overview for ashar

A significant portion of Europe's renewable energy production can be remotely controlled via longwave radio. While this system is intended to stabilize the grid, it can potentially also be abused to destabilize it by remotely toggling energy loads and power plants.

In this talk, we will dive into radio ripple control technology, analyze the protocols in use, and discuss whether its weaknesses could potentially be leveraged to cause a blackout, or – more positively – to create a city-wide Blinkenlights-inspired art installation.

With three broadcasting towers and over 1.3 million receivers, the radio ripple control system by EFR (Europäische Funk-Rundsteuerung) GmbH is responsible for controlling various types of loads (street lamps, heating systems, wall boxes, …) as well as multiple gigawatts of renewable power generation (solar, wind, biogas, …) in Germany, Austria, Czechia, Hungary and Slovakia.

The used radio protocols Versacom and Semagyr, which carry time and control signals, are partially proprietary but completely unencrypted and unauthenticated, leaving the door open for abuse.

This talk will cover:

An introduction to radio ripple control
Detailed analysis of transmitted radio messages, protocols, addressing schemes, and their inherent weaknesses
Hardware hacking and reversing
Implementation of sending devices and attack PoCs
(Live) demonstrations of attacks
Evaluation of the abuse potential
The way forward

Licensed to the public under http://creativecommons.org/licenses/by/4.0

2

BSidesNYC 2024 - 30 talks (self.security_cpe)

submitted 7 months ago* (last edited 7 months ago) by ashar to c/security_cpe

0 comments fedilink

BSidesNYC 2024 playlist

BSidesNYC 2024 schedule

5

38C3: Illegal Instructions (media.ccc.de)

submitted 7 months ago by ashar to c/security_cpe

0 comments fedilink

38C3: Illegal Instructions

(English and German language talks)

The 38th Chaos Communication Congress (38C3) takes place in Hamburg, 27.-30.12.2024, and is the 2024 edition of the annual four-day conference on technology, society and utopia organised by the Chaos Computer Club (CCC) and volunteers. Congress offers lectures and workshops and various events on a multitude of topics including (but not limited to) information technology and generally a critical-creative attitude towards technology and the discussion about the effects of technological advances on society.

https://events.ccc.de/congress/2024/

1

GDPR Hindi/Urdu Video Lectures (infosec.pub)

submitted 7 months ago* (last edited 7 months ago) by ashar to c/security_cpe

0 comments fedilink

GDPR Urdu Video Lectures part 1

GDPR Urdu Video Lectures part 2

3

SAINTCON 2024 - Keynote - Jack Rhysider (youtu.be)

submitted 7 months ago by ashar to c/security_cpe

0 comments fedilink

Take an incredible journey through the planning and execution of a heist, and what that means to your brain and it's chemicals.

Darknet Diaries host Jack Rhysider blends the why with the what and how in this fun and fascinating Keynote presentation for SAINTCON 2024.

SAINTCON 2024 - Keynote - Jack Rhysider

4

BSidesLisbon 2024 (infosec.pub)

submitted 7 months ago* (last edited 7 months ago) by ashar to c/security_cpe

0 comments fedilink

BSidesLisbon 2024 playlist

BSidesLisbon website

2

OWASP Stockholm Meetup Oct 2024 - Secure Software Development Evening (infosec.pub)

submitted 8 months ago by ashar to c/security_cpe

0 comments fedilink

OWASP Stockholm Meetup Oct 2024 - Secure Software Development Evening

part 1 - principles of secure development

part 2 - Application security: AI generated code

OWASP Stockholm website

4

BSides Ottawa 2024 (infosec.pub)

submitted 8 months ago* (last edited 8 months ago) by ashar to c/security_cpe

0 comments fedilink

BSides Ottawa 2024 Schedule

BSides Ottawa 2024 videos

2

BSIDES Cybersecurity Conference SUR 2024 (self.security_cpe)

submitted 8 months ago by ashar to c/security_cpe

0 comments fedilink

Te invitamos a seguir la Conferencia de Ciberseguridad 8.8 BSIDES 2024 SUR, un evento pionero que une dos de las más grandes conferencias de ciberseguridad en Chile con el propósito de democratizar el conocimiento técnico y promover el acceso a la información.

BSIDES Cybersecurity Conference SUR 2024 Livestream

3

CYBERWARCON 2024 (self.security_cpe)

submitted 8 months ago by ashar to c/security_cpe

0 comments fedilink

CYBERWARCON is a one-day conference in Arlington, VA focused on the specter of destruction, disruption, and malicious influence on our society through cyber capabilities. CYBERWARCON is not a hacker conference, or an ICS conference, or an international policy conference. The central purpose of this conference is to identify and explore threats. Participants and attendees come from a spectrum of backgrounds including the military and government, academia, the media, and the private sector.

CYBERWARCON 2024 Agenda

CYBERWARCON 2024 Playlist

5

BSidesPDX 2024 (bsidespdx.org)

submitted 8 months ago by ashar to c/security_cpe

0 comments fedilink

BSidesPDX 2024 Schedule from the website

BSidesPDX 2024 Playlist

BSides Portland is a tax-exempt charitable 501(c)(3) organization founded with the mission to cultivate the Pacific Northwest information security and hacking community by creating local inclusive opportunities for learning, networking, collaboration, and teaching.

BSides PDX on Mastodon

10

Darknet Diaries: Ep 152: Stacc Attack (infosec.pub)

submitted 8 months ago by ashar to c/security_cpe

1 comments fedilink

Darknet Diaries: Ep 152: Stacc Attack

Jarett Dunn, AKA StaccOverflow, stole millions of dollars from a website called Pump Fun, and he wanted to do it in the most dramatic and theatrical way he could. His big heist is known as the “Stacc Attack”.