Events

A Hot Security Conference On Cold Iceland

When I think about Iceland I do not immediately think about a place where top IT-security researchers from all over the world meet once a year to present and discuss some of the most recent and relevant security topics, but this is actually the case. It is the second year that the Nordic Security Conference has taken place here on Iceland. It is quite funny because when I’m in Las Vegas for DEFCON and BLACKHAT I always complain about the insane heat, and during the Nordic Security Conference the weather is terrible. When can someone arrange a conference at a location where it’s not insanely warm or cold?

I’ve had the great opportunity to present at both events. This year I gave a presentation about one of the weakest links in IT-security; the human factor. For over 6 months I have done several research projects, some of them on my own, and some together with other security researchers such as Martin Jartelius from Outpost24. We tried to answer the question: “How easy is it to hack a country?” by performing various social engineering experiments, with great success.

Syndis, an Icelandic security firm is the brain behind the security conference, and they have done a great job inviting amazing researchers from all over the world, such as: Chris Valasak, Don Bailey, Katie Moussouris, Stephen Watt, Chris Eng, Allison Miller and many more. If you are interested in the agenda, check it out here: http://nsc.is/schedule/

208214047

Parallel to the Nordic Security Conference the University of Reykjavik also arranged a hacking/CTF competition, which was extremely entertaining. While the contestants were going crazy and hacking they had provocative and entertaining interviews with the security researchers.

208214048

What makes this event such a great success is the size of the event. This year there were about 200 participants. This gives everyone the opportunity to network and talk to each other. After a long day of presentations and discussions the organizers arranged very good social events, which allowed everyone to show off their other skills. This year one of the speakers, who call himself Dr. Raid, did some crazy freestyle rapping!

208214049

This is a Conference I can highly recommend to anyone who likes awesome research and terrible weather 🙂

A Hot Security Conference On Cold Iceland

Your email address will not be published. Required fields are marked *

 

Reports

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Subscribe to our weekly e-mails

The hottest research right in your inbox