The Launch of the Cyber Quotient & Aptitude Testing for Cyber Professionals

While the cyber security community has done well in developing highly trustworthy credentials and courses in cyber security to help train cyber security professionals, the industry is starved of a comprehensive platform that can replicate even the most complex enterprise network with a click of a few buttons to enable cyber teams to sharpen their advanced skills on a complex, curated enterprise grade networks. One portal to rule them all, individuals, teams, educational institutions, organizations and military units.

EC-Council is proud to launch CyberQ, which is a on demand platform designed to enable users to take their training and assessment to the next level. Come to this session to see how you can easily design, build and execute high fidelity, hands on cyber security training like no other and train your way using actual skills acquisition methodology and view metrics and insights unlike you’ve ever seen and at the same time, through our newest psychological capacity testing program, CyberQ Aptitude, Identify if you have what it really takes to be a top performing Cybersecurity expert. Our Aptitude testing program has been battle tested by the US Intelligence Community and Department of Defense to identify candidates with top natural born capabilities, and for the first time, it is available to general public through EC-Council.

Jenny Radcliffe has spent a lifetime performing physical infiltration, social engineering and security investigations. She specialises in various aspects of human manipulation including deception work, non-verbal communications, influence and persuasion techniques. She is the founder and Director of Social Engineering at Human Factor Security, is a regular global keynote speaker and is the host of award winning podcasts, vlogs and blogs on all aspects of the human element of security. Jenny can usually be found behind a mic, on top of a roof somewhere in the world, and believes there is always rum for pirates.

The Witchball and the Tribe – On stealing calm and weaponising fear in Social Engineering

In this talk, Jenny Radcliffe discusses how negative psychology is at the heart of malicious social engineering. She discusses how the psychological principles deployed in ancient occult practices are still used today to manipulate the emotions of potential targets. The talk looks at the different “tribes” within organisations, and how cognitive bias and psychological factors can contribute to attacks on organizations and individuals, and what might be done to overcome them.

The talk covers the use of fear as a weapon in people-based attacks and explains how an understanding of the mechanics of this often misunderstood principle emotion, is as essential in modern times as it always has been, in defending against malicious social engineering in all its forms.”

Marcelle Lee is a security researcher, an adjunct professor in digital forensics and network security, and she is also a co-founder of Fractal Security Group, LLC. She specializes in network traffic analysis, malware analysis, and threat hunting. She is involved with many industry organizations, working groups, and boards, including the Women’s Society of Cyberjutsu, the NIST Cyber Competitions Working Group, and the Cybersecurity Association of Maryland Advisory Council. She also both builds and participates in cyber competitions, and shares her work through her Github site, https://marcellelee.github.io/.

Marcelle has earned the CISSP, CSX-P, GCFA, GCIA, GCIH, GPEN, GISF, GSEC, GCCC, C|EH, CCNA, PenTest+, Security+, Network+, and ACE industry certifications. She holds four degrees, including a master’s degree in cybersecurity. She has received the Chesapeake Regional Tech Council Women in Tech (WIT) Award and the Volunteer of the Year award from the Women’s Society of Cyberjutsu. Marcelle frequently presents at conferences and training events, and is an active volunteer in the cybersecurity community.

A Day in the Life of a Security Researcher

What is security research? For me, it is the perpetual hunt to identify malicious cyber activity and threat actors. In this talk, I will cover the tactics, techniques, and procedures” (TTPs) I use and will also share some case studies from recent research on threat actor campaigns and activity.

Antonio A. Rucci is a retired Counterintelligence Special Agent and US Army Warrant Officer, with more than 34 years of technical security experience. Tony is the Director of Information Security & Threat Intelligence for GRIDSMART Technologies Inc, Knoxville, TN.

Tony ran technical espionage and computer crimes investigations for a good portion of his operational career. He served as the Counterintelligence Operations Officer at The White House, serving two administrations from 1998-2004. He led technical accreditation for a critical facility at one of the DOE National Labs before being recruited to move to Reno, NV to build a data center for one of the beltway bandits. Since then, Tony has started two of his own companies; served as the Chief Security Officer for two others; and built an InfoSec & Threat Intelligence vertical for another company before joining GRIDSMART earlier this year. Tony continues to serve national security efforts in his current capacities, stirring up the Transportation Industry by assessing and assisting smart/autonomous vehicle strategies along with their smart cities and traffic management support infrastructure, supporting both private sector and government interests. Twitter: @InsiderThreats

Forensicating Ransomware When They Hit Your NAS

Ransomware as a Service is a thing. Amateur Hackers are using CMS-Like C&C Platforms to deploy & manage their victims with VERY LITTLE knowledge of what they are doing. I’ll walk you through a successful approach I’ve used on a few cases to recover “deleted data” from NAS, hit by Ransomware.

Jake Williams is an accomplished infosec professional with almost two decades of industry experience. After spending more than a decade in the US Intelligence Community performing various missions in offensive and defensive cyber, Jake founded Rendition Infosec where he leads a team of professionals performing adversary emulation, incident response, malware reverse engineering, forensics, and exploit development. He is an accomplished conference speaker and is a recognized leader in the infosec community. Jake loves teaching and mentoring other information security professionals and teaches thousands of information security professionals annually. After being called out by the Shadow Brokers, Jake’s past is officially no longer a secret. He’s lived through the things that most in our industry have only read about in books. He brings insight that his background affords to his professional work and mentoring, providing students and clients an experience they can’t get anywhere else.

Communicating cybersecurity to the non-technical

Ever briefed management on an incident only to see their eyes glaze over as they hurriedly check their phones, seemingly praying for an ‚Äúemergency phone call?‚Äù Come learn how to stop talking to management and start actually communicating. They’ll be glad you attended this talk (and so will you).

Ryan Tick and Vaishnav Murthy are cloud security architects for Goldman Sachs, responsible for automating the detection, analysis, and reporting of security incidents in Goldman’s public cloud environment. They work with the firmwide Security Incident Response Team to design and conduct purple team exercises and respond to tier 3 security incidents in the cloud. Prior to working at Goldman, they were digital forensics and incident response (DFIR) consultants that led high profile cybercrime investigations for Fortune 100 clients across the globe. They both hold various AWS and GIAC certifications and are GIAC advisory board members.

Automating disk and memory evidence collection in AWS

During an incident, answers are needed quickly. Often this starts with evidence collection and log correlation. At Goldman Sachs, we have automated an event-driven cloud response platform that uses AWS native services to successfully collect disk and memory from compromised EC2 instances.

Ryan Tick and Vaishnav Murthy are cloud security architects for Goldman Sachs, responsible for automating the detection, analysis, and reporting of security incidents in Goldman’s public cloud environment. They work with the firmwide Security Incident Response Team to design and conduct purple team exercises and respond to tier 3 security incidents in the cloud. Prior to working at Goldman, they were digital forensics and incident response (DFIR) consultants that led high profile cybercrime investigations for Fortune 100 clients across the globe. They both hold various AWS and GIAC certifications and are GIAC advisory board members.

Automating disk and memory evidence collection in AWS

During an incident, answers are needed quickly. Often this starts with evidence collection and log correlation. At Goldman Sachs, we have automated an event-driven cloud response platform that uses AWS native services to successfully collect disk and memory from compromised EC2 instances.

Alyssa Miller (CISM) is a hacker, security advocate, author, professional, and public speaker with almost 15 years of experience in the security industry. She has always had a passion for deconstructing technology, particularly since buying her first computer at the age of 12 teaching herself BASIC programming. In her career, Alyssa has performed all forms of security assessments but given her developer background, she had a dedication to application security. She specializes in working with business and security leaders to design and deploy effective security programs that strengthen enterprise security posture.

