Software Defined Networking / Attacker Defined Networking

In this session, the topic of Software Defined Networking (SDN) will be explored from a security perspective.  What SDN means today will be covered, using a lab setup using an OpenDaylight controller with networking gear from multiple vendors.  Openflow, Netconf and Yang protocols will all be discussed, explored and exploited! Security and reliability issues that […]

Read more

The Internet of Bad Things and Securing the Software Defined Data Center

This last minute session has no available abstract.

Read more

The State of Software Security

According to Verizon’s 2015 Data Breach Investigations Report, one of the leading causes of data breaches over the past two years has been vulnerable applications. Yet, analytics collected by Veracode from more than 200,000 application risk assessments over the last 18 months found a wide disparity in how the problem is addressed across industries. In […]

Read more

What does it take to deliver the most technologically advanced Games ever?

This talk will discuss how the team prepared for the largest sporting event held in Canada, the TORONTO 2015 Pan Am / Parapan Am Games. The session will include how we created a Cyber Security Group, staff scheduling, contingency planning, and communications. I will also discuss how we managed the day to day security operations, offer a recap […]

Read more

Changing the Game of Threat Hunting

Cybercrime makes victims of all who are targeted. In today’s thriving hyper-connected, global marketplace threat actors ruthlessly find IT gateways and disconnected system-doorways to crawl through, rendering enterprises sitting ducks looking over their shoulder and bracing for an inevitable attack. Well, what if you could flip the script? What if your enterprise could hunt for […]

Read more

SIEM and the Art of Log Management

Every business needs to monitor their systems. As a combined view of all network activity, a SIEM can be a powerful tool when managed properly. However, deciding whether to manage network security in-house or off-loading your data to a third party can be a difficult decision. Discover the costs and benefits of in-house vs third-party […]

Read more

Making & Breaking Machine Learning Anomaly Detectors in Real Life

Machine learning-based (ML) techniques for network intrusion detection have gained notable traction in the web security industry over the past decade. Some Intrusion Detection Systems (IDS) successfully used these techniques to detect and deflect network intrusions before they could cause significant harm to network services. Simply put, IDS systems construct a signature model of how […]

Read more

Business Backed CVEs – The Major Vulnerabilities of the Past Year

The past twelve months have seen an unprecedented number of vulnerabilities that strike at the core of the technologies that run our networks. This session will provide detailed demos of each of the major vulnerabilities released this year and discuss the impact for organizations. Attendees will hear from Brad Antoniewicz, Head of Research & Development […]

Read more

Agile Incident Management – Bringing the “Win” Back to Data and Privacy Breach Responses

Presently, managers and technical staff rely on a traditional reactive incident response process that starts when a security breach is identified – it allows the attacker to “seize the initiative”. DigitalDefence will present the Agile Incident Management (AIM) methodology, which stresses proactive planning in combination with a rapid and effective response to an attack. Using Canadian-specific […]

Read more

Browser and Environment Hardening

In today’s threat landscape, many corporate users are being compromised by exploit kits and phishing campaigns. These offensive techniques are successful because they target outdated software and unsuspecting users. There are tools and configuration options to help prevent the execution of malicious binaries, the exploitation of web browsers, and the third party applications that are […]

Read more

Advanced Threat Analytics: Adapt as Fast as Your Enemies

Today, the topic of cyber-security has moved from IT and the datacenter to the highest levels of the boardroom. Attacks and threats have grown substantially more sophisticated in frequency and severity. Attackers reside within a network an average of eight months before they are even detected. In the vast majority of attacks, they compromise user […]

Read more

Building an Effective Vulnerability & Remediation Management Program

Vulnerability scanning is like flossing, some do it regularly, some only when they have an issue or having their annual checkup, and some not at all. The challenge is that like bacteria the bad guys don’t sit back and wait for you to get around to it, and like teeth your IT systems are never […]

Read more

Peeling The Layers Of Vawtrak

Vawtrak, also called NeverQuest, is a banking malware that targets banks and other financial institutions all over the world. It is a sophisticated malware that challenges the likes of Zeus and other malevolent trojans. Vawtrak has been seen to bypass 2FA, captured video and screenshots, and also form part of a big botnet infrastructure. Vawtrak is a […]

