In 2012, we talked about the APT. In 2013, we talked about BYOD and Consumerized IT. In 2014, it was #failAMA. In 2015, Ben Sapiro FAILED to submit an abstract. In 2016, James was VOLUNTOLD to do the thing. It’s 2017, and the voluntoldee said yes again. This is the time when we talk about […]
Read moreShopify has leveraged Kubernetes through Google Container Engine (GKE) to build its new cloud platform. This PaaS is currently serving the majority of the company’s internal tools as well as business-critical production workloads. Moving to Kubernetes and a public cloud is no easy task, especially for a security team. Unfortunately for us, a hosted solution […]
Read moreIn this talk, we discuss a possible new technique where hackers could abuse smart contracts that are deployed on the blockchain as means of command and control (C2) for botnets. We call this novel technique ‘botract’; derived by merging two words: ‘bot’ and ‘contract’. In this talk, we describe how hackers can exploit smart contracts […]
Read moreAutomotive diagnostics provide access for manufacturing, service, and forensics of automotive systems, and are present in nearly every vehicle on the road today. These systems provide a large attack surface, and often contain undocumented features. Unfortunately, information about these systems is proprietary, and tools for interacting with them are expensive. In this talk, we’ll introduce […]
Read moreTrust is an implicit requirement of doing business. At some point, we must trust employees, peers, and technology to a degree. The lack of proper management or understanding of these various trust relationships is a leading cause of security exposure. This talk will cover the analysis and exploitation of the trust relationships between code, platforms, […]
Read morePeople are not computers. This seems like an obvious statement, but many of our security controls treat people as though they are neat streams of code. This can cause problems when it comes to insider threat programs. If we approach insider threat analysis as a black and white then we risk more than wasted time […]
Read moreYou walk into a meeting and the person you are about to talk to informs you that they will be video and audio recording everything. Would that change what you might say or do? What if we told you that your mobile device could be doing that, or worse, to you already? Visit this session […]
Read moreWindows Defender Advanced Threat Protection will soon be available for all Blue Teams to utilize within Windows 10 Enterprise, which includes detection of post breach tools, tactics and techniques commonly used by Red Teams, as well as behavior analytics. Combined with Microsoft Advanced Threat Analytics for user behavior analytics across the Domain, red teamers will […]
Read moreThis is an informative and action-packed session revealing the scary secrets of the current state of IoT device security. It focuses on the various techniques which Gupta and his team used to break into several smart homes (and enterprises) taking advantage of the insecurity in smart devices. Some of the devices he will cover during the talk […]
Read moreControl systems are all around us, working in the background of our lives providing us light, water, heat, transportation, and many good things. These systems are becoming more digital and more connected than ever before, so we must consider control system security just like we do with IT systems. We certainly have seen a jump […]
Read moreIt’s challenging to build out your Incident Detection & Response program when you’re wading in alerts and expected to cover cloud services, contractors, and remote workers, as well as your core infrastructure. In this session, Eric Sun will cover best practices from Rapid7’s Incident Response and Penetration Testing teams, and share the top gaps in […]
Read moreToday, businesses and data security leaders are looking for ways to better anticipate and even predict threats before they happen. Companies have a huge amount of data to process and very little time to do it, and new forms of targeted attacks have evolved. These new threats require new thinking, and that’s where the latest […]
Read moreOn the second Tuesday of every month, Windows administrators stand ready to deploy the swarm of patches issues by Microsoft addressing new vulnerabilities found on mission-critical systems. Although this patch management routing may have system admins feeling overwhelmed, Patch Tuesdays are expected, allowing them to plan accordingly for the maintenance windows. But IT organizations are […]
Read moreCar hacking really came to light in 2015. We saw Jeeps getting attacked over the air, BMWs being remotely unlocked, and attacks on Tesla’s Model S. Yes, today’s cars are computers, and they going to have vulnerabilities. While cars have had in-vehicle networking for the last 25 years, only recently have we seen public attacks […]
Read moreCryptography and social networks are some of the online tools used today to protect the communications of terrorists and to affirm their membership in terrorist organisations. The Internet has become the method of choice for communication. The number of sites calling for a jihad rose from 28 in 1997 to over 5,000 in 2005. The […]
Read moreThe insecure state of SCADA devices is well known and concerning. These connected devices are largely Internet connected. While this is not a new phenomenon, connected devices have continually garnered attention- from attackers and researchers alike. In this talk, Kyle Wilhoit presents the state of SCADA on the Internet, answering the who, what, when, where, […]
Read more
May 2, 2016
There are thousands of possible Windows event IDs, split into 9 categories and 50+ subcategories. The Windows Event Logs provide a historical record of a wide range of actions such as login/logoff, process creation, files/keys modifications, and packet filtering. These logs provide investigators with a wealth of information that can be analyzed in many different […]
Read moreIf you knew how many ways you could obfuscate and deliver payloads with RTF documents, you would have thought it was a file format Microsoft secretively purchased from Adobe. Kidding aside, 2016 has peeked my interest in the RTF specification and you should learn why. This talk walks through research experiences and examples that take […]
Read more