Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Hackers Conference. Show all posts
nullcon
Hackers Conference IT security conference nullcon

nullcon Goa 2017 - E Hacking News coverage


Nullcon Goa which took place between 3rd and 4th march has successfully brought together Hackers, CXOs, Security researchers, other persons who are interested in Information Security to share their research and discuss critical issues faced in the field.

nullcon Goa 2017 Highlights:

Day 1:

"Increasing your impact on Facebook Bug Bounty" by Jack Whitton explained in detail some of the statistics of their Bug Bounty Program. They also explained the difference between a good bug report and a bad one.Also what does not constitute as a bug.They also pointed out areas of facebook that need more testing.

In his talk about Nearly generic fuzzing of XML-based formats Nicolas Gregoire talked on his new XML fuzzer and how it is works. He also talked about how it was used to find vulnerabilities in Firefox , Adobe and many other popular tools. He also briefly talked about the next levels of testing he is gonna do on SVG. You can follow him here:

Drone Hijacking and other IoT hacking with GNU Radio and SDR by Arthur Garipov was very informative as he explained from the basics and showed the talk attendees on how to get stated with your own SDR setup for hacking. He also demonstrated hacking of a wireless mouse and drone by using a SDR.

Barbarians at the Gate(way) by Dave Lewis he talked about the latest happenings on the Internet and mainly focused on DDOS attack trends over the past year.

Christopher Truncer released 3.0 version of Veil Framework at nullcon- a tool designed to generate metasploit payloads that bypass common anti-virus solutions.

Daniel Bohannon showed how to do obfuscation in Powershell commands and how to detect them.





Day 2:
The keynote by Karsten Nohl titled "When enough is enough: The limits of desirable security." was very intresting to listen to. He talked about the mistakes that the security community is doing and if we are all concentrated on the wrong things when some basic issues have not yet been fixed.

In the talk on "Case study of SS7/Sigtran assessment" Akib Sayyed talked about how his team tested the SS7 networks and the vulnerabilities that were found. He also released a tool called "safeseven" that can be used to test SS7 networks.

Timur Yunusov gave a talk on ATM Security and different logical attacks that can be done against them. He explained how to bypass kiosk screens,boot into safemode's,use hardware attacks and much more.

Ajin Abraham talked on his latest project "Injecting Security into Web apps with Runtime Patching and Context Learning" .He talked about a new concept called RASP and explained its difference from a WAF.He also gave a live demo of the RASP he developed and how it blockes XSS,SQLI and RCE. He also talked about future ideas that he is going to implement to his tool.

Snippets from nullcon:

    * "Cyber security in India is growing rapidly." Josh Armour, Security Program Manager at Google says. "We are happy to be present at the nullcon conference"
   
    * Asif Baig, a Bug hunter who found security bugs in major companies and have been listed in many Hall of fames.
   
    * Yogendra Jaiswal, DIMT Raipur student, in interview with EHN told that he found Cross Site Scripting vulnerability in Linkedin and have participated in Bugcrowd's private hunt. He also said he found 2-Step authentication bypass in wordpress.com
   
    * Sushmil, from tesseract - a startup company, said they are developing a "Cyber Threat Intelligence" product that gathers information from multiple sources and helps client to prevent cyber attacks.
   
    * Vishwaraj Bhattari said he found bugs in top companies including Google, Facebook, twitter.


Presentation Slides:

  
Read more »
IT security conference
Hackers Conference IT security conference

XOR Conference 2015


XOR Conference 2015, an International Security conference was held from 17th Oct. to 18th  Oct in Kochi, was sponsored by  Cyber security and Privacy Foundation(CSPF).

The event started with the two training sessions. One was on Web App Security and Exploitation by Ajin Abraham, Francis Alexander, and another one on  Hardware\IOT security and Exploitation by Yashin Mehaboobe. Both the training session aimed at educating the attendees about the possible threats and how to deal with them.

The next day is followed by numerous talks and discussion session by various security researchers.

Santhosh Kumar, a Security researcher tabled a talk on the topic “Windows Management Instrumentation – A Frontdoor For Malwares!”. It was an  introduction to WMI and demonstrate the various ways that WMI can be used as an attacker’s swiss army knife, how malware authors are using this to leverage their exploits, how the present day tools can be used and how to protect against these type of attacks.

Arjun T.Unnikrishnan, an Undergraduate from Amritha University talked on Radare2, which provides a framework to effectively perform binary tasks with least amount of busy work.

