Tag Archive

DeepSec 2018 Talk: Information, Threat Intelligence, and Human Factors – John Bryk

Published on September 21, 2018 By sanna

“Across the ICS spectrum, organizations are gathering threat data (information) to protect themselves from incoming cyber intrusions and to maintain a secure operational posture.”, says John. “Organizations are also sharing information; along with the data collected internally, organizations need external information to have a comprehensive view of the threat landscape. Cyber threat information comes from […]

DeepSec 2018 Talk: Injecting Security Controls into Software Applications – Katy Anton

Published on September 20, 2018 By sanna

“SQL Injection was first mentioned in a 1998 article in Phrack Magazine. Twenty years later, injection is still a common occurrence in software applications (No.1 in latest OWASP Top 10 2017). For the last 20 years, we have been focusing on vulnerabilities from an attacker’s point of view and SQL injection is still King. Something […]

DeepSec 2018 Talk: New Attack Vectors for the Mobile Core Networks – Dr. Silke Holtmanns / Isha Singh

Published on September 19, 2018 By sanna

DeepSec has a long tradition of tackling the security of mobile networks and devices alike. The first DeepSec conference featured a presentation about the A5/1 crack. Later one we offered trainings covering mobile network security and weaknesses. So we are proud to announce Isha Singh’s and Silke Holtmanns’ talk about new attack vectors. Here is […]

DeepSec 2018 Talk: Pure In-Memory (Shell)Code Injection in Linux Userland – reenz0h

Published on September 18, 2018 By sanna

A lot of research has been conducted in recent years on performing code injection in the Windows operating system without touching the disk. The same cannot be said about *NIX (and Linux specifically). Imagine yourself sitting in front of a blinking cursor, using a shell on a freshly compromised Linux server, and you want to […]

DeepSec 2018 Talk: Orchestrating Security Tools with AWS Step Functions – Jules Denardou & Justin Massey

Published on September 17, 2018 By sanna

Increasingly frequent deployments make it impossible for security teams to manually review all of the code before it is released. Jules Denardou and Justin Massey wrote a Terraform-deployed application to solve this problem by tightly integrating into the developer workflow. The plugin-based application has three core components, each represented by at least one Lambda function: […]

DeepSec 2018 Talk: Without a Trace – Cybercrime, Who are the Offenders? – Edith Huber & Bettina Pospisil

Published on September 14, 2018 By sanna

Cybercrime is a worldwide and diverse phenomenon, which needs multidisciplinary and global prevention and intervention strategies. Regarding the situation in Austria, no evidence-based scientific analysis exists that depicts the bright field of Cybercrime. Therefore an interdisciplinary research group investigated the phenomenon cybercrime regarding the questions – Edith Huber and Bettina Prospisil will present their findings at […]

DeepSec 2018 Training: Attacking Internet of Things with Software Defined Radio – Johannes Pohl

Published on September 10, 2018 By sanna

In Johannes Pohls training participants will learn how to reverse engineer the wireless communication between Internet of Things (IoT) devices with Software Defined Radios (SDR) using the Universal Radio Hacker (URH). The workshop covers required HF (high frequency) basics such as digital modulations and encodings and shows how to reveal the protocol logic step by […]

DeepSec 2018 Talk: Defense Informs Offense Improves Defense – How to Compromise an ICS Network and How to Defend It – Joe Slowik

Published on September 5, 2018 By sanna

Industrial control system (ICS) attacks have an aura of sophistication, high barriers to entry, and significant investment in time and resources. Yet when looking at the situation – especially recent attacks – from a defender’s perspective, nothing could be further from the truth. Initial attack, lateral movement, and entrenchment within an ICS network requires – […]

DeepSec 2018 Talk: Can not See the Wood for the Trees – Too Many Security Standards for Automation Industry – Frank Ackermann

Published on September 4, 2018 By sanna

“Plant operators and manufacturers are currently faced with many challenges in the field of automation.”, says Frank Ackermann. “Issues such as digitization, Industry 4.0, legal requirements or complex business processes that connect IT and OT are paramount. Related security problems and risks need to be addressed promptly and lastingly. Existing and newly created industry security […]

DeepSec 2018 Talk: Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests – Tomasz Tuzel

Published on September 3, 2018 By sanna

Over the last decade we have seen a rapid rise in virtualization-based tools in which a hypervisor is used to gain insight into the runtime execution of a system. With these advances in introspection techniques, it is no longer a question of whether a hypervisor can be used to peek inside or even manipulate the […]

DeepSec 2018 Talk: Open Source Network Monitoring – Paula de la Hoz Garrido

Published on August 31, 2018 By sanna

“I’d like to offer an introduction into Network System Monitoring using different open tools available in Linux.”, says Paula. “The talk is a technical approach to identify the best sniffing points in a network and how to orchestrate a full analysis of the content to secure the network, as well as showing ideas of collaborative […]

DeepSec 2018 Talk: Building your Own WAF as a Service and Forgetting about False Positives – Juan Berner

Published on August 30, 2018 By sanna

When a Web Application Firewall (WAF) is presented as a defensive solution to web application attacks, there is usually a decision to be made: Will this be placed inline (and risk affecting users due to outages or latency) or will it be placed out of band (not affecting users but not protecting them either). In […]

DeepSec 2018 Training: Hunting with OSSEC – Xavier Mertens

Published on August 28, 2018 By sanna

“OSSEC is sometimes described as a low-cost log management solution but it has many interesting features which, when combined with external sources of information, may help in hunting for suspicious activity occurring on your servers and end-points”, says Xavier Mertens, who’s giving a training called “Hunting with OSSEC” at this years DeepSec. “During this training, […]

DeepSec 2018 Talk: DNS Exfiltration and Out-of-Band Attacks – Nitesh Shilpkar

Published on August 27, 2018 By sanna

“The Domain Name System or DNS is one of the most fundamental parts of the Internet”, says Nitesh Shipkar. “It is crucial for a billion of users daily to help us build presence on the internet using names humans can understand rather than IP addresses. However, DNS comes with security issues organizations should be aware […]