Below you will find the selected speakers for 5HAKACON:
Name: Robert Goldberg
Rob is the Vice President of Global Information Technology (IT) and eCommerce Audit for Wal-Mart Stores, Inc. Rob leads a global team providing independent, objective audit and advisory services by identifying and evaluating risks and controls within Walmarts global IT and eCommerce environments and the related business processes. Rob works to ensure that Walmarts IT and eCommerce assets and processes are protected and optimized in a way that supports the achievement of Walmarts business strategy. Rob joined Walmart in October, 2009 after a 15 year career in professional services, providing audit and consulting services to clients in many industries around the world. Prior to Walmart, Rob was a Partner with KPMGs IT Advisory practice in Sydney, Australia where he was the Asia Pacific lead partner for KPMG's Information Protection and Business Resilience (IPBR) services. In this capacity, he was responsible for leading, managing and delivering strategic and tactical projects focused on IT, information security, privacy, IT audit, business continuity, crisis management and disaster recovery for regional and global companies throughout the Asia Pacific region. Prior to KPMG, Rob spent five years with Accenture (formerly Andersen Consulting), focused on IT architecture, large systems development, IT project management and information security. Rob has a Bachelor of Science degree in Computer Engineering from the University of Florida.
Topic: Managing Security Risks at the Speed of Business
The world around us continues to change at an alarming rate. New markets emerge almost weekly which threaten the staying power of tried and tested business models. In response, businesses look for ways to adapt and innovate to maintain their relevance at the speed of change occurring in the world around them. The key enabler to maintain relevance, sustain growth and adapt is technology. But here is the catch our rate of technology adoption far outweighs our rate of controls adoption. This increasing gap may create a recipe for disaster if new approaches to IT security risk management are not applied. During this keynote, Rob will explore some of the key trends occurring in business and how technology is influencing those changes. Rob will then provide techniques that can be applied to better understand the IT security risk landscape and focus IT security risk management efforts in a way that will best leverage company resources, maximize value to the business and maintain pace with the rapidly changing world of business.
Name: Colin Ames
Colin Ames is a founding Partner and Security Researcher with Attack Research where he consults for both the private and public sectors. He's currently focused on Pen testing, Exploit Development, Reverse Engineering, and Malware Analysis.
Topic: Smart Cards and Single Sign On - The Dark Secrets of Windows Enterprise Authentication and Credentials
Smart Cards and two factor authentication have often been touted as advanced solutions in enterprise network security. However, the reality is that Windows enterprise implementations of Smart Cards with Single Sign On (SSO) provide a false sense of security. This false sense of security hides the dark secrets of Windows authentication and credentials behind a veil of policy, procedure, and show. This talk will focus on Windows enterprise authentication and credentials, specifically their use and misuse. This talk will provide in depth explanation of windows enterprise authentication and credentials, as well as real world examples of authentication and credential exposures that exist in windows enterprise networks. Several known and unknown techniques and tools for Windows credential exploitation will be demonstrated, including attacks against Windows enterprise Smart Card deployments.
Name: Robert McPherson and Ryan Talabis
Bob leads a team of data scientists for a Fortune 100 Insurance and Financial Service company in the US. He has 13 years of experience as a leader of research and analytics teams, specializing in predictive modeling, simulations, econometric analysis, and applied statistics. Bob has over 26 years of experience in insurance and financial services, where security concerns are of paramount importance in protecting customer and account information. Bob is currently one course away from completing a Master's in information management from the Harvard Extension School. He also holds an MBA from the University of Phoenix and the Project Management Professional Certification, as well as several insurance and financial services related designations.
Ryan is a Manager for the Secure DNA Consulting practice. He is co-author of the book Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis (Syngress). He has extensive experience in information security risk assessments, information security policy and program development, vulnerability assessments, and penetration testing. He also has specialized expertise in security analytics and data mining as applied to information security. He has a Master's degree in Information Technology from Ateneo de Manila University; as well as several security related certifications and designations. He has presented in various conferences and organizations around the world including Blackhat, DEFCON, INFRAGARD, ISSA, and ISACA and has a number of published papers to his name in various peer-reviewed journals. He is an alumni member of the Honeynet Project and is currently one course away from a Master of Liberal Arts (ALM) in Extension Studies degree from Harvard.
