Online meeting on information security Digital Security ON AIR

On October 29, we invite you to the second online meeting on information security Digital Security ON AIR.

Let’s talk about Kubernetes, C2 frameworks in the context of the Red Team, research on UEFI BIOS firmware and acquiring infrastructure vulnerabilities. Beginning at 17:00 (Moscow time). Free admission.

This summer, we held our first online meeting on information security, Digital Security ON AIR. It was a test of a new format for us, and although it was not without rough edges, we got experience, great feedback and a desire to make DSec ON AIR again.

Materials of the last meeting can be found here…

And here’s what awaits you on the new ON AIR

Evgeny Rasskazov, Ruslan Zakirov – Arsenal of the UEFI BIOS researcher

The UEFI specification saw the world in 2005. 15 years later, its implementation completely supplanted the ancient BIOS firmware in x86 architectures. About five years ago, news about vulnerabilities found in UEFI firmware began to appear on the Internet. Today, the security of UEFI BIOS firmware remains in a deplorable state – there are quite a few researchers in this area.

We will try to shed some light on how to get started examining UEFI BIOS firmware, and which static analysis tools are worth looking out for.

Gleb Cherbov, Ilya Bulatov – The weakest link in the acquiring infrastructure

The level of security of any system as a whole is known to be determined by its weakest component. Let’s talk about not the most famous, but no less important component of the acquiring infrastructure – POS terminal configuration servers. Let’s talk about the interesting features of this type of software and what opportunities they open up to the attacker.

Vadim Shelest – The Golden Age of Red Teaming C2 Frameworks

C2 (Command and Control) is one of the most important steps in the Cyber Kill Chain model. It allows you to establish a channel for interacting with the system and implementing post-exploitation goals.

In recent years, quite a few decent open source C2 frameworks have emerged that enable team collaboration. We will characterize the most popular of them based on the practice of Red Team testing. Let’s consider the features of the deployment, functionality and modules. Let’s compare the protocols of covert communication channels. Let’s discuss the advantages and disadvantages.

Daniil Beltyukov – Protecting Kubernetes from all sides

The popularity of Kubernetes is growing: more and more organizations are migrating their applications to this platform for ease of deployment and scalability. You can often find “managed Kubernetes” with the ability to use cloud resources in a cluster. But, as we know, the more features, the higher the risk of error.

We will look at the standard Kubernetes security mechanisms that allow you to increase the level of security for both the application and the cluster itself. We will also tell you how to make life difficult for the attacker, even if he has already penetrated inside.

For those who like to break their heads, we will conduct an online CTF. The assignments will become available on October 28 at 17:00, one day before the event. We have prepared tasks for reverse engineering, binary operation and web security. We will announce the winners at Digital Security ON AIR and will definitely reward them. Registration is already open. Go!