Abstract

Bio

Michael Brown, CISSP, HCISPP, CISA, CISM, CRISC, has been involved with IT for 20 years, the last ten in IT Security. Moving from a security admin to a global security architect, he has been working for the last few of years as an IT security consultant preforming security risk assessments, gap analysis, and developing policies and procedures for clients to help them implement an information security management system.

Abstract

Knowing how to perform basic malware analysis can go a long way in helping infosec analysts do some fundamental triage to either crush the mundane or recognize when its time to pass the more serious samples on to the the big boys. This course, based on grecs’ popular Malware Analysis 101 – N00b to Ninja talks, covers several analysis environment options and the three quick steps that allows almost anyone with a general technical background to go from n00b to ninja (;)) in no time. Well … maybe not a “ninja” per se but the closing does address follow-on resources on the cheap for those wanting to dive deeper into the dark world of malware analysis.

Prior to workshop students should complete the following in order to get the most out of the class.

* Have a VM solution loaded onto their laptop (e.g., VMware [free, trial, or paid] or VirtualBox [free]).
* Download and load the ModernIE Windows XP with IE8 VM into the VM solution. https://dev.windows.com/en-us/microsoft-edge/tools/vms/windows/

Saturday March 12th 01:30PM – 04:30PM

Bio

grecs has two decades of industry experience and undergraduate/graduate engineering degrees. After doing the IT grind, he discovered his love of infosec and has been pursuing it since. Currently, he spends his days as a senior cyber analyst enhancing customer defenses through advanced analysis, customized training, and engineering improvements. In his free time grecs is an international speaker and blogger covering a range of defensive topics.

Abstract

10 seconds is all the time a Recruiter or Hiring manager is going to give your resume in deciding to keep it or pass on it. A resume tells a great deal about you, creates a first lasting impression and gets you the interview.

Join our resume writing and social media profile editing workshop to learn how to best tailor your information to pursue the job that you want. Experienced recruiters review 40-50 resumes and LinkedIn profiles a day. Our tips will help you stand out above candidates competing for the best jobs out there.

At the end we can have a Q&A session to answer any questions about the workshop or the IT market and relevant trends in the US in general.

Please bring a hard copy of your resume to the workshop, send a soft copy dfuentes@teksystems.com or a connection request to https://www.linkedin.com/in/diego-fuentes-59ab0b12.

10:00AM – 10:30AM

Bio

As Technical Recruiters for TEKsystems, we are responsible for building consultant relationships, understanding the local employment market in Central Florida and consulting with Technical Candidates to help them advance their long-term careers.

Abstract

When your job is to act as a malicious attacker on a daily basis for the good of helping organizations, you can’t help but wonder “What if I decided to embrace the evil within?” What if one day I woke up evil? Every day as a pentester, I compromise organizations through a variety of ways. If I were to wake up one day and decide to completely throw my ethics out the window, how profitable could I be, and could I avoid getting caught?

In this talk I will walk through a detailed methodology about how I personally would go about exploiting organizations for fun and profit, this time not under the “white hat.” Non-attribution, target acquisition, exploitation, and profitization will be the focal points. Blue teamers will get a peek into the mindset of a dedicated attacker. Red teamers will learn a few new techniques for their attack methodologies.

Bio

Beau Bullock is a Senior Security Analyst at Black Hills Information Security. Prior to joining BHIS, Beau‘s primary role has been implementing security controls to protect information and network assets. He has held information security positions in the financial and health industries. Beau has experience with all aspects of enterprise network security including penetration testing, vulnerability analysis, data loss prevention, wireless security, firewall management, and employee security training. In his spare time, he hosts the Hack Naked TV information security webcast and presents at conferences.

Beau holds a B.S. in Information Technology and has also obtained multiple industry certifications including OSCP, OSWP, GCIH, GCFA, GSEC, GPEN, GXPN. Beau is @dafthack on Twitter.

Abstract

CFAA, CAN-SPAM, HIPPA, and CADRA are just a few of the many alphabet-soup acronyms that make up the legal rubric in the United States that govern information security, privacy, and technological issues- information security professionals need to understand the patchwork of laws in the United States (and Florida in particular) to be truly effective in their endeavors.  New state laws appear every day with different standards for what data is considered sensitive and how an organization is dealt with if they disclose protected information. What laws should you be aware of when engaging your organization about risk and data disclosure? This talk will focus on the CFAA, the Computer Fraud and Abuse Act, as well as CADRA, Florida’s Computer Abuse and Data Recovery Act. Adam Losey, an internationally recognized attorney working in Central Florida will discuss information security and privacy law, what it means to information security professionals, and how to approach data privacy laws. The talk will include 20-30 minutes of round table style discussion allowing the audience to ask questions regarding matters of law and data privacy.

Bio

Adam Losey is an internationally recognized attorney, author, and educator in the field of technology law. He represents a number of Fortune 100 companies in high-stakes complex litigations across the country involving challenging issues at the intersection of law and technology. In addition to his litigation practice, Mr. Losey routinely advises clients large and small on a variety of sophisticated information security, incident response, privacy, electronic discovery, and data management matters. Inside and out of the courtroom, he efficiently and creatively solves problems for clients in a variety of situations.

Abstract

A recent study titled, “Battling the Big Hack” by IT professional network Spiceworks found that that 80% of organizations experienced an IT security incident in 2015, with 53% of respondents having a concern for ransomware in 2016. But how did we get here? And how can we avoid these growing attacks in the coming year and beyond? In general, all ransomware pretty much works the same in that it tries to extort money from a user, but each variation of it does something slightly different. This presentation will discuss the history of ransomware – from the first known ransomware, which hit the scene back in 1989 (the “AIDS” or “PC Cyborg” Trojan), to Gpcode (RSA encryption schemes), CryptoLocker (Bitcoin transactions), and Cryptowall (targeting Windows), with many others in between. We’ll close out the discussion with 2016 ransomware predictions, as well as how users can mitigate these attacks in the future.

Bio

Dodi is VP of CyberSecurity for PC Pitstop with 10+ years’ experience in the cyber security industry, specializing in security risk assessment, programming, firewalls, malware/targeted attacks, antivirus, & more. Previously, he led several initiatives in malware research, software development, software testing, and product management for ThreatTrack Security, Sunbelt Software, & GFI Software.

Abstract

Knowing how to perform basic network forensics can go a long way in helping infosec analysts do some fundamental analysis to either crush the mundane or recognize when its time to pass the more serious attacks on to the the big boys. This presentation covers environment options for making your network monitor-able, three quick steps to triage and analyze alerts, and integrated distros that allows almost anyone with a general technical background to go from n00b to ninja (;)) in no time. Well … maybe not a “ninja” per se but the closing does address follow-on resources on the cheap for those wanting to dive deeper into the dark world of network forensics.

Bio

grecs has two decades of industry experience and undergraduate/graduate engineering degrees. After doing the IT grind, he discovered his love of infosec and has been pursuing it since. Currently, he spends his days as a senior cyber analyst enhancing customer defenses through advanced analysis, customized training, and engineering improvements. In his free time grecs is an international speaker and blogger covering a range of defensive topics.

Abstract

Bio

Abstract

Do you ever feel like your resume is holding you back? I can help you translate your work experience to paper and help you land that dream InfoSec job. From the basics of resume no no’s to highlighting your security skills. Please bring a copy of your resume!

Bio

Emori Medeiros has been on both sides of the recruiting world. She was an internal recruiter for a tech company in San Francisco and now she is a technical recruiter at BlueWave. Her experience has taught her the ins and outs of perfecting resumes so that YOUR resume is the one that stands out. BlueWave is a Technology Boutique Firm that specializes in Information Security and Software Development Recruiting.

Abstract

Over the past few years exploit kits have been widely adopted by criminals looking to infect users with malware.The exploit kit then proceeds to exploit security holes, known as vulnerabilities, in order to infect the user with malware. The entire process can occur completely invisibly, requiring no user action. In my research I try to deconstruct cyber kill chain involving one of the most notorious exploit kits used by cybercriminals – a kit known as Angler exploit kit. This talk will cover the evolution of AEK, it’s role in raising of ransomware threat, tricks used to send user web traffic to Angler landing pages, and methods to deliver payloads. It will also cover procedures that allowed us at OpenDNS to proactively discover and block landing pages and mitigate the risk of infections delivered by AEK, as well as the preventative measures that end-users and systems administrators can take to mitigate their risks.

Bio

I am current security analyst and penetration tester in the past.

Abstract

The Simulated Physics And Embedded Virtualization Integration (SPAEVI, rhymes with gravy) methodology is designed for industrial control system (ICS) cybersecurity research. The cost of hardware-based industrial control system testbeds often limits entire categories of vulnerability analysis, testing, malware analysis, and etc. Specifically memory corruption vulnerability analysis often risks bricking ICS embedded systems. The SPAEVI methodology is proposed for software-based ICS/SCADA testbeds via embedded system virtualization, where the inputs and outputs are integrated within a physics simulation. The challenges of implementing the methodology are nontrivial, and one must rely on reverse engineering, virtual machine development, exploit development, engineering experience, and embedded system design experience. Foremost, the virtualization of an embedded system will pose unique, non-trivial challenges per target system, due to the wild variation of microprocessor architectures in ICS/SCADA.

Bio

Aside from his mohawk and beard, Owen is renown for creating and teaching the Offensive Computer Security Courseware, which has been used in some form at over a dozen universities around the world. He earned his BS in CS from Georgia Tech, MS in CS from FSU, and is finishing his PhD dissertation on Cyber Physical Systems Vulnerability Research & Sandboxing.

Abstract

Taking things apart to figure out how they work is great fun at any age. It can also be the first step in building a great new product. But reverse engineering software and systems can be a legal minefield that takes care and planning to traverse.

In this talk, Mitch Stoltz, Senior Staff Attorney with the Electronic Frontier Foundation, will discuss how to explore and modify hardware and software, and use the knowledge you gather, while avoiding common legal problems. He will also share stories about the latest efforts to preserve the freedom to tinker with everything from phones to cars to medical implants.
I’m a copyright lawyer at EFF, once a software engineer and security specialist at Netscape/AOL/Mozilla. I’ve done some corporate litigation too, mostly for consumer technology companies.

Bio

Mitch is passionate about free speech, coders’ rights, and letting innovation thrive wherever it grows.

Abstract

This talk will cover how to social engineer or persuasively position yourself to be the best candidate for the job of your dreams. We will cover reconnaissance and open-source intelligence gathering, developing phishing emails that help you get people to open your resume, and how to reach your target audience “Recruiters” & “HR Managers” I have trained 1,000’s of college graduates on how to find the right job when it is needed, and this talk can help a student, recent graduate, or a seasons IT professional find their next step in their careers, in a funny and witty presentation where you’ll leave with a road map on how to social engineer your way to success… and stuff.

Bio

Jason is a professional Social Engineer… a dreaded marketer that ruins everything in life that was once free, and good, and easy to use. But… He also has some serious skills of persuasion, that can be used for the forces of good – your good.

Abstract

Almost everything you do on the web is being read and tracked. The web is no longer static HTML. Advanced browser features such as Javascript, cookies, and HTML5 are fantastic for making rich featureful sites, but they can also compromise your privacy. During the course of a typical web browsing session, information about what you read and who you are can be sent to hundreds of third party trackers without your knowledge or consent.

In this talk Cooper Quintin, Staff Technologist with the Electronic Frontier Foundation, will discuss the who, what, why and how of web tracking. He will demonstrate two tools: Panopticlick – EFF’s website demonstrating browser fingerprinting, and Privacy Badger – a browser extension to stop online tracking.

He will also discuss EFF’s plan to stop non-consensual third party tracking on the web once and for all.

Bio

Cooper is a security researcher and programmer at EFF. He has worked on projects such as Privacy Badger, Canary Watch, Ethersheet, and analysis of state sponsored malware. He has also performed security trainings for activists, non profit workers and ordinary folks around the world.

Abstract

With so many people taking advantage of the cloud, no one really thinks about how the cloud is taking advantage of you. We will be taking an in-depth look at the pros, and mostly cons, of the datacenter clusters that we harmlessly refer to as cloud infrastructure. These pros and cons shift from whitehat to blackhat in an instant depending on the circumstances. From using online backup for your corporate office, to an attacker breaking in, encrypting your cloud data, and ransoming it back to you. While a fortune 500 organization uses the cloud for their storage and email, there is another server physically sitting right next to it propagating exploit kits. We will be presenting real-world examples of how easy it is to hide in the cloud as an attacker, and how impossible it is to hide in the cloud for everyday users. Whether it be saucy selfies, bank or medical records, or even just highly valued data in general; How safe do you actually think it is…on someone else’s computer?

Bio

Caleb is a Malware Analyst at Cylance, practicing dirtywhitehat, and frequent contributor to the information security community both online and at technology security events. Caleb enjoys long walks on the beach with polymorphic malware in his leisure.

Evan also serves as a Malware Analyst at Cylance, constantly disseminating new threat intelligence among his team and performing security incident reconstruction in his spare time. Based in Raleigh-Durham, North Carolina, in his free time Evan is an avid lock picking enthusiast and penetration tester who enjoys finding holes in virtual and physical security controls of all kinds, belgian waffles and hacking all the things.

Abstract

Hunting for vulnerabilities in custom protocols can be shrouded in mystery to the novice. While there are many resources on the subject, its hard to find a single source of information that introduces the process from start to finish. This talk aims to introduce the tools and process involved in reversing an unknown protocol, interfacing with it, and ultimately fuzzing it to find vulnerabilities.

The talk will address the questions:

• How does reversing and fuzzing protocols benefit my security program?
• Who should do this kind of work?
• What will I need?

It will also introduce you to netzob, scapy, wireshark dissectors, nmap NSE, and sulley.

Bio

Sanders Diaz is a Penetration tester based in the Central Florida region, working as a consultant in the public sector. He currently holds SANS GPEN and GXPN certifications. Along with penetration testing, Sanders nurses a healthy interest in development, reversing, gaming, and cars.

Abstract

This talks starts out by looking at how companies have tried to authenticate people using public information. It then looks at current authentication practices, and finishes by discussing how companies try to determine who you are without letting you know.

Bio

Samuel is a Senior QA Engineer testing XenDesktop performance at Citrix. Prior to that he worked on the One Laptop per Child project, and at Secure Computing & McAfee on the Sidewinder (McAfee Firewall Enterprise) product line.

Abstract

Penetration testing isn’t about getting in, it’s also about getting out with the goodies. In this talk, you will learn how leverage commonly installed software (not Kali Linux!) to exfiltrate data from networks. Moving on to more advanced methods that combines encryption, obfuscation, splitting (and Python). Last but not least, I’ll address data exfiltration via physical ports and demo one out-of-the-box method to do it.

Bio

Itzik Kotler is CTO and Co-Founder of SafeBreach. Itzik has more than a decade of experience researching and working in the computer security space. He is a recognized industry speaker, having spoken at DEFCON, Black Hat USA, Hack In The Box, RSA Europe, CCC and H2HC. Prior to founding SafeBreach, Itzik served as CTO at Security-Art, an information security consulting firm, and before that he was SOC Team Leader at Radware. (NASDQ: RDWR).

Abstract

This talk describes how/why system owners need to start taking responsibility for their own security. The fact that my city has a police department does not mean that I don’t lock my door or that I am not vigilant about my own property. Sadly, in IT today, this has gotten lost. Systems are breached for weeks/months at a time with no one knowing that it is going on. This year, globally there will be over a million INFOSEC positions that need to be filled. The fact is, there are not a million IT professionals looking for work, much less INFOSEC. We can add more eyes and intelligence to the challenge by enlisting system owners to take SOME responsibility for their own security.

Bio

John Smith has 18 years in IT, 16 in the enterprise before going to the vendor side. Unlike a lot of your speakers he is, in fact, NOT an INFOSEC practitioner. He does consider himself and have throughout his career, a person responsible for security. As security teams have evolved, system owners themselves have all but absolved themselves of taking any responsibility for their own security. He wants to change that!

Abstract

Cybercrime, blackhat hackers and some Ukrainians.

If that doesn’t catch your attention, then stop reading. Follow the story of how stupid mistakes, OPSEC fails, and someone with a little too much time on his hands was able to completely dismantle a spamming and webshell enterprise using really simple skills and techniques you could pick up in a week. Did we mention that d0x were had as well?

This talk will be an in-depth examination at the investigation and exploitation process involved.

Bio

Jonathan is an information security professional working for ReliaQuest, LLC in Tampa, FL. His areas of interest revolve around red teaming, cybercrime, malware and threat intelligence.

Abstract

In recent years the number of regulations, standards, frameworks and the like have increased. While some are aimed at IT overall, in light of recent events many of them have included or even focused on IT Security. And this is likely to increase. Because of this, security professionals are finding themselves expected to follow, adhere to, and/or enforce these standards. But few have a decent understanding of them. Using as our basis the Critical Security Controls (formerly known as the SANS Top 20), we’ll take a look at some of the major security frameworks and regulations out there, such as HIPAA, ISO 27001/2, NIST CSF, PCI-DSS, SOX, and others. The aim is to help security professionals understand the common security issues these various models strive to address.

Bio

Michael Brown, CISSP, HCISPP, CISA, CISM, CRISC, has been involved with IT for 20 years, the last ten in IT Security. Moving from a security admin to a global security architect, he has been working for the last few of years as an IT security consultant preforming security risk assessments, gap analysis, and developing policies and procedures for clients to help them implement an information security management system.

Abstract

So your organization conducts regular tests with $automated tool. Want to bring your security testing program to the next level? Red Teaming will give your organization a goal based, adversarial emulating approach to see how secure it really is. In this talk we will cover what red teaming is and how it can be applied to your organization to add a new level to your security program.

Bio

Thomas Richards, Senior Consultant, has been with Cigital since 2012. His primary areas of expertise include Red Teaming and Mobile Security. He is an Offensive Security Certified Professional (OSCP) and a member of TOOOL. Thomas spends his days guiding clients through secure mobile application development and secure web services API design. In his free time, he enjoys playing guitar, camping, and spending time with his wife and four kids.

Abstract

Dissolving the stigma surrounding SELinux and discussing how important SELinux is to hardened and trusted systems. The talk will describe what SELinux is and its purpose, briefly touch on its history, explain its current functionality with some high-level examples, and provide tips on first tackling SELinux implementation. This is intended as a “introduction” or “beginner” talk into the world of SELinux for those with some experience with *nix systems.

Bio

White-hat hacker, tinkerer, and Linux user since epoch time was 9 digits. Currently a Cybersecurity Engineer supporting the defense sector.

Abstract

In digital forensics, sometimes you get a case where the standard tools do not provide the information you need. Whether you need metadata and files from an obsolete file system or you need to extract the data from unsupported file types, writing digital forensics tools in Python gives you abilities beyond those of widely used tools. In this session, learn about some of the Python toolkits and techniques that can help you solve those tough, unexpected digital forensics problems. A case study will be presented to show how Python was used to extract metadata and files from the legacy Macintosh File System (MFS).

Bio

Evan Dygert is a software developer and forensic computer specialist with over 30 years experience with a variety of computer languages, platforms, and databases. He has also been providing expert consulting, expert witness and computer forensic services in intellectual property and contract dispute cases for over 10 years. He is currently working on his Ph.D. dissertation in Computer Information Systems.

Abstract

Internet of Things has become the biggest buzzword to come out from 2015. But there are some serious efforts by big tech companies like IBM to create next generation technologies that talk to each other using the same language. What kind of security policies will we be able to design for a new type of networking? How do our traditional approaches work and where can we draw new inspiration from?

This talk focuses on some recent attacks on IoT technologies and what we have learned from them. More interestingly, what kind of attacks do the experts speculate will happen when IoT is more prevalent. What will be the implications of DoS when everything is online? A cautionary tale, but it almost feels like we’re living in the best of the times.

Bio

Developer, hacker and part time blogger.

Abstract

Billions of dollars are spent globally on technical controls for information security. Most, if not all, of these controls can be overridden by the implicit trust that someone with physical access has to a system. Yet, physical security is often the easiest control to circumvent.

This talk will focus on ways a legal, ethical, and authorized penetration tester can prepare themselves to inspire trust in those protecting their target allowing them to gain access to protected areas.

This talk will look at the physical signs that someone doesn’t belong in an area and how to create a persona that “belongs”. During the talk we will compare different outfits and uniforms used by workers who would be expected to be in controlled areas. The talk will also look at paralanguage and body language that can be used to put people at ease.

The talk will cover:

Why physical access controls are critical
Tales of “Physical Access Gone Wrong”
Uniforms, attire, and details that give away an imposter
Paralanguage – What to say to put people at ease
Body language – What to do to put people at ease
“The Getaway” – How to get out gracefully
Preventing Interlopers – What can you do to stop attackers using these techniques

By the end of the talk the audience should be able to leverage these techniques to test their own security program, bolster their approved penetration testing program, and develop new controls to prevent physical attackers.

Bio

Ean Meyer is an information security professional working in Central Florida. Ean’s current focus areas are PCI, FERPA, HIPAA HITECH, Intrusion Detection and Prevent Systems, Information Security Program Management, Penetration Testing, and Social Engineering/User Awareness Training. Ean has a BS in Information Security and an AS in Computer Network Systems. Ean also holds a CISSP certification. He runs the blog www.thetheaterofsecurity.com.