-- MySQL dump 10.13  Distrib 5.6.40, for FreeBSD11.0 (i386)
--
-- Host: localhost    Database: defcon26
-- ------------------------------------------------------
-- Server version	5.6.36

/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;

--
-- Table structure for table `events`
--

DROP TABLE IF EXISTS `events`;
/*!40101 SET @saved_cs_client     = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `events` (
  `day` varchar(16) COLLATE utf8_unicode_ci NOT NULL,
  `hour` varchar(2) COLLATE utf8_unicode_ci NOT NULL,
  `starttime` varchar(6) COLLATE utf8_unicode_ci NOT NULL,
  `endtime` varchar(6) COLLATE utf8_unicode_ci NOT NULL,
  `continuation` char(1) COLLATE utf8_unicode_ci NOT NULL,
  `village` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
  `track` varchar(85) COLLATE utf8_unicode_ci NOT NULL,
  `title` varchar(512) COLLATE utf8_unicode_ci NOT NULL,
  `speaker` varchar(128) COLLATE utf8_unicode_ci NOT NULL,
  `hash` varchar(75) COLLATE utf8_unicode_ci NOT NULL,
  `desc` text COLLATE utf8_unicode_ci NOT NULL,
  `modflag` tinyint(4) NOT NULL,
  `autoincre` int(11) NOT NULL AUTO_INCREMENT,
  PRIMARY KEY (`autoincre`),
  KEY `title` (`title`(255)),
  KEY `hash` (`hash`)
) ENGINE=InnoDB AUTO_INCREMENT=135177 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
/*!40101 SET character_set_client = @saved_cs_client */;

--
-- Dumping data for table `events`
--

LOCK TABLES `events` WRITE;
/*!40000 ALTER TABLE `events` DISABLE KEYS */;
INSERT INTO `events` VALUES ('2_Friday','15','15:30','15:59','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'My Stripper Name is Bubbles\'','\'Hannah Silvers\'','sev__HS','\'<p><a name=\"sev__HS\"></a></p>\n<p>Friday August 10 2018 1530 30 Mins</p>\n<p><strong>My Stripper Name is Bubbles Sunset: What SEO Meme Marketing Means for Social Engineering</strong><br />\nYou’re mindlessly scrolling through Facebook when you see your friend share a post and comment, “Mine is Bubbles Sunset!”</p>\n<p>You click. It’s a meme that reads: “What’s your stripper name? It’s the name of your first pet and the first street you lived on! Comment with your answers, and share with your friends!”</p>\n<p>Are alarm bells going off in your head yet?</p>\n<p>Security-savvy internet browsers know to be on the lookout for the digital version of a mustached man in a trench coat, like emails selling discounted Viagra. But as you’ve gotten smarter about avoiding these obvious bids for information, attackers and online marketers have gotten subtler to persuade you to divulge personal information. Every second, users willingly divulge sensitive information in comments on social media memes like the stripper name post because they don’t see them as a threat.</p>\n<p>In this talk, Hannah Silvers — social engineer and SEO marketing content strategist —brings the two worlds together. Using (hilarious) real-life examples, she will illustrate how social media memes are hotbeds of valuable PII for marketers and attackers alike, how these memes encourage users to engage with and share them, and the ways attackers can make use of them as an attack vector.</p>\n<p>Of course, the talk won’t stop at the doom and gloom. The presenter will discuss implications to the work of security educators and what users can do to mitigate the risk these memes present once they understand how they work.</p>\n<p>Hannah Silvers: <a href=\"https://twitter.com/hannah_silvers\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@hannah_silvers</a><br />\nHannah Silvers is a writer, editor, and content strategist based in Atlanta, GA. During the day, she writes and presents SEO content marketing strategy for nonprofit service providers. But after the ride home, she moonlights as the director of outreach for CG Silvers Consulting and a lexicographic content contributor for Dictionary.com, charting the course of the English language through definitions of slang, politics, pop culture, and emoji. Hannah is also a veteran of Social-Engineer, LLC, holding corporate technical writing and vishing experience as well as the current record of youngest contestant to enter <a href=\"https://www.social-engineer.org/sevillage-def-con/the-sectf/\">the SECTF</a> booth at DEF CON.<br />\n\'',0,134210),('2_Friday','16','16:00','16:50','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'From Introvert to SE: The Journey\'','\'Ryan MacDougall\'','sev__RM','\'<a name=\"sev__RM\"></a></p>\n<p>Friday August 10 1600 50 Mins</p>\n<p><strong>From Introvert to SE: The Journey</strong></p>\n<p>In 20 years I learned how to step outside my introverted personality to explore the world in a more successful way, but not without bumps and bruises which taught me valuable lessons.</p>\n<p>This is my story of that journey which I hope to convey to those listening that being a deep introvert should not prevent them from trying and achieving goals in life up to and including being a professional social engineer and beyond. I wrap up with the specific lessons I learned over the course of that time, so others can reap the benefits of those lessons in a much shorter time frame.</p>\n<p>Ryan MacDougall: <a href=\"https://twitter.com/joemontmania \" rel=\"nofollow\"  target=\"_blank\">@joemontmania </a></p>\n<p>Ryan MacDougall is a Senior Social Engineer Pentester for Social-Engineer LLC, who has over 20 years’ experience in the information technology world and 5 years in the security space specifically. Naturally a deep introvert, he has achieved goals and experienced life that early on did not seem possible or even imaginable. With the help of professionals and experts in the field of psychology, he amassed techniques to navigate the social world to achieve goals he wanted and some he never knew he wanted.</p>\n\'',0,134211),('2_Friday','16','16:55','17:45','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'Mr. Sinatra Will Hack You Now\'','\'Neil Fallon\'','sev__NF','\'<a name=\"sev__NF\"></a><br />\nFriday August 10 2018 1655 50 mins</p>\n<p><strong>Mr. Sinatra Will Hack You Now</strong><br />\nAcross the globe for millennia upon millennia, a cabal of social engineers have been working to manipulate realities, collective and singular.  They influence decision making processes in a matter of minutes and leave no evidence of their presence.  They’ve made camp in your computers, your cars, your places of worship, and your schools.  They may be doing it right now as you read this. They are everywhere.  They are musicians.</p>\n<p>Neil Fallon <a href=\"https://twitter.com/npfallon\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@npfallon</a><br />\nNeil Fallon is the lyricist, singer, and rhythm guitar player of the rock band Clutch. Since forming in 1991, Clutch has released 11 full length records and has performed numerous times in North America, Europe, South America, Australia, and Japan.</p>\n<p>In 2009, Neil, along with his bandmates and manager, created Weathermaker Music, a completely independent record label. To date, Weathermaker Music has had 58 world wide releases. The most recent release, “Psychic Warfare,” reached #11 on the Billboard Top 100 and #1 on Hard Rock &amp; Rock Billboard chart.</p>\n\'',0,134212),('2_Friday','17','16:55','17:45','Y','SEV','Caesars Promenade South - Octavius BR 3-8','\'Mr. Sinatra Will Hack You Now\'','\'Neil Fallon\'','sev__NF','',0,134213),('2_Friday','17','17:50','18:40','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'In-N-Out - That’s What It’s All About\'','\'Billy Boatright\'','sev__BB','\'<a name=\"sev__BB\"></a><br />\nFriday August 10 2018 1750 50 mins</p>\n<p><strong>In-N-Out &#8211; That’s What It’s All About</strong><br />\nWithout the right tools the engagement can be over before it begins, as upfront resistance can prevent you from entering with your tools. Billy Boatright demonstrates and discusses how to use social engineering tactics to get in without any difficulty. While most think outside of the box, Billy shows us how to think inside the box and embrace your own handicaps to arm yourself with advanced tactics and unfair advantages. Billy shows us how handicaps and familiar objects can be used to covertly carry your toolbox into an engagement, increasing your success. Rather than dealing with a perceived disadvantage, use it to exploit the world around you.</p>\n<p>Billy Boatright: <a href=\"https://twitter.com/fuzzy_l0gic\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@fuzzy_l0gic</a><br />\nBilly began his social engineering career without even knowing it. He was a bartender on the Las Vegas Strip for the better part of a decade. He won numerous awards from all over the world as a Top-ranked Flair Bartender. He has taken the skills he learned behind the bar to the Information Security world. Billy has been a Judge for the Social Engineering Capture the Flag event at Def Con. He is also the namesake for the BSides Las Vegas Social Engineering Capture the Flag Championship Belt. Billy also volunteers time and expertise to the Las Vegas ISSA Chapter as a Board Member. He is also a member of the BSides Las Vegas Senior Staff.</p>\n<p>Billy has multiple degrees and numerous certifications. However, when asked about them he will gladly quote George Moriarty, &#8220;The shining trophies on our shelves can never win tomorrow&#8217;s game.&#8221;</p>\n\'',0,134214),('2_Friday','18','17:50','18:40','Y','SEV','Caesars Promenade South - Octavius BR 3-8','\'In-N-Out - That’s What It’s All About\'','\'Billy Boatright\'','sev__BB','',0,134215),('2_Friday','18','18:40','19:30','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'The Art of Business Warfare\'','\'Wayne Ronaldson\'','sev__WR','\'<p><a name=\"sev__WR\"></a><br />\nFriday August 10 2018 1840 50 mins</p>\n<p><strong>The Art of Business Warfare</strong><br />\nRed Teams are designed to penetrate security in a real world test of effectiveness of security controls, policy, technology and infrastructure. Red Teams view security from an adversary perspective in order to simulate realistic attack scenarios that enable an organisation as a whole to prepare and protect against both simply and sophisticated threats. Red Teams build security culture and provide opportunities for staff to be trained using real world examples. During this presentation we will walk through a Red Team Assessment that simulates a state sponsored attack against Executives, and using their access to then test the entire security posture of the organisation from a digital, physical, social and supply chain.</p>\n<p>Wayne Ronaldson:<br />\nWayne has conducted security assessments for a range of leading Australian and international organisations. Wayne has unique expertise in Red Team Assessments, Physical, Digital and Social Engineering, and has presented to a number of organisations and government departments on the current and future state of the cyber security landscape in Australia and overseas.</p>\n\'',0,134216),('2_Friday','19','18:40','19:30','Y','SEV','Caesars Promenade South - Octavius BR 3-8','\'The Art of Business Warfare\'','\'Wayne Ronaldson\'','sev__WR','',0,134217),('2_Friday','19','19:35','20:10','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'Swarm Intelligence and Augmented Reality Gaming\'','\'Nancy Eckert\'','sev__NE','\'<p><a name=\"sev__NE\"></a></p>\n<p>Friday August 10 2018 1935 30 mins</p>\n<p><strong>Swarm Intelligence and Augmented Reality Gaming</strong><br />\nWhat do a flock of starlings, a colony of warrior ants, and a hundred-person flash mob all have in common with the red team? Swarm intelligence, the collective behavior of individuals acting autonomously, is a concept that we can apply to human systems to unlock their potential. Swarming methodologies teach a group of individuals what to do, where to go, and how to operate as a team.</p>\n<p>Nancy Eckert (Pongolyn) explores swarm intelligence through augmented reality gaming, where<br />\nshe leads teams of agents in capture-the-flag style competitions across the world. She shows how to apply social engineering strategies to groups of individuals, with the goal of achieving a collective intelligence that is greater than the sum of its parts.</p>\n<p>Nancy Eckert: <a href=\"https://twitter.com/Pongolyn\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@Pongolyn</a><br />\nNancy Eckert (Pongolyn) is a systems analyst and web developer in Seattle, Washington. In the augmented reality game of Ingress, Pongo is a champion strategist and team organizer for “roughly a thousand cats” across the northwestern United States. She leads competitive team-based operations across the world, where she coordinates hundreds of agents under cover of secrecy to walk, bike, drive, climb, snowshoe, boat, fly, hack, and engineer their way to remote locations in order to score points for the game. She builds neural networks in her spare time.</p>\n\'',0,134218),('2_Friday','20','19:35','20:10','Y','SEV','Caesars Promenade South - Octavius BR 3-8','\'Swarm Intelligence and Augmented Reality Gaming\'','\'Nancy Eckert\'','sev__NE','',0,134219),('3_Saturday','15','15:30','15:59','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'Social Engineering from a CISO\'s Perspective\'','\'Kathleen Mullen\'','sev__KM','\'<p><a name=\"sev__KM\"></a></p>\n<p>Saturday August 11 2018 1530 30 Mins<br />\n<strong>Social Engineering from a CISO&#8217;s Perspective</strong><br />\nSocial Engineering is a powerful tool. With the weapons gathered through Open Source Intelligence (OSINT) gathering and well crafted vishing or phishing a Social Engineer wields incredible power to do good.</p>\n<p>Unfortunately, for some the power of being a Social Engineer is one that they wield to show they are smarter than those around them and cause stress and fear doing damage to any potential relationship they or the department they represents.</p>\n<p>This discussion will be about how to create meaningful, targeted phish and vish in an enterprise while strengthening information security from the real world perspective of a CISO as well as a few specifics to avoid. In conclusion this presentation will cover the importance of trust and how social engineering can help build or destroy trust.</p>\n<p>Kathleen Mullin: <a href=\"https://twitter.com/kate944032\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@kate944032</a><br />\nKate Mullin is an influential information security practitioner with more than 30 years of experience in various accounting, audit, risk, governance, and information security roles. She has been a CISO at various organizations including publicly traded, private, not-for-profit, and governmental entities. Kate established the role of CISO at Tampa Airport and at Healthplan Services.<br />\nKate provides interim CISO and vCISO services, specifically executive and board consultation on governance, risk, compliance, and cyber security that includes stakeholder engagement, training and development, IT infrastructure management, social engineering, incident response, business continuity, and disaster recovery strategies.<br />\nThroughout her career, Kate has volunteered and participated in maturing information security as a profession. Kate is a former member of the ISACA CGEIT Certification and Credentials Committee and a past chapter president and CISA, CISM, CRISC, and CGEIT coordinator for West Florida ISACA. Kate has been a part of the CISO Coalition governing board.</p>\n\'',0,134220),('3_Saturday','16','16:00','16:50','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'The Abyss is Waving Back…\'','\'Chris Roberts\'','sev__CR','\'<p><a name=\"sev__CR\"></a><br />\nSaturday August 11 2018 1600 50 Mins<br />\n<strong>The Abyss is Waving Back…</strong></p>\n<div dir=\"auto\">As humans we have four evolutionary paths:\'',0,134221),('3_Saturday','16','16:55','17:45','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'Hunting Predators: SE Style\'','\'Chris Hadnagy\'','sev__CH','\'<p><a name=\"sev__CH\"></a><br />\nSaturday August 11 2018 1655 50 mins<br />\n<strong>Hunting Predators: SE Style</strong><br />\nIt was just about 1 year ago that Chris announced the launching of The Innocent Lives Foundation. What has happened in the last year? What have we accomplished? What are our challenges? What is next in the future? This talk will help the community see what your support, money and love has done to save children and catch predators.</p>\n<p>Chris Hadnagy: <a href=\"https://twitter.com/humanhacker\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@humanhacker</a><br />\nChris is a professional social engineer with over 16 years of experience. His passion is understanding the why not just the what. Chris has had the opportunity to work with some of the world’s greatest minds in learning how to use skills that might not be too common in the infused industry. You can find out more by looking at www.social-engineer.com</p>\n\'',0,134222),('3_Saturday','17','16:55','17:45','Y','SEV','Caesars Promenade South - Octavius BR 3-8','\'Hunting Predators: SE Style\'','\'Chris Hadnagy\'','sev__CH','',0,134223),('3_Saturday','17','17:50','18:40','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'On the Hunt: Hacking the Hunt\'','\'Chris Silvers and Taylor Banks\'','sev__CS','\'<a name=\"sev__CS\"></a><br />\nSaturday August 11 2018 1750 50 mins<br />\n<strong>On the Hunt: Hacking the Hunt Group</strong><br />\nDynamic duo DEF CON SECTF black badge winner Chris Silvers and ACE Hackware founder Taylor Banks return to the stage to take audiences on a hunt — of the hunt group, that is.</p>\n<p>In this talk, Chris and Taylor will walk through the evolution of the “”you called me!”” vishing attack from 1980s phone pranking and 3-way calling to 2010s perceived phone system glitch exploits. You’ll learn how to engineer a successful “”simultaneous answer”” vishing call through reconnaissance, rapport-building, and attack. Most importantly, you’ll walk away with actionable strategies to prepare yourself and your organization against such attacks.</p>\n<p>Oh, and the best part? Chris and Taylor will play real recordings of phone system glitch vishing calls on stage. Listen (and laugh) to what worked and what didn’t, then learn a little something through an interactive analysis of each call with the presenters.</p>\n<p>Chris Silvers: <a href=\"https://twitter.com/cgsilvers\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@cgsilvers</a><br />\nTaylor Banks: <a href=\"https://twitter.com/taylorbanks\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@taylorbanks</a><br />\nTaylor Banks, Founder of ACE Hackware, has spent 15 years in information security. Experienced in applied hacking and countermeasures, Taylor has performed pen-tests and provided training for organizations including the FBI, NSA, US Navy and Marine Corps.</p>\n<p>Chris Silvers is founder and CEO of CG Silvers Consulting as well as DEF CON black badge winner. Chris’ passion for education and 20 years of experience in information security have landed him on the presenter’s stage at conferences such as Derby Con and GrrCon.</p>\n\'',0,134224),('3_Saturday','18','17:50','18:40','Y','SEV','Caesars Promenade South - Octavius BR 3-8','\'On the Hunt: Hacking the Hunt\'','\'Chris Silvers and Taylor Banks\'','sev__CS','',0,134225),('3_Saturday','18','18:40','19:30','N','SEV','Caesars Promenade South - Octavius BR 3-8','\'Social Engineering Course Projects for Undergraduate Students\'','\'Aunsuhl Rege\'','sev__AR','\'<a name=\"sev__AR\"></a></p>\n<p>Saturday August 11 2018 1840 50 mins<br />\n<strong>Social Engineering Course Projects for Undergraduate Students</strong><br />\nThe hard science disciplines (computer science, electrical and computer engineering) have already started investing heavily in cybersecurity education. Security experts, however, note that cybersecurity is a wider discipline than simply the [technical] fields, and professionals with backgrounds [in] the social sciences &#8230; will be needed in the cyber workforce of the future. The relevance of incorporating social sciences into the cybersecurity domain has been acknowledged by the National Academies of Sciences, Engineering, and Medicine and the Department of Homeland Security. Social science disciplines, such as sociology, criminology/criminal justice, anthropology, political science, and psychology are particularly adept at unpacking the complex facets of human behavior and should therefore be leveraged for their contributions to the area of cybersecurity. Yet, the social science arena remains weak in cybersecurity training and education of the future cyber workforce.</p>\n<p>This talk shares an educator&#8217;s efforts to engage undergraduate students in a hands-on social engineering project across Fall 2017 and Spring 2018 semesters. It uses the experiential learning <a href=\"https://www.social-engineer.org/framework/\">framework</a> that promotes &#8220;learning by doing&#8221;. Specifically, this talk focuses on three sub-projects: (i) shoulder surfing where student teams competed against each other, (ii) laptop distraction, where student teams attempted to convince Temple University Computer Services employees to leave their laptops (designed for the class exercise) so that the students could remove a bogus &#8216;intellectual property&#8217; file and place a fake &#8216;malware&#8217; program on the employees&#8217; machines, and (iii) convince individuals on Temple University campus to take a selfie with team members and a funny prop.</p>\n<p>The talk also offers a comparative analysis of these projects over the two semesters, sharing the experiences and challenges of both the students and this educator. It also details the issues about designing projects that follow university ethics standards, training students in human subjects research ethics, generating relevant rubrics, and how to evaluate student engagement and learning. To conclude, the educator shares these cases discussed to initiate dialog in the area of hands-on learning for social science students. Audience feedback is welcomed as this educator is still exploring the experiential learning approach, especially in the area of social engineering.</p>\n<p>Aunsuhl Rege: <a href=\"https://twitter.com/prof_rege\" rel=\"nofollow\"  target=\"_blank\" class=\"external\">@prof_rege</a><br />\nAunshul Rege is a criminology professor at Temple University. Her National Science Foundation sponsored research and education projects examine the human element of cybercrimes, focusing on behavior, decision-making, adaptation, and group dynamics. She is passionate about educating the next generation workforce across the social and hard sciences about the relevance of the human factor in cybersecurity. She has published in the area of cybersecurity education in USENIX, American Society for Engineering Education, and International Symposium on Resilient Control Systems (IEEE). She has a BSc in Computer Science, a BA and MA in Criminology, and an MA and PhD in Criminal Justice.</p>\n\'',0,134226),('3_Saturday','19','18:40','19:30','Y','SEV','Caesars Promenade South - Octavius BR 3-8','\'Social Engineering Course Projects for Undergraduate Students\'','\'Aunsuhl Rege\'','sev__AR','',0,134227),('2_Friday','10','10:00','10:20','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'Automating DFIR: The Counter Future\'','\'@rainbow_tables\'','3e61f73611dda5e0c2f17084b93b7111','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">Automating DFIR: The Counter Future</h3>\n	<p class=\"details\">Friday at 10:00-10:20<br>\n	20 minutes</p>\n<h4 class=\"speaker\">@rainbow_tables<span class=\"speakerTitle\"></span></h4>\n<p class=\"abstract\">Automation has been the forefront of almost every tool or talk in the recent years. The DFIR \nindustry has been moving rapidly towards automating everything! With some great work being \ndone in the area of integrating workflows and various toolsets to make things easier for \nanalysts, automation has really taken off. While that sounds like a worthwhile solution to help \nSOC analysts weed out the run of the mill adware/PUPs or phishing expeditions, can we really \nautomate a response to the more sophisticated or targeted attack on our company’s crown \njewels?\n<p class=\"abstract\">\nThe current argument being made, is that -- rather than building in house Incident Response \nteams, we should utilize automation to substitute analysts and use third party retainers for \nskilled analysis. Large investments in automation technologies, rather than resource \ndevelopment reflect this strategy. What does this mean for career progression for budding DFIR \nanalysts? With security engineering taking the forefront, is analysis as a career in DFIR a dying \nstar? Is automation moving us towards click forensics rather than intelligent analysis? I’d like to \nchallenge groupthink, and debate where automation will lead the industry trends. Additionally, I\nwill share some of my experiences in the changing face of DFIR.</p>\n<p class=\"speakerBio\"><strong>@rainbow_tables</strong><br>\nRainbow_Tables is an experienced incident responder and forensic investigator. She enjoys her\nforays in various industries - media, telecom and software. She finds that her most intriguing\nexperiences stem from the application of DFIR to those industries. Her passion lies within\nautomating analysis methodologies to streamline the incident response process. She believes in\ninnovating simple and innovative solutions to the challenges poised to incident responders by\nproliferation of advancing technologies.\n</p>\n</article>\n\'',0,134228),('2_Friday','10','10:40','11:30','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'Cloud Security Myths\'','\'Xavier Ashe\'','ff1b0a0232cf373f3f65678fe3a08efd','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">Cloud Security Myths</h3>\n	<p class=\"details\">Friday at 10:40-11:30<br>\n	50 minutes</p>\n<h4 class=\"speaker\">Xavier Ashe<span class=\"speakerTitle\">@XavierAshe</span></h4>\n<p class=\"abstract\">Cloud Security is a magical world of as-a-service miracles. Just spin up your intrusion-detection-\nas-a-service, SOC-as-a-service, incident-response-as-a-service, and start feeding it security-\nintelligence-as-a-service. Come hear from this CISO-as-a-service unwrap the onion of cloud \naccess security brokers (CASB), cloud workload protection platforms (CWPP), \nmicrosegmentation, cloud security posture management (CSPM), software-defined perimeters \n(SDP), and bunch of other cloud related topics. What do they do? Do they really work? What do \nyou with all those security appliances you’ve accumulated?</p>\n<p class=\"speakerBio\"><strong>Xavier Ashe</strong><br>Xavier Ashe is a Georgia Institute of Technology\nalumnus and has 25 years of hands-on experience in information security. Working for various security\nvendors and consulting firms for the last 15 years, \nincluding IBM, Gartner, and Carbon Black, Xavier has been focused on helping secure companies of all \nsizes. Xavier was the first hire at the startup Drawbridge Networks, where he was instrumental in \nbringing the first microsegmentation solution for servers and workstations to market. Xavier served on \nthe IBM Security Architecture Board and published several papers. Mr. Ashe holds many industry \ncertifications, including CISM, CISSP, ITIL, SOA, and others. Xavier is currently running Xavier Enterprises, \nan information security consulting firm.</p>\n</article>\n\'',0,134229),('2_Friday','11','10:40','11:30','Y','BTV','Flamingo 3rd Flr- Savoy Rm','\'Cloud Security Myths\'','\'Xavier Ashe\'','ff1b0a0232cf373f3f65678fe3a08efd','\'\'',0,134230),('2_Friday','11','11:50','12:10','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'Effective Log & Events Management\'','\'Russell Mosley\'','ff482e9eee8f8805195d026d4bbfd9e7','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">Effective Log & Events Management</h3>\n	<p class=\"details\">Friday at 11:50-12:10<br>\n	20 minutes</p>\n<h4 class=\"speaker\">Russell Mosley<span class=\"speakerTitle\">@sm0kem</span></h4>\n<p class=\"abstract\">Logs, right? Do you run an expensive SIEM? If not, this talk is for you. An effective process for \nmanaging logs and security events with built-in and open-source tools will be detailed. I\'ll share \nreports and tickets from our organization and describe how we analyze them to improve IT \noperations, situational awareness, security posture, and pass audits.</p>\n<p class=\"speakerBio\"><strong>Russell Mosley</strong><br>\nRussell is an IT Infrastructure & Security Director for a DC-area software services company and \nan organizer with BSides Charm. Russell has seventeen years\' experience in IT operations and \nEnterprise Defense and is responsible for the organization\'s compliance with SOC and FISMA \nrequirements. He holds degrees from UMBC, UMUC, and Towson University as well as CISSP and\nseveral vendor certifications.</p>\n</article>\n\'',0,134231),('2_Friday','12','11:50','12:10','Y','BTV','Flamingo 3rd Flr- Savoy Rm','\'Effective Log & Events Management\'','\'Russell Mosley\'','ff482e9eee8f8805195d026d4bbfd9e7','\'\'',0,134232),('2_Friday','12','12:30','13:20','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'Evolving security operations to the year 2020\'','\'@IrishMASMS\'','292fc5241987596188269a0c441710cd','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">Evolving security operations to the year 2020</h3>\n	<p class=\"details\">Friday at 12:30-13:20<br>\n	50 minutes</p>\n<h4 class=\"speaker\">@IrishMASMS<span class=\"speakerTitle\"></span></h4>\n<p class=\"abstract\">The security operations aspect of your Information Security risk management program is where \nthe “rubber meets the road” — the tools and people you have to implement the process and \nprocedures you put together to find the badness and put out the fires. How has the concept of \nsecurity operations evolved, and where are we headed? There is plenty of buzzword bingo: \nUBA, UEBA, machine learning and artificial intelligence, network abnormality detection, the \nmarketing conversations of evolving to that SOC of 2020 — what do all these really mean to you\nand your operations and which can be useful in your efforts to find the badness?</p>\n<p class=\"speakerBio\"><strong>@IrishMASMS</strong><br>\nIrishMASMS is an old school hacker, fighting the good fight in Computer Network Defense \n(CND)/blue team efforts for more than 18 years. He has been lurking about since DEFCON 10, a \npanel member at HOPE 5, a presenter at a couple of Notacons, and a few other conferences \nwhere it may be hard to remember what really occurred. Having progressed through the ranks \nfrom a Security Operations Center (SOC) analyst to manager and director of Information \nSecurity risk management programs, he has experienced the wide opportunities for pain in our \nindustry — and desires to help improve rather than perpetuate, nurture rather than exclude.\n</p>\n</article>\n\'',0,134233),('2_Friday','13','12:30','13:20','Y','BTV','Flamingo 3rd Flr- Savoy Rm','\'Evolving security operations to the year 2020\'','\'@IrishMASMS\'','292fc5241987596188269a0c441710cd','\'\'',0,134234),('2_Friday','13','13:40','14:30','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'Hacking Your Dev Job to Save the World - Where Programming and Hacking Meet\'','\'@jtpereyda\'','cb8edb891b045a3d26d962c696118e73','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">Hacking Your Dev Job to Save the World - Where Programming and Hacking Meet</h3>\n	<p class=\"details\">Friday at 13:40-14:30<br>\n	50 minutes</p>\n<h4 class=\"speaker\">@jtpereyda<span class=\"speakerTitle\"></span></h4>\n<p class=\"abstract\">Have you wondered whether developers can play any significant role in the security world? \nCome hear from a diehard programmer and hacker who loves to break and loves to build, and \nlearn how a regular programmer can make major contributions to security from the trenches. \nThis presentation will dive into the intersection between development and security. You will \nlearn about the SDL -- Secure Development Lifecycle, and why in the world a hacker would care \nabout processes and procedures. You will learn how \"processes\" and \"lifecycles\" can be useful --\nand how they can be a complete waste of time. Included are real world success stories of \norganizational hacking -- getting other engineers to change their practices -- and real world fail \nstories. Attendees will come away with knowledge of how development and security intersect, \nand how they can use their programming day job to save the world. If you are a developer who \ncares deeply about security, enjoys exploits, and wants to make the world a better place, this is \nfor you.</p>\n<p class=\"speakerBio\"><strong>@jtpereyda</strong><br>\nJoshua is a software engineer specializing in information and network security.\nHe has worked in the critical infrastructure and cloud computing industries with employers \nheavily invested in software and hardware security.\nWhile he currently hunts vulnerabilities full time, his roles have evolved from programmer to \nhacker to organizational hacker to regular hacker again.\nNot only has Joshua found vulnerabilities in safety critical software, he has started long term \nsecurity programs, changing the way an entire business works.\nJoshua has written software, hacked software, and hacked companies.\nIn his free time, Joshua enjoys improving open source software, teaching kids to program, \nattending orchestral concerts with his wife, and figuring out how he can get paid to do it all... \nlegally.\n</p>\n</article>\n\'',0,134235),('2_Friday','14','13:40','14:30','Y','BTV','Flamingo 3rd Flr- Savoy Rm','\'Hacking Your Dev Job to Save the World - Where Programming and Hacking Meet\'','\'@jtpereyda\'','cb8edb891b045a3d26d962c696118e73','\'\'',0,134236),('2_Friday','14','14:50','15:40','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'How not to suck at Vulnerability Management [at Scale]\'','\'@Plug and mwguy\'','5c003f7ec52622d961cb1047d6f6fbf3','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">How not to suck at Vulnerability Management [at Scale]</h3>\n	<p class=\"details\">Friday at 14:50-15:40<br>\n	50 minutes</p>\n<h4 class=\"speaker\">@Plug and mwguy<span class=\"speakerTitle\"></span></h4>\n<p class=\"abstract\">In the current cyber landscape several vulnerabilities are discovered every day. \nThe volume of information and multiple sources to consume this information create interesting challenges for \nany security team. In the recent months several organizations have been prey of bad actors, \nexposing private data of millions of users, many times from month old vulnerabilities. \n<p class=\"abstract\">\nVulnerability management is often disregarded, improperly staffed and rarely discuss in the \ninfosec community, yet is one of the single point of failures allowing for breaches to take place.\nUnder this circumstance, are you prepared to deal with vulnerabilities accordingly?\n</p>\n<p class=\"abstract\">\nIn this talk, we’ll share our experiences dealing vulnerabilities at scale. \nWhat works, what does \nnot and why. More importantly, what actions you should consider improving or build your \nVulnerability program. In the process, we’ll introduce some of the custom tools created \ninternally to automate and enhance the program.</p>\n<p class=\"abstract\"> \nUnlike most Vulnerability Management talks, this talk is about the hands-on portion and day-to-\nday activities that must take place. Whether you are a seasoned infosec professional or new to \nthe field, there is something for you to take away, especially at scale. </p>\n<p class=\"speakerBio\"><strong>@Plug</strong><br>\nPlug is currently a Senior Security Analyst at Verizon Digital Media Services. He started his journey in \ncomputer security back in 1996 when he discovered a 2600 magazine that eventually that lead him to his\nfirst LA2600 meeting in 1998. From that point forward, he has been involved in computer security. With \nover 16 years of IT experience, he has worked as Systems Administrator, Security Analyst and Security \nEngineer in the Finance and Telecom sector. In his free time, he enjoys building Legos, playing with \nsynthesizers and modular systems, when possible he volunteers his time to computer security events.\n</p>\n<p class=\"speakerBio\"><strong>mwguy</strong><br>\nChris is currently a Senior Security Engineer at Verizon Digital Media Services (formerly EdgeCast). \nStarted working with computers in High School, and having older slower computers quickly \nmade the move to Linux and BSD\'s to improve performance. From then on, he\'s worked with \n*nix systems almost exclusively, and a couple of years ago made the switch from being a \nSystems Administrator to working exclusively in Security. When not working, Chris enjoys \ncrypto-currencies, his dogs, and putting wacky stuff on various Raspberry Pis.\n</p>\n</article>\n\'',0,134237),('2_Friday','15','14:50','15:40','Y','BTV','Flamingo 3rd Flr- Savoy Rm','\'How not to suck at Vulnerability Management [at Scale]\'','\'@Plug and mwguy\'','5c003f7ec52622d961cb1047d6f6fbf3','\'\'',0,134238),('2_Friday','16','16:00','16:40','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'SAEDAY: Subversion and Espionage Directed Against You\'','\'Judy Towers\'','b39b9e038926d9735b66e6c7b6002a31','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">SAEDAY: Subversion and Espionage Directed Against You</h3>\n	<p class=\"details\">Friday at 16:00-16:40<br>\n	40 minutes</p>\n<h4 class=\"speaker\">Judy Towers<span class=\"speakerTitle\">@LadyRed_6</span></h4>\n<p class=\"abstract\">Industrial espionage is the practice of secretly gathering information about competing \ncorporation or business interest, with the objective of placing one’s own organization at a \nstrategic or financial advantage. A common practice to achieve this advantage is to elicit \ninformation from unwitting individuals through what today is called social engineering (SE). We \nall hear the term SE so often that we become desensitized to it, thereby INCREASING the \neffectiveness of it against ourselves and organizations. Thus, will call it what it is - Human \nIntelligence, also known as HUMINT.</p>\n<p class=\"abstract\">\nPresenting personal experiences as an Army counterintelligence agent with examples of military\nand industrial espionage, will examine tradecraft employed against individuals every day. We \nwill apply lessons learned from the US military and the intelligence community by using two \nacronyms taught to Army counterintelligence agents: SAEDA (Subversion and Espionage \nDirected against the Army) and MICE (Money, Ideology, Coercion, Ego). By presenting different \naspects of HUMINT collection efforts will enable individuals to possibly detect, deflect, and \nprotect oneself from such actions.</p>\n<p class=\"speakerBio\"><strong>Judy Towers</strong><br>\nAs an active duty US Army Counterintelligence Agent (6 yrs), Judy provided weekly SAEDAY briefings for \nnew incoming unit soldiers and for yearly awareness training requirements. Judy received an Army \naward for the presentation’s effectiveness in engaging the audience, thereby enhancing self-awareness \nof the threat. Her experiences include training in traditional espionage tradecraft, along with supervising \nand conducting counterintelligence investigations of individuals, organizations, installations and activities\nin order to detect, assess and counter threats to national security. After leaving the Army, Judy started a \ncivilian career in information security as: domain admin for a global company, an IT manager \nimplementing incident response system, Fraud department investigating people stealing company \nservices, and now a Cyber Threat Intelligence Analyst, augmented by a 2nd Master’s Degree in \nCybersecurity and Computer Forensics.\n</p>\n</article>\n\'',0,134239),('2_Friday','17','17:10','17:59','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'Stop, Drop, and Assess your SOC\'','\'Andy Applebaum\'','9fb2e4bcd56bacee0ff9805520855ca4','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">Stop, Drop, and Assess your SOC</h3>\n	<p class=\"details\">Friday at 1710-18:00<br>\n	50 minutes</p>\n<h4 class=\"speaker\">Andy Applebaum<span class=\"speakerTitle\"></span></h4>\n<p class=\"abstract\">Traditionally SOCs look outward from their network perimeters, missing the adversaries already \noperating in their networks. As SOCs improve their capabilities by turning inwards, where \nshould they start? What techniques should they be worried about? What tools will help them? \nWithout knowing what your adversaries can do and what your current capabilities are, it’s hard \nto make improvements.</p>\n<p class=\"abstract\">\nThis talk will describe how to use the MITRE ATT&CK framework as a “scorecard” within the SOC\nto understand and tune defensive capabilities, making it easier to answer these hard questions. \nWe’ll describe key use cases for how SOCs can use ATT&CK, covering hunting, threat \nintelligence, red teaming, and security engineering. To enable these use cases, we’ll present a \nnon-invasive technique to construct a detective coverage map that highlights the SOC’s \nstrengths and weaknesses, focusing on minimizing resource requirements while still providing \nusable results. To accompany this, we describe a process to create a remediation plan that \nprovides the highest return on investment by orienting on the most relevant threats and \nprioritizing defensive improvements based on current coverage. Throughout the talk, we will \nprovide real examples, making it easy for those in attendance to understand and replicate at home.\n</p>\n<p class=\"speakerBio\"><strong>Andy Applebaum</strong><br>\nAndy Applebaum is a Lead Cyber Security Engineer at MITRE where he works on applied and \ntheoretical security research problems, primarily in the realms of cyber defense, security \nautomation, and automated adversary emulation. Andy has contributed to MITRE’s ATT&CK \nframework and CALDERA adversary emulation platform, as well as other projects within MITRE’s\ninternal research and development portfolio. Prior to working at MITRE, Andy received his PhD \nin computer science from the University of California Davis, where his dissertation topic was \nusing argumentation logic for reasoning in cyber security. Andy’s work has been published in \nmultiple conferences and workshops and has most recently spoken at Black Hat Europe. In \naddition to his PhD, Andy holds a BA in computer science from Grinnell College and the OSCP \ncertification.