- Видео 83
- Просмотров 45 299
BSides Belfast
Великобритания
Добавлен 9 сен 2017
BSides was born in 2009 when a number of quality speakers were rejected from a mainstream conference, not due to lack of quality but rather lack of space and time. Our mission is to provide people with options by removing common conference barriers and by providing more options for speakers, topics, and events.
Ireland, both North & South, is host to many big named IT and CyberSecurity companies, in recent years the influx of IT companies has also included many that are specifically working on information security and while there are many smaller informal gatherings for development and security related purposes, BSides Belfast has been bringing many of these groups and interests together to allow the community to share and grow their expertise.
Ireland, both North & South, is host to many big named IT and CyberSecurity companies, in recent years the influx of IT companies has also included many that are specifically working on information security and while there are many smaller informal gatherings for development and security related purposes, BSides Belfast has been bringing many of these groups and interests together to allow the community to share and grow their expertise.
Hardware-based Security: Gimmick Or Game-Changer? - Mantas Stadnik
Abstract:
Hardware-based security has been a high-profile discussion and research topic in recent years, notably with reference to the CHERI (“Capability Hardware Enhanced RISC Instruction Set”) technology which underpins the Digital Security by Design (DSbD) programme supported by the UK government in collaboration with ARM and the University of Cambridge.
Recent research from Microsoft estimates that 70% of all vulnerabilities in the past decade have been memory-safety bugs; the DSbD programme aims to protect against such memory-safety vulnerabilities using CHERI-enabled hardware and software components which support the enhanced instruction set.
This talk will begin by introducing CHERI c...
Hardware-based security has been a high-profile discussion and research topic in recent years, notably with reference to the CHERI (“Capability Hardware Enhanced RISC Instruction Set”) technology which underpins the Digital Security by Design (DSbD) programme supported by the UK government in collaboration with ARM and the University of Cambridge.
Recent research from Microsoft estimates that 70% of all vulnerabilities in the past decade have been memory-safety bugs; the DSbD programme aims to protect against such memory-safety vulnerabilities using CHERI-enabled hardware and software components which support the enhanced instruction set.
This talk will begin by introducing CHERI c...
Просмотров: 35
Видео
Dipping Our Toes Into Cryptovirology - Ryan Robinson
Просмотров 1065 месяцев назад
Abstract: We all know ransomware is bad right? What makes it so dangerous and paralyzing for some businesses? The answer, of course, is cryptography! Cryptography enables attackers to hold files in digital captivity in order to have something to ransom. Let’s dive into the Cryptovirology world and see how exactly malware developers utilize different cryptographic systems and how, when it is imp...
Penetration Testing Using Windows Features - Niall Caffrey
Просмотров 805 месяцев назад
Abstract: Windows normally gets a bit of a bad reputation as an operating system to perform penetration testing from, however there are some recent features designed by Windows that can be useful for a penetration tester. This talk will provide an overview of WSL, WSA, and Windows Sandbox, and how these features in Windows can be used for penetration testing. Bio: Senior Security Consultant @ e...
Cloud-Squatting: The Never-Ending Misery Of Deleted And Forgotten Cloud Assets - Abdullah Al-Sultani
Просмотров 1655 месяцев назад
Abstract: In recent years, the adoption of cloud services has significantly increased, enabling organizations to leverage the benefits of scalability, availability, and cost-efficiency. However, this shift towards cloud-based infrastructure has also brought new security challenges, including the emergence of cloud-squatting attacks. Cloud squatting happens when a company leases space and IP add...
FIDObituary: The Death Of Passwords - Brendan “B” Burke
Просмотров 505 месяцев назад
Abstract: Passwords are a horrible, legacy method used for authentication. They are a ubiquitous, persistent nuisance that fall flat; password reuse, bad policies, expiry, easily guessed or phished, etc. FIDO Authentication, developed by the FIDO Alliance, is a global authentication standard based on public key cryptography that perfectly addresses these legacy issues and the modern threat land...
Batter Up! Why Is Japan Still Batting In The Minor League Of Cybersecurity? - Ben Ellis
Просмотров 355 месяцев назад
Abstract: In recent years, Japan has been in the international spotlight due to its hosting of significant global events such as the Tokyo 2020 Summer Olympics and the 49th G7 summit. However, amid these events and the recent cyber activity of its neighbouring countries such as China, North Korea, and Russia, Japan has found itself on the frontlines of the cyber world with one question needing ...
Security Lessons Learnt From The Cloud Frontline - Ben Fletcher
Просмотров 1785 месяцев назад
Abstract: Moving to the cloud brings many benefits, but it doesn't remove your responsibility for the security of your workloads and data. The presentation will walk through the most prominent customer-side attacks, highlighting the many simple practices that can mitigate the access methods and reduce the impact. Bio: AWS EMEA CIRT Team Leader Ben is a chartered engineer with over 20 years in d...
Navigating The Open-Source Security Fog: A Case Study Of Messy Vulnerability Data - Jamie Harris
Просмотров 295 месяцев назад
Abstract: As an industry we heavily rely on publicly disclosed vulnerability data to manage our security risks in open-source software. Unfortunately this world can be a foggy one, full of research that is useful but not always complete or well correlated, leaving us scrambling to put all the pieces together. What can we do to clear this fog? This talk will examine an example case of a remote c...
