T2’12 infosec conference, day 2

Day 2 started with “Draw Me A Trojan” by Yuval Polevoy / RSA. Polevoy spoked about advanced multilayered trojan. Trojan uses several techniques for hiding itself from the AV-software. Overall very informative presentation of modern malware.

Next was “Finding Flame” by Constin G. Raiu (twitter: @craiu). Raiu presented connections between Flame, Stuxnet, Gauss and Duqu malware. Estimation of total development costs of Flame is between $10-$50 million. Costs for calculating the MD5 collisions utilized in Flame are $1.4-14$ million. There are traces of several teams developing different modules for Flame. Raiu is an experienced speaker who can spice up the presentation with jokes etc. Really enjoyed.

After lunch break I attended to “SAP Slapping” by Dave Hartley (twitter: @nmonkee) from MWR InfoSecurity. Hartley presented SAP systems from penetration tester’s perspective. There is lot of attack surface at most SAP systems because of misconfigurations. This was totally new area in the infosec for me.

Fourth one I attended was “Burping up the serialized communication” by Miika Turkia / Nixu. Miika presented Burp Pro plug-in that he created with Ruby for testing serialized java fat client – server communication. Miika also presented one “zero-day” vulnerability in java. He has reported it already to Oracle two years ago.

Day ended with Solving the T2’12 Challenge.

Great conference!

Posted on October 28, 2012, in Technical Info Sec and tagged , , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: