About conference

ZeroNights is an international conference dedicated to the practical side of information security.

ZeroNights shows new attack methods and threats, discovers new possibilities of attack and defense, and suggests out-of-the-box security solutions.

ZeroNights gathers experts, infosecurity practitioners, analysts, and hackers from all over the world.

Date: November 7–8, 2013.

Venue: Coworking center 2.0, 28A Varshavskoe shosse, Moscow, Russia.

 

Audience: technical specialists, administrators, ISOs and CISOs, pen-testers, programmers, and everyone who is interested in the practical aspects of the field.

 

Features:

 

Best papers delivered by the experts from around the globe

There are no invulnerable systems. There are only well-defended ones. And there should be no place for illusions in the quest for a well-defended system. Star speakers from various countries will help you disavow myths, dispel delusions, and assess the actual security level of one system or another. You will know how hackers plan their actions, how malware and exploits work. The experts will show their current research, analyze the most important problems of the field, and demonstrate actual attacks.

 

Workshops by the world-class professionals

The gurus of infosec are ready to share unique knowledge and skills. At their workshops, you will learn how to write exploits, how to bypass the defense of OS and browsers, how to find vulnerabilities in web projects. Practical knowledge fortified by theory is priceless.

Best place for friendly and professional communication

ZeroNights gathers professionals from Russia and other countries. Here is the informal venue to get the answers to the hottest questions, to meet the best infosec practitioners, and to acquire unique knowledge.

 

Contests for the gifted

Age, sex, occupation, personal achievements mean nothing in our contests. The main thing is talent, daring, speed and unique skills. Just act and win.

News
2013.11.13 ZeroNights 2013: the saturnalia abates

The conference which was so eagerly anticipated by hackers and infosecurity practitioners is completed. It turned out to be even more successful and colorful than we had expected. The event has gathered more than 1000 attendees, whereas we awaited 700. On the first day, we counted about 900 attendees; on the second day, 600. All four halls (350-seat main hall, 250-seat second hall, two workshop rooms for 25 and 50 seats) were full almost all the time.

The leading topics of the conference were: virtualization security, ICS and SCADA security, all kinds of practical hacking vectors (primarily, attacks on critical business system), new hacking techniques, and deep technological research of information systems. This year, 45 speakers from various countries presented 20 talks in the main program, 5 unique workshops, and 10 FastTrack talks.

The pinnacle of the event was the ZeroNights Talk Show: Hackers vs. Microsoft vs. OpenSource. Andrey Beshkov from Microsoft and Vladimir Rubanov from ROSA, who was also supported by other OpenSource community members, clashed in verbal combat to answer all the OS security questions which had been bugging hackers. The subsequent voting showed that Microsoft, represented by Mr. Beshkov, had won the duel thanks to his more solid reasoning.

Back in the day, nobody believed that a cost effective event with more than 1000 attendees on a paying basis (!), dedicated to the deeply technical sides of hacking and security, was possible in Russia, but we have done it. And we have done it together. Thanks to our partners: CareerLab and Yandex, to our sponsors, our speakers, and, of course, our attendees. Together, we have built the Russian BlackHat!

We look forward to welcoming you again next year and will be grateful for any help in organizing the event, which is expected to gather more than 1500 people in 2014 (ZN 2011: 500 attendees, ZN 2012: 600 attendees, ZN 2013: 1000+ attendees, ZN 2014: 1500-2000 attendees).




2013.10.31 Ready, steady... ZeroNights!

Well, friends, the waiting is coming to its end: less than a week is left before ZeroNights. The two-day conference, organized by ERPScan and CareerLab, supported by Yandex and Defcon Russia, starts in Moscow on November 7.

The agenda is composed in such a way that the first day will mostly feature hardcore and devices and a kickass workshop “Hacking HTML5”. On the second day, it is vice versa: hardcore goes to workshops, whereas web and other kinds of hacking go to main program. We hope that this line-up will allow everyone to visit their topics of interest. The main tracks will have simultaneous interpretation, and the workshops will have on-demand consecutive interpretation.

