mfelch – Security B-Sides Orlando 2016 Presented By FC² http://bsidesorlando.org/2016 Bringing Infosec to Central Florida Since 2013 Mon, 03 Oct 2016 13:56:28 +0000 en-US hourly 1 sk4ld | Simulated Physics And Embedded Virtualization Integration http://bsidesorlando.org/2016/sk4ld-simulated-physics-and-embedded-virtualization-integration Fri, 12 Feb 2016 16:07:29 +0000 http://bsidesorlando.org/2016/?p=264

Abstract

The Simulated Physics And Embedded Virtualization Integration (SPAEVI, rhymes with gravy) methodology is designed for industrial control system (ICS) cybersecurity research. The cost of hardware-based industrial control system testbeds often limits entire categories of vulnerability analysis, testing, malware analysis, and etc. Specifically memory corruption vulnerability analysis often risks bricking ICS embedded systems. The SPAEVI methodology is proposed for software-based ICS/SCADA testbeds via embedded system virtualization, where the inputs and outputs are integrated within a physics simulation. The challenges of implementing the methodology are nontrivial, and one must rely on reverse engineering, virtual machine development, exploit development, engineering experience, and embedded system design experience. Foremost, the virtualization of an embedded system will pose unique, non-trivial challenges per target system, due to the wild variation of microprocessor architectures in ICS/SCADA.

Bio

Aside from his mohawk and beard, Owen is renown for creating and teaching the Offensive Computer Security Courseware, which has been used in some form at over a dozen universities around the world. He earned his BS in CS from Georgia Tech, MS in CS from FSU, and is finishing his PhD dissertation on Cyber Physical Systems Vulnerability Research & Sandboxing.

]]>
Mitch Stoltz | Jailbreaks and Pirate Tractors: Reverse Engineering Do’s and Don’ts http://bsidesorlando.org/2016/mitch-stoltz-jailbreaks-and-pirate-tractors-reverse-engineering-dos-and-donts Mon, 08 Feb 2016 22:51:52 +0000 http://bsidesorlando.org/2016/?p=286

Abstract

Taking things apart to figure out how they work is great fun at any age. It can also be the first step in building a great new product. But reverse engineering software and systems can be a legal minefield that takes care and planning to traverse.

In this talk, Mitch Stoltz, Senior Staff Attorney with the Electronic Frontier Foundation, will discuss how to explore and modify hardware and software, and use the knowledge you gather, while avoiding common legal problems. He will also share stories about the latest efforts to preserve the freedom to tinker with everything from phones to cars to medical implants.
I’m a copyright lawyer at EFF, once a software engineer and security specialist at Netscape/AOL/Mozilla. I’ve done some corporate litigation too, mostly for consumer technology companies.

Bio

Mitch is passionate about free speech, coders’ rights, and letting innovation thrive wherever it grows.

]]>
Jason Blanchard | How to Social Engineer your way into your dream job http://bsidesorlando.org/2016/jason-blanchard-how-to-social-engineer-your-way-into-your-dream-job Mon, 08 Feb 2016 22:32:26 +0000 http://bsidesorlando.org/2016/?p=284

Abstract

This talk will cover how to social engineer or persuasively position yourself to be the best candidate for the job of your dreams. We will cover reconnaissance and open-source intelligence gathering, developing phishing emails that help you get people to open your resume, and how to reach your target audience “Recruiters” & “HR Managers” I have trained 1,000’s of college graduates on how to find the right job when it is needed, and this talk can help a student, recent graduate, or a seasons IT professional find their next step in their careers, in a funny and witty presentation where you’ll leave with a road map on how to social engineer your way to success… and stuff.

Bio

Jason is a professional Social Engineer… a dreaded marketer that ruins everything in life that was once free, and good, and easy to use. But… He also has some serious skills of persuasion, that can be used for the forces of good – your good.

]]>
Cooper Quintin | Third Party Tracking: How it works and how to stop it for good http://bsidesorlando.org/2016/cooper-quintin-third-party-tracking-how-it-works-and-how-to-stop-it-for-good Tue, 02 Feb 2016 16:53:13 +0000 http://bsidesorlando.org/2016/?p=279

Abstract

Almost everything you do on the web is being read and tracked. The web is no longer static HTML. Advanced browser features such as Javascript, cookies, and HTML5 are fantastic for making rich featureful sites, but they can also compromise your privacy. During the course of a typical web browsing session, information about what you read and who you are can be sent to hundreds of third party trackers without your knowledge or consent.

In this talk Cooper Quintin, Staff Technologist with the Electronic Frontier Foundation, will discuss the who, what, why and how of web tracking. He will demonstrate two tools: Panopticlick – EFF’s website demonstrating browser fingerprinting, and Privacy Badger – a browser extension to stop online tracking.

He will also discuss EFF’s plan to stop non-consensual third party tracking on the web once and for all.

Bio

Cooper is a security researcher and programmer at EFF. He has worked on projects such as Privacy Badger, Canary Watch, Ethersheet, and analysis of state sponsored malware. He has also performed security trainings for activists, non profit workers and ordinary folks around the world.

]]>
Caleb Crable and Evan Keiser | Cloud & Control: Where do we go from here? http://bsidesorlando.org/2016/caleb-crable-and-evan-keiser-cloud-control-where-do-we-go-from-here Tue, 02 Feb 2016 16:13:52 +0000 http://bsidesorlando.org/2016/?p=274

Abstract

With so many people taking advantage of the cloud, no one really thinks about how the cloud is taking advantage of you. We will be taking an in-depth look at the pros, and mostly cons, of the datacenter clusters that we harmlessly refer to as cloud infrastructure. These pros and cons shift from whitehat to blackhat in an instant depending on the circumstances. From using online backup for your corporate office, to an attacker breaking in, encrypting your cloud data, and ransoming it back to you. While a fortune 500 organization uses the cloud for their storage and email, there is another server physically sitting right next to it propagating exploit kits. We will be presenting real-world examples of how easy it is to hide in the cloud as an attacker, and how impossible it is to hide in the cloud for everyday users. Whether it be saucy selfies, bank or medical records, or even just highly valued data in general; How safe do you actually think it is…on someone else’s computer?

Bio

Caleb is a Malware Analyst at Cylance, practicing dirtywhitehat, and frequent contributor to the information security community both online and at technology security events. Caleb enjoys long walks on the beach with polymorphic malware in his leisure.

Evan also serves as a Malware Analyst at Cylance, constantly disseminating new threat intelligence among his team and performing security incident reconstruction in his spare time. Based in Raleigh-Durham, North Carolina, in his free time Evan is an avid lock picking enthusiast and penetration tester who enjoys finding holes in virtual and physical security controls of all kinds, belgian waffles and hacking all the things.

]]>
Sanders Diaz | Introduction to Custom Protocol Fuzzing http://bsidesorlando.org/2016/sanders-diaz-introduction-to-custom-protocol-fuzzing Thu, 28 Jan 2016 19:42:16 +0000 http://bsidesorlando.org/2016/?p=249

Abstract

Hunting for vulnerabilities in custom protocols can be shrouded in mystery to the novice. While there are many resources on the subject, its hard to find a single source of information that introduces the process from start to finish. This talk aims to introduce the tools and process involved in reversing an unknown protocol, interfacing with it, and ultimately fuzzing it to find vulnerabilities.

The talk will address the questions:

  • How does reversing and fuzzing protocols benefit my security program?
  • Who should do this kind of work?
  • What will I need?

It will also introduce you to netzob, scapy, wireshark dissectors, nmap NSE, and sulley.

Bio

Sanders Diaz is a Penetration tester based in the Central Florida region, working as a consultant in the public sector. He currently holds SANS GPEN and GXPN certifications. Along with penetration testing, Sanders nurses a healthy interest in development, reversing, gaming, and cars.

]]>
Samuel Greenfeld | Dox Yourself http://bsidesorlando.org/2016/samuel-greenfeld-dox-yourself Tue, 26 Jan 2016 15:51:10 +0000 http://bsidesorlando.org/2016/?p=259

Abstract

This talks starts out by looking at how companies have tried to authenticate people using public information. It then looks at current authentication practices, and finishes by discussing how companies try to determine who you are without letting you know.

Bio

Samuel is a Senior QA Engineer testing XenDesktop performance at Citrix. Prior to that he worked on the One Laptop per Child project, and at Secure Computing & McAfee on the Sidewinder (McAfee Firewall Enterprise) product line.

]]>
Itzik Kotler | Goodbye Data, Hello Exfiltration http://bsidesorlando.org/2016/itzik-kotler-goodbye-data-hello-exfiltration Tue, 26 Jan 2016 15:45:02 +0000 http://bsidesorlando.org/2016/?p=256

Abstract

Penetration testing isn’t about getting in, it’s also about getting out with the goodies. In this talk, you will learn how leverage commonly installed software (not Kali Linux!) to exfiltrate data from networks. Moving on to more advanced methods that combines encryption, obfuscation, splitting (and Python). Last but not least, I’ll address data exfiltration via physical ports and demo one out-of-the-box method to do it.

Bio

Itzik Kotler is CTO and Co-Founder of SafeBreach. Itzik has more than a decade of experience researching and working in the computer security space. He is a recognized industry speaker, having spoken at DEFCON, Black Hat USA, Hack In The Box, RSA Europe, CCC and H2HC. Prior to founding SafeBreach, Itzik served as CTO at Security-Art, an information security consulting firm, and before that he was SOC Team Leader at Radware. (NASDQ: RDWR).

]]>
John Smith | Advanced Persistent Awareness http://bsidesorlando.org/2016/john-smith-advanced-persistent-awareness Tue, 26 Jan 2016 15:39:38 +0000 http://bsidesorlando.org/2016/?p=254

Abstract

This talk describes how/why system owners need to start taking responsibility for their own security. The fact that my city has a police department does not mean that I don’t lock my door or that I am not vigilant about my own property. Sadly, in IT today, this has gotten lost. Systems are breached for weeks/months at a time with no one knowing that it is going on. This year, globally there will be over a million INFOSEC positions that need to be filled. The fact is, there are not a million IT professionals looking for work, much less INFOSEC. We can add more eyes and intelligence to the challenge by enlisting system owners to take SOME responsibility for their own security.

Bio

John Smith has 18 years in IT, 16 in the enterprise before going to the vendor side. Unlike a lot of your speakers he is, in fact, NOT an INFOSEC practitioner. He does consider himself and have throughout his career, a person responsible for security. As security teams have evolved, system owners themselves have all but absolved themselves of taking any responsibility for their own security. He wants to change that!

]]>
Jonathan Echavarria | Pwning pwners like a n00b http://bsidesorlando.org/2016/jonathan-echavarria-pwning-pwners-like-a-n00b Tue, 26 Jan 2016 15:36:23 +0000 http://bsidesorlando.org/2016/?p=252

Abstract

Cybercrime, blackhat hackers and some Ukrainians.

If that doesn’t catch your attention, then stop reading. Follow the story of how stupid mistakes, OPSEC fails, and someone with a little too much time on his hands was able to completely dismantle a spamming and webshell enterprise using really simple skills and techniques you could pick up in a week. Did we mention that d0x were had as well?

This talk will be an in-depth examination at the investigation and exploitation process involved.

Bio

Jonathan is an information security professional working for ReliaQuest, LLC in Tampa, FL. His areas of interest revolve around red teaming, cybercrime, malware and threat intelligence.

]]>
Michael Brown | An overview of frameworks, standards, and regulations for security folks http://bsidesorlando.org/2016/michael-brown-an-overview-of-frameworks-standards-and-regulations-for-security-folks Tue, 19 Jan 2016 15:51:36 +0000 http://bsidesorlando.org/2016/?p=236

Abstract

In recent years the number of regulations, standards, frameworks and the like have increased. While some are aimed at IT overall, in light of recent events many of them have included or even focused on IT Security. And this is likely to increase. Because of this, security professionals are finding themselves expected to follow, adhere to, and/or enforce these standards. But few have a decent understanding of them. Using as our basis the Critical Security Controls (formerly known as the SANS Top 20), we’ll take a look at some of the major security frameworks and regulations out there, such as HIPAA, ISO 27001/2, NIST CSF, PCI-DSS, SOX, and others. The aim is to help security professionals understand the common security issues these various models strive to address.

Bio

Michael Brown, CISSP, HCISPP, CISA, CISM, CRISC, has been involved with IT for 20 years, the last ten in IT Security. Moving from a security admin to a global security architect, he has been working for the last few of years as an IT security consultant preforming security risk assessments, gap analysis, and developing policies and procedures for clients to help them implement an information security management system.

]]>
Thomas Richards | Red Team Yourself http://bsidesorlando.org/2016/thomas-richards-red-team-yourself Tue, 19 Jan 2016 15:35:55 +0000 http://bsidesorlando.org/2016/?p=234

Abstract

So your organization conducts regular tests with $automated tool. Want to bring your security testing program to the next level? Red Teaming will give your organization a goal based, adversarial emulating approach to see how secure it really is. In this talk we will cover what red teaming is and how it can be applied to your organization to add a new level to your security program.

Bio

Thomas Richards, Senior Consultant, has been with Cigital since 2012. His primary areas of expertise include Red Teaming and Mobile Security. He is an Offensive Security Certified Professional (OSCP) and a member of TOOOL. Thomas spends his days guiding clients through secure mobile application development and secure web services API design. In his free time, he enjoys playing guitar, camping, and spending time with his wife and four kids.