Topic: The World of Security Seen Through Analytics
Analytics. Well, you've probably heard about it. It's being discussed from scientific papers to board rooms, from text books to the cooler. It is a buzz word that a lot of companies use to be perceived as cutting edge (like living in a Smarter Planet!). But under all the hype, analytics, when it comes down to it, is simply discovering meaningful insights in data. What you probably dont know is that analytics is everywhere now. When applying for insurance or a loan, when someone calls you about a credit card purchase, or even when you see an ad in a website! In this talk, Bob and Ryan will give us a glimpse of what analytics is all about and, more importantly, how we as security professionals can utilize it in our day to day activities. Have you ever tried to look through millions of lines of security logs manually? Have you ever tried to make sense of hundreds of thousands of vulnerability results? Has your boss ever tried to ask you to review years worth of VPN access logs? Did you ever want to analyze the trends of exploit development to see if any of your systems are at risk? Do you need to be a statistics or algorithm guru for this? No! Do you have to buy a fancy server appliance and business intelligence software? Not really! In this talk, Bob and Ryan will show you step by step (yes, there will be live demos) how to use readily available open source analytics tools and techniques such as text analysis, outlier detection, and clustering to augment dreary security chores. This will get you started on becoming the resident security analytics guru in your workplace!
Name: Max Sobell
Max is a senior consultant with the Intrepidus Group in frequently-way-too-hot-or-cold New York City. He heads to warmer weather any chance he can get, under the guise of work or conferences. While stuck in NYC, he frequently reviews devices prior to their release for a range of security vulnerabilities. The weather gives him plenty of time to stay indoors and research NFC, Bluetooth, and other radio technologies. Before working in security, Max was suckered into designing algorithms for high speed trading at hedge funds, an experience that now helps to keep him off the Wall Streets. Max is a licensed HAM operator and contributes chapters to several best-selling Linux books. He has presented at ShmooCon, CanSecWest, EuSecWest, SecTor, and various local conferences.
Topic: Android 4.0: Ice Cream "Sudo Make Me a" Sandwich
With the advent of Android 4.0+, we have seen the rooting landscape shift dramatically. This presentation gives a brief, but highly technical overview of the most ingenious new types of attacks on 4.0+. We will give an overview of Android's device protection mechanisms in 4.0+ and how they can be circumvented or unintentionally undermined by device manufacturers. Each device manufacturer and carrier can add or modify code from the Android Open Source Project (AOSP). This can include access to device memory, exploitable processes which run as the root user, initialization scripts which perform privileged actions without proper validation, or APKs which leak access to otherwise-protected information sources. This talk will examine what carriers and device manufacturers are doing to prevent (or assist) customers root their devices. We will also detail /boot and /recovery differences between OEMs, how signature checks are performed, and demonstrate some of our tools to examine new devices and find potential security flaws. This talk is not about exploiting the AOSP, but rather identifying mistakes and misconfigurations due to customized builds and additional features.
Name: Kyle Maxwell
Kyle Maxwell is a senior network security analyst for Verizon Business on the RISK Intel team, producing unclassified threat intelligence for private and public sector clients as well as supporting field investigators. He writes a blog on threat intelligence and network security at ThreatThoughts.com. Previously, he led the incident response team at Heartland Payment Systems and performed digital forensics for clients across the United States at several private investigation firms. Mr. Maxwell holds a degree in Mathematics from the University of Texas at Dallas.
Topic: Open Source Threat Intelligence
Organizations can no longer rely purely on general, preventive controls. Instead, defenders must continually adapt to their adversaries, including using threat intelligence as appropriate. This talk will examine a number of tools and sources of "open source" intelligence (OSINT) focusing on network indicators, malware, and threat actor tracking. We will also look at how to extend and integrate these tools and sources with existing common technologies for already-stressed incident response teams.
