-
-
NUUG
-
Recorded by NUUG for FSCONS.
-
-
NUUG
-
Since 2012, the Open Observatory of Network Interference (OONI) project has been invesnsorship around the world. OONI's network measurement software has shed light on many scary, yet interein how information controls are being deployed. From Deep Packet Inspection (DPI) technology being used to block media websites during heavy political protests, to country-wide internet blackouts during elections and other events.
This talk will highlight some of the most striking internet censorship
events that have been detected by OONI over the last years, and will
include a discussion of their relation and relevance to social and
political events. This talk will also explain how you can take action to
uncover evidence of internet censorship in your country and beyond.
Recorded by NUUG for FSCONS.
-
-
NUUG
-
Recorded by NUUG for FSCONS
-
-
NUUG
-
Lightning talks from Day 2 of FSCONS 2017.
Recorded by NUUG for FSCONS.
-
-
NUUG
-
Lightning talks from Day 1 of FSCONS 2017.
Recorded by NUUG for FSCONS.
-
-
NUUG
-
Linda Sandvik's keynote at FSCONS 2017
Recorded by NUUG for FSCONS.
-
-
NUUG
-
Kacper Why and Thomas Gramstad introduce the FSCONS 2017 conference.
Recorded by NUUG for FSCONS.
-
-
NUUG
-
Demonstration based presentation. Only intro and outro powerpoint slides. Demonstrate user enumeration using timing attacks. Especially prominent when companies have implemented bcrypt/scrypt/pbkdf#2. Attack vector which is very useful in many cases today, notably against Lync/Skype4B installations today. Further password spray into a solution. Discover, analyze and fully exploit reverse-shell command injection. How to find these across large systems? How dose vulnerability scanners work, and how do they detect this? Introduction to Burp Collaborator. Introduction to script for merging attack data into hundreds of Burp Collaborators. Discover, analyze and fully exploit blind SQL Injection. Demonstrating Burp Intruder cluster bomb attack to enumerate out table data.
Recorded at the OWASP Norway Day by NUUG.
-
-
NUUG
-
With the emerging popularity of bug bounty programs, lesser known and even brand new vulnerability classes are gaining popularity. This talk will give a walk-though of some of these vulnerabilities, how they occur in modern web applications and how they can be found and fixed.
Recorded at the OWASP Norway Day by NUUG.
-
-
NUUG
-
Container security often focuses on runtime best-practices whilst neglecting delivery of the software in the supply chain. Application, library, and OS vulnerabilities are a likely route to data exfiltration, and emerging technologies in the container ecosystem offer a new opportunity to mitigate this risk. Treating containers as immutable artefacts and injecting configuration allows us to "upgrade" images by rebuilding and shipping whole software bundles, avoiding configuration drift and state inconsistencies. This makes it possible to constantly patch software, and to easily enforce governance of artefacts both pre- and post-deployment. In this talk we detail an ideal, security-hardened container supply chain, describe the current state of the ecosystem, and dig into specific tools. Grafeas, Kritis, in-toto, Clair, Micro Scanner, TUF, and Notary are covered, and we demo how to gate container image pipelines and deployments on cryptographically verified supply chain metadata.
Recorded at the OWASP Norway Day by NUUG
-
-
NUUG
-
The ability to mathematically classify patterns, predict events and/or identify abnormalities within a wide range of data is known as Machine Learning. For the purpose of this conference , we explain the power of data and how it can be used with Machine Learning models to identify abnormal behaviour within complex environments. We also explain the ingredients and the steps required to build a Machine Learning models to serve security tasks. This will further be followed by its complications in terms of false positives, accuracy of detection and validity of model and how this can be improved.
Recorded at the OWASP Norway Day by NUUG.
-
-
NUUG
-
A collection of old and new war stories from Norways largest news site as seen from the perspective of the VG/Schibsted operation including stuff like Nazis, Pink Blogs, Anonymous, FBI, and how to build you own DDOS canon.
Recorded at the OWASP Norway Day by NUUG.
-
-
NUUG
-
The Linux Security and Isolation APIs have become the basis of some of the most useful features server-side, providing the isolation required for efficient containers. However, these APIs also form the basis of the Chromium Sandbox on Linux, and we will study them in that context in this talk.
Recorded at the OWASP Norway Day by NUUG.
-
-
Empo AS
-
Det er høst og tid for Nasse Nøff å komme inn i varmen etter en lang sesong ute i hagen. Søndag 2.november hadde foreningen Venn av Nøff sin årlige innbæring. I tillegg blir det utdeling av NÆ!-prisen. Følg med.
-
-
NUUG
-
Running one of the largest security reporting platforms of its kind, we handle billions of security reports for our customers every single month. Come and learn how we've scaled from handling 10,000 reports per month to 10,000 reports per second and the many evolutions our infrastructure has gone through. Alongside that come and see how, with our bird’s-eye view of such a diverse ecosystem, we’ve helped identify malware in a multinational organisation, had a malicious browser plugin taken down and much more!
Recorded at the OWASP Norway Day by NUUG.
-
-
NUUG
-
What happened from beginning to end. What made the news and what didn't. How did it feel to be in it and how I was treated by the public, by the government and by the media.
How transparency and suspiciousness is fundamental to an election system and how the lack of transparency drove me to dig further into the ballot counting system in Norway.
-
-
NUUG
-
Historien om Sintel og hennes ekspedisjon for å finne babydragen hun ble kjent med.
-
-
NUUG
-
Llamaen Koro erfarer at gresset er grønnere på den andre siden av gjerdet, og at veien dit kan være lang.
-
-
NUUG
-
Benedict Lau, en bidragsyter og arrangør på (Toronto Mesh), besøker oss for å snakke om å bygge nettverk for mesh-nettverk som er selvadresserende, desentralisert og fungerer uten internettforbindelse.
Vi vil diskutere peer-to-peer-applikasjoner som det interplanetariske filsystemet (IPFS) og Secure Scuttlebutt (SSB), både teknisk og å utforske sosial dynamikk som oppstår når brukerne har eierskap og kontroll over webapplikasjonene de bruker.
Foredraget vil gå på engelsk.
-
-
NUUG
-
Cable Green fra Creative Commons kommer til Oslo for å holde foredrag om "State of the Commons and the Global Open Education Opportunity".
Foredraget holdes på engelsk.