May 23–26, 2024, Moscow, Luzhniki sports complex


Technical talks at PHDays: from OSINT methods to information security in video games

Only a week left before Positive Hack Days 10: The Origin. We continue to introduce you to our speakers and the most awaited technical talks from different conference tracks.

Practical OSINT methods in digital world

Andrei Masalovich, CEO at Avalanche, will discuss OSINT methods that allow effective extraction of private and even classified information without hacking. The talk covers methods for finding open partitions in cloud storages, scanning of unsecured databases based on PostgreSQL, MongoDB, and Elasticsearch, retrieving classified data via global logistics bases, collecting data via closed profiles in social networks, deanonymizing messenger users. Real-life examples will be provided.

Social engineering in 2021

Information security specialist Dmitry Andreev will discuss fundamental principles of social engineering, its various scenarios, and share his experience of preventing social engineering attacks in corporate environment.

Prioritizing CVEs with Vulristics open-source extensible framework

Vulristics (vulnerability and heuristics) is an open-source extensible framework for analyzing generally available information on public CVE vulnerabilities. Independent security researcher Alexander Leonov will give an in-depth talk about using Vulristics to prioritize vulnerabilities. He will also talk about why it is important to know how to prioritize known vulnerabilities and which extra sources of data can be used for this purpose.

Microsoft Active Directory: privilege escalation techniques

Egor Bogomolov, Application Security Expert at Singleton Security, defined all privilege escalation techniques possible in Microsoft Active Directory with initial local network configuration. The speaker will also talk about vulnerabilities in out-of-the-box AD networks and explain how administrators of local AD networks can protect from them.

Development and validation of ML pipelines

Artyom Kravtsov, Computer Vision Research Engineer at SberDevices, will talk about the experience of developing and testing an ML system and a mobile SDK to determine the authenticity of a biometric sample using a photograph. He will speak about the architecture of the developed solution and demonstrate an example of passing biometric verification by a real user. He will discuss in detail the ML component of the system, the process of development and research, as well as internal and external validation of the system.

BadUSB attacks

Innostage Head of Security Analysis Alexander Borisov will discuss several scenarios of BadUSB attacks (an interesting and a rather effective class of attacks) and the main methods of preventing them.

Secure development

In addition to traditional PHDays tracks centered around defense, offense (hacks), and the impact of information security on business, this year the forum will include a new secure development track.

Information security in video games

Application security leader at Sberbank Artyom Bachevsky will discuss typical vectors of attacks in video games and ways of protecting against them. Real-life examples will be given.

Unsafe deserialization

Mikhail Shcherbakov (PhD in Theoretical Computer Science, KTH Royal Institute of Technology in Stockholm) will give real examples of vulnerabilities and shortcomings that underpin the problem of unsafe deserialization. He will address the issue of building a threat model, describe various approaches and tools for finding and exploiting new vulnerabilities. The talk will focus on techniques of static code analysis and their current limitations.

Formal verification of operating system kernels

Denis Efremov, Developer at ISP RAN, will share his experience of participating in projects on formal verification and analysis of access control modules for Astra Linux SE and Elbrus kernels, as well as verification of the Contiki code (OS for IoT) within the European VESSEDIA program. The speaker will also disclose details of the development of formal access control models (Rodin/Event-B) and code specifications (Frama-C/ACSL), the use of static and dynamic analyzers, and the inclusion of formal analysis in the continuous integration cycle.

Technical talks will also be given by: Sergey Volokitin (Senior Security Analyst, Riscure), Sergey Golovanov (Lead Researcher, Kaspersky), Maxim Goryachy (independent security researcher), and Vladimir Kochetkov (Head of Application Security Analysis Research, Positive Technologies).

See you at PHDays!