2110, 2015

DeepSec Talk: Got RATs? Enter Barn Cat (OSint)

Mika/ October 21, 2015/ Conference, Schedule

We are happy to have John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center) on stage to present his new Open Source Intelligence Project Barn Cat. OSINT Barn Cat: Mining Malware for Intelligence at Scale I like the name of the project: Barn cats are the best mousers and this new project is targeted to catch (not only) RATs. In reality we have a hard time to keep track and ensure up-to-date signatures, with half a million unique samples pouring into the analysis machinery of the AV-industry and signature producers every day. Barn cat has a new approach: Instead of learning every time from scratch how a new mouse looks like, Barn Cat monitors the criminal infrastructure to detect undesired activity in your network. It’s like a true barn cat couching in front of

2010, 2015

DeepSec Workshops: Digitale Verteidigung – Wissen ist Macht

René Pfeiffer/ October 20, 2015/ Conference, Internet, Training

Wann haben Sie Ihren letzten Geschäftsbrief geschrieben? Und wann haben Sie das letzte Mal Stift und Papier dazu benutzt? Es macht nichts wenn Sie sich nicht daran erinnern können: Digitale Kommunikation ist Teil unseres Alltagslebens, nicht nur in der Geschäftswelt. Wir haben uns so sehr daran gewöhnt ständig online zu kommunizieren, das offline sein sich schon fast unnatürlich anfühlt. Das heißt natürlich auch, dass wir ständig irgendwelchen Netzwerken ausgeliefert sind, vor allem dem Internet. Unsere Tür steht Tag und Nacht offen. Wir können sie nicht mehr schließen und laden somit offen auch ungebetene Gäste ein, die dieselben Netzwerke nutzen wie wir. Es ist Zeit ernsthaft darüber nachzudenken. Was für Bedrohungen gibt es da draußen? Und wie können wir uns vor Ihnen schützen? Cyber Kriminalität und Datenschutz Alles ist „Cyber“ heutzutage. Kriminalität genauso wie Sicherheitsbestrebungen.

1410, 2015

DeepSec 2015 Talk: Agile Security – The Good, The Bad, and mostly the Ugly – Daniel Liber

Sanna/ October 14, 2015/ Conference, Security

Particle collisions are a rich source for insights into the inner workings of Nature. Physicists know this. The Large Hadron Collider (LHC) built by the European Organization for Nuclear Research (CERN) demonstrates this to the extreme. You can to the same in information security if you lock developers and security experts into a room. Acceleration can be achieved by asking for the best way for implementing security. Analyse the high energetic trails of heated arguments to gain new insights. This recipe works best with certain models of software development. David Liber will show you the results of the collisions and tell you what you can learn about security with a specific software development methodology. Moving away from Waterfall and traditional development processes towards Agile methodologies has become more and more popular recently. Talking about sprints, looking

1310, 2015

Defence – Beating the Odds with Knowledge

René Pfeiffer/ October 13, 2015/ Conference, Discussion, Mission Statement, Training

When did you write your last business letter? You probably don’t recall, because you write one all of the time. When did you last use ink and paper to do this? If you can’t remember the answer to this question, don’t bother trying. Digital communication is part of our daily life, not only in the business world. We are very accustomed to communicate in the here and now, up to the point where being offline feels unnatural. In turn this means that we are constantly exposed to networks of all kinds, especially the Internet. Our door is open all around the clock. We can’t close it any more, thus openly inviting every kind of threat also using networks. It’s time to seriously think about this. What does it mean? What do we need to

0910, 2015

DeepSec 2015 Talk: DDoS – Barbarians at the Gate(way) – Dave Lewis

Sanna/ October 9, 2015/ Conference, Internet, Security

There really is strength in numbers. It’s true for Big Data, high performance computing, cryptography, social media, and flooding the Internet with packets. The latter has been the method of choice for activists, „cyber“ warriors and criminals alike. Network interdiction (as military minds may call it) or Distributed Denial of Service (DDoS) attacks can be hard to counter due to the many sources of the attacking devices. Full pipes are full, no matter what you do. While you can deploy reverse proxies or rely on content distribution networks, the attack still persists. Packets keep coming until the sources are shut down. Flooding someone’s network is not a sophisticated attack. It’s gets the job done, it may be complex by nature, but it is not a stealth exploit sitting in your local network without being