Take your laptops, your favorite hacking software, modems, patchcords, extension cords, and hacking devices to take part in Hardware Village.

More pleasant news: after the conference closes on November 8, everyone is invited to the AfterParty to socialize with organizers and speakers in very informal circumstances :) Looking forward to seeing you at ZeroNights!

Please note that registration is closed on November 5 at 5 PM GMT. Tickets will not be sold at the entrance. But you can still buy them now and meet us in Moscow on November 7 and 8!




2013.10.25 HPC Village: High performance already at ZeroNights

As we have already announced, ZeroNights attendees and Open Source developers are eligible for free access to a heterogeneous HPC system provided by Openwall. We have good news: all hardware components — Xeon E5 CPUs, Xeon Phi accelerator card, AMD and NVIDIA GPUs — are successfully installed into a single machine. The machine is assembled, and it even works:

[solar@super ~]$ clinfo | egrep '^ (Platform |)Name:' | tail -n +4
Platform Name: AMD Accelerated Parallel Processing
Name: Tahiti
Name: Tahiti
Name: Intel(R) Xeon(R) CPU E5-2670 0 @ 2.60GHz
Platform Name: Intel(R) OpenCL
Name: Intel(R) Xeon(R) CPU E5-2670 0 @ 2.60GHz
Name: Intel(R) Many Integrated Core Acceleration Card
Platform Name: NVIDIA CUDA
Name: GeForce GTX TITAN

Applications for HPC Village accounts are already being accepted. Please refer to the HPC Village project homepage for more detail.




2013.10.25 Cisco quits the "Clash of the titans" talk show

Hackers vs. vendors. Vendors vs. vendors. Vendors vs. hackers.

The situation looks incandescent, and we look forward to a heated discussion. There are still two weeks remaining until the talk show, but we’ve already been high-strung. Suddenly, Cisco up and quits the show!

Anyway, Microsoft represented by Andrey Beshkov, Igor Buchstabe of Linux-Soyuz, and Vladimir Rubanov of ROSA stay with us and aren’t afraid.

Hosts: Ilya Medvedovsky and Oleg Kupreev, ERPScan.

Send your hot and sharp questions to questions@zeronights.ru




2013.10.23 1337 Hardcore

Dear friends,

we’ve got astounding news! SecurityVacationClub has mentioned ZeroNights as one of the greatest hardcore practical infosecurity conferences in the world! Congratulations are in order because we share the chart with such top-rankers as Hackito ergo sum (Paris), Hack In The Box (Kuala Lumpur), H2HC (Sao Paulo), SyScan (Singapore), Shakacon (Honolulu), Infiltrate (Miami), REcon (Montreal), Kiwicon (Wellington), Ecoparty (Buenos Aires). Note that there are only 10 names on the list: http://securityvacationclub.com/svc-certified.html

To be distinguished by such a prestigious resource may be the best recommendation for an infosec conference. The SVC chart Is well-known in the western security community as a top hacking league of sorts. World-class professionals who respect technique and practice mastermind the resource.

Welcome to one of the best venues for infosec practitioners in the world! Meet us in Moscow on November 7 and 8. There are some tickets left.

The price includes partying hard and unreal emotions.




2013.10.23 Revealing all the secrets

Dear friends,

it is time to reveal our final secrets and present the last batch of talks at our conference. We have a lot of interesting things in stock! See for yourself.

Main program:

  1. Sahand (UK) will teach you to hack home automation systems for fun and profit.
  2. Alexander Timorin and Alexander Tlyapov (Russia) will sink deep into SCADA, including protocols, security mechanisms, and software architecture.
  3. Tomas Hlavacek (Czech Republic) will describe IP fragmentation attacks in detail.
  4. Alexander Lyamin will dwell upon the anatomy and metrology of DoS/DDoS.
  5. Alexander Bolshev and Dmitry Chastukhin (Russia) will present a talk called “With Big Data comes big responsibility: Practical exploiting of MDX injections”.



2013.10.21 Yet more talks, yet greater talks

You know what is interesting? ZeroNights CFP was over on October 1, but talks keep coming. Excitement for the event keeps building, the team of experts responsible for selecting talks are in a lather. But it is a good thing, right?

So, here are the updates for FastTrack:

  1. Vladimir Kropotov and Vitaly Chetvertakov (Russia) will acquaint the audience with practical application of math methods and image recognition in attack detection.
  2. Denis Makrushin (Russia) is going to take a hard look at stress testing services.
  3. Inbar Raz (Israel) will say “cyber” lots of times throughout his talk.
  4. Dmitry Boomov (Russia) will talk about hosting dashboard web application logic vulnerabilities.
  5. Andrey Danaw (Russia) will speak about session management errors in cloud solutions and in classic hosting systems.
  6. Anton Cherepanov (Russia) will take apart a banking trojan called Hesperbot.



2013.10.21 HackQuest ZeroNights 2013

What’s a hacking conference without a hack quest?

HackQuest ZeroNights 2013 is launched today at 16:00 GMT! #ZeroNights invites are raffled!

Hurry up to participate.




2013.10.21 Talk show: "Clash of the titans: ZeroNights Hackers vs. Microsoft vs. Cisco vs. OpenSource"

Hackers vs. vendors. Vendors vs. vendors. Vendors vs. hackers.

The situation looks incandescent, and we look forward to a heated discussion. Nonetheless, we have decided to kick things up a notch by inviting some OpenSource representatives. Everybody knows their reverent attitude towards both software giants, right?

So, besides our brave hackers, Microsoft represented by Andrey Beshkov, and Cisco represented by Vasily Tomilin, we are proud to introduce Igor Buchstabe of Linux-Soyuz and Vladimir Rubanov of ROSA.

Welcome our guests and place your bets!

Hosts: Ilya Medvedovsky and Oleg Kupreev, ERPScan.

Send your hot and sharp questions to questions@zeronights.ru




2013.10.17 Talk show "Clash of the titans: ZeroNights hackers vs. Microsoft vs. Cisco"

Everyone against everyone, or strong against weak? Can one win this game, and when is this game over? Are you sure you know the winner? Place your bets! And do not miss ZeroNights 2013 on November 8.

The talk show will be very interesting and quite intolerant! Let the vendors pay for what they’ve done.

This is the place to ask any questions to the vendors. Do you have some up your sleeve? Welcome!

  • Who is buggier: Cisco or Microsoft?
  • Who implemented SDLC for the other: Cisco for Microsoft or Microsoft for Cisco? …and so on!

There will be no mercy, no weakness allowed, no questions left unanswered.

Host: …Oprah Winfrey!.. why do we need one anyway?!

ERPScan: Ilya Medvedovsky and Oleg Kupreev

Microsoft: Andrey Beshkov

Cisco: Vasily Tomilin

Send your hot and sharp questions to: questions@zeronights.ru




2013.10.17 Novelty at ZeroNights: business application security in detail

This year’s ZeroNights will be the first to feature a separate section dedicated to the security of business applications. This event marks the upgrade of the EAS-SEC (Enterprise Application Systems Security) project, which is getting a new life. Until recently, it used to be a part of the OWASP consortium, called OWASP-EAS. But business application security has overgrown Web, so this direction was separated into a special project.

So, this section of ZeroNights will feature short talks dedicated to vulnerabilities and interesting architecture flaws in different business applications. Besides the traditional ERP, HR systems will be hacked as well as BI, accounting, banking, development and a lot more applications by key business system vendors like SAP, Oracle, Microsoft, 1C etc. This section is a unique opportunity to hear the talks presented at the renowned BlackHat conference.

The relevant results of EAS-SEC will also be presented for two topics: critical system security operation guideline and critical system security development guideline with respect to business applications. A list of key business application development flaws will also be presented, similar to OWASP Top 10, but the latter is only for web applications.

This unique event will undoubtedly be interesting for hackers and researchers as well as such information system security specialists as CISOs, administrators, and programmers. We will present both actual attack examples and detailed defense guides.

Alexander Polyakov is the host of this section. All talks delivered exclusively by ERPScan experts!

Talks in this section:

  1. Alexey Tyurin will speak in detail about Dynamics GP, a large and powerful accounting/ERP solution by Microsoft, and about intercepting full control over it.
  2. Evgeny Neyolov will describe attacking application deployment servers.
  3. Alexey Tyurin will deliver vulnerabilities in Oracle PeopleSoft, a system which has been deployed thousands of times around the globe.
  4. Gleb Cherbov will do some magic to remote banking systems by a leading Russian vendor.
  5. Dmitry Chastukhin will deliver his infamous talk: Business Intelligence Hacking — Breaking ICCube.
  6. Alexander Polyakov will enlighten the audience with a business application security deployment guideline by EAS-SEC.
  7. And Alexander Minozhenko will present a business application security development guideline.



2013.10.14 Elvis-Plus is a silver sponsor of ZeroNights

Friends, we are very happy to announce another silver sponsor of the ZeroNights conference. It is a Russian company called Elvis-Plus, a large system integrator for information security.

Elvis-Plus operates in all of Russia and delivers full-service deployment and maintenance of information security projects. The majority of its customers are government-owned institutions and enterprises, Bank of Russia, commercial banks and financial organizations, industrial enterprises.

If a company of this scale supports us, it means that the issues discussed at our event are important for business and government as well as for the security community.




2013.10.10 This treacherous and insecure data

The more data, the harder it is to protect it. The speakers of ZeroNights will tell you about the dangers harbored by data arrays and the treacheries hidden in office documents.

So, our main program features:

Also, do not miss a wonderful workshop by Krzysztof Kotowicz (Poland): Hacking HTML5!




2013.10.09 Kaspersky Lab is a silver sponsor of ZeroNights

We are happy to greet another silver sponsor of the upcoming ZeroNights conference, held in Moscow on November 7-8. It is Kaspersky Lab, a world-famous developer of endpoint security solutions.

The support of one of the four largest endpoint protection software vendors is the best evidence that the issues of repelling attacks on different levels are no less relevant for the mass market than they are for specific industries.

Kaspersky Lab is an international group operating in almost 200 countries and territories worldwide. The company is headquartered in Moscow, Russia, with its holding company registered in the United Kingdom. Its products and technologies provide protection for over 300 million users and over 250,000 corporate clients worldwide. The company provides a wide range of products and solutions for different types of clients, with a special focus on large enterprises, and small and medium-sized businesses.




2013.10.09 Attacking and defending Far and Wide at ZeroNights!

Dear friends,
have you been thinking that we have revealed all the aces up our sleeves yet? Of course not! Meet another keynote speaker: Gregor Kopf from Germany, along with a new talk by Russian experts, a workshop, and a great contest!

  1. Gregor Kopf will share the state of crypto affairs: major directions, problems, common mistakes, interesting areas for crypto related work.
  2. Aleksandr Matrosov and Eugene Rodionov (Russia ) will present a workshop called “Advanced Threats Reverse Engineering”. They will teach the audience how to analyze the malware created using object oriented programming languages.
  3. Those fine fellows will also speak at FastTrack to show you how HexRaysCodeXplorer makes object-oriented reverse engineering easier.
  4. Exclusive for the event, the “Far and Wide” contest will allow you to feel like a secret service agent. Imagine that your boss has ordered you to hack the network of a company called S-Lab. It is not that easy because the resources of S-Lab are thoroughly protected. Moreover, a similar task is set before other employees of Department Z-Hack, where you work. You will find a token on each server. The winner is the agent who will be the first to gather all tokens.

More astonishing agenda updates are ahead! Stay tuned and be the first to know!




2013.09.30 Brothers in Arms

No, this post is not about ZeroNights at all. This post is about our friends who, like us, raise the questions of information security, evangelize the spirit of hacking and generally do what they love. Our good friends are CONFidence (Poland), PoC (Korea), Nullcon (India) and HackInTheBox (Holland/Malaysia).

Nullcon is held at the islands of Goa (a wonderful place to be). The conference will take place on the 14-15 of February (a month which is usually very cold in Russia), and it is quite warm there ;)
CFP closes on November 20.

PoC (POWER OF COMMUNITY) is held in Seoul since 2006, no less. The event itself coincides with ZeroNights (unfortunately): November 5 through 8. However, it means that the beginning of November will bring lots of 0-days and new research, which benefits the hacking community.
CFP closes on October 5 (four days later than our own).

The next HackInTheBox is held very soon — 14-17 of October — in Kuala-Lumpur. As always, it harbors a great amount of talks from very different fields, so everyone can find something to their liking. Also, do not forget about their (very cool) workshops! Sadly, you can only register as an attendee at this time, not a speaker.

Our good old friends CONFidence, who have been supporting us since the very first conference, already held their event this year on May 28-29 in Krakow. And if you were not there, you’ve missed one of the most cozy and homelike events in the world. CONFidence is renowned for its hospitality and high-class organization, so be sure not to miss it next year.

The researchers of ERPScan have been to all of these conferences and strongly advise that you come to them both as an attendee and as a speaker! Travel with profit! :)

PS: Hacking breaks, but it also connects.




2013.09.23 Four unreal main program talks at once

Dear friends, we continue cheering you and ourselves by revealing new speakers of ZeroNights 2013. Today, we proudly present four speakers at once, each with unreal talks!

So, our main program features:

  1. Gal Diskin (Israel), chief researcher at Cyvera, will present an overview of the basics of hardware virtualization technology, the existing attack techniques against virtualization and also explain why creating a hypervisor is virtually impossible.
  2. The talk of Peter Hlavaty (Slovakia) of ESET will be dedicated to the DbiFuzz framework.
  3. And Mateusz Jurczyk (Switzerland) of Google, a big fan of memory corruption bugs, will focus his presentation on the interesting flaws of Windows Kernel.
  4. The talk of Meder Kydyraliev (Australia) is dedicated to mining Mach services within OS X sandbox.



2013.09.16 HPC Village: High performance at ZeroNights 2013

HPC Village from Openwall at ZeroNights 2013 is an opportunity for HPC hobbyists alike to program for a heterogeneous (hybrid) HPC platform. Participants are provided with remote access (via the SSH protocol) to a workstation (being used as a server in this case) with multi-core CPUs and HPC accelerator cards of different kinds (Intel MIC (Xeon Phi), AMD GPU, NVIDIA GPU), as well as with pre-installed and configured drivers and development tools (SDKs).

We intend to provide within one or at most two machines access to the mentioned four types of computing devices, including OpenCL support for all of them, as well as support for development tools and usage models specific to some of them (OpenMP on CPU, OpenMP offload from CPU to MIC, CUDA on NVIDIA GPU). Although it is uncommon to use more than two types of computing devices within one node in real-world HPC setups, such configuration is convenient for getting acquainted with the different technologies, for trying out and comparing them on specific tasks, for development of portable software programs, including debugging and optimization.

The expected hardware configuration is roughly as follows (may be changed):

  1. Supermicro GPU SuperWorkstation 7047GR-TPRF workstation/server platform;
  2. two 8-core Xeon E5-2670 CPUs (or replacement from the recently announced E5-26xx v2 series), which provides a total of 16 CPU cores (32 logical CPUs) at a clock rate of at least 2.6 GHz (plus turbo boost);
  3. 128 GB DDR3-1600 ECC RAM, 8 channels, cumulative bandwidth 102.4 GB/s;
  4. Xeon Phi 5110P coprocessor module (60 cores, 1.053 GHz, 8 GB GDDR5 ECC RAM on a 512-bit bus, 320 GB/s; peak performance of about 2 TFLOPS single-precision, 1 TFLOPS double-precision);
  5. gaming graphics card AMD Radeon HD 7990 (two “Tahiti” GPUs, which provides 2x2048 SPs at about 1 GHz, 6 GB GDDR5 RAM on a 384-bit bus, 288 GB/s; peak performance of over 8 TFLOPS single-precision, about 2 TFLOPS double-precision) — as a budget replacement for the FirePro S10000 GPU card intended for servers (which would cost at least 3 times more);
  6. gaming graphics card NVIDIA GTX TITAN, revision from Zotac with higher than NVIDIA's default core and memory clocks (one GK110 GPU with 2688 SPs at 902 MHz to 954 MHz in single-precision mode, 6 GB GDDR5 RAM on a 384-bit bus, 317.2 GB/s; peak performance of over 5 TFLOPS single-precision, from 1.3 to 1.5 TFLOPS double-precision in the corresponding mode) — as a budget replacement for the TESLA K20X GPU card intended for workstations (which would cost at least 3 times more).

