Worldwide recognized speakers will showcase the naked truth about sensitive topics like infrastructure (in)security, GDPR, cyber warfare, ransomware, malware, social engineering, offensive & defensive security measurements etc. More than 40 speakers will be on stage in 2017 sharing researches & engaging into panels on different topics related to cyber security.

Thursday, 9th November - Bucharest Room

08:00 - 09:00

Registration

Pick up your badge & grab your coffee.

09:00 - 09:30

Incident Busters. 2017 Retrospective

Alexandru Stoian - Cyber security specialist @ CERT-RO

Catalin Patrascu - Coordinator of the Incident Handling Team @ CERT-RO

2017 was a very difficult and interesting year for us at CERT-RO, with big and very mediatized cyber outbreaks that got misunderstood by the public. This here is a retrospective of this year with a couple of lessons learned and a couple of funny stories from the front-lines, proving that humans will still be humans even if they mostly interact with machines. And wait, there’s more. We definitely need you. Yes, you the public.

Technical
09:30 - 10:00

In Soviet Russia, Vulnerability Finds You

Inbar Raz - Hacker of Things

The stories in this talk are all about research that started because I ran into something and it caught my attention – I wasn’t looking for it.

Technical
10:00 - 11:00

Orange is the New Purple – How and Why to Integrate Development Teams with Red/Blue Teams to Build More Secure Software

April C Wright - Information Security and Compliance at Verizon Wireline

Introducing a new paradigm for integrating developers with offensive and defensive teams to enhance SDLC.

Business
11:00 - 11:30

Coffee Break

11:30 - 13:00

Panel - CYBER SECURITY IN REAL BUSINESS WORLD

How does the continuous cybernization of today’s business world impact business processes? And what are the risks involved for you and your company? IT Security Experts from Austria and Romania discuss current and future challenges of digitization in the business environment as well as potential approaches for successfully mastering risks involved. Confirmed speakers include security and IT experts from well-known Austrian companies, the consulting industry as well as from the Austrian Ministry of the Interior (BMI). Guests:

  • Cristian Octavian Goiceanu – Executive Director at Business Security & Continuity Management Dept., BCR
  • Florin Barbu, IT Director, Uniqa Romania
  • Adriana Radu, Partner Schönherr
  • Gabriel Mihai Tanase, Cyber & IT Advisory Director, KPMG Romania
  • Andreas Tomek, Managing Partner, KPMG Austria
  • Gernot Goluch, Austrian Federal Ministry of Internal Affairs, Federal Office for the Protection of the Constitution and the Fight against Terrorism.
Moderator: Gerd Bommer, Head of the Commercial Section of the Austrian Embassy in Bucharest.
Business
13:00 - 14:00

Lunch break

14:00 - 14:30

Supporting innovation in cybersecurity through acceleration program – Orange Fab

Vlad Sorici - Project Manager for Orange Fab

Orange Fab Romania is a 1-year startup accelerator, conceived to support entrepreneurs in developing innovative products and help them distribute both locally and globally.

Business
14:30 - 15:30

Remote Attacks against IoT

Sabin POTÎRCĂ - Technical Project Manager, Experimental Research Unit at Bitdefender

In this talk we’ll describe the methods and tools used in IoT vulnerability research and our findings on a very popular smart plug: breaking their so-called encryption to capture sensitive data, remote control of the plug and full remote code execution.

Technical
15:45 - 16:30

Fileless malware - beyond a cursory glance

Lucian Sararu - InfoSec Team Lead at SecureWorks

Alin Puncioiu - Security Operations Manager at SecureWorks

Alin and Lucian will talk about “living off the land” trend of malicious operations. Reverting to simple methods, making use of inherent “features” built into the operating systems that are being subverted as powerful infiltration solutions, one may run scripts and shellcode directly in the computer’s memory

Technical
16:45 - 17:30

Securing without Slowing

J Wolfgang Goerlich - VP, Strategic Security Programs at CBI

Case studies of successful DevOps and Cloud security, leaning on Rugged and security culture, will be shared. The emphasis is on teams that secure the process and technology without sacrificing time. But can we secure the technology without slowing the pace? Absolutely. The session concludes with lessons on how do to just that.

