BSides Tallinn 2021

October 7

BSides

BSides Tallinn

BSides is a community-driven non-profit security event on October 7 2021 organised by volunteers. We invite the infosec community to come together in Tallinn at a friendly event enjoyed by all. The content will be intelligent, and the conversations will be memorable.

Participants : Coming from Tallinn or abroad? Get your hands on tickets in our store. Community tickets became available on September 1st and even some rare supporter tickets may be in stock.

Follow us on Twitter, join our Slack community or sign up at Facebook event not to miss it.

Sponsors : Sponsors are an important part of the community. We need your help to make BSides Tallinn happen. Read our sponsor's prospect to learn more about how you could get involved. Let's get in touch via sponsors@bsides.ee!

Volunteers : BSides is a volunteer-run event. We currently have a team of volunteers, but if you want to contribute, leave your information at info@bsides.ee.

Code of Conduct

  • Be open to new ideas and sharing
  • Have fun
  • Avoid having “fun” at the expense of others (spamming, trolling, harassing, the list goes on)
  • Respect the privacy of others
  • Protect everyones data
  • Avoid conflicts of interest
  • Don't be an asshole
  • Be generally a nice person

In the end the organizers will define what is “being an asshole”. If you experience someone breaking the code of conduct, report it to the organizers, volunteers or info@bsides.ee.

Event Schedule

October 7th, 2021

Please note that there can be last minute changes to the schedule.

Registration @ Kai Art Centre

1.Show your COVID-pass. 2. Show ID (ticket) & get a T-shirt. 3. Get caffeinated!

BSides Tllinn

Opening remarks BSides Tallinn organizers

We will introduce the wonderful day ahead.

It was a dark day in October in Finland when psychotherapy clinic Vastaamo’s data breach became public. For the first time in history, a ransomer had turned his attention from blackmailing a company to private individuals, with a threat of publishing their sensitive information online unless a ransom was paid.

Laura Kankaala is an ethical hacker and Security Consultant at F-Secure and is widely recognised as an authority in the ethical hacker community with a deep knowledge across the security landscape. She was one of the people aiding victims of Vastaamo case together with her fellow security professionals at KyberVPK. Laura’s mission in life is to build trust in technology through security and make the internet a better place for all of us.

This talk will cover the basic knowledge needed to start researching vulnerabilities in Windows drivers and author will also make publicly available a new tool that can easily be used for such ends.

Jaanus Kääp has worked in Clarified Security as a penetration tester and security researcher for the last 10 years. He has been in MSRC top security researchers list in 2015-2020; has published over 100 CVE-s, mostly by Microsoft and Adobe; found web vulnerabilities from Facebook, Google, Apple, Adobe, Spotify, etc. Kääp holds a Masters degree in Cybersecurity.

Lunch

Chicken, pork, vegetables, salad, buns, dessert, non-alcholic drinks, nirvana...

Alexandru Ciobanu
Andres Elliku

Alexandru Ciobanu, Andres Elliku

In the midst of battling red teamers and attackers, the blue team at Wise has been busy building out our endpoint monitoring. Now we want to tell you about all the wins, screw-ups, revelations and tips we’ve learned along the way.

Andres Elliku Andres is a member of the Security Operations team in Wise, where he is responsible for incident response, tooling development, threat hunting, and helping other teams in implementing best practices. His focus areas are Windows endpoint hardening, detection, and response.

Previously while working at CERT-EE, Andres was responsible for CERT-EE’s infrastructure, toolkit development, and threat hunting. His daily tasks included handling of advanced malware analysis, supporting institutions and internet service providers, and providing IOCs for ongoing threats. Andres was also running CERT-EE’s malware analysis sandbox and various other toolsets. Before joining the CERT-EE team, he worked in the public sector as a systems engineer and security advisor.

He is also an active member of the Estonian Defence League Cyber Defence Unit since 2015 and has represented Estonia in Cyber Coalition and other defensive exercises as a Blue Team member. Andres is also part of the largest live fire exercise’s Locked Shields Red Team since 2018 and has been a Client-Side subteam tech leader for the past years.

Andres has also given talks and trainings on incident response and threat hunting topics both in his home country and abroad.

Andres has a MSc in Cyber Security from Tallinn Technical University and Tartu University and an applied higher education from IT system administration from Estonian Information Technology College.

Alexandru Ciobanu is a security engineer in Wise Security Operation Center. He specialized in security and monitoring of UNIX-like systems, creating automation pipelines, threat detection and incident response.

