Distributed Denial of Service: War Stories from the Cloud Front

Due to the rise of large-scale botnets, Distributed Denial of Service (DDoS) is making a resurgence, both in attacker capabilities and the impact on target organizations. This presentation is an overview of DDoS attacker capabilities and techniques, defenses against attacks, and lessons learned from responding to numerous DDoS attacks. The session will cover a very […]

Read more

Dissecting the Modern Threatscape: Malicious Insiders, Industrialized Hacking, and Advanced Persistent Threats

This is an intermediate to advanced level presentation that pulls from McAfee Labs research as well as real-life customers. This is original content designed to paint a clear picture of today’s threat landscape and through doing so illustrate the differences between insider threats, industrialized hackers, and APTs. Attacks are coming from all angles. In some […]

Read more

Securing your network with open-source technologies and standard protocols: Tips & Tricks

We continually are asked “Does your product work with VPN X?”. This is the wrong question. The right question is whether any product on your network supports the authentication protocol you have chosen as a standard. Once you decide on a standard, the world opens up to you. Specifically, the world of open source software. […]

Read more

Sniper Forensics v2.0 – Target Acquisition

Last year at SecTor, Christopher debuted “Sniper Forensics”, which illustrates how to use live analysis techniques to improve the efficiency and accuracy of forensic investigations. Since then Sniper Forensics has been given at two other computer security conferences! Now, Sniper Forensics v2.0 Target Acquisition will cover the most asked questions asked by the audience members […]

Read more

Building the DEFCON network, making a sandbox for 10,000 hackers

David covers how the DEFCON network team builds a network from scratch, in three days with very little budget. How this network evolved, what worked for him, and what didn’t work over the last ten years. This network started as an idea, and after acquiring some kick butt hardware, has allowed them to support several […]

Read more

Building your own secure U3 launchable Windows forensic toolkit

This toolset attempts to provide a easy to use U3 drive to gather forensic data from a windows computer. The entire toolset is located on the read-only portion of the U3 drive, and reports are writen to the writeable portion.

Read more

The Four Types of Lock

Physical security is an oft-overlooked component of data and system security in the technology world. While numerous ratings and standards exist in order classify specific security hardware, many of these standards are ill-defined and poorly-understood. Do you know what makes a “hardened” or “contractor grade” lock special? What does the phrase “high security” signify on […]

Read more

Starting an InfoSec Company: Three Founder’s Stories

Ever wonder what it’s like to start your own InfoSec company? Join our “InfoSec Corporate Founders’ Panel” as they trade war stories, describe strategies and mishaps, and offer advice.

Read more

By The Time You’ve Finished Reading This Sentence, “You’re Infected”

This talk is intended to be a rapid-fire description of 25 tactics currently used by “the bad guys” so that malware STILL evades AV, web reputation filters and IDP systems and practically any defense thrown at it. Malicious content continues to be a thorn in the side of practically all Internet users. This talk will […]

Read more

64-bit Imports Rebuilding and Unpacking

64-bit malware are coming! 64-bit malware are coming! I’ve been repeating this for the last 2 years; it’s not tinfoil hat talk anymore. With 64-bit packers and protectors being released, there is presently a growing need to create new tools to facilitate the manual unpacking process for malware analysis and to make it as trivial […]

Read more

Beyond Exploits: Real World Penetration Testing

This presentation focused on abusing design flaws, configuration errors, and information leaks to gain access to typical environments. The open source Metasploit Framework will be used as a demonstration platform to illustrate how low-risk information leaks can be combined to gain administrative access to a target network.

Read more

SCADA and ICS for Security Experts: How to avoid cyberdouchery

The traditional security industry has somehow decided that they are the white knights who are going to save everyone from the horror of insecure powergrids, pipelines, chemical plants, and cookie factories. Suddenly, every consultant is an expert and every product fixes SCADA. And because they don’t know what the hell they’re talking about — ‘fake […]

Read more

Emerging Threats, The Battle for the Access edge

Your network is under attack. Malware, Trojans, Botnets and host of other threats are alive and well in the Internet. The people who produce these threats have a new target — the wired and wireless edges of your network. To effectively detect and manage these threats you need a management platform that provides a single […]

Read more

Cloud definitions you’ve been pretending to understand

We’ve all heard talks where we nodded in agreement with the speaker when he or she launched into jargon we didn’t comprehend. In this talk Jack, assisted by sock puppets, will explain common cloud computing terminology and discuss some common misconceptions about cloud computing.

Read more

Into the Rabbit-Hole

Since the caveman first fashioned a spear humans have been using tools to make them more efficient and effective. Unfortunately, today’s analysts often misunderstand the role tools play testing web applications. While tools can be quite good at mapping a web application’s attack surface there is still much human analysis that must be done to […]

Read more

Today’s Reality: Living in Compromise to Advanced Persistent Threats

Today’s network advanced persistent threats by definition evade detection by perimeter defenses and current concepts for defense in depth – whether you know it or not. Most organizations have developed an over-reliance upon network-layer, perimeter focused solutions that require signatures or profile-based foreknowledge of a given technical threat. As proven through numerous security breaches over […]

Read more

How do we prevent, detect, respond and recover from CRM failures?

In this session Kelly compares customer relations breaches with security breaches, specifically their impacts on organizations. Kelly will then compare Security incident response/handling phases to Customer Relations Breaches (detection, response and recovery), and using examples from personal experience discuss how each of these phases plays a role in effective and successful CRM. He concludes the […]

Read more

Black Berry Security FUD Free

As mobile computing devices proliferate the enterprise more ‘security’ conscious people are raising flags about mobile device security. One device which is dominant in the enterprise mobile computing world is the ubiquitous Blackberry(TM), which has quite a bit of Fear Uncertainty and Doubt surrounding it and its security controls. Rumors about blackberry compromises and confusion […]

Read more

Culture Shift: Social Networking and Enterprise Environments (Security Risk vs Reward)

Social networking for most of us is becoming wrapped into our DNA. This is especially important for the next generation workforce. Additionally, the employees today and those of tomorrow will expect the capability to blog and social network with corporate assets and corporate bandwidth. Additionally, these technologies are being widely used for corporate marketing and […]

Read more

Microsoft’s cloud security strategy

As the adoption and interest in cloud computing grows, technical and business decision-makers are trying to assess the risk associated with using the cloud infrastructure. Join Mohammad Akif, the National Security and Privacy Lead for Microsoft Canada to learn about the threat landscape for cloud computing and how the industry in general and Microsoft in […]

Read more

What’s Old Is New Again: An Overview of Mobile Application Security

The ever-increasing prevalence of mobile devices brings with it a slew of security problems. Applications running directly on mobile devices (and web apps optimized for mobile clients) are ripe for the picking even by unsophisticated attackers. The attack classes that once applied to traditional network-facing, fat client, and web applications are now valid for mobile […]

Read more

A Day in the life of APT

The term ‘Advanced Persistent Threat” has dominated the cyber security world for the last several years. This marketing construct is designed to describe a real and widespread threat, but seems to cause confusion and mockery. This presentation will cut through marketing hyperbole to walk through an attack by a sophisticated actor demonstrating the tools and […]

Read more

OMG-WTF-PDF

Ambiguities in the PDF specification means that no two PDF parsers will see a file in the same way. This leads to many opportunities for exploit obfuscation.  PDFs are currently the greatest vector for drive-by (malware installing) attacks and targeted attacks on business and government. A/V technology is extraordinarily poor at detecting these. [Well except […]

Read more

Into the Black: Explorations in DPRK

North Korea scares people. Allegedly DPRK has a super l33t squad of killer haxor ninjas that regularly engage in hit an run hacks against the Defense department, South Korea, or anyone else who pisses of the Glorious Leader. DPRK also has no real Internet infrastructure to speak of (as dictators don’t like unrestricted information), although […]

Read more

Nsploit: Popping boxes with Nmap

Tired of waiting on scans to complete so you can own boxes? Maybe we can help! Let the powerful scripting engine in Nmap and the sexy attack power of Metasploit combine to form Nsploit, a framework for launching Metasploit exploits from Nmap. Nmap is supporting more vulnerability detection out of the box. Nsploit leverages that […]

Read more

Malware Freakshow

In 2008 alone, we performed full forensic investigations on over 150 different environments ranging from financial institutions, hotels, restaurants and casinos. This presentation will show the inner workings of 4 very interesting pieces of malware, ranging from somewhat simple to very complex. Each sample was actually used to steal confidential data that resulted in significant […]

Read more

Smashing the stats for fun and profit

(or how to convince your boss to spend properly on security) We all know that security vulnerabilities need to be fixed but it can be hard to convince your employer that you deserve a budget so you can do your job properly. Using research from the 2009 Canada wide security survey, we’ll explore (FUD Free) […]

Read more

Massively Scaled Security Solutions for Massively Scaled IT

The US Federal Government is the world’s largest consumer of IT products and, by extension, one of the largest consumers of IT security products and services. This talk covers some of the problems with security on such a massive scale; how and why some technical, operational, and managerial solutions are working or not working; and […]

Read more

DNSSEC deployment in Canada

The Kaminsky bug, announced at Black Hat last year, sent everyone scrambling to update their DNS infrastructure. But most people stopped after the patchwork. Over 10 TLDs, including .gov are already deployed using DNSSEC. CIRA has launched a “friends & family” test program for those who want to test DNSSEC with .ca domains (and should […]

Read more

The GhostNet Story

In March 2009 researchers at the University of Toronto uncovered a network of over 1200 compromised computers spread across 103 different countries. Nearly 30% of the infected hosts were identified as high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs. This presentation will detail the GhostNet investigation from the field […]

Read more

Deblaze – A remote method enumeration tool for flex servers

Flash has traditionally been a graphics heavy technology used to create artistic user interfaces that runs on a client’s browser. The evolution of Flash was pushed by application developers who wanted to access complex business logic and functionality on remote servers. Through the use of the Flex programming model and the ActionScript language, Flash Remoting […]

Read more

Towards a more secure online banking ‘ moving beyond twenty questions.

Online financial applications have developed in a seemingly haphazard way. The result is images for host authentication, hidden cookies and inane questions. The session will break down attacks against session, host/mutual authentication and transaction authentication, and suggest more secure methods of protecting against those attacks without excessive inconvenience to the user and lay the groundwork […]

Read more

w3af – A framework to own the web

Specially crafted for SecTor’s attendees, the w3af project leader will deliver a double talk about the framework, which will guide you through its features using a demos and real life examples. The first session introduces w3af to the audience and shows all of the automated Web application scanning features, and follows up with a detailed […]

Read more

Sniper Forensics – Changing the Landscape of Modern Forensics and Incident Response

Live Analysis tools and techniques have exploded onto the incident response scene in the last two years. By gathering and reviewing volatile data and RAM dumps, incident responders can use time proven theories like, “Locard’s Exchange Principle”, “Occam’s Razor”, and “The Alexiou Principle” to target only the systems that are part of the breach. What […]

Read more

SSLFail.com

SSLFail.com brings together Security Enthusiasts who research all things SSL/TLS. Secure Sockets Layer and Transport Layer Security are an essential part of today’s Internet and they are very poorly understood by most Users and unfortunately many Administrators. There have been a number of very important developments in the area of SSL in the past year. […]

Read more

Consumerization and Future State of Information Warfare

People crave constant communication, instant gratification, ease, and fun. But at what cost? What doors are we opening for an eventual potential for government sponsored espionage, terrorism or full scale war? How are consumers enabling or even participating in this effort? This speech will cover how individuals in a highly commercialized world can bring a […]

Read more

Retaliation: Breaking Attack Vectors in the Infrastructure

2010 will be the beginnings of a new world of network and infrastructure security as new IEEE standards change the landscape of threat models for wired, wireless and wide area networks. Learn how to use these features to stop spoofing, eavesdropping and a host of malicious activity. I’ll give you the knowledge and tools to […]

Read more

Portable Document Malware, the Office, and You – Get owned with it, can’t do business without it

