Loading…
BSidesSF 2016 has ended

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Sunday, February 28
 

8:00am PST

Venue Open/Registration
Sunday February 28, 2016 8:00am - 9:00am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Registration

9:00am PST

Coffee
Sunday February 28, 2016 9:00am - 10:00am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Meal

10:00am PST

Keynote: A Declaration of the Independence of Cyberspace
Feedback Survey
John Perry Barlow will read his "A Declaration of the Independence of Cyberspace" and answer Q&A about it and about EFF's founding.
Speakers
JP

John Perry Barlow

Among many endeavors, John Perry Barlow has been a cattle rancher in Wyoming, a songwriter for the Grateful Dead, and the co-founder of the Electronic Frontier Foundation, which has been protecting the free flow of information on the Internet since 1990. He wrote the introduction... Read More →

Sunday February 28, 2016 10:00am - 10:55am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

11:00am PST

The Tales of a Bug Bounty Hunter
Feedback Survey
Bug bounty hunting is the new black! During this technical talk, several interesting vulnerabilities identified in Instagram will be presented. All vulnerabilities were disclosed responsibly via Facebook’s Public Bug Bounty program over the course of 2015 and 2016, and will be discussed in depth. Required advanced Mobile Security attack techniques for this Research, such as Binary Modification, Dynamic Hooking and Burp Suite Plugin Development will be covered, among other trickery. The most interesting vulnerabilities were hybrid: Combinations of complementary vulnerabilities in different environments (e.g. Web and Mobile). All identified issues’ root causes will be mapped onto the Software Development Life Cycle (SDLC), to analyze where they could have been prevented from materializing. Last but not least, the monetary rewards offered by Facebook for each vulnerability and general Bug Bounty Hunting advice will be shared with the community.
Speakers
avatar for Arne Swinnen

Arne Swinnen

IT Security Consultant, NVISO
Arne Swinnen is an IT Security Consultant at NVISO, a Belgian Cyber Security Consulting firm. He previously worked for Verizon in a similar position. Arne specializes in Application Security and Digital Forensics. He is also a member of NVISO R&D Labs, for which he conducts technical... Read More →

The Tales of a Bug Bounty Hunter Arne Swinnen vFINAL pdf
Sunday February 28, 2016 11:00am - 11:55am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

11:00am PST

Mainframes? On My Internet?
Feedback Survey
In early 2013 Soldier of Fortran had an idea. What if there were mainframes on the internet? He knew there had to be, the internet is just full of all kinds of weird stuff. But what if there’s also mainframes on there, what would that mean? Using some google-fu he started the hunt, easily finding a handful, then later moving on to SHODAN and finally masscan. He found hundreds of ‘green’ screens up and running with their beautiful EBCDIC art for all the world to see. This talk will walk through the story of how he found the mainframes. Going through the process to find the mainframes and how he helped augment tools like SHODAN to make hunting easier. He’ll detail the tools he wrote specifically to hunt internet mainframes, the troubles he’s gotten in to for looking for them and then provide MANY examples of the the kind of (scary) things he’s encountered on the web. There may even be some live examples of some of those mainframes. Talks about new changes Soldier of Fortran made to Nmap 7 and how those changes make it easier to find mainframes will be discussed and some live demos *may* be performed.
Speakers
avatar for Soldier of FORTRAN

Soldier of FORTRAN

Supreme Commander, Zed Security
Soldier of Fortran is a mainframe hacker. Being a hacker from way back in the day (BBS and X.25 networks) he was always enamored by the idea of hacking mainframes. Always too expensive and mysterious he settled on hacking windows and linux machines, until 2010 when he finally got... Read More →

Sunday February 28, 2016 11:00am - 11:55am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

11:00am PST

TOOOL
Feedback Survey
Villagers
avatar for Christine Bachman

Christine Bachman

Lockpick Extreme
Bob and Christine's Lockpick Extreme provides fun, informative, entertaining hands-on training in the arts of lockpicking and handcuff escape. Participants learn how to open real world locks and handcuffs using professional tools and techniques. Once mastering the basic skills, students... Read More →
RH

Sponsors
avatar for TOOOL

Sunday February 28, 2016 11:00am - 6:00pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Lockpick Village

12:00pm PST

Lunch
Lunch + Raffle
Sunday February 28, 2016 12:00pm - 1:00pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Meal

1:00pm PST

Reverse Engineering the Wetware: Understanding Human Behavior to Improve Information Security
Feedback Survey
The human mind evolved to draw quick conclusions for survival. Behavioral economists, like Daniel Kahneman and Dan Ariely, are publishing research on when, why and how decision making can be consistently and predictably irrational. You could say these researchers are reverse engineering the wetware, finding bugs and race conditions and disclosing them.People are key to an organization’s information security, even if you believe in the “people, processes and technology” tripod. People define and execute processes. People decide funding for, implement, operate and/or monitor the technology. Your adversaries are people. At least until we reach the AI singularity, that is.Until then, the aim of this talk is to present some of the counter-intuitive findings of behavioral economics research and their implications for how information security is handled at the organizational and market levels. Our hope is that the audience will find they could benefit from changing established, seemingly sensible and logical actions we all do to better match how the wetware actually works.
Speakers
avatar for Matthew Hathaway

Matthew Hathaway

Senior Manager, Rapid7
Matt Hathaway serially obsesses over problems ranging from poor design to ineffective communication with a compulsion to solve them. He ventured to Northern Ireland to open Rapid7’s now largest development office and currently owns the expansion of the company’s cloud platform... Read More →
avatar for Alexandre Sieira

Alexandre Sieira

Co-Founder and CTO, Tenchi Security
Alexandre (or Alex) Sieira is a successful information security entrepreneur in the information security field with a global footprint since 2003. He began his security career as a Co-Founder and CTO of CIPHER, an international security consulting and MSSP headquartered in Brazil... Read More →

BSides2016 Sieira Hathaway final pdf
Sunday February 28, 2016 1:00pm - 1:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

1:00pm PST

Securing the Distributed Workforce
Feedback Survey
A distributed workforce is becoming the trend as new companies start and take off, as well as existing companies expand. Traditional and proven security principles do not always apply to this type of environment, thus requiring unique and creative solutions. One of the challenges with a distributed workforce is the ability to protect end users as they perform day-to-day work and browse the deep wide internet (personal browsing habits). The ability to monitor end users and production systems becomes increasingly difficult as software and hardware are migrated from physical assets and virtualized into the cloud. We have a unique deployment and workforce requiring different approaches to maintain a secure workforce. This talk covers the gaps that exist and approaches we are taking and researching to maintain a safe and secure work environment.
Speakers
WB

William Bengtson

Will Bengtson is the punisher of security at Nuna Health and has been blowing cyber criminals away for years. His experience across industries in low level implementation, architecture risk analysis, red teaming, and penetration testing among others has allowed him to partner up with... Read More →

Sunday February 28, 2016 1:00pm - 1:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

1:00pm PST

Exploit Development Training & Competition
Limited Capacity filling up
Feedback Survey
Participants will exploit a simple vulnerable Linux application, first to redirect execution to existing code, and then to gain remote code execution.  The first project has complete step-by-step instructions. Then they will compete to gain control of a series of applications
running on a remote server.

Everyone is welcome to compete, whether they attend the hands-on training or not.

We will use these tools:


  • Simple Python scripting

  • Gnu debugger

  • objdump


 

Participants will need to bring a laptop with Kali Linux 2.0 (x86) running as a real or virtual machine.  Prior experience with C and assembly language is helpful but not required.
Villagers
avatar for Sam Bowne

Sam Bowne

Instructor, CCSF
Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, HOPE, BSidesSF, BSidesLV, RSA, and many conferences and colleges. Formal education: B.S. and Ph.D. in Physics Industry credentials... Read More →

Sunday February 28, 2016 1:00pm - 6:00pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Workshop

2:00pm PST

Who’s Breaking into Your Garden? iOS and OS X Malware You May or May Not Know
Feedback Survey
Apple platforms were thought far away from malware problem in a long term, until at least 21 and 27 new malware or adware families on iOS and OS X were discovered in the past two years. Some of these have led to the theft of hundreds of thousand of password (the KeyRaider) or hundreds of million of infections worldwide (the XcodeGhost). This topic will discuss the primary spreading and attack techniques used by these real world malware as well as their common characteristics, and identify trends around these topics. The security industry can use this information to build more effective solutions to detect and to defeat similar threats in near future. We will discuss with case studies on: attacking non-jailbroken iOS devices, bypassing App Store code review, infecting compilers and libraries, escalating privileges or executing code remotely via zero day vulnerabilities, attacking specific targets via commercial or customized Spyware, attacking multiple platforms or crossing platforms, making profit from advertisers by stealing revenue, and hunting Apple IDs for various evil purposes.
Speakers
CX

Claud Xiao

Principal Security Researcher, Palo Alto Networks
Claud Xiao (@claud_xiao) is a principal security researcher at Palo Alto Networks where he is working on advanced malware research and building antivirus services for OS X, iOS and Android. Prior to joining Palo Alto Networks, he was a senior researcher at Qihoo and was a senior researcher... Read More →

Sunday February 28, 2016 2:00pm - 2:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

2:00pm PST

Hackers Hiring Hackers - How to hack the job search and hack talent
Feedback Survey
There are few talks that address what some consider to be the hardest part of getting a job in InfoSec: the hiring process. Information security is in desperate need of people with the technical skills hackers have to fill a myriad of roles within organizations across the world. However, both sides of the table are doing horribly when it comes to hiring and interviewing. Organizations are doing poorly trying to communicate expectations for a job, there are people going to interviews without knowing how to showcase their (limited or vast) experience, and some people posture themselves so poorly that the hiring managers don’t think the candidates are really interested in the job. This talk takes the experiences of the speakers as both interviewers & interviewees (as well as from others) in order to help better prepare to enter (or move within) “the industry,” as well as let hiring managers know what they can do to get the people & experience they need for their teams.
Speakers
avatar for IrishMASMS

IrishMASMS

IrishMASMS is an old school hacker, fighting the good fight in Computer Network Defense (CND)/blue team efforts for over 16 years. Been lurking about since DEFCON 10, panel member at HOPE 5, presenter at a couple of Notacon’s, and some other conferences that are hard to remember... Read More →

Sunday February 28, 2016 2:00pm - 2:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

3:00pm PST

A year in the wild: fighting malware at the corporate level
Feedback Survey
Yelp as any large company has a problem with viruses, malware and organized phishing campaigns targeting our corporate network and our employees. We have assembled a set of tools and processes to stop the pests from infecting our network.From the moment of the threat detection, first response throughout the analysis, and the final resolution, we make sure that we can catch as many incidents as possible and properly sanitize the environment so that the potential problems are cut short. All this in an automated and orchestrated fashion, eliminating the manual repetition as much as possible thanks to the in-house built tools like AIR (Automated Incident Response), OSXCollector (Mac OS X forensics collection) and ElastAlert (alerting out of Elasticsearch). We also compliment the pipeline with some available open source tools, like osquery and other proprietary threat detection technologies. This adds up to a balanced ecosystem that helps us leverage the current assets, learn about the potential problems quickly and respond to them in a timely fashion.
Speakers
avatar for Kuba Sendor

Kuba Sendor

Engineering Manager, Yelp
Kuba Sendor (@jsendor) is working at Yelp security team where he automates malware incident response and together with his teammates makes sure that Yelp's infrastructure stays secure. Previously he worked at SAP in the Security and Trust research group where he participated in the... Read More →

BSides SF 2016 A year in the wild fighting malware at the corporate level pdf
Sunday February 28, 2016 3:00pm - 3:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

3:00pm PST

Scan, Pwn, Next! – exploiting service accounts in Windows networks
Feedback Survey
Service accounts are prevalent in Windows networks, but are often mismanaged and ripe for exploitation. Too often these accounts are over-privileged, dual-used (both by human users and automated processes), and have credentials omnipresent in the network. The services that use these accounts are easily discovered, as they are registered as SPNs on the Active Directory, thus presenting a lucrative target for an attacker.In this talk we will discuss how service accounts can be mismanaged and thus exploited, and present new research examining the exposure of service accounts in real-world networks.We will demonstrate exploitation techniques and introduce an open source tool for detecting potentially vulnerable service accounts in Windows networks. We will also discuss how targeted behavioral analytics can be employed to detect potential abuse of service accounts.Armed with the knowledge and tools from this presentation, you can now go and test your own networks – and, perhaps, prevent that sneaky attacker from exploiting your service accounts.
Speakers
AD

Andrey Dulkin

Andrey Dulkin has over 15 years of experience in information security research and development, both in technical and leadership positions. In his current position, Andrey heads the CyberArk Labs, where his research focuses on targeted attacks mitigation, critical infrastructure security... Read More →
MH

Matan Hart

Matan Hart is a security researcher (he doesn't like the term cyber) at CyberArk Labs, where he researches targeted attacks (he doesn't like the term APT neither) and hacking techniques to come up with novel detection and mitigation capabilities. Based on his extensive experience... Read More →

Sunday February 28, 2016 3:00pm - 3:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

4:00pm PST

Breaking Honeypots for Fun and Profit
Feedback Survey
This talk analyzes the concept of the Honeypot, its weaknesses, and how a better honeypot can be constructed.
Speakers
avatar for Gadi Evron

Gadi Evron

CEO, Cymmetria
Gadi Evron is the CEO and Founder of Cymmetria. An accomplished and highly connected technology, strategy and innovation leader, Gadi has held leading roles in the world’s biggest InfoSec companies. He was also founder of the ISOI conferences (Information Security Operations & Intelligence... Read More →
IS
DS

Dean Sysman

CTO, Cymmetria
Dean Sysman is the CTO and Co-Founder of Cymmetria. He is a highly experienced cyber programmer and reverse engineer. Already as a high schooler, Dean finished his B.Sc. in Computer Science and then graduated from an elite IDF intelligence course. Afterwards, he served in Unit 8200... Read More →

Sunday February 28, 2016 4:00pm - 4:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

4:00pm PST

Guest to root - How to Hack Your Own Career Path and Stand Out
Feedback Survey
Three security professionals walk into a bar:A Security proTHAT Security proand THE security pro.I used to only be 'A' security pro - as a result I didn't get any of the recognition or reward I worked towards. Not even my mother used to visit my blog. In this talk, I distill some of the key skills and traits taken from personal experience as well as industry professionals to present strategies you can employ to increase your value internal to your organisation as well as in the industry. For most, simply putting in the hours isn't enough to move up from being A security person to becoming THAT or even THE security person.
Speakers
avatar for javvad

javvad

Security Advocate, AlienVault
"Javvad Malik is a security advocate at Alien Vault, a blogger and a co-founder of Security B-Sides London. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including... Read More →

Sunday February 28, 2016 4:00pm - 4:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

4:30pm PST

Everything Is Awful (And You're Not Helping)
Feedback Survey
Shamir's Three Laws of Security have been known for quite some time now:- Absolutely secure systems do not exist- To halve your vulnerability, you have to double your expenditure- Cryptography is typically bypassed, not penetratedLikewise for Morris's Three Golden Rules of Computer Security:- do not own a computer;- do not power it on;- and do not use it.But, it appears, we suck at heeding such good advice. Stories of failure,ranging from small to epic, let me tell you them. Perhaps they even havesomething in common, some sort of moral or lessons we might learn?Something uplifting that helps those of us not completely ground topieces by our own cynicism? Naaah, unlikely. But a man can dream,though, a man can dream.
Speakers
JS

Jan Schaumann

Jan Schaumann has worked in various System and InfrastructureAdministration, -Architecture, and -Security related functions in bothsmall scale academic as well as massive industry-leader corporateenterprise environments. He spends a lot of time worrying aboutinfrastructure integrity... Read More →

Sunday February 28, 2016 4:30pm - 4:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

4:30pm PST

IoT on Easy Mode (Reversing Embedded Devices)
Feedback Survey
As technology matures we are seeing a trend of products that are now “smart.” The problem is that once we discover how these devices are programmed we can see the flaws but unfortunately the hardware aspect scares some people away. This talk is to show people how easy it really is to get into embedded device hacking while also expanding their knowledge outside of the x86/x86_64 space. By the end of this talk the audience will be encouraged to go out and start their journey into the embedded device world while having the tools that they need without the need of spending money unless absolutely necessary. This talk will also cover the reasoning behind purchasing products such as a logic analyzer and the bricks walls I personally went through to justify the needs.
Speakers
EC

Elvis Collado

Elvis Collado is a Security Researcher with a focus in embedded electronics. Elvis got into electronics ever since he discovered his first vulnerabilities in the devices he owned. He decided to migrate his research from the desktop space to the embedded space and wants to share what... Read More →

Sunday February 28, 2016 4:30pm - 4:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

5:00pm PST

Why it’s all snake oil – and that may be ok
Feedback Survey
Every few years, security vendors entice us with “next generation” security products with 0day detection and we must decide if this product will be our salvation or if it’s more snake oil full of empty promises. Basic theorems of computer science mathematically guarantee that many of the claims made by sales are false without certain allowances, but that doesn’t mean that the products are useless. Understand how to ask the right questions to determine if a security vendors assumptions are valid for your organization. Take a walk through the history of exploitation and computer science theorems to learn how to have an honest conversation about security products and their capabilities.
Speakers
avatar for Pablo "@Ngree_H0bit" Breuer

Pablo "@Ngree_H0bit" Breuer

Director, Center for Information Warfare and Innovation
Pablo is a computer scientist and INFOSEC professional with over twenty years experience in the public and private sector. He is currently the director of the Center for Information Warfare and Innovation, a military associate professor at the Naval Postgraduate School in Monterey... Read More →

Sunday February 28, 2016 5:00pm - 5:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

5:00pm PST

In the crosshairs: the trend towards targeted attacks
Feedback Survey
While we will never see the end of generalized mass attacks, the real damage is being done through highly targeted attacks. I will discuss why targeted attacks are so effective and economically advantageous to the attacker and why that trend is likely to continue. After considering several examples I will provide some suggestions for countermeasures against this strategy.
Speakers
avatar for Lance Cottrell

Lance Cottrell

Chief Scientist, Ntrepid Corporation
Lance Cottrell founded Anonymizer in 1995, which was acquired by Ntrepid (then Abraxas) in 2008. Anonymizer’s technologies form the core of Ntrepid’s Internet misattribution and security products. As Chief Scientist, Lance continues to push the envelope with the new technologies... Read More →

Sunday February 28, 2016 5:00pm - 5:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

5:30pm PST

Ask the EFF
Feedback Survey
Ask the EFF is a Q&A panel with EFF staffers, with short presentations on EFF's ongoing work, then opening the floor for questions from the audience.
Speakers
avatar for Shahid Buttar

Shahid Buttar

Director of Grassroots Advocacy, EFF
Shahid is a constitutional lawyer focused on the intersection of community organizing and policy reform. He led the Bill of Rights Defense Committee as Executive Director from 2009 to 2015, and graduated from Stanford Law School in 2003. Outside of work, he DJs and produces electronic... Read More →
avatar for Andrew Crocker

Andrew Crocker

Staff Attorney, Electronic Frontier Foundation
Andrew Crocker is a staff attorney on the Electronic Frontier Foundation’s civil liberties team. He focuses on EFF’s national security and privacy docket, as well as the Coders' Rights Project. While in law school, Andrew worked at the Berkman Center for Internet and Society... Read More →
avatar for Eva Galperin

Eva Galperin

Director of Cybersecurity, Electronic Frontier Foundation
Eva Galperin is the Director of Cybersecurity at the Electronic Frontier Foundation (EFF) and technical advisor for the Freedom of the Press Foundation. She is noted for her extensive work in protecting global privacy and free speech and for her research on malware and nation-state... Read More →
avatar for Kurt Opsahl

Kurt Opsahl

Deputy Executive Director and General Counsel, Electronic Frontier Foundation
Kurt Opsahl is the Deputy Executive Director and General Counsel of the Electronic Frontier Foundation. In addition to representing clients on civil liberties, free speech and privacy law, Opsahl counsels on EFF projects and initiatives. Opsahl is the lead attorney on the Coders... Read More →
avatar for Cooper Quintin

Cooper Quintin

Sr. Staff Technologist, Electronic Frontier Foundation
Cooper is a Senior Security Researcher at the EFF Threat Lab. He has worked on projects such as Privacy Badger, Canary Watch, and analysis of state sponsored malware, IMSI catchers, and other digital attacks on activists, journalists, and human rights defenders. He has also performed... Read More →

Sunday February 28, 2016 5:30pm - 5:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

5:30pm PST

Developing a Rugged DevOps Approach to Cloud Security
Feedback Survey
Your operational tools deliver continuous monitoring and alerting—why doesn’t your security suite? No single path exists to a rugged DevOps approach that works for every organization, but certain key principles and techniques are used by the DevOps elite that give them distinct advantages. You can use these and revamp your organization’s processes and behaviors to gain efficiencies in your security operations. Security can no longer be thought of as being a separate step in a launch. Instead, security must be integrated into the overall processes of development and deployment. As organizations move more deeply into continuous patterns of development and deployment, the importance of implementing continuous security behaviors becomes non-negotiable. Attendees will learn strategies to better understand their value to an attacker, how to better define the battlefield for their own advantage, how to identify potential Rugged DevOps allies within the organization, why it is time to embrace continuous security cycles and automate security acceptance tests as part of the QA process, and the value of operationalizing security alerts and remediation efforts to achieve a more agile security posture.
Speakers
avatar for Tim Prendergast

Tim Prendergast

CEO, Evident.io
Tim Prendergast is cofounder and CEO of Evident.io seeks to help others avoid the pain he endured when helping Adobe adopt the cloud at a massive level. After years of building, operating, and securing services in AWS, Tim set out to make security approachable and repeatable for companies... Read More →

Sunday February 28, 2016 5:30pm - 5:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

6:00pm PST

Happy Hour
Happy Hour, sponsored by Hexis Cyber Solutions.
Sponsors
avatar for Hexis Cyber Solutions

Sunday February 28, 2016 6:00pm - 7:00pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Meal
 
Monday, February 29
 

8:00am PST

Venue Open/Registration
Monday February 29, 2016 8:00am - 9:00am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Registration

9:00am PST

Coffee
Monday February 29, 2016 9:00am - 10:00am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Meal

10:00am PST

Sedating the Watchdog: Abusing Security Products to Bypass Windows Protections
Feedback Survey
A few months ago, we came across a critical vulnerability in a popular security product that could act as a vehicle for a threat actor to bypass the protections of the underlying Windows system. This was only the tip of the iceberg.A deeper research revealed this issue to be present in a multitude of common Anti-Virus (AV) products. This was not something to ignore. In fact, we can assume that apart from AV products, other security products such as Data Loss Prevention (DLP) and other intrusive non-security related products such as app-performance solutions, may potentially rely on this malpractice.Making matters worse, we found a second malpractice in intrusive products which simplifies the process for threat actors to run their exploits.During the following few months we notified popular vendors and collaborated with them on a solution. In a coordinated effort, various vendors have fixed their products and released the necessary patches. In this talk we reveal a detailed description of the vulnerability and its impact. Additionally, we release a tool that the audience can use to validate whether their systems are now secure from this vulnerability.
Speakers
TB

Tomer Bitton

Tomer Bitton has more than 12 years of experience in security research. Tomer focuses on original research such as malware reversing, hostile code and extreme packers. In his prior role, Tomer served as a low-level security researcher at the National Electronic Warfare Research... Read More →
avatar for Udi Yavo

Udi Yavo

CTO, enSilo
Udi Yavo has more than 15 years of experience in security with a proven track record in leading cutting edge cyber-security R&D projects. Prior to enSilo, Udi spearheaded the direction of the cyber-security unit at the National Electronic Warfare Research & Simulation Center of Rafael... Read More →

Monday February 29, 2016 10:00am - 10:55am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

10:00am PST

Digital Intelligence Gathering: Using the Powers of OSINT for Both Blue and Red Teams
Feedback Survey
In today's age everyone puts everything on the Internet. Not only can this present a personal threat, it can also introduce tangential risk to your organization. Seemingly innocent public displays of company pride, human error, and all-to-descriptive LinkedIn profiles are all interconnected pieces of information that can be leveraged by both attackers and defenders in the ongoing battle between red and blue.In this presentation we'll explain and demo how we've leveraged Twitter, Instagram, Google Maps, Whitepages.com, court case records and property records to automate and assist in OSINT discovery. We have integrated it all together in a single custom application, coupled all this with the power of Maltego. These custom transforms can easily be used to identify potential insider threats within your organization, prepare for a red team engagement, or to simply dox all your friends. We will discuss the benefits of this information from both an attacker and defender’s point of view.
Speakers
ED

Ethan Dodge

Ethan Dodge is a Security Engineer currently doing incident response. When not responding to incidents at his day job, he enjoys working on threat research projects. Ethan is a young professional who is passionate about helping others get started in infosec. He is also an aspiring... Read More →
BW

Brian Warehime

Brian Warehime is a Security Engineer currently doing incident response. When not responding to incidents at his day job, he enjoys working on threat research projects. His tools of choice are Maltego and Splunk. Brian has contributed to the community on many open source projects... Read More →

Monday February 29, 2016 10:00am - 10:55am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

10:00am PST

TOOOL
Feedback Survey
Villagers
avatar for Christine Bachman

Christine Bachman

Lockpick Extreme
Bob and Christine's Lockpick Extreme provides fun, informative, entertaining hands-on training in the arts of lockpicking and handcuff escape. Participants learn how to open real world locks and handcuffs using professional tools and techniques. Once mastering the basic skills, students... Read More →
RH

Sponsors
avatar for TOOOL

Monday February 29, 2016 10:00am - 5:00pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Lockpick Village

10:00am PST

Exploiting Broken Webapps
Limited Capacity full
Adding this to your schedule will put you on the waitlist.
Feedback Survey
Web applications can fail in a variety of ways, from Cross-Site Scripting to SQL Injection and more. Join us for a look at a variety of common web vulnerabilities, including Cross-Site Scripting, Cross-Site Request Forgery, Weak Authentication, Logic Errors, and more -- and an opportunity to test your web hacking skills against a simulated online bank. We’ll be covering the vulnerabilities from the ground up, but a basic understanding of web applications (i.e., HTTP, HTML, and JavaScript) and browsers would be useful background.

Participants will need to bring a laptop. Prior experience with server-side programming and an understanding of how web apps are built is recommended.
Villagers
RM
NR
DT

Sponsors
avatar for Google

Monday February 29, 2016 10:00am - 6:00pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Workshop

11:00am PST

Sweet Security: Deploying a Defensive Raspberry Pi
Feedback Survey
Securing the Internet of Things (IoT) has become increasingly difficult. Devices are often shipped with out-of-date operating systems and unmaintained code, which is littered with vulnerabilities. To add to the frustration, traditional security tools cannot be installed on many of these devices. This presentation will demonstrate how open-source software, along with various other free tools, can be used to monitor, protect and mitigate against threats to IoT environments. The session will explore how all of these technologies and methods can be deployed on inexpensive hardware, such as the Raspberry Pi.
Speakers
avatar for Travis Smith

Travis Smith

Senior Security Research Engineer, Tripwire
Travis Smith is a Senior Security Research Engineer at Tripwire. He has over 10 years experience in security, holds an MBA with a concentration in information security, and multiple certifications including CISSP, GIAC and GPEN. Travis specializes in integrating various technologies... Read More →

Monday February 29, 2016 11:00am - 11:55am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

11:00am PST

Sharing is Caring: Understanding and measuring Threat Intelligence Sharing Effectiveness
Feedback Survey
For the last 18 months, MLSec Project and Niddel collected threat intelligence indicator data from multiple sources in order to make sense of the ecosystem and try to find a measure of efficiency or quality in these feeds. This initiative culminated in the creation of Combine and TIQ-test, two of the open source projects from MLSec Project. On this talk, we have gathered aggregated usage information from intelligence sharing communities in order to determine if the added interest and "push" towards sharing is really being followed by the companies and if its adoption is putting us in the right track to close these gaps. We propose a new set of metrics on the same vein as TIQ-test to help you understand what does a "healthy" threat intelligence sharing community looks like, and how to improve the ones you may be a part of today! We will be conducting this analysis with usage data from some high-profile threat intelligence platforms and sharing communities.
Speakers
avatar for Alex Pinto

Alex Pinto

Chief Data Scientist, Niddel
Alex Pinto is the Chief Data Scientist of Niddel and the lead of MLSec Project. He is currently dedicating his waking hours to the development of machine learning algorithms and data science techniques to support the information security monitoring practice. He has almost 15 years... Read More →

Monday February 29, 2016 11:00am - 11:55am PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

12:00pm PST

Lunch
Lunch + Raffle
Monday February 29, 2016 12:00pm - 1:00pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Meal

1:00pm PST

Planning Effective Red Team Exercises
Feedback Survey
An effective red team exercise is substantially different from a penetration test, and it should be chartered differently as well. The scenario, objective, scope, and rules of engagement all need to be positioned correctly at the beginning in order to most closely simulate a real adversary and provide maximum value to the client.In this presentation, we’ll review best practices in each of these areas, distilled from conducting dozens of successful red team exercises - along with some war stories highlighting why each element matters. Those in offensive security will gain an understanding of how to manage the client’s expectations for this process, and how to guide them towards an engagement that provides a realistic measurement of their ability to prevent, detect, and respond to real attacks. Those in enterprise security will gain a deeper understanding of this style of assessment, and how to work with a red team to drive real improvement in their security programs.
Speakers
avatar for Sean T. Malone

Sean T. Malone

Director, FusionX
Sean Malone has conducted full real-world red team attacks against dozens of different organizations. He knows how the adversary thinks and operates, because he has been that adversary countless times in his work as a consultant. Sean works with these organizations to improve their... Read More →

Monday February 29, 2016 1:00pm - 1:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

1:00pm PST

The Ransomware Threat: Tracking the Digital Footprints
Feedback Survey
The continuing evolution of ransomware is a constant threat to businesses of all types. Taking a stroll through the timeline of ransomware from it's infancy to current variants, this session will walk through the methodologies for prevention, containment, and detection... both inside the system and by following the digital footprints to hunt it in the wild.
Speakers
avatar for Kevin Bottomley

Kevin Bottomley

Security Analyst, OpenDNS
Kevin Bottomley is a Security Analyst on the OpenDNS Research team. Throughout the course of the day, Kevin undertakes roles from creating Security Threat Reports for existing and potential clients, working closely with the Customer Support Team, finding new threats and attacks, and... Read More →

Monday February 29, 2016 1:00pm - 1:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

2:00pm PST

Fraud Detection & Real-time Trust Decisions
Feedback Survey
Fraud detection and computer security have a number of interesting parallels as adversarial & technological ecosystems where systems have exploits and attack surfaces.With the advent of the on-demand economy, the window of time between purchase and service delivery -- the period during which businesses can typically aim to identify fraudulent activity -- is becoming shorter and shorter.I'll present a summary of the common ways which in which fraudsters attack online commerce - starting with traditional online storefront attacks, and moving on to the challenges faced in realtime marketplaces.I'll explain a number of the techniques and technologies employed in combating online fraud, and draw parallels with traditional network and application security practices.
Speakers
JA

James Addison

James Addison is a Scottish-born hacker/engineer with varied technology interests and experience, sometimes including the arcane (GDS systems and payment gateways). Most recently, he has been working on payments technology and fraud detection at Lyft.

Monday February 29, 2016 2:00pm - 2:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

2:00pm PST

Access Control in 2016 - deep dive
Feedback Survey
Access control is undoubtedly a critical security mechanism, which is often managed as part of Identity & Access Management (IAM). Unfortunately current access control implementations are often quite crude (e.g. limited to role-based access and account provisioning). This is in contrast to the increasing complexity of the access policies that should actually be implemented - for example, required to meet regulations.As a poor man’s way out, organizations today resort to implementing basic access control mechanisms to meet compliance requirements (e.g. “least privilege”) – but these mechanisms are often too coarse and static to be effective (e.g. “least privilege” is much more than privileged account management).In fact access control comprises many different, often not so well-understood approaches, which should be used by InfoSec professionals and developers to make access control more effective, and manageable while at the same time being technically implementable. Advanced access control approaches are often criticized for being unmanageable, unimplementable, or too costly. In this quite technical session you will learn: why access control policy implementation in 2016 is more complex than you may think, why traditional access control mechanisms are often insufficient, which new approaches are available, and are suitable for what IT/business environment.
Speakers
avatar for Dr. Ulrich Lang

Dr. Ulrich Lang

Founder & CEO, ObjectSecurity LLC
Renowned access control expert with over 20 years in InfoSec (startup, large bank, academic, inventor, technical expert witness, conference program committee, proposal evaluator/reviewer etc.). Over 150 publications/presentations InfoSec book author. PhD on access control from Cambridge... Read More →

Monday February 29, 2016 2:00pm - 2:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

3:00pm PST

Fuzz Smarter, Not Harder (An afl-fuzz Primer)
Feedback Survey
Fuzz testing is one of the most powerful tools in the bug hunter’s toolset. However, many fuzzing platforms require a lot of hard work to first describe a targeted format or protocol. These tools also often require a lot of resources, time, or both. American Fuzzy Lop (afl-fuzz) from Michal Zalewski (lcamtuf) overcomes these challenges with novel code instrumentation techniques combined with a highly optimized forking process. This talk steps through an entire process for using afl-fuzz and other tools like address sanitizer (ASAN) and !exploitable to identify and classify exploitable software bugs. Specific example steps for building and fuzzing AFL instrumented Ubuntu packages will allow attendees to quickly start finding 0-days in software deployed on millions of computers world-wide.
Speakers
avatar for Craig Young

Craig Young

Security Researcher, Tripwire
Craig Young is a computer security researcher with Tripwire's Vulnerability and Exposures Research Team (VERT). He identified and responsibly disclosed hundreds of vulnerabilities in products from Google, IBM, NETGEAR, Adobe, HP, Apple, and others. His research resulted in numerous... Read More →

Monday February 29, 2016 3:00pm - 3:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

3:00pm PST

Using Behavior to Protect Cloud Servers
Feedback Survey
Cloud server adoption has exploded in the last 5 years. Nearly every business is using some kind of IaaS, PaaS platform. Securing these cloud servers is challenging. The ease of access by developers, contractors, web admins and more needs to be balanced with security. Using rule based access security can only go so far. Once SSH keys and tokens are compromised, an attacker can wreak havoc.Behavior based real time analytics can help create a dynamic fingerprint of an automated service like Jenkins or of an employee. We will show an example of dynamic privilege management to identify and stop insider threats and privilege escalation attacks in real time. See how you can apply next generation privilege management principles to secure your assets.
Speakers
avatar for Anirban Banerjee

Anirban Banerjee

CEO and Founder, Onion ID
Dr. Anirban Banerjee is a serial entrepreneur in the Internet security space. Anirban has a Ph.D. in Computer Science from the University of California at Riverside and specializes in computer security issues. Anirban has over 15 published scientific papers, 4 patents and 2 grants... Read More →

Monday February 29, 2016 3:00pm - 3:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

4:00pm PST

Elliptic Curve Cryptography for those who are afraid of mathematics
Feedback Survey
To fully understand Elliptic Curve Cryptography to a point where you could use it in practice, you would need to spend years inside university lecture rooms to study number theory, geometry and software engineering. And then you can probably still be fooled by a backdoored implementation.I won't be able to change that in a short talk. What I will do, however, is explain the basics of ECC. I'll skip over the gory maths (it will help if you can add up, but that's about the extent of it) and explain how this funny thing referred to as "point addition on curves" can be used to exchange a secret code between two entities over a public connection.I will also explain how the infamous backdoor in Dual_EC_DRGB (a random number generator that uses the same kind of maths) worked and what went on at Juniper.At the end of the presentation, you'll still not be able to find such backdoors yourselves and you probably realise you never will. But you will be able to understand articles about ECC a little better. And, hopefully, you will be convinced it is important that we educate more people (possibly you) to become ECC-experts.
Speakers
MG

Martijn Grooten

Martijn Grooten once worked as an academic researcher in pure mathematics, until he suddenly found himself working in computer security. He liked this so much that he turned his profession into his hobby. He has spent years working on email and web security, but has a broad interest... Read More →

Monday February 29, 2016 4:00pm - 4:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

4:00pm PST

The Art of the Jedi Mind Trick
Feedback Survey
The hacker/security community continues to struggle with how to get our message across to others. We know what's wrong, what's insecure, and what needs to be done to fix the problems. BUT...we seem to hear more stories about failure rather than success stories. Maybe WE are part of the problem. It's easy to give a talk at a conference where you're "preaching to the choir" and everyone speaks your language, but how do you fare when you are trying to give the message to your boss, or your bosses' boss, or C-Level management? This talk will explore a variety of techniques that I’ve learned over my 20+ years of consulting/advising customers about how to get the right message to the right people so real change happens. I'll explore obstacles, attitudes, and challenges that I've faced in hundreds of companies; practical methods for getting your point across; helping others to understand what you are saying; learning to speak their language; and helping them to draw the desired conclusion. This is part art, part science, and maybe a little luck - but I believe there are skills you can learn that will make you a successful communicator and get your message heard.
Speakers
avatar for Jeff Man

Jeff Man

Security Strategist, Tenable Network Security
Jeff Man is a Strategist and Security Evangelist at Tenable Network Security. He has over 30 years of experience working in all aspects of computer, network, and information security, including risk management, vulnerability analysis, compliance assessment, forensic analysis and penetration... Read More →

The Art of the Jedi Mind Trick BSides Edition pptx
Monday February 29, 2016 4:00pm - 4:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

4:30pm PST

APT Reports and OPSEC Evolution, or: These are not the APT reports you are looking for
Feedback Survey
We will discuss how advanced threat actors learn and change with innovation in security defense and constant APT reports, and how we can get better.
Speakers
avatar for Gadi Evron

Gadi Evron

CEO, Cymmetria
Gadi Evron is the CEO and Founder of Cymmetria. An accomplished and highly connected technology, strategy and innovation leader, Gadi has held leading roles in the world’s biggest InfoSec companies. He was also founder of the ISOI conferences (Information Security Operations & Intelligence... Read More →

Monday February 29, 2016 4:30pm - 4:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

4:30pm PST

Mobile App Corporate Espionage
Feedback Survey
Corporate espionage is at an all-time high, and in terms of data risk threats, is second only to financially motivated data breaches according to the Verizon data breach investigations report. Whether your team is designing in-house mobile apps or leveraging 3rd parties for mobile apps, the apps may contain risky behaviors. These behaviors can stem from malicious 3rd party SDKs or code injected by the developer that can allow sensitive corporate secrets and documents to be leaked through out-of-band communications. This session will explore real-word examples of corporate espionage techniques that leverage hidden behaviors in seemingly innocuous mobile apps.
Speakers
avatar for Michael Raggo

Michael Raggo

Director, Security Research, MobileIron, Inc.
Michael T. Raggo, Director of Security Research, MobileIron, Inc. has over 20 years of security research experience. His current focus is threats and countermeasures for the mobile enterprise. Michael is the author of “Mobile Data Loss: Threats & Countermeasures” and “Data Hiding... Read More →

Monday February 29, 2016 4:30pm - 4:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

5:00pm PST

Sucker-punching Malware: A Case Study in Using Bad Malware Design Against Attackers
Feedback Survey
Software developers have provided unlimited job security for the infosecindustry. Likewise, malware authors also have a history of making baddesign choices that allow defenders opportunities to use those mistakesagainst them. Between failed crypto implementations in ransomware to"license verification" of commercial malware tools, even malware softwaredevelopers suck.This talk will focus on several case studies, one being of AlienSpy/JSocket and the design decisions made by the author that can be used to great effect to disable the malware world-wide. The earlier version, AlienSpy, was knocked outworldwide forcing the developer to create an entire new version of the malware and have all his customers reinstall (potentially losing theirvictims). Others will be added for interesting current events.
Speakers
avatar for John Bambenek

John Bambenek

Manager, Threat Systems, Fidelis Cybersecurity
John Bambenek is Manager of Threat Systems for Fidelis Cybersecurity. He specializes in surveillance of online threats and disruption of ongoing campaigns. He speaks at conferences around the world and runs several private intelligence groups focusing on takedowns and disruption of... Read More →
avatar for Hardik Modi

Hardik Modi

VP Threat Research, Fidelis Cybersecurity
Hardik Modi is the VP for Threat Research at Fidelis Cybersecurity where he manages the team responsible for the collection, analysis and distribution of threat intelligence to our customers worldwide. He has over 15 years of experience in the network and security industry.

Monday February 29, 2016 5:00pm - 5:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

5:00pm PST

Why Can't We Have Nice Things? Conflict Resolution in Information Security
Feedback Survey
Conflict can be a good thing, really. Without it, we get groupthink and dumbass decisions. But how we approach and resolve conflicts can make the difference between healthy conflict and an unproductive, frustrating fight. Why do we have so much of the latter?My graduate research on the conflict resolution style preferences of information security professionals sheds light on the “culture of no”: why infosec conflict so often results in fights, why we keep burning bridges to make a point, and why people can be unwilling to talk to us. More importantly, this research gives us ideas on how we can resolve conflicts without burning all the bridges – in other words, how we can begin to have nice things.(No hackers or statistics were harmed in this research.)
Speakers
avatar for Rachael Lininger

Rachael Lininger

Leviathan Security Group
Information security analyst, risk consultant, Cthulhu cultist. Lawful good. Opinions belong to her autocorrect, not her employer. @0xdaeda1a

handout.pptx pdf
Monday February 29, 2016 5:00pm - 5:25pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA

5:30pm PST

Employee Hijacking: Building a hacktober awareness program
Feedback Survey
Security awareness can be one of the driest and most boring topics for employee's. You hate giving it, and they hate sitting through it. Lets change that. Learn how to create an annual Hacktober program that teaches employees important lessons, as you hack them all month long, in the name of security awareness. Employees win prizes, and your human attack surface gets better prepared.
Speakers
RB

Ryan Barrett

Ryan has over a 15yrs of experience with strategic information security management and advisory services to align security and privacy to the business. His areas of expertise include compliance, systems and network security, vulnerability assessment, security operations, monitoring... Read More →
NB

Ninad Bhamburdekar

Security Engineer, Intermedia
DH

Dylan Harrington

Security Engineer, Intermedia

Monday February 29, 2016 5:30pm - 5:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 1 - Main Room

5:30pm PST

Advanced techniques for real-time detection of polymorphic malware
Feedback Survey
In this Session, we will introduce the audience to various techniques that are used in the identification and classification of polymorphic malware. By definition, polymorphic malware easily evades traditional signature based detection methods. Approximation Matching algorithms such as ssdeep have had much greater success in detecting polymorphic files. The ssdeep hash is one of the more popular attributes that is computed for a file by a number of sites such as VirusTotal, Malwr and Anubis. Newer algorithms using bloom filters have also shown great promise in detecting polymorphic malware. This session gives an overview of these various algorithms and compares their efficiency and performance.While ssdeep is a good tool for comparing two known files, it becomes computationally expensive when a new file (and its ssdeep hash) is to be compared with a large database of existing ssdeep hashes to determine the closest match. In this session, we enumerate a class of techniques which reduce the lookup time significantly and allow for fast detection of similar files. These techniques are then extended to the classification of polymorphic malware and we show the efficacy of these techniques with real data collected from the field. We then analyze the performance of these algorithms both from a speed as well as their success rate.
Speakers
AT

Ajit Thyagarajan

Ajit Thyagarajan is an independent Security Researcher. Until recently, he multiple Director positions at Fidelis Cybersecurity. His area of research is new techniques for the detection of malware using network tools. Prior to Fidelis, he was heavily involved in with Internet Protocols... Read More →

Monday February 29, 2016 5:30pm - 5:55pm PST
DNA Lounge 375 11th St, San Francisco, CA 94103
  Track 2 - Above DNA
 
Filter sessions
Apply filters to sessions.
Sunday, February 28
Monday, February 29
  • Lockpick Village
  • Meal
  • Registration
  • Track 1 - Main Room
  • Track 2 - Above DNA
  • Workshop
    • DNA Lounge