Business

Friday, 10th November - Bucharest Room

08:00 - 09:00

Registration

Pick up your badge & grab your coffee.

Business
09:00 - 09:45

Efficient Defenses Against Adversarial Examples for Deep Neural Networks

Irina Nicolae - Research Scientist at IBM Research

We propose a new defense method based on practical observations which is easy to integrate into models and performs better than state-of-the-art defenses.

Technical
10:00 - 11:00

Wisdom and Life Lessons Learned in the Business of Cyber security

Steve McGregory - Senior Director of Application and Threat Intelligence at Ixia, a Keysight business

I have had the privilege of managing security operations in my early career startups, to building an Intrusion Prevention System, to building solutions to assess the resiliency and efficacy of security products, to building a state-of-the-art Threat Intelligence Platform. Let’s take a journey through all of this and, in the short time we have together, see if we can make some course corrections together.

Business
11:00 - 11:30

Coffee Break

11:30 - 13:00

Panel - Current challenges of cybersecurity policies and legislation

Everyday we find out about new vulnerabilities which affect wi-fi networks, operating systems and websites, leaving our data discoverable. Due to these new threats, legislation must also be adapted in order to enhance a better response to security incidents and to enable cooperation between public institutions and also between member states. In this context, the EU adopted the NIS Directive which needs to be transposed into national legislation by 2018. On october 3rd The Romanian Ministry of Communications and Information society has launched in public consultation a draft law for transposing the directive. This may also have an impact on Romania's cybersecurity strategy which dates from 2013.
Guests:

  • Catalin Drula, President of the IT Committee from the Chamber of Deputies
  • Cristian Cucu, CIO, Secretary of State Romanian Government
  • Cristian Driga, Counselor Cooperation Department CERT-RO
  • Bogdan Manolea, Executive Director for Association for Technology and Internet
Moderator: Lucian Constantin, Cybersecurity Journalist & Contributing Writer for Forbes, VICE Motherboard, The New Stack and Security Boulevard.
Business
13:00 - 14:00

Lunch Break

14:00 - 14:45

What the WiFiCactus?!?!?!

Mike Spicer - Ninja

The #WiFiCactus is a tool that passively listens on 50 channels at the same time thanks to 25 Hak5 Pineapple Tetras. This talk will break down the build process, the hardware and the software to make the ultimate war-walking machine.

Technical
15:00 - 15:30

Drive safely on the internet lane: how smart cars can leak your data

Gabriel Cirlig - Senior Software Engineer at Ixia, a Keysight business

Stefan Tanase - Principal Security Researcher at Ixia, a Keysight business

Given a relatively new car (2014) with an infotainment system completely decoupled from the car’s backbone (ignition, lights and such), we discovered sensitive personal information being stored completely in the clear.

Technical
15:45 - 16:30

DefCamp 2017 - Awards Ceremony

  • DEFCAMP CAPTURE THE FLAG (D-CTF)
  • DEFEND THE CASTLE
  • ARIADNE’s THREAD CTF 2.0
  • IoT VILLAGE
  • CRITICAL INFRASTRUCTURE ATTACK
  • ICS HUMLA CTF
  • HACK THE BANK
  • TARGET JOHN
  • PASSPORT TO PRIZES
Technical

Thursday, 9th November - Roma Room

08:00 - 09:00

Registration

Pick up your badge & grab your coffee.

Technical
09:00 - 09:45

Fuzzing closed source applications

René Freingruber - Security Consultant at SEC Consult

The aim of this talk is to demonstrate different techniques which can be used to fuzz closed-source applications or libraries.

Technical
10:00 - 11:00

Turning IDS signatures against an IDS itself: a new evasion technique

Kirill Shipulin - Security Researcher at Positive Technologies

In my report I’ll tell you how to turn available signatures against the system to paralyze its operation, as well as deliberate on how compromises between performance and security, speed and quality can produce other breaches for bypass

Technical
11:00 - 11:30

Coffee Break

11:30 - 12:15

IoT botnets? How do they work?

