Worldwide recognized speakers will showcase the naked truth about sensitive topics like infrastructure (in)security, GDPR, cyber warfare, ransomware, malware, social engineering, offensive & defensive security measurements etc. More than 40 speakers will be on stage in 2017 sharing researches & engaging into panels on different topics related to cyber security.
Thursday, 9th November - Bucharest Room
Pick up your badge & grab your coffee.
Incident Busters. 2017 Retrospective
Alexandru Stoian - Cyber security specialist @ CERT-RO
Catalin Patrascu - Coordinator of the Incident Handling Team @ CERT-RO
2017 was a very difficult and interesting year for us at CERT-RO, with big and very mediatized cyber outbreaks that got misunderstood by the public. This here is a retrospective of this year with a couple of lessons learned and a couple of funny stories from the front-lines, proving that humans will still be humans even if they mostly interact with machines. And wait, there’s more. We definitely need you. Yes, you the public.
In Soviet Russia, Vulnerability Finds You
Inbar Raz - Hacker of Things
The stories in this talk are all about research that started because I ran into something and it caught my attention – I wasn’t looking for it.
Orange is the New Purple – How and Why to Integrate Development Teams with Red/Blue Teams to Build More Secure Software
April C Wright - Information Security and Compliance at Verizon Wireline
Introducing a new paradigm for integrating developers with offensive and defensive teams to enhance SDLC.
Panel - CYBER SECURITY IN REAL BUSINESS WORLD
How does the continuous cybernization of today’s business world impact business processes? And what are the risks involved for you and your company? IT Security Experts from Austria and Romania discuss current and future challenges of digitization in the business environment as well as potential approaches for successfully mastering risks involved. Confirmed speakers include security and IT experts from well-known Austrian companies, the consulting industry as well as from the Austrian Ministry of the Interior (BMI). Guests:
- Cristian Octavian Goiceanu – Executive Director at Business Security & Continuity Management Dept., BCR
- Florin Barbu, IT Director, Uniqa Romania
- Adriana Radu, Partner Schönherr
- Gabriel Mihai Tanase, Cyber & IT Advisory Director, KPMG Romania
- Andreas Tomek, Managing Partner, KPMG Austria
- Gernot Goluch, Austrian Federal Ministry of Internal Affairs, Federal Office for the Protection of the Constitution and the Fight against Terrorism.
Supporting innovation in cybersecurity through acceleration program – Orange Fab
Vlad Sorici - Project Manager for Orange Fab
Orange Fab Romania is a 1-year startup accelerator, conceived to support entrepreneurs in developing innovative products and help them distribute both locally and globally.
Remote Attacks against IoT
Sabin POTÎRCĂ - Technical Project Manager, Experimental Research Unit at Bitdefender
In this talk we’ll describe the methods and tools used in IoT vulnerability research and our findings on a very popular smart plug: breaking their so-called encryption to capture sensitive data, remote control of the plug and full remote code execution.
Fileless malware - beyond a cursory glance
Lucian Sararu - InfoSec Team Lead at SecureWorks
Alin Puncioiu - Security Operations Manager at SecureWorks
Alin and Lucian will talk about “living off the land” trend of malicious operations. Reverting to simple methods, making use of inherent “features” built into the operating systems that are being subverted as powerful infiltration solutions, one may run scripts and shellcode directly in the computer’s memory
Securing without Slowing
J Wolfgang Goerlich - VP, Strategic Security Programs at CBI
Case studies of successful DevOps and Cloud security, leaning on Rugged and security culture, will be shared. The emphasis is on teams that secure the process and technology without sacrificing time. But can we secure the technology without slowing the pace? Absolutely. The session concludes with lessons on how do to just that.
Friday, 10th November - Bucharest Room
Pick up your badge & grab your coffee.
Efficient Defenses Against Adversarial Examples for Deep Neural Networks
Irina Nicolae - Research Scientist at IBM Research
We propose a new defense method based on practical observations which is easy to integrate into models and performs better than state-of-the-art defenses.
Wisdom and Life Lessons Learned in the Business of Cyber security
Steve McGregory - Senior Director of Application and Threat Intelligence at Ixia, a Keysight business
I have had the privilege of managing security operations in my early career startups, to building an Intrusion Prevention System, to building solutions to assess the resiliency and efficacy of security products, to building a state-of-the-art Threat Intelligence Platform. Let’s take a journey through all of this and, in the short time we have together, see if we can make some course corrections together.
Panel - Current challenges of cybersecurity policies and legislation
Everyday we find out about new vulnerabilities which affect wi-fi networks, operating systems and websites, leaving our data discoverable. Due to these new threats, legislation must also be adapted in order to enhance a better response to security incidents and to enable cooperation between public institutions and also between member states. In this context, the EU adopted the NIS Directive which needs to be transposed into national legislation by 2018. On october 3rd The Romanian Ministry of Communications and Information society has launched in public consultation a draft law for transposing the directive. This may also have an impact on Romania's cybersecurity strategy which dates from 2013.
- Catalin Drula, President of the IT Committee from the Chamber of Deputies
- Cristian Cucu, CIO, Secretary of State Romanian Government
- Cristian Driga, Counselor Cooperation Department CERT-RO
- Bogdan Manolea, Executive Director for Association for Technology and Internet
What the WiFiCactus?!?!?!
Mike Spicer - Ninja
The #WiFiCactus is a tool that passively listens on 50 channels at the same time thanks to 25 Hak5 Pineapple Tetras. This talk will break down the build process, the hardware and the software to make the ultimate war-walking machine.
Drive safely on the internet lane: how smart cars can leak your data
Gabriel Cirlig - Senior Software Engineer at Ixia, a Keysight business
Stefan Tanase - Principal Security Researcher at Ixia, a Keysight business
Given a relatively new car (2014) with an infotainment system completely decoupled from the car’s backbone (ignition, lights and such), we discovered sensitive personal information being stored completely in the clear.
DefCamp 2017 - Awards Ceremony
- DEFCAMP CAPTURE THE FLAG (D-CTF)
- DEFEND THE CASTLE
- ARIADNE’s THREAD CTF 2.0
- IoT VILLAGE
- CRITICAL INFRASTRUCTURE ATTACK
- ICS HUMLA CTF
- HACK THE BANK
- TARGET JOHN
- PASSPORT TO PRIZES
Thursday, 9th November - Roma Room
Pick up your badge & grab your coffee.
Fuzzing closed source applications
René Freingruber - Security Consultant at SEC Consult
The aim of this talk is to demonstrate different techniques which can be used to fuzz closed-source applications or libraries.
Turning IDS signatures against an IDS itself: a new evasion technique
Kirill Shipulin - Security Researcher at Positive Technologies
In my report I’ll tell you how to turn available signatures against the system to paralyze its operation, as well as deliberate on how compromises between performance and security, speed and quality can produce other breaches for bypass
IoT botnets? How do they work?
Mihai Vasilescu - Senior Security Research Engineer at Ixia, a Keysight business
In this talk i will present how Linux-based malware scan, infect, propagate, and launch DDoS attacks. I will also talk about how to collect new samples for study, some changes that have occurred since release of the source code.
Splunking the Clouds: finding the needle in AWS & Azure @ DefCamp #8 Bucharest Romania
Uzoma OGBONNA - Cloud Security Engineer at Adobe
Daniel Barbu - Manager of Security, TechOps Romania at Adobe
Terabytes of logs coming from all products, tools, and services in place within data centers were not enough. So, the latest challenge for an analyst within a Fortune 500 company’s SOC: find the attacker’s needles in the cloud logs. Challenge accepted!
Active Defense Untangled
Mohamed Bedewi - Senior Security Researcher and Penetration Tester
I will explain what is active defense and how can it be fully utilized in production environments to achieve almost 0% of false-positives, I will also highlight the process of extracting intelligence while feeding it to deployed security devices so you can always stay ahead!
Pentest-Tools.com - The first online penetration testing framework
Adrian Furtuna - Founder Pentest Tools
How many times have you tried to run some cool security tool on your machine and it did not work (missing dependencies, configuration problems, unsupported operating system, etc.)? Now you have a set of online tools that just work and help you with all the phases of a penetration test: information gathering, web testing, infrastructure testing and creating proof of concepts for discovered vulnerabilities.
Evolution of threats to Electric Power Grid Operations
Alexandru Suditu - Infrastructure & Security Manager at ENEVO Group
We will be looking at the evolution of threat to Critical Infrastructures and Electrical Power Grid Operations by starting with a quick overview on the industry specific devices and architectures and have a closer look at the current level of technical craftsmanship in recent cyber-attacks.
Weaponize a Raspberry Pi
Cosmin Radu - Senior Information Security Consultant at KPMG
This paper presents an answer to a problem we encountered during Red Teaming exercises. What to use as a dropbox instead of the already classic USBs in the parking lot? We decided to build from the ground up a device that could go undetected easily and that could also help us gain a foothold in the targets perimeter.
