Kerala police Cyberdome Summit Kozhikode 2021.
Wattlecorp is associating with Kerala Police Cyberdome on Cyberdome Summit 2021 Kozhikode
This will be a complete virtual online summit hosting many leading security wizards presenting the latest technological niches and unexplored domains in the Cybersecurity industry
Secure your seats asap
Register for Free
Event Speakers :
A Manager, Security Operations (PH) at Bugcrowd Inc., and one of the goons of ROOTCON. He has been acknowledged and rewarded by Facebook, Adobe, Yahoo, Microsoft, Mozilla, etc. for his responsible disclosures. He has also contributed auxiliary and exploit modules to the Metasploit Framework. He has presented at ROOTCON, HITCON, PEHCON, DEFCON’s Packet Hacking Village, DragonCon, Bsides Myanmar, Nullcon and TCON. He used to work for HP Fortify where he performed Vulnerability Assessment, Remediation and Advance Testing. His main interest or research right now is about car hacking and is currently one of the main organizers of the Car Hacking Village of ROOTCON / Philippines which is recognized and supported by the Car Hacking Village community.
Automating & Tooling Your Own CAN Hacking Tool On a Cheap Car Hacking Adventure
In this talk, we don’t need roads. Seat tight and no need to fasten your seatbelts because this will be a quick, cheap, practical and dirty approach in car hacking specifically CAN Bus hacking. Using one component of your car you could just acquire from a junkyard or by any means necessary to start Car Hacking by yourself from fuzzing a simulator to actual hardware with open source tools and hardware. We will also talk about building your own lost-cost CAN fuzzer and Metasploit module creation geared towards the hwbridge.
Adarsh Nair is Head of Information Security at UST Global & voluntarily served in the Kerala Police Cyberdome as Deputy Commander (Honorary Position). He is an expertise in Information Security Auditing and Management, Business Continuity, Data Privacy, Risk Management, Ethical Hacking, Penetration Testing, Digital Forensic Investigation, and a wide range of vulnerabilities & threats identification and mitigation. He was awarded for outstanding contribution in the field of cybersecurity, the top-contributor recognition from Kerala State Police Chief, and Hall of Fame from Google. He was a Co-Leader of the Open Web Application Security Project (OWASP) and an advisory board member of EC-Council, USA. CISSP | OSCP | LPT | ISO LA | CEng (India) | MIE | Information Security Leader | Author | Technical Speaker
Social Engineering: The Art of Human Hacking
“Social Engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information.” In other words, tricking the human mind to steal confidential information. A famous quote says, ‘A chain is only as strong as its weakest link’. The weakest link in any security system is the ‘human being’.
Recent trends show that most of the cyber-attacks begin with social engineering tactics. Phishing is one of the popular types of Social Engineering attacks. The valuable and sensitive information are captured via social engineering attacks and by using that information, the cyber criminals destroy the larger cyber ecosystem. Nowadays, financial frauds are using the social engineering methods to steal bank related confidential information. The rate of these types of crimes also increased in recent years. There are a number of tools and techniques available to assist the social engineering attacks and it has become very easy for anyone to perform a social engineering attack.
As these methods use human mind exploitation, the technical controls to prevent those attacks are not much effective. However, there are various prevention mechanisms available in the cyber world. The banks are providing various options to protect their customers against money loss by financial frauds. A combination of technical controls and best practices would help to prevent the social engineering attacks to a great extent.
Vipin George, a Cyber Forensicator, worked at Kerala Police Academy as a Cyber Forensic Consultant, after a brief stint as a Lecturer of Cyber Forensics & InfoSec at MG University. He has more than a decade’s experience in Systems Engineering and Computer networks and holds M.Tech in Cyber Forensics and InfoSec. He was a Team Leader of Indian Space Research Organization (ISRO) Network Intrusion Detection System project at Smart India Hackathon Finals 2017. He is into HF and FM radio DXing and has won prizes from international broadcasters. His Indian Ham radio call sign is VU3YVG and FCC issued US amateur radio call sign is KC9VED. He actively volunteers his time as a Core team member of Mozilla Kerala community. He has good experience in dealing with training and practice of Law Enforcement units, Judicial and Police officers on Digital Forensics, Cybercrime analysis, Information Security, Malware Forensic procedures. His areas of interest include Network Security, Low level data recovery, IoT, Software Defined Radio, Amateur Radio etc.
Workshop on Cyber Forensics
This a newbie friendly hands-on workshop on how to conduct a digital forensics investigation. Learn how to do a forensically sound disk acquisition and analysis using Open-Source tools. Important Concepts and Fundamental principles in Forensics and how to apply then in practice which includes details about Digital Forensic toolkit, Storage/Disk Forensics, Phases of Digital Forensics, Ensuring Forensic soundness, Write-blockers, Types of Hard disks, Acquiring Disk Image, Validating the Image, Examining and Analysing Disk Images Generating report
Intended audience: Anyone with an interest in digital forensics, network engineers or system administrators looking to improve their security knowledge, and people involved with cyber security work. Any network/security professional who is concerned about being breached by a cyber threat.
Ashiq Kadar is a Senior PT technical lead working for IBM ISL PTC Application security and having 8 plus years of experience in the cyber security domain. He is an excellent Cyber security enthusiast in a consequent quest for knowledge on different aspects and areas of security. In addition, he is an author in Pentestmag, and securityintellengence.com. He patents idea on MPLS security on fata in transit is been published on ip.com
Modern Infrastructure components
Continuous Build & Deployment tools, Message brokers, Configuration Management systems, Resource Management systems and Distributed file systems are some of the most common systems deployed in modern cloud infrastructures thanks to the increase in the distributed nature of software. Modern day pentesting is no more limited to remote command execution from an exposed web application. In present day scenario, all these applications open up multiple doors into a company’s infrastructure. One must be able to effectively find and compromise these systems for a better foothold on the infrastructure which is evident through the recent attacks on the application stack through platforms like Shodan paving way for a full compromise on corporate infrastructures.
Phillip Wylie is an offensive cybersecurity instructor and practitioner with over two decades of information technology and cybersecurity experience. During his 9 year offensive cybersecurity career, he was worked as a pentester, web app pentester, and red team operator. When Phillip is not hacking, he is educating others. Phillip is the founder of The Pwn School Project, an education-focused cybersecurity organization. He co-authored the book, “The Pentester Blueprint: Starting a Career as an Ethical Hacker” based on his popular talk presented at numerous industry events. He is an Innocent Lives Foundation Ambassador and a ‘Hacking is NOT a Crime’ Advocate. Phillip’s uncommon journey into the field of cybersecurity is preceded by his colorful past as a pro wrestler, where he once wrestled a bear.
Inside The Mind of a Threat Actor: Beyond Pentesting
Red team is a commonly misunderstood offensive security discipline. Red team has been used as a general term for all areas of offensive security just as blue team for defensive security. True red teaming goes Beyond Pentesting and into more adversarial emulation. While there are overlapping skills, there are differences that will be discussed as Phillip shares his experience of going from a pentester to a red teamer. In this talk, you will learn about the different areas that make up red team operations, common tools, and the path to becoming a red teamer. In this presentation, you will learn about resources helpful for a path into red teaming.
Anjana is an excellent Security enthusiast, currently working as Security Research team lead at CloudSek. She has over 3 years of experience in the information security domain and sounds good in pentesting web and mobile apps as well as source code review. She is an active member of various security communities including Garage4Hackers, Defcon Trivandrum, YAS etc.
Cyber Security Trends 2021
Home is Where the Attacks Will Happen in 2021!
The COVID 19 pandemic has taken an unprecedented turn on the way how the world operates in general. Numerous businesses has adopted WFH /remote scenario and is expected to continue. Cybercrime has gone up significantly during this WFH scenario. Security professionals are working relentlessly to secure this new attack surface.
In this talk we aim to identify the new trends in Cyber space due to the vast adaption of remote working environments. Also we would identify and have a detailed discussion on the top 5 new cyber security trends such as the cloud Infrastructure security, IOT threats, zero threat security mode etc.
We will conclude the talk discussing various best practices to safeguard one self and the companies from the new COVID age cybercrimes.
Other Profiles will be updated soon.