DeepSec 2023 Press Release: Digitalisation Requires More Than Just Technology – DeepSec Conference Combines Digitalisation With IT Security Trainings

Sanna/ September 20, 2023/ Conference, Press

Digitalisation is a great opportunity and has arrived in all areas of society. However, there is more to it than using digital data and computer systems. Processes and ways of working need to be adapted. In addition, information security must be considered throughout, from design to implementation. The DeepSec conference again has extensive training on this topic in its programme. Digitalisation generates opportunities and markets The basic idea of digitalised processes in companies and administration is simplification through the use of IT infrastructure. Data is more easily available. Documents can be searched and found more easily. This also means that more information is available in digital form. The opportunities and markets generated by this are not all legal. In 2022, data from one billion Chinese nationals was copied. In 2018, the Indian government reported

Read More

DeepSec 2023 Press Release: Language Models do no cognitive Work –

Sanna/ August 30, 2023/ Conference, Press

The term Artificial intelligence (AI) is in the media, but it consists only of language simulations. If one follows the logic of the products currently offered under the AI label, we could easily remedy the shortage of skilled workers in the information technology sector. Take random people and let them consume tutorials, code examples, training videos and other documents related to the field of application for a few months. After this learning phase, skilled workers would automatically be available. TThe DeepSec conference is asking why there is still a lack of qualified personnel in IT. Algorithmically, the problem already seems to have been solved. Large Language Models (LLMs) and AI The so-called generative AI, which is now on everyone’s lips, is mathematically assigned to the research field of artificial intelligence. GPT, LLaMa, LaMDA or

Read More

DeepSec 2023 Press Release: DeepSec 2023 publishes Programme – This year’s conference focuses on language models and infrastructure

Sanna/ August 30, 2023/ Conference, Press

  Everyone is discussing Artificial Intelligence language models that have vast amounts of learning data. Language models are supposed to revolutionise information technology overnight, but their first applications are actually digital attacks. TThe current state of deep fake detection, social engineering attacks, and security incident response benefits will be highlighted at the DeepSec security conference this year. Of course, there are many more presentations that are indispensable for digital defence. Language models do not think, they forge Attacks through phishing emails and social engineering bypass technical measures through communication. By imitating victims’ language, attackers try to get them to support the attack with their own actions. Artificial persuasion is the speciality of AI language models, as they are designed to simulate conversation. Alexander Hurbean discusses which tools are available for these attacks and how

Read More

#DeepSec Press Release: IT Security Has A Deficit In Defence

Sanna/ April 24, 2023/ Press, Security

[DeepSec traditionally leans more on the defence side of things. So we published this article.] Many people are now aware of the importance of information security, but how to operate secure systems is often not obvious. The reason lies in the deficit of real defence measures. This may sound paradoxical, but many products on the market deal with the activities after a successful attack. The prevention of attacks is mostly ignored. This year’s DeepSec conference therefore wants to provide some tuition in digital defence measures. Fire extinguishers instead of fire protection A simple scenario will serve as an illustration. Imagine that a company accumulates flammable material in its offices for historical reasons. Grown procedures lead to the fact that more and more hazardous materials are distributed throughout the premises. There is plenty of space.

Read More

Press Release: A 40-year Step Backwards for Secure Communication

Sanna/ March 2, 2023/ Press

The UK government’s Online Safety Bill wants to set back the state-of-the art for secure communication 40 years backwards. The proposal includes compulsory backdoors for communication platforms and will lead modern encryption technologies into complete futility. If implemented, the secure messenger Signal will withdraw from the British market. The law is a serious threat to businesses and represents an unprotected gateway for espionage. “Crypto Wars” – the fight against security Secure communication has been under constant legal attack since it became widespread. The secure exchange of messages is perceived as a threat because, technically, no monitoring of correspondence can be implemented. The encryption software Pretty Good Privacy (PGP) was created in 1991 by Phil Zimmermann. After the code was published on the internet and spread internationally in the following years, Zimmermann became the target