Mihai Vasilescu - Senior Security Research Engineer at Ixia, a Keysight business

In this talk i will present how Linux-based malware scan, infect, propagate, and launch DDoS attacks. I will also talk about how to collect new samples for study, some changes that have occurred since release of the source code.

Technical
12:30 - 13:00

Splunking the Clouds: finding the needle in AWS & Azure @ DefCamp #8 Bucharest Romania

Uzoma OGBONNA - Cloud Security Engineer at Adobe

Daniel Barbu - Manager of Security, TechOps Romania at Adobe

Terabytes of logs coming from all products, tools, and services in place within data centers were not enough. So, the latest challenge for an analyst within a Fortune 500 company’s SOC: find the attacker’s needles in the cloud logs. Challenge accepted!

Technical
13:00 - 14:00

Lunch break

14:00 - 14:45

Active Defense Untangled

Mohamed Bedewi - Senior Security Researcher and Penetration Tester

I will explain what is active defense and how can it be fully utilized in production environments to achieve almost 0% of false-positives, I will also highlight the process of extracting intelligence while feeding it to deployed security devices so you can always stay ahead!

Technical
15:00 - 15:30

Pentest-Tools.com - The first online penetration testing framework

Adrian Furtuna - Founder Pentest Tools

How many times have you tried to run some cool security tool on your machine and it did not work (missing dependencies, configuration problems, unsupported operating system, etc.)? Now you have a set of online tools that just work and help you with all the phases of a penetration test: information gathering, web testing, infrastructure testing and creating proof of concepts for discovered vulnerabilities.

Business
15:45 - 16:30

Evolution of threats to Electric Power Grid Operations

Alexandru Suditu - Infrastructure & Security Manager at ENEVO Group

We will be looking at the evolution of threat to Critical Infrastructures and Electrical Power Grid Operations by starting with a quick overview on the industry specific devices and architectures and have a closer look at the current level of technical craftsmanship in recent cyber-attacks.

Business
16:45 - 17:30

Weaponize a Raspberry Pi

Cosmin Radu - Senior Information Security Consultant at KPMG

This paper presents an answer to a problem we encountered during Red Teaming exercises. What to use as a dropbox instead of the already classic USBs in the parking lot? We decided to build from the ground up a device that could go undetected easily and that could also help us gain a foothold in the targets perimeter.

Technical

Friday, 10th November - Roma Room

08:00 - 09:00

Registration

Pick up your badge & grab your coffee.

Technical
09:00 - 09:45

Keeping customer data safe in EC2 – a deep dive

Dr.-Ing. Martin Pohlack - Principal Software Dev Eng at Amazon Web Services

In this talk, we would like to share some of our experience in dealing with Xen security advisories. The talk focuses especially on addressing security issues in large-scale live systems with minimal customer impact. We will dive deep into the Xen hypervisor.

Technical
10:00 - 11:00

Lockpicking and IT Security

Walter Belgers - President at The Open Organisation of Lockpickers

In this lecture, Walter Belgers will look at some security flaws in locks to see how they came about. Then, he shows us how similar mistakes are made in software development and deployment. In both cases, we have to deal with design flaws, implementation errors, zero day attacks, brute force attacks, user errors and more.

Technical
11:00 - 11:30

Coffee Break

11:30 - 12:15

Hijacking the Boot Process – Ransomware Style

Raul Alvarez - Senior Security Researcher at Fortinet

In this presentation, we are going to look into how Petya, a ransomware, can overwrite an MBR (Master Boot Record), both in MBR- and GPT-style disk, with its malicious code.

Technical
12:30 - 13:00

The rise of security assistants over security audit services

Yury Chemerkin - Security Expert at JSC Advanced Monitoring

We are going to present results over 500 applications, and 20k data types examined like credentials, chats, payment info, etc. We offer a solution and a way to contribute to the security community, independent researchers and developers on an important problem. Finally, we share a cutting-edge knowledge free.

Technical
13:00 - 14:00

Lunch break

14:00 - 14:45

Sharper than a Phisher's Hook - The Story of an Email Autopsy

Ionut Marin - Information Security Sr. Analyst at SecureWorks

Alexandru Musat - InfoSec Team Lead at SecureWorks

The hosts will highlight some of the methods our InfoSec analysts are using to extract artifacts from a suspicious e-mail leveraging not too many open-source tools and mostly… manual analysis. Because well… that’s the best way to do it, isn’t it?

