eye Title Creator

Shmoocon 2016 23,392 23K Online, No One Knows You’re Dead by Andrew Kalat movies eye 23,392 favorite 6 comment 0

Most hackers have a massive digital footprint: social media, servers at co-location sites, servers at home, overly-complicated IT infrastructure, and various other IT gear connected in crazy ways. What happens when one of us suddenly dies? How do our loved ones pick up the pieces, figure out all of our random IT crap that we’ve setup, and move forward? This talk explores the challenges, opportunities, and lessons learned as I aided in figure out the IT gear after the passing of a dear friend...



As a technologist you craft systems that are reliable, scalable, and maintainable. As a security specialist you think adversarially and poke holes in every apparatus you encounter, be it technical, social, or socio-technical. These skills are orthogonal to the ones that good user-experience (UX) designers employ in making software that is usable by “average” people, which is probably why so many security tools suck. In this talk you’ll see why your approach to designing software...



Shmoocon 2016 14,769 15K Keynote Address by Professor Neil Gershenfeld movies eye 14,769 favorite 0 comment 0

Prof. Neil Gershenfeld is the Director of MIT’s Center for Bits and Atoms. His unique laboratory is breaking down boundaries between the digital and physical worlds, from creating molecular quantum computers to virtuosic musical instruments. Technology from his lab has been seen and used in settings including New York’s Museum of Modern Art and rural Indian villages, the White House and the World Economic Forum, inner-city community centers and automobile safety systems, Las Vegas shows,...



Every IR presents unique challenges. But–when an attacker uses PowerShell, WMI, Kerberos attacks, novel persistence mechanisms, seemingly unlimited C2 infrastructure and half-a-dozen rapidly-evolving malware families across a 100k node network to compromise the environment at a rate of 10 systems per day–the cumulative challenges can become overwhelming. This talk will showcase the obstacles overcome during one of the largest and most advanced breaches Mandiant has ever responded to, the...



This presentation will explore how you can survey the wireless world of the radio spectrum to get an idea of the signals around you, and decode transmissions that can be received by pointing an antenna towards satellites in space. Both are accomplished using Software Defined Radio and open source software, and emphasis is placed on the security (or lack thereof) in these communications systems. Using a drone, you can create your very own airborne RF surveying platform, so that you can fly your...



Shmoocon 2016 1,979 2.0K LTE Security & Protocol Exploits by Roger Piqueras Jover movies eye 1,979 favorite 0 comment 0

The Long Term Evolution (LTE) is the newest standard being deployed globally for mobile communications. Despite the well understood security flaws of legacy 2G networks, which lack of mutual authentication and implement an outdated encryption algorithm, LTE is generally considered secure given its mutual authentication and strong encryption scheme. To the day, the main cellular vulnerabilities being exploited in most IMSI catchers and stingrays are based on 2G base stations. Nevertheless, rogue...



Shmoocon 2016 1,551 1.6K (P|G)Ohst Exploitation by Carl Vincent movies eye 1,551 favorite 0 comment 0

This talk focuses on showcasing examples of the GO programming language being utilized to rapidly prototype, and ultimately maintain software designed to perform common or useful post-exploitation tasks. Source code for each feature will be provided, and is intended to exaggerate the limited amount of code and code familiarity required to construct relatively complex payloads capable of performing offensive security tasks fully either in an automated, or fully antonymous context. Carl is a...



We’ve taken a novel approach to automating the determination of a phisher’s geographic location. With the help of Markov chains, we craft honeypot responses to phishers’ emails in an attempt to beat them at their own game. We’ll examine the underlying concepts, implementation of the system, and reveal some of the results from our ongoing experiment. Robbie Gallagher is a security engineer with Atlassian in Austin, Texas. He received his bachelor’s degree in applied computing...



Shmoocon 2016 1,319 1.3K LostPass: Pixel-perfect LastPass Phishing by Sean Cassidy movies eye 1,319 favorite 0 comment 0

LastPass holds all of your secrets. Its login prompts and alerts occur within the browser window, which attackers can control. When the victim visits the target site–which can look completely inconspicuous, such as a news website–after a delay a LastPass notification will appear if the user has LastPass installed prompting the user to log in because their session has expired. The log in screen, which always appears within the browser window, is customized for each browser and operating...



The platforms powering the growth of the Internet-of-Things include tried-and-true embedded Real-Time Operating Systems (RTOSes). These lean OSes are designed for performance and reliability, but they force application developers to use C and often lack the exploit mitigations implemented in consumer OSes. This unforgiving environment places the burden of security entirely on the programmer and makes the risk of memory corruption vulnerabilities on these increasingly ubiquitous systems very...



In the system hardening space, we’ve been using chroot jails to contain compromised programs. These jails were better than nothing, but were easily escaped by many attackers. As Linux containers become more mature, we can use them to replace these jails. This talk will teach you how to use Linux Containers, through both Docker and Ubuntu’s new LXD, to create far better jails for programs, containing their compromise. You will leave this demo-heavy talk immediately able to use both...



Shmoocon 2016 1,107 1.1K Reverse-Engineering Wireless SCADA Systems by Karl Koscher movies eye 1,107 favorite 0 comment 0

Over the past few years, interest in ICS/SCADA systems security has grown immensely. However, most of this interest has been focused on IP-connected SCADA networks, largely ignoring numerous deployments relying on other technologies such as wireless serial links. In this talk, I’ll introduce a new GNU Radio module which lets you sniff SCADA networks that use a popular RF modem for their communications. I’ll also describe the process of reverse-engineering the proprietary RF protocol used....



Shmoocon 2016 1,049 1.0K Be Free, Little GuardBunny! by Kristin Paget movies eye 1,049 favorite 0 comment 0

A few years ago I had cause to do some research into RFID “shielding” wallets, and decided that most of them weren’t very good. Even the good ones could be disabled by simply increasing power; I came away thoroughly unimpressed with the entire concept. I thought about it for a bit, and then came up with GuardBunny. It prevents RFID tags from being read in a different way – by jamming the reader with its own energy. In its current form GuardBunny provides decent protection but it isn’t...



Every day, passionate security professionals encounter a common problem: after bringing a student or colleague up to speed on best practices, it feels like nothing stuck. Why does this happen? And how can we change it up to get better outcomes? This talk will help IT and security professionals find common ground with non-technical users. In addition to sharing people-friendly metaphors, it will give attendees a solid set of communication strategies, and approaches to educate the average user...



Shmoocon 2016 776 776 Crypto and Quantum and Post Quantum by Jean-Philippe Aumasson movies eye 776 favorite 0 comment 0

This is an extension of my DEFCON 23 talk “Quantum computers vs computers security” where I’ll tell you more about the recent 1000-qubit processor and about postquantum crypto’s latest developments. I’ll also tell you how today’s encryption systems are affected (PGP, TLS, OTR, and others) and what you should do if you believe that quantum computers will soon be working. Jean-Philippe (JP) Aumasson (@veorq) is Principal Cryptographer at Kudelski Security, in Switzerland. He designed...



Shmoocon 2016 742 742 OSX Vulnerability Research and Why We Wrote Our Own Debugger by Tyler Bohan and Brandon Edwards movies eye 742 favorite 0 comment 0

Although OSX has had a large gain in popularity, its underlying workings are still unknown to many. In this talk we will discuss OSX internals and how they relate to security research. Specifically, we will discuss the debugging functionality provided (or missing) on OSX, how it differs from other platforms, and the resulting state of tools (LLDB) unwieldy for many security research tasks on modern OSX. For this talk we will open source our private OSX Python scriptable debugger as a...



Shmoocon 2016 737 737 AVLeak: Turning Antivirus Emulators Inside Out by Alex Bulazel movies eye 737 favorite 0 comment 0

AVLeak is a tool for fingerprinting consumer antivirus emulators through automated black box testing. AVLeak can be used to extract information from AV emulators that may be used to detect their presence and evade detection, including environmental artifacts, OS API behavioral inconsistencies, emulation of network connectivity, timing inconsistencies, and CPU emulator “red pills”. These artifacts of emulation may be discovered through painstaking, time consuming binary reverse engineering,...



Are you a Bond villain, whistle-blower, clandestine operative, secret courier, paranoid schizophrenic or generally sketchy character who wants the ability to make your data go up in a puff of smoke at the drop of a hat when the bad guys close in? This talk will focus on implementing practical, low cost, and not entirely unsafe mobile data destruction solutions for your hopefully imaginary needs. Going beyond Shane Lawson, Bruce Potter, and Deviant Ollam’s 3U rackmount requirements from DEFCON...



Shmoocon 2016 695 695 Penetration Testing Custom TLS Stacks by Alex Moneger movies eye 695 favorite 0 comment 0

With the ever growing number of attacks against SSL/TLS, quick turnaround time is required to write proof of concept code to test new attacks. Extending existing TLS stacks to implement such code is difficult and error prone. Due to that need, we developed an offensive focused TLS stack which allows to quickly prototype attacks against all elements of the stack (protocol, crypto, certificates, …) scapy-ssl_tls is an offensive TLS stack which lives above scapy. I will demonstrate how to look...



Big Data Analytics and Machine Learning are pervasive in the decision-making processes of major corporations and governments around the world. This fact introduces a new opportunity and attack vector for hackers — instead of stealing data, attackers can potentially influence or control the decisions of their victims. In our talk we highlight the poor decisions that developers make in their code that enables attackers to drastically skew machine learning models, deliver denial of service...



Shmoocon 2016 658 658 My Hash is My Passport: Understanding Web and Mobile Authentication by David Schuetz movies eye 658 favorite 0 comment 0

The great thing about standards is there are so many to choose from. That’s especially true in the realm of web and mobile application authentication. From Base-64 to OAuth, there are nearly as many ways to send your password to a server as there are ways to store that password. But how do these work? Is any one system better than another, and if so, why? Application testers need to understand how an app authenticates, in order to properly assess risk. Developers need to be able to make good...



Shmoocon 2016 621 621 Resistance is Futile: SDN Assimilating Our Networks by Sarah Rees and Jonathan Medina movies eye 621 favorite 1 comment 0

In the age of an “Internet of Things,” centralized control over a wide variety of devices is creeping down from the clouds and into our everyday lives. Software Defined Networking (SDN) is replacing traditional networks with some of the biggest names in the tech industry. Google, Microsoft, Facebook, Yahoo, Amazon, and AT&T are utilizing SDN for its advanced flexibility and automated network control. Unfortunately some functions of SDN and the OpenFlow protocol should be raising...



Shmoocon 2016 562 562 Building an Encyclopedia of Malware Configs (to punch miscreants) by Jon Bambenek movies eye 562 favorite 0 comment 0

According to VirusTotal, almost 500,000 unique malware samples are seen by them every day. That doesn’t include all the malware VirusTotal doesn’t see. The shear deluge of unique malware samples makes it difficult for incident responders to keep up to protect their networks. Even more difficult is the task to investigators and law enforcement to keep up with the size and number of command-and-control networks and criminal operations. The size and scope of malware may seem daunting, but...



#thingswikfound #omarax is a by-product of hunting for phishing and other badness on the internet. Each day I scan over 2 million newly created domains from a wide range of TLDs, locating everything from 8XX tech support scams to Brand name phishing attempts. Now I understand that scanning the internet for these things isn’t new in general, but I promise you that my approach is different (and at the very least an entertaining story). Jaime ‘WiK’ Filson (@jaimefilson) is a Research...



To hide data from a the forensic practitioner you need to exploit either a gap in their knowledge, their processes, and/or their tools. This is a talk about all three in regards to Apple OS X and iOS code signing. Much research has been conducted around code signing with respect to preventing malicious code execution at binary load time. This strictly about forensics, binary tampering, and data smuggling. Josh Pitts (@midnite_runr) likes to write code that patches code with other code via The...



Shmoocon 2016 482 482 You Ain’t Seen Nothing Yet: New Paradigms for Policy, Regulation, and Community Engagement by Greg Conti (moderator), Mara Tam, Vincenzo Iozzo, Jeff Moss, and Randy Wheeler movies eye 482 favorite 0 comment 0

"[E]very speaker, every writer, every practitioner in the field of cyber security who has wished that its topic, and us with it, were taken seriously has gotten their wish….”[W]e” and the cyber security issue have never been more at the forefront of policy. And you ain’t seen nothing yet.’ — Dan Geer, “Cybersecurity as Realpolitik” We still haven’t. The regulatory and policy landscape around information security is expanding and shifting rapidly. Challenges faced by the...



Explore a base level problem in static malware analysis, that we have too many samples to analyze, by leveraging the parallelization of GPGPUs — an advantage is gained by moving the problem into the visual plane and solving similarity by texture analysis in parallel. I’ve clustered a few hundred million PEs by organizing them by how the “look.” Debugging is accompanied by making movies of the visualization. The real utility of the art is speed. A malware sample can be analyzed on an...



Shmoocon 2016 464 464 Gatekeeper Exposed by Patrick Wardle movies eye 464 favorite 0 comment 0

Gatekeeper is an anti-malware feature baked directly into OS X. Its single goal is to block the execution of untrusted code from the internet. Apple boldly claims that because of Gatekeeper, both trojans and tampered downloads are generically blocked. So hooray! Mac users are all secure…right? Well, perhaps not :/ Until now, there has been little technical information about Gatekeeper’s closed-source internals. This talk seeks to remedy this by exposing the inner workings of Gatekeeper and...



Microsoft Windows has a long history of outstanding security vulnerabilities that many of us in the security industry are well aware of. Microsoft has released advisories with mitigations for some of these vulnerabilities, however due to compatibility, performance, and time/budget constraints, these mitigations are often not deployed consistently. In this project we take advantage of a number of these issues to develop a local privilege escalation exploit for Microsoft Windows that is safe and...



Shmoocon 2016 415 415 Political Pwnage: The Hacker’s Guide to Cybersecurity Policy by Nick Leiserson and Jen Ellis movies eye 415 favorite 0 comment 0

In 2015, 74 bills containing the term “cybersecurity” were introduced in Congress; the Library of Congress approved a security research exemption for the DMCA; the President signed two cybersecurity-related Executive Orders; and various Government agencies debated how to control exports of intrusion technologies. This trend will continue in 2016 as more breaches and vulnerabilities hit the headlines, and technology continues to become more pervasive in our lives. Government policy impacts...



Shmoocon 2016 413 413 Breaking Bulbs Briskly by Bogus Broadcasts by Joseph Hall and Ben Ramsey movies eye 413 favorite 0 comment 0

Smart energy and building automation are powerful technologies with significant promise. Unfortunately, the global rush to connect as many devices to the network as possible leads to unintended vulnerabilities. The ability to physically damage hardware by abusing network access is particularly interesting. This talk has two goals: 1) introduce an open source tool for pen-testing proprietary Z-Wave wireless automation networks and 2) discuss a rapid process for destroying florescent lights....



Shmoocon 2016 395 395 Closing Plenary: Information Security Programs in Academia by Matt Blaze (moderator), Greg Conti, Rick Forno, and Jeff Foster movies eye 395 favorite 0 comment 0

As information security grows nearly exponentially, it’s hard to remember back 15 years ago to a time when the industry was just starting to take off. At that time, most of the individuals in this industry were self taught with respect to this discipline. There were only a few handful of information security programs in academia. Contrast that to today where there are hundreds of programs across the nation with new ones springing up every semester. As far as academia goes, that kind of growth...



Shmoocon 2016 391 391 Software Security by the Numbers by Chris Eng movies eye 391 favorite 0 comment 0

Every industry faces the challenge of securing software, so why do some industries “get it” while others struggle to manage the problem at scale? In this session, we will share data drawn from over 200,000 application assessments performed via Veracode’s cloud platform over an 18-month period. This is the largest data set of its kind, and it provides unique insight into the state of software security. Attendees can use this information to benchmark their AppSec program against peers,...



Shmoocon 2016 369 369 0wn the Con by The Shmoo Group movies eye 369 favorite 0 comment 0

For eleven years, we’ve chosen to stand up and share all the ins and outs and inner workings of the con. Why stop now? Join us to get the break down of budget, an insight to the CFP process, a breakdown of the hours it takes to put on a con like ShmooCon, and anything thing else you might want to talk about. This is an informative, fast paced, and generally fun session as Bruce dances on stage, and Heidi tries to hide from the mic. Seriously though–if you ever wanted to know How, When, or...



Shmoocon 2016 294 294 Making Milware: An Interdisciplinary Tryst by Trey Herr and Eric Armbrust movies eye 294 favorite 0 comment 0

How can political and computer science get together to make something beautiful? The pervasive development and deployment of malicious software by states presents a new challenge for the information security and policy communities because of the resource advantage and legal status of governments. The difference between state and non-state authored code is typically described in vague terms of sophistication, contributing to the inaccurate confirmation bias of many that states simply ‘do it...



Shmoocon 2016 253 253 Ask the EFF by Kurt Opsahl, Andrew Crocker, Bill Buddington, and Eva Galperin movies eye 253 favorite 0 comment 0

Get the latest information about how the law is racing to catch up with technological change from staffers at the Electronic Frontier Foundation, the nation’s premiere digital civil liberties group fighting for freedom and privacy in the computer age. This session will include updates on current EFF issues such as NSA surveillance and fighting efforts to use intellectual property claims to shut down free speech and halt innovation, discussion of our technology projects to protect privacy and...



Shmoocon 2016 252 252 Opening Remarks, Rumblings, Ruminations and Rants by The Shmoo Group movies eye 252 favorite 0 comment 0

The attendees of Shmoocon 2016 are welcomed to the conference, given basic information about the conferences offerings, and the events to look forward to.



Shmoocon 2016 239 239 Using The Algebraic Eraser To Secure Low Power Devices by Derek Atkins movies eye 239 favorite 0 comment 0

The Algebraic Eraser (AE) is a Group Theoretic Public-Key Cryptosystem originally published in 2006 and designed specifically to work in constrained devices with limited CPU and power capabilities such as RFID and Internet of Things (IoT) devices. Algebraic Eraser Diffie-Hellman (AEDH) provides a key-agreement protocol that performs significantly better than ECC at the same security level in both hardware and software. One hardware implementation in 65nm CMOS performs 60-200 times better than...



Shmoocon 2016 215 215 Compressed Context Based Analytic Results for Use in Computer Vision System for Network Defense by Rob Weiss and John Eberhardt movies eye 215 favorite 0 comment 0