Total peak performance is over 15 TFLOPS single-precision, about 4.5 TFLOPS double-precision.

The operating system will be Linux. Most likely we'll install CentOS 6, since this is the most common free option to run Intel MPSS. The Xeon Phi coprocessor will run its own copy of Linux, coming from Intel MPSS.

Remote access will be provided (on request) to registered ZeroNights attendees, for the period from November 1st to November 15th, 2013, as well as to Open Source software developers (regardless of their participation in the conference and without a "hard" restriction on the time period). Access is provided for getting acquainted with the technologies and/or for Open Source software development. In the organizers' sole discretion, access may be denied or restricted (in particular, in case it is used for other than an intended purpose or/and if one's use of the system inconveniences other users in a substantial way). The information contained in this announcement does not formally constitute an offer to provide any service to the general public.

The HPC Village project at ZeroNights is provided by Openwall (idea, computer hardware parts, software configuration, system administration) and DataForce (assembly and hosting of servers, Internet connectivity).




2013.09.11 The past, the present and the future of virtualization at ZeroNights 2013

Dear friends, we are eager to present one of our keynote speakers. It is Rafal Wojtczuk (Poland), who has been specializing in kernel and virtualization security for several years.

So,

  1. Main program: Rafal Wojtczuk (Poland) will dwell upon application sandboxing and virtualization used for endpoint security. This talk will remind you of the past, surprise you with the present, and guess the future.
  2. In his talk called Exploitation of AVR & MSP microchips, Vadim Bardakov (Russia) of ERPScan will review in detail the possibilities of exploiting microcontroller vulnerabilities.
  3. Main program: Mario Heiderich (Germany) will give JavaScript MVC and templating frameworks a stern look.
  4. And Roman Korkikyan (Switzerland) will show in his workshop how to recover secret keys of DES and AES software implementations by measuring their execution time.



2013.09.06 ZeroNights 2013 is closing in

Friends, we have more confirmed ZeroNights 2013 speakers to tell you about. CFP will last until October 1, so make up your mind about participating!

So,

  1. Main program: Glenn Wilkinson (France) of SensePost will show and tell you how to track down a user and retrieve their secrets from their personal device.
  2. Main program: in their talk called HART (in)security, Alexander Bolshev (Russia) of ERPScan and Alexander Malinovsky (Russia) of Motorola Solutions will tell you everything you did not know about current loop and the protocols that use it to transmit data.
  3. Workshop: in BlackBox analysis of iOS apps, Dmitry ‘D1g1’ Evdokimov (Russia) of ERPScan will acquaint the audience with the approach to searching for iOS vulnerabilities without source code analysis using special tools.
  4. Finally, Omair (India) will give a workshop called Fuzzing practical applications and teach you to fuzz with love but stay grounded.



2013.09.04 The first talks of ZeroNights 2013 are announced

The time has come to reveal the first speakers of our event. Keep in mind that CFP will go on until October 1, 2013, so there is not much time left to apply! Also, let’s not forget about FastTrack, which is a unique opportunity to make a short presentation of your research sharing a venue with famous infosec specialists and to socialize with friends and colleagues.

