How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?


Wednesday, February 17, 2016

Introducing PHDays VI Reports: How to Hack a Fare Card, Set Up a Honeypot, and Sell Vulnerabilities

On January 31, the first wave of applications to join Positive Hack Days was completed. The forum on information security will take place on May 17 and 18, 2016, at the Moscow World Trade Center. If you want to take part in the forum, you can apply in the near future: the second wave of Call for Papers will hit on February 17 and will last till March 31.

For now, we will announce the first participants enrolled in the Tech program. PHDays attendees will learn how to snatch a large sum at Microsoft and test transport systems security with a smartphone, and know the ins and outs of the zero-day vulnerability market.


Terrence Gareau, a recognized expert in DDoS attack mitigation, prevention, and recovery, will make his debut at PHDays. He will outline how to develop a honeypot network and produce a data feed that can be used to protect online assets with Kibana, Elasticsearch, Logstash, and AMQP. Terrence Gareau will open-source a monitoring system (a project his team has been developing for the last two years) for reflective DDoS statistics that are external to any specific network.

Reward chasers, or Who is who in the exploit market
Alfonso De Gregorio, the founder of BeeWise and a principal security researcher at secYOUre, will speak at the international forum for the second time. He will continue the topic of the previous talk, exploit selling. Alfonso will speak about the vulnerability supply chain's participants, zero-day exploits brokers, and ethical questions that arise in the business.

How to make a lifelong travel card

Matteo Beccaro, an Italian security researcher, will talk about transportation security, frauds, and technological failures. The speaker will cover some severe vulnerabilities in real-world transportation systems based on NFC technologies and introduce an open-source application designed to pentest such systems via a smartphone. The talk will attract both professional and amateur pentesters.

Web application security with JavaScript

Client-side JavaScript injection may be used to detect and prevent various attacks, search for vulnerable client components, detect leakage of data about web app infrastructure, and find web bots and malicious tools. The Positive Technologies experts Denis Kolegov and Arseny Reutov will show how to ensure application security with JavaScript share their own injection detection methods that employ syntax analyzers without signatures or filtering regular expressions. They will also discuss implementation of client-side JS honeypot to capture SSRF, IDOR, command injection, and CSRF attacks.

How to snatch a large sum at Microsoft 

Until recently, Microsoft refused to launch a bug bounty program despite the fact that it has become a customary practice for competitors. Now, however, Microsoft pays researchers for certain types of vulnerabilities from USD 100 up to USD 100,000. Several recent exciting changes to the Microsoft Bounty Program include the competitive aspect of listing out its Top 100 finders.

Jason Shirk, the principal security strategist for MSRC, will explain how the MSRC works with researchers, what bounties are available, and what other rewards can be earned. He will also uncover some secrets behind big bounties that have been paid.

The complete list of reports will be available on the PHDays official site in April. To participate for free, you can present your report on information security or to take part in one of the forum's hacking contests or in the cyberpunk short-story competition. You can also buy a ticket to get to PHDays. Starting from February 15, the price for the full 2-day conference registration will be 9,600 rubles and 7,337 rubles for one day. On March 1, the cost will go up to 14,400 and 9,600 rubles respectively.


  1. I was reading your article and wondered if you had considered creating an ebook on this subject. Your writing would sell it fast. You have a lot of writing talent.

    gift basket themes

  2. I was reading your article and wondered if you had considered creating an ebook on this subject. Your writing would sell it fast. You have a lot of writing talent.

    gift basket themes

  3. I am unable to read articles online very often, but I’m glad I did today. This is very well written and your points are well-expressed. Beer gifts for him

  4. What an interesting program! I'd love to visit it so much - it seems to me that it was a real feast of interesting and useful information.
    Thank you for posting!

  5. Really Nice post,today i also become to know Windows Zero Day Vulnerability have founded and hackers are selling it for $90,000.

  6. This idea is mind blowing. I think everyone should know such information like you have described on this post. Thank you for sharing this explanation.Your final conclusion was good. We are sowing seeds and need to be patiently wait till it blossoms.

    Digital marketing company in Chennai

  7. Wow! This kind of awesome as well as valuable submit that is. I seriously love that. It truly is so competent therefore great. We are simply astonished. Lets hope that you simply carry on and carry out your hard work in this way sometime soon likewise. Anand Mishra

  8. thank you for sharing such a nice and interesting blog with us. hope it might be much useful for us. keep on updating...
    ROI Services in Chennai

  9. I just see the post i am so happy the post of information's.So I have really enjoyed and reading your blogs for these posts.Any way I’ll be subscribing to your feed and I hope you post again soon.

    PPC Services in Chennai

  10. Truely a very good article on how to handle the future technology. After reading your post,thanks for taking the time to discuss this content.
    Best Dot Net Training Institutes in Chennai

  11. I feel happy about and I really like this learning more about this topic. keep sharing your information regularly for my future reference.

    Dot Net training in chennai

  12. Thanks for sharing article like this. The way you have stated everything above is quite awesome. Keep blogging like this. Thanks a lot.

    Java training in chennai

  13. Superb. I really enjoyed very much with this article here. Really it is an amazing article I had ever read. I hope it will help a lot for all. Thank you so much for this amazing posts and please keep update like this excellent article.thank you for sharing such a great blog with us. expecting for your.
    seo company in india

  14. It’s really amazing that we can record what our visitors do on our site. Thanks for sharing this awesome guide. I’m happy that I came across with your site this article is on point,thanks again and have a great day. Keep update more information..

    Tooth Braces In Chennai

    Dental Hospital in Chenna

  15. Wow amazing i think these are the mistakes i have repeatedly doing when writing with the content. Especially by checking with the spelling i am spending much time. And some distractions likewise you are telling by checking with the email and so on. I hope it will be useful for me in future. Please keep update like this

    MSBI Training in Chennai

    Informatica Training in Chennai

  16. Great articles, first of all Thanks for writing such lovely Post! Earlier I thought that posts are the only most important thing on any blog. But here a Shout me loud found how important other elements are for your blog.Keep update more posts..

    SEO Company in India|Digital Marketing Company in Chennai

  17. Good website! I really love how it is simple on my eyes and the data are well written

  18. Interesting blog about PHdays vi report which attracted me more.Spend a worthful time.keep updating more.
    SEO Company in India

  19. Thank you for taking the time and sharing this information with us. It was indeed very helpful and insightful while being straight forward and to the point.
    mcdonaldsgutscheine | startlr | saludlimpia

  20. Thank you for giving this great information. its very important for everyone.To complete your assignment in Austraila at time in cheaper price visit our site and take opportunity to complete your home work at fix time from Assignment Expert team.

  21. Thank you for such a detailed report. unfortunately I could not attend there

  22. Really it was an awesome article...very interesting to read..You have provided an nice article....Thanks for sharing..
    Android Training in Chennai
    Ios Training in Chennai

  23. I got lot of informations from your blog.Please keep us informed like this.And thanks for sharing!!!
    Seo Company in Chennai
    Digital Marketing Company in Chennai

  24. These are very simple and very much useful, as a beginner level these helped me a lot thanks fore sharing these kinds of useful and knowledgeable information.
    Seo Company in Chennai
    Digital Marketing Company in India

  25. Thanks for sharing the info, keep up the good work going.... I really enjoyed exploring your site. good resource

  26. Hey These Is alan Our adventure and travel blog is the place we publish our adventures, travel tips & so much more.
    mumbai to shirdi taxi