Opisi predavanj - HEK.SI

 

Army of Undead – Tailored Firmware Emulation

The exploding number of embedded systems, like network cameras, routers and programmable logic controllers (PLCs) of the past years raise the question how secure these devices are and which connections are established in the background. As these devices are often concepted as closed systems, a popular possibility is emulation of the firmware of such devices. Past projects like FIRMADYNE by Chen et al. and Automated Dynamic Firmware Analysis at Scale by Costin et al. showed that emulation of such devices is possible, but only by doing manual modifications on the Linux kernel and restricted to few architectures. During this talk, comprehensive methods for tasks like finding the file system root, determining the exact instruction set and emulating the target firmware in an automated manner will be discussed. All these steps can be done by simple scripts and open-source components without changing the code of any kernel. In contrast to known projects, a wide spectrum of CPU architectures (SH4, PPC, ARMv5/6/7, MIPS/MIPS64 and x86) as well as different init systems (System V / D) can be covered.Partial emulation of incomplete firmware upgrade files was also done to check libraries for known vulnerabilities. This was achieved by using the combination of Buildroot and QEMU. The methods, that were tested for the past year, were used for identifying vulnerabilities in various embedded devices without owning the hardware. The overall outcome of different known and unknown vulnerabilities was recorded during a large scale study through over 40 different vendors. Many of the easily found vulnerabilities could have been avoided while few others, that were more difficult to find, are harder to mitigate. A smaller count of backdoor-like functionalities were also identified in some of the tested product firmware.

Thomas Weber
SEC Consult, an Atos company
Petek, 12.02.2021
11:25 - 11:50
O predavatelju

AWS Security: Sweet dreams vs reality - Case Study

This talk is a guide through some of the most common vulnerabilities in AWS deployments and ways how hackers exploit them. Come to have a look from a hacker's point of view. It helps you to become a better defender.

Tomáš Zatko
Citadelo
Četrtek, 11.02.2021
16:35 - 17:00
O predavatelju

Cognitive Hacking - Age of Covid

The science of persuasion has become more sophisticated in recent years, especially thanks to technology. Digitally crafted information can trigger economic collapses, wars and influence people's behavior.
How easy is to influence and program people without their knowledge? How hard is it to persuade a part of the population big enough to destabilize a democracy?
Cognitive hacking is the practice of changing the behavior of the target by manipulating the perceptions and exploiting psychological vulnerabilities.
In a world where fake news dominates the conversation, attackers find more and more ways to produce and exploit misinformation.
This talk will explore the ways in which cyber criminals are exploiting COVID-19, using the health and economic turmoil to gain advantage from the human factor and the emotions caused by the pandemic.

Matteo Cuscusa
Cuscusa Web & Security
Četrtek, 11.02.2021
13:35 - 14:00
O predavatelju

Community powered IP reputation system

Presenting open source security engine able to analyze visitor behavior and provide adapted response to attacks. Its power comes through IP reputation data shared with community.

Tomislav Gotovac
CARNET – Croatian Academic and Research Network
Petek, 12.02.2021
13:10 - 13:35
O predavatelju

Connected vehicles cybersecurity - status and next steps

The forthcoming ISO 21434 standard "Road vehicle Cybersecurity Engineering" (currently still under development) and the UNECE regulation R155 "concerning the approval of vehicles with regards to cyber security and cyber security management system" have the clear objective of ensuring that all major players in the automotive sector, be their vehicle manufacturers (so-called OEMs) or component suppliers (so-called TIERs ), are aware of the importance of cybersecurity in the product development process, implementing what is defined as the "security by design" approach.
We will review shortly the Automotive hacking history, its challenges and the future steps due to these important standards and regulations.

Andrea Razzini
Cyber Security Manager & CEH
Četrtek, 11.02.2021
12:45 - 13:10
O predavatelju

Connecting the Dots: How Threat Intelligence Protects the Applications

Today we can see that digital technologies are the core of every business. The automation and the connections achieved with these technologies have revolutionized the world’s economic and cultural institutions but they have brought additional risk in the form of cyber attacks.
What is Cyber Threat Intelligence and how you can implement it properly to protect your business?
In this presentation you will find how to integrate it into your Application Security Program but also solutions that automate data collection and processing, integrate with other solutions or services, take in unstructured data from disparate sources, and then connect the dots by providing context on indicators of compromise (IoCs) and the tactics, techniques, and procedures (TTPs) of threat actors.

