There are so many security conferences around the world… Some people already debated about this: Is it better to restrict the annual agenda to well-known events or let people start their own? IMHO, we need initiatives like this. It’s good to have a broad agenda with local conferences where local people can attend without spending huge amounts of money for travels and lodging (If you can go to conferences, let’s bring the conferences to you!) So, let’s welcome the newly born conference called “NoSuchCon“. The first edition was just organized in Paris across the last three days. Unfortunately, I was only able to attend the last day… If only I could expand my holidays like a filesystem! I joined Paris early the morning to attend the first keynote. Here is a quick review of the day.
Read More →
This was already the third edition of BSidesLondon today! Time flies! Being busy yesterday, I just reached London in the morning and arrived just in time for the administrative tasks (registration, pick-up a t-shirt, goodies), grabbing some coffee and shaking some hands. BSidesLondon is definitively growing in size and quality: A huge number of attendees, two tracks, a rookie track, a job fair, workshops and lightning talks. Even the sun was present over London, no fog at all! Two tracks means you have to make choices! Here is the brief overview of my schedule.
Read More →
The last weekend, an ethical hacking event was organised in Belgium. The Hacknowledge Contest joined Charleroi and was hosted at the CPEHN. This event was previously organised only in France thanks to the initiative of the ACISSI. Last year, they decided to open their challenges to other countries. The current list of participating countries is: Côte d’Ivoire, Maroc, Benelux, Espagne and France. The organisers are already looking to extend their list with other countries. If you are interested, maybe contact them.
Initally, I registered a small team with a colleague and finally we were five ethical hackers/friends to participate as “UID(0)“. So, we joined Charleroi Saturday afternoon to attend a bunch of small talks around information security. Small event and a relaxed atmosphere. The covered topics were:
- Zataz.com, the well-known French website and the process in place to notify organizations of data breaches and/or security issues.
- The security of our payment cards starting from old models based on a magstripe up to the state-of-the-art (but not from a security point of view) NFC chipsets.
- A nice presentation about social-engineering with lot of funny examples (my preferred presentation by Seb Baudru, see the picture below)
- IPv6 & security
- An overview of the security landscape in Belgium (latest major security incidents and who contact in case of issues – CERT.be, FCCU, etc)
After a break and the registration of all teams, the challenges started for a period of 12 hours (Saturday 10PM to Sunday 10AM). No CTF, no blue team nor read team but a list of challenges to solve similar to the SANS Netwars. Each challenge solved gives you points. Seventy challenges were categories were split in the categories like:
- Web technologies
- Hardware (lockpicking, Teensy, barcodes, …)
It was very friendly with good times, music. We finished at the third position but very close to the second team… Only the first two teams won, too bad! The final contest will be organised in France and the winning team will receive a very nice price: a trip all-inclusive to Las Vegas to attend the DefCON security conference!
I don’t often participate to events like this one. I liked the limited number of teams (5) and the friendly atmosphere between the team. Not too small, not too big, well organized. The event was also covered by some Belgian media.
The contest is closed. All tickets have been assigned.
Dear readers, I’ve some gifts for you! I’m very proud (and surprised!) to have been nominated to the European Security Bloggers Awards in two categories: “Best Personal Security Blog” and “Best Security EU Twitter“. To thank you for these nominiations (and first of all for reading/following me), I’ve some tickets to distribute for two nice security events in Paris (DisneyLand Convention Center).
The first one is Hack In Paris which will be held from 17th to 21st of June. Then, La Nuit du Hack will follow during the weekend. Both are very good events with renowned international speakers. To give you an idea, have a look at my 2012 wrap-ups (day 1 and day 2). A first version of schedule has already been published. The organizers provided me 2 x 10 tickets for both conferences. It won’t be fair to simply distribute them to the first comers so here is a small contest! Answer the following question: (tip: the answer is on my blog)
“After the last edition of BlackHat Europe in Barcelona, I waited my flight back to home with a good friend of mine. Who is it?”
Send your answer by email only to xavier[at]rootshell[dot]be. The following information must be provided in the mail:
- Subject: Contest HIP/NDH 2013
- My friend’s nick, Twitter or full name
- Your ticket preference (HIP, NDH or both)
Good luck! Some rules:
- Be sure to attend the conference (in Paris, June 2013) and not waste tickets
- Travel & hotel costs are not covered and must be paid by the winners
- HIP tickets are not valid for trainings (only talks)
This year, I won’t be able to attend the conference during the week. But I will join Paris for the weekend, see you there!
PS: Don’t forget to vote!
And we are back for a second day full of fun and pwnage! It was a rainy day on Amsterdam today but water will not prevent hackers to meet again! I joined the hotel for the breakfast in time.
Read More →
I back in Amsterdam for the third time this month. Today, it is to participate to the Hack In The Box conference. This is already the 4th one, time flies! Like the previous editions, the event is organised at the Okura hotel, a very nice place. Thanks to the Easter break, roads were clear to Amsterdam and I arrived in time to register and grab some coffee.
Read More →
The next edition of Hack In The Box gets closer! It will be held next week in Amsterdam. Thank to the organizers, I get a press pass and I’ll again be back for two days at the Okura hotel to cover the conference. I’ll tweet live (follow the official #HITB2013AMS hashtag) and write wrap-ups. The conference is organized in the classic format: two days of trainings and two days of high-level talks. They will be split in a three-tracks schedule. Here is my wishlist:
I had to make difficult choices due to the overlapping of very interesting tracks. At the end of the first day, I hope to be able to attend Itzik Kotler’s workshop about his new tool released just a few days ago (hackersh). The content looks amazing with very good speakers. Stay tuned for more details soon. Ping me if you want to meet!
And we are back with the second wrap-up of BlackHat Europe 2013! After a dinner with friends and some beers at Rapid7 and IOActive parties, I went back to the hotel to finish the first day wrap-up. I woke up, tool shower, grab some coffee and I’m ready for the second day! No workshop planned for today only talks. Here is a review of the one I attended.
Read More →
Hello Everyone, it’s BlackHat time again! Here is my wrap-up for the first day. Yesterday evening, after a safe drive to Amsterdam with @corelanc0d3r, we went out for dinner and had good times with other friends and guys from the Rapid7 team who maintain the Cuckoo project. The conference is organized at the same location as the last edition, the Grand Hotel Krasnapolsky, a very nice place in the centre of the city. After a standard dose (but necessary) of caffeine, Jeff Moss performed a brief introduction of the conference. For this edition, 500 people registered to attend the conference. Jeff insisted on the feedback that attendees can provide to build better events in the future and choose the right directions to meet most of our expectation. New events will be organised like local (geographically) events and events dedicated to trainings only. What are the current trends? Mobile and embedded devices remain on top of the talks. Another classic, some minutes were also allowed to the main sponsor for some “marketing” messages.
Read More →
Here we go with a new season of security conferences! BlackHat Europe is the first big event for me this year. The conference is back in Amsterdam this week for two days full of interesting briefing sessions and workshops. Again this time, the BlackHat organization provided me a press pass (thank again to them!) to attend and cover the event. This edition is back to a classic format: two days of trainings and two other days of briefings (last year, there was three days). I will cover the briefings in live (via Twitter) and write wrap-up’s after each day. Here is my (current) selection of sessions I would like to follow:
In parallel to regular tracks, the BlackHat arsenal is organized again by NETpeas where security tools will be demonstrated. I’ll briefly present a status of my project called CuckooMX. I just noticed that my friend and Belgian blogger colleague Peter (corelanc0d3r) has also posted his pre-conference blog post. His planning is completely different then mine. This is a good think, we will be able to provide a broader overview of the conference!
I’ll drive to Amsterdam on Wednesday evening. Feel free to contact me for a chat over a beer. See you there!