2109, 2018

DeepSec 2018 Talk: Information, Threat Intelligence, and Human Factors – John Bryk

Sanna/ September 21, 2018/ Conference, Security, Security Intelligence

“Across the ICS spectrum, organizations are gathering threat data (information) to protect themselves from incoming cyber intrusions and to maintain a secure operational posture.”, says John. “Organizations are also sharing information; along with the data collected internally, organizations need external information to have a comprehensive view of the threat landscape. Cyber threat information comes from a variety of sources, including sharing communities such as Information Sharing and Analysis Centers (ISACs), open-source, and commercial sources. Immediately actionable information is mainly low-level indicators of compromise, such as known malware hash values or command-and-control IP addresses, where an actionable response can be executed automatically by a system. Threat intelligence refers to more complex cyber threat information that has been subjected to the analysis of existing information. Information such as different Tactics, Techniques, and Procedures (TTPs) used over

2009, 2018

DeepSec 2018 Talk: Injecting Security Controls into Software Applications – Katy Anton

Sanna/ September 20, 2018/ Conference, Security

“SQL Injection was first mentioned in a 1998 article in Phrack Magazine. Twenty years later, injection is still a common occurrence in software applications (No.1 in latest OWASP Top 10 2017). For the last 20 years, we have been focusing on vulnerabilities from an attacker’s point of view and SQL injection is still King. Something else must be done.”, says Katy Anton. “What if there is another way to look at software vulnerabilities? Can vulnerabilities be decomposed into security controls familiar to developers? Which security controls are an absolute must-have, and which additional security measures do you need to take into account? These are hard questions as evidenced by the numerous insecure applications we still have today. Attend this talk to explore security vulnerabilities from a different angle. As part of this talk, we

1909, 2018

DeepSec 2018 Talk: New Attack Vectors for the Mobile Core Networks – Dr. Silke Holtmanns / Isha Singh

Sanna/ September 19, 2018/ Conference

DeepSec has a long tradition of tackling the security of mobile networks and devices alike. The first DeepSec conference featured a presentation about the A5/1 crack. Later one we offered trainings covering mobile network security and weaknesses. So we are proud to announce Isha Singh’s and Silke Holtmanns’ talk about new attack vectors. Here is a brief summary: “Roaming or being called from abroad is being something we take for granted.”, says Silke Holtmanns. “Technically it implies that large networks communicate with each other across geographical and political boundaries. Those communication and the network behind is not well known and understood by most cellular users. This network, its background, security and usage will be explained. We will highlight the attack vectors for 2G, 3G and 4G networks and give an outlook on 5G. We

1809, 2018

DeepSec 2018 Talk: Pure In-Memory (Shell)Code Injection in Linux Userland – reenz0h

Sanna/ September 18, 2018/ Conference, Security

A lot of research has been conducted in recent years on performing code injection in the Windows operating system without touching the disk. The same cannot be said about *NIX (and Linux specifically). Imagine yourself sitting in front of a blinking cursor, using a shell on a freshly compromised Linux server, and you want to move forward without leaving any trace behind. You need to run additional tools, but you don’t want to upload anything to the machine. Or, you simply cannot run anything because the noexec option is set on mounted partitions. What options remain? This talk will show how to bypass execution restrictions and run code on the machine, using only tools available on the system. It’s a bit challenging in an everything-is-a-file OS, but doable if you think outside the box

1409, 2018

DeepSec 2018 Talk: Without a Trace – Cybercrime, Who are the Offenders? – Edith Huber & Bettina Pospisil

Sanna/ September 14, 2018/ Conference, Security

Cybercrime is a worldwide and diverse phenomenon, which needs multidisciplinary and global prevention and intervention strategies. Regarding the situation in Austria, no evidence-based scientific analysis exists that depicts the bright field of Cybercrime. Therefore an interdisciplinary research group investigated the phenomenon cybercrime regarding the questions – Edith Huber and Bettina Prospisil will present their findings at DeepSec 2018. We asked them a few questions about their talk: Please tell us the top 5 facts about your talk. We will talk about cybercrime, offender profiling, the typical modus operandi and successful methods to apprehend offenders. How did you come up with it? Was there something like an initial spark that set your mind on creating this talk? Cybercrime is a worldwide and diverse phenomenon, which needs multidisciplinary and global prevention and intervention strategies. Regarding the situation