\n</p>\n</article>\n\'',0,134240),('2_Friday','18','18:20','18:59','N','BTV','Flamingo 3rd Flr- Savoy Rm','\'Open Source Endpoint Monitoring\'','\'Rik van Duijn and Leandro Velasco\'','57447136b431b011e1b27d3ac2e9e090','\'<article class=\"talk\">\n<h3 class=\"talkTitle\">Open Source Endpoint Monitoring</h3>\n	<p class=\"details\">Friday at 18:20-19:00<br>\n	40 minutes</p>\n<h4 class=\"speaker\">Rik van Duijn and Leandro Velasco<span class=\"speakerTitle\"></span></h4>\n<p class=\"abstract\">There is a rising trend within Threat actors to find newer, more effective and stealthy ways to \nattack and gain persistence in a network. One way to achieve this is by abusing legitimate \nsoftware such as Windows Management Instrumentation and PowerShell. This is the case for \nLiving Off the Land and Fileless threats. By using these techniques, attackers can distribute their \nmalicious code bypassing software whitelisting and avoid antivirus detection. A method to \ndetect these threats is by monitoring endpoints activity. However, this option comes with many \nchallenges that range from getting enough system’s activity information to handle hundreds of \nevents per second.</p>\n<p class=\"abstract\">\nIn our research, we analyze this monitoring method and the design challenges involved in it. \nFurthermore, we propose a solution that aims to detect and alert when advance threats are \nidentified in a system. In order to provide an endpoint monitoring system free of any vendor \nlock-in, this solution combines the capabilities of different open source projects as well as free \ntools. These include, Sysmon for monitoring system activity, Elastic Stack (ELK) to store and \nsearch the collected data, ElastAlert to trigger alarms and the Sigma Project to define the rules \nfor the alarms. This highly customizable solution would enable organizations to hunt for threats \ninside their network or create rules that would automatically detect specific threats upfront.</p>\n<p class=\"speakerBio\"><strong>Rik van Duijn</strong><br>\nRik van Duijn, has over 5 years of experience as a penetration tester. His first job was auditing web \napplication source code for a Dutch bank. Rik holds the OSCP, OSCE certifications, and is currently \npracticing for the OSEE certification. Rik has spoken at SHA2017, Tweakers Security/DEV Meetups and \n#whiskyleaks.\n</p>\n<p class=\"speakerBio\"><strong>Leandro Velasco</strong>\nLeandro Velasco has over 4 years of experience in IT security. After his initial introduction \nmanaging SIEM systems Leandro completed the OS3 master. In his current role Leandro is a \nmember of the security research team, analyzing threats and designing detection or mitigating \nsolutions.\n<br>\n</article>\n\'',0,134241),('2_Friday','16','16:00','16:55','N','DDV','Caesars Promenade Level - Capri Rm','\'The Beginner’s Guide to the Musical Scales of Cyberwar\'','\'Jessica “Zhanna” Malekos Smith\'','1a82185d8da9f5aa375ae7fc6100e326','\'<div class=\"sqs-layout sqs-grid-12 columns-12\" data-layout-label=\"Post Body\" data-type=\"item\" data-updated-on=\"1529349430497\" id=\"item-5b2804db03ce64bc393092f2\"><div class=\"row sqs-row\"><div class=\"col sqs-col-12 span-12\"><div class=\"sqs-block html-block sqs-block-html\" data-block-type=\"2\" id=\"block-4feeea4bf4d8a55718f8\"><div class=\"sqs-block-content\"><p>Speaker:&nbsp;Jessica “Zhanna” Malekos Smith</p><p>Whether you have a background in information security, law, or national security, this talk is a beginner’s guide to understanding the law of war in cyberspace. By juxtaposing the law of war with a keyboard, the process of how states evaluate the scale and effects of a cyber operation and determine a basis for resorting to a use of force under the Law of Armed Conflict, can be more readily conceptualized. For if music is indeed, the universal language of mankind, then by encouraging society to learn about this area we can collectively better strategize ways to mitigate cyber conflict.</p></div></div></div></div></div>\'',0,134242),('3_Saturday','14','14:00','14:55','N','DDV','Caesars Promenade Level - Capri Rm','\'The Memory Remains - Cold drive memory forensics 101   \'','\'Lior Kolnik\'','4a9def49a674691400ff20661f89b684','\'<div class=\"sqs-layout sqs-grid-12 columns-12\" data-layout-label=\"Post Body\" data-type=\"item\" data-updated-on=\"1529351819584\" id=\"item-5b280e4c70a6ad31c8978f00\"><div class=\"row sqs-row\"><div class=\"col sqs-col-12 span-12\"><div class=\"sqs-block html-block sqs-block-html\" data-block-type=\"2\" id=\"block-c485b3e8a27da9052c0b\"><div class=\"sqs-block-content\"><p>Speaker:&nbsp;Lior Kolnik</p><p>Full disk images introduce large amounts of data into a forensic investigation. Still, certain evidence exists only in memory, especially when dealing with malware or fileless attacks designed to stay completely in memory and avoid hitting the disk, exactly for the purposes of avoiding detection and analysis by forensic examiners. Memory forensics is a rapidly growing field, offering many free tools for RAM analysis to uncover important evidence and further the case quickly. As it turns out, these tools can also be applied to a cold drive. Due to OS features such as hibernation, paging and swap space, data from memory ends up being written to disk and survives even when the machine is powered down. In this session, the presenter will introduce the challenges faced when investigations rely solely on disk images, in cases where live memory had not been captured. The audience will then learn how investigators can still benefit from memory forensics in such cases. The presenter will give a full walkthrough of applying techniques, discuss their benefits and limitations, and show examples of results.</p></div></div></div></div></div>\'',0,134243),('3_Saturday','15','15:00','15:55','N','DDV','Caesars Promenade Level - Capri Rm','\'Owning Gluster FS with GEVAUDAN\'','\'Mauro Cáseres\'','9476171c94ff1c37c2bb98be3da8ddcb','\'<div class=\"sqs-layout sqs-grid-12 columns-12\" data-layout-label=\"Post Body\" data-type=\"item\" data-updated-on=\"1529351999597\" id=\"item-5b280f08aa4a9998a82d6fb7\"><div class=\"row sqs-row\"><div class=\"col sqs-col-12 span-12\"><div class=\"sqs-block html-block sqs-block-html\" data-block-type=\"2\" id=\"block-550ae194a268df3b7c94\"><div class=\"sqs-block-content\"><p>Speaker: Mauro Cáseres</p></div></div><div class=\"sqs-block html-block sqs-block-html\" data-block-type=\"2\" id=\"block-yui_3_17_2_1_1529345661403_305119\"><div class=\"sqs-block-content\"><p> </p><p>Gluster is a free scalable network filesystem. Using common off-the-shelf hardware, it allows the user to create large, distributed storage solution for media streaming, data analysis, and other data and bandwidth intensive tasks, thus providing a nice alternative to create a data replication pool easily. It was acquired by Red Hat in 2011, and merged into Red Hat Storage server in 2012, while still available in the open source world. Gluster itself doesn\'t have a large vulnerabilities history, having only 6 vulnerabilities reported in the last 6 years (2 of them after being bought by Red Hat). In this talk, we\'ll focus on the latter two, releasing GEVAUDAN, an exploit for newcomers to the gluster world to learn about it\'s architecture and security, and the implicancies of proper access managament on replicated data systems. This is a talk for begginers from both fields: data replication schemas and exploits writing, so both fields will have a proper introductory section. A live demo will take place during the talk, and the public can actively participate.</p></div></div></div></div></div>\'',0,134244),('2_Friday','10','10:00','10:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Welcome to the BCOS Monero Village\'','\'To be announced\'','ccfaec139e7e06103224dc207ea37381','\'Title: Welcome to the BCOS Monero Village<br>\n<br>\nSpeakers: To be announced<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134245),('2_Friday','11','11:00','11:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Keynote Speech: Inside Monero\'','\'Howard (hyc) Chu\'','1c754c5fba70fc0a40adc6ee3f961a67','\'Title: Keynote Speech: Inside Monero<br>\n<br>\nSpeakers: Howard (hyc) Chu<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134246),('2_Friday','12','12:00','12:30','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Contests, Challenges, and free giveaways\'','\'MSvB and midipoet\'','26dd2412a10700897eea07ea4e13cfbd','\'Title: Contests, Challenges, and free giveaways<br>\n<br>\nSpeakers: MSvB and midipoet<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134247),('2_Friday','12','12:30','12:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Open Source Hardware and the Monero Project\'','\'Parasew\'','807276089368872580469c5567f8a940','\'Title: Open Source Hardware and the Monero Project<br>\n<br>\nSpeakers: Parasew<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134248),('2_Friday','13','13:00','13:30','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'A Rundown of Security Issues in Crypto Software Wallets\'','\'Marko Bencun\'','81ef3fad375b5ea610ff035859ae751e','\'Title: A Rundown of Security Issues in Crypto Software Wallets<br>\n<br>\nSpeakers: Marko Bencun<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134249),('2_Friday','13','13:30','13:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'We Don\'t Need No Stinkin Badges\'','\'Michael Schloh\'','15e582fcbdc75ae734c086989a5f1ec8','\'Title: We Don\'t Need No Stinkin Badges<br>\n<br>\nSpeakers: Michael Schloh<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134250),('2_Friday','14','14:00','15:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Hack On The BitBox Hardware Wallet\'','\'Stephanie Stroka and Marko Bencun\'','30d131f982fc7075a3ab5b29e305eec2','\'Title: Hack On The BitBox Hardware Wallet<br>\n<br>\nSpeakers: Stephanie Stroka and Marko Bencun<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134251),('2_Friday','15','14:00','15:59','Y','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Hack On The BitBox Hardware Wallet\'','\'Stephanie Stroka and Marko Bencun\'','30d131f982fc7075a3ab5b29e305eec2','\'\'',0,134252),('2_Friday','16','16:00','16:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Scaling and Economic Implications of the Adaptive Blocksize in Monero\'','\'Francisco \"ArticMine\" Cabañas\'','6f4d300bdba548b7ae6dc7d024a55740','\'Title: Scaling and Economic Implications of the Adaptive Blocksize in Monero<br>\n<br>\nSpeakers: Francisco \"ArticMine\" Cabañas<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134253),('2_Friday','17','17:00','17:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Hacking a Crypto Payment Gateway\'','\'Devin \"Bearded Warrior\" Pearson and Felix \"Crypto_Cat\" Honigwachs\'','27d1e80b722a03a816d2ce156dcad26d','\'Title: Hacking a Crypto Payment Gateway<br>\n<br>\nSpeakers: Devin \"Bearded Warrior\" Pearson and Felix \"Crypto_Cat\" Honigwachs<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134254),('3_Saturday','10','10:00','10:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'BCOS keynote speech\'','\'Philip Martin&nbsp;(VP Security,&nbsp;COINBASE)\'','7fdce8d40efb389a9fc624e7add37beb','\'Title: BCOS keynote speech<br>\n<br>\nSpeakers: Philip Martin&nbsp;(VP Security,&nbsp;COINBASE)<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134255),('3_Saturday','11','11:00','11:30','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Prize winners, awards, and announcements\'','\'midipoet and MSvB\'','5f0c6a395063b86b62b03944d5491aec','\'Title: Prize winners, awards, and announcements<br>\n<br>\nSpeakers: midipoet and MSvB<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134256),('3_Saturday','11','11:30','11:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Monero\'s Emerging Applications\'','\'Fluffy Pony\'','61925f9aaec44273f843143f1469e591','\'Title: Monero\'s Emerging Applications<br>\n<br>\nSpeakers: Fluffy Pony<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134257),('3_Saturday','12','12:00','13:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'We Program Our Stinkin Badges!\'','\'Michael Schloh\'','03df8e0ab67d22208ccc0eb0b927ad78','\'Title: We Program Our Stinkin Badges!<br>\n<br>\nSpeakers: Michael Schloh<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134258),('3_Saturday','13','12:00','13:59','Y','BCOS','Caesars Promenade Level - Pompeian BR 1','\'We Program Our Stinkin Badges!\'','\'Michael Schloh\'','03df8e0ab67d22208ccc0eb0b927ad78','\'\'',0,134259),('3_Saturday','14','14:00','14:30','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Examining Monero\'s Ring Signatures\'','\'Justin Ehrenhofer\'','6faa87c59a9420fed05b34ddbb3cafea','\'Title: Examining Monero\'s Ring Signatures<br>\n<br>\nSpeakers: Justin Ehrenhofer<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134260),('3_Saturday','14','14:30','14:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Some Mining Related Attacks\'','\'Zhiniang Peng\'','85c908d9ffc75020eb32faf6e53165bc','\'Title: Some Mining Related Attacks<br>\n<br>\nSpeakers: Zhiniang Peng<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134261),('3_Saturday','15','15:00','16:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'An Introduction to Kovri\'','\'Anonimal\'','1673afa2b4764e9d5f2e5e05d34d0245','\'Title: An Introduction to Kovri<br>\n<br>\nSpeakers: Anonimal<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134262),('3_Saturday','16','15:00','16:59','Y','BCOS','Caesars Promenade Level - Pompeian BR 1','\'An Introduction to Kovri\'','\'Anonimal\'','1673afa2b4764e9d5f2e5e05d34d0245','\'\'',0,134263),('3_Saturday','17','17:00','17:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Moderator Justin Ehrenhofer\'s Greatest Questions\'','\'Shamiq (App Sec Manager,&nbsp;COINBASE),&nbsp;Paul Shapiro, A., Fluffy Pony\'','9af814164421b182fa2a281ed5bac461','\'Title: Moderator Justin Ehrenhofer\'s Greatest Questions<br>\n<br>\nSpeakers: Shamiq (App Sec Manager,&nbsp;COINBASE),&nbsp;Paul Shapiro, A., Fluffy Pony<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134264),('3_Saturday','18','18:00','18:30','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Instructions and invitations to party\'','\'Cinnamonflower and pwrcycle\'','4c8f1b6b36bbc36c70cb6c231030dafd','\'Title: Instructions and invitations to party<br>\n<br>\nSpeakers: Cinnamonflower and pwrcycle<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134265),('4_Sunday','10','10:00','10:45','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'The Good, the Bad, and the Private: Building and Breaking Safe Cryptocurrencies\'','\'Sarang Noether\'','6aea3b6dc7c11e864f496e40a23d7106','\'Title: The Good, the Bad, and the Private: Building and Breaking Safe Cryptocurrencies<br>\n<br>\nSpeakers: Sarang Noether<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134266),('4_Sunday','10','10:45','10:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Contest winners, prizes, showcase and awards\'','\'Michael Schloh\'','3840e9116faa22b37ebd293dff3f8e11','\'Title: Contest winners, prizes, showcase and awards<br>\n<br>\nSpeakers: Michael Schloh<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134267),('4_Sunday','11','11:00','11:30','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Monero\'s Differentiated Community\'','\'Justin Ehrenhofer\'','1107fddc4b8d1dc9671560233d4a4998','\'Title: Monero\'s Differentiated Community<br>\n<br>\nSpeakers: Justin Ehrenhofer<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134268),('4_Sunday','11','11:30','11:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Privacy and Blockchain: A Boundary Object Perspective\'','\'Robin \"midipoet\" Renwick\'','1b51d048dcb52e81e87ca5c8e06c88c2','\'Title: Privacy and Blockchain: A Boundary Object Perspective<br>\n<br>\nSpeakers: Robin \"midipoet\" Renwick<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134269),('4_Sunday','12','12:00','12:30','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Stealing Crypto 2 Factor Isn\'t a Factor\'','\'Rod Soto and Jason Malley\'','152b01a793a2659279bc22232782ddb2','\'Title: Stealing Crypto 2 Factor Isn\'t a Factor<br>\n<br>\nSpeakers: Rod Soto and Jason Malley<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134270),('4_Sunday','12','12:30','12:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Monero Project\'s Vulnerability Response Process\'','\'Anonimal\'','99a6ea3b5b67e2674cf69fdf0274b689','\'Title: Monero Project\'s Vulnerability Response Process<br>\n<br>\nSpeakers: Anonimal<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134271),('4_Sunday','13','13:00','13:59','N','BCOS','Caesars Promenade Level - Pompeian BR 1','\'Village summary\'','\'Diego \"rehrar\" Salazar\'','7e0e4a68dbb618fa841ec62980677f2c','\'Title: Village summary<br>\n<br>\nSpeakers: Diego \"rehrar\" Salazar<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134272),('2_Friday','12','12:00','12:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Asking for a Friend\'','\'Speaker TBA\'','59c8e7fa6829346177dabeba4e5f316d','\'Title: Asking for a Friend<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\nNo description available<br><br>\n<br>\n\'',0,134273),('2_Friday','13','13:00','13:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Ethics for Security Practitioners\'','\'Speaker TBA\'','c375c28e578efffa636261511b39a2f1','\'Title: Ethics for Security Practitioners<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n <br>\n		While at the first glance infosec might seem to be a mainly technical domain you might encounter ethical dilemmas very soon once you start working in the field (namely when you do offensive stuff). In this talk I\'ll provide an introduction how to tackle such situations in a structured way and on the basis of common approaches and values.</p>\n<br>\n<br>\n\'',0,134274),('2_Friday','14','14:00','14:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Accountability without accountability: A censorship measurement case study\'','\'Speaker TBA\'','7e313ea480a8bd2f6df46ff333b7b251','\'Title: Accountability without accountability: A censorship measurement case study<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n <br>\nProtecting volunteers from retribution, and why the fear of unknown unknowns is paralyzing to the academic measurement community.\n<br>\n<br>\n\'',0,134275),('2_Friday','15','15:00','15:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Responsible Disclosure Panel\'','\'Speaker TBA\'','c8839a7daa5079bba77aa9fce1cbdb8b','\'Title: Responsible Disclosure Panel<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n <br>In today\'s climate of data breaches and information leaks, how do we in the infosec community disclose the vulnerabilities we discover responsibly? Who are we responsible to? Can we set a standard practice that is ethical, fair and effective? These and other questions will be discussed by some familiar faces on our Responsible Disclosure Panel.</p>\n<br>\n<br>\n\'',0,134276),('2_Friday','16','16:00','16:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Ethical Disclosure and the Reduction of Harm\'','\'Speaker TBA\'','009c3f91649eca4bef151560b7395bcd','\'Title: Ethical Disclosure and the Reduction of Harm<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n <br>\n		  How does a researcher become empowered to influence business and marketing leaders to balance coordinated disclosure, opsec protection, and tradecraft protection, with corporate interests? This talk examines use cases gone wrong, and opportunities for all groups to work together to make it right.</p>\n<br>\n<br>\n\'',0,134277),('2_Friday','17','17:30','18:29','N','EHV','Caesars Promenade Level - Modena Rm','\'Patching the CFAA: The New CIAA and “Ethical” Conduct in Security Research\'','\'Speaker TBA\'','8ad33bcdf1625de70cd81879148d0067','\'Title: Patching the CFAA: The New CIAA and “Ethical” Conduct in Security Research<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n <br>\n		Care about fixing the CFAA? Hear about a new proposal to better protect security research: the Computer Intrusion and Abuse Act. Because the proposal relies on norms/ethics in the security research community, we will debate the hard cases - situations where researcher norms vary.</p>\n<br>\n<br>\n\'',0,134278),('2_Friday','18','17:30','18:29','Y','EHV','Caesars Promenade Level - Modena Rm','\'Patching the CFAA: The New CIAA and “Ethical” Conduct in Security Research\'','\'Speaker TBA\'','8ad33bcdf1625de70cd81879148d0067','\'\'',0,134279),('2_Friday','18','18:30','19:29','N','EHV','Caesars Promenade Level - Modena Rm','\'Discussion\'','\'Speaker TBA\'','1f4a5a085a8ab0e7f89ff34d2e263340','\'Title: Discussion<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n</p>\n\n<br>\n<br>\n\'',0,134280),('2_Friday','19','18:30','19:29','Y','EHV','Caesars Promenade Level - Modena Rm','\'Discussion\'','\'Speaker TBA\'','1f4a5a085a8ab0e7f89ff34d2e263340','\'\'',0,134281),('3_Saturday','11','11:00','11:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Ethics of Technology in Humanitarian and Disaster Response\'','\'Speaker TBA\'','cf2a26b7f1ac14c397b49c60c0b1aeec','\'Title: Ethics of Technology in Humanitarian and Disaster Response<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n<br>How do we combat the moral dilemmas technology brings to humanitarian and disaster response? Ethically based decision making can improve the influence of technology during a crisis.</p>\n<br>\n<br>\n\'',0,134282),('3_Saturday','13','13:00','13:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Nations and Nationalism and Cyber Security - Navigating Difficult Relationships in the Private Infosec Space\'','\'Speaker TBA\'','8766386367223b29a5d163739a5cec84','\'Title: Nations and Nationalism and Cyber Security - Navigating Difficult Relationships in the Private Infosec Space<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n<br>When talent comes from intelligence agencies, what masters do we server, who takes priority, and how can companies ensure providers are supporting their interests above past masters? And how have companies muddied the waters so that these questions are relevant in the first place? Some exploration of conflicting duties and possible responses.</p>\n<br>\n<br>\n\'',0,134283),('3_Saturday','15','15:00','15:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Hack Back: Not An Option, But A Necessity? (A Mini-Workshop)\'','\'David Scott Lewis\'','df7d07b21bb99a6f91a532fed6fd2617','\'Title: Hack Back: Not An Option, But A Necessity? (A Mini-Workshop)<br>\n<br>\nSpeakers: David Scott Lewis<br>\n<br>\nDescription:<br>\n<br><em>David Scott Lewis</em><br>“They don’t fear us.” This was General Nakasone’s response to Senator Sullivan’s remark that “we’re the world’s cyber punching bag” during Mr. Nakasone\'s confirmation hearings as NSA Director and USCYBERCOM Commander. This talk will present hack back as a form of offensive cyber going beyond active defense, persistent engagement, and the cyber kill chain, yet consistent with proposed legislation, and will put forth the claim that nextgen hack back will evolve into a hyperwar battlespace deterrent.</br>Concerns such as attribution and escalation will be addressed, as will the potential role of AI, cybernetics, and quantum computing. A working framework for hack back will be presented – HBaaS/ADaaS (Hack Back-as-a-Service/Active Defense-as-a-Service), as will reasons why culture must play a key role in developing policy options.</br>For illustrative purposes, China and Chinese culture will be examined in depth. This examination will begin with a look at China’s Mearsheimerian foreign relations practices, and will then review how Chinese culture and cultural norms should guide U.S. hack back policies specific to China.</p>\n<br>\n<br>\n\'',0,134284),('3_Saturday','17','17:00','17:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Diversity and Equality in Infosec\'','\'Speaker TBA\'','68933d887b74ee8eeda163043baf8619','\'Title: Diversity and Equality in Infosec<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n<br/>\n	  As the field of Infosec continues to grow in numbers, it is also growing in terms of diversity. Arguably the field needs bring in as many diverse perspectives as possible in order to face ever escalating technological and non-technological challenges. We seek to discuss the ethics of promoting diversity and equality, the ethics of the current methods in promoting diversity and equality, and what can be done to ethically promote diversity and equality in infosec.</p>\n<br>\n<br>\n\'',0,134285),('3_Saturday','18','18:00','18:59','N','EHV','Caesars Promenade Level - Modena Rm','\'Discussion\'','\'Speaker TBA\'','66bb9d4e8070b0bdc6bc476b3eb911b2','\'Title: Discussion<br>\n<br>\nSpeakers: Speaker TBA<br>\n<br>\nDescription:<br>\n</p>\n	      </div>\n<br>\n<br>\n\'',0,134286),('2_Friday','10','10:00','10:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Opening Remarks \'','\'AI Village Organizers \'','e3dae87ef54e888e5a244e9796a918be','NULL',0,134287),('2_Friday','10','10:20','10:40','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Adversarial Patches \'','\'Sven Cattell \'','44790c035c69c30920507fe84384ac07','\'<h4 id=\"adversarial-patches\">Adversarial Patches</h4>\n\n<p><em>Sven Cattell</em></p>\n\n<p>Adversarial examples fooling machine learning field are a burgeoning field. We propose applications to fool self driving cars or facial recognition systems but most of the techniques are purely academic. They require minute manipulations to the bit values of the pixels entering a system. Adversarial patches are an attack that could actually work. This talk will cover how to make them and further applications</p>\n\n<p>I got my Ph.D. in algebraic topology in 2016 and immediately moved into machine learning to work on something useful to people. I then completed a post-doc in mathematical machine learning where I worked on medical data. I now work at endgame.</p>\n\n\'',0,134288),('2_Friday','10','10:40','11:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Stop and Step Away from the Data: Rapid Anomaly Detection via Ransom Note File Classification \'','\'Mark Mager \'','187bf16fb015596d00798d3e8356ed8b','\'<h4 id=\"stop-and-step-away-from-the-data-rapid-anomaly-detection-via-ransom-note-file-classification\">Stop and Step Away from the Data: Rapid Anomaly Detection via Ransom Note File Classification</h4>\n\n<p><em>Mark Mager</em></p>\n\n<p>&rdquo;\nThe proliferation of ransomware has become a widespread problem culminating in numerous incidents that have affected users worldwide. Current ransomware detection approaches are limited in that they either take too long to determine if a process is truly malicious or tend to miss certain processes due to focusing solely on static analysis of executables. To address these shortcomings, we developed a machine learning model to classify forensic artifacts common to ransomware infections: ransom notes. Leveraging this model, we built a ransomware detection capability that is more efficient and effective than the status quo.</p>\n\n<p>I will highlight the limitations to current ransomware detection technologies and how that instigated our new approach, including our research design, data collection, high value features, and how we performed testing to ensure acceptable detection rates while being resilient to false positives. I will also be conducting a live demonstration with ransomware samples to demonstrate our technology&rsquo;s effectiveness. Additionally, we will be releasing all related source code and our model to the public, which will enable users to generate and test their own models, as we hope to further push innovative research on effective ransomware detection capabilities.&rdquo;</p>\n\n<p>Throughout his career in software engineering and computer security, Mark has served in prominent technical leadership roles in the research and development of advanced computer network operations tools and has provided malware analysis and reverse engineering subject matter expertise to a diverse range of government and commercial clients in the Washington, D.C. metropolitan area.</p>\n\n\'',0,134289),('2_Friday','11','10:40','11:20','Y','AIV','Caesars Promenade Level - Florentine BR 3','\'Stop and Step Away from the Data: Rapid Anomaly Detection via Ransom Note File Classification \'','\'Mark Mager \'','187bf16fb015596d00798d3e8356ed8b','\'\'',0,134290),('2_Friday','11','11:20','11:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'JMPgate: Accelerating reverse engineering into hyperspace using AI \'','\'Rob Brandon \'','a444c3fd1ec110c65e534d597e75d8d9','\'<h4 id=\"jmpgate-accelerating-reverse-engineering-into-hyperspace-using-ai\">JMPgate: Accelerating reverse engineering into hyperspace using AI</h4>\n\n<p><em>Rob Brandon</em></p>\n\n<p>&ldquo;One of the most exciting potential applications for artificial intelligence and machine learning is cognitive augmentation of humans.  At its best, AI allows humans to handle more information, react faster to complex events, and potentially even sense features of the world that we are currently incapable of perceiving.  This has many applications in the security field, such as aiding humans in the task of binary reverse engineering.  Reverse engineering binary code is one of the most challenging skill sets in the security field to learn.  The ability to look at a block of raw machine code and understand what it does, as well as recognize similarities to code previously seen, often requires years spent doing tedious analysis of large amounts of code.<br />\nIn this talk I show how we can use machine learning to handle the tedious parts of this process for us.  If we show a generative neural network a wide variety of machine code, the network will learn the most relevant features needed to reproduce and describe that code.  Once the network is trained, we can show it a new segment of code and capture the state of the neurons at the end of the segment.  This neural state is effectively a summary of the entire sequence summarized into a vector.<br />\nComparing these vectors allows easy measurement of the similarity of several code sequences by simply measuring the Euclidean distance between them.  These vectors can also be used as inputs to other machine learning models that can perform a variety of tasks, such as identifying compiler settings used to generate the code.  As part of the presentation, I will also be releasing a tool, the JMPgate framework, which can be used to accomplish tasks like identifying library code within an executable binary.\n&ldquo;</p>\n\n<p>Rob is a threat hunter and data scientist with Booz Allen Hamilton&rsquo;s Dark Labs group.  He has over 20 years of experience in the tech industry and holds a PhD in computer science from the University of Maryland, Baltimore County.  His hobbies include studying the ways that complex systems fall apart and building machines that do his thinking for him so that he can spend more time brewing beer and playing bass.</p>\n\n\'',0,134291),('2_Friday','13','13:00','13:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'IntelliAV: Building an Effective On-Device Android Malware Detector \'','\'Mansour Ahmadi \'','051b6e5ea69725443e39df2e5639cd0e','\'<h4 id=\"intelliav-building-an-effective-on-device-android-malware-detector\">IntelliAV: Building an Effective On-Device Android Malware Detector</h4>\n\n<p><em>Mansour Ahmadi</em></p>\n\n<p>&ldquo;\nThe importance of employing machine learning for malware detection has become explicit to the security community. Several anti-malware vendors have claimed and advertised the application of machine learning in their products in which the inference phase is performed on servers and high-performance machines, but the feasibility of such approaches on mobile devices with limited computational resources has not yet been assessed by the research community, vendors still being skeptical. In this presentation, we aim to show the practicality of devising a learning-based anti-malware on Android mobile devices, first. Furthermore, we aim to demonstrate the significance of such a tool to cease new and evasive malware that can not easily be caught by signature-based or offline learning-based security tools. To this end, we first propose the extraction of a set of lightweight yet powerful features from Android applications. Then, we embed these features in a vector space to build an effective as well as efficient model. Hence, the model can perform the inference on the device for detecting potentially harmful applications. We show that without resorting to any signatures and relying only on a training phase involving a reasonable set of samples, the proposed system, named IntelliAV, provides more satisfying performances than the popular major anti-malware products. Moreover, we evaluate the robustness of IntelliAV against common obfuscation techniques where most of the anti-malware solutions get affected.&rdquo;</p>\n\n<p>I am a postdoctoral Research Associate at the Northeastern University. I achieved my Ph.D. from the University of Cagliari. I am co-author of more than 10 research papers mostly about the application of machine learning for malware classification. Two of my works received awards from Kaspersky, and the Anti-Virus I developed received media coverage.</p>\n\n\'',0,134292),('2_Friday','13','13:20','13:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Identifying and correlating anomalies in Internet-wide scan traffic to newsworthy security events \'','\'Andrew Morris \'','5715db47367ddb53052c8b984ec57923','\'<h4 id=\"identifying-and-correlating-anomalies-in-internet-wide-scan-traffic-to-newsworthy-security-events\">Identifying and correlating anomalies in Internet-wide scan traffic to newsworthy security events</h4>\n\n<p><em>Andrew Morris</em></p>\n\n<p>In this presentation, we will discuss using GreyNoise, a geographically and logically distributed system of passive Internet scan traffic collector nodes, to identify statistical anomalies in global opportunistic Internet scan traffic and correlate these anomalies with publicly disclosed vulnerabilities, large-scale DDoS attacks, and other newsworthy events. We will discuss establishing (and identifying any deviations away from) a &ldquo;standard&rdquo; baseline of Internet scan traffic. We will discuss successes and failures of different methods employed over the past six months. We will explore open questions and future work on automated anomaly detection of Internet scan traffic. Finally, we will provide raw data and a challenge as an exercise to the attendees.</p>\n\n<p>Andrew Morris is the founder and CEO of GreyNoise Intelligence, a DC-based cyber security company, and likely holds the world record for amount of time staring at Internet-wide scan traffic. Prior to founding GreyNoise, Andrew worked as a researcher, red team operator, and consultant for several large cyber security firms including Endgame, NCC group, and KCG. Outside of work, Andrew enjoys playing fingerstyle acoustic guitar and tries to figure out what his dreams mean.</p>\n\n\'',0,134293),('2_Friday','14','14:00','14:30','N','AIV','Caesars Promenade Level - Florentine BR 3','\'It’s a Beautiful Day in the Malware Neighborhood \'','\'Matt \'','fef3a597387a900d4eff9a133877a2a2','\'<h4 id=\"it-s-a-beautiful-day-in-the-malware-neighborhood\">It’s a Beautiful Day in the Malware Neighborhood</h4>\n\n<p><em>Matt</em></p>\n\n<p>&ldquo;Malware similarity analysis compares and identifies samples with shared static or behavioral characteristics. Identification of similar malware samples provides analysts with more context during triage and malware analysis. Most domain approaches to malware similarity have focused on fuzzy hashing, locality sensitivity hashing, and other approximate matching methods that index a malware corpus on structural features and raw bytes. Ssdeep or sdhash are often utilized for similarity comparison despite known weaknesses and limitations. Signatures and IOCs are generated from static and dynamic analysis to capture features and matched against unknown samples. Incident management systems (RTIR, FIR) store contextual features, e.g. environment, device, and user metadata, which are used to catalog specific sample groups observed.</p>\n\n<p>In the data mining and machine learning communities, the nearest neighbor search (NN) task takes an input query represented as a feature vector and returns the k nearest neighbors in an index according to some distance metric. Feature engineering is used to extract, represent, and select the most distinguishing features of malware samples as a feature vector. Similarity between samples is defined as the inverse of a distance metric and used to find the neighborhood of a query vector. Historically, tree-based approaches have worked for splitting dense vectors into partitions but are limited to problems with low dimensionality. Locality sensitivity hashing attempts to map similar vectors into the same hash bucket. More recent advances make the use of k-nearest neighbor graphs that iteratively navigate between neighboring vertexes representing the samples.</p>\n\n<p>The NN methods reviewed in this talk are evaluated using standard performance metrics and several malware datasets. Optimized ssdeep and selected NN methods are implemented in Rogers, an open source malware similarity tool, that allows analysts to process local samples and run queries for comparison of NN methods.\n&ldquo;</p>\n\n<p>Matt Maisel is a data scientist passionate about the intersection of machine learning, software engineering, and computer security domains. He’s currently the manager of Security Data Science at Cylance. Matt recently architected a scalable malware analysis and modeling service used to process customer malware detections. He’s worked in several organization within Cylance including research engineering as a software architect and consulting as the technical director of the incident response practice. Matt holds a M.S. in Computer Science with a focus in machine learning and distributed systems from Johns Hopkins University.</p>\n\n\'',0,134294),('2_Friday','14','14:30','15:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Malware Panel \'','\'@drhyrum, @gradient_janitor, @malwareunicorn, @rharang, @bwall (Moderator) \'','a794f329fa887b0476006d021fa52719','NULL',0,134295),('2_Friday','15','14:30','15:20','Y','AIV','Caesars Promenade Level - Florentine BR 3','\'Malware Panel \'','\'@drhyrum, @gradient_janitor, @malwareunicorn, @rharang, @bwall (Moderator) \'','a794f329fa887b0476006d021fa52719','\'\'',0,134296),('2_Friday','15','15:20','15:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Detecting Web Attacks with Recurrent Neural Networks \'','\'Fedor Sakharov \'','31ab3f5ddfa34aa94743ef7dac659416','\'<h4 id=\"detecting-web-attacks-with-recurrent-neural-networks\">Detecting Web Attacks with Recurrent Neural Networks</h4>\n\n<p><em>Fedor Sakharov</em></p>\n\n<p>&ldquo;Classic Web Application Firewalls (WAFs) mostly use rule-based approach for attack detection. This approach is known to have its pros and cons. Despite offering decent protection from automated attacks and predictable detection results rule-based approach has and always will have certain disadvantages. We all know that it&rsquo;s useless against 0-day attacks or that even the most sophisticated rules are easily evaded by skilled professionals. That is why a more effective approach should involve some kind of heuristics. Let&rsquo;s give a chance to artificial intelligence to find something non-obvious for human perception in raw data and try to explain its results.</p>\n\n<p>To this day AI has been more often used for cat classification rather than for detecting application-level attacks on HTTP applications. Our team decided to test the hypothesis that Deep Learning is able to detect web-based attacks effectively. We started with very simple neural network architectures and tried to use them for classification. After some experiments it became clear that we needed more complex networks so we abandoned our attempts to use classification shifting to anomaly detection. Eventually, we ended up using seq2seq model with attention mechanisms which is able to detect zero-day web attacks with minimal number of false positives.&rdquo;</p>\n\n<p>Irina Stepanyuk is a data scientist from Moscow, Russia. For some time Irina is a researcher in Positive Technologies. She develops data analysis algorithms in relation to information security. Moreover, Irina is a Master&rsquo;s student in the Faculty of Computer Science at the Higher School of Economics, where she also participates in data science projects and research.</p>\n\n<p>Arseny Reutov is a web application security researcher from Moscow, Russia. Arseny is the Head of Application Security Research at Positive Technologies Ltd where he specializes in penetration testing, the analysis of web applications, and application security research. He is the author of research papers and blog posts on web security published in such magazines as Hacker (Xakep) and HITB Magazine as well as in his blog raz0r.name.  He was a speaker at ZeroNights, CONFidence, PHDays and OWASP conferences. Arseny loves making web security challenges (#wafbypass on Twitter) as well as solving them. His passion are modern web technologies and finding vulnerabilities in them.</p>\n\n<p>Fedor is a software developer from Moscow, Russia. He takes interest in various aspects of low-level programming and information security. For some time he has contributed to opensource reverse-engineering framework radare2, his diploma thesis is about transparent application CFG control in runtime and he has a solid experience with Linux kernel programming, drivers as well as kernel subsystems. That&rsquo;s not all, since recently he leads the security-focused machine learning research at Positive Technologies.&rdquo;</p>\n\n\'',0,134297),('2_Friday','16','16:00','16:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Machine Learning for Network Security Hands-on Workshop: DIYML \'','\'Sebastian Garcia \'','2f77e2db4164e202bdad6ad151e68e59','\'<h4 id=\"machine-learning-for-network-security-hands-on-workshop-diyml\">Machine Learning for Network Security Hands-on Workshop: DIYML</h4>\n\n<p><em>Sebastian Garcia</em></p>\n\n<p>Creating new Machine Learning algorithms with the new frameworks its easier than ever. However, our models still need designing, evaluation, tuning and specially good datasets. In this workshop we will share high-quality and real datasets of normal users working in their computers while being attacked and infected with malware. The goal is to learn to understand the problem, label data, identify features, create your own ML model and finally test it against all the other models in the room! A fast-paced workshop going from traffic understanding to working python ML models in 2hs. Learn why ML is so difficult and so useful. Work in teams to obtain the highest detection performance and improve your knowledge. Python/NetFlows/Bro/SciKit/pandas/TensorFlow, use what you need!