0810, 2015

DeepSec 2015 Talk: Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library – Bernhard Göschlberger & Sebastian Göttfert

Sanna/ October 8, 2015/ Conference, Development, Security

Upgrading existing infrastructure and migrating from one architecture to another is often the way to keep your information technology up-to-date. Changing major revisions of software is not for the faint of heart. Many sysadmins sacrificed a good portion of their life force just to jump to the next version. Sometimes you are simply stuck. Code is not always maintained. Products might be obsolete. Developers might have abandoned the project. However the application is still in place and keeps on working. When changes hit this kind of environment, you can’t decline the challenge. Meet the legacy systems that will ruin your day. Bernhard Göschlberger and Sebastian Göttfert have spent thoughts on this problem. They will tell you all about it in their presentation at DeepSec 2015. Well elaborated principles of software engineering foster interoperability between

0710, 2015

DeepSec 2015 Workshop: Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices – Alexander Bolshev & Boris Ryutin

Sanna/ October 7, 2015/ Conference, Training

The Internet of Things (IoT), more common known as the Internet of Stuff, is all around us. You don’t have to wait for it any more. Take a peek at the search results from Shodan and you will see that lots of devices are connected to the Internet. Since your refrigerator does not run high performance hardware, it is well worth to take a look at the hardware being used. For connected household devices and their controllers you need low power equipment. Think small, think embedded, not different. This is why we offer the Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices training to you at DeepSec 2015. Alexander Bolshev and Boris Ryutin will show you how to create exploits for the Internet of Things: Embedded systems are everywhere. And all of

0510, 2015

DeepSec 2015 Workshop: Crypto Attacks – Juraj Somorovsky & Tibor Jager

Sanna/ October 5, 2015/ Conference, Training

Fvcelsiuetwq lcv xlt hsyhv xd kexh yw pdp, tlkli? Well, yes and no. ITEzISqbI1ABITAhITAhLZzQFsQ6JnkhMTMhpNK5F5rF9dctkiExMyEv9Fh1ITMzIaX2VCJpEQc= , and that’s where it often goes wrong. Your cryptographic defence can be attacked just as any other barrier you can come up with. Attackers never sleep, you know. Crypto attacks are often facilitated by a simple psychological bias: Since cryptographic algorithms are so complicated (for me), no one can easily figure out how to break them. But this may be true for ASN.1 or Chinese (with apologies to all native speakers, it is meant as a metaphor). The fertile growth of CrypoParties all around the globe documents the interest in using cryptography as a means of protecting data, be it in transit or stored locally. Since you use encryption algorithms every day, regardless if you know about them or

0410, 2015

DeepSec 2015 Workshop: Practical Incident Handling – Felix Schallock

Sanna/ October 4, 2015/ Conference, Security, Training

Things go wrong or break, it’s just a matter of time. Ask your sysadmin about this. Apart from wear and tear, there are information security incidents that tend to ruin your perfect day at the office. What happens next? What do you do when noticing that your infrastructure has been compromised? Where do you start? Who needs to be told? Few employees know the answers to these questions. While you might have policies in place that regulate everything one needs to know, the practice looks wildly different. Apart from having a plan, you need to test if your plan works. At DeepSec 2015 Felix Schallock will show you what to do when digital lightning strikes. During two days of training you will take a tour on how to address and handle incidents properly. During

0310, 2015

DeepSec 2015 Talk: Continuous Intrusion – Why CI Tools Are an Attacker’s Best Friend – Nikhil Mittal

