At the second day of the TROOPERS16 conference an interesting talk about Advanced Persistent Threats took place from Marion Marschalek and Raphaël Vinot. Marion Marschalek is a Security Researcher, focusing on the analysis of emerging threats and exploring novel methods of threat detection. Marion started her career within the anti-virus industry and also worked on advanced threat protection systems where she built a thorough understanding of how threats and protection systems work and how both occasionally fail. Continue reading “The Kings in your Castle”
Continue readingAnonymization IPv6 in PCAPs – Challenges and Wins
Jasper Bongertz is a Senior Technical Consultant at Airbus Defence and Space CyberSecurity. He is focusing on IT security, Incident Response and Network Forensics.
During the IPv6 summit on Troopers16 he had given a talk on anonymization IPv6 in PCAPs and presented his new tool.
Continue reading “Anonymization IPv6 in PCAPs – Challenges and Wins”
draft-vyncke-pim-mld-security
Right now, I’m in Buenos Aires for IETF95 where, amongst others, an Internet-Draft authored by Eric Vyncke, Antonios Atlasis and myself will be presented (and hopefully discussed) in two working groups. In the following I want to quickly lay out why we think this is an important contribution.
Continue reading “draft-vyncke-pim-mld-security”
Continue readingAdvanced IPv6 Network Reconnaissance
Fernando Gont, who is specializing in the field of communications protocols security, gave a talk during this year’s Troopers IPv6 summit. He spoke about network reconnaissance techniques in IPv6 area and presented a brand new set of tools for this purpose.
Continue reading “Advanced IPv6 Network Reconnaissance”
Patch Me If You Can
Right after the Opening Keynote of TROOPERS16, an informative and interesting talk took place at the SAP Security track. This talk was given by three speakers; Damian Poddebniak who is currently a master student at the University of Applied Sciences of Münster, Sebastian Schinzel who works as an IT security Professor at the University of Applied Sciences of Münster and he is also the founder of CycleSEC GmbH and finally the sixth-time speaker at Troopers “Andreas Wiegenstein” who is the CTO of Virtual Forge GmbH and a professional SAP security consultant since 2003. Continue reading “Patch Me If You Can”
Continue readingTools for Troubleshooting and Monitoring IPv6 Networks
Yet another interesting 180-minute workshop in IPv6 Security Summit of TROOPERS16, which aimed to introduce the IPv6 troubleshooting and monitoring tools, which are essentially needed by users in order to know how to deal with IPv6 in any IPv6-enabled network.
Before we dive into this post, let me introduce you in few words “Gabriel Müller” the speaker and the instructor of this workshop. Gabriel works as a senior consultant at AWK Group by mainly assisting clients in the public and private sectors as a project manager and an expert in the network area.
Continue reading “Tools for Troubleshooting and Monitoring IPv6 Networks”
Continue readingBuilding a secure and reliable IPv6 Guest Wi-Fi Network by Christopher Werny
Christopher Werny leads the network security team for ERNW and since 2005 he is involved in numerous IPv6 projects where he is responsible for planning, implementation and troubleshooting existing projects. Continue reading “Building a secure and reliable IPv6 Guest Wi-Fi Network by Christopher Werny”
Continue readingCaring for file formats
Ange Albertini is a reverse engineer and author of Corkami.
First and foremost he explained what a polyglot file is. A polyglot is a special file that has more than one type in the same file. For example, Ange Albertini demonstrated a polyglot which is a pdf, a pdf reader, a java executable and an html file inside of one file. Continue reading “Caring for file formats”
Continue readingThe road to secure Smart Cars: ENISA approach
At TROOPERS16, Dr. Cédric LÉVY-BENCHETON an expert in cyber security at ENISA, the European Union Agency for Network and Information Security. Dr. Cédric LÉVY-BENCHETON holds a presentation about cyber security of IoT (Internet of Things) and smart cars he presents the current threats in IoT and Smart cars. ENISA is an agency of the European Union. ENISA assists the Commission, the Member States and, the business community in meeting the requirements of network and information security. Continue reading “The road to secure Smart Cars: ENISA approach”
Continue readingQNX: 99 Problems but a Microkernel ain’t one!
The talk “QNX: 99 Problems but a Microkernel ain’t one!” was part of the Troopers conference in Heidelberg, 16 March 2016. The talk was done by the researchers Alex Plaskett and Georgi Geshev from the MWR Labs. The MWR Labs is the research department of the cyber security consultancy MWR InfoSecurity located in the UK.
The talk provided an overview of the research on the architecture and security systems of the QNX kernel with focus on the Blackberry 10 operating system. The talk was divided into two parts. First Alex Plaskett gave an introduction regarding the general structure of the QNX operation system and introduced the main subsystems. Second Georgi Geshev presented tools and approaches to abuse vulnerabilities in the QNX system.
Continue reading “QNX: 99 Problems but a Microkernel ain’t one!”