Summer CyberSecurityDay
22.6. 2024
Practical workshops based on real-world experiences in resolving computer security incidents. An opportunity to talk to people who are professionally involved in information and cybersecurity, to meet new people, and compete for interesting prizes.
Agenda
Lectures
Digital security - from phishing to the dark web
Marián Repašan (ESET)
During this lecture we will cover three interesting areas of cyber and information security. Phishing is a technique that attackers use to obtain sensitive data from victims. Being able to identify suspicious messages and being careful when clicking on links are essential for our security. When using chatting applications, make sure to encrypt your communication and trust only verified sources. Avoid sharing sensitive information over channels which are not secure. Tor allows anonymous browsing of the Internet, including the Dark Web. Safe use of Tor and caution when accessing the Dark Web are essential.
Workshops
Location Detection: Introduction to GeoOSINT
Eva Marková (ESET/UPJŠ)
Level: low
Can we locate places in photos? Are there tools that can help us with this? In this workshop you will learn the basics of geolocation and discover free tools and platforms that can help us with localization. GeoOSINT will show us how to collect and analyze geographic information from publicly available sources. Through practical exercises, we will try how to apply these techniques to real-world examples.
Security of Website Content Management Systems
Michal Copko (SPŠE)
Level: high
During this workshop we will take a closer look at website content management systems (CMS). We will show you the security of these systems and the possibilities of their abuse by exploiting various security vulnerabilities. The workshop also includes a demonstration of a simple attack on the most commonly used CMS – WordPress.
Web browsers from the perspective of data analysis
Zuzana Hennelová (CSIRT-UPJŠ)
Level: Intermediate
In this workshop we will introduce forensic analysis of web browsers. We will show you what data these web browsers store. Data in web browsers is stored in databases and their tables by default. Let's show you how to work with them and how to obtain information about user activities.
Social engineering
Katarína Regeciová (CSIRT-UPJŠ)
Level: low
Learn how to protect yourself from sophisticated manipulation techniques that abuse human factors for profit. The workshop will introduce you to different types of social engineering attacks, from phishing and spearphishing to vishing and baiting. You will gain insight into what psychological weaknesses attackers exploit and how you can effectively counter them.
Support of CSD 2024
Autumn CyberSecurityDay
16.11.2024
Practical workshops based on real-world experiences in resolving computer security incidents. An opportunity to talk to people who are professionally involved in information and cybersecurity, to meet new people, and compete for interesting prizes.
Agenda
Lectures
Ethical Hacking in Practice
Kevin Seman (IstroSec)
The lecture will introduce the different forms and roles of ethical hackers who work in the field of offensive security. It will focus on a spectrum of activities, from penetration testing, which simulates cyber attacks to identify weaknesses in IT infrastructures, to physical intrusions, where organizations' security measures are tested in places with sensitive data. The tools, techniques and methodologies that these specialists use to uncover vulnerabilities will be discussed. The lecture will also clarify the ethical and legal aspects of their work and the importance of their collaboration with organizations to improve security.
Workshops
Cybersecurity through the eyes of an attacker
Kevin Seman (IstroSec)
Level: Intermediate
The workshop offers a practical look at the cybersecurity of organizations through the eyes of an attacker. Participants will learn about the techniques and tools that attackers use to find vulnerabilities in systems and networks. In a simulation of an express penetration test, participants will be guided step by step through the process from identifying vulnerabilities to proposing solutions. The aim of the workshop is to provide practical experience and knowledge in the field of penetration testing and to present the outputs of the penetration test to participants.
Security of Website Content Management Systems
Michal Copko (SPŠE)
Level: Intermediate
During this workshop we will take a closer look at website content management systems (CMS). We will show you the security of these systems and the possibilities of their abuse by exploiting various security vulnerabilities. The workshop also includes a demonstration of a simple attack on the most commonly used CMS – WordPress.
Mobile Device Security
Jakub Mohler (CSIRT-UPJŠ)
Level: low
The theoretical part of the workshop will cover the most common attacks on mobile phones, including technical details and methods of protection against them. During the practical part, we will go through key settings related to privacy and security on mobile phones.
Responding to cyberattacks with a game (Backdoors & Breaches)
Pavol Sokol (CSIRT-UPJŠ)
Level: Intermediate
Backdoors & Breaches is a cooperative cyberthreat simulation game where "defenders" work together to uncover attack paths used to attack their environment. The game combines elements of a card game and classic role-playing games, allowing organizations and individuals to learn about tactics and tools used in cyberattacks and defense against them. This workshop will provide an opportunity to get acquainted with the game Backdoors & Breaches, practice responses to cyberattacks and learn the basics of cybersecurity in a fun way.
Support of Autumn CSD 2024