News
Theory, Practice, and Minimum Ceremonies — PHDays III Program Published
The international forum on information security Positive Hack Days III will start in two days! Today you have a possibility to learn the final event program, which consists, as it was last year, of two parts — the conference and hacking contests. The conference includes: - Reports covering various information security issues (and not only), which will be delivered by the leading experts such as Marc Heuse, Travis Goodspeed, Nick Galbreath (IPONWEB), Vladimir Vorontsov (ONsec), Michel Oosterhof (RSA EMC). - Workshops supervised by well-known specialists, who will share their experience in solving various information security problems. - Business sections, discussions with experts from different countries, as part of which the most urgent information security issues (from cybercrime to the role of the youth in the industry development) will be talked over. - Hands-on labs intended for specialized audience, which will be held by recognized practicing experts. - Fast Track reports with more than fifteen short talks covering very interesting information security issues. All the PHDays reports and workshops are ranged according to difficulty levels. Level 100: reports, workshops, or seminars intended for wide audience. Level 200: reports include specific information, which may be difficult to understand relying on general knowledge only. Level 300: the target audience is specialists with profound knowledge and practical experience in information security. See the details on the official website. Contests program: - The Labyrinth is a hacking attraction, a real obstacle course, the participants of which will need to get over the laser field and motion detectors, open secret doors, clear the room of bugs, combat with artificial intelligence, and render a bomb harmless. - Choo Choo Pwn is a contest related to hacking of SCADA systems, which control railway traffic on a specifically built railroad. A unique opportunity to derail a train without any disastrous effect. - Leave ATM Alone, in the course of which the visitors can try themselves in searching and exploiting vulnerabilities in ATMs. - Hash Runner is a contest, in the course of which the Internet users will demonstrate their knowledge of cryptographic hash algorithms and skills in cracking password hash functions. - Best Reverser is one more online contest. The participants will need to demonstrate good knowledge in analysis of executable files for Microsoft Windows. The full list of contests, which will be held during the forum, is available on the PHDays website.
The NetHack Qualifying Round Ends
For a week, from May 7 to 15, hackers from all over the world were engaged in a fierce struggle during the NetHack competition. The participants needed to demonstrate their skills in obtaining control over network infrastructure via exploiting misconfiguration of the equipment. One hundred and twenty-six solutions for the competition task were offered: the Positive Technologies experts in network security received 14 letters a day on average and evaluated the solutions. Eight finalists who showed the best results have been defined: eJay,Melange, VeDoK, st.As, Volt, marsei, Foxter, Platon The finalists will get invitations to Positive Hack Days III and keepsakes. Congrats! In the final (which will take place at the forum on May 24 at 3.00 pm) the goal is to obtain access to the game network during a limited period of time, then get to the unrouted segment that contains a certain automated system and to obtain access to that system. The winner will be awarded a special prize by Cisco, a technological partner of the forum. See you at PHDays!
