Cybercrime 101

Cybercrime continues to rise. While many businesses are improving their overall security posture using GRC regimes like PCI, HIPAA-HITECH, and SOX, and technologies such as Web Application Firewalls, Network Access Control devices, and SIEM solutions, attackers are making adjustments to avoid detection, becoming more creative in their approach to the attacks, and leveraging more complex […]

Read more

Hunting Malware on Linux Production Servers: The Windigo Backstory

Operation Windigo is a large server-side malware campaign that targets Unix systems (BSD, Linux, etc.). Its operators control more than 25,000 compromised servers. Every day, they use this infrastructure to redirect more than 500,000 end-users to malicious content and send more than 35M spam messages. This talk will cover what we have done and what […]

Read more

Hide it with encryption, display it with performance

A network protocol has performance requirements. In order to address these requirements, many implementations will leak some side-channel information, indicating how a tunnel is being used. Particularly approximate packet sizes and timing can be tied to a particular use of an encrypted tunnel. Pacumen is an open-source tool which can learn what a specific application […]

Read more

Mobile Fail: Cracking Open “Secure” Android Containers

We’ve known for some time that physical access to a device means game over. In response, we’ve begun to rely more and more on “secure” container applications to keep our private and company data secured. Whether you use LastPass to secure your passwords, or GOOD for Enterprise to make sure your company emails are locked […]

Read more

Unmasking Careto through Memory Analysis

In early 2014 Kaspersky Labs reported on an extremely advanced malware sample that was used in a sophisticated espionage campaign (http://bit.ly/1bl4L0e). As with many samples seen in these types of campaigns (Stuxnet, Duqu, etc.), Careto went undetected for a long period of time, even on systems with updated AV and HIPs products installed. In this […]

Read more

Predictions Panel

Ever wonder what the next big information security threat will be? So do we… and let’s face it, if we knew for certain, we would be keeping quiet and likely very rich. However, this panel session brings together a group with their collective finger on the pulse of information security in Canada and beyond, who […]

Read more

How’d That End Up On Pastebin?

Defenders are at a huge disadvantage, often investigating compromise with educated guesses based on theoretical knowledge of kill chains, anomaly detection, and IOCs. Experience adds the benefit of recognizing what has been done before, but few blue team members understand how attacks work and how attackers move or escalate during attacks. This talk will explore […]

Read more

Corporation in The Middle

My ISP was deliberately MiTM’d my connection.  This talk discusses how they did it, how I detected what they did and what this means.  This talk covers what I learnt over three months of analysis focusing on the technology involved both on the ISP side and my own. I cover in detail how I went […]

Read more

Attrition Forensics, Digital Forensics For When the Going Gets Tough and the Stakes Are High

Investigating a suspected computer compromise or intrusion can be difficult.  In a sense, that is by design.  Malicious actors can go to great lengths to hide their activities and tools.   Attrition Forensics attempts to outline how to investigate a compromise or intrusion involving modern Windows systems when the attacker is particularly good and the investigation […]

Read more

ALL YOUR MACS ARE BELONG TO US

Attackers have already set their sights on Mac. They have been thinking of and finding ways to cash out. This talk shows one of those ways. In this presentation, I will show and demonstrate live how attackers pwn Macs using browsers running in Mac and hold the system hostage until the user posts a “ransom.” […]

Read more

KickaaS Security with DevOps and Cloud

Think DevOps and cloud reduce your security? Think again. In this session we will dive into the world of DevOps and show how it can dramatically improve security through consistency, resiliency, and standardization. We will demonstrate specific technical techniques for integrating security into DevOps, including automating security policy compliance through injection of security baselines, and […]

Read more

Reverse Engineering a Web Application – For Fun, Behavior & WAF Development

Screening HTTP traffic can be something really tricky and attacks to applications are becoming increasingly complex day by day. By analyzing thousands upon thousands of infections, we noticed that regular blacklisting is increasingly failing so we started research on a new approach to mitigate the problem. We started with reverse engineering the most popular CMS applications such […]

