How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?


Wednesday, February 25, 2015

What's New in the PHDays Program: supercomputer protection, iOS security, exploit selling

The first stage of Call for Papers has finished recently and we'd like to announce another batch of reports that will be presented on May 26 and 27 at PHDays V (you can find the first announcement on our blog). Speakers will discuss how to improve iOS application security and what hackers find attractive about supercomputers. They will also address the relationship between sellers and buyers of zero-day vulnerability exploits.

Debugging automation

Alexander Tarasenko's report is devoted to debugging automation using WinDbg. Attendees will gain skills in writing scripts using the built-in WinDbg's engine, and also in Python and Pykd extension. The report will be interesting for code researchers and developers of software that requires uncommon debugging tools.

iOS security

Prateek Gianchandani, a member of OWASP and an information security engineer at Emirates, will lead a hands-on lab on developing exploits for iOS applications. During the demonstration, the speaker will use his own application with typical vulnerabilities. Participants will learn how to improve iOS applications' security level at the stage of development. Upon the introductory part, participants will try to test iOS applications by themselves.

On guard of supercomputers

Felix Wilhelm and Florian Grunow from ERNW, a German infosec company, will tell about the IBM General Parallel File System, abouts its architecture and vulnerabilities. The system is used in certain known supercomputers (such as IBM Watson), which makes it a prime target for attackers aiming at both data stored in the file system and the system's powerful resources. The speakers will demonstrate the exploitation of two security bugs in IBM GPFS.

Exploit selling

Alfonso De Gregorio, the founder of BeeWise and chief consultant at secYOUre, will speak about the relationship between sellers and buyers of zero-day vulnerability exploits, about morals in the exploit market.

Hash hacking at fifth gear

Alexey Cherepanov took part in the development of John the Ripper and maintains its GUI interface. He will tell us how to speed-up hash hacking by using code generation methods.

Fast and useful

In addition to standard reports the PHDays V program includes an extensive FastTrack that involves informative and dynamic short speeches.

Sergey Kharkov, a specialist at National Research Nuclear University MEPhI, will tell attendees how to tap a GSM-based phone by attacking a GSM network and replacing the base station.

Moreover, Sylvain Pelissier, a cryptologist and a security engineer at Kudelski Security, will show how sometimes file encryption tools allow cracking user passwords.

During Denis Gorchakov's presentation, the audience will learn how to prevent payment fraud. He will speak about a hardware and software system for virus analysis, detection of botnet control centers and data collectors.

The second stage of Call for Papers started on February 16. It will last till March 31, so you still have a chance to become a speaker at PHDays this year.

We also invite you to participate in CFP launched by our partner, the HITB conference.

We look forward to seeing you at Positive Hack Days V!


  1. There are so much program are associated with New in the PHDays.supercomputer protection, iOS security, exploit selling are most important parts in the PHDays.I am very thank full to you for providing such a great information here.It's really helps me to handle my research work.

  2. Hello Guys, I am glad to inform you that here we are going to provide you the best site for play tank trouble game free online and these games are of tanks. You can play these games online without facing any type of error or language barrier and these games are available in various varieties. You can play these games with the help of keys and these games can be played in your PC or Android phones at anywhere and at any time. Check out these games for once.

  3. Movies are something which we all like, so watch them for free on movies123 and 123movies

  4. Some info on how to study for exams you will find in this blog post. I think every teacher should check out this info beforehand

  5. Employees Provident Fund or EPF India is a part of your salary which is deducted every month to promote retirement saving habits across the nation. The amount that is deducted for the fund is based on a fixed rate, and the contributors can also earn a certain amount of interest in their respective EPF balance.

  6. VivaVideo for ios is ready to use the video editing application that comes with many editing and customizing options. This is the professional-grade tool which can improvise the overall quality of videos and images to FX format settings.

  7. TutuApp is the most trending and widely used application that allows you to download all the paid apps and games on your device for free. This application is free to download on all iOS and Android devices and you can get access to all the paid apps and games for free with TutuApp.

  8. Free download and install and with the help you can save the hd videos from the internet. Visit vidmate for download ...

  9. Be that as it may, as indicated by me, Tutu App Hack nobody might want to spend a dime only to download Tutu apk on your gadget.

  10. You can get latest apps and games free for ios and Android devices from Tutuapp appstore. No need jailbreak or iOS ID to install this cool app.

  11. The IP address is the default private IP address for some home broadband routers and broadband modems. Common routers or 192.168.o.1 admin modems that use this IP include 2Wire, Aztech, Billion, Motorola, Netopia, SparkLAN, Thomson, and Westell modems for CenturyLink.