How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?

Pages

Monday, June 2, 2014

Best Reports at PHDays IV: Surveillance, Hacking and Nation-Specific Cyberwar


Big conferences with multiple reports delivered at once seem to cooperate with the Murphy's Law — the most interesting (personally to you) sections have the same schedule time. Choose one of them — miss the others. What can you do?

As to the international forum on practical security Positive Hack Days, this problem is easy to solve — watch the report video records. It is particularly valuable for those who missed the conference. All the video files are on the website phdays.com/broadcast/.

Yet watching all the records made in all the halls during two days is an option for extremely patient people. It is far more logical to filter them by topics or authors: first, read the descriptions in the program and then choose a particular report from the video list.

Still, do not forget the reports were described before the conference, when nobody knew how interesting they would be. What if only the title is cool and the contents are dull? This is the reason we suggest the third method — by popularity. We have analyzed the feedback of the PHDays participants and picked ten fanciest reports. Here they are:

1) Big Data on Social Networks: No Need for NSA’s Special Surveillance to Keep Track of You 

http://live.digitaloctober.ru/embed/2990#time1400666542

Igor Ashmanov, a specialist in artificial intelligence, started his report with a declaration that he was not interested in information security and got to the conference by accident. Still, he told so many fascinating facts on how to study people using social networks that the audience did not let him go for the whole hour after the report was over. The most Internet-cited are the slides related to "Navalny's band" and the rating of liberal and patriotic media based on the analysis of Twitter and Facebook reposts.

2) Life After Snowden. Modern Tools of Internet Intelligence

http://live.digitaloctober.ru/embed/2999#time1400760000

If Mr. Ashmanov used social networks for generalized researches, then Andrey Masalovich, Head of Competitive Intelligence Sector of the Academy of Information Systems, demonstrated techniques of more targeted private-data collection. The Pentagon showed many of these examples on its website. The most cited slide is passport scan collection by simple search on Vkontakte.

3) How to Intercept a Conversation Held on the Other Side of the Planet 

http://live.digitaloctober.ru/embed/2990#time1400670335

Sure enough, publishing phone conversations of well-known politicians is very trendy nowadays, thus the report title is not accidental. Dmitry Kurbatov and Sergey Puzankov, the experts at Positive Technologies, spoke not just about tapping, but also about other SS7 features hackers widely exploit: DoS attacks, fraud, money transfer, SMS hijacking and determining subscriber’s location without its consent.

4) Comparing Iranian, Chinese & North Korean Hacking Worlds

http://live.digitaloctober.ru/embed/2996#time1400756290

William Hagestad has served as a US Marine Officer for more than 20 years, and now is a qualified specialist in cyberwar technologies employed by different countries. He started his report speaking Chinese — as an example of a culture and information security issues in particular odd to people from the West. The rest of his speech is great to cite: "If you have a question, please stop me and ask me, coz I love the multi-task." It's hard to imagine a report delivered as showy by someone, say, from the Ministry of Defense of Russia.... But cannot they rise to the challenge and respond at the next conference PHDays?

5) Government and Information Security 

http://live.digitaloctober.ru/embed/2996#time1400738565

The organizers invited people of different professions to this round table: a representative of the Ministry of Foreign Affairs, a member of the Federation Council, Head of the Coordination Center for TLD RU, a researcher from the Higher School of Economics, a director of an analytical company and two hackers. Alexey Andreev, the moderator of the discussion and a former chief editor of the Webplanet portal, suggested that they talk about new Internet laws in the language of security not in general words. Why does a blogger with a total audience over 3,000 readers suddenly become dangerous? Why will Russia never adhere to the Budapest Convention on Cybercrime? Where is ICANN's "golden egg" hiding? How much does it cost to hack Dmytro Yarosh' mailbox? It was discursive, but interesting.

6) Intercepter-NG: The New-Generation Sniffer

http://live.digitaloctober.ru/embed/2991#time1400677520

Alexander Dmitrenko, Head of Training Department at PentestIT, spoke about the development of "the most advanced tool to restore data from traffic". He covered the algorithms of a few little-known attacks. The author of the sniffer introduced as Ares used to correspond with Edward Snowden, who was interested in how the software processed huge data arrays. This how we found out that children from the West play Russian games!