  1. Main program: Adrian Furtuna (Romania) of KPMG) will share his knowledge about the practical exploitation of rounding vulnerabilities in internet banking applications.
  2. In his workshop called Peach Fuzzing, Adam Cecchetti (USA) of Deja vu Security will teach how to use the Peach framework to find bugs in software (yours or not yours).
  3. The workshop of George Nosenko (Russia) of ERPScan will lead you into the amazing world of SMT solvers, which will surely conquer the planet.
  4. FastTrack: Victor Alyushin (Russia), a postgraduate student at NRNU MEPhI, will present a talk called “Advanced exploitation of Android Master Key Vulnerability (bug 8219321)”.

Stay tuned: a lot of interesting news will follow!




2013.08.30 Unique project at ZeroNights: Hardware Village!

Especially for those who love low level and hardware hacking and who is not shy of fidgeting with chipsets and signals, we present a project called Hardware Village, unprecedented in Russia. At the ZeroNights conference, you will be able to look at and try out various methods and devices for hacking embedded systems and more. We will show both the widely used Teensy HID emulators and the ascending Software Defined Radio platforms.

No specific knowledge or skills are necessary to participate in Hardware Village. We will show and explain everything.

Features:

  • HackRF
  • BladeRF
  • Facedancer
  • Die Datenkrake
  • JTAGulator
  • Proxmark3
  • Papillio FPGA
  • Teensy
  • *duino
  • Raspberry Pi

Bring your own hardware so we can hack it together!

With the support of our friends from Naund, we will also hold a Hardware contest. The reward is BladeRF SDR http://nuand.com/




2013.08.21 Club-Mate - the official ZeroNights beverage

Dear friends, we have great news: ZeroNights has an official beverage now. It's Club-Mate, a German non-alcoholic tonic drink, based on the mate herbal infusion, which has acquired it's renown with the European and American IT-crowd in the end of the twentieth century.

Club-Mate — is often to be seen at hacker hang-outs: not a single significant meeting goes without it. Bruce Sterling mentioned in his publication in the Wired magazine, that it is the favorite beverage of the German Chaos Computer Club community, as well as of Noisebridge and Hope. In USA the legedary magazine 2600: The Hacker Quarterly is responsible for the distribution of Club-Mate.

You can find more information about the beverage on the Club-Mate website: http://www.clubmate.de/




2013.08.14 CFP ZeroNights 2013: hurry to participate

We advise all our foreign guests and spokespersons to hurry with applying for participation! Russian VISA is not the fastest one to receive, and for many of our guests the distance is quite a big one to travel. We are expecting to see you at our conference!

Like before, we will discuss not only attacks, but protecting from them as well. We are interested in such topics, as:

  • Mobile security
  • Exploiting stuff
  • Hardware security
  • Web security
  • Security of critical systems

Other topics are welcome to be considered!




2013.08.13 “Gazinformservice” - ZeroNights 2013 Gold Sponsor

We're happy to introduce a Gold Sponsor of the future ZeroNights 2013 conference, which is to be held this year in Moscow — on the 7th and 8th of October.

Gold Sponsor of the Event — “Gazinformservice” — is one of the biggest system integrators and software developers in Russia, specializing in information security.

We are proud, that such a company is supporting our conference for a third time already. This proves like nothing else, that the level of the event allows us it to be called one of the most important events in the IT field. This year, in November we will meet again to have interesting discussions, share opinions and impressions, and receive new knowledge and experience in practical information security. Not only security enthusiasts and beginning specialists will find topics to be amazed, but also leading professionals in the field of attacks and protection of the highest level.




2013.06.28 Qualcomm is the silver sponsor of ZeroNights

We are glad to announce that Qualcomm is confirmed as the silver sponsor of ZeroNights 2013, which will be held in Moscow on November 7 and 8. Qualcomm is a well-known manufacturer of semiconductors and supplier of wireless chipsets and software for 3G devices.

If such a global enterprise supports our event, it means that the infosec problems that we discuss are important for the entire world, not just for Russia. The number of mobile users is growing and specific mobile threats are increasing as well. At ZeroNights, we talk about problems. What’s more, we find solutions.

