Threat Intelligence: What makes it smart

SIEM and feeds intelligence are common words found in the information security industry. We see them popping up in areas ranging from application, business, situation and threat intelligence. Whether the meaning is automated log analyses or manually generated reports of OSINT, threat intelligence is quickly becoming a must have item in any companies security arsenal. […]

Read more

Face Today’s Threats Head-On: Best Practices for a BYOD World

Today’s threat landscape is evolving radically and BYOD (Bring Your Own Device) is all the rage. In 2011 alone, Symantec detected and blocked 5.5 billion malicious attacks, an increase of more than 81 percent from the previous year. Social networks and mobile computing are opening up new security vulnerabilities and personal sites and blogs were […]

Read more

Introduction to Web Application Testing

Have you ever wondered what SQL injection was, and how it worked? Couldn’t figure out how someone could take over your web browsing and redirect you to another site entirely, or intercept and replace legitimate web traffic with some nasty malware? Dave Millier and Assef G. Levy will give you an overview of web application […]

Read more

Recent Advances in IPv6 Security

The IPv6 protocol suite was designed to accommodate the present and future growth of the Internet, and is expected to be the successor of the original IPv4 protocol suite. It has already been deployed in a number of production environments, and many organizations have already scheduled or planned its deployment in the next few years. […]

Read more

Web Application Scanning in the SDLC

This presentation will review some of the reasons that web application security is so important – citing data from the Verizon Data Breach Investigations Report which identified web applications as one of the primary attack and data loss vectors. Next, an overview of a conventional scanning program will be outlined as well as how a […]

Read more

The Defense RESTs: Automation and APIs for Better Security

Want to get better at security? Improve your ops and improve your dev. Most of the security tools you need aren’t from security vendors, they don’t even need to be commercial. You need tools like chef & puppet, jenkins, logstash + elasticsearch & splunk or even hadoop to name but a few. The key is […]

Read more

VMware ThinApp: Does Isolation Trim your Risk?

Does using VMware ThinApp isolation trim your risk? This presentation uses known vulnerabilities in popular software products like Firefox, Internet Explorer, Java, and Flash to compare the security implications of native installations and the three ThinApp Isolation modes to determine the viability of ThinApp as a means of using archaic/legacy software. The end result will […]

Read more

Importance of integrating network forensics with host forensics

No matter what anyone tells you, no investigation is complete or comprehensive if it only includes host-based forensic analysis. The fact is the host never has all of the relevant information, and there are way too many techniques for ensuring that no incriminating evidence is ever left on the disk. Because of this reality, it […]

Read more

Hey, I just middled you, and this is crazy

But, here’s your password. Reset it, maybe? Everyone thinks they know about the Man in the Middle. Most places think as long as they have SSL, they’re immune. Attackers know better. We’ll demonstrate implications of Man in the Middle vulnerability that go beyond the 101. We’ll show how layer 2 weaknesses can be turned into […]

Read more

Anti-Forensic Techniques and Countermeasures

Digital investigations may be conducted differently by various labs (law enforcement agencies, private firms, enterprise corporations) but each lab performs similar steps when acquiring, processing, analyzing, or reporting on data. This updated talk will discuss techniques that criminals can use to throw wrenches into each of these steps in order to disrupt an investigation, and […]

Read more

The Kill Chain and Evolution in Intrusion Detection Mechanisms

Intrusion defense mechanisms have been around for approximately two decades. However, slippery assailants continue to evade even state-of-the-art mechanisms. We have more technology than ever but few approaches that work reliably, especially given with the explosion of attack vectors. The problem of accurate and consistent attack detection and defense amid a sea of noise appears […]

Read more

Security Organizational Behaviour – making people part of the solution

Why technology and process don’t solve the problem alone and how to make security part of the normal pattern of behaviour for your organization. Instead of assuming that “humans are the weakest link” this talk will show how to make people the first line of defence and make them an asset, instead of a liability.

Read more

APT ALL THE THINGS: are Mac users no longer safe?

A new development of 2012, targeted attacks (APTs) against human rights now often include malware specifically designed to compromise Macs. Mac users have long thought they’re safe, for a variety of reasons including: “nobody ever targets us” (not anymore!), “Macs are based on Unix so have additional security” (not if new vulnerabilities are found, or […]

Read more

Microsoft Security Intelligence Report; Canadian Edition

Threats have changed in dramatic and unexpected ways around the world over the past year as attackers continue to hone and evolve their strategies and tactics, and Internet-connected devices proliferate. Using the latest data from hundreds of millions of systems around the world and some of the Internet’s busiest online services, this session will provide […]

Read more

Forecast of Data Loss in Canada

How many breaches occurred in Canada last year? And how many might there be by 2015? How much personal confidential Canadian data will be lost next year? Join this session to learn which types of firms are losing data and how. He won’t name names, but Dave will quickly walk you through a cool model […]

Read more

Reversing Patches for Exploit Creation, Pen-Testing or Just Fun!

How many times have you wondered what really gets fixed inthe security patches released by vendors? Are you curious to find new vulnerabilities that could be introduced due to faulty patches? This talk will go over some basic reversing techniques that anyone can use to read what exactly gets fixed in patches. These techniques can […]

Read more

How I Learned to Stop Worrying and Love the Cloud

An overview of the risks and mitigations encountered in planning the outsourcing of the United States Mint’s $700 Million a year numismatic ecommerce site. The presentation focuses on how to assess your cloud vendor and specific information and access to request to make sure your data is secure. Many of the mitigations discussed in the […]

Read more

DNSSEC: Securing the DNS and beyond

DNSSEC was designed to protect the Domain Name System from an ever increasing stream of DNS spoofing attacks and (non-)malicious DNS rewriting schemes. But from the start, many intended to use this new distributed and digitally signed database for other purposes as well. DNSSEC can already be used to secure large scale TLS, SSH and […]

Read more

Conquer the Beast – How to Effectively Manage Open-source Intelligence Outbursts

Open-source Intelligence has picked up quite a hype lately and everyone talks about its importance within a security program to protect organizations against present and emerging threats. With the advent of social media, monitoring all these sources has become even a bigger challenge. Despite its importance, no one has provided specific guidance on how exactly […]

Read more

Inside the Blackhole Exploit Kit (BHEK)

One of the most successful drive-by attack toolkits available to cyber criminals, Black Hole is dominating the criminal marketplace. In this talk, we will explore how the exploit kit is sold, kit features, how attackers are using it to ensnare victims and the speed with which new vulnerabilities are being exploited. Techniques for defending against […]

Read more

Introducing ‘Android Security Evaluation Framework’ ASEF

Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is exposed. Is there really a […]

Read more

Hadoop Forensics, Tackling the elephant in the room

Unless you’ve been living under a rock you’ve heard that Hadoop is regarded as the miracle solution for the big data needs of business. It is not uncommon for Hadoop clusters to store and process terabytes of sensitive information. Hadoop’s enormous data stores and inherit security issues make it the perfect storm of risk for […]

Read more

Targeted Malware Attacks – Sophisticated Criminals or Babytown Frolics?

Over the past year, Trustwave’s SpiderLabs malware team has been continually reminded why we love our jobs – we get to play with malware. But not just any malware, no, we get to reverse engineer and analyze malware from targeted incident response cases. This opportunity allows us to see what criminals are doing at a […]

Read more

Hunting Carders for fun and profit

“Hunting Carders for fun and profit” describes the rise in E-commerce breaches over the last year. The talk touches on the reasons cardholder data is so valuable on the black market, the three most common attack vectors, examples of malware discovered during actual investigations, the wrong way to encrypt databases and examples of how several […]

Read more

Hey, I just middled you, and this is crazy

But, here’s your password. Reset it, maybe? Everyone thinks they know about the Man in the Middle. Most places think as long as they have SSL, they’re immune. Attackers know better. We’ll demonstrate implications of Man in the Middle vulnerability that go beyond the 101. We’ll show how layer 2 weaknesses can be turned into […]

Read more

Engineering the Social Animal

This presentation was designed to provide a glimpse into the curious world of Social Engineering, and it’s serious impact being felt within businesses and homes around the world. Robert helps to shed light on many of the low tech techniques successfully being used defeat today’s highest-tech security solutions. With a focus on the human elements […]

Read more

Cybercrime in Canada: a Law Enforcement Perspective

This session will highlight the link and differences between security efforts and criminal interdiction. Cybercrime continues to be a significant concern to industry and the public in Canada. This session will highlight some of the important activities now underway to address this criminal threat. Attendees will become aware of crime trends and priority threats. Industry […]

Read more

With new technologies come new vulnerabilities

HTML5 introduces significant changes for today’s websites: new and updated tags, new functionality, better error handling and improved Document Object Model (DOM). However, the HTML5 new features come with new (application) security vulnerabilities. This session will review the new attack vectors, associated risks and what a needs to be taken into consideration when implementing HTML5.

Read more

Physical Security In Context

Many security professionals think of locks as curiosities or puzzles, and are well acquainted with the idea that “locks keep honest people honest.” However, physical security has a rich history and our modern relationship to locks is very different than it was even a hundred years ago. In this talk we’ll put modern physical security […]

Read more

Threat Attribution via DNS

Despite the complexities of modern malware and the stealthiness of targeted infiltrations, the remote command and control of victim devices is heavily dependent upon a clear-text protocol. Using new techniques in the big data analysis of streaming DNS traffic and the application of innovative machine learning systems, it is possible to automatically identify domain names […]

Read more

Poortego: An OS-INT correlation tool for the 99%

Aggregating and correlating open-source intelligence (OS-INT) is an important aspect of both attack and defense. When on the offensive, OS-INT provides critical reconnaissance information. Whether sucking down data from corporate directories, gathering information from social networking sites, or combing Pastebin for stolen credentials, the relationships among associated data sets paint a critical picture highlighting potential […]

Read more

Security Testing

The volume, variants and sophistication of security attacks is increasing exponentially. As Internet traffic volume increases, high-powered security devices such as unified threat management (UTM) platforms are needed to protect the data center from malware, denial of service attacks and loss of confidential data. This presentation will discuss security threats, countermeasures and security testing that […]

Read more

The Search for Intelligent Life

For years businesses have been mining and culling data warehouses to measure every layer of their business right down to the clickstream information of their web sites. These business intelligence tools have helped organizations identify points of poor product performance, highlighting areas of current and potential future demand, key performance indicators, etc. In the information […]

Read more

Built What? Why The Bad Guys Do It Better

For well over a decade cyber-crime has steadily risen at incredible rates across the world. How is this possible with so many law enforcement and security vendors out there trying to solve the problem? Over the past eleven years viruses and trojans have evolved into a never ending deluge of crimeware campaigns. How is this […]

Read more

Sniper Forensics v3.0: Hunt

I am a sniper. I hunt malware. Specifically, I hunt malware that is committing a crime. Memory Dumpers, Key Loggers, and Network Sniffers are the enemy. The enemy can take on any form, he deploys stealth to hide from me. To know the enemy, I have to know HOW he works, not just what his […]

Read more

Binary Risk Analysis

Security risk analysis techniques are either too complex to be understood by the business or too simple to provide repeatable and meaningful results. Without a proper understanding of the risk associated with security events, businesses are likely to misunderstand the risk that security professionals are working to control. This talk will announce a new, peer […]

Read more

Progression of a Hack

So you have a firewall, AV, IDS, patch management and more. Nobody is getting in. Somehow Fake-AV and malware still rear their ugly heads from time to time, but things feel pretty safe. Others in this same situation are still making the news. This talk will look at how a single foothold can lead to […]

Read more

Cubical Warfare, The next Arms Race

Cubical warfare is currently in an up raise. One Nerf gun can cause an arms race escalating beyond current weaponry either from common concept of High Performance Culture, to downright nastiness of co-workers. My goal is to educate attendees to take normal run-of-the-mill soft dart weapons, and make them into weapons of mass pain. Topics […]

Read more

A Technical View on Cloud Security: How Not To Get Your Undies In A Bunch aka Please Don’t Squeeze The Charmin

Most of the material out there today on cloud security is all about how it is more/less secure then managing things internally and very little of the material focuses on the fundamental differences between internal vs external hosting. And while there has been some discussion of the actual issues (with a few notable exceptions) they […]

Read more

Mapping The Penetration Tester’s Mind – An introduction to a pentester’s approach to security audits

“Mapping The Penetration Tester’s Mind” will present tools, methodologies, standards, and frameworks that are used during an active security engagement. This will give the attendees a broad understanding of how a penetration tester locates and determines what is a target, how vulnerabilities are located, what a penetration tester does to actively gain access, and how […]

Read more

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests brings the SecTor audience the most massive collection of weird, downright bizarre, freaky, and altogether unlikely hacks ever seen in the wild. This talk will focus on those complex hacks found in real environments – some in very high end and important systems, […]

Read more

Malware FreakShow

Well, there’s malware on the interwebs. They’re pwning all your systems, snatching your data up. So hide your cards, hide your docs, and hide your phone, ’cause they’re pwning er’body out there! This may be the 3rd and final installment of the Malware Freak Show series, so we’re pulling out all the stops. This year […]

Read more

Everything You Need to Know about Cloud Security (and then some)

Everyone is fired up about the cloud. Per usual, that means most businesses are rushing headlong into the abyss with nary a concern of security or risk management. Yeah, we all know how this ends. And most practitioners don’t even know what they don’t know at this point. Mike will provide the unvarnished truth about […]

Read more

Bust a Cap in an Android App

This talk will introduce the audience to the nuts and bolts of Android hacking. Patrick and Veytsman will demonstrate how to take apart an Android application and hunt for vulnerabilities. Topics covered include hunting for goodies in files stored on the device, reverse engineering applications, identifying broken crypto implementations and using remote debugging to execute […]

Read more

Wireless Hacking Techniques and Tips

Wireless technology is exploding in popularity. Businesses are not only migrating to wireless networking, they are steadily integrating wireless technology and associated components into their wired infrastructure. The demand for wireless access to LANs is fueled by the growth of mobile computing devices and a desire by users for continual connections to the network without […]

Read more

Anatomy of a Data Breach: Exploring the Current Threat Landscape

IT Security Professionals have more threats to deal with today than at any previous point in history; and it is only going to get worse. There is more malware, more threats (spam, botnets, etc.) and more potential areas of risk as we expand our need to collaborate either socially or for business efficiency to achieve […]

Read more

HTTP Header Hunter – Looking for malicious behavior into your http header traffic

Most malware uses HTTP/HTTPS to call home or install other parts of a malicious action. Since thousands and thousands of samples appear daily, it is almost impossible to create signatures to dectect all malicious activities. Based on this problem, we started to analyze common headers and behaviors for malicious connections based on Spiderlabs research analysis […]

Read more

Near Field Communications (NFC) mobile security for those with No F’ing Clue

As Near Field Communications (NFC) is integrated into our daily lives more and more (credit/debit cards and mobile payments, transit systems, ticketing systems), application developers should understand the risks of implementing NFC in mobile applications. This talk covers several current and proposed NFC implementations with case studies including attacks and mitigations, as well as the […]

Read more

Cybersecurity, the Law, and You

This talk will cover how new US legislation and regulations are going to affect cyber security in the coming months. It will discuss, among other things, the new cresit card security specification, PCI DSS 2.0, the US Governments “Cyber 3” initiative, and cybersecurity legislation in front of the US Congress. It will also cover new […]

Read more

It’s Not About the “Warm Fuzzy” – How to Plan for a Comprehensive Penetration Exercise

It’s time for your annual, mandated penetration test. It may not be accurate, but who cares? You passed! Your boss has a “warm fuzzy”! But where is the business value in testing the perimeter if the perimeter is not the target? It’s time we stopped kidding ourselves and started looking at testing that actually does […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!