A lot of people have talked about the potential of mobile malware. This is real stuff. In this talk we look at tools and techniques that have been used in the wild and draw some conclusions. Example of a skyrocketing (and profitable) malware threat, one technique for distributing malware and one piece of malware you willingly install on your phone.

Bio

James has worked in a variety of Engineering and Information Technology positions including serving as a Director of IT and several consulting gigs.  James’ primary area of interest at Team Cymru is data processing, and additionally has spent time focusing on generalized solutions to Information Security problems and process automation.

The post James Shank | The State of Mobile Malware appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

Security competitions are an important part of educating and providing simulated real-world information security experience to students. They provide a sandbox that is intended to simulate the types of network services and scenarios that will be encountered in the modern enterprise. The Information Security Talent Search (ISTS) is one such competition hosted annually by the Rochester Institute of Technology. Recognizing the importance of voice services in the modern business, the ISTS team developed a more comprehensive voice architecture for ISTS 12 in 2015. This talk explores the infrastructure that was developed, vulnerabilities that were introduced, operational results of the competition, and ideas for future growth. It is ideal for students and organizers of security competitions, as well as those who are new to voice over IP, Asterisk, and the security concerns surrounding these topics.

Bio

Anthony Critelli graduated summa cum laude from the Rochester Institute of Technology with a B.S. in Networking and Systems Administration in May 2014. He designed, deployed, and operated the voice infrastructure for the 2015 Information Security Talent Search at RIT. He has a strong interest in voice over IP and its security, particularly as implemented on Asterisk platforms. Anthony currently works in network operations at Harris Corporation.

The post Anthony Critelli | Implementing Voice over IP in Security Competitions appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

With all the different possible layers of Defense in Depth, security professionals often ask how much do I really need to know to effectively apply Defense in Depth in protecting assets and data. There’s a professional certification in IT security where the exam is often described as a “mile wide, an inch deep”. This talks seeks to discuss the reality of how information security requires that professionals go beyond the basic understanding of layers they are implementing to learn and properly apply defense in depth.

Bio

Ryan is currently an IT Security and Compliance Manager with a local government entity and an independent security consultant. He has over 10 years experience in IT and IT Security including security operations, monitoring, incident response, and compliance. He attained his Bachelor’s degree in Information Technology at the University of Central Florida and holds CISSP, CISA, and EnCE certifications.

The post Ryan Buenaventura | Defense in Depth – A Mile Wide, A Mile Deep appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

Wanna teach your kid to be a hacker but don’t know where to start? Security is a fairly complex topic but games offer the best way for kids to learn the basics. This presentation not only reviews a sample of existing games that teach security fundamentals to a younger audience but also discusses a new crowdsourced project to catalog similar fun and entertaining ways to teach kids security. This project could help spur interest in later university and other programs and potentially a career … or at least make our children a more security-conscience adult in whatever field they choose.

Bio

grecs has almost two decades of experience, undergraduate and graduate engineering degrees, and a really well known security certification. Despite his formal training, grecs has always been more of a CS person at heart going back to his VIC-20, Commodore 64, and high school computer club days. After doing the IT grind for five years, he discovered his love of infosec and has been pursuing this career ever since.

The post grecs and pupstrr | Project KidHack – Teaching the Next Next Generation Security through Gaming appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

Business Intelligence is one of the many powerful types of information we can gather on targets through reconnaissance. However, besides using search engines, many of the sites available either have restrictions in place to try and protect customer data or have API services which require paying for credits. As hackers, it is in our nature to try and evade these types of restrictions in order to obtain the data we are in need of.

I will demonstrate a case example of bypassing and abusing LinkedIn business processes to gather intelligence on your target. Who said reconnaissance can’t be sexy?

Bio

Danny Chrastil is a hacker of all things web. Coming from a past life of web development and system administration, he has retained his passion for writing code and enjoys writing scripts that make hacking more efficient and interesting. Danny is a Sr. Security Consultant for HP Fortify on Demand, and has been in web application security for 6 years.

The post Danny Chrastil | What I know about your Company! Hacking LinkedIn Business Processes appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

Kerberos, besides having three heads and guarding the gates of hell, protects services on Microsoft Windows Domains. Its use is increasing due to the growing number of attacks targeting NTLM authentication. Attacking Kerberos to access Windows resources represents the next generation of attacks on Windows authentication.In this talk Tim will discuss his research on new attacks against Kerberos- including a way to attack the credentials of a remote service without sending traffic to the service as well as rewriting tickets to access systems.He will also examine potential countermeasures against Kerberos attacks with suggestions for mitigating the most common weaknesses in Windows Kerberos deployments.

Bio

Tim is a senior technical analyst at Counter Hack, a company devoted to the development of information security challenges for education, evaluation, and competition, as well as security consulting. Tim is also a Certified Instructor with SANS.

Tim dislikes pants.

The post Tim Medin | Attacking Kerberos: Kicking the Guard Dog of Hades appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

This presentation is on the new Presidential Executive Order for promoting private sector information security sharing. For the first time in history, we have reached the point of shifting minds toward encouraging to share security-related information with third-party organizations and the government. As a result of this Executive Order, the creation of information sharing and analysis organizations (ISAO) will be drastically increasing. An ISAO is a not-for-profit community, a membership organization, or a single company facilitating sharing among its customers or partners.

“Rapid information sharing is an essential element of effective cybersecurity, because it enables U.S. companies to work together to respond to threats, rather than operating alone. This Executive Order lays out a framework for expanded information sharing designed to help companies work together, and work with the federal government, to quickly identify and protect against cyber threats.” – U.S. White House.

Bio

Christopher Martinez is an IT Security Engineer working primarily with multiple SIEM technologies at ReliaQuest and a graduate in the Management Information Systems program from the University of Tampa.

The post Christopher Martinez | Executive Order: Private Sector Cybersecurity Information Sharing appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

As technology progresses, governments have been using electronic means of attacks more and more to further their agenda. By relying heavily on misdirection and misinformation, advanced government red-teams have gotten away with attacks for a long time without any sort of punishment.

This presentation will present an analysis of these team’s anonymization and attack methodology and explain how you as a “penetration tester” can make use of these techniques.

Bio

Jonathan is an information security professional working at ReliaQuest, LLC in Tampa, FL. He was a member of WCSC at USF and his current areas of focus are on penetration testing, cybercrime, malware and threat intelligence. Go buy him a drink and invite him to as many parties as you can.

The post Jonathan Echavarria | Hiding your attacks with misdirection like appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

Get ready to explore the exciting world of malware reverse engineering as we take a look at the destructive software used during the November attacks against Sony Entertainment. This presentation will take a look at the static analysis, dynamic analysis, and network forensics that compose a complete picture of the wiper malware that gained an unparalleled amount of media attention. We will take a close look at the methods Destover used to defeat security properties such as confidentiality, integrity, availability and the overall malware’s methods of persistence, obfuscation, and self-modification.

Bio

Vincent Moscatello is a junior pursuing a degree in Computer Science at the University of Florida. He currently serves as the teaching assistant for CIS 6930/4930: Malware Reverse Engineering and acts as the president of the Student Infosec Team, UF’s information security club.

The post Vincent Moscatello | Destover: Inside the Malware at Sony Entertainment appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.

The National Cyber Range (NCR) is an innovative Department of Defense (DoD) resource originally established by the Defense Advanced Research Projects Agency (DARPA) and now under the purview of the Test Resource Management Center (TRMC) (a Field Activity of the Office of the Under Secretary of Defense for Acquisition, Technology and Logistics [OUSD (AT&L)]). It provides a unique environment for cybersecurity testing throughout the program development life cycle using unique methods to assess resiliency to advanced cyberspace security threats. This presentation describes what a cybersecurity range is, how it might be employed, and the advantages can be gained in applying the results of range events. Creating realism in a test environment isolated from the operational environment is a special challenge in cyberspace. Representing the scale and diversity of the complex DoD communications networks at a fidelity detailed enough to realistically portray current and anticipated attack strategies (e.g., malware, distributed denial of service attacks, cross-site scripting) is complex. The NCR addresses this challenge by representing an Internet-like environment by employing a multitude of virtual machines and physical hardware augmented with traffic emulation, port/protocol/service vulnerability scanning, and data capture tools. This presentation provides an overview of the operation of the NCR. This will be especially relevant to the B-Sides-Orlando participants who are learning more about government and industry actions to secure their systems and also since the prime contractor that operates the NCR, Lockheed Martin – MST is located here in Orlando.

Bio

Anne Tall is a Lead Information Systems Security Engineer at the MITRE Corporation, a Federally Funded Research and Development Corporation. Currently, her primary responsibility is as a Test Director for the National Cyber Range. Anne obtained a BSEE from University of Maryland, and MSEE from Johns Hopkins University and is currently working toward a PhD in Computer Engineering at UCF.

The post Anne Tall | National Cyber Range appeared first on Security B-Sides Orlando - April 11 – 12, 2015 -.