Workshops and the Schedule annouced!

We incourage you to check out the draft of the CONFidence 2013 schedule! Two days packed with lectures hosted by the best specialists not only from Europe but from all over the world!

The schedule can be found where.

Moreover the day before the conference there will be two workshops:
Fernando Gont – IPv6 Hacking Crash Course
Georgia Weidman – Attacking and Securing Mobile Devices

More information about the workshops, touched topics, how to register and much more can be found in the workshops section.

A special 10% discound code for CONFidence attendees. Please contact: marek.nowak@proidea.org.pl

ATTENTION!
The number of workshops participants is limited so first come first serve!

Registration for ZeroNights is open!

We are proud to announce that registration for ZeroNights 2013 has begun. ZeroNights is an annual international practical security conference, conducted by ERPScan and CareerLab, and supported by Yandex. Technicians, administrators, ISOs and CISOs, programmers, and everyone interested in the practical side of information security are welcome to participate.

ZeroNights shows new attack methods and threats, discovers new possibilities of attack and defense, and suggests out-of-the-box security solutions.  Experts, infosecurity practitioners, analysts, and hackers from all over the world will share unique knowledge and skills and dispel delusions with reason, research, facts, and figures.

Date: November 7–8, 2013.

Venue: Coworking center 2.0, 28A Varshavskoe shosse, Moscow, Russia.

Features:
Best papers delivered by the experts from around the globe
There are no invulnerable systems. There are only well-defended ones. And there should be no place for illusions in the quest for a well-defended system. Star speakers from various countries will help you disavow myths, , and assess the actual security level of one system or another. You will know how hackers plan their actions, how malware and exploits work. The experts will show their current research, analyze the most important problems of the field, and demonstrate actual attacks.

Workshops by world-class professionals
The gurus of infosec are ready to share unique knowledge and skills. At their workshops, you will learn how to write exploits, how to bypass the defense of OS and browsers, how to find vulnerabilities in web projects. Practical knowledge fortified by theory is priceless.

Business track
The new separate track for CISOs is an opportunity to actually evaluate the business risks imposed by infosec threats. You will find everything you wanted to know about information security: figures, facts, opinions, and solutions.

Best place for friendly and professional communication
ZeroNights gathers professionals from Russia and other countries. Here is the informal venue to get the answers to the hottest questions, to meet the best infosec practitioners, and to acquire unique knowledge.

Contests for the gifted
Age, sex, occupation, personal achievements mean nothing in our contests. The main thing is talent, daring, speed and unique skills. Just act and win.

ESET CrackMe! Five conference passes to be won!

As a tradition, before the CONFidence conference we would like to give you an opportunity to solve an ESET CrackMe.

CrackMe has already been published and you can win up to five tickets for the conference!

More details can be found here!

We already got more than 50 applications. List of winners can be found here!!

ZAPROSZENIE NA SPOTKANIE OWASP

Zapraszamy na spotkanie OWASP w Krakowie, we środę 8 maja. Spotykamy się jak zwykle w KPT ale tym razem o godzinie 17.00.

W programie:

• Bezpieczeństwo a zarządzanie projektami – Paweł Klewar
• Model bezpieczeństwa rozszerzeń Google Chrome – Krzysztof Kotowicz

Poza tymi dwoma prezentacjami, proponujemy dyskusję na temat zagrożeń związanych z włączaniem obcej zawartości (reklam, statystyk, itp.) do kodu strony. Czy jest to zawartość zaufana? Co się stanie jeśli ktoś przejmie kontrolę nad add-serverem? Jak można temu przeciwdziałać? Problem omówimy na przykładzie realnych incydentów – instytucji zaufania publicznego z branży finansowej oraz popularnego portalu poświęconego bezpieczeństwu IT. Problem nie jest prosty do rozwiązania, więc liczymy na gorącą dyskusję!

Szczegóły i rejestracja na Eventbrite: http://www.eventbrite.com/event/6458841569

We’re accelerating! First round of CFP results, X-traction Point game anouncement and more…

We have finished first round of CFP evaluation thus we can present you with the first list of speakers for the upcoming CONFIdence! We’re still working on more topics so stay tuned for more information!

• Adam ‘pi3′ Zabrocki – Crashdumps: hunt 0days and rootkits
• Arseny Reutov – PHP Object Injection revisted
• Devesh Bhatt – My Experiments with truth: a different route to bug hunting
• Dmitriy Chastuchin – Breaking, Forensicating and Anti-Forensicating SAP Portal and J2EE Engine
• Evgeny Neyolov – Breaking, Forensicating and Anti-Forensicating SAP Portal and J2EE Engine
• Fernando Gont – Network Reconnaissance in IPv6 Networks
• Felix “fx” Lindner – Cisco in the Sky with Diamonds
• Georgia Weidman – Can You Hear Me Now: Leveraging Mobile Devices on Pentests
• Gregor Kopf – Cisco in the Sky with Diamonds
• Grzegorz Niemirowski – Podatności aplikacji desktopowych
• Gynvael Coldwind – Beyond MOV ADD XOR – the unusual and unexpected in x86
• Nguyen Anh Quynh – Opticode: machine code deobfuscation for malware analysts
• Ilja van Sprudel – Linux Desktop Insecurity
• Jesse Burns – Securing Data in Mobile Application Suites
• Marcel Carlsson – Ph0k 0-days, We Will Pwn U with Hardware Mofos
• Marek Zmysłowski – Testy penetracyjne – 7 grzechów głównych (Penetration Testing – 7 Deadly Sins)
• Mateusz “j00ru” Jurczyk – Beyond MOV ADD XOR – the unusual and unexpected in x86
• Meredith L. Patterson – LANGSEC 2011-2016
• Michał Sajdak – Embedded Devices Hacking
• Nikita Tarakanov – Exploiting Hardcore Pool Corruptions in Microsoft Windows Kernel
• Rafal Los – Beyond Reactive Security – Detect, Respond, Restore: Faster – cancelled his trip
• Robert Lipovsky – The “Facebook PokerAgent”
• Thomas Lim – TBP
• Yaniv Miron – Ph0k 0-days, We Will Pwn U with Hardware Mofos
• Yury Chemerkin – Insecurities in blackberry

Additionally we can now confirm that together with whe Core Group, we will launch a second edition of the X-traction Point game, featuring live invasion on a bunker, with lock-picking, alarm disabling and assault on a bunker instalation preceded with additional onsite trainings on lockpicking, airsoft guns and more!

Finally, we have confirmed the venue to be the same location as previous years at the industrial water pump station at Bielany, with huge buildings and plenty of space for un-conference time!

Prepare yourselves for two days full of technical talks, amazing workshops and great atmosphere at The legendary CONFIdence!

ADD: As CFP review process took us more time than expected, and we’re still working on it, we decided that we will deploy an additional discount code for people registering before 18th of April so that we will get back in time and if you use the “2k13schedule” code you will get 10% discount on the registration fee!

For those seeking a calm place to stay during the conference, we recommend booking our Hackers’ Squad - a cozy and reliable hostel we’ve been using for the last couple of years. Using that you can also stay closer to other groups of hackers traveling to CONFidence.

CONFidence 2013 first speakers

We are slowly nearing to the end of the Call for Papers for the CONFidence 2013 edition. For the next couple of weeks we will be busy evaluating all the applications.

But now we would like to introduce our first speakers: Felix “Fx” Lindner, Greg co-worker with Fx at Recurity-Labs and Ilja van Sprundel from IOActive.

Soon the next names will be revealed.

Ok, here it is! The new theme of the CONFidence 2013 conference

The preparations for CONFidence 2013 are fully underway! Right now we would like to give you a sneak peek of our work – the new conference “Las Vegas” theme. Get ready for a some “Security Gamble”.

Furthermore as always we are trying our best and put a lot of focus on providing you the best speakers and security specialists to ensure the high professional level of lectures. The fruits of our work will be revealed soon!

Preparations for CONFidence 2013 have begun!

We have commenced the preparations for the next edition of CONFidence conference. It is scheduled to be held on May, 28-29, traditionally in Krakow.

We encourage you to apply for Call for Papers or visit the early registration page.

Call for Papers is open untill February 28th, 2013.

29C3 – Not my department – CONFidence Road Trip!

W.E-H/A:V{E-3/S:E-A.T)S.I-N.A:C/A:R{G-O:I.N}G.F-R/O:M)K[R-A.K:O}W.T-O/H:A)M:B-U.R/G{F}O)R.T-H/E:2.9-C/3.!-I:F]Y-O:U/R:’R/E.I)N{T-E/R.E}S(T-E/D.C.O-N/T{A]C)T.U-S!

We have 3 seats in a car going from Krakow to Hamburg for the 29C3 if you are interested contact us!

Hacktivity conference on October 12-13, 2012

We would like to invite everyone for Hacktivity – the largest IT Security Festival in Central and Eastern Europe. This year’s edition will be held on October 12-13, 2012.

Real festival mood, presentations, workshops, games, hardware hacking, lockpicking, big Friday party and 1000+ hackers from all over the world!

… Who are the keynotes?

Jeff Bardin – So You Want to Be a Cyber Spook – Open Source Intelligence

Sir David Pepper – Cyberspace and Beyond – Evolution in Action

Shakeel Tufail – Software Threat Modeling

…and Who else will be there?

Zoltán Balázs / Hungary — Zombie Browsers

Alexander Poljakov / Russia — Top 10 SAP vulnerabilities and attacks

Joe McCray / USA — The Evolution of Pentesting High Security Environments

András Kabai / Hungary — Hunting and exploiting bugs in kernel drivers

Alexander Kornbrust / Germany — Self Defending Database

Vivek Ramachandran / India — Malicious Wi-Fi Routers for Fun and Profit

Miroslav Stampar / Croatia — Spot the Web Vulnerability

Boldizsár Bencsáth / Hungary — Duqu, Flame, Gauss malware analysis experiences

Shay Chen / Israel — Diviner the new OWASP ZAP extension

…And what else?!

Paypass vulnerabilities, “Chip-tweet”, alternative usage of PKI devices, HSRP insecurities, USB=Universal Security Bug, Alternative Internet, Browser based attacks, Android security, iOS security, Digipass Instrumentation, NAT attack, Security Code Review, Geek Girls, Tracing mobile phones, Lockpicking 2.0, Elite Social networks crooks, AV insecurities.

…And discounts?

Contact slawomir.jabs{@}confidence.org.pl for a discount.

…More info?

Hacktivity registration can be found: hacktivity.com/en/tickets/