Speakers at Security Fest 2018

Proto - Swedish - Hipsters - The Forefathers of Europe

Bokbot: The (re)birth of a banker

Bokbot (aka. IcedID) was discovered by Fox-IT in June 2017 and has been dated back to at least April 2017 and actively tracked since. This talk will detail what we’ve found so far during our tracking of the malware but also present findings that ties...

Breaking and abusing specifications and policies – Let’s Encrypt, cloud storage vulns and verification bypasses

Last year at Secfest, Frans Rosén talked about DNS hijacking using cloud services. This time, he approaches technologies where verification methods actually exists and how to break them. Let’s Encrypt closed down one of their three blessed verification...

Detecting Phishing from pDNS

Passive DNS (pDNS) has been utilised by threat researchers for several years and allows us to gather information on domain usage worldwide. Since data fidelity varies depending upon the scope, timeline, and vantage point of sensor networks, pDNS...

Finessing fake firmware security for Friday fun

In light of the uprising spike in IoT botnets impacting critical infrastructures around the world, purchasing products that claim to be “secure” captivate our curiosity and skepticism. With so much fud, snake oil, and self proclaimed secure features,...

Hacking the Wetware – Compromising Fortune 500 Companies with Social Engineering

Social Engineering (SE) is one of the most severe threats to security and privacy as 90% of cyber attacks start with a social engineering attempt. This talk outlines updated real-world SE examples, and seemingly innocuous information that could...

Insecurity in Information Technology

A lot is expected of software developers these days; they are expected to be experts in everything despite very little training. Throw in the IT security team (often with little-to-no knowledge of how to build software) telling developers what to do...

Re-using your targets’ code against them

A story of how I found RCE in two different “fat client”-server applications (one .NET and one Java). As they used non-HTTP binary protocols to communicate, I re-used parts of the existing application code to quickly implement a custom client that...

The Hunt is On! Advanced Memory Forensics meets NextGen Actionable Threat Intelligence

Cyber attacks continue to increase in severity and sophistication. A new era of attacks have become more ubiquitous and dangerous in nature. Malware has become much better at hiding its presence on the host machine. However, one place it cannot hide...