OWASP Stammtisch Frankfurt + Security Meetup 0x4C Collective Event (Remote)

In cooperation with https://www.meetup.com/de-DE/IT-Security-Stammtisch-Frankfurt-OWASP-u-w/

Talks:

1 - Catching Transparent Phish: Understanding and Detecting MITM Phishing Kits (Prof. Nick Nikiforakis, Brian Kondracki PhD Candidate, Stony Brook University)

For over a decade, phishing toolkits have been helping attackers automate and streamline their phishing campaigns. Man-in-the-Middle (MITM) phishing toolkits are the latest evolution in this space, where toolkits act as malicious reverse proxy servers of online services, mirroring live content to users while extracting credentials and session cookies in transit. These tools further reduce the work required by attackers, automate the harvesting of 2FA-authenticated sessions, and substantially increase the believability of phishing web pages.

2 - Abusing cloud apps 101: Command and Control (Dagmawi Mulugeta, Cloud Researcher, Netskope)

Enterprises have rushed to move from outdated on-premise servers to SaaS applications in the cloud. Well, guess what? Attackers are also making the move. Why would an attacker operate their own command and control infrastructure when they can abuse something that already exists?

Abuses of apps like Slack, DropBox, GitHub, and OneDrive for command and control have even used app-specific features like channels in Slack and commits in GitHub to not only blend into normal traffic but also afford themselves the flexibility provided by the cloud application. In our research, we find that this flexibility can be leveraged even further to evade existing controls.

This talk will explore this new threat landscape, showing some real-world examples of attacks exploiting cloud services, reviewing some of the most abused cloud applications, presenting some novel tactics for command and control, and sharing behavior- based defenses for these attacks. This talk will equip you with the information required to spot these attacks in your environments and strategies to reduce the attack surface.

3 - Operationalizing _BOM with CycloneDX and Dependency-Track (Niklas Düster, Co-Lead OWASP Dependency-Track)

Driven by incidents in the recent past, software supply chain security has gained lots of attention in the industry. An essential part of supply chain security is transparency which, similarly to physical supply chains, can be achieved using Bills of Materials (BOMs). With increasingly more governments, regulators and organizations asking for SBOMs, and more OSS projects providing them alongside their releases, the question of what to do with all these documents becomes prominent. In this talk we'll explore how BOMs can be utilized to identify various kinds of risk in your supply chain with OWASP Dependency-Track.

==

This event will take place remotely.

The remote access data will be sent to all registered participants by email on the day of the meetup.

The event is open, everyone is welcome!
If you have any questions, just write in the comments: You will surely find someone to answer them.

If you want to present something yourself, e.g. if you've discovered something cool or just want to share it feel free to do so! We are looking forward to every presentation no matter how long it is.

==

Duration of the talks:
Normal: Max 1h 30, Shorty: Short talk

Further resources IT-Security-Meetup Kassel:

• Talks from the past:
  -- https://github.com/it-security-kassel-nordhessen/meetup
  -- https://www.youtube.com/watch?v=nTpTSOVXSTU&list=PLGrnDfwTFZ7nluvGOIIR1GXHCEAnuLR1o

• ---------------------------------------------------------------------------

-- Sponsor --

OWASP, Micromata GmbH