Welcome, and a brief rundown of practical matters and the rough schedule.
Cyber Warfare is a pretty vague concept. Often it is used intentionally vaguely, because it is a good way to get funding. It is a big, scary phrase. Our Cyber Warriors need umpteen millions to Cyber Defend the nation against Cyber Warfare.
But what does it mean in practice? How could you hack a country? How would I hack a country? We will discuss real-life attacks and vulnerabilities,...
Deserialization is a technique based on rebuilding instances of objects from a byte stream. It can open applications to attacks such as remote code execution (RCE) if the data to deserialize originates from an untrusted source. Deserialization vulnerabilities are so critical that they are in OWASP’s list of top 10 security risks for web applications. This is mainly caused by unwise decisions...
From it's inception in the nineties where threat modeling was an artifact-heavy beast and mostly used as a formality, the method is now a light-weight conversation and design tool used directly by the development teams.
In this session I will show you how you can lead your team to new insights about the system you're building and an understanding of the surrounding threat landscape, using...
The development of quantum computers has gain increased attention over the
last years, not least because of this year's Nobel Prize in Physics.
Quatum computers are often portrayed as a major threat against modern crypto
system and therefore also a threat against fundamental
security mechanisms that we all depend on in our modern connected world.
In this talk, we will learn how quantum...
Hur kan du bevisa att du är du? Hur kan du bevisa att du tagit en viss examen från ett visst universitet? Hur gör du detta i en digital kontext, där du inte ens träffar din motpart? Hur kan du veta att du kan lita på äktheten av ett digitalt dokument? Och hur kan du göra allt detta helt anonymt?
I denna föreläsning kommer jag berätta om ett knippe tekniker som besvarar alla ovanstående...