Sanna/ October 3, 2015/ Conference, Development, Security

In information security pessimism rules. Unfortunately. Extreme Programming might breed extreme problems, too. The short-lived app software cycle is a prime example. If your main goal is to hit the app store as soon and as often as possible, then critical bugs will show up faster than you can spell XCodeGhost. The development infrastructure has some nice features attackers will love and most probably exploit. In his presentation Nikhil Mittal will show you how Continuous Integration (CI) tools can be turned into a Continuous Intrusion. Continuous Integration (CI) tools are part of build and development processes of a large number of organizations. I have seen a lot of CI tools during my penetration testing engagements. I always noticed the lack of basic security controls on the management consoles of such tools. On a default installation, many CI tools

0210, 2015

DeepSec 2015 Talk: Visualizing Wi-Fi Packets the Hacker’s Way – Milan Gabor

Sanna/ October 2, 2015/ Conference, Internet

Silent service was the name many submarine services gave themselves. U-boats have the habit of hiding, usually in large bodies of water. How Not To Be Seen remains the prime directive of attackers throughout the age. For the submarines this changed with the introduction of ASDIC and SONAR. You know these technologies from the acoustic sounds of the ping. In the air one often uses radar instead. What do you use for the defence of your wireless networks? At DeepSec 2015 Milan Gabor will show you his idea of Wi-Fi radar, so your IT security admins can become air traffic controllers. Imagine you could see more than console windows from aircrack-ng tools provide. Imagine you could have quick dashboards and deep into more details in short amount of time. And this without writing a

3009, 2015

DeepSec 2015 Talk: Cryptography Tools, Identity Vectors for „Djihadists“ – Julie Gommes

René Pfeiffer/ September 30, 2015/ Conference, Security, Security Intelligence

Some speak of Crypto Wars 2.0. For others the Crypto Wars have never ended. FBI Directory James Comey does not get tired of demanding back doors to IT infrastructure and devices (there is no difference between back door and front door, mind you). Let’s take a step back and look at the threats. We did this in 2011 with a talk by Duncan Campbell titled How Terrorists Encrypt. The audience at DeepSec 2011 was informed that encryption does not play a major role in major terror plots. What about today? Have terrorists adopted new means of communication? Since the authorities demanding access to protected information do not have statistics readily available, we turned to researchers who might answer this question. Julie Gommes will present the results of studies analysing the communication culture of criminal

2909, 2015

DeepSec 2015 Workshop: PowerShell for Penetration Testers – Nikhil Mittal

Sanna/ September 29, 2015/ Conference, Security, Training

The platform you are working with (or against) determines the tools you can use. Of course, everyone loves to boot the operating system of choice and hack on familiar grounds. Occasionally you have no choice, and you have to use what’s available. This is especially true for penetration testing. You get to use what you find on the systems of your digital beachhead. And you are well advised to get familiar with the tools you most definitely will find on these systems. This is a reason to look at the PowerShell. It is available on the Microsoft® Windows platform, so it’s the way to go. In his workshop at DeepSec 2015 Nikhil Mittal will teach you all you need to know about the PowerShell. PowerShell is the ideal tool for penetration testing of a

2809, 2015

DeepSec 2015: The Early Bird Gets the Luxury Bed, Swimming Pool and a Royal Breakfast

Sanna/ September 28, 2015/ Administrivia, Conference, Veranstaltung

DeepSec 2015 is drawing nearer and tickets sell like hot cakes! Just an insider tip for all the smart birds out there: Get a DeepSec ticket for Early Birds and, while you’re at it book a room at our conference hotel straightaway – before they’re sold out! We have arranged a very competitive conference rate for you (including the breakfast, swimming pool & leisure aerea). Free Internet will be provided in the conference area. For comparison, direct booking rates are more expensive, and typically don’t include breakfast or free Wi-Fi. About the Hotel The Imperial Riding School Renaissance Vienna Hotel is located in a historical building, the former military horse riding school, which was built and used by Emperor Franz Josef I in 1850. Today this exquisite neo-classical hotel features 339 Deluxe Rooms, a Club Lounge, a conference centre, bar, library,

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: