BSidesLV 2017 has ended

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Proving Ground [clear filter]
Tuesday, July 25

11:30 PDT

A Day in the Life of a Product Security Incident Response Manager
Public security incidents continue to plague software companies, and each public event brings with it a loss of reputation, customer confidence, and even market cap. We’ve all read headline after headline about vulnerabilities found in products with a PR quote from the software vendor saying they will issue a software update; but what happens leading up to the public disclosure? Who is working at the software vendor ensuring customers are safe?

We will go behind the scenes of a Product Security Incident Response Team (PSIRT) including definition of a PSIRT, its responsibilities, vulnerability lifecycles, emergency response events, customer support, researcher outreach, and other PSIRT duties. The talk will provide examples of the type of reports that PSIRT teams deal with on a daily basis, including reports from traditional end users, enterprise customers, researchers, and other sources.

The value of a PSIRT will be highlighted with recommendations for how to get started if your organization is looking to build a PSIRT, and thoughts on the various struggles associated with the endeavor

avatar for Tyler Townes

Tyler Townes

Security Program Manager, BlackBerry
Tyler works at BlackBerry Product Security as a Security Program Manager and is the lead incident manager during emergency response events. His focus areas include SDLC, sustained engineering, vulnerability management, and risk management across multiple operating systems. He is currently... Read More →

Tuesday July 25, 2017 11:30 - 11:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

12:00 PDT

The transition from a Security Operation Center to a Cyber Security Incident Response Team (CSIRT) isn’t just a branding change. It is a change from the ineffectual monitoring for compliance driven events like failed logins and system outages to actively building detection for indications of adversarial activity through detailed investigation and threat intelligence gathering.
A recent CSIS study shows a perceived skills gap in cybersecurity which inhibits organizations from creating an effective CSIRT. Another survey by SANS supports the perception of ineffectual incident response capabilities. Universities are failing to produce entry level Security Professionals capable of stepping into IR positions. I will discuss ways an organization can overcome this staffing challenge through internal and open source training opportunities as well as the need to drive change in academic curriculum to better prepare collegiate graduates for careers in incident response.

avatar for Ben  Butz

Ben Butz

Incident Handler, Target Corporation
Ben is an incident responder at Target Corp’s CSIRT and possesses 8 years of information security experience defending networks in the military as well as the defense and retail industries. Ben has had the opportunity to guide the development of two cyber security incident response... Read More →

Tuesday July 25, 2017 12:00 - 12:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

14:00 PDT

How to escalate privileges to administrator in latest Windows.
Attackers hope getting administrator privileges always. If they had get it, they can do anything. Therefore, they try to get administrator privileges in various ways, such as account stealing, privilege escalation, UAC bypass.

I have found one way to escalate privileges to administrator without using vulnerability. I hope you to see the demo, understand the mechanism, and prepare against the attacks.

avatar for Soya Aoyama

Soya Aoyama

Researcher, Fujitsu System Integration Laboratories Limited
Soya Aoyama is cyber security researcher at Fujitsu System Integration Laboratory. But this work has not been three years. Previously, Soya was developing LAN driver, Bluetooth profile, Winsock application etc. The first presentation of cyber security was AVTOKYO 2016.

Tuesday July 25, 2017 14:00 - 14:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

14:30 PDT

Two-Factor Auth - Demand Bidirectional
Two-factor authentication has become almost commonplace in defending against ubiquitous credential brute-forcing and has reduced the criticality of password theft.

However there is a component of the original RFC (request-for-comment) that has been overlooked and undervalued. Meaning that 2FA in its current form is not as effective at mitigating phishing and replay attacks as it could be.

This talk will demonstrate attacks against time-based and HMAC-based OTP (one-time pad) authentication, and will propose detailed countermeasures and mitigations for these attacks.

avatar for Joe Kirwin

Joe Kirwin

Senior Security Engineer, Pivotal

Tuesday July 25, 2017 14:30 - 14:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

15:00 PDT

Pwn All The Mobile Porn Apps
This talk will examine egregious security vulnerabilities found in adult content mobile applications. Highlights include: lack of HTTPS usage, code execution in update mechanisms, and less then stellar vendor responses.


Tuesday July 25, 2017 15:00 - 15:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

15:30 PDT

Breaking the Fourth Wall - Hacking a 50 years old myth
Follow me on a journey where we p0wn one of the most secure platforms on earth.
A giant mammoth that still powers the most critical business functions around the world: The Mainframe!
Be it a wire transfer, an ATM withdrawal, or a flight booking, you can be sure that you've used
the trusted services of a mainframe at least once during the last 24 hours.
In this talk, I will present methods on pentesting mainframe applications, deploying shells
and elevating privileges on the system, all starting with zero authentication.
If you are interested in mainframes or merely curious to see a what a shell looks like on MVS, you'll want to attend this session.


