archive | t2 infosec conference https://t2.fi Thu, 25 Mar 2021 18:10:56 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 https://t2.fi/wp-content/uploads/2020/07/cropped-t2_web-icon-32x32.png archive | t2 infosec conference https://t2.fi 32 32 Hacking ML in images (and everywhere else) https://t2.fi/2020/02/02/hacking-ml-in-images-and-everywhere-else/ Sun, 02 Feb 2020 20:25:21 +0000 https://t2.fi/?p=1647 This time we’re looking back into our archives to bring you a presentation from Guy Barnhart-Magen and Ezra Caltum. In their t2’18 talk the BSidesTLV co-founders cover offensive research possibilities when it comes to machine learning systems. Do you know which ML attacks have the most business impact? Watch the video to learn more. The …

The post Hacking ML in images (and everywhere else) first appeared on t2 infosec conference.]]>
This time we’re looking back into our archives to bring you a presentation from Guy Barnhart-Magen and Ezra Caltum. In their t2’18 talk the BSidesTLV co-founders cover offensive research possibilities when it comes to machine learning systems. Do you know which ML attacks have the most business impact? Watch the video to learn more.

The presentation will be answering questions such as “what does it mean to hack a machine learning system?” and “what would you actually target?”, with an emphasis on the methodology and the way Guy and Ezra approached the problem.

We have always enjoyed these types of talks, as the shared knowledge powers the audience to do research and find their own zero days. Speaking of research and zero days – don’t forget to checkout BSidesTLV, coming July 2 2020!

The post Hacking ML in images (and everywhere else) first appeared on t2 infosec conference.]]>
Cosmic Duke https://t2.fi/2017/09/10/cosmic-duke/ Sun, 10 Sep 2017 00:26:36 +0000 https://t2.fi/?p=1306 In this video from t2’15 Artturi Lehtiö peers inside over 7 years of state sponsored malware operations. The presentation covers themes such as less glamorous side of APT research, tools and approaches, in addition to the challenges related to publishing this type of information. Those into offensive work can view the video as training material …

The post Cosmic Duke first appeared on t2 infosec conference.]]>
In this video from t2’15 Artturi Lehtiö peers inside over 7 years of state sponsored malware operations. The presentation covers themes such as less glamorous side of APT research, tools and approaches, in addition to the challenges related to publishing this type of information.

Those into offensive work can view the video as training material for improving tradecraft.

For additional information on the subject, here are the links for the whitepapers mentioned during the talk.

The post Cosmic Duke first appeared on t2 infosec conference.]]>
Morgan Marquis-Boire keynote 2015 https://t2.fi/2017/07/09/morgan-marquis-boire-keynote-2015/ Sun, 09 Jul 2017 15:02:31 +0000 https://t2.fi/?p=1241 Edit: While the content has aged little, our keynote speaker choice failed on a catastrophic level. We are leaving this post and video up in the name of transparency. “Those who cannot remember the past are condemned to repeat it.” — George Santayana, The Life of Reason: The Phases of Human Progress – Vol. I, …

The post Morgan Marquis-Boire keynote 2015 first appeared on t2 infosec conference.]]>
Edit: While the content has aged little, our keynote speaker choice failed on a catastrophic level. We are leaving this post and video up in the name of transparency.

“Those who cannot remember the past are condemned to repeat it.”

— George Santayana, The Life of Reason: The Phases of Human Progress – Vol. I, Reason in Common Sense. 1905

In this 2015 keynote headhntr aka Morgan Marquis-Boire philosophizes on nation state attacks, their history, how hackers operate, and the nature of the Internet. As with all philosophical content and/or keynotes, very little has fundamentally changed since the talk.

Is modern technology the Panopticon? What is the East Germany tipping point of today? Do you agree with Morgan at all? Watch the keynote and let us know on the Twitter with #t2infosec !

Trigger warning: Some slides TS/SI

The post Morgan Marquis-Boire keynote 2015 first appeared on t2 infosec conference.]]>
Sweet Tools O’ Mine https://t2.fi/2017/05/28/sweet-tools-o-mine/ Sun, 28 May 2017 17:19:51 +0000 https://t2.fi/?p=1188 How does one go about creating new tools and toolchains? In “Sweet Tools O’ Mine” from t2’16 Hugo Teso shares his approach for creating an offensive toolkit, which contains both hardware and software parts. Learning by doing, when to leverage the power of existing solutions, and when to create your own are all discussed throughout …

The post Sweet Tools O’ Mine first appeared on t2 infosec conference.]]>
How does one go about creating new tools and toolchains?

