Short news: Hack.lu 2015 conference

The 11th edition of the HACK.LU conference was held from 20 to 22 October 2015 at Luxembourg.

Nearly 460 people from 40 countries gathered together in Luxembourg to attend the eleventh edition of the HACK.LU conference organized among other by the Cert Luxembourg CIRCL.

For the first time, a 'MISP submit' conference was organized on the eve of the HACK.LU conference. It was an opportunity to bring together developers, contributors, users or future users of the MISP (Malware Information Sharing Platform & Threat Sharing) platform. Many topics were discussed as the governance of MSIP, the roadmap product, and a demonstration of the next version 2.4. This was also the opportunity to have a presentation of the available CIRCL’s MISP platform, and also a presentation of the legal framework related to the use of the platform and the data.

'MISP Submit' presentations are available on this link.

The HACK.LU conference was very rich with many presentations about “Internet of things”. Here are some summaries of presentations from the thirty's conferences proposed:

• A presentation by an Israeli team from Check Point Software, about the exploitation of vulnerabilities on video/keyboard KVM switches. They explained their work and demonstrated how changing a KVM firmware (physical access during few seconds is required for the installation), the KVM is converted into a vector of infection. Thus the KVM is used to install a malware on isolated computer,
• A presentation by Mary Moe (who was responsible for the Norwegian Cert) to alert the population, and also medical equipment manufacturers on security issues which begins to appear more and more. During her first inspection visit of her pacemaker to the doctor, a problem was detected. Finally the problem was not on her pacemaker, but on the control device that runs on Windows XP,
• A presentation by Eduardo Novella who presented how he found the algorithm that generate default WPA2 key on WIFI routers, using reverse engineering on the router firmware,
• A presentation and demonstration of Stegosploit by Saumil Shah, or how to hide an exploit in a JPG picture,
• A presentation by Axel Apvrille from Fortinet, about the reuse of a Bluetooth fitbit flex tracker to automatically lock laptop when away,
• A presentation by Mahsa Alimardani about different existing types of control on Internet and mobile applications in Iran.

All presentations are available on this link.

In parallel with presentations, workshops were also organised on different topics like Scada exploits, the reverse engineering tool Radare2, or on the analysis of malicious Office files.

Also note the CTF (Capture The Flag) organized by FluxFingers where 300 international teams have registered to resolve various challenges in 48 hours (Crypto, Web games, perl code,...).