Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

March 14 2017

Submit your Talk – Call for Papers for BSidesLondon

The Call for Papers for BSidesLondon is still running! If you haven’t submitted your talk yet, please do! The deadline is 27 March 2017. Don’t miss it! The Wonderful World of Cyber is full of stuff to talk about. There is broken software all over the Internet (of Things). 0days await. Infrastructure is ready to […]

The post Submit your Talk – Call for Papers for BSidesLondon appeared first on .

March 13 2017

DeepINTEL 2017 – Modern Strategies for Information Security

Seminar on Digital Defence with Experts. The news is full of reports covering attacks against networked systems and digital components. Every day there is new media coverage about stolen data, compromised accounts, the impact of malicious software, digital second strikes, cyber attacks between countries and new vulnerabilities in computer systems. All that leads to the […]

The post DeepINTEL 2017 – Modern Strategies for Information Security appeared first on .

February 02 2017

January 27 2017

Putting the Science into Security – Infosec with Style

The world of information security is full of publications. It’s like being in a maze of twisted little documents, all of them alike. Sometimes these works of art lack structure, deep analysis, or simply reproducibility. Others are perfectly researched, contain (a defence of) arguments, proofs of concept, and solid code or documentation to make a point. […]

The post Putting the Science into Security – Infosec with Style appeared first on .

January 26 2017

The Sound of „Cyber“ of Zero Days in the Wild – don’t forget the Facts

The information security world is full of buzzwords. This fact is partly due to the relationship with information technology. No trend goes without the right amount of acronyms and leetspeaktechnobabble. For many decades this was not a problem. A while ago the Internet entered mainstream. Everyone is online. The digital world is highly connected. Terms […]

The post The Sound of „Cyber“ of Zero Days in the Wild – don’t forget the Facts appeared first on .

January 21 2017

Putting the Context into the Crypto of Secure Messengers

Every once in a while the world of encrypted/secure/authenticated messaging hits the wall of usability. In the case for email Pretty Good Privacy (PGP) is an ancient piece of software. These days we have modern tools such as GnuPG, but the concept of creating keys, verifying identities (i.e. determining who is to trust), synchronising trust/keys […]

The post Putting the Context into the Crypto of Secure Messengers appeared first on .

January 20 2017

DeepSec Administrivia for 2017, the Year of the Cyber

2017 is in full swing, and it didn’t wait long. December was full of „hacking“ news. It seems digital war(e)fare knows no break. We will address some of the issues in a series of blog articles. Also we have uploaded the DeepSec 2016 videos to Vimeo. Attendees and speaker will get access before we publish […]

The post DeepSec Administrivia for 2017, the Year of the Cyber appeared first on .

December 23 2016

Security BSides Events – Give a Present to the Community

You most certainly have heard about the security BSides events. If you are not sure what gift to get, why not help out the BSides events a bit? BSides London is looking for help. BSides Ljubljana has started its call for papers. Have a look and give them a hand. Happy Holidays!

The post Security BSides Events – Give a Present to the Community appeared first on .

November 30 2016

Scanning for TR-069 is neither Cyber nor War

The Deutsche Telekom was in the news. The reason was a major malfunction of routers at the end of the last mile. Or something like that. As always theories and wild assumptions are the first wave. Apparently a modified Mirai botnet tried to gain access to routers in order to install malicious software. The attacks […]

The post Scanning for TR-069 is neither Cyber nor War appeared first on .

November 17 2016

Disclosures, Jenkins, Conferences, and the Joys of 0Days

DeepSec 2016 was great. We have slightly recovered and deal with the aftermath in terms of administrivia. As announced on Twitter, we would like to publish a few thoughts on the remote code execution issue found by Matthias Kaiser. He mentioned the possibility in this presentation titled Java Deserialization Vulnerabilities – The Forgotten Bug Class. […]

The post Disclosures, Jenkins, Conferences, and the Joys of 0Days appeared first on .

November 10 2016

DeepSec 2016 – expect 48 Hours of Failures and Fixes in Information Security

The conference part of DeepSec 2016 has officially started. During the workshops we already discussed a lot of challenges (to phrase it lightly) for infrastructure and all kinds of software alike. The Internet of Things (IoT) has only delivered major flaws and gigantic Distributed Denial of Service attacks so far. There is even a worm […]

The post DeepSec 2016 – expect 48 Hours of Failures and Fixes in Information Security appeared first on .

November 09 2016

Screening of “A Good American” in Vienna with Bill Binney

There will be a screening of the documentary A Good American in Vienna tomorrow. We highly recommend watching this film, even if you are not directly connected to information security. Threat intelligence has far-reaching consequences, and in the case of the world’s biggest intelligence agency it also affects you. A Good American will be shown […]

The post Screening of “A Good American” in Vienna with Bill Binney appeared first on .

DeepSec 2016 Talk: Obfuscated Financial Fraud Android Malware: Detection And Behavior Tracking – Inseung Yang

In Korea in particular, hackers have distributed sophisticated and complex financial fraud android malware through various means of distribution, such as SMS phishing, Google play, compromised web servers and home routers (IoT). In some cases, both smartphone and PC users are targeted simultaneously. Inseung Yang and his team collect mobile android malware via an automated analysis […]

The post DeepSec 2016 Talk: Obfuscated Financial Fraud Android Malware: Detection And Behavior Tracking – Inseung Yang appeared first on .

November 08 2016

DeepSec 2016 Keynote: Security in my Rear-View Mirror – Marcus J. Ranum

Everything that’s old is new again, and if you work in security long enough, you’ll see the same ideas re-invented and marketed as the new new thing. Or, you see solutions in search of a problem, dusted off and re-marketed in a new niche. At this year’s DeepSec conference the keynote will be given by Marcus Ranum, who set […]

The post DeepSec 2016 Keynote: Security in my Rear-View Mirror – Marcus J. Ranum appeared first on .

DeepSec 2016 Talk: Systematic Fuzzing and Testing of TLS Libraries – Juraj Somorovsky

In his talk Juraj Somorovsky presents TLS-Attacker, a novel framework for evaluating the security of TLS libraries. Using a simple interface, TLS-Attacker allows security engineers to create custom TLS message flows and arbitrarily modify TLS message contents in order to test the behavior of their TLS libraries. Based on TLS-Attacker, he and his team first developed a two-stage TLS fuzzing approach. […]

The post DeepSec 2016 Talk: Systematic Fuzzing and Testing of TLS Libraries – Juraj Somorovsky appeared first on .

November 04 2016

DeepSec2016 Talk: Smart Sheriff, Dumb Idea: The Wild West of Government Assisted Parenting – Abraham Aranguren & Fabian Fäßler

Would you want to let your kids discover the darker corners of the Internet without protection? Wouldn’t it be handy to know what they do online, to be alerted when they search for dangerous keywords and to be able to control what websites they can visit and even when they play games? Worry no longer, […]

The post DeepSec2016 Talk: Smart Sheriff, Dumb Idea: The Wild West of Government Assisted Parenting – Abraham Aranguren & Fabian Fäßler appeared first on .

November 03 2016

DeepSec 2016: Social Engineering remains the most dangerous Threat to Companies – DeepSec offers a Workshop on the Defence of social Manipulation as part of IT

If you follow the news on information security, you see superlative after superlative. Millions of passwords were stolen. Hundreds of thousands of cameras suddenly became tools for blackmail. Countless data got copied unauthorized. Often, after a few paragraphs, your read about technical solutions that should put a stop to these burglaries. Therefore one forgets that […]

The post DeepSec 2016: Social Engineering remains the most dangerous Threat to Companies – DeepSec offers a Workshop on the Defence of social Manipulation as part of IT appeared first on .

IT-SeCX 2016: Talk about Relationship between Software Development and IT Security

The IT-SeCX 2016 event takes place on 4 November at the St. Pölten University of Applied Sciences LLC. It’s a night of security talks, held by various speakers from the industry, academic world, and other institutions. We will give a presentation exploring the relationship between the fine art of software development and the dark art […]

The post IT-SeCX 2016: Talk about Relationship between Software Development and IT Security appeared first on .

February 15 2016

Visualizing Wi-Fi Packets the Hacker's Way
Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl