08 Jan 29c3 Hamburg / DE Stefano Ortolani
20 May Hack in The Box Security Conference 2011 Amsterdam / NL Stefan Ortloff
19 Apr InfoSecurity Europe 2011 Costin Raiu
11 Jan Techfest Mumbai 2011 Costin Raiu
20 May Live from Interop Las Vegas Roel
16 Feb Desde la Habana Costin Raiu
Join our blog
You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.
The last week of 2012 marked the 29th installment of the Chaos Communication Congress. Organized by the Chaos Computer Club (CCC), the congress is an annual conference on technology and its impact on society. Although the scope may look quite loose, both lectures and workshops typically revolve around privacy, freedom of information, data security and other hacking issues. Needless to say, it has always been a great success; huge, considering that black-hat sized events here in Europe are not that common. Take, for instance, the fact that this year the congress had to be held in Hamburg, as Berlin could not offer a congress center fit enough to host more than 6000 attendees. Trust me, this number was not an exaggeration at all!
I admit my expectations were quite high: after four long years of scientific symposia going back to more technical venues was indeed putting my brain in hunger-mode. However, having experienced what it means organizing events for medium sized scientific conferences, I was honestly puzzled about turning a huge building such as the Congress Center of Hamburg in a functional place ready to host lectures, workshops, and hack spaces. Boy I was wrong to be worried about it. The event lasted 4 whole days (from the 27th to the 30th) with an impeccable organization: not only were all lectures and workshops flawlessly organized, streamed, and chaired; but also all open spaces were collectivized and used for all kind of hacking purposes, from playing CTF to entry-level courses on the Arduino platform.
The speakers on the other hand could take advantage of extremely well-sized rooms, with the most important talks having available an auditorium able to host more than 2000 people. Nevertheless, I have to say I was forced to learn one thing pretty fast: if you are interested in a topic, and that topic happens to be quite a hot one, well, be ready to get to the room at least 15 minutes before show-time; seriously, being on time never worked; any room, regardless of the capacity, was liable to get full. Believe me, I was really thankful for the flawless streaming infrastructure (watching a talk on my laptop that was taking place just few meters away was indeed paradoxical :) ).
The first day's line up was respectable. The keynote was given by Jacob Appelbaum, known for his contributions to "The Tor Project", and also former spokesperson for WikiLeaks. After the usual introductions, he explained the reasons of this year's congress' zeitgeist "Not My Department". We all have heard this sentence at least once in our lives; usually uttered to belittle other people's arguments, it has always been used as an example of a closed mindset at work. Jacob's point was that this attitude is even more detrimental in an inter-connected world. What is the use of a privacy-preserving bill if our data flows through the routers of oppressive governments potentially assembling huge data sets about our lives? A new level of awareness is therefore suggested.
Since yesterday I've been attending the annual Hack-in-the-Box Quad-Track Security Conference in Amsterdam/NL. There's a very nice and open atmosphere here at the conference, besides the beautiful city of Amsterdam.
First, Joe Sullivan (CSO at facebook), held a very interesting keynote about the development of security innovations at facebook. For him innovation is „these hacking culture, we think about each day at facebook“. After explaining some of the newer security innovations (https-only, login notifications, login approvals [if e.g. geo-location of a user is suspicious], recognized devices, recent activity) he talked about the recent fb-scams with malicious scripts. „No one would do that, copying and pasting a script into the browser! - Yes, they do...“, he said.
Also a remarkable talk I attended was about binary planting, given by Mitja Kolsek (CTO at ACROS Security). In "Binary Planting: First Overlooked, Then Downplayed, Now Ignored" Mitja also showed a new method he called "advanced binary planting", which uses a feature from Windows' special folders (like control panel, printers, etc.) and clickjacking to make it possible to own the users' computer.
In the winter garden of the conference hotel there's a technology showcase area. Hackerspaces from all over Europe and the Netherlands are showcasing their projects here. There also is a capture-the-flag competition happening, a lock-picking and (sponsor) companies-showcase.
For more informations please see the conference website.
Earlier today, at 10 am sharp, Europe’s number one security event – InfoSec – opened its doors at Earl’s Court Hall, in London, UK.
As usual, Kaspersky Lab has prepared a few interesting things for you, with half-hourly security briefings from the company’s top security experts (full schedule here - http://www.kaspersky.co.uk), and a speech from the company CEO and founder, Eugene Kaspersky.
In addition to this, tonight we’re going to the SC Magazine awards ceremony, where Kaspersky Lab is shortlisted in three categories:
If you happen to be in the vicinity, please drop by and visit us at stand C41!
I'm at the Interop Las Vegas show which is again taking place in the Mandalay Bay convention center. This is my first time in Vegas and I'm finding it quite the experience.
Yesterday I talked about the dangers of social networks and the bigger issue of implicit trust around it. Today I'll be talking about the methods attackers are using and how the malware ecosystem works.
Just like many of our competitors we also have a booth at Interop. Stop by booth #1212 and see us when you have the time.
Hello from Havana, the capital of Cuba, where the 13th edition of the ‘Informatica’ convention and trade fair is taking place.
The first days of the show were dedicated to various aspects of information technology deployment in Cuba, with an emphasis on the associated security issues.
Our Cuban partner, Segurmatica www.segurmatica.cu had a number of interesting technical presentations, including on the detection and removal of the Polip and Virut viruses, something which they’ve implemented in their product, SegAV.
Of course Friday 13th is a memorable date in the history of computer viruses. Which is why Jose Bidot, the organizer of the convention, chose Friday 13th, 2009 as the day for the international conferences on malware and computer security.
Among the speakers were Ero Carrera from Hispasec/Virustotal, who might be familiar to some of you, our own Dimitry Bestuzhev and myself.
The Friday 13th presentations focused on both the huge growth of malware and the increased sophistication and increase in attacks against users from Latin America and around the world.
The next edition of ‘Informatica’ will be in 2011, until then, ‘Hasta Luego!’ from the sunny Havana.
The first impression that I got after stepping out of the plane few days ago in Dubai was "hot!!" - it was at least 35 centigrates just a bit after midnight.
Besides being very hot, Dubai has a booming economy and if probably most famous for its towers, or 'Burj' in Arab.
Between them, there is one which really stands out: Burj Dubai - the tallest building in the world, which you can see here between the imposing Emirates Towers.
Don't be fooled by the perspective though - Burj Dubai is currently over 700 meters tall and will reach 818 meters when finished next year.
CeBIT Eurasia, taking place between 7th and 12th of October in Istanbul, is no less important than its European counterpart. We're here showcasing the latest version of our products in hall 2, section 248. If you are in the city and visiting CeBIT, we'd love to see you!
The photo above shows the calm before the storm. Now that CeBIT's started, it's been pretty busy around here.
We're going to be at InfoSecurity Belgium in Brussels over the next two days.
I'm here with our team - we've got advice on how to stop cybercriminals and malware in their tracks.
Joining us will be Jean-Marie Pfaff, named by Pele as one of the world's greatest living footballers, who will share top tips and tricks on how to stop the opposite side from scoring too many goals.
Come by and see us at booth B067 to discuss football and malware - the new approach to risk management.
If you're in the Hannover neighbourhood, or if you’re at CeBIT already, don’t forget to stop at our booth in Hall 6, J16 before it's too late.
Everyone seems to be rushing to our booth to get a copy of Eugene’s latest book called ‘Malware’. It gives a complete overview of all aspects of malware, including all the history, and it's a real page turner. In my opinion it’s a ‘must have’ for your security library.
Yesterday we had our now traditional Russian disco evening and stayed up a bit later than we should have done. But if you take a look at the picture below you can see we're still in great shape and ready to kick off the CeBIT Kaspersky Analysts Roundtable within the next hour!
Incidentally, the big theme over here at CeBIT is ‘green IT’. We must be ahead of the times – we've had a green product for years!