Last week was great for Cymmetria: our team traveled to San Francisco for the RSA and BSides conferences, where we met security vendors, researchers, cyber deception enthusiasts, and potential clients. Many of them came to catch a glimpse of MazeRunner and learn about advanced cyber deception from our specialists. We also recieved media attention, and Israel's
Geektime chose Cymmetria as the most interesting Israeli startup at the RSA conference.
- Mainframe hacks. The specialist known as Soldier of Fortran exposed many mainframes that actually face the Internet, and can pose a threat to their owners. This talk showed that companies in various fields ignore their older systems' security. The best part of this talk was when Soldier of Fortran asked for the crowd's help in telling which mainframe portal belonged to which company – the results were pretty shocking.
- TEMPEST hacks. Lev Pachmanov from Tel Aviv University talked about a breakthrough in the field of emission-based data theft. Pachmanov is part of a group of Israeli researchers who managed to steal an encryption key using rather basic equipment. He reviewed this interesting side-channel attack and showed that it doesn't take a government-sized budget to intercept emissions and turn them into a valid attack vector. Wim van Eck would be proud.
- Cloud security. Tim Prendergast from Evident.io gave a great talk about the differences between old-school data center protection and cloud protection, from an infrastructure point of view. He showed how to build and maintain security tools in cloud platforms such as AWS.
- Apple vs. the FBI. The Electronic Frontier Foundation (EFF) hosted a panel that included their privacy, civil liberty, policy analysis and activism specialists. The very first question was about the Apple-FBI standoff. The panel addressed several other hot topics that every security firm should be aware of, such as the Wassenaar Arrangement, encryption laws, and coders who sell exploits.
- Hacking Honeypots. Dean Sysman, our CTO, talked about the ways in which honeypots can be detected and hacked by attackers.