Tuesday July 25, 2017 15:30 - 15:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

17:00 PDT

I Club and So Can You
Founding and running information security clubs has enriched my life in concrete, positive ways. In this talk, I encourage others to form groups devoted to hacking and security. By doing so, I hope that listeners go on to kickstart security scenes in their hometowns while also enjoying the same benefits that I enjoyed. Much of the advice comes from personal, hands-on experience. I will be discussing the misconceptions that I had about running an information security club, the struggles encountered, and the successes enjoyed.

avatar for Christopher Lamberson

Christopher Lamberson

Christopher Lamberson spends much of his time building Splunk dashboards and doing security related oddjobs for Columbus State University. Much of the money earned in these part-time positions goes straight to feeding his learning addiction. Other than that, he is president of a... Read More →

Tuesday July 25, 2017 17:00 - 17:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

18:00 PDT

Introduction to Reversing and Pwning
Beginner oriented talk on reverse engineering and pwning, details are confined to the linux x86 platform. Practical exercises are made available and attendees encouraged to work through exercises ask questions.

avatar for David Weinman

David Weinman

Security Research Engineer, Synack
Security Researcher from the Pacific Northwest, love board things, hacking and school. Evergreen State College Grad. CTF with GNU-E-Ducks, OpenToAll. Interests include reversing iOS things, game consoles, IoT

Tuesday July 25, 2017 18:00 - 18:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169
Wednesday, July 26

10:00 PDT

Scamming the Scammers - Becoming the Robin Hood of the phones
In the world of information, it's easy to see how people can get tricked. Social Engineering is spreading like wildfire on the phones, on the internet, and even in your very own city. Phone scams are becoming more of a problem, and it doesn't seem like it's stopping soon.

Attending this talk with help you gain more understanding on how these scams are structured, where your data is, how data is transmitted between scammers, how "employees" are funded for these operations, an example call center setup, and most importantly: how to stop this phenomenon.

avatar for Nathan Clark

Nathan Clark

This summer, witness a Canadian, self-taught, self-proclaimed, rebellious information technology administrator hack his way into die hard situations. Featuring Nathan Clark, and his whole suite of tools, you can't miss all the action packed adventures. In all seriousness, I'm... Read More →

Wednesday July 26, 2017 10:00 - 10:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

10:30 PDT

Applied OSINT: Enabling Better Social Engineering for Better Pen Tests
Social engineering attacks remain the most effective way to gain a foothold in a targeted organization. But those attacks are only as good as the information used to create them. This presentation will arm you with the latest open-source intelligence (OSINT) tools and techniques needed for gathering detailed information on your targets, turning your social engineering ops into carefully targeted precision strikes that can greatly improve your results. We'll also cover steps that you can take to reduce your own OSINT exposure, protecting you and your organization. You'll see techniques for phishing, vishing, pretexting, impersonation, and more. Tool demonstrations will include how to make the best use of OSINT Websites and standalone tools such as Datasploit and recon-ng.

avatar for Joe Grey

Joe Grey

Senior OSINT Specialist, QOMPLX
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior OSINT Specialist at Qomplx, Inc. and previously maintained his own blog and podcast called Advanced Persistent Security. Joe... Read More →

Wednesday July 26, 2017 10:30 - 10:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

11:00 PDT

One OSINT Tool to Rule Them All
The purpose of this talk is to share the results of a comparative analysis between different automated Open Source Intelligence (OSINT) gathering tools. To do so, a list of reputable, popular and open source tools was compiled and then compared against three (3) different benchmarks: Data variety, Data quality and Currency. I then added useful details such as an overview of tool Modules, Output formats,  Supported Operating Systems (OS) and more. The results include a table which will help security professionals easily find the appropriate tool for their type of engagement, their available time and the type of information they seek. Finally, the talk will answer some practical questions a security professional might have during engagements, such as: “What tool is the best for e-mail lists?" "What tools are awesome for beginners?" and others! :-)

avatar for Emilie St-Pierre

Emilie St-Pierre

Security Analyst, Rapid7
Émilie St-Pierre is currently a security analyst at Rapid7, where she asks a lot of questions and works on offensive engagements. She has been a part of the infosec community for 5 years and has been co-hosting the weekly Greynoise podcast for the past 2 years. Émilie is a Director... Read More →

Wednesday July 26, 2017 11:00 - 11:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

11:30 PDT

(In)Outsider Trading - Hacking stocks using public information and influence.
This talk will take a look at how inadvertently leaked technical information from businesses, can be used to successfully trade stocks. This results in making huge profits. We look at different methods of influencing the stock market, such as DDOS attacks (at critical time periods) and simple techniques such as Phish-baiting CEO's to acquire sensitive, relevant information that can be applied in the real world to make massive gains in profit.

