Talks « BSidesROC


Keynote: Moving the Industry Forward – The Purple Team
David Kennedy
Let’s start off with a strong statement – pentesting today isn’t working. The blue team today isn’t working. When a pentest occurs, even done by some of the industries leading folks and the quality is there – the pentesters go in, blow stuff up, write the report and leave a trail of destruction to be cleaned up until the next pentest. The next year, the same thing, the year after that the same thing. The blue team on the other hand is tasked with securing the entire company and one flaw exposes the entire organization to attack.

I’m here to tell you that we can accomplish both and continue to strengthen how we defend and build detection – its called the Purple Team. Instead of doing covert testing, move to more of a blended approach and build out defenses against the entire lifecycle of a hack.

This talk goes into how to structure the best and effective purple team within an organization as well as walk through a number of different attacks and how to defend them. Like my normal talks, I’ll be going through the Social-Engineer Toolkit and how you can actively block its attacks and use some cutting edge things that haven’t been discussed before on how to block the attacks in the toolkit.

Dexter: Less Blood, More Victims
Silas Cutler
Many think of banking trojans as the malware of choice for the cyber criminals looking to make a profit, however, a relatively new malware trend has combined the potential profits of credit card skimming with the ease of cybercrime.

Point-of-Sale systems have become the new hot target for criminals and the malware known, as Dexter has become the trends poster child. This malware allows the operator to steal thousands of credit cards without anyone knowing.

The Challenge of Natural Security Systems
Rockie Brockway
Static security models and “business as usual” directives have naturally resulted in a collective eyes wide shut mentality of organizational entropy. Organisms, as well as organizations, can only adapt to changing environments by leaving (or being forced from) their comfort zones. It should be obvious that today’s threat landscape is changing at a breakneck pace, yet most organizations are seemingly content in adding “spend” to the annual budget for more systems that claim to protect against the latest FUD. This is not learning and without learning adaptation cannot occur. Challenges to the organism and organization that move them both out of their respective comfort zones are crucial for successful adaptation. This talk will explore these adaptation requirements in an effort to develop a framework for more naturally secure systems and organizations. At its conclusion it will present a challenge for all those willing to get out of their own respective comfort zones and organically contribute to naturally stronger systems and organizations

A Measure of Human Susceptibility
Zack Allen & Chaim Sanders

It is well known that many of today’s web based attacks exploit, to some measure, a trust that users have in both the sender and the URL. As the landscape of the web changes, so does the ability of the average user to depend on such pieces of information. Modern Web 2.0 landscape presents new challenges in terms of identifying and stopping malware attacks. We have devised an experiment to ascertain what identifies the set of people that would click on a link not due to having a trusted URL, but due strictly because of what the asserted content was published or the profile that posted the content. Our platform attempts to identify which portion of the population this represents so that defenses can be identified and better tailored to their needs.

OSINT for Profit: How Someone’s Social Network Content Can Be Used
Steve Stasiukonis
Open Source Intelligence gathering is frequently used for mining emails for penetration testing and social engineering. But OSINT has become mainstream in the world of digital investigations and litigation. This talk will explain the uses of the intelligence that is captured, the process in which its derived as well as the tools that are used. Case studies will also be presented to explain how the relevance of the content is applied to a various legal matters.

Attacking and Defending Full Disk Encryption
Tom Kopchak
One of your company’s laptops was just stolen. You know that there was sensitive information on the machine. You also know that full disk encryption was deployed. Is your data safe? Can you prove it?

Many organizations are flocking to full disk encryption solutions as a solution to their data security requirements. Unfortunately, many of these installations view the deployment of full disk encryption as a panacea for any and all security concerns for their laptop fleets. All too often, these systems are not properly configured and adequately tested.

Busting a Cap without Die-ing
Eric ‘PanicOpticon’ Busse
IC internals are one of the last unexplored frontiers of hardware hacking. This talk will present methods to safely expose (deencapsulate) IC dies, techniques for imaging them, as well as why the hell someone would actually want to do that.

Modern ICs are typically packaged in extremely robust epoxy potting, designed to resist both physical and chemical attack. Typical techniques for removing this packaging involve the use of extremely hazardous chemicals, dangerous procedures, a decent risk of death or disfigurement, and a high risk of ending up on a government watch list. This presentation will cover a reasonable safe, affordable, method to deencapsulate an IC die, which most should be able to do at home, without badly annoying housemates/SOs.

Connect: Tor Attacks and Defense
The first in a three part series on anonymity and privacy will discuss Tor, it’s threats, attacks, and mitigations. This talk will focus on the basics of Tor, how it works, as well as common questions such as “Who funds Tor” and “Is the NSA exploiting it?” This talk will also discuss the underlying infrastructure of Tor such as how relays work, what a directory authority does, and the types of encryption used.

Operations: Anonymity With TAILS and Tor Workshop
This operations workshop will deal with actually using Tor in the real world including implementing OPSEC plans with TAILS, anonymizing your Linux box, and building a hidden service. This will be a hands-op workshop where attendees will be expected to bring a laptop or share with a friend. Custom TAILS LiveUSB drives will be available to test out using TAILS on their own computers.

Communicate: Secure Messaging With OpenPGP/GPG Workshop
This primarily hands-on workshop will get attendees ready to join in on the Key Signing party that happens at the end of the day, as well as use GPG/OpenPGP with others. The attendees will learn the basics of GPG as well as some advanced tips and tricks such as best practices for managing keys on your laptop, and building mutl-layer GPG messages.

Software Defined Radio Workshop
Alex Page
Software-defined radios such as the USRP have been available for many years, and can be adapted to most radio-based projects without changes to hardware. Unfortunately, they’re relatively expensive — typically, $1000+. In the last couple of years, though, it was discovered that several USB TV tuners — ones based on the Realtek RTL-2832U chip — could be used as receive-only SDRs. This opened the door for hobbyists to start playing with RF, by lowering the entrance fee to under $20. In this workshop, standard SDR  applications will be demonstrated, and some previous projects will be discussed. A handful of RTL-SDRs will be  available for purchase, and we’ll get them up and running on your laptop. Get started with RTL-SDR (and SDR in general)!