Hey, I just middled you, and this is crazy

But, here’s your password. Reset it, maybe? Everyone thinks they know about the Man in the Middle. Most places think as long as they have SSL, they’re immune. Attackers know better. We’ll demonstrate implications of Man in the Middle vulnerability that go beyond the 101. We’ll show how layer 2 weaknesses can be turned into […]

Read more

The More Things Change: The vulnerabilities that time forgot

The more things change the more they stay the same. There have been numerous advances in the security field over the last 15 years yet many corporate networks are still plagued with the same vulnerabilities they were over a decade ago. If a hacker from the late 1990’s had a time machine, how successful would […]

Read more

Introducing ‘Android Security Evaluation Framework’ ASEF

Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is exposed. Is there really a […]

Read more

Hacking .NET Applications: The Black Arts (v2)

This talk will focus on attacking .NET Desktop Applications(EXE/DLL/Live Memory) Both WhiteHat and BlackHat hacking will be shown on common security concerns such as intellectual property protection systems and licensing systems. This presentation will have a New Drop of forensic info on what can be accessed about a .NET application, with basic info targeted at […]

Read more

Hunting Carders for fun and profit

“Hunting Carders for fun and profit” describes the rise in E-commerce breaches over the last year. The talk touches on the reasons cardholder data is so valuable on the black market, the three most common attack vectors, examples of malware discovered during actual investigations, the wrong way to encrypt databases and examples of how several […]

Read more

Sploitego – Maltego’s (Local) Partner in Crime

Have you ever wished for the power of Maltego when performing internal assessments? Ever hoped to map the internal network within seconds? Or that Maltego had a tad more aggression? Sploitego is the answer. In the presentation we’ll show how we’ve carefully crafted several local transforms that gives Maltego the ooomph to operate nicely within […]

Read more

Threat Attribution via DNS

Despite the complexities of modern malware and the stealthiness of targeted infiltrations, the remote command and control of victim devices is heavily dependent upon a clear-text protocol. Using new techniques in the big data analysis of streaming DNS traffic and the application of innovative machine learning systems, it is possible to automatically identify domain names […]

Read more

Pwned in 60 Seconds – From Network Guest to Windows Domain Admin

Zack Fasel brings a New Tool along with New methods to obtain Windows Integrated Authentication network requests and perform NTLM relaying both internally and externally. The Goal? Start off as a nobody and get domain admin (or sensitive data/access) in 60 seconds or less on a fully patched and typically secured windows environment. The Grand […]

Read more

Sniper Forensics: Reloaded

The more things change, the more they stay the same. The first volley of Sniper Forensics presentations focused on single system forensic methodology, data acquisition, interpretation, and ultimately the identification of the Indicators of Compromise found in a breach. In this round, Sniper Forensics takes aim at the world of Incident Response with the same […]

Read more

A Technical View on Cloud Security: How Not To Get Your Undies In A Bunch aka Please Don’t Squeeze The Charmin

Most of the material out there today on cloud security is all about how it is more/less secure then managing things internally and very little of the material focuses on the fundamental differences between internal vs external hosting. And while there has been some discussion of the actual issues (with a few notable exceptions) they […]

Read more

Malware FreakShow

Well, there’s malware on the interwebs. They’re pwning all your systems, snatching your data up. So hide your cards, hide your docs, and hide your phone, ’cause they’re pwning er’body out there! This may be the 3rd and final installment of the Malware Freak Show series, so we’re pulling out all the stops. This year […]

Read more

Wireless Hacking Techniques and Tips

Wireless technology is exploding in popularity. Businesses are not only migrating to wireless networking, they are steadily integrating wireless technology and associated components into their wired infrastructure. The demand for wireless access to LANs is fueled by the growth of mobile computing devices and a desire by users for continual connections to the network without […]

Read more

Near Field Communications (NFC) mobile security for those with No F’ing Clue

As Near Field Communications (NFC) is integrated into our daily lives more and more (credit/debit cards and mobile payments, transit systems, ticketing systems), application developers should understand the risks of implementing NFC in mobile applications. This talk covers several current and proposed NFC implementations with case studies including attacks and mitigations, as well as the […]

