Peculiarities of Fights Against Russian Fraud
Evgeny Tsarev will give the answer in his report Systems of Russian style Fraud Resistance. The reporter will speak of peculiarities of Russian fraudulence in the banking field, outline various fraud schemes, point out the reasons of a low level of efficiency of the Western approach and demonstrate how a complex security system should be build up.
DNS Exfiltration Using SQLmap
A developer from Croatia, Miroslav Stampar in his report DNS Exfiltration Using SQLmap will present a DNS exfiltration technique performed by means of SQL injections, speak of its pros and cons and support it with visual presentations.
Methods of Penetration Through Internet Explorer
Investigating Information Security Incidents Within Automated System of Technological Process Management (SCADA Forensics)
Hackers’ growing interest in technological infrastructures and automated systems of technological process management (SCADA) is becoming a sort of a trend. Experts estimate that Russian leading industry companies lose up to 10% of their revenue because of internal fraud, thievery, violation of technological processes, configuration flaws in measuring equipment. A specific nature of SCADA requires developing an essentially new technical discipline — computer forensics in the field of industrial automated systems.
Andrey Komarov’s report also covers incident prevention mechanisms used in the field and considers possibilities of Business Assurance Systems (BAS) regarding economic frauds prevention in the SCADA sector (alteration of such data as fuel-dispensing station readings, data of trading and accounting systems, readings of container indicators, data of fuel and discount card processing).
Andrey Komarov is the head of audit and consulting department of the Group-IB company. At present, he is involved in work on Penetration Testing Execution Standard (PTSE) as a representative of Russia.
Cybersecurity in The Ukrainian Style
Currently, Konstantin Korsun is the president of UISG. At PHDays. He will present a report titled UISG, a Community of Information Security Experts of the Ukraine. Achievements and Prospects.
About a Secure Use of PHP Wrappers
The PHP topic will be further developed by Aleksey Msockvin, another Positive Technologies security expert. His report About a Secure Use of PHP Wrappers focuses on vulnerabilities related to PHP wrappers. Such vulnerabilities have been discussed for quite a while. OWASP TOP 10 and WASC TCv2 provide links to them. However, a number of peculiar features of some wrappers and filters may cause vulnerabilities (including critical ones) even in applications developed according to security requirements.
The report covers algorithms that allow transferring data to an application bypassing its logic. This approach can be used for bypassing Web Application Firewalls built into security filter applications, as well as for conducting attacks aimed at obtaining access to file system and executing arbitrary code. The speaker will introduce some of 0-day vulnerabilities detected by means of the method described in the work.
Aleksey is a specialist in static and dynamic security analysis of application source code. He is in the team of PHDays CTF developers.
Instrumentation Methods of Complex Code Analysis
Time goes by, development technologies get more sophisticated, codes get more complex (virtual function, JIT-code and etc.). It gets extremely hard to analyze such codes. To make researchers’ lives easier, there are various code instrumentation methods available at present. PIN libraries, Valgrind, DynamoRIO, DynInst etc. are new indispensable constituents of a security researcher’s arsenal. Current methods of instrumentation (of source code, byte-code, and binary code) will be described by Dmitry Evdokimov in his report Light and Dark Sides of Code Instrumentation.
Dmitry Evdokimov is a columnist of the Hacker magazine, Russia. He writes a column titled Security-soft. He is also an expert in SAP security in terms of its internal arrangement (SAP Kernel and SAP Basis), and the ABAP code.