Topic Abstracts

Topic Abstracts

Title: “Open Source Intelligence – What Color Underwear are you wearing today?”

Abstract :

The sheer number of data points about you online can tell anyone most anything about you.
OSINT - the only discipline that is both a necessary foundation for effective classified intelligence collection and analysis, and a full multi-media discipline in its own right.
The lost art of intelligence tradecraft is reborn through OSINT and cyber intelligence.
America's enemies scour blogs, forums, chat rooms and personal websites to piece together information used to harm the United States. They target you!
Find out what foreign intelligence organizations, hackers, cyber criminals and adversaries know about you.
Learn how and what to look for: “80% of what I needed to know as CINCENT I got from open sources rather than classified reporting. And within the remaining 20%, if I knew what to look for, I found another 16%. At the end of it all, classified intelligence provided me, at best, with 4% of my command knowledge." - General Tony Zinni, USMC (Ret.), former Commander-in-Chief, U.S. Central Command (CINCCENT)
Do you know what your data foot print is on online? Your adversaries do.
Open Source Intelligence is a critical aspect of asymmetric cyber warfare. It is part of the mosaic defense and one practiced as a method of unrestricted warfare.
This is not OSINT for firewalls and IDS. This is OSINT that ties to cyber espionage and spying. It is the future of Cyber.

Title: “Presenting a Hard Target to Attackers – Roadmap to Securing Your Enterprise”

Abstract : For years we have been tracking developments in security, and recent events are indicating that we are reaching a tipping-point. We are now accepting that conventional security products are inadequate. But there is a way out: by applying prioritized system administration techniques, IT can harden their infrastructure. The combination of accurate inventory of IT systems and web applications, secure base configuration, diligent patching and segmented network design makes organizations immune to opportunistic attacks and raises the bar against targeted attacks.

Jack Daniel

Title: “Hackers: responsibility and reality”

Abstract : Like you, I consider myself a hacker; I like to push boundaries and improve things, I like to learn, I like to share what I know. Many people have helped me learn, and I hope I’ve helped others- which raises a question: is helping others a responsibility? This leads to larger questions: are there obligations inherent in being a hacker, and if so, what are they?

This discussion will explore these questions, and look at the logical (and possibly illogical) extremes. If the hacker ethic does impose burdens on us, do we all have to hold ourselves to a daunting standard like Johnny Long? What if our sense of duty is misguided? Many would say that Anonymous and Lulzsec do harm, but they would claim otherwise. If we have no obligations to our communities or society at large, is the hacker ethic sustainable, and does it matter either way?

What are our responsibilities, and who judges us on our performance? Please join me in this discussion and help explore these issues.

Jeremiah Grossman

Title: “Strategies for Web Application Security at Scale”

Abstract : Website compromises are an everyday, headline-making reality. Sometimes a cyber-attacker's motivation is national security inclined, other times its profit-driven, or it's to express a political message, and sometimes it's just for the Lulz(Sec). It also doesn't matter anymore if their targets are governments, military contractors, retailers, banks or even blogs - everyone online can now be on the receiving-end of a Web attack and, usually, by techniques we're already very familiar with yet often overlook: SQL Injection, PHP File Include, Cross-Site Scripting, Clickjacking, Cross-Site Request Forgery, the list goes on.

There truly is nothing new here that we haven't seen before. We know how to find these vulnerabilities, we know how to fix them, and we know how to prevent them. Yet, website compromises continue to increase anyways. The answer to why they're increasing is simple: many companies haven't solved the challenge on how to address Web application security at scale.

Whether you are responsible for protecting 10, 100, 1000 websites or even more, the technical challenges for Web application security at scale are two-fold:

How do you deal with an enormous backlog of Web code - already completed, riddled with vulnerabilities and developed in an era where security awareness was nonexistent?
How do you successfully integrate Web application security into the push-or-die pace of agile software development so your next generation of Web code is able to defend itself from modern attacks?

Answering these two questions requires a two-prong strategy that addresses operational security and ongoing software security, which comprises the central focus of this presentation.

Winn Schwartau

Title: “Solving the Cyber Security Hiring Crisis DHS and the Great Talent Search”

Abstract : At no time in history have we had a greater need for cybersecurity experts to protect government networks, critical infrastructures and private sector enterprises from the global onslaught of organized cybercrime, nation states and terrorists.

Yet, we seem to have trouble finding the right people to do the job we need. Why?

Winn Schwartau is not known for conventional wisdom, and many of his prior controversial commentaries have since become standard fare and dogma in the cyberwar and cybersecurity communities.

He believes we need a complete top-down rethink of how we choose security experts, how we manage them and how we view the skill sets needed to provide the best possible cyber defenses. You may not like everything he has to say, but he will present a suite of ideas that will be a sure fire way to spark any conversation throughout Hacking Halted and beyond.

Richard Thieme

Title: “BioHacking”

Abstract : The skills we have come to associate with hacking – seeing things cleanly and for the first time every time we look, innovative and creative thinking, cross-disciplinary knowledge, and a heart laced with a love of larceny and a refusal to accept the consensus reality of society, insisting on making things new, enabling life to do things that were unanticipated ... apply to biohacking as well as hacking information and communications systems.

Biohacking is hacking the genome, the organism, the species, to create new possibilities. Beyond enhancements of humanity-of-the-moment, it aims to generate new qualities and capabilities. Biohacking takes the work of corporate and government labs and puts it back in the garage where it belongs. Biohacking is the new frontier of hacking.

Matt Watchinkski

Title: “Using Information Superiority to win the Cybersecurity Battle”

Abstract : These days it’s not if your network will be attacked, it’s when. As attackers are becoming increasingly agile and sophisticated, network defenders must prepare for battle, but how? In the cybersecurity battle, the side with information superiority wins. Attackers leverage information superiority to breach your network- they know something you don’t about your environment and they capitalize on that deficiency to gain access to your critical assets. To gain the information superiority advantage and protect the network, defenders must establish a clear baseline of their entire environment. This is difficult as modern network environments are complex and constantly changing. As such, the fundamental problem many defenders face is not securing environments, but gaining sufficient understanding of what they’re protecting and how it’s arranged so they can secure it as it evolves. Join Matt Watchinkski, Vice President of Sourcefire, as he discusses how to win the cybersecurity battle by leveraging information superiority to take a context-aware approach to security and achieve total network visibility, control without compromise and intelligent security automation.

Tim Wilson (Moderator), Tim Rohrbaugh (Panelist), Scott Greaux (Panelist), Francis Brown (Panelist)

Title: “How to Make End Users Smarter About Security”

Abstract : No matter how much money is spent on security technology, many major breaches – including those at RSA, Sony, and Zappos.com – begin with a single user breaking security policy to click on an email attachment or download a suspicious Web file. With so many breaches in the news and so many resources devoted to enterprise security, why do end users continue to make the same dumb mistakes and continue to be drawn in by the same tired social engineering schemes?

In this hard-hitting panel discussion, leading experts in social engineering and phishing attacks will offer a look at the most common methods used to fool enterprise employees, and the potential impact of users’ failure to maintain good security policy. The speakers will also offer a look at enterprise security awareness programs, pointing out the flaws in many current programs and making concrete recommendations on how to build security awareness and testing programs that work – and make end users more savvy about their online behavior.

Sean Bodmer

Title: “Counter Exploitation of Cyber Threats”

Abstract : Who's afraid of the big bad wolf? For over two decades almost every individual and organization around the world has been a victim of opportunistic or targeted cyber threats or groups. The bad guys continue to do what they do best - deny continuity, integrity, and availability of our systems and the good guys continue to fight the fight. And the criminal underground tools and techniques evolve faster than we can keep up with. However, there are methods and techniques that can be used to demystify the organized or advanced persistent threats and enable your IT systems security professionals to actively combat these villainous campaigns. Our goal as security professionals is to prevent the pillaging of the networked knowledge we so diligently attempt to protect. In this talk, you will walk away with knowledge of new and specialized techniques that will take you beyond the world of post-mortem detection, incident response, or the over-reliance of host based security technologies. Some of these techniques may be seen as a grey hat path, but white hat to others. The treasure trove of intelligence and attribution that can be gained using these techniques is astounding, and proven through several years of successful practice and implementation.. The demo that will be presented will be a 'legal' demonstration of methods to exploit criminal infrastructures without their knowledge.

Francis Brown

Title: “Tenacious Diggity – Skinny Dippin’ in a Sea of Bing”

Abstract : When we last saw our heroes, the Diggity Duo had demonstrated how search engine hacking could be used to take over someone’s Amazon cloud in less than 30 seconds, build out an attack profile of the Chinese government’s external networks, and even download all of an organization’s Internet facing documents and mine them for passwords and secrets. Google and Bing were forced to hug it out, as their services were seamlessly combined to identify which of the most popular websites on the Internet were unwittingly being used as malware distribution platforms against their own end-users. Now, we’ve traveled through space and time, my friend, to rock this house again…True to form, the legendary duo have toiled night and day in the studio (a one room apartment with no air conditioning) to bring you an entirely new search engine hacking tool arsenal that’s packed with so much tiger blood and awesome-sauce, that it’s banned on 6 continents. Many of these new Diggity tools are also fueled by the power of the cloud and provide you with vulnerability data faster and easier than ever, thanks to the convenience of mobile applications.

Cameron Camp

Title: “How to create an Open Source multi-OS interoperable microSD/USB drive live distribution with encrypted data storage, forensics capabilities and remote backup”

Abstract : When working across platforms and technologies, it becomes necessary to interact with your data on a variety of devices and operating systems. Whether securely accessing and storing your Windows or Mac files, or natively running a live forensics OS that boots natively off a microSD/USB drive, you will still have access to the same data. This allows you to keep your documents secure, protect them from loss/confiscation, and make them unreadable without the proper credentials. But what if your microSD gets lost? An auto-sync feature backs-up your data to a Linux file store you have at home over a non-standard, encrypted port. So you can restore it to another device simply, or just have access to the data in other ways via standard tools.

Dave Chronister

Title: “Advanced SQL Injection: IDS/WAF evasion”

Abstract : SQL injection attacks have been around for quite a long time. With the rise of web applications the problem has increased. Unfortunately, many developers do not understand the true implications of a SQL injection attack. In many cases companies have opted on implementing Web Application Firewalls and Intrusion Detection Systems to defend against injection attacks. In this talk, Dave will discuss various methods of detecting, fingerprinting, and evading IDS and WAFs. We will explore some SQL attacks where the goal is not your data.

Jenn Lesser

Title: “Winning the Security Awareness Game”

Abstract : We’ve all heard the same slogans, ”Security is Everyone’s Responsibility”. . . “Don’t Share Your Password” . . . "Lock Your Laptop." We’ve all seen the same boring posters, watched the same tired awareness videos, and quickly glanced at the same newsletters only to never reference them again. At the end of the day, how do you get employees to care about Security? You turn Security Awareness into a game! This talk will focus on “Hacktober,” a unique approach to Security Awareness that takes place at Facebook in October (to correspond with Cyber Security Awareness Month). We’ll cover: our approach, some of the hacks we’ve performed, how we incentivize folks, and most importantly how we extend this event throughout the year to make it fun for all involved.

Rafal Los

Title: “House of cards - How not to collapse when bad things happen”

Abstract : An unfortunate number of enterprises build their foundations on a false sense of security. They've implemented technical defensive measures, written policies, and have procedures for response - and they feel ‘secure’. The problem is - until they’ve actively tested these out in real-world scenarios much like disaster recovery drills, they have no idea how well-prepared they really are for when the worst strikes. As Information Security leaders often find themselves playing whack-a-mole with compliance, business requirements and resource challenges it can be easy to fall into a sense that everything is under control because on paper the security posture looks good - but how certain are you? Validating human and technical controls, policy elements and response procedures is vital to the prepared enterprise.

This talk will expose the audience to the issues of having unproven security and untested defenses in today’s threat landscape… and encourage CISOs to “break more” to provide their leadership with a better level of assurance of preparedness than they have today.

Gary Miliefsky

Title: “Bulletproof Network Security”

Abstract : Learn to halt hackers in their tracks. Gary will present some of the best tools and techniques to harden your devices – from your laptop…to your iphone…to your droid and blackberry…to your servers and your services. You’ll gain key insights that, for years, were reserved only to the top IT staff of the NSA and others in the Federal government. You’ll learn about the best ways to make your network secure and to stay one step ahead of the next wave of malware, malicious insiders, and cyber criminals. You still not convinced? At the end of his presentation, he will be giving away two PWNIE PLUGs – the world’s smallest, most powerful penetration testing appliances – the best way to test his techniques and your own results.

Gunter Ollmann

Title: “The Next Generation of DGA-based Crimeware”

Abstract : The concept behind domain generation algorithm (DGAs) used for locating crimeware C&C isn't particularly new. However, the current generation is considerably better tuned and is increasingly incorporating a backup strategy to the more sophisticated commercial crimeware tools. For the good guys, there is new machine learning and advanced spectral clustering approaches that can automatically detect (passively at the network level) their operation and classify malware families. For the bad guys, there are improved operational methods that guarantee evasion - at both technological and law enforcement levels. This talk covers the state of the art in applying advanced machine learning to network detection, and the optimizations being made by the masterminds behind some of the best crimeware out there.

