DC 0471

Previous Sessions

Session #9: Platypus: Software-based Power Side-channel Attack

Event Date : 13th Dec, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Vamitha P Velu, EY

Bio: Cyber Security Analyst, EY

Abstract: Power side-channel attacks exploit variations in power consumption to extract secrets from a device, e.g., cryptographic keys. Prior attacks typically required physical access to the target device and specialized equipment such as probes and a high-resolution oscilloscope. PLATYPUS (Power Leakage Attacks: Targeting Your Protected User Secrets) can detect weak electrical signals emitted by its prey. PLATYPUS attacks which are novel software-based power side-channel attacks on Intel server, desktop, and laptop CPUs. Exploit unprivileged access to the Intel Running Average Power Limit (RAPL) interface that exposes values directly correlated with power consumption, forming a lowresolution side channel. Distinguishes different instructions and different Hamming weights of operands and memory loads. This enables attacker to not only monitor the control flow of applications but also to infer data and extract cryptographic keys.

Download the slides from [Here]. Watch the talk from [Here].

Session #8: MITRE SHIELD

Event Date : 06th Dec, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Prathibha Ramsait, EY

Bio: Senior Cyber Security Consultant, EY

Abstract: Overview on the missing puzzle of the blue team, "Mitre Shield" launched recently by MITRE. Walkthrough on the Tactics and technique mapping of Mitre Shield. Applying these in your defensive practice.

Download the slides from [Here]. Watch the talk from [Here].

Session #7: Hacking with android

Event Date : 29th Nov, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Jerin Shaji, UST Global

Bio: Associate Security Engineer at UST Global.

Abstract: I will be talking on how my hobby helped me learn information security.Then will talk about advantages of using android device for hacking and a breif discussion of tools that can be run on android device. At last I hope to show a small demo of hacking a kioptrix machines using an android phone

Download the slides from [Here]. Watch the talk from [Here].

Session #6: Zero Trust Architecture: "Trust is the most dangerous Vulnerability"

Event Date : 22th Nov, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Sreemol Menon, EY

Bio: I am Sreemol Menon, working as Cyber security analyst in EY. I have an overall experience of 7 years , specifically in Information security field for 2 years. Currently handling Incident Response and Incident triaging tasks.Also I am a GIAC certified professional in Defensible Security Architecture.

Abstract: Zero trust architecture and its basics: Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. “The strategy around Zero Trust boils down to don't trust anyone.

Download the slides from [Here]. Watch the talk from [Here].

Session #5: Detecting Active Directory Attacks on ELK

Event Date : 15th Nov, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Rahul R, Activbytes

Bio: Currently working as a Security Consultant with Activbytes, Active CTF player and SOC Analyst.

Abstract: A beginner friendly session to detect various Active Directory Attacks on ELK Stack and configure custom Detection Rules on Elastic SIEM.

Download the slides from [Here]. Watch the talk from [Here].

Session #4: Introduction to Android App pentesting

Event Date : 8th Nov, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Mohammed Shine, UST Global

Bio: Security Engineer at UST Global, Bugbounty hunter, Photographer.

Abstract: Introductory session about Android app security testing focused on beginners who are interested in android app pentesting.

Download the slides from [Here]. Watch the talk from [Here].

Session #3: Client-Side Javascript Vulnerabilities - Demystified

Event Date : 1st Nov, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Sreeram KL, Security Enthusiastic

Bio: Student,bug hunter and web security enthusiast who loves to explore web based client side vulnerabilities.A proud member of DEFCON Group, Trivandrum and loves sharing knowledge back to the community.Also one of the top 30 bug hunters featured in Google Hall of Fame.

Abstract: With emerging web technologies, client-side javascript is getting more powerful. Like technologies, vulnerabilities never fail to grow. Postmessage misconfiguration, DOM XSS and cross site leaking are some of those hot topics in the industry. In this talk, I will be presenting how to uncover and fix those vulnerabilities.

Download the slides from [Here]. Watch the talk from [Here].

Session #2: Emerging Fileless malware threats

Event Date : 25th October, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Nimna Sreedharan, Cyber Security Analyst

Bio: Nimna has more than 9 years of experience in the field of Cybersecurity, Incident triaging and Incident response (IR). She is currently part of the Internal Security Team working as a Digital Forensics Analyst with one of the Big Four companies. She has a deep understanding of latest security threats, vulnerabilities, and Incident Response. She possesses multiple professional certifications like GIAC certified Forensic Examiner (GCFE), ISO27001 Lead Auditor, etc. Nimna has been associated with DEFCON group Trivandrum since past 2 years. She was part of the winning team at the Red team Village - CTF competition organized at C0c0n 2019.

Abstract: When it comes to endpoint security, a handful of threats make up the bulk of the most serious attack tools and tactics. According to a recent study, the most common critical-severity cybersecurity threat to endpoints was fileless malware. Fileless malware has been rapidly evolving. This is because digital threats have evolved far beyond signatures. Most threats we see today are polymorphic. They are able to create a whole new version or variant of themselves upon every new infection in order to fool basic AV. Through this session, I would describe the emerging fileless malware and the techniques they employ to evade detection.

Download the slides from [Here]. Watch the talk from [Here].

Session #1: Active Directory : where exploit ends (Kind of)

Event Date : 18th October, 2020 : 07:00 PM to 08:00 PM
Virtual event : Live on Facebook and Discord

Aravind Prakash, Lucideus Tech

Bio: Aravind is working as a Security Analyst at Lucideus Tech. Primarily working as a part of internal security team. He has been working in the cyber security industry for the past 2 years. Aravind has been volunteering for the c0c0n organization team from 2018, a proud member of DEFCON Group Trivandrum and part-time volunteer at the Red Team Village community.

Abstract: All the fortune 500 are using active directory. Are we sure all these teams Configuring it properly. I will be talking about common Active directory configuration mistakes. What it can lead to, and how to fix it?

Download the slides from [Here]. Watch the talk from [Here].