Read more

2015 State of Vulnerability Exploits

More than 7000 new and unique vulnerabilities will be disclosed this year. CSOs, CISOs and security professionals in IT are expected to keep their organizations safe not only from these new flaws but also from a ton of older security issues. An effective way to prioritize and mitigate the most relevant issues is by analyzing […]

Read more

CISO Survival Guide: How to thrive in the C-Suite and Boardroom

The CISO lives with a target on his/her back, usually lasts a mere 12-18 months and takes the fall for security issues often out of their control. Yet, this is a strategic, C-level position and essential to the success of any organization. The disconnect lies in the CISO being able to elevate their worth with their […]

Read more

Breaking and Fixing Python Applications

As the popularity of the Python programming language increases and consolidates its position as one of the most popular languages of its genre, only a few attempts have been made to assess how resistant it may be to attacks. We will review and test with practical examples some of the most common attack and defense mechanisms, by […]

Read more

One Ring to Rule Them All – Hardware isolation and the future of virtualization security

The ring architecture of modern CPUs arose from the need to protect the OS kernel from malicious or buggy applications.  Unfortunately today’s OSes use only two of the four rings of the x86 architecture – and today’s security challenges are the result.  The complexity and large attack surface of a modern OS, together with trends […]

Read more

Malware Activity in Mobile Networks – An Insider View

Mobile devices are becoming the target of choice for cybercriminals. This presentation will provide an in-depth view of the mobile malware that is currently active on the Internet. It will describe the infection rates, what the malware does, how it is monetized and the impact it has on network resources and the user experience. The […]

Read more

Stealthier Attacks and Smarter Defending with TLS Fingerprinting

Ever been busted because your man in the middle software (which does TLS properly) alerted someone to your bad certificate?  No more! Want to detect certain types of connections leaving your network, but can’t keep the IP blacklist up to date?  This could be the answer. This talk includes an introduction to both TLS and […]

Read more

There’s no such thing as a coincidence – Discovering Novel Cyber Threats

Jim will provide an in-depth background of the changing cyber threat landscape, with specific focus on recent incidents including the cyber attack on Sony Pictures Entertainment, the massive data breach at Anthem Healthcare, and the compromise at the US Office of Personnel Management of nearly every US government employees’ personal information. Jim will share his […]

Read more

Advanced Threats: Eliminating the Blind Spot

Unfortunately, it’s a foregone conclusion that no organization is 100% safe from a breach. With 49% of security leaders believing zero day attacks against their network will be the most prevalent over the next three years and 65% saying attacks have evaded current preventative security controls, it’s all about mitigating risk and the potential impact […]

Read more

The Effective Use of Cyber Ranges for Application Performance and Security Resilience – Train Like You Fight!

Organizations worldwide face a dangerous shortage of Cyber Warriors with the skills required to defend against cyber terrorism. This urgent situation is made worse by the weaknesses and vulnerabilities that continue to pervade critical IT infrastructures – despite billions of dollars invested in cyber security measures. Answering these problems requires Internet-scale simulation environments, along with […]

Read more

Automation is your Friend: Embracing SkyNet to Scale Cloud Security

Most network and security operations people hate automation. They like to press buttons themselves and maintain “control” of the processes. Cloud computing is going to be very disruptive as they realize their time tested processes go the way of the dodo bird. What they don’t realize is that the cloud actually increases the control they […]

Read more

Mobile Fail: Cracking Open “Secure” Android Containers

We’ve known for some time that physical access to a device means game over. In response, we’ve begun to rely more and more on “secure” container applications to keep our private and company data secured. Whether you use LastPass to secure your passwords, or GOOD for Enterprise to make sure your company emails are locked […]

Read more

OS Legacy Systems

Legacy operating systems in an unsecure world. Many organizations are still running applications on legacy operating systems for one reason or another. Be it their applications do not run on newer operating systems or hardware or simply a matter of cost. In April 2014 Microsoft stopped patch support for Windows XP and in July 2015 […]

