Opisi predavanj HEK.SI 2022
20 Free Ways to Improve Your Defenses Today
Most organizations don’t have enough budget to buy every tool nor hire every person they need. They also don’t realize there are plenty of FREE tools, tactics and procedures available to the Blue Team. Here’s 20 things you can do today to level up your People, Processes, and Technology at little to no cost.
Abusing healthcare APIs
Attacking the Cloud
Nowadays, migration to Cloud is a trend. It keeps getting more and more attention, especially from malicious actors. This technology evolves day by day, so does the importance of security for it. We'll see some methods that attackers are using to abuse your Cloud deployment.
Blockchain security threats - an updated perspective
In this presentation we will talk about the blockchain industry, the most common threats, how much money was lost since the crypto "boom", why bad actors are targeting blockchain, how one can protect from it/blockchain security.
Bypassing UAC With UACMe
This presentation will cover the process of elevating privileges on a Windows system by bypassing UAC with UACMe.
UACMe is a Windows post-exploitation tool that can defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor.
Celovitost varovanja informacij pri preprečevanju hekerskih napadov
CrowdSec: Leveraging the power of the crowd to fight back against cyber criminals
For the better part of the last 30 years, the mass scale hack problem hasn’t been solved. Even entities with almost unlimited cybersec budgets like large companies & governments get hacked. It seems that stacking products and people doesn't quite make the cut. So maybe it's time to propose another path: free, collaborative security empowered by the power of the crowd. By leveraging a huge interception network, IPs used by malevolent actors can quickly be spotted and blocked before they even attack you. We have produced a free (as in speech), open source tool that does just that by extracting unwanted behavior from logs, blocking the attacks, and sharing their metadata with all other users (after curation). We see this as a form of Internet Neighborhood watch system that should allow us to establish a Digital Herd Immunity - made by the community and for the community.
Cybersecurity: The Big Short(age)
In a field that is set to grow exponentially, businesses are constantly reporting staff shortages, while prospective candidates are reporting an inability to land a job in cybersecurity. In this analysis of the cybersecurity job market, we will do a deep dive into this disparity and its possible solutions.
CyberWarfare
Dark Web
Database Vault without Database Vault
Oracle has a product called database vault that provides a deeper level of security of data by applying rules and realms around data and functionality. These rules allow protection from access to data from even the DBA and developers in the database with simple rules and features that are applied "on top of" the normal database security. This is a great product but only works in the most expensive Enterprise Edition licensed databases. What if you cannot afford it or worse you use Standard edition database where Database Vault cannot be licensed? Pete will look at the core ideas of Database Vault and how to achieve similar results in a database without database vault with a combination of technical solutions and also process based ideas.
Defeating AV and EDR solutions in user-land by chaining well-known deception techniques
In the current Cybersecurity world, both Anti-Virus (AV) and Endpoint Detection and Response (EDR) solutions are becoming more and more successful in blocking emerging threats. External attackers need to develop highly sophisticated payloads to circumvent all these security controls, raising the bar for defenders to detect them as well as for threat emulators to emulate them. Although useful, are these controls enough to block more complex malwares? This talk will go over the most successful techniques used to bypass AV and EDR controls, and the tradecraft theory used in malwares to evade EDRs and other endpoint controls. This will primarily focus on general techniques to ensure malwares and other payloads can evade signature-based detection, behavioural analysis, and user-land hooking. This talk will then present Inceptor, a recent AV and EDR bypass framework I’ve developed and open-sourced, highlighting some of its features, implemented to aid red teamers and Pentesters during operations. By the end of this talk, the audience should get a detailed overview about how to use Inceptor, along with other tricks and opsec considerations useful to develop payloads which can run undetected.
Definitive Approach to Pentest Cloud
This talk will cover cloud pentesting methodology and techniques. You will learn different ways to enumerate cloud environments and later use this information to pwn the cloud.
Piyush Patil will discuss different types of cloud attack surfaces and different ways how attackers can get initial access to your cloud environment. This talk is meant for anyone who wants to understand vulnerabilities in a Cloud environment, relevant hacking techniques, and knowing how to protect your cloud environment from bad hackers.