1209, 2018

Translated Press Release: Bug Bounty Programs – Vulnerabilities as a worthwhile Investment

René Pfeiffer/ September 12, 2018/ Conference, Press

DeepSec Conference offers trainings for security researchers Vienna (pts010 / 04.09.2018 / 08:30) – This year, in addition to lectures about the failing of security measures, the DeepSec In-Depth Security Conference will offer a workshop for finding vulnerabilities. Unfortunately the testing of software in the context of quality assurance is no longer sufficient in the modern, networked world. The prefix “Smart” does not change anything about existing weaknesses. The training is therefore aimed at professionals, already working in development, and at security experts, to specifically strengthen the development of safer products in industry and companies. Complex Technologies and their Susceptibility to Errors Not only since the birth of the Internet of Things modern products can’t manage without software. If you add networking and the high level of complexity of individual parts, this is a

1109, 2018

Translated Press Release: Intelligence Agencies want to abolish Information Security

René Pfeiffer/ September 11, 2018/ Conference, Press

https://www.pressetext.com/news/deepsec-konferenz-veroeffentlicht-programm-fuer-2018.html DeepSec Conference criticizes the open Attack on secure End-to-End Encryption Vienna (pts014/21.08.2018/09:25) – Ever since security measures have been in existence, there have been discussions about their benefits and their strength. In digital communication, the topic of back doors keeps coming up. In the analog world high quality locks are desired to protect against theft. In the digital world this may now change. The Five Eyes (i.e. the intelligence services of the United States, the United Kingdom, Australia, New Zealand, and Canada) want to force all countries around the world to implement duplicate keys, thus to implement back doors, in their encrypted communication. For this purpose, at the end of August, a meeting of the Five Eyes Ministers of the Interior took place in Australia. This proposal has serious disadvantages for the economy

0609, 2018

Translated Press Release: DeepSec Conference releases Schedule for 2018

René Pfeiffer/ September 6, 2018/ Conference, Press

Focusing on the Insecurity of Things and infrastructure Vienna (pts014 / 21.08.2018 / 09:25) – This year’s DeepSec In-Depth Security Conference will focus on the topic of Insecurity of Things (IoT) and components of everyday infrastructure. The ever-advancing networking opens up completely new ways for attackers – faster than developers and manufacturers can fix bugs. Instead of using secure design for products and code, machine learning and artificial intelligence are integrated – unfortunately, implemented using convenient statistics and the algorithm of the week from the daily menu of the development kit. The presentations at the DeepSec conference will therefore put the alleged technologies of the future to the test. Mobile networks, the Internet of Things, collaboration platforms in the cloud, customer relationship management systems and the human factor are in the cross-hairs. Smart is

2908, 2018

DeepSec 2018 Special Training: Bug Hunting Millionaire – Mastering Web Attacks with Full-Stack Exploitation

René Pfeiffer/ August 29, 2018/ Conference, Security, Training

How do bugs in software get fixed? Well, first of all you have to find them. All code has bugs. Most probably, that is. Usually developers and users of applications find bugs. The history of information security has taught us that now attackers also look for bugs in software. Therefore flaws in code leading to security vulnerabilities have a higher priority for both developers and adversaries. The problem is that software testing finds all kinds of bugs and not always the important ones. Where is the incentive to go and debug software? Well, there is quality assurance, there is full disclosure, and now there are bug bounties. Bug bounties are rewards for bugs in software that have an impact on security. Companies offer these bounties as a means of software quality testing. Bug bounties

