Keyspace Reduction in Mechanical Locks

This quick-moving talk will cover techniques for reducing the range of combinations or keys you need to attack to successfully open a lock. There will be some math…but I’m not particularly good at math so it definitely won’t get complicated. We will cover a number of fun topics like decoding combination locks, figuring out how […]

Read more

The New Paradigm of Security Controls

We are seeing a new approach to security that is rippling across network defenders, products, and attackers alike. The approach is based on the idea that you can improve security on data by harnessing data to improve security. This requires transitioning from appliances that shrink data volumes to cloud approaches that capture more data than […]

Read more

Don’t @ Me Hunting Twitter Bots at Scale

Automated Twitter accounts have been making headlines for their ability to spread spam and malware as well as significantly influence online discussion and sentiment. In this talk, we explore the economy around Twitter bots, as well as demonstrate how attendees can track down bots through a three-step methodology: building a dataset, identifying common attributes of […]

Read more

Securing Robots at Scale

The International Federation of Robotics estimate that 2.6 million industrial robots will be installed in factories worldwide by 2019. Robots are not only in industrial environments, they also exist in homes and around us as toys, companions, assistants and serve various roles in our daily lives. In this session we will talk about our journey […]

Read more

Alexa, what did I do Last Summer?

Smart things are a big trend nowadays. In more than 47 million households, Alexa is always listening and sometimes recording. What exactly does Alexa know about its master? What information does it collect, where is it stored, and what Amazon does to all that data aside of the “learning and quality assurance” routine? In this […]

Read more

Achieving Secure Digital Transformation: Turning the Dream into Reality

As we’ve talked with more and more of our clients about their digital transformations, it has become clear that security is a key facilitator for successful transformation. For example, if an organization churns out a series of new cloud-hosted mobile applications that permit users to more effectively interact with the company, the initiative can backfire […]

Read more

Why Memory Attacks are on the Rise and How to Stop Them

Memory-based, fileless, or living-off-the-land attacks were one of the most prevalent types of attacks in 2017 and are only growing. But how do they happen and why are they on the rise? The short answer is that they work because they are less detectable by traditional and many next gen antivirus solutions. For example, Word […]

Read more

HomeBrew: Developing Your Own (Threat) Intel

We see “threat feeds” discussed online quite often, but what are these really and how do we employ them? When these “threat feeds” are lists of IP addresses, domains, and file hashes, how do we then make use of these within our own infrastructure or organization? It turns out that if you’re a security analyst as […]

Read more

The Hunt is on! Advanced Memory Forensics Meets NextGen Actionable Threat Intelligence

Cyber attacks continue to increase in severity and sophistication.  A new era of attacks have become more ubiquitous and dangerous in nature.  Malware has become much better at hiding its presence on the host machine.  However, one place it cannot hide for long is in the volatile memory of the computer system. The purpose of this […]

Read more

“BlueBorne” Explained – New Attack Vector Exposing 5B+ Devices

Called “Bluetooth’s Stagefright moment,” the Blueborne attack vector identified in September exposed 5B+ devices to hacking. It impacted major mobile, desktop, and IoT operating systems, including Android, Windows, Linux, and iOS. Blueborne attacks devices via Bluetooth in a manner never seen before, and spreads through the air (airborne). Users do not need to be on […]

Read more

Breaking the Laws of Robotics: Attacking Industrial Robots

Industrial robots are complex cyber-physical systems used for manufacturing, and are a critical component of any modern factory. These robots aren’t just electromechanical devices but include complex embedded controllers, which are often interconnected with other computers in the factory network, safety systems, and to the Internet for remote monitoring and maintenance. In this scenario, industrial […]

Read more

The quantum threat: what really matters today?

Quantum computers will break currently deployed public-key cryptography (RSA, ECC, Diffie-Hellman, etc.) which is one of the pillars of modern-day cybersecurity. Thus, we need to migrate our systems and practices to ones that cannot be broken by quantum computers before large-scale quantum computers are built. Impressive progress in developing the building blocks of a fault-tolerant […]

Read more

Threat Hunting an Evolving Malware Campaign and the Actors Behind It

Threat actors need to constantly evolve their techniques to remain undetectable or their campaigns, once exposed, will cease operation. This briefing will take an in-depth, entertaining look at the ever evolving campaign that was thought to have been nearly eradicated. This campaign and the actors behind it have not only continued to operate behind the […]

Read more

A Deep Dive into the Digital Weapons of Mysterious Cyber Army

Being one of the most isolated and secretive nations on the earth, from the Sony Picture breach to the WannaCry attack, cyber-attacks from the Democratic People’s Republic of Korea (DPRK) seem to be more and more aggressive than before. Based on our observations, the North Korea cyber army has expanded their campaign to target not […]

Read more

Skin​ ​in​ ​the​ ​Game:​ ​How​ ​Security​ ​Teams​ ​are​ ​Scaling​ ​Through​ ​IT​ ​Orchestration

