BSidesSATX 2014

TALK ABSTRACTS

Registration is OVER!!

TRACK 1

9:00 The "Dodge" Protocol: Dynamic Addressing for the Breach Generation

Mr. Frank Grace ImageGard LLC 

If someone were to take a swing at you, wouldn't you dodge?  In March of 2013, speaker Frank Grace realized something: hosts within modern communication networks cannot truly dodge attacks.  Not only that, hosts on a common wire are normally able to communicate without restrictions, leaving themselves open to attack from one another.  Join Frank as he explores and discusses the need for and the workings of a protocol he and others are designing to "address" these two problems and take security to the next level.

10:00 CCDC Red Team

Matt Weeks @scriptjunkie

The CCDC red team year-end highlights, lessons learned, and all the secrets we've been hiding from the regional qualifiers to the national finals. It's been an exceptional year, and you won't want to miss the ways we hacked and hid from the most paranoid student sysadmins in the nation, the fun that was had by all, and the defenses that hurt us the most. For everyone who wants to know how to build your own intrusion set, better compete, or just secure your network.

11:00 Bug Bounties. Like a Boss

Johnathan Kuskos

2013 was a big year for responsible disclosure.  Nearly 100 companies are now participating in open bug bounties where the general public is allowed to hack them in exchange for fame, money, or out of a general "do good" responsibility for their fellow man.  This talk will start off with a history of bug bounties and how they've grown, detail the benefits for the researcher and the participating company, but mainly focus more on how to be a successful bug bounty hunter yourself.  I will be discussing and live demoing different hacking strategies that will allow for valid submissions.

12:00 Lessons from the BSides 2013 World Champion Social Engineer

Victoriano Casas III

Information Security is hard….but no technology will protect you from the human error.  In this session, the presenter will share his experience as a first time competitor who ended up walking away with the 2013 World Championship Social Engineer Belt (yes, a really, really, really big belt, like the wrestle-mania guys – and yes, the belt will be there to see).

1:00 Shimming for Persistence

Adam Tyra 

Many security professionals are familiar with a variety of methods used by malware to persist on a target host. These include patching existing applications and modifying the Windows registry to start an application at boot time. However, there are other methods which are not generally considered malicious and are used by both legitimate software developers and malware authors. I will discuss one such method- "shimming". The discussion will describe what shimming is, how it is accomplished, and why it is particularly difficult to prevent or discover using normal security tools.

2:00 A Little Log can catch a Credit Card Skim

Michael Gough

Target, Neiman Marcus and Michael's all got hammered with the largest Credit Card Breach in history.  Why didn't they detect this attack?  Turns out the data was there, they just didn't know what to look for.  This talk will walk through BlackPoS/Kaptoxa malware, what it did and how to detect this type of attack.  it was far from sophisticated and made more noise than most malware does.  Learn what it did and how you can detect this type of advanced malware.

3:00 Treasure Hunting in Virtual Appliances

Jeremy Galloway

Everyone from Fortune 500 mega corporations, to SMBs, to individual users, use virtual appliances in their environment. Typically, we download these from the vendor website, install into our virtual environment (vSphere, VMworkstation, Zen, etc), and assume/hope that the vendor secured it properly. Without aggressive testing though, we really don't know how secure these platforms are. When creating virtual appliances for distribution, vendors often leave behind sensitive information that can be retrieved with known infosec methods; I call this "treasure hunting". None of the techniques used require highly advanced or specialized knowledge, which makes this topic applicable for grey-beard sysadmins who use virtual appliances to run their company to joe-user, who downloads virtual appliances for personal use. The first half is offense focused "think like an APT", and the second half is forensics focused and how to defend yourself.

4:00 Security Hopscotch

Chris Roberts - One World Labs 

As humans we move between the various electronic domains within our lives. We are familiar with those on our desks and in our pockets…we have been made aware of the ones in the transportation we use and the interactions with the world around us…but now we’re moving into the “Age Of Everything”. We live in houses controlled by remote interfaces, we move around in vehicles that carry our breathing lives as well as our electronic ones. We take it for granted that we can remain connected whenever and wherever we want…yet we don’t really think “how” does this happen…we know and understand elements of the jigsaw but for the most part these considerations are segmented and fragmented. This talk aims to put ALL the pieces together, to show correlation between each of the domains we interface with…and ultimately to play a game of Security Hopscotch between each of them…while maintaining end-to-end connectivity. Quite simply we are going to “demonstrate” how to take control of the Western USA Power Grid by initiating a hack of the Oven you have at home…and tie everything between those not-so-disparate systems. Enjoy the ride. 

TRACK 2

9:00 Choose to Lead: The Information Security Profession Needs You!

Phillip Beyer

The Information Security profession is what we choose to make of it. Who we lead, how we lead, and why we lead are all important. Start with yourself; lead a tribe; inspire a movement; change the world.

10:00 APT Advanced Poaching Tactics - How Intruders Steal Credentials

Randy Robbins and Scott Lippenholz

From initial reconnaissance to data exfiltration advanced threat actors are working to gain access to sensitive information from their targets. To gain the access they need, intruders steal the credentials of those who have access to the information they want. This talk will show live demos of the malware and tools intruders use to gain access to both local system credentials and domain credentials. Examples of custom malware developed by advanced actors to steal credentials to move laterally across networks will be reviewed. Remediation has to include not only removing all malware installed by intruders, but also securing the credentials stolen. We will show how to perform enterprise credential assessments, remediate credential issues and implement best practice credential policies.

11:00 Coding and hacking for fun and entertainment

Kyle Maxwell

Rather than raid for more epic purples on your Level 90 Dwarven Warrior or boomheadshot some n00bs, you can spend your "gaming" time doing what we love best: hacking for sheer entertainment value. We'll talk about all sorts of different ways to do this, from hacking CTFs to mathlete coding competitions.
This talk has something for all skill levels. Whether you're an old hand at assembly coding since the 8088 or just started learning about HTML and Excel macros; whether you smashed the stack for fun before there was profit or think the padlock in your browser means the server is secure; there's something here for you.

12:00 Incident Response: The Good, The Bad & The Ugly

David Balcar

In this presentation, David Balcar will give attendees the good, the bad, and the ugly of Incident Response (IR). He will cover the successes of Incident Response, as well as the pitfalls with real world examples from the Entertainment, and Banking and Finance industries. In addition to this, David will explain how to integrate teams and the tools that can be used.

1:00 When the Plan Comes Together: Preparing and Executing Phone Pretexts

Aaron Crawford - Lares Consulting

Learn how to effectively plan and execute phone pretexts for social engineering. Real world examples are given and a walk-through of one of the most impossible social engineering attacks is demonstrated and explained. Walk away with an effective way to plan your social engineering attacks as well as new software to aid in the attack. (Yes new tools are being released for social engineering at this talk.)

2:00 Networking without a computer? The value of soft skills in the InfoSec world

Chip Meadows

Have you ever been turned down for a job that you are more than qualified for? Do you tell folks how to build a cesium clock when asked what time it is? Do you not go to mixers because the people "bore you"? Can you not get the funding to replace your 486 laptop? Do you scoff at the sales and marketing team and get upset because your never let out of the server room? Join Chip as he talks about the value of "soft", personal communication skills. In this day, your technical skills need to be immediately followed by communication skills. And I am going to tell you why and how.

3:00 These Aren't The OID's You're Looking For - PKI Certificate Enumeration

Steven Bernstein

Establishing Electronic Trust is becoming a more important part of the digital landscape than ever before.  This presentation aims to do two things: One is to use allegory and a story like approach to explain what PKI is without the math.  The other seeks to paint a picture of the impact to doing business and where the road looks to be going.