2710, 2020

Administrivia: Welcome to the Vienna Marriott Hotel – DeepSec & DeepINTEL move to a new Location

René Pfeiffer/ October 27, 2020/ Conference

Interesting times call for extraordinary measures. Due to current restrictions DeepSec and DeepINTEL move to a new location. Both conferences will be at the Vienna Marriott Hotel right next to the inner city. The conference is easy to reach and a lot of historic places are in walking distance. Inside the hotel DeepSec and DeepINTEL will be conducted as a hybrid conference. We will have a mixture of on-site and virtual presentations. Information about participating (links and codes) will be sent to you after registration.

2710, 2020

DeepSec2020 Talk: Pivoting – As an Attack Weapon – Filipi Pires

Sanna/ October 27, 2020/ Conference

Demonstrating an exploit in a container environment (three dockers) across three different networks, I will demonstrate different pivot, vulnerability exploit, and privilege escalation techniques on all machines using Alpine linux, Gogs app, and other Linux platforms using Pentest methodologies such as recon, enumeration, exploitation, post exploitation. By the end of this presentation everyone will be able to see different ways that exist in working with a single form of pivot and how to overcome different obstacles in different networks within this “new” environment called Docker. We asked Filipi a few more questions about his talk. Please tell us the top 5 facts about your talk. During this presentation, we are looking at some important facts such as: Observability in different environment, vulnerability exploit, use of privilege escalation techniques, some misconfigurations or maybe no good

2610, 2020

DeepSec 2020 Talk: Journey Into Iranian Cyber Espionage – Chris Kubecka

Sanna/ October 26, 2020/ Conference

Welcome to the new Cold War in the Middle East. In 2012, Iran’s first Shamoon attacks almost crashed every world economy, nearly bringing the world to its knees. Since then, the game of spy vs. spy has intensified. Join Chris on a 2.5 year Iranian espionage campaign attempting to recruit her for the most innocent of jobs; teaching critical infrastructure hacking with a focus on nuclear facilities. A journey of old school espionage with a cyber twist. Bribery, sockpuppets, recruitment handlers, propaganda VVIP luxury trip mixed with a little IOT camera revenge. We asked Chris a few more questions about his talk. Please tell us the top 5 facts about your talk. Governments friendly, friendemy and enemy actively recruit for cyber offensive talent Finding the correct place to report active espionage and illegal bribery

2310, 2020

DeepSec 2020 Talk: The Great Hotel Hack: Adventures In Attacking The Hospitality Industry – Etizaz Mohsin

Sanna/ October 23, 2020/ Conference

Have you ever wondered if your presence might be exposed to an unknown entity even when you are promised full security and discretion at a hotel? Well, it would be scary to know that the hospitality industry is a prime target nowadays for cyber threats as hotels offer many opportunities for hackers and other cybercriminals to target them and therefore resulting in data breaches. Not just important credit card details are a prime reason, but also an overload of guest data, including emails, passport details, home addresses and more. Marriot International where 500 million guests’ private information was compromised is one of the best examples. Besides data compromise, surgical strikes have been conducted by threat actors against targeting guests at luxury hotels in Asia and the United States. The advanced persistent threat campaign called

2210, 2020

DeepSec2020 Talk: Faulting Hardware from Software – Daniel Gruss

Sanna/ October 22, 2020/ Conference

Fault attacks induce incorrect behavior into a system, enabling the compromise of the entire system and the disclosure of confidential data. Traditionally, fault attacks required hardware equipment and local access. In the past five years multiple fault attacks have been discovered that do not require local access, as they can be mounted from software. We will discuss the Rowhammer attack and how it can subvert a system. We then show that a new primitive, Plundervolt, can similarly lead to a system compromise and information disclosure. We asked Daniel a few more questions about his talk. Please tell us the top 5 facts about your talk. Software-based fault attacks, like Rowhammer, enables unprivileged attackers to manipulate hardware Hardware flaws can lead to privilege escalation and a full system compromise Plundervolt is another fault attack we

2110, 2020

DeepSec Press Release: DeepSec and DeepINTEL 2020 as a hybrid conference. IT security in unusual times – events enable virtual access.

