May 25, 2015 by Niki Vonderwell

Beyond the Thunderdome:
A Review of TROOPERS15

Here in Heidelberg we are already gearing up for TROOPERS16 (taking place from 14th to 18th March 2016!). While you are preparing for our Call for Papers or waiting eagerly to sign up for your spot in one of our legendary trainings take a look at our newest blog series “Beyond the Thunderdome: A Review of TROOPERS15”. It may offer some inspiration, help you kill time while waiting for next year’s TROOPERS, or for those that are new to our conference, give you a taste for what TROOPERS is all about. See you soon at TROOPERS16!

The first of our series is a combination of talks from our Management Track with the focus on Defense topics. Each summary comes complete with video and slides for your viewing pleasure. 😉

Continue reading “Beyond the Thunderdome:
A Review of TROOPERS15″

Events

May 24, 2015 by Enno Rey

RIPE70 in Amsterdam

Two weeks ago Christopher and I joined the RIPE70 meeting in Amsterdam. Being part of the group was fun as always and we had quite some interesting conversations with peers from the IPv6 community.

Continue reading “RIPE70 in Amsterdam”

Events

May 20, 2015 by Kevin Schaller

ERNW @ HAXPO 2015

There are lots of interesting places to visit in Amsterdam, but if you are there between the 26th and the 29th of May, then our booth at HAXPO exhibition should be your main destination.

HAXPO is a great exhibition, where you can become up-to-date with the latest security technologies, attend various workshops and get in touch with more than 35 IT and information security companies. It will take place in the beautiful historical building “Beurs van Berlage” in the center of Amsterdam. As usual, ERNW will take part in HAXPO. We will be waiting for you in the Community Village section (booth NL-018). Come visit and get to know more about us. You are invited to take our hacking challenges, where the levels of complexity vary from beginners to advanced. Furthermore, we will bring our KNX hacking suitcase!

In addition to the exhibition, HAXPO offers a very interesting track of must-see briefings about security and cutting-edge innovations. Don’t miss the talks held by ERNW members! On May 29th, you will see Oliver Matula and Christopher Scheuring with their talk “When You Stare into the Sandbox, It Stares Back at You: Evaluating the APT Armor”. On the same day Rafael Schaefer and Jason Salazar will lead you through “Pentesting in the Age of IPv6”.

See you there!

Olga & Ahmad

Building

May 17, 2015 by Hendrik Schmidt

How to Get a BaseStation

In our talks in the past we showed what might be possible if an attacker gets access to backhaul and/or core network of a telecommunication provider. In a security analysts perspective this is really disgusting, but provider always will argument that those attack scenarios are not realistic.

Continue reading “How to Get a BaseStation”

Breaking

May 12, 2015 by Frank Block

Analysis of an Alarm System – Part 2/3

A few days later than planned (sorry about that), but here we go with part 2 (Part1) and the demodulation/analysis part.
Continue reading “Analysis of an Alarm System – Part 2/3”

Events

May 5, 2015 by Benedikt Troester

Hek.si 2015

Hey!

I attended this really nice conference in Slovenia on April 16th. It was a smaller conference, but very memorable for the people (students, IT sec professionals and managers alike) who attended.
I also had the pleasure to present on How secure am I with EMET? and Evaluating the APT armor and wanted to share the slides with you — feel free to approach me for any kind of feedback or discussion.

I’m looking forward to go to Ljubljana again! 😉

Greetings,
Benedikt

Building

April 30, 2015 by Enno Rey

OS IPv6 Behavior in Conflicting Environments

I was invited by the Swiss IPv6 Council to give a talk on this topic yesterday. We had good conversations after the talk – thanks for the invitation!

For those interested the slides can be found here. I will happily discuss the intricacies of DHCPv6 and how to deploy it in complex environments at the upcoming IPv6 Business Conference in Zurich and in my “IPv6 in Enterprise Networks” training in Berlin.

Have a great day everybody

Enno

Events

April 29, 2015 by Jayson Salazar

SSL Tidbits at the BASTA.NET

A while a go Dominik and I gave an introductory presentation about SSL at the BASTA.NET conference, a developer-oriented event held in Darmstadt twice a year. At that time there were quite some enthusiastic participants but recently we’ve also gotten some inquiries asking for the relevant materials. Although there’s no recording of the session, we’ve decided to put the slides here for those interested who didn’t make it to the talk.

“Who should have a look at the slides?” you ask, well, if you’ve been wanting to get a sense for what the idea behind SSL is, where it is used, how it is usually leveraged and what problems could arise when poorly employed, you will certainly find the slide-deck interesting. Although the session was meant to slowly get participants up to speed in matters SSL, it’s still likely that more informed folks will still find it interesting, even if just as a refresher about key and certificate formats, PKI 101, SSL stripping, secure cookies, and other topics.

Without further, here’s slide deck.

For the hungry, here are some other interesting resources we suggested to attendees willing to go a bit deeper on the topic after the talk.

– OWASP – SSL für Alle
– OWASP – Transport Layer Protection Cheat Sheet
– Mozilla – Server Side TLS

For those attending to the BASTA.NET next autumm, we’re looking forward to meeting you. But for the time being, that’s going to be pretty much it.

Thanks for reading and let us know what you think.

Breaking

April 28, 2015 by Sebastian Biehler

Car Hacking Lab – Work in Progress

We just wanted to share some impressions from our car hacking lab:

stay tuned,

The ERNW Car Hacking Team

Events

April 21, 2015 by Benedikt Troester

Troopers PacketWars 2015 – Write Up

Hello Hackers!

This year’s PacketWars contest at Troopers was a blast! Under the topic of “Connected Car” the teams faced several different challenges, which we will describe (as a debriefing) here.

Continue reading “Troopers PacketWars 2015 – Write Up”