Name: Andreas Kutz
Andreas Kurtz is co-founder of NESO Security Labs, an independent information security consulting and research company based in Germany. He has several years of professional experience in conducting penetration tests for large-scale enterprises, corporations and public authorities as well conducting trainings, presentations and workshops. Currently, he is focused on researching the security of mobile devices and mobile applications for the chair of IT Security Infrastructures at the Friedrich-Alexander-University Erlangen-Nuremberg in Germany.
Topic: Pentesting iOS Apps - Runtime Analysis and Manipulation
Security testing of mobile apps and their environment has become increasingly important in recent years. However, there is still a lack of testing methodologies and supporting tools. Accordingly, the objective of this presentation is to close that gap. As in any kind of software security assessment two different approaches do exist: static and dynamic analysis. While static analysis gives detailed insights into a mobile app, it is not always the most practicable way. To evaluate the security level of a mobile app within an economically reasonable timeframe, it is worthwhile to combine both, static and dynamic analysis. During this talk, I will explain the basic concepts of Objective-C and its runtime. Objective-C supports the concepts of reflection, also known as introspection. This describes the ability to examine and modify the structure and behavior (specifically the values, meta-data, properties and functions) of an object at runtime. Based on this dynamic nature of the Objective-C runtime, I will show how runtime analysis and manipulation eases security assessments of mobile apps. For this purpose, I will discuss the backgrounds, techniques, problems and solutions to Objective-C runtime analysis and manipulation. I will demonstrate how running applications can be extended with additional debugging and runtime tracing capabilities, and how this facilitates both dynamic and static analysis of Apple iOS apps. Moreover, a new tool to assist dynamic analysis and security assessments of iOS Apps will be introduced and demonstrated. This tool allows on-the-fly manipulations of arbitrary iOS Apps with an easy-to-use graphical user interface. Thus, bypassing client-side restrictions or unlocking additional features and premium content of Apps is going to be a child's play.
Name: Paul Rascagneres
Paul has been a security consultant and security researcher for 10 years. He is the creator of the project malware.lu, a repository of free samples for security researchers which also publishes technical analysis. Paul created the first private CERT in Luxembourg and also makes reverse engineering, malware analysis and incident response for several European institutions.
Topic: Reality about Red October
This presentation will focus on the technical analysis of the malware, Red October (announced in January by Kaspersky). The presentation will include the analysis of the exploit, how to recover the dropper, how to unpack the dropper and how to get the final binary (a decrypt it). Finally, I will explain how the malware works. The presentation will include IDA Pro screenshot and a lot of ASM.
Name: Rahul Kashyap
Rahul Kashyap is Chief Security Architect, Head of Security Research at Bromium. Before joining Bromium, he led the worldwide Vulnerability Research teams at McAfee Labs, a wholly owned subsidiary of Intel. For many years, he has led cyber defense technologies focused on exploit prevention and mitigation for both host and network related products. Rahul has published papers in renowned security journals, and has been a speaker at several security conferences.
Topic: How Trustworthy are your Sand-(de)fences?
In this talk we cover in-depth architecture details of windows application sandboxes like Google Chrome, Adobe Reader, Sandboxie. Then we look at the design assumptions these sandboxes make. Are these assumptions the weakest link? After this decomposition, we'll do live exploit demos to bypass these sandboxes; not by exploiting vulnerabilities in them - rather by exploiting the architectural assumptions. The talk will also cover aspects of windows internals, kernel mode vulnerabilities and also give ideas on generic ways how to pivot out of some sandboxes. For the malware analyst or security practitioner - this talk will also cover the perils of doing unknown malware analysis inside sandboxes.
Name: Scott Behren & Ben Toews
Scott Behrens is currently employed as a senior security consultant at Neohapsis and an adjunct professor at DePaul University. An avid coder and researcher, he has contributed to a number of open source tools for both attack and defense. Scott Behrens is the co-developer of NeoPI, a framework to aid in the detection of obfuscated malware. Scott also co-developed BBQSQL, a rapid blind sql injection exploitation framework. Scott has presented security research at DEF CON, DerbyCon, Security Forum Hagenberg, Security B-sides Chicago, and ISACA Milwaukee. Scott has also published security white papers for InformationWeek magazine, the Infosec Institute, and the Neohapsis blog.
