A special day requires a special event! It’s again that beautiful time of the year when we wish ‘Happy Anniversary!’ to our special friends from Security Espresso, and it’s time to gather around the nmap xmas scan and tell stories about successful pentests and battle-tested bulletproof code that we’ve written!RSVP here and save your front row on Thursday, December 12, starting 19:00!
About the event
As this is an anniversary edition, they’re bringing special topics to the table!
19:00 → 19:45 Alexandru Caciulescu: ‘%00\0″$IFS><!
19:45 → 20:00 Break
20:00 → 20:45 Vlad Creteanu: Coffee 101
20:45 → ∞ Networking!
Registration
RSVP here to confirm your attendance at 3 years of Security Espresso!
As you probably know, How to Web is just around the corner, and they partnered up with Security Espresso for a pre-conference meetup. RSVP here and come to discover 2 great speakers talking about their experience at 2 competitions. The event is TODAY, so hurry up!
About the event
18:30 – 19:00 Registration
19:00 – 19:45 Ionut Cernica – Lessons I learned from CTF finals
“This presentation is about my experience participating in CTF finals. I’ll focus on my vision of what makes a good CTF task.”
19:45 – 20:00 Break
20:00 – 20:45 Dobre Florian-Robert – Winning the ECSC
“The whats, the whys and the hows behind our success at the ECSC 2019.”
20:45 – 21:30 Networking
Registration
RSVP here to confirm your attendance at Security Espresso 0x20.
Com to talk about the technical aspects of implementing the electronic vote and the effects of having to use your ID to buy SIM Cards. RSVP here to save your front row spot on September 24, starting at 18:30!
About the event
18:30 – 19:00 Registration
19:00 – 19:45 Sebastian Cergă – The electronic vote
The electronic vote is the kind of subject you’ll find on everyone’s agenda: from political parties to NGOs. The intentions behind it might be good, but the implementation is a complex matter. In this talk, we will look at the technical aspects behind this feat, and talk about the problem of trust.
19:45 – 20:00 Break
20:00 – 20:45 Georgiana Gheorghe – SIM Cards require an ID to purchase
“The government wants to store the personally identifiable data of those who purchase SIM cards in order to take action against those making disruptive calls to the emergency services, 112” – this is the headline of the opinion piece which APADOR-CH published, on the 22nd of August. The legislative project has since been approved and it will become effective on January 1st, 2020. But what are the effects of this law? What data will be stored, for what purpose? Who will have access to it?
20:54 – 21:30 Networking
Registration
RSVP here to confirm your attendance to Security Espresso 0x1f.
CTF season is upon us and Security Espresso invites you to talk about the challenges that are out there. RSVP here to save your front row spot on August 21, starting at 18:30!
About the event
The DefCamp CTF qualifiers are coming up, and Security Espresso has figured this is the perfect time to invite speakers to share CTF challenges that they have created. We’re going to cover non-web challenges in this edition, so set Burp aside and get ready to go down rabbit holes that don’t respond to GET requests.
This month Security Espresso has a special event format: a live coding session! RSVP here to save your front row spot on July 25, starting at 18:30!
About the event
Security Espresso is organizing a joint event, alongside the Bucharest Functional Programming community. Don’t miss out on this one because it’s got a little treat for everyone: for the coders, the pentesters, the imperative folks, the functional crew, the nay-sayers and the enthusiasts alike!
They will be implementing a basic HTTP server in order to showcase common security issues and how to overcome them in an FP fashion. The presentation will mostly be live coding. The audience will be able to pentest the server, and we will look into fixing the problems.
Some familiarity with the Haskell syntax is assumed. It would also be helpful to skim through the conduit tutorial.
Event agenda
18:30 – 19:00 Registration
19:00 – 19:45 Vladimir Ciobanu – Breaking and putting it back together: a simple HTTP server in Haskell, part 1
19:45 – 20:00 Break
20:00 – 20:45 Ciobanu – Breaking and putting it back together: a simple HTTP server in Haskell, part 2
Security Espresso 0x1b, the promise of biometrics as authentication meets the promise of Hollywood movie hacking. Find out whether biometrics are a secure substitute for passwords, and how movies are ruining security audits.RSVP here to save your front row spot on May 22, starting 18:30!
