The fifteenth DC7499 meeting is over.

On 10th of November DEFCON Moscow will be located in the Congress Center MTUCI with the main track in the main hall for 30-40 minutes and the smaller hall designated as “let's do it quick” for 15-20 minutes.

On 11th we are moving towards RNDM bar and starting from noon we continue in the format of "Villages".

By the end of all this unbridled fun, 11th november we will dance to a sincere electronic music on DEFCON PARTY with Paperclip x Dereck.

Photos from DEFCON Moscow 15

The Intel Management Engine (ME) technology was introduced in 2005. Though more than 10 years have passed, it is still very hard to find any official information about ME on the Internet. In my presentation, I will explain in detail how ME 11.x uses platform keys. I will also talk about cryptographic primitives that ME 11.x supports.

This talk will share a lot of information how defensive teams are working under bug bounty program, trying to invite more hackers and also about cool issues that they can find.

2018 is rolling by, and we have two kinds of messengers in store: those with gov't IDs as handles, fancy stickers, and used by everyone, and Jabber. Clearly, first ones, with their custom military-grade (opt-in) encryption aren't only useless to get snow, but also harmful for the civil society. Why, till when, e2e for the man, what to do now and what to do then: for good folk and red-eyed fringe.

This report will cover currently existing solutions for TCP-traffic tunneling through a DNS tunnel. Also an utility of own development will be presented. The advantages of it can be distinguished by the presence of universal scripting clients on powershell and bash, forwarding of certain ports and support for socks-proxy. And, of course, it's open source.

Often, everything that is right in front of your eyes is being checked more meticulously than parts inaccessible to the average user. We are looking for hidden functionality of web applications for the subsequent search for vulnerabilities.

Jayson Street attended the fifteenth meeting DC7499

The talk revolves around the technical side of the implementation of the new event types introduced by Positive Technologies. We will decompose the infrastructure used for hackathons, CTFs, and other competitions, and look back at the past cybersecurity hackathon that took place in Nizhny Novgorod on October 12–13.

Lockpick Village, hardware hackers and more.


Paperclip x Dereck (Paperfunk Recordings)

Thanks a lot for support 15th meeting of DEFCON Moscow:

Bogomolov Egor, Woolf Anatoliy and Rutkevich Valentin :)