DeepSec 2018 Talk: RFID Chip Inside the Body: Reflecting the Current State of Usage, Triggers, and Ethical Issues – Ulrike Hugl

Sanna/ November 14, 2018/ Conference

Chipping humans can be seen as one of the most invasive biometric identification technologies. RFID (Radio Frequency Identification) as the key technology in the field of the Internet of Things produces many applications. For example, human implants are used by scientists in the fields of cyborgism, robotics, biomedical engineering and artificial intelligence, by hobbyists for identification reasons to start their computers, cars, for smart home applications or to pay by credit card, by hospitals for the control of human biological functions of patients, but also by companies to tag their employees for security reasons and workplace surveillance. All in all, worldwide human implants are mainly used for security, healthcare, and private (individual) reasons. Beside some positive individual or organizational outcomes, implants may compromise privacy and raise manifold ethical questions. For example, research in the

Read More

DeepSec2018 Talk: Manipulating Human Memory for Fun and Profit – Stefan Schumacher

Sanna/ October 31, 2018/ Conference, Discussion

Manipulating the Human Memory for Fun and Profit, or: Why you’ve never met Bugs Bunny in DisneyLand Hacking is not limited to technical things — like using a coffee machine to cook a soup — but also makes use of social engineering. Social engineering is the (mis)use of human behaviour like fixed action patterns, reciprocity or commitment and consistency. Simple social engineering attacks like phishing mails do not require much preparation, but more complex ones do so. Especially when one wants to set up some kind of advanced persistent threat in the psychological domain. So, besides the psychological fundamentals of social engineering we also did research on human memory, how it works, how it pretty much fails to store what really happened, and how it can be misused for a sinister purpose. The fundamental

Read More

DeepSec 2018 Talk: Leveraging Endpoints to Boost Incident Response Capabilities – Francisco Galian, Mauro Silva

Sanna/ October 5, 2018/ Conference, Security

The information technology world is full of terms and acronyms. You got servers, nodes, clients, workstations, mobile devices, lots of stuff talking via the network to even more stuff. And then you got security breaches. How do you detect the latter? Well, you look for things out of the ordinary. Error messages, anomalies in behaviour, activity outside the usual time slots as system is being used, and the like. What’s the best place to look? Answer: The systems directly in touch with all the interactions attackers are interested in – endpoints. Most organisations fail to properly detect or even respond to incidents. A factor that significantly contributes to this fact is the lack of visibility on endpoints. That being said, endpoint logging can be very noisy and most organizations don’t have infrastructure to cope

Read More

DeepSec 2018 Talk: Uncovering Vulnerabilities in Secure Coding Guidelines – Fernando Arnaboldi

Sanna/ October 3, 2018/ Conference, Security

Several government-related and private organizations provide guidance on how to improve the security of existing software as well as best practices for developing new code. These organizations include the Computer Emergency Readiness Team (CERT) Secure Coding Standards, Common Weakness Enumeration (CWE), Open Web Application Security Project (OWASP), and National Institute of Standards and Technology (NIST) Software Assurance Metrics. Fernando’s talk will expose multiple underlying exploitable vulnerabilities in the secure code that follows the recommendations from each of these organizations. Even though these guidelines were created to improve software security, they may also inject side vulnerabilities due to a lack of proper analysis. Within secure code snippets, reviewed by many and considered trustworthy by all, are issues that attackers could exploit to escape secure directories, abuse insecure hashing and encryption practices, or even expose applications

Read More

DeepSec 2018 Talk: Security as a Community Healthcare: Helping Small Non-Profit Organisations Stay Secure – Eva Blum-Dumontet

Sanna/ October 2, 2018/ Conference, Security

This talk will look at the way Privacy International has relied on its experience from working with a network of small NGOs across the Global South to shape its approach to security and develop Thornsec, an automated way to deploy, test, and audit internal and external services for an organisation. Privacy International works with a network of over twenty organisations located in Latin America, Africa, Asia and the Middle-East. Together we research and document threats and abuses to privacy from governments and corporations and advocate for better privacy protection both from a technological and a legal standpoint. Being at the forefront of the fight against surveillance means that the partners of privacy International are sometimes exposed to oppressive political regimes. They experience a wide range of threats from office burglary, physical surveillance by intelligence

