Conference

Need something to read? – First Batch of DeepSec 2018 Presentation Slides online

Posted by on December 11, 2018 at 11:29 am

Do you fear reading the news? Fancy some facts? Well, we have something different for you to read. We have collected presentation slides from DeepSec 2018 and put the first batch online. You can find them in this rather nostalgic directory listing. We have renamed the files with their title and the name of the […]

Thank you all for attending and speaking at DeepSec 2018!

Posted by on December 3, 2018 at 11:54 pm

DeepSec 2018 is over. Thank you for attending and presenting at our conference! Without your interest and your configuration there would be no talks, no workshops, and no one else present.We had a great time, and we hope you enjoyed everything. We are now dealing with the administrative backlog, the metric ton of receipts, the […]

Opening & Keynote – DeepSec 2018 has started

Posted by on November 29, 2018 at 9:00 am

So, now is the opening and the keynote presentation by the magnificent Peter Zinn. This means that DeepSec 2018 has officially started. Since we do not live stream the talks, we will be away from the blog and mostly from Twitter until the end of the conference. Communication in meatspace has full priority. In case […]

Discussing Threat Intelligence in the City of Spies – DeepINTEL 2018 has started

Posted by on November 28, 2018 at 9:25 am

What’s the best place to discuss security and threat intelligence? Well, according to Austrian investigative journalist Emil Bobi there are over 7,000 spies living and working in Vienna. To quote the article: „Austria has been an international spy hub since the late 19th Century, when people from all parts of the Austro-Hungarian empire flocked to […]

ROOTS 2018 Talk: Kernel-Assisted Debugging of Linux Applications – Tobias Holl, Philipp Klocke, Fabian Franzen

Posted by on November 22, 2018 at 9:10 am

On Linux, most—if not all—debuggers use the ptrace debugging API to control their target processes. However, ptrace proves unsatisfactory for many malware analysis and reverse engineering tasks: So-called split-personality malware often adapts its behavior in the presence of a debugger, yet ptrace makes no attempt to hide from a target process. Furthermore, ptrace enforces a […]

DeepSec 2018 Talk: Attacks on Mobile Operators – Aleksandr Kolchanov

Posted by on November 21, 2018 at 1:13 pm

I’d like to talk about telecom security. My research contains information about security of mobile operators: classic and new (or very rare) attack vectors and vulnerabilities. This presentation will consist of three main parts: First, I will share information on the security of mobile operators in general. I’ll tell you a little bit about why […]

Special Offer for “Mastering Web Attacks with Full-Stack Exploitation” Training – get 3 for the Price of 1

Posted by on November 19, 2018 at 11:02 am

The DeepSec training Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation by Dawid Czagan has some seats left. Dawid has agreed to give away free access to two of his online courses for everyone booking tickets until Wednesday, 21 November 2018 (2359 CET). This gives you a perfect preparation for penetration testing, software development, […]

DeepSec 2018 Talk: RFID Chip Inside the Body: Reflecting the Current State of Usage, Triggers, and Ethical Issues – Ulrike Hugl

Posted by on November 14, 2018 at 9:05 am

Chipping humans can be seen as one of the most invasive biometric identification technologies. RFID (Radio Frequency Identification) as the key technology in the field of the Internet of Things produces many applications. For example, human implants are used by scientists in the fields of cyborgism, robotics, biomedical engineering and artificial intelligence, by hobbyists for […]

ROOTS 2018 Talk: The Swift Language from a Reverse Engineering Perspective – Malte Kraus & Vincent Haupert

Posted by on November 13, 2018 at 11:02 am

Over the last decade, mobile devices have taken over the consumer market for computer hardware. Almost all these mobile devices run either Android or iOS as their operating systems. In 2014, Apple introduced the Swift programming language as an alternative to Objective C for writing iOS and macOS applications. The rising adoption of this new […]

Last Call for your Web Application Security Training – Break all teh Web and enjoy it!

Posted by on November 9, 2018 at 5:22 pm

The Internet is full of web applications. Sysadmins used to joke that HTTP is short for Hypertext Tunnelling Protocol, because anything but web content is transported via HTTP these days. It’s the best way to break out of restricted environment, too. So the chances are good that you will need the skills for dealing with […]

ROOTS 2018: How Android’s UI Security is Undermined by Accessibility – Anatoli Kalysch

Posted by on November 9, 2018 at 3:15 pm

Android’s accessibility API was designed to assist users with disabilities, or temporarily preoccupied users unable to interact with a device, e.g., while driving a car. Nowadays, many Android apps rely on the accessibility API for other purposes, including apps like password managers but also malware. From a security perspective, the accessibility API is precarious as […]

DeepINTEL 2018 Talk: Risk Management in Complex Scenarios – Oscar Serrano

Posted by on November 8, 2018 at 1:06 pm

ICT risk management is a well-stabilized practice and as such is supported by international security standards and guidelines. But, despite advances in the legal and policy areas and the maturation of standardized frameworks for efficient risk management, it has still not become a controlled, systematic process in the cyber security domain of most organizations. One […]

DeepSec 2018 Training: Advanced Infrastructure Hacking – Anant Shrivastava

Posted by on November 5, 2018 at 1:35 pm

Whether you are penetration testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical. This course covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems and networking devices. We asked Anant a few more questions about his […]

DeepINTEL 2018 Security Intelligence Event – Preliminary Schedule is available

Posted by on November 3, 2018 at 10:03 pm

It took us longer than anticipated, but the schedule for DeepINTEL 2018 is final and available. The topics covered are ICT risk assessment in interconnected and complex environments, drone threats (to critical infrastructure), drone countermeasures, assessment of digital black markets (you can call them darkweb/crypto markets if you must), live threats to the information industry […]

DeepSec 2018 Talk: Suricata and XDP, Performance with an S like Security – Eric Leblond

Posted by on November 2, 2018 at 9:30 am

extended Berkeley Packet Filter (eBPF) and eXtreme Data Path (XDP) technologies are gaining in popularity in the tracing and performance community in Linux for eBPF and among the networking people for XDP. After an introduction to these technologies, this talk proposes to have a look at the usage of the eBPF and XDP technology in […]