He previously worked in CERT-EU on automating detection, defence, malware analysis, and information gathering for European Institutions.

Before joining CERT-EU he worked as a software engineer, focusing on backend development to create business logic for software applications and information systems.

He enjoys implementing botnets for cyber defence exercises and following the sermons of Pastor Manul Laphroig and his merry band of reverse engineers.

For more than 18 years, the Estonian electronic identity card (ID card) has provided a secure electronic identity for Estonian residents. In this talk we will look into some of the security challenges the Estonian ID card has experienced over the years.

Arnis Paršovs is a researcher at the University of Tartu who leads the Applied Cyber Security research group (https://acs.cs.ut.ee/). He has been successful in discovering various security issues in the Estonian eID infrastructure and will give an overview of some of them in his talk.

Coffee Break

Chicken sandwich, vegetable wrap, cinnamon bun, coffee & tea, you're good to go!

This talk will look at what happened when I made a responsible disclosure to a UK NHS tech org in March 2021. I will look at recent reports of cyber-law gone wrong from the UK/US/DE. I will talk about the need for cyber security researchers to be protected in law.

Rob Dyke is a long time open source hacker. A decade of his career was in NHSland where he co-founded open eObs and made NHoS / NHSbuntu - an OS for the NHS. These days Rob researches the security and privacy of apps listed in the NHS Apps Library.

This talk features a story from the trenches during an incident of Egregor infection, presenting the TTPs and problems faced during the analysis. The key takeaways are to provide recommendations for ransomware prevention and recovery, analysis insights and caveats during incident response, to better understand the threat and create effective response plans.

Nikos Mantas is an Incident Response Expert with experience in digital forensics, threat hunting and enterprise incident recovery. His research areas focus on APT groups and cybercrime threat intelligence. His mission is to inspire the new generation of undergraduate students to pursue a career in cyber security, serving as a peer-mentor in the team.

BSides Tallinn

Closing remarks BSides Tallinn organizers

How did it go? What will happen now?

After Party @ Põhjala Tap Room

Find yourselves at Peetri 5, Tallinn 10415, please.

Brenden Legros

Surprise 1 Põhjala Tap Room

Brenden Legros

Surprise 2 Põhjala Tap Room

Call for Speakers/Papers

Our call for speakers is closed. 6 talks were selected from a variety of submissions by the review board: Tiit Hallas, Aigar Käis, Merike Käo, Sille Laks, Rasmus Männa, Jaan Priisalu, Jesse Wojtkowiak.

Sponsors

Thanks to our sponsors for supporting BSides Tallinn:
CGI Estonia
Wise
Clarified Security
Clarified Security
Clarified Security
Web hosting supported by: Zone

Anti-COVID policy

We'd really like to have an in person event, but we won't risk the health of any participant. Therefore our current policy is to allow only the following persons:

  • Fully vaccinated persons
  • Persons recovered from COVID
  • Persons with a recent negative test result

To check if a person meets one of these criteria, they must present a EU Digital COVID Certificate that will be checked at the door.

By purchasing a ticket to BSides, you must comply with this policy.

Please note that we may be forced to change this policy over time due to government health regulations or other factors. Check back regularly before the event on this page for updates.

Venue

BSides Tallinn 2021 will be held at Kai Art Center at the Noblessner area of Tallinn for the day-program and at Põhjala Tap Room for the afterparty.

Kai Art Center is a gallery and a venue for conferences and events. It is easily reachable by car, bus, bike and boat! It is located at Peetri 12, Tallinn 10415.

Põhjala Tap Room is a 4-minute walk (300 meters) from Kai Art Center. It is located at Peetri 5, 10415 Tallinn. Only BSides Tallinn ticket-holders will be admitted to the afterparty at Põhjala Tap Room.

Accommodation

Are you visiting Tallinn for BSides? Looking for a place to stay?

Use discount code WELCOME to get -25% from the list prices at Hestia Hotel Ilmarine.

The hotel is located at Põhja pst 21b, 10414 Tallinn, a brisk 20-minute walk from the BSides venue.

Book a room at the hotel Ilmarine website website with the discount code.

Hestia Hotel Ilmarine

Contact

BSides Tallinn is organized by a group of volunteers. You can ping Aigar Käis, Hans Lõugas, Liisa Tallinn or Silvia Väli on Twitter or the event Slack.