Hacktivity 2012

An IT Security Conference in the Heart of Eastern Europe

When you get the opportunity to attend a security conference located in Budapest, you jump on top of it. Hacktivity 2012 provided that opportunity for me this year, and what an excellent conference it was. If you are saying to yourself, "But I don't speak or understand any Hungarian, so why would I go to a security conference in Budapest?!", fear not, the majority of the talks were in English, and when the talk was in Hungarian, translation headphones were provided. I would highly recommend attending Hacktivity 2013 if you are considering conferences in Europe

The Conference

Held inside of the fully renovated MOM Cultural Center, the conference was visited by over 1000 attendees and was able to accommodate everyone quite comfortably. The talks were given in two separate halls, the Security Theatre and the Security Dome, which were also broadcasted to an area known as the "Leisure Center". Several groups were holed up attacking the "Hack24" challenge (more on that later) in the Leisure Center as well. The conference also had a nice hardware hacking section provided by "H.A.C.K" and a lock-picking workshop organized by "Lockpicking Blog".

Topics of Discussion

Topics of discussion for this conference covered a vast range of IT Security disciplines. Joe McCray (Strategic Security) held a "Demo Talk" surrounding SQL injection techniques where the audience was encouraged to participate in a lab that he had provided. Jeff Bardin (Treadstone 71), a keynote speaker, covered an interesting topic about the translation of HUMINT collection into the Cyber realm and how it could be used to better target your adversaries. He walked through various methods he had personally utilized to infiltrate multiple criminal underground organizations. Shakeel Tufail (HP), also a keynote speaker, covered, in great depth, software threat modeling and how it can be used to better protect your organization. Shay Chen (Hackticks EYP) unveiled a new extension to the OWASP ZAP called "Diviner", a tool that allows a pentester to accurately detect actual source code of a web application based on it's interaction with other elements on the web page or the backend web server. Dr. Boldizsar Bencsath (CrySyS Labs) spoke in depth about their discovery of the Duqu virus as well as their analysis of some very sophisticated malware known as Flame, Wiper, SkyWiper and Gauss.

Hack24 Challenge

A fun and exciting competition held at Hacktivity 2012 was the "Hack24" challenge where participants had only 24 hours to stop a new and sophisticated piece of malware known as the "Revolution virus" aimed at taking down the entire World Wide Web. The challengers were competing for an array of prizes, including the chance to drive a tank, you read that right, a tank. At the close of the game, two teams had tied for first place, only to be decided by the judges based on speed of answers provided.


Something very unique at Hacktivity 2012 that I found was an excellent addition to an IT security conference was the U25 (Under 25) Corner. This was an area of the conference that graduates under the age of 25 could attend a meet and greet with some Hungary's most prominent IT security professionals. It even included on hand HR professionals and job listings in the IT security field.

Hello Workshop

During both days of the conference, the "Hello Workshops" provided in depth, hands on training on subjects ranging from IP Tables, Secure Code Review, Hacking a Webserver to SSL Certificate Authority and even "Bring Your Own Device" (BYOD). These workshops were included in the cost of the conference ticket with all of the classes almost entirely full. The takeaway from the conference when these courses are included is quite large.

I want to thank all of those who worked to put Hacktivity 2012 together, you guys put on a great conference. I am already looking forward to attending Hacktivity 2013.

For a full listing of the speaker line up and the talks provided @ Hacktivity 2012, please click on the link here.

More Stories By Cory Marchand

Cory Marchand is a trusted subject matter expert on topics of Cyber Security Threats, Network and Host based Assessment and Computer Forensics. Mr. Marchand has supported several customers over his 10+ years within the field of Computer Security including State, Federal and Military Government as well as the Private sector. Mr. Marchand holds several industry related certificates including CISSP, EnCE, GSEC, GCIA, GCIH, GREM, GSNA and CEH.

Latest Stories
DX World EXPO, LLC, a Lighthouse Point, Florida-based startup trade show producer and the creator of "DXWorldEXPO® - Digital Transformation Conference & Expo" has announced its executive management team. The team is headed by Levent Selamoglu, who has been named CEO. "Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation," he said in making the announcement.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Conference Guru has been named “Media Sponsor” of the 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. A valuable conference experience generates new contacts, sales leads, potential strategic partners and potential investors; helps gather competitive intelligence and even provides inspiration for new products and services. Conference Guru works with conference organizers to pass great deals to gre...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develop...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
"Evatronix provides design services to companies that need to integrate the IoT technology in their products but they don't necessarily have the expertise, knowledge and design team to do so," explained Adam Morawiec, VP of Business Development at Evatronix, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
"ZeroStack is a startup in Silicon Valley. We're solving a very interesting problem around bringing public cloud convenience with private cloud control for enterprises and mid-size companies," explained Kamesh Pemmaraju, VP of Product Management at ZeroStack, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Large industrial manufacturing organizations are adopting the agile principles of cloud software companies. The industrial manufacturing development process has not scaled over time. Now that design CAD teams are geographically distributed, centralizing their work is key. With large multi-gigabyte projects, outdated tools have stifled industrial team agility, time-to-market milestones, and impacted P&L stakeholders.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...