2808, 2018

DeepSec 2018 Training: Hunting with OSSEC – Xavier Mertens

Sanna/ August 28, 2018/ Conference, Training

“OSSEC is sometimes described as a low-cost log management solution but it has many interesting features which, when combined with external sources of information, may help in hunting for suspicious activity occurring on your servers and end-points”, says Xavier Mertens, who’s giving a training called “Hunting with OSSEC” at this years DeepSec. “During this training, you will learn the basic of OSSEC and its components, how to deploy it and quickly get results. Then I will demonstrate how to deploy specific rules to catch suspicious activities. From an input point of view, we will see how easy it is to learn new log formats to increase the detection scope and, from an output point of view, how we can generate alerts by interconnecting OSSEC with other tools like MISP, TheHive or an ELK Stack

1708, 2018

DeepSec 2018 Conference “Smart is the new Cyber” – Preliminary Schedule published

René Pfeiffer/ August 17, 2018/ Conference, Schedule, Security

The preliminary schedule for DeepSec 2018 has been published. It took us some time to select and review all submissions. We cracked the 100 submissions mark, thus we are pleased that you made it very difficult for us this year. The number of slots for presentations and workshops has been constant. The number of content being submitted is steadily growing. So we hope we did a good job and that you find a pleasant mixture of topics (as pleasant as information security can get). All speakers have been informed. There may be some changes to the schedule which we will announce on our blog. The abstracts of every presentation and workshop will be discussed in-depth here on the blog as well. We have asked the trainers and speakers some questions. As soon as we

0808, 2018

DeepSec Call for Papers Ended – Review Process – Melting Brains – Hard Facts

René Pfeiffer/ August 8, 2018/ Administrivia, Conference

Year by year it is getting harder to review the growing numbers of submissions. Thanks a lot for your contribution! It’s always a pleasure to read what you sent us. We have started to review as soon as you submit, but given the heat and the sheer number of submissions, it will take a few more days. We only have two days of trainings and two days of conference – which isn’t nearly enough. We will try to come up with a schedule that covers current events, science, and threats of tomorrow. Speaking of science, the Call for Papers for ROOTS 2018 is still running! We like to see more solid research in information security. It’s easy to get headlines or flourish on social media, but information security needs to do its homework. This

3107, 2018

DeepSec 2018 Call for Papers – Deadline today!

René Pfeiffer/ July 31, 2018/ Call for Papers, Conference

Sadly the climate does not extend deadlines. The Call for Papers of DeepSec In-Depth Security Conference 2018 ends today at midnight. Please make sure that you send us your submission in time. All submissions reaching us before the deadline ends have priority over any later submissions! We will leave the submission form online for a while longer in order to compensate for the heatwave currently rolling over Europe. Don’t forget that the Call for Papers for ROOTS 2018 (the Reversing and Offensive-oriented Trends Symposium) is still open and accepts submissions! Please spread word about ROOTS. We would like to feature „Science first!“ again in 2018. A big thank you for all who already sent us their content! As always we will have a hard time sorting through everything and selecting the presentations and trainings.

1707, 2018

ROOTS and DeepSec 2018 Call for Papers – Reminder and Bugfix

René Pfeiffer/ July 17, 2018/ Call for Papers

The ROOTS and DeepSec Calls for Papers are still running! We did some bugfixing on the web page, so the deadline for any ROOTS submissions is now 26 August 2018. Please spread the word and submit your research. If you need any assistance feel free to contact us. The DeepSec Call for Papers closes on 31 July 2018. Now is the time for your submission. We are looking forward to see your presentation on stage at DeepSec 2018!

2505, 2018

DSGVO / GDPR / RGPD Update – We have Policies and Stuff!

René Pfeiffer/ May 25, 2018/ Administrivia, High Entropy

In information security policies are like opinions – everyone has one or more. So this is why we did some updating. You can now find our privacy policy on the main DeepSec web site and on our blog. We use few third party services, because most of our infrastructure is hosted on our own systems. When it comes to (tele)communication, payment services, and (sadly) email we have to rely on operators doing this for us. Our email infrastructure will move in the near future (i.e. in 2018). We will announce the change via your local DNS resolver when the time comes. 😊 Bear in mind that we take the agile approach when it comes to developing policies. Publish often, do rolling releases. At least that is how we understand the process. A policy is

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: