0710, 2020

DeepSec 2020 Press Release: Digital information security has human weaknesses – DeepINTEL Security Intelligence Conference discusses strategic IT security in Vienna.

Sanna/ October 7, 2020/ DeepIntel

In the last few decades, everyday professional and private life has been increasingly permeated by modern technologies and networked communication. In addition to many conveniences, this has also created difficult challenges for information security. Therefore more and more complex technical solutions are celebrated at many security conferences. The problem with the problems that are to be solved in this way: The human factor and its weak points, which can do totally without digitization. The DeepINTEL conference therefore deals with the interrelationships and strategic background of information security in order to minimize threats and improve protection in the long term. Errors in the System are part of the Foundation Reports of data leaks and spectacular break-ins appear in the news again and again. Unfortunately, only the results are shown. Of course, the search for clues

0510, 2020

DeepSec 2020 Training: Threat Modelling: The Ultimate “Shift Left” – Irene Michlin & Kreshnik Rexha

Sanna/ October 5, 2020/ Training

The earlier in the life-cycle you pay attention to security, the better are the outcomes. Threat modelling is one of the best techniques for improving the security of your software. It is a structured method for identifying weaknesses on design level. The participants will learn the technique and gain practical skills through exercises. The curriculum of the training consists of : Threat modelling: introduction and motivation Data Flow Diagrams STRIDE Beyond STRIDE Prioritization Mitigations Integrating threat modelling in SDLC This training targets mainly blue teamers, as well as software developers, QA engineers, and architects; but will be also beneficial for scrum masters and product owners. We asked Irene and Kreshnik a few more questions about their training. Please tell us the top 5 facts about your training. Lots of hands-on exercises and group work

0310, 2020

DeepSec 2020 Talk: RedTeamOps – Mert Can Coskuner, Caglar Cakici

Sanna/ October 3, 2020/ Conference

Red team operations involve many skills, the operation requires a lot of monitoring, consolidating and caution. In order to perform red team operations faster and stealthier, without thinking about the infrastructure, every team has its’ own habits and standards. However, there is a problem with those habits and standards: There are tons of tools but no operation management, No aggregation between these tools, When OPSEC fails due to problems above or any other reason, it’s essential to possess the capability of maintaining robust infrastructure which can be recreated if discovered, and more importantly, without any issues upon deployment. In this talk, infrastructure challenges we face as a red teamer will be discussed. Along with challenges, a solution will be proposed based on DevOps practices such as: Design your infrastructure based on the standards and

2809, 2020

DeepSec 2020 Talk: Security of Home Automation Systems – A Status Quo Analysis For Austrian Households – Edith Huber, Albert Treytl

Sanna/ September 28, 2020/ Conference

Home Automation System (HAS) are a growing market, which is very diverse ranging  from consumer electronics like TVs, mobile phones and gaming consoles via WLAN connected sensors, power plugs or lightbulbs to building automation devices for HVAC systems or access solutions. Beside “classical” network technologies IoT technologies gain increasing spread and importance. This paper presents results of a representative survey analysing the security awareness and perception as well as susceptibility to cybercrime of HAS users in Austria. The aim of this survey is to investigate the spread of the device types, cybercrime attacks and security risks. These results are compared with technical vulnerabilities of such devices to identify relevant security risks and countermeasures. Additionally, a concept to protect sensor values directly in the analogue circuit is presented as an outlook to ongoing research. We asked Edith and Albert a few more questions about their talk. Please tell us the top facts about your talk. The most common HAS are Smart TV, voice assistants and surveillance cameras, but many other applications are on the rise. Respondents of the survey say

2509, 2020

DeepSec 2020 Talk: Efficient Post-quantum Digital Signature – Maksim Iavich (DeepSec Scholar 2020)

Sanna/ September 25, 2020/ Conference

Active work is being done to create and develop quantum computers. Traditional digital signature systems, which are used in practice, are vulnerable to quantum computers attacks. The security of these systems is based on the problem of factoring large numbers and calculating discrete logarithms. Scientists are working on the development of alternatives to RSA, which are protected from attacks by quantum computer. One of the alternatives are hash based digital signature schemes. Merkle digital signature scheme is the very promising alternative to the classical digital signature schemes. It must be emphasized, that the scheme has efficiency problems and can not be used in practice. Major improvements of the scheme lead to security vulnerabilities. I will show that Merkle uses hash functions many times. I will offer the improved implementation of the hash function. I

1709, 2020

DeepSec2020 Press Release: Industrial control systems put to the test. DeepSec conference organizes forum for the protection of Industrial Control Systems (ICS)

Sanna/ September 17, 2020/ Press

When one talks about digitization, one usually means networked control and measurement systems. The associated technical term Industrial Control Systems (ICS) covers a wide area and extends into Industry 4.0, in which information security plays a very important role. The right design and secure code thus become part of critical infrastructure. This year’s DeepSec security conference offers a forum for the first time – the ICS Village – in which developers and security experts can exchange ideas and experience. The stated goal is to design control systems securely, to implement them robustly, to test them properly, and to protect these systems appropriately. Servant spirits of the infrastructure Control systems and automated process control normally lead an invisible existence. Production lines, building management, lighting control, traffic systems, industrial plants or power supply are indispensable parts

1609, 2020

DeepSec2020 Talk: The Art Of The Breach – Robert Sell

Sanna/ September 16, 2020/ Conference

The Art of the Breach is designed to be a journey for anyone interested in physical security. Robert takes the audience on a trip from the public sidewalk outside a target organization all the way through to the executive filing cabinet in the President’s office. While many physical security talks focus strictly on the information security aspect of breaching, Robert will combine this with techniques used by first responders to enter a building. While social engineering and lock picking will be discussed, Robert will also outline the third option of forced entry. During this adventure, Robert discusses everything from successful reconnaissance to ensuring an easy exit afterwards. Robert spends time at each step to go over the various options for moving forward. Some of these options are easy and straightforward while others require preparations

1409, 2020

DeepSec 2020 Talk: Abusing Azure Active Directory: Who Would You Like To Be Today? – Dr. Nestori Syynimaa

Sanna/ September 14, 2020/ Conference

This will be one of the few online talks held at DeepSec. Dr. Nestori Syynimaa covers the wonderful world of Azure AD and third-party code. Azure AD is used by Microsoft Office 365 and over 2900 third-party apps. Although Azure AD is commonly regarded as secure, there are serious vulnerabilities regarding identity federation, pass-through authentication, and seamless single-sign-on. In this session, using AADInternals PowerShell module, I’ll demonstrate the exploitation of these vulnerabilities to create backdoors, impersonate users, and bypass MFA. The purpose of this session is to raise awareness of the importance of the principle of least privilege and the role of on-prem security to cloud security. We asked Dr. Nestori Syynimaa a few more questions about his talk. Please tell us the most important facts about your talk. Azure AD acts as an

1009, 2020

DeepSec 2020 Training: Open Source Intelligence Gathering on Human Targets – Robert Sell

Sanna/ September 10, 2020/ Training

Robert Sell conducts a two-day training at DeepSec. In his own words: „In this workshop I provide the class with real humans (missing persons) and while they are collaborating on this I provide tools and techniques for them to use to bring them closer to their goal. This is a hands on workshop where students will also have the opportunity to learn from each other. The beginning of the class will consist of a brief intro to OpSec considerations while the end will wrap up with report prep and intel safe guarding.“ We asked Robert a few more questions about his training. Please tell us the top 5 facts about your training. The Intelligence Community has been involved in open source intelligence (OSINT) for more than 50 years. The value of open source information

0909, 2020

DeepSec 2020 Talk: Caught in the Middle with You: Examining the Implications of Adversary Midpoint Collection – Joe Slowik

Sanna/ September 9, 2020/ Conference

Information security typically focuses on endpoint exploitation and manipulation. Endpoints are where our tools reside (EDR, log sources, and similar artifacts), and where we are most comfortable operating as these are the systems we interact with on a daily basis. However, adversaries increasingly migrate attacks to cover “midpoint” techniques (DNS manipulation, router exploitation, and traffic shaping mechanisms) to circumvent both endpoint and network defenses. Such actions shift operations to either devices we are unfamiliar with – routers, VPN concentrators, and similar devices – or systems and services completely outside our control – ISP equipment and fundamental Internet functionality. Although media stories highlighting such attacks exist, most threat analysis provides little information on the implications of such attacks or defensive strategies to meet them. By analyzing revelations emerging from various NSA-related leaks, followed by consideration

0409, 2020

DeepSec 2020 Talk: EPP/EDR – Unhooking Their Protections – Daniel Feichter

Sanna/ September 4, 2020/ Conference

More and more we see in our penetration tests, that companies do not just rely on the traditional endpoint protection (EPP). Instead they began to add an additional EDR to the existing EPP or they use an EPP/EDR combination from different vendors like Microsoft, CrowdStrike, Endgame etc. Compared to EPP, an EDR is not designed for the prevention of malware, but for detection, response and hunting. EDR systems have a high process visibility at the endpoint. This makes it possible to conduct malware analysis based on the monitored behaviour. For that some EPP/EDR products under Windows rely on the technique API-Hooking. API-Hooking is a method to check executed code (via APIs) for malicious content by interception. For this purpose, the EPP/EDR software injects its own .dll into the address memory of a process. In

0309, 2020

DeepSec 2020 Online Training: Mobile Security Testing Guide Hands-On – Sven Schleier & Ryan Teoh

Sanna/ September 3, 2020/ Conference, Training

This online course teaches you how to analyse Android and iOS apps for security vulnerabilities, by going through the different phases of testing, including dynamic testing, static analysis and reverse engineering. Sven and Ryan will share their experience and many small tips and tricks to attack mobile apps. We asked Sven and Ryan a few more questions about their training. Please tell us the top 5 facts about your training. Learn a holistic methodology for testing the security of mobile apps A full Penetration Test against iOS apps can also be done on non-jailbroken devices! Learn how to bypass Anti-Frida security controls in a mobile app with Frida Focus on hands-on exercises during the training with vulnerable apps build by the trainers You just need to have a laptop (no Android or iOS devices

0209, 2020

DeepSec 2020 U21 Talk: Protecting Mobile Devices from Malware Attacks with a Python IDS – Kamila Babayeva, Sebastian Garcia

Sanna/ September 2, 2020/ Conference

[Editorial note: We are proud to publish the articles about the U21 presentation slot for young researchers. The U21 track is a tradition of DeepSec. We aim to support (young) talents and give them a place on the stage to present their ideas and to gain experience.] Technology poses a risk of cyber attacks to all of us, but mobile devices are more at risk because there are no good detection applications for phones, and because they are the target of many novel attacks. We still don’t have a good idea of what our phones are doing in the network. To be better protected, mobile devices need better detection solutions from our community. In this talk I will present the development of Slips, a Python-based, free software IDS using machine learning to detect attacks

0109, 2020

DeepSec 2020 Talk: Security Model Of Endpoint Devices – Martin Kacer

Sanna/ September 1, 2020/ Conference

Have you ever asked these questions? You are using the latest mobile and using your laptop with the latest and patched OS, running antivirus: Do you need to worry about security? Isn’t there still something broken in the entire security and permission model? Why can the desktop application, that is not an internet browser, access and communicate by using any IP address? Why can the application access your whole filesystem and collect the files from there? Why can an android app with internet permission communicate using any arbitrary IP, even a private one? Why can the app communicate by using different domains? Isn’t the app market ecosystem creating a friendly environment for botnets? This talk will shed some light on these issues and propose some mitigation strategy. We have asked Martin a few more

2808, 2020

Press Release: Intensive Courses for crisis-proof Digitisation taking place in Vienna

Sanna/ August 28, 2020/ Conference, Press

DeepSec security conference focuses thematically in depth on critical dangers for IT. As is well known, the digital world never sleeps. The last few months have shown that society and the economy are more dependent than ever on globally networked technology. The worldwide spread of SARS-CoV-2 has given telecommunications an enormous boost. The home office, already known before, teleconferencing systems and internet applications had to stand in for physical meetings and enable the exchange of information. As the use of these technologies increased sharply, security problems were of course discovered. Zoom is a prominent example. However, only the tip of the iceberg was analysed. Many vulnerabilities are still waiting to be discovered around the world. Anyone who demands more digitisation is actually talking about information security. Precisely for this reason, the DeepSec Security Conference

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: