The document discusses analyzing and visualizing real-time Twitter data. It motivates the research by describing Twitter's growth and issues with analyzing event-based Twitter data. It then reviews existing Twitter analysis tools and outlines a new tool called TwitterSuitcase that categorizes and visualizes Twitter data during events. TwitterSuitcase is demonstrated on Twitter data related to a MOOCs conference, extracting information like popular hashtags, users, links, and software used. The conclusion discusses expanding TwitterSuitcase to better analyze and visualize geotagged tweets and retweets.
Stephan Gerling in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Stefan Zarinschi in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Bridging the gap between CyberSecurity R&D and UXDefCamp
(1) The document discusses bridging the gap between research and development (R&D) and user experience (UX) in product development.
(2) It emphasizes the importance of asking questions to understand user needs, focusing on user feelings over features, and ensuring users understand how to use products easily.
(3) The key lessons are to thoroughly question requirements, balance R&D and UX priorities, focus on satisfying core users, understand what users truly value, and make products feel intuitive and fast to use.
Drupalgeddon 2 – Yet Another Weapon for the AttackerDefCamp
Radu-Emanuel Chiscariu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
The document discusses analyzing and visualizing real-time Twitter data. It motivates the research by describing Twitter's growth and issues with analyzing event-based Twitter data. It then reviews existing Twitter analysis tools and outlines a new tool called TwitterSuitcase that categorizes and visualizes Twitter data during events. TwitterSuitcase is demonstrated on Twitter data related to a MOOCs conference, extracting information like popular hashtags, users, links, and software used. The conclusion discusses expanding TwitterSuitcase to better analyze and visualize geotagged tweets and retweets.
Stephan Gerling in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Stefan Zarinschi in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Bridging the gap between CyberSecurity R&D and UXDefCamp
(1) The document discusses bridging the gap between research and development (R&D) and user experience (UX) in product development.
(2) It emphasizes the importance of asking questions to understand user needs, focusing on user feelings over features, and ensuring users understand how to use products easily.
(3) The key lessons are to thoroughly question requirements, balance R&D and UX priorities, focus on satisfying core users, understand what users truly value, and make products feel intuitive and fast to use.
Drupalgeddon 2 – Yet Another Weapon for the AttackerDefCamp
Radu-Emanuel Chiscariu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
This document discusses multi-factor authentication (MFA) and methods for bypassing it. It defines MFA as requiring more than one validation procedure to authenticate individuals. It describes the different factors of authentication as something you know, something you have, and something you are. It outlines various deployment modules for each factor type, including passwords, tokens, biometrics. It also covers challenges of MFA implementation and methods attackers could use to bypass MFA security, such as email filtering or legacy protocol exploitation.
Threat Hunting: From Platitudes to Practical ApplicationDefCamp
This document discusses threat hunting and practical approaches to threat hunting. It defines threat hunting as proactively searching through data to detect threats that evaded traditional security measures. It argues that threat hunting is more effective than reacting to incidents. The document provides guidance on log collection, developing situational awareness, hunting hosts and networks, maintaining a flexible mindset, and sharing findings. It suggests starting with small data collection and focusing on important systems and network areas. The goal is to understand normal behavior and detect anomalies.
Building application security with 0 money downDefCamp
Muhammad Mudassar Yamin in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Implementation of information security techniques on modern android based Kio...DefCamp
Muhammad Mudassar Yamin in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
The challenge of building a secure and safe digital environment in healthcareDefCamp
Jelena Milosevic in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Timing attacks against web applications: Are they still practical?DefCamp
This document discusses the practicality of timing attacks against web applications. It begins by explaining what a timing attack is and detailing the author's plan to conduct one against a target application. The plan involved studying the application's code, pinpointing an exploitable function, collecting timing data, filtering noise, and reducing the search space. The author was able to measure response times and identify spikes but encountered challenges averaging server performance. They demonstrate conducting a timing attack to recover hashed credentials over many requests. Ultimately, while timing attacks can be efficient, they are difficult to execute remotely and most applications and servers have protections that render the attacks impractical. Constant-time algorithms and rate limiting are presented as solutions to prevent these types of attacks.
Tor .onions: The Good, The Rotten and The Misconfigured DefCamp
Ionut-Cristian Bucur in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
Ioan Constantin in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
We will charge you. How to [b]reach vendor’s network using EV charging station.DefCamp
This document summarizes a presentation about vulnerabilities found in electric vehicle charging stations. The presentation covered:
1) Several vulnerabilities were found in the Bluetooth and Wi-Fi stacks that could allow access to the vendor's internal network, including arbitrary file writes, command injection, and buffer overflows.
2) The vulnerabilities were disclosed responsibly to the vendor, who developed a detailed plan and released updated firmware within a few months to address all issues.
3) Electric vehicles and charging stations are an important area for continued security research given the protocols for wireless communication, transactions, and vehicle-to-charger interfaces.
Cristian Pațachia-Sultănoiu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
This document discusses watering hole attacks, a type of cyber attack where hackers compromise frequently visited websites to infect visitors' devices through drive-by exploits. It describes how watering hole attacks work, why they are difficult to detect, and introduces DEKENEAS, an AI-based solution developed by the author to detect watering hole attacks through analyzing obfuscated JavaScript. DEKENEAS trains on over 40,000 malicious redirect samples to recognize behavioral patterns and classify code as malicious or not. When tested on 10,000 new samples and top websites, it achieved 100% detection of unknown implants with no false negatives and a very low false positive rate of 0.00023%.
Catch Me If You Can - Finding APTs in your networkDefCamp
Adrian Tudor & Leo Neagu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
WiFi practical hacking "Show me the passwords!"DefCamp
Konrad Jędrzejczyk in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Marek Zmysłowski in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Manuel Wiesinger in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Mobile signaling threats and vulnerabilities - real cases and statistics from...DefCamp
Kirill Puzankov in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
This document discusses multi-factor authentication (MFA) and methods for bypassing it. It defines MFA as requiring more than one validation procedure to authenticate individuals. It describes the different factors of authentication as something you know, something you have, and something you are. It outlines various deployment modules for each factor type, including passwords, tokens, biometrics. It also covers challenges of MFA implementation and methods attackers could use to bypass MFA security, such as email filtering or legacy protocol exploitation.
Threat Hunting: From Platitudes to Practical ApplicationDefCamp
This document discusses threat hunting and practical approaches to threat hunting. It defines threat hunting as proactively searching through data to detect threats that evaded traditional security measures. It argues that threat hunting is more effective than reacting to incidents. The document provides guidance on log collection, developing situational awareness, hunting hosts and networks, maintaining a flexible mindset, and sharing findings. It suggests starting with small data collection and focusing on important systems and network areas. The goal is to understand normal behavior and detect anomalies.
Building application security with 0 money downDefCamp
Muhammad Mudassar Yamin in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Implementation of information security techniques on modern android based Kio...DefCamp
Muhammad Mudassar Yamin in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
The challenge of building a secure and safe digital environment in healthcareDefCamp
Jelena Milosevic in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Timing attacks against web applications: Are they still practical?DefCamp
This document discusses the practicality of timing attacks against web applications. It begins by explaining what a timing attack is and detailing the author's plan to conduct one against a target application. The plan involved studying the application's code, pinpointing an exploitable function, collecting timing data, filtering noise, and reducing the search space. The author was able to measure response times and identify spikes but encountered challenges averaging server performance. They demonstrate conducting a timing attack to recover hashed credentials over many requests. Ultimately, while timing attacks can be efficient, they are difficult to execute remotely and most applications and servers have protections that render the attacks impractical. Constant-time algorithms and rate limiting are presented as solutions to prevent these types of attacks.
Tor .onions: The Good, The Rotten and The Misconfigured DefCamp
Ionut-Cristian Bucur in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
Ioan Constantin in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
We will charge you. How to [b]reach vendor’s network using EV charging station.DefCamp
This document summarizes a presentation about vulnerabilities found in electric vehicle charging stations. The presentation covered:
1) Several vulnerabilities were found in the Bluetooth and Wi-Fi stacks that could allow access to the vendor's internal network, including arbitrary file writes, command injection, and buffer overflows.
2) The vulnerabilities were disclosed responsibly to the vendor, who developed a detailed plan and released updated firmware within a few months to address all issues.
3) Electric vehicles and charging stations are an important area for continued security research given the protocols for wireless communication, transactions, and vehicle-to-charger interfaces.
Cristian Pațachia-Sultănoiu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
This document discusses watering hole attacks, a type of cyber attack where hackers compromise frequently visited websites to infect visitors' devices through drive-by exploits. It describes how watering hole attacks work, why they are difficult to detect, and introduces DEKENEAS, an AI-based solution developed by the author to detect watering hole attacks through analyzing obfuscated JavaScript. DEKENEAS trains on over 40,000 malicious redirect samples to recognize behavioral patterns and classify code as malicious or not. When tested on 10,000 new samples and top websites, it achieved 100% detection of unknown implants with no false negatives and a very low false positive rate of 0.00023%.
Catch Me If You Can - Finding APTs in your networkDefCamp
Adrian Tudor & Leo Neagu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
WiFi practical hacking "Show me the passwords!"DefCamp
Konrad Jędrzejczyk in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Marek Zmysłowski in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Manuel Wiesinger in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Mobile signaling threats and vulnerabilities - real cases and statistics from...DefCamp
Kirill Puzankov in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Session 1 - Intro to Robotic Process Automation.pdfUiPathCommunity
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Must Know Postgres Extension for DBA and Developer during MigrationMydbops
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
High performance Serverless Java on AWS- GoTo Amsterdam 2024Vadym Kazulkin
Java is for many years one of the most popular programming languages, but it used to have hard times in the Serverless community. Java is known for its high cold start times and high memory footprint, comparing to other programming languages like Node.js and Python. In this talk I'll look at the general best practices and techniques we can use to decrease memory consumption, cold start times for Java Serverless development on AWS including GraalVM (Native Image) and AWS own offering SnapStart based on Firecracker microVM snapshot and restore and CRaC (Coordinated Restore at Checkpoint) runtime hooks. I'll also provide a lot of benchmarking on Lambda functions trying out various deployment package sizes, Lambda memory settings, Java compilation options and HTTP (a)synchronous clients and measure their impact on cold and warm start times.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
11. Results
• Contact of affected subjects
– Help from CZ.NIC (and others)
• Quite a lot of sensitive data found
• Good research opportunity for junior analysts