How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?

Pages

Wednesday, February 17, 2016

Introducing PHDays VI Reports: How to Hack a Fare Card, Set Up a Honeypot, and Sell Vulnerabilities


On January 31, the first wave of applications to join Positive Hack Days was completed. The forum on information security will take place on May 17 and 18, 2016, at the Moscow World Trade Center. If you want to take part in the forum, you can apply in the near future: the second wave of Call for Papers will hit on February 17 and will last till March 31.

For now, we will announce the first participants enrolled in the Tech program. PHDays attendees will learn how to snatch a large sum at Microsoft and test transport systems security with a smartphone, and know the ins and outs of the zero-day vulnerability market.

Honeypot

Terrence Gareau, a recognized expert in DDoS attack mitigation, prevention, and recovery, will make his debut at PHDays. He will outline how to develop a honeypot network and produce a data feed that can be used to protect online assets with Kibana, Elasticsearch, Logstash, and AMQP. Terrence Gareau will open-source a monitoring system (a project his team has been developing for the last two years) for reflective DDoS statistics that are external to any specific network.

Reward chasers, or Who is who in the exploit market
Alfonso De Gregorio, the founder of BeeWise and a principal security researcher at secYOUre, will speak at the international forum for the second time. He will continue the topic of the previous talk, exploit selling. Alfonso will speak about the vulnerability supply chain's participants, zero-day exploits brokers, and ethical questions that arise in the business.

How to make a lifelong travel card

Matteo Beccaro, an Italian security researcher, will talk about transportation security, frauds, and technological failures. The speaker will cover some severe vulnerabilities in real-world transportation systems based on NFC technologies and introduce an open-source application designed to pentest such systems via a smartphone. The talk will attract both professional and amateur pentesters.

Web application security with JavaScript

Client-side JavaScript injection may be used to detect and prevent various attacks, search for vulnerable client components, detect leakage of data about web app infrastructure, and find web bots and malicious tools. The Positive Technologies experts Denis Kolegov and Arseny Reutov will show how to ensure application security with JavaScript share their own injection detection methods that employ syntax analyzers without signatures or filtering regular expressions. They will also discuss implementation of client-side JS honeypot to capture SSRF, IDOR, command injection, and CSRF attacks.

How to snatch a large sum at Microsoft 

Until recently, Microsoft refused to launch a bug bounty program despite the fact that it has become a customary practice for competitors. Now, however, Microsoft pays researchers for certain types of vulnerabilities from USD 100 up to USD 100,000. Several recent exciting changes to the Microsoft Bounty Program include the competitive aspect of listing out its Top 100 finders.

Jason Shirk, the principal security strategist for MSRC, will explain how the MSRC works with researchers, what bounties are available, and what other rewards can be earned. He will also uncover some secrets behind big bounties that have been paid.

The complete list of reports will be available on the PHDays official site in April. To participate for free, you can present your report on information security or to take part in one of the forum's hacking contests or in the cyberpunk short-story competition. You can also buy a ticket to get to PHDays. Starting from February 15, the price for the full 2-day conference registration will be 9,600 rubles and 7,337 rubles for one day. On March 1, the cost will go up to 14,400 and 9,600 rubles respectively.

51 comments:

  1. I was reading your article and wondered if you had considered creating an ebook on this subject. Your writing would sell it fast. You have a lot of writing talent.

    gift basket themes

    ReplyDelete
  2. I was reading your article and wondered if you had considered creating an ebook on this subject. Your writing would sell it fast. You have a lot of writing talent.

    gift basket themes

    ReplyDelete
  3. I am unable to read articles online very often, but I’m glad I did today. This is very well written and your points are well-expressed. Beer gifts for him

    ReplyDelete
  4. What an interesting program! I'd love to visit it so much - it seems to me that it was a real feast of interesting and useful information.
    Thank you for posting!

    ReplyDelete
  5. Really Nice post,today i also become to know Windows Zero Day Vulnerability have founded and hackers are selling it for $90,000.

    ReplyDelete
  6. This idea is mind blowing. I think everyone should know such information like you have described on this post. Thank you for sharing this explanation.Your final conclusion was good. We are sowing seeds and need to be patiently wait till it blossoms.

    Digital marketing company in Chennai

    ReplyDelete
  7. Wow! This kind of awesome as well as valuable submit that is. I seriously love that. It truly is so competent therefore great. We are simply astonished. Lets hope that you simply carry on and carry out your hard work in this way sometime soon likewise. Anand Mishra

    ReplyDelete
  8. thank you for sharing such a nice and interesting blog with us. hope it might be much useful for us. keep on updating...
    ROI Services in Chennai

    ReplyDelete
  9. I just see the post i am so happy the post of information's.So I have really enjoyed and reading your blogs for these posts.Any way I’ll be subscribing to your feed and I hope you post again soon.

    PPC Services in Chennai

    ReplyDelete
  10. Truely a very good article on how to handle the future technology. After reading your post,thanks for taking the time to discuss this content.
    Best Dot Net Training Institutes in Chennai

    ReplyDelete
  11. I feel happy about and I really like this learning more about this topic. keep sharing your information regularly for my future reference.


    Dot Net training in chennai

    ReplyDelete
  12. Thanks for sharing article like this. The way you have stated everything above is quite awesome. Keep blogging like this. Thanks a lot.



    Java training in chennai

    ReplyDelete
  13. Superb. I really enjoyed very much with this article here. Really it is an amazing article I had ever read. I hope it will help a lot for all. Thank you so much for this amazing posts and please keep update like this excellent article.thank you for sharing such a great blog with us. expecting for your.
    seo company in india

    ReplyDelete
  14. It’s really amazing that we can record what our visitors do on our site. Thanks for sharing this awesome guide. I’m happy that I came across with your site this article is on point,thanks again and have a great day. Keep update more information..


