Join us for an evening of fun at this month’s hack::soho taking place 31 October, 6pm – 9pm GMT, set up to be a loose networking environment where cyber security professionals can chat, get some complimentary food & drink, and discuss rising global trends. This month’s hack::soho will feature a talk, ‘Lost in Translation: Challenges of Internationalisation,’ from Colin Cassidy, IOActive Principal Security Consultant. The abstract of the talk is below!
hack::soho is a monthly event hosted at our London, UK office for the cybersecurity and hacking community to discuss all things security over food and refreshments. We welcome you to invite others in your circle to extend our collective network.
We hope you can join us,
IOActive team
ABSTRACT
Come and see Thrilling Terrors from Turkey, Magnificent Mongolian Monsters AND more dogs that YOU can possibly count.
This talk is an archaeological treasure hunt and collection of issues found whilst delving into obscure parts of internationalisation and Unicode. We will explore interesting characters, numbers, and language rules that take internationalisation attack move beyond traditional homoglyph attacks used as part of social engineering attacks.
A number of interesting and unusual input validation attacks, filtering bypass techniques that are available when we think beyond ASCII.
We will also cover a interesting supply chain attack, and method of hiding malicious source code within innocent looking code, and how this code can be deployed globally in a manner making it very difficult to identify
The learned audience may use this new-found knowledge to identify new and interesting attack vectors, finding themselves thinking “I remember that presentation where that bloke went on about the Mongolian vowel separators, I think I might be able to use that here!”


