Tag Archive

How the BND monitors Communication in Austria

Published on July 12, 2018 By sanna

[Editor’s note: This article was originally published on the web site of the FM4 radio channel of the Austrian Broadcasting Corporation. We have translated the text in order to make the content accessible for our English-speaking audience.] How the BND monitors communication in Austria At the most important connection to the Frankfurt node DE-CIX data […]

Advanced and In-Depth Persistent Defence

Published on March 26, 2018 By lynx

The attribution problem in digital attacks is one of these problems that get solved over and over again. Of course, there are forensics methods, analysis of code samples, false flags, mistakes, and plenty of information to get things wrong. This is nothing new. Covering tracks is being done for thousands of years. Why should the […]

The Grotesqueness of the “Federal Hack” of the German Government Network

Published on March 19, 2018 By sanna

[Editor’s note: This article was originally published on the web site of the FM4 radio channel of the Austrian Broadcasting Corporation. We have translated the text in order to make the content accessible for our English-speaking audience. We will follow-up on it with an article of our own about attribution, digital warfare, security intelligence, and […]

DeepSec2017 Talk: Building Security Teams – Astera Schneeweisz

Published on November 14, 2017 By sanna

While ‘security is not a team’, you’ll find that most companies growing just beyond 60-80 people start employing a group of people focusing primarily on the topic. But the culture of secure engineering in a company does not only strongly correlate with when you start building a security team – it becomes (and grows as) […]

44CON revisited: Secure Design in Software is still a new Concept

Published on September 20, 2017 By lynx

We have been to 44CON, and we returned with lots of ideas and scary news about the state of security in devices and applications. Given the ever spreading Internet of Things (IoT) you can see why connecting random devices via a network with no second thoughts about design, updates, or quality control is a bad […]

Unicorns in the Wild – Information Security Skills and how to achieve them

Published on July 27, 2017 By lynx

Everyone talks about information security, countering „cyber“ threats, endless feats of hackers gone wrong/wild, and more epic stories. Once you have realised that you are reading the news and not a script for a TV series, you are left with one question: What are information security skills? The next question will probably be: How do […]

Malicious Software explores new Business Models – Politics

Published on July 19, 2017 By lynx

Malicious software has become a major component of criminal business and geopolitics. In addition it is a convenient explanation for anything one does not want to investigate. Since code always come from somewhere you have to ask yourself many more questions when it comes to infected networks and compromised hosts. What is the agenda of […]

Digital Security of the Future: Technology and Algorithms alone are no Substitute for Strategy

Published on July 14, 2017 By lynx

Unfortunately, you can not rely on antivirus programs when it comes to the security of your own business. Antivirus programs do not read newspapers, they do not attend lectures, they don’t protect you from social engineering or know the meaning of Facebook friends or Twitter tweets. False friends, indeed. The continuous monitoring and evaluation of […]

BSidesLondon 2017 – Sharing is indeed Caring

Published on June 20, 2017 By lynx

When airport security meets information security it’s usually BSidesLondon time. It was a great experience. And since DeepSec sponsors the Rookie Track we had a very tough decision to make. It’s really hard to pick a winner. A lot of presentations were excellent, and the presenters made the most out of the 15 minutes. The […]

Biometrics and Failures in understanding Security – Copy & Paste Iris Scans

Published on May 23, 2017 By lynx

Biometrics has an irresistible attraction. Simply by mentioning the fact that you can measure parts (or surfaces) of the body and convert them to numbers a lot of people are impressed out of their mind. Literally. In theory biometric information serves as a second set of data to be used for any purposes. A common […]

DeepSec welcomes SEC Consult as Sponsor for 2017!

Published on May 12, 2017 By lynx

Testing products, production code, security measures, or the overall security of infrastructure is hard work. The typical needs in term of information technology for a company or an organisation has become a variety of components that need to be maintained and hardened against attacks. The devil is in the details. In order to find critical […]

DeepSec welcomes Digital Guardian as Sponsor for 2017

Published on May 11, 2017 By lynx

No event can be done with supporters, and so we welcome Digital Guardian as sponsor for the upcoming DeepSec 2017 conference! If you have data in your organisation, then you might be interested in talking to Digital Guardian’s experts, because they know a lot about what data does, where it lives, what endpoints really are, […]

DeepINTEL 2017 – Modern Strategies for Information Security

Published on March 13, 2017 By sanna

Seminar on Digital Defence with Experts. The news is full of reports covering attacks against networked systems and digital components. Every day there is new media coverage about stolen data, compromised accounts, the impact of malicious software, digital second strikes, cyber attacks between countries and new vulnerabilities in computer systems. All that leads to the […]

DeepSec2016 Talk: Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets – Gerhard Klostermeier

Published on November 3, 2016 By sanna

Wireless desktop sets have become more popular and more widespread in the last couple of years. From an attacker’s perspective, these radio-based devices represent an attractive target both allowing to take control of a computer system and to gain knowledge of sensitive data like passwords. Wireless transmissions offer attackers a big advantage: you don’t have […]

DeepSec2016 Talk: AMSI: How Windows 10 Plans To Stop Script Based Attacks and How Good It Does That – Nikhil Mittal

Published on October 20, 2016 By sanna

In his talk Nikhil Mittal will focus on AMSI: In Windows 10, Microsoft introduced the AntiMalware Scan Interface (AMSI), which is designed to target script based attacks and malware. Script based attacks have been lethal for enterprise security and with the advent of PowerShell, such attacks have become increasingly common. AMSI targets malicious scripts written […]