The evolution of rogue code has somewhat ignored the opportunities offered by kernel network drivers. In this paper we will analyze such opportunities and demonstrate several methods of data theft and system commandeering while evading perimeter/host based security systems and operating undetected in the long term. End node TCP/IP perversion relies on a kernel module […]
This lecture will present current challenges in operating systems security – from both a human as well as a technical perspective – and views on possible ways of addressing those issues. The main message will be that the so-called “human factor” is not, in contrast to common belief, the weakest link in IT security, as […]
The last two years have seen a big new marketing-buzz named “Admission Control” or “Endpoint Compliance Enforcement” and most major network and security players have developed a product-suite to secure their share of the cake. While the market is still evolving one framework has been getting a lot of market-attention: “Cisco Network Admission Control”. NAC […]
95% of downtime and successful criminal hacker attacks are because of your known vulnerabilities – find out what they are, current standards and new trends from the international standards body at MITRE, funded by the US Department of Homeland Security. Miliefsky is a Board member of this organization and will provide insights and free resources […]
Security Compass is pleased to announce the release of the free Exploit-Me series of application penetration testing tools at SecTor. The toolset is made specifically for security consultants, developers and QA staff to facilitate testing of applications. The Exploit-Me series of tools are plug-ins to Firefox that allow for easy “right-click” style parameter fuzzing for […]
Hackers, terrorists, insiders, nation states and others all pose threats, but who really is capable of damaging our critical systems infrastructure. Not too long ago we were only concerned about hackers breaking into our systems. Today, we face a number of threats in cyber space. Trusted insiders now account for more that fifty percent of […]
Both a WhiteHat Audit and a BlackHat Compromise begin with scoping out the network. Using OS and Application fingerprinting techniques have been staples of Network Reconnaissance for close to a decade. Today’s techniques include passive, active, blind and invasive fingerprinting. A brief review of current and past strategies explains the strengths and pitfalls of each […]
With the recent advancements in national security initiatives, as well as parallel efforts in research by both the public and the private community, there is an immediate requirement for the strategic development of plans to protect Critical Information and Key Resources (CI/KR) from cyber attack. As such, Process Control and SCADA systems are beginning to […]
During the last ten years, Kevin Mandia has been on the front lines assisting organizations in responding to international computer intrusions, theft of customer credentials, and widespread compromise of sensitive data. During his efforts to resolve these incidents, many similar challenges and issues confronted each organization. During this presentation, Mr. Mandia will provide case studies […]
This presentation tries to show different security problems that might arise in virtualized environments. It first talks about virtualization based rootkits (AKA “blue pills”) — what so special about them, clarifies some misunderstandings and also discusses how real this threat is today. It also touches on the subject of virtual machine isolation and why we […]
Forty-seven of the world’s leading security vendors collaborate with a single centralized, private source of threat intelligence for the data and technical analysis that drives their daily product updates and helps focus their longer-term technology innovations. This presentation draws directly on that same key data source to derive hard data regarding the evolution of threats […]
This presentation will discuss the evolution of phishing from being a means of stealing user identities to becoming a mainstay of organized crime. Today, phishing is a key component in a “hackers’ repertoire. It has been used to hijack online brokerage accounts to aid pump ‘n dump stock scams, and as a means of creating […]
Enhancements in cellular technology and mobile computing in recent years has lead to the availability of affordable and powerful mobile devices. Where before cellular phones where relegated only to the business class and other members of the upper-echelon of society, today they are deemed a necessity and have become so cheap in comparison to phones […]
Today, more than ever, law enforcement must work closely with various partners to identify and develop strategies to address the challenges posed by the diversity and speed of crime on the internet. The fact that a significant percentage of Canada’s critical infrastructure is owned and operated by the private sector and that the diversity of […]
In this talk, I will summarizing advances in academic research for mechanisms that use Virtual Machine Monitors (VMMs) to increase the security of commodity systems. Commodity systems are often required to support functionality required by legacy applications that is often at odds with security. For example, commodity systems feature dynamic extensibility, and many commodity applications […]
The bad guys just keep getting better! They’re constantly changing their tactics and inventing new techniques to cause you harm, damage your data, and make your resources unavailable. Why do they do this? What motivates someone to — let’s call it what it is — commit computer-related crimes? How have they changed and improved? What […]
The Domain Name System (DNS) has been up for an overhaul for many years, as the last “core internet” protocol left without any security. Attacks abusing the DNS to hijack domains, spoof websites and bypass spam filters are on the rise. July 2007 saw a major DNS hijacking attack. Gartner prominently added DNS attacks to […]
The biggest problem in corporate information security is the people performing the work. I have found that there are people outside the security field, and even many people inside the field, who think they know what they need to know about security but clearly don’t. Additionally, some people know a great deal about one aspect […]
Databases are the single most valuable asset a business owns. Databases store and process critical financial, healthcare and HR data, yet businesses place very little focus on securing and logging the underlying database transactions. As well, in an effort to trim costs, many organizations are consolidating several databases on to single mission critical systems which […]
As the field of information security matures, several significant barriers to progress that exist today will have to be removed if our capability to manage security risks is to improve. This presentation focuses on several of these, including the lack of truly effective channels to convey current knowledge to front-line practitioners; the division of the […]
You’re not attractive enough to be on CSI: Miami, but who cares…this is real life. Join Kai Axford and members of Canadian law enforcement best cybercrime teams, for a fun and engaging session, as we demonstrate tools and techniques that will prove useful in your own computer investigations. Got questions on how RCMP and TPS […]
Hacking stuff is for the birds. I’m taking a new path in life. I’ve decided to become a technical consultant for Hollywood. (No, not really, but work with me here). In my new role, I’ve decided it’s time to take up the torch for all my fellow consultants who have been abused by you people […]
Wireless technology was supposed to mean freedom from wires and desks. It has instead become one of the biggest security nightmares for IT. How did we get here, what are the threats (existing and emerging), and where do we go from there. With wireless available on every new laptop and even Ipods now, it’s with […]
The web has grown beyond anyone’s wildest expectations — but it’s still based on Internet protocols that go back thirty years. In this talk, I explore an interesting fault in the fundamental design of the web, which exposes every corporate network to the Internet and makes click fraud, SPAM, and worse distressingly trivial. Interestingly, the […]
Stefan is Chief Security Architect of Third Brigade and is an expert within the Internet security field. Stefan co-founded IDRCI (Internet Development Research Centre Inc.) in 2000 and as Vice-President, Research & Development he was a co-architect of the CHX technology, which is the foundation of the Third Brigade product family. Prior to founding IDRCI, he was Head Technologist for the Managed Service Provider Microsource from 1997 to 2000, where he successfully developed centralized security systems allowing for managed security services to be deployed to Microsource customers. Stefan attended Concordia [...]
Joanna Rutkowska is a recognized researcher in the field of stealth malware and system compromises. Over the past several years she has introduced several breakthrough concepts and techniques on both the offensive and defensive side in this field. Her work has been quoted multiple times by international press and she is also a frequent speaker at security conferences around the world. In April 2007 she founded Invisible Things Lab, a consulting company dedicated for cutting edge research into operating systems security.
Dror has enjoyed working with Cisco stuff for more than eight years and is usually busy assessing the security of enterprise networks and data-centers. He works as a senior security consultant for Germany-based ERNW GmbH all over Europe and has published multiple whitepapers on security-related topics. He is a seasoned speaker and enjoys sharing his experience with his audience. The last two years have seen him develop additional points of interests, as e.g. "Mobile Security" [he simply loves to play around with all the newest funky gadgets] and "Endpoint Security"-but [...]
Michael Thumann is Chief Security Officer and head of the ERNW "Research" and "Pen-Test" teams. He has published security advisories regarding topics like 'Cracking IKE Prshared Keys' and Buffer Overflows in Web Servers/VPN Software/VoIP Software. Michael enjoys sharing his self-written security tools (e.g. 'tomas' a Cisco Password Cracker', 'ikeprobe' IKE PSK Vulnerability Scanner' or 'dnsdigger'a dns information gathering tool') and his experience with the community. Besides numerous articles and papers he wrote the first (and only) German Pen-Test Book that has become a recommended reading at German universities. In addition [...]
Gary S. Miliefsky is an American entrepreneur, founding member of the U.S. Department of Homeland Security, philanthropist (a founding member of the Walden Woods Project, started by musician Don Henley), and the Founder and Chief Technology Officer of NetClarity, Inc., the network security software and appliance company that he founded with current Chairman and CEO, Gil Roeder. Miliefsky is one of the best-known entrepreneurs of the network security revolution. He is widely admired as the inventor of clientless network admission control or clientless NAC and has over a dozen patents [...]
Nish Bhalla the Founder of Security Compass has coauthored and contributed to multiple books including "Buffer Overflow Attacks: Detect, Exploit & Prevent", "Windows XP Professional Security", "HackNotes: Network Security", "Writing Security Tools and Exploits" and "Hacking Exposed: Web Applications, 2nd Edition". He has also been involved in the open source projects such as YASSP and OWASP, and is the chair of the Toronto Chapter. He has also written many articles including ones for securityfocus and others. He is a frequent speaker on emerging security issues. He has spoken at reputed [...]
Rohit Sethi, Manager of Professional Services, Security Compass, is a specialist in threat analysis, application security reviews, and building security controls into the software development lifecycle. Rohit has spoken and taught at Infosec New York and Toronto, the ISC2's Secure Toronto conference and at OWASP chapter meetings. At Security Compass, Rohit has taught courses on web applications security in cities across North America. He has also performed extensive threat analysis, source code reviews, and penetration testing for clients in financial services, utilities, telecommunications and healthcare. He is often consulted as [...]
Kevin G. Coleman is a fifteen year computer industry veteran. A Kellogg School of Management Executive Scholar, he was the former Chief strategist of Netscape. Now he is a Senior Fellow and Strategic Management Consultant with the Technolytics Institute - an executive think-tank. He sat on the Science and Technology advisory board for the Johns Hopkins University- Applied Physics Lab, one of the leading research organizations in the United States. He has published over sixty articles covering security and defense related matters including UnRestricted Warfare and Cyber Warfare. In addition [...]
Jay Graver is a Lead Engineer at nCircle Network Security. For the past 5 years he has worked with the Vulnerability and Exposure Research Team specializing in interrogating Applications and Services over the network. He has years of experience creating non invasive detection of vulnerabilities. Jay is a member of the OVAL Board and works with industry initiatives such as CIS and CPE. Current Areas of research include; Regulatory Compliance, SSL library fingerprinting, Virtualization and unobfuscation techniques. Based in Toronto Ontario, he holds a BSc(Eng) Computer Engineering degree from the [...]
Ryan Poppa is a Lead Engineers at nCircle Network Security. They specialize in interrogating Applications and Services over the network. Their years of experience have been focused on the non invasive detection of vulnerabilities. Current Areas of research include; HTTP server analysis, graph theory, SSL library fingerprinting and unobfuscation techniques. Based in Toronto Ontario, they hold degrees from University of Guelph and the University of Waterloo. You can find their latest posts at blog.glaciertech.ca & numerophobe.com
Mike Shema, security research engineer at Qualys, is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. He has extensive experience with information security, especially in the realm web application security. He is currently developing tools that automate the web application audit process. His prior experience includes research and development at NT Objectives, Inc. and information security consulting at Foundstone and Booz Allen Hamilton.
Mark Fabro is the President and Senior Scientist of Lofty Perch, Inc. a market leading security consulting firm focused on SCADA and process control system cyber security. As well as being the Chairman of the Canadian Industrial Cyber Security Council, Mr. Fabro's projects have include working with both the U.S. and Canadian national security community, and he was a contributing specialist to the U.S National Strategy to Secure Cyberspace, the cyber annex to the National Response Plan, and most recently the post-Katrina control system recovery plan for the Oil and [...]
Mr. Mandia is an internationally recognized expert in the field of information security. He has over fifteen years experience, beginning in the military as a computer security officer at the Pentagon. He has assisted attorneys, corporations, and government organizations with matters involving information security compliance, complex litigation support, computer forensics, expert testimony, network attack and penetration testing. He is co-author of Incident Response: Performing Computer Forensics (McGraw-Hill, 2003) and Incident Response: Investigating Computer Crime (McGraw-Hill, 2001). A noted expert and author, he frequently presents at security industry conferences including Black [...]
Ben Sapiro is the Senior Director of Security, Privacy and Compliance at Vision Critical (a SaaS company) and has worked in both InfoSec consulting and operations since he somehow managed to graduate from b-school. Other than that, he’s a typical middle-aged Canadian who has worked at $companies doing $work to earn Canadian pesos. Ben is a regular contributor on LiquidMatrix Podcast (whenever we get around to recording it) and helps run BSidesTO.
Rohyt Belani is a Managing Partner and co-founder of the Intrepidus Group. Prior to starting Intrepidus, Mr. Belani has held the positions of Managing Director at Mandiant, Principal Consultant at Foundstone and Researcher at the US-CERT. During his tenure in information security consulting, Mr. Belani has provided strategic security consulting to information security executives, and performed numerous technical security reviews of critical financial applications and networks. In addition he has assisted organizations in responding to high exposure security incidents involving securities fraud, credit card theft, and cyber-extortion. He is a [...]
Dino Covotsos is the Founder and Managing Director of Telspace Systems, a South African IT security firm which started business in 2002. Mr. Covotsos has many years of experience in the IT security industry and has been involved in many different large scale projects worldwide, ranging from vulnerability assessment to attack and penetration testing for corporate clients. Mr.Covotsos uses his hands on knowledge to help secure corporate networks in new and unique ways and has also written articles for various magazines in the IT and Government sector specifically on information [...]
Insp. Carole Bird has been a member of the Royal Canadian Mounted Police (RCMP) since 1989. She began her service in Manitoba where she worked in a number of areas including a number of First Nations Communities, highway patrol and rural policing. In 1992, she began work in a specialized federal investigative unit where she focused on Copyright, Trademark and Intellectual Property investigations and Customs and Excise investigations as well as Radio Telecommunications Act investigations. She has also worked in the RCMP's Informatics Operational Support and Human Resources areas prior [...]
Dr. David Lie received his B.S. from the University of Toronto in 1998, and his M.S. and Ph.D from Stanford University in 2001 and 2004 respectively. Since then, he has been an Assistant Professor in the Department of Electrical and Computer Engineering at the University of Toronto. While at Stanford, David founded and led the XOM (eXecute Only Memory) Processor Project, which supports the execution of tamper and copy-resistant software. He was the recipient of a best paper award at SOSP for this work. Currently, his interests focus on securing [...]
Steve Riley is a senior program manager in Microsoft's Security Business Unit in Redmond, Washington, USA. Steve specializes in network and host security, communication protocols, network design, and information security policies and process. His customers include various ISPs and ASPs around the United States, as well as traditional enterprise IT customers, for whom he has conducted security assessments and risk analyses, deployed technologies for prevention and detection, and designed highly-available network architectures. Steve is a frequent and popular speaker at conferences worldwide, often appearing in Asia one week and Europe [...]
Paul Wouters received his Bachelors degree in Education in 1993. He co-founded an ISP and a security company specialising in IPsec and DNSSEC. For many years, he has been the release manager for Openswan, the Linux IPsec software. He is the co-founder of the first Toronto hacker space, HackLab.TO. He is an active participant and document author with the IETF, and is currently a Senior Software Engineer for the security group at Red Hat where he gets to shoot himself in the foot every day with FIPS and SElinux.
Ira Winkler, CISSP is President of the Internet Security Advisors Group. He is considered one of the world's most influential security professionals, and has been named a "Modern Day James Bond" by the media. He did this by performing espionage simulations, where he physically and technically "broke into" some of the largest companies in the World investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security [...]
Kevvie Fowler is a partner in KPMG Canada's forensic practice and is an information security and data analytics specialist. As author of SQL Server Forensic Analysis and contributing author to several security and forensics books Kevvie is a recognized advisor who supports organizations across Canada and abroad. Kevvie also teaches database forensics to law enforcement agencies across North America and sits on the SANS GIAC Advisory Board where he guides the direction of emerging security and forensics research. Prior to joining KPMG, Kevvie Fowler managed his own professional services company [...]
Dr. Richard Reiner, Chief Security and Technology Officer, TELUS Security Solutions Dr. Richard Reiner is an internationally recognized authority on information and software security. He has been the principal strategist for over 100 major information security and application security initiatives in Fortune 500, TSE 100, and major public-sector corporations. Dr. Reiner holds a Ph.D. in logic and computability, and is a leading innovator in the area of software security with several patents pending in the field. He is often quoted by the press and has been featured on the cover [...]
Kai Axford (MBA, CPP, CISM, CISSP, ACE, CHFI), is the National Manager for the Information Risk Management & Security practice at Accretive Solutions and he is board certified in security management. In his current role he leads a team of penetration testers that conduct exploitation testing, facility breach exercises, vulnerability assessments, and other security exercises. Kai has delivered over 300 security presentations on a variety of topics, including computer espionage, digital forensics, security management, and incident response around the world. Kai holds an MBA in Information Assurance, is a Certified [...]
Johnny Long is a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author. He can be found lurking at http://johnny.ihackstuff.com.
Born and raised in Edmonton, Alberta, Brad is a fixture in the hacker community for the last 10 years. He has spoken frequently at Defcon, Shmoocon, SecTor, Hackcon, and HOPE on a variety of topics. He spends his time advancing the causes of wireless security, including generating the first pre-computed hash tables for faster cracking of WPA/WPA2-PSK networks. Self-Employed, he is always looking for a new oppourtunity to speak and educate the public about the dangers of wireless networks and finding new ways to shove electronics into teddy bears.
Dan Kaminsky is the Director of Penetration Testing at IOActive, a Seattle-based security consultancy. Dan has been speaking at conferences for over six years, and has a reputation for doing bad things to packets. He spent two years at Cisco, and another two at Avaya, before spending 2006 consulting at Microsoft analyzing Vista.