CyberSecurityDay

2022

Jesenná 5, 040 01 Košice
Faculty of Science, UPJŠ

Spring
Autumn

Spring CyberSecurityDay 2022

4.6. 2022

Practical workshops based on real-world experiences in resolving computer security incidents. An opportunity to talk to people who are professionally involved in information and cybersecurity, to meet new people, and compete for interesting prizes.

1
2
3
4
5
6
7
8
9
10
11
12

Agenda

8:30 - 9:00
Registration
9:00 - 9:05
Welcome speech
9:05 - 9:50
Lectures
10:00 - 11:00
1st workshop

výber zo 4 paralelných workshopov

11:10 - 12:10
2nd workshop

výber zo 4 paralelných workshopov

12:20 - 13:00
Pizza and Pub Quiz

enter to win prizes - not only from IT

  • 08:30 - 09:00

    Registration

  • 09:00 - 09:10

    Welcome speech

  • 09:10 - 09:50

    Lecture: Bad advice and myths about cybersecurity

  • 10:00 - 11:00

    1st workshop (selection from 4 parallel workshops)

  • 11:10 - 12:10

    2nd workshop (selection from 4 parallel workshops)

  • 12:10 - 13:00

    Lunch

  • 13:00 - 14:00

    Pubquiz: Competition for interesting prizes, not only from computer science

  • 14:00

    "Recreational computer science" - flying with drones, board games, table football, student projects and conversations not only about studying computer science

Lectures

Can you outsmart a hacker?

Terézia Mézešová, Siemens Healthineers

Each of us is in contact with various applications every day. We learn through them, we stay in touch with friends, we use them for fun, but also to track how many steps we have taken or how long we have slept. All this data is an interesting target for hackers to monetize or use against us. Therefore, it is important that we as programmers take care of them when developing them. Together, we will discuss what we can do to outsmart hackers and make it as difficult as possible for them to misuse our application.

Workshops

Fraudulent Message Analysis

During the workshop we will take a closer look at real fraudulent messages. Participants will try out the work of a security analyst and will analyze the headers of fraudulent messages, the content as well as malicious links and attachments.

Network forensics

Participants will try out network communication analysis and become familiar with the basic tools for this analysis. The workshop will analyze the communication between a compromised device and an attacker.

How to respond to a security incident (malware)

Time plays a significant role in responding to a security incident. Identifying malware on a device as far as possible is an important task for security analysts.

Autonomous vehicles and artificial intelligence methods

The workshop will introduce artificial intelligence methods and their use in driving autonomous vehicles. In the practical part, we will create a neural network model that can classify photos or images by car type.

Autumn CyberSecurityDay 2022

22.10.2022

Practical workshops based on real-world experiences in resolving computer security incidents. An opportunity to talk to people who are professionally involved in information and cybersecurity, to meet new people, and compete for interesting prizes.

The event is carried out as part of the project Learn the basics of information security and educate those around you, with financial support from the SK-NIC Fund.

1
2
3
4
5
6
7
8
9
10
11
12

Agenda

  • 08:30 - 09:00

    Registration

  • 09:00 - 09:05

    Welcome speech

  • 9:05 - 9:50

    Lecture: Anatomy of a Cybersecurity Attack (Ladislav Bačo, ESET)

  • 10:00 - 11:00

    1st workshop (selection from 4 parallel workshops)

  • 11:00 - 11:10

    Prestávka

  • 11:10 - 12:10

    2nd workshop (selection from 4 parallel workshops)

  • 12:10 - 13:00

    Lunch

  • 13:00 - 14:00

    Pub Quiz (súťaž o zaujímavé ceny nielen z oblasti informatiky)

Lectures

Anatomy of a Cybersecurity Attack

Ladislav Bačo, ESET

This lecture will take a closer look at the anatomy of a cybersecurity attack (cyber kill chain). It will include a demonstration of an attack where the attacker finds available email addresses, sends an infected PDF file, and then runs the meterpreter program. During the lecture, we will work with recorded network traffic. We will talk about the possibility of detecting attacks not only at the device level (e.g. using anti-malware programs), but also from the perspective of network traffic analysis.

Workshops

Mail as an attack vector

Peter Matej, eMsec

Despite the existence of various communication tools, from tools for voice calls and video conferencing to messaging applications, chat tools to file sharing and various collaboration tools, mail remains the most frequently used tool. This also makes it an object of interest for cybercriminals and one of the main attack vectors. We will look at how mail works, how and why it can be abused, and how phishing campaigns take place. We will show several simple tools for controlling mail communication and discuss the future development of mail communication and phishing campaigns.

How we searched for missing people - OSINT in practice

Zuzana Hennelová, CSIRT-UPJS

Open source intelligence (OSINT) significantly helps in information and cybersecurity. During the workshop we will show you how it is possible to search for missing people using OSINT. We will try out several basic tools for searching for relevant information about people (email addresses, user accounts, photos).

Fraudulent Message Analysis

Monika Rapavá, CSIRT-UPJS

During the workshop we will take a closer look at real fraudulent messages. Participants will try out the work of a security analyst and will analyze the headers of fraudulent messages, the content as well as malicious links and attachments.

Introduction to Forensic Analysis of Operational Memory

Eva Marková, UPJŠ/ESET

Forensic analysis of operational memory is an important part of resolving security incidents. We can obtain a lot of important information related to a security incident from it. The goal of this workshop is to show the way in which memory is secured. We will show several examples of information that we can extract from it, which can help in the investigation itself.

How to respond to malicious code (malware)

Michal Šafranko, IstroSec/CSIRT-UPJS

Time plays a significant role in responding to a security incident. How to quickly identify malware on a device is an important task for security analysts. During the workshop we will show you where to look for important digital traces and tools to identify and analyze these traces in the Windows operating system.

Support of CSD 2022