How I Learned to Stop Worrying and Love the Cloud

An overview of the risks and mitigations encountered in planning the outsourcing of the United States Mint’s $700 Million a year numismatic ecommerce site. The presentation focuses on how to assess your cloud vendor and specific information and access to request to make sure your data is secure. Many of the mitigations discussed in the […]

Read more

DNSSEC: Securing the DNS and beyond

DNSSEC was designed to protect the Domain Name System from an ever increasing stream of DNS spoofing attacks and (non-)malicious DNS rewriting schemes. But from the start, many intended to use this new distributed and digitally signed database for other purposes as well. DNSSEC can already be used to secure large scale TLS, SSH and […]

Read more

Conquer the Beast – How to Effectively Manage Open-source Intelligence Outbursts

Open-source Intelligence has picked up quite a hype lately and everyone talks about its importance within a security program to protect organizations against present and emerging threats. With the advent of social media, monitoring all these sources has become even a bigger challenge. Despite its importance, no one has provided specific guidance on how exactly […]

Read more

Inside the Blackhole Exploit Kit (BHEK)

One of the most successful drive-by attack toolkits available to cyber criminals, Black Hole is dominating the criminal marketplace. In this talk, we will explore how the exploit kit is sold, kit features, how attackers are using it to ensnare victims and the speed with which new vulnerabilities are being exploited. Techniques for defending against […]

Read more

Introducing ‘Android Security Evaluation Framework’ ASEF

Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is exposed. Is there really a […]

Read more

Hadoop Forensics, Tackling the elephant in the room

Unless you’ve been living under a rock you’ve heard that Hadoop is regarded as the miracle solution for the big data needs of business. It is not uncommon for Hadoop clusters to store and process terabytes of sensitive information. Hadoop’s enormous data stores and inherit security issues make it the perfect storm of risk for […]

Read more

Targeted Malware Attacks – Sophisticated Criminals or Babytown Frolics?

Over the past year, Trustwave’s SpiderLabs malware team has been continually reminded why we love our jobs – we get to play with malware. But not just any malware, no, we get to reverse engineer and analyze malware from targeted incident response cases. This opportunity allows us to see what criminals are doing at a […]

Read more

Hunting Carders for fun and profit

“Hunting Carders for fun and profit” describes the rise in E-commerce breaches over the last year. The talk touches on the reasons cardholder data is so valuable on the black market, the three most common attack vectors, examples of malware discovered during actual investigations, the wrong way to encrypt databases and examples of how several […]

Read more

Hey, I just middled you, and this is crazy

But, here’s your password. Reset it, maybe? Everyone thinks they know about the Man in the Middle. Most places think as long as they have SSL, they’re immune. Attackers know better. We’ll demonstrate implications of Man in the Middle vulnerability that go beyond the 101. We’ll show how layer 2 weaknesses can be turned into […]

Read more

Engineering the Social Animal

This presentation was designed to provide a glimpse into the curious world of Social Engineering, and it’s serious impact being felt within businesses and homes around the world. Robert helps to shed light on many of the low tech techniques successfully being used defeat today’s highest-tech security solutions. With a focus on the human elements […]

Read more

Cybercrime in Canada: a Law Enforcement Perspective

This session will highlight the link and differences between security efforts and criminal interdiction. Cybercrime continues to be a significant concern to industry and the public in Canada. This session will highlight some of the important activities now underway to address this criminal threat. Attendees will become aware of crime trends and priority threats. Industry […]

Read more

With new technologies come new vulnerabilities

HTML5 introduces significant changes for today’s websites: new and updated tags, new functionality, better error handling and improved Document Object Model (DOM). However, the HTML5 new features come with new (application) security vulnerabilities. This session will review the new attack vectors, associated risks and what a needs to be taken into consideration when implementing HTML5.