    Tooth Braces In Chennai

    Dental Hospital in Chenna


    ReplyDelete
  15. Wow amazing i think these are the mistakes i have repeatedly doing when writing with the content. Especially by checking with the spelling i am spending much time. And some distractions likewise you are telling by checking with the email and so on. I hope it will be useful for me in future. Please keep update like this


    MSBI Training in Chennai

    Informatica Training in Chennai

    ReplyDelete
  16. Great articles, first of all Thanks for writing such lovely Post! Earlier I thought that posts are the only most important thing on any blog. But here a Shout me loud found how important other elements are for your blog.Keep update more posts..

    SEO Company in India|Digital Marketing Company in Chennai

    ReplyDelete
  17. Good website! I really love how it is simple on my eyes and the data are well written

    ReplyDelete
  18. Interesting blog about PHdays vi report which attracted me more.Spend a worthful time.keep updating more.
    SEO Company in India

    ReplyDelete
  19. Thank you for taking the time and sharing this information with us. It was indeed very helpful and insightful while being straight forward and to the point.
    mcdonaldsgutscheine | startlr | saludlimpia

    ReplyDelete
  20. Thank you for giving this great information. its very important for everyone.To complete your assignment in Austraila at time in cheaper price visit our site www.australiaassignmenthelp.com and take opportunity to complete your home work at fix time from Assignment Expert team.

    ReplyDelete
  21. Thank you for such a detailed report. unfortunately I could not attend there

    ReplyDelete
  22. Really it was an awesome article...very interesting to read..You have provided an nice article....Thanks for sharing..
    Android Training in Chennai
    Ios Training in Chennai

    ReplyDelete
  23. I got lot of informations from your blog.Please keep us informed like this.And thanks for sharing!!!
    Seo Company in Chennai
    Digital Marketing Company in Chennai

    ReplyDelete
  24. These are very simple and very much useful, as a beginner level these helped me a lot thanks fore sharing these kinds of useful and knowledgeable information.
    Seo Company in Chennai
    Digital Marketing Company in India

    ReplyDelete
  25. Thanks for sharing the info, keep up the good work going.... I really enjoyed exploring your site. good resource

    ReplyDelete
  26. Hey These Is alan Our adventure and travel blog is the place we publish our adventures, travel tips & so much more.
    mumbai to shirdi taxi

    ReplyDelete
  27. Tanks for your artile. By the way, I recently ordered an essay on this topic, here https://ferdigskrevet.com/

    ReplyDelete
  28. These are very simple and very much useful, as a beginner level these helped me a lot thanks fore sharing these kinds of useful and knowledgeable information.

    ReplyDelete
  29. The principal security strategist for MSRC, will explain how the MSRC works with researchers, what bounties are available, and what other rewards can be earned.

    Looking to download safe free versions of the latest software, freeware, shareware and demo programs from a reputable download site? Visit 7Downloads today.

    ReplyDelete
  30. <a href="https://google.com>google</a>

    ReplyDelete
  31. Learned a lot of new things from your post! Good creation and HATS OFF to the creativity of your mind. Very interesting and useful blog!
    Informatica Training in Chennai
    SAS Training in Chennai
    Informatica Training Institute in Chennai

    ReplyDelete
  32. This comment has been removed by the author.

    ReplyDelete
  33. Academic writing is clear, concise, focussed, structured and backed up by evidence. Its purpose is to aid the reader’s understanding.

    It has a formal tone and style, but it is not complex and does not require the use of long sentences and complicated vocabulary.

    Each subject discipline will have certain writing conventions, vocabulary and types of discourse that you will become familiar with over the course of your degree. However, there are some general characteristics of academic writing that are relevant across all disciplines.
    Read more about academic writing at Oxford Style of Writing

    ReplyDelete
  34. Hello guys do you know that going through a review of websites will give you much insight about it which you can’t know by simply visiting it,Here is the Allassignmenthelp.com Reviews that reviews the website and provides you the best website .

    ReplyDelete
  35. All Assignment Help is a web portal where students get help in making assignments for all the subjects, with the help of our experts. You will get 100% plagiarism free assignment. Expert’s consultation is also available for students. If they have any query they can contact with our experts anytime.
    Law assignment help
    Programming Assignment help

    ReplyDelete
  36. Get Good Marks in pay for assignments services at an affordable price from the experts of Students Assignment Help which is the most trusted global assignment help company. Our expert writers always strive hard to help students with their assignment writing.

    ReplyDelete
  37. Muy buen trabajo, la verdad es que me encanta buscar aplicaciones que puedan escuchar música sin conexión a Internet y descargarlas en mi dispositivo Android es por eso que llevo utilizando Invenio Carmen para descargar música gratuitamente

    ReplyDelete
  38. If you feel that you need help when it comes to writing sociology papers then we could help you. Here at sociology papers we have some of the best professional writers that are ready and waiting to make your academic writing very much easier. In fact, we can take all the stress and hard work out of writing, so that you are free to get on with whatever else you choose to do
    You may decide to try and buy a sociology research paper online somewhere but you need to be aware of some things. Those sites will offer sociology papers for sale but they have been sold to hundreds of other people. You have no idea where those papers came from and who wrote them. You do not know the academic level of the writer and chances are you will have to spend time tweeking the paper to your professor’s specifications. For that kind of hassle you might as well just write the paper yourself.

    ReplyDelete
  39. Maybe u will in interest in some custom essay writing service

    ReplyDelete