7) My Journey Into 0-Day Binary Vulnerability Discovery in 2014

http://live.digitaloctober.ru/embed/3000#time1400742033

This year, PHDays met a lot of female hackers (or security specialists): a CTF girls-only team from the Republic of Korea, experts in cute SORM (System for Operative Investigative Activities), and Young School finalists. Alisa Shevchenko, Head of her own company Esage Lab, was twice ahead of the others at the conference. Beside the report on personal fuzzing techniques she delivered with examples of flaws in Microsoft Word and Microsoft XML, Alisa won the contest Critical Infrastructure Attack having found several severe vulnerabilities in the latest SCADA versions. Later she confessed that searching for binary vulnerabilities was just a hobby for a couple of hours at night.

8) Impressioning Attacks: Opening Locks with Blank Keys

http://live.digitaloctober.ru/embed/2996#time1400760340

The members of The Open Organization Of Lockpickers (this is what TOOOL stands for) visited PHDays for the second time already. During two days of the forum, their tables were surrounded by crowds of people. That, what the majority of us had just seen in movies, was free to try at the forum — to hack an ordinary door lock with a couple of simple metal hooks. This year, TOOOL demonstrated not just picklocks, but also the impressioning technique: to open a door, you need only a blank key, sharp eye and file.

9) SCADA Strangelove: Hacking in the Name

http://live.digitaloctober.ru/embed/2990#time1400663085

Sergey Gordeychik and six experts from Positive Technologies told several stories about vulnerabilities in industrial control systems employed in various facilities: energy meters, oil-production enterprises and even the Large Hadron Collider. Their vendors differ as well: ABB, Emerson, Honeywell, Siemens. For two years of work with SCADA, the company has detected 200 zero-day vulnerabilities, but the presentation included only those of them that could be disclosed, since vendors had already eliminated them. The reporters dropped a hint that they had a lot of similar stories to tell next year.

10) . . . . . . . . . . . . . . .

The emptiness here is not a mistake. We think it is up to you to choose which report must take the tenth position. What report did you like most of all? We might miss something, mightn't we? Join the conversation on our Facebook group

60 comments:

  1. I found your post so interesting. Thank you for the valuable information.
    opengapps

    ReplyDelete
  2. Thanks for sharing this great content here I love this post very much. blackmart download market helper apk download freestore apk android

    ReplyDelete
  3. شركة كشف تسربات المياة بعنيزة
    شركة مكافحة حشرات بعنيزة
    شركة مكافحة النمل الابيض بعنيزة
    شركة رش مبيدات حشرية بعنيزة
    شركة تنظيف منازل بعنيزة
    شركة تنظيف مجالس بعنيزة
    شركة تنظيف كنب بعنيزة
    شركة تنظيف فلل بعنيزة
    شركة تنظيف شقق بعنيزة
    شركة تنظيف بعنيزة
    تتمتع بان الشركة تستخدم ادوات ومعدات حديثة ومتطورة و تقدم الشركة خدماتها باسعار مناسبة لكل مستويات العملاء و تقدم الشركة باعمال التنظيف بسرعة فى انجاز العمل وتلتزم الشركة بالمواعيد المحددة مع العملاء

    ReplyDelete
  4. If you guys need some decent tips for writing research paper for college, consider reading this blog post. Have a nice day!

    ReplyDelete

  5. Great post ! I am pretty much pleased with your good post.You put really very helpful information


    โปรโมชั่นGclub ของทางทีมงานตอนนี้แจกฟรีโบนัส 50%
    เพียงแค่คุณสมัคร Gclub กับทางทีมงานของเราเพียงเท่านั้น
    ร่วมมาเป็นส่วนหนึ่งกับเว็บไซต์คาสิโนออนไลน์ของเราได้เลยค่ะ
    สมัครสล็อตออนไลน์ >>> goldenslot
    สนใจร่วมลงทุนกับเรา สมัครเอเย่น Gclub คลิ๊กได้เลย

    ReplyDelete
  6. This is really an amazing blog. Your blog is really good and your article has always good thank you for information.

