-
Notifications
You must be signed in to change notification settings - Fork 2
/
index.html
265 lines (236 loc) · 20.3 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width", initial-scale=1.0">
<title>Le Tour Du Hack 2024 - Coming Soon</title>
<link rel="stylesheet" href="styles.css">
</script>
</head>
<body>
<div class="container">
<h1>Le Tour Du Hack 2024</h1>
<p style="color:white;">Edinburgh's favourite student-led cyber security conference returns!</p>
<p style="color:white;">Day One is a standard conference with student and expert talks.<br/>Day Two is a CTF!</p>
<h2 style="color:white;">MAY 18TH/19TH 2024</h2>
<h2 style="color:white;">This conference has passed :)</h2>
<p style="color:white;">See you all next year! 🤞</p>
<p id="secret">TW9yZSBpbmZvcm1hdGlvbiBjb21pbmcgc29vbiEgOyk=</p>
<div id="countdown"></div>
<br>
<table>
<tr>
<th class="fit-to-text"></th>
<th>Track 1</th>
<th>Track 2</th>
<th>Track 3</th>
</tr>
<tr>
<td class="fit-to-text">09:00 - 09:30</td>
<td colspan="3" onclick="showInfo('Registration time, <br> be sure to remember your ticket!')">REGISTRATION</td>
</tr>
<tr>
<td class="fit-to-text">09:30 - 10:00</td>
<td colspan="3" onclick="showInfo('Welcome and Opening Remarks presented<br> by the ENUSEC Committee.')">OPENING REMARKS<br><span class="name"> ENUSEC Committee</span></td>
</tr>
<tr>
<td class="fit-to-text">10:00 - 10:45</td>
<td colspan="3" onclick="showInfo('Opening keynote for this year presented by our own Bill Buchanan! <br>Get ready for dark projections with references to 2001: A Space Odyssey and 1984.')">OPENING KEYNOTE - <br>AI and Cybersecurity - A Dystopian Future<br><span class="name"> Bill Buchanan</span></td>
</tr>
<tr>
<td class="fit-to-text">10:45 - 11:45</td>
<td onclick="showInfo('Why should I waste my time in explaining this talk to you since you probably already think you know what it is about...<br>Arrogance in the industry - and by extension the community - can break careers, relationships, conference talks, and so much more. Join me to find out how to spot it in others, how to spot it in yourself, and why it isn’t always necessarily a problem...')">You're so arrogant...<br> You probably think this talk is about you<br><span class="name">Scott McGready</span></td>
<td onclick="showInfo('Digital Forensics after Uni. How do things work in the real world?<br>So you studied Digital Forensics! You learned how to image devices, extract data, and preserve digital artefacts. Well done!<br>What next? How do you turn your artefacts into evidence? How do you put things into context? How do you explain things to an audience that has never studied digital forensics?<br>No textbook presentations! Basil will bring you some real-life war stories. Join a presentation about real cases, involving real people, real crimes and real prosecutions. Find out how your digital evidence will play out in court: how it can make or break a case. Learn how it is to work with lawyers; how it is to be cross-examined by prosecutors and how (and why) you need to stay calm and objective. <br>At the end of the presentation, you will participate in a mock trial. You are going to become the JURY! You will be presented with police evidence; you will hear the position of the defence; and you will have to decide: Guilty, Not Guilty, or Not Proven (because we are in Scotland after all).<br>')">Digital, Prosecutors & Jurors:<br>What could possibly go wrong?<br><span class="name">Basil Manoussos</span></td>
<td onclick="showInfo('Bluetooth is all around us, yet we rarely hear about attacks that plague these devices. Why is that? In this talk, I walk through my journey in implementing two infamous Bluetooth attacks: BIAS and BLUFFS. I also discuss the importance of replicating novel attacks in the security world.')">Bluetooth Security: <br>From papers to reality<br><span class="name"> Lisa</span></td>
</tr>
<tr>
<td class="fit-to-text">11:45 - 12:45</td>
<td onclick="showInfo('This talk will discuss the potential AI has to do good for society whilst also highlighting already known issues it is causing. The talk will also look at discussions from lawmakers around regulation and why AI will become so difficult to regulate.')">Balancing Power and peril: <br>Navigating the possible Regulation of Artificial Intelligence for a Safer Tomorrow<br><span class="name"> George Brightman</span></td>
<td onclick="showInfo('Security is not all pentest and red teams, although they would have you believe it was. There is nothing technical in this talk, it introduces and discusses skills and attributes I found I needed when I moved into a security role and really wasn’t prepared or skilled in them. It’s my view based on the five or so years I’ve delivered security projects, incident response and general awareness at Grafton Group.')">Can't Code, Won't Code <br>The non technical stuff I wasn't prepared for<br><span class="name"> Ian Davies</span></td>
<td onclick="showInfo('(30 min)<br>In the ever-evolving forecast for the future, link prediction may serve as a fundamental guide as to what lies ahead. Implementing network science and machine learning, link prediction is a process used by all of us everyday. How can we use what we have already learnt to inform our decisions, plans and actions in the future? More importantly, how can we transfer this thought process to an AI model and will it work? In this talk, we will delve into link prediction, from head to tail, and even do a bit of prediction ourselves. How will this talk influence your way of thinking? <br> -------------------------------------- <br>Undermining Security Barriers<br>Using Stealthy Backdoors<br>Unmasking Sneaky Bugs<br>Ok, you get it. It’s about USB attacks. USB usually gets overlooked as an attack surface because exploitation requires physical access.<br>No one is breaking into your workspace any time soon so you’re probably safe, right? Well there are plenty of victims who wish this was true.<br>We’ll look at the history of USB as an attack surface, existing tools and how you can start experimenting with it. ')">(30 min.)<br>Link Prediction: <br>What does the Future Hold?<br>Madeleine Langdon<br>------------------<br>(30 min.)<br>USB: Underestimated Security Blindspot<span class="name"> </span><br>Gordon Gray</td>
</tr>
</tr>
<tr>
<td class="fit-to-text">12:45 - 13:45</td>
<td colspan="3" onclick="showInfo('ltdh{hungry_4s_h3ck}')">LUNCH</td>
</tr>
</tr>
<tr>
<td class="fit-to-text">13:45 - 14:15</td>
<td colspan="3" onclick="showInfo('A panel of female students and industry professionals regarding womens’ position in tech and why it’s important to push so that even more will join it.')">Women In The Industry panel: "Why Tech?"</td>
</tr>
<tr>
<td class="fit-to-text">14:15 - 14:45</td>
<td onclick="showInfo('AVAILABLE: Careers in compliance<br>PRICE: £… oh wait, YOU get paid for this<br>WHY WOULD I WANT THIS?!: It’s more fun than you think it is! And it’s also relevant to pretty much any other career you might want to pursue within cyber security.<br>Compliance often isn’t covered at any great depth at university or on cyber security training platforms, but many students and career changers will find that it’s a natural first step into the security industry. And even if your target job (e.g., SOC analyst, pen tester) doesn’t sound like it has any relation to compliance, it does.<br>Does ‘compliance’ sound particularly sexy? No, no it doesn’t. But I promise you it’s more fun (and relevant) than you think it is.*<br>*Unless you already think it’s fun and relevant.')">Compliance Is More Fun Than You Think It Is <br><span class="name">Dr Alice McGready</span></td>
<td onclick="showInfo('We’ll be taking a light-hearted look back at some of the most amusing missteps in history - from clueless pirates to ill-conceived Cold War strategies. Yet, this journey through historical blunders isn’t purely for entertainment. Each historical hiccup provides a unique lens through which we can view and tackle the challenges of today’s tech-centric world, especially in cybersecurity. We’ll analyze how these past misadventures can shape our present strategies, helping us sidestep similar pitfalls in our digital endeavors.')">From Dodos to Downloads: A Hilarious Journey Through History's Blunders and Their Lessons<br><span class="name">Jonathan Robertson</span></td>
<td onclick="showInfo('The talk will address the ethical complexities surrounding AI-generated visuals, focusing on the significant challenges posed by deepfake technology. It will explore the widespread market for AI models, highlighting their value and extensive usage, particularly in the creation of misleading content. The accessibility of such material on social media platforms has exacerbated the dissemination of false information, leading to detrimental consequences. The talk will emphasize the difficulties in controlling this phenomenon, including the lack of automated detection tools, large data requirements, and low awareness among viewers. To combat these challenges, the talk will propose a comprehensive mitigation plan involving collaboration from users, developers, and victims. By fostering a collective effort to prioritize security and trust, the talk aims to address the urgent need for proactive measures against the proliferation of AI-generated misinformation.')">Deepfake Dilemma<br><span class="name">Lavanya Aggarwal</span></td>
<tr>
<td class="fit-to-text">14:45 - 15:30</td>
