Cosmic Duke

In this video from t2’15 Artturi Lehtiö peers inside over 7 years of state sponsored malware operations. The presentation covers themes such as less glamorous side of APT research, tools and approaches, in addition to the challenges related to publishing this type of information.

Those into offensive work can view the video as training material for improving tradecraft.

For additional information on the subject, here are the links for the whitepapers mentioned during the talk.

t2’17 schedule complete

Those on Twitter may have noticed yesterday that our schedule is finally complete and available online. Check out the contents and RT if you like what you see!

This year’s program is indeed great! There are many familiar names – almost an alumni meeting of sorts, but also those who are making their t2 debut. Speaking of debuts, our new sponsor Beyond Security will also be present and available to discuss SecuriTeam Secure Disclosure.

The last week of the challenge is starting – there is still time left to claim the free ticket to t2’17. Registrations have continued steadily, and 70% of available tickets have been sold. If you are planning to attend, we recommend booking your seat now.

Budgeting season

Surprisingly many companies lock down their next year’s budgets already in Q3. While many of our attendees have negotiated conference and training costs to be part of their annual non-negotiable compensation package, there are also those who rely on the good graces of financial overlords to okay their attendance. This post is to remind that it’s yet again time to have the discussion about t2’18 – after all, it’s the 15th anniversary.

Why do we pester our readers with this? As Thomas Lim finely stated it in his keynote at Infiltrate 2012:

“[..] Conferences don’t really make a lot of money, unless you’re Black Hat [..]”

In many years, the question of making a small profit to guarantee enough liquidity for organizing the next event comes down to having the right sponsors. No sane person would enter a business with this kind of a risk/reward ratio. The talk is filled with other gems as well, and it’s definitely worth watching.

The reasons for organizing are elsewhere, namely you want to give back to the community, love the atmosphere of a small event and want to see world class security presentations in your home country. The volunteer work behind the scenes only works when you focus on high quality and networking – it also helps getting repeat guests who value the effort put into curating the program, and setting the stage for making new friends. A considerable part of the audience comes from outside Finland, and it’s certainly not thanks to the weather.

To summarize some of our core values:

  • Networking is an integral part of the event
  • We focus on new research and technical aspects of information security
  • We never sell or give out the attendance list
  • Sponsorship does not give you a speaking slot or influence on the agenda, only CFP does

If you are interested in sponsoring t2, we are glad to discuss your exact needs. Please get in contact with us.

Physical Side-Channel Attacks on PCs

A great way to steal someone’s secrets is often just listening carefully enough. At t2’15  Lev Pachmanov, Daniel Genkin, Itamar Pipman and Eran Tromer from Tel Aviv University demonstrated in practice how sensitive information can be pilfered with a sausage (or a Pita bread, if you’re vegetarian). In all seriousness, this has to be one of the funniest publicly delivered presentations on gathering electromagnetic emanations.

Whether you are into emission security or collecting signals intelligence, we’re sure you will enjoy this talk.