It is from September 24 to 26 and, due to the coronavirus, it is online. How to register and which conferences to watch closely.
Ekoparty, the annual meeting of hackers and computer security that takes place in Buenos Aires, migrated its modality to be purely online this 2020. Due to the coronavirus, conferences can be followed from home: streaming channels with live talks, hacktivities and workshops such as Ekokids for the little ones and Ekodating, as well as live interviews.
Workshops, Red / Blue Team spaces, Bug Bounty, Mobile Hacking, Lockpicking, DevSecOps, Social Engineering and more make up the event’s agenda, which for more than 15 years exposes the latest findings in offensive security, complemented with the best practices of defensive security.
In its previous edition, Ekoparty had more than 3000 registered attendees, more than 500 job interviews at Ekodating, 11 Trainings with 250 participants and 19 international guests.
Also, there will be a space for people interested in Bug Bounty, where they will learn the basics to be able to dedicate themselves to hunting vulnerabilities in exchange for rewards. Avoiding Jail will be another of the activities of this edition, whose objective will be to build a standard model contract to combat the informality of hacking services, and to spread the legal limits for these activities.
Here, a list of the most outstanding talks
The Crazy Idea I had to Klingonize an iPhone, which is nothing more than leaving a Klingon command system on an iPhone terminal once it has been controlled. I mean, like post-explode an iPhone using the Klingon language to make it do what I want.
The DNI is the main identity document of Argentine citizens. The government implemented a digital version, which is based on a mobile application and a simple code to be activated. We analyze this solution, and we show why it’s a bad ideaIn fact, we show that he can impersonate all citizens.
* The sepaker at Ekoparty 2019 presented vulnerabilities in the SUBE card system and his presentation was chosen by the conference attendees as the best talk.
Bug Bounty (hunting for vulnerabilities in exchange for rewards) has been a long-standing fever and has become a necessity to keep organizations safe by crowdsourcing their security … but where do you start and how to protect yourself ? This talk covers the history of the Bug Bounty, the current legal landscape, and how to get started.
While there are many ways to exploit Macs, malicious documents targeting Apple users are gaining popularity. After analyzing attacks in the wild, we will analyze a chain of document-based exploits capable of escaping the sandbox and persistently infecting macOS. What’s next … maybe the first true “virus” targeting macOS; OSX.EvilQuest. To end the talk, we’ll move on to the defense and look at recent Apple frameworks that can be leveraged for signature-based and behavior-based detection of exploits and malware. The goal: generic protection against current and future attacks, to ensure that our Macs remain safe!
This talk explains why stalkerware is an emerging threat to businesses and how it can lead to a breach. We will learn how to search for stalkerware using OSINT techniques and some quick tips on how to reverse engineer Android APKs.
The Ethereum blockchain is growing more and more, with many developers joining the new wave of decentralized applications based on smart contracts, which secure millions of dollars in crypto assets. However, the more the ecosystem grows, the more complex it becomes, and we begin to see vulnerabilities that are exploited by attackers. In this talk I do a step by step explanation of 3 real exploits that were used (or could have been used) to steal millions of dollars of contracts in production. To understand how to analyze an exploit and start breaking contracts.
This is an in-depth analysis aimed at a complete understanding of four families of advanced banking Trojans of Brazilian origin, as they expand abroad, targeting users around the world.
Cybersecurity issues negatively impact stock prices, but to what extent? This talk will describe how incidents affect the market and which sectors and companies are the most affected.