News
The first reports on PHDays 2012 have been determined
Can you trust passwords on your iPhone or iPad? Dmitry Skliarov, in his reports "Secure Password Managers" and "Military-Grade Encryption for smartphones: Is it really serious?" presents the results of the analysis of several programs to protect passwords and data for the Apple iOS. Dmitry is Information Security Analyst at ElcomSoft Co. Ltd. and assistant professor of "Information Security" of MSTU Bauman. Security of mobile communications. Hacking GSM and GRPS Sylvain Munaut, developer of the project OsmocomBB, tells how GSM and GRPS are hacked in his report "Abusing Calypso phones." Attacking through the mouse and keyboard? It's a reality The famous Indian hacker Nikhil Mittal, creator of the framework Kautilya, conducts a master class "Creating havoc using a Human Interface Device." The main theme of the report is how easy it is to hack a computer using devices that present themselves as a mouse, keyboard, etc. Information Security in the U.S. Michael Utin in the report "Analysis of US Laws and Regulations Protecting Personal Information - What Is Wrong and How to Fix It" will tell how activities in the field of information security are regulated in the United States. Michael has a Master's in Computer Science with 20 years' experience in IT and 10 years' experience in the field of information security. Payment by MasterCard and VISA cards in the internet shops - how safe is it? Micha Borrman, of the company SySS in his report "Internet, CVV2 and fraud detection systems," analyzes common vulnerabilities in the security systems of online stores that use payment cards, MasterCard and VISA as a payment method. The smartphone sends SMS by itself, and the money debited from the account? Marcus Niemietz raises the current topic of attacks on mobile phones (in particular, popular smartphones running Android). His report is called "Hijacking Attacks on Android Devices". Marcus, author of the book "Clickjacking and UI-Redressing", promises to demonstrate at the conference one or two 0day-attacks and a lot of practical experiments. What can LulzSec teach society? An analysis of the activities of the hacker group LulzSec, which has consistently compromised servers of the CIA, Sony, Arizona, and British police UBOP - SOCA, will be conducted by Jerry Gamblin in his report "What We Can (and Should) Learn from LulzSec." Jerry is an expert in information security for the Missouri State House of Representatives. Are printers not only dangerous for trees? Andrei Kostin will report on the unusual ability of printing devices and attacks using the PostScript language in the report "PostScript: Danger ahead! / Hacking MFPs, PCs and beyond..." Andrei is the winner of many gems in the field of information security. Can programs fight, like in the movie "The Matrix"? Igor Kotenko, head of the SPIIRAS laboratory of computer security problems, will report on "The cyber-warfare of software agents." How to automate the search for vulnerabilities? Nikita Tarakanov and Alexander Bazhanyuk will present their report "A tool to automatically search for vulnerabilities." Nikita and Alexander are the founders of the information security company CISS RT. Keynote speaker. The legendary expert on security, Bruce Schneier, will appear for the first time in Russia at PHDays-2012. Bruce Schneier is the author of dozens of codes along with six books, among which the bestseller "Applied Cryptography" has been translated into Russian. The forum will also include training sessions and master classes. The PHDays Forum, organized by Positive Technologies, will take place in Moscow on May 30-31. Independent experts in IS will all meet in one place: hackers, representatives of state and of big business. The program includes - CTF Competition, hacking competitions, master classes, workshops, seminars, round tables and discussions. You could join the speakers at PHDays! Until April 16 anyone can send a request to participate in the forum - we are interested in the actual, original and resonant themes in information security. For more information about the rules - CFP. Young scientists and students also have the opportunity to present their ideas and discoveries, speaking on the same site, together with well-known gurus of information security. The "Young School" competition has been organized especially for them.
Bruce Schneier Will Speak at PHDays
A cryptography guru, world-famous expert in information security Bruce Schneier will come to Moscow for the first time. He will take part in our forum as one of the key speakers. Bruce Schneier is a legend in the information security world and his name means much for everyone who works in this field. Several generations of hackers have already grown up on his Applied Cryptography. Another bestseller by Bruce Schneier, Secrets and Lies, is devoted to broader issues of information security. Bruce Schneier has developed popular cryptographic algorithms Blowfish, Twofish, and Threefish and has been involved in the creation of over ten other well-known algorithms. Moreover, Bruce is one of the authors of Yarrow, a pseudo-random number generator, and Skein, a hash function. He publishes a popular Crypto-Gram newsletter and keeps a blog Schneier on Security; there are over 150 thousands readers from all over the world. We'll keep the subject of the Bruce's speech under wraps for a while, but we're already forming a queue of those who wish to get an autograph! And we keep developing the forum program. Leading Russian and foreign experts in various information security fields will give master-classes, workshops, and speeches at PHDays. Stay tuned to know the names! Attention! You can make a speech together with Bruce Schneier! For this opportunity, take part in CFP. We are looking forward to your abstracts!
The first participants of PHDays CTF 2012 have been decided!
The qualifying stage of the international competition for the protection of information, PHDays CTF Quals, has been completed. Over a period of two days, 72 teams from 17 countries fought unremittingly for the right to reach the final and to attend the main competition in May 2012. The most active were Russian hackers, who were in the majority of the contestant teams.They were followed by the United States and France. The competition was also attended by experts from such countries as Japan, the Netherlands, South Korea, Tunisia, Germany, Switzerland, Kenya, Canada, Peru, the United Kingdom, Sweden, Lebanon, Australia and Spain. First place in the CTF Quals was the team rdot.org from St. Petersburg, who maintained a leading position throughout the game. The contest for second and third place was between eindbazen of the Netherlands and leetmore of St. Petersburg. Several times the teams changed places and the tension was unrelenting to the very end of the competition, when in the last half hour a winner emerged -the Dutch hackers just four points ahead of leetmore. The remaining teams in the top five were int3pids from Spain (4th) and Russian HackerDom (5th place). For the first half of the game the Spanish team was seriously lagging behind the leaders, but then was able to solve a series of complex tasks and have a high score at the finish. This late breakthrough determined their fate - int3pids and HackerDom joined the rest of the winners. The fifth place was also seriously contended by 0daysober from France, trailing HackerDom by just half a point in the last-minute struggle. Nevertheless, we are showing out appreciation for the activity and perseverance of 0daysober by inviting them to the main competition in 2012! We would like to mention Antichat Team, [censored], ufologist, Shine (Russia), Big-daddy, ensib (France), MachoMan (South Korea), Nullarea Tunisian Team (Tunisia) and takeshix (Germany), which, although they won no prizes, steadfastly fought for victory and helped make the game dynamic and exciting. We would like to remind you that PHDyas CTF Quals affects different areas of information security: assessment of security, search for and exploitation of weak points, reverse engineering, etc. In the qualifying stage, the gaming infrastructure PHDyas CTF 2011 was much used, as many of the participants' tasks in this face-to-face competition were not solved. Dmitrii Evteev, PHDays CTF Overlord: "I would like to thank everyone who participated in CTF Quals, - the competition became really nail-biting and exciting. However, the winners of the CTF Quals are not the only main participants in CTF. A number of team leaders of Russian and international ranking are invited hors concours. So, all in all, the full-time competition will involve 12 teams." The main competition, PHDAYS CTF, will be held in Moscow on May 30-31, 2012. View the full rating qualifying events here: http://phdays.ru/ctf/quals/rating/. Stay tuned!
One day has left before the end of registration of participants for CTF Afterparty
If you want to take part in CTF Afterparty but you have not joined us yet - hurry up, the registration is closing soon! So far, it is certain that CTF Afterparty will become a battlefield for over 100 people from 18 countries. Most participants come from Russia, the USA and Australia. The registration for CTF Quals is closed. More than 100 teams from 29 countries applied for the contest. Once again, the most active applicants proved to be Russian hackers. However, American, French and Japanese contestants made a good keep-up with them. The elimination competitions of CTF Quals start in two days. December 12 will reveal winner teams that will participate in the CTF finals in Moscow on May 30-31, 2012. Follow the news! Complete list of participating countries CTF Quals: Afghanistan, Algiers, Argentina, Australia, Bolivia, Canada, Columbia, Estonia, France, Great Britain, Germany, India, Italy, Jamaica, Japan, Kazakhstan, Kenya, Lebanon, Macao, the Netherlands, Peru, Russia, Republic of Korea, Spain, Switzerland, Sweden, Ukraine, the USA, Western Sahara. CTF Afterparty: Afghanistan, Argentina, Australia, Barbados, China, France, Hungary, Kazakhstan, Kyrgyzstan, Lebanon, Malaysia, Montenegro, Papua New Guinea, Russia, Singapore, Switzerland, Ukraine, the USA.