Alyssa is also committed to evangelizing security. Not only does she speak internationally at various industry, vendor and corporate events, Alyssa also engages in the community through her online content, media appearances, and security community activism. Her journey through security was recently featured in an article by Cybercrime Magazine. She’s also been recognized in Peerlyst’s e-Book “50 Influential Penetration Testers”. Alyssa is board member for Women of Security (WoSEC) and has participated on multiple panels discussing solutions to reduce the diversity gap in security. Currently, Alyssa is an Application Security Advocate for London-based Snyk Ltd.

Reality Lost: Deepfakes Changing the Face of Attacks

Deepfake media and the neural networks that create it, are fundamentally changing how we think about security defenses. Learn how this media is created, how it can be detected and possibly prevented, as well as methods to defend against the threats. We’ll even see how this tech can be used for good.

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior Security Architect and maintains his own blog and podcast called Advanced Persistent Security. In his spare time, Joe enjoys attending information security conferences, contributing blogs to various outlets, training in Brazilian Jiu-Jitsu (spoken taps out A LOT!), and flying his drone. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. Joe has contributed material for the likes of AlienVault, ITSP Magazine, CSO Online, and Dark Reading and is a regular Forbes contributor.

Social Engineering Your Metrics: Using Data Science to Provide Value in Reporting

Reporting is generally boring. As social engineers, we often get wrapped up in the hustle and bustle of performing the engagement and report writing falls to the side. Are we providing meaningful measurements, metrics, and advice to the client? This presentation introduces actionable metrics.

I’ve spent several years in cybersecurity and have been recognized globally for my security research. Over the past ten years, I’ve held various engineering, development, and consulting roles in the technology sector and received a B.S. degree in Computer Engineering. Now, I write about security and research at Cybereason.

Trust, but Verify: Maintaining Democracy In Spite of Информационные контрмеры

In this session, we’ll discuss how Russia has influenced worldwide elections using cyberwarfare and how countries have fought back. We’ll understand the natural asymmetry between how countries are able to respond, and how they have changed their approach since 2016.

Dr. Bryson Payne is a TEDx speaker, best-selling author of “Teach Your Kids to Code” and “Hacking for Kids”, award-winning cyber coach and online instructor with over 50,000 students in more than 160 countries, and the founding Director of the Center for Cyber Operations Education at the University of North Georgia, an NSA-DHS Center for Academic Excellence in Cyber Defense. He is a tenured professor of computer science at UNG, where he has taught aspiring coders and cyber professionals since 1998, including UNG’s #1 nationally-ranked NSA Codebreaker Challenge cyber ops team.

Dr. Payne is a Certified Ethical Hacker (CEH), CISSP, SANS/GIAC GPEN, GRID, and GREM, among other industry certifications. He was also the first Department Head of Computer Science at UNG and enjoys working with K-12 schools worldwide to promote computer science and cybersecurity education.

Reverse Engineering: From Hacking Solitaire to Wrestling Ransomware

Reverse engineering is a valuable skill that you can learn hands-on from two of America’s top cyber coaches. Dr. Bryson Payne and Prof. Jacob Elliott will show you how to score a billion points in Solitaire, bend Windows/Linux/Android apps to your will, and wrestle files back from ransomware.

Phillip Wylie is the Senior Red Team Lead for a global consumer products company, Adjunct Instructor at Richland College, and The Pwn School Project founder. Phillip has over 22 years of experience with the last 8 years spent as a pentester. Phillip has a passion for mentoring and education. His passion motivated him to start teaching and founding The Pwn School Project a monthly educational meetup focusing on cybersecurity and ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Richland College in Dallas, TX. Phillip is a co-host for The Uncommon Journey podcast. Phillip holds the following certifications; CISSP, NSA-IAM, OSCP, GWAPT.

The Pentester Blueprint: A Guide to Becoming a Pentester

Pentesting is a very popular area of cybersecurity. While there are lots of resources on pentesting the subject of how to start a career has been overlooked. I share my experience of helping others get into pentesting. The experience I share is from mentor and teaching.

Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who supports safe harbor and strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to change the statistics of women in InfoSec. She is the President and cofounder of Women of Security (WoSEC) and heads the SF Bay Area chapter. As well, she created WomenHackerz, a global online community that provides support and resources for hundreds of women hackers at all levels.

The Hacker Hippocampus: Meet your brain on games

This gamified talk shares the history of gamification in infosec, how our brains are stimulated by them, and how it’s transforming lives.

Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.

Hack the Vote!

“One person, one vote… that’s what we keep telling ourselves, although let’s be honest that really isn’t how it works, at least in the US because of the cockeyed electoral college thing, so it’s more like “some states, most of the votes” AND we can break that down even further by “Electoral College, ALL the votes” because they don’t have to give a damm what you think OR who’s most popular in your state…

So, face it, it really doesn’t matter what the hell you vote, it all comes down to a set of folks…

Which sucks

SO, lets change things

Let’s hack the voting systems, after all they’re controlled by three major companies who don’t give a toss about security, who, between them have more lawyers than programmers and with whom we entrust out futures….ALL secured by passwords such as “EVEREST” “ESS, Password or 1234

Splendid…

What DO we do about it?

Annalisa Nash Fernandez is a specialist in world cultures, focusing on cultural elements in technology and business strategy. An experienced corporate strategic planning director who worked globally as an expatriate executive based in emerging markets, she bridges her dual background as a sociolinguist to navigate cross-cultural communication in marketing, leadership, and the digital economy. Her expert quotes are featured widely, including by CIO magazine and the BBC, and her articles are published in trade journals and in leading media. Annalisa’s professional background spans multinational companies in various countries, including as a strategic planning director for Philip Morris International and Kraft Foods, based in São Paulo, Brazil, and investment banks, including Bankers Trust, based in New York City and Santiago, Chile. In her freelance consulting career she is a linguist for Transperfect, an intercultural strategist for multinational companies, a speaker at global conferences, and a pro bono interpreter and advocate. Annalisa holds an M.A. in language and translation from the University of Wisconsin, and a B.S. in international finance from Georgetown University.

The Geopolitics of Cybersecurity

As technology and globalization level borders, nations reinstate them digitally. Decode the culture behind diverse security and privacy frameworks, and review case studies of digital sovereignty.

Matt has been pursuing his passion for software engineering and security for two decades. Having worked in multiple industries, he has been responsible for the design, development, and security of enterprise web technologies, financial systems for top banks, and software security ecosystems. Since 2015, Matt has undertaken the task of building scalable software security capabilities for the age of Agile and DevOps.

The Sibling Rivalry Between Application Security and Application Development

In a family, a couple individually decide to marry and combine their lives but siblings don’t get that choice. They’re born into a lifelong relationship that includes power struggles, disagreements, varied expectations, and different roles to play. The same is true for Application Security and Application Development. While they live under the same roof, each has individualized expectations and their own chores to do. What happens when one sibling is put in a position to watch the other? Who broke the lamp in the living room?

His experience in the public / defense sectors is equally complemented by assignments undertaken for heavyweight world renowned corporations including Yahoo, Xerox, AT&T and Texas Instruments to name but a few. He is imminently qualified in his field in that he holds a string of professional qualifications in Networking to name a few (MCT, MCSE, Cisco, Network+) and IT Security (CIW-SA, Security+, CEH, ECSA, LPT, CHFI) besides a bachelor’s degree in science.

Wayne is currently the CSO for Sequrit CSI, responsible for the technical realm and security management, which includes consulting teams. He is a captain of a global operating group of penetration testers and security experts. Wayne and his group have delivered security assessments, Penetration Test assignments and customized training for International Corporations and many Government Agencies such as: EPA, FAA, DOJ, DOE, DOD + 8570: Air force, Army, Navy, Marines, FBI and Statewide Law Enforcement Offices in the USA.

In Europe: NATO, Europol, MOD (Military of Defense UK) various EU Law Enforcement, Dutch Ministry of Defense, Ministry of Justice, local European Law Enforcement: UK, Ireland, Switzerland, Belgium, Holland, Denmark.