Read more

Elevator Hacking: From the Pit to the Penthouse

Throughout the history of hacker culture, elevators have played a key role.  From the mystique of students at MIT taking late-night rides upon car tops (don’t do that, please!) to the work of modern pen testers who use elevators to bypass building security systems (it’s easier than you think!) these devices are often misunderstood and […]

Read more

POS Malware Evolved

Over the past decade, point of sale (PoS) systems have been plagued by both attacks and targeted malware. During this time, we’ve seen a dramatic shift by this targeted malware in both the techniques used and the capabilities it has. This talk will discuss the shifts the security and research community has witnessed by PoS […]

Read more

Play Flappy Bird while you pentest Android in style

Doesn’t it bother you that you have to give up all your mobility when penetration testing Android applications and spend the majority of your time sitting in front of another device that has a running proxy? That will now be history. In this talk we will present a fully interactive proxy that runs as an […]

Read more

The Internet of Fails: Where IoT Has Gone Wrong and How We’re Making It Right

This presentation will dive into research, outcomes, and recommendations regarding information security for the “Internet of Things”. Mark and Zach will discuss IoT security failures both from their own research as well as the work of people they admire. Attendees are invited to laugh/cringe at concerning examples of improper access control, a complete lack of […]

Read more

The Latest Changes to SAP Security Landscape

The world of SAP deployments continues to evolve and certainly one of the big additions is the deployment of SAP HANA. This talk will review the current SAP security landscape, what attacks are currently prevalent and which ones are possible.  The talk will then take a deeper look specifically at HANA as a rich target […]

Read more

BREACH: SSL, Gone in 30 seconds

In this hands-on talk, we will introduce new targeted techniques and research that enable an attacker to reliably retrieve encrypted secrets (session identifiers, CSRF tokens, OAuth tokens, email addresses, ViewState hidden fields, etc.) from an HTTPS channel. We will demonstrate that this new compression oracle is real and practical by executing a PoC against a […]

Read more

Exploiting the Zero’th Hour: Developing your Advanced Persistent Threat to Pwn the Network

Advanced Persistent Threats (APT) and Botnets represent one of the largest security concerns with regards to network defense and exploitation. Most security professionals know about these advanced tools; many people have even discussed the overall concept regarding command and control of networked systems, however, many experts to not yet understand how to create a botnet […]

Read more

Needle in a Haystack – Harnessing Big Data for Security

The polymorphic nature of malware, failure of signature-based security tools and massive amounts of data and traffic flowing in and out of enterprise networks is making threat management virtually impossible using traditional approaches without copies, samples or details how can one possibly prevent, contain and inform on targeted attacks? This session will demonstrate how to […]

Read more

Popping the Penguin: An Introduction to the Principles of Linux Persistence

Breaking in is half the battle. I’ve talked to so many people whose only objective is to try and break into systems. I get that. It’s awesome, the rush you get when you bring up that shell. But what then? Ops hardening does not end at the outer shell. Once you’re in, you still have […]

Read more

The World’s Deadliest Malware

This silent threat infects more than 1,000 victims annually. It shows no prejudice, it has no compassion. It comes like an unseen thief in the night to steal. It IS the World’s Deadliest Malware. Point of Sale breaches continue to plague the business world. Credit card data is being stolen in ever increasing numbers with […]

Read more

Malware Automation

Automation is key when it comes to production. The same is true for malware. Malware production has moved on from the traditional manual method to a more efficient automated assembly line. In this talk, I will take the audience on an over-the-shoulder look at how attackers automate malware production. Discussion will focus on the tools […]

Read more

.NET Reversing: The Framework, The Myth, The Legend

This talk will cover the current state of the art in .NET reversing, down from PE format of .NET assemblies through various types of obfuscation, and into reversing tools and techniques. Finally, we will explore reversing popular .NET RE tools in an attempt to modify their behavior.

Read more

“Big Data Security, Securing the insecurable”

Big data is one of the fastest growing areas within IT. The benefits of big data have been well publicised however little is known about the actual security risks associated with the technology. This session cuts through the hype and will expose big data security risks, a new class of attack and the practical guidance […]

Read more

CeilingCat IS Watching You

It shouldn’t be news to anyone that people share too much information online. In fact, one major problem that attackers and defenders have is the sheer volume of data that they need to sort through. In this presentation, Shane MacDougall will demonstrate leaked information that can lead to a successful attack, walk through a couple […]

Read more

BIOS Chronomancy

In 2011 the National Institute of Standard and Technology (NIST) released a draft of special publication 800-155. This document provides a more detailed description than the Trusted Platform Module (TPM) PC client specification for content that should be measured in the BIOS to provide an adequate Static Root of Trust for Measurement (SRTM). To justify […]

Read more

Weaponized Security

How dangerous can you get with just the security tools you have today? Do you have access to a technology that makes searching patterns of data in the network very simple? I bet you do. Now I want you to imagine implementing that technology on an open wifi to investigate and monitor, not protect. This […]

Read more

Fiber Channel – Your OTHER Data Center Network

The majority of large datacenter storage architectures in the world are currently based on Fiber Channel networks. Unfortunately, the emphasis on security, compliance, and audit remains on hosts and traditional Ethernet networks, leaving the Fiber Channel behind as “a storage thing” that for some reason is never secured. Abdicating this responsibility leaves the Fiber Channel […]

Read more

Build Your Own Android Spy-Phone

Know your enemy! Attendees will see a live demonstration of how we built a proof-of-concept Android Spy-Phone. We will show how we developed the Android spy-phone module and demonstrate how to inject it into legitimate applications to infect unsuspecting victims. We will demonstrate how the spy-phone command and control server can take complete control of […]

Read more

Cryptographically Isolated Virtualized Networks – A Community of Interest Approach

Two ongoing industry trends are in conflict with each other. On the one hand, networks are increasingly being consolidated into shared infrastructure utilized by many different clients. From converged hardware networks, through virtualized IT shops, into the cloud, more and more traffic is being merged and intermixed on this shared infrastructure. Conversely, industry regulatory and […]

Read more

Pivoting in Amazon clouds

From no access at all, to the company Amazon’s root account, this talk will teach attendees about the components used in cloud applications like: EC2, SQS, IAM, RDS, meta-data, user-data, Celery; and how misconfigurations in each can be abused to gain access to operating systems, database information, application source code and Amazon’s services through it’s […]

Read more

Your own pentesting army complete with air support

This talk will discuss pentesting with an army of low-powered devices running a custom Linux distro (known as The Deck). The devices are connected via 802.15.4 networking for command and control. The Deck runs on the BeagleBone and BeagleBoard family of devices. An airborne version of The Deck which (along with wireless sensors) is embedded […]

Read more

Running at 99%, mitigating a layer 7 DoS

Application-Level Denial of Service (DoS) attacks are a threat to nearly everyone hosting content on the Internet. DoS attacks are simple to launch, but are often very difficult to defend against. Modern websites are a diverse set of moving parts, and a malicious actor only needs to find the point at which any one of […]

Read more

RATastrophe: Monitoring a Malware Menagerie

Over the last three years, our visibility into the threat landscape of civil society organizations and human rights NGOs has led to a number of discoveries about how various threat actors are engaging in espionage against civilian targets. Attacks in this area are often overlooked by AV and security companies due to the low resources […]

Read more

Software Refined Networking – The Path To Hell Is Paved With Good Abstraction

New application architectures, programmatic languages and frameworks, the (un)availability of exposed platform security capabilities combined with virtual/physical networking and workload mobility are beginning to stress our “best practices” from a security perspective. What are the real security issues (or hype) of Software Defined Networking (SDN) and the vision of the Software Defined Datacenter?

Read more

MILLION BROWSER BOTNET

Online advertising networks can be a web hacker’s best friend. For mere pennies per thousand impressions (that means browsers) there are service providers who allow you to broadly distribute arbitrary javascript — even malicious javascript! You are SUPPOSED to use this “feature” to show ads, to track users, and get clicks, but that doesn’t mean […]

Read more

Anti-Forensic Techniques and Countermeasures

Digital investigations may be conducted differently by various labs (law enforcement agencies, private firms, enterprise corporations) but each lab performs similar steps when acquiring, processing, analyzing, or reporting on data. This updated talk will discuss techniques that criminals can use to throw wrenches into each of these steps in order to disrupt an investigation, and […]

Read more

APT ALL THE THINGS: are Mac users no longer safe?

