This invitation is open to all in the information security community; however, the content of CONverse talks is purely technical, aimed at individuals with a deep technical understanding and an interest in cybersecurity.
We will have three 30 minute presentations from our Research and Response departments:
Finding and exploiting bugs in Samsung Galaxy phones
Tom Court, Senior Researcher at Context discusses a recent active vulnerability project within the team: Remote, SMS-triggered vulnerabilities within Android mobile devices.
The GSM specification for SMS is both old and complicated, two words that vulnerability researchers love to hear. Despite the fortress-like nature of modern mobile devices, they still need to support aging technologies like this. Tom will describe some of the vulnerabilities discovered, how they were disclosed to the vendors and how if left unpatched, these bugs could have been put to use by cyber criminals to generate profit.
Demystifying the artof mobile and cyber forensics, Adam Bridge
Adam Bridge, Head of Forensics at Context, will discuss a few real-life examples of carrying out digital forensics and incident response where oversight, policy or technology got in the way in ways the client hadn’t considered. These examples show how easy it can be to be in a position where the data you need and expected to have simply isn’t available. Maybe the logs rolled over quicker than expected, maybe a malicious user was able to install their own software, or maybe the technology was so secure it wouldn’t let you get at the data. The talk discusses how Context can help, how sometimes nobody can help, and maybe how we can all prevent it from happening in the first place. The short answer: plan it properly, test it thoroughly.
Hacking Home Routers, Jan Mitchell
Jan Mitchell, Senior Researcher at Context also provides insight into another of our recent vulnerability projects within the team.
High speed internet is ubiquitous. Some 24 million UK homes now benefit from broadband access and this number is steadily growing. In most cases access to this resource depends on using ISP provided routers which serve as a gateway to the internet but also provide a home network (LAN). How secure is the equipment we trust to provide a link between our personal devices and the internet? Jan will describe our research into one of the most popular OEM routers in the UK, including methodology of finding vulnerabilities on a home router in addition to providing details of a real-world attack scenario which we recently disclosed.
CONverse was initiated as a result of the success from the internal event that we host annually for our technical team. We have held a number of CONverse events in our London office and thought it was about time we opened this up to our contacts based in Cheltenham and the surrounding areas.
We look forward to seeing you there!