We have two confirmed talks for our 28th June meeting.

1st Talk

Token Based Authentication for eCommerce Application Architecture


Tom Keetch (@tkeetch)


Using authentication token technologies such as SAML, JWT or node.js Iron can have significant benefits for the scalability and flexibility of web applications - especially for the implementation of Single Sign On (SSO) across multiple websites, or as part of a micro-services architecture. But there are also significant design decisions and trade-offs to be made. This talk will discuss when authentication tokens can be useful, design considerations for implementers , what to look for as an attacker and how those bugs could be exploited.

A previous talk from Glyn Wintle from the February DC4420 focussed on SAML, whereas this talk will go into more detail about JWT and Iron for node.js.

Speaker Bio:

Tom is the Head of Application Security for the Yoox Net-A-Porter Group (ynap.com) and is interested in Security Architecture, Design and applied cryptography. His previous talk at DC4420 was about NFC security for mobile devices in June 2014.

2nd Talk

JAKU - Anatomy of a Botnet Campaign


Andy Settle (@iC3N1)


JAKU is an investigation into a global botnet campaign with many thousands of victim computers.

JAKU demonstrates the collection of victims into resilient groupings as well as grouping some victims into a much smaller but highly targeted set with apparent connections with North Korea. In effect, the en-masse herding victims while conducting highly targeted attacks on specific victims through the execution of concurrent operations with common TTPs.

It will take you through the journey of discovery, the twists and turns of an investigation and some general observations.