News

Time left until #BSidesBUD2024

Schedule

  • BSidesBUD 2024 // 1ST PART
    08:30 - 08:35
    Opening Ceremony

    Ingrid Donenwirth
    8:35 - 09:15
    Scaling Runtime Application Security
    How eBPF is Solving Decade-Long Challenges
    Gal Elbaz
    Runtime Application Self Protection (RASP) , while historically had a lot of potential, fell flat in execution. This is because the solution largely added friction, had intensive maintenance requirements, and unpredictable impacts on performance and stability– just a few deficiencies formerly introduced.
    09:20 - 10:00
    HEAP HEAP HOORAY
    Unveiling GLIBC heap overflow vulnerability (CVE-2023–6246)
    José López Martínez
    In January, Qualys team found a heap overflow in one of the most used library in Linux, GLIBC. This issue allows attackers to escalate privileges by just changing the program name. However, it is not that easy or… is it? In this talk, we are going to be talking about heap overflows, how they work and how you can exploit CVE-2023–6246 to escalate privileges.
    10:00 - 10:15
    Break
    10:15 - 10:55
    Batch & Breaches in OT

    Bojan Alikavazovic
    Throughout my extensive experience and active involvement in cyber incidents, I've encountered numerous challenges in incident scoping, especially in heterogeneous environments with various Windows versions, a scenario specific to OT Ethernet networks. I aim to share tricks and tools I've developed to quickly detect attacker traces in situations where installing EDR solutions, exploiting PowerShell capabilities, or violate CPU load on SCADA/HMI devices is not an option. Everything is scripted in a batch, utilizing familiar Windows binaries in an unconventional yet effective way, compatible from Windows XP to Windows 11.
    11:00 - 11:40
    Sweet Deceptions
    The Art of Customizing Honeypots!
    Kat Fitzgerald
    This talk is a rollercoaster ride through the world of honeypots, those sneaky traps masquerading as irresistible server bait. Sure, honeypots aren’t new, but how they’re used is what makes this talk different. Presented for your viewing pleasure: examples of attackers caught with their hands in the cookie jar, as I reveal the secret sauce to crafting the most enticing honeypots, and debate the moral gymnastics of digital entrapment. Expect a mix of facepalm moments, clever strategies, and a peek into some of the fun I have with honeypots installed around the world. Buckle up for a fun and insightful ride that proves sometimes the best defense is a good, deceptive offense.
    11:45 - 12:35
    The Adversary Mindset
    Practical examples from the field
    Yossi Sassi
    A successful cyber attack (or an unsuccessful one, depends who you ask) can be attributed to several elements in design & execution. Yet what REALLY makes an attack stealthy, in an uninterrupted window of adversary opportunity or, vice versa, a solid, high-fidelity, early detection & containment?
    12:35 - 13:15
  • BSIDESBUD 2024 // 2ND PART
    13:15 - 13:55
    You look like a terrorist

    Tobias Schrödel
    In Germany a "most wanted" terrorist was caught by the police after hiding for over 30 years. How ever, it was not the police who found her. It was a journalist, using a free face recognition software in the web. In this talk, Tobias will explain, how the tool works. And - as always in talks from Tobias aka Comedyhacker - we will try it out LIVE. Let's identify a person behind a famous meme or a real criminal on the run.
    14:00 - 14:20
    Digital parenting
    from sandboxes to passwords
    Óbuda University
    Our research deals with the digital and generation gap between children and parents. To bridge the "gap", we develop cyber security games that are AI assisted. The topics are constantly tested and developed. The development of cybersecurity and information security awareness plays a pioneering role in our research, and we place great emphasis on modern education, gamification, and motivational elements.
    14:25 - 15:05
    Linux Under Siege
    Analyzing the Latest Cyber Espionage Tactics and Malware Trends
    Marc Rivero Lopez
    In 2023, cybersecurity research sheds light on the increasing targeting of Linux systems. The AppleJeus campaign by the Lazarus Group, highlighted by Volexity and Microsoft, marks a tactical evolution with new malware impacting Linux and macOS, focusing on cryptocurrency theft. The DTrack campaign, a branch of Lazarus, represents a significant development in diverse attacks including ransomware and espionage malware. This campaign has evolved over nearly a decade, expanding knowledge about attacker commands and associated post-exploitation tools.
    15:05 - 15:30
    Break
    15:30 - 16:10
    Local Admin in less than 60 seconds
    My guilty pleasure
    Nikos Vourdas
    Local Privilege Escalation, also known as LPE, refers to the process of elevating user privileges on a computing system or network beyond what is intended, granting unauthorized access to resources or capabilities typically restricted to higher privilege levels. Gaining local admin privileges during red teaming significantly enhances the potential for lateral movement and access to additional resources. Modern environments offer unprecedented opportunities to gain local admin privileges more easily than one might imagine. The days of relying solely on traditional techniques such as exploiting unquoted service paths, weak service permissions, misconfigured AlwaysInstallElevated policies etc. are long gone (still possible but rare). Thus, in this presentation, we will explore together some alternative and realistic methods for escalating privileges and moving laterally within an internal network, inspired by my recent engagements.
    16:15 - 16:55
    Open by Default
    The Hidden Cost of Convenience in Network Security
    Aurelio Picon Lopez
    This presentation will discuss the almost obvious realization I had after a year of reviewing anonymized network security event logs for more than 2 billion devices spread across north America and Europe, tracking malware, trending TTP, IOT software updates, targeted devices, botnet compositions and behaviors, etc, All that is good but ultimately the only reason the majority of current botnet spreading and behaviour is happening because the routers on households have "auto port forwarding" enabled by default.
    16:55 - 17:00
    Closing notes

    Ingrid Donenwirth
  • BSIDESBUD 2024 // WORKSHOP SESSIONS
    09:00 - 11:00
    Exploring Windows Kernel Drivers with 5 Practical Security Experiments

    Bálint Szabó
    11:00 - 11:15
    Break
    11:15 - 12:15
    Péter Zsíros

    Péter Zsíros
    13:15 - 13:30
    Break
    Embedded firmware security
    CANCELLED
    Diego

Professional Partners

What is BSides?

Security BSides is the first grass roots, DIY, open security conference in the world!  It is a great combination of two event styles: structured anchor events and grass-roots geocentric events.

“ It is no failure to fall short of realizing all that we might dream.

The failure is to fall short of dreaming all that we might realize. ”

Dee Hock, Chairman Emeritus, Visa International

‘Security BSides is a community-driven framework for building events for and by participants in the information security community. It creates opportunities for individuals to present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction by participants. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. This is where conversations for the next-big-thing happen. The open platform gives community participants a rare opportunity to directly share ideas, insights, and develop longstanding trusted relationships with others in the community.’ Security BSides

Read More

What participants said about BSides?

You should come if…

… you’re a student who’s interested in IT security…

… you’re  student who wants to work in the field of IT security…

… you’re an IT professional who wants to build relationships with similar experts…

… you want to meet/talk/exchange experience with people who has similar interests…

… you are interested in the latest trends of IT security…

… you want to experience the international atmosphere of BSidesBUD…

Location

  • Address
  • Lurdy Conference Center
    Könyves Kálmán krt. 12-14,
    Budapest, Hungary
  • Email
  • [email protected]
  • Phone
  • +3670 507 5833

Copyright © 2024 BSidesBUD. All Rights reserved.