HackQuest is Completed. Best Reverser is Ready to Start
The epic hacking competition PHDays HackQuest has come to an end. The competition was organized by ONsec_Lab. It lasted from May 1 to 13 and drew 1441 participants, 112 of them solved at least one task. Results The racing continued right to the last minute. The top three was stable until the end of the contest: JustRelаx, MERRON, Bo0om. However, the sly tactics of capturing flags two minutes before the ending allowed one of the participants, namely karim, to win the contest. Bo0om also captured another flag at the last moment and left MERRON on the fourth place, from which he was overtaken by Yngwie. So karim, who was the fourth not long before the end of the contest, won by 50 points. JustRelax being the leader throughout the contest took second place. Bo0om came in third. We’ll keep our promise: 10 participants who showed the best results will get invitations to Positive Hack Days and special T-shirts (1 place — 5 tickets, 2 place — 4 tickets, 3 place — 3 tickets, from 4 to 10 place — 1 ticket per participant). Moreover, the top three participants will get diplomas. Scoreboard in the Norton Commander style: The top ten: 1. karim 4780 2. JustRelax 4730 3. Bo0oM 4530 4. Yngwie 3930 5. MERRON 3830 6. DarkByte 2920 7. RDot.Org 2750 8. Promix17 2730 9. Dor1s 2550 10. push 2530 The forum organizers decided to provide an invitation for each of the sixteen participants who scored more than 1,000 points. Here are the lucky men: · Phobo5 2430 · dipi shmot 2420 · freeoks 2400 · movsx 2330 · kosmonavt 2330 · Samosad 2150 · Artemnv 1970 · flak 1800 · jick 1550 · n0ne 1430 · victor 1400 · daniel 1340 · kost 1110 · mrbio 1100 · Yoda 1070 · endragor 1030 Congrats! See you at PHDays III! Tasks The task of factorization of RSA 512 bits gained plenty of interest. The winner of the contest is karim from the Bushwhackers team. It took him 190 CPU hours of 20 CPU Intel XEON (32 threads each) to solve the task. By the way, karim is the only one who manage to solve the task. Moreover, many participants found the oldbook contest quite entertaining. During the contest, the participants were searching for the oldest book about computer sciences. Due to the publication date of the find, additional points were scored (100 points for every 5 years). Here are the oldest publications that the participants managed to find: · Svoboda, A., Computing Mechanisms, Moscow, Foreign Languages Publishing House, 1949 · Murray, F., The Theory of Mathematical Machines, Moscow, Foreign Languages Publishing House, 1949 There is another book that is worth mentioning: Voronov, A., Elements of the Theory of Automatic Control, Moscow, Voenizdat Publishing House, 1954 Almost half of the participants solved the task of finding out the real name of the ONsec CEO, Vladimir Vorontsov. The value of the unsolved tasks increased every day, and some difficult tasks were simplified during the contests (sidkf, xlc, LIE TO ME etc.). Best Reverser The HackQuest contest completion does not mean you won't be able to fight online with the best hackers from every corner of the world. During Positive Hack Days (May 23 and 24), the Best Reverser competition will be held. Any Internet user will be able to take part in the contest and to demonstrate his or her knowledge in analysis of executable files for Microsoft Windows. Rules A specially designed program will be offered. You should generate codes for the program so that the program considers them to be valid. You can use any method that meets the law of the Russian Federation. The participant who is the first to generate three valid codes and provide the jury with concise description of the process of code generation, will be the winner. It is possible to enter another code after successful validation of the previous one. The participants who accomplished the task following the winner and those who generated one or two codes, will take a prize-winning place according to the jury's decision. The winner will receive AR.Drone 2.0. Participation Terms The competition is open for any Internet user. You can register on the PHDays website, from the moment the forum starts. The contest will be held for two days, during the forum. The winner should provide contact information (name, telephone, e-mail) or be present at the awards ceremony to receive his or her award. Technical Details The participants can use all the necessary equipment they have at their disposal. You can find more information about the contests and awards on the PHDays official website.
