ZeroNights 2018 united more than a thousand participants
The conference took place at the A2 Green Concert club and united more than a thousand participants from all over the world. Among them, there were CISOs and members of cybersecurity departments, programmers, researchers, analysts, pentesters, journalists, and all those interested in the practical aspects of cybersecurity.
The conference hosted 60 speakers from 9 countries: France, Spain, Germany, China, Malaysia, Malta, Kazakhstan, Russia, and Armenia. The speakers are the employees of various companies, like Airbus, Facebook, Synacktiv, Kaspersky Lab, Tencent Security Xuanwu Lab, Shape Security, Wrike, X41 D-Sec GmbH, and others. Among them are acknowledged international specialists: Dhillon Cannabhiran, David Baptiste, Alexandre Gazet, Eric Sesterhenn, Alexey Tiurin, Vladimir Dashchenko, Sergey Belov, Yuriy Gurkin.
The participants of the conference discussed web security, the security of Windows, MacOS, and iOS, the vulnerabilities of payment systems and apps, mobile security, and new hacking techniques.
Topics of the conference:
— How hackers can control a mobile device through the Wi-Fi chip;
— How fax machines can become adversaries in a corporate network;
— Many vulnerabilities of the USB device drivers for Windows;
— How Git web servers expand attack surface;
— How to use hardware to compromise network devices and infrastructure;
— How adversaries can use UpnP to hide their activity in a network;
— Cybersecurity imperfections and the difficulties of reporting and closing a vulnerability in the context of Russian ICS;
— The outcomes of ill-considered use of new technologies in client development;
— Errors in compilators that can be used to inject backdoors into software;
— How a system can be infected down to the BIOS level;
— Ntlm Relay attack is still dangerous and can be used in new ways;
— How to assess the security of the configuration files of network hardware quickly and effectively;
— The security problems of SD-WAN;
— How development systems can be attacked and used to attack their owners;
— How GPU virtualization can be used to attack a system;
— Which vulnerabilities and problems can be used in popular products and libraries like ImageMagick, Redis, SCADA systems, and node.js projects.
There were also different activities during ZeroNights: hacking quests, Web Village, and Hardware Zone sections.
We would like to thank our partners, who supported the conference this year: Yandex, Mail.ru, Epam, SEMrush and Digital Security.
Bios of speakers, descriptions of talks, and materials will become available on the conference website within the next two weeks. Follow our updates, and see you at ZeroNights 2019!