“Damn kids. They're all alike.” … we have a date with history.“Yes, I am a criminal. My crime is that of curiosity. My crime is
As the Manager of Strategic Security Services for Rapid7 in EMEA Wim Remes leverages his 15+ years of security leadership experience to advise clients on reducing their risk posture by solving complex security problems and by building resiliency into their organization. Wim delivers expert guidance on reducing the high cost of IT security failures, both financially and in terms of brand reputation combining his deep expertise in network security, identity management, policy design, risk assessment and penetration testing to develop innovative approaches to enterprise security. Before joining the Rapid7 team Wim was a Managing Consultant at IOActive and previously he has worked as a Manager of Information Security for Ernst and Young and a Security Consultant for Bull, where he gained valuable experience building security programs for enterprise class clients.
Wim has been engaged in various infosec community initiatives such as the co-development of the Penetration Testing Execution Standard (PTES), InfosecMentors, The Eurotrash Security Podcast and organizing the BruCON security conference. Wim has been a featured speaker at international conferences such as Excaliburcon (China), Blackhat Europe, Source Boston, Source Barcelona and SecZone (Colombia). He is also a Member of the Board of Directors at (ISC)2.
What botnet is this?The story of an investigation of a botnet from its detection trough network traffic analysis to its identification and classification. On this presentation we will show some of the work done at anubis labs on botnet detection and analysis, detailing the process of reversing the malware DGA and network protocol.
Tiago Pereira is an information security enthusiast with 9 years of experience in the field. Passionate about forensics and malware reverse engineering, he is currently a Threat Intelligence Analyst at AnubisNetworks where he focuses on malware reversing and threat research.
Security Metrics: Why, where and how?Security Metrics, when used correctly can help you paint a picture on the status of ur Security, they can also help you make security decisions so that you can prioritize and reduce the risk when making these decisions.
Tiago ‘Balgan’ Henriques currently is the CEO at BinaryEdge. A startup located in Zürich,Switzerland.
At the university he did some part time lecturing on a different range of topics, from Computer Security, to Networking and Cryptography. His main interests are: Cryptography, Pentesting, Information Security, Computer Security and Forensics, Vulnerability research, and data Science.
Hello, I’m Tiago Martins currently CTO at BinaryEdge.
My work is security related so I can’t share much, but what I can share is that it involves real time analysis of events that allows the identification of infected machines.
Your career is a system. It's time to root it.Many people enjoy breaking systems, from computers to software to communications protocols. What most people don't understand is that your job, your career and your life are all systems.
Steve has been a career penetration tester for over 15 years, the last 10 of which has been spent at UK pentest consultancy Mandalorian. He also co-organises the UKs 44CON Cybersecurity and 44CON London and is the author of “Breaking In: The Pentester’s Hidden Handbook”.
Steve writes about penetration testing and career hacking at rawhex.com and occasionally for SC Magzine, IT Security Guru, the Gentleman Hacker’s Club and other online outlets.
The art of malware cluster visualizationThe last few years have been challenging for incident responders. Information technology threat landscape changed dramatically, malware is becoming stealthier, diverse and modular. Its not without surprise that concepts like automated behaviour analysis, malware clustering, data visualization and threat intelligence sharing became so popular. While some open source solutions already feature these cutting edge concepts, there is still a gap on how to integrate them successfully into your incident response process.
Ricardo Dias is an intrusion detection analyst and a passionate malware hunter. For the last 10 years Ricardo has been assisting government and financial institutions in incident response and developing tools for malware analysis, threat intelligence and data visualisation.
BadXNU, a rotten apple!Your latest OS X 0day exploit got you root and now what? Apple (finally) introduced mandatory code signing for kernel extensions in Yosemite so there's a new obstacle to your beautiful kernel rootkit. Are you an OPSEC ninja or too cheap to buy $99 a code signing certificate? You can't or don't want to steal (because it's morally wrong!) someone's else certificate?
A leading expert in the field of not being an expert, plays with computers for more than 30 years, holds a degree in Economics and a MBA, writes a somewhat famous OS X related blog, breaks copy protections for fun and profit, annoys HackingTeam, trolls Apple’s product security policy, loves to solve weird problems, tries to spread some knowledge and write a different bio for each conference.
Lately very interested in improving OS X security and malware research. Wrote a long OS X rootkits article for Phrack and finally making that OS X rootkits book a reality.
How to hack into your home routerI will talk about the a mips32 router hacking process covering the discovery of bugs, developing the exploits and exploiting of the router.
Marco Vaz is Director of PenTesting at KeepITSecure24 and Partner at INTEGRITY. He has been working in Information Security for more than 16 years.
He had several roles and responsibilities in Security Architecture Design and Implementation, Security Operations, Incident Management, Malware analysis and Penetration Testing.
Shellter - A dynamic shellcode injectorAV evasion, a challenge for both good and bad guys. A few tools are around promissing to assist professionals with AV bypassing during pentesting jobs.
I started reverse engineering software protections for fun. That led me to malware…analysis, and then I moved on with vulnerability research and exploit development which have also become the main areas of interest for me.
In my free time I enjoy researching and developping my own tools, PoCs, and skills.
I love what I do, I do what I love and this pretty much would be all about me. ;o)
Diaphora: a new FOSS program diffing toolDuring this talk I will discuss how I started creating this bindiffing suite, why, the current state and the ideas for the future and will also discuss about all the algorithms and heuristics implemented in Diaphora.
Joxean Koret has been working for the past +15 years in many different computing areas. He started working as database software developer and DBA for a number of different RDBMS. Afterwards he got interested in reverse engineering and applied this knowledge to the DBs he was working with, for which he has discovered dozens of vulnerabilities in products from the major database vendors, specially in Oracle software. He also worked in other security areas like malware analysis and anti-malware software development for an Antivirus company or developing IDA Pro at Hex-Rays. He is currently a security researcher in Coseinc.
Is my app secure ?Based on our experience on testing mobile applications, both on Android and iOS, we challenged ourselves on doing an assessment of both app stores' applications, using OWASP mobile top 10 as a reference in terms of vulnerabilities to search for.
Herman Duarte is an infosec professional by day and an infosec ninja by night, he loves everything that is security related, from hardware devices, web apps and mobile applications. Working in the infosec field with Integrity S.A., HD is a lead consultant that helps his clients in security engagements from penetration testing to consultancy related projects, in different countries around the globe. HD is a 2 times speaker at codebits, confraria segurança&it and 2 times winner (alongside with his cool teammates) of the codebits CTF.
Cláudio is a Security Consultant at Integrity S.A. His experience includes penetration testing on web applications, infrastructure and mobile applications. Prior to joining Integrity, he has been involved in many different projects involving System Administration and Software Development. Starting from early age, he is passionate with everything related with technology.
NAC/NAP/802.1x systemic bypass for 15EURI'm gonna cover malicious hardware stuffs, basicaly using a NEXX WT3020 with a custom firmware that raep's NAC/NAP and other 802.1x based shits. i'll cover a few other uses for hardware that can be latched on legit corporate workstations.
Insecurity researcher since circa 2001 with wide IT integration background (tons of industry certifications from such vendors as Cisco, Checkpoint, SCP, CIW, Comptia, LPI, Novell, Microsoft among others).
Finally ended up working 9to5 in INFOSEC industry around 2009 doing the full conversion from blackhat to goldhat.
I also have some data<3 in my dna.
Deep religious fanatic of the Missionerande Kopimistsamfundet (Missionary Church of Kopimism), i take this chance to share the following with you reading this:
All knowledge to all;
The pursuit of knowledge is sacred;
The circulation of knowledge is sacred;
The act of copying is sacred.
Copying of information is ethically right;
Dissemination of information is ethically right;
Copymixing is a sacred kind of copying, more so than the perfect, digital copying, because it expands and enhances the existing wealth of information;
Copying or remixing information communicated by another person is seen as an act of respect and a strong expression of acceptance and Kopimistic faith;
The Internet is holy (Not generally accepted by churches run by the Maesters);
Code is law.
finally, POC || GTFO!
Inside the CANA CAN network is present in the cars board computer that controls multiple variables necessary to a normal functional of the vehicle. We will see how can we gather information about the status of the vehicle, exploit features, and variable manipulation for fun. Due to the raising number of electronic components in cars, some attention is drawn to each security issues can be exploited and possibly endanger the user. Another issue is the interconnectivity of the services that surround the intra network that crash the integrity of the system. After a deep research on the topic i decided to present my findings and raise awareness about CAN inSecurity.
I’m a security researcher long before my engineering degree, been passionate about security, since i changed the way i saw the world: everything has a flaw, everything has a weakness. Security is a transversal concept so i try to expand my knowledge in several areas including lock picking, microcontrollers, NFC, Security Certifications, Risk Analysis, etc.. The past year, security changed the position in my life from hobby to a professional and academy level, begun to making freelance pentesting on infrastructures and WhiteHat stuff and making my way in Information Security masters degree (+ two academy CISCO certifications). Currently i’m a Security Analyst for a multinational company where i’m engaged with a team responsible for security automation processes.
Taking Threat Intelligence and Sharing to the Next LevelResearching and mitigating threats is a complex business. Whether integrating threat intelligence feeds or building processes, organizations are faced with tremendous cost and complexity as they build a standing army of defenders. Cybercriminals’ tools, techniques and technology have changed and adapted as well. While some attacks involve sophisticated and adaptive malware, others revolve around intelligence gathering and targeting weak spots in security technology. To combat these collaborative underground criminals, organizations need to work together to drive crowd-sourced threat intelligence to streamline and automate protection strategies. The only question is, who can work together better: the attackers or the enterprises?
Doron Shiloach is a product manager with the X-Force research and development team with IBM Security, which is responsible for security content and threat and vulnerability research. Doron joined IBM in 2001, and has experience in technology strategy and innovation, as well as strategic alliances and engineering. Doron holds a masters degree in electrical engineering from University of Maryland.
Data Theft - Who the hell stole my data?Data theft is a growing problem on corporate networks, where most commonly internal users steal data due to several reasons. In this talk we will discuss why is it so common, what are the main motivations behind it, what does the portuguese law says about it, how can we find evidence of it using host based forensics and what countermeasures can be used.
I’m an infosec entusiast for a bunch of years. My professional background also took me into it, as I divide my time into data recovery, digital forensics and infosec projects. Besides that, I hold some common infosec certs and also made a post-graduate in Information Security with Royal Holloway University of London. I like to know how things works from the inner parts of it, so infosec is just the best arena to do it.