Jarno Niemelä from F-Secure will explain us why all those people who think that their mobile phone is being spied on are not necessary crazy. This presentation gives an overview of just what is possible do over Bluetooth once the attacking device is trusted, what spy can do over Bluetooth and what can be done to prevent it.
T2 staff thinks that this talk defines quite well what “trust” really means.
Please see the schedule for details.
Rafael Dominguez Vega from MWR InfoSecurity will go through the dangers of USB devices. The presentation will cover a wide range of security considerations for USB devices. However, it will specifically focus on the evolution of an attack that can be delivered through a malicious USB device. The talk will also include discussion about the methods that can be used to identify and exploit vulnerabilities in USB drivers and their advantages and disadvantages.
T2 staff thinks that you should think twice before you use a USB stick from a security conference … 🙂
Please see the schedule for details.
Juhani Eronen from CERT-FI will present post-mortem studies on incident and vulnerability coordination projects he has been involved with, including recent CERT-FI disclosures.
T2 staff thinks that this talk will be an important lesson for everybody, especially those working for product development. If you or your organization would like to avoid some of the pitfalls — this talk is for you!
Please see the schedule for details.
Scott McIntyre from XS4ALL will explain why security fails. Handling of recent threats, the role of “disclosure”, governance, FUD and the ever present (and increasing) threat of government over-regulation stifling innovation are just some of the topics which will be covered during this keynote.
We all suffer the fallout from IT security failures, and understanding the far-reaching consequences to our actions is critical if we’re ever going to have a safer Internet experience for the masses.
T2 staff thinks that if you have ever wondered how an ISP copes with all the threats passing through their network (including at layer-8), yet still manages to love the technology they provide to you — this talk is for you!
Please see the schedule for details.
Nishad Herath from Novologica will be on the stage twice. In the keynote Nishad will show us how the very same real world optical disc DRM technologies, created with perhaps the best of intentions, can be used extremely effectively for anti-forensic purposes.
In the second presentation Nishad will demonstrate techniques and code which illustrates the various processing options available to modern malware both inside and outside the PC, far away from the CPU.
T2 staff thinks that both of these talks are quite groundbreaking. This is the kind of stuff that you don’t see every day.
Please see the schedule for details.
The final schedule for t2’09 has been published. We might sound like a broken record but T2 staff thinks that we have extremely good program for this year (again 🙂
We would also like to thank all the people that sent in their talk proposals. Please remember that even if your presentation did not get approved it does not mean that we did not want it. In order to have an interesting event we try our best to make sure that the program has “something for everyone”.
Hope to see you soon!
Mikko Hyppönen from F-Secure will go through a case study on an investigation against an international malware writing group. The group was using online attacks to steal money from various organizations.
T2 staff thinks that this talk offers an unique opportunity to see what happens on the backstage.
Please see the schedule for details.
Muhaimin Dzulfakar will be demonstrating how arbitrary code execution is possible on the MySQL platform and explain the techniques and tools needed. This presentation will include a tool release as well.
T2 staff thinks that most SQL injection talks are not that hot any more. This talk should be an exception.
Please see the schedule for details.
David Batanero will be demonstrating how you can use inexpensive equipment to perform effective forensics analysis on modern mobile phones. He will show (among other things) how to read the flash memory and what to with it.
T2 staff has been told that this talk contains previously unpublished material and offers pretty interesting insight to modern mobile phone forensics.
Please see the schedule for details.
Alexander Polyakov from Digital Security (Russia) will be demonstrating some common and uncommon vulnerabilities on SAP environment. This talk will deal with different ways to attack SAP clients and demonstrate how you can get access to the whole SAP environment just by exploiting a client side vulnerability.
T2 staff thinks that SAP security is an often overlooked topic when dealing with enterprise security. This talk should give the audience a pretty good overview of SAP security.
Please see the schedule for details.