Friday, 10th November - Roma Room
Pick up your badge & grab your coffee.
Keeping customer data safe in EC2 – a deep dive
Dr.-Ing. Martin Pohlack - Principal Software Dev Eng at Amazon Web Services
In this talk, we would like to share some of our experience in dealing with Xen security advisories. The talk focuses especially on addressing security issues in large-scale live systems with minimal customer impact. We will dive deep into the Xen hypervisor.
Lockpicking and IT Security
Walter Belgers - President at The Open Organisation of Lockpickers
In this lecture, Walter Belgers will look at some security flaws in locks to see how they came about. Then, he shows us how similar mistakes are made in software development and deployment. In both cases, we have to deal with design flaws, implementation errors, zero day attacks, brute force attacks, user errors and more.
Hijacking the Boot Process – Ransomware Style
Raul Alvarez - Senior Security Researcher at Fortinet
In this presentation, we are going to look into how Petya, a ransomware, can overwrite an MBR (Master Boot Record), both in MBR- and GPT-style disk, with its malicious code.
The rise of security assistants over security audit services
Yury Chemerkin - Security Expert at JSC Advanced Monitoring
We are going to present results over 500 applications, and 20k data types examined like credentials, chats, payment info, etc. We offer a solution and a way to contribute to the security community, independent researchers and developers on an important problem. Finally, we share a cutting-edge knowledge free.
Sharper than a Phisher's Hook - The Story of an Email Autopsy
Ionut Marin - Information Security Sr. Analyst at SecureWorks
Alexandru Musat - InfoSec Team Lead at SecureWorks
The hosts will highlight some of the methods our InfoSec analysts are using to extract artifacts from a suspicious e-mail leveraging not too many open-source tools and mostly… manual analysis. Because well… that’s the best way to do it, isn’t it?
Road to ECSC 2017
Neculai Balaban - Member of the national team the represented Romania in ECSC 2017
Dorin Enache - Learning Innovation Consultant, Orange Romania
The European Cyber Security Challenge is an initiative by the European Union Agency for Network and Information Security (ENISA) and aims at enhancing cyber security talent across Europe and connecting high potentials with industry leading organizations. Dorin will tell you how Orange got involved and helped the Romanian team, while Neculai will tell us how he became involved in CTF competitions, what he did to qualify in the Romanian Team and what was the experience like at ECSC.
Smart Cities under Attack: Cybercrime and Technology Response
Ralf C. Staudemeyer - Postdoctoral-Researcher in IT-Security at University of Passau
In this talk, we look into the threat landscape by defining the security requirements and the known threats of smart city infrastructures. Then, we investigate cybercrimes in smart cities by covering a selection of use-cases, known vulnerabilities, attack scenarios, and real-world cyberattacks already experienced. Finally, I provide security and privacy recommendations for the IoT-based smart city infrastructure.
Thursday, 9th November - Vienna Room
Pick up your badge & grab your coffee.
Arun Mane - Senior Security Researcher at Payatu Software Labs
Sneha Rajguru - Security Consultant at Payatu Software Labs LLP
This contest/Context will concentrate on methodologies to conduct penetration testing of commercial Hardware devices such as PLCs as well as simulators. The contest will provide an excellent opportunity for attendees to have hands-on experience on Penetration Testing of these devices and systems.
ATM: every day trouble
Olga Kochetova - Senior Penetration Testing Specialist at Kaspersky Lab
Alexey Osipov - Lead Penetration Testing Specialist at Kaspersky Lab
In our presentation, we will cover topics on how to create botnet from ATM network, that will gather all card data, network attacks specific to ATMs connection to processing centers, direct control of the ATM software.
Attacking Mongoose OS on Xtensa platforms
Carel van Rooyen - Computer Systems Engineer
Philipp Promeuschel - Security Analyst at Compass Security Schweiz AG
This talk aims at describing employed technologies, techniques, and the preliminary results, as well as considerations on the attack surfaces from OS to hardware and storage level. It also tries to encourage more research and tool development on this topic. We further aim to share knowledge about the exploitation of new platforms and the approaches taken.
Eternal Blues with EternalBlue
Adrian Hada - Senior Security Research Engineer at Ixia, a Keysight business
Even though this exploit became renowned after the WannaCry outbreak, the exploit was quickly picked up by malware authors and it has not left us ever since. This presentation will focus on the technical aspects of how the malware spreads, as well as what the final purpose is for the threat actors using EternalBlue.
SHA-3 vs the world
David Wong - Security Consultant at NCC Group
Since Keccak has been selected as the winner of the SHA-3 competition in 2012, a myriad of different hash functions have been trending. From BLAKE2 to KangarooTwelve we’ll cover what hash functions are out there, what is being used, and what you should use. Extending hash functions, we’ll also discover STROBE, a symmetric protocol framework derived from SHA-3.
Minute-hacks against Robi the Robot
Daniel Tomescu - Security Penetration Tester, KPMG Romania
Stefan Nicula - Penetration Testing Specialist KPMG Romania
Stefan and Daniel will talk about a recent research project that focused on testing the security of an IoT Robot. The approach of the project was directly from an attacker's perspective, being more technically specific in details regarding vector of attacks, an attacker's entry points and different types of device hijacking. Given the early stages of the robotics field, the research project aims to raise awareness of the security implementations embedded over these specific IoT devices.
You Fail in SE If You Make Those Mistakes
Yehia Mamdouh - Penetration Tester Specialist and Security Researcher at DTS-Solution
Humans are the Weakest link in security, Including Social Engineers themselves, We see a lot of talks talking about how to be a professional social engineer through what we should do and what kind of knowledge we should gain?! But in this talk we will spot a light on what mistakes we should avoid during our social engineer assessment?
Bug bounty conspiracy and 50 shades of gray hat. Who owns the vulnerability?
Vladimir Taratushka - Conference Director at HackIT
What is the good solution to stop black hackers and data leaks? How sure you can be in antivirus, firewall or maybe security practices compliance? Can bug bounty hunter make big enough legal money participating in bug bounty programs? This speech is dedicated to security researchers and organizations who worry about their informational security.
Friday, 10th November - Vienna Room
Pick up your badge & grab your coffee.
Twisting Layer 2 Protocols
Paul Coggin - Red Team Engineer at Financial Institution
This session will show in detail how the red team can quickly identify and exploit numerous network protocol vulnerabilities that the previous security test team probably missed. Methods for securing routing and switching protocols will be covered.
BlackBox Debugging of Embedded Systems
Alexandru Ariciu - Penetration Tester and Vulnerability Researcher at Applied Risk
In this presentation, we will demonstrate this process end to end and perform a live demo on a target ICS/SCADA device including: – Using hardware interfaces to interact with device – Bypassing the firmware validation – Infecting the device with not useful code(and bricking it by mistake) – Implementing the debugger (Background, Broad overview, Specific Implementation) – Live debugging using the technique on the target device
Are you keeping up with the Commodore, ’cause the Commodore is keeping up with you!
Konrad Jędrzejczyk - Cyber Threat Hunter at PepsiCo
Are you keeping up with the Commodore, ’cause the Commodore is keeping up with you! Commodore 64 from 1982 with 64kB of RAM hacking modern servers via Ethernet card? Exploiting modern operating systems? Why not! Come to my presentation, the very first one ever showcased, where you will see how C64 hacks modern computers with modern systems.
Back to the IoT Future: Where Marty controls all your routers
Dan Demeter - Security Researcher at Kaspersky Lab Romania
The talk is focused on the latest trends and attacks made against devices connected on networks serviced by large Romanian ISPs so the research might be relevant to some of the people in the audience.
GDPR – T minus 6 months. Are you ready?
Tudor Damian - CEH, Microsoft CDM MVP at Avaelgo
Whether or not you’re familiar with GDPR, the new EU directive on General Data Protection Regulation is due to come into effect in May 2018, which leaves very little time for any last-minute actions. Attend this session for a quick overview of what GDPR means for you and to discover how to better protect yourself and your data.
Are we alone in our infrastructure? A look into the dark corners of endpoints with Hubble.
Bogdan Simion - Information Security Analyst at Adobe
This talk will cover an overview of the tool, what it is and isn’t, deployment, configuration, our findings and experiences in working with and how everyone can customize it to better fit their own environment whatever that may be without dishing any extra money as all of this is light on your systems and open sourced.
Unexpected Shells with “covertutils”
John Torakis - IT Security Researcher, Engineer at Census S.A.
The presentation is about using covert channels to maintain access in compromised hosts. All that with sole purpose I[D|P]S/Firewall evasion and censoring/DLP bypassing. Under this context the covertutils Python Package will be introduced and a brief “what is a backdoor anyway” topic will arise for modelling purposes.