Kunal Relan, a Security Researcher from  Aarvee Idealabs discussed on Pentest Ninja,  an extension for Firefox Desktop Browse,  which is a semi-automated SQLi injection Takeover Tool. It turns on like a sidebar and can test web applications on the go with live view.

Rahul Sasi, Founder & CTO  of CloudSek, talked on anonymous topics, whereas security researcher from Citrix Systems, Riyaz Walikar, talked about various methods of obtaining administrator privileges in a Windows environment, and another researcher Rakesh Paruchuri presented his presentation on Return Oriented Programming.

Abhinav Mishra, a Senior Security Consultant in To The New Digital, presented his paper which deals with the security mechanism that some of the newest online retailers apply, the technology they rely upon and obviously the ways to hack all this. This research paper focus on understanding the whole online payment process and the vulnerabilities associated with them.

Anto Joseph, a Security Engineer in  Citrix R&D, focused on various attacks/attack vectors and how to exploit vulnerabilities in Android based devices.
Read more »
Hackers Conference
Breaking News Ethical Hacker conference Hackers Conference

Hack In Paris 5th edition - The French Cyber Security Conference

 Sysdream, a French company which provides auditing skills and training from an attacker’s perspective to those companies which require a high level of security for their information systems, is organizing 5th edition of Hack in Paris (HIP) from 15th June to 19th this year in France.

The HIP, which is said to be the most awaited event for security professionals, includes training and conferences sessions.

According to an announcement, the event, which will be entirely in English, brings IT security professionals like: information system directors, managers and security officers together with hacking experts.

The announcement said for the first three days, the participants will be given 13 training classes by international experts like: Aditya Gupta, founder of Attify, Peter Van Eeckhoutte, founder of Corelan Team, Richard Hollis, Chief Executive Officer of Risk Factory Limited, Mario Heiderich, security researcher, Nikhil Mittal, researcher, Gnesa Gianni, security research and professional trainer at Ptrace Security and many others.

The training will be given on various topics like: ANDROID/IOS EXPLOITATION, CORELAN “ADVANCED”, CORELAN “FOUNDATIONS”, DESIGNING AN EFFECTIVE 27001 ISMS, HACKING WEB APPLICATIONS – CASE STUDIES OF AWARD-WINNING BUGS IN GOOGLE, YAHOO, MOZILLA AND MORe, HARDWARE HACKING LABORATORY FOR SOFTWARE PENTESTERS, IOS APPLICATION EXPLOITATION, MASTERING BURP SUITE PRO - 100% HANDS-ON and among others.

The training session will be held at Sysdream, 14 Place Marie-Jeanne Bassot,92300 Levallois-Perret France.

More details available about the training at: https://www.hackinparis.com/trainings-2015

On the remaining two days of the HIP, there will be 16 talks, including two keynote addresses and one debate with world-renowned speakers like: Winn Schwartau, Jose Lopes Esteves, Chaouki Kasmi, Mario Heiderich and others.
The conference will be held at Académie Fratellini, 1-9 rue des Cheminots 93210 La Plaine Saint Denis France.

More details available about the conferences at: https://www.hackinparis.com/talks-2015

Read more »
Security News
Hackers Conference Information Security nullcon Security News

Nullcon international security conference 2014

Recently we all witnessed this season of NULLCON unfold, NULLCON, which is India’s biggest Security Conference that happens in Goa every year, this year it was held on 14th of Feb, and its tagline being ”Spread Love, Not Malware”.

This year’s Nullcon International Conference was filled with speakers from across the Globe with various interesting papers that were presented. This year’s Nullcon did see some of the upcoming talents of Indian Cyber Space.

The event started off with a bang with the Night Talks on 13th night which was followed by a Grand Party. The evening part of the talks even had “Black Shield Award” segment which brought out the eminent personalities being awarded the Black Shield Award. The Achievers List of Black Shield is as follows:


The day talks started on 14th morning and went on till 15th evening. This year’s Nullcon’s talks featured various well known Security Researchers such as Rahul Sasi, Alexander Polyakov, LavaKumar Kuppan, Vivek Ramachandran, Saumil Shah and many more. And as Nullcon always tries to bring out the budding talents from India, this time we did have upcoming talents from Indian Infosec Community such as Yahin Mehboobe, Ankita Gupta, Abhay Rana and many more.