Read more

Targeted and Opportunistic Botnet Building

There’s a general myth that botnet operators are opportunistic in their building strategy. In some older and sloppier cases they are but things have moved on. The ecosystem that supports botnet building is increasingly indistinguishable from legitimate Internet businesses – countless shades of gray – and most aspects of that business are well planned and […]

Read more

FACEROUTE: Mapping and Harvesting Social Media Sites

It is a common practice for Social Media sites such as Facebook, MySpace and LinkedIn to be used as components in background and security checks, both in law enforcement and as part of modern hiring practices. In most cases, our social media “shadow” is either a neutral or a positive influence in these processes. However, […]

Read more

Time and Place: Finding Evil with Atemporal Time Line Analysis

For the last few years computer forensic investigators have been singing the praises of Kristinn Gudjonsson’s Log2timeline, a tool that has revived time based artifact analysis despite the use of tools like Vinnie Liu’s Timestomp. This talk will take another look at time lines, but not for their temporal data. We’ll see how even without […]

Read more

Bust a Cap in an Android App

This talk will introduce the audience to the nuts and bolts of Android hacking. Patrick and Veytsman will demonstrate how to take apart an Android application and hunt for vulnerabilities. Topics covered include hunting for goodies in files stored on the device, reverse engineering applications, identifying broken crypto implementations and using remote debugging to execute […]

Read more

Weaponizing The Smartphone: Deploying The Perfect WMD

The acceptance and integration of mobile phones, specifically smartphones, into our everyday life has allowed for these devices to penetrate deep into secure areas. The ability to have your phone along with you at any moment of the day feeds our needs for social media, email, business, and pleasure. This ability and access has allowed […]

Read more

HTTP Header Hunter – Looking for malicious behavior into your http header traffic

Most malware uses HTTP/HTTPS to call home or install other parts of a malicious action. Since thousands and thousands of samples appear daily, it is almost impossible to create signatures to dectect all malicious activities. Based on this problem, we started to analyze common headers and behaviors for malicious connections based on Spiderlabs research analysis […]

Read more

Finding Evil in Live Memory

Live memory forensics is a fun (and effective) way to find an attacker’s footprints on a machine. Michael will provide a brief introduction to the basics of memory forensics on Windows systems, then show how to use several free tools to investigate a running system (or a memory image) for indications that an attacker has […]

Read more

How to Survive DDoS: the Play at Home Game

Michael Smith serves as Akamai’s Security Evangelist and is the customer-facing ambassador from the Information Security Team, helping customers to understand both the internal security program and the unique security features and capabilities of the Akamai product portfolio and cloud-based solutions. Mr Smith fulfills a cross-functional role as a liaison between security, sales, product management, […]

Read more

What is an APT without a sensationalist name?

Targeted malware attacks are particularly dangerous to NGOs and other organizations that take real-world risks while often having little if any IT security budget. In this talk, Seth will describe a variety of targeted malware attacks observed in the wild against human rights organizations, and the techniques (both social and technical) that they use to […]

Read more

Infosec Sheepdogs: Creating an Abstraction/Translation Layer Between InfoSec and Law Enforcement

We in information security don’t often call the fuzz when we get hacked. We fear that the cops would a) rush in, shut us down and mill about in the lobby for 15 days in blue windbreakers, drinking coffee and being suspicious, or b) not understand the nature or the specifics of the problem and […]

Read more

FireShark – A Tool to Link the Malicious Web

Thousands of legitimate web sites serve malicious content to millions of visitors each and every day. Trying to piece all the data together to confirm any similarities between possible common patterns within these websites, such as re-directors that belong to the same IP, IP range, or ASN, and reconstructing the final deobfuscated code can be […]

Read more

SSD: Solid State Drives & How They Work For Data Recovery And Forensics

This presentation will be about the comparison of Flash USB Drives & Solid State Drives VS. Conventional Hard Drive for Data Recovery and Forensics. This presentation is also done with 3D ANIMATIONS that rival the History Channel! As we are all aware, solid state hard drives are going to overtake the hard drives soon rather […]

Read more

A Replicant by Any Other Name: A Security Analysis of the BlackBerry PlayBook

The BlackBerry PlayBook is Research In Motion’s foray into a new mobile operating environment. Featuring TabletOS, built on the QNX RTOS and a user experience built predominately on the Adobe AIR platform, the PlayBook quickly stirred up critical reactions — but also praise, having been certified for use by the U.S., Australian, and Russian governments. […]

Read more

I’m Your MAC(b)Daddy

The field of Computer Forensics moves more and more in the direction of rapid response and live system analysis every day. As breaches and attacks become more and more sophisticated the responders need to continually re-examine their arsenal for new tactics and faster ways to process large amounts of data. Timelines and super-timelines have been […]

Read more

Web Browser Security Faceoff

At no other point in the evolution of computing has user experience (as well as attack surface) been so defined by a single piece of software as it is today. Still, no authoritative picture of the true defensive capabilities of the three major web browsers has existed. A team of Accuvant Labs researchers have been […]

Read more

Sniper Forensics v3.0: Hunt

I am a sniper. I hunt malware. Specifically, I hunt malware that is committing a crime. Memory Dumpers, Key Loggers, and Network Sniffers are the enemy. The enemy can take on any form, he deploys stealth to hide from me. To know the enemy, I have to know HOW he works, not just what his […]

Read more

Progression of a Hack

So you have a firewall, AV, IDS, patch management and more. Nobody is getting in. Somehow Fake-AV and malware still rear their ugly heads from time to time, but things feel pretty safe. Others in this same situation are still making the news. This talk will look at how a single foothold can lead to […]

Read more

Malware Freakshow 2010

We had a busy year. We investigated over 200 incidents in 24 different countries. We ended up collecting enough malware freaks [samples] to fill up Kunstkammer a few times over. Building upon last year’s DEFCON talk, we want to dive deeper and bring you the most interesting samples from around the world – including one […]

Read more

Sharingan – A Ninja art to Copy, Analyze and Counter Attack

Many products in the industry have or use some kind of a proprietary network protocol. Most of these protocols do not have packet level documentation in place; neither with the development team, nor with the architect. In some instances, security assessment team/auditor might be dealing with a network protocol which a third party wrote and […]

Read more

Into the Black: Explorations in DPRK

North Korea scares people. Allegedly DPRK has a super l33t squad of killer haxor ninjas that regularly engage in hit an run hacks against the Defense department, South Korea, or anyone else who pisses of the Glorious Leader. DPRK also has no real Internet infrastructure to speak of (as dictators don’t like unrestricted information), although […]

Read more

Beyond Exploits: Real World Penetration Testing

This presentation focused on abusing design flaws, configuration errors, and information leaks to gain access to typical environments. The open source Metasploit Framework will be used as a demonstration platform to illustrate how low-risk information leaks can be combined to gain administrative access to a target network.

Read more

Into the Rabbit-Hole

Since the caveman first fashioned a spear humans have been using tools to make them more efficient and effective. Unfortunately, today’s analysts often misunderstand the role tools play testing web applications. While tools can be quite good at mapping a web application’s attack surface there is still much human analysis that must be done to […]

Read more

How I Met Your Girlfriend

How I Met Your Girlfriend: The discovery and execution of entirely new classes of Web attacks in order to meet your girlfriend. This includes entertaining and newly discovered attacks including PHP session prediction and random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration […]

Read more

Sniper Forensics v2.0 – Target Acquisition

Last year at SecTor, Christopher debuted “Sniper Forensics”, which illustrates how to use live analysis techniques to improve the efficiency and accuracy of forensic investigations. Since then Sniper Forensics has been given at two other computer security conferences! Now, Sniper Forensics v2.0 Target Acquisition will cover the most asked questions asked by the audience members […]

Read more

What’s Old Is New Again: An Overview of Mobile Application Security

The ever-increasing prevalence of mobile devices brings with it a slew of security problems. Applications running directly on mobile devices (and web apps optimized for mobile clients) are ripe for the picking even by unsophisticated attackers. The attack classes that once applied to traditional network-facing, fat client, and web applications are now valid for mobile […]

Read more

Inside the Malware Industry

Not much is known about the malware industry and how it makes money. This talk will break the silence and expose the shady techniques used to create and spread this software, all from the perspective of someone who worked there.

Read more

Distributed Denial of Service: War Stories from the Cloud Front

Due to the rise of large-scale botnets, Distributed Denial of Service (DDoS) is making a resurgence, both in attacker capabilities and the impact on target organizations. This presentation is an overview of DDoS attacker capabilities and techniques, defenses against attacks, and lessons learned from responding to numerous DDoS attacks. The session will cover a very […]

Read more

Dissecting the Modern Threatscape: Malicious Insiders, Industrialized Hacking, and Advanced Persistent Threats

This is an intermediate to advanced level presentation that pulls from McAfee Labs research as well as real-life customers. This is original content designed to paint a clear picture of today’s threat landscape and through doing so illustrate the differences between insider threats, industrialized hackers, and APTs. Attacks are coming from all angles. In some […]

Read more

CLOUDINOMICON: Idempotent Infrastructure, Survivable Systems & Bringing Sexy Back to Information Centricity

Mass-market, low-cost, commodity infrastructure-as-a-Service Cloud Computing providers abstract away compute, network and storage and deliver hyper-scaleable capabilities. This “abstraction distraction” has brought us to the point where the sanctity and security of the applications and information transiting them are dependent upon security models and expertise rooted in survivable distributed systems, at layers where many security […]

Read more

SCADA and ICS for Security Experts: How to avoid cyberdouchery

The traditional security industry has somehow decided that they are the white knights who are going to save everyone from the horror of insecure powergrids, pipelines, chemical plants, and cookie factories. Suddenly, every consultant is an expert and every product fixes SCADA. And because they don’t know what the hell they’re talking about — ‘fake […]

Read more

Building the DEFCON network, making a sandbox for 10,000 hackers

David covers how the DEFCON network team builds a network from scratch, in three days with very little budget. How this network evolved, what worked for him, and what didn’t work over the last ten years. This network started as an idea, and after acquiring some kick butt hardware, has allowed them to support several […]

Read more

Black Berry Security FUD Free

As mobile computing devices proliferate the enterprise more ‘security’ conscious people are raising flags about mobile device security. One device which is dominant in the enterprise mobile computing world is the ubiquitous Blackberry(TM), which has quite a bit of Fear Uncertainty and Doubt surrounding it and its security controls. Rumors about blackberry compromises and confusion […]

Read more

Google’s approach to malware on the web

This talk looks at how Google searches for malware on the web, and how those findings are made available through the public SafeBrowsing API. We will describe the mechanisms by which malware is generally distributed, and how Google detects infected and malicious websites. Finally, we will discuss some of the newer trends we have seen […]

Read more

Web Application Payloads

This talk will introduce attendees to the subject and show a working implementation of Web Application Payloads that uses the “system calls” exposed by vulnerable Web Applications to collect information from, and gain access to the remote Web server. The Web application payloads implementation was developed as a part of the w3af framework, an open […]

Read more

IPv6, for worse or better

It is about to happen: the long promised upgrade from IPv4 to IPv6 is on our doorstep. The initial reason for this change of the Internet’s layer 3 protocols was to head off the projected 2010-2012 depletion of IPv4 reported back in 1994. As a stop-gap method until IPv6 was fully deployed, the Internet Engineering […]

Read more

The Four Types of Lock

Physical security is an oft-overlooked component of data and system security in the technology world. While numerous ratings and standards exist in order classify specific security hardware, many of these standards are ill-defined and poorly-understood. Do you know what makes a “hardened” or “contractor grade” lock special? What does the phrase “high security” signify on […]

Read more

Metasploit Tips and Tricks

There are tons of tutorials to get started with Metasploit but have you ever wanted some tips to help use the framework more efficiently? This presentation will cover some tricks to help get the most out of Metasploit. You will see demonstrations and learn how to build payloads within Metasploit, use the database effectively, pivot […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!