Technical
15:00 - 15:30

Road to ECSC 2017

Neculai Balaban - Member of the national team the represented Romania in ECSC 2017

Dorin Enache - Learning Innovation Consultant, Orange Romania

The European Cyber Security Challenge is an initiative by the European Union Agency for Network and Information Security (ENISA) and aims at enhancing cyber security talent across Europe and connecting high potentials with industry leading organizations. Dorin will tell you how Orange got involved and helped the Romanian team, while Neculai will tell us how he became involved in CTF competitions, what he did to qualify in the Romanian Team and what was the experience like at ECSC.

Business
15:45 - 16:30

Smart Cities under Attack: Cybercrime and Technology Response

Ralf C. Staudemeyer - Postdoctoral-Researcher in IT-Security at University of Passau

In this talk, we look into the threat landscape by defining the security requirements and the known threats of smart city infrastructures. Then, we investigate cybercrimes in smart cities by covering a selection of use-cases, known vulnerabilities, attack scenarios, and real-world cyberattacks already experienced. Finally, I provide security and privacy recommendations for the IoT-based smart city infrastructure.

Business

Thursday, 9th November - Vienna Room

08:00 - 09:00

Registration

Pick up your badge & grab your coffee.

Business
09:00 - 10:00

ICS Humla

Arun Mane - Senior Security Researcher at Payatu Software Labs

Sneha Rajguru - Security Consultant at Payatu Software Labs LLP

This contest/Context will concentrate on methodologies to conduct penetration testing of commercial Hardware devices such as PLCs as well as simulators. The contest will provide an excellent opportunity for attendees to have hands-on experience on Penetration Testing of these devices and systems.

Technical
10:00 - 11:00

ATM: every day trouble

Olga Kochetova - Senior Penetration Testing Specialist at Kaspersky Lab

Alexey Osipov - Lead Penetration Testing Specialist at Kaspersky Lab

In our presentation, we will cover topics on how to create botnet from ATM network, that will gather all card data, network attacks specific to ATMs connection to processing centers, direct control of the ATM software.

Technical
11:00 - 11:30

Coffee Break

11:30 - 12:15

Attacking Mongoose OS on Xtensa platforms

Carel van Rooyen - Computer Systems Engineer

Philipp Promeuschel - Security Analyst at Compass Security Schweiz AG

This talk aims at describing employed technologies, techniques, and the preliminary results, as well as considerations on the attack surfaces from OS to hardware and storage level. It also tries to encourage more research and tool development on this topic. We further aim to share knowledge about the exploitation of new platforms and the approaches taken.

Technical
12:30 - 13:00

Eternal Blues with EternalBlue

Adrian Hada - Senior Security Research Engineer at Ixia, a Keysight business

Even though this exploit became renowned after the WannaCry outbreak, the exploit was quickly picked up by malware authors and it has not left us ever since. This presentation will focus on the technical aspects of how the malware spreads, as well as what the final purpose is for the threat actors using EternalBlue.

Technical
13:00 - 14:00

Lunch Break

14:00 - 14:45

SHA-3 vs the world

David Wong - Security Consultant at NCC Group

Since Keccak has been selected as the winner of the SHA-3 competition in 2012, a myriad of different hash functions have been trending. From BLAKE2 to KangarooTwelve we’ll cover what hash functions are out there, what is being used, and what you should use. Extending hash functions, we’ll also discover STROBE, a symmetric protocol framework derived from SHA-3.

Technical
15:00 - 15:30

Minute-hacks against Robi the Robot

Daniel Tomescu - Security Penetration Tester, KPMG Romania

Stefan Nicula - Penetration Testing Specialist KPMG Romania

Stefan and Daniel will talk about a recent research project that focused on testing the security of an IoT Robot. The approach of the project was directly from an attacker's perspective, being more technically specific in details regarding vector of attacks, an attacker's entry points and different types of device hijacking. Given the early stages of the robotics field, the research project aims to raise awareness of the security implementations embedded over these specific IoT devices.