One of the major paparazzi grabber this time was the Ultra Geeky nullcon2014 hardware badge that was developed by Indian researchers “Amay Gat” and “Umesh Jawalikar”.

One of the new things that was seen this time at Nullcon was the NULLCON AMMO which showcased some of the coolest, geekiest opensource tools developed by young Indian Researchers and Developers.

The tools found at Nullcon Ammo were:
  • OWTF (The Offensive Web Testing Framework) – By: Abharam Aranguren & Bhardwaj Machhiraju.
  • NoSQL Exploitation Framework – By: Francis Alexander.
  • XML Chor – By: Harshal Jamdade.
  • Drup Snipe - By: Sukesh Reddy and Ranjeet Senger.
  • OWASP Xenotix XSS Exploitation Framework – By: Ajin Abharam
And there were plenty of other tools too that got featured this time at Nullcon Ammo event.

Overall this season of Nullcon was filled with more geekness , fun, party and awesome feast of Information and Knowledge for Infosec Enthusiasts. It was really more exciting than the previous season of Nullcon. The experience this time the hackers had was the best. For a Hacker , you can’t ask anything better than Nullcon. 
Read more »
Hackers Conference
Breaking News Defcon Kerala Hackers Conference

Defcon Kerala Information Security Meet 2014


DEFCON KERALA chapter is pleased to announce that the second edition of DEFCON Kerala 2014 will be held on March 8th at Hotel Travancore Court, Kochi. DEFCON Kerala (DC0497) is the first DEFCON Chapter in Kerala and is a DEFCON USA Registered group for promoting and demonstrating research and development in the field of Information Security. We are a group of Information Security Enthusiasts actively interested in promoting information security.

Whether you are an information security expert, researcher or newbie in the field of information security, we have the right events to satisfy your appetite. This year DEFCON Kerala bring you a host of events which include.

KEYNOTE SESSION
N. Vinayakumaran Nair, Assistant Commissioner, Hi-Tech Cell, Kerala Police

TECHNICAL TALKS
Be there with us to hear from the experts who are at the forefront of information security research. This year we have about 12 Technical Talks that demonstrate Information Security Research in various fields.

  • WI-Hawk - Anamika Singh, Product Specialist
  • Android Security and Mobile OS Security in General - Anto Joseph, Technical Consultant
  • Compromising a DB via the XSS Vulnerability. XSS + Metasploit + Social Engineering -Fadli B. Sidek&VikneshwaranVeeran, Security Consultants
  • Security through Obscurity No More Alive - Gaurav Raj Anand, Independent Researcher
  • XMLChor-XPATH Injection exploitation - HarshalJaiprakashJamdade, Security Researcher
  • Interactive Web Security Testing with IronWASP- Lavakumar, Founder IronWASP
  • Windows 8 Forensics - Nikhalesh Singh Bhadoria, Information Security Researcher
  • DrupSnipe: Vulnerability Scanner for live Drupal powered website - Ranjeet Singh Sengar and Sukesh Reddy, Security Researchers
  • Securing the Web-Native Bridge in Hybrid Mobile Apps - Sachinraj Shetty, Application Security Manager
  • Android Forensics and Security Analysis - Santhosh Kumar, Independent Security Researcher.
  • To be announced - Francis Alexander, Security Researcher, OpenSecurity
  • HackSpace Workshop - YashinMehaboobe, Security Researcher, OpenSecurity

HACKSPACE-Free Hardware hacking workshop


HackSpace is a free and interactive hands on workshop on hardware hacking. It'll cover everything from basic microcontroller programming to hardware based attacks. Workshop will start with basic programming fundamentals. This will serve as a base for the rest of the class. Attendees will be introduced to various boards such as the Raspberry Pi, various Arduino boards as well as boards such as the MSP430 Launchpad.

The course will include fundamentals of bus protocols such as UART,I2C and SPI and how they are used. This will all be covered from an HackSpace is a free and interactive hands on workshop on hardware hacking. It'll cover everything from basic microcontroller programming to hardware based attacks. Workshop will start with basic programming fundamentals. This will serve as a base for the rest of the class. Attendees will be introduced to various boards such as the Raspberry Pi, various Arduino boards as well as boards such as the MSP430 Launchpad. The course will include fundamentals of bus protocols such as UART,I2C and SPI and how they are used. This will all be covered from an InfoSec perspective. Attendees will learn how to utilize the boards for penetration testing and security research.

