| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Stop wasting time looking for files and revisions. Connect your Gmail, DriveDropbox, and Slack accounts and in less than 2 minutes, Dokkio will automatically organize all your file attachments. Learn more and claim your free account.

View
 

Beacon 2015 Talks

Page history last edited by pdogg 5 years, 4 months ago

Masshackers is proud to announce our list of accepted speakers for Beacon 2015. Here's the current list of talks.

 

This schedule is loose... We'll try our best. If a speaker runs short or long, we'll deal...

11:00 - Get there set up...

11:15 - Welcome to BeaCon 2015 - pdogg/Masshackers

11:30 - Building (Simple) Fuzzing Scripts from Wireshark Dissectors - @_will_is_

12:00 - Trojaned Gems: You Can't Tell If You're Using One - @claudijd

13:00 - So you wanna' be an Incident Responder? - @innismir

14:00 - Online Jihad 2001-2015: A history of Jihobbyism - @kryp3ia

15:00 - The Blame Starts with Computer Science Curricula - @wr0 @0xmchow

16:00 - Break - Drink Eat and Final Sign up for.....

16:30 - STOOPCON - 3 slides, 30 seconds, and your worst 0day ever - @stoopcon

17:00 - Thanks and closing remarks - pdogg/Masshackers

 

----

 

So you wanna' be an Incident Responder?

 

Ben Jackson

 

Some people think "Incident Responder" and "SOC Analyst"

both stem from the ancient Sumerian phrase for "One who cannot do

penetration testing" -- However, the job is far more complicated than

watching IDS alerts and firewall deny events fly by. In this talk, I

will discuss what exactly the roles defenders play (or should play) in

a modern organization, skill sets that are needed, and why playing

defense is, sometimes, just fun.

 

----

 

Building (Simple) Fuzzing Scripts from Wireshark Dissectors

 

Willis Vandevanter

 

In this talk we will discuss building some simple fuzzing scripts

based on packet captures. I will also introduce a tool to automate

parts of the work.

 

---- 

 

Online Jihad 2001-2015: A history of Jihobbyism

 

Kryp3ia

 

I will cover the online jihad that has been carried out by

AQ/AQAP/Taliban/Daesh since 2001 post 9/11 to today. Their methods of

operation and history from popping poorly secured sites to upload hidden

jihadi manuals to today's Jihobbyist movement. With the advent of Daesh

much more overt activity has been taking place but it is not what you

might consider to be a clear and present danger.

 

----

 

Trojaned Gems: You Can't Tell If You're Using One

 

Jonathan Claudius

 

Dependence on software libraries and frameworks continue to grow in

popularity. More scrutiny is being placed on reviewing the source code

of these dependencies for security vulnerabilities, but little

attention is being placed on software dependencies while in transit.

In this talk, we will expose weaknesses in software delivery

mechanisms and show how malicious software can be added/injected into

popular software libraries during transit. We will also demonstrate

the impact of these weaknesses using a newly developed tool and

provide advice and guidance on defending against these attacks.

 

----

 

The Blame Starts with Computer Science Curricula

 

Roy W. & Ming Chow

 

We are still facing the same security vulnerabilities from over a

decade ago. The problems are not going away anytime soon. An

underrated source of blame is Computer Science curricula that are

churning out students who are clueless about security. This talk will

address the lack of emphasis on information security in Computer Science curricula,

how to gradually fix the problem, and success stories..

 

 

 

 

 

Comments (0)

You don't have permission to comment on this page.