0909, 2019

DeepSec 2019 Talk: Once upon a Time in the West – A Story on DNS Attacks – Valentina Palacín, Ruth Esmeralda Barbacil

Sanna/ September 9, 2019/ Conference

The Internet is the new frontier for some. So just like in Old West movies, we are going through a land riddled with well-known gunmen: OceanLotus, DNSpionage and OilRig, who roam at ease, while the security cowboys sleep. This presentation will uncover the toolset and techniques used by these gunmen, taking a closer look at their big guns and their behavioral patterns. We will explore the attacks involving DNS that took place during the last decade to examine the latest discovered techniques in order to improve detections to dodge the bullets they are firing in our direction. We asked Valentina and Ruth a few more questions about their talk at the DeepSec conference. Please note that Valentine and Ruth will also speak the the DeepINTEL conference where you will get more in-depth information not

Read More

0509, 2019

DeepSec Press Release: Internet of Facts and Fear in the Name of IT Security – Bits, Bytes, Security and Geopolitics

Sanna/ September 5, 2019/ Conference, DeepIntel, Press, Schedule, Security, Security Intelligence

(Original press release was published on 29 August 2019 via pressetext.com) Nobody is an island. This statement is attributed to the English writer John Donne. The sentence became known in the 17th century. In the meantime, this has changed as a result of digitization. The modern version of the statement should read: There are no more islands. Increasing networking is reaching more and more areas of everyday life and society. So this year’s DeepSec In-Depth Security Conference wants to look soberly at the Internet of facts and fear from an information security perspective. Systems are currently less isolated and much more complex than the theory of information security technically allows. The DeepSec conference therefore dedicates its two days of conference and two days of training to current technologies and their vulnerabilities. At the same

Read More

0409, 2019

DeepSec 2019 Talk: Well, That Escalated Quickly! – A Penetration Tester’s Approach to Windows Privilege Escalation – Khalil Bijjou

Sanna/ September 4, 2019/ Conference, Security

Since the early stages of operating systems, users and privileges were separated. Implemented security mechanisms prevent unauthorized access and usage of data and functions. These security mechanisms have been circumvented a number of times, which has led to steady improvements. Nevertheless, attackers find new vulnerabilities and security holes. Security experts often encounter Mirosoft® Windows endpoints or systems and gain low privileged access. To fully compromise the system, privileges have to be escalated. Windows contains a great number of security concepts and mechanisms. These render privilege escalation attacks difficult. Penetration testers should have a sound knowledge base about Windows components and security mechanisms in order to understand privilege escalation concepts profoundly and to apply them properly. Khalil’s presentation at DeepSec 2019 imparts knowledge on Windows required to understand privilege escalation attacks. It describes the most

Read More

0209, 2019

DeepSec2019 Talk: SD-WAN Secure Communications Design and Vulnerabilities – Denis Kolegov

Sanna/ September 2, 2019/ Conference, Security

Hardening communication protocols against network attacks is hard. And yet a lot of products are available on the market that allow you to transport data and messages. Since virtualisation entered the world of technology all things software-definded (SD) have become popular. Denis Kolegov will explain at DeepSec 2019 what the state of affairs in terms of information security is. The SD-WAN New Hope project targets the security of SD-WAN (software defined wide area network) products. It was started in December 2017, when a customer decided to buy a very secure and well-known SD-WAN product from one of the Top 5 vendors and wanted us to perform threat modelling and a vulnerability assessment. We were doing that for 6 months and found out that the product was awful from a security perspective. It had multiple

Read More

3008, 2019

DeepSec2019 Talk: IPFS As a Distributed Alternative to Logs Collection – Fabio Nigi

Sanna/ August 30, 2019/ Conference

Logging stuff is easy. You take a piece of information created by the infrastructure, systems, or applications and stash it away. The problems start once you want to use the stored log data for analysis, reference, correlation, or any other more sophisticated approach. At DeepSec 2019 Fabio Nigi will share his experience in dealing with log data. We asked him to explain what you can expect from his presentation. We want access to as much logs as possible. Historically the approach is to replicate logs to a central location. The cost of storage is the bottleneck on security information and event management (SIEM) solution, hard to be maintained at scale, leading to reduce the amount of information at disposal. The state-of-the-art solutions today focus on to analyze the log on the endpoint. This can

Read More

2908, 2019

DeepSec2019 Talk: Android Malware Adventures – Analyzing Samples and Breaking into C&C – Kürşat Oğuzhan Akıncı & Mert Can Coşkuner

Sanna/ August 29, 2019/ Conference, Security

Android malware is evolving every day and is everywhere, even in Google Play Store. Malware developers have found ways to bypass Google’s Bouncer as well as antivirus solutions, and many alternative techniques to operate like Windows malware does. Using benign looking applications working as a dropper is just one of them. This talk is about android malware on Google Play Store targeting Turkey such as Red Alert, Exobot, Anubis, etc. The presentation held at DeepSec 2019 will cover the following issues: Techniques to analyze samples: Unencrypted samples are often used to retrieve personal information to sell and do not have obfuscation. Encrypted samples however are used for sophisticated tasks like stealing banking information. They decrypt themselves by getting the key from a twitter account owned by the malware developer and operate by communicating with

Read More

2808, 2019

DeepSec2019 Talk: Mastering AWS Pentesting and Methodology – Ankit Giri

Sanna/ August 28, 2019/ Conference, Legal, Security

The Cloud (whatever it really is) is the future (of whomever taking advantage of it). This is how information security experts see the outsourcing technologies based on virtualisation and application containment. Ankit Giri explains at DeepSec 2019 what defenders need to be aware of and how you can test your security controls before your adversaries do this. (Pen)Testing the Cloud The intent here is to highlight the fact that pentesting cloud environment comes with legal considerations. AWS (Amazon Web Services) has established a policy that requires a customer to raise a permission request to be able to conduct penetration tests and vulnerability scans to or originating from the AWS environment. We can focus on user-owned entities, identity and access management, user permissions configuration and use of the AWS API integrated into the AWS ecosystem.

Read More

2708, 2019

Deadline for ROOTS 2019 Call for Papers extended

René Pfeiffer/ August 27, 2019/ Conference

Good news for all academics haunted by perpetual deadlines: We have extended the Call for Papers of ROOTS 2019! We will accept late submissions for  the ROOTS review. However you have to submit your proposal until 23 September 2019! We need time to review, so don’t be late. If you are working on a research project and want to share your efforts so far with us, please consider submitting a project presentation via email. Last year we started to assign free presentation slots for project status presentations and feedback session. Research is a team effort, so getting in touch with colleagues can be very beneficial for your work and the work of others. Let us know what you are working on!

2608, 2019

DeepSec Training: Black Belt Pentesting / Bug Hunting Secrets you’ve always wanted to know

René Pfeiffer/ August 26, 2019/ Conference, Security, Training

The Web and its technologies have become the perfect frontier for security experts for finding bugs and getting a foothold when doing penetration tests. Everything has a web server these days. And everything web server will happily talk to web clients. The components involved are more than just simple HTML and JavaScript. The developer notion of doing things full stack requires security experts to do the same. This is where our DeepSec 2019 training session Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation by Dawid Czagan comes into play. Dawid Czagan will show you how modern applications work, how they interact, and how you can analyse their inner workings. He will enable you to efficiently test applications, find bugs, and compile the set of information needed to fix the

Read More

1908, 2019

DeepSec Training: Black Belt Pentesting / Bug Hunting Millionaire – Mastering Web Attacks with Full-Stack Exploitation

René Pfeiffer/ August 19, 2019/ Conference, Training

Web applications are gateways for users and attackers alike. Web technology is used to grant access to information, public and sensitive alike. The latest example is the Biostar 2 software, a web-based biometric security smart lock platform application. During a security test the auditors were able to access over 1 million fingerprint records, as well as facial recognition information. How can you defend against leaks like this? Well, you have to understand all layers of the application stack. Modern web applications are complex and it’s all about full-stack nowadays. That’s why you need to dive into full-stack exploitation if you want to master web attacks and maximize your payouts. Say no to classic web application hacking. Join the training session at DeepSec 2019 and take advantage of Dawid Czagan’s unique hands-on exercises and become

