08:30 - 08:35
Attila Marosi - Opening ceremony
08:35 - 09:20
Zoltán Balázs - Hacking IP cameras through the cloud
Hardly a day goes by without an article about a new IoT (Internet of Things) device being hacked. IP cameras, routers, baby monitors, smart homes, NAS devices, light bulbs, cars, rifles, you name it. We have seen in the past 5-10 years how horrible the security of these devices is. Some people play VNC roulette, others hijack cars driven by a journalist. Junk hacking has become part of the ITSEC industry. Journalists are happy because of improved click-through rates through scary headlines, security researchers feel they are the celebrities of the day. But this is just part of the full story.
09:20 - 09:50
M4xk & Sıx - Legend of Windows – A Link to the Hash
During one of our IT security investigation we have observed an undocumented Windows feature which leaks much valued hashes from the system. No complicated exploitation is needed to play the trick we will present and it can drastically speed up owning all the users in the systems and reaching to domain administration privileges.
09:50 - 10:35
Tobias Schrödel (GER) - Hacking toys, lamps and other stuff
In this presentation, it will be demonstrated live how to hack at least three IoT devices. At first, a childrens toy, which is a radio-controlled car with a built-in video camera. Second, an “adult toy”, that is accessible via bluetooth from any person in reach. Here, a second “adult toy” will be demonstrated, that has security built-in, so this can not happen. At last, it will be shown, how to hack into Philips HUE light system from within the same network. As a wrap-up there will be a talk about what needs to be done from vendors in the future to make the IoT safe.
10:35 - 11:05
Coffee break (30 mins)
11:05 - 11:35
Péter Höltzl - Getting the most out of security logs using syslog-ng
Event logging is a central source of information for IT security. The syslog-ng application collects logs from many different sources, performs real-time log analysis by processing and filtering them, and finally it stores the logs or routes them for further analysis. This session focuses on how syslog-ng parses important information from incoming messages, enriches them with additional contextual information, and concludes with demonstrating how all of this can be used for alerting or for dashboards.
11:35 - 11:50
Csaba Fitzl - IOC sharing – we are doing it wrong
Threat Intel and IOC (indicators of compromise) sharing are very hot topics these days, and has been around for a few years. People tend to rely on these kind of information more and more. In my talk I will talk about why we are sharing IOCs in the wrong way, why those won’t be useful at all in large enterprises, and what we should change to make it valuable. I will also talk about what IOC types we share and don’t share, and which of those could add the most value to an organisation.
11:50 - 12:35
Paul Coggin (USA) - Hallowed be thy packets
Blue and Red teams are missing the low hanging vulnerabilities that exist in many enterprise networks today. This session will show in detail how the red team can quickly identify and exploit numerous network protocol vulnerabilities that the previous security test team probably missed. Methods for securing routing and switching protocols will be covered. Detailed PCAP examples will be covered. Recommendations for adding visualization and instrumentation to the network to detect network exploits will be covered.
12:35 - 13:05
Tamás Hetesi - Security issues about backup
Do you have a backup strategy? I’m glad. But what about security? In my presentation I will introduce the problems, that may arise during backup saving, and also talk about how our own backup can be harmful for us. The participants can also meet some solutions that can help to protect themselves against threats.