New Reports at PHDays III: From ICS Security, to the Analysis of Java 0-day Exploits
How to build your own Stuxnet? Are security systems safe? Is it easy to watch the people and why physical security is the basis of any kind of security? Today we would like to bring to you attention some of more than 30 reports of the main technical program of Positive Hack Days III. If You Can Write a Webserver, You Can Write a Thumb Drive Travis Goodspeed will speak on using the open source Facedancer framework to write emulators in userland Python for Mass Storage, Human Interface, FTDI, and Device Firmware Update protocols. The sockets work a bit differently, and the protocols aren't ASCII, but the principles and the libraries are no more difficult than HTTP. Practical examples of this technique include a tool for catching firmware updates by impersonating the DFU protocol and a prototype of a hard disk that actively defends itself against forensics tools and imaging. Faster Secure Software Development with Continuous Deployment Continuous Deployment allows developer to avoid long release cycles that disenfranchise from caring or even knowing about security issues. When done well, it can be transformative to your software lifecycle and change your security group from a reactive organization into an "in-house security consultancy" that developers come to for questions and assistance. Nick Galbreath, the Vice President of Engineering at IPONWEB, will speak on how to get started with continuous deployment and the tools and process needed to make it a security success. Attack Prelude: OSINT Practice and Automation Collecting and analyzing public information on the target, aka Open Source Intelligence (OSINT), is a mandatory stage of a modern pentest. The value of such analysis is difficult to overestimate, however, some skip this stage and start vulnerability scanning right away. It is a mistake, because collecting information on systems and personnel in the area of testing usually plays a crucial role in security audit and is essential for success of an audit conducted with the use of social engineering techniques. Vladimir Styran, the lead consultant at BMS Consulting, head of information security testing section. Abusing Browser User Interfaces for Fun and Profit Nowadays any modern browser is able to identify potentially dangerous or sensitive action requested by a webpage (file downloading, plugin installation, granting privileges to websites) and prompt a dialog box or a notification bar to require explicit confirmation from the user. Even though these improvements led to a greater degree of assurance, the notification mechanisms are far from being 100% safe. Rosario Valotta, an IT security professional with over 12 years’ experience, will show how notification bars in major browsers (Chrome 24, IE9, IE10) can be abused with little (or even no) social engineering, leading to users security compromise and even to conducting trivial code execution on the victim's machine. Who's Looking at You, Kid? A cell phone, an RFID badge could be tracked. Jeff Katz and aestetix, the members of the OpenBeacon project, will explore their latest findings and a real time location aware tracking system. The speakers will show demos of visuals they have created, teach the technology behind their infrastructure, and show how easily an innocent gadget can be turned into a powerful tool. Honeypot that Can Bite: Reverse Penetration The talk will consider the concept of aggressive honeypot, the main idea of which is that defense can be aggressive, and the options how it may work. The speaker will touch upon such topics as de-anonymizing attackers, filtering and detecting non-bot attacks, determining the attacker’s technical skill level, getting control of the attacker. Alexey Sintsov, a Senior Security Engineer at Nokia, will demonstrate a real experiment, real samples of attacks, and results from the realization of this idea. The speaker will also discuss some more interesting things such as whether one can exploit vulnerabilities of third-party services or only client-side vulnerabilities. Five Nightmares for a Telecom Five Nightmares for a Telecom are five stories on how to intrude into an operator’s network and perform an attack against packet services, how to gain control of the infrastructure, make money with VoIP and self-service portals. Some attacks already have precedents in the past, and others are just a fancy, which we hope will not become a reality. The speaker is Dmitry Kurbatov, an information security specialist at Positive Technologies. Lie to Me: Bypassing Modern Web Application Firewalls The founder, head and leading expert of the company ONsec, Vladimir Vorontsov will present a report that considers analysis of modern Web Application Firewalls. The author provides comparison of attack detection algorithms and discusses their advantages and disadvantages. The talk includes examples of bypassing protection mechanisms. The author points out the necessity of discovering a universal method of masquerading for vectors of various attacks via WAFs for different algorithms. Java Everyday. System Analysis of Java 0-day Exploits The report will cover the results of the system analysis of all zero-day vulnerabilities found in Java in 2012 in 2013 (CVE-2013-1493, CVE-2013-0431, CVE-2013-0422, CVE-2012-5076, CVE-2012-4681, CVE-2012-1723, CVE-2012-1507). The aim of the research was