    เว็บไซต์คาสิโนออนไลน์ที่ได้คุณภาพอับดับ 1 ของประเทศ
    เป็นเว็บไซต์การพนันออนไลน์ที่มีคนมา สมัคร Gclub Royal1688
    และยังมีหวยให้คุณได้เล่น สมัครหวยออนไลน์ ได้เลย
    สมัครสมาชิกที่นี่ >>> Gclub Royal1688
    ร่วมลงทุนสมัครเอเย่นคาสิโนกับทีมงานของเราได้เลย

    ReplyDelete
  7. Welcome to my Hair Revital X Review. For all those people above the age of 40 who are losing their hair volume and balding too, the one product which would fix your problems without any side effects is here.

    ReplyDelete
  8. It is advisable for students to seek help from companies offering nursing research paper writing services.

    ReplyDelete
  9. You got a lot of information and tools to hack or work at a big company. Security companies are usually looking for people like you. I am currently working as seo consultant in USA and i think your blog should be more popular. You can get our services on our website if you want to get your blog on googles 1st page by buying back links from us.

    ReplyDelete
  10. Yolo Anonymous Messaging app is a social networking communication app developed by popshow inc. http://www.ejobnotification.com/2019/07/yolo-anonymous-messaging-app-download.html

    ReplyDelete
  11. Apple tech support help you to keep safe your devices and tell gives you information about unauthentic programs by apple tech support.

    ReplyDelete
  12. Acer Support number will provide all support for customer On the other hand, you may have to face a variety of performance problems and issues just dial Acer support phone number.Acer customer service number quick solution.

    ReplyDelete
  13. Alienware support experts who will support you and solve along with shifting lights problems on Alienware devices if you want to take more knowledge just dial our Alienware support phone number +1-855-999-4811.

    ReplyDelete
  14. Gateway desktop computers tend to overheat tendencies,No matter what type of problem you are having with your Gateway computer, to rectify it, Gateway customer service phone number +1-855-999-4811 experts always available just dial Gateway computer customer service phone number.

    ReplyDelete
  15. Students do not have to worry about their Cheap Research Paper Writing Services anymore because our writers are here to provide any Write My Research Papers.

    ReplyDelete
  16. Thanks for sharing such a nice Blog.I like it.
    norton product key

    ReplyDelete
  17. Help for all Microsoft Office Apps. Set up your Office 365 membership. Get help from the master, you can tap on the connection and get the best answer for your concern.
    Office.com/setup
    Office.com/setup

    ReplyDelete
  18. Most Common Types of Cyber Attacks:-
    Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks.
    Man-in-the-middle (MitM) attack.
    Phishing and spear phishing attacks.
    Drive-by attack.
    Password attack.
    SQL injection attack.
    Cross-site scripting (XSS) attack.
    Eavesdropping attack.

    check it here Best Spin Bikes

    ReplyDelete
  19. I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
    Cyber Security Projects for Final Year

    JavaScript Training in Chennai

    Project Centers in Chennai

    JavaScript Training in Chennai

    ReplyDelete
  20. Get simple ways for downloading, installing, activating, and re-installing the Microsoft Office Suite. Get assistance from the expert, you can visit here Office.com/setup
    http://officecom-us.com/
    [url=http://officecom-us.com/]Office.com/setup[/url]

    ReplyDelete
  21. You can install the MS Office setup by visiting http://wwwoffice-office.com/. After the process finish, Enter 25-digit Office product key to activate the software on your device. If you need more help click on the following link.
    Office.com/setup

    ReplyDelete
  22. You can install office setup by visiting official website of MS Office. After the process finish, Enter 25-digit Office product key to activate the software on your device. If need more help click on the following link.
    Office.com/setup

    ReplyDelete
  23. A good article with literary grace, you will have different harvest when you come to read it.
    office setup
    office.com/setup
    www.office.com/setup
    norton setup

    ReplyDelete
  24. Microsoft Office Suite of products developed by Microsoft that includes Microsoft Word, Excel, Access, PowerPoint, and Outlook. To know the amazing benefits of MS word visit here Benifits of using Microsoft Word.

