Conferences News (11 Posts)

1 2 . Last - Previous >>

MU.SCL - The Birth of a Cyber Security Club in Mauritius

ElysiumSecurity is proud to announce the creation of a Cyber Security Club in Mauritius: MU.SCLE
This Club has been created to help Mauritian IT Professionals to share information and learn about Cyber Security through an Open Platform and the creation of a Cyber Security Community.

It is a free monthly event open to everyone , usually two talks of 45 minutes each with a mix of technical and non technical talks. Attendees will be able to ask questions, learn and apply practical knowledge as well as do some professional networking.

The first event will take place on the 15th of February 2018, at 18:00 at the Flying Dodo in Bagatelle.
Please REGISTER HERE so we can have an idea on how many people to expect.

We hope to see you there, for what should be a fun, friendly and casual event whe...
>>[READ MORE]


FIRST Technical Colloquium 2017 in Mauritius - Our presentation on IDS

ElysiumSecurity was invited by the Mauritian National Computer Security Incident Response Team (CERT-MU) to present at the FIRST Technical Colloquium 2017 which took place on the 30th of November 2017.
We gave a presentation on how IDS can be used both as a traditional defensive tool and also a more original offensive tool.

The aim of this presentation was to introduce the attendees of the various free and Open Source IDS offerings and to highlight the benefits and key components of a successful IDS implementation.
It was also emphasised on how easy it is to get started with an IDS both from a software and hardware point of view.

Below is a link to our presentation. If you want a more complete narrative please fee free to contact us for more information.
We would like to thanks the Mauritian National Computer Board ...
>>[READ MORE]


How to build a Red Team and Why?

I recently gave a talk at the Rant Forum in London on the topic of "RedTeam, why this is more than a buzz word?". It was an interesting experience and whilst different from traditional security events, as the crowd can and will interrupt you at any time, it was very enjoyable.
Many attendees asked if I could produce some "slides" after the talk. As no slides were used, below is a collection of notes from wich the talk was based on.

In this post we will explain what RedTeam is, how does it fit with other similar security services and what advantages does it bring to an organisation. We will also look into what works? what doesn’t? And where is this “new” type of service going?
1. DEFINITION
A Red Team is part of a trio of services which increases in sophistication: Vulnerability Assessment, Penetration Testing and then Red Teaming. We will d...
>>[READ MORE]


RANT FORUM - Red Team Recipes Presentation

I will be giving a talk tomorrow evening, the 28th of November at around 6pm, in London at the Risk and Network Threat (RANT) Forum .

The topic is:
Why RedTeam is more than just a buzz word? What works? What doesn't? And where is this "new" type of service might be going? All those questions answered by someone who is actually delivering Red Team activities.

Registration is free, you get free drinks and food... plus you get to hear me talk, so what is not to like?! :)

You can register HERE

The RANT Forum is quite different from your typical free security briefing, for a start it is not a sales forum. However, the company behind it is a recruitment agency, so they are still interested in taping the UK Security professional community!
...
>>[READ MORE]


BlackHat Mobile Security Summit - London 2015

In June 2015 I attended the Blackhat Mobile Security Summit in London, a 2 days event filled with talks from various researchers and security professionals, there was a 3rd day in the form of a workshop for anyone attending the Interop London hosting event
Blackhat is historically a USA based event with its main conference taking place in Las Vegas every year, lately they started to host similar (but smaller) conferences around the world such as in Singapore and Amsterdam (which I blogged about last year here).

This London edition was definitely on the "smaller" side and this actually had a few advantages:

  • You could attend all the sessions as none were run in parallel
  • It was easier to mingle among fellow participants and speakers
  • There was less "walking"! :)

  • The quali...
    >>[READ MORE]

    BlackHat Europe 2014 – Some Highlights

    Hacking conferences are a great way to learn he latest hacking techniques and more underground ways of thinking on IT Security. They complement nicely more corporate Security Training courses such as the ones offered by SANS.

    They tend to be more chaotic, the talks are not as polished, some of the techniques discussed will have limited effect in the real world and connecting to the event WIFI is asking for trouble.
    On the other hand, the atmosphere is buzzing with brain activities, convictions (right or wrong!), passion and cutting edge topics. If you can follow the rythme and embrace the moment then you will get out of this type of conferences energised and full of new ideas!

    This year I attended the “Nuit du Hack” in France which runs other 24h, literally. You get some talks during the day, there is only 1 track so you get to watch/listen to all the talks. And during the night there is a traditional Capture The ...
    >>[READ MORE]


    SANS 575: Mobile Device Ethical Hacking Review

    In the last two years I have been to a few SANS training courses:

    508: Advanced Forensic
    617: Wireless Ethical Hacking
    660: Advance PenTest

    Last week I attended the SANS 575: Mobile Ethical Hacking course,
    it is a nice complement to the 617 Wireless course and although there is some overlaps, especially around WIFI vector attacks, most of the content is different; and when it is not, you get another perspective for those attacks.

    The course gave an overview of the different architectures surrounding the Android, iOS, Blackberry and Windows Mobile phones, how system and app updates...
    >>[READ MORE]


    My take on SANS 660, The HexFactor and Netwars

    I have just attended the SANS 660 course in London, it is one of the most advanced course SANS has to offer and it did notdisappoint!

    Its bootcamp format means you will start your day at 9am and finish it at 7pm! The last two hours being called a “bootcamp”, basically 2 hours of exercises linked to the content of the day that really helps understanding the different techniques that were discussed.

    Speaking about content, although they state that previous programmingexperienceis “recommended”, it is not, is it mandatory!

    And for the last 2 days you really need some understanding of x86 assembly to get a chance to follow the fast pace. I have to admit that the last day I was lost after lunch!

    But what do you get if you buckle up and go on the ride? You get an incredible amount of information as it goes into a great level o...
    >>[READ MORE]


    SANS Ondemand Training course: A few Tips

    I went to a SANS Forensic course (508) last year and a few weeks ago I decided to try something new… to stay at home and dedicate 5 days to do their Ethical Wireless Hacking training course (617).

    Let me first say that the 617 training course was really good, the author of the course and the recordings were made by Joshua Wright who runs the http://www.willhackforsushi.com blog. He is very knowledgeable and his enthusiasm was even contagious through audio only. In fact this is a huge understatement! I was truly amazed by his skills, stories and training delivery!
    So much that for 7 days I was up at 9am and worked until 2am each day on the different content material covered by the course.

    As I almost lost my sanity and started dreaming of ToDS/FromDS bits and fuzzing I thought I would share a few tips on this type of training course.

    – Check the last time the course was updated, and if there is an upco...
    >>[READ MORE]


    The world of Computer Forensics

    I have recently attended a SANS Forensic course in London. It was the best training course I have ever been to, not only the content was really interesting and very well delivered but all the extra activities surrounding the training course were outstanding (presentations, challenges, social events, etc).

    Forensic was new to me and I found the techniques taught as very good eye openers in two different ways:

    –Forensic techniques can be applied to other area of IT security than just forensic investigations, such as malware analysis and DLP. The latter was a bit of a surprise to me, but by understanding some of the forensic techniques you can also understand how part of a DLP engine would work when searching for specific files on filesystems (at rest) and recognised/tagged when on the network (on the move). I will find it interesting to see if my new know...
    >>[READ MORE]