Catalin Curelaru
Visma
Petek, 12.02.2021
10:35 - 11:00
O predavatelju

COVID-19 Cyberfraud Risks – year long Christmas party for cybercriminals and business’ defrauding government release funds

The emergence of the COVID-19 pandemic and related government shutdowns has placed a lot of business’ under massive pressure. Organizations and their employees are faced with increased fraud exposure. It appears to be a never-ending Christmas party for the cybercriminals with a plethora of targeted and themed attacks. Everything one knows about cybercrime but with a COVID-19 flavor: themed phishing emails, malware and fake phone calls as well as fake tax release promises. All preying on insecurity and uncoordinated governmental communication. Aside from the cybercriminals the “good guys” business’ themselves are engaging in fraud and apply for release funds not meant to be for them or are cooking up their figures for lost revenue (in a German case a fraudster applied 91 times for funds and was successful in three cases! By the way be using the same account information). We will look at the past year from a risk perspective and discuss where the risk for incompliance and fraud is the greatest. How can you apply proper controls inside your own business or how to use your knowledge from this lecture to consult your clients.
This course program is designed for all IT professionals involved with information system security, computer forensics, and incident response. Highly recommended for ethical hackers, system administrators, bankers, security professionals, law enforcement professional, incident handlers, security officers, defense and military personal.

Rachel Okoji
Četrtek, 11.02.2021
11:30 - 11:55
O predavatelju
Dominique C. Brack
T-Systems Schweiz
O predavatelju

Dark Web

Stefan will present what the dark web is, setting up the environment, how to protect yourself, link directories, bitcoin cryptocurrency on the dark web, which is why it is important, encrypt message with PGP, creating onion website and to show how to access the dark web over the phone via android.

Stefan Janković
Ethical Hacker and penetration tester
Petek, 12.02.2021
12:45 - 13:10
O predavatelju

Data protection and Bring Your Own Device (BYOD) - do it right

Andrej Tomšič
Information Commissioner Republic of Slovenia
Četrtek, 11.02.2021
11:05 - 11:30
O predavatelju

Deep dive into logic and complex flaws or why AI will not replace us soon

AI is one of the most popular buzzwords in last few years. There have been talks about AI replacing almost everything we (humans) do. But is the age of machines really that close?
In this presentation we will show some real case scenarios where it was required to have knowledge of several technologies combined with business process familiarity to exploit applications.
Automatic code reviews and vulnerabilities are good tools for finding simple and obvious security issues, however for those more complex vulnerabilities we still need good old human based intelligence and good engineering skills.

 

 

Jagor Čakmak
INFIGO IS d.o.o.
Četrtek, 11.02.2021
09:00 - 09:30
O predavatelju

Defense Evasion on Microsoft Window OS

Jan Marek
Cyber rangers
Petek, 12.02.2021
13:35 - 14:00
O predavatelju

Demystifying Offensive security and Cyber surveillance – A view from the inside

In the last few years, offensive security has become a hot topic. In 2016 NATO officially recognized cyberspace as warfare domain. Few countries have already developed internal offensive security capabilities to overcome adversaries in this battlefield. Worldwide experts agree that a defense-only approach would not be enough to answer the challenge.
Even LEAs need offensive security capabilities in order to face criminal organizations in the digital era. In fact, standard investigative operations are no more sufficient to deal with the abuse of privacy-granting technologies used by criminals to remain undercover.
On the other hand, (sadly) too often, we read about offensive security solutions abused to prosecute journalists and/or political dissidents, or to invade citizenship privacy.
This talk would like to shed light on offensive security and the so-called cyber surveillance market, giving an insider view.
We will have a journey among a tangled forest of technical challenges, ethical and legal aspects.

Lino Antonio Buono
Memento Labs
Četrtek, 11.02.2021
15:45 - 16:10
O predavatelju

Digitization and its impact on cyber security

Miha Ozimek
Sava Re d.d. & SIQ Ljubljana
Četrtek, 11.02.2021
09:30 - 10:00
O predavatelju

Emerging and Disruptive Technologies - How Cyber-warfare affects military operations

It is already clear that we live in the “era of information”, where we process a vast amount of constantly growing information. Military operations could not have been more affected. Today, disruptive and emerging technologies, like AI/ML, Graph DBs, Space,
IoT/IoE, and more, are creating such an ecosystem that we have yet to harness it powers. All military operations held in the past millennia share a common factor; the need for precise, prompt, authentic and always available information. Three are the main factors that affect military operations, the weather, the terrain, and the enemy and our dependence in making the right decisions heavily depends on information on all three. Cyber space has emerged during the last years as the fifth domain (among Land, Sea,
Air and Space) of military operations, and the current swift is for an all-domain war fight. Cyber warfare can drastically affect the much needed information flow, and thus can be the decisive factor between victory or defeat.

Sozon A. Leventopoulos
Hellenic Armed Forces
Četrtek, 11.02.2021
12:20 - 12:45
O predavatelju

ERP Security; dont forget the Oracle database

I often perform security reviews of big ERP systems for customers and i focus on the database level security and it shocks me that often customers treat the Oracle database as a black box and they often ignore the actual data security. This talk focuses on the security gap between the ERP level security controls and the database level. We must take care of all levels if we want to secure the data processed by any big business system.

Pete Finnigan
Pete Finnigan Ltd., Oracle Security Expert
Četrtek, 11.02.2021
10:25 - 10:50
O predavatelju

Fantastic Secrets And Where To Find Them

There have been many security incidents caused by publicly accessible storage buckets with catastrophic impact in the past - not so much has been written about leaked secrets. A secret may be a password, access token, or certificate, and they leak just as often as S3 buckets with just as catastrophic effects. As secrets can take more forms than a storage bucket and can be leaked in even more ways, managing them is a challenging task. I will describe overall approaches how to manage secrets in a modern software engineering environment so leaked credentials will not occupy the top vulnerability class in your bug bounty program anymore!

Matthias Luft
Salesforce
Petek, 12.02.2021
08:55 - 09:20
O predavatelju

Hacking the human: Exploiting primordial instincts

Social engineering threats are reported every year to be increasing dramatically in numbers. Phishing attacks are on the top threat vectors for various kinds of cyberattacks. Exploiting the human vulnerability continues to be the most attractive and successful path for threat actors targeting assets of organizations and individuals. The natural question that comes to mind is: “Why is social engineering successful?”.
In this presentation, human factor approaches, through several theories, are briefly analyzed and the human emotions that are targeted by social engineers are summarized. Then, based on the above, some common methods of social engineering are presented with examples. Furthermore, human reaction in usual situations is systematically documented and tabulated. The aim of this talk is to expose the techniques used in phishing and social engineering and explain the success of the used methods. Awareness of the methods may act prohibitively to certain attacks and dangers.

Nikolaos Benias
Hellenic National Defense General Staff/CyberDefence Directorate
Petek, 12.02.2021
09:20 - 09:45
O predavatelju

Hidden traps of storing data in the public cloud

Nejc Bajželj
Nemis, Nejc Bajželj s.p.
Petek, 12.02.2021
14:00 - 14:25
O predavatelju

IT security in a post-COVID world

For a long time, IT Security has been a secondary topic for a lot of companies. More often than not, it only came to mind after an actual data breach or security incident, and was often overlooked otherwise. Over the years, things like WannaCry/Petya or GDPR compliance helped raise awareness a little bit, but those soon faded out as well.
However, the new "Low Touch Economy" emerging as a result of the COVID-19 pandemic could provide the jolt that IT Security needed for a long time. With a lot more people working remotely, the need to secure devices (laptops, phones, etc.), communication channels, as well as on-prem & Cloud infrastructure is now higher than ever before.
The global pressure on innovation and developing new business models to adapt to these changes is high. This session aims to address some of the major shifts and impacts of remote work by providing some ways to balance innovation and IT Security, while also touching on some of the ever-growing gaps in security incident detection and response.

 

Tudor Damian
Certified Ethical Hacker
Četrtek, 11.02.2021
11:55 - 12:20
O predavatelju

Lions at the watering hole

Dekeneas was started in October 2018, and in two years of activity we managed to successfully identify a series of web attacks, including some major campaigns that made the news recently, such as the Magecart campaign that infected 18,000 websites all over the world and the nation state attacks which used iPhone, Android and Windows 0day exploits to infect the victims. This presentation will sum up two years of activity and technically dissect the HTML implants used in some of these campaigns, to better understand how watering holes and browser exploits work and how can we protect against them.

Andrei Bozeanu
Cybersecurity Researcher Dekeneas
Četrtek, 11.02.2021
14:55 - 15:20
O predavatelju

M365 Security introduction

Microsoft Secure Score is a security analytics tool designed to help organizations understand what they have done to reduce the risk to their data and show them what they can do to further reduce that risk. Secure Score determines what Microsoft 365 services an organization is using, then looks at its configuration and behaviors and compares it to a baseline asserted by Microsoft. Rather than reacting or responding to security alerts, the Secure Score tool enables organizations to track and plan incremental improvements over a longer period of time.