Advanced Defense & Tactics of Deception

No product will make us secure, estimates are $94 Billion was spent in 2018 on cyber security products, yet we had many data breaches, we are losing the battle, so it is time for another approach. Organizations need to start with the foundations of defense in preparation for deploying deception and taking control of your networks. The estimates are that spending will grow to $100B in 2019. No product will make us secure.

No matter how much “security” is put in place, the reality is we are running our data on protocols that were developed many years ago when the Internet was small and as a result of this, these protocols are based on the principle of trust; therefore, to truly defend we need to modify these protocols. The concept is, if the protocols can be changed then the result of this will be frustration and confusion for the adversary. In this presentation advanced defensive concepts will be explored and the power of using deception at different layers of the network. The attacker depends on information that is gathered during their surveillance, and with deception we change the network at layer 2-4 and the result of this is the attacker’s collected data is no longer valid and useless for them, this requires the attacker to start the information gathering process over again. In a robust defensive solution, the network can change multiple times based on the classification of the threat, and each time it changes, the attacker is lost and has to start the recon process over again. These concepts change the game and puts the defender in control! The concepts have been deployed at Capture the Flag events and frustrated and confused the hackers for hours!

Forever you have heard that the hackers are in control and they only need to find one-way in. This presentation will show you how to flip that model and we only need one packet to identify the attacker and prepare our response strategy. We are in control of our networks and this presentation will show you how to take advantage of that.

Kevin Cardwell served as the leader of a 5 person DoD Red Team that achieved a 100% success rate at compromising systems and networks for six straight years. He has conducted over 500 security assessments across the globe. His expertise is in finding weaknesses and determining ways clients can mitigate or limit the impact of these weaknesses.

He spent 22 years in the U.S. Navy. He has worked as both software and systems engineer on a variety of Department of Defense projects and early on was chosen as a member of the project to bring Internet access to ships at sea. Following this highly successful project he was selected to head the team that built a Network Operations and Security Center (NOSC) that provided services to the commands ashore and ships at sea in the Norwegian Sea and Atlantic Ocean . He served as the Leading Chief of Information Security at the NOSC for six years. While there he created a Strategy and Training plan for the development of an expert team that took personnel with little or no experience and built them into expert team members for manning of the NOSC.

He currently works as a free-lance consultant and provides consulting services for companies throughout the world, and as an advisor to numerous government entities within the US, Middle East, Africa, Asia and the UK . He is an Instructor, Technical Editor and Author for Computer Forensics, and Hacking courses. He is the author of the Center for Advanced Security and Training (CAST) Advanced Network Defense and Advanced Penetration Testing courses. He has presented at the Blackhat USA, Hacker Halted, ISSA and TakeDownCon conferences as well as many others. He has chaired the Cybercrime and Cyberdefense Summit in Oman and was Executive Chairman of the Oil and Gas Cyberdefense Summit. He is author of Building Virtual Pentesting Labs for Advanced Penetration Testing, Advanced Penetration Testing for Highly Secured Environments 2nd Edition and Backtrack: Testing Wireless Network Security. He holds a BS in Computer Science from National University in California and a MS in Software Engineering from the Southern Methodist University (SMU) in Texas. He developed the Strategy and Training Development Plan for the first Government CERT in the country of Oman that recently was rated as the top CERT for the Middle East. He serves as a professional training consultant to the Oman Information Technology Authority, and developed the team to man the first Commercial Security Operations Center in the country of Oman. He has worked extensively with banks and financial institutions throughout the Middle East, Europe and the UK in the planning of a robust and secure architecture and implementing requirements to meet compliance. He currently provides consultancy to Commercial companies, governments, federal agencies, major banks and financial institutions throughout the globe. Some of his recent consulting projects include the Muscat Securities Market (MSM), Petroleum Development Oman and the Central Bank of Oman. He designed and implemented the custom security baseline for the Oman Airport Management Company (OAMC) airports. He created custom security baselines for all of the Microsoft Operating Systems, Cisco devices as well as applications. Additionally, he provides training and consultancy to the Oman CERT and the SOC team in monitoring and incident identification of intrusions and incidents within the Gulf region. He holds the CEH, ECSA. LPT, APT, CHFI and a number of other certifications.