End-To-End Encrypted Anonymous Messaging through the Dark Web
Exploiting template injections
In this presentation we are going to get a better understanding about template injections and how we can exploit them to gain advantage. Templates are widely used by web applications to present dynamic data via web pages and emails. Unsafely embedding user input in templates leads to server-side template injection ( SSTI). It is frequently a critical vulnerability that leads to RCE. In some cases it is mistaken for XXS or entirely missed. This talk is for everyone who wants to get more information about this vulnerability and who wants to learn how to exploit it!
MODERATOR: Andrej Rakar, CISO, Petrol d.d.
MODERATOR: Gorazd Rolih, General Police Directorate, Security Operations Center
Never Judge An E-book By Its Cover: Exploiting EPUB Reading Systems Through E-books
In recent years, global e-book sales have shot through the roof and e-book reading applications have sprouted like mushrooms. EPUB, the most popular open e-book format, is supported by free applications on virtually any device, ranging from desktops to smartphones. But how sure are we that these e-books aren't actually reading us?
To answer this question, we analyzed 97 free EPUB reading applications across seven platforms and five physical e-readers using a self-developed semi-automated testbed. It turns out that half of these applications are not compliant with the security recommendations of the EPUB specification. For instance, a malicious e-book is able to leak local file system information in 16 of the evaluated applications.
To further demonstrate the severity of these results, we also performed three case studies in which we manually exploited the most popular application on three different platforms (e.g. Amazon Kindle, Apple Books, and EPUBReader for Chrome and Firefox). Moreover, we demonstrate that distributing malicious e-books through official e-book vendors is very much feasible through self-publishing.
Next Gen Social Engineering
We will discuss about social engineering techniques and we will compare past and present techniques. The criminals are usually trying to trick you into giving them your passwords, bank information or access your computer to secretly install malicious software in order to get passwords and bank information.
Planning for DDoS Resiliency in the Cloud
Post-quantum cryptography in 5G networks
Scientists are working on the creation of quantum computers. On October 23 2019, Google announced that it has achieved quantum supremacy. This means the great speedup of the quantum processors compared to the fastest classic computer. On December 06 2020, scientists in China also announced that they also achieved quantum supremacy. Quantum computers will probably destroy most cryptosystems that are widely used in practice. A variety of “resistant to quantum attacks,” alternatives are developed. However, to date a number of successful attacks is recorded on the given system. It is also shown that these schemes have efficiency problems.
The telecoms industry is undergoing a major transformation towards 5G networks in order to fulfill the needs of existing and emerging use cases. This will bring new challenges for the 5G cybersecurity systems and its functionality. The 3rd Generation Partnership Project (3GPP) offers a standard for 5G networks. It contains the identity protection scheme, which addresses the important privacy problem of permanent subscriber-identity disclosure. This offer contains two stages: the identification stage, which is followed by providing the security context between service providers and mobile subscribers using the authenticated key agreement with the symmetric key. 3GPP offers to protect the identification stage by means of a public-key scheme. They offer to use Elliptic Curve Integrated Encryption Scheme (ECIES). The offered scheme is not secure against the attacks of quantum computers. It is important to integrate the quantum resistant scheme into 5G networks.
At Ethical Hacking Conference HEK.SI I will offer the methodology of the integration of post-quantum scheme into 5G architecture.
Pravni izzivi varstva zasebnosti na področju umetne inteligence
Umetna inteligenca obljublja veliko, obenem pa prinaša določena tveganja z vidika zasebnosti in informacijske varnosti. Na predavanju bodo predstavljena stališča mednarodnih organov za varstvo osebnih podatkov ter predlog regulacije umetne inteligence na EU nivoju.
Pwned in Space
In this presentation we will discuss both theoretical and real-world examples of space systems cybersecurity issues. There are many components and systems that may be targeted in a space system by adversaries including ground station systems, satellites and space vehicles. This presentation will step through attack trees for targeting space systems. Examples of real-world cybersecurity events involving space assets will be covered. Recommendations for improving the security of space systems will also be presented.
Ready for (nearly) anything: Five things to prepare for a cyber security incident
Every organisation has experienced, or will experience, a cyber security incident; depending on how you define the term, most have multiple every day.
Increasingly punitive data protection law, plus increasing public awareness and scrutiny of organisations’ responses, means that it’s more important than ever to respond effectively. However, many cyber security teams still struggle to do so.
In this talk, Gabriel will cover the five key things that cyber security teams should have in place to prepare for an incident, which will improve the efficiency and effectiveness of their response.