Read more

Elevator Hacking: From the Pit to the Penthouse

Throughout the history of hacker culture, elevators have played a key role.  From the mystique of students at MIT taking late-night rides upon car tops (don’t do that, please!) to the work of modern pen testers who use elevators to bypass building security systems (it’s easier than you think!) these devices are often misunderstood and […]

Read more

Phishers are Boring Party Guests: The Value of Analyzing Stale, Recycled Phishing Content

As security organizations have come to value the impact of programs designed to change employee behavior, we have continued to largely ignore the humanity of the attacker. In this presentation Aaron Higbee will examine how the attackers are obsessively focused on the technology involved in phishing attacks, but are lacking some of the human skills […]

Read more

Introducing Recog, an open source project utilizing Sonar data for asset and service identification

Project Sonar is a community effort to improve security through the active analysis of public networks. This includes running scans across public internet-facing systems, organizing the results, and sharing the data with the information security community. This talk will detail Project Recog, a derivative of project Sonar which normalizes and open sources service fingerprinting information […]

Read more

Play Flappy Bird while you pentest Android in style

Doesn’t it bother you that you have to give up all your mobility when penetration testing Android applications and spend the majority of your time sitting in front of another device that has a running proxy? That will now be history. In this talk we will present a fully interactive proxy that runs as an […]

Read more

SilverBlight

The web continues to be a constant threat for most users. The security industry has become very good at detecting Java, Flash, and PDF exploits over the last few years, now attackers are seeking new vectors. In this talk we will examine the growing trend in Silverlight exploitation Talos has observed over the last several […]

Read more

Getting Into Mobile Without Getting Into Trouble, A Guide for the Stodgy Old Enterprise

Mobile platforms have taken the world by storm. Smart phones and tablets, connected watches, thermostats, light fixtures and alarm systems, connected cars, even remote control drones – whether it’s our clients, customers, or employees – everyone’s got them. And they are going to use them. What this means for those of us who work in […]

Read more

The Latest Changes to SAP Security Landscape

The world of SAP deployments continues to evolve and certainly one of the big additions is the deployment of SAP HANA. This talk will review the current SAP security landscape, what attacks are currently prevalent and which ones are possible.  The talk will then take a deeper look specifically at HANA as a rich target […]

Read more

How Scalar is Providing Information Security Services to the TO2015 Pan Am and Parapan American Games

Scalar Decisions was recently awarded the bid to become the Official Supplier of Information Security to the TO2015 Pan Am and Parapan American Games. Scalar is responsible for providing security services, data centre integration and managed storage services. This extensive project has taken place within a very limited time span, and for a very fluid […]

Read more

FAIL Panel Again! Third time’s the charm

The ugly bastard child of the ugly bastard child of FAIL Panel, in its 3rd year running, a discussion on the cybers and other general observations on infosec. We’ll disagree, agree, talk over each other, ramble until cut-off, throw things, contradict each other (and ourselves), have no clue what Jamie is asking us and generally […]

Read more

Anatomy of a Credit Card Stealing POS Malware

Credit card payment processing and point-of-sale (POS) systems are like a black box for most people without knowledge of its internal working. Recent data breaches of thousands of credit cards have shown that determined attackers have mastered ways to steal old fashioned magnetic stripe cards and are now targeting EMV card data (chip-and-PIN, chip-and-signature, chip-and-choice).  […]

Read more

Unmasking Careto through Memory Analysis

In early 2014 Kaspersky Labs reported on an extremely advanced malware sample that was used in a sophisticated espionage campaign (http://bit.ly/1bl4L0e). As with many samples seen in these types of campaigns (Stuxnet, Duqu, etc.), Careto went undetected for a long period of time, even on systems with updated AV and HIPs products installed. In this […]

Read more

Corporation in The Middle

My ISP was deliberately MiTM’d my connection.  This talk discusses how they did it, how I detected what they did and what this means.  This talk covers what I learnt over three months of analysis focusing on the technology involved both on the ISP side and my own. I cover in detail how I went […]

