore, this November, as every year, there will be an exchange between experts, users, software developers, administrators and those responsible! Solving problems instead of postponing them Hardly any other area is constantly inventing new terms like information technology. Unfortunately, misunderstandings and obscuring their meaning

Read More

Press Release: IT Security Sabotage threatens the domestic Economy

Sanna/ November 10, 2020/ Conference, Discussion, Press

Effective end-to-end encryption is a critical component in everyday and business life. Over 300 years ago, cryptanalysis, i.e. the method for decrypting secret codes, had its heyday in Europe. In so-called black chambers or black cabinets (also known as cabinet noir) in post offices all letters from certain people were secretly opened, viewed, copied and closed again. The letters intercepted in this way were then delivered. The purpose was to find dangerous or harmful news for the regents of the time. The most active and efficient chamber in Europe was the Secret Cabinet Chancellery in Vienna. This early form of wiretapping was only ended in the 19th century. And this scenario of the imperial and royal courts is now facing all European companies and individuals. End-to-end encryption is to be provided with back doors

Read More