DEFKTHON CTF
DEFKTHON CTF is DEFCON Kerala's trademark CTF. This is a jeopardy style CTF with challenges categorized into Recon, Reversing, Web, Crypto and Miscellaneous. The CTF is open to all and will be online on March 3rd 9.00 IST and will run till March 4th 21.00 IST. Stay tuned to http://ctf.defconkerala.com/


BEST SPEAKER AWARD

Cyber Security and Privacy Foundation(CSPF) will award the best speaker a grant of Rs.10,000. The Speakers will be judged by a Committee including Team DEFCON Kerala and an honorable member form CSPF. Delegates can contribute 50% to this selection process.

Top 5 reasons to attend DEFCON KERALA 2014
Access to cutting edge Technical Talks.
Access to Hack Space, the Hardware Hacking workshop.
Certificate of Participation.
Slides, Tools or Materials provided by the Speaker.
A niche networking platform.


Entry Pass: Rs.1100
Student Pass: Rs.800 (with discount code)
DISCOUNT CODE: STUDENT_14
Complimentary food coupons for all attendees.

Visit: www.defconkerala.com
Register Here: http://defconkerala.com/registration.html
Read more »
IT security conference
Defcon Kerala hacker news Hackers Conference IT security conference

DEFCON Kerala 2014: Call For Papers is Open Now


DEFCON Kerala (DC0497) is a DEFCON USA Registered group for promoting information Security Research. We arrange up an environment of Hackers, Developers, Security Analysts, Security Enthusiasts, and the Corporate Security Stake holders before you.

Defcon Kerala is a platform for Security Researchers, both professionals and students to present their technical research papers and their creativity related to “Computer Security”. Defcon Kerala will be a stepping stone for professionals, beginners, and students by providing a starting point to advance their knowledge and skillsets.

Topic of Interest
  • New Security Tools
  • New Exploits Vulnerabilities and Zero Days
  • Cyber Forensics
  • Lock Picking & Physical Security exploitation
  • Web Application & Network Security
  • Antivirus/IDS/Firewall/filter evasion techniques
  • Social Engineering
  • Browser Exploitation
  • Mobile Application Security and Exploitation
  • Wireless Security
  • Denial of Service Attacks
  • Hardware Hacking/ SCADA Hacking
  • Honeypots
  • Encryption and Cryptography 
  • Fuzzing and Exploitation 
  • Open Source Security 
  • Anonymity in Internet
  • Carding and Black Market Analysis

NOTE: These are just some sample topics. You can send any topics related to Information Security.

Submission Format
Send your papers to cfp@defconkerala.com

Follow the format given below:
Name:
Designation:
Mobile:
Twitter Handle:
Brief Biography:
Paper Title:
Paper Abstract:
Publishing any Tools/Vulnerabilities/Zero Days (YES/NO, If Yes Specify the details):
Any Additional Requirements:
Attach a face photo shot to be published in the website.

IMPORTANT
Presentation Time: 30 mins

Speaker Benefits
  • Complimentary Pass to the Event
  • Certificate of Speaking
  • Food Coupons

Important Dates
CFP is open: 25th December 2013
CFP Submission Deadline: 10th February 2014
Complete set of Speakers will be published: 20th February 2014
Defcon Kerala Meet 2014 Scheduled on: 8th March 2014

Frequently visit our website for notifications and changes.
Stay tuned to www.defconkerala.com
Read more »
IT Security News
hacker news Hackers Conference IT security conference IT Security News

DefCamp 2013 : International hacking and information security conference in Romania

 

Between 29-30th of November, Crystal Palace Ballroom, Bucharest is hosting the fourth edition of one of the most hypnotizing events on hacking & INFOSEC in Romania and South-Eastern Europe - DefCamp. The list of special guests contains big names, such as Raoul Chiesa, founder and president of The Security Brokers and Carsten Eiram, Chief Research Officer at Risk Base Security.

The conference that will take place this fall will engage participants in discussions about how to travel for free with Bucharest Public Transit (RATB and Metrorex), hijacking control of your car, hacker profiling, 0days, PRISM, mobile security problems, DDOS, networking, P2P networks, D&D APT’s, social engineering, camera surveillance, metasploit, header analysis, application security research, NSA, Snowden, privacy concerns, credit cards, Romanian Internet scanning, networking, P2P networks, SSL ripper lock picking, copyrights, Romanian laws, secure system administration with key industry specialists from Romania and abroad holding presentations.
 
The conference will also include a series of hands-on activities such as DCTF (DefCamp Capture the Flag), App2Own, Hack The Machine and Spot The Cop, rewarded with prizes.

Keynote presentations will be held by our special guests:
  •  Raoul "Nobody" Chiesa, president of The Security Brokers
  •  Carsten Eiram, Chief Research Officer at Risk Base Security.
  • The awesomeness is powered up by:
  •   Kizz MyAnthia, Senior Penetration Tester – Shadowlabs at HP Enterprise Security
  •  Nathan LaFollette “httphacker”, Senior Security Consultant – Shadowlabs at HP Fortify
  •  Nir Valtman, R&D Chief Security Officer at Retalix
  •  Robert Knapp, Co-Founder & CEO CyberGhost SRL
  •  Milan Gabor, CEO at Viris
  •  Adrian Furtuna, Security Consultant at KPMG Romania
  •  Bogdan Alecu, System Administrator at Levi9 and one of DefCamp's traditional speakers
  •  Alex Negrea, Co-founder at docTrackr.com
  •  Andrei Costin, PhD student with EURECOM & Co-Founder/Lead-Researcher at Firmware.RE
  •  Ionut Popescu, Security Consultant at KPMG
  •  Dan Catalin Vasile, Board Member of OWASP Romania
  •  Brindusa Stefan Cristian, Lead-Developer at RogentOS GNU/Linux
  •  Radu Stanescu, IT Security Consultant & Trainer Sandline
  •  Bogdan Manolea, legi-internet.ro
  •  Bogdan-Ioan Şuta, Independent Security Researcher.

“We have awaited the 48 hours of DefCamp 2013 since the closing moment of the last edition. It is hypnotizing to exchange ideas, to compete, to expand your knowledge and to meet people who you know only from the virtual world. I wish I could also participate to fully enjoy these moments!", said Andrei Avădănei, founder and coordinator of the Defcamp conference in a press release.

DefCamp managed, in just 4 editions, to be the most awaited conference in the entire information security and hacking scene in Eastern Europe. It's the perfect time to join and feel the vibes.

For more details you can access our website or contact us directly at contact@defcamp.ro.  Don't forget to sign up! European students pay only 50% of the ticket!
Read more »
IT security conference
DefCon Defcon Kerala Defcon Kerala 2013 Hackers Conference IT security conference

Defcon Kerala 2013 - Call for papers


Defcon Kerala (DC0497) is a Defcon USA Registered group for promoting and demonstrating research and development in the field of Information Security. We are a group of Information Security Enthusiasts. Defcon Kerala is a platform for students, professionals, geeks, and nerds to present there technical research papers and show case their skills. Speakers are invited to present papers on various information security related research topics before the delegates and interact them.

Some Topics of Interest:

Disclosure of new Hacking Tools

New Vulnerabilities and Zero Day Exploits

Cyber Forensics

Lock picking & physical security exploitation

Web Application & Network Security

Antivirus/IDS/Firewall/filter evasion techniques

Social Engineering

Metasploit Framework

Web Browser Exploitation

Mobile Application Security and Exploitation

Wireless Security

Denial of Service Attacks

Hardware Hacking/ SCADA Hacking

Honeypots

Fuzzing Techniques

Open Source Security

Cyber Laws, Cyber warfare, Cyber Ethics

Anonymity in Internet

Carding and Black Market Analysis

NOTE: These are just some sample topics. You can send any topics related to Information Security.

Paper Submission Details

Please send your papers to this email


Follow the format given below:

=========================================================

Author Name:

Mobile:

Brief Biography:

Paper Title:

Paper Abstract:

Paper Outline:

Publishing/Disclosing any Tools/Vulnerabilities/Zero Days (YES/NO):

Any Additional Requirements:

=========================================================

NOTE: Paper should be submitted in PDF, DOC, DOCX, or ODF Format. Presentation should not exceed 25mins. If your paper is selected then you will be notified soon and you should register for a Speaker Pass.

Register

Buy your speaker pass for Defcon Kerala 2013 Meet

Please Register only after you get a notification by email that your paper is selected.

Click here => REGISTER

Important Dates

Call For Papers is open: 13th January 2013

Call For Paper submission Deadline: 1st April 2013

Defcon Kerala Meet 2013 Scheduled on: 21st April 2013


Read more »
Subscribe to: Posts (Atom)