DeepSec 2024 Press Release: Manipulation on Social Media is dangerous for Democracies

Sanna/ September 24, 2024/ Conference, Press/ 0 comments

DeepSec conference publishes schedule and focuses on disinformation algorithms The original purpose of introducing Social Media was to provide individuals with a platform for expressing their own views. However, its increasing popularity has led to a creeping appropriation. Texts generated by algorithms, robot farms and dubious decisions by platform operators have turned social media into a hotbed of disinformation. The casual click on share, like buttons or the insertion of arbitrary comments, creates efficiency in mass manipulation. Political commentator Randahl Fink will analyse these practices at the opening of the DeepSec conference. Information and disinformation Most people think of technical implementations when they hear the terms information technology (IT) or information security. Of course, the foundation comprises networks, server systems, storage media and connections to the Internet. In addition, there are many end devices

Read More

DeepSec 2024 Press Release: State Attacks on Information Security continue unabated. End-to-end Encryption remains an important and threatened Component of Security.

Sanna/ June 9, 2024/ Press/ 0 comments

The introduction of strong encryption has repeatedly led to disputes with authorities and the government in the past. Whether it’s mobile networks, email systems, messengers or the World Wide Web, every iteration of the technical protocols requires backdoors that jeopardise the entire communications infrastructure. The DeepSec conference warns against opening the door to espionage. Secure or insecure, that is the Question Encryption inevitably has to do with mathematics, and the algorithms used in encryption technologies almost always originate from mathematical research. There are ready-made and well-tested components for IT infrastructures that are freely available. The critical point in securing communication is always to prevent messages from being intercepted. The only way to do this is with end-to-end encryption (EE2E). The keys involved remain exclusively with the sender and recipient. All parties involved in forwarding

Read More

DeepSec 2024 Press Release: The limits of ‘AI’ language models lie in security. DeepSec warns: ‘AI’ language models generate content and override authorisations

Sanna/ June 4, 2024/ Conference, Press/ 0 comments

    Language model algorithms, also known as generative artificial intelligence, continue to celebrate their supposed triumphant advance through many media platforms. Security researchers have analysed the products and revealed a number of weaknesses in the ‘AI’ applications. This year’s DeepSec conference is dedicated to the threats posed by ‘AI’ learning models that use incomplete restrictions to analyse public and sensitive data. Large Language Models (LLMs) as Auto-Completion The technical description of the many ‘artificial intelligence’ (‘AI’) products on the market is impressive. In simple terms, the concept behind the advertising campaigns consists of algorithms that copy as much data as possible, break it down and then recombine it to provide answers to any questions. The learning process when creating the language model is not initially monitored or moderated. Only in later phases does

Read More

DeepSec 2023 Press Release: Open Source Intelligence Training for Companies – DeepSec Conference offers OSINT Training in IT Security Skills.

Sanna/ November 7, 2023/ Conference

In information security, the focus is often placed on technical solutions and ready-made security products. Successful attacks always start with the reconnaissance of information from freely available sources. This so-called Open Source Intelligence (OSINT) is closely interwoven with social engineering methods, which are an indispensable part of successful attacks. The DeepSec conference offers a two-day intensive training course on this topic. A head start through the right information Reports on data leaks at companies rarely reflect the actual process. Although it is often simplistically mentioned that social engineering was used in a phishing attack, the methods have changed considerably in recent years. The path to a successful phishing message involves many steps and enormous preparation. Any publicly available information is collected and analysed by the attackers. Most companies and organisations have weak points in

Read More

DeepSec 2023 Press Release: Digitalisation Requires More Than Just Technology – DeepSec Conference Combines Digitalisation With IT Security Trainings

Sanna/ September 20, 2023/ Conference, Press

Digitalisation is a great opportunity and has arrived in all areas of society. However, there is more to it than using digital data and computer systems. Processes and ways of working need to be adapted. In addition, information security must be considered throughout, from design to implementation. The DeepSec conference again has extensive training on this topic in its programme. Digitalisation generates opportunities and markets The basic idea of digitalised processes in companies and administration is simplification through the use of IT infrastructure. Data is more easily available. Documents can be searched and found more easily. This also means that more information is available in digital form. The opportunities and markets generated by this are not all legal. In 2022, data from one billion Chinese nationals was copied. In 2018, the Indian government reported

Read More

DeepSec 2023 Press Release: Language Models do no cognitive Work –

Sanna/ August 30, 2023/ Conference, Press

The term Artificial intelligence (AI) is in the media, but it consists only of language simulations. If one follows the logic of the products currently offered under the AI label, we could easily remedy the shortage of skilled workers in the information technology sector. Take random people and let them consume tutorials, code examples, training videos and other documents related to the field of application for a few months. After this learning phase, skilled workers would automatically be available. TThe DeepSec conference is asking why there is still a lack of qualified personnel in IT. Algorithmically, the problem already seems to have been solved. Large Language Models (LLMs) and AI The so-called generative AI, which is now on everyone’s lips, is mathematically assigned to the research field of artificial intelligence. GPT, LLaMa, LaMDA or

Read More

DeepSec 2023 Press Release: DeepSec 2023 publishes Programme – This year’s conference focuses on language models and infrastructure

Sanna/ August 30, 2023/ Conference, Press

  Everyone is discussing Artificial Intelligence language models that have vast amounts of learning data. Language models are supposed to revolutionise information technology overnight, but their first applications are actually digital attacks. TThe current state of deep fake detection, social engineering attacks, and security incident response benefits will be highlighted at the DeepSec security conference this year. Of course, there are many more presentations that are indispensable for digital defence. Language models do not think, they forge Attacks through phishing emails and social engineering bypass technical measures through communication. By imitating victims’ language, attackers try to get them to support the attack with their own actions. Artificial persuasion is the speciality of AI language models, as they are designed to simulate conversation. Alexander Hurbean discusses which tools are available for these attacks and how

Read More

#DeepSec Press Release: IT Security Has A Deficit In Defence

Sanna/ April 24, 2023/ Press, Security

[DeepSec traditionally leans more on the defence side of things. So we published this article.] Many people are now aware of the importance of information security, but how to operate secure systems is often not obvious. The reason lies in the deficit of real defence measures. This may sound paradoxical, but many products on the market deal with the activities after a successful attack. The prevention of attacks is mostly ignored. This year’s DeepSec conference therefore wants to provide some tuition in digital defence measures. Fire extinguishers instead of fire protection A simple scenario will serve as an illustration. Imagine that a company accumulates flammable material in its offices for historical reasons. Grown procedures lead to the fact that more and more hazardous materials are distributed throughout the premises. There is plenty of space.

Read More

DeepSec Press Release: Analysis IT Security – DeepSec conference offers rich education for digital defence

Sanna/ November 2, 2022/ Conference, Press

Defending one’s digital infrastructure has never been more important. The fundamental problem of many defensive structures is the lack of an overview. Penetration tests help little if you don’t know exactly how your systems are connected to the rest of the world. This year’s DeepSec security conference offers rich support and content to sustainably increase one’s own security. On board is our supporter, the company NVISO, focusing specially on companies and organisations in critical areas. Security landscape requires collaboration Modern information technology is based on complex and extensive architectures. How do you determine the state of your own security? Many companies are not familiar with the different approaches of testing methods. The term “penetration test” has already entered the minds of many, but what findings and facts are obtained during such tests is often

Read More

Press Release: Attacks On IT Through Desktop And Mobile Devices

Sanna/ September 7, 2022/ Press

DeepSec conference focuses on everyday devices as a risk for corporate IT. Attacks on the digital infrastructure of companies, authorities and organizations are often staged as a cinema spectacle in the reporting. Unfortunately the opposite is the case. A burglary in digital infrastructure happens without any broken glass or smashed doors. Attackers can only be successful if superficially everything continues as before. They don’t come through the windows or the underground car park, but via everyday applications on the desktop or smartphone. This year’s DeepSec security conference is therefore trying to sharpen the view on everyday life in the office and at the workplace. Two-day training sessions are offered focusing on workplace hazards, as well as two days of lectures to bring you up to speed. War for the desktop and personal devices Few

Read More

Press Release: Spy Tools must not become Standard Software

Sanna/ August 3, 2022/ Press

DeepSec security conference warns of the growing market for spy tools. Information technology has gained a new acronym: Private-Sector Offensive Actor (PSOA). PSOA means something like a private-sector offensive opponent. The specific case of a PSOA has also reached Austria because of research by Microsoft®. An Austrian company is accused of being involved in digital attacks on Microsoft® customers in Europe and Central America. The case illustrates that spyware continues to be developed and used as a dangerous threat to information security. The DeepSec security conference taking place in November repeatedly warns against such technology and will deal specifically with the details of industrial espionage. Threatening security as a business model Bypassing security measures is a lucrative business model. Companies are active in this field all over the world. Some buy knowledge of security

Read More

Press Release: Ransomware Attacks Are No Force Majeure

Sanna/ July 7, 2022/ Press

DeepSec security conference reminds you of basic IT protection and secure system architecture. Malware attacks that encrypt data of victims seem to have increased recently. In fact, these ransomware attacks are only part of an evolution among the attackers. Attack software moves with the times. An important reason for the accumulation is the standstill in defense. This year’s DeepSec security conference offers exchange with experts and high-quality further training for protecting your own IT. Basic Misunderstandings Comparing the reports of incidents involving ransomware attacks, one might conclude that these are inevitable natural events. Of course, that’s not the case. If one sticks to the biological analogy of the virus, a favorable combination of prerequisites for the infestation of ransomware results. In the beginning, there is always a deception in the form of a fake

Read More

DeepSec 2021 Press Release: Organized Espionage on Digital Devices. DeepSec Conference Warns: Searching for “Forbidden” Data on Clients Compromises Information Security.

Sanna/ October 25, 2021/ DeepIntel, Press

A basic principle of information security is access control. We are all used to the fact that data is only available to people and systems with the right authorizations. The discussion about the search for prohibited image files on Apple systems sparked the discussion about the so-called Client-Side Scanning (CSS) technology. Searching for specific content past access restrictions has always been an appealing shortcut. It is now clear that CSS leads to serious problems that endanger the basis of information security and do not bring the hoped-for benefits. Instead, there are additional security loopholes. Search of end devices Lately, the EU Commission and law enforcement authorities have repeatedly addressed the issue of circumventing secure encryption. In mathematical terms, we cannot carry strong encryption out without stored duplicate keys or deliberately weakening the technologies used.

Read More

DeepSec2021 Press Release: Company Desktops as a Gateway for Digital Attacks

Sanna/ October 1, 2021/ Conference, Press

Home office relocates the digital company door across countries and cities into the living space. Teleworking has been around for over 50 years. The virtual way of working has gained a lot in importance since last year. The pandemic has increased the distance and technology for the home workplace has made a real breakthrough. Unfortunately, the same cannot be said for information security. Many installations lack basic security, especially when using personal devices without company in-house configuration. The DeepSec conference and Certitude Consulting warn against the use of systems without adequate protection. Bring your own demise with private hardware The COVID-19 pandemic has created great pressure to give employees access to their work environment from home. The implementation requires careful planning and the use of secure end devices and protocols in network transmission. Popular

Read More

DeepSec 2021 Press Release: DeepSec and DeepINTEL Publish Conference Program

Sanna/ September 23, 2021/ Conference, DeepIntel, Press

IT security has a lot of catching up to do, digitization is on an insecure foundation. The COVID-19 pandemic will celebrate its second birthday next year. Our everyday life has become more dependent on digital tools and platforms. If you want to rely on the convenience of the digital world, data and communication must not be threatened by weak points. Unfortunately, this is not the case, which is why the annual DeepSec IT security conference will again address threats for companies and authorities this year. Expectations Digitization is largely viewed uncritically as a metaphorical bringer of salvation. It should make work easier, make information more accessible, reduce administration and, in principle, solve or at least reduce problems in every area. The term Artificial Intelligence is often used when promoting the future. In the key

Read More