2210, 2015

DeepSec 2015 Talk: A Death in Athens: The inherent Vulnerability of “lawful Intercept” Programs, and Why all Government authorized Backdoors are very dangerous – James Bamford

Sanna/ October 22, 2015/ Conference, Security Intelligence

Some of you might remember the „Athens Affair“. In 2005 Ericsson found backdoors in the lawful interception systems of Vodafone Greece. The software on these modules was altered to successfully wiretap phone numbers without detection. When one of the tapped phones made or received a phone call, the exchange, or switch, sent a duplication of the conversation to one of fourteen anonymous prepaid mobile phones. The incident sparked an investigation, and Vodafone Greece was fined millions of Euros for breaching privacy laws. In February 2015 the Greek authorities issued a warrant for a suspect linked to the NSA. Lawful interception (LI) capabilities are mandatory for telecommunication equipment. In Europe the technical requirements and standards are developed by the European Telecommunications Standards Institute (ETSI); the 3rd Generation Partnership Project (3GPP) maintains the part relevant for

2110, 2015

Nikhil Mittal has two Black Hat Europe passes for his attendees

Mika/ October 21, 2015/ Conference, Schedule

Nikhil Mittal offers two passes for Black Hat Europe, Amsterdam, Nov. 10-13 for his workshop attendees at our DeepSec in Vienna. If more than two are interested we will make a raffle or a sweepstake. Workshop: Powershell for Penetration testers Deadline is in two weeks, when we make final decisions about our workshops. So if you are interested in Powershell and have spare-time in November it’s a good time to book for DeepSec and visit Black Hat Europe for free: DeepSec Registration Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes penetration testing, attack research, defence strategies and post exploitation research. He has 6+ years of experience in Penetration Testing for his clients, including many global corporate giants. He is also a member of Red teams of selected

2110, 2015

DeepSec Talk: Got RATs? Enter Barn Cat (OSint)

Mika/ October 21, 2015/ Conference, Schedule

We are happy to have John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center) on stage to present his new Open Source Intelligence Project Barn Cat. OSINT Barn Cat: Mining Malware for Intelligence at Scale I like the name of the project: Barn cats are the best mousers and this new project is targeted to catch (not only) RATs. In reality we have a hard time to keep track and ensure up-to-date signatures, with half a million unique samples pouring into the analysis machinery of the AV-industry and signature producers every day. Barn cat has a new approach: Instead of learning every time from scratch how a new mouse looks like, Barn Cat monitors the criminal infrastructure to detect undesired activity in your network. It’s like a true barn cat couching in front of

2010, 2015

DeepSec Workshops: Digitale Verteidigung – Wissen ist Macht

René Pfeiffer/ October 20, 2015/ Conference, Internet, Training

Wann haben Sie Ihren letzten Geschäftsbrief geschrieben? Und wann haben Sie das letzte Mal Stift und Papier dazu benutzt? Es macht nichts wenn Sie sich nicht daran erinnern können: Digitale Kommunikation ist Teil unseres Alltagslebens, nicht nur in der Geschäftswelt. Wir haben uns so sehr daran gewöhnt ständig online zu kommunizieren, das offline sein sich schon fast unnatürlich anfühlt. Das heißt natürlich auch, dass wir ständig irgendwelchen Netzwerken ausgeliefert sind, vor allem dem Internet. Unsere Tür steht Tag und Nacht offen. Wir können sie nicht mehr schließen und laden somit offen auch ungebetene Gäste ein, die dieselben Netzwerke nutzen wie wir. Es ist Zeit ernsthaft darüber nachzudenken. Was für Bedrohungen gibt es da draußen? Und wie können wir uns vor Ihnen schützen? Cyber Kriminalität und Datenschutz Alles ist „Cyber“ heutzutage. Kriminalität genauso wie Sicherheitsbestrebungen.

1410, 2015

DeepSec 2015 Talk: Agile Security – The Good, The Bad, and mostly the Ugly – Daniel Liber

Sanna/ October 14, 2015/ Conference, Security

Particle collisions are a rich source for insights into the inner workings of Nature. Physicists know this. The Large Hadron Collider (LHC) built by the European Organization for Nuclear Research (CERN) demonstrates this to the extreme. You can to the same in information security if you lock developers and security experts into a room. Acceleration can be achieved by asking for the best way for implementing security. Analyse the high energetic trails of heated arguments to gain new insights. This recipe works best with certain models of software development. David Liber will show you the results of the collisions and tell you what you can learn about security with a specific software development methodology. Moving away from Waterfall and traditional development processes towards Agile methodologies has become more and more popular recently. Talking about sprints, looking

1310, 2015

Defence – Beating the Odds with Knowledge

René Pfeiffer/ October 13, 2015/ Conference, Discussion, Mission Statement, Training

When did you write your last business letter? You probably don’t recall, because you write one all of the time. When did you last use ink and paper to do this? If you can’t remember the answer to this question, don’t bother trying. Digital communication is part of our daily life, not only in the business world. We are very accustomed to communicate in the here and now, up to the point where being offline feels unnatural. In turn this means that we are constantly exposed to networks of all kinds, especially the Internet. Our door is open all around the clock. We can’t close it any more, thus openly inviting every kind of threat also using networks. It’s time to seriously think about this. What does it mean? What do we need to

