The next edition of the hack.lu conference is coming soon! In approximatively one month, many infosec professionals will join Luxembourg to attend this event and I’ll also be there! I’m attending Hack.lu since 2008 and it remains one of my preferred event. What can we expect from the 2015 edition? Here is a quick overview of all the scheduled activities.
The event starts always with an half-day dedicated to workshops. There is a big difference between listening (passively) to speakers and performing hands-on exercises (being active). IMHO, that’s the best way to learn. Some very interesting workshops have been scheduled, covering multiple domains (offensive as well as defensive):
- BTA (an open-source Active Directory security audit framework)
- Radare2 (a reverse-engineering workshop)
- Malcom (Malware Communications Analyzer)
- Analysis of malicious MS Office documents by Didier Stevens
- Dr. Honeypots or “How I learned to stop worrying and love my enemies“.
- TrustZone on the USB armory by Andrea Barisani & Daniele Bianco).
- “Hack, brute, root, crash… and start again” by Guillaume Prigent & Adrien Barchapt (focus: SCADA networks)
And what the talk? Here is my selection… Marie Moe will come with her keynote about medical devices being vulnerable. Ange Albertini, the file-format guru will talk about one of his favourite topic. Don’t trust his files! 😉 Axelle Aprville will explain how she reverse-engineered the Fitbit Flex tracker and what she discovered. KVM (“Keyboard-Video-Mouse“) systems are classic interface to manage server in datacenters. What if they are renamed in “Keylogger-Video-Mouse“? This will be explained by Yaniv Balmas & Lior Oppenheim. Damien Cauquil will speak about smartlocks: Are they really so smart? Maxime Clementz & Simon Petitjean will discuss about the security of virtual desktop environments. Other topics that will be covered:
- Secure Messaging protocols
- Kernel debugging
- Electronic voting systems
- Malware analysis
- Mobile devices
Of course, a big CTF is organized by FluxFingers. This year, a calm room will be available for the CTF players. For those who want to get some feeling about the previous editions, I wrote wrap-up’s for all of them. It’s here. Interested? The conference is spread over three days (20-21-22 October) in Luxembourg. It’s still possible to register, more details on the website.