Events

CSA Summit CEE and BSides Ljubljana 2017

At the end of last week I had the pleasure to visit the CSA Summit CEE and the Bsides Event in Ljubljana.

At CSA, I was talking about hypervisors, breakouts and an overview of security measures to protect the host. (Slides)
This ranged from the basic features some hypervisors provide out of the box to advanced features like SELinux, device domain models and XSM-FLASK.

Most of the other talks were more targeted towards management level employees, but even as a fairly technical person I found Mike Bursell’s talk  highly interesting. After my talk about securing the host system from a malicious guest, he dealt with the inverse: Technologies to protect a guest from a malicious or compromised host.

At BSides Ljubljana, I was talking about Binary Analysis Frameworks e.g Angr, Triton and others.
My slides can be found here, the video recording of the presentation should be available soon too. The cheat-sheet mentioned can be found in the official repository and will be maintained there.

Both conferences provided a great opportunity to meet interesting people and were small enough to get to know (nearly) everyone.

Cheers,

Florian

Continue reading
Events

TR17 Training Teaser: Wireshark Scripting with Lua (2 days training)

This is a guest blog by Peter Kiesberg and Sebastian Schrittwieser for their training, Wireshark Scripting with Lua

Learn, how to script Wireshark to better suit your needs, as well as save on costs by letting Wireshark automatize many of your daily analytical tasks!

In this highly interactive training at TROOPERS you will learn how to write your own protocol dissectors to support new protocols unknown to the standard Wireshark, as well as create your own analysis mechanisms for gathering more details on known protocols. Use Wireshark as a tool for post-processing and data analytics, as well as for triggering alarms based on traffic patterns. With the integration of the highly versatile Lua scripting language into Wireshark, it is possible to tailor the capabilities of Wireshark right for you special requirements. In this two-days training you will learn how to customize Wireshark starting from scratch with an in-depth introduction to Lua over writing simple dissectors for unknown protocols to setting up customized network analysis scenarios. Continue reading “TR17 Training Teaser: Wireshark Scripting with Lua (2 days training)”

Continue reading
Events

TROOPERS17 GSM Network – How about your own SMPP Service?

Hello fellow Troopers!

The event of the events is getting closer and again, we are very optimistic to have a lot of awesome trainings, talks, evening events, and discussions. But we again will also have some “features” and gimmicks for those of you who would like to play with new, old, or just interesting technologies. As you might remember, since some years one of these features is and again will be our own GSM Network. As we are improving our setup from year to year, this time we’d like to give you the chance to actively participate with ideas and your own services.

Continue reading “TROOPERS17 GSM Network – How about your own SMPP Service?”

Continue reading
Events

TR17 Training Teaser: Suricata: World-class and Open Source

This is a guest blog by Andreas Herz and Peter Manev for their training,  Suricata: World-class and Open Source

Suricata is an advanced open source network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. Suricata is owned and supported by the Open Information Security Foundation (OISF), a US based non-profit organization dedicated to open source security technologies. Suricata’s use around the world and ongoing development is the result of the open source community with focus on security, performance and advanced features. Continue reading “TR17 Training Teaser: Suricata: World-class and Open Source”

Continue reading
Events

TR17 Training Teaser: Developing Burp Suite Extensions – From manual testing to security automation

This is a guest post from TR17 trainer Luca Carettoni: Developing Burp Suite Extensions

Ensuring the security of web applications in continuous delivery environments is an open challenge for many organizations. Traditional application security practices slow development and, in many cases, don’t address security at all. Instead, a new approach based on security automation and tactical security testing is needed to ensure important components are being tested before going live. Security professionals must master their tools to improve the efficiency of manual security testing as well as to deploy custom security automation solutions. Continue reading “TR17 Training Teaser: Developing Burp Suite Extensions – From manual testing to security automation”

Continue reading
Events

TelcoSecDay 2017 – Next Talks and Agenda

As Troopers17 and TSD are getting closer, I’d like to publish the next talk’s abstract and a preliminary agenda. Still, the agenda is not final yet but you already can see some more confirmed talks. I hope to be able to confirm and publish more information about these slots soon. Also, please note that the TelcoSecDinner will start at 7pm – see more below.

Continue reading “TelcoSecDay 2017 – Next Talks and Agenda”

Continue reading
Events

33c3 Talks – What could possibly go wrong with “insert x86 instruction here” ?

This was one of the few technical talks at 33c3 I managed to see, by that I mean live-stream during an access control shift, by Clémentine Maurice and Moritz Lipp.

The talk gave an overview of some already known possible information leaks by abusing certain x86 instructions(the same concept applies to ARM too though) and demonstrating the various ways an attacker could use them. Continue reading “33c3 Talks – What could possibly go wrong with “insert x86 instruction here” ?”

Continue reading
Events

ERNW at 33C3 – Part 1

This is part 1 of our report series on interesting talks of the 33rd Congress of the Chaos Computer Club. Every year the congress attracts hundreds (up to twelve thousand this year) of technical interested people with the opportunity to socialize and exchange knowledge with each other. The congress is organized by the European largest hacker association and speakers give talks about technical and societal issues like surveillance, privacy, freedom of information, data security and various more.

Talks in this part deal with CCC at schools, Wi-Fi security and the security of the N26 banking app.

Continue reading “ERNW at 33C3 – Part 1”

Continue reading