]]>
Paul Arnold | The Wizarding World of SELinux http://bsidesorlando.org/2016/paul-arnold-the-wizarding-world-of-selinux Tue, 19 Jan 2016 15:34:53 +0000 http://bsidesorlando.org/2016/?p=232

Abstract

Dissolving the stigma surrounding SELinux and discussing how important SELinux is to hardened and trusted systems. The talk will describe what SELinux is and its purpose, briefly touch on its history, explain its current functionality with some high-level examples, and provide tips on first tackling SELinux implementation. This is intended as a “introduction” or “beginner” talk into the world of SELinux for those with some experience with *nix systems.

Bio

White-hat hacker, tinkerer, and Linux user since epoch time was 9 digits. Currently a Cybersecurity Engineer supporting the defense sector.

]]>
Evan Dygert | Custom Digital Forensics Tools in Python http://bsidesorlando.org/2016/evan-dygert-custom-digital-forensics-tools-in-python Tue, 19 Jan 2016 15:29:22 +0000 http://bsidesorlando.org/2016/?p=228

Abstract

In digital forensics, sometimes you get a case where the standard tools do not provide the information you need. Whether you need metadata and files from an obsolete file system or you need to extract the data from unsupported file types, writing digital forensics tools in Python gives you abilities beyond those of widely used tools. In this session, learn about some of the Python toolkits and techniques that can help you solve those tough, unexpected digital forensics problems. A case study will be presented to show how Python was used to extract metadata and files from the legacy Macintosh File System (MFS).

Bio

Evan Dygert is a software developer and forensic computer specialist with over 30 years experience with a variety of computer languages, platforms, and databases. He has also been providing expert consulting, expert witness and computer forensic services in intellectual property and contract dispute cases for over 10 years. He is currently working on his Ph.D. dissertation in Computer Information Systems.

]]>
Vikram Dhillon | IoT Security http://bsidesorlando.org/2016/vikram-dhillon-iot-security Mon, 18 Jan 2016 02:45:31 +0000 http://bsidesorlando.org/2016/?p=218

Abstract

Internet of Things has become the biggest buzzword to come out from 2015. But there are some serious efforts by big tech companies like IBM to create next generation technologies that talk to each other using the same language. What kind of security policies will we be able to design for a new type of networking? How do our traditional approaches work and where can we draw new inspiration from?

This talk focuses on some recent attacks on IoT technologies and what we have learned from them. More interestingly, what kind of attacks do the experts speculate will happen when IoT is more prevalent. What will be the implications of DoS when everything is online? A cautionary tale, but it almost feels like we’re living in the best of the times.

Bio

Developer, hacker and part time blogger.

]]>
Ean Meyer | Dress for the Job You Want (to fake) not the One You Have http://bsidesorlando.org/2016/ean-meyer-dress-for-the-job-you-want-to-fake-not-the-one-you-have Thu, 07 Jan 2016 16:15:17 +0000 http://bsidesorlando.org/2016/?p=181

Abstract

Billions of dollars are spent globally on technical controls for information security. Most, if not all, of these controls can be overridden by the implicit trust that someone with physical access has to a system. Yet, physical security is often the easiest control to circumvent.

This talk will focus on ways a legal, ethical, and authorized penetration tester can prepare themselves to inspire trust in those protecting their target allowing them to gain access to protected areas.

This talk will look at the physical signs that someone doesn’t belong in an area and how to create a persona that “belongs”. During the talk we will compare different outfits and uniforms used by workers who would be expected to be in controlled areas. The talk will also look at paralanguage and body language that can be used to put people at ease.

The talk will cover:

Why physical access controls are critical
Tales of “Physical Access Gone Wrong”
Uniforms, attire, and details that give away an imposter
Paralanguage – What to say to put people at ease
Body language – What to do to put people at ease
“The Getaway” – How to get out gracefully
Preventing Interlopers – What can you do to stop attackers using these techniques

By the end of the talk the audience should be able to leverage these techniques to test their own security program, bolster their approved penetration testing program, and develop new controls to prevent physical attackers.

Bio

Ean Meyer is an information security professional working in Central Florida. Ean’s current focus areas are PCI, FERPA, HIPAA HITECH, Intrusion Detection and Prevent Systems, Information Security Program Management, Penetration Testing, and Social Engineering/User Awareness Training. Ean has a BS in Information Security and an AS in Computer Network Systems. Ean also holds a CISSP certification. He runs the blog www.thetheaterofsecurity.com.

]]>