Mobile App Vulnerabilities: The Bad, The Worse And The Ugly - Ray Kelly
Просмотров 435 месяцев назад
Abstract: One of the hottest targets for hackers today are mobile applications. Whether due to inexperienced developers, rushing new features to market or poor coding techniques, hackers are actively exploiting the mistakes made by mobile app developers-which, if successful, can be quite costly for organizations. In this session attendees will learn about the three main attack vectors for mobil...
Advanced Paranoia For Developers - Mark Allan
Просмотров 865 месяцев назад
Abstract: Congratulations. You've finished working on your API and it's time to test it in production. And of course there are security holes in it. Sorry, but there are. Your job is just to make them as difficult to find as possible. Fortunately others have gone before you and their security holes have been found. If they were lucky, it was the pentesters, red team or bug bounty hunters who fo...
Conference Close - BSides Belfast
Просмотров 1025 месяцев назад
So Long and thanks for all the Club Mate! After a hiatus of three years due to COVID-19, we are thrilled to be back, reigniting the spirit of our cyber security community and industry. As you’ll notice, our chosen emblem this year is the phoenix - a symbol of rebirth and renewal. Just as the phoenix rises from the ashes, our conference aims to reignite the BSides Belfast spirit, evolving to be ...
Criminal Cooperation: Lessons From The Dark Side - Lara Sunday
Просмотров 1005 месяцев назад
Abstract: “The only thing more dangerous than a developer is a developer conspiring with Security.” Gene Kim Organisations often have no shortage of advanced toolsets, however the dynamics of how security teams and IT collaborate often lead to greater exposure to cyber threats and risk to business. Exploring cybercriminal network structures, business models and ransomware ecosystems this sessio...
The Safety Law Of An Idiot Next To You - Tanya Vacarda
Просмотров 605 месяцев назад
Abstract: My driving instructor used to tell me that on the road I’m as safe as the wits of an idiot driving next to me. He tried to teach me to be ready for the most idiotic and improbable scenarios. That car pushing its way in the next lane, that loose car boot door, a cyclist that you can’t see, a suicidal bird five minutes into the future…. When one morning I was checking my business websit...
From Likes To Leaks: Understanding The Security Risks Of Social Media - Anne-Marie O’Donnell
Просмотров 519 месяцев назад
Abstract: Studies analysing the anatomy of a social media data breach often highlight that the primary weakness leading to the breach is a lack of correct policies and procedures. An organisation needs to ensure their social media team is acting and handling the business social media accounts in a way that reflects the company’s values. However, there is little guidance in this field on these p...
Maximising The Impact Of OSINT In Investigations - Ruth McAlister
Просмотров 1399 месяцев назад
Abstract: Open Source Intelligence (OSINT) has revolutionised the landscape of investigations, providing a wealth of publicly available information that can be harnessed to uncover hidden insights and support effective decision-making. However, the true potential of OSINT can only be realised when it is coupled with a deep understanding of social science principles. This presentation aims to hi...
How Adversaries Are Abusing Network Blind Spots - Edmund Brumaghin and Earl Carter
Просмотров 724 года назад
How Adversaries Are Abusing Network Blind Spots - Edmund Brumaghin and Earl Carter
Building The Best Team To Hunt The Biggest Threats - Martin Lee
Просмотров 574 года назад
Building The Best Team To Hunt The Biggest Threats - Martin Lee
New Attacks On The MIFARE DESFire EV1 Smartcard Used In Public Transportation - Rory Flynn
Просмотров 26 тыс.4 года назад
New Attacks On The MIFARE DESFire EV1 Smartcard Used In Public Transportation - Rory Flynn
Nice One, Dad: Dissecting A Rare Malware Used By Leviathan - Brian Bartholomew
Просмотров 5264 года назад
Nice One, Dad: Dissecting A Rare Malware Used By Leviathan - Brian Bartholomew
Nudging Security Awareness Towards Harm Reduction - Michelle Stella
Просмотров 1034 года назад
Nudging Security Awareness Towards Harm Reduction - Michelle Stella
How To Investigate IOS Devices - Paul Rascagneres
Просмотров 674 года назад
How To Investigate IOS Devices - Paul Rascagneres
The Past, Present, And Future Of Supply Chain Attacks - Edmund Brumaghin and Nick Biasini
Просмотров 1264 года назад
The Past, Present, And Future Of Supply Chain Attacks - Edmund Brumaghin and Nick Biasini
The Joule Thief: A Look Into The Activity Of "The Cryptominer Champion" Rocke - Joakim Kennedy
Просмотров 494 года назад
The Joule Thief: A Look Into The Activity Of "The Cryptominer Champion" Rocke - Joakim Kennedy
Titanics Of Security: Users Aren't The Only Problem - Jason Halley
Просмотров 794 года назад
Titanics Of Security: Users Aren't The Only Problem - Jason Halley
Offensive Ansible For Red Teams (Attack, Build, Learn) - Leo McCavana
Просмотров 8834 года назад
Offensive Ansible For Red Teams (Attack, Build, Learn) - Leo McCavana
Very Informative for us 😶😶
Yay Rory! Well done!
17:50
The actual story starts at around 12:00
proud of you Mr yassine , I from Agadir as well . thanks
Hhhhhhhhh . then so ?
Good job Yassine ;)
Companies should say thanks more often ...costs nothing and helps build better relationship with hacker community. It's a two way Street say thanks to the hacker. There's lot of mental health problems reported among bug bounty hunter.
medium.com/@nmalcolm/bug-bounties-and-mental-health-40662b2e497b
Very interesting. Only 42 views of such a well organized masterpiece. This video should be at the top of everybody's playlist.