HackDig : Dig high-quality web security articles for hacker

Black Hat 2016 Summary Part 2.1

A few months ago I had the oportunity to visit this year’s Black Hat in Las Vegas. Due to a few weeks of vacation following the conference here are my delayed 2 cents (part 1) Abusing Bleeding Edge Web Standards For AppSec Glory – Bryant Zadegan & Ryan Lester Slides Bryant and Ryan talked about new web standards which are already implemented in par
Publish At:2016-10-06 15:45 | Read:2846 | Comments:0 | Tags:Conferences Black Hat conferences

Attacking BaseStations @Defcon24

Hello Guys, back from my vacation I’d like to give you some impressions about Defcon 24 and our talk “Attacking BaseStations”. Defcon itself had a couple of great talks but was a very crowded location. Anyhow, we had a couple of great discussions with the people before and after our talk. The talk “Attacking BaseStations” focus
Publish At:2016-09-21 10:20 | Read:2683 | Comments:0 | Tags:Conferences Insecurity Uncategorized 4G Defcon eNB eNodeB LT

BSides LV 2016: Recap

Hey everyone, Just a short recap from my side regarding this year’s BSide in Las Vegas, NV. It was my first time there and I pretty much enjoyed it. After entering the venue on the first con day (Tuesday) I was a little bit shocked, as the staff sent me to the “end of the line just around the corner” – the end being many corners and m
Publish At:2016-09-19 21:45 | Read:2160 | Comments:0 | Tags:Conferences

SIGS DC Day

Today I had to give the pleasure to give a keynote at the SIGS DC Day on the need to evaluate Cloud Service Providers in a way that looks behind (or at least tries to) security whitepapers and certification reports. The slides can be found here. I also particularly enjoyed the following two talks: Sean O’Tool from Swisscom AG covered challenges of an i
Publish At:2016-09-16 20:35 | Read:3670 | Comments:0 | Tags:Conferences cloud

25th USENIX Security Symposium & WOOT Workshop

Last month the annual USENIX Security Symposium with its co-located workshops (WOOT, CSET, FOCI, ASE, and HotSec) was held in Austin, Texas. The program of the conference together with the published papers can be found here and information on the workshops can be found here. The research topics were quite diverse and included subjects such as low-level attac
Publish At:2016-09-13 01:20 | Read:5018 | Comments:0 | Tags:Conferences USENIX WOOT

SnoopCon Guest Day

This year I had the pleasure to join the guest day of BT’s SnoopCon. There were quite a number of interesting talks throughout the day such as Saumil Shah‘s presentation on Stegosploit (as well as his rant about the state of information security) Dr. Grigorios Fragkos‘ talk on airplane security (where he presented some maybe not-so-pleasa
Publish At:2016-07-01 21:50 | Read:3934 | Comments:0 | Tags:Conferences snoopcon

VoLTE Security Analysis, part 2

In our talk IMSEcure – Attacking VoLTE Brian and me presented some theoretical and practical attacks against IP Multimedia Subsystems (IMS). Some of the attacks already have been introduced in a former blogpost and Ahmad continued with a deeper analysis of the Flooding and targeted DoS scenario. But still, there are some open topics I’d like to c
Publish At:2016-06-24 07:20 | Read:4453 | Comments:0 | Tags:Conferences Insecurity LTE VoLTE

Area41 Conference 2016

Last Friday, Brian and I were at the  Area41 Security Conference. The conference is a branch of Defcon conference and is more or less a small conference of the Swiss hacker community. Being in a “rock music club”, the speakers presented on a stage where usually the rock stars are performing – which gives the conference a very special flair
Publish At:2016-06-18 23:35 | Read:3329 | Comments:0 | Tags:Conferences Area41 Badge conferences LTE VoLTE

New Methods for Exploiting ORM Injections in Java Applications (HITB16)

The HITBSecConf or “Hack In The Box” in Amsterdam is a well known security conference in Europe. We also attended this year too, and there were quite some interesting talks at the HITBSecConf16 conference. One of the talks was about “New Methods for Exploiting ORM Injections in Java Applications” by the security researchers Mikhail Eg
Publish At:2016-06-02 23:25 | Read:4017 | Comments:0 | Tags:Conferences conference hacking HITB web application exploit

Telescope – Peering Into the Depths of TLS Traffc in Real-Time (HITB16)

Last week we have visited the HITBSecConf16 – conference in Amsterdam. There were many interesting talks, and in this post I am going to tell you about a talk held by Radu Caragea – “Telescope: Peering Into the Depths of TLS Traffic in Real-Time”. While performing a dynamic malware analysis one often needs to analyze network traffic
Publish At:2016-05-30 22:25 | Read:4001 | Comments:0 | Tags:Conferences HITB talks

The Beauty of IPv6 Link-Local Addressing. Not

In November 2014, after quite some controversy in the IETF OPSEC working group (for those interested look at the archives), the Informational RFC 7404 “Using Only Link-Local Addressing inside an IPv6 Network” was published. It is authored by Michael Behringer and Eric Vyncke and discusses the advantages & disadvantages of an approach using &#
Publish At:2016-05-28 15:40 | Read:5564 | Comments:0 | Tags:Conferences ERNW Security IPv6 RIPE

Vote for Malwarebytes Labs: European Security Blogger Awards 2016

The massive security happening that is Infosec Europe is due to take place next month (June 7-9), and I’ll be in attendance alongside Pieter and Jovi for both Infosec Europe and the 2016 Security Blogger Awards. Last year, we picked up our first award at the EU Security Blogger Awards, and now – thanks to your nominations – we’re in l
Publish At:2016-05-19 21:50 | Read:3092 | Comments:0 | Tags:Malwarebytes news award blog conferences

Empire Hacking Turns One

In the year since we started this bi-monthly meetup, we’ve been thrilled by the community that it has attracted. We’ve had some excellent presentations on pragmatic security research, shared our aspirations and annoyances with our work, and made some new friends. It’s a wonderful foundation for an even better year two! To mark the group’s ‘birthday,’ we took
Publish At:2016-05-19 19:00 | Read:4268 | Comments:0 | Tags:Conferences Education

Because of Cyber – A Recap

Troopers16 has been over for quite a while now, but because sharing is caring, we would like to give you some more insight and share some gems that happened over the 2 days of us running a small/medium sized enterprise in mid-west Russia as part of the well received FishBowl side story. Technology wise the whole infrastructure of FishBowl, as well as the Cyb
Publish At:2016-05-11 22:10 | Read:2477 | Comments:0 | Tags:Conferences TROOPERS conference TROOPERS16

SAP Security @ Troopers16

When it comes to SAP, Troopers has two events that are about Security in SAP Systems in particular. On the first day of the Troopers16 Trainings the BIZEC workshop takes place. The second event is a dedicated SAP track during the conference. Apart from these events there were of course a lot of nice folks to talk to (about SAP)
Publish At:2016-04-28 05:40 | Read:2703 | Comments:0 | Tags:Conferences Security TROOPERS SAP

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud