DefCamp 2016 promises an edition to remember

It’s official! The 7th edition of DefCamp promises hot briefings, challenging competitions, real hands-on experiences and a place for companies to discover answers for their burning challenges. All under one roof from Bucharest, Romania at the beginning of November.
DefCamp 2016

For this new edition, DefCamp brings internationally recognised industry leaders ready to share knowledge and present latest threats from the market.

Five years ago there were only 80 attendees in Bran, now more than 1,000 professionals are expected to join. We encourage both students and specialists from the cyber security area, along with people passionate about hacking to come and be ready to put their skills to the test in at least one of the contests that the team has prepared for them. Hacking Village is the special place to be for all the participants who want to test their skills in different competitions and challenges because these competitions are essential as any topic related to cyber security must have in mind two main subjects: the solution and the part where you identify the problem.

Because of the high interest for IoT Village we decided to increase the number of competitions and encourage other companies to bring their own contest. This is the chance to bring innovation on the table through new ways of highlighting the importance of rising awareness on the cyber security topic.

The Startup Corner is also one of the new kids on the block as it’s a new area to be developed this year. The idea behind is to encourage security startups to show themselves and present their solutions during the conference, they benefit from a free access to the conference and free booth at Hacking Village area.

Moreover, Masterclass section is specially designed to bring companies and security experts closer in order to share knowledge on sensitive topics.

Last, we have a dedicated section for companies who are planning to recruit local talent for the cyber security field and an exclusive corner to showcase products & technologies.

“Five years ago this conference became real due to passion. Now, in 2016, before we start a new edition, I am still impressed about people’s motivation and specialist’s involvement, and also all the ideas generated in the two days we hold the conference. For DefCamp #7 we emphasize the competitions so that people can learn in a hands-on manner what hacking is and what sort of issues can appear in hardware or software. For this, we’ve got the famous Wall of Sheep, where we can see in real time and show the people also, what means to not have a secured connection and just give your information out to anybody who is interested enough to get it. Additionally, we’ve got amazing speakers from all over the world, people that are well known in their area of activity. We are glad and honored they accepted our invitation once again. If our estimations are right, the 2016 edition will be the most prolific one yet.”, says Andrei Avădănei, founder and DefCamp coordinator.

If DefCamp looks appealing for your company, learn more about what’s in for you or if you are looking for a seat for the 7th edition, now it’s the perfect time of the year to register for DefCamp 2016.

About DefCamp

Since 2011 and until now, DefCamp managed to attract almost 3.000 attendees from 50 countries and 95 cities to Romania, people interested in hacking and cyber vulnerabilities, and also keys for online protection. The audience is quite balanced, as it goes: 25% cyber security, 25% top management, 25% development, and the rest of the 25% are nicely split between institutions and NGOs, academic attendees or students.

DefCamp 2014 – 5th edition of the international hacking and information security conference in Romania

Between November 25th – 29th at Crystal Palace Ballroom, Bucharest – Romania, Cyber Security Research Center from Romania – CCSIR is hosting one of the most mesmerizing events of hacking & information security from Central Eastern Europe, Defcamp.

defcamp_5

Already at the 5th edition, the event continues to emphasize through sparkling debates about sensitive topics regarding cyber security  but also through the famous international competition. At the event, Romanian and foreign speakers will present fresh news about cyber security, cyber war, identification and prevention mechanisms but also 0days and new vulnerabilities doubled by the night sessions where there will be presented specific case studies.

DefCamp 2014 is the biggest event in information security & hacking field from Romania and also one of the biggest from Central and Eastern Europe, awaiting over 600 participants from Romania and neighboring countries, participants with varying knowledge and experience – from students to industry leaders, trainers, and information security experts and researchers.

Several confirmed speakers are Mika Lauhde Vice President, Government Relations and Business Development – SSH Communication SecurityPaul de Souza, Director of Cyber Security Forum Initiative (CSFI) – Defcamp’s 2014 Keynotes, Selene Giupponi, Head of Digital Forensics Unit @The Security Brokers, Paolo “Aspy” Giardini, Director OPSI, Roger W. Kuhhn JR. – CSFI Advisory Board Director, Raoul “Nobody” Chiesa, President of The Security Brokers.

“The event from this fall is for sure long expected by many Romanian and not only them; the researches that were made during the year and the cyber environment problems identified  will be analyzed by European and USA leaders. For 2014, we estimate that we’ll have the higher density of security specialists on square meter from the beginning of times. The activities, the knowledge and the Defcamp community succeeds to develop every year the event.”, said Andrei Avădănei founder and coordinator of the Defcamp conference.

logo_def

Among the news of the year we have the pre conference  trainings.Together with Cyber Security Forum Initiative, the biggest US security experts organization with over 50,000 members, we bring for the first time in CEE a  training that provides a basic understanding of full-spectrum cyberspace operations, the complexities of the cyberspace environment, as well as planning, organizing, and integrating cyberspace operations – Cyber Warfare Operations & Design. This one is strengthened by other two workshops organized in partnership with Security Brokers Academy: Digital Forensics  – provides a basic overview on methodologies and techniques which should be used when dealing with the extraction and analysis of data from digital media (hard drives, memory cards, USB sticks, etc..) and  Open Source Intelligence (OSINT) – the goal is to provide knowledge about the world of intelligence, related disciplines, and then focus on the analysis of open sources and its practical applications.

Furthermore,  Call for Papers is officially open so we invite all the security specialists to apply to speak at the conference. Through the important activities  DefCamp has this year, we can mention:

  • DefCamp Capture The Flag (D-CTF), one of the biggest CTF competition from CEE with up to 3,000 EURO cash prizes
  • Free Pentest on Demand, free pentest for the registered participants
  • Target John, Hack The Machine, App2Own – competitions for all the cyber security  passionates

It’s time to get into the Defcamp vibe! For more details you can access the conference website or you can contact us directly at [email protected]

CCSIR at “Cyber Security Challenges in Europe” Organised by ENISA, Brussels

Last week of April 2014 created the opportunity for Cyber Security Research Center from Romania – CCSIR to meet important representatives of European communities. They have experience and know-how to deliver CTF competitions at European level. The workshop was organised by ENISA and DG CONNECT in Brussels under the brand Cyber Security Challenges in Europe.

ccsir enisa

The participants of the workshop have discussed about the existent cyber challenges competitions and their future, along with the problems they identified during the events.

Objectives of the workshop

  • To present each existing example;
  • To inform, discuss and share ideas on an European level approach towards challenges;
  • Create synergies and help each other in reaching out to stakeholders;
  • Networking between teams.

DefCamp Capture The Flag

Andrei Avădănei, President of CCSIR discussed about DefCamp CTF (DCTF), the most disruptive competition from Romania that is mostly focused on creating an international competition for CTF enthusiasts. He identified several problems in last 4 years of DCTF.

Drapeaux européens devant le Berlaymont

  • CTF is a game mostly for young security passionate
  • Lack of public and private sectors funding public CTFs
  • Building challenges both realistic and technical stimulative
  • The approach – Red vs Blue Teams, Categories Based, Hack the Machine, App2Own, Cyber Attack Scenarios etc.
  • Security Departments from private sector underestimate the value of pushing their teams into competition (close door or public)

At the end of his intervention, Andrei proposed several solutions for those problems and, of course, for a future European CTF competition. CCSIR strongly believes in the power of Capture The Flag competition to build and keep up to date cyber security experts in Europe and other nations.

Microbe – simplified pentesting tool for Chrome users

Microbe is a Google Chrome extension created by Cosmin Gheorghita, 19 years old romanian developer. Extension has been developed for Web penetration testers, although some of its components can be individual applications themselves, like the cookie manager, form handler or Krypton.

Since one of the most influential and destructive attack methods on the Web is SQL injection, Microbe has been designed to help you perform those kind of attacks more easily by using shortcodes, but this doesn’t make Microbe an exclusive SQL injection tool. It servers multiple purposes such as:

  • Current Request
  • HTTP Headers
  • Cookie Manager
  • Form Handler
  • Krypton
  • Proxy Manager
  • Overrides and Disablers
  • Filter Evasion & Prepared Statements

Gallery

Installation and Accessibility

Microbe can be found on the official Google Web Store: chrome.google.com/webstore/detail/microbe/khejlnipbheaalinebbiadhmajjlmdil and you can read more about it on the official website.

After you’ve pressed the install button and you’ve given it access to the stuff it needs in order to function, right click on a Web page and select “Inspect Element”. On the right, in DevTools’ navigator, you’ll find a newly installed link that says “Microbe”, click on it and you’re there.

Unfortunately, Google doesn’t allow its extension developers to open a DevTools page from a custom button, for security reasons, so that’s why you must get to Microbe via “Inspect Element”. Or you can press F12 on a PC (CMD + ALT + I on a Mac) to open it up by its shortcut.

In the end

Microbe has a dedicated website where you can read more about the extension, you can report bugs and of course, you can support his project with donations.

Pictures and presentation papers from Sparks #1

Sparks, monthly computer security conference, organised by Cyber Security Research Center from Romania – CCSIR, had its debut this week on Tuesday March 4, 2014 at TechHub Bucharest with almost 100 attendees and 2 awesome speakers.

Valentin Ilie, Software Research Engineer at Intel Romania broke the ice with a nice presentation called “Multiple Protocol Reverse Shell” where he talked about a new way of bypassing rules of a network infrastructure and after a ten minutes break Ionel Chirita, Application & Infrastructure Security Analyst at Electronic Arts had a discussion about “Choosing the Best Web App Security Scanner”.

Pictures


You can find more pictures on our Facebook page.

About Sparks

Launched in the spring of 2014, on 19th of February, Sparks are a series of computer security conferences dedicated to both hobbyists and professionals from the INFOSEC. More details here.

CCSIR Supports DCOI – Tel Aviv, Israel

Cyber Security Research Center from Romania (CCSIR) is one of the partners of DCOI – Defensive Cyberspace Operations & Intelligence Conference, a cyber security conference that will take place in Tel Aviv, Israel on 8-9 April, 2014.

dcoi security conference

The event is organised by INSS or The Institute for National Security Studies which is an independent academic institute that studies key issues relating to Israel’s national security and Middle East affairs. Through its mixture of researchers with backgrounds in academia, the military, government, and public policy, INSS is able to contribute to the public debate and governmental deliberation of leading strategic issues and offer policy analysis and recommendations to decision makers and public leaders, policy analysts, and theoreticians, both in Israel and abroad. As part of its mission, it is committed to encourage new ways of thinking and expand the traditional contours of establishment analysis.

DCOI will is a two days event with over 30 high profile speakers such as Dr. Yuval Steinitz – Minister of Intelligence Israel, MG. (ret.) Amos Yadlin – Director of INSS, Paul De Souza – President of Cyber Security Forum Initiative (CSFI), Tony Cole – Vice President and Global Government CTO at FireEye and others.

CCSIR at DCOI

Cyber Security Research Center from Romania (CCSIR) will be represented at the conference by Andrei Avădănei, the president of CCSIR organisation. He will talk about “Offensive Honeypots, IDS & IPS using Social Media and hackers tools”.

“One of the biggest challenges when you have an IT infrastructure with critical information from an economic perspective or one that manages classified information is to have a hands-on reaction in defending and preventing attacks. There are several types of organizations that work deeply in the field of identifying intruders but most of the time, it’s impossible due to different political reglementations of the cyber space. In any kind of attack, there is a time frame when the attackers are the most vulnerable and in this presentation I will introduce several perspectives along with examples of how we can fingerprint and counter-attack the intruder. I will discuss about honeypots, offensive approaches, social networks, APTs, malware and multi-layered counter-attacks.”, declared Andrei Avădănei.

How to register?

You can register for this conference directly on the website. The rate for Military/Government, Public Sector Rate is 400$ for both days and the Commercial Organisations Rate is 550$.

About Cyber Security Research Center from Romania

Cyber Security Research Center from Romania(CCSIR) is a Non-Governmental Organization with the sole purpose of promoting, supporting, implementation and coordination of security research in the information security field in Romania, as well as international actions with short, medium and long term partnerships in the information security arena.

How You Can Become a Member of CCSIR?

The membership role of the Cyber ​​Security Research Center from Romania is a special status obtained by the people who are involved in the organisation projects. All the members embrace our vision and have deep experience in the cyber security space, both offensive and defensive approaches.

become a member of ccsir

CCSIR Member Benefits

As a member you have some benefits, such as:

  • access to a group of highly technical people;
  • access to our internal research topics and discussions;
  • access to our network of information security specialists;
  • access to build and promote your security related projects through our international network;
  • financial, human, logistic and hardware resources to get your security related project done;
  • the ability to publish INFOSEC related articles to the community, both romanian and international one;
  • discounts or free access to different training programs, private and public meetings or conferences organised by CCSIR and partners

Still intereted

Find out more.

About CCSIR

Cyber Security Research Center from Romania(CCSIR) is a Non-Governmental Organization with the sole purpose of promoting, supporting, implementation and coordination of security research in the information security field in Romania, as well as international actions with short, medium and long term partnerships in the information security arena.