 

Božidar Radosavljević
MCT and CEH trainer, MK IT Business Solutions
Petek, 12.02.2021
11:00 - 11:25
O predavatelju

Medical Device Security - Results from Project ManiMed

Our talk aims to present the results of the ManiMed project of the Federal Office for Inforation Security (BSI). Although MD IT sec is already considered in relevant laws and regulations regarding safety and performance, the general IT security posture of medical devices is not as mature as possible. This is due to a strong focus on safety, concomitant with a long product life cycle. Consequently, medical devices should be examined in-depth for IT security vulnerabilities throughout the product lifecycle, especially before being placed on the market. However, the maturity will only significantly improve if approval processes imply defined IT security requirements for medical devices. Further, a prompt and effective reaction of the medical device manufacturer after discovering vulnerabilities is only possible by making use of a framework of established and well-defined processes.

Julian Suleder
ERNW Research GmbH
Petek, 12.02.2021
12:20 - 12:45
O predavatelju
Dina Truxius
Federal office for Information Security (BSI)
O predavatelju

Okrogla miza: Testiranje phishing napadov

Izhodišča okrogle mize: 

  • Kakšnih tehnik se poslužujejo napadalci?
  • Zakaj določenim phishing napadom lahko nasedejo tudi poznavalci?
  • Kako prepoznati phishing sporočilo?
  • Kako uporabnike spremeniti v obrambno linijo pred phishing napadi?
  • Kako testirati phishing napade?
  • Kakšne izkušnje imajo naši sogovorniki s testiranjem phishing napadov v svojih podjetjih?
Sodelujoči: 
  • Boris Mutina, Excello s.r.o.
  • Sozon Leventopoulos, Hellenic Armed Forces
  • Dominique Brack, T-Systems Schweiz
  • Pete Finnigan, Pete Finnigan Ltd.
  • Matteo Cuscusa, Cuscusa Web & Security
  • Andrei Bozeanu, Cybersecurity Researcher Dekeneas
  • Nikos Benias, Hellenic National Defense General Staff/CyberDefence Directorate
  • Marko Hölbl, University of Maribor, Faculty of Electrical Engineering and Computer Science
Petek, 12.02.2021
14:25 - 15:40
O predavatelju

Oracle database password security deep dive

How each password algorithm works, cracking passwords in the database and designing secure passwords.

Pete Finnigan
Pete Finnigan Ltd., Oracle Security Expert
Petek, 12.02.2021
08:30 - 08:55
O predavatelju

Pitfalls when Embedding Cryptography into Applications

Cryptography is a technique that allows data protection. The primary purpose is to ensure the CIA trio – confidentiality, integrity and authentication. Therefore, cryptography includes data encryption and other mechanisms like hash functions, digital signatures, and higher-layer security protocols such as TLS. In theory, most algorithms are secure but often fail because of how they are implemented/embedded in applications. Most security incidents are not the result of attacks on cryptographic algorithms but are caused by their improper application.
When embedding cryptography into applications, the pitfalls are often the result of errors in implementation, or the lack of adequate knowledge on when, where, and how to use a specific cryptographic building block. This can result in data disclosure, or it can enable an attacker to circumvent security mechanisms. In this case, even an unbreakable cryptographic algorithm does not benefit us, as it can be bypassed.
This talk would like to shed light on both mentioned problems when implementing cryptography solutions. We will look at use-cases where inadequate use of cryptography has influenced security.

Marko Hölbl
University of Maribor, Faculty of Electrical Engineering and Computer Science
Četrtek, 11.02.2021
13:10 - 13:35
O predavatelju

Prediction for AI driven cyber security - Offensive and Defensive

Mane Piperevski
Piperevski & Associates
Petek, 12.02.2021
09:45 - 10:10
O predavatelju

Purpleteaming with MITRE att&ck

When offensive and defensive security capabilities are used in a purple teaming engagement, it represents high improvement capability to organizational security. There are many of purple team activities—some more reddish and some closer to blue. I discuss purple teaming challenges and provide examples of different types of purple teaming activities that I feel are effective, using MITRE ATT&CK framework and methodology.