Ben hacks stuff at GitHub. In past lives, he has been a pentester, a developer, and a security researcher. Ben has spoken at DefCon, ThotCon, DerbyCon, etc, has contributed to various publications, including Hack In the Box Magazine, and has contributed to and maintained numerous open source security projects.
Topic: State of the Union: Advances in Web Application and Browser Security
Mr. IETF, Mr. W3c, members of the information security community, distinguished developers, and fellow hackers. Ben Toews and Scott Behrens present to you a state of the web security union address. We have seen a surge of proposed standards and governing documents to improve web security. Client side flaws are being addressed by standards such as content-security-policy and IFRAME sandboxing. Data in transit is being more tightly secured using HTTP Strict Transport Security. There is a plethora of technologies available like X-frame-options, ORIGIN header, encrypted media extensions, X-XSS-Protection? We look at the intricacies of the proposed and accepted standards as well as how they are implemented. Security considerations will be addressed for these technologies from a design perspective and with a discussion on any weaknesses observed. What about which browsers have support for these new security standards? What browsers are supporting security technologies that are not yet standards? Information will be presented that breaks down which browser versions support these technologies as well as estimates of the number of users who run compatible browsers. The defensive side of web application security is moving at a very rapid pace and deserves to be investigated and presented in a way that is useful for both developers and security engineers. Developers should leave this talk with knowledge of how these security technologies work and where they can be applied. Security engineers will have a clearer understanding of these security technologies including how and when to recommend them as well as some common pitfalls associated with them.
Name: Kevin Cardwell
Kevin Cardwell is the author of the Center for Advanced Security and Training (CAST) Advanced Network Defense course. He is technical editor of the Learning Tree Course Penetration Testing Techniques and Computer Forensics. He is author of the Controlling Network Access course. He has presented at the Blackhat USA Conferences. He is a contributing author to the Computer Hacking Forensics Investigator V3 Study Guide and The Best Damn Cybercrime and Digital Forensics Book Period. He holds a BS in Computer Science from National University in California and a MS in Software Engineering from the Southern Methodist University (SMU) in Texas. His current research projects are in Computer Forensic evidence collection on "live" systems, Professional Security Testing and Advanced Rootkit technologies. He developed the Strategy and Training Development Plan for the first Government CERT in the country of Oman, he serves as a professional training consultant to the Oman Information Technology Authority, and developed the team to man the first Commercial Security Operations Center in the country of Oman. He serves as an advisor to the Government of Malaysia in establishment of the Cyber Security and Forensics Asia/Pac Center of Excellence.
Topic: Defense is not that hard? So, why is so many not doing it right?
According to the Verizon data breech report 90% of the attacks were not that difficult, and would have been prevented with practical security fundamentals, yet, we continue to see all of these large companies failing at the fundamentals of defense? Why! In this presentation I will discuss the importance for developing robust ingress and egress filtering to mitigate the threat of sophisticated malware. I will discuss the steps you need to take to defend from the majority of the known attacks. I will show the need and importance for analyzing your systems live memory. The talk will conclude with the importance of adding hardware based protection to your defenses. It is time we test the skills of the hacktivists and start at least doing the fundamentals right.
Name: Jason Shirk
Jason Shirk has been involved in Security, Privacy, and Telecommunications for close to 15 years, working at Lucent Technologies/Bell Labs, Avaya, and Microsoft, with specialties in Social Media Privacy, Fuzzing, and VoIP. He has done work ranging from writing and driving Privacy and Security policy and programs to penetration testing and incident management/response (and most things in between). Jason also lived in the Ukraine and is fluent in Russian and Ukrainian. He is currently the Privacy Manager for Bing.