Read more

Physical Security In Context

Many security professionals think of locks as curiosities or puzzles, and are well acquainted with the idea that “locks keep honest people honest.” However, physical security has a rich history and our modern relationship to locks is very different than it was even a hundred years ago. In this talk we’ll put modern physical security […]

Read more

Threat Attribution via DNS

Despite the complexities of modern malware and the stealthiness of targeted infiltrations, the remote command and control of victim devices is heavily dependent upon a clear-text protocol. Using new techniques in the big data analysis of streaming DNS traffic and the application of innovative machine learning systems, it is possible to automatically identify domain names […]

Read more

Poortego: An OS-INT correlation tool for the 99%

Aggregating and correlating open-source intelligence (OS-INT) is an important aspect of both attack and defense. When on the offensive, OS-INT provides critical reconnaissance information. Whether sucking down data from corporate directories, gathering information from social networking sites, or combing Pastebin for stolen credentials, the relationships among associated data sets paint a critical picture highlighting potential […]

Read more

The Benefit of a “Research-Driven” IT Security Partner, especially in this day of Modern Malware

As the trusted security advisor to 65 of the Fortune 100, Accuvant is in a unique position to understand the current and emerging security challenges of these organizations. Many of these organizations over the past couple of years have been struggling with the challenges of “Modern Malware”, “Mobile Device Management and Security” and how to […]

Read more

Mobile Security: Protecting your Corporate Smartphones from Malware & Targeted Attacks

Malware and targeted attacks are an extremely serious threat to the security of SMBs and large enterprises. Targeted attacks generally follow predefined strategies and one of the possible vectors is to attack via a mobile device. A successful targeted attack can seriously damage a company’s intellectual property, confidential information and reputation. Attendees will learn about […]

Read more

BlackHat to Black Suit

You want it all. But you’re scared. You don’t want to put on a suit and watch your soul shrivel. There is another way. In this session, you will learn: – why you want to do this to yourself – how to get the first job (which will suck) – how to turn the first […]

Read more

The More Things Change: The vulnerabilities that time forgot

The more things change the more they stay the same. There have been numerous advances in the security field over the last 15 years yet many corporate networks are still plagued with the same vulnerabilities they were over a decade ago. If a hacker from the late 1990’s had a time machine, how successful would […]

Read more

Best Practices on building and operationalizing Microsoft SCOM for health and performance monitoring.

Many organizations face common challenges of fully leveraging their Enterprise Monitoring tool to give a holistic and cross-sectional view of the health and performance of core infrastructure and distributed applications. This presentation provides its audience a greater understanding of how to operationalize Microsoft’s System Center Operations Manager (SCOM 2007 or 2012) based on the key […]

Read more

Differences between SOA/XML Gateway and a Web Application Firewall

The Digital Revolution is enabling business to provide their customers with new, innovative products and services, thus exposing corporate networks and data to greater risks from cyber threats. These threats are increasingly sophisticated. Existing firewall strategies combined with old fashioned mentality are no longer are able to offer business the security and protection they need. […]

Read more

Network forensics – the orphan child of cyber investigations

Most computer forensic examinations focus on system forensics – live system and memory data, and the data remaining on storage devices. These investigations neglect the significant amount of network data (moving packets, event logs, and specialized tools such as honeypots). During this session, you will learn proactive and post-response techniques for collecting and analyzing network […]

Read more

Hacking .NET Applications: The Black Arts (v2)

This talk will focus on attacking .NET Desktop Applications(EXE/DLL/Live Memory) Both WhiteHat and BlackHat hacking will be shown on common security concerns such as intellectual property protection systems and licensing systems. This presentation will have a New Drop of forensic info on what can be accessed about a .NET application, with basic info targeted at […]

Read more

ACTing Out – Automated Compliance Testing

Dave Millier from Sentry Metrics will discuss the challenges facing many organizations around “audit fatigue”, and talk about various methods of automating the collection, reporting and validation of overall compliance for organizations. The talk will focus not only on regulatory compliance, but also drill into more mundane testing and validation, and look at measuring against […]

Read more

Hitting Above The Security Mendoza Line

A few years ago Alex Hutton coined the term Security Mendoza Line. It was in reference to Mario Mendoza the baseball player often used as a baseline for how well a player must hit in order to stay in the major leagues and not be demoted. Keeping up with the attacks automated within Metasploit can […]

