How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?

Pages

Tuesday, February 24, 2015

PHDays V: Encryption Standards, M&A in Yandex and Chemical Attacks


Early December was marked with Call for Papers opened for everyone willing to speak at Positive Hack Days V. Later we announced the first speakers introducing John Matherly, the creator of Shodan, John Bambenek, a cyber detective, and Chris Hadnagy, a professional social engineer.

The first CFP stage was over at the end of January. Today we present a new portion of reports included in the technical, practical and business program of upcoming PHDays. The forum guests will learn how to fortify a corporate IT system digitally, how to bypass Moscow Metro Wi-Fi authorization, and how attackers exploit vulnerabilities in physical processes.

Yandex: Security for Mergers and Acquisitions

When a company buys another company, nobody ever thinks of a security audit. If, by any chance, it comes to the limelight, the current regulatory requirements alone are analyzed.

Yandex is actively purchasing technological projects all over the world now and then detonating the media scene with news about another grand merger. An information security analyst of the search giant, Natalya Kukanova, will throw light on how and why they included the security audit into the merging processes (M&A). The audience will learn what to check in case of M&A deals, how to organize audit, and how to interpret its results. All bullet points will be exemplified by real Yandex' deals.

Encryption Standards of the Future

Markku-Juhani Saarinen will detail into the NIST-sponsored CAESAR project, which is an international crypto competition aimed at the creation of a new AE security standard instead of AES-GCM (this algorithm was certified by the USA and NATO to handle secret information, but was detected to contain various security problems).

The speaker will acquaint his audience with CAESAR cyphers and consider weak and strong points of the current encryption standards and algorithms in Russia (e.g. the GOST R 34.10-2001 signature algorithm).

Markku-Juhani Saarinen has been studying information security and cryptography and developing cryptographic software for more than 15 years already.

Around OSX Sandbox

Alexander Stavonin will analyze how OSX (a sandbox designed with TrustedBSD) security tools work and how widely they are used by third-party applications. He will demonstrate potential problems and exploitation of TrustedBSD by cybercriminals — all exemplified by the source code.

How to Build a Digital Fortress

An information security and forensics expert from Bulgaria, Alexander Sverdlov, will take his floor at PHDays for the third time (his workshops on cyber forensics attracted a full house in 2013 and 2014) and will teach how to build an impregnable digital fortress. The audience will study how to enhance router protection installing alternative operating systems (Qubes OS, BSD Router project, SRG/STIG), to stop exploits, and to analyze application security.

If Hackers Were Chemists

Researchers and cybercriminals repeatedly demonstrate ways to hack SCADA systems that control electricity, transport and critical infrastructure elements such as chemical plants. However, dealing with such facilities, information security specialists often ignore the role of physical processes.

Such processes (e.g. a chemical reaction) can keep on running despite the actions of cybercriminals with full control over an infrastructure or management system. Yet if malicious users learn to exploit physical conditions, they will be able to affect reaction and process flows. The consequences are threatening: it's not that hard to imagine an explosion on a chemical plant provoked by a temperature monitoring sensor driven mad by a hacker in a cistern with a hazardous substance.

Maryna Krotofil, a Doctoral Candidate at Hamburg University of Technology, will put the audience in touch with the main stages of attacks aimed at destroying a specific physical process.


The second wave of Call for Papers is coming soon. Don't waste your chance to speak for 3,000 participants of Positive Hack Days! The exact dates will be announced in the nearest future. Keep track of the news.

To familiarize yourself with issues touched upon at PHDays, follow our post on the last year's best reports.

35 comments:

  1. I stumbled upon this topic via Google. Very interesting view on subject. Thanks for sharing.

    ReplyDelete
    Replies
    1. An facts protection analyst of the quest large will throw light on how to manage secret records however became detected to comprise We Write Essay diverse protection problems. The target audience will take a look at the way to decorate router safety putting in opportunity running structures.

      Delete
  2. Positive Hack Days is better events for me, because I like all innovate computer systems and also technical programming is extremely important for me. Often I use this site - With our service you will be able to find the best quality proofreader.
    , because of diversity of resources. On the contrary, your сase are nice too!

    ReplyDelete
  3. Book flights using online flight booking service called Google Flights. More info on google flights via www-googleflights.com

    ReplyDelete
  4. You need to examine this blog post if you want to travel cheap. Every good traveler in the world are using it

    ReplyDelete
  5. Thanks for sharing this great content here I love this post very much.clash royale mod apk latest hungry shark evolution mod apk android my talking angela update

    ReplyDelete
  6. Marvelous offer decent to peruse this extremely supportive data for me I am exceptionally cheerful to part of this network continue sharing you may likewise like this
    royal mail courier tracking

    ReplyDelete
  7. My proposal to you is that this: don't put up an undertaking that has 'indifference' written throughout it. your career depends on remarkable grades, and notable grades in flip depend on how nicely best australian assignment help you've got prepared your assignments.