to detect regularities pointing out the same resource or the same method of vulnerability data search. The speaker is Boris Ryutin and the co-author is Alisa Shevchenko. SCADA Strangelove: How to Build Your Own Stuxnet While one is looking for lacking elements of the cyberweapon evolution, Positive Technologies experts want to get a glimpse of the future, where to create a full-fledged SCADA worm one will only need up-to-date Metasploit and a little skill of VBScript programming. Based on the research regarding the security of Siemens SIMATIC (TIA Portal/ WinCC /S7 PLC) series, the talk will cover the vulnerabilities which can be used to hack into ICS. The reporters will also demonstrate the ways of the worm propagation and its malicious impact on the system, ranging from the network level (S7/Profinet) to the web control interfaces, to the WinCC project files. Information on new vulnerabilities in Siemens SIMATIC series will be presented, as well as tools which can be used to analyze security and to find new vulnerabilities in ICSs. Lockpicking & Physical Security Physical security is an oft-overlooked component of data and system security in the technology world. While frequently forgotten, it is no less critical than timely patches, appropriate password policies, and proper user permissions. You can have the most hardened servers and network but that doesn’t make the slightest difference if someone can gain direct access to a keyboard or, worse yet, march your hardware right out the door. Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access. Discussion as well as direct example will be used to demonstrate the grave failings of low-grade hardware ... much of which can be opened by audience members with no prior training. Deviant Ollam, Babak Javadi, Keith Howell will speak on what features to look for in locks and safes will be covered, and how to invest in systems that are easiest to manage in large environments. Evading Deep Inspection for Fun and Shell Evader is an excellent tool to find weaknesses in defenses and it is suitable for penetration tests and security audits. Olli-Pekka Niemi, a well-known specialist in information security, will go into technical details of the Evader and evasions and disclose evasions that still work with most of today’s security boxes. Find Them, Bind Them – Industrial Control Systems (ICS) on the Internet Do you happen to know that many industrial control systems are remotely administrated and can be found on the Internet via search engines like SHODAN. Johannes Klick, Daniel Marzin developed their own SCADACS Search Engine (SSE) and are going to compare the first results of the search engine with SHODAN. They will show the distribution of SCADA/PLC systems over the world with our "Industrial Risk Assessment Map (IRAM)" using SHODAN. IRAM also shows vulnerabilities and possible exploits. The speakers are also going to discuss what happens if you combine IRAM, SSE and exploits into one application. Protecting Organizations from Security Breaches by Persistent Threats, with Examples from RSA Michel Oosterhof (CISSP, CISM, CISA, GCIH), is a Senior Systems Engineer with RSA, The Security Division of EMC. Each enterprise is serious about protecting its resources, brand and intellectual property. Despite this, incidents happen because attackers also have huge resources to develop the means and methods of attack. The author of the report knows this first hand, because RSA is constantly under the gun attacks. As part of the report, the speaker would like to share his experience and expertise in the prevention, detection and minimize the effects of high profile APT-attacks on corporate and government infrastructure. Based on some use cases (Lockheed Martin and others) he will talk about Cyber Kill Chain concept, discuss typical patterns of attack and methods of reducing the risks associated with industrial espionage and cyber attacks. Also the speaker shares some cases and techniques based on his own experience on running internal EMC CIRC (Critical Incident Response Center). The complete list of the reports that will be presented at Positive Hack Days is available on the forum's official website. Besides standard reports, there are Fast Track reports in the PHDays III program, including more than 20 short talks that will cover a number of fascinating topics, from straightening a car out, to the methods of DLP bypassing. P. S. We have aggregated Twitter accounts into a separate list for you to subscribe to them easily:) P. P. S. Registration for the forum is still in progress!
Author of Hydra, Amap and SuSEFirewall Speaks at PHDays
Marc "van Hauser" Heuse, a well-known information security researcher, will be one of the key speakers at Positive Hack Days III. Marc has performed security research since 1993, found vulnerabilities in numerous products. Moreover, he is the author of various famous security tools, such as Hydra, Amap, THC-IPV6, THC-Scan and SuSEFirewall. In 1995 he founded the renowned security research group The Hacker's Choice (THC), which was the first group to, e.g., crack A5 GSM in 2006 within a minute. Since 1997 he works as a security consultant in one of the top-5 enterprise consultant companies. Since 2007 works as an independent security consultant. The subject of his report is secret. To hear the report of the well-known researcher, please register and visit Positive Hack Days on May 23 and 24!