Topic: Privacy for Security Geeks - Dancing with Lawyers
Privacy is front-page news on just about a weekly basis. Lawmakers and regulators are scrutinizing privacy like never before. And oh, by the way, privacy is a security problem. As hackers we spend a lot of time protecting the rights and sensibilities of users. We secure users largely by building tools, platforms and libraries to protect said data and other tools and platforms and libraries to break/ruin/steal this data. We can use these non-trivial skills and apply them to Privacy as well. All we need is a little bit of new vocabulary, a nudge in the right direction, and a (slight) tolerance for talking to lawyers.
Name: Neil Matatall
Neil accidentally started writing code in high school and immediately loved it. Early into his professional career, he transitioned into breaking and fixing code. As a big believer in the open source communities, he has contributed to or authored numerous open source libraries related to testing and developing secure web applications. Today he focuses on enhancing the strength of the platforms Twitter uses to build web applications and providing libraries to augment the existing behaviors.
Topic: Automating Application Security + Continuous Delivery == <3
Automating application security at any level can prove to be very helpful in continuous delivery environments. We will discuss the techniques used at Twitter to keep up with this pace including but not limited to: automated workflows integrated w/ static/dynamic analysis, dynamic scanning (custom/vendor), manual code reviews, framework improvements, libraries, etc. This will include our lessons learned in the last year and how it fits in with our transition to a scala backend. Our documented wins and fails in each iteration along the way will paint a picture of our progress. This is a slightly technical discussion that is meant to paint the "big picture" and how all the pieces fit together, including what is/will be open sourced. It will have some language specific tools, but the content is meant to be generic to any technology stacks/shops.
Name: Dan Tentler
Dan Tentler is the sole proprietor of Aten Labs, a freelance Information Security consultancy firm in San Diego and is routinely parachuted into various clients in southern California. Dan carries a wide breadth of clients and engagements, ranging from threat intelligence, to wireless site surveys and penetration testing, to full blown social engineering campaigns, to lockpicking and threat & vulnerability assessments. Dan has presented at DefCon, BlackHat, Hack in the Box Amsterdam, various BarCamps, Toorcon San Diego, ToorCon Seattle, regional OWASP meetings Refresh San Diego and SDSU computer security advanced lecture classes. Dan has been interviewed by the BBC, CNN, The San Diego Reader and a variety of information security blogs and publications. If you need a bad guy, call Dan.
Topic: Shodan Computer Search Engine: 2013 Edition
Ever hear of the Shodan Computer Search Engine? This young project scans the Internet IPv4 space, collects banners from exposed systems' services, and places them in a searchable database. The impact of Shodan over the past few years is significant, with multiple DHS ICS-CERT advisories on exposed systems, several hacker conference talks, and valuable integration into other tools like Metasploit. We'll cover Shodan's capabilities, the API and a special focus on some of the scariest and sp00kiest devices discovered on the Internet via Shodan, including: SCADA, traffic lights, lawful intercept CALEA, giant mining trucks, TV station antennas, gasoline pumps, crematoriums, and more! Attendees can expect an eye-opening talk where they'll learn about a powerful tool one can leverage to see their own networks in a new light and use as an awareness and metrics tool in their own organization.
Name: Yaniv Miron & MC
Yaniv Miron is a security consultant and researcher currently working at FortConsult in Copenhagen, Denmark. Yaniv performs penetration testing and security assessments for international businesses and organisations. Yaniv is the founder of the largest Israeli hacking convention - IL.Hack. Yaniv is certified as a CISO from the Israel Institute of Technology and a Certified Locksmith. Yaniv spoke at security and hacking conferences all around the world (BlackHat/SyScan/PoC/CONFidence/HackerHalted/OWASP/IL.Hack). Yaniv is highly skilled with hands on penetration testing and security research and found many security vulnerabilities at Microsoft/Oracle/IBM and more.
MC is a security consultant who works at FortConsult in Copenhagen, Denmark. He is a jaded intercontinental man of mystery who spent too many years in the Infosec industry. He has presented at POC (South Korea) and once had a talk accepted at Defcon (US). He likes to mod his TR-808 when off-duty.
