CyberSecurityDay

2023

Jesenná 5, 040 01 Košice
Faculty of Science, UPJŠ

Spring
Autumn BA
Autumn KE

Spring CyberSecurityDay 2023

17.6. 2023

Practical workshops based on real-world experiences in resolving computer security incidents. An opportunity to talk to people who are professionally involved in information and cybersecurity, to meet new people, and compete for interesting prizes.

The event is carried out as part of the Information Security is not enough to be taught, it must be lived project with the financial support of the SK-NIC Foundation.

1
2
3
4
5
6
7
8
9
10
11
12

Agenda

  • 08:30 - 09:00

    Registration

  • 09:00 - 09:05

    Welcome speech

  • 09:05 - 09:50

    Lecture: Bad advice and myths about cybersecurity

  • 10:00 - 11:00

    1st workshop (selection from 4 parallel workshops)

  • 11:10 - 12:10

    2nd workshop (selection from 4 parallel workshops)

  • 12:20 - 13:00

    Pizza and Quiz: Competition for interesting prizes, not only from the computer science field

Lecture

Bad Advice and Myths About Cybersecurity

Miroslav Lukáč, ESET

At least one time someone in the media or on the internet has probably offered you advice on how to improve your security or protect your privacy . Some advice is better, some is worse, and the rest is just plain bad ideas. Will you really be anonymous with a VPN? Is it really dangerous to use public WiFi? What about charging your phone in public places? We'll talk a little more about this and other "advice" and finally, I'll mention some practical and useful advice that really works.

Workshops

Forensic Memory Analysis: Gaining Valuable Information When Solving

Eva Marková - ESET / CSL PF UPJŠ

Using forensic memory analysis we can obtain a lot of important information related to a security incident, including records of running processes, open files, memory structures, and network connections. The goal of this interactive workshop is to practically demonstrate the procedures for extracting and analyzing this information. Participants will learn how to use the Volatility tool and also techniques that will allow them to detect potentially dangerous activity.

Malware Classification Using Neural Networks

František Kurimský / Richard Staňa, CSL PF UPJŠ

Malware classification helps analysts understand the behavior of malicious files. During the workshop we will look at ways to obtain a scored dataset. We will show several options for visual representation and proposals for neural network models for this classification problem.

Mobile Device Security

Michal Šafranko, IstroSec / CSIRT-UPJS

The theoretical part of the workshop will cover the most common attacks on mobile phones, including technical details and methods of protection against them. During the practical part, we will go through key settings related to privacy and security on mobile phones.

Traps to catch attackers

Pavol Sokol, CSIRT-UPJS

From the point of view of protecting an organization, fraudulent systems represent an irreplaceable element. They allow the organization to obtain valuable information about attackers in the form of the attack vector, target of the attack, the tools used and the information sources used. The most famous fraudulent technique is honeypots – traps for attackers. During the workshop, we will take a closer look at what honeypots are, how they work and what benefits they bring to the organization.

Support of CSD 2024

Autumn CyberSecurityDay 2023 (Bratislava)

21.10. 2023

Practical workshops based on real-world experiences in resolving computer security incidents. An opportunity to talk to people who are professionally involved in information and cybersecurity, to meet new people, and compete for interesting prizes.

The event is supported by a subsidy from the Ministry of Education, Science, Research and Sports of the Slovak Republic in the field of youth work, which is administered by NIVAM - the National Institute of Education and Youth.
1
2
3
4
5
6
7
8
9
10
11
12

Agenda

  • 08:30 - 09:00

    Registration

  • 09:00 - 09:05

    Welcome speech

  • 09:05 - 09:50

    Prednáška: APT skupiny: skryté hrozby s viditeľným dopadom

  • 10:00 - 11:00

    1st workshop (selection from 4 parallel workshops)

  • 11:10 - 12:10

    2nd workshop (selection from 4 parallel workshops)

  • 12:20 - 13:00

    Pizza and Quiz: Competition for interesting prizes, not only from the computer science field

Lecture

APT groups: hidden threats with visible impact

Kristína Urbanová, ESET

Have you ever wondered how it looks like in the secret world of digital ninjas, agents and spies? They are not ordinary hackers with black hoods on their heads. They are like James Bonds with perfectly planned missions. We will shed light on this world of advanced persistent threats, the so-called APT groups. Using specific cases, you will find out why cybersecurity is a challenge not only for individuals, but also for countries and their governments. Is it possible to stay one step ahead of advanced attackers?

Workshops

Phishing campaign / Security policy of the organization

Pavel Matějíček, BOIT

When designing your organization's security policy, it is important to remember that the most effective defense against phishing campaigns is a combination of technology, processes and continuous education. In this presentation, I will present you with proven strategies and practical tips on how to successfully integrate these three key components into your organization.

Introduction to Forensic Analysis of Operational Memory

Eva Marková, ESET / UPJŠ

Forensic analysis of operational memory is an important part of resolving security incidents. We can obtain a lot of important information related to a security incident from it. The goal of this workshop is to show the way in which memory is secured. We will show several examples of information that we can extract from it, which can help in the investigation itself.

How we searched for missing people - OSINT in practice

Pavol Sokol, CSIRT-UPJŠ

Open source intelligence (OSINT) significantly helps in information and cybersecurity. During the workshop we will show you how it is possible to search for missing people using OSINT. We will try out several basic tools for searching for relevant information about people (email addresses, user accounts, photos).

Mobile Device Security

Michal Šafranko, IstroSec / CSIRT-UPJŠ

The theoretical part of the workshop will cover the most common attacks on mobile phones, including technical details and methods of protection against them. During the practical part, we will go through key settings related to privacy and security on mobile phones.

Support of CSD 2024

Autumn CyberSecurityDay 2023 (Košice)

11.11. 2023

Practical workshops based on real-world experiences in resolving computer security incidents. An opportunity to talk to people who are professionally involved in information and cybersecurity, to meet new people, and compete for interesting prizes.

1
2
3
4
5
6
7
8
9
10
11
12

Agenda

  • 08:30 - 09:00

    Registration

  • 09:00 - 09:10

    Welcome speech

  • 9:10 - 10:00

    Lecture: Security threats around us

  • 10:15 - 11:15

    1st workshop (selection from 4 parallel workshops)

  • 11:30 - 12:30

    2nd workshop (selection from 4 parallel workshops)

  • 12:30 - 14:00

    Pizza and Quiz: Competition for interesting prizes, not only from the computer science field

Lecture

Security threats around us

Peter Matej, eMsec

A general and still very common idea is that cybersecurity only concerns organizations and companies. In fact, the larger the company, the more it should be concerned with cybersecurity. A large company has greater values ​, assets, and therefore probably has something to lose. And what about an ordinary person? Is he in danger? Should he pay attention to cybersecurity? What are the general threats of the digital world? How our personal digital life is connected to our work life, even if we sometimes don't notice it. The lecture will focus on the most common cyber threats to an ordinary person and the possible impacts on a person as an individual.

Workshops

Mail as an attack vector

Peter Matej, eMsec

Despite the existence of various communication tools, from tools for voice calls and video conferencing to messaging applications, chat tools to file sharing and various collaboration tools, mail remains the most frequently used tool. This also makes it an object of interest for cybercriminals and one of the main attack vectors. We will look at how mail works, how and why it can be abused, and how phishing campaigns take place. We will show several simple tools for controlling mail communication and discuss the future development of mail communication and phishing campaigns.

Introduction to Cryptology

Pavol Sokol, CSIRT-UPJŠ

Concealment and the decryption of messages have accompanied us since the beginning of humanity. During the workshop we will explain and practically try out simple ciphers. We will explain the difference between encoding and encryption, digital fingerprints and keys. We will “bake” all this in the workshop using the Cyberchef tool.

CTF competitions - A fun and playful form of education

Ladislav Bačo, ESET

We can see and hear something, but if we want to learn it properly, it is very useful to also try it ourselves. And when we add elements of gamification to it, it is also fun. At this workshop we will talk about Capture the Flag (CTF) competitions. And not only will we talk, but we will also solve several sample tasks. You can look forward to finding the hidden, looking inside files, a little bit of sleuthing and at the end, there may be a level “1337 h4x0r”.

Introduction to Linux Forensic Analysis

Zuzana Hennelová, Henrieta Paločková, CSIRT-UPJŠ

Linux is a widespread operating system and can become a target of attackers just like Windows. What is the difference between working on Linux and Windows? Where to look for digital traces in forensic analysis? In this workshop, we will answer these questions and try out the work of a forensic analyst on the Linux operating system. Using a simple example, we will show where basic information and significant digital traces are located.

Support of CSD 2024