NetHack: Win Invitation to PHDays!
The Positive Hack Days III program promises to be quite rich: reports, hands-on labs of the world leading experts, the CTF hacking battle, the Young School finalists’ presentations and a great number of competitions (held both online and at the venue). This time, to partake in the forum you can buy a ticket. But, anyway, is it the right path of a real hacker? It is much more interesting to get the ticket by fighting other specialists in information security. In case you think the same way, the NetHack contest is held for you. During the contest, the participants will be able to demonstrate their skills in obtaining control over a network infrastructure by exploiting insecure configuration of the equipment. Participation Rules The contest consists of two rounds. The participants, who passed the qualifying round, will get the tickets to Positive Hack Days III. In the final, the participants should obtain control over the network during a limited period of time, then get to a nonroutable segment which contains a special automated system and get access to the system itself. Anyone can take part in the competition. Directions for participants and the qualifying round task are available at . Prizes The winners will receive keepsakes from the PHDays organizers (Positive Technologies) and sponsors of the forum. Technical Details The selection and usage of equipment that may be needed to partake in the contest is up to the participants.
PHDays III Contests Program: Hacking ATM and SCADA, Passing the Labyrinth
The participants of Positive Hack Days, which will be held in Moscow on May 23-24, will hear the reports of well-known experts in information security, partake in hands-on labs, support a CTF team — and this is not all there is to it. The forum guests will have the opportunity to try themselves in fascinating competitions. We would like to bring to you attention the list of contests that will take place during Positive Hack Days III at the WTC Moscow. Contests held at the venue Please note that it is necessary to bring your laptop with you to take participate in most of the contests. Choo Choo Pwn The contestants will be offered to choose access to communication systems of industrial equipment or HMI systems. The goal is to independently obtain access to a model of a control system of a railroad and cargo re-loading by exploiting vulnerable industrial protocols and to bypass SCADA systems authentication or industrial equipment web interfaces. There will be video surveillance, and, as an additional task, the competitors will be offered to affect the surveillance system. Labyrinth Labyrinth is the most unusual and large-scale amusement ride in the history of PHDays. Anyone will have the opportunity to try themselves in the art of hacking: to get over the laser field and motion detectors, try skills in security analysis of present-day information systems, remove bugs, combat with artificial intelligence and render a bomb harmless. To get through the Labyrinth, the participants will need some skills in dumpster diving, lock picking, application vulnerabilities detection, social engineering, and of course there is no way without sharpness of mind and physical fitness. Leave ATM Alone The competition challenges the participants' skills in exploiting various vulnerabilities in ATMs. The software is developed for PHDays III and does not exist in real life, but it contains most types of vulnerabilities in such systems. The contest consists of two rounds: first, the participants search and exploit vulnerabilities in the ATM system, and then the finalists are to perform similar tasks being constrained by time. $natch During the competition, the participants check their skills in exploiting common vulnerabilities in web services of the remote banking system. Real vulnerabilities in the I-bank system applications, which were discovered by the Positive Technologies specialists during security analysis if such systems, will be presented in the contest. The contest consists of two rounds. Virtual machine copies with vulnerable web services of the remote banking system (a real I-banking system analog) will be provided to the participants. During the time defined by the organizers, the participants should discover vulnerabilities in the system. Then the participants should exploit the vulnerabilities they discovered to withdraw funds. Wipeout This year, every guest will have an opportunity to view him- or herself as Dade Murphy from Hackers. Anyone will have the opportunity to compete in controlling a futuristic bolide in arcade racing. Lockpicking This Lockpick Village will be presented by Deviant Ollam, Babak Javadi, and Keith Howell, members of TOOOL, The Open Organisation Of Lockpickers. New applicative knowledge, interesting practical problems and many challenges are waiting for the guests of the forum. Fox Hunting The participants are offered to detect of wireless access point 802.11 a/b/g/n with a known ESSID identifier. The access point location will change from time to time. The participants should identify exact coordinates of the current location of the wireless access point (a fox) and notify the organizers. The participant who catches more foxes than others do, wins the contest. 2600 The goal is to call a certain number from a coin-box telephone. The coin should be returned to the organizers. The results of the contest will be announced on the second day of the forum. The originality of the method being used to complete the task will be considered. The participants are not allowed to perform any actions that may damage the coin-box telephone. Big Shot A participant of the contest will receive a photo of a person (it won't be easy to identify the person pictured) and certain features of the person. The person will be present at the forum and the participants should identify him or her and perform certain actions (for example, to get his or her business card or to get him or her photographed). 2drunk2hack The participants should perform an attack against a web application equipped with a security filter. The application contains a finite number of vulnerabilities, the exploitation of which allows executing the operating system commands. The contest total time is limited to 30 minutes. Every 5 minutes the participants those participants who attacked WAF more often are offered to have a drink and then continue. The participant who receive the main flag when executing commands on the server, wins the contest. Best T-Shirt There is no need to be an expert in information security to partake in the forum contests, rich imagination can fix the problem. The one who wears the coolest hacking T-shirt will get the prize from the forum organizers. The contests winners and participants will get presents from Positive Technologies, the Positive Hack Days organizers. Anyone will be able to prove himself! You can register to participate in Positive Hack Days III on the RUNET-ID site. Online contests Those who won't be able to be present at the forum in the WTC Moscow can participate in online contests. Hash Runner The contest challenges the participants knowledge in hashing algorithms and skills in hacking passwords hash functions. The competitors are given a list of hash functions generated according to various algorithms (MD5, SHA-1, Blowfish, GOST3411, etc.). To win the competition, a participant is to score as many points as possible during a limited period of time, leaving the competitors behind. The competition is open for any Internet user. Registration will be opened on phdays.ru a week before the forum starts. Competitive Intelligence During the contest the participants will find out how good they are at searching information in the Internet. Questions related to a certain organization will be published on the contest's page. The goal is to find as many right answers to these questions as possible for a short period of time. The results will be announced at the end of the second day of the forum. The competition is open for any Internet user. You can register on phdays.ru (registration will be opened a week before the forum starts). PHDays HackQuest Organizer: @ONsec_Lab (http://onsec.ru) Everybody is welcome to participate in the hacking competition PHDays HackQuest http://hackquest.phdays.com. A good mood and perfect brain training are guaranteed! We will try to make you sink into the almost forgotten world of DOS and 8-bit music, to evoke nostalgic feelings and fill you with positive emotions facing the international forum PHDays III. Date: May 1-13, 2013 The winners will receive keepsakes and tickets to the international forum on information security PHDays III. Prizes: 1st place: 5 tickets + 5 T-shirts 2nd place: 4 tickets + 4 T-shirts 3rd place: 3 tickets + 3 T-shirts 4th—10th places: 1 ticket + 1 T-shirt A special prize for a bonus task is 1 ticket and 1 T-shirt.
PHDays III Young School Finalists are Known
For the second year in a row, we hold the competition in order to find young and talented specialists in information security who will be able to raise the science level of the country of the famous Russian hackers. The competition of young scientists is held as a part of the Positive Education program. The initiative is to expand the knowledge that young scientists got at the university and to introduce the unique experience of practical security gained by the Positive Technologies experts. Students, postgraduates and independent young researchers can partake in the competition. The applications accepting lasted for 3 month. This week the finalists have been defined. Program committee includes the leading IS experts from Advanced Monitoring, ERPScan, Yandex, Hacker Magazine, MSU Faculty of Computational Mathematics and Cybernetics, MEPHI, SPIIRAS, Technical University of Darmstadt, University of Tübingen, Russian Defcon Group. It considered a great many of applications and selected the four best works. The finalists of this year: Nikolay Tkachenko (Tomsk) provided a research on "Development and Implementation of Mandatory Access Control Mechanism in MySQL" Andrey Chechulin (St. Petersburg) and a research on "Construction of Attack Graphs for Security Events Analysis" Ksenia Tsyganok (Taganrog) prepared a report on "Statistical Analysis for Malware Classification" Andrey Iskhakov (Tomsk) and a research on "Two-Factor Authentication System Based on QR Code" For more information about the finalists, visit the PHDays website. The winners of Young School will be named at Positive Hack Days. Jury This year the program committee includes: Dmitry Kuznetsov, Deputy CTO at Positive Technologies Andrey Petukhov, MSU Faculty of Computational Mathematics and Cybernetics Denis Gamayunov, MSU Faculty of Computational Mathematics and Cybernetics Alexey Smirnov, Parallels Alexey Kachalin, Advanced Monitoring Vladimir Ivanov, Yandex Stepan Ilyin, Hacker Magazine Eugene Rodionov, MEPHI Pavel Laskov, University of Tübingen Alexander Polyakov, ERPScan Alexey Sintsov, Russian Defcon Group Alexandra Dmitrienko, Technical University of Darmstadt Igor Kotenko, SPIIRAS Peter Volkov, Yandex Dmitry Oleksiuk, independent developer Nikita Abdullin, OpenWay Positive Hack Days will be held on May 23-24 at the WTC Moscow. Register to visit the forum and see how they forge the future of the Russian science.
Positive Hack Days III — Ticket Sale Has Started
Ticket sale for the international forum on practical security PHDays III started on Monday, April 8. Registration and tickets are available here. A ticket bought until May 1 will cost 9,600 rubles per two days and 7,100 rubles per a day. After May 1 the price of a ticket will increase up to 13,700 rubles per two days and 9,600 rubles per a day. It is worth reminding that there are other ways to join the forum beside the ticket purchase — just prove yourself in any of the contests (keep up with the news on the official website) or become a speaker registering via Call for Papers until April 14. Similarly to the forum held last year, anyone, who wants to, can organize PHDays in their own city — study the requirements to the participants of PHDays Everywhere at first. Live broadcast will be available for all Internet users. Find the details about the ways of participation in PHDays III on the forum's website.
PHDays III Will Take Place in World Trade Center Moscow
The third international forum on practical security Positive Hack Days will take place on May 23-24 in the Moscow World Trade Center, one of the main platforms of the country. All the participants' requests and the new level of the event have been considered by the organizers to choose the right place. This year the forum will host at least 2,000 experts comparing with 1,500 experts last year. The number of various reports, contests, and hands-on labs will increase significantly as well. We'll keep other secrets just for now. It's only worth saying that a lot of unexpected and unforgettable experiments related to the development of the IS industry are in store for the guests and participants of PHDays III. The event focuses on mind labyrinths, where information technology development brings us. The new place for PHDays III to be held is designed for events of any scale and character. The WTC Congress Center located on Krasnopresnenskaya Naberezhnaya is the most in-demand and prestigious congress and exhibition place in Russia. It hosts the most important events of the country — from information technology exhibitions to meetings with state leaders. WTC meets all the demands of PHDays III both in space capacity and comfort and in equipment. This ultra-modern conference platform is equipped with high-tech gadgets. In 2010 the WTC received International Arch of Europe for Quality and Technology Award for the use of the most up-to-date technologies and implementation of modern management methods. Of course, the PHDays team will have to work hard to make a 36-hour hacking range out of this exhibition platform, but all we need is close at hand. The WTC provides space for professional discussions, business negotiations, and for the most recent techniques of network hacking being demonstrated by the leading world hackers. P. S. Please note that the date has been changed — the forum will be held on May 23-24.