<td onclick="showInfo('This talk will be aimed at university students thinking of getting into bug bounty, whether to advance their own skills or to further their career. Students will be able to gain perspectives and wisdom from someone who manages the programs of some of the biggest companies in the industry, who is also a former university student wishing they did it sooner.<br>NCC Group’s Bug Bounty Services Practice is one of the many services offered by NCC Group, providing managed triage, and vulnerability program management services.<br>The talk will not only go into bug bounty or vulnerability disclosure programs, but why the industry uses them, and what role they play in securing the world. The talk will also go further into why students should consider doing them, not only for their own learning, but also for their career advancement (making a bit of money on the side is also nice too...), and will include advice on getting started, finding programs, writing reports, how to approach testing, knowing what to expect, as well some hard truths.')">Bugging you about Bug Bounty<span class="name"><br>Dan Walker</span></td>
<td onclick="showInfo('The automated comparison of visual content is a contemporary solution to scaling the detection of illegal media and extremist material, both for detection on individual devices and in the cloud. However, the problem is difficult, and perceptual similarity algorithms often have weaknesses and anomalous edge cases that may not be clearly documented.<br>This talk will give a quick introduction to the idea behind Perceptual Hashing, a means for modelling visual similarity, discussing strengths, weaknesses, and evaluation approaches. The content should be useful for anyone who ever has the need to identify known, similar, or edited images in any context.')">Identifying Similar Images: <br>An introduction to evaluating perceptual hashes<span class="name"><br>Dr Sean McKeown</span></td>
<td onclick="showInfo('Everyone has a supply chain that can be affected by cyber security issues including availability, confidentiality, and integrity. But do you know which companies, and countries your company is exposed to? Interactive workshop format.')">Understanding Risk Exposure in Your Cyber Security Supply Chain - Workshop<br><a href="https://stellastra.com/"><span class="name"><br>Jacob Duane</span></a>
</td>
</tr>
</tr>
<tr>
<td class="fit-to-text">15:30 - 15:45</td>
<td colspan="3" onclick="showInfo('Chill out and take another look at our sponsors’ booths!')">15 minute break</td>
</tr>
<tr>
<td class="fit-to-text">15:45 - 16:30</td>
<td onclick="showInfo('Key Topics Covered:<br>The Importance of Cybersecurity: Understanding the stakes and the key role of cybersecurity in protecting information and systems.<br>The Blue Team: An in-depth look at the roles and responsibilities of the Blue Team, focusing on how they safeguard organisations through monitoring, detection, and response strategies.<br>Adversaries & ATT&CK: Exploring common adversaries and their methods, including an overview of the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and techniques.<br>Blue[ish] Careers: A guide to career paths within the Blue Team and adjacent roles, highlighting the diverse opportunities available for aspiring cybersecurity professionals.<br>Technical & Behavioural Competencies: Discussing the essential skills needed to excel in security operations, from technical know-how like system administration and network monitoring to behavioural traits such as analytical thinking and effective communication.<br>Working with the Blue Team: Insights into the collaborative environment of security teams, how various roles interact within an organisation, and tips for successful integration.<br>Q&A Session: An open forum to discuss questions from the audience, providing deeper insights into the challenges and rewards of a cybersecurity career.')">Security Operations 101: Insights & Careers in the Blue Team<br><span class="name">Harry McLaren</span></td>
<td onclick="showInfo('This talk discusses how threat actors associated with the Chinese state engage in espionage, data harvesting, and intellectual property theft. The SideWalk (focus of this talk) malware, attributed to state sponsored group SparklingGoblin, has been used for espionage, particularly targeting Hong Kong University during the riots of 2019/20 and potentially Taiwanese organizations. SideWalk, a multi-purpose backdoor, leverages Google Docs and Cloudflare workers for communication and often targets universities and activists. The talk is mostly technical analysis of the malware itself, with an introduction of geopolitical themes and context at the beginning.')">Espionage Revealed:<br>Analysis of a Stealthy Backdoor<br><span class="name">Jordan Ropes</span></td>
