On October 29, we invite you to the second online meeting on information security Digital Security ON AIR.
Let’s talk about Kubernetes, C2 frameworks in the context of the Red Team, research on UEFI BIOS firmware and acquiring infrastructure vulnerabilities. Beginning at 17:00 (Moscow time). Free admission.
This summer, we held our first online meeting on information security, Digital Security ON AIR. It was a test of a new format for us, and although it was not without rough edges, we got experience, great feedback and a desire to make DSec ON AIR again.
Materials of the last meeting can be found here…
And here’s what awaits you on the new ON AIR
We will try to shed some light on how to get started examining UEFI BIOS firmware, and which static analysis tools are worth looking out for.
In recent years, quite a few decent open source C2 frameworks have emerged that enable team collaboration. We will characterize the most popular of them based on the practice of Red Team testing. Let’s consider the features of the deployment, functionality and modules. Let’s compare the protocols of covert communication channels. Let’s discuss the advantages and disadvantages.
We will look at the standard Kubernetes security mechanisms that allow you to increase the level of security for both the application and the cluster itself. We will also tell you how to make life difficult for the attacker, even if he has already penetrated inside.
For those who like to break their heads, we will conduct an online CTF. The assignments will become available on October 28 at 17:00, one day before the event. We have prepared tasks for reverse engineering, binary operation and web security. We will announce the winners at Digital Security ON AIR and will definitely reward them. Registration is already open. Go!
Register now and join Digital Security ON AIR on October 29 at 17:00 UTC.