About the event
The first talk investigates the feasibility of implementing a biometric key derivation system without storing the private key. The proposed key derivation system derives a key from user biometrics (single or multiple) and uses that key as seed for RSA. The private key is never stored because it’s derived every time.
The key is as secure as the biometric data, thus the system is susceptible to spoofing. This is the first detailed study of a biometric key derivation system under spoofing conditions.
As the tech required for surveillance advances, it’s no wonder that state authorities push for a greater level of surveillance. On the other hand, public representatives pull for preserving privacy, and more tech is created to protect it. We’ll explore together the intersections of these tensions in current debates.
Event agenda
18:30 – 19:00 Registration
19:00 – 19:45 Lavinia Mihaela Dinca, Ph.D. – Biometric spoofing in the context of biometric key derivation
19:45 – 20:00 Break
20:00 – 20:45 Miriam Cihodariu – Surveillance vs Privacy in law debates
20:45 – 21:30 Networking
Registration
RSVP here to confirm your attendance to Security Espresso 0x1b.
TechSociety
This event is hosted through TechSociety, an initiative that aims to grow the local tech community stronger by providing free event space, as well as logistical and communication support, to all people that organize free tech-related events.
Thinking about organizing a meetup or an event for the tech community out there? Join TechSociety, and we’ll help you out! All you have to do is submit the registration form available on our website, and we’ll get back to you to set all the details straight!
Come to learn about DNS censorship and how to organize a Capture the Flag competition.RSVP here to save your front row spot on April 23, starting 18:30!
Event agenda
18:30 – 19:00 Registration
19:00 – 19:45 Michael Casadevall – Censorship through DNS – Studying Tampering of Domain Name Information on the Public Internet
DNS tampering is one of the most common forms of Internet censorship. This is primarily due to a lack of authentication and the ease of manipulating traffic on the fly and can take a multitude of forms. This type of censorship has been used to enforce various gag orders such as was used the British Isles to block torrent websites. It is also a known technique used by China’s Great Firewall. It can be used to simply block websites, redirect users to seemingly correct sites, and is difficult for the typical user to detect. For example, this type of attack could be used to redirect a user silently from a whistleblowing website to a honeypot. While efforts are underway to create secure amendments to DNS, they cannot solve these fundamental problems.
In an effort to understand how widespread DNS censorship is, I have created a special tool known as DNS Catcher to study in-flight responses, and check them against known good authoritative data to confirm their authenticity. By doing so, we can develop new tools and methods to detect DNS tampering, and at a minimum, prevent users from unknowingly connecting to addresses that are known to have been tampered with.
19:45 – 20:00 Break
20:00 – 20:45 Anatol Prisăcaru – Organizing a CTF: Lessons Learned Over the Years
I bet you’ve always wondered what goes into creating a Capture the Flag competition. I bet you wondered how we balance the feasibility of finding a flag with the challenge of burying it inside systems with obscure vulnerabilities. Popping boxes is fun, but do you know what it takes to craft that satisfying experience?
This talk is going to answer all these questions and more! I’ve been crafting CTF challenges for 5 years now and I have a few stories to tell: from the way we craft challenges to the way we set up the infrastructure. From how to come up with versatile and unpredictable challenges, to how to maintain a good difficulty progression and enforce rules. If you’ve ever been curious about what goes on behind the scenes of a CTF, or ever wanted to organize a competition of your own – I’ve got you.
20:45 – 21:30 Networking
Registration
RSVP here to confirm your attendance to Security Espresso 0x1a.
TechSociety
This event is hosted through TechSociety, an initiative that aims to grow the local tech community stronger by providing free event space, as well as logistical and communication support, to all people that organize free tech-related events.
Thinking about organizing a meetup or an event for the tech community out there? Join TechSociety, and we’ll help you out! All you have to do is submit the registration form available on our website, and we’ll get back to you to set all the details straight!
Security Espresso 0x19 is about misuse and misconfiguration: of medical equipment and, then, of Kubernetes containers. RSVP here to save your front row spot on March 20, starting 18:30!