    ReplyDelete
  8. You have access into a lots of music. Create customer playlists. The totally free Spotify users may be downloaded into tablet computer and tablets and cellular users on how to get spotify premium on iphone. Before we get to the part about free premium codes, here is a review of the qualities of all Spotifys different subscription types.

    ReplyDelete
  9. This blog is mention about Chemical Attacks and very informative ForNURS6620 Nursing And Midwifery Therapeutics thanks for sharing.

    ReplyDelete
  10. Take Krogerfeedback Survey & Win 50 Bonus Fuel Points. This Customer Survey is the online Feedback which is initiated by Kroger Store just to improve the standards.

    ReplyDelete
  11. I am glad to see this brilliant post. all the details are very helpful and useful for us, keep up to good work.

    ReplyDelete
  12. Aptoide is the largest independent Android app store and allows one to setup and manage your own Android Store. Upload, test and approve your apps.

    ReplyDelete
  13. Nice information, valuable and excellent design, as share good stuff with good ideas and concepts, jessica alba black leather jacket online lots of great information and inspiration, both of which I need, thanks to offer such a helpful information here.

    ReplyDelete
  14. This comment has been removed by the author.

    ReplyDelete
  15. Download the Best Aptoide. aptoide apk is best alternate of android applications and games.

    ReplyDelete
  16. aptoide is best free application and games platform you should try once.

    ReplyDelete
  17. Awesome blog, thank you so much for sharing this informative blog with us. Visit for dynamic and creative website designing.
    Website Designing Company

    ReplyDelete
  18. There are so many benefits of online assignment help service. Let's talk one by one about the benefits of Online Assignment Help .

    ReplyDelete
  19. That’s a great idea you have, and yes this would make use of the information you have provided us through this blog. I often avail the cdr report writing services of GOASSIGNMENTHELP . They have given me unlimited free assistance for all assignment help

    ReplyDelete

  20. Studies show that around 56% of all students consider their homework as the most primary source of stress in their life. It is no wonder then these students constantly think of ‘who can do my homework ’ in UK. Fortunately for them, we provide expert homework help at very reasonable prices. Recent research has also revealed that on average students between the ages of 6 to 17 have to spend a little more than three and a half hours each day of their school life doing homework. Our aim is to cut the time you spent doing your homework by more than a half by offering homework online services in UK to students. We offer you with several extraordinary benefits that make us the best choice for you. Homework help uk

    ReplyDelete
  21. Nice blog, thanks for sharing. Visit mutual fund wala and know how to invest in mutual fund wala and get profit.
    Mutual Fund Companies

    ReplyDelete
  22. Wow, it was great to hear it and thanks for sharing this great post and well informative
    Kmart Coupon Code 2019

    ReplyDelete
  23. My Assignment Services is an effective provider of Online Assignment Help and online tutoring services from last decade. They are constantly increasing their horizon by expanding their services to suit the demands of students across the world. They have more than 2000 experts who are constantly on top of their expertise to bring them a much experienced Property law assignment help to students. This is the reason students rely so much on our finance assignment help experts world-wide. So, send in all your queries to us and see them being solved by us in no time. My Assignment Services has been the leading Assignment Help USA organisation globally. With providing assistance with a wide range of topics, we also specialise in providing helpful samples and reference assignment solutions too. So, contact us for any help, in any subject. Moreover, our writers ensure that each assessment task is drafted exactly according to the marking rubric and adheres the guidelines as provided by your lecturer. My Assignment Services is an erudite firm that works with an aim of providing utmost satisfaction to their clients. The assignment assistance is available for all 24 hours and you can chat with our expert any time of the day or night. With 100% plagiarism-free solutions, time-delivery, and in-depth check up of grammatical errors, students can easily score well with our Thesis Writing Service Australia.

    ReplyDelete
  24. We know how difficult coursework assignments can be and how much effort is required from your part to produce great assignments. However, with us at your service, you do not have to take any stress. We offer coursework assistance so that you can cope with them efficiently. Our experts take care of all the requirements and deliver you with an excellent assignment that is sure to impress your teachers.

    Coursework help

    ReplyDelete
  25. Students can easily collect accounting assignment help services from the professional experts of StudentsAssignmentHelp.com. Our team and the experts have gained great knowledge in completing all your task accurately and in the asked format.

    ReplyDelete
  26. Kaspersky and Bitdefender have almost the same list of features. The biggest difference is where they introduce them. You get more for less with Bitdefender, but at the cost of core security features such as a firewall.

    ReplyDelete
  27. Under particular schemes a pool of investors invests their money. Visit mutualfundwala for the best mutual fund schemes.
    Mutual Fund Advisor

    ReplyDelete