Technical
15:45 - 16:30

You Fail in SE If You Make Those Mistakes

Yehia Mamdouh - Penetration Tester Specialist and Security Researcher at DTS-Solution

Humans are the Weakest link in security, Including Social Engineers themselves, We see a lot of talks talking about how to be a professional social engineer through what we should do and what kind of knowledge we should gain?! But in this talk we will spot a light on what mistakes we should avoid during our social engineer assessment?

Technical
16:45 - 17:30

Bug bounty conspiracy and 50 shades of gray hat. Who owns the vulnerability?

Vladimir Taratushka - Conference Director at HackIT

What is the good solution to stop black hackers and data leaks? How sure you can be in antivirus, firewall or maybe security practices compliance? Can bug bounty hunter make big enough legal money participating in bug bounty programs? This speech is dedicated to security researchers and organizations who worry about their informational security.

Business

Friday, 10th November - Vienna Room

08:00 - 09:00

Registration

Pick up your badge & grab your coffee.

Business
09:00 - 09:45

Twisting Layer 2 Protocols

Paul Coggin - Red Team Engineer at Financial Institution

This session will show in detail how the red team can quickly identify and exploit numerous network protocol vulnerabilities that the previous security test team probably missed. Methods for securing routing and switching protocols will be covered.

Technical
10:00 - 11:00

BlackBox Debugging of Embedded Systems

Alexandru Ariciu - Penetration Tester and Vulnerability Researcher at Applied Risk

In this presentation, we will demonstrate this process end to end and perform a live demo on a target ICS/SCADA device including: – Using hardware interfaces to interact with device – Bypassing the firmware validation – Infecting the device with not useful code(and bricking it by mistake) – Implementing the debugger (Background, Broad overview, Specific Implementation) – Live debugging using the technique on the target device

Technical
11:00 - 11:30

Coffee Break

11:30 - 12:15

Are you keeping up with the Commodore, ’cause the Commodore is keeping up with you!

Konrad Jędrzejczyk - Cyber Threat Hunter at PepsiCo

Are you keeping up with the Commodore, ’cause the Commodore is keeping up with you! Commodore 64 from 1982 with 64kB of RAM hacking modern servers via Ethernet card? Exploiting modern operating systems? Why not! Come to my presentation, the very first one ever showcased, where you will see how C64 hacks modern computers with modern systems.

Technical
12:30 - 13:00

Back to the IoT Future: Where Marty controls all your routers

Dan Demeter - Security Researcher at Kaspersky Lab Romania

The talk is focused on the latest trends and attacks made against devices connected on networks serviced by large Romanian ISPs so the research might be relevant to some of the people in the audience.

Technical
13:00 - 14:00

Lunch Break

14:00 - 14:45

GDPR – T minus 6 months. Are you ready?

Tudor Damian - CEH, Microsoft CDM MVP at Avaelgo

Whether or not you’re familiar with GDPR, the new EU directive on General Data Protection Regulation is due to come into effect in May 2018, which leaves very little time for any last-minute actions. Attend this session for a quick overview of what GDPR means for you and to discover how to better protect yourself and your data.

Business
15:00 - 15:30

Are we alone in our infrastructure? A look into the dark corners of endpoints with Hubble.

Bogdan Simion - Information Security Analyst at Adobe

This talk will cover an overview of the tool, what it is and isn’t, deployment, configuration, our findings and experiences in working with and how everyone can customize it to better fit their own environment whatever that may be without dishing any extra money as all of this is light on your systems and open sourced.

Technical
15:45 - 16:30

Unexpected Shells with “covertutils”

John Torakis - IT Security Researcher, Engineer at Census S.A.

The presentation is about using covert channels to maintain access in compromised hosts. All that with sole purpose I[D|P]S/Firewall evasion and censoring/DLP bypassing. Under this context the covertutils Python Package will be introduced and a brief “what is a backdoor anyway” topic will arise for modelling purposes.

Technical

Sponsors & Partners

They help us make this conference possible.

Stay Updated - Join Our Newsletter