</p>\n\n<p>Sebastian is a malware researcher and security teacher that has extensive experience in machine learning applied on network traffic. He created the Stratosphere IPS project, the first machine learning-based, free-software IPS. Its goal its to protect the civil society. As a researcher in the Artificial Intelligence group of the Czech Technical University in Prague, he believes that free software and machine learning tools can help better protect users from the abuse of their digital rights. He has been teaching in several countries and Universities and working on penetration testing for both corporations and governments. He was lucky enough to talk and give workshops in CCC, BSides Budapest, Ekoparty, DeepSec, Hacktivity, Botconf, Hacklu, InBot, SecuritySessions, ECAI, CitizenLab, ArgenCor, Free Software Foundation Europe, VirusBulletin, BSides Vienna, HITB Singapore, CACIC, etc.  As a co-founder of the MatesLab hackspace he worked on honeypots, malware detection, distributed scanning (creator of dnmap) keystroke dynamics, Bluetooth analysis, privacy protection, intruder detection, robotics, microphone detection with SDR (Salamandra) and biohacking. He is also a proud co-founder of the Independent Fund for Women in Tech.</p>\n\n\'',0,134298),('2_Friday','16','16:00','16:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Using AI to Create Music \'','\'dj beep code \'','9b085c3675681f1875f5b691a2371c39','\'<h4 id=\"using-ai-to-create-music\">Using AI to Create Music</h4>\n\n<p><em>dj beep code</em></p>\n\n<p>Creativity has traditional been a purely human pursuit.  However, with recent developments in computational creativity, it has become apparent that the generation of art can now be accelerated with artificial intelligence.  Come prepared to learn about reinforcement learning, deep belief networks, and be entertained by music composed in mere seconds, right in front of your eyes.</p>\n\n<p>&ldquo;With a BS in Applied Mathematics, and a MS in computer science, dj launched her career in engineering in working on the Thirty Meter Telescope project.  Over the next 12 years, she specialized in remote sensing algorithms, culminating as the principle investigator in an Office of Naval Research contract on the classification of signals.  In 2014 she took her breadth of machine learning knowledge in applied research to the IBM Watson group.  Within IBM Watson she leads teams that create AI applications for business, and on the side hacks on The Watson Beat code base.  She also plays bass guitar in a bad cover band.&rdquo;</p>\n\n\'',0,134299),('2_Friday','16','16:00','16:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Machine Learning as a Service in Your Pocket \'','\'Evan Yang \'','c4907b1456af176884af348102037af3','\'<h4 id=\"machine-learning-as-a-service-in-your-pocket\">Machine Learning as a Service in Your Pocket</h4>\n\n<p><em>Evan Yang</em></p>\n\n<p>&ldquo;If you struggle with building a machine learning (ML) classifier for the data, this Machine Learning as a Service (MLaaS) is a quick and handy solution for you. Originally designed for security researcher, now this feature packed service was open sourced to public. This service can take time-series data, such as API log etc., to generate ML models with few mouse clicks. The graphic user interface could guide you through the ML pipeline steps, visualize the performance and help to optimize the ML model. The unique feature analysis tool allow to drill down individual samples and to tune the ML model in a security perspective way.&rdquo;</p>\n\n<p>Evan Yang is a security researcher in Intel Privacy &amp; Security Lab. He had worked on Windows and Android security related topics for past few years. His latest focus is around the deep learning application on Windows ransomware. He also had been a database architect and software developer to provide solutions and build applications in production.</p>\n\n\'',0,134300),('2_Friday','16','16:00','16:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Deep Exploit \'','\'Isao Takaesu \'','10ea4a8ea5b524dfcb0ac557dff85e04','\'<h4 id=\"deep-exploit\">Deep Exploit</h4>\n\n<p><em>Isao Takaesu</em></p>\n\n<p>DeepExploit is fully automated penetration tool linked with Metasploit. It identifies the status of all opened ports on the target server and executes the exploit at pinpoint using Machine Learning.</p>\n\n<p>Isao Takaesu is CISSP. He is working in Mitsui Bussan Secure Directions, Inc. as security engineer and researcher. He found many vulnerabilities in client&rsquo;s server and proposed countermeasures to client. He thinks that there&rsquo;s more and wants to find vulnerabilities. Therefore, he is focused on artificial intelligence technology for cyber security. Now, he is developing the penetration test tool using machine learning.</p>\n\n\'',0,134301),('2_Friday','18','18:00','18:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'INTRO TO DATA MASTERCLASS: Graphs & Anomalies \'','\'Leo Meyerovich & Eugene Teo \'','a55cc4d31ac7dc92bb5188fed4af5497','NULL',0,134302),('3_Saturday','10','10:00','10:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'The current state of adversarial machine learning \'','\'infosecanon \'','f96e94d885d9b71a6aaa96cc3f2ec7cd','\'<h4 id=\"the-current-state-of-adversarial-machine-learning\">The current state of adversarial machine learning</h4>\n\n<p><em>infosecanon</em></p>\n\n<p>Machine learning is quickly becoming a ubiquitous technology in the computer security space, but how secure is it exactly? This talk covers the research occurring in adversarial machine learning and includes a discussion of machine learning blind spots, adversarial examples and how they are generated, and current blackbox testing techniques.</p>\n\n<p>Heather Lawrence is a cyber data scientist working with NARI. She earned her undergraduate and MS degrees in Computer Engineering from the University of Central Florida focusing on computer security. She is pursuing a PhD in Computer Engineering from the University of Nebraska Lincoln. Her previous experience in cyber threat intelligence modeling, darknet marketplace research, IT/OT testbed development, data mining, and machine learning has led to several awards from capture-the-flag competitions including the National Collegiate Cyber Defense Competition, CSI CyberSEED, and SANS Netwars Tournament. Her current research interests focus on the application of machine learning to cybersecurity problem sets.</p>\n\n\'',0,134303),('3_Saturday','10','10:20','10:40','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Chatting with your programs to find vulnerabilities \'','\'Chris Gardner \'','77a36ed3e73b6972ac6ff711856f4b62','\'<h4 id=\"chatting-with-your-programs-to-find-vulnerabilities\">Chatting with your programs to find vulnerabilities</h4>\n\n<p><em>Chris Gardner</em></p>\n\n<p>During the Cyber Grand Challenge, an automated vulnerability exploitation competition, all the teams used the same approach: use a fuzzer to find bugs, and symbolic execution to generate an exploit for any bugs found. Fuzzers are great at triggering bugs, but their effectiveness is often limited by the quality of the initial testcase corpus that is fed to them. Testcases are easy for humans to create, but hard to generate automatically. Teams used a wide variety of techniques to generate initial seeds: from using very slow symbolic execution techniques to find inputs that triggered execution paths, to just using the word “fuzz” as the seed and hoping for the best. However, many of the programs in the CGC are console programs designed to be used by humans: meaning they give a prompt in English and expect a response. For this research we trained a chatbot Recurrent Neural Network on a set of testcases generated by humans, and ran the RNN against the test set with the goal of finding testcases that had higher code coverage than random guessing and could be used with a fuzzer to find bugs.</p>\n\n<p>Chris recently graduated from UMBC, where he found a passion for malware analysis and binary exploitation. In his spare time he plays CTFs and bikes his way around Washington DC.</p>\n\n\'',0,134304),('3_Saturday','10','10:40','11:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'The great power of AI: Algorithmic mirrors of society \'','\'Aylin Caliskan \'','130bd12cc44e488dab9b495f06bac0d5','\'<h4 id=\"the-great-power-of-ai-algorithmic-mirrors-of-society\">The great power of AI: Algorithmic mirrors of society</h4>\n\n<p><em>Aylin Caliskan</em></p>\n\n<p>&ldquo;Following the progress in computing and machine learning algorithms as well as the emergence of big data, artificial intelligence (AI) has become a reality impacting every fabric of our algorithmic society. Despite the explosive growth of machine learning, the common misconception that machines operate on zeros and ones, therefore they should be objective, still holds. But then, why does Google Translate convert these Turkish sentences with gender-neutral pronouns, “O bir doktor. O bir hemÅŸire”, to these English sentences, “He is a doctor. She is a nurse”? As data-driven machine learning brings forth a plethora of challenges, I analyze what could go wrong when algorithms make decisions on behalf of individuals and society if they acquire statistical knowledge of language from historical human data.</p>\n\n<p>In this talk, I show how we can repurpose machine learning as a scientific tool to discover facts about artificial and natural intelligence, and assess social constructs. I prove that machines trained on societal linguistic data inevitably inherit the biases of society. To do so, I derive a method that investigates the construct of language models trained on billions of sentences collected from the World Wide Web. I conclude the talk with future directions and open research questions in the field of ethics of machine learning.&rdquo;</p>\n\n<p>Aylin Caliskan is an assistant professor of computer science at George Washington University. Her research interests include the emerging science of bias in machine learning and fairness, AI ethics, data privacy, and security. Her work aims to characterize and quantify aspects of artificial and natural intelligence using a multitude of machine learning and language processing techniques. In her recent publication in Science, she demonstrated how semantics derived from language corpora contain human-like biases. Prior to that, she developed novel privacy attacks to de-anonymize programmers using code stylometry. Her presentations on both de-anonymization and bias in machine learning are the recipients of best talk awards. Her work on semi-automated anonymization of writing style furthermore received the Privacy Enhancing Technologies Symposium Best Paper Award. Her research has received extensive press coverage across the globe, contributing to public awareness on risks of AI. Aylin holds a PhD in Computer Science from Drexel University and a Master of Science in Robotics from the University of Pennsylvania. Before joining the department of computer science at GWU, Aylin was a postdoctoral researcher and a fellow at Princeton University’s Center for Information Technology Policy.</p>\n\n\'',0,134305),('3_Saturday','11','10:40','11:20','Y','AIV','Caesars Promenade Level - Florentine BR 3','\'The great power of AI: Algorithmic mirrors of society \'','\'Aylin Caliskan \'','130bd12cc44e488dab9b495f06bac0d5','\'\'',0,134306),('3_Saturday','11','11:20','11:40','N','AIV','Caesars Promenade Level - Florentine BR 3','\'DeepPhish: Simulating the Malicious Use of AI \'','\'Ivan Torroledo \'','41cc49b4c4bee106deabba171bc75e17','\'<h4 id=\"deepphish-simulating-the-malicious-use-of-ai\">DeepPhish: Simulating the Malicious Use of AI</h4>\n\n<p><em>Ivan Torroledo</em></p>\n\n<p>Machine Learning and Artificial Intelligence have become essential to any effective cyber security and defense strategy against unknown attacks. In the battle against cybercriminals, AI-enhanced detection systems are markedly more accurate than traditional manual classification. Through intelligent algorithms, detection systems have been able to identify patterns and detect phishing URLs with 98.7% accuracy, giving the advantage to defensive teams. However, if AI is being used to prevent attacks, what is stopping cyber criminals from using the same technology to defeat both traditional and AI-based cyber-defense systems? This hypothesis is of urgent importance - there is a startling lack of research on the potential consequences of the weaponization of Machine Learning as a threat actor tool. In this talk, we are going to review how threat actors could exponentially improve their phishing attacks using AI to bypass machine-learning-based phishing detection systems. To test this hypothesis, we designed an experiment in which, by identifying how threat actors deploy their attacks, we took on the role of an attacker in order to test how they may use AI in their own way. In the end, we developed an AI algorithm, called DeepPhish, that learns effective patterns used by threat actors and uses them to generate new, unseen, and effective attacks based on attacker data. Our results show that, by using DeepPhish, two uncovered attackers were able to increase their phishing attacks effectiveness from 0.69% to 20.9%, and 4.91% to 36.28%, respectively.</p>\n\n<p>Ivan Torroledo is the lead data scientist in the Cyxtera Research organization. In this role, he develops and implements Machine and Deep Learning algorithms to enhance phishing detection, network security, fraud detection, and malware mitigation. Ivan is also highly interested in research on the application of Machine and Deep Learning in high energy physics and astrophysics. Before joining Cyxtera, he worked at the Central Bank of Colombia, applying high performance computing tools to monetary policy analysis. He is passionate about applying the most advanced scientific knowledge to cyber security industry. Ivan holds degrees in Economics and Physics.</p>\n\n\'',0,134307),('3_Saturday','13','13:00','13:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Machine Learning Model Hardening For Fun and Profit \'','\'Ariel Herbert-Voss \'','f74e222fe284663a8c998440fb2fd226','\'<h4 id=\"machine-learning-model-hardening-for-fun-and-profit\">Machine Learning Model Hardening For Fun and Profit</h4>\n\n<p><em>Ariel Herbert-Voss</em></p>\n\n<p>Machine learning has been widely and enthusiastically applied to a variety of problems to great success and is increasingly used to develop systems that handle sensitive data - despite having seen that for out-of-the-box applications, determined adversaries can extract the training data set and other sensitive information. Suggested techniques for improving the privacy and security of these systems include differential privacy, homomorphic encryption, and secure multi-party computation. In this talk, we’ll take a look at the modern machine learning pipeline and identify the threat models that are solved using these techniques. We’ll evaluate the possible costs to accuracy and time complexity and present practical application tips for model hardening. I will also present some red team tools I developed to easily check black box machine learning APIs for vulnerabilities to a variety of mathematical exploits.</p>\n\n<p>Ariel Herbert-Voss is a PhD student at Harvard University, where she specializes in deep learning, cybersecurity, and mathematical optimization. Like many machine learning researchers, she spent plenty of time thinking about deep learning from a computational neuroscience point of view without realizing that skulls make biological neural networks a lot less hackable than artificial ones. Now she thinks about securing deep learning algorithms and offensive applications.</p>\n\n\'',0,134308),('3_Saturday','13','13:20','13:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Automated Planning for the Automated Red Team \'','\'Andy Applebaum \'','6d3e4fae677053ec33f140d7d1493b9e','\'<h4 id=\"automated-planning-for-the-automated-red-team\">Automated Planning for the Automated Red Team</h4>\n\n<p><em>Andy Applebaum</em></p>\n\n<p>&ldquo;Offensive assessments – i.e., penetration testing, adversary emulation, red teaming – have become a key component of maintaining a secure network. Unfortunately, offensive assessments require significant resources, and can vary in quality and structure based on who specifically is conducting the assessment. In the past few years, we’ve seen people try to remedy this problem by creating automated offensive assessment tools, but the capabilities and goals of these tools are highly variable, and many either require personnel to manage them or lack the ability to conduct dynamic or end-to-end tests.</p>\n\n<p>We believe that automated offensive assessments can be done better using automated planning. One of the older branches of AI, automated planning seeks to solve problems where an autonomous agent must determine how to compose a sequence of actions together to achieve an objective. Problems in this space can range from constructing offline deterministic plans, to planning under probabilistic conditions, or to planning in scenarios where the world and underlying model are un- or partially-known. Planning techniques have been applied to solve problems in a variety of domains, including controlling unmanned vehicles and designing intelligent agents in computer games.</p>\n\n<p>In this talk, we’ll describe how we’ve leveraged concepts from the automated planning community to help us design CALDERA, a free, open source automated adversary emulation system. Using these concepts, CALDERA dynamically strings techniques – taken from MITRE ATT&amp;CKâ„¢ – together to achieve objectives and conduct end-to-end tests. In addition to describing CALDERA itself, we’ll also discuss more generally some of the challenges and advantages of deploying automated planning to automated offensive assessments, discussing alternate approaches that we as well as others have considered in tackling this problem. Attendees should walk away with both an understanding of how they can use CALDERA as well as how planning can be used for automated offensive assessments.&rdquo;</p>\n\n<p>Andy Applebaum is a Lead Cyber Security Engineer at MITRE where he works on applied and theoretical security research problems, primarily in the realms of cyber defense, security automation, and automated adversary emulation. Andy has contributed to MITRE’s ATT&amp;CK framework and CALDERA adversary emulation platform, as well as other projects within MITRE’s internal research and development portfolio. Prior to working at MITRE, Andy received his PhD in computer science from the University of California Davis, where his dissertation topic was using argumentation logic for reasoning in cyber security. Andy’s work has been published in multiple conferences and workshops and has most recently spoken at Black Hat Europe. In addition to his PhD, Andy holds a BA in computer science from Grinnell College and the OSCP certification.</p>\n\n\'',0,134309),('3_Saturday','14','14:00','14:30','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Beyond Adversarial Learning -- Security Risks in AI Implementations \'','\'Kang Li \'','b28d85812c17322d146d6b9831236c18','\'<h4 id=\"beyond-adversarial-learning-security-risks-in-ai-implementations\">Beyond Adversarial Learning &ndash; Security Risks in AI Implementations</h4>\n\n<p><em>Kang Li</em></p>\n\n<p>A year after we discovered and reported a bunch of CVEs related to deep learning frameworks, many security and AI researchers have started to pay more attention to the software security of AI systems.   Unfortunately, many deep learning developers are still unaware of the risks buried in AI software implementations.  For example, by inspecting a set of newly developed AI applications, such as image classification and voice recognition, we found that they make strong assumptions about the input format used by training and classifications.  Attackers can easily manipulate the classification and recognition without putting any effort in adversarial learning.  In fact the potential danger introduced by software bugs and lack of input validation is much more severe than a weakness in a deep learning model.  This talks will show threat examples that produce various attack effects from evading classifications, to data leakage, and even to whole system compromises.  We hope by demonstrate such threats and risks, we can draw developers’ attention to software implementations and call for community collaborative effort to improve software security of deep learning frameworks and AI applications.</p>\n\n<p>Kang Li is a professor of computer science and the director of the Institute for Cybersecurity and Privacy at the University of Georgia.  His research results have been published at academic venues, such as IEEE S&amp;P, ACM CCS and NDSS, as well as industrial conferences, such as BlackHat, SyScan, and ShmooCon.  Dr. Kang Li is the founder and mentor of multiple CTF security teams, including SecDawg and Blue-Lotus.  He was also a founder and player of the Team Disekt, a finalist team in the 2016 DARPA Cyber Grand Challenge.</p>\n\n\'',0,134310),('3_Saturday','14','14:30','15:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'(Responsible?) Offensive Machine Learning \'','\'@bodaceacat, @filar, @Straithe, @_delta_zero (Moderating) \'','974439978aa963dc84bf76a5c9d43181','NULL',0,134311),('3_Saturday','15','14:30','15:20','Y','AIV','Caesars Promenade Level - Florentine BR 3','\'(Responsible?) Offensive Machine Learning \'','\'@bodaceacat, @filar, @Straithe, @_delta_zero (Moderating) \'','974439978aa963dc84bf76a5c9d43181','\'\'',0,134312),('3_Saturday','15','15:20','15:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Towards a framework to quantitatively assess AI safety – challenges, open questions and opportunities. \'','\'Ram Shankar Siva Kumar \'','7198bfe78420d2006179c480b97db997','\'<h4 id=\"towards-a-framework-to-quantitatively-assess-ai-safety-challenges-open-questions-and-opportunities\">Towards a framework to quantitatively assess AI safety – challenges, open questions and opportunities.</h4>\n\n<p><em>Ram Shankar Siva Kumar</em></p>\n\n<p>While the papers are piling in arxiv on adversarial machine learning, and companies are committed to AI safety, what would a system that assess the safety of ML system look like in practice? Compare a ML system to a bridge under construction. Engineers along with regulatory authorities routinely and comprehensively assess the safety of the structure to attest the bridge’s reliability and ability to function under duress <strong>before</strong> opening it to the public. Can we as security data scientists provide similar guarantees for ML systems? This talk lays the challenges, open questions in creating a framework to quantitatively assess safety of ML systems. The opportunities, when such a framework is put to effect, are plentiful – for a start, we can gain trust with the population at large that ML systems aren’t brittle; that they just come in varying, quantifiable degrees of safety.</p>\n\n<p>Ram Shankar is a Data Cowboy on the Azure Security Data Science team at Microsoft, where his primary focus is modeling massive amounts of security logs to surface malicious activity. His work has appeared in industry  conferences like BlueHat, DerbyCon, MIRCon, Strata+Hadoop World Practice of Machine Learning as well as academic conferences like NIPS, IEEE Usenix, ACM - CCS.  Ram graduated from Carnegie Mellon University with a Masters in Electrical and Computer Engineering. If you work in the intersection of Machine Learning and Security, he wants to learn about your work!</p>\n\n\'',0,134313),('3_Saturday','16','16:00','16:20','N','AIV','Caesars Promenade Level - Florentine BR 3','\'StuxNNet: Practical Live Memory Attacks on Machine Learning Systems \'','\'Raphael Norwitz \'','b0df7495c9623501553a9b52dc23d403','\'<h4 id=\"stuxnnet-practical-live-memory-attacks-on-machine-learning-systems\">StuxNNet: Practical Live Memory Attacks on Machine Learning Systems</h4>\n\n<p><em>Raphael Norwitz</em></p>\n\n<p>Like all software systems, the execution of machine learning models is dictated by logic represented as data in memory. Unlike traditional software, machine learning systems&rsquo; behavior is defined by the model&rsquo;s weight and bias parameters, rather than precise machine opcodes. Thus patching network parameters can achieve the same ends as traditional attacks, which have proven brittle and prone to errors. Moreover, this attack provides powerful obfuscation as neural network weights are hard to interpret, making it difficult for security professionals to determine what a malicious patch does. We demonstrate that one can easily compute a trojan patch, which when applied causes a network to behave incorrectly only on inputs with a given trigger. An attacker looking to compromise an ML system can patch these values in live memory with minimal risk of system malfunctions or other detectable side-effects. In this presentation, we demonstrate proof of concept attacks on TensorFlow and a framework we wrote in C++ on both Linux and Windows systems. An attack of this type relies on limiting the amount of network communication to reduce to the likelyhood of detection. Accordingly, we attempt to minimize the size of the patch, in terms of number of changed parameters needed to introduce trojan behavior. On an MNIST handwritten digit classification network and on a malicious PDF detection network, we prove that the desired trojan behavior can be introduced with patches on the order of 1% of the total network size, using roughly 1% of the total training data, proving that the attack is realistic.</p>\n\n<p>I am a recent graduate from Columbia Univserity with a BA in Computer Science and MS in Machine Learning, and an incoming engineer on the Acropolis Hypervisor team at Nutanix. I have experience with Linux Kernel development, data science and malware analysis. I have interned at Google, Drawbridge and Nimbledroid, and have published research with Columbia&rsquo;s Wireless and Mobile Networking lab. For fun, I like to be outdoors and train Brazilian Ju-Jitsu.</p>\n\n\'',0,134314),('3_Saturday','16','16:20','16:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Hunting the Ethereum Smart Contract: Color-inspired Inspection of Potential Attacks \'','\'TonTon Huang \'','4e3d920d0ce10749604839f4c1b9d63e','\'<h4 id=\"hunting-the-ethereum-smart-contract-color-inspired-inspection-of-potential-attacks\">Hunting the Ethereum Smart Contract: Color-inspired Inspection of Potential Attacks</h4>\n\n<p><em>TonTon Huang</em></p>\n\n<p>Blockchain and Cryptocurrencies are gaining unprecedented popularity and understanding. Meanwhile, Ethereum is gaining a significant popularity in the blockchain community, mainly due to the fact that it is designed in a way that enables developers to write decentralized applications (Dapps) and smart contract. This new paradigm of applications opens the door to many possibilities and opportunities. However, the security of Ethereum smart contracts has not received much attention; several Ethereum smart contracts malfunctioning have recently been reported. Unlike many previous works that have applied static and dynamic analyses to find bugs in smart contracts, we do not attempt to define and extract any features; instead we focus on reducing the expert&rsquo;s labor costs. We first present a new in-depth analysis of potential attacks methodology and then translate the bytecode of solidity into RGB color code. After that, we transform them to a fixed-sized encoded imag​​e. Finally, the encoded image is fed to convolutional neural network (CNN) for automatic feature extraction and learning, detecting security flaw of Ethereum smart contract.</p>\n\n<p>Hsien-De Huang (a.k.a. TonTon) is working for Leopard Mobile Inc. (Cheetah Mobile Taiwan Agency), and currently a Ph.D. candidate (IKM Lab.) in the Dept. Computer Science and Information Engineering at National Cheng Kung University, Tainan Taiwan. His research interests include Deep Learning, Blockchain, Malware Analysis, Type-2 Fuzzy Logic, and Ontology Applications, and gave talks at RuxCon 2017, OWASP AppSec USA 2017, Hadoop.TW annual conference 2016, TW CSA Summit 2016 and Hackers in Taiwan Conference (HITCON) 2015 &amp; 2014.</p>\n\n<p>Chia-Mu Yu received his Ph.D degree from National Taiwan University in 2012. He is currently an assistant professor at National Chung Hsing University, Taiwan. He was a research assistant in the Institute of Information Science, Academia Sinica. He was a visiting scholar at Harvard University, Imperial College London, Waseda University, and University of Padova. He was a postdoc researcher at IBM Thomas J. Watson Research Center. He serves as an associate editor of IEEE Access and Security and Communication Networks. His research interests include cloud storage security, IoT security, and differential privacy.</p>\n\n\'',0,134315),('3_Saturday','17','17:00','17:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Holy BATSense! Deploying TBATS Machine Learning Algorithm to Detect Security Events \'','\'Pranshu Bajpai \'','a6f76a4449a4535ab0e5311e58ae4004','\'<h4 id=\"holy-batsense-deploying-tbats-machine-learning-algorithm-to-detect-security-events\">Holy BATSense! Deploying TBATS Machine Learning Algorithm to Detect Security Events</h4>\n\n<p><em>Pranshu Bajpai</em></p>\n\n<p>Our “BATSense” security event detection methodology has been running at Michigan State University’s campus for a year and is successfully detecting security anomalies across 300k devices. In this presentation, we will describe the use machine learning, specifically the TBATS forecasting algorithm, to predict future trends for the number of events per second for a variety of device types. The forecasted values are compared against actual observations to alert security personnel of significant deviations. Anomalies are detected based on logs relevant to security events; they may be system modifications, system failures or a football game. Forecasts are never perfect, but when measured over extended use, we have shown that false positives are manageable (1 per week) for true positives of 1 per day. The result a methodology that has been developed and tweaked over time to effectively detect security events, and lessons learned over a year. All arguments presented in this talk will be backed by real world (anonymized) data collected at our university shared with the audience.</p>\n\n<p>Pranshu Bajpai is a security researcher working towards his PhD in Computer Science and Engineering at Michigan State University. His research interests lie in computer and network security, malware analysis, machine learning, privacy, digital forensics, and cyber crimes. In the past, he worked as an independent penetration tester for clients. He has authored several research papers in security magazines and journals and has served as a technical reviewer for books within the security domain. He enjoys working in the security industry and the challenge of testing new technologies for potential weaknesses. In his spare time, he likes solving CTF challenges while listening to classic rock. Connect with him on Twitter: @amirootyet</p>\n\n\'',0,134316),('3_Saturday','18','18:00','18:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'INTRO TO DATA MASTERCLASS: Tour-de-ML \'','\'Leo Meyerovich & Eugene Teo \'','a43da49cc88904742516b976bb18fd20','NULL',0,134317),('4_Sunday','10','10:00','10:40','N','AIV','Caesars Promenade Level - Florentine BR 3','\'Generating Labeled Data From Adversary Simulations With MITRE ATT&CK \'','\'Brian Genz \'','2e1297d29d7997d432ecd317802fd064','\'<h4 id=\"generating-labeled-data-from-adversary-simulations-with-mitre-att-ck\">Generating Labeled Data From Adversary Simulations With MITRE ATT&amp;CK </h4>\n\n<p><em>Brian Genz</em></p>\n\n<p>&ldquo;Attackers have a seemingly endless arsenal of tools and techniques at their disposal, while defenders must continuously strive to improve detection capabilities across the full spectrum of possible vectors. The MITRE ATT&amp;CK Framework provides a useful collection of attacker tactics and techniques that enables a threat-focused approach to detection. </p>\n\n<p>This technical talk will highlight key lessons learned from an internal adversary simulation at a Fortune 100 company that evolved into a series of data science experiments designed to improve threat detection. &rdquo;</p>\n\n<p>Brian Genz is a Security Engineer focused on threat hunting, security data science, threat intelligence, and security orchestration, automation &amp; response. He brings experience in the defense intelligence, manufacturing, and financial sectors in the areas of incident response, digital forensics, vulnerability management, and security architecture consulting. He has presented at Derby Con, Circle City Con, CypherCon, the ISSA International Conference, ISACA, InfraGard, and other venues. Brian also serves as adjunct faculty in the information security program at Milwaukee Area Technical College.</p>\n\n\'',0,134318),('4_Sunday','10','10:40','10:59','N','AIV','Caesars Promenade Level - Florentine BR 3','\'AI DevOps: Behind the Scenes of a Global Anti-Virus Company\'s Machine Learning Infrastructure \'','\'Alex Long \'','bc973a0e52c3576e1e83ceb883ebbb9b','\'<h4 id=\"ai-devops-behind-the-scenes-of-a-global-anti-virus-company-s-machine-learning-infrastructure\">AI DevOps: Behind the Scenes of a Global Anti-Virus Company&rsquo;s Machine Learning Infrastructure</h4>\n\n<p><em>Alex Long</em></p>\n\n<p>&ldquo;Thus far, the security community has treated machine learning as a research problem. The painful oversight here is in thinking that laboratory results would translate easily to the real world, and as such, not devoting sufficient focus to bridging that gap. Researchers enjoy the luxuries of neat bite-sized datasets to experiment upon, but the harsh reality of millions of potentially malicious files streaming in daily soon hits would-be ML-practitioners in the face like a tsunami-sized splash of ice water. And while in research there&rsquo;s no such thing as &ldquo;&ldquo;too much&rdquo;&rdquo; data, dataset sizes challenge real-world cyber security professionals with tough questions: &ldquo;&ldquo;How will we store these files efficiently without hampering our ability to use them for day-to-day operations?&rdquo;&rdquo; or &ldquo;&ldquo;How do we satisfy competing use-cases such as the need to analyze specific files and the need to run analyses across the entire dataset?&rdquo;&rdquo; Or maybe most importantly: &ldquo;&ldquo;Will my boss have a heart-attack when he sees my AWS bill?&rdquo;&rdquo;</p>\n\n<p>In this talk, we will provide a live demonstration of the system we&rsquo;ve built using a variety of AWS services including DynamoDB, Kinesis, Lambda, as well as some more cutting edge AWS services such as Redshift and ECS Fargate. We will go into depth about how the system works and how it answers the difficult questions of real world ML such as the ones listed above. This talk will provide a rare look into the guts of a large-scale machine learning production system. As a result, it will give audience members the tools and understanding to confidently tackle such problems themselves and ultimately give them a bedrock of immediately practical knowledge for deploying large-scale on-demand deep learning in the cloud.&rdquo;</p>\n\n<p>Alex Long is currently working as a programmer on the Sophos Datascience Team where he builds tools, scalable backends, and cool visualizations to support the team&rsquo;s research. His latest work has been on creating an online platform for researchers to publish, evaluate, and distribute their latest AI models, thus streamlining the process of productizing AI breakthroughs.</p>\n\n\'',0,134319),('4_Sunday','11','11:00','11:40','N','AIV','Caesars Promenade Level - Florentine BR 3','\'GAN to the dark side: A case study of attacking machine-learning systems to empower defenses \'','\'Li Chen \'','50603f0034900ccf4232330e4abc8ed2','\'<h4 id=\"gan-to-the-dark-side-a-case-study-of-attacking-machine-learning-systems-to-empower-defenses\">GAN to the dark side: A case study of attacking machine-learning systems to empower defenses</h4>\n\n<p><em>Li Chen</em></p>\n\n<p>&ldquo;There has been a surge of interest in using machine learning (ML) to automatically detect malware through their dynamic behaviors. These approaches indeed have achieved much higher accurate detection rate and lower false positive rate. ML in threat detection has demonstrated to be a good cop to guard platform security. However should we fully trust ML-powered security? Here, we juxtapose the resiliency and trustworthiness of ML algorithms for security, in the case study of ransomware detection. We propose RD-Fool, an AI-based system to bypass ML-based ransomware detection.</p>\n\n<p>In this talk, we examine the perspectives of ML assuming the role of both a good cop and a bad cop. We first train a variety of deep learning and classical machine learning classifiers for ransomware detection using data collected from file I/O and registry events. We show the classifiers can achieve great performance in terms of classification accuracy and false positive rate for ransomware detection. Then we examine the resiliency of these classifiers using our proposed system RD-Fool. RD-Fool uses random forest and generative adversarial networks (GAN) to generate samples which can bypass the ransomware detectors. We demonstrate both exploratory and causative attacks using RD-Fool, where exploratory attack aims at bypassing the ransomware detector during inference phase, and causative attack aims at poisoning the training data to perturb the ML decision boundary.</p>\n\n<p>The key advantages of RD-Fool include quick identification of the blind spots of the victim ML model and efficient generation of realistic and evasive samples. We examine the quality of the crafted sample using the perturbation distance and the Silhouette score. Our results and discoveries pose interesting and alarming issues such as how much should we trust or utilize ML for better security.\n&ldquo;</p>\n\n<p>Li Chen is a data scientist and research scientist in the Security and Privacy Lab at Intel Labs, where she focuses on developing state-of-the-art robust machine learning and deep learning algorithms for security analytics including applications in malware detection and image classification in the adversarial setting. She is also the co-primary investigator (PI) and research lead at the Intel Science &amp; Technology Center for Adversary-Resilient Security Analytics. She designs the roadmaps with Intel and Georgia Tech PIs to jointly meet both industrial and academic research objectives. She provides research direction and in-depth technical guidance to advance the ARSA research agenda. Prior to joining Intel Labs, Li was a Data Scientist in Software and Services Group at Intel, where she focused on developing advanced and principled machine learning methods for cloud workload characterization and cloud computing performance. Li Chen received her Ph.D. degree in Applied Mathematics and Statistics from Johns Hopkins University. Her research interests primarily include machine learning, statistical pattern recognition, random graph inference, data mining, and inference for high-dimensional data. Her research has been featured in a number of pioneering scientific and engineering journals and conferences including IEEE Transactions on Pattern Analysis and Machine Intelligence, Annals of Applied Statistics, Parallel Computing, AAAI Conference on Artificial Intelligence and SPIE. She has given more than 30 technical presentations, including at the Joint Statistical Meeting (the largest statistics conference in North America), AAAI conference, International Joint Conference on Artificial Intelligence, and Spring Research Conference on Statistics and Industry Technology.</p>\n\n\'',0,134320),('2_Friday','10','10:00','10:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'WELCOME TO BHV!\'','\'Staff\'','f306aa6f7aa12fd3e1fd7710cf228c5c','\'Title: WELCOME TO BHV!<br><br>Speaker: Staff<br>\n\'',0,134321),('2_Friday','10','10:15','11:30','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Keynote Presentation: Avoiding Trauma, Drama and FUD in Medical Device Disclosure\'','\'Jen Ellis\'','85262197b05c0fa68679956930492593','\'Title: Keynote Presentation: Avoiding Trauma, Drama and FUD in Medical Device Disclosure<br><br>Speaker: Jen Ellis<br>\nAbout Jen:<br>\nJen Ellis is the vice president of community and public policy at Rapid7, a leading provider of analytics and automation for security and IT operations. Jen’s primary focus is on building productive collaboration between those in the security community and those operating outside it. She works extensively with security researchers, technology providers and operators, and various government entities to help them understand and address cybersecurity challenges. She believes effective collaboration is our only path forward to reducing cybercrime and protecting consumers and businesses. She has testified before Congress and spoken at a number of security industry events including SXSW, RSA, Derbycon, Shmoocon, SOURCE, UNITED, and various BSides.<br>\nAbstract:<br>\nAs medical devices increasingly embrace connected technologies, there\'s a growing opportunity for malicious actors to interfere with devices for profit or to cause harm. The good news is that many security researchers are working to investigate the security of medical devices. However, for this effort to have a positive impact, researchers and vendors must work together to understand the true risk, address the issues, and educate physicians and patients.<br>\nIn many cases, the risk may be low and should not outweigh the benefits of the device; however, mismanaged disclosures can cause panic and confusion. In other cases, researchers may struggle to engage vendors on the issue and patients may never hear of it, or they do, but no mitigation is offered. With the stakes so much higher in the healthcare arena, it\'s essential that we learn lessons from medical device disclosures that have gone well, and those that have not. This talk will investigate a number of public disclosures, and provide actionable guidance on how to disclose security concerns for the best possible outcomes.<br>\n\'',0,134322),('2_Friday','11','10:15','11:30','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Keynote Presentation: Avoiding Trauma, Drama and FUD in Medical Device Disclosure\'','\'Jen Ellis\'','85262197b05c0fa68679956930492593','\'\'',0,134323),('2_Friday','12','12:00','11:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Just what the Doctor Ordered: 2nd Opinions on Medical Device Security\'','\'Christian \"quaddi\" Dameff MD\'','0c0938a20689022e53003c33bc700389','\'Title: Just what the Doctor Ordered: 2nd Opinions on Medical Device Security<br><br>Moderator: Christian \"quaddi\" Dameff MD<br>\nAbout Christian:<br>\nChristian (quaddi) Dameff MD is an emergency medicine doctor, former open capture the flag champion, prior DEF CON speaker, and researcher. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients, and other Emergency Medicine related works with an emphasis on CPR optimization. Security research topics including hacking critical healthcare infrastructure, medical devices and the effects of malware on patient care. This is his fourteenth DEF CON.<br>\nPanelist:Beau Woods<br>\nAbout Beau: <br>\nBeau Woods is a leader with the I Am The Cavalry grassroots initiative, a Cyber Safety Innovation Fellow with the Atlantic Council, Entrepreneur in Residence at the US Food and Drug Administration, and Founder/CEO of Stratigos Security. Beau has consulted with Global 100 corporations, the White House, members of Congress, foreign governments, and NGOs on some of the most critical cybersecurity issues of our time. Beau\'s focus is on Internet of Things (IoT) technologies where cybersecurity intersects public safety and human life issues, including healthcare, automotive, energy, oil and gas, aviation, transportation, and other sectors. Beau is a published author, frequent public speaker, often quoted in media, and is often engaged for public or private speaking venues.<br>\nPanelist:Dr. Leslie Saxon<br>\nAbout Leslie:<br>\nDr. Leslie Saxon is a Professor of Medicine, Clinical Scholar, at the Keck School of Medicine of USC. Dr. Saxon specializes in the diagnosis and treatment of cardiac arrhythmias and preventing sudden cardiac death. Dr. Saxon received her medical degree from the Ross University School of Medicine. She completed her internship and residency at St. Luke’s Hospital Washington University, and fellowships in cardiology at Rush-Presbyterian-St. Luke’s Medical Center in Chicago and UCLA. Dr. Saxon has completed over 100 publications in various medical journals and is an active member of a multitude of organizations, including the American Heart Association, and the Heart Failure Society of America. She is also a fellow of the American College of Cardiology and the Heart Rhythm Society.<br>\nAbstract:<br>\nAs medical and recreational devices shift from outside to inside the body, challenges arise not only for builders and breakers of these devices, but also for regulators. This panel will introduce the progress of the Internet of Things into the \"Internet of Bodies\" and explain how existing legal and policy frameworks of<br>\nconsumer protection and security fit with this next generation of body-attached and body-embedded devices (and how they don\'t).<br>\n\'',0,134324),('2_Friday','13','13:30','14:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Blue Team Bio: Using Kill-Chain Methodology to Stop  Bioterrorism\'','\'Mr. Br!ml3y\'','cadd4c23f43d5673291936df67c8382d','\'Title: Blue Team Bio: Using Kill-Chain Methodology to Stop  Bioterrorism<br><br>Speaker: Mr. Br!ml3y<br>\nAbstract:<br>\nEditing genes is getting easier as knowledge of various genomes and technology  advance. Malicious actors creating novel or custom infectious agents are a growing concern. This presentation explores use of Cyber Kill Chain methodology<br>\nto detect and disrupt potential bioterrorist activities. Each link in the chain is defined and examined to identify potential attack indicators and countermeasures, discussing notable bottlenecks in each step. The goal is to<br>\napply existing information security knowledge and paradigms to counter the would-be bioterrorist. This talk will include brief discussions of current gene editing methods (CRISPR-CAS9, ZINCFINGER) for the lay person. Familiarity with the Cyber Kill Chain would be useful.<br>\n\'',0,134325),('2_Friday','14','13:30','14:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Blue Team Bio: Using Kill-Chain Methodology to Stop  Bioterrorism\'','\'Mr. Br!ml3y\'','cadd4c23f43d5673291936df67c8382d','\'\'',0,134326),('2_Friday','14','14:15','16:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Panel Discussion: The Internet of Bodies\'','\'Prof Andrea M. Matwyshyn, Professor of Law, NUSL\'','9a6f4a4d09ca2beb92ea25d15727f639','\'Title: Panel Discussion: The Internet of Bodies<br><br>Moderator: Prof Andrea M. Matwyshyn, Professor of Law, NUSL<br>\nAbout Andrea M. Matwyshyn:<br>\nAndrea Matwyshyn is an academic and author whose work focuses on technology and innovation policy, particularly information security and consumer privacy. She is a (tenured full) professor of law / professor of computer science (by courtesy) at Northeastern University, where she is the co-director of<br>\nthe Center for Law, Innovation, and Creativity (CLIC). Andrea is also a faculty affiliate of the Center for Internet and Society at Stanford Law School. She is a Senior Fellow of the Cyber Statecraft Initiative at the Atlantic Council\'s Brent Scowcroft Center on International Security and a US-UK Fulbright<br>\nCommission Cyber Security Scholar award recipient in 2016-2017. In 2014, she served as the Senior Policy Advisor/ Academic in Residence at the U.S. Federal Trade Commission. Prior to entering academia, she was a corporate attorney in private practice. She is the legal specialty reviewer for the DEFCON CFP board.<br>\nPanelist:Prof Stephanie Pell, West Point<br>\nAbout Stephanie Pell: <br>\nStephanie Pell is an Assistant Professor and Cyber Ethics Fellow at West Point’s Army Cyber Institute (ACI). She writes about privacy, surveillance and security law and policy, and is particularly interested in the tensions inherent in enabling traditional law enforcement efforts and making our<br>\ncommunications networks more secure.  Prior to joining the ACI faculty, Stephanie served as Counsel to the House Judiciary Committee, where she was lead counsel on Electronic Communications Privacy Act (ECPA) reform and PATRIOT Act reauthorization during the 111th Congress. Stephanie was also a<br>\nfederal prosecutor for over fourteen years, working as a Senior Counsel to the Deputy Attorney General, as a Counsel to the Assistant Attorney General of the National Security Division, and as an Assistant U.S. Attorney in the U.S. Attorney’s Office for the Southern District of Florida. She was a<br>\nlead prosecutor in U.S. v. Jose Padilla (American Citizen detained as an enemy combatant prior to criminal indictment and trial), for which she received the Attorney General’s Exceptional Service Award, and in U.S. v. Conor Claxton (IRA operatives who purchased weapons in South Florida and smuggled<br>\nthem into Belfast, Northern Ireland during peace process negotiations). Stephanie received her undergraduate, master’s and law degrees from the University of North Carolina at Chapel Hill.<br>\nPanelist:Dr. Suzanne Schwartz, U.S. Federal Drug Administration<br>\nAbout Dr. Suzanne Schwartz:<br>\nDr. Suzanne Schwartz is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). In this role, she assists the CDRH Director and Deputy Director for Science in the development, execution and evaluation of the Center’s biomedical science and<br>\nengineering programs. Suzanne is passionate about cultivating critical dialogue across sectors and across entities towards advancing innovation in the biomedical space and within healthcare, where complex multifaceted problems exist. Suzanne joined FDA in October 2010. Initially recruited as a Commissioner’s<br>\nFellow, she became a Medical Officer in the Office of Device Evaluation, transitioning in September 2012 to become the Director of CDRH’s Emergency Preparedness/Operations and Medical Countermeasures (EMCM) Program in the Office of the Center Director for the past 4 years. Among other public health concerns,<br>\nher portfolio has most notably included medical device cybersecurity, for which she chairs CDRH’s Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health critical infrastructure sector. Before FDA, Suzanne was a full time surgical faculty member at Weill<br>\nCornell Medical College, New York. Suzanne’s career has spanned the private sector as well, having served as Medical Director & Tissue Bank Director of Ortec International, a development stage medical device company focused on tissue engineering therapeutic approaches to burns and chronic wounds. Suzanne earned<br>\nan MD from Albert Einstein College of Medicine, trained in General Surgery & Burn Trauma at the New York Presbyterian Hospital - Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business, and completed the National Preparedness Leadership Initiative – Harvard School of Public Health & Kennedy School of Government.<br>\nPanelist:Rebecca Slaughter, U.S. Federal Trade Commission<br>\nAbout Rebecca Slaughter:<br>\nPrior to joining the Commission, she served as Chief Counsel to Senator Charles Schumer of New York, the Democratic Leader. A native New Yorker, she advised Leader Schumer on legal, competition, telecom, privacy, consumer protection, and intellectual property matters, among other issues. Prior to joining Senator Schumer\'s office, Ms.<br>\nSlaughter was an associate in the D.C. office of Sidley Austin LLP. Ms. Slaughter received her B.A. in Anthropology magna cum laude from Yale University. She received her J.D. from Yale Law School, where she served as an editor on the Yale Law Journal.<br>\nAbstract:<br>\nAs medical and recreational devices shift from outside to inside the body, challenges arise not only for builders and breakers of these devices, but also for regulators. This panel will introduce the progress of the Internet of Things into the \"Internet of Bodies\" and explain how existing legal and policy frameworks of<br>\nconsumer protection and security fit with this next generation of body-attached and body-embedded devices (and how they don\'t).<br>\n\'',0,134327),('2_Friday','15','14:15','16:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Panel Discussion: The Internet of Bodies\'','\'Prof Andrea M. Matwyshyn, Professor of Law, NUSL\'','9a6f4a4d09ca2beb92ea25d15727f639','\'\'',0,134328),('2_Friday','16','14:15','16:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Panel Discussion: The Internet of Bodies\'','\'Prof Andrea M. Matwyshyn, Professor of Law, NUSL\'','9a6f4a4d09ca2beb92ea25d15727f639','\'\'',0,134329),('2_Friday','16','16:15','16:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Hey Bro, I Got Your Fitness Right Here (and your PHI).\'','\'Nick - GraphX\'','a82c535166cd8d214d2254742cccce08','\'Title: Hey Bro, I Got Your Fitness Right Here (and your PHI).<br><br>Speakers: Nick - GraphX<br>\nAbstract:<br>\nThis is a journey into fitness.  My fitness and more importantly your fitness.  Or rather the information that I\'ve been collecting every day at the gym while getting ready for bikini season.  This a look at my journey to become the sexy stud muffin you see before you (google image search \"sexy stud muffin\" for reference) and my quest to do bad things through various means, up to and including compromising cardio equipment, fitness apps, and changing delivery addresses for fitness equipment to my house instead of your gym. No zero days and nothing overly technical provided here, but the intended takeaway is awareness of who is collecting your PHI and from where. Just like on Maury, the results will shock and amaze.  Or maybe you\'ll just get a good laugh at my journey to lose 100 pounds.<br>\n\'',0,134330),('2_Friday','17','17:00','17:45','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Nature’s source code is vulnerable and cannot be patched\'','\'Jeffrey Ladish\'','bed4d94945b453a93b2bc6e4f4488034','\'Title: Nature’s source code is vulnerable and cannot be patched<br><br>Speaker: Jeffrey Ladish<br>\nAbstract:<br>\n\"Natural selection can produce marvelous functional systems, but constraints in the evolutionary process can be exploited. By leveraging humanity’s relative advantage in design foresight, we may be able to create synthetic organisms that can out-compete their natural counterparts.<br>\nIn this talk, I will explore the design limitations of evolved organisms that leave ecosystems permanently vulnerable to attack. In order to protect the natural world and human health, I will advocate we adopt the “biosecurity mindset” and improve our ecological security posture.\"<br>\n\'',0,134331),('2_Friday','17','17:45','18:30','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Remote Sensing, Distributed Computing, BigData and 3D Epidemiology:  Today’s Public Health Opportunity\'','\'Debra Laefer\'','a3d565079af9fdd15f51869b4a18988f','\'Title: Remote Sensing, Distributed Computing, BigData and 3D Epidemiology:  Today’s Public Health Opportunity<br><br>Speaker: Debra Laefer<br>\nAbstract:<br>\nRecent advances in remote sensing, drones, distributed computing, bigdata, and environmental DNA offer an unprecedented opportunity to push epidemiology beyond its traditional, two-dimensional (i.e. map-based) approach and harness the full availability and power of three-dimensional data and novel investigation methods to explore such data. This talk will present an extremely technology-specific vision for achieving this.<br>\nExamples of the potential usefulness of this approach will be demonstrated with respect to three scenarios:  (1) avian flu, (2) asthma, and post-flooding fecal contamination. The current state of the art of the component technologies will be presented as well as the remaining challenges for their seamless integration.<br>\n\'',0,134332),('2_Friday','18','17:45','18:30','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Remote Sensing, Distributed Computing, BigData and 3D Epidemiology:  Today’s Public Health Opportunity\'','\'Debra Laefer\'','a3d565079af9fdd15f51869b4a18988f','\'\'',0,134333),('2_Friday','18','18:30','18:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Custodial Responsibilities in the Connected Age: Digital Specimens and Social Contracts\'','\'Andy Coravos\'','e7640f1838bcedc5d2f74ee457cc89c0','\'Title: Custodial Responsibilities in the Connected Age: Digital Specimens and Social Contracts<br><br>Speaker: Andy Coravos<br>\n @andreacoravos<br>\nAbstract:<br>\n\"Healthcare is enamored with data. We have more data than we know what to do with (e.g., constant flows of data from wearables, new and cheaper ways to sequence genomes, digital phenotypes expressed through social media interactions) and there is a rush to deploy this data in clinical research and care. As we combine this “data”, we start to build a digital replica of each human. Our healthcare data carries new weight, new responsibilities. The rise in data means that we are gaining a greater body of knowledge as we assemble a digital representation of a person. We are getting closer to full understanding of someone’s biology, brain structure, how and why they think and do what they do. We are entering into a world where precision medicine and “N of 1” studies is (finally) becoming possible. On the flipside, we are also entering into a period of unprecedented monitoring and surveillance. As a society, we have standards for how we handle human blood, tissue and other human specimens. It’s now time for us to talk more about how we are to handle our digital specimens. In the talk, we’ll discuss the proliferation of our biometric and psychographic data, use cases, and the new ethical and custodial responsibilities that arise for individuals, regulators and companies.\"<br>\n\'',0,134334),('2_Friday','19','19:15','19:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Take two of these and syscall execve() in the morning: A retrospective and primer on medical device security research\'','\'Robert Portvliet\'','0d0932bbc53b5d6ca403e0426de7639d','\'Title: Take two of these and syscall execve() in the morning: A retrospective and primer on medical device security research<br><br>Speaker: Robert Portvliet<br>\nAbout Robert:<br>\nRobert Portvliet is the Director of Red Team services at Cylance, with a decade of experience in various disciplines of penetration testing. His focus is on embedded systems and wireless penetration testing and reverse engineering. Prior to joining Cylance, he was the network security service line lead for Foundstone and taught the ‘Ultimate Hacking: Wireless’ class at BlackHat 2011-2013.<br>\nAbstract:<br>\nTo quote Bob Marley “If you know your history, then you would know where you coming from”. This talk is a retrospective on the last ten years or so of medical device security research, intended to bring hackers interested in this discipline up to speed on what has been accomplished to date, how it was done, why it matters and where we stand today.<br>\nThis talk will timeline all the major events in medical device security research, describing in technical detail what was accomplished and how. This should make evident some of the systemic vulnerability classes present in medical devices and hopefully give the medical device security researchers of tomorrow a good idea of where to start looking.<br>\nIt will also cover some of the basic tools and techniques needed to get started in this discipline, as well as some of the practicalities involved in obtaining devices, firmware and information on various classes of medical devices and how differences in attack surface may influence your choice of devices to target for research.<br>\n\'',0,134335),('3_Saturday','10','10:00','11:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'WELCOME TO DAY 2 of BHV!\'','\'Staff\'','60c907befba13edf8db8cadeb9006a49','\'Title: WELCOME TO DAY 2 of BHV!<br><br>Speaker: Staff<br>\n\'',0,134336),('3_Saturday','11','10:00','11:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'WELCOME TO DAY 2 of BHV!\'','\'Staff\'','60c907befba13edf8db8cadeb9006a49','\'\'',0,134337),('3_Saturday','10','10:15','10:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'WaterBot - Hackable Scientific Plant Bot\'','\'BiaSciLab \'','7bf01b86fd766b0211ac95e8574718e4','\'Title: WaterBot - Hackable Scientific Plant Bot<br><br>Speaker: BiaSciLab <br>\nAbout BiaSciLab:<br>\nBiaSciLab is an 11 yr old girl who loves hacking, science, technology, and learning. She is constantly inventing new things, researching interesting unexplored topics, teaching kids and adults electronics and programming. She was the youngest speaker ever at H.O.P.E. with her talk \"Inspiring The Next Next Generation Of Hackers\". When she\'s not working on talks, hacking, or inventing new things, she enjoys fencing, archery, singing and acting.<br>\nAbstract:<br>\nThe WaterBot is designed to dispense liquid (water, plant food, MS Media) and report how much and when it was administered. Designed, engineered and programed by 11 yr. old BiaSciLab, the WaterBot is open source and scaleable.<br>\nCome see how you can hack it to help hack your plants!<br>\n\'',0,134338),('3_Saturday','11','11:15','11:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Technology Enabled Prosthetic Environments\'','\'Gerry Scott\'','87dfb6e7bc062cbedb53b53ff79cd7d7','\'Title: Technology Enabled Prosthetic Environments<br><br>Speaker: Gerry Scott<br>\nAbstract:<br>\nEven though employers are increasingly recruiting autistic  employees, autistic adults have one of the highest unemployment rates in the United States. This paper presents ongoing research by the author: (a) providing a brief overview of current scientific and societal perspectives on autism; (b) describing an on-going qualitative study of autistic autobiographical writings to gain insight into the autistic ex-perience, challenges faced in society, and barriers to employment; and (c) proposing Technology-Enabled Prosthetic Environments (TEPE) as a design concept for the integration of assistive technology for workplace accommodation.<br>\n\'',0,134339),('3_Saturday','12','12:00','12:45','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'No Firewall Can Save You At The Intersection Of Genetics and Privacy\n\'','\'Almost Human\'','dd921e5fdac15fc12d9007e9032dcfc7','\'Title: No Firewall Can Save You At The Intersection Of Genetics and Privacy\n<br><br>Speaker: Almost Human<br>\nAbout Almost Human:<br>\nChris currently works at Lares, prior to that he founded or worked with a number of companies specializing in DarkNet research, intelligence gathering, cryptography, deception<br>\ntechnologies, and providers of security services and threat intelligence. Since the late 90’s Chris has been deeply involved with security<br>\nR&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against cyber attack. Prior to that he jumped out of planes for a living, visiting all<br>\nsorts of interesting countries and cultures while doing his best to avoid getting shot at too often. Roberts is considered one of the world’s foremost experts on counter threat intelligence and vulnerability<br>\nresearch within the Information Security industry.<br>\nAbstract:<br>\nThis talk originally started as a look at the intersection of personal anonymity and personal genetic sequencing. The short version: “Genetic Privacy” is a very tough thing to accomplish; lack of such privacy has potentially “bad” consequences. But there was some hope IF you did everything right. Then we all discovered that the prospects for genetic privacy are even lower than we imagined. You may have heard that the suspected Golden State Killer was found and arrested after decades of terror. The suspect didn’t slip up, other than having relatives who wanted to know more about their own genes. No one is accusing you of murder (I hope), but almost everyone has some aspect of their genetics that they don’t want others to know. So now, not only do you have to get everything right the first time to guard your genetic privacy – you have to hope all your relatives get the genetic privacy stuff right the first time…and every time they get tested. And for those of you who say, “But wait! The laws against genetic discrimination will save us!” consider that various laws also ban other forms of discrimination. How’s that working out these days?<br>\n\'',0,134340),('3_Saturday','12','12:45','13:30','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Mother Natures Development Lifecycles… OR Why the T-Rex didn’t get extenders.\'','\'siDragon\'','0e002cf3153df3fe068d6d3936b60bcd','\'Title: Mother Natures Development Lifecycles… OR Why the T-Rex didn’t get extenders.<br><br>Speaker: siDragon<br>\n\'',0,134341),('3_Saturday','13','12:45','13:30','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Mother Natures Development Lifecycles… OR Why the T-Rex didn’t get extenders.\'','\'siDragon\'','0e002cf3153df3fe068d6d3936b60bcd','\'\'',0,134342),('3_Saturday','13','13:30','14:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'DNA Encryption: Bioencryption to Store Your Secrets in living organisms\'','\'John Dunlap\'','aefab6262bf2fa799045c1ea798fee57','\'Title: DNA Encryption: Bioencryption to Store Your Secrets in living organisms<br><br>Speaker: John Dunlap<br>\nAbstract:<br>\nRecent advances in genetic sequencing and modification technology have made the goal of storing data in living cells an attainable goal. In this talk John Dunlap will cover the history of attempting to encrypt secrets into living cells, and discuss his own experiments encrypting secrets in living cells with affordable lab equipment. John will discuss lab methods, suitable encryption algorithms, and methods for detecting data tucked away in innocuous model organisms, as well as potential issues with the concept of DNA as data storage. John will also present his own software tool for converting data into a suitable form for storage in Living organisms.<br>\n\'',0,134343),('3_Saturday','14','13:30','14:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'DNA Encryption: Bioencryption to Store Your Secrets in living organisms\'','\'John Dunlap\'','aefab6262bf2fa799045c1ea798fee57','\'\'',0,134344),('3_Saturday','14','14:15','16:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'DEF CON Biohacking Village Badge Talk\'','\'Joel Murphy\'','7bd6a7dcd011dc5e2a430ee736de3bd3','\'Title: DEF CON Biohacking Village Badge Talk<br><br>Speaker: Joel Murphy<br>\nAbstract:<br>\nJoel will talk about how the DEF CON Biohacking Village came together in all its wonderful glory<br>\n\'',0,134345),('3_Saturday','15','14:15','16:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'DEF CON Biohacking Village Badge Talk\'','\'Joel Murphy\'','7bd6a7dcd011dc5e2a430ee736de3bd3','\'\'',0,134346),('3_Saturday','16','14:15','16:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'DEF CON Biohacking Village Badge Talk\'','\'Joel Murphy\'','7bd6a7dcd011dc5e2a430ee736de3bd3','\'\'',0,134347),('3_Saturday','15','15:00','14:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Torrent More Pharmaceutical Drugs. File Sharing Still Saves Lives.\'','\'Mixæl Laufer\'','105155ca6f21183bbc0744cdc581a628','\'Title: Torrent More Pharmaceutical Drugs. File Sharing Still Saves Lives.<br><br>Speaker: Mixæl Laufer<br>\nAbout Mixæl:<br>\nChief spokesman for the Four Thieves Vinegar Collective, Mixæl Laufer worked in mathematics and high energy physics until he decided to use his background in science to tackle problems of global health and other social issues. Perpetually disruptive, his most recent project makes it possible for people to manufacture their own medications at home. Open-source, and made from off-the-shelf parts, the Apothecary MicroLab puts many medications within the reach of those who would otherwise not have them.<br>\nAbstract:<br>\nTwo years ago, the Four Thieves Vinegar Collective became public at HOPE XI after almost a decade of working underground, and debuted the first generation of the Apothecary Microlab, the open-source automated chemical reactor designed to synthesize the active ingredients of pharmaceutical drugs. We synthesized Daraprim onstage, and called Martin Shkreli\'s cell phone from stage. It was a good time. Since then, the reactor has developed, and we have worked on more complicated syntheses, and hacking medical hardware. Most notably, we released plans for a DIY version of the EpiPen anyone can make for $30US. Come see the new releases we have planned and the new beta unit. Learn how to make medicine from poison, how to use the shrouding of information about medicine to make custom-tailored treatment programs for rare diseases, and how to use public data to find new, more efficient synthesis pathways for drugs. Hack your health. We can torrent medicine. File sharing saves lives.<br>\n\'',0,134348),('3_Saturday','16','16:15','16:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Hacking Human Fetuses\'','\'Erin Hefley\'','940fcfe1996864066dc26f5dd14e4162','\'Title: Hacking Human Fetuses<br><br>Speaker: Erin Hefley<br>\n @erintoxicating<br>\nAbout Erin:<br>\nErin Hefley is a resident physician in her final year of training with the Phoenix Integrated Residency in Obstetrics & Gynecology. She has a background in public health and women\'s health, and obtained a Master of Public Health degree from the University of Northern Colorado prior to attending medical school at the University of Arizona - Phoenix. This is her 6th Defcon attendance over the past decade, and she is thrilled to have witnessed the development and expansion of the Biohacking Village. Her current interests include reproductive health technology, women\'s health policy, running, and vampire erotica<br>\nAbstract:<br>\n\"As prenatal testing and ultrasound technology have greatly improved, so has our ability to diagnose birth defects and genetic diseases earlier and earlier in pregnancy. Until recently, our only available options were to offer pregnancy termination or wait to see if the baby survived long enough to be treated after birth. But what if we had the capability to intervene before those genetic mutations had a chance to cause their harmful effects, sparing parents from the agony of uncertain pregnancy outcomes and saving children from debilitating diseases? In last year’s “Designer Babies: Hacking Human Embryos” we discussed pre-implantation genetic testing and embryo modification as a means to identify and treat heritable diseases, by correcting harmful gene mutations before a pregnancy even begins. Since then, exciting new research has shown that even after a pregnancy is under way, opportunities still exist for hacking the biological machinery of the fetus to alter its developmental course.This talk will review new and rapidly evolving strategies to treat genetic disease in utero – while the baby is still in the womb - by hijacking the embryologic mechanisms responsible for fetal growth and development.<br>\nExamples include:<br>\n- injection of a critical protein into the amniotic fluid surrounding babies with X-linked hypohydrotic ectodermal dysplasia, a genetic condition causing a lack of sweat glands and the life-threatening inability to regulate temperature<br>\n- transfusion of mesenchymal stem cells into the fetal umbilical cord to treat osteogenesis imperfecta or “brittle bone disease”<br>\n- in utero blood and bone marrow transplant to treat the fatal hemoglobin disorder alpha-thalessemia major<br>\n- correcting deformities such as cleft lip and palate by triggering cell signaling pathways \"\"knocked out\"\" by genetic mutation \"<br>\n\'',0,134349),('3_Saturday','17','17:00','17:45','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Biohacking the Disability\'','\'Gabriel Bergel\'','1624f125b7d1d529ccfab99593a259e6','\'Title: Biohacking the Disability<br><br>Speaker: Gabriel Bergel<br>\nAbout Gabriel:<br>\nGabriel Bergel is a System Engineer, Master in Cybersecurity from the IMF Business School and the Camilo José Cela University (Spain) and has 15 years<br>\nof experience in different areas of information security. He regularly speakers in courses, workshops and forums on information security in different<br>\ninstitutions, universities and national and international events. Currently he is Chief Executive Officer (CEO) of Vulnscope, Chief Strategy Officer (CSO)<br>\nof Dreamlab Technologies, and Chief Security Ambassador (CSA) of Eleven Paths, Director of Public Policies in Whilolab and Founder and Organizer of 8.8 Computer<br>\nSecurity Conference.<br>\nSpeaker: Rodrigo Quevedo:<br>\nAbout Rodrigo:<br>\nSpecialist in technological architecture and management, entrepreneur, teacher, inventor and mentor of scientific talents, with a high social and service vocation, fully dedicated to the development of mechatronics and robotics technology in different fields, for 10 years he has trained more than 3000 young people in Chile, Peru, Bolivia and Colombia,<br>\nallowing more than 700 young people to travel to the USA to compete in robotic tournaments, forming 34 teams that have competed in national and international tournaments, obtaining various awards in Japan, USA and Chile. Speaker at various universities, colleges, innovation and entrepreneurship events, national and international. Interviewed by different<br>\nmeans of print and television, national and international. Guest writer of technological columns in various specialized magazines. Inventor of 14 products, including MIVOS, bidirectional automatic translator of signlanguage for deaf people.<br>\nAbstract:<br>\n\"The talk is about the project “Over Mind”. That it is a neuro wheelchair control software developed to help people with different physical abilities who have reduced mobility and use wheelchairs, by capturing data provided by neuro sensors or other sources of information, the software converts them into an order of movement to one or several engines, allowing the movement of a wheelchair. “Over Mind” will allow you to control any adapted electric wheelchair. You can also control an exoskeleton or other mechanism that facilitates the mobility of people. We have managed to control a high-tech robot using our Over Mind software and using a sensor provided by Neurosky<br>\nThe Problem:<br>\nThe 1% of the world population cannot move by itself, for various reasons such as Amyotrophic lateral sclerosis (ALS), accidents and others, 50,000,000 people.<br>\nOver Mind is a a low-cost technology/system developed in Chile, designed to give mobility to 1% of the world population, increasing its available physical capacities allowing people with zero or reduced mobility to MOVE and carry out activities on their own, granting freedom and autonomy.<br>\nThe year 2016 Over Mind participated in the contest \"\"An idea to change history\"\", organized by History Channel together with 5,800 projects and it was the only Chilean project that finished among the four finalists.\"<br>\n\'',0,134350),('3_Saturday','17','17:45','18:30','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Batman, Brain Hacking, and Bank Accounts\'','\'Katherine Pratt\'','85bfcf559a58d0e53b637c8c76666e61','\'Title: Batman, Brain Hacking, and Bank Accounts<br><br>Speaker: Katherine Pratt<br>\nAbout Katherine:<br>\nKatherine Pratt received her B.S. in aerospace engineering from MIT in 2008, where she received the MIT Women’s League Laya Weisner Award for public service to the university, and the MIT Aero/Astro James Means Memorial Award for Space Systems Engineering.  She completed several internships with the private space venture Blue Origin, working in systems and propulsion engineering.  After graduation, she served four years in the United States Air Force, working primarily as an operational flight test engineer on the F-35 Joint Strike Fighter.  She is now a PhD Candidate in the BioRobotics Lab in the Electrical Engineering department of the University of Washington, and currently spending six months in Congress as a Congressional Innovation Scholar.  Her work focuses on the privacy, ethics, and policy of neural data.  In addition to research, Katherine is passionate about getting younger students, especially girls and minorities, interested in science and technology.  She also competes in triathlons as a member of the Husky Triathlon Club and iracelikeagirl teams.<br>\nAbstract:<br>\nThe advancement of technology means more data are being collected from a wider range of sources. Of particular concern is data collected using a Brain Computer Interface (BCI): a device that records neural signals and allows them to control objects external to the body. Applications for this<br>\ntechnology range from therapeutic (e.g. controlling a prosthetic arm) to entertainment (e.g. playing a video game). These cases provide malicious entities the ability to intercept, manipulate, or hack neural signals and the devices they control: it is the plot of Batman Forever (1995) come to life.<br>\nThis talk will outline research in the field of neural security and information elicitation, as well as the corresponding ethical and policy implications.<br>\n\'',0,134351),('3_Saturday','18','17:45','18:30','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Batman, Brain Hacking, and Bank Accounts\'','\'Katherine Pratt\'','85bfcf559a58d0e53b637c8c76666e61','\'\'',0,134352),('3_Saturday','18','18:30','19:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Building a Better Bedside - The Blue Team Needs a Plan B\'','\'Nick Delewski and Saurabh Harit\'','38900f882698eafe5637045c13aea8c8','\'Title: Building a Better Bedside - The Blue Team Needs a Plan B<br><br>Speaker: Nick Delewski and Saurabh Harit<br>\nAbstract:<br>\nWhile important changes may be afoot in the US regulatory environment for medical devices, which should hopefully allow more people to make informed decisions regarding patient safety, many CISOs, security engineers, and network admins have to live day to day in the world we have, not the world we wish for.  There have been multiple presentations in the last few years about the details of medical device security that have rightly put the onus on manufacturers to provide long term fixes.  However, we wonder if there are ways to create a more defensible and hardened hospital room until the notoriously slow regulatory process gains traction.We’ve done deep dives into specific medical devices and we’ve done pentests in several hospital systems.  In our experience, we have noticed broad classes of common vulnerabilities across bedside equipment that transcend any one device or class of device.  Input validation errors, buggy network stacks, and low-bandwidth links can be found in systems that monitor vitals, administer medications, or in components that glue disparate systems together.  A long awaited patch may fix one vulnerability only for the hospital to bring in a different device for clinical or financial reasons, and wash-rinse-repeat.  It’s not enough for one or two manufacturers to step up the security game if they are feeding data into other unreliable systems, and it will be a while before everyone is at the same level. We are dedicated red teamers, and we may feel the pain of those in the blue team trying to do the right thing, but we don’t know what it’s like to live in your shoes.  In this talk, we will explain, in broad terms, vulnerabilities that we have seen and how we recommend remediating them.  But we don’t want you to leave this session feeling that we are talking down to the defenders.  We want you to have a seat at the table and share how you handle the unknown in your environment.<br>\n\'',0,134353),('3_Saturday','19','18:30','19:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Building a Better Bedside - The Blue Team Needs a Plan B\'','\'Nick Delewski and Saurabh Harit\'','38900f882698eafe5637045c13aea8c8','\'\'',0,134354),('3_Saturday','19','19:15','19:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Lightning Talks\'','\'Maybe you?\'','923def8db72024bfc26f52ab11e70a44','\'Title: Lightning Talks<br><br>Speaker: Maybe you?<br>\nAbstract:<br>\nCome present your own crazy and wacky biohacking talks and projects. You got 10 minutes to strut your stuff!<br>\n\'',0,134355),('4_Sunday','10','10:00','10:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'WELCOME TO THE LAST DAY OF BHV!\'','\'Staff\'','c06e4f1a62199737f80e819f948334e1','\'Title: WELCOME TO THE LAST DAY OF BHV!<br><br>Speaker: Staff<br>\n\'',0,134356),('4_Sunday','10','10:15','10:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Exploiting immune defences - can malware learn from biological viruses?\'','\'Guy Propper\'','39ff48f70efaecb52f9c3440071e8fb2','\'Title: Exploiting immune defences - can malware learn from biological viruses?<br><br>Speaker: Guy Propper<br>\nAbstract:<br>\nBiological viruses have existed and evolved for millions of years, maliciously exploiting host cells for survival. How have they done this, and what can we learn from it?<br>\nExtremely advanced mechanisms for privilege escalation, persistence, and defence evasion have been used by biological viruses long before malware was first written.<br>\nThis talk will provide an understanding of what mechanisms are used by biological viruses to exploit immune defences, persist, and survive in the arms race with the immune system.<br>\nSurprising differences between malware and virus actions will be shown, and some mechanisms which are used by viruses, but have not been adopted, or even attempted by malware, will be revealed.<br>\nNo biological background is needed, only an open mind.<br>\n\'',0,134357),('4_Sunday','11','11:00','12:15','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Jumping the Epidermal Barrier\'','\'Vlad Gostomelsky and Dr. Stan Naydin \'','011abca4f8552f43cbeea53bbbf208db','\'Title: Jumping the Epidermal Barrier<br><br>Speaker: Vlad Gostomelsky and Dr. Stan Naydin <br>\nAbstract:<br>\nThis talk will focus on consumer grade glucose monitors - primarily continuous glucose monitors that are implantable or attach to the skin<br>\nfor extended length of time and provide readings via bluetooth low energy or have RF/BLE bridges. Research was focused on security/privacy implications.<br>\n\'',0,134358),('4_Sunday','12','11:00','12:15','Y','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Jumping the Epidermal Barrier\'','\'Vlad Gostomelsky and Dr. Stan Naydin \'','011abca4f8552f43cbeea53bbbf208db','\'\'',0,134359),('4_Sunday','12','12:15','12:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Selfie or Mugshot?\'','\'Anne Kim \'','cb55a21a564c7baca4e6118126eb12e3','\'Title: Selfie or Mugshot?<br><br>Speaker: Anne Kim <br>\nAbout Anne:<br>\nAnne Kim is a researcher and graduate student specializing in Computer Science and Molecular Biology at MIT.  Professor Alex \"Sandy\" Pentland, head of the Human Dynamics Group at the MIT Media Lab, is the advisor for her thesis focusing on blockchain solutions for clinical trial optimization.  Outside of her thesis work, Anne has done a number of different projects in quantum chemistry simulations, genome-wide association studies, natural language processing for electronic health records,  and a startup in secure data sharing.  Anne sees accessibility to healthcare as a right, and believes that the interface between biology, healthcare policy, and technology is a promising way to achieve that mission<br>\nAbstract:<br>\nThanks to the use of DNA in criminal investigations, hundreds of innocent people have been exonerated from crimes they did not commit.  DNA has also been used to used to arrest suspects in cold cases!  In my presentation I will give a primer on the techniques used for DNA profiling and the statistics for false positives.  The bulk of my presentation will be looking into the vulnerabilities of<br>\ncurrent DNA profiling methods and how a malicious actor could actually reconstruct enough genotypic information of any innocent person from just a picture of their face.  This is based on recently published Nature Genetics research and extends the methods to suggest that it would only take ~50 million face:genotype samples to have a sufficient genotypic mapping that would allow someone to recreate your 23andMe profile (602,000 SNPs) from a selfie.<br>\n\'',0,134360),('4_Sunday','13','13:00','12:59','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'Getting Skin in the Game: Biohacking & Business\'','\'Cyberlass\'','851a221e91b145d5ed9add8cda15a5e8','\'Title: Getting Skin in the Game: Biohacking & Business<br><br>Speaker: Cyberlass<br>\nAbout Cyberlass:<br>\nAs an IT professional and biohacker Amanda Plimpton is delighted by the surge of citizen scientists who are driven to investigate, experiment and seek answers. She is interested in how the biohacking/body augmenting community can help its growing pool of talented, passionate individuals contribute to their fields from the commercial, academic or non-profit sectors. As Chief Operating Officer at Livestock Labs she is helping build a company that showcases one way biohackers can enter commercial spaces. Hoping to bring back lessons learned, she wants to keep helping grow a community that supports each other and promotes successes.<br>\nAbstract:<br>\nLet’s talk biohacking, technology and business. We are a community that is innovating and creating — mostly in non-profit and academic spaces. As we have grown so have the business opportunities, sometimes in unexpected places. My company, Livestock Labs, is bringing its biometric implant to market — in cows first. Started by grinders, the company is proving what we all know — that when we get funding and dedicated time our projects take off. This session tries to shed some light on learning to business as a biohacker and encourages other body augmenters and diyBio folks to take the leap and see what amazing things they can accomplish.<br>\n\'',0,134361),('4_Sunday','13','13:45','13:45','N','BHV','Caesars Promenade Level - Pisa/Palermo/Siena Rms','\'PWN to OWN my own Heart. Journey into hacking my own pacemake\'','\'Veronica Schmit\'','3ad5c186295297cee010fe818298a411','\'Title: PWN to OWN my own Heart. Journey into hacking my own pacemake<br><br>Speaker: Veronica Schmit<br>\nAbout Veronica:<br>\nVeronica or Vee is a Partner at DFIRLABS. She is a forensicator, avid researcher and quite literally the superglue that holds DFIRLABS together. She was previously in charge of the Free State Cyber Forensic Laboratory of the Special Investigating Unit. After deciding that this title on its own wasn’t already too much of a mouthful, she departed the SIU in order to add Malware (Reverse) Engineer, Photographer, Seamstress, Super Mom and Sleep-deprived MSc Chaser to her list. She PWN’s to own her own medical device which aids her broken heart beats, into a different rhythm, sometimes this beat is much like that of drums beating. She is passionate about medical device security and does not believe in security through obscurity. In between attending Metallica concerts and being converted into a cyborg (no really, ask her about her metal bits sometime), she completed a Diploma in Criminal Justice and Forensic Investigation from the University of Johannesburg. Deciding to brave foreign climes and curiosities, she went on to receive training in Europe on digital forensics and cyber crime investigation from the United States Department of Homeland Security. She is an Associate Member of a number of professional bodies, including the Institute of Information Technology of Professionals of South Africa, the Association of Certified Fraud Examiners, and the International Association of Computer Investigative Specialists. Veronica has contributed to several publications, including the ISC2 CCFP : Certified Computer Forensic Practitioner. She is currently juggling a Master’s thesis on ransomware, several digital forensics cases, getting a quality forensics training company off the ground, and reverse engineering ransomware whilst also keeping her two year old from walking into things. You can contact her by lighting up the night sky with the P10z0n_P1x13  beacon mounted on the top of the Twitter police department, or alternatively by email.<br>\nAbstract:<br>\nThe increase of pace in the technology field has left the race for manufacturers to increase the security in medical devices. There is the theoretically possibility that your heart can be pwned. Pacemakers have become part of the internet of things. We are putting our hearts on display. This is my journey from regular hacker to gen-one cyborg to pwning my own heart that I can own the vulnerabilities to fix it. We forget that these are devices connected to flesh and blood, a person who depends on this device to have just one more heart beat. This is a journey into the inner sanctum of living with a vulnerable device in a time where technology progression has left behind security. We can no longer have security by obscurity when it comes to devices which cyborg’s like me depend on.We should not be in the business of sacrificing security for convenience or power. As a patient, I would rather sleep knowing my device has been hardened and have the inconvenience of replacing it more regularly than the converse. I feel that we, as the security community, should be addressing and assisting medical manufacturers with the security vulnerabilities in the devices that literally keep people alive. There should be more effort placed on addressing the security vulnerabilities. The simple fact is we are not dealing with just ones and zeroes. This is, for some, a life or death situation.<br>\n\'',0,134362),('2_Friday','10','10:00','12:59','N','HHV','Caesars Pool Level - Forum 17-21','\'Applied Physical Attacks on Embedded Systems, Introductory Version\'','\'Joe FitzPatriclk, @arinerron, and @pixieofchaos\'','applied-physical-attacks-on-embedded-systems-introductory-version','\'<h3 id=\"applied-physical-attacks-on-embedded-systems-introductory-version\">Applied Physical Attacks on Embedded Systems, Introductory Version</h3>\n<p>Joe FitzPatriclk, @arinerron, and @pixieofchaos</p>\n<h4 id=\"abstract\">Abstract</h4>\n<p>This workshop introduces several different relatively accessible interfaces on embedded systems. Attendees will get hands-on experience with UART, SPI, and JTAG interfaces on a MIPS-based wifi development board. After a brief architectural overview of each interface, hands-on labs will guide through the process understanding, observing, interacting with, and exploiting the interface to potentially access a root shell on the target.</p>\n<h4 id=\"what-to-bring\">What to Bring</h4>\n<p>No hardware or electrical background is required. Computer architecture knowledge, Linux internals, command-line familiarity, and low-level programming experience all very helpful but not actually required.</p>\n<p>All equipment, including laptops, will be provided for use in the class. Students will be provided with a lab manual that includes an equipment list of all materials used for the class.</p>\n<p>Max size: 24, first come first serve basis.</p>\n<h4 id=\"bio\">Bio</h4>\n<p>Joe (@securelyfitz) is an Instructor and Researcher at https://SecuringHardware.com (@securinghw). Joe has spent over a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontrollers. He has spent the past 5 years developing and leading hardware security related training, instructing hundreds of security researchers, pen testers, hardware validators worldwide. When not teaching Applied Physical Attacks training, Joe is busy developing new course content or working on contributions to the NSA Playset and other misdirected hardware projects, which he regularly presents at all sorts of fun conferences.</p>\n<p>@arinerron is a student, security enthusiast, CTF player, bug bounty hunter, software developer, and ham radio operator (K1ARE). He’s interested in many aspects of security, though most of his experience is in web and binary exploitation.</p>\n<p>Chaos Pixie (@pixieofchaos) works for the man doing embedded systems security.</p>\n\'',0,134363),('2_Friday','11','10:00','12:59','Y','HHV','Caesars Pool Level - Forum 17-21','\'Applied Physical Attacks on Embedded Systems, Introductory Version\'','\'Joe FitzPatriclk, @arinerron, and @pixieofchaos\'','applied-physical-attacks-on-embedded-systems-introductory-version','\'\'',0,134364),('2_Friday','12','10:00','12:59','Y','HHV','Caesars Pool Level - Forum 17-21','\'Applied Physical Attacks on Embedded Systems, Introductory Version\'','\'Joe FitzPatriclk, @arinerron, and @pixieofchaos\'','applied-physical-attacks-on-embedded-systems-introductory-version','\'\'',0,134365),('2_Friday','14','14:00','17:59','N','HHV','Caesars Pool Level - Forum 17-21','\'Getting to Blinky: #badgelife begins with a single blink\'','\'Chris Gammell\'','getting-to-blinky-badgelife-begins-with-a-single-blink','\'<h3 id=\"getting-to-blinky-badgelife-begins-with-a-single-blink\">Getting to Blinky: #badgelife begins with a single blink</h3>\n<p>Chris Gammell</p>\n<h4 id=\"abstract-1\">Abstract</h4>\n<p>This is an in-person, hands-on version of “Getting To Blinky”, an online course series that has taught thousands to use the free and open source electronics CAD program, KiCad. This would be a “DEFCON badge” version of that course which showcases how to add a blinking circuit, get acquainted with the tool and also add customizable artwork to a Printed Circuit Board (PCB). By the end, attendees will be able to actually order a low cost PCB from online sources.</p>\n<h4 id=\"what-to-bring-1\">What to Bring</h4>\n<p>Please come to this session with a computer with KiCad set up and running. Course is aimed at KiCad 4.0.7, slightly earlier is fine but 5.0.0 is not advised. Install assistance can be given during the beginning of the presentation if needed.</p>\n<p>Max size: 24, first come first serve basis.</p>\n<h4 id=\"bio-1\">Bio</h4>\n<p>Chris Gammell is the host of The Amp Hour Electronics podcast and the owner of Contextual Electronics, an online apprenticeship program. He has been teaching people to design and build electronics online for 8 years, including 5 as an online instructor. His interests are in hands on education and making the electronics learning process easier. He also focuses on low cost and no cost tools, like the open source CAD program KiCad. Prior to teaching online, Chris was an electronics designer for 15 years in various industrial settings.</p>\n\'',0,134366),('2_Friday','15','14:00','17:59','Y','HHV','Caesars Pool Level - Forum 17-21','\'Getting to Blinky: #badgelife begins with a single blink\'','\'Chris Gammell\'','getting-to-blinky-badgelife-begins-with-a-single-blink','\'\'',0,134367),('2_Friday','16','14:00','17:59','Y','HHV','Caesars Pool Level - Forum 17-21','\'Getting to Blinky: #badgelife begins with a single blink\'','\'Chris Gammell\'','getting-to-blinky-badgelife-begins-with-a-single-blink','\'\'',0,134368),('2_Friday','17','14:00','17:59','Y','HHV','Caesars Pool Level - Forum 17-21','\'Getting to Blinky: #badgelife begins with a single blink\'','\'Chris Gammell\'','getting-to-blinky-badgelife-begins-with-a-single-blink','\'\'',0,134369),('3_Saturday','10','10:00','10:40','N','HHV','Caesars Pool Level - Forum 17-21','\'Hacking your HackRF\'','\'Mike Davis\'','hacking-your-hackrf','\'<h3 id=\"hacking-your-hackrf\">Hacking your HackRF</h3>\n<p>Mike Davis</p>\n<h4 id=\"abstract-2\">Abstract</h4>\n<p>The HackRF isn’t just an SDR - it’s an open-source, open-hardware device that’s designed to be modified. In this talk I walk through the basics of how to open and modify the hardware and software. I also show all the mods and hacks I’ve done to/with my HackRFs, including physical synchronisation between HackRFs, quadcopter transmitter adaptation, audio encoding/decoding, quadcopter vtx and a future project to add USB3</p>\n<h4 id=\"bio-2\">Bio</h4>\n<p>Software/hardware developer, currently studying an MSc Computer Science (infosec), not yet a cyborg</p>\n\'',0,134370),('3_Saturday','11','11:00','11:30','N','HHV','Caesars Pool Level - Forum 17-21','\'Disabling Intel ME in Firmware\'','\'Brian Milliron\'','disabling-intel-me-in-firmware','\'<h3 id=\"disabling-intel-me-in-firmware\">Disabling Intel ME in Firmware</h3>\n<p>Brian Milliron</p>\n<h4 id=\"abstract-3\">Abstract</h4>\n<p>Modern OSes have consistently raised the bar in regards to security with each revision, largely due to the efforts of the security community to find and report bugs. Because of this the OS layer is reasonably secure at this point. However the security of the hardware layer has fallen far behind and now represents the biggest threat. In particular, the Intel Management Engine is a huge security hole which Intel has put great effort into forcing users to accept blindly. No more. This talk will present a how to on permanently disabling Intel ME by reflashing the BIOS using a Raspberry Pi. Take back control of your own hardware and give Big Brother’s Backdoor the boot.</p>\n<h4 id=\"bio-3\">Bio</h4>\n<p>Brian Milliron works as a freelance penetration tester for ECR Security. He has been monkeying around with security since his teens and has worked as a pentester for the last 8 years, working primarily with the Energy/Utility sector. Besides popping shells and defeating Big Brother technology, he also enjoys exploring the RF spectrum, finding new uses for Raspberry Pis, studying malware, nature and off-grid living.</p>\n\'',0,134371),('3_Saturday','12','12:00','12:50','N','HHV','Caesars Pool Level - Forum 17-21','\'NFC Payments: The Art of Relay &amp; Replay Attacks\'','\'Salvador Mendoza\'','nfc-payments-the-art-of-relay--replay-attacks','\'<h3 id=\"nfc-payments-the-art-of-relay--replay-attacks\">NFC Payments: The Art of Relay &amp; Replay Attacks</h3>\n<p>Salvador Mendoza</p>\n<h4 id=\"abstract-4\">Abstract</h4>\n<p>Relay and replay attacks are becoming more common in the payment industry. Getting more complex and sophisticated day by day. We are not just seeing simple skimming techniques but complex attack vectors that are a combination of technologies and implementations involving SDR(Software-Defined Radio), NFC, APDU(Application Protocol Data Unit), hardware emulation design, specialized software, tokenization protocols and social engineering. In this talk, we will discuss what these attacks are, or what kind of hardware or software could be implemented.</p>\n<h4 id=\"bio-4\">Bio</h4>\n<p>Salvador Mendoza is a security researcher focusing in tokenization processes, magnetic stripe information and embedded prototypes. He has presented on tokenization flaws and payment methods at Black Hat USA, DEF CON 24/25, DerbyCon, Ekoparty, BugCON, 8.8, and Troopers 17/18. Salvador designed different tools to pentest magnetic stripe information and tokenization processes. In his designed toolset includes MagSpoofPI, JamSpay, TokenGet, SamyKam and lately BlueSpoof.</p>\n\'',0,134372),('3_Saturday','15','15:00','15:30','N','HHV','Caesars Pool Level - Forum 17-21','\'Breaking In: Building a home lab without having to rob a bank\'','\'Bryan Austin\'','breaking-in-building-a-home-lab-without-having-to-rob-a-bank','\'<h3 id=\"breaking-in-building-a-home-lab-without-having-to-rob-a-bank\">Breaking In: Building a home lab without having to rob a bank</h3>\n<p>Bryan Austin</p>\n<h4 id=\"abstract-5\">Abstract</h4>\n<p>Building a home lab is critical to making you as a hacker better, but between space, hardware costs and learning it can quickly become an expensive habit. This talk will aim to show you some of the low cost options to learning the skills of the trade, and a bit of the mindset you need to finish that project.</p>\n<h4 id=\"bio-5\">Bio</h4>\n<p>Bryan Austin is an information security researcher with a background in electronics, threat analysis, social engineering, working with at-risk children, mentorship and research. He is also the co-founder of Through the Hacking Glass, a free mentorship community partnered with Peerlyst. By day, he secures people and organizations against scammers and hackers but by night he works with children with behavioral issues and a variety of other challenges. When not crusading against internet evil doers, he enjoys hiking, Taekwondo, and hacking with his beautiful wife and 3 amazing children.</p>\n\'',0,134373),('3_Saturday','16','16:00','16:30','N','HHV','Caesars Pool Level - Forum 17-21','\'The Cactus: 6502 Blinkenlights 40 Years Late\'','\'Commodore Z\'','the-cactus-6502-blinkenlights-40-years-late','\'<h3 id=\"the-cactus-6502-blinkenlights-40-years-late\">The Cactus: 6502 Blinkenlights 40 Years Late</h3>\n<p>Commodore Z</p>\n<h4 id=\"abstract-6\">Abstract</h4>\n<p>While many machines prior to the microcomputer boom of 1977 were commonly found with front panel interfaces and blinkenlights, only a few obscure examples use a 6502 microprocessor. What seemed like a perfect blend of inexpensive computer technologies didn’t mix well in practice, thus kits and the majority of homebrew machines opted for other microprocessor/interface combinations. Building a computer from the ground up around a microprocessor was a process worth exploring, so why not approach it from a historical perspective? Enter the Cactus: a technological “what if” built with the goal of recreating the homebrew computer experience of the 1970s. This includes parts and construction techniques of the era, with only a few post-1980 concessions where appropriate. I will describe the process involved in making a 1970s homebrew computer ~40 years too late, as well as why such a machine never could have come to be in the era it was designed to mimic.</p>\n<h4 id=\"bio-6\">Bio</h4>\n<p>Commodore Z is vintage computer geek by night, and a broadcast engineer by day. He collects and restores vintage computers &amp; robots, studies historical telephony, and peers into the past to better understand the future. He lives by the mantra “jack of all trades, master of none, but better than a master of one”, and doctors say there are traces of blood in his lead stream. When time permits, he volunteers for the Vintage Computer Federation.</p>\n\'',0,134374),('3_Saturday','17','17:00','17:20','N','HHV','Caesars Pool Level - Forum 17-21','\'WiFi Beacons will give you up\'','\'John Aho\'','wifi-beacons-will-give-you-up','\'<h3 id=\"wifi-beacons-will-give-you-up\">WiFi Beacons will give you up</h3>\n<p>John Aho</p>\n<h4 id=\"abstract-7\">Abstract</h4>\n<p>A quick and dirty intro to making wifi beacons with esp8266 modules. A new small tool to help you generate your own beacon and unveiling of a fun multi-beacon setup.</p>\n<h4 id=\"bio-7\">Bio</h4>\n<p>John is a programmer who makes gloriously useless things and occasionally useful ones by accident.</p>\n\'',0,134375),('3_Saturday','18','18:00','18:45','N','HHV','Caesars Pool Level - Forum 17-21','\'Building Drones the Hard Way\'','\'David Melendez Cano\'','building-drones-the-hard-way','\'\'',0,134376),('2_Friday','12','12:00','12:10','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Opening Note\'','\'Shubham Mittal / Sudhanshu Chahuhan\'','7c978ccb7ea932fd9b8acc700fdc1f58','\'\'',0,134377),('2_Friday','12','12:10','12:50','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Keynote - From Breach to Bust: A short story of graphing and grey data\'','\'Andrew Macpherson\'','782b79701b666656199c45cd14089fa9','\'\'',0,134378),('2_Friday','12','12:55','13:35','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Emergent Recon - fresh methodology and tools for hackers in 2018\'','\'Jason Haddix\'','84719331df91733c1600d6e7b854b457','\'<h2 id=\"emergent-recon---fresh-methodology-and-tools-for-hackers-in-2018---jason-haddix\">Emergent Recon - fresh methodology and tools for hackers in 2018 - <a href=\"https://twitter.com/jhaddix\">Jason Haddix</a></h2>\n<p>Recon is an art AND an science. The landscape for methods of finding hosts to attack is constantly changing. Whether you call it “Asset Discovery” or something else, it remains a core part of bounty hunter and red teaming life. Join Jason as he expands on his ever changing recon methodology.</p>\n\n<p>This talk will focus on what tools to incorporate (and which tools not to). It will outline new methods coined in 2018,  plus frameworks to automate and document your workflow. Topics include: brand/TLD discovery, host enumeration,  application threat modeling, and more!</p>\n\n\'',0,134379),('2_Friday','13','12:55','13:35','Y','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Emergent Recon - fresh methodology and tools for hackers in 2018\'','\'Jason Haddix\'','84719331df91733c1600d6e7b854b457','\'\'',0,134380),('2_Friday','14','14:40','15:10','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Prebellico - 100% Passive Pre-Engagement and Post Compromise Network Reconnaissance Tool\'','\'William Suthers\'','75a14e1e206e73050a7eb0e896fd8108','\'<h2 id=\"prebellico---100-passive-pre-engagement-and-post-compromise-network-reconnaissance-tool---william-suthers\">Prebellico - 100% Passive Pre-Engagement and Post Compromise Network Reconnaissance Tool - <a href=\"https://twitter.com/VICT0RIS\">William Suthers</a></h2>\n<p>When attacking modern internal networks, intelligence is everything.  Understanding the environment you are operating in can be the difference between successfully penetrating your target environment or missing targets of opportunity due to lack of understand about the target environment.</p>\n\n<p>While true, obtaining information about the environment in a stealthy manner, when required, can be difficult within a mature environment. Even during overt engagements, obtaining the information you need within a limited time window can be difficult, especially during engagement delays.</p>\n\n<p>Further complicating things, often testing scope is based off of poor assumptions about the target environment, often leading unrealistic scope reductions a real-world attacker would not operate out of.</p>\n\n<p>Over the years internal testing engagements have been operating on various assumptions within switched networks, often driving engagement execution methods, but what if these assumptions were wrong? What if we could utilize the wasted time, even weeks in advance, between deployment and engagement execution, to take the time to understand the network? What if we could leverage the realities of modern networks and the things customers do to ‘prepare’ for an engagement (backups, security scans, etc.) through 100% passive methods, challenging your assumptions about the network?</p>\n\n<p>Prebellico is pre-engagement and post compromise intelligence gathering mechanism designed to gather as much information about the target environment through 100% passive methods. Utilizing very few resources, Prebellico permits an attacker the ability to understand the target environment by providing information such as the intent of internal systems, internal network address space, hostnames, egress filtering, TCP trust relationships, as well as map open TCP/UDP ports through reverse port scanning using 100% passive techniques.”</p>\n\n\'',0,134381),('2_Friday','15','14:40','15:10','Y','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Prebellico - 100% Passive Pre-Engagement and Post Compromise Network Reconnaissance Tool\'','\'William Suthers\'','75a14e1e206e73050a7eb0e896fd8108','\'\'',0,134382),('2_Friday','15','15:15','15:45','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Adventures in the dark web of government data\'','\'Marc DaCosta\'','4ad2eda8a8320b06c95d968724e522fa','\'<h2 id=\"adventures-in-the-dark-web-of-government-data---marc-dacosta\">Adventures in the dark web of government data - <a href=\"https://twitter.com/marc_dacosta\">Marc DaCosta</a></h2>\n\n<p>Government bureaucracy is your friend. The US federal government alone produces tens of thousands of different forms that collect information on everything from the owner and location of every oil well in the country, to the VIN number of every car that’s imported, the location and height of every cell phone tower, and much more. While most of this data is locked behind clunky 1990s-era search forms, or in exports of antiquated database formats, the enterprising researcher will find a treasure trove that exists outside the indexes of Google and LexisNexis.</p>\n\n<p>I have written scrapers and parsers for 100s of these databases and will share with you what I’ve learned about coaxing OSINT out of some of the messiest and hard to find data out there.</p>\n\n<p>The talk will specifically feature a deep dive into the data produced by the US Federal Communications Commission. The FCC has issued over 20 million licenses for transmitting on regulated parts of the electromagnetic spectrum. The data residue of this process can be used for everything from geo-locating electronic border surveillance infrastructure to discovering the location and transmission frequency of every McDonald’s drive-thru radio. In the second portion of the talk, I will discuss how various protocols for data transmission can be decoded and joined with other contextual public data. For instance, every cargo ship emits an ““Automated Identification System”” signal that can be joined with shipping records to understand what the ship is carrying.</p>\n\n<p>By the end of the talk, I hope attendees will develop new intuitions and techniques for finding and working with government data, and specifically have the tools to run their own investigations using FCC data.</p>\n\n\'',0,134383),('2_Friday','15','15:50','16:10','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'How WHOIS Data Uncovered $32 Billion Connected to the Mormon Church\'','\'Ethan Gregory Dodge\'','a8955809ac24fec08a9f079612dc4290','\'<h2 id=\"how-whois-data-uncovered-32-billion-connected-to-the-mormon-church---ethan-dodge\">How WHOIS Data Uncovered $32 Billion Connected to the Mormon Church - <a href=\"https://twitter.com/egd_io\">Ethan Dodge</a></h2>\n\n<p>It’s always been suspected that the Mormon Church is worth billions of dollars and has a sizable amount of investments in the United States stock market. However their finances are almost entirely opaque. In May 2018, MormonLeaks released a compilation of information connecting the dots between the Mormon Church and $32 billion.</p>\n\n<p>It all started with WHOIS data and was further verified with almost entirely publicly available and open sources. Come hear the entire story in lightning style fashion.</p>\n\n\'',0,134384),('2_Friday','16','15:50','16:10','Y','RCV','Caesars Promenade Level - Florentine BR 1,2','\'How WHOIS Data Uncovered $32 Billion Connected to the Mormon Church\'','\'Ethan Gregory Dodge\'','a8955809ac24fec08a9f079612dc4290','\'\'',0,134385),('2_Friday','16','16:15','16:45','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Hacking the international RFQ Process #killthebuzzwords\'','\'Dino Covotsos\'','fb0094f5a03c2c207e38fd8961cd0ea0','\'<h2 id=\"hacking-the-international-rfq-process-killthebuzzwords---dino-covotsos\">Hacking the international RFQ Process #killthebuzzwords - <a href=\"https://twitter.com/telspacesystems\">Dino Covotsos</a></h2>\n<p>Thanks to the “boom” in the information security industry combined with the latest buzzwords, more and more large corporate companies are looking for the latest “next gen” anti-haxor services and technologies. In doing so they often go out publicly on tender and / or issue an RFP/RFQ in order to obtain the best possible solution to meet their requirements and budget (usually cost <em>wins</em>).</p>\n\n<p>Due to this and a lack of maturity in the field, companies issue public RFQs / RFPs that contain classified and confidential / secret information such as network diagrams, architectural designs, software versions etc.  This type of information would usually require that an attacker spend an extensive amount of time performing enumeration and / or gaining access to the internal network first and taking a significant amount of time to learn about that environment.  Targeting the procurement process of an organisation exposes a largely unexplored attack surface.</p>\n\n<p>This new research and presentation aims to demystify the above and give practical examples of large international organisations, which unfortunately fail at the RFP/RFQ process badly. This opens a “free and easy” attack vector for attackers to exploit without even conducting extensive enumeration and fingerprinting, or anything close to intrusive attacks.  As a result, an attacker often has access to an extensive amount confidential information about the organisation, which could be utilised to launch more targeted attacks.  Depending on the type of information gathered, such attacks, could be likened to an attacker that has insider knowledge.</p>\n\n<p>I will also be demonstrating, via real world examples, the dangers of going out blindly and looking for specific services and products in the information security industry, with real life networks being shown on stage.</p>\n\n<p>A short breakdown of what will be presented is as follows:</p>\n\n<ul>\n  <li>An explanation of what is wrong with the RFQ/RFP process worldwide including proof of these issues.</li>\n  <li>Multiple attack avenues of real hackers taking advantage of the process / information leaked.</li>\n  <li>Scenarios where attackers would be in an advantageous position.</li>\n  <li>Personal examples that I’ve seen over the last 16 years (I’ve contributed towards over 4000 responses to RFQs/RFPs over the years!).</li>\n  <li>Real life examples that we’ve seen and found publicly online, including private information that attackers could utilise.</li>\n  <li>Some advice on solving this difficult issue.”</li>\n</ul>\n\n\'',0,134386),('2_Friday','16','16:50','17:20','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Introducing YOGA: Your OSINT Graphical Analyzer\'','\'Micah Hoffman\'','71b873f38ec30f09b9ba20319b8c35d1','\'<h2 id=\"introducing-yoga-your-osint-graphical-analyzer---micah-hoffman\">Introducing YOGA: Your OSINT Graphical Analyzer - <a href=\"https://twitter.com/WebBreacher\">Micah Hoffman</a></h2>\n<p>“If you have ever performed reconnaissance on a target or conducted an OSINT investigation you know that there are a huge number of places to gather OSINT data. One of the biggest challenges is in taking the next steps with that data once you have it. How do you take what you have and transform use it to get more? For instance, if you found email addresses, where do you search to find other data about those accounts? We have excellent resources such as [http://osintframework.com)[http://osintframework.com] and <a href=\"https://bit.ly/technisette\">https://bit.ly/technisette</a> that are huge lists of well-organized bookmarks which can be overwhelming. That is why I created YOGA.</p>\n\n<p>Your OSINT Graphical Analyzer (YOGA) seeks to answer that most-common of data-gathering questions, “What do I do now?” It is designed to help when you have one type of data and need to know different actions you can take to get more data. Come to this session and learn how you and your team can use and extend this online tool in your work.”</p>\n\n\'',0,134387),('2_Friday','17','16:50','17:20','Y','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Introducing YOGA: Your OSINT Graphical Analyzer\'','\'Micah Hoffman\'','71b873f38ec30f09b9ba20319b8c35d1','\'\'',0,134388),('2_Friday','17','17:25','17:55','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Using Deep Learning to uncover darkweb malicious actors and their close circle\'','\'Rod Soto / Joseph Zadeh\'','bc859dffe717b77f533549bc65553d77','\'<h2 id=\"using-deep-learning-to-uncover-darkweb-malicious-actors-and-their-close-circle----rod-soto-and-josephzadeh\">Using Deep Learning to uncover darkweb malicious actors and their close circle  - <a href=\"https://twitter.com/rodsoto\">Rod Soto</a> and <a href=\"https://twitter.com/josephzadeh\">josephzadeh</a></h2>\n<p>This presentation shows how data driven techniques can be used to provide vision and establish  relationships between users and participants of DarkWeb forums. These relationships can provide clues to uncover and reveal tracks of malicious actors. Things such as chat room transcripts and forum data are used can be used to build graphical relationships.</p>\n\n<p>This provides a context where it is possible to use machine learning algorithms to unmask relationships and profile users of these dark forums. Some of the methods used include Machine Learning Algorithms such as Googles PageRank. Once this users are profiled it is possible to predict behaviors, gaining further understanding of actors using these forums to obfuscate and evade attribution.</p>\n\n<h1 id=\"live-demo\">Live Demo</h1>\n\n\'',0,134389),('2_Friday','18','18:00','18:35','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'I fought the law and law lost\'','\'Mauro Caseres\'','7a55935598304e2001acd0f406f2658b','\'<h2 id=\"i-fought-the-law-and-law-lost---mauro-caseres\">I fought the law and law lost - <a href=\"https://twitter.com/mauroeldritch\">Mauro Caseres</a></h2>\n<p>“I fought the law and the law lost” is a series of talks that aims to collect vulnerabilities in the field of Argentine Security forces. \nThis chapter focuses on both Federal and Buenos Aires City Police, which according to the Head of Government Horacio Rodríguez Larreta, has the ““most modern technology in the world””.</p>\n\n<p>We will analyze four particular cases (two on the lightning talk version), all of them ending in national scandals:</p>\n<ul>\n  <li>The leaking of the Police Reports database. Which led to the disclosure of private information of criminals, informants, involved police agents and even original reporters. This database contained cases related to drug trafficking and proxenetism.</li>\n  <li>The leaking of Proyecto X, a joined intelligence task force composed by members of different forces.</li>\n  <li>The leaking of the SNIC (Criminal Information National System), that led to the disclosure of intelligence information regarding criminal gangs undergoing federal investigation but not prosecuted/captured yet.</li>\n  <li>The leaking of Buenos Aires City Police entire database, that led to the disclosure of every agents personal information, including religious and health related concerns, like STDs, clinical and psychological history, and more.</li>\n</ul>\n\n<p>But we’ll do it having in mind a special requirement: passive action. We’ll use Recon &amp; OSINT at it’s best in order to reconstruct how the leaks were carried from start to end. A police chief using his daughter’s name as a password? A Police CIO using his own National ID Number as recovery question? Public databases exposing too much information? Reused passwords across every site on the internet? Sure, but it’s not the worst. We’ll use hand crafted DIY tools and without compromising a single system, reveal a lot of bugs and vulns. This talk is heavily focused on obtaining OSINT from public sources (specially in countries with weak or ambiguous laws, like Argentina)</p>\n\n<p>This talk aims to demonstrate various flaws with a critical, technical and impartial approach to bring to the public a prevailing reality: First, argentine law allows a lot of compromising data to be used as ““public”” (thus leaving the place for OSINT based attacks to occur), and second… we are not safe against computer threats, and those who take care of us, neither are.</p>\n\n\'',0,134390),('3_Saturday','10','10:00','11:59','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Building visualisation platforms for OSINT data using open source solutions\'','\'Bharath Kumar / Madhu\'','a8a9df43766ed98786d8c5f7b2dafdbb','\'\'',0,134391),('3_Saturday','11','10:00','11:59','Y','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Building visualisation platforms for OSINT data using open source solutions\'','\'Bharath Kumar / Madhu\'','a8a9df43766ed98786d8c5f7b2dafdbb','\'\'',0,134392),('3_Saturday','12','12:10','12:55','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Bug Bounty Hunting on Steroids\'','\'Anshuman Bhartiya / Glen Grant\'','de6e7cf7b8929b9de29e42221ec79d8a','\'<h2 id=\"bug-bounty-hunting-on-steroids---anshuman-bhartiya-and-glenn-devalias-grant\">Bug Bounty Hunting on Steroids - <a href=\"https://twitter.com/anshuman_bh\">Anshuman Bhartiya</a> and <a href=\"https://twitter.com/_devalias\">Glenn ‘devalias’ Grant</a></h2>\n<p>Bug bounty programs are a hot topic these days. More and more companies are realizing the benefits of running a program, and researchers are jumping at the opportunity to grab some swag and make some extra cash from the bugs they find. Reporting security issues has never been as easy, open, and risk-free as it is right now. Everybody wins!</p>\n\n<p>Though that doesn’t mean we should stop there. As researchers, we spend a lot of time doing the same menial tasks for each program: monitoring for new targets, checking for common issues, remembering just which flags you needed to pass to that tool (or even which tool is best for that job). We build new tools, hack together shell scripts, and generally make small incremental changes to our process. But surely there’s a better approach?</p>\n\n<p>Are you sick of repeating the same tedious tasks over and over? Wouldn’t it be nice to have your own bug hunting machine? One that -</p>\n<ul>\n  <li>Is always watching</li>\n  <li>Reacts as soon as a new target becomes available</li>\n  <li>Takes care of those tedious repetitive steps for you</li>\n  <li>Makes life easy when you want to integrate a new tool/workflow</li>\n  <li>Doesn’t cost the world to run, and trivially scales</li>\n  <li>Leverages lessons and technologies battle tested in the dev world to improve your offensive capacity, capability and productivity</li>\n  <li>Monitors your own infrastructure and reacts before hackers can (while saving you the cost of those Bug Bounty payouts in the meantime)</li>\n</ul>\n\n<p>We call this approach Bug Bounty Hunting on Steroids. We will discuss our research and approach to building such a machine, sharing some of the lessons we learned along the way.	x</p>\n\n\'',0,134393),('3_Saturday','13','13:00','13:20','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Targeted User Analytics and Human Honeypotss\'','\'Mbis0n Shadoru\'','abec67d05b3684f5d5b597e6413696f1','\'<h2 id=\"targeted-user-analytics-and-human-honeypotss---mbis0n-shador-not-a-real-name\">Targeted User Analytics and Human Honeypotss - Mbis0n Shador (Not a Real name)</h2>\n<p>Many significant breaches have resulted from adversaries knowing who to target, how to target them and where to target them.   Most corporations are not effectively using the largest collection of targeting data that is available on the public internet and fail to build and refine data driven threat models using the information that our adversaries are using against us.  Targeted User Analytics and Human Honeypots is a research project I am working on to identify and model targeting methods with the hope of tipping the scales in our favor to defend our networks, users and critical systems.</p>\n\n<p>LinkedIn is the largest collection of Business Social Networking data available to “unathenticated” persons on the public internet.  With the right techniques this data can be mined to identify and enrich targets.  The purpose of my talk is to present targeting techniques through a use case and to demonstrate the value of other enrichment methods involving data sets that are widely available or collected from corporate security tools.  The end result is analytics that predict who will be targeted and why they are more likely to be compromised if they are targeted. This will allow for proactive action to be taken to defend users and our assets.</p>\n\n<ul>\n  <li>Background</li>\n  <li>Users are still the weakest link</li>\n  <li>Seed files</li>\n  <li>Sample seed File terms &amp; Query</li>\n  <li>Search Engine Query</li>\n  <li>Harvest</li>\n  <li>External Enrichment</li>\n  <li>Internal Enrichment</li>\n  <li>Human Honeypots and Operationalizing Defenses</li>\n  <li>The Things that we can expect an adversary to do</li>\n  <li>How can we disrupt this targeting approach</li>\n  <li>Industry trends</li>\n</ul>\n\n\'',0,134394),('3_Saturday','13','13:25','13:55','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Skiptracer - ghetto OSINT for broke hackers\'','\'illwill\'','ab11f046b2cb1ee2670b6168615c3539','\'<h2 id=\"skiptracer---ghetto-osint-for-broke-hackers---illwill\">Skiptracer - Ghetto OSINT for broke hackers - <a href=\"https://twitter.com/xillwillx\">illwill</a></h2>\n<p>Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG), or paying to utilize transforms (Maltego) to get data mining results. Using some basic python webscraping of PII paywall sites to compile passive information on a target on a ramen noodle budget. The modules will allow queries for phone/email/screen names/real names/addresses/IP/Hostname/breach credentials etc..</p>\n\n<p>This demo will go over the basic outline of using the script, the problems and pitfalls of dealing with scrapers, and how it will help you collect relevant information about a target to help expand your attack surface.</p>\n\n\'',0,134395),('3_Saturday','14','14:00','14:40','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Applied OSINT For Politics: Turning Open Data Into News\'','\'Lloyd Miller\'','a229b65356257173d411b4b4a133f81d','\'<h2 id=\"applied-osint-for-politics-turning-open-data-into-news---lloyd-miller\">Applied OSINT For Politics: Turning Open Data Into News - <a href=\"https://twitter.com/lloydamiller\">Lloyd Miller</a></h2>\n<p>“How do you apply open source intelligence techniques to politicians, candidates, and others holding the public trust? It’s easier than you think. This talk will outline the general principles for investigating public figures, how to take information and data and turn it into a news story even when the story is (often) incomplete, and then review several case studies that demonstrate the effectiveness of combining these techniques.</p>\n\n<ul>\n  <li>\n    <p>Case Study #1: Selling Out Before The Financial Crisis: politicians using their positions and insider knowledge to profit and sell stocks before regulatory actions and major events like the 2008 financial crisis</p>\n  </li>\n  <li>\n    <p>Case Study #2: Family Money Laundering Campaign Contributions: politician, who lacks the means themselves, illegally fund their campaigns with hundreds of thousands of dollars from family members</p>\n  </li>\n  <li>\n    <p>Case Study #3: How To Save $300,000 On A Home: politician purchases a home at a steep discount from a major campaign donor</p>\n  </li>\n  <li>\n    <p>Case Study #4: Downton Abbey On Capitol Hill: politicians use public funds to decorate their offices in ostentatious and wasteful ways</p>\n  </li>\n  <li>\n    <p>Case Study #5: Voter Fraud Is Real: political candidate actually commits voter fraud”</p>\n  </li>\n</ul>\n\n\'',0,134396),('3_Saturday','14','14:45','15:05','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'1983: I’m born. 2018: I’m taking on the bad guys\'','\'Jennifer Roderick\'','c1d14177821c8bce0225d3bdc31ea8f5','\'<h2 id=\"1983-im-born-2018-im-taking-on-the-bad-guys---jennifer-roderick\">1983: I’m born. 2018: I’m taking on the bad guys - Jennifer Roderick</h2>\n<p>“I’m not a programmer. I’m not a hacker…in the traditional sense. But yet I was born in 1983, so surely that makes me a perfect fit for the DEF CON theme this year. Not enough? Ok, well how about the fact that I’m currently using open source tools, techniques and methodologies to combat modern slavery, wildlife trafficking, terrorism and just about every serious organized crime the world is currently battling from a desk in the middle of the London financial district. Interested in hearing from a different viewpoint and perspective, then this is your talk. While you might not walk away with a new tool for your toolbox, you will gain an understanding into how the smallest contribution can end up the most profound and how combining open source resources can take on much bigger problems that you’ve maybe never considered.