1. Documented processes with the considerations, decisions and actions to be taken in an incident
2. Skilled and experienced people to lead and deliver the response
3. Logs to gain an understanding of what has happened, when, and how
4. Containment and eradication technology to take actions that mitigate risk
5. Coordination technology to communicate and collaborate, delegate and track actions, and manage delivery
Secure Power Platform Development
Power Apps and Power Automate (Flow)are low/no-code platforms within the larger Power Platform, that are all tightly integrated within products such as Office 365, Dynamics 365, Azure, Teams, etc.
These platforms enable and democratise programming for individuals working outside of IT and without formal software training, who Gartner defines as a “Citizen Developer”(though of course PowerApps and Automate/Floware of great value to traditional Developers and IT Professionals as well). However, and for all its simplicity and power, the Power Platform carries risk like any development platform. The biggest security vulnerability of Power Platform-based Apps, Automate/Flows, and Chatbots is oversharing of data -either within the tenant or by “punching a hole” in the tenant boundary and sharing data with external and potentially compromised destinations.
Don’s highly relevant presentation will discuss how to secure your organization’s Power Platform deployment, e.g. Tenant, which begins with the Power Platform Admin Center (PPAC). He shares how Microsoft has locked down its internal Power Platform deployment, recent changes to PPAC that significantly reduce risk, and how security-focused features are increasingly deployed into the platform.
In closing, he shares a framework for evaluating the risk of any Power Platform solution, that Microsoft deploys within its own internal security operations –and can also be used by external customers.
Secure your data or Bust
This is a rapid walk through the data security landscape and particularly how this relates to Oracle database security. We look at an overview of the space, the data security landscape, the major fines now possible for companies to pay for data loss, the rise of hacking and the "data gold rush" and how data loss has now become pure crime. We look at the main threats posed to an Oracle database as well as my view of the current Oracle security landscape and finally the reality that we must in this day and age secure data or potentially go bust (bankrupt).
Virtual machine exploitation and threat mitigations
Virtualization brings compelling features to individual computer systems and organizations allowing for the concurrent execution of multiple operating systems and applications on the same physical server. However, for all the performance as virtualization becomes a pervasive technology in information systems, it becomes an additional point of vulnerability from potential attackers. The topic will hold a discussion of the importance of virtualization in comparison to traditional IT solutions, as well as exhibiting several VM escape vulnerabilities and how to exploit them within an OS guest operating on a virtual machine, in the addition of organizing defensive mechanisms/mitigation ideas.
Why I Go to the Dark Web Every Day
It is not a surprise that the Dark Web is full of stolen data. By the end of each day, nearly every company and individual has been victimized by cybercrime and has their data trafficked on the dark side of the Internet. Most of us are fighting cybercriminals from within our corporate fortresses building defenses against an enemy that is constantly attacking our virtual perimeter walls. But what would happen if we journeyed beyond our walls into the enemy territory? We could try to gather intelligence about the cybercriminal’s actions and technology and find ways to mitigate the loss of the data they have taken hostage.
This approach is not new but is still rarely utilized by the cyber security community. It is often feared and misunderstood. But those that take this leap find themselves in a new world that is traitorous and obfuscated, but full of treasures that can improve our defense capabilities.
Windows Privilege Escalation
How secure is Windows environment? Let's see a few tactics and techniques designed to help improve the privilege escalation.
You’re Doing It Wrong!
Since 1994, I have broken into many of the largest companies, governments, and private businesses to help advised my clients on how they are doing it wrong. This speech will focus on what has worked (and failed) and why I think the entire security industry needs to step back and refocus on what’s important. This quick paced, humorous, factual discussion will address many of the challenges and missteps that have led us to the corporate security dumpster fire that is 2020. Companies continue to do what they are told by overly broad compliance requirements and industry “best practices” that don’t address the unique business or their needs. Millions of dollars are spent each year to check boxes so that the C-levels can say that they did their due diligence. But the truth is, these businesses are often assessing less than 10% of their assets and relying on “hacker insurance” when they get owned. They pay out for identity protection or to settle class action lawsuits, while BILLIONS of people continue lose any expectation of protection, privacy, or anonymity they had. This is NOT OK and we have to do better. I will present real world examples, methodologies, and provide a fresh look at how we should be protecting our businesses and clients in an ever increasingly complex world.
On-Line
Ob prijavi na konferenco HEK.SI 2024, prejmete VIP VSTOPNICO za konferenco INFOSEK 2024!