Come to the information security tournament and conference
0100010000110010001000000100110000110010001000000100011000110010001000This is a glider, but you don’t see it.
This year was very rich in vulnerabilities, beautiful hacks and non-standard attack methods. In the same year, the Ministry of Defense decided to create special information security forces to protect critical facilities. At the next C ^ 2 conference, experts will talk about this and share substantive practical experience.
Here is a report from the last conference, perhaps interesting to you by Mitnik’s presentation.
After the conference, the CTF-tournament in information security begins, not the first in Russia from the Cyber Challenge line.
On September 17, we have speakers: Efim Bushmanov (who opened the Skype protocol), Artyom Vorobyov, BAYER IB Director, Fyodor Tsarikovsky from FAS, Alexey Pleshkov from Gazprombank, Vladimir Naimark from PricewaterhouseCoopers, Mikhail Flenov (who wrote “Programming in C ++ through the eyes of a hacker” and a couple of books), Ilyas Chantos, Andrey Vyshlov and May Smart from Symantec, Alexander Makar from United Europe, Ivan Ivanov from the control of VTB DB VTB24, as well as our specialist Evgeny Druzhinin.
In a programme:
- Advanced targeted cyberattacks;
- Security of data centers, virtual platforms and "clouds";
- Situational Information Security Management Centers (SOC);
- Mobile Security
- Business Application Security
September 17 (Wednesday), beginning at 14:00. Participation is free for the heads of IT departments and information security departments. More details here .
One of the employees of a large company forgot a laptop in a taxi. At least they told you so. With it, you need to access the information systems of a large corporation. You will have only four hours to crack the defense.
The principle is as usual in C ^ 2. A virtual simulator of a large company’s network, flags and a training system (tips that remove points) that help those who are confused. With us - a laptop with Kali or a set of utilities to taste, we give the network and VPN to the simulator.
Inside is a flag system. Each flag represents one of the tasks of network defense-attack, and is used to train information security experts around the world. A set of flags emulates real vulnerabilities and user behavior on the network, as well as, sometimes, administrator response. For CTF-players, this is traditionally a good and very useful game (below links to reviews), and for the rest - training. The fact is that flags have 3 tips each - from a hint to, in fact, direct instructions on what to do. And it helps to learn - not from the basics, but from the level of an ordinary system administrator in a small business for sure. Of course, a flag with a hint brings much less points than a "clean" taken.
A separate quest - getting access. We know about the history of how one of the participants in the tournament became a guest of Mitnik, taking away badges from journalists, and we know how one of the participants tried to break the infrastructure in order to fix his score in the results table. The latter, alas, is prohibited by the rules, but we treat the first case with understanding if you act in ethical ways.
The main prize is a trip to London to the Vision conference and the iMAC all-in-one. Second and third place - MacBook Air.
- Registration - c2.cnews.ru/auth/offline
- Report from the past online
- Reports from the last tournament
- Natural Consequence - Our Winner Tears Nice in EMEA Tournament
This year, there were 235 participants online who went beyond the first obstacles. Over the 5 days of the hack tournament, 10923 flags were taken by common efforts, and the total playing time was 6357 man-hours. Last year, there were 3,070 man-hours.
The distribution of flags in the corporate network simulator.
The winners of this year’s online tour and two winners of last year participate in the tournament (according to the conditions, they cannot receive prizes, but decided to play for the sake of sports interest).
Wednesday September 17th, starts at 5:00 p.m. All who are registered are allowed to participate, more details here .