    ReplyDelete
  25. Enjoyed reading through this, very good stuff, thank you for share with us keep moving, waiting for updates.

    thoptv
    GHD SPORTS
    GHD SPORTS Apk
    gomaxtv
    ghd sports
    zan live tv
    thoptv

    ReplyDelete
  26. Trend Micro Internet Security subscription is the single way to download the software on multiple devices through www.trendmicro.com/downloadme . Trend micro has become a superior antivirus program over many antiviruses due to its advanced protection features. trend micro download process becomes easy when you purchase the subscription. But when the subscription expires, the user needs to renew it; otherwise, it won’t protect your device anymore. In this blog, we will discuss how you can renew your Trend Micro Internet Security subscription.

    ReplyDelete
  27. Webroot, a Carbonite company, harnesses the cloud and machine learning to reliably predict and protect against cyberattacks in real time.
    www.webroot.com/secure | webroot.com/secure | Install Webroot With Key Code

    ReplyDelete
  28. AVG Secure is designed to keep your digital info safe and secure. Learn about its pricing, security features, and more in this review.

    www.avg.com/retail |www.avg.com/activate | AVG Download | avg.com/retail

    ReplyDelete
  29. Dragon NaturallySpeaking software is a speech recognition program that allows the user to speak into a microphone on a computer with the software translating
    dragon naturally speaking | dragon naturallyspeaking

    ReplyDelete
  30. Webroot antivirus, internet security, and identity protection. Webroot SecureAnywhere® Mobile Free keeps you secure when browsing, shopping and banking.
    www.webroot.com/secure | webroot.com/secure |
    Install Webroot With Key Code

    ReplyDelete
  31. شركة عزل فوم بالدمام

    شركه عزل فوم بجدة
    شركة عزل اسطح وخزانات بالدمام من مؤسسة رواد الحرمين للخدمات المنزلية كشف تسربات المياه بدون تكسير عزل أسطح مائي حراري فوم مصرح به من شركة الكهرباء.
    تعتبر الشركة رواد الحرمين فى عزل اسطح مبلطة وغير مبلطة بالضمان لاننا نمتلك المواد المستوردة عالية الدقة والجودة فى حماية السطح من التسربات والرطوبة العالية.
    عزل اسطح بالدمام
    يحتاج السطح الى الحماية من التسربات والرطوبة لزيادة العمر الافتراضي له شركة عزل اسطح بالقصيم عنيزة هى الشركة المثالية فى جميع انواع العوازل المائية والحرارية بالضمان الذي يصل الى عشرات السنوات والمتابعة الفورية عند حدوث خلل للسطح الموجود.
    عزل الاسطح بالدمام
    تعتمد شركة عزل بالدمام على افضل مجموعة مهندسين على خبرة كبيرة فى التعامل مع جميع انواع الاسطح والخزانات بمنتهى الدقة.
    مهندسين على مستوى كبير من الخبرة لتنفيذ وقياس جودة السطح باحدث اجهزة الكشف عن الرطوبة العالية والمشاكل الموجودة فى السطح وعلاجها بالمواد الحديثة المستوردة من الخارج.بالضمان من مؤسسة رواد الحرمين المتخصصة فى عزل

    شركه عزل فوم بجدة
    شركة عزل خزانات بالدمام
    هو عزل مائى مستورد من الخارج للحفاظ على الخزان من الشروخ وتراكم المياه الملوثة التى تجلب الجراثيم شركة عزل اسطح بالدمام لديها العمالة المتميزة فى تنظيف وعزل الخزانات العلوية والارضية وعزلها بالمواد المائية بعد التعقيم من الجراثيم.
    احدث معدات وادوات عزل الخزانات الموجودة بالدمام للقيام بتنفيذ العزل المستخدم على السطح المائى والحرارى بالدقة العالية.