We will also take a look at historic trends. How previous hacks, breaches and DDOS attacks have affected stock prices and investor confidence over time. Specific reference will be made towards listed companies and a POC will hopefully be completed by the presentation date.

avatar for Richard Hocking

Richard Hocking

Penetration Tester, Telspace Systems
Love all things related to logic breaking and hacking.

Wednesday July 26, 2017 11:30 - 11:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

12:00 PDT

Your Facts Are Not Safe with Us: Russian Information Operations as Social Engineering
Over the past few years, Russia has proven itself to be an undeniable master of information operations. The techniques vary, but the majority of them focus on creating new realities and subverting Western values. This makes response efforts much more challenging, and Russia’s info ops strategies have become a key part of the arsenal the country draws upon in achieving its aims both at home and abroad.

By describing personal experience with a steady diet of state-sponsored propaganda while studying abroad in Russia, and by examining the country’s annexation of the Ukrainian peninsula of Crimea as a case study, I will give you an in-depth look at Russia’s info ops and why they’re so effective. I will explain why it’s useful to frame Russian information operations as large-scale social engineering and the implications that has for mitigating the security problems involved.

avatar for Meagan Keim

Meagan Keim

Graduate Student, University of Maryland University College
Meagan Dunham Keim is a Russian language nerd and InfoSec enthusiast who studied Global Security and Russian at the University of Wisconsin-Madison. She is also an alumna of the Russian Flagship, which is an intensive language and cultural studies program with a study abroad component... Read More →

Wednesday July 26, 2017 12:00 - 12:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

14:00 PDT

Robust Defense for the rest of Us
While browsing CFP's for conferences this summer, one speaking track named "The Art of Defense" had a statement that “only the largest enterprises can afford a robust defense”. I disagree, and argue that in many ways small-to-medium-size businesses can be more secure than large enterprises. I will provide an overview of the security program my team and I built that achieves enterprise-level protection AND regulatory compliance WITHOUT a massive budget or huge silo'd teams. Consider it a case study or howto for building an effective security program at a small business.

avatar for Russell Mosley

Russell Mosley

Director, Infrastructure & Security, DYNAXYS
Russell is the Director, Infrastructure & Security of a software and financial services company in the DC area and an organizer with BSides Charm (Baltimore is Charm City!) Russell has seventeen years' experience in IT operations and enterprise defense and is responsible for the... Read More →

Wednesday July 26, 2017 14:00 - 14:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

14:30 PDT

I got more games than Milton Bradley: Incentivize a positive change in your security culture
Security awareness training is one of the last defenses to dastardly effective social engineering threats. Yet traditional vendor purchased security awareness training is largely ignored by the workforce and can merely serve to ensure compliance without reducing the risk substantially. In fact a 2016 Ponemon Institute survey found that 52% of interviewed organizations found their vendor purchased security training product ‘somewhat or not effective’. Using American Campus Communities, the nation's largest developer, owner and manager of high-quality student housing communities, as a case study, this presentation will demonstrate to session attendees the difference between informational videos and a security awareness gamification program. Attendees will hear obstacles we faced, what worked and what didn't as we introduced a range of interactive games, contests, and rewards to motivate users to buy in to following security protocols.

avatar for Drew Rose

Drew Rose

CEO | Founder, Living Security
Drew has a Bachelors of Science in Cybersecurity with a CISSP and a passion for building security programs and reducing risk. He has worked with institutions in the government, private and public sector. His specialty lies in understanding human behaviors and how emotions impact everyday... Read More →

Wednesday July 26, 2017 14:30 - 14:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

15:00 PDT

Interrogation Techniques for Fun and Profit: Designing better tools for your SOC team
SOC teams are consistently forced to create their own suites of in-house tools because commercial solutions rarely meet all that is expected of them in both usability and functionality. While creating customized tools helps internal teams ensure the tools meet their own needs, working with a large number of enterprises has shown that these teams often lack the approaches to extract the most impactful requirements. Adopting some targeted user experience research methods can help developers create better tools more quickly.

To help teams conduct fast actionable research on their own, I’ve compiled a set of questions that an in-house tool developer can use to clarify tool ideas, validate them, and direct tool design. In this talk we will walk through a fast mock research session to address either a predefined common problem or something suggested by the audience.

avatar for Karolyn Bachelor

Karolyn Bachelor

Consultant, Brass Hill Research & Design
Karolyn Bachelor is a user experience consultant with Brass Hill Research & Design and has had clients in the security industry varying from start-up software firms to established enterprise companies. She is very much an all around user evangelist who thrives on helping teams make... Read More →

Wednesday July 26, 2017 15:00 - 15:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

15:30 PDT

Messing with Forensic Analysts: Modifying VSS Snapshots
Windows' VSS snapshots are great. The VSS service quielty runs in the background, periodically making snapshots of just about everything on the disk.
What happens if you accidentally delete a file? No worries. Pull a (somewhat old) copy out of a snapshot!
But what happens if you intentionally delete a file? And write over it 35 times? Well, you can also pull a copy out of a snapshot.
Snapshots are a treasure trove of information that people thought was gone. Forensic analysts use the data from them with little concern of tampering because there are no tools available to modify the contents of a snapshot. So, I decided to tamper with them. The snapshots, not the analysts.

This talk covers the basics of how VSS snapshots work and their on-disk format from the perspective of a malicious actor. A modified version of libvshadow, an open source VSS library, is presented which adds write support to VSS snapshots. The challenges and limitations experienced when modifying old snapshots are discussed, as well as a demonstration of the tool.


James Clawson

I'm James Clawson and I like messing stuff up. I make things every once in a while too. I enjoy forensics, I love fuzzing, and I consider malware to be art. When not busy driving drunk on the information super highway, I sometimes visit the zoo.

Wednesday July 26, 2017 15:30 - 15:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

17:00 PDT

Engineering My Way Into InfoSec
InfoSec is no longer reserved for those with the right degrees and certifications, or willing to pay the price for hacking into something. Now we can find university curriculum built upon the success stories touting professionals who went from “zero to hero”. Yet, while careers in Information Security are a hot topic, getting there isn't a straightforward journey for many. We need pilots to navigate the uncharted realms of this evolving field, willing to risk turbulence, trust their sense of direction through uncertainty and engineer what they need as and when they need it. I want to share my flight plan with you.

Disclaimer: The views presented here are solely my own and do NOT represent those of my employers, past or current.

avatar for Nitha Suresh

Nitha Suresh

Cyber Security Consultant, KPMG
@ADN_SECURITY is a passionate Information Security researcher and pentester, currently with a big four in Toronto, Canada as a Cyber Security Consultant. After a masters degree in information security, she decided to chart her own flight path for a successful and interesting... Read More →

Wednesday July 26, 2017 17:00 - 17:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

17:30 PDT

Everything is Not Awesome: How to Overcome Barriers to Proper Network Segmentation
Attacks are more and more likely to come from internal network sources, possibly being allowed in by unwitting accomplices. While it’s commonplace to have a web server DMZ and possibly a guest wireless network, few organizations take any steps to further segment their networks that might help prevent or detect lateral movement by an attacker. If the current common approach is that internal attack surface management is just as important as external hardening, then why aren’t more defenders doing anything about it?  In this talk, we’ll look at common pitfalls that mire down internal segmentation efforts and ways to overcome them.


Wednesday July 26, 2017 17:30 - 17:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

18:00 PDT

Radio frequencies all around us! What data are you leaking and what is done with it?
We take it for granted that our mobile devices are helpful, brightening our lives, making us feel warm, fuzzy, connected and safe. Our devices let us know that the temperature is dropping and that it is closing the windows. What does this RF data look like, how easy is it to view and how much of it is sent to the manufacturer or third parties with implicit use of the app?

avatar for Keya Lea Horiuchi

Keya Lea Horiuchi

After a few war driving and capture the flag competitions, Keya changed careers from an itinerant filmmaker and teacher to working within the realm of cyber security. When Keya isn't conducting security audits, information systems assessments, Wi-Fi assessments, pentests, network... Read More →

Wednesday July 26, 2017 18:00 - 18:25 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169

18:30 PDT

CTF all the things: Leveraging gamification to up your security game
Despite the fact that on any given weekend of the year you can find at least one capture the flag (CTF) event going on, many security professionals have still never played in one. Want to learn without the drudgery of studying a thick book? Want to retain more of what you learn by putting it into practice? Want to get to know other security professionals? Take advantage of this gamified method of improving your skills. Capture the flag and capture the fun.

avatar for Matt Pardo

Matt Pardo

Matt Pardo is obsessed with learning, and his latest focus is on web application security. In his pursuit of better ways to learn all the things a few years ago, he discovered CTFs and realized that the gamification aspect helped him to learn at an accelerated rate. It also exposed... Read More →

Wednesday July 26, 2017 18:30 - 18:55 PDT
Proving Ground (Florentine G) 255 E Flamingo Rd, Las Vegas, NV 89169