Tuesday, April 26 2011
Thursday, April 14 2011
Conferences:
SyScan Singapore Mobile Money is not a Ringtonea by The Grugq COSEINC; Targeting the iOS Kernel by Stefan Esser SektionEins; I'm going hunting, I'm the Hunter by Don Bailey iSEC Partners;Telecom Signaling attacks on 3G and LTE networks from SS7 to all-IP, all open by Philippe Langlois P1 Security inc.;
Infiltrate Rock'm Sock'm Robots: Exploiting the Android Attack Surface by Bas Alberts and Massimiliano Oldani;
SourceBosten Secure Development Lifecycle in the Mobile World by Marc French and Iron Mountain; Secure Development for iOS by David Thiel iSEC Partners; Tinker, Tailor, Soldier, A-GPS: How Cost Turns Security Devices Into Weapons by Don Bailey iSEC Partners.
Hack in The Box Amsterdam Attacking 3G and 4G Telecommunication Networks by Enno Ray; I'm Going Hunting. I'm the Hunter. by Don Bailey; Popping Shell On A(ndroid)RM Devices by Itzhak Avrah; iPhone Data Protection in-Depth by Jean-Baptiste Bédrun; iNception Planting and Extracting Sensitive Data From Your iPhone's Subconscious by Laurent Oudot; Antid0te 2.0 - ASLR in iOS by Stefan Esser
Looks quite okay, I never attended any SourceConference but the speakers are the usual suspects :-) Infiltrate is new. I would be mostly interested to hear Don Bailey's talk but judging from the number of talks he does on the subject I guess I'll catch it at BlackHat or Defcon in summer.
The mTAN trojan problem finally spread over to Europe and Germany. This version
is called SpyEye and comes as a developer signed Symbian application.
Nico and myself finally released our Tech Report on SMS filtering recommendations. It's available here: Countering SMS Attacks: Filter Recommendations. Feedback is welcome.
I guess I missed a bunch of stuff but right now I'm kinda busy with work ;-)
Saturday, April 02 2011
Last week I attended Troopers11 in Heidelberg Germany. Troopers is a nice and small IT security conference.
One of two that exist in Germany as far as I know (IT-Defense being the
other one). I'm not counting CCC congress and similar events this they
are not security focused (which is good!).
Troopers was well organized, very nice location, good break times,
good food, and a nice evening program. The conference badges where totally
awesome.
The conference included a nice challenge that was based on their badges. You
had to fulfil a number of tasks in order to get the number one your
badge increased by the staff. Since this was a security con our SecT
team took it in to our own hands and hacked the badges to show the maximum
score.
Get an impression by checking the Twitter search for #troopers11.
I had a great time and hope to make it again next year.