phdays 2013 May 23, 2013 to May 24, 2013, moscow,russia

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Responsiveness and Responsibility Marc Heuse Marc "van Hauser" Heuse has performed security research since 1993, found vulnerabilities in numerous products ...
If You Can Write a Webserver, You Can Write a Thumb Drive Travis Goodspeed Think back to that moment when you first realized a bit of ASCII and a ...
Cyber War of a Chinese Hacker, Black Economy, and Trojan Tool Tao Wan In the past, Chinese hackers have been spurred into action by geopolitical controversies. But today ...
Faster Secure Software Development with Continuous Deployment Nick Galbreath Why don't developers care about security issues? Why isn't security training effective? Why do basic ...
SCADA Strangelove: How to Build Your Own Stuxnet Positive Technologies A lot of time has passed since the Stuxnet incident. While one is looking for ...
Catching the Uncatchable: Investigating Malicious Activity Incidents in Corporate Networks Fyodor Yarochkin , Vladimir borisovich Kropotov , Vitaliy Chetvertakov Vladimir, Fyodor and Vitaliy spend their daily time as security analysts detecting malicious activity outbreaks ...
Lockpicking & Physical Security Deviant Ollam , Babak Javadi , Keith Howell Physical security is an oft-overlooked component of data and system security in the technology world. ...
Underground Market 101: Pricing Stats and Schemas Max Goncharov Online fraud has long since moved from being a mere hobby to a means for ...
Attack Prelude: OSINT Practice and Automation Vladimir Styran Collecting and analyzing public information on the target, aka Open Source Intelligence (OSINT), is a ...
Abusing Browser User Interfaces for Fun and Profit Rosario Valotta As social engineering has become the dominant method of malware distribution, browser makers started designing ...
Attacks Modeling, Security Metrics Calculation and Visualization in Perspective SIEM Systems Igor Kotenko The report covers current research in the field of SIEM systems. The speaker will present ...
Let the Hardware Do All the Work: Adding Programmable Logic to Your Toolbox Dmitry Nedospasov , Thorsten Schröder In the world of embedded security, off-the-shelf solutions often fall short of what is necessary ...
Windows File Uploading Out of the Box Vyacheslav Yegoshin The report will cover file uploading methods at the post exploitation stage using only out-of-the-box ...
Honeypot that Can Bite: Reverse Penetration Alexey Sintsov This talk will consider the concept of aggressive honeypot, the main idea of which is ...
Five Nightmares for a Telecom Dmitry Kurbatov Five Nightmares for a Telecom are five stories on how to intrude into an operator’s ...
Vulnerabilities of Android Cryptographic Applications Pyotr Khenkin The report will cover the most well-known mobile applications for Android (with the focus on ...
Bitcoin: Lights and Shadows of Virtual Money Antonio Teti For several decades, electronic money has been an illusion chased by all those who believed ...
Peculiarities of the National Hunt Aleksander Gostev Answering the question "Who?" is more important for victims of a cyber-attack, than its technical ...
Find Them, Bind Them – Industrial Control Systems (ICS) on the Internet Johannes Klick , Daniel Marzin People involved: Jan-Ole Malchow, Robert Fehrmann, Sascha Zinke, Prof. Dr. Roth Many industrial control systems ...
Protecting Organizations from Security Breaches by Persistent Threats, with Examples from RSA Michel Oosterhof Each enterprise is serious about protecting its resources, brand and intellectual property. Despite this, incidents ...
Are ICS Models Needed to Ensure Information Security of Industrial Systems? Ruslan Stefanov Specialists face a serious problem while ensuring information security of technological systems — a complete ...
To Watch or to Be Watched? Turning Your Surveillance Camera Against You Sergey Shekyan , Artem Harutyunyan Low cost commodity IP surveillance cameras are becoming increasingly popular among households and small businesses. ...
Lie to Me: Bypassing Modern Web Application Firewalls Vladimir Vorontsov The report considers analysis of modern Web Application Firewalls. The author provides comparison of attack ...
Evading Deep Inspection for Fun and Shell Olli-pekka "opi" Niemi The Evader was released at Black Hat 2012. It is a freely available test and ...
Java Everyday. System Analysis of Java 0-day Exploits Boris Ryutin , Alisa Shevchenko The report will cover the results of the system analysis of all zero-day vulnerabilities found ...
Attack Modeling. Artificial Intelligence Against Natural Errors Yevgeny Tumoyan , Darya Kavchuk The talk covers the problem of attack modeling and the prospect of solving the problem ...
HOWTO. High Packet Rate on x86-64: Clearing the Bar of 14.88 Mpps Alexander Lyamin Since new tools like netmap и PF_RING DNA became available for intruders, attacks leveraging multiple ...
DIY Industrial IPS Dmitry Dudov As ICS moves into TCP/IP, its security becomes a vital issue. Many protocols designed to ...
Who's Looking at You, Kid? Jeff Katz Do you carry a cell phone, an RFID badge, or do anything that could be ...
SAP Attacks Methodology Dmitry Gutsko , Oleg Klyuchnikov The report will cover methods of conducting typical attacks against SAP systems and necessary tools. ...
(In)security of Appliances Alexander Antukh It is not news that software can be insecure. Numerous security advisories posted each day ...
Industrial Protocols for Pentesters Alexander Timorin , Dmitry Yefanov The report includes a general overview of the current situation with SCADA — the largest ...
One More Weakness in Modern Client-Server Applications Anton Sapozhnikov The speaker will present a post-exploitation technique which allows you to hack your favorite application ...