About the event
The importance of security and privacy, keeping the data safe in healthcare is huge. We also need to be aware, that the criminal can harm the patient in many different ways, for many different reasons, with the goal to harm them, but also doing it by accident, just simply because we did make everything digital, put and connect everything online, without thinking about the need to make it safe and secure. We need the environment, with the organization that will make possible for infosec professionals to can do their job as best as possible. With good communication, teamwork, and good agreements, we can make a stable base to build a safe and secure environment in healthcare.
Cloud native applications are the solution to keep your service highly available and scalable to billions of requests. If you are in charge of securing this type of application stack and you`re getting anxious about that Kubernetes cluster being added to the mix, we`ll try to help out. Let`s start properly! Before you can even begin to implement advanced security controls, we must understand what is it that you are securing and what are the boundaries between our cluster and the rest of the world.
Speakers:
Jelena Milosevic, Nurse and Independent Security researcher
Dumitra Dragos, SOC Analyst @ Adobe
Marius Barbulescu, Sr. Security Software Engineer @ Adobe
Event agenda
18:30 – 19:00 Registration
19:00 – 19:45 Jelena Milosevic – The challenge of building a secure and safe digital environment in healthcare
RSVP here to confirm your attendance to Security Espresso 0x19.
TechSociety
This event is hosted through TechSociety, an initiative that aims to grow the local tech community stronger by providing free event space, as well as logistical and communication support, to all people that organize free tech-related events.
Thinking about organizing a meetup or an event for the tech community out there? Join TechSociety, and we’ll help you out! All you have to do is submit the registration form available on our website, and we’ll get back to you to set all the details straight!
Join us to talk about how to handle company logs and how you can use fuzzing for discovering vulnerabilities. RSVP here to save your front row spot on February 26, starting 18:30!
About the event
Nowadays security is one of the biggest concerns for companies across the globe. Companies have a huge amount of logs to process but they can’t really do it without very expensive commercial solutions. Fortunately, there are free alternatives that can make your life easy and don’t require a compromise on functionality and scalability.
Ever tried to fuzz a library using American Fuzzy Lop? We will hear a story of how can you use fuzzing for discovering vulnerabilities and how some things lie hidden for years.
Event agenda
18:30 – 19:00 Registration
19:00 – 19:45 Cătălin Moisei – Correlate logs like a boss or how to create your own SIEM
19:45 – 20:00 Break
20:00 – 20:45 Radu-Emanuel Chișcariu – From idle CPUs to CVEs: How to use AFL for library fuzzing
20:45 – 21:30 Networking
Registration
RSVP here to confirm your attendance to Security Espresso 0x18.
TechSociety
This event is hosted through TechSociety, an initiative that aims to grow the local tech community stronger by providing free event space, as well as logistical and communication support, to all people that organize free tech-related events.
Thinking about organizing a meetup or an event for the tech community out there? Join TechSociety, and we’ll help you out! All you have to do is submit the registration form available on our website, and we’ll get back to you to set all the details straight!
Security Espresso breaks the ice with the first event of the year, where they will dig deeper into the EU Internet legislation and present the Yara engine. RSVP here to save your front row spot on January 22, starting 18:30 sharp!
About the event
Security Espresso 0x17 shines a much-needed spotlight on the European legislation that governs the Internet that we all take for granted. Afterward, an open source, cloud-based, Yara engine takes the stage – may the demo Godsl be on our side!
Event agenda
18:30 – 19:00 Registration
19:00 – 19:45 Matei-Eugen Vasile – Cum e cand legislatia privind tehnologia este facuta fara a intelege tehnologia si fara a respecta drepturile fundamentale ale omului
19:45 – 20:00 Break
20:00 – 20:45 Dan Demeter – KLara: Your New Friend
20:45 – 21:30 Networking
Registration
RSVP here to confirm your attendance to Security Espresso 0x17.
TechSociety
This event is hosted through TechSociety, an initiative that aims to grow the local tech community stronger by providing free event space, as well as logistical and communication support, to all people that organize free tech-related events.
Thinking about organizing a meetup or an event for the tech community out there? Join TechSociety, and we’ll help you out! All you have to do is submit the registration form available on our website, and we’ll get back to you to set all the details straight!
We use cookies to improve your experience on our website. You can withdraw consent or change your cookie choices at any time through your browser. AcceptRejectRead More
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