It’s​ ​a​ ​universal​ ​truth​ ​acknowledged​ ​that​ ​IT​ ​and​ ​security​ ​teams​ ​have​ ​too​ ​much​ ​to​ ​do,​ ​and​ ​never enough​ ​resources​ ​to​ ​do​ ​it.​ ​Traditionally,​ ​there​ ​are​ ​tactical​ ​tasks​ ​that​ ​security​ ​organizations​ ​own,​ ​but invest​ ​far​ ​too​ ​many​ ​resources​ ​in:​ ​alert​ ​triage,​ ​managing​ ​vulnerabilities,​ ​and​ ​more.​ ​These​ ​tasks​ ​lead to​ ​alert​ ​fatigue,​ ​but​ ​worse,​ ​they​ ​suck​ ​up​ […]

Read more

Building Your Own Automated Malware Analysis Lab for Insights on Active Threats.

Understanding the mechanics of malware attacks is critical for remediation and for preventing similar attempts in the future. Malware analysis can provide valuable insights into the adversaries goals, especially when they are targeted. While cloud based malware analysis tools exist, they are largely inflexible. An in-house lab environment can offer more customization, automation and enhanced […]

Read more

Attacking Modern SaaS Companies

Modern software-as-a-service (SaaS) companies have a large footprint and a lot of automation which enables them to build their service quickly. Since several devops and cloud tools and processes are new, many companies don’t understand the risks and don’t plan with security in mind. Even some practiced network pentesters don’t always know the best way to find vulnerabilities […]

Read more

Incident Response and Forensics in AWS

Moving from on-premises deployments to the cloud can offer incredible benefits to many organizations, including a plethora of capabilities to build, scale, modify, monitor, and tear down infrastructure with never before seen speed and agility. But, how do you monitor for, and respond to, attackers that leverage those same capabilities against you? In this session, […]

Read more

Securing Network Communications: An Investigation into Certificate Authorities on Mobile

This talk will take an in-depth look at the certificate authorities (CAs) found on mobile devices today. The CAs included in our mobile devices make up the roots of trust that our secure network transactions rely on to validate that the servers we are talking to are who they say they are. Focusing specifically on […]

Read more

Eliminating the Automation and Integration Risks of the “Security Frankenstein”

The solution workflow of today’s Security Operations Center (SOC) can be described as a “Security Frankenstein”—where each “limb” is a disparate solution that has been cobbled together in hopes of “orchestrating” the steps in the security kill chain. The result is an ineffective, costly, and cumbersome approach to the security workflow that increases risk and […]

Read more

Why Technology is Not the Answer to Cybersecurity

Protecting yourself from a cyberattack is no longer about technology. While technology is inherently important to any cybersecurity solution, it’s only one piece of the puzzle. And more often than not, the other two pieces are overlooked: people and process. Before adopting the next security technology trend, it’s important to understand what you’re trying to […]

Read more

Lessons Learned Hunting IoT Malware

Permeating the entire spectrum of computing devices, malware can be found anywhere code is executed. Embedded devices, of which many are a part of the Internet of Things (IoT), are no exception. With their proliferation, a new strain of malware and tactics have emerged. This presentation will discuss our lessons learned from reverse-engineering and hunting […]

Read more

Crash Course in Kubernetes & Security

Kubernetes is Google’s answer to container orchestration and some of the tools it provides developers are indistinguishable from black magic. However, with the power that it provides it also can let you fall into some security holes that are hard to climb out of. In this presentation we’ll go through those pitfalls, along with some […]

Read more

AirBnBeware: short-term rentals, long-term pwnage

What’s scarier, letting HD Moore rent your house and use your home network for day or being the very next renter that uses that network? With the colossal growth of the vacation rental market over the last five years (AirBnb, HomeAway), travellers are now more vulnerable than ever to network based attacks targeted at stealing […]

Read more

WiFi Exploitation: How passive interception leads to active exploitation

When was the last time you thought to yourself, hmm, I wonder if an attacker is exploiting my smart phone and laptop as a result of merely leaving my WiFi enabled? Or, when did you think: I wonder if a person can create a profile about me and possibly determine where I live, work, and […]

Read more

How To Secure Serverless Applications

Serverless applications offer a number of fantastic benefits that let you focus almost exclusively on solving your user’s problems. Relieved of the daily operations burden of traditional deployments, teams often think that security is taken care of inherently in the design. Nothing could be further from the truth. In this talk, we’ll explore how to […]

Read more

[Ab]using TLS for defensive wins

TLS, and it’s older forerunner SSL, are used to maintain the confidentiality and integrity of network communications. This is a double edged sword for Information Security departments as this allows private information to remain private, but can also be used to hide malicious activity. Current defensive measures for dealing with network traffic encrypted using TLS […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required