Enes Ajanović
Mibo Komunikacije d.o.o Sarajevo
Četrtek, 11.02.2021
15:20 - 15:45
O predavatelju

SI-CERT: review of the special year

Gorazd Božič
SI-CERT
Četrtek, 11.02.2021
10:00 - 10:25
O predavatelju

Status of Cyber Security in Pandemic time

Ivica Gjorgjevski
Semos Education
Četrtek, 11.02.2021
16:10 - 16:35
O predavatelju

Stringlifier

Stringlifier is an open-source python package that allows you to detect anything that resembles a randomly generated string in any plain text. It uses machine learning to distinguish between normal and a random character sequences and it can also be adapted for a fine-grained classification (password, API key, hash, etc.). It can be used in sanitizing application/security logs, detecting accidentally exposed credentials and as a pre-processing step for many machine learning (ML) applications including clustering and classification.
The entire source-code is available in the public Github repository (https://github.com/adobe/stringlifier), we include an easy-to-use python API and we provide a pip installation package that includes a pre-trained model.

Andrei Cotaie
Adobe SCC
Petek, 12.02.2021
10:10 - 10:35
O predavatelju
Tiberiu Boros
Adobe SCC
O predavatelju

Those killer emails

Why email attacks reached new top during the pandemic? No wonder, attackers are aware of old new ways to deliver the malicious content into computers left without the perimeter protection. Let's take a look on the most dangerous email scams.

Boris Mutina
EXCELLO s.r.o.
Četrtek, 11.02.2021
14:00 - 14:25
O predavatelju
13.-14.2.2025
Konferenca bo potekala
On-Line
Cena za HEK.SI
Ob prijavi na konferenco HEK.SI 2024, prejmete VIP VSTOPNICO za konferenco INFOSEK 2024!
700€

Cene ne vsebujejo DDV

PRIJAVI SE
Cena za HEK.SI 1. dan

1. KONFERENČNI DAN
 
(Četrtek, 15.2.2024)
BREZPLAČNO

0€

Cene ne vsebujejo 22% DDV

Cena za HEK.SI 2. dan

2. KONFERENČNI DAN
 
(Petek, 16.2.2024)
 

500 €

Cene ne vsebujejo 22% DDV

Cena za HEK.SI

Ob prijavi na konferenco
HEK.SI 2024, prejmete
VIP VSTOPNICO za konferenco
INFOSEK 2024!

700€

Cene ne vsebujejo 22% DDV

Zlati sponzorji

Sodelujoči

Medijski sponzorji

Obveščamo vas, da so bili naši pogoji poslovanja posodobljeni.
Sprememba se nanaša na člen »Odpoved ali sprememba dogodka s strani organizatorja«. Zaradi nepredvidenih dogodkov, kot je tudi trenutna epidemija koronavirusa, si pridržujemo pravico, da posamezna izobraževanja odpovemo ali spremenimo termin oz. način izvedbe (online izvedba).

Odpoved ali sprememba dogodka s strani organizatorja
Organizator si pridržuje pravico do odpovedi posameznega izobraževanja, delavnice, dogodka, seminarja ali spremembe terminov oz. načina izvedbe (namesto osebne izvedbe dogodka, izvedba dogodka preko spleta ali na drug način, pri čemer se ključna vsebina in obseg dogodka ne spreminjata oziroma se prilagodita glede na spremembo, npr. zamenjava predavatelja, prilagoditev urnika ipd., vendar se ohrani enakovredna kakovost izvedenega dogodka). Zavezuje se k obvestilu prijavljenim najkasneje en delovni dan pred predvidenim pričetkom izobraževanja oz. takoj, ko prejme novico o morebitnih izrednih dogodkih, ki so razlog za spremembo/odpoved. V primeru odpovedi izobraževanja s strani organizatorja, organizator, morebitno že vplačano kotizacijo, brezobrestno povrne v roku štirinajstih dni od obvestila o odpovedi ali pa omogoči stranki, da kotizacijo porabi za druge izdelke ali storitve. V primeru spremembe načina izvedbe ostanejo plačila v veljavi, v primeru spremembe termina pa ima udeleženec možnost odpovedati udeležbo iz utemeljenih razlogov po določbi Odpoved s strani udeleženca ali pa se odjaviti na način v rokih, ki jih predvideva določba Odjava udeleženca. 

Celotni pogoji poslovanja so dostopni tukaj: https://poslovanje.pogoji.si/tos/29xyi0o

Ta spletna stran uporablja piškotke. Z obiskom in uporabo spletne strani soglašate s piškotki.  DOVOLIM Več informacij o piškotkih najdete in nastavitve tukaj.