CNCF provides great solutions for managing security of Kubernetes Environment, like OPA and Kyverno for Policies, but what about threats or strange behaviours that may happen inside running containers? In your Cloud account? In the SaaS you use? Falco, the runtime security engine provides a way to detect all these patterns by analysing syscalls with […]
Read moreJavaCrypto is easy-to-use, light-weight, modern library for all core cryptographic operations needed to build higher-level cryptographic tools. It’s a drop-and-hook bundle of APIs responsible for performing various cryptographic primitives, such as encryption, decryption, digital signatures, password storage etc in the most secure way possible while using Java Cryptography Architecture (JCA). Why do we need this […]
Read moreAt SecTor 2021, as part of the IoT Hack Lab, I demoed a new toy I was working on – a Raspberry Pi Pico that would emulate an HID when plugged into a device and issue commands. I called it my poor person’s USB Rubber Ducky. The demo was a hit and numerous people were […]
Read moreThe COVID-19 pandemic helped the cyber insurance industry make record-breaking revenue growth in 2020. But it also saw record profit loss. This decline led insurance companies to alter their client coverage requirements, placing stricter cybersecurity conditions for eligibility. This session will dive into what organizations need to do in order to meet these requirements. The […]
Read moreVirtualization and containers are the foundations of cloud services. Containers should be isolated from the real host’s settings to ensure the security of the host. In this talk we’ll answer these questions: “Are Windows process-isolated containers really isolated?” and “What can an attacker achieve by breaking the isolation?” Before we jump into the vulnerabilities, we’ll […]
Read moreSince the proliferation of data science applications in cyber security, there has been a complimentary division in the approaches to threat detection: Traditional and Machine Learning (ML). The traditional approach remains the predominate method in cyber security and is primarily based on identifying indicators-of-compromise via known signatures. On the other hand, ML applications are focused […]
Read moreData poisoning is one of the main threats on AI systems. When malicious actors have even limited control over the data used for training a model, they can try to fail the training process, prevent it from convergence, skewing the model or install so-called ML backdoors – areas where this model makes incorrect decisions, usually […]
Read moreMore organizations are applying a DevOps methodology to optimize software development. One of the main tools used in this process is a continuous integration (CI) tool that automates code changes from multiple developers working on the same project. In 2019, GitHub released its own CI tool called GitHub Actions. According to GitHub, GitHub Actions help […]
Read moreSecurity researchers love talking about critical infrastructure. Power grids and pipelines! Transportation systems and communication networks! IoT and ICS! Medical devices and smart cities! Why aren’t people talking about food production? You all like to eat, right? Agriculture 4.0 is a few years old at this point. Smart farms and precision agriculture are becoming much […]
Read moreRemote Desktop Protocol (RDP) is the de facto standard for remoting in Windows environments. It grew in popularity over the last couple of years due to the pandemic. In addition to system administrators, many remote workers are now relying on it to perform duties on remote systems. RDP is secure when well deployed but, unfortunately, […]
Read moreTraining a model using Natural Language Processing (NLP) is challenging. Training one adapted to the unique vocabulary of malicious actors becomes even more difficult. This complex process highlights the need of having a continuously adaptive lexical able to follow new trends in illicit communities. To overcome the challenge of the distinct vocabulary used by malicious […]
Read morePersistence is one of the main aspects that hackers pay special attention to during the malware development and during the attack phase. The goal is very simple: to be as stealth as possible. Usually, attackers aim to maintain the presence in the target’s network by installing malware on various workstations and servers. However, the main […]
Read moreBots are software’s that automate web requests for various tasks without human intervention. Some are beneficial for the Internet but many of them represent a plague for ecommerce websites. Bad bots traffic represents around a quarter of the whole Internet traffic today and is predicted to increase. This traffic includes website content scanning, stolen credit […]
Read moreDid you know OWASP Application Security Verification Standard (ASVS) can be used as a set of application security requirements? Do you know what the Security Knowledge Framework (SKF) is, and how you can use it to manage your application security requirements and train developers? Are you curious what it takes to deploy a containerized application […]
Read moreWith the increasing popularity of games having a competitive element, cheats have become a common method for hackers to gain an advantage. These cheats could range from a sniper bullet that felt just a little too accurate to a player teleporting across the map, and chances are that you must have been outsmarted by some […]
Read moreMalware is one of the prevalent security threats. Sandboxes and, more generally, instrumented environments play a crucial role in dynamically analysing malware samples, providing key threat intelligence results and critical information to update detection mechanisms. In this talk, we will analyse the evasive behaviours employed by malware authors to hide the malicious activity of samples […]
Read moreThe Civil Aviation sector is transforming itself to the next generation of digital technologies that will thrust it to the next stage of autonomous systems onboard aircrafts, including 5G service in the cabin, preventive maintenance, etc. Now that we are here, it’s time to perform not only the safety of the flight but security of […]
Read moreThe traditional approach to quality assurance (QA) was disrupted when the Agile movement caused most development teams to start taking at least partial ownership of the quality of their products. The cloud-native and DevOps movements similarly disrupted traditional IT Ops. These were not mere shifts to the left, they all involved fundamental changes to mindset, […]
Read moreIn recent years, with the wake of numerous attacks, there has been a push to understand the risks posed by smart devices. While helping revolutionize the way the world operates, the innovation and convenience has often overshadowed – and sometimes completely – their security implications. This talk discusses the evolution of the ‘traditional’ device profiles […]
Read moreInformation security practitioners pride themselves on precision and attention to detail. We cringe at slick catchphrases. Yet there’s something that continues to elude many: what OPSEC really means, and where it applies. It’s time to change that. Delve into the history and evolution of Operations Security, gain familiarity with OPSEC assessment, analysis, and measures, and […]
Read moreCompromised credentials have been APT groups’ favorite tool for accessing, propagating and maintaining access to their victims’ networks. Consequently, aware defenders mitigate this risk, by adding additional factors (MFA), so no secret is a single point of failure (SPOF). However, the systems’ most lucrative secrets, their “Golden Secrets”, are still a SPOF and abused in […]
Read moreBrand impersonation is a key attack strategy in which a malicious user crafts content to look like a known brand to deceive a user into entering sensitive information, such as account passwords or credit card details. To address this issue, we developed and trained a Siamese Neural Network on labeled images to detect brand impersonation. […]
Read moreThis past year has proved the point that advanced nation-state backed threat actors are increasingly investing their time and money to develop novel ways to access the cloud. These actors are especially interested in Microsoft 365, where more and more organizations are collaborating and storing some of their most confidential data. Especially for threat groups […]
Read moreAs the founder of both the Defcon and Blackhat events, Jeff has been around the security community since the early days. When Defcon started some 30 years ago, the security community had a rather unique culture, composition and approach. What can we learn from our past? What attributes do we need to hold on to […]
Read moreThe challenges facing today’s CISO and corporate cyber teams are daunting. Cyber Security partners now number in the 100s and product options seem to be 10 times that. The only thing that is certain is that the number of threats and attacks are increasing at an alarming rate. There was a time when you could […]
Read moreOrganizations spend millions of dollars in their Cybersecurity Program building governance programs and enhancing security operations, however major incidents still happen. We know you can never have 100% assurance and a new security technology is not always the solution, but how do you explain that to the Board and Senior Executives who received regular updates […]
Read moreData is the currency of the 21st century, and as true as this is for organizations, it also trickles down to the security team. There’s a delicate balance between collecting too much and not enough data. Too much data, and your SOC is sifting through endpoint, application and network logs for days on end. Not […]
Read moreThe vast majority of code in modern applications is made up of open-source components. This allows developers to focus on value-generating features and not on scaffolding and foundations. The challenge is that this scaffolding is not free like a lunch. It’s free like a puppy. That means that not only should you be careful in […]
Read moreDo you have any idea how much time it will take to scan, identify, and secure every organization file containing sensitive information? Me neither, data are everywhere! You can’t mitigate data exfiltration with an IT tool. It’s an enterprise initiative to detect and respond to broken business processes and irregular activities. In this session, we’ll […]
Read moreCarding is one of the earliest forms of cybercrime. Since the 1980s, cybercriminals have developed various fraud tactics to steal and monetize credit card information. To prevent these types of attacks, financial institutions have developed anti-fraud measures to detect and prevent fraudulent transactions. These security precautions include checking various parameters like IP address, operating system, […]
Read moreThe way we move our mouse, use our keyboard, and touch our phones is unique to us. Behavioral biometrics allows security systems to identify computer users across a wide variety of devices uniquely. While AI can help secure computer infrastructure, they are vulnerable to data-based type attacks. By capturing user interaction data, an attacker may […]
Read moreThe decisions made in the seconds, minutes, and hours of a security breach carry long-term operational, legal, regulatory, and public relations repercussions. Making the wrong move in the heat of the moment can cost a fortune; it can even end a career. Featuring real-world best practices from the breach response team responsible for defending hundreds […]
Read moreDuring these years when a holiday just can’t be any scarier than the other 364 days, it’s easy to forget that some spectres aren’t what they seem. Some of them are Old Lady Nather under the ghost sheet. Others are clowns, but not the kind that inhabits your nightmares, just the expo halls. If you’ve […]
Read moreBridge the Gap Between IT Security and Infrastructure Teams and Unify Your Security Efforts with a Vulnerability Management Solution. Chances are you know Tripwire as the progenitor of file integrity monitoring. But over the course of Tripwire’s history, we’ve focused on how we can help security teams maximize their productivity to more effectively address today’s […]
Read moreOver the last five years, we have publicly disclosed the details about dozens of software vulnerabilities with varying degrees of severity and their effect on a wide range of vendors including Oracle, Pulse Secure, Microsoft, Antidote, and Akamai. We have acquired hard-earned experience on the difficulty faced dealing with clients and vendors, the risks and […]
Read moreResponding to security incidents and vulnerabilities is an ongoing process which becomes increasingly more difficult to manage in a Hybrid environment. Reacting too slowly to a critical incident or vulnerability can have drastic consequences, but how do we make sure that we are working on the most critical threats first? Join us to learn how […]
Read moreWith employees working remotely, the amount of data that flows through the cloud is exploding. The classic paradigm of corporate perimeters and traditional network architecture is now a thing of the past. Keeping up with this evolution is imperative and organizations are looking to implement an agile and holistic threat defense. SASE is a security […]
Read morePerennial threats like ransomware have evolved to hold pace with our adoption and migration to cloud. They have continued to be a thorn in our sides even as platforms and user behaviour has changed. While cloud and malware security solutions have a major part to play, there is also a less intuitive initiative that has […]
Read moreThis talk will uncover the amazing detection capability available from Azure AD Reports and how any organization can utilize it in the most efficient ways to help detect malicious actors. On top of that, the talk will walk attendants through a tool that can be used to help threat hunters and analysts anywhere to work […]
Read moreRogue digital cinema server A15591 hadn’t just been modified to unlock encrypted feature films before release – it gave rise to a sprawling, parallel theatre distribution operation, one with its own insiders and security. How was it possible to unravel the heavily protected path from post-production to silver screen? Why did the scheme fail? At […]
Read moreThis presentation will discuss how reliance on cloud services and traditional hardening practices leads to increased successful attacks. We’ll look at how even non-APT attackers now invest more time and effort into creating custom malware, and we’ll discuss the solution to how companies can adjust their security posture to address cloud environments’ continuously changing threat […]
Read moreThe threat landscape is expanding, even though the cybersecurity community enhances the efforts to address cyberattacks. The majority of cyberattacks begin with a spear-phishing email, which is commonly used to infect organizations with ransomware. The importance of establishing a cybersecurity ecosystem has been acknowledged by all sectors. Currently, the Covid-19 pandemic has demonstrated the different […]
Read moreThe use of artificial intelligence (AI) for cybersecurity, such as to detect insider threats and advanced attacks, is now an accepted and important tool for our industry. However, at the same time as we are realizing the power of AI, we need to become increasingly aware of its ethical challenges. To illustrate the importance of […]
Read moreMost AppSec programs forget that there is only one team that can fix security findings: the development team. While an AppSec strategy based on scanning will help you find flaws, the best approach also avoids creating flaws in the first place. Yet developers often don’t have the training they need to prevent, identify, or remediate […]
Read moreToday’s networks are expanding beyond on-prem to include cloud and hybrid deployments. While enterprises seek to balance agility and security, they are also faced with skills shortages and the need to work with the technology of multiple vendors. Automation is key to addressing these challenges while offering cloud, network, and security teams the ability to […]
Read moreXDR has extended Trend Micro’s detection and response capabilities by capturing more telemetry from more security controls than ever. Come to our presentation to learn how Vision One is extending its reach through the Open Cybersecurity Aliiance’s STIX-Shifter to query third-party data lakes providing a more comprehensive risk vision for your organization.
Read moreThreat intelligence and Security Operations have a symbiotic relationship: each improves when they interact with the other. When intelligence drives or supports security operations, you can prioritize events and reduce the time it takes to triage alerts and more rapidly perform investigations, effectively reducing MTTD and MTTR. In this talk, Chris highlights the challenges faced […]
Read moreTo meet the scale of current and future data security threats, evolving global and regional privacy regulations, and cloud adoption brought on by remote working, organizations need an easier and unified approach to discover, protect, and control their sensitive data. Let’s discuss how Thales has pushed the innovation envelope with its new CipherTrust Data Security […]
Read moreWhen adopting a Zero Trust approach to cybersecurity, there are several key things to consider. Join TELUS’ Marc Kneppers as he highlights the important things to think about when implementing a Zero Trust architecture. Find out how TELUS is implementing Zero Trust in our organization and hear about the results of a Zero Trust Assessment […]
Read moreAs a kid I always assumed that when you shot a rocket into space, other than the capsule, all the other parts burned up on re-entry into the atmosphere. Elon Musk asked why couldn’t you just reuse the rocket? And SpaceX was launched. To change cybersecurity, we must change our mindset. In 30 minutes, I […]
Read more