PHD CTF Quals opens up a team registration for the information security contests
December, 10-11 will see the PHD CTF Quals contest on information security organized by Russian developer company Positive Technologies. The PHD CTF Quals contest is a qualification competition for the international PHD CTF contest that will take place on May 30-31, 2012. The qualification competition is open for everyone. The requirements list a preliminary registration, a team of 5 contestants and a full observation of the rules. PHD CTF Quals will contest participants' skills of information security assessment, vulnerability search and exploitation, reverse engineering and hacking in general. It is notable that vulnerabilities used for the contest are not made-up but taken from the real life. Thus, participants will have an unrivaled chance to try themselves as real hackers. Teams will have a chance to exploit myriads of real vulnerabilities and to try their hands at solving little information security tasks. The maximum total score is 100. Participants scoring more than 100 will be awarded with traditional special prizes from the Positive Technologies company. The PHD CTF Quals results will decide the winning teams that will take part in the international PHD CTF contests that are held on May 30-31, Moscow, as part of Positive Hack Days (PHD) II, an international information security forum. PHD CTF Quals will be immediately followed by PHD CTF Afterparty 2011 where anyone will be able to solve available tasks according to the same rules. The CTF Afterparty 2011 contest will take place on December 12-25; winners will be awarded with prizes and certificates. The top participants will be invited to the PHD forum as competition contestants. In 2011, the international PHD CTF hosted 10 teams from Russia, India and various European countries. The main prize went to PPP, a team from Pittsburg, USA. The second and third places were taken by Russian teams Leet More and HackerDom. All participants received valuable prizes and presents, while the winners were also awarded with $135,000, 80,000 and 50,000 USD respectively.
In 2012, Positive Hack Days will grow twice bigger
Positive Hack Days, which took place in 2011, became a center of undivided attention of IT specialists and drew a wide response of the IT community. The organizers have already been receiving requests for participation in the next PHD, so, to handle all the requests, Positive Hack Days 2012 will grow twice bigger. The program will consist of two major parts: a conference and a contest. The conference will involve discussions and round tables meant to bridge business and hacker worlds, as well as practical seminars designed for technical specialists, and master classes conducted by recognized international experts. Similar to the program of 2011, the contest part will be comprised of the CTF contests and a wide selection of various competitions on practical information security for all comers. The CTF contest will also be divided into several parts that include an old-school CTF, online contests and an innovation. The details are kept in secret so far and will be posted later on the PHD official site. Meanwhile, the PHD program is being intensively elaborating. Follow the news and the updates at the site.
At Positive Hack Days, specialists of the Positive Research Center presented the results of the DNS Rebinding vulnerability research.
The results helped finally reveal how the attack can be carried out in practice. The experts demonstrated new vectors for the DNS Rebinding attack, also known as AntiDNS Pinning. The vulnerability implies that a user's browser acts as a mediator between attackers and the target network. It allows attackers to conduct attacks against virtual infrastructures. Notably, it is not the infrastructure of virtual machine management that suffers from the attack but the users' and administrators' workstations, which are usually far less protected than servers. DNS Rebinding allows attackers to interact with internal systems from within the internal network of the target company, which makes it all easier for attackers. Though most browsers nowadays are protected against such attacks, the protection is not always efficient and can be bypassed. The research conducted by Positive Technologies involved real cases to demonstrate attacks against corporate networks and virtualization systems, network equipment and means of protection. The research thoroughly covers the tools for vulnerability exploitation, as well as the way to bypass existing restrictions. Also, the authors observed the methods of protection against the attack and related attacks. At present, the companies in which the vulnerability was detected, are cooperating with the experts of Positive Technologies to eliminate the defects.
At PHD, contestants hacked the latest version of the Safari browser for Windows
According to the author of the exploit - Nikita Tarakanov, Chief Technical Officer at the CISSRT company (which conducts software security researches) - to hack the browser, he and his colleagues created a special web page which contained a link to a potentially malicious script. A click on the link launches the script automatically. The script, in its turn, initializes the calculator. There were several applications to participate in the contest, but only the CISSRT solution really worked proved to be original. Nikita Tarakanov says that under Mac OS X the Safari vulnerability causes just the emergency shutdown of the browser. However, it is not an evidence of a higher security level of Mac OS X: the vulnerability cannot be exploited properly because of the difference in the way the two operation systems work with the memory. The winner was awarded with a prize - a Toshiba laptop with installed Safari. Earlier on, Safari had been hacked by the participants of the CanSecWest security conference, Vancouver, Canada, March 2011.
Results of Positive Hack Days
The Positive Hack Days forum gathered a variety of representatives of information security industry. By estimations, the forum was visited by more than 500 people, including representatives of government agencies, technical specialists, top managers in the IT industry, independent experts, and hackers. Two programs were conducted simultaneously: a business program, which included seminars and master-classes, and a hacking contest program. The organizers sum up the preliminary results. PHD CTF Contest The forum included the PHD CTF open international information security contest. Ten teams from Russia, USA, India, and Europe have been protecting their networks and attacking the networks of their rivals for 8 hours. There were a prepared number of vulnerabilities that exist in modern information systems (e.g., SCADA systems, etc.). The aim of the contestants was to detect vulnerabilities, fix them on their servers and exploit the vulnerabilities to obtain sensitive information from the competitor teams. According to the results of the contest, the PPP team (Pittsburgh, USA) won by a wide margin and was awarded with 5 thousand dollars. One of the PPP members said, "It's not our first experience of participating in a CTF contest, but in the PHD CTF it was the first time when we were not only to attack other teams' resources, but also to protect our own resources. We will be glad to take part in the contest the next year." Second and third places were taken by Russian teams Leet More (Saint Petersburg) and HackerDom (Yekaterinburg). Boris Simis, Business Development Director at Positive Technologies, noted, "The PHD CTF is the first contest of such scale, conducted in Russia. Whereas in USA, Canada and Europe similar contests have been held for a very long time. It is connected with the fact that the first place was taken by the team from the USA, the country where information security issues are taken very seriously. We are sure that it was interesting for Russian participants of the PHD CTF to contend with foreign teams, and we are happy to welcome everybody the next year." Contest Program Hacking Safari The forum included specific hacking contests. Thus, in the laptop hacking contest, specialists were able to detect a so called zero-day vulnerability (a vulnerability which was not known before) and exploited it to demonstrate that the latest version of the Safari web browser for Windows can be hacked. The contest was won by the CISSRT information security specialists. Hacking iPad In the analogous contest the participants formally failed to hack an iPad, because the program for exploiting a software vulnerability (the exploit) written by them did not work stably. Nevertheless, the CISSRT specialists proved the existence of the vulnerability in the mobile version of Safari during the qualification round of the contest, and the failure during the contest itself was due to the difficulties with the exploit only. To Drunk to Hack The "Too Drunk to Hack" contest was conducted at the end of the contest program. The participants of the contest were offered to hack a copy of the forum website www.phdays.com. In case of a mistake, a contestant was to drink 50 grams of tequila. Russian and foreign guests of the forum of the full legal age took part in the contest. Vladimir Vorontsov, information security expert at onsec.ru became the winner. After six mistakes he managed to find all the required vulnerabilities. Fox Hunting In this contest the contestants were to find a wireless access point, which was constantly moving around the place during the whole day. It is remarkable, that one of the contest winners was a young lady. To Hack in 900 Seconds The participants were to successively hack network equipment (switches) in 6 stages. The contestants actively used the hints, provided by Alexey Lukatsky, the representative of Cisco Systems. The winner of the contest is a participant with an ambiguous nickname "003". The organizer of the contests program and Positive Technologies expert Dmitry Evteev commented, "The specialists that took part in the contests were very good, they coped with many challenging problems. It should be noted, that some tasks were too difficult for the participants, but it was rather due to general tiredness, accumulated during the day of informative program of the forum. Generally, I'm glad that the level of training of Russian specialists is no worse than the level of the foreigners." Business Program Leading specialists of Russian IT market from Kaspersky Lab, Cisco Systems, RISSPA, Federal Service for Technical and Export Control, Rostelecom, VimpelCom, etc. presented their reports at technical and business workshops. The participants discussed such topics as cybercrimes and cyberwars, security of wireless networks and remote banking systems, DDoS, WIkiLeaks and sensitive information disclosure, the Information Society program. Technical specialists took part in master classes of various levels conducted by distinguished experts in vulnerability detection and security analysis of various information systems.