TALK 1: CheckRa1n – iOS’ rotten Core by Dean Brennan
An iOS semi-tethered permanent jailbreak based on CheckM8, an unfixable vulnerability affecting nearly all iOS devices in Apple’s secure boot model.
CheckRa1n takes advantage of this vulnerability, in order to fully unlock control of the application processor, and take over the system.
This talk will cover how this vulnerability works, how it came to light, and how it’s used to jailbreak devices.
TALK 2: “How not to do Bug Bounties” ? by Paul Horgan
When Paul submitted a bug bounty report to 15 multinationals, he wasn’t expecting what happened next…
Simply put CorkSec is a monthly meetup (running since 2013) for anyone interested in Information Security in the Munster region (primarily Cork). Regardless of whether you identify yourself as an InfoSec Professional, a Hacker, a Researcher, a Student or just someone with an interest in breaking things to see how they work / stopping people breaking things to see how they work – all are welcome, and please invite your like-minded friends. Joining any meetup for the first time can off course be daunting, so have a look below at the “Joining for the first time section”
CorkSec is modeled on the idea of a DefCon Group – In fact its got an official Defcon Group code of DC35321. The ideas behind a Defcon Group embodied a lot of what we want to achieve with CorkSec:
– Meetings are open to anyone, regardless of their skill, age, job, gender, etc
– Meetings are designed to help you learn new things, meet new people, mentor others in areas you may be strong in, and provide some cohesion within the security/hacker culture and it’s members
– Each meeting will have 1-2 technical talks given by local members of the Cork security/hacker community with occasional guest speakers . You can see past talks on the Wiki section of http://CorkSec.com
In particular we’d like to draw attention to Defcon FAQs answer for “Is this a Hacker Meeting?”:
No, this is something better. Anything with the “hacker” label on it tends attract only one kind of person. This meeting is designed to attract not only hackers but members of the InfoSec community and people who want to learn more about InfoSec but do not consider themselves hackers. The purpose here is to interact with people who may have different backgrounds but share the same passion for technology. Many security people feel that hackers are nothing but trouble and many hackers feel that security people are clueless. Those generalizations are often made in error and we’d like to bring all techno-dweebs back under a single umbrella.
Lastly – be sure to subscribe to emails from the group. There is maybe 1 a week max, but we also share out info of new Security roles or events in the Munster region. You can also contact us on email@example.com