Read more

Demystifying the mobile network

We all have smart phones in our pockets these days allowing high speed network access just about anywhere. But few of us consider what is between the phone+tower and the Internet.  There is a magical jungle called the Evolved Packet Core (EPC) which is full of byzantine, arcane, and strange acronyms full of juicy attack […]

Read more

POS Malware Evolved

Over the past decade, point of sale (PoS) systems have been plagued by both attacks and targeted malware. During this time, we’ve seen a dramatic shift by this targeted malware in both the techniques used and the capabilities it has. This talk will discuss the shifts the security and research community has witnessed by PoS […]

Read more

Predictions Panel

Ever wonder what the next big information security threat will be? So do we… and let’s face it, if we knew for certain, we would be keeping quiet and likely very rich. However, this panel session brings together a group with their collective finger on the pulse of information security in Canada and beyond, who […]

Read more

Casting Light on a Dark Web

We cannot afford to wait for the adversary to make their move first, nor can we hide from them. To better understand,  we will spotlight the popular attack techniques of 2014 – including vulnerable attack avenues, darknets and botnets. The most active and proven attack techniques of 2014 will be examined, derived from Fortinet threat […]

Read more

What’s Behind “Big Data” and “Behavioral Analytics”

“Big Data” and “Behavioral Analytics” are the latest hot terms in threat detection, but what do they mean and how do they work when applied to security? This presentation will uncover the math behind behavioral analytics explaining the principles and mathematics that make accurate threat detection based on anomalous behavior possible.  It will explain why […]

Read more

Scaling Security in Agile Scrum

Agile Scrum is here to stay, and security teams aren’t adapting quickly enough. “Best-practice” Agile SDL models aren’t very helpful because they assume a simplified, idealized model of how software is built. In the real world, software development often involves multiple Scrum teams working on various components of a larger product. As a result, application […]

Read more

How’d That End Up On Pastebin?

Defenders are at a huge disadvantage, often investigating compromise with educated guesses based on theoretical knowledge of kill chains, anomaly detection, and IOCs. Experience adds the benefit of recognizing what has been done before, but few blue team members understand how attacks work and how attackers move or escalate during attacks. This talk will explore […]

Read more

Asymmetry in Network Attack and Defense

William will dive in to the fundamental tools and resources needed by network attackers and defenders and look at basic adversary methodology and scaling effects in network attack and defense. After laying this foundation, he will dive deeper into asymmetrical advantages for defenders and how to implement them in your network from an architecture and […]

Read more

Re-Thinking Security Operations

Do your security solutions deliver effective coverage against the challenging new threat environment?  The threat environment has grown to be a too large a problem with protection infrastructures too narrow a solution to cover every possible attack in every circumstance.  Progressive (and costly) concepts like situation awareness, globally integrated intelligence and access to advanced tools […]

Read more

The Internet of Fails: Where IoT Has Gone Wrong and How We’re Making It Right

This presentation will dive into research, outcomes, and recommendations regarding information security for the “Internet of Things”. Mark and Zach will discuss IoT security failures both from their own research as well as the work of people they admire. Attendees are invited to laugh/cringe at concerning examples of improper access control, a complete lack of […]

Read more

CYDBA: Protecting Your Applications’ Rear End

Businesses have a long way to go in protecting their applications but even farther to go in securing those applications’ rear end—databases. While insecure applications provide a conduit for attack, the confidential data sought by thieves resides in the database. To illustrate why databases deserve the same security scrutiny as their more visible application front […]

Read more

Attrition Forensics, Digital Forensics For When the Going Gets Tough and the Stakes Are High

Investigating a suspected computer compromise or intrusion can be difficult.  In a sense, that is by design.  Malicious actors can go to great lengths to hide their activities and tools.   Attrition Forensics attempts to outline how to investigate a compromise or intrusion involving modern Windows systems when the attacker is particularly good and the investigation […]

Read more

Covering my IaaS: Security and Extending the Datacenter

It might still be “early days”, but cloud based infrastructure-as-a-service (IaaS) offerings are maturing fast and becoming financially compelling.  If you haven’t started to look at these services, you’ll need to sooner than later.  Of course, extending your datacenter outside of your datacenter has just a couple of security implications (that was sarcasm). This talk […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required