Happy new year everyone!

On Thursday the 13th of January we present online a series of lightning talks in English language.

We'll start with a topic which was hot in December and still may cause headaches. This is followed by an interesting large scale research and we finalize the talk section with the almost mandatory report ;-) on what's new about Juice Shop 13. Any similarity of our presentation date and the Juice Shop version is pure coincidence. ;-)

You're welcome to stick around after the talks for some networking.

Talks

1. Thomas Patzke: "Honeypotting Log4Shell Exploitation Attempts"

2. Nurullah Demir: "Our (in)Secure Web: Understanding Update
   Behavior of Websites and Its Impact on Security"

3. Björn Kimminich: Juice Shop 13: Now with Coding Challenges!"

4. Abstract: Honeypotting Log4Shell
   --------------------------------------------------
   The vulnerability CVE-2021-44228 in Log4j (also known as Log4Shell) was disclosed on 2021-12-09. It allows remote code execution with a simple exploit and the vulnerable library Log4j has a high prevalence in many applications. Almost immediately threat actors, researchers, bounty hunters and others started to scan the Internet for vulnerable hosts and some exploited them to gain access to IT environments, deploy coin miners or extend botnets.

In this talk Thomas will give an overview about Log4Pot, a honeypot developed by various members of the security community to gather data from the exploitation attempts. He will show how the raw data can be turned into insights that are valuable for defenders and how this can be used to detect vulnerable hosts. We will look on real data and see how attackers changed their exploitation attempts and techniques over time. Further, he'll also share some lessons learned while running the honeypot instances.

2. Abstract: Update Behavior of Websites
   ---------------------------------------------------------
   Software updates take an essential role in keeping IT environments secure. If service providers delay or do not install updates, it can cause unwanted security implications for their environments. This paper conducts a large-scale measurement study of the update behavior of websites and their utilized software stacks. Across 18 months, we analyze over 5.6M websites and 246 distinct client-and server-side software distributions. We found that almost all analyzed sites use outdated software. To understand the possible security implications of outdated software, we analyzed the potential vulnerabilities that affect the utilized software. We show that software components are getting older and more vulnerable because they are not updated. We find that 95 % of the analyzed websites use at least one product for which a vulnerability existed.

3. Abstract: Juice Shop 13
   ------------------------------------
   OWASP Juice Shop 13.x has some juicy new features which will be tough to squeeze into a mini-talk, but let's do it anyway! Learn about the latest additions since the last session at OWASP Hamburg Stammtisch, such as:

• Coding Challenges
• Cheat Detection
• Challenge Feedback
• Daily Project Stats

Warning: This talk will skip any basic intro part in favor more new content!

How to participate

OWASP Hamburg Meetup members who RSVP'd for the event will see the URL at the RHS and can join the video conference directly. I'll update the invite URL 1 or 2 days before. The one which matches TBD is not the final one. Just need a password too which you find here. Please make sure when joining you are muted by default to avoid background noise. You're cordially invited to stay longer for socializing, discussion and have e.g. a beer. Update: Access code is 407148.

We're using a privacy friendly BigBlueButton instance for these online presentations.

Our OWASP "Stammtisch"

Our meeting is about web applications and their (in)security and/or about IT security in general. People come together who care as a hobby or in their job about information security: developers, managers, pentesters and everybody else who's interested. The atmosphere is open and relaxed. Who's coming to sell products or services: Move on, this is not the right place. OWASP is about education and sharing (mostly) technical information.

Feel free to forward our meetup URL to your colleagues or friends. They are welcome, too. Participation is free and open -- as the O in OWASP.

Cheers, Dirk