Last week the Cymmetria team traveled to the lovely city of Hamburg, Germany for 32C3 and enjoyed great lectures and presentations.
Our CEO, Gadi Evron, along with Inbar Raz from Perimeter X, also gave a special presentation about the evolution of APT operators and how they learn from the industry’s own APT reports. Our CTO, Dean Sysman, also gave an intriguing presentation about different ways to hack honeypots.
But the convention had many other talks, and the Cymmetria team has decided to let you in on all of our favorites.
Dieselgate: The exhaust emissions scandal
Imri: “The technical analysis and presentation were excellent, and the result was applicable to the real world.”
How to turn your KVM into a raging key-logging monster
Nuni: “My favorite Talk was about using KVM as a way to infiltrate air gapped networks because it gives a good example of how products that were once simple and secured are now much more vulnerable and dangerous.”
The great firewall of China
Uri F: “It dealt mainly with probes and measuring technologies and was a great combination of low level and very high level thinking, theories, and a lot of practical data and processes. The great balance of big picture thinking and the detailed technical side gave a very deep intro to the subject.”
Beyond your cable modem – How not to do DOCSIS networks
Eyal: “A nice hacking lecture. The speaker talked about how he pwned his cable operator and could listen to other users’ VOIP calls and many other awesome things.”
What does Big Brother see, while he is watching?
Amitai: “So much information was hidden from public eyes during the years of the cold war, and when the Stasi’s archives were open during the 90’s, all this information was exposed. The lecture painted an intriguing, detailed picture of the Stasi agents’ daily lives.”
Gibberish Detection 102
Uri L: “DGAs (Domain Generation Algorithms) have become a trusty fallback mechanism for malware that’s a headache to deal with, but they have one big drawback – they draw a lot of attention to themselves with their many DNS requests for gibberish domains. Why did I like it? Because it showed more than one approach to solve a problem, and it took the listeners through several attempts so we could understand the advantages and disadvantages of each.”
The great train cyber robbery
Irene: “It was cool. Why? ‘Cause it had trains and hacking in it, what else does one need in life? :)”