📜 Post with us on Reddit
📝 Create a new article
🏭 Create a company page
🇬🇧 - in English
🇫🇷 - en Français (FR)
🇵🇹 - em Português (PT)
🇩🇪 - auf Deutsch (DE)
🇯🇵 - 日本語で (JA)
Sponsored articles

You can edit almost every page by Creating an account and confirming your email.

Nullcon

From EverybodyWiki Bios & Wiki


Nullcon is one of Asia's largest International[1] Security Conference managed by Payatu Technologies Pvt Ltd where Security researchers, hackers, professionals, companies, government agencies[2] and academia gather to discuss the next big thing in security. The first edition was held in the year 2010.[3] The conference takes place annually in Goa & has also been hosted at Delhi in the past.[4]

At Nullcon, security companies, evangelists come together to showcase their research and technology. The event consists of several tracks, like Capture the flag, talks about zero-day vulnerabilities, tracks related to latest attack vectors, and other cyber threats, as well as cyber-security challenges and competitions .Additionally, a section of the event called Desi Jugaad (Hindi for "Local Hack") features researchers who come up with innovative solutions to life's challenges and who devise new initiatives. A unique workshop is also conducted, aimed at educating journalists, lawyers, activists about tools & tips to ensure their data is secured[5]

nullcon
Micah Lee the Director of Information Security at The Intercept talks about "The Metadata Trap: Whistleblowers in the Age of Surveillance and Big Data nullcon Goa 2020
StatusActive
GenreInformation Security Conference, Hacker Conference
Date(s)Training:April 5-7, 2022 Conference: April 8-9, 2022
FrequencySeveral times a year
VenueNH Hotel, Alexanderplatz Berlin
Location(s)Goa, Bangalore, Hyderabad, Delhi, Berlin
CountryIndia
Years active16
InauguratedFebruary 6, 2010; 16 years ago (2010-02-06)[6]
FoundersAntriksh Shah Aseem Jakhar Murtuja Bharmal[7]
Most recentMarch 5, 2021; 5 years ago (2021-03-05)
Previous eventVirtual, Goa; March 5-6, 2021
Next eventNH Hotel, Alexanderplatz Berlin; April 5, 2022; 4 years ago (2022-04-05)
AttendanceOver 2500
Organized byPayatu
Websitenullcon.net
Nullcon on TwitterLua error in Module:WikidataCheck at line 23: attempt to index field 'wikibase' (a nil value).
Nullcon on Facebook

History

The first edition of Nullcon happened in 2010[3] at Goa, Venue - Hotel Zuri by the Retreat. Nullcon originated from Null - The Open Security Community, a registered not-for-profit society, and the largest active security community in India. The conference aimed at bringing together security researchers and experts from across the world, from various fields to showcase offensive, defensive security technologies & discuss about next big security thing to be ready against the future digital attacks[1]

In 2011, Hari K Prasad[8] (the first Indian to receive the prestigious Electronics Frontier Foundation award) spoke about how Indian voting machines (EVM) were vulnerable to attacks & revealed the security flaws.

Venues, dates and attendance

nullcon Conferences and Training

nullcon Conference/Training Location Days Year Attendance
nullcon Goa 2010 Conference The RETREAT by Zuri, Goa, India February 6-7 2010 100
nullcon Goa 2011 Conference The RETREAT by Zuri, Goa, India February 25-26[9] 2011 180
nullcon Goa 2012 Conference and Training The Bogmallo Beach Resort, Goa, India February 15-18[10] 2012 260
nullcon Delhi 2012 Conference and Training The Leela Kempinski, Gurgaon, India[11][12] September 26-29[13] 2012 200
nullcon Goa 2013 Conference and Training The Bogmallo Beach Resort, Goa, India Februry 27-28

March 1-2

2013 350
nullcon Goa 2014 Conference and Training The Bogmallo Beach Resort, Goa, India February 13-15 2014 500
nullcon Goa 2015 Conference and Training The Bogmallo Beach Resort, Goa, India[14] February 4-7 2015 650
nullcon Goa 2016 Conference and Training The Bogmallo Beach Resort, Goa, India March 9-12 2016 850
nullcon Bangalore 2016 Training Hotel Royal Orchid, Bangalore, India October 13-15 2016 90
nullcon Goa 2017 Conference and Training Holiday Inn Resort, Goa, India[15] February 28

March 1-4[16]

2017 1100
nullcon Hyderabad 2017 Training Courtyard by Marriott, Hyderabad, India July 14-15 2017 31
nullcon Goa 2018 Conference and Training Holiday Inn Resort, Goa, India February 27-28

March 1-3[17]

2018 1450[18]
nullcon Bangalore 2018 Training Hotel Royal Orchid, Bangalore, India June 20-22 2018 91
nullcon Goa 2019 Conference and Training Holiday Inn Resort, Goa, India[19] February 26-28

March 1-2

2019 1950
nullcon Goa 2020 Conference and Training Taj Hotel & Convention Centre Dona Paula, Goa, India[20][21] March 3-7 2020 2584
nullcon Goa 2021 Conference and Training Virtual Edition March 1-6 2021 1875
nullcon Berlin 2022 Conference and Training NH Hotel, Alexanderplatz, Berlin-Germany April 5-9 2022 TBD
nullcon Goa 2022 Conference and Training TBD TBD 2022 TBD

Notable incidents

In 2012, Security Researcher Rahul Sasi, exposed vulnerabilities of Interactive Voice Response System (IVRS) of leading banks at nullcon Goa.[22]

In 2013, Chief Minister of Goa at the time, Manohar Parrikar attended nullcon Goa. He promised that government will fully support cyber security initiatives in Goa and highlighted the importance of cyber security to the nation. For first time, Government in India paid bounty prize of Rs. 35,000 to a security researcher for hijacking the command and control server of the attackers.[23]

In 2016, at nullcon Goa, NCC Group Security Consultant Clint Gibler, showcased how automated vulnerability scanners turn up mostly false positives. He discussed insights gained from analyzing the results of running a commercial security scanner on 100 international companies across 10 industry verticals, including Financial Services, IT, and Healthcare, from 2014 through 2015. The result of that effort was some 900,000 security-related red flags, and a false positive rate of 89 per cent in some industries.[24] On other hand, Security Researchers Julien Moinard and Gwénolé Audic, produced a security testing framework to automate vulnerability scans for IoT/Hardware Devices called hardsploit[25][26]

In 2016, Russian Security Researcher, Timur Yunusov presented critical vulnerabilities in routers and 3G/4G modems from Huawei, ZTE, Gemtek, and Quanta Computer. He demonstrated how most of the modems can be turned into tracking devices remotely due to various vulnerabilities and firmware update processes weaknesses.[27]

In 2016, Facebook Security Team attended nullcon Goa with bug bounty teams from Google, Microsoft, Bugcrowd, and Mozilla Corporation to thank the security researchers in India. Facebook announced that India tops the list of 127 countries whose researchers contribute to its bug bounty program.[28]

In 2016, Security Researcher, Craig Smith released a free tool called UDSim at nullcon Goa, which automatically start "fuzzing" a car at the click of a button.[29]

In 2017, Google announced better payouts at the higher levels in the Google Vulnerability Rewards Program at nullcon Goa event. The reward payout for "Remote code execution" was increased from $20,000 to $31,337. Additionally, the reward for "Unrestricted file system or database access" findings was increased from $10,000 to $13,337.[30][31]

In 2017, CloudSek Founder & CTO Rahul Sasi, revealed his ambitious project Cloud-AI at nullcon Goa. Sasi and his team at CloudSek trained his machine against popular cloud applications including LinkedIn and Facebook, finding 10 dangerous insecure direct object reference vulnerabilities.[32]

In 2018, Director of Indian Computer Emergency Response Team (CERT-In), Sanjay Bahl was keynote speaker at nullcon Goa. Where he urged security researchers to come forward and work with the government.[33]