    شركه عزل فوم بجدة افضل شركة عزل خزانات بالدمام التى تمتلك افضل المعدات الحديثة والمتطورة والعمالة المدربة على تركيب انواع العزل المستخدم للسطح بالحرفية العالية.
    أفضل المواد المطلوبة فى عزل الخزانات الموجودة بالدمام لدى شركة عزل اسطح بالدمام لحماية وزيادة عمر الخزان الافتراضي.

    شركه كشف تسربات المياه بالاحساء


    شركه عزل فوم بالدمام عزل فوم بعنيزة هو افضل انواع العوازل فى الفترة الاخيرة المستخدم فى حماية الأسطح من الرطوبة العالية وتسربات المياه.
    مادة كويتية الصنع تستخدم بماكينات ضغط الهواء من خلال افضل مجموعة عمل مكونة من فنيين وعمالة مدربة فى تنظيف السطح ورش الفوم علية وتسليك شركة الكهرباء.

    شركه عزل فوم بالجبيل شركة عزل اسطح مبلطة وغير مبلطة بالجبيل تعتبر الرائدة فى جميع انواع العزل الموجود عالى الجودة مستورد من الخارج لحماية المنزل وزيادة العمر الافتراضى للمنزل من النتائج السلبية فى عدم تركيب العزل للاسطح.
    شركة عزل اسطح مائى وحرارى فوم عزل خزانات عزل حمامات عزل أرضيات المنزل قبل البناء بالعزل الحرارى الرول الاسود من شركة

    شركه عزل فوم بجدة

    ReplyDelete
  32. Greetings, I’m John. I’m a writer living in London, UK. I am a fan of technology, writing. You can visit my store.
    Mcafee.com/activate
    Mcafee.com/activate
    Mcafee.com/activate
    Mcafee.com/activate

    ReplyDelete
  33. Greetings, I’m John. I’m a writer living in London, UK. I am a fan of technology, writing. You can visit my store.
    Mcafee.com/activate
    Mcafee.com/activate
    Mcafee.com/activate

    ReplyDelete
  34. McAfee.com/activate - Discover and get McAfee antivirus for your iOS, Android, Windows, or macOS device on www.mcafeeactivatee.uk
    .
    McAfee.com/Activate
    Home.mcafee.com
    Mcafee Login

    ReplyDelete
  35. Epson Printer assistance available 24*7. If you are facing any issues in printer you will get expert assistance through Epson Printer helpline number for fixing all kind of printer related issues within seconds.

    Epson printer support

    ReplyDelete
  36. We will tell you how you can install McAfee.com/activate in your computer. We will help your Macafi product for installation.

    ReplyDelete
  37. Mcafee.Com/Activate – Get started with Mcafee setup with easy steps to download and install on Windows, Mac, iOS, and Android. For activation visit
    mcafee.com/activate

    ReplyDelete
  38. Greetings, I’m John. I’m a writer living in London, UK. I am a fan of technology, writing. You can visit my store.
    Mcafee.com/activate
    Norton.com/setup
    Mcafee.com/activate
    Mcafee.com/activate
    webroot.com/safe

    ReplyDelete

  39. Visit McAfee official website www.mcafee.com/activate. Enter your 25 digits Mcafee activation Product Key Enter your Email and password Click Submit and Log in to your account. Once Logged in, Download your Setup in download folder. Run application to install, you’re all set to go!
    mcafee.com/activate

    ReplyDelete
  40. Protects users personal and confidential information safe in devices. The internet accessing devices need security which trusted mcafee antivirus gives you. With protecting antivirus gives your machine protection from malware, viruses and other harmful infected viruses. Visit
    mcafee.com/activate

    ReplyDelete
  41. eset internet security can be installed quickly on each device if the user follows the correct procedure. You can follow the instructions below to install the setup on your devices such as Windows PC, Mac, or mobile device. www.eset.com/ca/download Best IT security solutions for your home and business devices. Try ESET antivirus and internet security solutions for Windows, Android, Mac or Linux OS.

    ReplyDelete