</p>\n\n<p>During my talk, I will cover a few examples of recent Open Source investigations conducted by myself, including details regarding the methodologies and tools which were used. We actively follow the person not the digital fingerprint to begin to understand and put a face to some of the most prevalent and serious organized crimes facing the world today.</p>\n\n<p>When I was in the forces I knew what I was facing and had to deal with, as Head of Research at a FinTech company I never expected that transferring my skills would end up uncovering individuals within the financial industry who I’ve had to report for terrorist activity, human trafficking, wildlife trafficking, drug smuggling, violent crime, fraud (international and domestic), revenge porn, and stalking.</p>\n\n<p>And while I’m not here to save the world, I think we can all do a little bit to contribute to a counter-future in which the good guys are empowered by technology and the bad guys have nowhere to hide.</p>\n\n\'',0,134397),('3_Saturday','15','14:45','15:05','Y','RCV','Caesars Promenade Level - Florentine BR 1,2','\'1983: I’m born. 2018: I’m taking on the bad guys\'','\'Jennifer Roderick\'','c1d14177821c8bce0225d3bdc31ea8f5','\'\'',0,134398),('3_Saturday','15','15:10','15:50','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Core OSINT: Keeping Track of and Reporting All the Things\'','\'Micah Hoffman\'','7e6eabc54c8f7a7d9954205cff8ad720','\'<h2 id=\"core-osint-keeping-track-of-and-reporting-all-the-things---micah-hoffman\">Core OSINT: Keeping Track of and Reporting All the Things - <a href=\"https://twitter.com/WebBreacher\">Micah Hoffman</a></h2>\n<p>“Your client gives you their requirement, ““find the social media accounts of the target person and any friends they may have””. Simple enough. You execute your Standard Operating Procedures (you DO have a SOP, right?) and begin running tools, using your sock puppets, scraping web sites, and finding a ton of data. You’ve got CSVs, text output, images, URLs….OH MY! How do you keep track of all this data and, more importantly, how do you ensure that you can report on it and have covered all the pivot points for the OSINT investigation?</p>\n\n<p>As OSINTers, pentesters, defenders, PIs, and others, we can easily get swamped in data. Join me as we look at some bad, some good, and some amazing methods of keeping your investigation on track.”</p>\n\n\'',0,134399),('3_Saturday','16','16:05','16:35','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'WhiteRabbit: Combining Threat Intelligence Public Blockchain Data and Machine Learning to go Down the “Dirty Money” Rabbit Hole\'','\'Olivia Thet / Nicolas Kseib\'','52b57e8152226c3ae4f4c93f1472523e','\'<h2 id=\"whiterabbit-combining-threat-intelligence-public-blockchain-data-and-machine-learning-to-go-down-the-dirty-money-rabbit-hole---olivia-thet-and-nicolas-kseib\">WhiteRabbit: Combining Threat Intelligence Public Blockchain Data and Machine Learning to go Down the “Dirty Money Rabbit Hole” - <a href=\"https://twitter.com/trustartech\">Olivia Thet</a> and Nicolas Kseib</h2>\n<p>In this presentation, we will demonstrate how to build a machine learning model that uses a merged dataset combining cyber related contextual information with Bitcoin (BTC) transaction data. The model can be used by both private and public sectors security professionals, working in the cryptocurrency field, to deny business for certain BTC addresses or, build legal cases to return illegally stolen coins.</p>\n\n<p>To build the dataset, we collected a list of BTC addresses involved in illegal activities. Using these addresses as a starting point, we navigated along the chain, and reconstructructed a cluster of connected “dirty” addresses. We used rules such as First-In-First-Out (FIFO) to label them. These labeling techniques can be used to tag certain BTC addresses that fall within this path as “dirty” addresses because they handled money acquired through illegal activities. We can then take this a step further and analyze the characteristic behavioral elements of these addresses. This behavioral analysis will allow us to determine the features representing this malicious behavior and use them within a machine learning model classifying new BTC addresses.</p>\n\n<p>Our model-building approach is based on a three part framework: The first part is to collect a set of  BTC addresses and classify them as “clean” or “dirty” to use them as our ground truth. The second part is to test the classification models using this dataset and propose decision metrics to optimally pick a model. In this part, we will also discuss ideas about how to compute expensive, but important features obtained from transaction data. In the third part, we will show how to use the obtained optimal model to predict if an address is “dirty”.  Finally, we will discuss our challenges when solving this problem and propose solutions to overcome them.</p>\n\n\'',0,134400),('3_Saturday','12','12:00','12:25','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Cartoons, Sketchnotes, Bullet Journals and Other Data Visualization Tricks\'','\'Raye Keslensky\'','7e4416320eba4e095db507606e9fdbcf','\'<h2 id=\"cartoons-sketchnotes-bullet-journals-and-other-data-visualization-tricks---raye-keslensky\">Cartoons, Sketchnotes, Bullet Journals and Other Data Visualization Tricks - <a href=\"https://twitter.com/lastres0rt\">Raye Keslensky</a></h2>\n<p>“When it comes to presenting data, it’s not WHAT you present, it’s HOW you present it! Combining words with pictures has been around for ages. Picking up an understanding of sequential art and how you can use it in your day-to-day life is critical!</p>\n\n<p>This talk covers a crash course of data science and visualization. Learn what parts of the information you’re supposed to keep an eye on! Make better line breaks with your text! Bring clarity to your writing! Good for software design, scrapbooking, OSINT, or keeping your shit together! “</p>\n\n\'',0,134401),('3_Saturday','17','17:05','17:35','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Mapping wifi networks and triggering on interesting traffic patterns\'','\'Caleb Madrigal\'','18e28d4edcf76ef1c8cb98cf42fd2695','\'<h2 id=\"mapping-wifi-networks-and-triggering-on-interesting-traffic-patterns---caleb-madrigal\">Mapping wifi networks and triggering on interesting traffic patterns - <a href=\"https://twitter.com/caleb_madrigal\">Caleb Madrigal</a></h2>\n<p>Sure, WiFi hacking has been around for a while, and everyone knows about tools like airmon-ng, kismet, et al. But what if you just want to view a list of all networks in your area AND see all devices connected to each network? Or maybe you want to know who’s hogging all the bandwidth (and maybe deauth them if they use too much)? Or, what if you want to know when a certain someone’s cell phone is nearby. Or perhaps you’d like to know if your Airbnb host’s IP Camera is uploading video to the cloud?</p>\n\n<p>For all these use-cases, I’ve developed a new tool called ““trackerjacker””. In this talk, we’ll use this tool to explore some of the surprisingly-informative data floating around in the radio space, and you’ll come away with a new skill point or two in your radio hacking skill tree, as well as a new magical weapon… I mean tool.</p>\n\n\'',0,134402),('3_Saturday','17','17:40','17:59','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'OpenPiMap - Hacking the hackers with OSINT, Raspberry Pis, and Data Analysis\'','\'Mark Klink\'','59daee53417c1c3c9e6978c705f11c39','\'<h2 id=\"openpimap---hacking-the-hackers-with-osint-raspberry-pis-and-data-analysis---mark-klink\">OpenPiMap - Hacking the hackers with OSINT, Raspberry Pis, and Data Analysis - <a href=\"https://twitter.com/evilbotnet\">Mark Klink</a></h2>\n<p>OpenPiMap is the ultimate home/prosumer network utility in order to detect, analyze, and respond to malicious network traffic on a small home or office network.  Get an interactive and dynamic interface to detect and respond to botnets, hackers, and script kiddies on a platform that is powered by just 5v and costs less than $10. Everyday any point of presence on the internet can be faced with thousands of scans, exploit attempts, or malicious probes with almost no signature or notification to the end user. OpenPiMap offers the ability to detect and respond to malicious network traffic that would normally be ignored by traditional anti-virus or consumer firewalls.</p>\n\n<p>OpenPiMap is an open source Netflow protocol analyzer written entirely in Python3, Flask, Javascript, and SQLite that combines open source intelligence with home/SOHO networking and intrusion detection.  Running on any version of a Raspberry Pi, Linux OS, or Windows, OpenPiMap consists of two parts: (1) Netflow collection service and (2) Database processing service.  The NetFlow service does exactly what it sounds like, it listens on a specified port for Netflow v5 data and logs the data into a local SQL database.  The second part is where the magic happens.</p>\n\n<p>All of the traffic, both in and out of the network, is compared to dozens of the top IP blacklists for malicious patterns.  Once identified, the malicious suspects are mapped, interrogated via Shodan’s Python API for vulnerable services and ownership information, and then staged for exploitation if a readily available exploit exists.  This processing is where the bridge between traditional netflow traffic analyzers and OpenPiMap split.  There are plenty of free tools on the market to monitor incoming and outgoing connections, bandwidth utilization, and common port usage.  However, none of the existing products leverage open source intelligence to the extent of OpenPiMap by providing you with the open ports and services, ownership information, ISP, geographic location, and publically available exploits for the incoming or outgoing IP addresses.</p>\n\n\'',0,134403),('3_Saturday','18','18:05','18:35','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Supercharge Your Web Recon With Commonspeak and Evolutionary Wordlists\'','\'Michael Gianarakis / Shubham Shah\'','c60de331f05f61ff3562c90ddd186969','\'<h2 id=\"supercharge-your-web-recon-with-commonspeak-and-evolutionary-wordlists---michael-gianarakis-and-shubham-shah\">Supercharge Your Web Recon With Commonspeak and Evolutionary Wordlists - <a href=\"https://twitter.com/mgianarakis\">Michael Gianarakis</a> and <a href=\"https://twitter.com/infosec-au\">Shubham Shah</a></h2>\n\n<p>When conducting a web application penetration test understanding and extending the attack surface is an exercise that is critical for success. Having a large wordlist of realistic directories, files and domains is assists immensely with this process.</p>\n\n<p>Commonspeak is a wordlist generation tool that leverages public datasets from Google’s BigQuery platform. By performing queries on large datasets that are updated frequently, commonspeak is able to generate wordlists that are “evolutionary”, in the sense that they reflect the newest trends on the internet.</p>\n\n<p>This presentation will discuss the concept of evolutionary wordlists and how Commonspeak parses URLs from various BigQuery datasets including HTTPArchive, Stack Overflow and HackerNews to build current, consistently evolving and realistic wordlists of directories, files, parameter names for specific technologies, and subdomains.</p>\n\n<p>We will also introduce Commonspeak 2 and discuss the additions to the tool including scheduled wordlist creation, comprehensive GitHub queries a permutation engine for subdomain discovery and asynchronous wordlist generation.</p>\n\n\'',0,134404),('4_Sunday','10','10:00','10:50','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\' \'','\'HackaThon Product(s) Shocase by Participants\'','65225d031c703d5ead99aadab5b6ed42','\'\'',0,134405),('4_Sunday','10','10:50','11:20','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Winning a SANS 504 CTF without winning a SANS CTF\'','\'Wbbigdave\'','cdd94ab844d52a9069efd621c52d8e13','\'<h2 id=\"winning-a-sans-504-ctf-without-winning-a-sans-ctf---wbbigdave\">Winning a SANS 504 CTF without winning a SANS CTF - Wbbigdave</h2>\n<p>When a security professional who is running a SANS training course challenges you to ‘Socially engineer the answer to the CTF’ out of him, you have a choice: choose something to make him laugh and garner clues to aid you in owning the network and walking away with a CTF coin, or, take it as a personal challenge and a call to own your instructor. Against better judgement, the advice of his peers (‘you shouldn’t attack a SANS instructor’) and with the threat of an ex Navy Seal above him, wbbigdave took the second path.</p>\n\n<p>Learn how good reconnaissance, modern technology which is billed as an aid to connectivity and convenience, can be used to fully draw even then most switched on and vigilant of security professionals down the rabbit hole. Including but not limited to Facebook and Google who lost significant sums of money to similar techniques. Learn how to walk away with a challenge coin without winning the CTF.</p>\n\n<hr />\n\n<h1 id=\"lightening-talks\">Lightening Talks</h1>\n\n\'',0,134406),('4_Sunday','11','10:50','11:20','Y','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Winning a SANS 504 CTF without winning a SANS CTF\'','\'Wbbigdave\'','cdd94ab844d52a9069efd621c52d8e13','\'\'',0,134407),('4_Sunday','11','11:25','12:55','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Stalker In A Haystack\'','\'MasterChen\'','0614decae62662a54fe444ebdc3c129d','\'<h2 id=\"stalker-in-a-haystack---masterchen\">Stalker In A Haystack - <a href=\"https://twitter.com/chenb0x\">MasterChen</a></h2>\n<p>In 2015, I did a Skytalk called “Automate Your Stalking”. In that talk, I used Twitter to follow my Target’s followers in an effort to monitor the target without following them directly and arousing suspicion. I’m the end, I felt like I released a method that may be dangerous in the hands of the wrong people. Now, “Stalker In A Haystack” is the antidote to my first talk.</p>\n\n<p>I will be putting the power back into the hands of the people who need it. In this talk, I will demonstrate how you can determine if you are being monitored via Twitter, and by who. Isn’t it suspicious when that one handle is following everyone but you? What does that mean? Stalkers can hide in your sea of followers, and the aim of this talk is to uncover those who lie in the shadows.</p>\n\n\'',0,134408),('4_Sunday','12','11:25','12:55','Y','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Stalker In A Haystack\'','\'MasterChen\'','0614decae62662a54fe444ebdc3c129d','\'\'',0,134409),('4_Sunday','12','12:00','12:25','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Mapping Social Media with Facial Recognition\'','\'Jacob Wilkin\'','e19f8dbbd35969ee587a96b13a289bea','\'<h2 id=\"mapping-social-media-with-facial-recognition---jacob-wilkin\">Mapping Social Media with Facial Recognition - <a href=\"https://twitter.com/username\">Jacob Wilkin</a></h2>\n<p>“Performing intelligence gathering on targets is a time consuming process, it typically starts by attempting to find a persons online presence on a variety of social media sites. What if it could be automated and done on a mass scale with hundreds or thousands of targets?</p>\n\n<p>Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searching popular social media sites for targets names and pictures to accurately detect and group a person’s presence, outputting the results into report that a human operator can quickly review.</p>\n\n<p>Social Mapper has a variety of uses in the security industry, for example the automated gathering of large amounts of social media profiles for use on targeted phishing campaigns. Facial recognition aids this process by removing false positives in the search results, so that reviewing this data is quicker for a human operator.</p>\n\n<p>Social Mapper supports the following social media platforms:\n        - LinkedIn\n        - Facebook\n        - Twitter\n        - GooglePlus\n        - Instagram\n        - VKontakte\n        - Weibo\n        - Douban</p>\n\n<p>Social Mapper takes a variety of input types such as:\n        - An organisations name, searching via LinkedIn\n        - A folder full of named images\n        - A CSV file with names and url’s to images online”</p>\n\n\'',0,134410),('4_Sunday','12','12:25','12:40','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Hackathon and CTF Prizes, and a Group Photo\'','\'Recon Village Team\'','1241579938d80293928f49e021e40921','\'\'',0,134411),('4_Sunday','12','12:45','12:59','N','RCV','Caesars Promenade Level - Florentine BR 1,2','\'Closing Note\'','\'Shubham Mittal / Sudhanshu Chauhan\'','f125115d772c69e0fd517a3c5a9a2691','\'\'',0,134412),('2_Friday','10','10:00','10:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Mallet: A Proxy for Arbitrary Traffic\'','\'Rogan Dawes\'','wos__rdawes','\'<h3 id=\"wos__rdawes\">Mallet: A Proxy for Arbitrary Traffic</h3>\r\n<h4>Rogan Dawes, Senior Researcher at SensePost</h4>\r\n<p>Mallet is an intercepting proxy for arbitrary protocols. More accurately, it is a framework for building proxies for arbitrary protocols. Mallet provides the basics required of all proxies: A way to receive the data, a way to send the data, and a user interface to intercept and edit the data. It builds on the Netty project, and as such has access to a large, well-tested suite of protocol implementations that can be used to transform a stream of bytes into useful, high-level protocol objects. This workshop will introduce attendees to Mallet, and show how to construct pipelines of arbitrary complexity, to successfully decode and intercept messages in various protocols, as well as automating modifications of the various messages. A basic familiarity with Java will enhance the delegate\'s understanding of what they are taught, but is not a requirement.</p>\r\n<p><strong>Rogan Dawes</strong> (Twitter: <a href=\"https://twitter.com/RoganDawes\" target=\"_blank\" rel=\"noopener noreferrer\">@RoganDawes</a>) is a Senior Researcher at SensePost and has been hacking since 1998, which, coincidentally, is also the time he settled on a final wardrobe. He used the time he saved on choosing outfits to live up to his colleague\'s frequent joke that he has an offline copy of the Internet in his head. Rogan spent many years building web application assessment tools, and is credited as having built one of the first and most widely used intercepting proxies, WebScarab.</p>\r\n\'',0,134413),('3_Saturday','10','10:00','10:30','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Ducky-in-the-Middle: Injecting Keystrokes into Plaintext Protocols\'','\'Esteban Rodriguez\'','wos__erodriguez','\'<h3 id=\"wos__erodriguez\">Ducky-in-the-Middle: Injecting Keystrokes into Plaintext Protocols</h3>\r\n<h4>Esteban Rodriguez, Security Consultant at Coalfire Labs</h4>\r\n<p>This talk will cover the basics of protocol analysis using Wireshark and lead into analyzing two custom application protocols used for extending the mouse and keyboard of a remote system. The two applications covered are HippoRemote, and iOS app to use a iPhone as a trackpad and keyboard, and Synergy, an application to allow for control of multiple operating systems with one mouse and keyboard. By performing a MITM attack, an attacker can abuse this protocols to send keystokes to a remote machine to gain remote code execution similar to a USB rubber ducky attack. The talk will also discuss mitigations and open source code will be provided for exploitation. The target audience should have a basic understanding of Wireshark, ARP spoofing, and reverse shells.</p>\r\n<p><strong>Esteban Rodriguez</strong> (Twitter: <a href=\"https://twitter.com/n00py1\" target=\"_blank\" rel=\"noopener noreferrer\">@n00py1</a>) a Security Consultant at Coalfire Labs. He primarily perform network and web application penetration testing. Esteban worked previously at Apple Inc performing intrusion analysis and incident response. Outside of work, Esteban blog at n00py.io and perform independent security research. He have authored multiple penetration testing tools and have presented at BSides Puerto Rico covering penetration testing techniques.</p>\r\n\'',0,134414),('3_Saturday','10','10:30','10:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'How to Tune Automation to Avoid False Positives\'','\'Gita Ziabari\'','wos__gziabari','\'<h3 id=\"wos__gziabari\">How to Tune Automation to Avoid False Positives</h3>\r\n<h4>Gita Ziabari, Senior Consultant Engineer at Verizon</h4>\r\n<p>Every SOC is deluged by massive amounts of logs, suspect files, alerts and data that make it impossible to respond to everything. It is essential to deploy automation to accelerate response time, consistency, scalability and efficiency. This talk will cover techniques to design a reliable automated tool in security. We will discuss about techniques of tunning the automation to avoid false positives and the many struggles we have had in creating appropriate whitelists. We will walk through steps of creating an automated tool and the essential factors to be considered to avoid any false positive.</p>\r\n<p><strong>Gita Ziabari</strong> (Twitter: <a href=\"https://twitter.com/gitaziabri\" target=\"_blank\" rel=\"noopener noreferrer\">@gitaziabri</a>) is working at as a Senior Consultant Engineer at Verizon. She has more than 14 years of experience in threat research, networking, testing and building automated tools. Her main focus is creating automated tools in cybersecurity for mining data.</p>\r\n\'',0,134415),('2_Friday','11','11:00','11:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Rethinking Role-Based Security Education\'','\'Kat Sweet\'','wos__ksweet','\'<h3 id=\"wos__ksweet\">Rethinking Role-Based Security Education</h3>\r\n<h4>Kat Sweet, Duo Security</h4>\r\n<p>How do we scale a deeper level of security awareness training without sacrificing efficacy? This talk will explore strategies and tactics for developing security education based on employees\' roles, access, and attack surface while designing not only for efficiency but also for effectiveness. By prioritizing the highest-risk teams, pooling teams to collaboratively threat-model, and contextualizing universal truths of security hygiene to those threat models, we can deliver training that leverages employees\' roles, fosters retention via active participation, and eases the burden on trainers within the security team. Attendees will walk away with a roadmap for building scalable, contextual, and collaborative role-based employee security education within their organizations.</p>\r\n<p><strong>Kat Sweet</strong> (Twitter: <a href=\"https://twitter.com/TheSweetKat\" target=\"_blank\" rel=\"noopener noreferrer\">@TheSweetKat</a>) works for Duo Security\'s corporate security team as an information security analyst (and senior pun architect). A passionate security educator, she is heavily involved in building her team\'s employee security awareness and engagement program, and is frequently the first security team member that new Duo employees meet. She also serves as the lockpick village coordinator for BSides Las Vegas, a mentor for the SANS Women\'s Immersion Academy, and a teaching assistant for the Ann Arbor chapter of Girl Develop It. When she\'s not in security mode, you can often find her bursting into song or picking unsuspecting locks.</p>\r\n\'',0,134416),('3_Saturday','11','11:00','11:30','N','PHV','Caesars Promenade Level - Neopolitan BR','\'wpa-sec: The Largest Online WPA Handshake Database\'','\'Alex Stanev\'','wos__astanev','\'<h3 id=\"wos__astanev\">wpa-sec: The Largest Online WPA Handshake Database</h3>\r\n<h4>Alex Stanev, CTO of Information Services at JSC</h4>\r\n<p>Started as pet project in 2011, wpa-sec collects WPA handshake captures from all over the world. Contributors use client script to download handshakes and special crafted dictionaries to initiate attack against PSKs. With more than 115 GB captures from 240 000 submissions, collected samples represent invaluable source for wireless security research. This includes:</p>\r\n<ul>\r\n<li>Many improvements for emerging wireless security tools like hcxtools suite (<a href=\"https://github.com/ZerBea/hcxtools\" target=\"_blank\" rel=\"noopener noreferrer\">https://github.com/ZerBea/hcxtools</a>)</li>\r\n<li>Identified default PSK key generation algorithms, used by various ISPs. Those, along with fixes for current implementations get in RouterKeygen project (<a href=\"https://github.com/routerkeygen/routerkeygenPC\" target=\"_blank\" rel=\"noopener noreferrer\">https://github.com/routerkeygen/routerkeygenPC</a>). Many more to come, based on current research activities</li>\r\n<li>Performance optimizations for WPA crackers</li>\r\n<li>Identified some linux kernel driver bugs</li>\r\n</ul>\r\n<p>During the talk I will explain how wpa-sec works, provide statistics and a lot internals on optimization and how to use the database as OSINT source during pentests and red team actions.</p>\r\n<p>wpa-sec is opensource project available at <a href=\"https://github.com/RealEnder/dwpa\" target=\"_blank\" rel=\"noopener noreferrer\">https://github.com/RealEnder/dwpa</a>.</p>\r\n<p>Live installation at <a href=\"https://wpa-sec.stanev.org\" target=\"_blank\" rel=\"noopener noreferrer\">https://wpa-sec.stanev.org</a>.</p>\r\n<p><strong>Alex Stanev</strong> (Twitter: <a href=\"https://twitter.com/RealEnderSec\" target=\"_blank\" rel=\"noopener noreferrer\">@RealEnderSec</a>) started as a software developer in late 90s working on a wide range of projects - from specialized hardware drivers to large scale information systems for private and public sectors, including e-government services, elections management and smart cities. Going through virtually all mainstream enterprise platforms, Alex also took some time to explore various niche technologies and did a lot of low level stuff.</p>\r\n<p>As a security consultant, Alex led penetration test audits in Europe, America and Africa for financial and government institutions.</p>\r\n<p>Currently Alex serves as CTO in largest Bulgarian systems integrator Information Services JSC.</p>\r\n\'',0,134417),('4_Sunday','11','11:00','11:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Microcontrollers and Single Board Computers for Hacking, Fun and Profit\'','\'gh057\'','wos__gh057','\'<h3 id=\"wos__gh057\">Microcontrollers and Single Board Computers for Hacking, Fun and Profit</h3>\r\n<h4>gh057</h4>\r\n<p>As security researchers, we are always looking for the next device that will make our jobs easier and our research more effective. In many cases, physical gear can be expensive and limited in capability which can be prohibitive, especially in engagements where dead drops are required. However, with the skyrocketing popularity of microcontrollers and single board computers, that barrier has been reduced significantly and has created a host of new possibilities for everything from dead drops to wired and wireless network intrusion and analysis. gh057 will introduce some of the more popular options in this genre and some live demonstrations of their more fun uses. gh057 will demonstrate three devices he built to solve specific problems and that are based on these platforms: ATtiny85, ESP8266 / ES32, Raspberry Pi Finally, and as a bonus, gh057 will demonstrate a simple technique that uses Applescript and Bash that can be used to create a simple USB trojan and can be useful for end-user training.</p>\r\n<p><strong>gh057</strong> has worked on almost every aspect of the software development lifecycle. For the majority of his career, he worked as a front-end, full stack engineer specializing in UI/UX. During this time, he was involved in development and also testing efforts, which included quality and security best practices. In the last few years, gh057 completed a career transition to application security, most notably through security evangelism roles, where he worked closely with development teams. As an application security engineer, gh057 is responsible for security best practices, which encompasses both digital and physical threat vectors. Most recently, gh057 has been the concept creator and team lead for the Day of Shecurity conference which took place on June 16th in San Francisco, CA. In his free time, he is passionate about promoting equality in the cybersecurity industry and offering mentorship to young technologists. His goal is to leave behind a better industry than the one he found when he first began his career.</p>\r\n\'',0,134418),('3_Saturday','11','11:30','11:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Capturing in Hard to Reach Places\'','\'Silas Cutler\'','wos__scutler','\'<h3 id=\"wos__scutler\">Capturing in Hard to Reach Places</h3>\r\n<h4>Silas Cutler, Senior Security Researcher at CrowdStrike</h4>\r\n<p>It\'s easy for us to take for granted when tools allow us to start capturing network traffic without any real hardships. However, what happens when the data you want isn\'t so easy to capture. This talk will look at two cases in which environments needed to be bent in order to capture the data needed for analysis.</p>\r\n<p><strong>Silas Cutler</strong> (Twitter: <a href=\"https://twitter.com/silascutler\" target=\"_blank\" rel=\"noopener noreferrer\">@silascutler</a>) is a Senior Security Researcher at CrowdStrike, Project Director for MalShare and DEFCON 21 Black Badge (from Capture the Packet). Endorsed on LinkedIn by [REDACTED] for \"tcpdump\". His prior managers have described him as \"a guy\" and \"meeting necessary skills to perform job functions.\"</p>\r\n\'',0,134419),('2_Friday','12','12:00','12:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'PacketWhisper: Stealthily Exfiltrating Data and Defeating Attribution Using DNS and Text-Based Steganography\'','\'TryCatchHCF\'','wos__trycatch','\'<h3 id=\"wos__trycatch\">PacketWhisper: Stealthily Exfiltrating Data and Defeating Attribution Using DNS and Text-Based Steganography</h3>\r\n<h4>TryCatchHCF</h4>\r\n<p>Data exfiltration through DNS typically relies on the use of DNS query fields to exfiltrate data via the attacker\'s DNS server. This approach has several shortcomings. The first is attribution, since attackers end up creating a trail back to their own infrastructure. The second is awareness, as DFIR analysts have made careful study of DNS fields as exfiltration vectors. The third is access, since companies are increasingly using DNS server whitelisting to prevent or alert on outgoing DNS queries to servers controlled by attackers. But what if data could be transferred using the target\'s own whitelisted DNS servers, without the communicating systems ever directly connecting to each other or a common endpoint? Even if the network boundary employed data whitelisting to block data exfiltration?</p>\r\n<p>Through a combination of DNS queries and text-based steganography, we\'ll cover the methods used to transfer data across a network, hidden in plain sight, without direct connectivity between systems, while employing multiple levels of deception to avoid generating alerts as well as to mislead analysis attempts. The presentation will include a demonstration of PacketWhisper, a new tool written in Python, that automates all of these steps for you. PacketWhisper will be made available on GitHub to coincide with this session (<a href=\"https://github.com/TryCatchHCF\" target=\"_blank\" rel=\"noopener noreferrer\">https://github.com/TryCatchHCF</a>).</p>\r\n<p><strong>TryCatchHCF</strong> (Twitter: <a href=\"https://twitter.com/TryCatchHCF\" target=\"_blank\" rel=\"noopener noreferrer\">@TryCatchHCF</a>) is Red Team Lead at a Fortune 500 company, and creator of the Cloakify Exfiltration and DumpsterFire Incident Automation Toolsets (<a href=\"https://github.com/TryCatchHCF\" target=\"_blank\" rel=\"noopener noreferrer\">https://github.com/TryCatchHCF</a>). Previous roles have included Lead Pentester and AppSec Team Lead. He hacked into his first systems in 1981 and wrote his first malware the following year, all while nearly being eaten by a grue. He has 25+ years of security and software engineering experience, and served as an Intelligence Analyst and Counterintelligence Specialist in the United States Marine Corps. Education includes a bachelors degree in Cognitive Science, a masters degree in Information Assurance, and the collective HiveMind of the global hacking community.</p>\r\n\'',0,134420),('3_Saturday','12','12:00','12:30','N','PHV','Caesars Promenade Level - Neopolitan BR','\'An OSINT Approach to Third Party Cloud Service Provider Evaluation\'','\'Lokesh Pidawekar\'','wos__lpidawekar','\'<h3 id=\"wos__lpidawekar\">An OSINT Approach to Third Party Cloud Service Provider Evaluation</h3>\r\n<h4>Lokesh Pidawekar, Senior Cloud and Application Security Engineer at Cisco</h4>\r\n<p>In the era of third party cloud service providers where enterprise critical data is hosted and shared with various vendors, third party security reviews have become essential part of Information Security. It has become a challenge for security teams to ensure parity is maintained between security controls that are available on premise, to those offered by the cloud provider. Typically, companies send a word document or excel sheet to get answers from cloud providers, however, this process is done only once and the review is point in time. In this talk, the attendees will learn about various methods of identifying security posture of the third-party cloud service using information available on Internet, how to use this information for performing cloud service review and improve their own cloud offerings. This can also supplement the tedious questionnaire process and provide an option to fast track the vendor reviews.</p>\r\n<p><strong>Lokesh Pidawekar</strong> (Twitter: <a href=\"https://twitter.com/MaverickRocky02\" target=\"_blank\" rel=\"noopener noreferrer\">@MaverickRocky02</a>) work as Senior Cloud and Application Security Engineer in Cisco InfoSec team where he is responsible for designing secure architecture for applications, evaluating third party cloud service providers, and providing training to enterprise architects. He has Master\'s in Information Assurance &amp; Cyber Security from Northeastern University, Boston. Previously, he has spoken at BSides Las Vegas, DEFCON Packet Hacking Village talks, OWASP Boston chapter and CarolinaCon. He likes to read about application vulnerabilities in free time and has reported security bugs to vendors as part of their bug bounty program.</p>\r\n\'',0,134421),('4_Sunday','12','12:00','12:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Fishing for Phishers. The Enterprise Strikes Back!\'','\'Joseph Muniz, Aamir Lakhani\'','wos__munizlakhani','\'<h3 id=\"wos__munizlakhani\">Fishing for Phishers. The Enterprise Strikes Back!</h3>\r\n<h4>Joseph Muniz, Cisco<br>Aamir Lakhani, Fortinet</h4>\r\n<p>Phishing and social engineering has been around since Han Solo has flown the Millennium Flacon. The typically response is deleting the messages and giving the middle finger however, what more could be done to strike back? This talk will cover how to build an artificial environment and develop anti phishing tools used to respond to phishing attempts. Results could include owning the attacker\'s box \"hypothetically\" since some legal boundaries could be crossed.</p>\r\n<p><strong>Joseph Muniz</strong> is an architect at Cisco Systems. Aamir Lakhani (Twitter: <a href=\"https://twitter.com/SecureBlogger\" target=\"_blank\" rel=\"noopener noreferrer\">@SecureBlogger</a>) is a lead researcher at Fortinet. Together, they have spoken at various conferences including the infamous Social Media Deception RSA talk quoted by many sources found by searching \"Emily Williams Social Engineering.\" They are also making their fourth appearance for the DEF CON Wall of Sheep. Both speakers have written books together including a recent title Digital Forensics for Network Engineers released on Cisco Press late February 2018. They have been friends for years and continue to collaborate on research and other projects.</p>\r\n\'',0,134422),('3_Saturday','12','12:30','12:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Bitsquatting: Passive DNS Hijacking\'','\'Ed Miles\'','wos__emiles','\'<h3 id=\"wos__emiles\">Bitsquatting: Passive DNS Hijacking</h3>\r\n<h4>Ed Miles, Security Researcher at DiDi Labs</h4>\r\n<p>The Domain Name System is one of the foundational technologies that allow the internet to function, but unfortunately, DNS is surprisingly brittle to certain issues, such as bitsquatting.</p>\r\n<p>Lookups to names that are a \"bitflip\" away from well-known sites (like \'amczon.com\' instead of \'amazon.com\' since \'c\' and \'a have a single bit difference) can be caused by memory failing due to defect or overheating situations, rogue cosmic rays, or even (allegedly) radiation caused by nuclear reactions.</p>\r\n<p>I was curious how realistic the last case really was - can we \'detect\' active nuclear tests based solely on bitsquatting data? To find out, I revisited bitsquatting. First I\'ll briefly introduce the key concepts required for understanding bitsquatting (including ASCII, DNS and HTTP, Internet infrastructure, and memory error scenarios). I\'ll show the tools and techniques used to identify and register over 30 newly identified bitsquat domains, monitor DNS and HTTP requests, and process, enrich, and investigate the data. Finally, I will discuss any observations gathered from the data, with a focus on regional trends, specific devices, and current events - and try and see if I could prove any correlation.</p>\r\n<p>In the end, attendees should leave with knowledge of the prevalence of bitsquatting and how it has evolved since the phrase was coined 8 years ago, as well as a few techniques for analyzing bitsquatting data and drawing some interesting conclusions.</p>\r\n<p><strong>Ed Miles</strong> (Twitter: <a href=\"https://twitter.com/criznash\" target=\"_blank\" rel=\"noopener noreferrer\">@criznash</a>) is a researcher at DiDi Chuxing\'s California-based DiDi Labs. Working in technology professionally since 2001, and as a hobbyist since 1991, Ed has been focused on forensics, incident response, malware analysis, reverse engineering, and detection since 2010.</p>\r\n\'',0,134423),('2_Friday','13','13:00','13:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Target-Based Security Model\'','\'Garett Montgomery\'','wos__gmontgomery','\'<h3 id=\"wos__gmontgomery\">Target-Based Security Model</h3>\r\n<h4>Garett Montgomery, Principal Security Research Engineer at BreakingPoint (Ixia/KeySight)</h4>\r\n<p>Have you ever been asked \'what is the best way to protect against $ATTACK\'? (usually shortly after $ATTACK makes headlines). Have you ever been challenged to provide the reasoning behind your suggestion? If you were in a room full of experts, would your reasoning hold up under scrutiny? When you discuss with your security-savvy peers, you\'re quickly come to a consensus on the \'best\' control (!= device) to protect against $ATTACK. But do you know WHY it\'s the \'best\'? The Target-Based Security Model is essentially a framework that breaks down attacks to their component level. This breakdown makes it easy to see what the \'best\' security controls are - as well as alternative security controls that could also be applied. Its not so much something new, as it is a new way for the industry to communicate about security. In much the same way that the OSI model allows for developers to know they are talking about the same thing, a common security model allows security professionsals to communicate in a vendor-agnostic manner. Think of it as a translation tool for vendor-speak. In this talk we\'ll present the Target-Based Security model and discuss the following: how it came to be, what it is, and how to use it. And of course, we\'ll talk about how it can be used to make the world a better place - provided we all agree to use it.</p>\r\n<p><strong>Garett Montgomery</strong> (Twitter: <a href=\"https://twitter.com/garett_monty\" target=\"_blank\" rel=\"noopener noreferrer\">@garett_monty</a>) has been a Security Researcher at BreakingPoint (since acquired by Ixia; since acquired by KeySight) for the last 6+ years. Prior to joining BreakingPoint he had been employed as a Security Analyst at the Naval Postgraduate School and then an IPS Signature Developer. He holds an MS in Information Assurance and numerous (likely since-expired) security certifications. A self-described packet-monkey, he enjoys automating all the things.</p>\r\n\'',0,134424),('3_Saturday','13','13:00','13:30','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Turning Deception Outside-In: Tricking Attackers with OSINT\'','\'Hadar Yudovich, Tom Kahana, Tom Sela\'','wos__hyudovich','\'<h3 id=\"wos__hyudovich\">Turning Deception Outside-In: Tricking Attackers with OSINT</h3>\r\n<h4>Hadar Yudovich, Security Researcher at Illusive Networks<br>Tom Sela, Head of Security Research at Illusive Networks<br> Tom Kahana, Security Researcher at Illusive Networks</h4>\r\n<p>Deceptions use attackers\' own tactics to force them to reveal themselves. Deception techniques are typically used inside the network once attackers have broken in. Once inside, attackers use credentials to move laterally. But before penetrating their target, attackers often study publicly available data to plan their attack. Can we assume that attackers continue to use public information once they\'ve broken in? Could externally-planted deceptions expand our range of visibility on the adversary\'s activity? In this session, we will present research we conducted to answer these questions, and introduce a tool you can use to \"try it at home.\" We first took a deeper look at various OSINT resources-social media, paste sites, public code repositories, etc.-to refine our picture of the types of publicly-available data, attackers might use to further an attack. Then we planted various deceptive information. For example, on PasteBin we created a fake \"paste\" page containing a dump of fake credentials. On GitHub we created a fake repository of code containing \"accidental\" commits (git commit -am \'removed password\'). Next, we paired these deceptions with relevant data and user objects within a simulated network environment. We then started monitoring and waited for an attacker to bite.</p>\r\n<p><strong>Hadar</strong> (Twitter: <a href=\"https://twitter.com/hadar0x\" target=\"_blank\" rel=\"noopener noreferrer\">@hadar0x</a>) is a Security Researcher at Illusive Networks. He has eight years of experience in cyber security, with six of those years focused on digital forensics and incident response (DFIR), both in the Israeli Air Force and in the private sector. Before joining Illusive Networks, he was a malware researcher for IBM Security where he hunted for new malware families and researched new techniques for malware detection. Hadar holds a Bachelor\'s degree in Computer Science from the Holon Institute of Technology, and several certifications, including the GIAC Certified Forensic Analyst (GCFA). In his free time he likes to develop open source forensic tools and solve forensic challenges.</p>\r\n<p><strong>Tom Sela</strong> (Twitter: <a href=\"https://twitter.com/4x6hw\" target=\"_blank\" rel=\"noopener noreferrer\">@4x6hw</a>) is Head of Security Research at Illusive Networks. He specializes in reverse engineering, malware research, deception development and OS internals. Prior to joining Illusive, Tom headed the Malware Research team at Trusteer (acquired by IBM), where he was responsible for Trusteer\'s anti-fraud endpoint product. At Trusteer he also led a team of reverse-engineers, researching the internals of advanced malware. As an active contributor to the security research community, Tom has spoken at DefCon and IEEE events. He attended the Israeli Naval Academy at the University of Haifa and holds a B.Sc. from Ben-Gurion University.</p>\r\n<p><strong>Tom Kahana</strong> (Twitter: <a href=\"https://twitter.com/tomkahana1\" target=\"_blank\" rel=\"noopener noreferrer\">@tomkahana1</a>) is a Security Researcher at Illusive Networks, with over nine years in cybersecurity. He specializes in Windows internals. Prior to Illusive Networks, Tom worked for Trusteer, where he specialized in exploitation techniques. Among other accomplishments, he is credited with discovery of ASLR security bypass vulnerability CVE-2016-0012. Tom served five years in an elite unit of the Israel Defense Force (IDF), specializing in Cyber Security Research and Development. Tom is studying for his Bachelor\'s of Computer Science degree at the Open University of Israel.</p>\r\n\'',0,134425),('4_Sunday','13','13:00','13:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'What Do You Want to be When You Grow Up?\'','\'Damon \"ch3f\" Small\'','wos__dsmall','\'<h3 id=\"wos__dsmall\">What Do You Want to be When You Grow Up?</h3>\r\n<h4>Damon \"ch3f\" Small, Technical Director at NCC Group North America</h4>\r\n<p>Many industries have well-defined points of entry and well-understood education and training requirements. Information Security is not one of those industries. Successful infosec pros often have wildly diverse backgrounds so it is difficult to know which is the \"correct\" way to enter this field. As our industry has evolved and matured, what do organizations now look for in a candidate? What combination of skills, experience, and education will get you in your \"dream job?\" SPOILER - there are many predictors of success, and organizations have different priorities, so there is no single answer.</p>\r\n<p>The speaker will describe his experiences as a 22-year veteran of IT and infosec, both from the perspective of working for internal support teams and as a client-facing consultant. In addition to direct observations, this presentation will include the perspectives of other infosec pros that currently work in various capacities in our industry. The goal is not to answer the question of how to successfully develop one\'s career, as such, but rather to continue the dialogue of what is important to us as we develop our future experts and leaders.</p>\r\n<p><strong>Damon Small</strong> (Twitter: <a href=\"https://twitter.com/damonsmall\" target=\"_blank\" rel=\"noopener noreferrer\">@damonsmall</a>) began his career studying music at Louisiana State University. Pursuing the changing job market, he took advantage of computer skills learned in the LSU recording studio to become a systems administrator in the mid 1990s. Over the past 18 years as a security professional he has supported infosec initiatives in the healthcare, defense, aerospace, and oil and gas industries. In addition to his Bachelor of Arts in Music, Small completed the Master of Science in Information Assurance degree from Norwich University in 2005. His role as Technical Director includes working closely with NCC Group consultants and clients in delivering complex security assessments that meet varied business requirements.</p>\r\n\'',0,134426),('3_Saturday','13','13:30','13:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Defense in Depth: The Path to SGX at Akamai\'','\'Sam Erb\'','wos__serb','\'<h3 id=\"wos__serb\">Defense in Depth: The Path to SGX at Akamai</h3>\r\n<h4>Sam Erb, Software Engineer at Akamai Technologies</h4>\r\n<p>In this presentation you will learn how Akamai has spent the past 4 years working toward preventing the next TLS heartbleed incident. Nothing hypothetical --only deployed defense-in-depth systems will be discussed. This talk will include how we deployed Intel SGX at scale in our network.</p>\r\n<p><strong>Sam Erb</strong> (Twitter: <a href=\"https://twitter.com/erbbysam\" target=\"_blank\" rel=\"noopener noreferrer\">@erbbysam</a>) is a 2x black badge winner with Co9 in the Badge Challenge and is working to make the Internet a safer place.</p>\r\n\'',0,134427),('2_Friday','14','14:00','14:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Protecting Crypto Exchanges From a New Wave of Man-in-the-Browser Attacks\'','\'Pedro Fortuna\'','wos__pfortuna','\'<h3 id=\"wos__pfortuna\">Protecting Crypto Exchanges from a New Wave of Man-in-the-Browser Attacks</h3>\r\n<h4>Pedro Fortuna, CTO and Co-Founder of Jscrambler</h4>\r\n<p>In the last year or so, we have seen a massive increase in the value of cryptocurrencies and the emergence of hundreds of new coins and ICOs, getting millions of people into an investment frenzy. A lot of them being non-technical regular consumers that rushed to create new accounts in the most popular crypto exchanges like Coinbase or Bitstamp. Crypto exchanges are naturally appealing for attackers and have been targeted since as long as we can remember. However, since last year, they are also being targeted by Man-in-the-Browser (MITB) attacks. Malware families such as Zeus Panda, Ramnit and Trickbot are already aiming at websites such as Coinbase.com or Blockchain.info. In this talk, we will detail how these attacks work, from account takeover to moving out the coins to attacker-controlled wallets. We\'ll discuss current defenses e.g. multi-factor authentication or strong SSL encryption and why they are failing to mitigate this type of attacks.</p>\r\n<p><strong>Pedro Fortuna</strong> (Twitter: <a href=\"https://twitter.com/pedrofortuna\" target=\"_blank\" rel=\"noopener noreferrer\">@pedrofortuna</a>) is CTO and Co-Founder of Jscrambler where he leads the technical vision for the product suite and contributes with his cybersecurity knowledge for R&amp;D. Pedro holds a degree in Computing Engineering and a MSc in Computer Networks and Services, having more than a decade of experience researching and working in the application security area. He is a regular speaker at OWASP AppSec events and other cybersecurity conferences but also contributes to web development events. His research interests lie in the fields of Application Security, Reverse Engineering and Malware and Software Engineering. Author of several patents in application security.</p>\r\n\'',0,134428),('3_Saturday','14','14:00','14:30','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Building a Teaching SOC\'','\'Andrew Johnson\'','wos__ajohnson','\'<h3 id=\"wos__ajohnson\">Building A Teaching SOC</h3>\r\n<h4>Andrew Johnson, Information Security Officer at Carnegie Mellon University</h4>\r\n<p>Effective security monitoring is an ongoing process. How do you get everyone participating? How do you on-board junior colleagues to continuous improvement? The purpose of this presentation is to show methods for encouraging participation from all members of the security monitoring team as well as tactics for communicating effective with the organization.</p>\r\n<p><strong>Andrew Johnson</strong> (Twitter: <a href=\"https://twitter.com/pierogipowered\" target=\"_blank\" rel=\"noopener noreferrer\">@pierogipowered</a>) is implementing a dedicated security operations team at Carnegie Mellon University. The security operations group has a dual focus on both the traditional aspect of securing the university as well as a focus on training student colleagues on the practical application of their degree. Prior to Carnegie Mellon University, Andrew was with HM Health Solutions. He had been responsible for creating a security operations platform in the heavily regulated health insurance/provider space. Andrew is a co-organizer for the BSides Pittsburgh (@bsidespgh) conference and enjoys recreational cycling and cooking when not participating in information security related activities.</p>\r\n\'',0,134429),('3_Saturday','14','14:30','14:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Normalizing Empire\'s Traffic to Evade Anomaly-Based IDS\'','\'Utku Sen, Gozde Sinturk\'','wos__sensinturk','\'<h3 id=\"wos__sensinturk\">Normalizing Empire\'s Traffic to Evade Anomaly-based IDS</h3>\r\n<h4>Utku Sen, Senior R&amp;D Engineer at Tear Security<br>Gozde Sinturk, R&amp;D Engineer at Tear Security</h4>\r\n<p>Perimeter defenses are holding an important role in computer security. However, when we check the method of APT groups, a single spear-phishing usually enough to gain a foothold on the network. Therefore, red teams are mostly focused on \"assume breach\" type of scenarios. In these scenarios, testers need to use a post-exploitation framework. Besides that, testers also need to hide the server-agent communication from NIDS (Network Intrusion Detection Systems). In this session, we will discuss one of the most famous post-exploitation tool, Empire\'s situation against payload-based anomaly detection systems. We will explain how to normalize Empire\'s traffic with polymorphic blending attack (PBA) method. We will also cover our tool, \"firstorder\" which is designed to evade anomaly-based detection systems. firstorder tool takes a traffic capture file of the network, tries to identify normal profile and configures Empire\'s listener in such way.</p>\r\n<p><strong>Utku Sen</strong> (Twitter: <a href=\"https://twitter.com/utkusen\" target=\"_blank\" rel=\"noopener noreferrer\">@utkusen</a>) is a security researcher who is mostly focused on following areas: application security, network security, tool development. He presented his tool, Leviathan Framework in Black Hat USA Arsenal and DEF CON Demo Labs in 2017. He also nominated for Pwnie Awards on \"Best Backdoor\" category in 2016.</p>\r\n<p><strong>Gozde Sinturk</strong> is Security Researcher and Python Developer who involved in projects related to machine learning, natural language processing, and big data. She is developing security tools in her current position.</p>\r\n\'',0,134430),('2_Friday','15','15:00','15:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Freedom of Information: Hacking the Human Black Box\'','\'Elliott Brink\'','wos__ebrink','\'<h3 id=\"wos__ebrink\">Freedom of Information - Hacking the Human Black Box</h3>\r\n<h4>Elliott Brink, Senior Penetration Tester at RSM US LLP</h4>\r\n<p>FOIA (otherwise known as the Freedom of Information Act or FOI/Freedom of Information in Australia) are government-based initiatives to permit the public to request information on various government records. In practice, these acts enable transparency of the operations of government to the masses with relative ease. In reality, submitting FOI requests can be a cumbersome and frustrating process for citizens.</p>\r\n<p>For two years now I have been hacking this human black box - finding out what you can/cannot ask for and more importantly how to ask for information and get it! Have you ever asked the government for a log file, Cisco IOS running config or Active Directory group policies? Do you ever wonder if a government employee would provide you with such information if you asked really really nicely? Let\'s find out together! For the past couple of years I have been performing various technology-focused FOI requests in an attempt to answer one simple argument: Can you utilize freedom of information to enumerate technical information from government agencies? I present my research, findings and results of multiple years of submitting FOIA requests to various USA and Australian government institutions including multiple intelligence agencies. We will discover the fun times and challenges when performing such requests.</p>\r\n<p>Attendees will gain practical knowledge about: what FOIA is, the caveats of FOIA, how you can utilize FOIA on red team engagements and other open source intelligence gathering activities and finally the results of my research in multiple requests to intelligence agencies.</p>\r\n<p><strong>Elliott Brink</strong> (Twitter: <a href=\"https://twitter.com/ebrinkster\" target=\"_blank\" rel=\"noopener noreferrer\">@ebrinkster</a>) is an information security consultant based out of NYC. He specializes in internal/external pentesting, security architecture and social engineering. He loves computer history, tracking bad guys, honeypots, an expertly crafted bloody mary, and traveling the globe.</p>\r\n\'',0,134431),('3_Saturday','15','15:00','15:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Grand Theft Auto: Digital Key Hacking\'','\'Huajiang \"Kevin2600\" Chen, Jin Yang\'','wos__chenyang','\'<h3 id=\"wos__chenyang\">Grand Theft Auto: Digital Key Hacking</h3>\r\n<h4>Huajiang \"Kevin2600\" Chen, Security Research at Ingeek<br>Jin Yang, Independent Security Researcher</h4>\r\n<p>The security of automobiles accesses control system is a topic often discussed. Today\'s vehicles rely on key-fob control modules, to ensure the vehicle is accessible to authorized users only. While most traditional automobile key-fob systems have been shown to be insecure in the past, here comes a game changer. Instead of the regular key-fob system, some car owners will be able to access their vehicle by having their smartphone authenticates as a digital car key.In this talk, we will reveal the research and attacks for one of digital car keys system in the current market. By investigating how these features work, and how to exploit it through different possibles of attack vectors, we will demonstrate the security limitations of such system. By the end of this talk, the attendees will not only understand how to exploit these systems also which tools can be used to achieve our goals.</p>\r\n<p><strong>Huajiang \"Kevin2600\" Chen</strong> (Twitter: <a href=\"https://twitter.com/kevin2600\" target=\"_blank\" rel=\"noopener noreferrer\">@kevin2600</a>) is a security researcher at Ingeek. And a member of Team-Trinity. The Team-Trinity is a Non-profit group of security researchers, mainly focus on wireless and embedded systems vulnerability research. Team members have worked extensively with binary reverse engineering, mobile security, and hardware security. Kevin2600 has spoken at various conferences including XCON, KCON, OZSecCon, BSides, and Alibaba-Cloud-Zcon.</p>\r\n<p><strong>Jin Yang</strong> is a member of Team-Trinity. The Team-Trinity is a Non-profit group of security researchers, mainly focus on wireless and embedded systems vulnerability research. He work in network security industry for over 10 years and focus on the Automated Virus Analysis, IoT Security, Threat Intelligence and Rootkits. Jin has spoken at XCon; AVAR and KCon.</p>\r\n\'',0,134432),('2_Friday','16','16:00','16:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Car Infotainment Hacking Methodology and Attack Surface Scenarios\'','\'Jay Turla\'','wos__jturla','\'<h3 id=\"wos__jturla\">Car Infotainment Hacking Methodology and Attack Surface Scenarios</h3>\r\n<h4>Jay Turla, Application Security Engineer at Bugcrowd</h4>\r\n<p>The battle for supremacy for the control of the dashboard display or infotainment systems has always been a race. Most of these systems run on Linux, Android, Windows (customized dashboards - perhaps Windows ME or CE) and Blackberry\'s QNX. In-Vehicle Infotainment (IVI) or In-car entertainment (ICE) Systems are indeed fun consoles where you can play media, movies, or work with your car\'s navigational system. But somehow it also comes with a risk of being hacked or attacked because they have also been plagued with vulnerabilities. In this talk, join Jay as he presents his own Car Hacker\'s Methodology in finding security bugs in order to pwn a car\'s infotainment system without having to do a drive by wire or CANbus hacking tools but will simply point out the common attack surfaces e.g WiFi, Bluetooth, USB Ports, etc. and some scenarios on how to exploit it just like how he popped a shell or issue an arbitrary command in his car which he tweeted in Twitter before.</p>\r\n<p><strong>Jay Turla</strong> (Twitter: <a href=\"https://twitter.com/shipcod3\" target=\"_blank\" rel=\"noopener noreferrer\">@shipcod3</a>) is an application security engineer at Bugcrowd Inc., and one of the goons of ROOTCON. He has been acknowledged and rewarded by Facebook, Adobe, Yahoo, Microsoft, Mozilla, etc. for his responsible disclosures. He has also contributed auxiliary and exploit modules to the Metasploit Framework and presented at ROOTCON, Nullcon, and TCON. He used to work for HP Fortify where he performs Vulnerability Assessment, Remediation and Advance Testing.</p>\r\n\'',0,134433),('3_Saturday','16','16:00','16:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Ridealong Adventures: Critical Issues with Police Body Cameras\'','\'Josh Mitchell\'','wos__jmitchell','\'<h3 id=\"wos__jmitchell\">Ridealong Adventures: Critical Issues with Police Body Cameras</h3>\r\n<h4>Josh Mitchell, Principal cybersecurity Consultant at Nuix</h4>\r\n<p>The police body camera market has been growing in popularity over the last few years. A recent (2016) Johns Hopkins University market survey found 60 different models have been produced specifically for law enforcement use. Rapid adoption is fueling this meteoric increase in availability and utilization. Additionally, device manufactures are attempting to package more and more technology into these devices. This has caused a deficiency in local municipalities\' skills and budget to accurately assess the attack surface and exposure to the organization. Furthermore, departmental policies and procedures governing the secure deployment of these devices is largely insufficient.</p>\r\n<p>At DEF CON, we will be introducing tactics, techniques, and procedures to assess the security of these devices. We will cover attacks against the physical devices, RF components, smartphone app\'s, and desktop software. The capabilities demonstrated and discussed will encompass publicly and privately available technologies. Additionally, the talk will cover multiple products and vendors, shedding light on industry wide issues and trends. Finally, we will be releasing software to detect and track various devices and tie these issues into real world events.</p>\r\n<p><strong>Josh Mitchell</strong> has more than a decade\'s experience as an information security researcher. He has authored numerous technical documents and presented his findings at conferences, academic discussions, and in the classroom. Josh is an expert at discovering and exploiting vulnerabilities and writing code to protect operating systems and programs. He holds patents in classifying computer files and executable files as malware or whiteware. Josh has served in the United States Air Force and held numerous defense contracting roles covering electronic signals intelligence exploitation, electronic warfare, malware analysis, exploit development, and reverse engineering. He also provided security services for General Dynamics Advanced Information Systems, Endgame, and Accuvant and assisted multiple computer emergency response teams with investigations vital to national security.</p>\r\n\'',0,134434),('2_Friday','17','17:00','17:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Swiss Cheese Holes in the Foundation of Modern Security - CERT VU#919801\'','\'Chris Hanlon\'','wos__chanlon','\'<h3 id=\"wos__chanlon\">Swiss Cheese Holes in the Foundation of Modern Security - CERT VU#919801</h3>\r\n<h4>Chris Hanlon, Founder of SecurityAlliance.ca</h4>\r\n<p>In this talk we briefly introduce common SMTP/TLS implementation weaknesses explain how governments, criminals, and malicious insiders can exploit them to remotely reset account passwords, create/update/delete firewall rules, control windows desktops/laptops, access online backup systems, download full-disk Encryption Keys, watch security cameras, listen to security camera microphones, control social media accounts, and takeover AWS virtual machines.</p>\r\n<p><strong>Chris Hanlon</strong> (Twitter: <a href=\"https://twitter.com/ChrisHanlonCA\" target=\"_blank\" rel=\"noopener noreferrer\">@ChrisHanlonCA</a>) has been maintaining Unix, Linux, and Windows Servers since 1998 and submitting vulnerability reports since 2000. Chris\'s submissions have resulted in security and privacy enhancements in Google Apps, the Linux Kernel, and Interac email transfers.</p>\r\n\'',0,134435),('3_Saturday','17','17:00','17:59','N','PHV','Caesars Promenade Level - Neopolitan BR','\'IoT Data Exfiltration\'','\'Mike Raggo, Chet Hosmer\'','wos__raggohosmer','\'<h3 id=\"wos__raggohosmer\">IoT Data Exfiltration</h3>\r\n<h4>Mike Raggo, CSO of 802 Secure, Inc.<br>Chet Hosmer, Owner of Python Forensics</h4>\r\n<p>IoT offers new protocols and frequencies over which communication travels. Due to lack of familiarity amongst most enterprises, most organizations are ill-equipped to monitor or detect these mysterious channels. This introduces a plethora of covert channels by which data could be exfiltrated, or malware to be infiltrated into the network. In this session we explore this new frontier by focusing on new methods of IoT protocol exploitation by revealing research conducted over the last 2 years. Detailed examples will be provided, as well as demo of a python tool for exploiting unused portions of protocol fields. From our research, we\'ll also reveal new methods of detecting aberrant behavior emanating to/from these devices gathered from our lab and real world testing.</p>\r\n<p><strong>Mike Raggo</strong> (Twitter: <a href=\"https://twitter.com/DataHiding\" target=\"_blank\" rel=\"noopener noreferrer\">@DataHiding</a>) is Chief Security Officer at 802 Secure and has over 20 years of security research experience. His current focus is wireless IoT threats impacting the enterprise. Michael is the author of \"Mobile Data Loss: Threats &amp; Countermeasures\" and \"Data Hiding\" for Syngress Books, and contributing author for \"Information Security the Complete Reference 2nd Edition\". A former security trainer, Michael has briefed international defense agencies including the FBI and Pentagon, and is a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, DoD Cyber Crime, OWASP, HackCon, and SANS.</p>\r\n<p><strong>Chet Hosmer</strong> is an international author, educator &amp; researcher, and founder of Python Forensics, Inc., a non-profit research institute focused on the collaborative development of open source investigative technologies using the Python programming language. Chet is also a Visiting Professor at Utica College in the Cybersecurity Graduate Program, where his research and teaching is focused on data hiding, active cyber defense and security of industrial control systems. Additionally, Chet is an Adjunct Professor at Champlain College in the Digital Forensics Graduate Program, where his research and teaching is focused on solving hard digital investigation problems using the Python programming language.</p>\r\n\'',0,134436),('2_Friday','18','18:00','18:30','N','PHV','Caesars Promenade Level - Neopolitan BR','\'Mapping Wi-Fi Networks and Triggering on Interesting Traffic Patterns\'','\'Caleb Madrigal\'','wos__cmadrigal','\'<h3 id=\"wos__cmadrigal\">Mapping Wi-Fi Networks and Triggering on Interesting Traffic Patterns</h3>\r\n<h4>Caleb Madrigal, Applied Researcher at Mandiant/FireEye</h4>\r\n<p>Sure, WiFi hacking has been around for a while, and everyone knows about tools like airmon-ng, kismet, et al. But what if you just want to view a list of all networks in your area along with all devices connected to them? Or maybe you want to know who\'s hogging all the bandwidth? Or, what if you want to know when a certain someone\'s cell phone is nearby. Or perhaps you\'d like to know if your Airbnb host\'s IP Camera is uploading video to the cloud?</p>\r\n<p>For all these use-cases, I\'ve developed a new tool called \"trackerjacker\". In this talk, we\'ll use this tool to explore some of the surprisingly-informative data floating around in the radio space, and you\'ll come away with a new skill point or two in your radio hacking skill tree, as well as a new magical weapon... I mean tool.</p>\r\n<p><strong>Caleb Madrigal</strong> (Twitter: <a href=\"https://twitter.com/caleb_madrigal\" target=\"_blank\" rel=\"noopener noreferrer\">@caleb_madrigal</a>) is an Applied Researcher at Mandiant/FireEye.</p>\r\n\'',0,134437),('2_Friday','11','11:00','12:30','N','PHW','Caesars Promenade Level - Neopolitan BR','\'Reverse Engineering Malware 101\'','\'Malware Unicorn\'','phw__malwareunicorn','\'<h3 id=\"phw__malwareunicorn\">Reverse Engineering Malware 101</h3>\r\n<p>This workshop provides the fundamentals of reversing engineering (RE) Windows malware using a hands-on experience with RE tools and techniques. Attendees will be introduced to RE terms and processes, followed by basic x86 assembly, and reviewing RE tools and malware techniques. It will conclude by attendees performing a hands-on malware analysis that consists of Triage, Static, and Dynamic analysis.
 Prerequisites: Basic understanding of programming C/C++, Python, or Java
. Provided: A virtual machine and tools will be provided.
 Features: 5 Sections in 1.5 hours:</p>\r\n<ul>\r\n<li>~15 min Fundamentals</li>\r\n<li>~15 min Tools/Techniques</li>\r\n<li>~30 min Triage Static Analysis + Lab</li>\r\n<li>~30 min Dynamic Analysis + Lab</li>\r\n</ul>\r\n<p>Amanda (Twitter: <a href=\"https://twitter.com/malwareunicorn\" target=\"_blank\" rel=\"noopener noreferrer\">@malwareunicorn</a>) absolutely loves malware. She works as a Senior Malware Researcher at Endgame who focuses on threat research focusing in dynamic behavior detection both on Windows and OSX platforms.
</p>\r\n\'',0,134438),('2_Friday','12','11:00','12:30','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Reverse Engineering Malware 101\'','\'Malware Unicorn\'','phw__malwareunicorn','\'\'',0,134439),('2_Friday','13','13:00','14:59','N','PHW','Caesars Promenade Level - Neopolitan BR','\'Advanced APT Hunting with Splunk\'','\'Ryan Kovar and John Stoner\'','phw__kovarstoner','\'<h3 id=\"phw__kovarstoner\">Advanced APT Hunting with Splunk</h3>\r\n<p>You wanna learn how to hunt the APTs? This is the workshop for you. Using a real-worldish dataset, this workshop will teach you how to hunt the \"fictional\" APT group Taedonggang. We discuss the Diamond model, hypothesis building, LM Kill Chain, and Mitre Att&amp;ck framework and how these concepts can frame your hunting. Then we look deep in the data using Splunk and OSINT to find the APT activity riddling a small startup\'s network. We walk you through detecting lateral movement, the P of APT, and even PowerShell Empire. Then at the end, we give you a similar dataset and tools to take home and try newly learned techniques yourself.</p>\r\n<p><strong>Ryan Kovar</strong> fought in the cyberwars and has been doing cybery things for almost 20 years. Now he is a Principal Security Strategist at Splunk building cool stuff, talking about security thingies, and helping other people fight their battles. He hates printers.</p>\r\n<p><strong>John Stoner</strong> is a Principal Security Strategist at Splunk. During his career he has worked in operations, consulting and solutions engineering. In his current role, he leverages his many years of experience in log management, SIEM, security operations and threat intelligence to provide solutions that drive greater situational awareness for organizations.</p>\r\n\'',0,134440),('2_Friday','14','13:00','14:59','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Advanced APT Hunting with Splunk\'','\'Ryan Kovar and John Stoner\'','phw__kovarstoner','\'\'',0,134441),('2_Friday','15','15:30','16:59','N','PHW','Caesars Promenade Level - Neopolitan BR','\'Finding and Attacking Undocumented APIs with Python\'','\'Ryan Mitchell\'','phw__rmitchell','\'<h3 id=\"phw__rmitchell\">Finding and Attacking Undocumented APIs with Python</h3>\r\n<p>Write Python web bots using Selenium and BrowserMob Proxy to crawl the Internet looking for non-public APIs. We will look at several ways to identify vulnerabilities in discovered APIs as a means for penetration testing and large scale data gathering. Participants should have some Python experience, as well as a familiarity with HTTP requests.</p>\r\n<p><strong>Ryan Mitchell</strong> is a senior software engineer at HedgeServ in Boston, where she develops APIs and data analytics tools for hedge fund managers. She is a graduate of Olin College of Engineering and Harvard University Extension School with a master\'s in software engineering and certificate in data science. Since 2012 she has regularly consulted, lectured, and run workshops around the country on the topics of web scraping, Python automation tools, and data science.</p>\r\n\'',0,134442),('2_Friday','16','15:30','16:59','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Finding and Attacking Undocumented APIs with Python\'','\'Ryan Mitchell\'','phw__rmitchell','\'\'',0,134443),('2_Friday','17','17:30','18:59','N','PHW','Caesars Promenade Level - Neopolitan BR','\'Serious Intro to Python for Admins\'','\'Davin Potts\'','phw__dpotts','\'<h3 id=\"phw__dpotts\">Serious Intro to Python for Admins</h3>\r\n<p>Intended for an audience of IT managers and admins who are either responsible for systems with deployed Python apps and/or interested in the security implications of developing their own tools/scripts/apps in Python. This will be a hands-on exercise from start to finish designed to leave you with a sense of the mentality of Python and an ability to quickly look up what you need when expanding your knowledge of Python in the future. Prior programming experience not required. However it would be helpful if you\'ve seen lots of Monty Python skits before.</p>\r\n<p><strong>
Davin Potts</strong> is a Python Core Developer and lead dev for the multiprocessing module in the Python standard library. For a day job, Davin is a scientific software consultant working primarily on data science projects. Also refer to <a href=\"https://www.crunchbase.com/person/davin-potts\" target=\"_blank\" rel=\"noopener noreferrer\">https://www.crunchbase.com/person/davin-potts</a>.</p>\r\n\'',0,134444),('2_Friday','18','17:30','18:59','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Serious Intro to Python for Admins\'','\'Davin Potts\'','phw__dpotts','\'\'',0,134445),('3_Saturday','09','09:30','13:30','N','PHW','Caesars Promenade Level - Neopolitan BR','\'Kali Dojo Workshop\'','\'Johnny Long\'','phw__jlong','\'<h3 id=\"phw__jlong\">Kali Dojo Workshop</h3>\r\n<p>Kali Linux can be deeply and uniquely customized to specific needs and tasks. In this workshop, we will customize Kali Linux into a very specific offensive tool, and walk you through the process of customization step by step. We will create a custom Kali ISO that will: load very specific toolsets; define a custom desktop environment and wallpaper; leverage customized features and functions; launch custom tools and scripts; install Kali automatically, without user intervention as a custom \"OS backdoor\". This workshop will guide you through all the aspects of Kali customization and give you the skills to create your own highly-customized Kali ISO, like the much feared Kali \"ISO of Doom\".</p>\r\n<p>Kali Live USB With Persistence And LUKS (2.5hrs)</p>\r\n<p>In this section we will show you how to deploy your customized Kali ISO to a secure, encrypted, USB device. ➤ We will show you how to add standard and encrypted USB persistence so you can save your data and we will walk you through a custom LUKS \"nuke\" deployment that will obliterate your encrypted data when presented with a specific kill phrase. We will also will discuss strategies to help you safely and legally cross international borders with your encrypted data without compromising it. When you complete this course, you will have the skills to create a completely customized, powerful, portable Kali ISO or USB with full encryption, persistence and the peace of mind of LUKS nuke. And, to sweeten the deal, we will provide super-cool custom Kali-branded USB drives.</p>\r\n<p><strong>Johnny Long</strong> spent his career as a professional hacker. He is the author of numerous security books including No-Tech Hacking and Google Hacking for Penetration Testers and is a contributor to Kali Linux Revealed. He is the founder of Hackers for Charity and currently works with the Offensive Security team.</p>\r\n\'',0,134446),('3_Saturday','10','09:30','13:30','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Kali Dojo Workshop\'','\'Johnny Long\'','phw__jlong','\'\'',0,134447),('3_Saturday','11','09:30','13:30','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Kali Dojo Workshop\'','\'Johnny Long\'','phw__jlong','\'\'',0,134448),('3_Saturday','12','09:30','13:30','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Kali Dojo Workshop\'','\'Johnny Long\'','phw__jlong','\'\'',0,134449),('3_Saturday','13','09:30','13:30','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Kali Dojo Workshop\'','\'Johnny Long\'','phw__jlong','\'\'',0,134450),('3_Saturday','14','14:00','15:59','N','PHW','Caesars Promenade Level - Neopolitan BR','\'Intense Introduction to Modern Web Application Hacking\'','\'Omar Santos and Ron Taylor\'','phw__santostaylor','\'<h3 id=\"phw__santostaylor\">Intense Introduction to Modern Web Application Hacking</h3>\r\n<p>This course starts with an introduction to modern web applications and immediately starts diving directly into the mapping and discovery phase of testing. In this course, you will learn new methodologies used and adopted by many penetration testers and ethical hackers. This is a hands-on training where will use various open source tools and learn how to exploit SQL injection, command injection, cross-site scripting (XSS), XML External Entity (XXE), and cross-site request forgery (CSRF). We will wrap up our two hour fast-paced course by unleashing students on a vulnerable web application with their newly found skills.</p>\r\n<p><strong>Omar Santos</strong> (Twitter: <a href=\"https://twitter.com/santosomar\" target=\"_blank\" rel=\"noopener noreferrer\">@santosomar</a>) is a Principal Engineer in the Cisco Product Security Incident Response Team (PSIRT) within Cisco\'s Security Research and Operations. He mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products, including cloud services. Omar has been working with information technology and cyber security since the mid-1990s. Omar has designed, implemented, and supported numerous secure networks for Fortune 100 and 500 companies and the U.S. government. Prior to his current role, he was a Technical Leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations.</p>\r\n<p><strong>Ron Taylor</strong> (Twitter: <a href=\"https://twitter.com/Gu5G0rman\" target=\"_blank\" rel=\"noopener noreferrer\">@Gu5G0rman</a>) has been in the Information Security field for almost 20 years. Ten of those years were spent in consulting. In 2008, he joined the Cisco Global Certification Team as an SME in Information Assurance. In 2012, he moved into a position with the Security Research &amp; Operations group, where his focus was mostly on penetration testing of Cisco products and services. He was also involved in developing and presenting security training to internal development and test teams globally. Additionally, he provided consulting support to many product teams as an SME on product security testing. He then spent some time as a Consulting Systems Engineer specializing in Cisco\'s security product line. His current role is working within the Cisco Product Security Incident Response Team (PSIRT). He has held a number of industry certifications including GPEN, GWEB, GCIA, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP, and MCSE. Ron is also a Cisco Security Blackbelt, SANS mentor, Cofounder and President of the Raleigh BSides Security Conference, and an active member of the Packet Hacking Village team at DEF CON.</p>\r\n\'',0,134451),('3_Saturday','15','14:00','15:59','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Intense Introduction to Modern Web Application Hacking\'','\'Omar Santos and Ron Taylor\'','phw__santostaylor','\'\'',0,134452),('3_Saturday','16','16:30','17:59','N','PHW','Caesars Promenade Level - Neopolitan BR','\'Mallet, An Intercepting Proxy for Arbitrary Protocols\'','\'Rogan Dawes\'','phw__rdawestraining','\'<h3 id=\"phw__rdawestraining\">Mallet, an intercepting proxy for arbitrary protocols</h3>\r\n<p>Mallet is an intercepting proxy for arbitrary protocols. More accurately, it is a framework for building proxies for arbitrary protocols. Mallet provides the basics required of all proxies: A way to receive the data, a way to send the data, and a user interface to intercept and edit the data. It builds on the Netty project, and as such has access to a large, well-tested suite of protocol implementations that can be used to transform a stream of bytes into useful, high-level protocol objects.</p>\r\n<p>This workshop will introduce attendees to Mallet, and show how to construct pipelines of arbitrary complexity, to successfully decode and intercept messages in various protocols, as well as automating modifications of the various messages.</p>\r\n<p>A basic familiarity with Java will enhance the delegate\'s understanding of what they are taught, but is not a requirement.</p>\r\n<p><strong>Rogan Dawes</strong> is a senior researcher at SensePost and has been hacking since 1998, which, coincidentally, is also the time he settled on a final wardrobe. He used the time he saved on choosing outfits to live up to his colleague\'s frequent joke that he has an offline copy of the Internet in his head. Rogan spent many years building web application assessment tools, and is credited as having built one of the first and most widely used intercepting proxies, WebScarab.</p>\r\n\'',0,134453),('3_Saturday','17','16:30','17:59','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Mallet, An Intercepting Proxy for Arbitrary Protocols\'','\'Rogan Dawes\'','phw__rdawestraining','\'\'',0,134454),('4_Sunday','11','11:00','12:59','N','PHW','Caesars Promenade Level - Neopolitan BR','\'Advanced APT Hunting with Splunk\'','\'Ryan Kovar and John Stoner\'','phw__kovarstoner','\'<h3 id=\"phw__kovarstoner\">Advanced APT Hunting with Splunk</h3>\r\n<p>You wanna learn how to hunt the APTs? This is the workshop for you. Using a real-worldish dataset, this workshop will teach you how to hunt the \"fictional\" APT group Taedonggang. We discuss the Diamond model, hypothesis building, LM Kill Chain, and Mitre Att&amp;ck framework and how these concepts can frame your hunting. Then we look deep in the data using Splunk and OSINT to find the APT activity riddling a small startup\'s network. We walk you through detecting lateral movement, the P of APT, and even PowerShell Empire. Then at the end, we give you a similar dataset and tools to take home and try newly learned techniques yourself.</p>\r\n<p><strong>Ryan Kovar</strong> fought in the cyberwars and has been doing cybery things for almost 20 years. Now he is a Principal Security Strategist at Splunk building cool stuff, talking about security thingies, and helping other people fight their battles. He hates printers.</p>\r\n<p><strong>John Stoner</strong> is a Principal Security Strategist at Splunk. During his career he has worked in operations, consulting and solutions engineering. In his current role, he leverages his many years of experience in log management, SIEM, security operations and threat intelligence to provide solutions that drive greater situational awareness for organizations.</p>\r\n\'',0,134455),('4_Sunday','12','11:00','12:59','Y','PHW','Caesars Promenade Level - Neopolitan BR','\'Advanced APT Hunting with Splunk\'','\'Ryan Kovar and John Stoner\'','phw__kovarstoner','\'\'',0,134456),('2_Friday','10','10:15','10:59','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Internet of Medicine : The ultimate key to Rooting the human being\'','\'Veronica Schmitt @Po1Zon_P1x13\'','iot__iom','\'	<!-- Modal iom -->\n<div class=\"modal fade\" id=\"iot__iom\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"iomModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">Internet of Medicine : The ultimate key to Rooting the human being</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                <p class=\"content-sm\">       \nThere are advancements made on a daily basis, with regards to medical implantable devices. These devices offer life extensions when organic systems fail. Are these systems secured? There are shocking amounts of vulnerabilities found on these devices. The medical industry has the hard job to balance accessibility and availability of these devices while trying to maintain their security. With the new patient monitoring systems which can download your heart information wirelessly and send it to you physician, medical devices are becoming part of the internet of things. Is the theoretical threat soon to become a real one? A unique perspective from a security professional with an IoT device which keeps her alive.