Thursday, December 10, 2020

Looking back on 2019 and 2020…

Every year we look back on the previous year and reflect on what happened, our achievements, lessons learnt etc. However, last year this fell through i.e. we did not look back on 2019 which is just as well given what happened / is happening in 2020 or maybe this is some version of the butterfly effect  Ƹ̵̡Ӝ̵̨̄Ʒ (∩╹□╹∩)

Okay okay we are being a bit dramatic here but it is 2020 and anything is possible, besides our newly acquired l33t ASCII art one liners ᕕ(⌐■_■)ᕗ, here are some of the highlights over the last 2 years.

Internships / Bootcamps

We ran two successful internships / bootcamps, this is an important part of our strategy to contribute towards developing / nurturing local information skills in South Africa.  For additional information on the two bootcamps that we ran in the past two years, refer to:

From the bootcamps we ran, we ended up hiring 5 new staff members that joined our team and are now on their way to achieving great things both at Telspace and in the community (watch this space).  

Those that did not make it with us, in most of the cases, ended up finding jobs at other info sec companies and / or corporates which is the exact reason we started the bootcamp, to filter more people in to the industry as a whole, not just specifically at Telspace. We also assisted those that could not find anywhere to be placed, by sending their CVs to some of our customers and / or other competitors. Below are some pictures of the bootcamp: 

2020 Bootcamp


2019 Bootcamp

Talks and Research


Over the last two years we have given a number of talks and facilitated training both locally and internationally, below are some of the highlights:

Training - Hack to Basics - x86 Windows Based Buffer Overflows, an introduction to buffer overflows


We gave this training at both DEF CON 1.0 China and DEF CON 27 - Vegas in 2019, it was presented by Dino and Manny, it was really great to meet up with all our friends at DEF CON and make new friends, hopefully in 2021 we will all be able to meet up again!


Undercover hackers on their way to DEFCON China (no black hoody = no hacking going on here)

Epic artwork, epic venue! #HackerVibes


The actual venue where we were presenting but we totally missed the entrance and went on an adventure, thank goodness for Grifter!


Our names in lights O_O


A full house for all our classes with great interactions and learning!



Party time, and man was it a party x_X





Thanks to all the trainers, organisers, volunteers and everyone that made DEFCON China 1.0 possible <3

Training – Ethical Hacking 101

Right after China we were off to sunny Tel Aviv in Israel for BSides Tel Aviv where we were sponsors and also, gave our ethical hacking 101 training course.  The local Israel hacking community are really awesome and a 100% of the proceeds of our training course were given back to be used by the local BSides TLV community. 

Some cool art work on Aviv Beach


Raul (left) and Manny (right), ready to present to the community


Packed house for the kick off of BSides TLV 2019


Aaaaaaaaaaaaaaaaaaaand guess where we are now, VEGAAAAAAS!




Here we gave our Hack to Basics training for our DEF CON workshop, got to catch up with old friends, make new friends, nothing else like DEF CON Vegas!

 Students from one of our classes (the ones that wanted to be in the picture that is!).

#TheBadgeLife – we got to have them all (or at least some!).

 

Back to the Motherland

Telspace has always been very close to the local (South African) infosec community and we believe in giving back. In line with this, we started / established the DC2711 group in South Africa and had our first conference last year on the 5th of October 2019. The conference was completely FREE to attend (for the community) and allowed various international and local researchers to share their research, for a full list of who spoke, refer to https://www.dc2711.co.za/dc2711_Presentations.html. Attendees also got swag packs full of DC2711 goodies.

Jayson Street handing Dino the official DEF CON flag for the DC2711 Group

The official DC2711 sticker but more importantly, a coffeeeeee voucher :D

DC2711 Badges

Some official swag :D

Dino and Manny with their fun faces on :P


#DuckArmyInvasion


The core GOON team for DC2711 – thank you again!



We were also Gold Sponsors of BSides Cape Town 2019 and Amy’s talk was also accepted (this talk was first completed at DC2711)!

On our way to BSides Cape Town!!!!!


Amy Manià giving her talk “Put words in my mouth” although we all know it as the “deep throat” talk.

Amy’s talk is accessible online at https://www.youtube.com/watch?v=4R-g90lplco

Research / Dropping them 0days

In 2019 and 2020 we discovered and reported on a number of vulnerabilities, some of the main ones being:

We also released a tool called Travesty, which is a directory and file enumeration tool (post exploitation). This can be downloaded at https://github.com/telspacesystems/travesty .

For additional information on these and others we released / published this year refer to https://blog.telspace.co.za/ 

During DEF CON Safe Mode (DC28) Greg, Amy and Derek presented at the “War Story Bunker” event (Friday 7th August 2020), which was a pentesting story that caused a lot of big laughs and surprised faces – unfortunately these are not recorded for various reasons, but more information about DC28 can be found at https://www.defcon.org/html/defcon-safemode/dc-safemode-schedule.html .

Amy Mania also represented Telspace during a Woven Experiences podcast with Melissa Monnig, the interview can be listened to on Spotify at:

Throughout the year we also participated in other local and international conferences, round table events and provided comments on news stories in the media.


Last but not least, our CEO and Founder (Dino Covotsos) is officially part of the DEF CON Review board (Talks and Workshops). This is a great achievement, in particular, representing South Africa at such an international level.  More information can be found at: https://www.defcon.org/html/defcon-27/dc-27-cfp-review-board.html  
In closing, we would like to thank everyone who made our 2019/2020 so amazing, a huge thank you to our staff, clients, employees, friends and most importantly the local and international Information Security community.   
We wish you all the best and a prosperous year for 2021.