Sanna/ October 21, 2020/ Conference, DeepIntel

There’s nothing like “business as usual” in information security. Vulnerabilities in software, malware, campaigns to attack companies and organizations as well as defending your own infrastructure know no break. In recent months, digital networking has been put to the test as the most important pillar of society and working life. It is often forgotten that not every chic app, every portal and digital trend is trustworthy. For security reasons the annual DeepSec and DeepINTEL conferences will run as a hybrid event. Virtual lectures and face-to-face presentations will be equally accessible to all participants and speakers. Digital protection has never been more important Digitization is quickly pronounced. Software is even faster labelled as secure. Unfortunately, the last few decades of security research have shown that weak points can only be reduced through consistent secure design

0910, 2020

DeepSec2020 talk: Ransomware: Trends, Analysis and Solutions – Josh Pyorre

Sanna/ October 9, 2020/ Conference

My talk on ransomware will be technical, but also tells the story of how it’s evolved, highlighting specific and interesting infections. I’ll walk through the history of ransomware, its relationship to cryptojacking, and the supporting software made up of malspam and exploit kits. We’ll also address the recent phase of ransomware data extortion. There will be demonstrations of current malware infections as well as unique methods and ideas for detection and hunting. We’ll end with multiple methods of prevention and mitigation, some using paid products, but with the focus primarily on opensource options. Since I work with approximately 15% of the internets DNS traffic in my job, I will be using some of that data to show statistics. Despite that, I’ve done my best to make sure this is not a talk about products from my company, and aim

0810, 2020

Administrivia: DeepSec and DeepINTEL Preparations, Anti-Virus Issues, Schedule, and digital Conference

René Pfeiffer/ October 8, 2020/ Conference

We have been stuck in administrative tasks for the past weeks. So to break the radio silence: Yes, DeepSec and DeepINTEL will happen. We currently prepare the hybrid configuration for the streams and the virtual platforms to bring speakers to the audience and vice versa. The conference hotel has confirmed that we can conduct the event at the usual location. Claiming that things look good is a bit of an exaggeration. Nevertheless we would like to go forward. Exchanging ideas and discussing current threats has never been more important than now. We hope to give you this opportunity, and we hope that you are able to participate. We have also created a couple of mailing lists for informal news, official press releases/articles, and future Calls for Papers to keep you informed. All lists are

0810, 2020

DeepSec 2020 Talk: Scaling A Bug Bounty Program – Catalin Curelaru

Sanna/ October 8, 2020/ Conference

Hacking, hackers and bug bounties are really getting constant headlines into the mainstream news. In the past few years we have seen an impressive growth in Bug Bounty Programs and at this point we really need to ask: Is a Bug Bounty Program a new layer to secure applications? Implementing a Bug Bounty Program can be challenging and requires some understanding of the nuances of how to make it successful or not. Actually, running a successful bug bounty program starts far before it is launched officially. What are the prerequisites and why can we consider a bug bounty program as a layer for your Application Security Program? How do you measure if you are successful or not and what are the KPIs? When are you ready to start such a program? Based on the

0310, 2020

DeepSec 2020 Talk: RedTeamOps – Mert Can Coskuner, Caglar Cakici

Sanna/ October 3, 2020/ Conference

Red team operations involve many skills, the operation requires a lot of monitoring, consolidating and caution. In order to perform red team operations faster and stealthier, without thinking about the infrastructure, every team has its’ own habits and standards. However, there is a problem with those habits and standards: There are tons of tools but no operation management, No aggregation between these tools, When OPSEC fails due to problems above or any other reason, it’s essential to possess the capability of maintaining robust infrastructure which can be recreated if discovered, and more importantly, without any issues upon deployment. In this talk, infrastructure challenges we face as a red teamer will be discussed. Along with challenges, a solution will be proposed based on DevOps practices such as: Design your infrastructure based on the standards and

2809, 2020

DeepSec 2020 Talk: Security of Home Automation Systems – A Status Quo Analysis For Austrian Households – Edith Huber, Albert Treytl

Sanna/ September 28, 2020/ Conference

Home Automation System (HAS) are a growing market, which is very diverse ranging  from consumer electronics like TVs, mobile phones and gaming consoles via WLAN connected sensors, power plugs or lightbulbs to building automation devices for HVAC systems or access solutions. Beside “classical” network technologies IoT technologies gain increasing spread and importance. This paper presents results of a representative survey analysing the security awareness and perception as well as susceptibility to cybercrime of HAS users in Austria. The aim of this survey is to investigate the spread of the device types, cybercrime attacks and security risks. These results are compared with technical vulnerabilities of such devices to identify relevant security risks and countermeasures. Additionally, a concept to protect sensor values directly in the analogue circuit is presented as an outlook to ongoing research. We asked Edith and Albert a few more questions about their talk. Please tell us the top facts about your talk. The most common HAS are Smart TV, voice assistants and surveillance cameras, but many other applications are on the rise. Respondents of the survey say

2509, 2020

DeepSec 2020 Talk: Efficient Post-quantum Digital Signature – Maksim Iavich (DeepSec Scholar 2020)

Sanna/ September 25, 2020/ Conference

Active work is being done to create and develop quantum computers. Traditional digital signature systems, which are used in practice, are vulnerable to quantum computers attacks. The security of these systems is based on the problem of factoring large numbers and calculating discrete logarithms. Scientists are working on the development of alternatives to RSA, which are protected from attacks by quantum computer. One of the alternatives are hash based digital signature schemes. Merkle digital signature scheme is the very promising alternative to the classical digital signature schemes. It must be emphasized, that the scheme has efficiency problems and can not be used in practice. Major improvements of the scheme lead to security vulnerabilities. I will show that Merkle uses hash functions many times. I will offer the improved implementation of the hash function. I

2209, 2020

Administrivia: DeepSec 2020 will turn into a hybrid conference

René Pfeiffer/ September 22, 2020/ Administrivia, Conference

The current travel warnings and COVID-19 statistics have an impact on the DeepSec 2020 conference. As we expected, travel is the major obstacle. This means that DeepSec 2020, ROOTS, and DeepINTEL will turn into a hybrid event. We will still be on-site at the conference hotel. Presentations will be on-site and available by our conference streaming platform in parallel. Speakers that cannot be in Vienna will stream their presentations. Everything will be live, and everyone attending physically and virtually can participate. Furthermore, we constantly update our COVID-19 health protection in order to keep you and everyone here in Vienna at the conference safe. Two trainings are already virtually (right from the start). We are exploring which trainings can switch to a virtual mode and will update the schedule accordingly. In case you are interested

1609, 2020

Administrivia: DeepSec 2020, Virtual Content, Travel Warnings, Trainings

René Pfeiffer/ September 16, 2020/ Conference

Reading the news can be very frustrating these days. Not that it was ever fun. We are monitoring the current COVID-19 situation in Europe and abroad. Given the questionable start of the Corona Traffic Light system in Austria, we want to offer you some facts. The training Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation and Mobile Security Testing Guide Hands-On will be virtual. This has been our and the trainer’s decision from the start due to travel regulations. Depending on the travel situation other trainings may switch to a virtual training as well. It depends on the content, and the trainers need to agree. Some of the DeepSec 2020 presentations will be virtual. Again this is due to travel regulations. Most of the presentation will still be on-site

1609, 2020

DeepSec2020 Talk: The Art Of The Breach – Robert Sell

Sanna/ September 16, 2020/ Conference

The Art of the Breach is designed to be a journey for anyone interested in physical security. Robert takes the audience on a trip from the public sidewalk outside a target organization all the way through to the executive filing cabinet in the President’s office. While many physical security talks focus strictly on the information security aspect of breaching, Robert will combine this with techniques used by first responders to enter a building. While social engineering and lock picking will be discussed, Robert will also outline the third option of forced entry. During this adventure, Robert discusses everything from successful reconnaissance to ensuring an easy exit afterwards. Robert spends time at each step to go over the various options for moving forward. Some of these options are easy and straightforward while others require preparations

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: