SecuraBit Episode 107: Summer Con Preview

Hosts

Guests

Topics

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Black Hat USA 2012 Google Calendar

You asked, and we delivered. We’ve created a Google Calendar for the events at Black Hat USA 2012 – The Briefings, Arsenal, and Executive Briefings.

Each calendar entry contains the full talk description if available.

Here are the links:

HTML Calendar (Opens in Browser)

iCal Version (For importing to devices/iCal/GCal)

XML Version (If That’s Your Thing)

Source document:

Black Hat USA 2012 Schedules

And don’t forget to check out the BSidesLV and DEFCON calendar.

-ChrisAM / @TheChrisAM

ChrisAM’s Picks for BSidesLV and DEFCON Talks 2012

On tonight’s show we will be talking about our choices for talks this year at BSidesLV and DEFCON.

It was very difficult to pick only one talk per time slot. My picks below are of interest to me personally. I do not mean to imply that one topic or speaker is better than any other, but we all have to make a decision for each hour of the conferences. You’ll notice that I am more interested in security policy, incident response, and network defense rather than reverse engineering, and exploitation.

(I will update this post later for continuity and with direct links to each talk description)

BSidesLV:

Wednesday
1100: Ambush – Catching Intruders at Any PointMatt Weeks
1200: When Devices Rat Us OutKen Westin
1400: Big Data’s Fourth V: Or Why We’ll Never Find The Loch Ness MonsterDavi Ottenheimer
1500: Why have we not fixed the ID problemDallas
1600: Shot with your own gun – how appliances are used against youChristopher Campbell
1700: Mirror Mirror – Reflected PDF Attacks using SQL injectionShawn Asmus
1800: Sexy DefenseIan Amit

Thursday
1000: Mainframed – The forgotten FortressPhil Young
1100: Metrics that suck even lessWalt Williams
1200: The leverage of language, or, How I realized Information Theory could save information securityConrad Constantine
1400: The Magic of Symbiotic Security – Creating an ecosystem of security systemsJosh Sokol & Dan Cornell
1500: Lightning Talks
1600: Lightning Talks
1700: Lightning Talks
1800: IPv6 Panel / Drinking Game

Defcon:
Friday
1000: The Christopher Columbus Rule and DHS – Mark Weatherford
1100: Socialized Data: Using social media as a cyber mule – Thor
1200: Not so super notes: How well does US dollar prevent counterfeiting? AND The open cyber challenge platform project
1300: How to Channel Your Inner Henry Rollins – Jayson E. Street AND Bad (and sometimes Good) Tech Policy: It’s not just a DC thing
1400: Changing the security paradigm: taking back your network and bringing pain to the adversary – Shawn Henry
1500: An Inside Look into Defense Industrial Base (DIB) technical security controls: How Private Industry protects our Country’s Secrets – James Kirk
1600: Bypassing Endpoint Security for $20 or Less – Phil Polstra
1700: Anti-Forensics and Anti-Anti-Forensics: Mitigating Techniques for Digital-Forensic Investigations – Michael Perklin

Saturday:
1000: World War 3.0: Chaos, Control & the Battle for the Net – Corman, Kaminsky, Moss, Beckstrom, Gross
1100: Hacking Humanity: Human Augmentation and You – Christian Dameff, Jeff Tully
1200: Botnets Die Hard – Owned and Operated – Aditya Sood, Richard Enbody
1300: The End of the PSTN As You Know It – Jason Ostrom, Karl Feinauer, William Borskey
1400: <ghz or bust: DEF CON – ATLAS
1500: Exchanging Demands – Peter Hannay
1600: Connected Chaos: Evolving the DCG/Hackspace Communication Landscape – Blackdayz, Anarchy Angel, Anch, Dave Marcus, Nick Farr
1700: The DCWG Debriefing – How the FBI Grabbed a Bot and Saved the Internet – Paul Vixie, Andrew Fried

Sunday:
1000: OPFOR 4Ever – Tim Maletic, Christopher Pogue
1100: KinectasploitV2: Kinect Meets 20 Security Tools – Jeff Bryner
1200: Looking Into The Eye Of The Meter – Cutaway
1300: DC RECOGNIZE Awards – Jeff Moss, Jericho, Russ Rogers
1400: Can Twitter Really Help Expose Psychopath Killers’ Traits? – Chris Sumner, Randal Wald
1500: Sploitego – Maltego’s (Local) Partner in Crime – Nadeeom Douba
1600: How to Hack All the Transport Networks of a Country – Alberto Garcia Illera

DEFCON 20 and BSidesLV Google Calendar

I made a Google Calendar with the DEFCON Talks, BSides Talks, as well as the entertainment lineup for DEFCON. I hope you find it useful. I wanted to get the calendar easily on my phone and set reminders for talks I want to see. Please let me know of any corrections that are needed.

Each calendar entry includes the full talk description if available.

Here are the links:

HTML Calendar (Opens in browser)

iCal Version (For importing to devices/iCal/GCal)

XML Version (If that’s your thing)

And the source documents:

DEFCON Schedule

DEFCON Speakers

BSidesLV Schedule

UPDATE (7/19): We’ve created a Google Calendar for the Black Hat USA 2012 schedule.

-ChrisAM / @TheChrisAM

SecuraBit Episode 106: Unlock your Door!

Hosts

Guests

Topics

  • TOOOL – The Open Organisation Of Lockpickers http://toool.us/
  • Physical Security and the Three R’s
  • New edition of Practical Lockpicking coming soon!

News Items
Coders’ Rights At Risk in the European Parliament
https://www.eff.org/deeplinks/2012/06/eff-european-parliament-directive-attack-information-systems

Department of Homeland Security and U.S Navy hacked
http://thehackernews.com/2012/06/department-of-homeland-security-and-us.html

US-CERT discloses security flaw in Intel chips
http://m.csoonline.com/article/708568/us-cert-discloses-security-flaw-in-intel-chips

FEMA pushes cyber attack game for businesses
http://www.v3.co.uk/v3-uk/the-frontline-blog/2184608/fema-pushes-cyber-attack-game-businesses

United States Department of Defense data leaked by Anonymous hackers
http://thehackernews.com/2012/06/united-states-department-of-defense.html

KeepTheWebOpen.com
http://keepthewebopen.com/digital-bill-of-rights

Attacks Targeting US Defense Contractors and Universities Tied to China
http://threatpost.com/en_us/blogs/attacks-targeting-us-defense-contractors-and-universities-tied-china-061312

10000 Twitter User oauth token hacked and Exposed by Anonymous
http://thehackernews.com/2012/06/10000-twitter-user-oauth-token-hacked.html

Password flaw leaves MySQL, MariaDB open to brute force attack
http://go.theregister.com/feed/www.theregister.co.uk/2012/06/11/mysql_mariadb_password_flaw/


Upcoming events


Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8