Read More

Press Release: IT World in AI Mania

Sanna/ February 16, 2023/ Development, Legal, Press, Security

Artificial intelligence (AI) is on everyone’s lips, but its results fall short of all expectations. Wouldn’t it be nice if computers could effortlessly give meaningful results to all kinds of questions from all kinds of unstructured data collections? Periodically, algorithms that do incredible things are celebrated in information technology. At the moment, it is the turn of artificial intelligence algorithms. Search engines are retrofitting AI. But the supposed product is far from real cognitive performance. Many open questions remain. History of Algorithms The first experts to work with algorithms to emulate human thought processes came from the fields of mathematics and philosophy. They wanted to formalise analytical thinking from the subfield of logic and describe it in models. In the 1950s, the algorithms were implemented on the computers that were emerging at the time.

Read More

DeepSec Press Release: Analysis IT Security – DeepSec conference offers rich education for digital defence

Sanna/ November 2, 2022/ Conference, Press

Defending one’s digital infrastructure has never been more important. The fundamental problem of many defensive structures is the lack of an overview. Penetration tests help little if you don’t know exactly how your systems are connected to the rest of the world. This year’s DeepSec security conference offers rich support and content to sustainably increase one’s own security. On board is our supporter, the company NVISO, focusing specially on companies and organisations in critical areas. Security landscape requires collaboration Modern information technology is based on complex and extensive architectures. How do you determine the state of your own security? Many companies are not familiar with the different approaches of testing methods. The term “penetration test” has already entered the minds of many, but what findings and facts are obtained during such tests is often

Read More

Press Release: Attacks On IT Through Desktop And Mobile Devices

Sanna/ September 7, 2022/ Press

DeepSec conference focuses on everyday devices as a risk for corporate IT. Attacks on the digital infrastructure of companies, authorities and organizations are often staged as a cinema spectacle in the reporting. Unfortunately the opposite is the case. A burglary in digital infrastructure happens without any broken glass or smashed doors. Attackers can only be successful if superficially everything continues as before. They don’t come through the windows or the underground car park, but via everyday applications on the desktop or smartphone. This year’s DeepSec security conference is therefore trying to sharpen the view on everyday life in the office and at the workplace. Two-day training sessions are offered focusing on workplace hazards, as well as two days of lectures to bring you up to speed. War for the desktop and personal devices Few

Read More

Press Release: Spy Tools must not become Standard Software

Sanna/ August 3, 2022/ Press

DeepSec security conference warns of the growing market for spy tools. Information technology has gained a new acronym: Private-Sector Offensive Actor (PSOA). PSOA means something like a private-sector offensive opponent. The specific case of a PSOA has also reached Austria because of research by Microsoft®. An Austrian company is accused of being involved in digital attacks on Microsoft® customers in Europe and Central America. The case illustrates that spyware continues to be developed and used as a dangerous threat to information security. The DeepSec security conference taking place in November repeatedly warns against such technology and will deal specifically with the details of industrial espionage. Threatening security as a business model Bypassing security measures is a lucrative business model. Companies are active in this field all over the world. Some buy knowledge of security

Read More

Press Release: Ransomware Attacks Are No Force Majeure

Sanna/ July 7, 2022/ Press

DeepSec security conference reminds you of basic IT protection and secure system architecture. Malware attacks that encrypt data of victims seem to have increased recently. In fact, these ransomware attacks are only part of an evolution among the attackers. Attack software moves with the times. An important reason for the accumulation is the standstill in defense. This year’s DeepSec security conference offers exchange with experts and high-quality further training for protecting your own IT. Basic Misunderstandings Comparing the reports of incidents involving ransomware attacks, one might conclude that these are inevitable natural events. Of course, that’s not the case. If one sticks to the biological analogy of the virus, a favorable combination of prerequisites for the infestation of ransomware results. In the beginning, there is always a deception in the form of a fake

Read More

DeepSec 2021 Press Release: Organized Espionage on Digital Devices. DeepSec Conference Warns: Searching for “Forbidden” Data on Clients Compromises Information Security.

Sanna/ October 25, 2021/ DeepIntel, Press

A basic principle of information security is access control. We are all used to the fact that data is only available to people and systems with the right authorizations. The discussion about the search for prohibited image files on Apple systems sparked the discussion about the so-called Client-Side Scanning (CSS) technology. Searching for specific content past access restrictions has always been an appealing shortcut. It is now clear that CSS leads to serious problems that endanger the basis of information security and do not bring the hoped-for benefits. Instead, there are additional security loopholes. Search of end devices Lately, the EU Commission and law enforcement authorities have repeatedly addressed the issue of circumventing secure encryption. In mathematical terms, we cannot carry strong encryption out without stored duplicate keys or deliberately weakening the technologies used.

Read More

DeepSec2021 Press Release: Company Desktops as a Gateway for Digital Attacks

Sanna/ October 1, 2021/ Conference, Press

Home office relocates the digital company door across countries and cities into the living space. Teleworking has been around for over 50 years. The virtual way of working has gained a lot in importance since last year. The pandemic has increased the distance and technology for the home workplace has made a real breakthrough. Unfortunately, the same cannot be said for information security. Many installations lack basic security, especially when using personal devices without company in-house configuration. The DeepSec conference and Certitude Consulting warn against the use of systems without adequate protection. Bring your own demise with private hardware The COVID-19 pandemic has created great pressure to give employees access to their work environment from home. The implementation requires careful planning and the use of secure end devices and protocols in network transmission. Popular

Read More

DeepSec 2021 Press Release: DeepSec and DeepINTEL Publish Conference Program

Sanna/ September 23, 2021/ Conference, DeepIntel, Press

IT security has a lot of catching up to do, digitization is on an insecure foundation. The COVID-19 pandemic will celebrate its second birthday next year. Our everyday life has become more dependent on digital tools and platforms. If you want to rely on the convenience of the digital world, data and communication must not be threatened by weak points. Unfortunately, this is not the case, which is why the annual DeepSec IT security conference will again address threats for companies and authorities this year. Expectations Digitization is largely viewed uncritically as a metaphorical bringer of salvation. It should make work easier, make information more accessible, reduce administration and, in principle, solve or at least reduce problems in every area. The term Artificial Intelligence is often used when promoting the future. In the key

Read More

DeepSec 2021 Press Release: Surveillance as Organized Crime – DeepSec Conference Criticizes Pegasus Spy Software as a legal Vacuum

Sanna/ July 30, 2021/ Conference, DeepIntel, Press

The information published by the Pegasus Project consortium on the systematic abuse of this monitoring software for smartphones clearly shows that rampant surveillance can hardly be distinguished from organized crime. Security experts are increasingly warning against the hoarding of unknown security vulnerabilities by companies that develop espionage products. Information security for society, authorities and the economy are incompatible with the existence of such tools. In addition, they represent a threat to the national security of every country. We can only maintain a real locational advantage for Europe through consistent IT security. Battle for Communication Content Since the first discussions about the availability of strong encryption for private individuals and companies, the security of digital communication has been hotly contested. In the 1990s, the US government wanted to enshrine access to messages and calls from

Read More

Communiqué de Presse: Les Environnements de Bureau Modernes : Une Faille dans la Sécurité – La Conférence DeepSec propose des Formations et des Tests pour des Applications Sécurisées

Sanna/ June 21, 2021/ Conference, Press

Qu’est-ce qu’une application bureautique moderne a en commun avec un oléoduc en panne ? L’environnement de bureau qui a conduit à la catastrophe. Les interfaces utilisateur graphiques pour l’exploitation des ordinateurs remontent à des recherches menées dans les années 1960 et 1970. À l’époque, on réfléchissait à la manière dont les ordinateurs pourraient aider au mieux les gens. À partir des années 1990, le bureau est devenu un champ de bataille pour la domination du marché. Cela n’a pas changé, mais on retrouve désormais également des aspects liés à la sécurité. Après tout, l’environnement de bureau est souvent la première étape que les pirates informatiques franchissent pour accéder aux trésors numériques d’une entreprise. La conférence annuelle DeepSec propose aux professionnels de la sécurité et aux développeurs un cours intensif de deux jours consacré à la

Read More