What is worth hacking in cloud services these days and how can we protect against such attacks? Laura Kankaala, an ex-pentester/ red teamer/incident responder, will show you what hackers see when they look into the clouds and help filter out the noise by identifying realistic threats and what should actually be protected in the cloud.
Authentication is omnipresent in today’s society. We still do it wrong by both alienating our users and ignoring the obvious in our threat modeling. This talk explores a reasonable threat model for various use-cases where current protocols and their implementation both fall short of expectations and what could be done to fix them.
AI poses a significant threat in the realms of social engineering and cyber-attack through AI-driven fake biometrics, imagery and text. This talk explores these threats and opportunities and to stimulate thought and discussion on the research challenges ahead in terms of detecting, mitigating or positively utilising AI-driven fakery in Cyber Security.
The Volatility Framework provides cutting edge memory analysis technology. This talk compares the new Volatility 3 to previous versions and other Volatility based tools. It discusses many new features and our new contributor focused license. Finally, we’ll discuss ways the community can help contribute to the official launch of Volatility 3!
In this highly optimistic talk, Lawrence asks why developers keep writing insecure code. He looks for the root cause of the security issues that appear again and again, with both surprising and not-so-surprising findings. Finally, Lawrence looks at different things we can all do to improve the state of code security from beginning to end.
Join Toreon’s Steven Wiercks for a 90 minute workshop based on his Whiteboard Hacking training course and go from system description to basic threat model in just 90 minutes.
Expect the Fast and the Furious of introductory threat modeling sessions with no prior threat knowledge required. Starting with threat model theory, most of the time will be spent doing a real-world threat model for an online booking system that wants to move components to ‘the cloud’.
The GNU C Library (GLIBC) is a core part of most Linux desktop and many embedded distributions; its memory allocator is used in everything from starting threads to dealing with I/O.
Learn how to leverage this vast attack surface with 2 early techniques from the HeapLab training course: The House of Force and Fastbin Dup.
This Workshop is an ideal taster for Max’s 44CON HeapLab Training in March 2020.
We interact with payments every day. Yet how many of us, know how they work? In this 90 minute workshop learn how payments work and how to spot vulnerabilities. As this is a hands-on workshop all participants are required to bring their own contactless cards and mobile wallets (GPAY and wearables). We have a no card, no seat policy.
Learn from the best in industry, and leave with your wallet a little lighter.
As well as talks and workshops, the Hootenanny has an escape room, brought to you by our friends at F-Secure. The escape room features fiendish puzzles for teams to unlock, running every hour.
We’re laying on a full lunch at the Novotel’s Aroma restaurant. If you’ve trained with us you’ll know exactly what to expect. If you haven’t, prepare to have your taste buds blown with amazing food, including options for those with dietary requirements. We’ll also hold networking breaks with tea, coffee and a wide range of refreshments throughout the day.
No Hootenanny is complete without music, and we have The Subatomic Souls to play us out with an acoustic Rhythm and Blues set. Kick back with a beer, glass of wine or one of our non-alcoholic drinks and enjoy the music.
Tickets to the Hootenanny are £35 each. If you’ve attended any 44CON Training in 2019, you’re on the Hootenanny guest list!. To claim your free ticket, just email Marizel using the address your ticket was registered with. If you haven’t attended any 44CON training in 2019, now’s the time to start!
Like the NSA, our newsletter will be in your inbox every Tuesday. Unlike the NSA, you can unsubscribe at any time.