DC9723 November 2017 Meeting

DC9723 November Meeting
When: 14 of November, 2017 from 19:00 to 22:00
Where: SafeBreach Offices in Tel-Aviv (Yosef Karo 18, 4th floor, Tel Aviv.) NOTICE DIFFERENT LOCATION!
Agenda:
New Techniques to Exploit NTLM Flaws for Privilege Escalation – Yaron Zinar
From “One Country – One Floppy” to “Startup Nation” – Inbar Raz & Eden Shochat
As always, the talks are free and there is no need to register. Come and bring your friends.
The talks will be uploaded to youtube a week after the meeting.
You can watch the previous talks at https://www.dc9723.org
*We need more talks, please consider submitting a talk for the next DC9723 meeting. For more details and questions, please contact cfp@dc9723.org
Title:
New Techniques to Exploit NTLM Flaws for Privilege Escalation – Yaron Zinar
Abstract:
Millions of networks are relying on Windows authentication protocols to secure their logins, and consequently the network’s integrity. As these protocols are a popular target for attacks, such as NTLM-Relay, Microsoft went through great efforts to mitigate and secure them. However, they didn’t go far enough. In this talk we will show how NTLM continues to be the weakest link in Windows authentication and poses a serious security threat to enterprise security. We’ll shed new perspectives and discoveries on the NTLM-Relay attack, explore its anatomy, the wide variety of protocols that are vulnerable and how they are exploited in the wild. We will provide an overview of the security enhancements and configuration options implemented by Microsoft in order to thwart attacks. We will present and demonstrate CVE-2017-8563 and explain why it can be used bypass all existing security mitigations and why you are all still exposed to this vulnerability. Finally, we will suggest different detection and protection methods that can be used to overcome NTLM flaws in order to monitor and prevent potential credential theft.
Title:
From “One Country – One Floppy” to “Startup Nation” – the story of the early days of the Israeli hacking community, and the journey towards today’s vibrant startup scene – Inbar Raz & Eden Shochat
Abstract:
The late 80’s and early 90’s played a pivotal role in the forming of the Israeli tech scene as we know it today, producing companies like Checkpoint, Waze, Wix, Mobileye, Viber and billions of dollars in fundraising and exits. The people who would later build that industry were in anywhere from elementary school to high school, and their paths included some of the best hacking stories of the time (certainly in the eyes of the locals). The combination of extremely expensive Internet and international dial system, non-existent legal enforcement and a lagging national phone company could not prevent dozens of hungry-for-knowledge kids from teaching themselves the dark arts of reversing, hacking, cracking, phreaking and even carding. The world looked completely different back then and we have some great stories for you. We will cover the evolution of the many-years-later-to-be-named-Cyber community, including personal stories from nearly all categories. Come listen how the Israeli Cyber “empire” was born, 25 years ago, from the perspectives of 2:401/100 and 2:401/100.1.

DC9723 October 2017 Meeting

NOTICE DIFFERENT LOCATION (SafeBreach)!
DC9723 October 2017 Meeting

When: 24 of October, 2017 from 19:00 to 22:00
Where: SafeBreach Offices in Tel-Aviv (Yosef Karo 18, 4th floor, Tel Aviv.) NOTICE DIFFERENT LOCATION!
Agenda:

“Review of the Ukraine cyber attack 2015” – Guy Barnhart-Magen SLIDES
 “Tales from the Dark Side” – Dor Tumarkin SLIDES
"NATO war games, updating crypto vulns in IDs, and other stuff" - Hillar Aarelaid

As always, the talks are free and there is no need to register. Come and bring your friends.

*We need more talks, please consider submitting a talk for the next DC9723 meeting. For more details and questions, please contact cfp@dc9723.org

Abstracts:
Review of the Ukraine cyber attack 2015 – Guy Barnhart-Magen
The cyber-attack on the Ukraine power grid was unique in that it was public, and not that it happened.
In this talk, I will discuss some unique characteristics of the attack, its structure, and the possible ramifications.
As this attack was attributed as a “cyber” act of war, the interest in the techniques and the methodology used is considerable.

Tales from the Dark Side – Dor Tumarkin
Information Security is a battle fought on many varied fronts.
Join Dor, a researcher and former consultant, as he shares stories of his team’s astounding victories against the feeble forces of good in “Tales from the Dark Side”.

NATO war games, updating crypto vulns in IDs, and other stuff – Hillar Aarelaid

Hillar is visiting from abroad. He has a lot to share with us. This is last minute so we don’t have a full abstract, but he will speak about planning security around online elections, patching physical IDs for SHA256, and running war games for NATO

August Meeting 2017

DC9723 Next Meeting (we are back!):
When: 22 of August, 2017 from 19:00 to 22:00
Where: Checkpoint Offices in Tel-Aviv (HaSolelim 5 St, Tel Aviv.)
Agenda:

“Passive fingerprinting of HTTP/2 clients” – Elad Shuster
“Hacked in Translation” – Omri Herscovici and Omer Gull

As always, the talks are free and there is no need to register. Come and bring your friends.

*Update – The presentations will be linked here soon.

*We need more talks, please consider submitting a talk for the next DC9723 meeting. For more details and questions, please contact cfp@dc9723.org