Let’s be honest for a moment. There are just not enough local security events in the country I live in – Czech Republic. And by that I mean mainly the middle-size conferences. You know, the ones where you came and don’t get trumpled to death by the sheer amount of people there. Don’t get me wrong, I love these large venues, but sometimes I just want to attend an event with great talks, good refreshments and nice people. A place where I don’t have to shy away from approaching a person to start chatting. Luckily for me, there is always Security Days organized by Tietoevry.
To be frank, I was looking forward to the Security Days conference organized by the Tietoevry for some time. In 2022, I have attended their first event (in fact, it was one of my first articles on this blog) which made me sort of biased towards this year as the expectation bar was already set really high. I was a bit worried that the event might not uphold its reputation. Should I even go there? Wouldn’t it be better to just keep the good memories of the previous year? Since you are reading this article, you have correctly guessed that I have decided to attend.
You might wonder what convinced me to change my mind? Well, let’s first answer a simple questions of what motivates introvert people such as myself to attend these social gatherings.
First we have the talks given at the event. If they are catchy and insightful, then you get me hooked (just like a well-crafted phishing email…just kidding). I don’t mind listening to the talk of a novice speaker as the “new guy/gal” can put together a masterful and entertaining lecture. If the event gets at least one public and familiar name on the speaker’s list, it is even better. This time, the organizers decided to continue with the speakers from Cyber Rangers who were giving the talk in 2022 as well.
The next thing people are interested in is the… refreshments (lol, I know). Even though I hope that more attendees are showing up for the interesting talks rather than food and beverages, having good refreshments definitely helps brighten the mood of everyone present. I don’t want to single anyone out, but in the past year, I have attended multiple conferences and meetups and I think that the refreshments on the events organized by this enthusiastic group are one of the best there. If you don’t believe, check out my article on the Cloudná akce 2023 which was also organized by Tietoevry. I am happy that even at the times of financial recession they have decided to uphold the quality we are all familiar with.
And the last thing that always gets me interested is the extra program there is. This year, there was a special space dedicated to socializing. A place where you can chat with others. A place where you can also meet some interesting and prominent figures of the industry. This time, you could have spoken to Radim Trávníček (BeSecured), Přemysl Blahut (Tietoevry), Petr Müller (Tietoevry) and Radek Novák (Czechitas).
Radim Trávníček
(BeSecured)
Přemysl Blahut
(Tietoevry)
Petr Müller
(Tietoevry)
Radek Novák
(Czechitas)
Fishing for the ideal victim to compromise a government entity
Ondřej Nekovář
(Státní pokladna Centrum sdílených služeb)
Jan Pohl
(Státní pokladna Centrum sdílených služeb)
Have you ever wonder how can an attacker today threat not only state instituions? What tools can he leverage for doing this? What data can be found on the internet for free? And how to prevent it as a defender (if that is even possible)? Is there a specific mindset you need for the counter-operation? In less then an hour, Ondřej a Jan gave us the outline of the steps that the attacker must take on his journey and how the defender can prevent him from reaching the holy grail by utilizing elements of an active cyber defense.
I was really intrigued by what the sheer amount of information available on the internet. Some of those even related to the recent attacks on educational institutions.If you are interested in this topic and want experience the chemistry between these two speakers, feel free to check out their DEFCON Group 420 that holds regular in-person meetups.
Global Cyber Threat Landscape: closer look and russian and chinese actors and cyber criminals
Michael Myklín (NÚKIB)
It is no secret, that NÚKIB and its regular reports are one of the best sources for getting general overview on the topic of cyber threats supported by various governments. In a brief, yet insightful talk, Michael covered strategical/operation point of view without going into technical details.
Infostealer as a threat of modern times
Daniel Hejda (Cyber Rangers)
Infostealers are a bain of doom of modern era. In an hour and a half, Daniel covered this topic from a basics such as how infostealer works, how it is distributed and how it gains the data to be then sold on the market.What I found interesting was an option to get infostealer as a service with the sales websites looking sleek and professional. An insightful part of the lecture was the discussion about logs that the infostealers are gathering and how these logs are then distributed not only through the dark web and at what price are the logs sold (based on hold old the logs are).
Up to the core of attacks on Active Directory
Jan Marek (Cyber Rangers)
Active Directory, the crown jewel of many companies. The one gem, that if compromised, you can basically burn down the forest. In an captivating and enjoyable hour and half, Jan managed to cover the intriguing techniques that attackers use to gain the foothold and take over the AD. From pass-the-hash and pass-the-ticket to Kerberoasting, the knowledge of basics have been passed down to the audience. What I really enjoyed about this talk was the fact that every slide was filled with screenshots that has been commented by the author. Also the spiritful discussion that continued even after the lecture was really insightful. I hope we will see more of those in the upcoming years.
Summary
To sum it up, I really enjoyed the Security Days 2023. Even though I was a bit worried that the event won’t uphold the reputation it gained, the last year, I am really happy that I was proven wrong. I liked the fact that on top of the standard program, there were a bunch of networking and extra activities as well. In the future, it might be interesting to see more lightning talks, giving an option for a new generation of speakers to step out of shadows and I look forward to their next event.
If you have read so far, you might want to follow me here on Hashnode. Feel free to connect with me over at LinkedIn or Mastodon.