Read More

DeepSec 2018 Training: Malware Analysis Intro – Christian Wojner

Sanna/ September 28, 2018/ Conference, Security, Training

With malware (malicious software) featuring crypto-trojans (ransomware), banking-trojans, information- and credential-stealers, bot-nets of various specifications, and, last but not least, industry- or even state-driven cyber espionage, the analysis of this kind of software ıs becoming more and more important these days. With a naturally strong focus on Microsoft Windows based systems this entertaining first-contact workshop introduces you to one of the most demanding but nonetheless compelling fields in IT-Security. We asked Christian a few more questions about his talk. Please tell us the main facts about your training. This training is for every IT (Security) person who wants/needs to have their first encounter with the stunning field of malware analysis. On the basis of an especially designed, exciting scenario blended with various technical detours packed into a 6-stages workshop, students will… learn how easy

Read More

DeepSec 2018 Training: ERP Security: Assess, Exploit and Defend SAP Platforms – Pablo Artuso & Yvan Genuer

Sanna/ September 27, 2018/ Conference, Security, Training

Your SAP platform contains the business crown jewels of your company. However, while leading organizations are protecting their systems from new types of SAP threats, still many are prone to SAP-specific vulnerabilities that are exposing their business to espionage, sabotage and financial fraud risks. Gaston’s and Pablo’s training empowers Security Managers, Internal/External Auditors and InfoSec Professionals to assess their SAP platforms for platform-specific vulnerabilities, exploit them to better understand the involved business risk and mitigate them holistically. It provides the latest information on SAP-specific attacks and protection techniques. After an introduction to the SAP world (previous SAP expertise is NOT required), you will learn through several hands-on exercises how to perform your own vulnerability assessments and penetration tests of your SAP platform to identify existing security gaps. You will understand why even strict user

Read More

DeepSec 2018 Talk: Global Deep Scans – Measuring Vulnerability Levels across Organizations, Industries, and Countries – Luca Melette & Fabian Bräunlein

Sanna/ September 25, 2018/ Conference, Internet, Security

Metrics are plentiful, but they are hard to come by when it comes to meaningful numbers. This is why we were amazed by the submission of Luca Melette and Fabian Bräunlein. Why? This is why: “We introduce global deep scans that provide insights into the security hygiene of all organizations exposed to the Internet. Our presentation discusses vulnerability levels across different groups of organizations and points out differences in the underlying maintenance processes. We find that different industries have a lot to learn from each other and provide the necessary measurements to start these dialogues.” We asked Luca and Fabian a few more questions about their talk. Please tell us the top 5 facts about your talk. 1. Come 2. Watch 3. Our 4. Talk 5. You’ll see results from a global vulnerability scan

Read More

DeepSec 2018 Training: Advanced Penetration Testing in the Real World – Davy Douhine & Guillaume Lopes

Sanna/ September 24, 2018/ Conference, Security, Training

Guillaume and Davy, senior pentesters, will share many techniques, tips and tricks with pentesters, red teamers, bug bounty researchers or even defenders during a 2-day 100% “hands-on” workshop. This is the very training you’d like to have instead of wasting your precious time trying and failing while pentesting. The main topics of the training are: Buffer overflow 101: Find and exploit buffer overflows yourself and bypass OS protections. (A lot of pentesters don’t even know how it works. So let’s have a look under the hood); Web exploitation: Manually find and exploit web app vulnerabilities using Burpsuite. (Yes, running WebInspect, AppScan, Acunetix or Netsparker is fine but you can do a lot more by hand); Network exploitation: Manually exploit network related vulnerabilities using Scapy, ettercap and Responder. (Because it works so often when doing

Read More

DeepSec 2018 Talk: Information, Threat Intelligence, and Human Factors – John Bryk

Sanna/ September 21, 2018/ Conference, Security, Security Intelligence

“Across the ICS spectrum, organizations are gathering threat data (information) to protect themselves from incoming cyber intrusions and to maintain a secure operational posture.”, says John. “Organizations are also sharing information; along with the data collected internally, organizations need external information to have a comprehensive view of the threat landscape. Cyber threat information comes from a variety of sources, including sharing communities such as Information Sharing and Analysis Centers (ISACs), open-source, and commercial sources. Immediately actionable information is mainly low-level indicators of compromise, such as known malware hash values or command-and-control IP addresses, where an actionable response can be executed automatically by a system. Threat intelligence refers to more complex cyber threat information that has been subjected to the analysis of existing information. Information such as different Tactics, Techniques, and Procedures (TTPs) used over

