Contact | Privacy | DE / EN
Hackmanit Logo

RuhrSec

Conferences

RuhrSec is the non-profit security conference at the Ruhr University Bochum. As one of the organizers of the famous lecture called HackPra, we are hosting a high-quality and low-priced security conference in the heart of Bochum near the river Ruhr. We provide academic and industry talks from smart international speakers, the typical Ruhr University feeling and the highly recommended HackPra social event at G Data. From the University, this event is supported by UbiCrypt and the Horst Görtz Institute for IT security.

RuhrSec website

Conference Talks Screenshot

Presentations

  • German OWASP Day 2015, Frankfurt. Practical Invalid Curve Attacks on TLS-ECDH. Juraj Somorovsky
  • DEEPSEC 2015, Vienna. How to Break XML Encryption - Automatically. Juraj Somorovsky
  • Black Hat 2015, Amsterdam. How to Break XML Encryption - Automatically. Juraj Somorovsky
  • CCS 2015, Denver, USA. On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption. Juraj Somorovsky
  • ESORICS 2015, Vienna. Practical Invalid Curve Attacks on TLS-ECDH. Juraj Somorovsky
  • Bewertungsaspekte Service- und Cloud-basierter Architekturen (BSOA/BCLOUD) 2014, Frankfurt. SOAP to REST: Security Enhancement. Juraj Somorovsky, Markus Mayer (Axway GmbH)
  • Real World Crypto 2015, Stanford, USA. Practical Attacks on Real World Cryptographic Implementations. Juraj Somorovsky
  • Web 2.0 Security & Privacy 2015, San Jose. Owning Your Home Network: Router Security Revisited. Marcus Niemietz (DL)
  • Black Hat Asia 2014, Singapore. UI Redressing Attacks on Android Devices Revisited. Marcus Niemietz (YouTube)
  • DEEPSEC 2014, Vienna. Revisiting SSL TLS Implementations - New Bleichenbacher Side Channels and Attacks. Juraj Somorovsky (Video)
  • NDSS 2013, San Diego. One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography. Juraj Somorovsky
  • OWASP EU 2013, Hamburg. Keynote: Cryptography in Web Security: Stupid, Broken, and maybe Working?. Jörg Schwenk (YouTube)
  • German OWASP Day 2012, Munich. On Breaking SAML: Be Whoever You Want to Be. Christian Mainka, Juraj Somorovsky
  • IBM Appliance Veranstaltung 2012, Frankfurt. Aktuelle Forschungsergebnisse zur Netzwerksecurity mit SOAP- und XML- Web Services. Christian Mainka, Juraj Somorovsky
  • Black Hat Abu Dhabi 2012, Abu Dhabi. UI Redressing Attacks on Android Devices. Marcus Niemietz
  • ESORICS 2012, Pisa. Bleichenbacher’s Attack Strikes Again: Breaking PKCS#1 v1.5 in XML Encryption. Juraj Somorovsky
  • USENIX 2012, Seattle. On Breaking SAML: Be Whoever You Want to Be. Juraj Somorovsky
  • SERVICES Workshop 2012, Hawaii. Technical Analysis of Countermeasures against Attack on XML Encryption - or - Just Another Motivation for Authenticated Encryption. Juraj Somorovsky
  • SERVICES Workshop 2012, Hawaii. Penetration Testing Tool for Web Services Security. Christian Mainka
  • Confidence 2012, Krakow. All Your Clouds are Belong to us - Security Analysis of Cloud Management Interfaces. Juraj Somorovsky
  • a-i3/BSI Symposium 2012, Bochum. Standards für das Identitätsmanagement: Der Fall SAML. Juraj Somorovsky
  • IT-Sicherheitskonferenz Stralsund 2012. How To Break XML Encryption. Juraj Somorovsky
  • BlueHat 2011, Seattle. UI redressing and Clickjacking. Marcus Niemietz
  • Microsoft Web Application Security Summit 2011, Seattle. UI Redressing: Attacks and Countermeasures Revisited. Marcus Niemietz
  • German OWASP Day 2011, Munich. How To Break XML Signature and XML Encryption. Juraj Somorovsky
  • VoteID 2011, Tallinn. The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting. Marcus Niemietz
  • CCSW 2011, Chicago. All Your Clouds are Belong to us - Security Analysis of Cloud Management Interfaces. Juraj Somorovsky

Direction

Press

  • Flaws in popular printers can let hackers easily steal printed documents. ZDNet. 2017 (Article)
  • OpenSSL-Update: Die Rückkehr des Padding-Orakels. Golem. 2016 (Article)
  • Die Handy-Flüsterer kommen. Heise. 2016 (Article)
  • DROWN-Angriff: Sicherheitsstandard TLS ausgehebelt - Ein Drittel aller Webserver weltweit betroffen. RUB. 2016 (Article, DROWN website)
  • matrix - computer & neue medien: Smarte Haushaltsfallen. ORF. 2016 (Radio)
  • Punkte auf der falschen elliptischen Kurve. Golem. 2015 (Article)
  • XML-Verschlüsselung mit vielen Fallstricken. Golem. 2015 (Article)
  • Das Smart-TV lauscht mit. ORF. 2015 (Radio)
  • Internet der Dinge: Nicht ausgereift. WDR5. 2015 (Radio)
  • Per Web und USB-Stick: Smart-TVs vielfältig angreifbar. Heise. 2015 (Article)
  • Webanwendungen vor Angriffen schützen. RUBIN. 2015 (Article)
  • a-i3/BSI-Kongress: Vorratsdatenspeicherung ist kein Allheilmittel. Heise. 2015 (Article)
  • Die Hacker und die Wirtschaft. Deutschlandradio Kultur. 2014 (Article)
  • CAST sucht herausragende Arbeiten zum Thema IT-Sicherheit. Heise. 2014 (Article)
  • Verschlüsseln soll kinderleicht werden. Zeit. 2014 (Article)
  • The Best of PenTest 2013. PenTest Magazine. 2013 (Article)
  • Auftrag: Hacken. Schekker ::: das Jugendmagazin. 2012 (Article)
  • Clickjacking und UI-Redressing. 1live. 2012 (Radio)
  • Spam-Attacken: Klick-Betrüger nehmen Facebook ins Visier. Handelsblatt. 2012 (Article)
  • Internet: Vorkasse und keine Ware. WDR. 2011 (TV)
  • Bonn bekommt Cyber-Abwehrzentrum. WDR. 2011 (TV)
  • Forscher: XML-Verschlüsselungsstandard unsicher. Heise. 2011 (Article)