As a reminder, over 700 participants registered for the first meeting. You can view recordings of reports and download presentations of the previous event here…
So, what will happen on October 29: expert reports; section of questions and answers; Online CTF for those who like to break their heads; quiz and prizes for the winners.
The program will include reports:
- Arsenal UEFI BIOS Explorer;
- The weakest link in the acquiring infrastructure;
- Golden Age of Red Teaming C2 frameworks;
- Protecting Kubernetes from all sides.
The program is being updated, changes and additions are possible.
UEFI BIOS Explorer Arsenal
Speakers: Evgeny Rasskazov, Ruslan Zakirov
The UEFI specification saw the world in 2005. After 15 years, its implementation completely supplanted the ancient BIOS firmware in x86 architectures. About five years ago, news about the vulnerabilities found in the UEFI firmware began to appear on the Internet. Today, the security of UEFI BIOS firmware remains in a deplorable state – there are quite a few researchers in this area.
We will try to shed some light on how to get started examining UEFIBIOS firmware, and what static analysis tools are worth looking out for.
The weakest link in the acquiring infrastructure
Speakers: Gleb Cherbov, Ilya Bulatov
The level of security of any system as a whole is known to be determined by its weakest component. Let's talk about not the most famous, but no less important component of the acquiring infrastructure – POS terminal configuration servers. Let's talk about the interesting features of this type of software and what opportunities they open up to the attacker.
The Golden Age of Red Teaming C2 Frameworks
Speakers: Vadim Shelest
C2 (Command and Control) is one of the most important steps in the Cyber Kill Chain model. It allows you to establish a channel for interacting with the system and realizing post-exploitation goals. In recent years, quite a few decent open source C2 frameworks have emerged that enable team collaboration. We will characterize the most popular of them based on the practice of Red Team testing. Let's consider the features of the deployment, functionality and modules. Let's compare the protocols of covert communication channels. Let's discuss the advantages and disadvantages.
Protecting Kubernetes from all sides
Speakers: Daniil Beltyukov
Kubernetes is growing in popularity as more organizations are migrating their applications to this platform for ease of deployment and scalability. You can often find "managed Kubernetes" with the ability to use cloud resources in a cluster. But, as we know, the more features, the higher the risk of error.
We will look at the standard Kubernetes security mechanisms that can improve the level of security for both the application and the cluster itself. We will also tell you how to make life difficult for the attacker, even if he has already penetrated inside.
Registration for Digital Security ON AIR available on the website…