Topic: F**k 0-days, We Will Pwn U with Hardware Mofos
We give you the ultimate hardware hacking kit. Wanna pwn some banks? Wanna own big companies? You need some boost up. We will show you that your current set of tools is not enough. You need to have some help from hardware, like 007. We have bundled a set of hardware hacking tools that will assist you. For example, we will show you how to bypass typical corporate Windows 7 machines with Bitlocker encryption enabled, dump and extract goodies from memory, long range RFID tricks to copy your CEOs proxcard, using hardware screenloggers (not the old crappy keyloggers - because everybody knows them and it's lame) and more. You have to be there - because we rock.
Name: Deviant Ollam
While paying the bills as a security auditor and penetration testing consulting with his company, The CORE Group, Deviant is also a member of the Board of Directors of the US division of TOOOL, The Open Organisation of Lockpickers. His debut book, "Practical Lock Picking," became one of Syngress Publishing's best-selling titles. At multiple annual security conferences, Deviant runs the Lockpicking Village workshop area, and he has conducted physical security training sessions at Black Hat, DeepSec, ToorCon, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, and the United State Military Academy at West Point.
Topic: Android Phones Can Do That?!? Custom Tweaking for Power Security Users
While half of all smartphones are running Android, only a small portion of their users choose to modify their phone's stock environment or attempt to perform custom tweaks to their O/S. Indeed, most people within the techy and hacker community are familiar with concepts like "rooting" or installing custom ROMs, but not everyone does that. However, SMALLER STILL is the proportion of seriously security-minded folk who dive to the deepest layers of their Android system, modifying and patching core elements in order to tweak and restrict things beyond what most people know to be possible. Do you know that it is possible to selectively restrict permissions on an app-specific basis? How about the possibility of FAKING data that gets returned when an app attempts to interact with GPS? Spoofing your IMEI, IMSI, and SIM card data?... That's possible, too. Would you like to be able to unlock your device with a 6-digit PIN while simultaneously protecting your /data partition with a 40-character encryption passphrase? All of this and more is possible, depending on how willing you are to delve deeply into your Android O/S and perform a series of advanced -- yet entirely understandable -- tweaks and patches. This talk is for serious power users with a strong need for well beyond the average level of mobile security. It will demonstrate a variety of tools and tweaks and get Android users thinking about just how much more they could be doing to protect themselves and their data, particularly if they routinely travel to hostile areas of the world or are subject to device confiscation.
Name: Brian Lockrey
Brian Lockrey is a college professor of Computer Security and Computer Forensics. Brian has over 30 years of experience with Information Technology and has been using and managing Internet services since 1990
while working for major government defense contractor at the time. Brian is the CEO of Assist Data, a data recovery and digital forensics service business. He is passionate in sharing his expertise in Internet Security, Social Media, IT best practices and incident reporting. He often consults with educators, law enforcement and business managers and provides professional seminars on a variety of Digital Forensics topics. Brian's much sought work has also been published in several journals and books. Brian earned his A.S. degree from Florida Institute of Technology, his B.S. degree from the University of Toledo, and his M.S. degree in Computer Science from the Ohio State University. Brian is a Certified Computer Forensics Examiner and is a member of several Information Security organizations and civic organizations.
Topic: Social Media Digital Forensics
With the advent of social media, mobile devices, digital photography and media sharing sites becoming critical data repositories, digital forensics investigators are now faced with new challenges when looking for artifacts. This presentation will cover the tools and techniques for collecting artifacts from social media networks and other devices. Many popular social networks will be discussed including Facebook, LinkedIn, Google+, Twitter, Google Communities, Instagram, Pinterest, FourSquare, Gowala, Yelp, YouTube, TwitPic, Yfrog, Mylife, XeeMe, Flickr, Picasa, Tinychat, Tumblr and others. Additional services that will be covered include DropBox, SkyDrive, Google Drive, Box and other popular cloud storage and filesharing services. Other topics of interest to the digital forensics examiner include Open Graph, Graph Search, URL encoding, images and Exif data, GPS locations, cross-mapping, mapping friends, directory services, programming API's and scripting.