Chris Silvers

Title: “Go with the Flow: Strategies for successful social engineering”

Abstract : When the ringing stops and a real live person answers the phone, it doesn’t matter if you’re an expert at finding bugs, bypassing memory protections, or exploiting exotic heap overflows. The few words you choose make all the difference. This action-packed talk analyzes the key “tells” given off by victims so that you can dynamically modify your social engineering attack to fit many of the most common situations. Through the use of real-life recordings of actually social engineering calls, Chris walks the audience through a typical call scenario, analyzing successful as well as unsuccessful examples. The participants will leave ready to begin identifying how resistant their organization is to this growing threat.

John Weinschenk

Title: “The Persistent Threat of Mobile Apps – Why Continuous Testing is Key”

Abstract : Mobile applications have given us new ways to interact, play, and boost productivity, but they’ve also exposed a dark side. Backend services are the next frontier for hackers because they provide the biggest payoff. Since many mobile applications connect to databases on the backend, they have become a high priority target for hacker attacks. The best way to thwart their efforts is for enterprises to secure all web services exposed to the Internet. Mobile applications need to be tested throughout the lifecycle for new vulnerabilities. Witness in live video some of the ways mobile application vulnerabilities can be a serious risk.

Zoltan Balazs

Title: “Zombie Browsers, spiced with rootkit extensions”

Abstract : Browser extensions extend the functionality of the web browser. These extensions improve the appearance, functionality, security or other parts of the browser. Extensions were also developed with malicious intent, in order to generate revenue or just spread the code between more and more browsers. The possibility of a malicious browser extension is almost infinite, but we have not seen very powerful malicious extensions yet. The protective measures against malicious extensions are in their stone-age, and the number of these malicious extensions rise exponentially. In my presentation I will demonstrate a proof-of-concept Firefox and Chrome extension, which works in a command-and-control architecture, has rootkit capabilities, steals cookies and passwords, executes JavaScript, uploads and downloads files, etc.

Wayne Burke

Title: “Mobile Hardware Hacking with Raspberry Pi”

Abstract : Build your own $80 Pwn Box and hack everything, cause chaos, destruction!! all for the purposes of authorized testing. Mobile Security and most importantly the fact that mobile devices are taking over the world, needs no further explanation of what importance mobile security has already in the government and business sectors. Wayne will for the duration of the presentation keep you awake with his usual high energy charisma and pure passion for mobile security and hacking. The session will focus heavily on practical hands-on demonstrations using the Raspberry Pi to hack stuff!! pre-loaded with the latest weapons, such as custom Debian distributions like HA-Pi or PwnPi. Lets get down with the latest RF hacking, Cracking and Mobile Client Side Exploits.

Kevin Cardwell

Title: “Building a Live Hacking Target Range”

Abstract : Do you want to practice your Red Team Skills? Or do you want to play "Capture the Flag", hacking style? Well, we will show you how to create your own live hacking target range! Come and see how we do it in less than an hour!

Dmitry Chastukhin

Title: “Breaking SAP Portal”

Abstract : Today, SAP NetWeaver is the most widespread platform for developing enterprise business applications. One of the most critical applications is SAP Portal. The point is that SAP Portal, unlike many other systems, is usually available from the Internet because it provides SSO access to other business critical systems from SAP and other vendors. If a malicious hacker can get unauthorized access to SAP Portal, he can get control over all the other systems located inside the company even if they are secured by firewalls. We have done numerous security assessments of SAP Portal and found that even critical infrastructure systems like SCADA sometimes connected to Portal. Also developers can make custom applications for Portal called IViews and those have their problems. In this talk, the security architecture of Portal itself and custom applications will be reviewed and a number of new issues will be presented that can give full control over SAP Portal wery stealthy.

Gianni Gnesa

Title: “Advanced Industrial Espionage Attacks”

Abstract : The history of economic and industrial espionage goes far back in time when Father Francois Xavier d'Entrecolles revealed to Europe the manufacturing methods of Chinese porcelain in 1712. Since then, the opportunity to cut research & development costs and gain an economic advantage has urged several companies, organizations, and entrepreneurs to spy on their competitors. Within the rich set of methodologies and techniques used to do this, hacking has become a key player. In this presentation, after an overview on industrial espionage, we will analyze a very sophisticate attack that was perpetrated against a Swiss-based company where the attacker exploited multiple vulnerabilities and application misconfiguration. Finally, I will give some recommendation on how to protect your sensitive information and minimize the impact of 0 days.

Ben Miller

Title: “What you don't know can hurt you!”

Abstract : You can’t see it. You can’t hear it. You can’t detect it. And it is fast becoming hackers’ weapon of choice: Trojans. With complete, unobstructed access to your network, Trojans turn your network into a hacker’s playground. Learn evasion techniques hackers use via Trojans by making them invisible to antivirus, network sniffers, operating systems and more. Plus, learn from a professional hacker additional ways Trojans hijack your network and whether or not you can truly protect your network against them.

Kyle Osborn

Title: “Physical Drive-by Downloads - An Android Modders Weakness”

Abstract : Mobile security is still a fairly young practice, but it’s not unexplored. Over the past few years, there has been plenty of research on mobile threats, such as exploits, malicious applications, and more recently, drive-by downloads. However, here is at least one aspect of security that is lacking documentation, and that is the physical security of the device. One of Android’s great selling points, customization, is also one of its weakest in terms of security. While recent versions of Android support drive encryption, and even remote wipe, these defenses still can’t protect you from a physical attack that you didn't even realize happened, especially if that phones other defenses have already been weakened by its owner. And that’s exactly what this talk intend to do: teach you how to successfully conduct a "physical drive-by download" on a device, and in some cases, one that may only be accessible for a single minute.

Prutha Parikh

Title: “Attacking Apache Reverse Proxy”

Abstract : This talk will discuss the Apache Reverse Proxy vulnerability (CVE-2011-4317) that I discovered while developing vulnerability signatures for Apache. Depending on the reverse proxy configuration, the vulnerability allows access to internal systems from the Internet. The presentation will start with discussion on reverse proxies and look at an older reverse proxy vulnerabilities and patches. It will go into the thought process behind bypassing the latest patch to discover a new vulnerability to remotely gain access to the internal network. It will also describe the tools, techniques and ideas that went behind discovering the new variant of the vulnerability and constructing a proof of concept to exploit the issue. I exercised responsible disclosure of the vulnerability to Apache and after the patch was released, I went public with my findings in a blog post. I will also share a standalone tool that will help system administrators identify the vulnerability in their environment.

Josh Shaul

Title: “Hacking The Big Four Databases”

Abstract : According to the Identity Theft Resource Center, in the past year and a half, there have been nearly 900 breaches and over 28 million records compromised. With groups like Anonymous and LulzSec continuously hacking into major corporations and government agencies, do you wonder if you’re next? No organization, industry, or government agency is immune to the proliferation of complex attacks and malicious behavior. Ensuring database security is a priority for organizations interested in protecting sensitive data and passing audits. Over the course of this presentation, a description of sophisticated methods used in invading enterprise databases will be discussed, and the evolution of the security issues and features in each will be provided. A demonstration of new and popular attacks will also be presented. The presentation will conclude by proposing essential steps IT managers can take to securely configure, maintain databases, and defend against malicious breaches entirely.

David Willson

Title: “Hacking Back In Self-Defense: How Can I Do It Legally?”

Abstract : The hacker problem has become overwhelming. Traditional defenses are not enough. Companies are constantly plagued and for some, the attacks are persistent. Damages mount, IP and trade secrets are stolen, all costing companies millions of dollars. What if traditional incident responses yield no results and law enforcement cannot help? There must be another alternative. This presentation shows how to legally take the fight to the hackers: collecting intelligence, evaluating risk and liability, and implementing courses of action to stop a persistent attack.

Freddie Beaver

Title: “Riding on Cloud 9 – Holistic Security for a Euphoric Cloud Experience”

Abstract : This presentation will cover a holistic security framework of the nine areas that will mitigate the risks to assure a euphoric cloud computing experience.

Michael Berman

Title: "Security and Software-defined Networks"

Abstract: Software-defined infrastructure presents us with an opportunity to improve our data security while at the same time allowing security operations to better support business priorities. As data centers increasingly become software defined, security will have to give up its reliance on physical appliances and bastion hosts. Firewall, intrusion detection, and other mechanisms must transition to software-defined analogues. This transition will disrupt: Workload deployment, provisioning, and management of secure systems; Personnel, roles, and separation of duties; and Deployment, operations, and management of security systems.

Presented by an expert in software-defined security architecture, this talk will focus on the key changes necessary to align information security with the software-defined enterprise. Specific actions and recommendations for organization of security roles, information security management systems, and security technology will be presented and explained in technical detail. Attendees will take away specific knowledge of: The top-5 controls for protecting a software-defined data center; and experience based organization structure, responsibility, authority, consult, and inform matrix for security enabled operations.

Steven Fox

Title: “FedRAMP - How the Feds Plan to Manage Cloud Security Risks”

Abstract : The virtual, service-base computing models enabled by Cloud Computing are getting the attention of Federal agencies, Given the limits imposed by budget and infrastructure constraints, the economic and computing benefits offered by this approach is attractive. However, the risks associated with Cloud Computing have slowed the adoption of this technology throughout the Federal space.

This session introduces the key components of FedRAMP, a collaboration of cybersecurity and Cloud experts from private industry and public organizations. It provides guidance on how to perform security assessments on Cloud services which provide the information required by Federal customers with which to make risk management decisions.

Session attendees will learn about Federal case studies where Cloud Computing is being applied to enhance the utilization of existing infrastructure. They will also learn about risk assessment and management approach which they can apply to their own Cloud implementations.

Aamir Lakhani

Title: Bring Your Own Destruction

Abstract: Mobile Device Management is the hottest technology for mobile security and BYOD (Bring your own Device) vendors. There are over 64 MDM (Mobile Device Manufacturer) vendors, everyone is trying to rank them including Gartner, Forrester, and leading publications. What are the true differences between MDM vendors? What should one look for in selecting a MDM vendor? Fact from Fiction, what MDM does and does not do? MDM Cloud vs On Site deployments Aamir Lakhani has installed MDMs for over 1 million endpoints from a variety of different vendors. This conversation is a deep dive beyond the reviews and the vendor promises on how MDM works for large enterprise deployment.

Victor Nappe

Title: A Perfect Cyber Storm is Brewing – and We Are Not Prepared

Abstract: The world works and plays in cyberspace. It’s no surprise that cybercriminals profit wildly from the theft of intellectual property, personal data, and easy money. Every business is vulnerable to being exploited, and it is not uncommon for a security breach to go undetected until your next professional security review—whenever that might be. Many organizations recognize the gravity of cybercrime, and more are asking what they can do to prevent their own victimization and protect their various stakeholders as well. But most are not adequately prepared. This presentation explores the types of cybercrime prevalent today, their far-reaching consequences, and why they continue to succeed.

Learning Objectives:

Review current threat landscape and state of cybercrime today
Learn about recent security breaches and causes, including real-life examples
Explore what is broken in cyberspace that enables data breaches to continue
Obtain a clearer understanding of one’s own IT security vulnerabilities
Gain insight into what an effective solution delivers that a traditional one does not
Learn how to avoid being swept away in the cyber storm!

Tim Pierson

Title: “The Cloud Whisperer: What Security Secrets is your Cloud not disclosing?”

Abstract : Just like the famous TV show on National Geographic, the Dog Whisperer™, Ceaser Millian finds ways to reach your unruly beast by speaking their language. A cloud environment is much like that. If you have decided to move to the cloud then you know that the road is fraught with dangers, uncertainties, and nightmares. Sometimes this could be not only a job limiting decision but perhaps a career limiting one as well. Understanding exactly how the cloud works and knowing your relationship with the cloud provider and what their SLA’s have promised are paramount. Knowing what you can and cannot do may save you from a complete purposeful shutdown from your cloud provider. It takes a person who knows both languages to be able to interpret this. Luckily Tim Pierson knows how to speak cloud. That is why I am known as “the Cloud Whisperer”. In this session I will cover the pitfalls of moving to the cloud, how to avoid the stumbling blocks and make sure the road ahead is smooth. Knowing the problems helps you to avoid them in daily operations as well as the nerve racking move itself. I will discuss SLA’s, Legal Ramifications, Jurisdiction, Regulations, Pen Testing your Cloud and of course Compliance so you know all the facts before you consider that move. While a move to the cloud may look really cost effective, knowing all the issues may either ensure you are on the right track it or perhaps you should step back to take another look.

Hemma Prafullchandra

Title: “How to successfully get your Cloud through FedRAMP, PCI, and HIPAA”

Abstract : Gain insights into the rapidly evolving virtualization and cloud security landscape, get the latest on compliance mandates set forth by PCI, HIPAA, FedRAMP, NIST 800-53 and understand emerging solutions and best practices to help you scale your virtualized infrastructure and/or use of cloud technologies while staying compliant and secure.

This presentation introduces and discusses the top challenges in meeting FedRAMP, PCI and HIPAA, and keys to successfully meeting the compliance requirements, cost effectively. Hear straight from virtualization experts, compliance guideline authors, and 3PAO, QSA assessors who have successfully certified some of the largest cloud providers in the country.

Rob Randell

Title: “Architecting and Building a Secure Virtual Infrastructure and Private Cloud”

Abstract : The cloud is one of if not the hottest topics in IT today. With virtualization being the key technology behind the cloud, it is very important to understand the security aspects of virtualization, how it changes datacenter operations and the best practices to account for those changes as well as the concept of multi-tenancy in the cloud. In this session Rob Randell, CISSP will discuss key considerations in architecting and building a secure private cloud. Topics of discussions will be to define the private cloud, the concept of multi-tenancy, how to architect your private cloud to achieve secure multitenancy, key tools to help ensure isolation between tenants, and best practices in securing the underlying virtual infrastructure in which the private cloud runs.

Shakeel Tufail

Title: “Software Threat Modeling for the Cloud”

Abstract : There are only a handful of threat modeling approaches in the industry which are difficult to implement due to the subjective guidelines. Our training session will focus on best practices and a hands-on approach that will provide attendees a better understanding of how to conduct threat modeling in their organization. Most threat models focus on attackers, we will look at the threat model using trust zones, identifying assets, indirect threats, and ambiguity analysis. We will also speak about secure design concepts and best practices for securing software architecture.

Paul Coggin

Title: “Own the Network - Own the Data”

Abstract : This presentation discusses the security issues with the critical network architectures being deployed by service providers and utilities to support next generation network services such as IPTV, 3G/4G, smart grid etc. Network infrastructure security is often neglected during the typical security audit process due a lack of router and switch knowledge. In this presentation attack vectors will be discussed that enable an attacker to take control of network infrastructure by targeting common configuration mistakes, trust relationships, interdependencies and protocol weaknesses. The presentation will explain what an attacker may do with network infrastructure components once captured to gain further influence and complete access to network resources and data.

Jesus Consuelos

Title: “Security 360”

Abstract : In today’s modern world, truly secure information relies not only on analysis and secure infrastructure, but has to extend to all areas where the information is present. Information is key in every activity and area within corporations and institutions and it is vital that we guard and defend it from all attackers.

Security systems and mechanisms can be classified into different groups, depending on their function: predictive, proactive, active, and reactive systems. These systems are supported by the integrity of the policies, procedures and cultures of an organization, as well as national and international standards.

Within the walls of INFOTEC our research team has developed and specialized a 360 degree security service that already has as key clients the Mexican government and several other national and international private companies.

Based on the training and certifications offered by EC-Council, INFOTEC has strengthened its services and is now offering as a certified ATC the security trainings needed for continual growth and strengthening on the 360 security scheme.

Jonathan Cran

Title: “Advanced Persistent Pentesting: Fighting Fire with Fire”

Abstract : When you know you're compromised, how do you prevent additional compromise and keep the "fire" from spreading. This presentation will detail a slew of technical ideas and techniques you can use to test the competency of your IT security infrastructure, applications, and personnel. Attendees will gain knowledge on continous and distributed testing, incident response, extrusion testing & detection, and physical security.

Mike Danseglio

Title: “Delivery Is Everything: Case Studies in Presenting Penetration Test Findings”

Abstract : You specialize in attacking, documenting, following ethical hacking processes and techniques to discover and exploit vulnerabilities. You're doing it all so you can address the issues before evildoers can exploit them. But none of that matters if you can't properly communicate the issues to executive management, budget holders, and auditors. Come to this session to see the good, the bad, and the ugly penetration test presentations. Mike Danseglio CISSP CEH has years of experience working with industry and government. He has experience on both sides of a bad penetration test presentation. He'll provide guidelines and specific examples of how to explain security to critical role-holders without insulting or confusing them, how to illustrate points to get the message across, and how to use your technical results to get the security results you want.

Christopher Elisan

Title: “DGAs and Cyber-Criminals: A Case Study”

Abstract : In recent years, Domain Generation Algorithms (DGA) have evolved from proof-of-concept technique capable of bypassing legacy static reputation systems (e.g. Domain Blacklists), into full-featured stealth modules embedded within an increasing number of today's most advanced and evasive commercial crimeware toolkits. DGA's can also be referred to as a form of domain fluxing. This paper details how we uncovered criminal DGA activity long before the malware using the DGA technique was ever identified by the security community. The discovery was accomplished using patent-pending machine learning technology and years of passive DNS data collection and analysis. In addition, the case study describes how we, starting only with the identified DGA behavior, tied the DGA behavior to the criminal C&C infrastructure and then to the malware, infection vectors and campaigns. The identified malware is a new version of Zeus that uses P2P as its primary C&C channel with a DGA backup.

Merchant Bhaumik

Title: “Spawnning Reverse Shell With Any IP , Any Time!”

Abstract : This paper is developed to show various kinds of communication technique between attacker and victim in the world of computer network and computer security. Dynamic DNS concepts are used in this paper to show communication between attacker machine and victim machine in order to bind IP of reverse shell. By using Dynamic DNS concepts this paper shows dropping reverse shell on any ip of attacker’s choice and also introduce new term called “Universal Payload” (Single payload for all victims, useful in creating BOT network mechanism by Dynamic DNS concepts). These methods can be used in attacking and getting reverse shell from victim machine to attacker machine and also bypassing some network security mechanisms such as NIDS (Network Intrusion Detection System), IPS (Intrusion Prevention System), Firewall etc with zero outbound traffic.

Jonathan Pollet

Title: “Hacking SCADA Systems - 2011 Year in Review”

Abstract : From late 2010 through 2011, we have witnessed a stark increase in activities relating to SCADA vulnerability research, vulnerability disclosure, and exploit weaponization. The cross hairs have zeroed in on SCADA and Industrial Control Systems that are vital to national critical infrastructure. Stuxnet started this trend off a little over a year ago, and since then we have seen APT attacks on SCADA systems (i.e. Night Dragon attacks), the multiple Luigi disclosures, the Siemens PLC vulnerability disclosures and live exploits, hundreds of ICS-CERT alerts that have been disclosed up to the last quarter of 2011, and recently a rash of attacks on oil and gas pipelines. This educational presentation will provide an eye opening “year in review” of all of the hacking activities that transpired in the past year as it relates to SCADA and Industrial Control Systems. We include several videos showcasing hacking techniques.

Rock Stevens

Title: “Military Targeting Adapted for Hacking”

Abstract : This research alters the military targeting process used to synchronize and deliver lethal artillery rounds on enemy combatants into a planning framework that hackers can utilize during penetration testing or social engineering attempts on a wide spectrum of targets.

Richard Ryan Hernandez II

Title: “Enemy behind the Firewall: Trust, Tools, Threat”

Abstract : The Enemy behind the firewall is all about the Insider threat. Insiders can be malicious or non-malicious. Most computer security measures like firewalls, intrusion detection systems, and so on try to deal with the external attacker, but are pretty much powerless against insiders (Schneier 48). Companies sometimes put too much trust on their employees. Most companies are not aware that the biggest risk might come from inside and these are the employees.

Lanxoma’s survey found that many organizations underestimate employee satisfaction as a factor for insider attack. According to experts, employees who pose the highest risk are those who are dissatisfied with their jobs or who are under-recognized (Lanxoma.com). There is a reason why the FBI report cited the high volume of internal crimes.

A person within the organization has more access and opportunity than anyone else. Few persons would have a better understanding of the security posture and weaknesses. In fact, an employee may be in a position of influence to socially engineer coworkers into ignoring safeguards and alert conditions. This is why it is important to monitor internal employee satisfaction and access (Cannon et al., 2006, p. 282).

Malicious employees might use several techniques and tools to bypass security and steal corporate secrets like social engineering, keylogging, stealing credentials, spying, planting backdoors, stealing data and leaking the information over the internet.

Even with the proliferation of new security threats such as advanced persistent threats (APTs), many companies still consider insider threats to be the biggest risk to corporate data. A survey released in April this year by network security firm Algosec, for instance, which found that insider threats were still one of the top worries of IT and security professionals, at 27.5 percent, compared to a lack of visibility into applications and networks at 28.7 percent. Insider threats are still prevalent today because anything stored electronically is easier to steal, especially when one has legitimate access to it.

The presenter will showcase some real world demos used by malicious insiders.

Pedro Joaquín and Paulino Calderón

Title: “Exploiting Routers for Fun and Profit”

Abstract : The importance of security in home routers is wrongly diminished. Vulnerable routers pose a dangerous threat as all of our information passes through these devices. What happens when someone has complete control of your router? How many vulnerable devices are there? How common are these attacks? How difficult is it to exploit them? We recently gathered a massive amount of Web server banners to identify common networking devices / home routers. In this presentation we will show the results and review their current state of security and the impact of the vulnerabilities that affect them.Demos of the exploitation of the most important vulnerabilities will be shown. This includes a couple of 0days, backdoors, botnets and advanced blended threats.

Bogdan Alecu

Title: “Using HTTP headers pollution for mobile networks attacks”

Abstract : Most of the mobile operators have their own WAP page available to their customers in order to download content like ringtones, videos, games, etc just by browsing to this page and choosing to download whatever you want. Depending on the carrier, you could also transfer funds or even access your bank account which is tied to your mobile number.

In this talk I will show you what are the security issues with these WAP pages and how you could access them while pretending to be some other customer. The attack can also be performed remotely, without even being a customer of the target mobile network. Some video demos will be shown during the presentation.