HackDig : Dig high-quality web security articles for hacker

BASTA! Autumn 2019 – Security in DevOps

Some time ago I had the pleasure to speak at the BASTA! Autumn 2019 conference. There, I promised to publish my slides such that they can be used as a reference for developers and security guys like me. And with this blog post I would like to hold up to my promise. Overall, the talk was about the challenges of “How to bring security into modern DevOps proce
Publish At:2019-11-30 12:15 | Read:157 | Comments:0 | Tags:Building Events BASTA DevOps

TROOPERS20 teaser: Hacking mobile apps

“If it’s a thing, then there’s an app for it!”…We trust mobile apps to process our bank transactions, handle our private data and set us up on romantic dates. However, few of us care to wonder,”How (in)secure can these apps be?” Well… at Troopers 20, you can learn how to answer this question yourself! In our 2
Publish At:2019-11-30 12:15 | Read:209 | Comments:0 | Tags:Events TROOPERS

TROOPERS20 Training Teaser: Insight Into Windows Internals

Windows 10 is one of the most commonly deployed operating systems at this time. Knowledge about its components and internal working principles is highly beneficial. Among other things, such a knowledge enables: in-depth studies of undocumented, or poorly documented, system functionalities; development of performant and compatible software to monitor or exte
Publish At:2019-11-25 12:15 | Read:72 | Comments:0 | Tags:Events TROOPERS TROOPERS20 Windows

TROOPERS20 Training Teaser: Windows & Linux Binary Exploitation

We are happy to announce that TROOPERS20 will feature the 5th anniversary of the popular Windows & Linux Binary Exploitation workshop! In this workshop, attendees will learn how to exploit those nasty stack-based buffer overflow vulnerabilities by applying the theoretical methods taught in this course to hands-on exercises. Exercises will be performed fo
Publish At:2019-11-12 00:15 | Read:125 | Comments:0 | Tags:Events TROOPERS exploit

TROOPERS20 Training Teaser: Hacking 101

Hi there, like in recent years the popular Hacking 101 workshop will take place on TROOPERS20, too! The workshop will give you an insight into the hacking techniques required for penetration testing. These techniques will cover various topics: Information gathering Network scanning Web application hacking Low-level exploitation …and more! During thi
Publish At:2019-11-12 00:15 | Read:175 | Comments:0 | Tags:Events TROOPERS

Hacking Is Not a Crime! Additional Thoughts from DEFCON 2019

In my previous post, I spoke about all of the different DEFCON villages where attendees can learn about and purchase all sorts of fun hacking/counter hacking tools. Even so, I covered only a small fraction of the activities at the conference. For example, attendees have the opportunity to participate in a lot of contests run over the weekend, including vario
Publish At:2019-10-18 10:10 | Read:503 | Comments:0 | Tags:Events Defcon hacking

TelcoSecDay 2020 CFP is open

We are back again with another TelcoSecDay 2020 (TSD20) which is going to happen on March 16th, 2020 as an additional event to TROOPERS. This year, it is going to be on Monday of the TROOPERS week. We are delighted to inform that the event is happening for the 9th year in a row. The CFP is open now. If you have an interesting topic related to the field of Te
Publish At:2019-09-23 12:15 | Read:275 | Comments:0 | Tags:Events CFP TROOPERS20 tsd

Black Hat US 2019 / Some Talks

I’ve been at Black Hat Vegas last week and in the following I’ll shortly discuss some talks I’ve attended and which I found interesting. Gabriele Fisher & Luke Valenta: Monsters in the Middleboxes. Building Tools for Detecting HTTPS Interception This talk was about identifying if inbound HTTPS traffic reaching a server had been interce
Publish At:2019-09-19 17:15 | Read:331 | Comments:0 | Tags:Events Black Hat Conferences

The Festive Complexities of SIGINT-Capable Threat Actors

To read the full paper and learn more about this, refer to “Walking in Your Enemy’s Shadow: When Fourth-Party Collection Becomes Attribution Hell” Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt manipulation have proven enough for many researchers to shy away from the a
Publish At:2017-10-04 07:35 | Read:4279 | Comments:0 | Tags:Events Featured Research APT Deception techniques Targeted A

Add Mobile Threat Defense to AirWatch at VMworld

We are sending a team to VMworld 2017 in Las Vegas for the first time. For years we have exhibited at AirWatch Connect and met many of our customers there for the first time and are excited to continue our partnership with VMware and AirWatch under the new integrated conference. We have been a part of VMware’s Mobile Security Alliance providing mobile
Publish At:2017-08-16 12:10 | Read:3049 | Comments:0 | Tags:Events Partners AirWatch AirWatch by VMware VMworld

TechNet Augusta and DoDIIS Worldwide – Moving Government Cybersecurity Forward

We will be at TechNet Augusta on August 7-11. Visit us at booth 112. We will be at DoDIIS Worldwide Conference on August 13-16 in St. Louis. Visit us at booth 739. Discover how application isolation and containment is the long-term strategy for cyber resilience. If you’re responsible for government cybersecurity, we’ve got something you’l
Publish At:2017-08-03 12:45 | Read:3589 | Comments:0 | Tags:Government application isolation augusta containment demo do

Get all the Docker talks from Tech Field Day 12

As 2016 comes to a close, we are excited to have participated in a few of the Tech Field Day and inaugural Cloud Field Day events to share the Docker technology with the IT leaders and evangelists that Stephen Foskett and Tom Hollingsworth have cultivated into this fantastic group.  The final event was Tech Field Day 12 hosting in Silicon Valley. In case you
Publish At:2017-05-24 19:06 | Read:2970 | Comments:0 | Tags:Docker Education Engine Events Networking Security docker fo

DockerCon 2017: The Top Rated Sessions

After the general session videos from DockerCon Day 1 and Day 2 yesterday, we’re happy to share with you the video recordings of the top rated sessions by DockerCon attendees. All the slides will soon be published on our slideshare account and all the breakout session video recordings available on our DockerCon 2017 youtube playlist. Cilium: Network and Ap
Publish At:2017-05-24 19:05 | Read:4472 | Comments:0 | Tags:DockerCon Education Engine Events Orchestration Security con

Microsoft Office Malware Captured in a Micro-VM on an Unpatched Computer

The Bromium Labs team was able to get their hands on some live malware exploiting the Microsoft office vulnerability. First and foremost, on an unpatched workstation Bromium did its job by hardware isolating the Microsoft Word document into a protected virtual machine so that the host workstation was never infected. Secondly, it shows the amazing analytics
Publish At:2017-04-18 02:05 | Read:5157 | Comments:0 | Tags:Breaking News Threats anti-virus command control EDR Events

A C(I)SO View on RSA 2017: “China Is Hiring in the US”

Two weeks ago, while visiting the yearly security gathering at the RSA conference in San Francisco’s Moscone center complex (and adjacent hotels – it’s growing like mad), I was walking across the North and South Expo halls to check out some vendors (Several I had appointments with, some by curiosity, and a few that were really new kids on the block.) selling
Publish At:2017-02-28 04:55 | Read:3759 | Comments:0 | Tags:Events Featured Articles CISO Infosec RSA security

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud