Web Browser Security Faceoff

At no other point in the evolution of computing has user experience (as well as attack surface) been so defined by a single piece of software as it is today. Still, no authoritative picture of the true defensive capabilities of the three major web browsers has existed. A team of Accuvant Labs researchers have been […]

Read more

Cybersecurity, the Law, and You

This talk will cover how new US legislation and regulations are going to affect cyber security in the coming months. It will discuss, among other things, the new cresit card security specification, PCI DSS 2.0, the US Governments “Cyber 3” initiative, and cybersecurity legislation in front of the US Congress. It will also cover new […]

Read more

Built What? Why The Bad Guys Do It Better

For well over a decade cyber-crime has steadily risen at incredible rates across the world. How is this possible with so many law enforcement and security vendors out there trying to solve the problem? Over the past eleven years viruses and trojans have evolved into a never ending deluge of crimeware campaigns. How is this […]

Read more

HTTP Header Hunter – Looking for malicious behavior into your http header traffic

Most malware uses HTTP/HTTPS to call home or install other parts of a malicious action. Since thousands and thousands of samples appear daily, it is almost impossible to create signatures to dectect all malicious activities. Based on this problem, we started to analyze common headers and behaviors for malicious connections based on Spiderlabs research analysis […]

Read more

Building a GRC Strategy

Dave Millier will talk about gathering information from various sources (security and system logs, reports, processes, people, etc), and turning it into meaningful reports and dashboards that can be used to track compliance of various standards and regulations, including PCI, CobiT, SOX, NERC CIP, and others. Rather than focusing on any particular technology, Dave will […]

Read more

Change Happens: CISO Survival Through Adaptation

The Chief Information Security Officer role is transitioning through unprecedented change in information technology, in both scope and pace. CISOs must learn to adapt in kind and support the four ‘personas’ of the CIO, where the I stands for Infrastructure, Integration, Intelligence and Innovation. This panel will address the trends and adaptation strategies necessary to […]

Read more

Progression of a Hack

So you have a firewall, AV, IDS, patch management and more. Nobody is getting in. Somehow Fake-AV and malware still rear their ugly heads from time to time, but things feel pretty safe. Others in this same situation are still making the news. This talk will look at how a single foothold can lead to […]

Read more

Anatomy of a Data Breach: Exploring the Current Threat Landscape

IT Security Professionals have more threats to deal with today than at any previous point in history; and it is only going to get worse. There is more malware, more threats (spam, botnets, etc.) and more potential areas of risk as we expand our need to collaborate either socially or for business efficiency to achieve […]

Read more

The Search for Intelligent Life

For years businesses have been mining and culling data warehouses to measure every layer of their business right down to the clickstream information of their web sites. These business intelligence tools have helped organizations identify points of poor product performance, highlighting areas of current and potential future demand, key performance indicators, etc. In the information […]

Read more

I’m Your MAC(b)Daddy

The field of Computer Forensics moves more and more in the direction of rapid response and live system analysis every day. As breaches and attacks become more and more sophisticated the responders need to continually re-examine their arsenal for new tactics and faster ways to process large amounts of data. Timelines and super-timelines have been […]

Read more

Be Ready for IPv6 Migration and Beyond!

2011 is the year that IPv6 really matters! Even if you do not need to deploy it immediately, you should begin planning for IPv6, including making sure your infrastructure and your ISP can support it. Join us as world IPv6 expert Cricket Liu, author of several books on DNS and IPv6 presents on a variety […]

Read more

It’s Not About the “Warm Fuzzy” – How to Plan for a Comprehensive Penetration Exercise

It’s time for your annual, mandated penetration test. It may not be accurate, but who cares? You passed! Your boss has a “warm fuzzy”! But where is the business value in testing the perimeter if the perimeter is not the target? It’s time we stopped kidding ourselves and started looking at testing that actually does […]

Read more

A Replicant by Any Other Name: A Security Analysis of the BlackBerry PlayBook

The BlackBerry PlayBook is Research In Motion’s foray into a new mobile operating environment. Featuring TabletOS, built on the QNX RTOS and a user experience built predominately on the Adobe AIR platform, the PlayBook quickly stirred up critical reactions — but also praise, having been certified for use by the U.S., Australian, and Russian governments. […]

Read more

Evolution of Digital Forensics

No matter what anyone tells you, no investigation is complete or comprehensive if it only includes host-based forensic analysis. The fact is the host never has all of the relevant information, and there are way too many techniques for ensuring that no incriminating evidence is ever left on the disk. Because of this reality, it […]

Read more

Security When Nanoseconds Count

There’s a brave new frontier for IT Security – a place where “best practices” does not even contemplate the inclusion of a firewall in the network. This frontier is found in the most unlikely of places, where it is presumed that IT Security is a mature practice. Banks, Financial Institutions and Insurance Companies. High Speed […]

Read more

Time and Place: Finding Evil with Atemporal Time Line Analysis

For the last few years computer forensic investigators have been singing the praises of Kristinn Gudjonsson’s Log2timeline, a tool that has revived time based artifact analysis despite the use of tools like Vinnie Liu’s Timestomp. This talk will take another look at time lines, but not for their temporal data. We’ll see how even without […]

Read more

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests brings the SecTor audience the most massive collection of weird, downright bizarre, freaky, and altogether unlikely hacks ever seen in the wild. This talk will focus on those complex hacks found in real environments – some in very high end and important systems, […]

Read more

FACEROUTE: Mapping and Harvesting Social Media Sites

It is a common practice for Social Media sites such as Facebook, MySpace and LinkedIn to be used as components in background and security checks, both in law enforcement and as part of modern hiring practices. In most cases, our social media “shadow” is either a neutral or a positive influence in these processes. However, […]

Read more

Finding Evil in Live Memory

Live memory forensics is a fun (and effective) way to find an attacker’s footprints on a machine. Michael will provide a brief introduction to the basics of memory forensics on Windows systems, then show how to use several free tools to investigate a running system (or a memory image) for indications that an attacker has […]

Read more

Mapping The Penetration Tester’s Mind – An introduction to a pentester’s approach to security audits

“Mapping The Penetration Tester’s Mind” will present tools, methodologies, standards, and frameworks that are used during an active security engagement. This will give the attendees a broad understanding of how a penetration tester locates and determines what is a target, how vulnerabilities are located, what a penetration tester does to actively gain access, and how […]

Read more

Wireless Hacking Techniques and Tips

Wireless technology is exploding in popularity. Businesses are not only migrating to wireless networking, they are steadily integrating wireless technology and associated components into their wired infrastructure. The demand for wireless access to LANs is fueled by the growth of mobile computing devices and a desire by users for continual connections to the network without […]

Read more

What is an APT without a sensationalist name?

Targeted malware attacks are particularly dangerous to NGOs and other organizations that take real-world risks while often having little if any IT security budget. In this talk, Seth will describe a variety of targeted malware attacks observed in the wild against human rights organizations, and the techniques (both social and technical) that they use to […]

Read more

Detecting The Insider Threat – Finding The Needle in Stack of Needles

A recent IDC survey found that 52% of insider threats were perceived as accidental and 19% thought to be deliberate. Although 82% of CxOs said they did not know if incidents were deliberate or not, 62% were unclear of the source of their company’s insider risk and could not accurately pinpoint or quantify the nature […]

Read more

Bust a Cap in an Android App

This talk will introduce the audience to the nuts and bolts of Android hacking. Patrick and Veytsman will demonstrate how to take apart an Android application and hunt for vulnerabilities. Topics covered include hunting for goodies in files stored on the device, reverse engineering applications, identifying broken crypto implementations and using remote debugging to execute […]

Read more

FireShark – A Tool to Link the Malicious Web

Thousands of legitimate web sites serve malicious content to millions of visitors each and every day. Trying to piece all the data together to confirm any similarities between possible common patterns within these websites, such as re-directors that belong to the same IP, IP range, or ASN, and reconstructing the final deobfuscated code can be […]

Read more

Crime & Carelessness: Gaps that Enable the Theft of Your Most Sensitive Information

“Information is power and money. Our professional lives revolve around building, inventing and working with more valuable information. How we protect and manage this information is core to the success of our economy, organizations, corporations and our personal lives. In this presentation we will explore how a criminal industry now larger than the international drug […]

Read more

Gates, Guards, and Gadgets: An Introduction to the Physical Security of IT

We’re all familiar with using a defense-in-depth strategy when planning information security, but none of that matters if I can take your datacenter and load it into my truck! Join Kai Axford, a Certified Protection Professional (CPP), as he looks at the various aspects of physical security, such as barrier planning, IP surveillance, lock selection […]

Read more

CLOUDINOMICON: Idempotent Infrastructure, Survivable Systems & Bringing Sexy Back to Information Centricity

Mass-market, low-cost, commodity infrastructure-as-a-Service Cloud Computing providers abstract away compute, network and storage and deliver hyper-scaleable capabilities. This “abstraction distraction” has brought us to the point where the sanctity and security of the applications and information transiting them are dependent upon security models and expertise rooted in survivable distributed systems, at layers where many security […]

Read more

Distributed Denial of Service: War Stories from the Cloud Front

Due to the rise of large-scale botnets, Distributed Denial of Service (DDoS) is making a resurgence, both in attacker capabilities and the impact on target organizations. This presentation is an overview of DDoS attacker capabilities and techniques, defenses against attacks, and lessons learned from responding to numerous DDoS attacks. The session will cover a very […]

Read more

Web Application Payloads

This talk will introduce attendees to the subject and show a working implementation of Web Application Payloads that uses the “system calls” exposed by vulnerable Web Applications to collect information from, and gain access to the remote Web server. The Web application payloads implementation was developed as a part of the w3af framework, an open […]

Read more

Sharingan – A Ninja art to Copy, Analyze and Counter Attack

Many products in the industry have or use some kind of a proprietary network protocol. Most of these protocols do not have packet level documentation in place; neither with the development team, nor with the architect. In some instances, security assessment team/auditor might be dealing with a network protocol which a third party wrote and […]

Read more

Fuzzing Proprietary Protocols – A Practical Approach

Proprietary protocols are commonly used in industrial environments and are hard to fuzz. Often, one product like a railway control centre communicates over more than 10 proprietary protocols. Usually, external attackers do not have the specifications of the protocols to write suitable fuzzers. The same applies to internal penetration testers. Even with the specifications, time […]

Read more

Distributed Denial of Service: War Stories from the Cloud Front

Due to the rise of large-scale botnets, Distributed Denial of Service (DDoS) is making a resurgence, both in attacker capabilities and the impact on target organizations. This presentation is an overview of DDoS attacker capabilities and techniques, defenses against attacks, and lessons learned from responding to numerous DDoS attacks. The session will cover a very […]

Read more

Dissecting the Modern Threatscape: Malicious Insiders, Industrialized Hacking, and Advanced Persistent Threats

This is an intermediate to advanced level presentation that pulls from McAfee Labs research as well as real-life customers. This is original content designed to paint a clear picture of today’s threat landscape and through doing so illustrate the differences between insider threats, industrialized hackers, and APTs. Attacks are coming from all angles. In some […]

Read more

Securing your network with open-source technologies and standard protocols: Tips & Tricks

We continually are asked “Does your product work with VPN X?”. This is the wrong question. The right question is whether any product on your network supports the authentication protocol you have chosen as a standard. Once you decide on a standard, the world opens up to you. Specifically, the world of open source software. […]

Read more

Sniper Forensics v2.0 – Target Acquisition

Last year at SecTor, Christopher debuted “Sniper Forensics”, which illustrates how to use live analysis techniques to improve the efficiency and accuracy of forensic investigations. Since then Sniper Forensics has been given at two other computer security conferences! Now, Sniper Forensics v2.0 Target Acquisition will cover the most asked questions asked by the audience members […]

Read more

Building the DEFCON network, making a sandbox for 10,000 hackers

David covers how the DEFCON network team builds a network from scratch, in three days with very little budget. How this network evolved, what worked for him, and what didn’t work over the last ten years. This network started as an idea, and after acquiring some kick butt hardware, has allowed them to support several […]

Read more

Building your own secure U3 launchable Windows forensic toolkit

This toolset attempts to provide a easy to use U3 drive to gather forensic data from a windows computer. The entire toolset is located on the read-only portion of the U3 drive, and reports are writen to the writeable portion.

Read more

The Four Types of Lock

Physical security is an oft-overlooked component of data and system security in the technology world. While numerous ratings and standards exist in order classify specific security hardware, many of these standards are ill-defined and poorly-understood. Do you know what makes a “hardened” or “contractor grade” lock special? What does the phrase “high security” signify on […]

Read more

Starting an InfoSec Company: Three Founder’s Stories

Ever wonder what it’s like to start your own InfoSec company? Join our “InfoSec Corporate Founders’ Panel” as they trade war stories, describe strategies and mishaps, and offer advice.

Read more

By The Time You’ve Finished Reading This Sentence, “You’re Infected”

This talk is intended to be a rapid-fire description of 25 tactics currently used by “the bad guys” so that malware STILL evades AV, web reputation filters and IDP systems and practically any defense thrown at it. Malicious content continues to be a thorn in the side of practically all Internet users. This talk will […]

Read more

64-bit Imports Rebuilding and Unpacking

64-bit malware are coming! 64-bit malware are coming! I’ve been repeating this for the last 2 years; it’s not tinfoil hat talk anymore. With 64-bit packers and protectors being released, there is presently a growing need to create new tools to facilitate the manual unpacking process for malware analysis and to make it as trivial […]

Read more

Beyond Exploits: Real World Penetration Testing

This presentation focused on abusing design flaws, configuration errors, and information leaks to gain access to typical environments. The open source Metasploit Framework will be used as a demonstration platform to illustrate how low-risk information leaks can be combined to gain administrative access to a target network.

Read more

SCADA and ICS for Security Experts: How to avoid cyberdouchery

The traditional security industry has somehow decided that they are the white knights who are going to save everyone from the horror of insecure powergrids, pipelines, chemical plants, and cookie factories. Suddenly, every consultant is an expert and every product fixes SCADA. And because they don’t know what the hell they’re talking about — ‘fake […]

Read more

Emerging Threats, The Battle for the Access edge

Your network is under attack. Malware, Trojans, Botnets and host of other threats are alive and well in the Internet. The people who produce these threats have a new target — the wired and wireless edges of your network. To effectively detect and manage these threats you need a management platform that provides a single […]

Read more

Cloud definitions you’ve been pretending to understand

We’ve all heard talks where we nodded in agreement with the speaker when he or she launched into jargon we didn’t comprehend. In this talk Jack, assisted by sock puppets, will explain common cloud computing terminology and discuss some common misconceptions about cloud computing.

Read more

Into the Rabbit-Hole

Since the caveman first fashioned a spear humans have been using tools to make them more efficient and effective. Unfortunately, today’s analysts often misunderstand the role tools play testing web applications. While tools can be quite good at mapping a web application’s attack surface there is still much human analysis that must be done to […]

Read more

Today’s Reality: Living in Compromise to Advanced Persistent Threats

Today’s network advanced persistent threats by definition evade detection by perimeter defenses and current concepts for defense in depth – whether you know it or not. Most organizations have developed an over-reliance upon network-layer, perimeter focused solutions that require signatures or profile-based foreknowledge of a given technical threat. As proven through numerous security breaches over […]

Read more

How do we prevent, detect, respond and recover from CRM failures?

In this session Kelly compares customer relations breaches with security breaches, specifically their impacts on organizations. Kelly will then compare Security incident response/handling phases to Customer Relations Breaches (detection, response and recovery), and using examples from personal experience discuss how each of these phases plays a role in effective and successful CRM. He concludes the […]

Read more

Black Berry Security FUD Free

As mobile computing devices proliferate the enterprise more ‘security’ conscious people are raising flags about mobile device security. One device which is dominant in the enterprise mobile computing world is the ubiquitous Blackberry(TM), which has quite a bit of Fear Uncertainty and Doubt surrounding it and its security controls. Rumors about blackberry compromises and confusion […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required