BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.bsidesvienna.at//
BEGIN:VTIMEZONE
TZID:Europe/Vienna
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidesvienna-2022-YNAKFT@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20221119T103000
DTEND;TZID=Europe/Vienna:20221119T110000
DESCRIPTION:What does the DNS have in common with an iceberg? Both are hidi
 ng invisible dangers! Beneath an iceberg there is... hiding even more ice\
 , however\, beneath the DNS there are hiding unexpected vulnerabilities!\n
 \nIf you want to resolve a name via DNS\, there are multiple open DNS reso
 lvers all across the Internet. A very commonly used open DNS resolver is G
 oogle’s resolver with the IP address 8.8.8.8. However\, not every system
  is using such an open resolver. Hosting providers\, ISPs or alike are oft
 en using resolvers that are not directly accessible from the Internet. The
 se are the so called “closed” resolvers.\n\nIn my previous research 
 “Forgot password? Taking over user accounts Kaminsky style” I have une
 arthed critical vulnerabilities in DNS resolvers of web applications\, but
  I haven’t shared a second thought about the fact that these web applica
 tions were most likely using closed resolvers. So\, this time I took a loo
 k at the root of the problem!\n\nIn this talk\, we’ll take a look at how
  we can indirectly access these closed resolvers from the Internet. Furthe
 rmore\, I’ll introduce open-source tools and methods to discover vulnera
 bilities in them. How we can attack these closed resolvers and potentially
  compromise thousands of systems\, will lastly be shown in a proof-of-conc
 ept exploit.
DTSTAMP:20260413T060448Z
LOCATION:Urania Dachsaal
SUMMARY:Melting the DNS Iceberg - Taking over your infrastructure Kaminsky 
 style - Timo Longin
URL:https://cfp.bsidesvienna.at/bsidesvienna-2022/talk/YNAKFT/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-bsidesvienna-2022-GDZYEC@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20221119T110500
DTEND;TZID=Europe/Vienna:20221119T113500
DESCRIPTION:Logrotate is prone to a race-condition on systems with a log di
 rectory that is in control of a low privileged user.  This talk shows how 
 easy it is to use logrotate in a dangerous way and illustrates the impact 
 of this vulnerability. Finally the current state of logrotate will be disc
 ussed.
DTSTAMP:20260413T060448Z
LOCATION:Urania Dachsaal
SUMMARY:Logrotten - "It's not a bug" - Wolfgang Hotwagner
URL:https://cfp.bsidesvienna.at/bsidesvienna-2022/talk/GDZYEC/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-bsidesvienna-2022-MUWQKG@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20221119T114000
DTEND;TZID=Europe/Vienna:20221119T124000
DESCRIPTION:A brief introduction to the world of InfoSec charlatans - from 
 KimDotCom to JonathanData. Why it's important to expose them - and how you
  can do it. This talk not only covers historical charlatans\, but also tea
 ches common techniques and behaviors of fraudsters. It also explains why i
 t is important to expose such fraudsters.
DTSTAMP:20260413T060448Z
LOCATION:Urania Dachsaal
SUMMARY:Charlatans in InfoSec - from Kim to Jonathan - Sebastian Bicchi
URL:https://cfp.bsidesvienna.at/bsidesvienna-2022/talk/MUWQKG/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-bsidesvienna-2022-EAKWZL@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20221119T134000
DTEND;TZID=Europe/Vienna:20221119T144000
DESCRIPTION:Windows 11 ships with a nifty feature called Power Automate Des
 ktop\, which lets users automate mundane processes. In a nutshell\, Users 
 can build custom processes and hand them to Microsoft\, which in turn ensu
 res they are distributed to all user machines\, executed successfully and 
 reports back to the cloud. You can probably already see where this is goin
 g..\n\nIn this presentation\, we will show how Power Automate Desktop can 
 be repurposed to power malware operations. We will demonstrate the full cy
 cle of distributing payloads\, bypassing perimeter controls\, executing th
 em on victim machines and exfiltrating data. All while using nothing but W
 indows baked-in and signed executables\, and Office cloud services. \n\nWe
  will then take you behind the scenes and explore how this service works\,
  what attack surface it exposes on the machine and in the cloud\, and how 
 Microsoft managed to enable it across their customer base without explicit
  user consent. We will also point out a few promising future research dire
 ctions for the community to pursue.\n\nFinally\, we will share an open-sou
 rce command line tool to easily accomplish all of the above\, so you will 
 be able to add it into your Red Team arsenal and try out your own ideas.
DTSTAMP:20260413T060448Z
LOCATION:Urania Dachsaal
SUMMARY:No-Code Malware: Windows at Your Service - Michael Bargury
URL:https://cfp.bsidesvienna.at/bsidesvienna-2022/talk/EAKWZL/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-bsidesvienna-2022-9ALTGS@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20221119T144500
DTEND;TZID=Europe/Vienna:20221119T151500
DESCRIPTION:Governments\, email vendors\, social media websites\, and even 
 your favorite food recipes forum require account registrations where you p
 ass your secret\, often the same\, password over insecure channels\, riddl
 ed with sniffing agents while subjecting your online identity to theft\, d
 ata breaches\, and a whole bag of privacy concerns.\n\nThis doesn't need t
 o be the case. With the massive explosion of fast\, secure\, and privacy-p
 reserving cryptographic protocols\, your credentials need never leave your
  device and websites don't need to store your passwords for authentication
  to complete.\n\nIn this talk\, I'll introduce zero-knowledge password pro
 tocols\; a well-established field of cryptography that puts privacy first\
 , as well as demo a full implementation of such a protocol live.