<td onclick="showInfo('Harness the power of hindsight as Edinburgh Napier University’s Information Services shares the lessons learned so far from our phishing report system. Pulling back the curtain on our journey, we share the successes, failures and trade-offs. Why should you use a button? Which button should you use? How should you hook it up to your SIEM? Is your SecOPs mailbox configured properly? How customised should your response to users be? Can you get a phishing report button for shared mailboxes? How will things change with the coming Outlook overhaul? Finally, what doesn’t Microsoft want you to know about phishing submissions?')">What I wish I had known about phishing reporting<br><span class="name">Peter Kirwan</span></td>
</tr>
<tr>
<td class="fit-to-text">16:30 - 17:30</td>
<td colspan="3" onclick="showInfo('Closing keynote from Don Smith, the VP of Threat Reserach at Secureworks!')">CLOSING KEYNOTE<br><span class="name">Don Smith</span></td>
</tr>
<tr>
<td class="fit-to-text">17:30 - 17:45</td>
<td colspan="3" onclick="showInfo('Thanks and closing remarks <br>from the ENUSEC Committee')">CLOSING REMARKS<br><span class="name"> ENUSEC Committee</span></td>
<!--
</tr>
<tr>
<td class="fit-to-text">19:00 - LATE</td>
<td colspan="3" onclick="showInfo('Come along and join us at Cask Smugglers on top of Waverly Mall for our AfterParty! <br> They have an amazing menu of cocktails for you to try on the AfterParty Bar Tab!<br> Get Directions <a href=\'https://www.google.com/maps/place/Cask/@55.9529483,-3.1933726,17z/data=!3m1!4b1!4m6!3m5!1s0x4887c7c64d87ea63:0xc5d355960fe6235e!8m2!3d55.9529453!4d-3.1907977!16s%2Fg%2F11h_cr0n_r\'> Here!</a>')"> AFTERPARTY @ <span class="name">CASK SMUGGLERS</span></td>
</tr>
-->
</table>
</div>
<script src="script.js"></script>
<!-- Modal -->
<div id="info-modal" class="modal">
<div class="modal-content">
<span class="close" onclick="closeModal()">×</span>
<p id="modal-text">Additional text for the clicked cell</p>
</div>
</div>
</body>
<script>
function updateCountdown() {
const countdownElement = document.getElementById('countdown');
const eventDate = new Date('2024-05-18T09:00:00'); // Setting to 9am - unsure exact start time
const currentTime = new Date();
const timeLeft = eventDate - currentTime;
const days = Math.floor(timeLeft / (1000 * 60 * 60 * 24));
const hours = Math.floor((timeLeft % (1000 * 60 * 60 * 24)) / (1000 * 60 * 60));
const minutes = Math.floor((timeLeft % (1000 * 60 * 60)) / (1000 * 60));
const seconds = Math.floor((timeLeft % (1000 * 60)) / 1000);
countdownElement.innerHTML = `${days}d ${hours}h ${minutes}m ${seconds}s`;
if (timeLeft < 0) {
const timeAfterEvent = currentTime - eventDate;
const twoDaysInMilliseconds = 2 * 24 * 60 * 60 * 1000;
if (timeAfterEvent > twoDaysInMilliseconds) {
clearInterval(countdownTimer);
countdownElement.innerHTML = "Conference Finished";
} else {
countdownElement.innerHTML = "Event Started";
}
}
}
function showInfo(infoText) {
var modal = document.getElementById("info-modal");
var modalText = document.getElementById("modal-text");
modalText.innerHTML = infoText;
modal.style.display = "block";
}
function closeModal() {
var modal = document.getElementById("info-modal");
modal.style.display = "none";
}
const countdownTimer = setInterval(updateCountdown, 1000);
updateCountdown();
</script>
<style>
.modal {
display: none;
position: fixed;
z-index: 1;
left: 0;
top: 0;
width: 100%;
height: 100%;
overflow: auto;
background-color: rgba(0, 0, 0, 0.4);
}
.modal-content {
background-color: #121212;
margin: 15% auto;
padding: 20px;
border: 1px solid #888;
width: 50%;
text-align: center;
}
.close {
color: #aaa;
float: right;
font-size: 28px;
font-weight: bold;
cursor: pointer;
}
.close:hover, .close:focus {
color: black;
text-decoration: none;
cursor: pointer;
}
table {
border-collapse: collapse;
margin-bottom: 1em;
}
th, td {
border: 1px solid black;
text-align: center;
padding: 8px;
}
td {
color: white;
background: #293030;
}
th {
background-color: #121212;
}
.fit-to-text {
width: auto;
}
body, html {
height: 100%;
margin: 0;
font-family: Arial, sans-serif;
background-image: url('background.png'); /* Sets the background image */
background-size: cover; /* Ensures the background covers the entire viewport */
background-position: center; /* Centers the background image */
/*background-repeat: no-repeat; /* Prevents the background image from repeating */
color: white;
text-align: center;
overflow:auto;
}
/* Media query for tablets and smartphones */
/*
@media (max-width) {
body, html {
background-image: url('background-mobile.png');
}
}
*/
.container {
position: absolute;
left: 50%;
transform: translate(-50%, 0%);
}
h1 {
font-size: 2.5em;
color: #5F939A;
margin-bottom: 0px;
}
#secret {
color: rgba(0, 0, 0, 0.3);
margin-top: 0px;
}
#countdown {
margin-top: 10px;
font-size: 1.5em;
}
</style>
<!-- Wonder what this is... bHRkaHtjbVZrWDJobGNuSnBibWM9fQ== -->
</html>