Experts, analysts, and hackers from all over the world will share their knowledge and skills, astonish you with their speed and prowess, delight you with their depth of thinking and imagination. Stay in touch!

About Qualcomm

From its beginnings in 1985, Qualcomm has grown from seven individuals meeting in a den to a world-leading provider of wireless technology and services. Qualcomm is a global company, a firm with many facets, with each business division changing the way we live and work through its own unique contributions. But no matter what each Qualcomm business does, all are united by a single, driving passion: to continue to deliver the world’s most innovative wireless solutions.




2013.06.28 CFP ZeroNights 2013 is OPEN!

Hi everyone!

We are glad to announce that the Call for Papers at ZeroNights 2013 is officially launched. We are waiting for your best whitepapers and awesome workshops. We are waiting for you in Russia.

Just like before, we would like to hear talks in the following fields:

  • Security of business-critical systems
    They can be popular and widespread or industry based systems such as ERP/CRM/SCADA/Smart GRID/Banking/Processing/Stock/Retail/Manufacturing/Electricity.
  • Mobile security
    With real examples, focused on application security.
  • Hardcore exploitation
    Only new/semi-new methods of exploitation, vulnerability finding and mitigation technologies.
  • Hardware and embedded
    Cars, airplanes, boats, POS, kiosks, PLC, Internet of things…
  • Web security
    Only hot things, like new attack types.

We also want to see a 2–4 hour workshops on similar topics but with less strict acceptance conditions. Workshops can be about a known topic, but it has to be well-structured and based on real practical examples.

Other topics are also negotiable.

We are interested in new deeply technical researches of both attack and defense. Marketing, APT, NSA, PRISM and other bullshit topics are not our kind of thing.

You have your hacking genius and imagination to demonstrate. We have cool atmosphere and great company to offer you!

Please send your applications to cfp@zeronights.org

More information about the CFP rules is available here: http://2013.zeronights.org/request




2013.04.23 Registration for ZeroNights is open!

We are proud to announce that registration for ZeroNights 2013 has begun. ZeroNights is an annual international practical security conference, conducted by ERPScan and CareerLab, and supported by Yandex. Technicians, administrators, ISOs and CISOs, programmers, and everyone interested in the practical side of information security are welcome to participate.

ZeroNights shows new attack methods and threats, discovers new possibilities of attack and defense, and suggests out-of-the-box security solutions. Experts, infosecurity practitioners, analysts, and hackers from all over the world will share unique knowledge and skills and dispel delusions with reason, research, facts, and figures.

Date: November 7–8, 2013.

Venue: Coworking center 2.0, 28A Varshavskoe shosse, Moscow, Russia.

Features:

Best papers delivered by the experts from around the globe

There are no invulnerable systems. There are only well-defended ones. And there should be no place for illusions in the quest for a well-defended system. Star speakers from various countries will help you disavow myths, , and assess the actual security level of one system or another. You will know how hackers plan their actions, how malware and exploits work. The experts will show their current research, analyze the most important problems of the field, and demonstrate actual attacks.

Workshops by world-class professionals

The gurus of infosec are ready to share unique knowledge and skills. At their workshops, you will learn how to write exploits, how to bypass the defense of OS and browsers, how to find vulnerabilities in web projects. Practical knowledge fortified by theory is priceless.

Business track

The new separate track for CISOs is an opportunity to actually evaluate the business risks imposed by infosec threats. You will find everything you wanted to know about information security: figures, facts, opinions, and solutions.

Best place for friendly and professional communication

ZeroNights gathers professionals from Russia and other countries. Here is the informal venue to get the answers to the hottest questions, to meet the best infosec practitioners, and to acquire unique knowledge.

Contests for the gifted

Age, sex, occupation, personal achievements mean nothing in our contests. The main thing is talent, daring, speed and unique skills. Just act and win.




Organizers:
Official support:
With participation of:
Gold sponsor:
Silvers sponsor:
Official beverage:
General Media Partner:
Gold Media Partner:
Media Partners:
Information Partners: