How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?


Monday, June 17, 2013

"Best Reverser" at PHDays III — Developer's Overview

When we put hand to the contest, we wanted to make it interesting, difficult and feasible at the same time.

We believe that a good reverser should be able to read computer code, convert it to a clear algorithm, find mistakes and flaws of this algorithm, and, if possible, to exploit them. Besides the code provided for analysis should be close to true software code.

The 64-bit Windows version was chosen as a platform, because Hex-Rays Decompiler for x86 makes everything easier and there are no decompilers for x64. And 64-bit applications have become common anyway.

So a small program with Qt (and static libraries) was developed. And the executable file was almost 10 MB. But is it unbearable for a talented reverser? Though, according to feedback, the file size scared some participants. On the other hand, Qt leaves a lot of useful information, and a reverser must know how to separate the wheat from the chaff...

17 Hackspaces From 7 Countries Joined PHDays III

To take part in the PHDays forum, local information security specialists gathered together in Abu Dhabi  (United Arab Emirates), Birzeit (Palestine), Cairo (Egypt), Kollam (India), Tunis (Tunisia), Kiev and Lviv (Ukraine), and Vladivostok, Voronezh, Kaliningrad, Novosibirsk, Omsk, St. Petersburg, Saratov and Ufa (Russia).

Tuesday, June 11, 2013

A Researcher from Tomsk Wins PHDays III Young School

The results of PHDays III Young School, a national information security competition of young scientists, are known. The program committee considered a great number of applications and selected four best works, the authors of which spoke at PHDays in front of leading IS specialists from all over the world.

The ideas of the PHDays Young School participants find practical application very quickly. At the final stage of the competition, Andrey Iskhakov's "Two-Factor Authentication System Based on QR Code" (Tomsk State University of Control Systems and Radioelectronics) was voted the most interesting and promising work. It is already decided that the premises of Tomsk special economic zone will be equipped with Andrey's security system in 2014 — security badges will be substituted by a special identification program for employees' mobile devices.

Thursday, June 6, 2013

PHDays III CTF: Levart D’Errorim

The Positive Hack Days forum, which was held on May 23 and 24, traditionally hosted a CTF contest. During two days, ten teams from six countries beat back attacks and hacked rivals' networks.

Tuesday, June 4, 2013

The NetHack Challenge Detailed Review

During the Positive Hack Days III forum, the NetHack competition for experts in network security was held. The participants were to obtain access to five network devices and capture flags stored in the devices during 50 minutes. The game network included typical network infrastructure vulnerabilities discovered by the Positive Technologies experts during security analysis and penetration tests. Today we would like to bring to you attention a detailed review of the contest tasks.