Read more

Sniper Forensics: Reloaded

The more things change, the more they stay the same. The first volley of Sniper Forensics presentations focused on single system forensic methodology, data acquisition, interpretation, and ultimately the identification of the Indicators of Compromise found in a breach. In this round, Sniper Forensics takes aim at the world of Incident Response with the same […]

Read more

Sploitego – Maltego’s (Local) Partner in Crime

Have you ever wished for the power of Maltego when performing internal assessments? Ever hoped to map the internal network within seconds? Or that Maltego had a tad more aggression? Sploitego is the answer. In the presentation we’ll show how we’ve carefully crafted several local transforms that gives Maltego the ooomph to operate nicely within […]

Read more

CyberCrime Investigator: Forensic Use of HP ArcSight ESM

This session explores the concept of network forensic investigations using HP ArcSight ESM, and how security analysts can use it to assist HR or law enforcement with network interception to gather evidence that must preserve chain-of-custody. With the challenges of cloud-based computing and mobile devices, the need for well-defined workflow and the use of industry-accepted […]

Read more

Exposing Enterprise Services to Mobile Platforms

The kinds of web services developed and deployed to support Service Orientation over the first decade of the new millennium are not compatible with the applications being developed for mobile devices. In this talk, you will learn about the “Web APIs” favored by mobile developers, how they differ from the Web Services deployed in SOAs, […]

Read more

Controlling BYOD before it Becomes Your Own Demise

Mobile security is the hottest topic for senior security professionals as organizations struggle with how to support smartphones and other consumer-grade devices connecting to the network. This session will present a process to evaluate the risk of these devices, define appropriate policies, and control the use of these devices. We’ll also discuss (at a high […]

Read more

Pwned in 60 Seconds – From Network Guest to Windows Domain Admin

Zack Fasel brings a New Tool along with New methods to obtain Windows Integrated Authentication network requests and perform NTLM relaying both internally and externally. The Goal? Start off as a nobody and get domain admin (or sensitive data/access) in 60 seconds or less on a fully patched and typically secured windows environment. The Grand […]

Read more

Mapping The Penetration Tester’s Mind – An introduction to a pentester’s approach to security audits

“Mapping The Penetration Tester’s Mind” will present tools, methodologies, standards, and frameworks that are used during an active security engagement. This will give the attendees a broad understanding of how a penetration tester locates and determines what is a target, how vulnerabilities are located, what a penetration tester does to actively gain access, and how […]

Read more

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests brings the SecTor audience the most massive collection of weird, downright bizarre, freaky, and altogether unlikely hacks ever seen in the wild. This talk will focus on those complex hacks found in real environments – some in very high end and important systems, […]

Read more

Malware FreakShow

Well, there’s malware on the interwebs. They’re pwning all your systems, snatching your data up. So hide your cards, hide your docs, and hide your phone, ’cause they’re pwning er’body out there! This may be the 3rd and final installment of the Malware Freak Show series, so we’re pulling out all the stops. This year […]

Read more

Everything You Need to Know about Cloud Security (and then some)

Everyone is fired up about the cloud. Per usual, that means most businesses are rushing headlong into the abyss with nary a concern of security or risk management. Yeah, we all know how this ends. And most practitioners don’t even know what they don’t know at this point. Mike will provide the unvarnished truth about […]

Read more

Bust a Cap in an Android App

This talk will introduce the audience to the nuts and bolts of Android hacking. Patrick and Veytsman will demonstrate how to take apart an Android application and hunt for vulnerabilities. Topics covered include hunting for goodies in files stored on the device, reverse engineering applications, identifying broken crypto implementations and using remote debugging to execute […]

Read more

Wireless Hacking Techniques and Tips

Wireless technology is exploding in popularity. Businesses are not only migrating to wireless networking, they are steadily integrating wireless technology and associated components into their wired infrastructure. The demand for wireless access to LANs is fueled by the growth of mobile computing devices and a desire by users for continual connections to the network without […]

Read more

Anatomy of a Data Breach: Exploring the Current Threat Landscape

IT Security Professionals have more threats to deal with today than at any previous point in history; and it is only going to get worse. There is more malware, more threats (spam, botnets, etc.) and more potential areas of risk as we expand our need to collaborate either socially or for business efficiency to achieve […]