Read More

DeepSec 2018 Talk: Injecting Security Controls into Software Applications – Katy Anton

Sanna/ September 20, 2018/ Conference, Security

“SQL Injection was first mentioned in a 1998 article in Phrack Magazine. Twenty years later, injection is still a common occurrence in software applications (No.1 in latest OWASP Top 10 2017). For the last 20 years, we have been focusing on vulnerabilities from an attacker’s point of view and SQL injection is still King. Something else must be done.”, says Katy Anton. “What if there is another way to look at software vulnerabilities? Can vulnerabilities be decomposed into security controls familiar to developers? Which security controls are an absolute must-have, and which additional security measures do you need to take into account? These are hard questions as evidenced by the numerous insecure applications we still have today. Attend this talk to explore security vulnerabilities from a different angle. As part of this talk, we

Read More

DeepSec 2018 Talk: New Attack Vectors for the Mobile Core Networks – Dr. Silke Holtmanns / Isha Singh

Sanna/ September 19, 2018/ Conference

DeepSec has a long tradition of tackling the security of mobile networks and devices alike. The first DeepSec conference featured a presentation about the A5/1 crack. Later one we offered trainings covering mobile network security and weaknesses. So we are proud to announce Isha Singh’s and Silke Holtmanns’ talk about new attack vectors. Here is a brief summary: “Roaming or being called from abroad is being something we take for granted.”, says Silke Holtmanns. “Technically it implies that large networks communicate with each other across geographical and political boundaries. Those communication and the network behind is not well known and understood by most cellular users. This network, its background, security and usage will be explained. We will highlight the attack vectors for 2G, 3G and 4G networks and give an outlook on 5G. We

Read More

DeepSec 2018 Talk: Pure In-Memory (Shell)Code Injection in Linux Userland – reenz0h

Sanna/ September 18, 2018/ Conference, Security

A lot of research has been conducted in recent years on performing code injection in the Windows operating system without touching the disk. The same cannot be said about *NIX (and Linux specifically). Imagine yourself sitting in front of a blinking cursor, using a shell on a freshly compromised Linux server, and you want to move forward without leaving any trace behind. You need to run additional tools, but you don’t want to upload anything to the machine. Or, you simply cannot run anything because the noexec option is set on mounted partitions. What options remain? This talk will show how to bypass execution restrictions and run code on the machine, using only tools available on the system. It’s a bit challenging in an everything-is-a-file OS, but doable if you think outside the box

Read More

DeepSec 2018 Talk: Orchestrating Security Tools with AWS Step Functions – Jules Denardou & Justin Massey

Sanna/ September 17, 2018/ Conference

Increasingly frequent deployments make it impossible for security teams to manually review all of the code before it is released. Jules Denardou and Justin Massey wrote a Terraform-deployed application to solve this problem by tightly integrating into the developer workflow. The plugin-based application has three core components, each represented by at least one Lambda function: a trigger, processing and analysis, and output. The plugins, such as static analysis, dependency checking, github integrations, container security scanning, or secret leak detection can be written in any language supported by AWS Lambda. The underlying technology for this tool is a serverless system utilizing several AWS Services, such as API Gateways, Step Functions and Lambdas. In this talk you’ll not only learn about our tool and how to implement it in your CI/CD pipeline, but also how to

Read More

DeepSec 2018 Talk: Without a Trace – Cybercrime, Who are the Offenders? – Edith Huber & Bettina Pospisil

Sanna/ September 14, 2018/ Conference, Security

Cybercrime is a worldwide and diverse phenomenon, which needs multidisciplinary and global prevention and intervention strategies. Regarding the situation in Austria, no evidence-based scientific analysis exists that depicts the bright field of Cybercrime. Therefore an interdisciplinary research group investigated the phenomenon cybercrime regarding the questions – Edith Huber and Bettina Prospisil will present their findings at DeepSec 2018. We asked them a few questions about their talk: Please tell us the top 5 facts about your talk. We will talk about cybercrime, offender profiling, the typical modus operandi and successful methods to apprehend offenders. How did you come up with it? Was there something like an initial spark that set your mind on creating this talk? Cybercrime is a worldwide and diverse phenomenon, which needs multidisciplinary and global prevention and intervention strategies. Regarding the situation

Read More