Read More

1408, 2019

DeepSec 2019 Preliminary Schedule is online

René Pfeiffer/ August 14, 2019/ Conference

We have reviewed all submissions, and we have published the preliminary schedule. It wasn’t easy to pick, because we received more submission than in the years before. Even though we start the reviews early, as soon as they arrive, it usually takes a couple of days to get to a stable version. The process is very similar to other forms of content creation with components, such as software development, or creative/technical writing. The most important fact is the preliminary schedule of DeepSec 2019. You can view it online. We are working on a new calendar export, so that you can view it on the go as well. Some slots are still vacant. The reason is the ongoing review process, and cancellations due to conflicts regarding our speakers. We will fill the remaining slots during

Read More

0108, 2019

Thanks for your Submissions for DeepSec 2019! Schedule is coming up soon.

René Pfeiffer/ August 1, 2019/ Call for Papers, Conference

Thank you for your wonderful work and your submissions for DeepSec 2019! We know that preparing an abstract is a lot of work (given that you had lots of work before in order to be able to write a summary). 2019 has broken the old record. We have received more submissions for presentations and workshops than we can stuff into the current two-day conference. We would need two weeks to present all the content your submitted. We did a lot of reviewing in the the past weeks, but give us some more days to sort everything out. Judging from your abstracts DeepSec 2019 will be great again! 😅

3107, 2019

Last Call: DeepSec 2019 Call for Papers ends today!

René Pfeiffer/ July 31, 2019/ Call for Papers

If you ware interested in presenting at DeepSec 2019, then you have 12 hours left to submit your proposal. It will get tough, because we have received a lot of submissions already, and we are currently hard at work reviewing all of them. Nevertheless your content counts! Submit your presentation or your research. Do not forget that your research can also be submitted for the Reversing and Offensive-oriented Trends Symposium 2019 (ROOTS) by using the ROOTS Call for Paper submission. Your presentation about the intertwined world of geopolitics and information security for DeepINTEL 2019 should go via email to use. You can use cfp (at) deepsec (dot) .net or simply deepsec (at) deepsec (dot) net.

1207, 2019

Thoughts on Geopolitics and Information Security

René Pfeiffer/ July 12, 2019/ Call for Papers, DeepIntel, Discussion, High Entropy

Geopolitics is a rather small word for very complex interactions, strategies, tactics, and the planning (of lack thereof) of events. Reading about topics connected to it is probably familiar to you. Few news articles can do without touching geopolitic aspects. Since politics has less technological content for most people, the connection to information security may not be obvious. Malicious software such as Stuxnet/WannaCry has changed this. Due to the events connected to their outbreak (or attack) the motivations of national agendas on the international stage have created awareness. There is a lot more to explore which is not on the radar of most experts, even in the field of information security. The current trade wars have a major impact on technology and ultimately information security. When it comes to vendors there is a bias

Read More

1107, 2019

Training Teaser: Black Belt Pentesting a.k.a. Bug Hunting Millionaire – Mastering Web Attacks with Full-Stack Exploitation

René Pfeiffer/ July 11, 2019/ Conference, Training

Modern web applications consist of far more components than HTML content and a few scripts. In turn properly attacking web applications requires a diverse set of skills. You need to know how the back-end and the front-end works. This includes all of the scripting languages, data storage technologies, user interface peculiarities, frameworks, hosting technologies, and many more layers. DeepSec 2019 will feature a full-stack web exploitation dojo enabling you to understand the security of web applications, how to break them, and how to protect them. The training will be hosted by Dawid Czagan, expert in the field. He will guide you through every technology and attack method relevant to information security of web applications such as: REST API hacking AngularJS-based application hacking DOM-based exploitation Bypassing Content Security Policy (CSP) Server-side request forgery Browser-dependent exploitation

Read More