Many new types of malware, particularly targeted attacks against high-value targets, are using a very effective vector: common document formats such as Word, PowerPoint, and PDF. Unlike executables, businesses can’t just block these ubiquitous file types. While there are ways to spot this kind of malware, many antivirus companies are lagging behind with generic detection, […]

Read more

To cache a thief | Using database caches to detect SQL Injection attacks

Most SQL Injection attack detection methods are heavily dependent on IDS and web server logging which in many scenarios can be easily circumvented. Performing SQL Injection attack detection at the database can overcome current detection limitations. This session will demonstrate techniques and a new incident response tool that uses database caches to confirm or discount […]

Read more

The Past, Present & Future – SQL Injection

SQL Injection has brought a lot of awareness over the last few years, from the TJX / Heartland Payment Systems compromise to the mass SQL Injection attacks in 2008, that have continued to spill over into 2009. What was termed as an ‘old school attack’ has certainly demonstrated the ability to continue to be successful. […]

Read more

Crimeware: Web Exploitation Kits Revealed

The session introduces the attendee to how crimeware has become increasingly popular in recent years, the indistinguishable similarities with legitimate business and the dangers the internet community is facing. There will also be a live demonstration of the infamous Mpack (or other similar kit), including a minor exercise encouraging one to identify methods to mitigate […]

Read more

Hacking the Privacy Legislation

In today’s environment of particularly scarce resources, privacy can be easily buried under its sexier older sister – security. But the need to balance the two is an ongoing concern when it comes to any system that collects, uses and discloses personal information. This session will focus on exploring the differences between the two, and […]

Read more

When Web 2.0 Attacks – Understanding AJAX, Flash and “Highly Interactive” Technologies

This talk covers the problems that are emerging with Web 2.0 technologies, why they are issues and what can be done. Specifically diving into the approach for analyzing AJAX and Flash! Applications using some commercial and open-source tools this talk is part informative, part educational, and all practical. Conference attendees love to have something to […]

Read more

Your Mind: Legal Status, Rights and Securing Yourself

As a participant in the information economy, you no longer exclusively own material originating from your organic brain; you leave a digital trail with your portable device”’s transmitted communications and when your image is captured by surveillance cameras. Likewise, if you Tweet or blog, you have outsourced a large portion of your memory and some […]

Read more

Game Over, Man: Gamers Under Fire

An exploration of security issues relating to consoles and their risks to both home users and the business environment. This will include issues such as custom built DDoS tools, social engineering of Microsoft support staff, account theft, the risk to businesses and personal tips to keep your own details secure. I will also examine the […]

Read more

Cain BeEF Hash: Snagging passwords without popping boxes

Chaining exploits and abusing trust are two heavily discussed topics in security today. If you ever deal with Windows domains come see what tools and techniques can be used to quietly liberate hashes even if the workstations are patched. This presentation will go in depth into what tools can facilitate turning acquired credentials into usable […]

Read more

Weaponizing the Web: More attacks on User-Generated Content

Ultimately, basing the value proposition of your site on user-generated and external content is a kind of variant on Russian Roulette, where in every turn the gun is pointed at your head, regardless of the number of players. You may win most of the time, but eventually a bullet is going to find its way […]

Read more

Ten Things Everyone Should Know About Lockpicking & Physical Security

Physical security is an oft-overlooked component of data and system security in the technology world. While frequently forgotten, it is no less critical than timely patches, appropriate password policies, and proper user permissions. You can have the most hardened servers and network but that doesn’t make the slightest difference if someone can gain direct access […]

Read more

The Future of Snort: Why it must change for network security to live.

With over 3,000,000 downloads, Snort is the most widely deployed and trusted intrusion detection and prevention technology worldwide. How will Snort evolve over the next couple of years to keep up with the ever-changing network security landscape? Join Mr. Young as he shares his vision of future Snort features and why they are needed. This […]

Read more

New Research on Canadian Privacy Breaches

Canadian organizations must contend with 5 pieces of privacy legislation governing different sectors and industries and the expectations of personal information management. Preliminary results indicate that certain industries have a higher occurrence of different types of privacy incidents. Types of privacy breaches, in particular, tend to be clustered into unauthorized collection, use and / or […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required