0910, 2015

DeepSec 2015 Talk: DDoS – Barbarians at the Gate(way) – Dave Lewis

Sanna/ October 9, 2015/ Conference, Internet, Security

There really is strength in numbers. It’s true for Big Data, high performance computing, cryptography, social media, and flooding the Internet with packets. The latter has been the method of choice for activists, „cyber“ warriors and criminals alike. Network interdiction (as military minds may call it) or Distributed Denial of Service (DDoS) attacks can be hard to counter due to the many sources of the attacking devices. Full pipes are full, no matter what you do. While you can deploy reverse proxies or rely on content distribution networks, the attack still persists. Packets keep coming until the sources are shut down. Flooding someone’s network is not a sophisticated attack. It’s gets the job done, it may be complex by nature, but it is not a stealth exploit sitting in your local network without being

0810, 2015

DeepSec 2015 Talk: Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library – Bernhard Göschlberger & Sebastian Göttfert

Sanna/ October 8, 2015/ Conference, Development, Security

Upgrading existing infrastructure and migrating from one architecture to another is often the way to keep your information technology up-to-date. Changing major revisions of software is not for the faint of heart. Many sysadmins sacrificed a good portion of their life force just to jump to the next version. Sometimes you are simply stuck. Code is not always maintained. Products might be obsolete. Developers might have abandoned the project. However the application is still in place and keeps on working. When changes hit this kind of environment, you can’t decline the challenge. Meet the legacy systems that will ruin your day. Bernhard Göschlberger and Sebastian Göttfert have spent thoughts on this problem. They will tell you all about it in their presentation at DeepSec 2015. Well elaborated principles of software engineering foster interoperability between

0710, 2015

DeepSec 2015 Workshop: Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices – Alexander Bolshev & Boris Ryutin

Sanna/ October 7, 2015/ Conference, Training

The Internet of Things (IoT), more common known as the Internet of Stuff, is all around us. You don’t have to wait for it any more. Take a peek at the search results from Shodan and you will see that lots of devices are connected to the Internet. Since your refrigerator does not run high performance hardware, it is well worth to take a look at the hardware being used. For connected household devices and their controllers you need low power equipment. Think small, think embedded, not different. This is why we offer the Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices training to you at DeepSec 2015. Alexander Bolshev and Boris Ryutin will show you how to create exploits for the Internet of Things: Embedded systems are everywhere. And all of

0510, 2015

DeepSec 2015 Workshop: Crypto Attacks – Juraj Somorovsky & Tibor Jager

Sanna/ October 5, 2015/ Conference, Training

Fvcelsiuetwq lcv xlt hsyhv xd kexh yw pdp, tlkli? Well, yes and no. ITEzISqbI1ABITAhITAhLZzQFsQ6JnkhMTMhpNK5F5rF9dctkiExMyEv9Fh1ITMzIaX2VCJpEQc= , and that’s where it often goes wrong. Your cryptographic defence can be attacked just as any other barrier you can come up with. Attackers never sleep, you know. Crypto attacks are often facilitated by a simple psychological bias: Since cryptographic algorithms are so complicated (for me), no one can easily figure out how to break them. But this may be true for ASN.1 or Chinese (with apologies to all native speakers, it is meant as a metaphor). The fertile growth of CrypoParties all around the globe documents the interest in using cryptography as a means of protecting data, be it in transit or stored locally. Since you use encryption algorithms every day, regardless if you know about them or

0410, 2015

DeepSec 2015 Workshop: Practical Incident Handling – Felix Schallock

Sanna/ October 4, 2015/ Conference, Security, Training

Things go wrong or break, it’s just a matter of time. Ask your sysadmin about this. Apart from wear and tear, there are information security incidents that tend to ruin your perfect day at the office. What happens next? What do you do when noticing that your infrastructure has been compromised? Where do you start? Who needs to be told? Few employees know the answers to these questions. While you might have policies in place that regulate everything one needs to know, the practice looks wildly different. Apart from having a plan, you need to test if your plan works. At DeepSec 2015 Felix Schallock will show you what to do when digital lightning strikes. During two days of training you will take a tour on how to address and handle incidents properly. During

0310, 2015

DeepSec 2015 Talk: Continuous Intrusion – Why CI Tools Are an Attacker’s Best Friend – Nikhil Mittal

Sanna/ October 3, 2015/ Conference, Development, Security

In information security pessimism rules. Unfortunately. Extreme Programming might breed extreme problems, too. The short-lived app software cycle is a prime example. If your main goal is to hit the app store as soon and as often as possible, then critical bugs will show up faster than you can spell XCodeGhost. The development infrastructure has some nice features attackers will love and most probably exploit. In his presentation Nikhil Mittal will show you how Continuous Integration (CI) tools can be turned into a Continuous Intrusion. Continuous Integration (CI) tools are part of build and development processes of a large number of organizations. I have seen a lot of CI tools during my penetration testing engagements. I always noticed the lack of basic security controls on the management consoles of such tools. On a default installation, many CI tools

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: