PHDays V: Botnet Detection, NFC Stunts, and “Social Engineers” Competitions

The Fifth International Forum on Practical Safety Positive Hack Days will be held on May 26 and 27, 2015 in the Moscow International Trade Center. The conference, organized by the company Positive Technologies, will bring together leading cyber defense experts and the elite of the hacking world, representatives of government agencies and leaders of big business, young scientists and journalists.

In early December, we started accepting applications from those who wish to speak at PHDays V, and now we are announcing the first group of participants who have fallen into the main technical program of the forum.
')

Creator of Shodan in Moscow

One of the key events of PHDays will be the speech of John Matherley, the creator of the “ most terrible search engine ”.

How to open a botnet

Botnet owners seek to make it difficult to detect the management servers that control infected computers. To do this, they use various methods of masking, among which are special algorithms for creating domain names (DGA). With their help, it is possible to register domains formed on a pseudo-random principle, for example, depending on the current date: the constantly changing address of the management server makes it difficult to detect.

Bambenek Consulting Chief Cyber ​​Detective John Bambenek will talk about how to reverse engineer DGA algorithms to detect botnets and obtain information about their configuration in near real time.

Competitions masters of social engineering

Chris Hadnagy, founder of Social-Engineer and administrator of social-engineer.org , will share his experience in preparing competitions for “social engineers” DEF CON SECT F. The purpose of such competitions is to familiarize information security professionals with information technology and social engineering. a wider audience, how dangerous is fraud using psychological methods.

RFID master class: from low to high frequencies

During the RFID master class, the presenter will focus on high-frequency identification, but low radio frequencies will also be considered, since they are often used when organizing access control to the premises (house entrances, offices, garages, hotels). In addition, the security topics of mobile payment services, as well as Paypass, Paywave and NFC USIM technologies will be touched upon.

The lesson will be conducted by Nahuel Grisolía, an Argentine security expert and entrepreneur who specializes in web application security and hardware hacking. He discovered vulnerabilities in McAfee Ironmail, VMware and Manage Engine Service Desk Plus, as well as in a number of free software development projects: Achievo, Cacti, OSSIM, Dolibarr, and osTicket. Conducted workshops at international conferences, including Positive Hack Days III ( presentation slides ).

How to get on PHDays

We remind you that the first stage of Call for Papers will last until January 30. Information security experts can submit their research to speak on the forum on May 26 and 27. The full list of reports will be published in April on the official website of the event (see the best from last year on Habrahabr ).

Information on other ways to get into the number of participants can be found on the official PHDays website. You can buy tickets on the “ Take part ” page. Until January 30, there is a discount: a ticket for two days of the forum costs 7337 rubles. Soon the price will change - the cost of participation will increase first to 9,600 rubles, and then to 14,400 rubles.

Do not miss the chance to join several thousand information security researchers, government officials, journalists and young scientists from around the world. See you at Positive Hack Days V!