TurkuSec February Meetup Recap

After nearly a month, it is finally a time to write a short recap about February meetup, which was the first event in 2017. As usual, TurkuSec hosted two talks on our usual venue SparkUp.

The first talk was by Teemu Tuparinne named “Information security management in organizations
(of all sizes) and the upcoming challenges”. Teemu has been in IT industry for the last 20 years and since 2009 he is fully in the field of information security. Teemu is CEO at TS-Information security, which provides security solutions for companies and individuals. In his talk, Teemu, started by giving introduction into security management and continued with the best and so practices that are currently used in organizations. The solid part of the talk was about upcoming challenges, such as GDPR compliance, IoT, Cloud based services, Mobile devices and etc.

After Teemu’s talk we had around 20 minutes of brake. Usually, we have only 10 minutes brake between talks, but this time was special as I needed to meet our second speakers on bus station and bring them to the venue. During this brake nearly all beer and rum was gone. Good job! :D

Our second speakers, k4m1 and da-vinci, came from Helsinki to give a talk on the meetup. Yes, guys asked to use their nicknames, instead of real names. The third member of their team, OpEs, unfortunately did not manage to come to Turku, but we will get him at some point. k4m1, da-vinci and OpEs are winners of DisObey hack challenge, which made them Finnish hacker champions. I met them on DisObey afterparty and invited as speakers to TurkuSec, which they gladly accepted. Going forward, February meetup was the first public talk, that k4m1 and da-vinci have ever given.

The talk started by da-vinci, where he revealed how they managed to get through the jungle of challenges up to the finish line. DisObey challenge was not only about technical skills, but major part was about creative thinking and problem solving.

After da-vinci‘s talk about DisObey challenge, k4m1 gave a talk about expoliting hardware “for fun and profit”. First k4m1 gave introduction how DRAM works and continued on exploiting DRAMs and rootkits. Then he talked about exploiting BIOS and guess what! k4m1 showed live demo, which contained 3 0days! It was mindblowing, well, here’s a tweet from one of community members:

“I’m just going to fuck up my laptop and show you my demo which contains 2 or 3 zero days” Listening to jesus-level hackers @turkusec

After talks we had some free time to network, talk and drink. And, being loyal to our traditions, we continued to Cosmic Comic Cafe in Turku city center.

Our community would like to express gratitude to Nixu for the support and sponsorship. Nixu is Nordic’s largest company in the field of information security consulting and always hungry for talented people.

Nixu Cybersecurity

Check out open positions at Nixu and if you can’t find suitable position, no worries, submit open application.