willkommen in 2022. Wir starten das Jahr am Hamburger OWASP-Stammtisch mit
einer Reihe Kurzvorträgen — online und in Englisch.
Wie immer: Jeder ist willkommen. Kein Account oder ähnliches ist nötig. Leitet diese Mail gerne an Interessierte weiter.
We'll start with a topic which was hot in December and still may cause headaches. This is followed by large scale research and we finalize the talk section with the almost mandatory report ;-) on what's new about Juice Shop 13. Any similarity of our presentation date and the Juice Shop version is pure coincidence. ;-)
You're welcome to stay a bit longer after the talks for some networking.
1) Thomas Patzke: "Honeypotting Log4Shell Exploitation Attempts"
2) Nurullah Demir: "Our (in)Secure Web: Understanding Update Behavior of Websites and Its Impact on Security"
3) Björn Kimminich: Juice Shop 13: Now with Coding Challenges!“
1) Abstract: Honeypotting Log4Shell
The vulnerability CVE-2021-44228 in Log4j (also known as Log4Shell) was disclosed on 2021-12-09. It allows remote code execution with a simple exploit and the vulnerable library Log4j has a high prevalence in many applications. Almost immediately threat actors, researchers, bounty hunters and others started to scan the Internet for vulnerable hosts and some exploited them to gain access to IT environments, deploy coin miners or extend botnets.
In this talk Thomas will give an overview about Log4Pot, a honeypot developed by various members of the security community to gather data from the exploitation attempts. He will show how the raw data can be turned into insights that are valuable for defenders and how this can be used to detect vulnerable hosts. We will look on real data and see how attackers changed their exploitation attempts and techniques over time. Further, he'll also share some lessons learned while running the honeypot instances.
2) Abstract: Update Behavior of Websites
Software updates take an essential role in keeping IT environments secure. If service providers delay or do not install updates, it can cause unwanted security implications for their environments. This paper conducts a large-scale measurement study of the update behavior of websites and their utilized software stacks. Across 18 months, we analyze over 5.6M websites and 246 distinct client-and server-side software distributions. We found that almost all analyzed sites use outdated software. To understand the possible security implications of outdated software, we analyzed the potential vulnerabilities that affect the utilized software. We show that software components are getting older and more vulnerable because they are not updated. We find that 95 % of the analyzed websites use at least one product for which a vulnerability existed.
3) Abstract: Juice Shop 13
OWASP Juice Shop 13.x has some juicy new features which will be tough to squeeze into a mini-talk, but let's do it anyway! Learn about the latest additions since the last session at OWASP Hamburg Stammtisch, such as:
- Coding Challenges
- Cheat Detection
- Challenge Feedback
- Daily Project Stats
Warning: This talk will skip any basic intro part in favor more new content!
How to participate
For folks who don’t have a Meetup account and plan to participate, just send me (and only me ;-) ) an e-mail. I’ll send the video conference URL 1-2 days personally to you before the event. We’re using a privacy friendly BigBlueButton instance.
OWASP Hamburg Meetup members who RSVP'd for the event (https://www.meetup.com/de-DE/OWASP-Hamburg-Stammtisch/events/282692845/
) will see the URL at the RHS and can join the video conference directly. I'll update the invite URL there 1 or 2 days before. The one which matches TBD is not the final one. Just need a password too which you find here. Please make sure when joining you are muted by default to avoid background noise. You're cordially invited to stay longer for socializing, discussion and have e.g. a beer.
Our OWASP "Stammtisch"
Our meeting is about web applications and their (in)security and/or about IT security in general. People come together who care as a hobby or in their job about information security: developers, managers, pentesters and everybody else who's interested. The atmosphere is open and relaxed. Who's coming to sell products or services: Move on, this is not the right place. OWASP is about education and sharing (mostly) technical information.
Feel free to forward our meetup URL to your colleagues or friends. They are welcome, too. Participation is free and open -- as the O in OWASP.
PS: Twitter URL to RT: https://twitter.com/OWASP_de/status/1478439223145418761
Send me encrypted mails (Key ID 0x4D9CA7F2E2FA20B3)