A new development of 2012, targeted attacks (APTs) against human rights now often include malware specifically designed to compromise Macs. Mac users have long thought they’re safe, for a variety of reasons including: “nobody ever targets us” (not anymore!), “Macs are based on Unix so have additional security” (not if new vulnerabilities are found, or […]

Read more

Reversing Patches for Exploit Creation, Pen-Testing or Just Fun!

How many times have you wondered what really gets fixed inthe security patches released by vendors? Are you curious to find new vulnerabilities that could be introduced due to faulty patches? This talk will go over some basic reversing techniques that anyone can use to read what exactly gets fixed in patches. These techniques can […]

Read more

Conquer the Beast – How to Effectively Manage Open-source Intelligence Outbursts

Open-source Intelligence has picked up quite a hype lately and everyone talks about its importance within a security program to protect organizations against present and emerging threats. With the advent of social media, monitoring all these sources has become even a bigger challenge. Despite its importance, no one has provided specific guidance on how exactly […]

Read more

Hadoop Forensics, Tackling the elephant in the room

Unless you’ve been living under a rock you’ve heard that Hadoop is regarded as the miracle solution for the big data needs of business. It is not uncommon for Hadoop clusters to store and process terabytes of sensitive information. Hadoop’s enormous data stores and inherit security issues make it the perfect storm of risk for […]

Read more

Hey, I just middled you, and this is crazy

But, here’s your password. Reset it, maybe? Everyone thinks they know about the Man in the Middle. Most places think as long as they have SSL, they’re immune. Attackers know better. We’ll demonstrate implications of Man in the Middle vulnerability that go beyond the 101. We’ll show how layer 2 weaknesses can be turned into […]

Read more

Building Dictionaries and Destroying Hashes Using Amazon EC2

By aggregating and creating new dictionaries and manipulating them to guess plaintext and hashed passwords in high profile password exposures, I’ll demonstrate which dictionary attacks are the most effective. I will also demonstrate the building of passphrase dictionaries, an analysis of their effectiveness, and demonstrate a tool for building passphrase dictionaries. The password and passphrase […]

Read more

With new technologies come new vulnerabilities

HTML5 introduces significant changes for today’s websites: new and updated tags, new functionality, better error handling and improved Document Object Model (DOM). However, the HTML5 new features come with new (application) security vulnerabilities. This session will review the new attack vectors, associated risks and what a needs to be taken into consideration when implementing HTML5.

Read more

Microsoft Security Intelligence Report; Canadian Edition

Threats have changed in dramatic and unexpected ways around the world over the past year as attackers continue to hone and evolve their strategies and tactics, and Internet-connected devices proliferate. Using the latest data from hundreds of millions of systems around the world and some of the Internet’s busiest online services, this session will provide […]

Read more

Poortego: An OS-INT correlation tool for the 99%

Aggregating and correlating open-source intelligence (OS-INT) is an important aspect of both attack and defense. When on the offensive, OS-INT provides critical reconnaissance information. Whether sucking down data from corporate directories, gathering information from social networking sites, or combing Pastebin for stolen credentials, the relationships among associated data sets paint a critical picture highlighting potential […]

Read more

Hey, I just middled you, and this is crazy

But, here’s your password. Reset it, maybe? Everyone thinks they know about the Man in the Middle. Most places think as long as they have SSL, they’re immune. Attackers know better. We’ll demonstrate implications of Man in the Middle vulnerability that go beyond the 101. We’ll show how layer 2 weaknesses can be turned into […]

Read more

The More Things Change: The vulnerabilities that time forgot

The more things change the more they stay the same. There have been numerous advances in the security field over the last 15 years yet many corporate networks are still plagued with the same vulnerabilities they were over a decade ago. If a hacker from the late 1990’s had a time machine, how successful would […]

Read more

Introducing ‘Android Security Evaluation Framework’ ASEF

Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is exposed. Is there really a […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!