Before It Bytes!

RVAs3c CTF Thank You & Survey!

Dear RVAs3c CTF participants,

First, apologies that it took me a month to get this out.


Thank you SO much for coming to the conference, and competing in our Capture the Flag contest this year! We hope you had as much fun playing as we did building it!

There were 37 accounts in total, with 25 of them scoring points (some of the teams that scored nothing were made in error, were duplicates, or were admin accounts) and our perspective was that about half of the attendees were using individual accounts, with the other half using a shared team account for submissions.

6 out of 6 Tier 1 challenges were solved. 4 out of 5 Tier 2 challenges were solved, and 1 out of 4 Tier 3 challenges were solved.

We saw a very even progression of points from 25th all the way up to 1st place, which leads us to infer that we presented a very broad spectrum of challenges that catered to every experience level. Hopefully that was the case for you!

Below is a link to a short survey we’ve crafted, and we would greatly appreciate your feedback about the event, to include how the registration process was, whether we had enough space, the quality of the challenges, and what you’d like to see next year.

Merchandise and a Contest! Win a ticket to Thotcon!

The link to the Merchandise page is back!  For now we’d like to sell our stock of t-shirts from Shmoocon.  After those are all gone we are going to work on getting some other kinds of schwag, stuff that you guys will love!

If you’d like to attend Thotcon but don’t have a ticket, we have one to give away!  Keep in mind that Thotcon is on April 23rd in Chicago.

Starting now and running until 6PM Eastern on Friday, April 16th anyone who leaves us feedback via iTunes, comments on a blog post will be entered into a drawing.  The names will be put onto a spreadsheet in no particular order, and then sorted in reverse.  Each name will then have a number in front of it, and we will use in order to randomly select the winner.

You must use the iTunes client to leave feedback in iTunes.  If you leave a comment on a blog posting it must not be spam, and it must make some sort of sense, submissions that just go “Hi” or “asdfjkl;” will be disregarded.


Escaping the clutches of The GOOG

We live in a world where everything and anything is just a click or web search away. Instant access to information is the new norm and seemingly taken for granted.  When questions need answering, most “Just Google it.”; with that ease and convenience of using The GOOG though, comes a price…Your privacy.

Enter GoogleSharing.

On Tuesday, Moxie Marlinspike released a small lightweight Firefox extension that is aimed to prevent the collection of users search/behavioral data by Google. GoogleSharing works by serving all of your queries through a custom proxy that contains a collection of what Moxie calls “GoogleSharing Identities”.  When enabled, if the Firefox plug-in detects a request sent out to any of Google’s services, it routes you through the proxy, removes any identification information and then replaces that data with one of the random, pooled Google Sharing Identities.  Pretty slick!  Obviously, if you are already logged into any of Google’s many services (Gmail, iGoogle, Groups etc) GoogleSharing won’t help one bit.

While anonymous proxies are nothing new, GoogleSharing introduces a different method of anonymity for a pretty specific threat. With its lean and quick Firefox extension, GoogleSharing is a step in the right direction of trying to regain some sort of privacy back on the net.

Everything Shmoo!

So begins another New Year and with it brings another year of conferences. One of the larger events to bring in the New Year is always ShmooCon which takes place this February 5th-7th in Washington DC. With the third and final round of tickets being sold out again in record time, those of you lucky enough to snag a barcode this time around look to be in for yet another amazing conference.

Speaking of that final round of ticket sales… Those of you that attempted to reserve a ticket during the last round might have noticed yet another ‘challenge’ to get that golden ticket to this year’s event. Round three brought in a server with much more availability than the previous two rounds and a webpage that was responsive the entire time. So what actually happened then?

The round three ‘challenge’ had to do with the link that brought you to the first step of the registration process. Clicking on the link brought you to a page greeting you with a ‘403 Forbidden’ error stating ‘You don’t have access to /cart/ on this server’. However, if you looked a bit closer at the URL while dusting off your web application hacking skills; you might have noticed that it wasn’t totally complete. The missing link was to manually enter in ‘reserve.cgi’ to the end of the URL.  Once the URL was manually made valid you were then able to go through the rest of the registration steps, enter in your Captcha and complete the process. The issue was caught and corrected by the site admins, but since the remaining tickets sold out in 15 minutes or so, it still left some in the dark. Better luck next year!!

If you were however, one of the few that were able to snag a ticket to ShmooCon 2010, this year’s speaker panel packs a solid line up and will not disappoint. With presentations covering everything from examining the risks of social networking to how to build your very own Predator UAV spy drone, ShmooCon brings inthe best minds from the security, hacker and maker communities together for a three day event not to be missed. This year’s event is broken up into various ‘tracks’ across the long weekend, with a single track of speed talks (One Track Mind) kicking off on Friday the 5th. The next two days consist of various presentations falling into the other three aptly named tracks: Break It!, Build It! and Bring It On! Thecomplete list of all of the speakers and presentations for this year’s event can be found here. ShmooCon also would not be complete without the various events and contests like ‘Hacker Arcade’ and ‘Hack-Or-Halo’ which return this year yet again along with the ‘Team Fortress 2 LAN Party’.

So bring your ShmooBalls and launchers for what looks to be another great conference to kick off 2010. If you still don’t have a ticket to ShmooCon, do what you can to get there!   A few tickets have been popping up on E-Bay and has a thread going in the forums about a ticket exchange. Check them out! They may cost you, but the experience of ShmooCon should not be missed given the opportunity to make it!

Also, be sure to check out the next episode of the SecuraBit podcast streaming live on Wednesday, January 13th where we will be having the man himself, Bruce Potter on the show to discuss the upcoming conference and all things Shmoo!

Blog post by:  Sean Hausauer

SANS CDI 2009 – Reverse Engineering Malware

So this coming Friday, December 11 – 14, I will have the privilege of attending  SANS CDI 2009.  It’s the largest SANS event that takes place every year in the heart of our nation’s capital.  Besides the horrendous traffic and the bitter cold I’m eager to learn from one of the best in our field, Lenny Zeltser.  Lenny’s been teaching the SANS 610 course for a few years now and has built up a reputation as being a true expert at reversing malware.  I currently hold the GCIA, GCIH, and the GSEC certifications from GIAC and the GREM will be a true test of skills as it’s said to be one of the most difficult to obtain.  I’ll post my experience with the course next week as I’m sure it won’t be a disappointing one.  In the meantime if you’d like more information regarding the SANS 610 course be sure to check it out here.

Be sure to check out the trailer below:

SANS Reverse Engineering Malware

If you’re attending the conference and want to meet up or just say hey, be sure to connect with me via Twitter!


SecuraBit is looking for writers!

We are looking for one or two energetic, articulate individuals to post entries to our blog on a daily or semi-weekly basis.  Those interested should have an interest in Information Security (and well, IT in general) and be able to come up with good content.  We aren’t asking for a 5 page article each time, it can be short and precise, and deliver information that our listeners will appreciate.

Please send an email to feedback -at- securabit dot com or use our contact form!

We can’t promise much in the way of payment, but we can eventually get you a T-Shirt and stickers, and work towards more!

SecuraBit & The Academy Pro join forces!

As SecuraBit continues to grow and bring you the very best content in the security world, we figured it only made sense to join forces with The Academy Pro who accomplishes the very same from a different perspective.  The Academy Pro has an excellent repository of resources available at your fingertips from whitepapers, instructional videos, and forums where users can come together and share ideas.  We hope to broaden our listener base and bring fresh new content to both sites.  This isn’t a complete merger meaning our show will remain the same however with more visibility.  With that being said and the merger being in its infancy, our hopes are to continue to grow and refine our show to the likings of our listener base.  We want to thank all of you who have stuck with us since episode 1 as we’ve made massive improvements since.  Our backend team has put in countless hours to get us were we are today solely because we believe in giving back to those who gave to us when we were up and coming n00bz.  If you have any questions regarding the merger or just want to leave us a note, feel free to reach out to us at feedback[at]

Be sure to visit:

Louisville Metro InfoSec Conference Discount Code

Use the code“geek seat” to get $20 off registration for the Louisville Metro InfoSec Conference.

The conference lineup features some great members of the Security community such as John Strand, Paul Asadoorian, Lee Kushner, Scott Moulton, Adrian “IronGeek” Crenshaw.

Check out Securabit Episode 38 where we talk to Conference Chair, Brian Blankenship and tune in live Wednesday, September 23 with special guest Scott Moulton.

Securabit Live Wednesday with Paul Asadoorian from Pauldotcom

Securabit will be recording live with special guest Paul Asadoorian from Pauldotcom Security Weekly and Tenable Network Security on Wednesday, September 16th.  Paul will be discussing Nessus and some of the new features/updates contained within Nessus 4.0.2 which launched today.  The stream should be live around 7:30 pm EDT and the show will start recording at 8:00pm EDT.  Tune in!