Talks on Untrusted Network

Presentations from 67th TF-CSIRT meeting - Threat modeling with ATT&CK and How quickly do we patch?

Jan Kopriva — Sat, 01 Oct 2022 10:40:00 +0100

67th meeting of the TF-CSIRT community took place this week and I’ve had a chance to contribute to it with two presentations - one discussing the speed with which we apply patches (from a global standpoint), and another one, in which we looked at a basic approach to threat modeling using MITRE ATT&CK. If you would like to take a look at the slides, you may find them here - even if you didn’t have a chance to attend the event, I believe they might be useful.

Log4shell Lightning talk - 2022 TF-CSIRT Meeting & FIRST Regional Symposium Europe

Jan Kopriva — Mon, 14 Mar 2022 09:00:00 +0100

Few weeks ago, I attended the 2022 TF-CSIRT Meeting & FIRST Regional Symposium Europe and gave a lighting talk there discussing couple of interesting trends seen in Log4shell exploitation attempts and the possibility to create a simple generic defense agains similar attacks in the future. Recordings of all the talks are now available on YouTube and you may find my lightning talk in the video under this paragraph or on this link. Lightning talks were supposed to be only 5 minutes long and I went significantly over the allocated time, but I hope that most attendees didn’t mind it too much…

Interview - ECSC 2021

Jan Kopriva — Thu, 30 Sep 2021 21:10:00 +0200

Prague is currently hosting this year’s European Cyber Security Challenge - an international security competition for teams of young talents from different European countries. Since I am the author of one of the practical challenges that make up the competition and ALEF is one of its sponsors, I was asked for a short interview by the competition’s organizers in the run up to the Challenge itself. The resulting video was published on Youtube today. I think it looks fairly good, but you can judge the result for yourself…

Presentation from TF-CSIRT meeting - How TLS 1.3 adoption (and disposal of SSL) is going

Jan Kopriva — Tue, 14 Sep 2021 19:00:00 +0200

64th meeting of the TF-CSIRT community took place today. I’ve had the pleasure to contribute to it with a short presentation about the current state of adoption of TLS 1.3 and continued use of SSL protocols. Although I usually don’t mention presentations I’ve prepared for TF-CSIRT meetings here, I’ve decided to make an exception for this one, since I believe that it might be worth looking at even without the accompanying commentary. If you’d like to take a look at it, you may find it (along with several other presentations) on this link.

SANS@MIC - Catch and Release: Phishing Techniques for the Good Guys

Jan Kopriva — Thu, 18 Jun 2020 19:10:00 +0200

I did a SANS@MIC talk yesterday, in which I discussed interesting phishing techniques (mainly) from the point of view of red teamers. Since the recording was published today, if you didn’t get the chance to join us live, you may take a look at how it went on YouTube.

CrisisCon - Breaking Windows

Jan Kopriva — Sat, 28 Mar 2020 09:15:00 +0100

Videos of all presentations from last weeks CrisisCon are now accessible on Youtube. Among them is my own talk on known unpatched vulnerabilities and weaknesses in Windows.

If you couldn’t make it to the online conference, I recommend you at least go through some of the recordings as couple of the talks were quite interesting.