scanabc-academy.md

ScanABC Academy

Lets watch infosec presentations together! The schedule is below.

2020-02-19: The Case for Scale in Cyber Security

• Kielo big meeting room, 14:00 — 15:00
• Host: oherrala
• Presenter: Vincenzo Iozzo
• Presentation:
  • https://www.youtube.com/watch?v=39tDPDacr5g
  • https://media.ccc.de/v/36c3-11220-the_case_for_scale_in_cyber_security
• Slides: https://drive.google.com/file/d/1L7dvODbksG7X7XgH0i2dxBJvwCUBoBys/view

The impact of scale in our field has been enormous and it has transformed the tools, the jobs and the face of the Infosec community. In this talk we discuss some of the ways in which defense has benefitted from scale, how the industry might be transitioning to a new phase of its growth and how the community will have to evolve to stay relevant.

2020-02-12: On the insecure nature of turbine control systems in power generation

• Kielo big meeting room, 14:00 — 15:00
• Host: oherrala
• Presenters: @repdet, @moradek, @Alender911
• Presentation:
  • https://www.youtube.com/watch?v=ty062cOKbnU
  • https://media.ccc.de/v/36c3-10689-on_the_insecure_nature_of_turbine_control_systems_in_power_generation
• Slides: https://github.com/klsecservices/Publications/blob/master/36c3-Security%20of%20turbine%20control%20systems.pdf

A deep dive into power generation process, industrial solutions and their security implications. Flavoured with vulnerabilities, penetration testing (security assessment) methodology and available remediation approaches.

2020-02-05 LIVE! IoT devices

• Kielo big meeting room, 14:00 — 16:00
• Host: jtt

2019-01-29: The KGB Hack: 30 Years Later

• Kielo big meeting room, 14:00 — 15:00
• Host: oherrala
• Presenter: Anja Drephal
• Presentation:
  • https://www.youtube.com/watch?v=3vECl4oLCZA
  • https://media.ccc.de/v/36c3-11031-the_kgb_hack_30_years_later

This spring marked the 30th anniversary of the public uncovering of the so-called KGB Hack, bringing with it a number of new articles remembering the event and forging bridges to the present.

The 36C3 seems an excellent opportunity to take a look back at the instance of hacking which, even more so than previous events like the BTX and NASA Hacks, brought the CCC into the focus of the (West-)German public – and, additionally, the Federal Office for the Protection of the Constitution (Verfassungsschutz) and the Federal Intelligence Service (Bundesnachrichtendienst).

2019-01-22: Boeing 737MAX: Automated Crashes

• Kielo big meeting room, 14:00 — 15:00
• Host: oherrala
• Presenter: Bernd Sieker
• Presentation:
  • https://www.youtube.com/watch?v=PlaMQBEg-9M
  • https://media.ccc.de/v/36c3-10961-boeing_737max_automated_crashes

Everybody knows about the Boeing 737 MAX crashes and the type's continued grounding. I will try to give some technical background information on the causes of the crash, technical, sociological and organisational, covering pilot proficiency, botched maintenance, system design and risk assessment, as well as a deeply flawed certification processes.

2019-01-15: Jumping Air Gaps

• Kielo big meeting room, 14:00 — 15:00
• Host: oherrala
• Presenter: Monta Elkins
• Presentation: https://www.youtube.com/watch?v=ByK7GJrWq_M

Presentation from the 5th Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems, Stockholm, Sweden, 22–25 October 2018.

Monta Elkins from FoxGuard Solutions talks about Jumping Air Gaps at CS3STHLM 2018.

Backlog

• 36C3 playlist: https://www.youtube.com/playlist?list=PL_IxoDz1Nq2YWdnWC4VFPk5ovr_xUZemX
• Black Hat USA 2019 Keynote: Every Security Team is a Software Team Now by Dino Dai Zovi
  • https://www.youtube.com/watch?v=v1_mMO30Mxw