Tag Archive

DeepSec 2019 talk: New Tales of Wireless Input Devices – Matthias Deeg

Published on September 13, 2019 By sanna

You can’t do much with computer without input devices. Microphones do not count, yet. This leaves the classic selection of human input. How secure are these devices? Did you ever wonder when typing, moving the mouse pointer, or attaching a presenting tool? Well, your questions will be answered at DeepSec 2019. Matthias Deeg will hold […]

DeepSec 2019 Talk: Once upon a Time in the West – A Story on DNS Attacks – Valentina Palacín, Ruth Esmeralda Barbacil

Published on September 9, 2019 By sanna

The Internet is the new frontier for some. So just like in Old West movies, we are going through a land riddled with well-known gunmen: OceanLotus, DNSpionage and OilRig, who roam at ease, while the security cowboys sleep. This presentation will uncover the toolset and techniques used by these gunmen, taking a closer look at […]

DeepSec Press Release: Internet of Facts and Fear in the Name of IT Security – Bits, Bytes, Security and Geopolitics

Published on September 5, 2019 By sanna

(Original press release was published on 29 August 2019 via pressetext.com) Nobody is an island. This statement is attributed to the English writer John Donne. The sentence became known in the 17th century. In the meantime, this has changed as a result of digitization. The modern version of the statement should read: There are no […]

DeepSec 2019 Talk: Well, That Escalated Quickly! – A Penetration Tester’s Approach to Windows Privilege Escalation – Khalil Bijjou

Published on September 4, 2019 By sanna

Since the early stages of operating systems, users and privileges were separated. Implemented security mechanisms prevent unauthorized access and usage of data and functions. These security mechanisms have been circumvented a number of times, which has led to steady improvements. Nevertheless, attackers find new vulnerabilities and security holes. Security experts often encounter Mirosoft® Windows endpoints […]

DeepSec2019 Talk: IPFS As a Distributed Alternative to Logs Collection – Fabio Nigi

Published on August 30, 2019 By sanna

Logging stuff is easy. You take a piece of information created by the infrastructure, systems, or applications and stash it away. The problems start once you want to use the stored log data for analysis, reference, correlation, or any other more sophisticated approach. At DeepSec 2019 Fabio Nigi will share his experience in dealing with […]

DeepSec2019 Talk: Android Malware Adventures – Analyzing Samples and Breaking into C&C – Kürşat Oğuzhan Akıncı & Mert Can Coşkuner

Published on August 29, 2019 By sanna

Android malware is evolving every day and is everywhere, even in Google Play Store. Malware developers have found ways to bypass Google’s Bouncer as well as antivirus solutions, and many alternative techniques to operate like Windows malware does. Using benign looking applications working as a dropper is just one of them. This talk is about […]

DeepSec Training: Black Belt Pentesting / Bug Hunting Secrets you’ve always wanted to know

Published on August 26, 2019 By René Pfeiffer

The Web and its technologies have become the perfect frontier for security experts for finding bugs and getting a foothold when doing penetration tests. Everything has a web server these days. And everything web server will happily talk to web clients. The components involved are more than just simple HTML and JavaScript. The developer notion […]

DeepSec Training: Black Belt Pentesting / Bug Hunting Millionaire – Mastering Web Attacks with Full-Stack Exploitation

Published on August 19, 2019 By René Pfeiffer

Web applications are gateways for users and attackers alike. Web technology is used to grant access to information, public and sensitive alike. The latest example is the Biostar 2 software, a web-based biometric security smart lock platform application. During a security test the auditors were able to access over 1 million fingerprint records, as well […]

DeepSec 2019 Preliminary Schedule is online

Published on August 14, 2019 By René Pfeiffer

We have reviewed all submissions, and we have published the preliminary schedule. It wasn’t easy to pick, because we received more submission than in the years before. Even though we start the reviews early, as soon as they arrive, it usually takes a couple of days to get to a stable version. The process is […]

Thanks for your Submissions for DeepSec 2019! Schedule is coming up soon.

Published on August 1, 2019 By René Pfeiffer

Thank you for your wonderful work and your submissions for DeepSec 2019! We know that preparing an abstract is a lot of work (given that you had lots of work before in order to be able to write a summary). 2019 has broken the old record. We have received more submissions for presentations and workshops […]

Last Call: DeepSec 2019 Call for Papers ends today!

Published on July 31, 2019 By René Pfeiffer

If you ware interested in presenting at DeepSec 2019, then you have 12 hours left to submit your proposal. It will get tough, because we have received a lot of submissions already, and we are currently hard at work reviewing all of them. Nevertheless your content counts! Submit your presentation or your research. Do not […]

Training Teaser: Black Belt Pentesting a.k.a. Bug Hunting Millionaire – Mastering Web Attacks with Full-Stack Exploitation

Published on July 11, 2019 By René Pfeiffer

Modern web applications consist of far more components than HTML content and a few scripts. In turn properly attacking web applications requires a diverse set of skills. You need to know how the back-end and the front-end works. This includes all of the scripting languages, data storage technologies, user interface peculiarities, frameworks, hosting technologies, and […]

Reminder – Call for Papers DeepSec & DeepINTEL – Send your submissions!

Published on July 8, 2019 By René Pfeiffer

We have been a bit radio silent since BSidesLondon. This is due to the hot weather in Austria, the preparations for the next DeepSec Chronicles book, some interesting features for DeepSec, and of course because of the submissions we received so far. We have a shortlist for the trainings which we will publish in the […]

Ongoing DeepSec Call for Workshops – Trainers welcome!

Published on April 2, 2019 By René Pfeiffer

The Call for Workshops for the DeepSec conference in November 2019 is still open. If you have something to teach, let us know as soon as possible! We intend to inform potential trainees in the beginning of May about their options. This allows for a better planning and preparation, because we receive early requests for […]

Translated Press Release: IT Security is increasingly dominated by Geopolitics

Published on February 18, 2019 By sanna

DeepSec and DeepINTEL conference open call for papers – submission for lectures and trainings are in demand.Anyone who reads the technology part of their favourite magazine can hardly escape the promises of future network technologies. Your own car becomes a smartphone. The talking fridge becomes a therapist. 5G mobile networks promise high-speed fibre optic streaming […]