TBD later

Demonstrate different kind of structures in the binaries as a PE (header and your sessions), ELF (header and your sessions), PDF(header/ body/cross-reference table/trailer), explaining how each session works within a binary and where it would be possible to “include” a malicious code.

This talk focus on the implementation of new security hardening in mobile networks as well as detecting techniques and bypassing methods. The scope of the illustration include both radio and signalling core network.

While corporations historically tended to outsource their IT operations, companies were reorganized and established to fulfill this demand by creating shared service centers, centralized and specialized teams focusing on specific segments of the computing environment, the amount of individuals who retained the ability to appropriately oversight a corporations' information systems environment had significantly dropped. As the business relied more and more on the IT infrastructure and this foundation was targeted by cyber criminals at an increasing rate, C-level executives had to realize that financial threats no longer occur only as a result of a financial mis-statement or fraud, it can be the result of an ineffectively or inadequately managed IT infrastructure. In addition, governmental and regulatory scrutiny mandated and mandates these corporations to ensure that the outsourced service provider(s) is(are) acting based on the corporation's best interest and that the corporation has control over the activities that they had outsourced. Consequently, the companies are facing these requirements at times when the amount of individuals who have an accurate knowledge of the topology and the infrastructure of the company is very limited. That is why the role of a CI(S)O is an art - to understand the big picture, and to communicate the risks and needs of the company to all stakeholders at their level.

AI is steadily flooding our world sipping into various verticals from Autonomous cars, Robots to Defense, Media and Smart homes. Hundreds of new startups are implementing Ai solutions worldwide and we are getting closer to the point where machine learning-based solutions will eat traditional algorithms. While we more and less understand how to deal with software vulnerabilities we have no clue what’s happening in ML-based solutions and how it's possible to hack them except probably adversarial examples which recently attracted media attention after 5 years from the initial invention. But this area is rapidly growing and we are getting to the point when there will be over 2000 research papers presented on this topic and some of them will hit media only in 5 years or so. In this presentation I will show what is happening in AI security industry, the most closed cybersecurity area. We will discuss the most critical AI applications such as face recognition, self-driving cars, voice assistants and their latest attacks. Then we will discuss ML algorithms such as classification, regression, reinforcement learning, clustering, etc… and how to attack them. An finally we will look at the particular attack methods such as adversarial, privacy, poisoning, backdoor, reprogramming, and how they evolving.

In this talk I will talk about how can we exploit applications on macOS (including macOS), where some of the directory / file permissions are incorrectly set. The incorrectness of these settings it’s not trivial at first sight because understanding these permissions are not intuitive. We see bugs from simple arbitrary overwrites, to file disclosures and privilege escalation. The concepts applicable to *nix based system as well, however this talk focuses on macOS bugs only.

TBD later

JSON Web Tokens (JWTs) have become ubiquitous in the web authentication landscape over the last four years. In this talk, I'll introduce you to their successor: PASETO tokens (platform agnostic security tokens).

In this talk I will introduce iOS jailbreaking, and I will do that by exploiting two real world vulnerabilities back from 2016. These bugs were used by the famous Pegasus spyware The two bugs are: CVE 2016-4655 & CVE 2016-4656

TBD later

While organizations are utilizing containers and microservices architecture, the threat landscape has been evolved. Security Operation Centres needs to extend their detection and prevention capabilities to hunt for the threats in such an environment. The talk will go deeply into this new landscape, and to detect the related security threats at multiple layers, at the container, underlying host OS, and the whole kubernetes cluster.

Whenever we want to proactively hunt for malware of interest for threat intelligence purposes, YARA is the swiss-army knife that makes the work of malware researchers and threat intelligence Researchers easier. Malware developers work just like legitimate software developers, aiming to reduce the time wasted on repetitive tasks wherever possible. That means they create and reuse code across their malware. This has a pay-off for malware hunters we can learn how to create search rules to detect this kind of code reuse, Traditional Yara rules are written on strings, but if we implement code leveraging YARA code reuse rules in addition with the strings rule the rule will last decades. for successful and long-term hits, we have to combine both string-based and code-based coverage. The key to efficient YARA rules depends on simple and clear rulesets utilizing both.

The talk is focusing on people that are not sure on how to start their journey to the world of threat intelligence. By the end of this talk we would have gone through the process, common pitfalls, and a road to success for an intelligence-driven security function. More importantly, the talk will give you the answer to whether or not an intelligence team is something that is worth pursuing for your organization at this point in time and if not, then when it is the right time for you to expand to this area.

The NoSQL ecosystem thrived on combining scalability and simplicity. This talk focuses on some assumptions we built Elasticsearch on, which helped the ease of use initially, but turned out to be less than perfect for security in the long run: * Binding to all interfaces and broadcasting join requests to the whole subnet makes clustering simple. * Running as root is the straightforward option. * Using a general purpose programming language for scripting adds lots of features. * Guessing the content-type of a request is fine. * Default passwords and clear-text password files are a reasonable tradeoff. * Docker and distributed systems play well with your security efforts. * Generating TLS certificates is easy. * Everyone will turn on security and defaults are easy.

The workshop is the iOS (very) short version of a 3-days training dedicated to learn the basics to be able to assess the security of mobile applications (Android and iOS). Davy Douhine (@ddouhine) will share many techniques, tips and tricks to deliver to pentesters, bug bounty researchers, app makers or just curious a 100% hands-on iOS workshop. Goals: – Understanding common mobile vulnerabilities – Understanding iOS basics – Understanding of the OWASP MSTG (Mobile Security Testing Guide) and the MASVS (Mobile Application Security Verification Standard) – Know how to build an iOS pentest toolset

The workshop is the Android (very) short version of a 3-days training dedicated to learn the basics to be able to assess the security of mobile applications (Android and iOS). Guillaume Lopes (@Guillaume_Lopes) will share many techniques, tips and tricks to deliver to pentesters, bug bounty researchers, app makers or just curious a 100% hands-on Android workshop. Goals: – Understanding common mobile vulnerabilities – Understanding Android basics – Understanding of the OWASP MSTG (Mobile Security Testing Guide) and the MASVS (Mobile Application Security Verification Standard) – Know how to build an Android pentest toolset