In the beginning of September, I had an opportunity to take part in BlackHoodie – a reversing workshop for women organized by Marion Marschalek, senior malware researcher at Cyphort, Inc. It took place on 5th and 6th of September at University of Applied Sciences St. Pölten, Austria. Continue reading “BlackHoodie: Reversing Workshop for Women”
Continue readingCategory: Events
Reminiscing About Black Hat USA 2015
While searching for some photos for my last blog post on Thinkst Canary I found a couple more from our recent trip to Black Hat USA and DEF CON, which I consider worth sharing. Nothing too technical, just some visual impressions and comments from my side. Let’s get it on!
Continue reading “Reminiscing About Black Hat USA 2015”
Continue readingMiner’s Canary Revival in IT Security
What is a Miner’s Canary?
Well, it’s a canary (these cute yellow songbirds some people have as a pet), and its main feature is that it dies before you will.
What the hack [pun intended]? And by the way… what has this to do with IT Security? Well… let me first quote Wikipedia on the birds:
Continue reading “Miner’s Canary Revival in IT Security”
Continue readingIPv6@MRMCD2015
Greetings everyone,
On Saturday last week I had the pleasure of delivering a workshop on IPv6 networking at the MRMCD2015 conference in Darmstadt, Germany. It goes without saying that the atmosphere was quite amicable; as usual at CCC-related events. What definitely impressed me the most was the diversity of the audience. There were around thirty attendees representing several age groups and all with seemingly differing backgrounds.
Continue reading “IPv6@MRMCD2015”
Continue reading24th USENIX Security Symposium & WOOT Workshop
Recently I had the pleasure to attend the 24th USENIX Security Symposium and its co-located Workshop on Offensive Technologies (WOOT) in Washington, D.C. The workshop has received quite some attention this year, 57 submissions of which 19 have been accepted, so that the organizers decided to double its length from one to two days. Continue reading “24th USENIX Security Symposium & WOOT Workshop”
Continue readingBlack Hat Talks & Papers related to Windows/Active Directory Security
This year’s Black Hat US saw a number of quite interesting talks in the context of Windows or Active Directory Security. For those of you too lazy to search for themselves 😉 and for our own Windows/AD Sec team (who couldn’t send anyone to Vegas due to heavy project load) I’ve compiled a little list of those.
Continue reading “Black Hat Talks & Papers related to Windows/Active Directory Security”
Continue readingIPv6 Hackers Meeting @ IETF 93 in Prague
After the first “IPv6 Hackers Meeting” held two years ago in Berlin, Fernando Gont kindly organized a similar event in Prague last week.
Continue reading “IPv6 Hackers Meeting @ IETF 93 in Prague”
Continue readingBT SnoopCon
I had the honour to be invited to BT‘s SnoopCon, which is their annual internal conference for people involved with security at BT. There were several external and internal speakers and I was stunned by the quality of the talks and the collaborative atmosphere. Since this event is somewhat internal (even though I’m obviously allowed to talk about it), I won’t go into details, however there were two particularly great talks about military war games (which I personally enjoyed very much given my history in CTF contests) and PoS security.
I was presenting on our progress in the area of Connected Car security and presented the lessons we learned from our lab and the Troopers Connected Car Roundtable (which we will have again for TR16) and how they will influence our traditional pentesting approach when it comes to cars (slides can be found here).
Best,
Matthias
Continue readingCSA.no Nordic Summit
Flo and I had the pleasure to present at the CSA Nordic Summit in Norway. Being in Oslo for the first time, we enjoyed the conference (small, familiar atmosphere) very much and want to thank Lars and Kai for putting together such a good event & having us there!
Our slides can be found here:
Tools of the Trade: Lessons Learned from the (C)ISO’s Desk
best,
Matthias
Continue readingNANOG64
I recently had the pleasure to join the 64th NANOG (North American Network Operators’ Group) meeting in San Francisco, which can be understood as one of the largest Internet engineering conferences at all. It takes place three times a year at different locations in North America.
What I personally like about NANOG is its strong collaborative and cooperative character. It is not about single persons and also not too much about spectacular projects but more about discussing technologies, ideas, challenges and numbers. Every talk has a comparatively large time slot reserved for discussion, which is often more than fully used. Discussion is typically actively focused and is more time-consuming (and even more relevant) than the talk itself. Which often is intended by the community. The climate of discussion is almost always impressively polite and constructive, even for controversially discussed topics.
Continue reading