In 2018, Director of Cybersecurity at Electronic Frontier Foundation, Eva Galperin attended nullcon Goa. She urged Indian digital users to take efforts to protect their online privacy by adopting safe practices as tools designed for spying are increasingly getting cheaper.[34]

In 2019, Nullcon celebrated its 10 year anniversary & named this 10th edition as 'Dasham'. Workshop for journalists, lawyers, activists regarding data privacy was introduced [27]. Mirror Now interviewed Nullcon's co-founder Aseem Jahkhar[35]

In 2020, a workshop was conducted at Nullcon on Digital Security and Privacy for Journalists, Activists and Lawyers which included speakers which included Micah Lee[33], Director of Information Security at The Intercept, Saikat Datta, South Asia Editor at Asia Times, Kushal Das, Freedom of the Press Foundation[5]

In 2020, Jaya Baloo, CISO at Avast was the speaker at Nullcon [28] & talked about the turbulent challenges CISOs face in moving an organization ahead of the threats attacking it. She also introduced Avast's bug bounty program[36]

In 2020, Sanjay Jha National Technical Research Organisation (NTRO) Chairperson was the speaker at Nullcon & talked about Influences On Social Media Promoting Violent Extremism Among Biggest Cyber Threats.[37][38]

See also

References

  1. 1.0 1.1 Bahirwani, Krishna (2018-03-18). "The story of Nullcon: India's biggest and most popular security conference". DNA. Retrieved 2018-03-18.
  2. Pereira, Brian (2020-03-07). "NULLCON Stresses Need for International Cooperation to Mitigate New Threat Vectors". CISOMAG. Retrieved 2020-03-07.
  3. 3.0 3.1 "nullcon - Goa 2010 Archives". archive.nullcon.net. Retrieved 2022-01-05.
  4. BISSON, David (2015-05-19). "More Top Conferences in Infosec – Readers' Choice". The State of Security by Tripwire. Archived from the original on March 4, 2016. Retrieved 2018-10-23.
  5. 5.0 5.1 Pereira, Brian (2020-02-21). "NULLCON to Organize Digital Security and Privacy Workshop for Journalists, Activists, Lawyers in Goa". Digital Creed.
  6. "The story of Nullcon: India's biggest and most popular security conference". 2015-01-05.
  7. "Cyber experts show vulnerability of GSM networks". 2012-02-19.
  8. "Mr. Hari K. Prasad - Hacking The Indian EVM". CrazyEngineers. Retrieved 2022-01-05.
  9. "nullcon Goa – International Security Conference | Digit.in". Digit. February 15, 2011. Archived from the original on October 23, 2018. Retrieved 2018-10-23.
  10. indiainfoline.com (February 14, 2012). "nullcon International Conference on Information Security in Goa". India Infoline News Service. Archived from the original on 2018-10-23. Retrieved 2018-10-23.
  11. Haran, Varun (September 28, 2012). "nullcon Delhi 2012 - Day 1 - Live coverage". www.computerweekly.com. Archived from the original on August 13, 2017. Retrieved 2018-10-23.
  12. Haran, Varun (September 29, 2012). "How to develop an insecure product - nullcon Delhi 2012: Day 2's action". www.computerweekly.com. Archived from the original on October 23, 2018. Retrieved 2018-10-23.
  13. Bureau, OSFY (2012-07-26). "Nullcon - Open Source For You". Open Source For You. Archived from the original on August 24, 2016. Retrieved 2018-10-23.
  14. Haran, Varun (February 6, 2015). "Inside nullcon Security Event". Bank Info Security. Archived from the original on December 27, 2017. Retrieved 2018-10-23.
  15. "Base @ Nullcon GOA 2018 - Base Cyber Security". www.basecybersecurity.com. Archived from the original on October 23, 2018. Retrieved October 23, 2018.
  16. Goel, Akash (January 16, 2017). "Nullcon 2017: A Pandora's box for Security? - Reflections Magazine". reflections.scit.edu. Archived from the original on October 23, 2018. Retrieved October 23, 2018.
