Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: blackhat

Vegas Baby!

It’s been an odd year so far… the blog has been quiet, and I’ve stepped back a little due to personal reasons over the past few months. Still, it’s overdue time for the summer cons, and this years trivector of chaos (BSidesLV, Blackhat and Defcon) is looking to be the biggest yet.

This will be my 4th trip to Las Vegas, and one thing I learnt from my first visit was to “throw the plans out the window!”. I spent far too long planning each and every aspect of my trip that first year, and as a result I missed out on a lot of things. Still, live and learn eh!

There will (almost) always be the chance to go back and watch the videos from most presentations (excluding those from Skytalks and the underground track at BSidesLV). So take time to meet people, talk shop and discuss things. One of my big goals this year is to meet new people… so say hi if  you see me. I only bite when provoked ;)

Instead of setting things in stone I wanted to pick a couple of talks I really want to hit when in Vegas. So, without further ado, here’s my top talks to attend… it’s a short list, so don’t take offence if you’re talks not on it. Sorry….

- BSidesLV -

Top Picks:

  • Empirical Exploitation (HD Moore)
  • Burp Suite – Informing the 99% of What the 1%’ers Are Knowingly Taking Advantage Of (James Lester & Joseph Tartaro)
HD always puts on a good show, so I’m interested to see what comes out from his bag of crazy this year. The Burp Suite talk also looks to be interesting. Like many I spend a good deal of my life stuck in Burp Suite, so anything that can be done to expand and improve is a good thing in my book!

Bonus Round:

  • Breaking Microsoft Dynamics Great Plains – An Insider’s Guide (David Keene)

I have a soft spot for Microsoft Dynamics, as my girlfriend is an AX programmer… What can I say ;)

Note:

BSidesLV has an entire track (underground) that won’t be recorded or discussed in the press… if you can, these are probably some of the best talks to see. Unedited, raw, and unapologetic!

- Blackhat -

Due to Blackhat and BSidesLV taking place at the same time I’m not sure how long I’ll have to look around and see talks. Still, if possible I want to swing by and catch at least one talk…

Top Picks:

  • SexyDefense – Maximizing the home-field advantage (Iftach Ian Amit)
  • Confessions of a WAF Developer: Protocol-Level Evasion of Web Application Firewalls (Ivan Ristic)
I’m interested to see where Ian has gone with this since discussions (started?) in Cali last year. Sexy Defense has been talked about a lot, so I hope to see some actionable pointers.

Bonus Round:

  • iOS Security (Dallas De Atley)

How can I not put Apple’s official talk on the list… although I’m not heavy into iOS or mobile, I’m interested to see what Apple talk about, given their historic silence on anything even remotely security related!

- Defcon 20 -

Defcon turns 20… almost old enough to get wasted and wake up in its own vomit! Still, this year looks like it’s going to be fun.

Top Picks:

  • Don’t Stand So Close To Me: An Analysis of the NFC Attack Surface (Charlie Miller)
  • Uncovering SAP Vulnerabilities: Reversing and Breaking the Diag Protocol (Martin Gallo)
  • Weaponizing the Windows API with Metasploit’s Railgun (David ‘thelightcosine’ Maloney)

SAP, NFC and Metasploit… what’s not to love!

Bonus Round:

Note:

Skytalks are a side area where unrecorded presentations take place. Last year it was home to some of the best presentations of the con… if you take the time to see just one talk, make it something from Skytalks!

Hope to see you in Vegas!

Bigger, Better, Faster, More!

Las Vegas – The entertainment capital of the world.

Where your every desire is catered for, and you never have to go without. If there’s another place on earth with so many flashy lights, then I’ve certainly never heard about it!

Still, When I saw that this year Blackhat had gone to 11 tracks, I couldn’t help but think they’d were going a little bit too far, even for Vegas!

There’s a fine line between offering good content and swamping visitors with just too much choice…  and no matter how much I try, I just can’t help but get the feeling that Blackhat Las Vegas just jumped the shark!

I go to more than my fair share of conferences, and one thing that connects them all for me is the excitement and anticipation I get when looking over the list of speakers and talks. Picking out the ones I really want to see, the people I want to meet and the things I want to learn about, are one of the highlights of a conference for me. The build-up is almost as important as the event after all. When I saw the schedule for this years Blackhat however, I didn’t feel excited. It wasn’t because there were no good talks, because there were a lot of great talks and great speakers. It was just too much. In my mind Blackhat had hit that point where it just didn’t matter what talks people went to anymore. It was just too big, too complex, and too confusing to me. I couldn’t help but get the feeling that no matter what talk I saw, I’d always be thinking about the other 10 tracks and what I was missing out on!

Maybe it’s just me, maybe everybody else thinks this was the best Blackhat ever. Everybody has his/her own opinion, and mine is that Blackhat (at least in Vegas) is dead to me. I doubt I’ll be attending next year for the new improved 12 track program (they have to make it more impressive next year after all… there’s no backing down now!). If you want to find me, I’ll be sitting by the pool at BSides talking to people who do this for the love of it, and not the money.

Blackhat/BSides/DefCon

I’ve been putting off my selections for this years Blackhat/Bsides/DefCon for as long as I could for a number of reasons. The biggest is, that I have absolutely no idea where I should be and what I should be trying to see. As if things weren’t already confusing enough, this years conferences schedules are even more packed than last years. More tracks at Blackhat, and the addition of BSides (which I totally missed last year).

Still, I guess it’s about as late as it can be, and it’s time to put down a few key presentations that I hope to see. I’m going to limit myself to 3 per conference, as after last year, I know that seeing that talks isn’t as easy as it seems ;)

  • Ivan Ristic: State of SSL on the Internet: 2010 Survey, Results and Conclusions Routers
  • Nathan Hamiel, Marcin Wielgoszewski: Constricting the Web: Offensive Python for Web Hackers
  • Barnaby Jack: Jackpotting Automated Teller Machines Redux

  • Dave Kennedy (Rel1K): SET 0.6 release with special PHUKD Key
  • frank^2: Fuck Tools, Do It yourself Jerk
  • Frank Breedijk, Ian Southam: The road to hell is paved with best practices

  • Ed Schaller: Exploiting WebSphere Application Server’s JSP Engine
  • Joseph McCray: You Spent All That Money And You Still Got Owned…
  • Chema Alonso, José Palazón “Palako”: FOCA2 – The FOCA Strikes Back

I’ll be in town a few days before the conference to take part in some training… so if anybody is about and wants to catchup for some drinks, just shoot me a message.

Looking forward to seeing you all in Vegas…

Who’s your mentor baby!

One of the big things I’ve always thought the InfoSec community lacked was a solid and supported mentor program. InfoSec is one of those industries where everybody goes their own way, takes their own path and learns their own thing. Personally I appreciate this, as I like the variety that it offers. For people new to the industry though, it’s hard to find the path they need/want to take. So often management pigeonhole people into “security” without the understanding that alone this word doesn’t mean anything.

If you work in “security” you could be an auditor, a penetration tester, a compliance expert, a forensic analyst, an intrusion detection expert…. the choices go on and on. It you don’t believe me, just check out the SANS “20 coolest jobs in information security“. So what do you want to be today?

After the success of the Mentors Workshop at SOURCE Boston 2010, the InfoSecMentors project is being extended from a workshop into a living and breathing project. Here’s what they say on their site:

Inspired by the Mentors Workshop at SOURCE Boston 2010, the InfoSec Mentors project hopes to increase the positive impacts of mentoring relationships in the Information Security community.

For the next few months, the InfoSec Mentors project will be collecting volunteers from both the mentor and mentee camps. The project will match participants based on their experience and interests. Then, in July during Security B-Sides and DEFCON, we will all meet up with our perspective matches.

We recognize that not all mentor relationships are for life. Sometimes it’s just nice to have someone at the cons you are looking forward to grabbing lunch with. Whatever the reason, we hope that we can match you up with a great mentor/mentee or both!

For those of us lucky enough to be flying to Vegas fo Blackhat/BSidesLV this looks like a great chance to find somebody who you can help, or who can help you develop as an InfoSec professional. I see this as a great chance to learn and communicate with others. Whether you’ve been in the industry for 10+ years, or you’re just starting out (like myself), both sides can learn from the other.

Right now the project is still finding it’s footing and for those of us stuck in Europe it seems a little far off. The face-to-face meeting (such as the one proposed for Blackhat/BSidesLV) is however an optional component designed to make things easier to handle and create a more personal bond between the mentor and mentee. Although a little harder to do through email alone, I see no reason that this can’t be done. Hopefully we’ll also be able to bring over the InfoSecMentor project to Europe soon and start working on a more global scale!

If this project is interesting for you, I’d suggest heading over to infosecmentors.com and registering. Who knows, it might be the best thing you’ve done for your career!

Links:

Follow

Get every new post delivered to your Inbox.

Join 120 other followers