In “Sweet Tools O’ Mine” from t2’16 Hugo Teso shares his approach for creating an offensive toolkit, which contains both hardware and software parts. Learning by doing, when to leverage the power of existing solutions, and when to create your own are all discussed throughout the video.

If you are serious about offense, this is a presentation for you.

Iaitō, a GUI for radare2 reverse engineering framework is available on GitHub.

The post Sweet Tools O’ Mine first appeared on t2 infosec conference.]]>
Forging the USB Armory https://t2.fi/2017/05/05/forging-the-usb-armory/ Thu, 04 May 2017 22:29:32 +0000 https://t2.fi/?p=1177 We’re continuing with the theme of securing international travel by releasing Andrea Barisani‘s Forging the USB Armory talk from t2’15. Those enjoying international travel and/or operational situations, the dual-use capabilities of the platform might be something of interest. From safe USB charger, encrypted file storage and automated self-destruct, password manager, TOR access point to portable offensive …

The post Forging the USB Armory first appeared on t2 infosec conference.]]>
We’re continuing with the theme of securing international travel by releasing Andrea Barisani‘s Forging the USB Armory talk from t2’15.

Those enjoying international travel and/or operational situations, the dual-use capabilities of the platform might be something of interest. From safe USB charger, encrypted file storage and automated self-destruct, password manager, TOR access point to portable offensive toolkit, the opportunities are endless. Even if open source hardware design is outside your comfort zone, the video gives you a good glimpse into solving hard problems and the capabilities of USB Armory.

Again, as with all our curated releases, this is a must see – enjoy!

The code is available on GitHub, slides here and INTERLOCK code here.

The post Forging the USB Armory first appeared on t2 infosec conference.]]>
Building a Reasonably Safe Travel Burner Laptop https://t2.fi/2017/04/20/building-a-reasonably-safe-travel-burner-laptop/ Thu, 20 Apr 2017 20:00:59 +0000 https://t2.fi/?p=1160 International travel can be difficult, and for a security conscious person especially so. In this video from t2’15 Georg Wicherski demonstrates a way of solving many problems related to carrying a personal computing device with you. For a person crossing borders on a regular basis or otherwise in need of heightened security for their laptop, …

The post Building a Reasonably Safe Travel Burner Laptop first appeared on t2 infosec conference.]]>
International travel can be difficult, and for a security conscious person especially so.

In this video from t2’15 Georg Wicherski demonstrates a way of solving many problems related to carrying a personal computing device with you. For a person crossing borders on a regular basis or otherwise in need of heightened security for their laptop, this is a must see. Enjoy!

Do note that this has been actually implemented in practice instead of being just intellectual mastu^H^H^H a mental exercise. For more details about the setup, refer to the GitHub repository. The setup has been since updated to support TPM remote attestation.

The post Building a Reasonably Safe Travel Burner Laptop first appeared on t2 infosec conference.]]>
If Attackers Can Use Graphs, Then Why Can’t We? https://t2.fi/2017/04/11/if-attackers-can-use-graphs/ Mon, 10 Apr 2017 21:20:55 +0000 https://t2.fi/?p=1140 Those in the business of securing enterprises and organizations should definitely watch OlleB‘s presentation from t2’15. Moving from point-in-time <insert-product-name-here> scans to a more structured approach using graphs, attack models, understanding and eradicating vulnerability classes or using safety/assurance cases is a long-term security investment. Taking your defensive game to the next level requires trying out …

The post If Attackers Can Use Graphs, Then Why Can’t We? first appeared on t2 infosec conference.]]>
Those in the business of securing enterprises and organizations should definitely watch OlleB‘s presentation from t2’15. Moving from point-in-time <insert-product-name-here> scans to a more structured approach using graphs, attack models, understanding and eradicating vulnerability classes or using safety/assurance cases is a long-term security investment.

Taking your defensive game to the next level requires trying out new approaches to old problems and sometimes challenging the conventional wisdom. This video should give you food for thought – it’s one of our favorites!

The post If Attackers Can Use Graphs, Then Why Can’t We? first appeared on t2 infosec conference.]]>