Advanced Defense & Tactics of Deception

No product will make us secure, estimates are $94 Billion was spent in 2018 on cyber security products, yet we had many data breaches, we are losing the battle, so it is time for another approach. Organizations need to start with the foundations of defense in preparation for deploying deception and taking control of your networks. The estimates are that spending will grow to $100B in 2019. No product will make us secure.

No matter how much “security” is put in place, the reality is we are running our data on protocols that were developed many years ago when the Internet was small and as a result of this, these protocols are based on the principle of trust; therefore, to truly defend we need to modify these protocols. The concept is, if the protocols can be changed then the result of this will be frustration and confusion for the adversary. In this presentation advanced defensive concepts will be explored and the power of using deception at different layers of the network. The attacker depends on information that is gathered during their surveillance, and with deception we change the network at layer 2-4 and the result of this is the attacker’s collected data is no longer valid and useless for them, this requires the attacker to start the information gathering process over again. In a robust defensive solution, the network can change multiple times based on the classification of the threat, and each time it changes, the attacker is lost and has to start the recon process over again. These concepts change the game and puts the defender in control! The concepts have been deployed at Capture the Flag events and frustrated and confused the hackers for hours!

Forever you have heard that the hackers are in control and they only need to find one-way in. This presentation will show you how to flip that model and we only need one packet to identify the attacker and prepare our response strategy. We are in control of our networks and this presentation will show you how to take advantage of that.

Chris Kubecka is the founder and CEO of HypaSec offering nation-state incident management, ethical hacking training in IT, IOT, ICS SCADA and expert advisory services to governments. Prior to HypaSec, she headed the Information Protection Group and international intelligence for the Aramco family. Re-establishing international business operations, helping to stabilize the oil market and implementing digital security after the company suffered from the world’s most devastating Shamoon cyberwarfare attacks which wiped out 85% of computer systems and over 35,000 Windows systems which deeply affected the countries of Saudi Arabia, Qatar and Bahrain. At Unisys, she helped halt the July 2009 second wave cyberwarfare attacks against South Korea during her time advising the company’s flagship customers Danone and Lloyds TSB. A USAF veteran, serving her country both as a military aviator and handling command and control systems for Space Command. Beginning her computer career at the age of five coding but was restricted from using computer systems from the age of ten until eighteen after hacking into the DOJ. Chris combines highly technical skills, ethical hacking, OSINT, strategy, leadership and governance expertise. Presenting at Europol, Interpol, national police, EU/NATO cyberwarfare exercises, DefCon, Black Hat, United Nations, Oxford, Cambridge, OWASP and BSides globally. Author of several technical, engineering and management courses and books Down the Rabbit Hole An OSINT Journey, Hack the World with OSINT and her upcoming book Hack the Galaxy with OSINT.

More Than Turbulence

Take a peek inside the aircraft manufacturer Boeing taking you on a journey of weak security. XSS exploitable vulnerabilities, email spoofing, bypassing authentication accessing flight control software live, test and plane IOT cameras. Safety risks, disclosure and legal pressure to keep silent.

Winn has lived Cyber Security since 1983, and now says, “I think, maybe, I’m just starting to understand it.” His predictions about the internet & security have been scarily spot on. He coined the term “Electronic Pearl Harbor” while testifying before Congress in 1991 and showed the world how and why massive identify theft, cyber-espionage, nation-state hacking and cyber-terrorism would be an integral part of our future. He was named the “Civilian Architect of Information Warfare,” by Admiral Tyrrell of the British MoD.

His new book, “Analogue Network Security” is a mathematical, time-based and probabilistic approach to justifiable security. His goal is to provide a first set of tools and methods to “fix security and the internet”, including fake news, spam, phishing, DDoS and more. It will twist your mind.

https://www.WinnSchwartau.com &www.AnalogueNetworkSecurity.com
www.linkedin.com/in/winnschwartau
@WinnSchwartau

The Three Biggest Threats in Cyber Security: From Infowar to IoT

Instead of looking at traditional technical threats to our collective security posture this talk examines the three primary threats to cyber-security by looking through the lens of the Human Domain: Apathy, Arrogance & Ignorance

Katelyn Bowden is the CEO and Founder of BADASS, a nonprofit dedicated to fighting nonconsensual pornography and online sexual abuse. She’s also a wife, a parent, an amateur rap metal artist, and a candy connoisseur. She knows how to make the perfect margarita, and once shook Bruce Springsteen’s hand.

Anatomical warfare- examining a culture of online exploitation

“Leaked nudes?
Deep fakes,
Sextortion?
Let’s take a closer look at the culture and psychology surrounding Nonconsensual pornography and image abuse, and the different methods being used to turn someone’s body and sexuality into a weapon- against themselves.”

Mauro Eldritch is an Argentine hacker currently working as SecOps for Argentine Ministry of Production.

Previous jobs include many government organisms such as Buenos Aires City Police, AFIP (Federal Government Revenue Administration), Ministry of Health, Ministry of Economy and FreeBSD Project.

He was a Speaker at DEF CON (two times!), ROADSEC (LATAM’s biggest security conference), DEVFEST Siberia, DragonJAR Colombia (biggest spanish-speaking conference in LATAM) and P0SCON Iran.

My talks:
DEF CON:

ROADSEC:

XTREME SEC:

My Repos:
https://www.github.com/mauroeldritch

ACME: American Coyotaje in the Modern Era (English)

Coyotaje (human smuggling) is a common thing in the USA-Mexico border. But is this ‘job’ still the same after more than 100 years?

Charles Henderson is the Global Head of IBM’s X-Force Red. Throughout his career, Charles and the teams he has managed have specialized in network, application, physical, and device penetration testing as well as vulnerability research. X-Force Red’s clients range from the largest on the Fortune lists to small and midsized companies interested in improving their security posture.

Charles is also an enthusiastic member of the information security community and an advocate of vulnerability research. He has been a featured speaker at various conferences (including Black Hat, DEFCON, RSA, SOURCE, OWASP AppSec USA and Europe, and SXSW) around the world on various subjects relating to security testing and incident response. He has also appeared on or in CBS Evening News, NBC Nightly News, The Today Show, CNN, BBC, The Wall Street Journal, Forbes, USA Today, The Register, SC Magazine, Engadget, eWeek, Reuters, Car & Driver, and various other media outlets.

A Whole New Security World

Since COVID-19 began, the security landscape has changed significantly. The workforce has transitioned to a full-time remote environment, which has caused new and old vulnerabilities and threats to arise. New applications, designed to enable a remote workforce, have been introduced. Personal devices are being used for work purposes. And corporate devices are connecting to home, and potentially vulnerable, networks. Which threats and vulnerabilities should security leaders look out for? And, how can they minimize risk in this whole new world? Charles Henderson, Global Managing Partner and Head of X-Force Red, will discuss.

Zoey Selman (known in the hacker community as V3rbaal) is an Intelligence Analyst, Investigator and Polygrapher. She specializes in Open Source Intelligence (OSINT), Human Intelligence (HUMINT), Geospatial Intelligence (GEOINT) and Social Engineering (SE). She co-organizes Blue Team Village held annually at DEFCON, and is a former Director of Trace Labs. In addition, she works on the Predator Identification Team at Innocent Lives Foundation. She obtained her degree in Cybersecurity whilst in Australia, prior to her relocation to the United States. She is passionate and experienced in intelligence, active investigations and aiding law enforcement.

The Misconceptions Of Open Source Intelligence (OSINT)

Open Source Intelligence (OSINT) is a #buzzword within the hacker and intelligence community. I’ll be talking about the differences between Open Source Information (OSINF) and Open Source Intelligence (OSINT), and the common mistakes when conducting International Open Source Intelligence (OSINT).

Mr. Tyrone E. Wilson is an information security professional with 23 years of experience in information technology and systems configuration, including information systems and network security. Wilson also has extensive knowledge in computer network defense, vulnerability assessments, cyber threat analysis, and incident response. As a former cybersecurity analyst for the United States Army, Wilson developed security structures to ensure American intelligence systems were protected from foreign threats. Currently, Wilson is the Founder and President of Cover6 Solutions, LLC; which teaches companies and professionals various aspects of information security, penetration testing, and IPv6.

Wilson is also the organizer of The D.C. Cyber Security Professionals. With over 7,000 members, it is the largest #Cybersecurity meetup group in the United States. In addition, Wilson is also on the Review Board of BSides NoVA and has recently presented and/or taught classes at major conferences and events such as ISSA Mid Atlantic Security Conference, BSides NoVA, BSides DC 2017, and DCCyberWeek 2017.

Incident Response & Threat Hunting: How to Gain Hands-On Experience

Can’t get a job because you don’t have the experience, can’t get experience because you don’t have the job… then this talk is for you. I’ll provide you the instruction needed to learn all the fundamentals of incident response and threat hunting using a FREE tool called Security Onion.

Josh Rickard serves as a security research engineer at Swimlane. He is a GIAC Certified Windows Security Administrator (GCWN) and GIAC Certified Forensic Analyst (GCFA). He has a diverse background ranging from system administration to digital forensics and incident response to managing teams and products. As a Windows security expert, Josh focuses on creating tools to help defend and automate everyday processes using PowerShell and Python. You can engage with Josh via his blog, letsautomate.it, or Twitter at @MSAdministrator.

Making MITRE ATT&CK Actionable

Security teams can use MITRE ATT&CK to build defensive objectives (strategies) but lack the ability to make these objectives actionable. During this talk, I will discuss two open-source tools I have released to assist with making MITRE ATT&CK actionable.

Sean has been conducting Intelligence operations for the last 12 years across multiple landscapes. I started out serving in the United States Armed Forces as an Army Human Intelligence (HUMINT) operator. After 5 years of serving, including one 12-month tour in eastern Afghanistan, I received an honorable discharge. I decided that I wanted to have some more fun in the sandbox and decided to do some defense contracting in Afghanistan as a counterintelligence team lead. After 14 months of CI operations in western Afghanistan I got hired by another company to do technical forensics on a counterintelligence team in southern Afghanistan. I operated as an armed digital forensics SME for another 9 months before I finally decided I had enough and came back state side. I have been with Secureworks for a little over 5 years working on the cyber-HUMINT team with a focus in underground operations. These operations consist of gaining, maintaining access into high profile forums, marketplaces and dumpsites as well as communicating with threat actors to build credibility and gain actionable intelligence for our clients and LE partners.

Say my Name, Ransom Game

This presentation is focused on the ransomware operating threat groups who have adopted the tactic of creating websites to name and shame victims. From December 2019 to May 2020 we have seen this trend take on a life of its own with now 11 ransomware families having adopted the leak site tactic.

Mimicking Human Intuition: The Cyber AI Analyst

Alongside the rise of today’s dynamic workforce, the speed and scale of sophisticated cyber-attacks is rapidly increasing. As the cybersecurity industry continues to endure an ongoing skills shortage, over-worked and under-resourced teams urgently need augmentation in order to defend against evolving, sophisticated threats.

For over three years, Darktrace experts have been working to meet this challenge, investigating whether they could teach AI to think like a cybersecurity analyst. It takes subtle, nuanced skills and implicit knowledge for an analyst to detect genuinely threatening activity, and the creation of the world-first Cyber AI Analyst took analyzing over one hundred of the world’s top threat analysts and complex machine learning algorithms.

Join Brianna Leddy, Darktrace’s Director of Analysis, as she discusses the Cyber AI Analyst in action, and how the capability detected and prevented a large-scale worming attack in real time.