DTSTAMP:20260413T060448Z
LOCATION:Urania Dachsaal
SUMMARY:Nothing To Hide: Privacy-Preserving Cryptographic Authentication In
  Practice - Abdullah Joseph
URL:https://cfp.bsidesvienna.at/bsidesvienna-2022/talk/9ALTGS/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-bsidesvienna-2022-UR9EQT@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20221119T152000
DTEND;TZID=Europe/Vienna:20221119T162000
DESCRIPTION:Hey You! Get off my Satellite!\n\nAbstract:\nThere are many com
 ponents and systems that may be targeted in a space\nsystem by adversaries
  including ground station systems and satellites. In\nthis presentation we
  will discuss ideas for providing cyber resiliency in\nzero-gravity. Both 
 theoretical and real-world examples of cybersecurity\nissues concerning sa
 tellite systems will be covered. This presentation\nwill step through atta
 ck trees for targeting satellite systems.\nRecommendations best practices 
 for securing satellite systems will be\ndiscussed. In addition\, new ideas
  industry is currently developing for\nimproving the cyber resiliency of s
 pace systems will be presented.
DTSTAMP:20260413T060448Z
LOCATION:Urania Dachsaal
SUMMARY:Hey You! Get off my Satellite! - Paul Coggin
URL:https://cfp.bsidesvienna.at/bsidesvienna-2022/talk/UR9EQT/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-bsidesvienna-2022-93FVM7@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20221119T165000
DTEND;TZID=Europe/Vienna:20221119T173500
DESCRIPTION:Electronic Shelf Label (ESL) tags are increasing in popularity.
  More and more stores switch their price tags to digital ones for various 
 reasons\, such as competing with online wholesalers.\nIn this talk\, we an
 alyzed the 433MHz connection of a popular ESL tag and identified multiple 
 security flaws that allowed us to spoof the RF signal\nand display arbitra
 ry content on the displays. Furthermore\, the original manufacturer of the
  E-Tag labeled microcontrollers was discovered.\nThis talk will give an ov
 erview of analyzing unknown hardware with an unknown RF protocol without a
 ny prior known research.
DTSTAMP:20260413T060448Z
LOCATION:Urania Dachsaal
SUMMARY:Self-Labeling Electronic Shelf Labels - Steffen Robertz
URL:https://cfp.bsidesvienna.at/bsidesvienna-2022/talk/93FVM7/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-bsidesvienna-2022-PV7STU@cfp.bsidesvienna.at
DTSTART;TZID=Europe/Vienna:20221119T174000
DTEND;TZID=Europe/Vienna:20221119T181000
DESCRIPTION:Exfiltration and command and control are essential parts of the
  adversary's kill chain. One of the primary goals of a malicious adversary
  is to exfiltrate data from an environment undetected and uninterrupted.\n
 \nAs a result\, several attackers have opted for third-party services typi
 cally sanctioned for use in most enterprises. The accepted status of such 
 applications coupled with an established developer ecosystem makes service
 s such as Slack and Telegram suitable for their exfiltration and command a
 nd control tool of choice.\n\nWe have observed the usage of Telegram in di
 fferent types of malicious activities including but not limited to ransomw
 are\, phishing\, remote access trojans and stealers. We will discuss activ
 e samples found in the wild with a particular emphasis on stealers. Steale
 rs are a class of malware that are primarily interested in gathering infor
 mation on a host. Recent examples of Telegram in Stealers include Lapsus$ 
 compromise of major enterprises such as Microsoft\, Okta\, and Nvidia. The
 y are particularly interested in credentials and information related to fi
 nancial assets (fiat and crypto): E.g.\nSaved passwords\nCryptocurrency wa
 llets\nCredit cards\nFiles from personal directories\nDirect messaging app
 lications sessions (Telegram\, WhatsApp\, etc.)\nOS information\nMachine c
 redentials\nGeolocation\nScreenshots(in some cases live webcam view)\n\nOu
 r discussion will cover the exfiltration and detection evasion techniques 
 on different platforms\, including but not limited to Windows\, macOS\, an
 d Android. In furtherance of the point\, we introduce how malware-as-a-ser
 vice provides easily accessible kits to entry-level and sophisticated mali
 cious actors\, thus reducing entry barriers\, particularly in the stealer 
 and ransomware community.\n\nIn our analysis\, we observed a varied level 
 of attacker operational competency. Attackers falter in several stages of 
 the attack process\, and we discuss some of their shortcomings and the bes
 t practices when it comes to using Telegram.\nThe techniques we discuss in
 clude:\nCorrelating attacker identity to the real world\n- Image Correlati
 on\n- Username correlation\nMessage Interception via\n- Updates\n- WebHook
 s\n\nThroughout the talk\, we provide several samples that use Telegram as
  an exfiltration vector and had one or no detections in VirusTotal. The ab
 sence of detections underscore the essence of building an enterprise that 
 is aware of the shortcomings of vendor security products as well as open s
 ource intelligence sources. We also provide detections and common patterns
  we see associated with samples in the space.
DTSTAMP:20260413T060448Z
LOCATION:Urania Dachsaal
SUMMARY:Malware And Exfiltration : A Telegram Story - Godwin Attigah
URL:https://cfp.bsidesvienna.at/bsidesvienna-2022/talk/PV7STU/
END:VEVENT
END:VCALENDAR