  17. Prasad, Yogesh (2018-02-22). "Introducing International Cyber Security Conference : Nullcon Goa 2018". Hackers Interview. Archived from the original on 2018-10-23. Retrieved 2018-10-23.
  18. Khaira, Rachna (March 3, 2018). "Easy to recognise 'state-sponsored' malwares: Researchers at Nullcon". The Tribune. Archived from the original on March 3, 2018.
  19. Cox, Joseph (2019-03-07). "As Phones Get Harder to Hack, Zero Day Vendors Hunt for Router Exploits". Vice.
  20. Greenberg, Andy (2020-02-28). "A Simple New Tool Lets You Open Email Attachments Without Fear". Wired. Retrieved 2020-02-28.
  21. "NULLCON to Launch 11th Edition of Cybersecurity Conference in Goa, India". CISOMAG. 2020-02-28.
  22. "Interactive response systems vulnerable to hacking: experts". The Hindu. PTI. 2012-02-17. ISSN 0971-751X. Retrieved 2018-10-24.
  23. "Will support cyber security initiatives: CM - Times of India". The Times of India. March 11, 2013. Archived from the original on October 24, 2018. Retrieved 2018-10-24.
  24. Pauli, Darren (March 14, 2016). "Auto vulnerability scanners turn up mostly false positives". The Register. Archived from the original on October 31, 2017. Retrieved 2018-10-24.
  25. https://hardsploit.io
  26. Pauli, Darren (March 11, 2016). "Hardsploit: The handy hacker help for hapless hopeful hardware hacks". The Register. Archived from the original on July 15, 2016. Retrieved 2018-10-24.
  27. Pauli, Darren (March 11, 2016). "0day remote code exec holes in mobile modems can read SMS and HTTP". The Register. Archived from the original on July 15, 2016. Retrieved 2018-10-24.
  28. "Indian researchers contribute the most to Facebook's bug bounty program | Digit.in". Digit. Archived from the original on May 5, 2016. Retrieved 2018-10-24.
  29. Fox-Brewster, Thomas. "Car Hacking Really Is For Dummies With This Sexy (And Free) Software". Forbes. Archived from the original on August 22, 2016. Retrieved 2018-10-24.
  30. Siddiqui, Aamir (2017-03-07). "Google Announces Better Payouts in Vulnerability Rewards Program at Nullcon India". xda-developers. Archived from the original on 2017-03-09. Retrieved 2018-10-23.
  31. Armour, Josh (March 2, 2017). "VRP news from Nullcon". Google Online Security Blog. Archived from the original on November 12, 2017. Retrieved 2018-10-23.
  32. Pauli, Darren (January 25, 2017). "Human bot hybrid finds LinkedIn email, phone number-filching holes". The Register. Archived from the original on December 3, 2017. Retrieved 2018-10-24.
  33. Shaikh, Shadma (2018-04-03). "Not a single person in the last one month has reported to CERT, including Elliot Alderson, says CERT-In director | FactorDaily". FactorDaily. Archived from the original on 2018-10-23. Retrieved 2018-10-23.
  34. Christopher, Nilesh (2018-04-02). "Spyware is getting cheaper, Indian digital beware says EFF". The Economic Times. Archived from the original on April 3, 2018. Retrieved 2018-10-24.
  35. "How to curb the spread of fake news?". Mirror Now. 2020-03-04.
  36. Avast. "Avast CISO Jaya Baloo to Speak at Nullcon". www.prnewswire.com. Retrieved 2022-01-05.
  37. Agrawal, Aditi (2020-03-09). "Influences On Social Media Promoting Violent Extremism Among Biggest Cyber Threats, Says NTRO Chairperson". Medianma. Retrieved 2020-03-09.
  38. Mehrotra, Karishma (2020-03-07). "Security focus lacking in tech development: NTRO chief". Indian Express.

External links


This article "Nullcon" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Nullcon. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.


Retrieved from "https://en.everybodywiki.com/index.php?title=Nullcon&oldid=2313232"
License CC BY-SA 3.0
Powered by MediaWiki