Events

Hack in The Box Security Conference 2011 Amsterdam / NL

Since yesterday I’ve been attending the annual Hack-in-the-Box Quad-Track Security Conference in Amsterdam/NL. There’s a very nice and open atmosphere here at the conference, besides the beautiful city of Amsterdam.

First, Joe Sullivan (CSO at facebook), held a very interesting keynote about the development of security innovations at facebook. For him innovation is “these hacking culture, we think about each day at facebook”. After explaining some of the newer security innovations (https-only, login notifications, login approvals [if e.g. geo-location of a user is suspicious], recognized devices, recent activity) he talked about the recent fb-scams with malicious scripts. “No one would do that, copying and pasting a script into the browser! – Yes, they do…”, he said.

Also a remarkable talk I attended was about binary planting, given by Mitja Kolsek (CTO at ACROS Security). In “Binary Planting: First Overlooked, Then Downplayed, Now Ignored” Mitja also showed a new method he called “advanced binary planting”, which uses a feature from Windows’ special folders (like control panel, printers, etc.) and clickjacking to make it possible to own the users’ computer.

In the winter garden of the conference hotel there’s a technology showcase area. Hackerspaces from all over Europe and the Netherlands are showcasing their projects here. There also is a capture-the-flag competition happening, a lock-picking and (sponsor) companies-showcase.

For more informations please see the conference website.

Hack in The Box Security Conference 2011 Amsterdam / NL

Your email address will not be published. Required fields are marked *

 

Reports

Lyceum group reborn

According to older public researches, Lyceum conducted operations against organizations in the energy and telecommunications sectors across the Middle East. In 2021, we have been able to identify a new cluster of the group’s activity, focused on two entities in Tunisia.

GhostEmperor: From ProxyLogon to kernel mode

While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster of activity that appeared in several distinct compromised networks. With a long-standing operation, high profile victims, advanced toolset and no affinity to a known threat actor, we decided to dub the cluster GhostEmperor.

APT trends report Q2 2021

This is our latest summary of advanced persistent threat (APT) activity, focusing on significant events that we observed during Q2 2021: attacks against Microsoft Exchange servers, APT29 and APT31 activities, targeting campaigns, etc.

Subscribe to our weekly e-mails

The hottest research right in your inbox