Read more

HTTP Header Hunter – Looking for malicious behavior into your http header traffic

Most malware uses HTTP/HTTPS to call home or install other parts of a malicious action. Since thousands and thousands of samples appear daily, it is almost impossible to create signatures to dectect all malicious activities. Based on this problem, we started to analyze common headers and behaviors for malicious connections based on Spiderlabs research analysis […]

Read more

Near Field Communications (NFC) mobile security for those with No F’ing Clue

As Near Field Communications (NFC) is integrated into our daily lives more and more (credit/debit cards and mobile payments, transit systems, ticketing systems), application developers should understand the risks of implementing NFC in mobile applications. This talk covers several current and proposed NFC implementations with case studies including attacks and mitigations, as well as the […]

Read more

Cybersecurity, the Law, and You

This talk will cover how new US legislation and regulations are going to affect cyber security in the coming months. It will discuss, among other things, the new cresit card security specification, PCI DSS 2.0, the US Governments “Cyber 3” initiative, and cybersecurity legislation in front of the US Congress. It will also cover new […]

Read more

It’s Not About the “Warm Fuzzy” – How to Plan for a Comprehensive Penetration Exercise

It’s time for your annual, mandated penetration test. It may not be accurate, but who cares? You passed! Your boss has a “warm fuzzy”! But where is the business value in testing the perimeter if the perimeter is not the target? It’s time we stopped kidding ourselves and started looking at testing that actually does […]

Read more

Targeted and Opportunistic Botnet Building

There’s a general myth that botnet operators are opportunistic in their building strategy. In some older and sloppier cases they are but things have moved on. The ecosystem that supports botnet building is increasingly indistinguishable from legitimate Internet businesses – countless shades of gray – and most aspects of that business are well planned and […]

Read more

Detecting The Insider Threat – Finding The Needle in Stack of Needles

A recent IDC survey found that 52% of insider threats were perceived as accidental and 19% thought to be deliberate. Although 82% of CxOs said they did not know if incidents were deliberate or not, 62% were unclear of the source of their company’s insider risk and could not accurately pinpoint or quantify the nature […]

Read more

Disc Detainer Locks

This talk will explain disc detainer locks from their basic function to the highest security models. We will examine their emergence in various world markets, particularly their recent emergence in the North America. Schuyler will demonstrate known vulnerabilities from picking, to impressioning to low-cost key duplication. The goal of this talk is to introduce audience […]

Read more

FACEROUTE: Mapping and Harvesting Social Media Sites

It is a common practice for Social Media sites such as Facebook, MySpace and LinkedIn to be used as components in background and security checks, both in law enforcement and as part of modern hiring practices. In most cases, our social media “shadow” is either a neutral or a positive influence in these processes. However, […]

Read more

Information Security and Risk pertaining to smart phone and mobile devices

The mobile worker population grew to 1 billion in 2010 and over 250 million smart phones and other innovative devices were shipped and connected to the internet. This phenomenon is forecasted to grow by 25% annually through to 2013. 44% of users (Forester) have bought their own devices and want to connect them to their […]

Read more

How to Survive DDoS: the Play at Home Game

Michael Smith serves as Akamai’s Security Evangelist and is the customer-facing ambassador from the Information Security Team, helping customers to understand both the internal security program and the unique security features and capabilities of the Akamai product portfolio and cloud-based solutions. Mr Smith fulfills a cross-functional role as a liaison between security, sales, product management, […]

Read more

Time and Place: Finding Evil with Atemporal Time Line Analysis

For the last few years computer forensic investigators have been singing the praises of Kristinn Gudjonsson’s Log2timeline, a tool that has revived time based artifact analysis despite the use of tools like Vinnie Liu’s Timestomp. This talk will take another look at time lines, but not for their temporal data. We’ll see how even without […]

Read more

Walking on the Crocs back – when security measures fail

Mr. Barlow will discuss the current state of the nation in regards to security, and what happens when all of the shiny security tools, appliances, models and measures put in place fail in a bad way. Mr. Barlow will voice his personal and possibly controversial feelings on why today’s security measures fail and what he […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required