Big thanks to all the Security BSides Delaware 2011 Speakers! (especially the last minute fill-ins!)
For this year's conference info please see: http://bit.ly/BSidesDE
Classes:
Georgia Weidman
Class Name: Metasploit for Penetration Testing
Class description: The class will begin with the basics of using the Metasploit Framework. We will continue on following
the penetration test methodology to use Metasploit to exploit vulnerable systems in the lab. This class is suitable for those
with no background in Metasploit or penetration testing as well as penetration testers who want to add the Metasploit
Framework to their arsenal.
Requirements: ability to run a VirtualBox or Vmware virtual machine (the streamlined vm for class will be provided)
The time is set at 4 hours with a lot of that being lab time. A vulnerable network will be provided for attacking as well.
========================================================================
Talks
========================================================================
Title: 2 HR People, one Cup- network monitoring at the workplace
Speaker: Alex Muentz
We all know that users mis/abuse any networks they're given access to, mostly because that's what we do as well.
What can an employer do to monitor their own network? What can they do to discipline employees? Are they liable
for the actions of their employees?
Alex Muentz is a lawyer and IT professional. He's presented at all the usual 'cons. When he's not bloviating,
he teaches at Temple University and practices law in Philadelphia, PA.
========================================================================
Title: Alien Autopsy - Android Malware Analysis
Speaker: Jason Ross
Abstract: The Android market has become a prime target for malicious
software developers. This talk will explore some of the reasons why,
take guesses at where things will end up in the next few years, and
explain why it matters. The presentation will then move onto how to
analyze software (malicious or otherwise) on the Android platform.
Included will be a basic overview of Android application design, and how
to tear it apart using network, runtime, and static code analysis
techniques. Tools to facilitate running analysis in an Android test
environment (whether that's an Android emulator or a real device) will
also be released.
Bio: Jason is a guy that can't figure out when he has too much going on.
As a result, he keeps finding new things to play with. He can be found
online at various places - @rossja on Twitter being one.
========================================================================
Title: From Printer to Owned: Leveraging multifunction printers during penetration testing
Speaker: Deral Heiland
Abstract:
In this presentation we go beyond the common printer issues and focus on configuration data available on multifunction printers (MFP) that can
be leveraged to gain access to other core network systems. During this presentation I will be discussing how poor printer security, and discovered
vulnerabilities can be leveraged to harvest a wealth of information from MFP devices including usernames, email addresses, and authentication information
including SMB, Email, LDAP passwords. I will also be discussing the real world penetration testing scenarios and how MFP data was gathered and used to
successful gain administrative access into core systems, including email servers, file servers and Active directory domains on multiple occasions. We will
also explore MFP device vulnerabilities including authentication bypass, information leakage flaws, and XSS flaws. In conclusion we will discuss methods that
can be used to reduce the risk and better secure the environment while still effectively using MFP devices.
BIO:
Deral Heiland CISSP, serves as a Senior Security Engineer for CDW where he is responsible for security assessments, and consulting for corporations and
government agencies. In addition, Deral is the founder of Layered Defense Research, a group of security professionals responsible for discovering and publishing
multiple vulnerabilities. Deral also co-founded the Ohio Information Security Forum (OISF) a 501(c)(3) not for profit organization that focuses on information
security training and education. Deral served as OISF's president for 5 years. Deral is also a member of the foofus.net security team. The foofus.net security
team is group of security professionals and researchers that have produced the security assessment and pen-testing tools Medusa, FgDump and Praeda. Deral
has presented at numerous conferences including ShmooCon, Defcon, CarlinaCon, SecurityByte India, University of Wisconsin lockdown conference and has also
been a guest lecturer at various Universities. Deral has over 18 years of experience in the Information Technology field, and has held multiple positions including:
Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst where he was responsible for
delivering security guidance and leadership in the area of risk and vulnerability management for a global Fortune 500 manufacturer.
========================================================================
Title: How to Own and Protect Your Office Space
Speaker: Dr. Tran @doctor_tran
Abstract: Most people don't need to secure their office build like a
military fortress during the cold war. However, in a world of
misconfigured firewalls, not so bright users, and leaky data, people
forget about their front door. Who needs to SQL injection into the
database when a clever thug or disgruntled employee can walk into secure
areas to steal data? To understand how to protect your office space, you
should know how common inconsistencies, laziness, and neglect can lead
to poor physical security. You'll learn some quick and easy ways to
break into places then tell the facilities guy how to fix it.
Speaker Bio: Dr. Tran is a security professional by day, but some say
he's a super secret agent by night. He's been tinkering and taking apart
technology since childhood (not that long ago), but hasn't necessary
figured out how to reassemble them. When Dr. Tran is not wrenching on
his cars or motorcycles, he's picking locks. He's been an active member
of TOOOL for 2 years and has taught at conferences including Shmoocon,
CarolinaCon, NotaCon, QuahogCon, HOPE, & Defcon.
========================================================================
Title: How I learned to stop worrying about SCADA and love the bomb
Speaker has requested to remain anonymous
General Anon. is a security researcher, penetration tester and security geek.
General Anon. has been in the security/hacking scene for over 15 years.
Over the years the General has released numerous 0 day exploits and disclosed vulnerabilities in sensitive systems as a means to improve the security of those platforms. The General is back, and he's leading an assault on all fronts against a major vendors 'fully patched' SCADA system software. This presentation will be given anonymously to avoid the politics and complications. The goal of this presentation is to get more security researchers to monkey with SCADA systems, and to convince the vendors that a few inadequate patches, released over 1 year after they are notified about a vulnerability is simply an inappropriate response in todays world. It is hoped that serious security enhancements are coming in future updates. -------------------------------------------------------------------------------------------- SCADA systems have been grabbing the headlines a lot in decent years. First the Y2K, then the terrorist threat on our infrastructure, the worm, slew of SCADA vulnerabilities including the famous Siemens vulnerabilities and of coarse some of the talks at DEFCON 19 including the break out of jail, unlock your car etc talks. A lot of people talk about the vulnerabilities and potential but few actually step up and disclose exactly HOW to do any of this publicly. I believe full disclosure is the only way to force an industry to step up and take security seriously. Today we will talk abou the FUD, what's real, what's not, 0 day vulnerabilities, and how to discover them. We will discuss SCADA systems which are controlled from host PCs (direct control), as well as standalone systems (PLCs), common security models, access/control methods (serial, network, wireless, JTAG etc). We'll discuss how to identify these systems in the wild, the vulnerabilities in each of the methods and how to exploit them. Most importantly I will show you HOW to do it and how to get started on your own. No 0 day code/tools will get released at the conference, it will get released 30min after the conference ends.
========================================================================
Presentation Title: A Lesson in How to Win Followers and Influence Friends:
Hacking Twitter to Boost Your Security Career
Speaker: Grecs
Abstract: Twitter has become the de facto standard that infosec pros use to communicate with peers and
many outside the security community. We share interesting articles, proclaim our opinions, strengthen
friendships, build new relationships, and overall become more of a community as a whole. For many Twitter
is a chaotic stream of conscience that we both pull and contribute to. This presentation tries to help
practicing security professionals reign in the chaos with 5 key strategies that will help you effectively
use Twitter to improve your career prospects.
Bio: Grecs has over 16 years experience, undergraduate and graduate degrees in Electrical Engineering, and
a really well known security certification. Even though his training was in Electrical Engineering, Grecs
has always been more of a Computer Science person at heart going back to his VIC-20, Commodore 64, and high
school computer club days. After doing the IT grind for 5 years, he discovered his love of infosec and has
been pursuing this career ever since. Currently, he spends his days doing cyber security paperwork drills in
building and maintaining multi-billion dollar government systems. At night he runs a local infosec website
and tries to get some hands-on skillz.
Twitter: @grecs
Website: NovaInfosecPortal.com
========================================================================
Title: Privacy is Dying, and It's Your Fault
Speaker: Michael Schearer ("theprez98")
Abstract: At DEFCON, I talked about how our privacy rights are under
attack. Our sea of liberty is drying up due to the ever-encroaching
power of the government. A litany of abuses continue to chip away at the
historical foundations of privacy: administrative searches as pretexts
to avoid search warrants, national security letter, andsuffocating
public surveillance just to name a few. Yet the government alone is not
the only source of our ever-diminishing privacy. In this talk, I turn my
attention...to you. Yes, believe it or not, you (and me) and the other
310 million of us in this country are also responsible for our
diminished expectation of privacy. Why are we responsible? Who wants our
information, and why is it so valuable? Is there anything we can do to
stem the tide?
Bio: Michael Schearer ("theprez98") is the author of the "Assault on
Privacy" blog, which focuses on governmental intrusions into privacy
rights. He also hosts monthly "Flex Your Rights' nights at Unallocated
Space, a central Maryland hackerspace. Michael is a self-employed small
business owner who spent nearly nine years in the United States Navy as
an EA-6B Prowler Electronic Countermeasures Officer. His military
experience includes aerial combat missions over both Afghanistan and
Iraq and nine months on the ground doing counter-IED work with the U.S.
Army. He is a graduate of Georgetown University's National Security
Studies Program and a previous speaker at ShmooCon, DEFCON, HOPE, and
other conferences. Michael is a licensed amateur radio operator and an
active member of the Church of WiFi. He lives in Maryland with his wife
and four children.
Twitter: @theprez98
========================================================================
Title: SCADA Security: Why is it so hard?
Speaker: Amol Sarwate
This talk will help those implementing security measures for SCADA systems. It will present the technical challenges faced by organizations
that have SCADA or control systems installations, provide examples of security controls for SCADA systems, and offer an open-source tool
to help identify and inventory SCADA systems. It will begin by introducing SCADA systems under the hood and will go into depth about SCADA
protocols like MODBUS and DNP3 at the packet level. The second half of the talk will focus on real world examples of successful and not-so-successful
implementations of security controls with SCADA systems. This will include examples of what some large organizations have done, and a discussion
about why SCADA security cannot be deciphered just by tools or technical solution. The presentation will conclude with the release of an open-source
tool to identify and inventory SCADA systems using the protocols discussed in this presentation. This session should be helpful for anyone who has
tried to implement security measures for their SCADA systems. It should also be helpful for security vendors and SCADA vendors who are all part of
SCADA security.
About the presenter:
Amol Sarwate, Manager, Vulnerability Engineering, Qualys Inc. Amol heads Qualys' team of security engineers
who manage vulnerability research. His team tracks emerging threats and develop new vulnerability signatures for Qualys' vulnerability management
service. Amol is a veteran of the security industry and has devoted his career to protecting, securing and educating the community from security
threats. At Network Associates, he contributed in the development of security products like CyberCop Scanner and Gauntlet Firewall. At Hitachi
Semiconductor, Amol managed a team that developed device drivers for RISC processor based boards. Amol has presented his research at
numerous security conferences, including RSA 2007, InfoSec Europe 2007 Press Conference, Homeland security Network HSNI 2006 and FS/ISAC 2006.
He regularly contributes to the SANS Top 20 expert consensus identifying the most critical security vulnerabilities. He writes the “HOT or NOT” column for SC Magazine.
========================================================================
Title: Security Outliers: Infosec Lessons Learned from Drownproofing at BUD/S Lite
Speaker: Gal Shpantzer @Shpantzer
abstract - to be updated
========================================================================
Title: Somewhere Over The Rainbow Tables
Speaker: Bob Weiss @pwcrack
Outline: History, Conventional Alternatives, What is a Rainbow Tables,
How Does a Rainbow Table Work, Current Practical Capabilities, Using
Rainbow Tables, Defeating Rainbow Tables,WPA, Online Services, Creating
Rainbow Tables, Naming Convention, Downloads
Abstract/Description: Rainbow Tables Explained
Speaker Bio: Bob Weiss is the Owner of Password Crackers, Inc.
Past Presentations: None
Public Contact Info: [email protected], @pwcrack
========================================================================
Title: There is no 'I' in Red Team: A Solution for Network Attack Collaboration
Speaker: Raphael Mudge
Abstract:
Working in a network attack team today is cumbersome.
Penetration-testing tools either focus on a single user or data
sharing only. Red teams have limited means to share access to
compromised hosts. Good intentions sometimes give way to a
disorganized free-for-all. The Armitage Metasploit GUI was developed
to address this problem. Armitage allows a network attack team to
communicate in real-time, share data, and seamlessly share access to
hosts compromised by the Metasploit exploitation framework. This talk
presents the red team collaboration problem, the inner workings of the
solution in Armitage, and the lessons learned using this technology
with the 2011 Northeast and Mid-Atlantic Collegiate Cyber Defense
Competition red teams.
Speaker Bio:
Raphael Mudge is a Washington, DC, based code hacker working on a new
startup effort. His current open source work is the Armitage GUI for
Metasploit. His past projects include the After the Deadline
proofreading software service and the Sleep scripting language.
Raphael has worked as a security researcher, software engineer,
penetration tester, and system administrator. Raphael also holds a
commission in the Air National Guard.
========================================================================
Title: Transparent Smartphone Spying No Apps Required
Speaker: Georgia Weidman
Abstract: Your whole life is on your smartphone, from your work related
emails, to where you've been, to your clandestine communication with
your secret lover. This talk discusses new research in stealing data off
smartphones transparently. This proof of concept works over cellular
communication at the base smartphone operating system to avoid
detection. Communications are parsed, logged, and even forwarded to an
attacker before the owner of the phone even has access to them. This
talk will also discuss stealing information stored in apps, in email,
etc. from underneath the application layer and again forwarding this
data to an attacker. Live demos on multiple smartphone platforms will be
shown.
Speaker Bio: Georgia Weidman is a member of the GRM n00bs, a group
providing training and media for information security beginners. She is
a survivor of the collegiate cyber defense competition and a security
master's program. Now she specializes in whatever security work she can
get, collects certifications, makes videos, takes photographs at
inopportune times, and sometimes podcasts.
Contact Info: Twitter: @vincentkadmon Email: georgia [at] grmn00bs [dot]
com
========================================================================
Title: Virtual Trust, Virtual Permission and the Illusion of Security
Speaker: Infojanitor
Summary: This presentation will cover common issues implemented in existing technology, future technology and the allowance of applications to make human decisions without human interaction. Currently application developers are implementing applications with the ability to make human type choices that in some cases are not to the users benefit. This precedent in application implementation is causing multiple security issues across devices, services, and within applications that previously had no interaction with each other or networked environments. It is the underlying element that has been talked around by other security presenters due to its symptoms which are evident for the past few years but no one has identified it as the cause. This talk will also provide clear examples of how the implementation of virtual trust and permission are giving users an illusion of security which makes them feel secure even when they are not; Bruce Schneier calls it “Security Theater”. The talk hopes to provide security professionals and non-security professionals of all levels awareness of the issue so that they may be able to improve their security footprint, fend off digital snake oil salesmen, and protect their environment from elements and attack vectors that they had not considered before.
BIO: Infojanitor is (mostly) a computer security professional working for a fortune 100 company that fed his initial techno lust using a commodore 64 in the mid 1980’s. Spent some time working at the John’s Hopkins Applied Physics Lab (JHU/APL) communications shop making databases and learning about PC’s, Sun systems and other technologies. He served ten years in US Air Force as a keyboard jockey performing database work sometimes while armed in other countries. He then spent the next 13 years after the Air Force working for a private security company performing perimeter protection engagements around the world. Legally robbing banks, breaking into lofty institutions and making things not show up on the public relation’s radar for customers for which he still maintains non-disclosure agreements (NDA's). Yet, still finds the time to scour the web, look through internet lockers, and pick up rouge 1 and 0's
========================================================================
Title: Walking the Green Mile: How to Get Fired After a Security
Incident
Name: Brian Baskin
Twitter: @bbaskin
Email: [email protected]
Abstract: Security incidents targeting corporations are occurring on a
daily basis. While we may hear about the large cases in the news,
network and security administrators from smaller organization quake in
fear of losing their jobs after a successful attack of their network.
Simple bad decisions and stupid mistakes in responding to a data breach
or network intrusion are a great way to find yourself new employment. In
this talk I'll show you in twelve easy steps how to do so after, or even
during, a security incident in your company.
Bio: Brian Baskin is a senior digital forensics professional and
incident responder with cmdLabs. Mr. Baskin has been a part of the
forensics and incident response field for over 10 years with most of
those dedicated to research, develop, and train forensic responses to
growing network threats as part of a large DoD facility dedicated to
digital crime. Currently Mr. Baskin devotes much of his time to unique
digital forensics, evolving Internet crimes, and network protocol
analysis. He has led incident investigations, intrusion investigations
and forensics analysis within the commercial market to include medical
offices, research institutions and various other large businesses around
the US. He has also authored and co-authored seven computer security
books with Syngress Publishing. His most recent being the technical
reference of the revised "Dissecting The Hack: The F0rb1dd3n Network".
========================================================================
Title: Why it's Easier to Build a Potato Cannon Than Secure a Cloud Infrastructure
Speaker: Chris Brenton
Cloud computing is identified as a generational change that requires a complete retooling of how we apply security. In this
talk we'll look at why the cloud is so disruptive to security. We will discuss what security solutions already exist, what holes
need to be filled, and which technologies might be leading us down a dead end path.
========================================================================
Title: (Audience choice)
Name: Ben Tomhave @falconsview
---
Title: Scaling Risk Management
Abstract:
Organizations face an unprecedented number of risks, threatening the overall health and security posture of a company. Learn how to develop and quickly implement a risk management strategy that identifies, assesses and prioritizes the most relevant risks for your organization, as well as prioritizes associated risk mitigation tasks and responsibilities.
---
Title: Cloud Control: Assurance in a Massively Scalable World
Abstract:
Ubiquitous access to data and applications is here. No longer are our resources confined to enterprise networks and data centers of our own making. Rather, applications and platforms are now available on-demand, anywhere, anytime, to virtually anybody. Moreover, these environments can scale on demand, automating what has traditionally required expertise in system design and capacity planning. Assuring security in this environment poses new and evolving challenges. While they may resemble the same obstacles we've been managing for decades, they are increasingly more difficult to address. Now, more than ever, companies need to extend their governance, risk, and compliance initiatives to take cloud-related strategies and initiatives into account to proactively protect their data and their bottom line.
---
Title: The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform
Abstract:
What we're doing today is not working and isn't sustainable. The fundamental culture of the average business does not encourage making good security decisions. Software shops continue to focus on functionality and timelines, neglecting information security. In spite of regulations like PCI and HIPAA+HITECH, which are levying fines against organizations for their security failures, the tipping point has clearly not been reached to cause meaningful change. Much of this problem can be attributed to the excessive use of negative incentives (sticks) instead of providing positive incentives (carrots) that inspire better decision-making and motivate true change. Fortunately, it's not too late to change tactics and start achieving demonstrable success.
========================================================================
Comments (0)
You don't have permission to comment on this page.