\n \n</p>\n\n<p class=\"content-sm\">\n    Bio:<br>\nVeronica is a Partner at DFIRLABS. She is a forensicator, avid researcher and quite literally the superglue that holds DFIRLABS together. She was previously in charge of the Free State Cyber Forensic Laboratory of the Special Investigating Unit. After deciding that this title on its own wasn’t already too much of a mouthful, she departed the SIU in order to add Malware (Reverse) Engineer, Photographer, Seamstress, Super Mom and Sleep-deprived MSc Chaser to her list.\n\n</p>\n                \n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\n\'',0,134457),('2_Friday','11','11:30','11:59','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'IoT Village Keynote - Tales of a SOHOpeful Journey: Where our Research Started and Where it\'s Going\'','\'Rick Ramgattie @RRamgattie and Jacob Holcomb @rootHak42\'','iot__soho2','\'<!-- Modal keynote_soho -->\n<div class=\"modal fade\" id=\"iot__soho2\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"soho2Modal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">IoT Village Keynote - Tales of a SOHOpeful Journey: Where our Research Started and Where it\'s Going</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                <p class=\"content-sm\">\n	                TBA but you will see the origins of the SOHOpelessly broken research and some of the new research from our new research lab. \n                </p>\n                <p class=\"content-sm\">\n                    Bio:<br>\n                    Rick Ramgattie @RRamgattie is a Security Analyst at Independent Security Evaluators (ISE), where he conducts high-end, custom security assessments of computer hardware,  software products, and manages a team of security researchers. Growing up in the city of Bayamón, Puerto Rico, speaker Rick Ramgattie recognizes that it isn\'t all that easy to get into the information security community. In a self-taught manner he strived to learn what he could, before attending college in the mainland and then migrating to Baltimore. Now, as someone who appreciates the art of reverse engineering, he has taken part in hands-on security assessments of complex systems, IoT devices, and many different native and mobile applications. Rick enjoys reverse engineering, occasional CTFs, and reading.\n                    <br>\n                    <br>\n                    Jacob is the principal researcher on several pieces of ISE research, including the landmark publication SOHOpelessly Broken, which discovered over 50 new 0-day vulnerabilities in network routers and served as the foundation for the first-ever router hacking contest at DEFCON. He is skilled in penetration testing, application security, network security, and exploit research and development. A highly regarded speaker, he has presented at security conferences such as BlackHat USA, BlackHat Europe, DEFCON, DerbyCon, BSidesDC, and many others. In addition to projects at work, coding, and his favorite pastime of EIP hunting, Jacob loves to hack his way through the interwebz and has responsibly disclosed dozens of 0-day vulnerabilities in commercial products and services.\n                </p>\n                \n				\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\'',0,134458),('2_Friday','12','12:30','12:59','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'NEST: Securing the Home\'','\'Matt Mahler and Kat Mansourimoaied\'','iot__nest','\'<!-- Modal nest -->\n<div class=\"modal fade\" id=\"iot__nest\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"nestModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">NEST: Securing the Home</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n            <p class=\"content-sm\">\nAs homes become more interconnected the attacks on them are becoming better and more sophisticated. Come learn how Nest is taking steps to prevent security vulnerabilities in our products when your product has to be in the field for many years.\n<br>\nIn this talk we will discuss how the way Nest does verified boot, the basics of Thread/Weave and how to connect to Nest devices, our approach to the SDLC and a few possibilities of where we think the industry is going in the next couple years. \n            </p>\n            \n            <p class=\"content-sm\">       \nBio: <br> \nMatt Mahler - Matt has been working on security at Nest for over 6 years (SWE, SRE, Sec Engineer)<br>\nKat Mansourimoaied - Member of the Nest S&P Engineering team focusing on penetration testing and automated fuzzing.\n </p>\n            </div>\n        \n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\'',0,134459),('2_Friday','13','13:15','13:59','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Exploiting the IoT hub : What happened to my home?\'','\'Hwiwon Lee and Changhyun Park\'','iot__iot_hub','\'<!-- Modal iot_hub -->\n<div class=\"modal fade\" id=\"iot__iot_hub\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"iot_hubModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">Exploiting the IoT hub : What happened to my home?</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                <p class=\"content-sm\">\nIn the home IoT service, the IoT hub is an important device that links users and various things in the house.\n<br>\nWhat are the security threats to these hubs and are they securely configured?\n<br>\nThis presentation explores the importance of targeting IoT hubs in the home IoT environment and the role and features of the IoT hub in the IoT environment. We will explain the analysis process and related issues about the vulnerabilities of various IoT hubs discovered through the research, and present the threat scenarios that may arise in the home IoT service.\n<br>\nFinally, we will talk about what security factors to consider in a home IoT environment, including the IoT hub, and how to solve them.\n<br>\nWe found various 0-days (Buffer Overflow, Command Injection, Local Privilege Escalation, Backdoor etc) for IoT hubs in terms of STRIDE threat model. In addition, we can show the practical threats in modern smart home by exploiting the IoT hub.\n                </p>\n<p class=\"content-sm\">\nBios:<br>\nHwiwon Lee is a cyber security researcher from Korea University with expertise in embedded security, offensive research, and playing CTFs. He has participated and won a lot of CTFs which includes DEFCON, SECCON, XCTF, Belluminar as CyKor or DEFKOR team. He researched for smart home security by exploiting IoT hub devices from domestic manufacturer and found many vulnerabilities which could be compromised like Mirai Botnet. Also, he likes to find 0-days in common softwares based on fuzzing.<br>\n&\n<br>\n<br>\nChanghyun Park is a cyber security consultant with @EY(Ernst & Young) Korea. He has experienced many IoT security analysis and consulting. He worked on a project related to IoT Security at OWASP Korea in Busan chapter and studied security consulting at KITRI BOB 4th. Also, he did a lot of IoT research and bug bounty in a security research group \"hacktagon\". He\'s currently research on secure models in smart home, factory, and healthcare. In addition, He is making efforts to make a presentation at an international conference.                </p>\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\'',0,134460),('2_Friday','14','14:30','15:15','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Internet of Laws: Navigating to IoT Hacking Legal Landscape\'','\'Amit Elazari @amitelazari & Jamie Williams @jamieleewi\'','iot__laws','\'<!-- Modal laws -->\n<div class=\"modal fade\" id=\"iot__laws\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"lawsModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">Internet of Laws: Navigating to IoT Hacking Legal Landscape</h3>\n            </div>\n            <div class=\"modal-body content-sm\">                \n                <p class=\"content-sm\">\n	                The world might be getting more connected but not less risky to hack. This talk will give IoT hackers a quick intro to the variety of legal pitfalls that govern IoT hacking, from the notorious Computer Fraud and Abuse Act and the DMCA to bug bounty legal terms and the “good-faith” security exemption now pending renewal. Hackers will learn which terms they should beware of in light of recent developments in anti-hacking laws, recent developments in CFAA case law and bug bounties legal scandals, and which strategies could be useful to comply with the DMCA security exemption and anti-hacking laws in general. \n                </p>\n<p class=\"content-sm\">\nBio:<br>\nAmit is a doctoral law candidate at UC Berkeley and a Berkeley Center for Long-Term Cybersecurity Grantee. Her work has been published in leading technology law journals, presented in conferences such as ESCAR, RSA, USENIX Enigma, BsidesLV, BsidesSF, Black Hat and DEF CON-Skytalks and featured in leading news sites such as Vice, The Washington Post and The Verge. On 2018, Amit was granted a CLTC grant for her work exploring safe harbors for security researchers. \n\n<br>\n<br>\n\nJamie Williams @jamieleewi is a staff attorney at the Electronic Frontier Foundation, where she is part of EFF\'s civil liberties team. Jamie focuses on the First and Fourth Amendment implications of new technologies, and is part of EFF\'s Coder\'s Rights Project, which protects programmers and developers engaged in cutting-edge exploration of technology. Jamie joined EFF in 2014. Prior to joining EFF, Jamie clerked for Judge Saundra Brown Armstrong in the Northern District of California, and practiced at Paul Hastings LLP, as an associate in the firms\' litigation department. Jamie was also a law clerk at the Alameda County Public Defender. Jamie has a J.D. from the University of California, Berkeley School of Law (Boalt Hall) and a B.A. in journalism from the University of Wisconsin, Madison.\n           </p>\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\'',0,134461),('2_Friday','15','14:30','15:15','Y','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Internet of Laws: Navigating to IoT Hacking Legal Landscape\'','\'Amit Elazari @amitelazari & Jamie Williams @jamieleewi\'','iot__laws','\'\'',0,134462),('2_Friday','15','15:45','16:30','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'The Sound of a Targeted Attack: Attacking IoT Speakers\'','\'Stephen Hilt @sjhilt\'','iot__sound','\'<!-- Modal sound -->\n<div class=\"modal fade\" id=\"iot__sound\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"soundModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">The Sound of a Targeted Attack: Attacking IoT Speakers</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                <p class=\"content-sm\">\nIoT connected devices are being released at a staggering rate. According to Gartner it’s speculated that by the end of 2018, there will be 11.2 billion IoT devices currently connected at any given time. A large part of that connected ecosystem includes wireless speaker systems created by some of the largest manufacturers around the globe\n<br>\nLooking closer at Sonos and Bose wireless speaker systems, this research looks to find flaws in these common household devices. This research analyzes the default configuration flaws of the devices, open diagnostic tool availability, API flaws, and more. Additionally, this research will cover the easiness of physically locating where these devices are used (and who is using them). Then move into deep dives in the firmware and hardware will help attendees understand the nuances between IoT speaker devices and the wider IoT environment as a whole.\n<br>\nWhile this talk will focus on two IoT speaker systems, the issues here persist into other IoT devices. Attendees should learn about IoT speakers and how they function, why even after reporting issues things will go un-resolved and remain un-secure, and what we can do about it to help reduce the risk of these devices. \n</p>\n                \n                <p class=\"content-sm\">\n                    Bios:<br>\nStephen Hilt is a Sr. Threat Researcher at Trend Micro, where he focuses on Threat Actors, Malware behind attacks, and ICS and IoT Security. Stephen is a world-renowned researcher, having spoken multiple times at Derbycon, Blackhat US, and RSA. Stephen is a Nmap Contributor has written Nmap scripts for ICS protocols. This work took him into becoming an expert on ICS protocols and co-authored the book Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions\n                </p>\n                </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\'',0,134463),('2_Friday','16','15:45','16:30','Y','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'The Sound of a Targeted Attack: Attacking IoT Speakers\'','\'Stephen Hilt @sjhilt\'','iot__sound','\'\'',0,134464),('2_Friday','16','16:45','17:30','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'I\'m the One Who Doesn\'t Knock: Unlocking Doors from the Network\'','\'David Tomaschik @Matir\'','iot__knock','\'<!-- Modal knock -->\n<div class=\"modal fade\" id=\"iot__knock\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"knockModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">I\'m the One Who Doesn\'t Knock: Unlocking Doors from the Network</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                \n                \n                <p class=\"content-sm\">\nIn 2017, I discovered that a popular IP-based door access control system (badge reader and door lock controller) used poorly-implemented cryptography.  Through binary analysis and live testing against a functional device, I was able to construct an exploit that would unlock the door without talking to the central authority database or logging the door open event.  I\'ll walk the audience through the steps that made me realize there was a problem, through the binary analysis, and then finally into building a working exploit.\n                </p>\n                <p class=\"content-sm\">\n                    Bios:<br>\nDavid is a hacker with an interest in embedded devices and hardware security.  He\'s currently a Senior Security Engineer at Google, working on security assessments and Red Teaming.\n                </p>\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\n\n\'',0,134465),('2_Friday','17','16:45','17:30','Y','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'I\'m the One Who Doesn\'t Knock: Unlocking Doors from the Network\'','\'David Tomaschik @Matir\'','iot__knock','\'\'',0,134466),('3_Saturday','10','10:15','10:59','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'FPGA’s: a new attack surface for embedded adversaries.\'','\'John Dunlap @JohnDunlap2\'','iot__fpga','\'<!-- Modal fpga -->\n<div class=\"modal fade\" id=\"iot__fpga\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"fpgaModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">FPGA’s: a new attack surface for embedded adversaries. </h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n<p class=\"content-sm\">\nIn this talk, reverse engineer and security expert John Dunlap will present security hazards concerning the ever expanding use of Field Programmable Gate Array systems. FPGA’s are reconfigurable computers that allow programmers to redesign a CPU as if it were hardware. With this amazing capability comes significant security risks. \n<br>\nJohn Dunlap will present a threat model for FPGA systems, including methods of both hardware and software attack for the purposes of exploitation and reverse engineering. \n<br>\nJohn will also present a security tool to aid in security testing of FPGA devices. \n\n                </p>\n                <p class=\"content-sm\">\nBio: <br>\nJohn Dunlap is a NYC cyber security expert. He has given presentations on his exploit development research both at home and abroad, including talks at Defcon, Derbycon, and Australia’s Ruxcon. John Dunlap is a major proponent of hacker culture preservation, and is a supporter of the international demoscene. John Dunlap specializes in reverse engineering, exploit development, social engineering and source code analysis.                </p>\n				\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\n\'',0,134467),('3_Saturday','11','11:15','11:59','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Your Smart Scale is Leaking More than Your Weight\'','\'Erez Yalon @ErezYalon\'','iot__scale','\'<!-- Modal scale -->\n<div class=\"modal fade\" id=\"iot__scale\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"scaleModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">Your Smart Scale is Leaking More than Your Weight</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                             \n\n<p class=\"content-sm\">\nCheaper devices that consume less power - What more can you ask for? SECURITY!. \nBased on multiple tests we have done across a variety of devices, we can conclude that there are still many vendors who lack the security awareness and fail to protect their users. All tested devices were vulnerable to various degrees: A smart scale, a smart lock, a smart band, a smart light bulb and even Amazon’s Alexa.\nLive demos included!\n\n</p> \n<p class=\"content-sm\">\nBio: <br>\nHead of Security Research at Checkmarx\n</p>\n				\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\n\n\n\n\'',0,134468),('3_Saturday','12','12:30','12:59','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Panel Q&A – IoT Manufacturers: Answers on Security Straight from the Source\'','\'Panel\'','iot__panel_iot','\'<!-- Modal panel_iot -->\n<div class=\"modal fade\" id=\"iot__panel_iot\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"panel_iotModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">Panel Q&A – IoT Manufacturers: Answers on Security Straight from the Source</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n              <p class=\"content-sm\">\n                Have you ever wondered what the makers of your smart devices think about when they design it? What about their security and how they protect your info? Now is your chance to hear it from Nest, Geotab, Fitbit, and Kwikset and you get to meet Lisa Green\n                                </p>\n\n<p class=\"content-sm\">\n<!-- Bio:<br> -->\n </p>\n\n				\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\'',0,134469),('3_Saturday','13','13:15','13:59','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Worms that fight back: Nematodes as an antidote for IoT malware\'','\'Matt Wixey @darkartlab\'','iot__worms','\'<!-- Modal worms -->\n<div class=\"modal fade\" id=\"iot__worms\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"wormsModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">Worms that fight back: Nematodes as an antidote for IoT malware</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                \n                \n                <p class=\"content-sm\">\n\nNematodes, often called “anti-worms” or “beneficial worms”, are a controversial topic. They involve exploiting the same vulnerabilities used by malicious worms, but, rather than installing malware or being used to form a botnet, nematodes attempt to disinfect and patch the vulnerable host. In some variants, nematodes also try to perform some kind of beneficial action, such as compressing files, or reporting illegal content to law enforcement.\n<br>\nDespite being brought up a few times in previous talks and papers, nematodes remain largely on the fringes of the security community’s consciousness. Perhaps part of the reason for this is the demise of traditional network worms – after all, it’s not 2004 any more – and perhaps, for good reason, most people think the idea usually doesn’t work in practice, or has significant legal implications. However, there has recently been a trend of wormable vulnerabilities which utilise rather different mediums – such as WiFi (Broadpwn), Bluetooth (BlueBorne), light (smart lightbulbs), RFID tags, and more - and, of course, a huge number of wormable vulnerabilities in a wide range of IoT devices. The rise of these, and the fact that IoT security issues are not easily resolvable with patching, antivirus solutions, and other security mechanisms, may make it worth re-opening the nematode debate.\n<br>\nIn this talk, I’ll consider whether it actually is worth doing so, given that we could be on the threshold of an era involving new and devastating types of worms. Along the way, I’ll cover the history of nematodes and take a journey back in time with some \'digital paleovirology\', starting with the murky history of Creeper, Reaper and PERVADE in the 1970s, then moving on to Brain and Denzuko in 1986; ADM and Max Vision in 1998; PolyPedo in 2001; the ‘worm wars’ of 2003-2004; and right up to the present day battles between IoT botnets such as Mirai with IoT nematodes such as Hajime and Brickerbot.\n<br>\nI’ll also cover the legal and ethical issues posed by nematodes; the challenges and benefits they can bring; and will present some demos of custom nematodes. These include custom-developed worms and corresponding nematodes for both a recent web application vulnerability and an IoT device, and an improved and updated alternative to the PolyPedo worm. I\'ll also discuss \'Antidote\', an in-progress and experimental modular framework for deploying and configuring anti-worms based on recent exploits and attack techniques. Finally, I\'ll outline some ideas for future research in this area.\n<p class=\"content-sm\">\nBio:<br>\nMatt leads technical research for the PwC Cyber Security practice in the UK, works on its Ethical Hacking team, and is a PhD candidate at University College London. Prior to joining PwC, Matt led a technical R&D team for a law enforcement agency in the UK. His research interests include antivirus and sandboxing technologies, unconventional attack vectors, side-channels, and radio security. \n\n</p>\n				\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\n\'',0,134470),('3_Saturday','14','14:30','15:15','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Attacking Commercial Smart Irrigation Systems\'','\'Ben Nassi @ben_nassi\'','iot__irrigate','\'<!-- Modal irrigate -->\n<div class=\"modal fade\" id=\"iot__irrigate\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"irrigateModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">Attacking Commercial Smart Irrigation Systems</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                \n                <p class=\"content-sm\">\nSmart irrigation systems, a new IoT device which is aimed at saving water and money, have already been adopted by smart cities (e.g., Barcelona), agriculture, and the private sector around the world and will replace existing traditional irrigation systems in the next few years as part of the smart water grid revolution. Connected to the Internet (via Wi-Fi/GSM communication) and critical infrastructure (e.g., water reservoirs), they will become a new target for motivated hackers and attackers. In this talk, we present research that was conducted over the past year, in which we investigated and reversed engineered three of the 10 most sold commercial smart irrigation systems (GreenIQ, RainMachine, and BlueSpray). We analyzed their interfaces with weather forecast services, cloud servers, sensors, and C&C devices, and based on this analysis, we present novel attack vectors against smart irrigation systems. We demonstrate (in videos) the implementation of the attack vectors on commercial smart irrigation systems and show how each of them contains a critical security vulnerability which allows a motivated hacker to remotely gain complete control of the system by: (1) hijacking or (2) influencing the smart irrigation system’s artificial intelligence. Finally, we talk about the damage that hackers can cause by performing attacks on smart irrigation systems and hypothesize whether the next generation of plumbers will use Kali Linux instead of a monkey wrench.\n</p>\n\n<p class=\"content-sm\">\n	\nBio:<br>	Ben Nassi is a Ph.D. student at Ben-Gurion University of the Negev (BGU), a security researcher at BGU’s Cyber Security Research Center, and a former Google employee. He holds a B.Sc. degree in computer science and an M.Sc. degree in software and information systems engineering from BGU. His Ph.D. topic is titled, \"Cyber Security in the IoT Era.\" His primary research interest is the security of IoT devices.</p>\n                 				\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\n\n\'',0,134471),('3_Saturday','15','14:30','15:15','Y','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Attacking Commercial Smart Irrigation Systems\'','\'Ben Nassi @ben_nassi\'','iot__irrigate','\'\'',0,134472),('3_Saturday','15','15:45','16:30','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'How-to modify ARM Cortex-M based firmware: A step-by-step approach for Xiaomi devices\'','\'Dennis Giese\'','iot__arm_core','\'<!-- Modal arm_core -->\n<div class=\"modal fade\" id=\"iot__arm_core\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"arm_coreModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\">How-to modify ARM Cortex-M based firmware: A step-by-step approach for Xiaomi devices</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n                <p class=\"content-sm\">\nMany IoT devices use an ARM Cortex-M based MCU and run some kind of RTOS/\"bare metal\" OS. In comparison to Linux-based firmwares it is a lot more difficult to modify the firmware. If you want to change the functionality you usually have the choice between rewriting the whole firmware yourself or do binary patching manually.\nIn this talk we would like to demonstrate an easier method and show a step-by-step approach.\n<br>\nYou will see how to get access to the firmware of different Xiaomi Cloud products like lightbulbs or smart home gateways.\n<br>\nTheir IoT devices are unable to function fully without cloud connection. The connection to the cloud is protected by AES and a unique device key. Data generated by the devices gets uploaded to the cloud of the vendor (e.g. Logfiles, etc.). In May 2018 a subcontractor of Xiaomi, Lumi, denied EU-based users and their devices access to their cloud infrastructure due the GDPR. To become independent from the vendor the way to go might be to modify or replace the firmware in the device.\n<br>\nFor that, we are not only using methods that require opening the devices but also methods which leave the devices intact.\nThe Nexmon framework (by the SEEMOO Lab) is used to alter the firmware of the ARM-based IoT devices. \n<br>\nThe modified firmware is then used to extract secrets which are needed to run the IoT devices with your own cloud software. It is also possible to easily implement completely new functions into the firmware using C code.\n\n\n                </p> \n<p class=\"content-sm\">\n    \n    Bio:<br>\nDennis is a grad student at TU Darmstadt and a researcher at Northeastern University. He was a member of one european ISP\'s CERT for several years.\n<br>\nWhile being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kind of devices. \nHis latest victim is the Xiaomi IoT cloud. He was a speaker at the Chaos Communication Congress and the REcon BRX.                 </p>				\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\'',0,134473),('3_Saturday','16','15:45','16:30','Y','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'How-to modify ARM Cortex-M based firmware: A step-by-step approach for Xiaomi devices\'','\'Dennis Giese\'','iot__arm_core','\'\'',0,134474),('3_Saturday','16','16:45','17:30','N','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Hacking U-Boot\'','\'Srinivas Rao @srini0x00 and Abhijeth D @abhijeth\'','iot__uboot','\'<!-- Modal uboot -->\n<div class=\"modal fade\" id=\"iot__uboot\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"ubootModal\" aria-hidden=\"true\">\n    <div class=\"modal-dialog\">\n        <div class=\"modal-content\">\n            <div class=\"modal-header\">\n                <h3 class=\"modal-title\" id=\"ethicsModal\">Hacking U-Boot</h3>\n            </div>\n            <div class=\"modal-body content-sm\">\n             \n\n<p class=\"content-sm\">\nU-boot is one of the most popular boot loaders used in embedded devices. We all have seen the importance of boot loaders while rooting android devices. This workshop gives an introduction to practical attacks against embedded devices using boot loader(u-boot) as an interface. The workshop covers various interesting concepts which mainly include:\n<br>\n1. U-boot 101\n<br>\n2. Embedded device boot process\n<br>\n3. Getting into U-boot shell on various devices.\n<br>\n4. UART authentication bypass using U-boot.\n<br>\n5. Planting backdoors in the filesystem using U-boot\n<br>\n6. Preventive measures\n<br>\nConsidering the number of devices using U-boot as the boot loader across the world, it is important to understand the flaw that come with it. In this workshop/talk the speakers will demonstrate most commonly found practical attacks.\n</p>\n<p class=\"content-sm\">\n    Bio:<br>\nSrinivas(@srini0x00) has extensive hands-on experience performing Web Application, Infrastructure and Mobile Security Assessments. He delivered training sessions on Web, Infrastructure and Mobile penetration testing for organisations across the world, which include India, Malaysia, Brunei, Vietnam etc. He blogs at www.androidpentesting.com\n<br>\nAbhijeth D\nTwitter: @abhijeth\nAbhijeth D(@abhijeth) is an AppSec dude and an Adjunct lecturer in Australia. Previously worked with Adobe Systems, TCS and Sourcenxt. Security Enthusiast in the fields of Penetration Testing, Application/Mobile/Infrastructure Security. Believes in need for more security awareness and free responsible disclosures. Got lucky in finding few vulnerabilities with Google, Yahoo, Facebook, Microsoft, Ebay, Dropbox, etc and one among Top 5 researchers in Synack a bug bounty platform. Got a chance to speak at Defcon, Blackhat, OWASP AppSec USA, c0c0n etc.\n\n\n                </p>\n				\n            </div>\n            <div class=\"modal-footer\">\n            </div>\n        </div>\n    </div>\n</div>\n\n\'',0,134475),('3_Saturday','17','16:45','17:30','Y','IOT','Caesars Promenade Level - Turin/Verona/Trevi Rms','\'Hacking U-Boot\'','\'Srinivas Rao @srini0x00 and Abhijeth D @abhijeth\'','iot__uboot','\'\'',0,134476),('2_Friday','10','10:40','11:10','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'How can industrial IioT be protected from the great unwashed masses of IoT devices\'','\'Ken Keiser, Ben Barenz\'','2bd2b33399fc528d2d5351d5a928dfd5','\'<h1 class=\"heading-4\">\nHow can industrial IioT be protected from the great unwashed masses of IoT devices</h1>\n<p class=\"paragraph-21\">\nAugust 10, 2018 10:40 AM</p>\n<p class=\"paragraph-17\">\nIoT and IIot devices are more prevalent in homes and industry. When these two areas share the same space, malware could move from one domain to another. For example, smart meters used by an electric utility could be compromised by other smart devices in the home. How can an electric utility protect their industrial equipment and ensure that home based IoT devices stay in their place? Join us in a demonstration of techniques that could be used to cloak an electric meter from the wild west of commercial-off-the-shelf IoT devices</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nKen Keiser</p>\n<a href=\"https://twitter.com/KenKeiser\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nParsons</p>\n<p class=\"paragraph-19\">\nKen Keiser is the Director of Operational Technology Cybersecurity at Parsons Corporation, focusing on critical infrastructure protection risk analysis, and mitigation in the transportation, oil &amp;amp; Gas, water, steel, automotive, and chemical industries. He has over 30 years of industrial control system experience in distributed control systems with Bailey Controls, ABB, and Siemens. Most recently, Ken was the interim Chief Information Security Officer for Amtrak as part of a Parsons project. He holds a Certified Information Systems Security Professional certification as well as a Payment Card Industry Qualified Security Assessor certification. Ken holds a Bachelor of Science in Electrical Engineering from Drexel University, and a Bachelor of Business Administration from Temple University.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nBen Barenz</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nParsons</p>\n<p class=\"paragraph-19\">\nBen Barenz is a Systems Engineer at Parsons Corporation, focusing on critical asset protection and critical infrastructure protection. He has over 8 years of industry experience in critical asset protection under DoD contracts and has recently moved under critical infrastructure protection. Ben holds a Bachelors of Science in Electrical Engineering from the University of Nebraska and numerous industry related certifications. ​</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134477),('2_Friday','11','10:40','11:10','Y','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'How can industrial IioT be protected from the great unwashed masses of IoT devices\'','\'Ken Keiser, Ben Barenz\'','2bd2b33399fc528d2d5351d5a928dfd5','\'\'',0,134478),('2_Friday','13','13:50','14:20','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'Behavior-Based Defense in ICS Environments: Leveraging Minor Incidents to Protect Against Major Attacks\'','\'Joe Slowik\'','5a3b53d9158ff24fbd58243d8681ce43','\'<h1 class=\"heading-4\">\nBehavior-Based Defense in ICS Environments: Leveraging Minor Incidents to Protect Against Major Attacks</h1>\n<p class=\"paragraph-21\">\nAugust 10, 2018 1:50 PM</p>\n<p class=\"paragraph-17\">\nSuccessful cyber-attacks against cyber-physical systems require expert knowledge about the dynamic behavior of the underlying physical process (yes, it is actually required). This information is a crucial part during the attack preparation. Previous work has shown manual acquisition of knowledge about process dynamics to be prohibitively laborious (we will show why). This talk will present first insights into automated process-aware system discovery that goes beyond IT-related trivia and focuses on the physical core of an industrial plant. We will share the results of 12 months’ worth of work, which approaches worked and which did not (and why). Notably, our work already had a follow up work at S4x2017, we will share the insights into that work too. Reverse engineering of the physical processes es is a novel topic for which we yet to find workable/standardized approaches. We encourage you to be a part of the process.</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nJoe Slowik</p>\n<a href=\"https://twitter.com/jfslowik\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nDragos</p>\n<p class=\"paragraph-19\">\nJoe Slowik currently hunts ICS adversaries for Dragos, pursuing threat activity groups through their malware, their communications, and any other data available. Prior to his time at Dragos, Joe ran the Incident Response team at Los Alamos National Laboratory, and served as an Information Warfare Officer in the US Navy. Throughout his career in network defense, Joe has consistently worked to &#x27;take the fight to the adversary&#x27; by applying forward-looking, active defense measures to constantly keep threat actors off balance. An important part of this strategy is understanding adversary techniques and actions: good defense requires knowing (and at times practicing) offense.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134479),('2_Friday','14','13:50','14:20','Y','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'Behavior-Based Defense in ICS Environments: Leveraging Minor Incidents to Protect Against Major Attacks\'','\'Joe Slowik\'','5a3b53d9158ff24fbd58243d8681ce43','\'\'',0,134480),('2_Friday','14','14:30','14:59','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'How We Cost Our Client £1.2M with 4 lines of code and less than 2 Hours ($2M)\'','\'Mike Godfrey\'','b37b886dc252932b8d4f06acf0bf09ad','\'<h1 class=\"heading-4\">\nHow We Cost Our Client £1.2M with 4 lines of code and less than 2 Hours ($2M)</h1>\n<p class=\"paragraph-21\">\nAugust 10, 2018 2:30 PM</p>\n<p class=\"paragraph-17\">\nHacking SCADA, or more commonly ICS is serious business - unlike other areas of offensive security one mistake can cost lives. Mike and Matt will present their ICS research which was carried out at one of the UKs top Industrial training facilities, walk through caveats, protocols and show some demos. They will also show how one can start researching industrial systems safely and cover what one needs to know to not get someone killed. They will also share the story and method behind how they cost a company £1.2M+ ($2M+) in lost earnings in under 5 seconds with only 4 lines of code. We will not be showing exploit code as we believe given what&#x27;s at stake, it&#x27;s highly irresponsible, but what we will do is give responsible researchers the knowledge they need to get involved and start helping to secure critical infrastructure. We’ll also show process, insight and what exploiting this kit actually means.</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nMike Godfrey</p>\n<a href=\"https://twitter.com/mikeghacks\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nINSINIA</p>\n<p class=\"paragraph-19\">\nMike Godfrey is a Network Specialist and Ethical Hacker with over 20 years experience in building and breaking computers. He has enjoyed a successful career in Information Technology, having qualified in Cisco CCNA (Network Associate) over 10 years ago and going on to work on some of the countries largest technological infrastructure. Mike is qualified and experienced in IT but is also a qualified Electro-technical / Electro-mechanical Engineer, specialising in hardware exploitation. Mike’s qualifications and experience have led to INSINIA becoming the only Gas Safe Registered Cyber Security Company in the UK, allowing it to test industrial process and building infrastructure in a unique way. Mike’s skills have also led to the design and production of a range of new products and services, including securing the hardware and fabric of buildings and identifying key vulnerabilities within the buildings “PowerLine” (230V circuit), which can allow an attacker to exfiltrate information undetected, as well as discovering vulnerabilities in key industrial gas systems and controls. Mike was the first ethical hacker to successfully hack Trend’s 963 BMS system back in 2006, the Sentry Safe with a magnet and a sock in 2014, the Philips Hue smart home system in 2017 and many more.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134481),('2_Friday','15','15:10','15:40','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'A CTF That Teaches: Challenging the Next Generation of ICS Ethical Hackers\'','\'Brandon Workentin\'','5a3b6b5a18247ab7b2f2775e4bdb7b25','\'<h1 class=\"heading-4\">\nA CTF That Teaches: Challenging the Next Generation of ICS Ethical Hackers</h1>\n<p class=\"paragraph-21\">\nAugust 10, 2018 3:10 PM</p>\n<p class=\"paragraph-17\">\nToday&#x27;s evolving threat landscape makes training new talent to defend critical infrastructure networks more important than ever. One way to both help people build their technical skills and introduce new people to the world of ICS security is with Capture-the-Flag exercises (CTFs). This presentation will analyze the development of a real-life CTF, including some of the problems faced and how to solve them, to show how you can create challenging, yet educational, CTFs to train the next generation of ICS defenders.</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nBrandon Workentin</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nSecurityMatters</p>\n<p class=\"paragraph-19\">\nBrandon Workentin joined SecurityMatters as an ICS Security Engineer in early 2017. Prior to that, Brandon worked for EnergySec, where he started as an intern in 2014 and finished as a Cybersecurity Analyst II. At EnergySec, Brandon focused on security regulations, including the NERC CIP cybersecurity standards, as well as threats, research, and news affecting the electric industry. He was also involved in the creation of the EnergySec Information Sharing and Analysis Organization (ISAO), as well as a member of multiple ISAO Standards Organization Working Groups. Prior to joining the cybersecurity field, Brandon spent several years teaching math and English in Idaho and Oregon. Brandon also enjoys public speaking, highlighted by having presented on ICS security at multiple BSides events. He has a BA in Mathematics and English Education from Northwest Nazarene University and an AS in Cybersecurity and Networking from Mt. Hood Community College.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134482),('3_Saturday','10','10:00','10:30','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'Securing Critical Infrastructure through Side-Channel Monitoring\'','\'James Harris, Carlos Aguayo\'','9dee2fbfc98d8db5f3a231f369d8799a','\'<h1 class=\"heading-4\">\nSecuring Critical Infrastructure through Side-Channel Monitoring</h1>\n<p class=\"paragraph-21\">\nAugust 11, 2018 10:00 AM</p>\n<p class=\"paragraph-17\">\nComing soon.</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nJames Harris</p>\n<a href=\"https://twitter.com/jimeharrisjr\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nPFP Cybersecurity</p>\n<p class=\"paragraph-19\">\nJames Harris began his career as an Engineer/Scientist at IBM PC Company in the 1990s, and as a Senior Field Applications Engineer at Silicon Image in the early 2000’s. After the terrorist attacks of September 11, 2001, he joined the FBI as a Special Agent primarily focused on Cyber matters, where he remained for more than a decade. At the FBI, he served in a number of positions, including as the Senior Liaison Officer to DHS’s Cybersecurity and Communications Division, and as the Assistant Section Chief of the Counterterrorism Internet Operations Section. In 2014, he co-founded Eunomic, Inc., a Software Defined Network security start-up, which was acquired by Caveonix, Inc. in 2017. Today he is the Vice President of Engineering for PFP Cybersecurity, leading the company’s product development. PFP was recently named a Gartner “Cool Vendor” for using side channel analysis to protect endpoint devices.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nCarlos Aguayo</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nPFP Cybersecurity</p>\n<p class=\"paragraph-19\">\nCarlos R. Aguayo Gonzalez, is one of the Founders and Chief Technology Officer of PFP Cybersecurity, which develops unique physics-based cyber security solutions for critical infrastructure, including industrial control systems and supply-chain risk management. He received his PhD and MS degrees from Virginia Tech both in Electrical Engineering. The PFP Cybersecurity approach has its foundation on Dr. Aguayo Gonzalez’s doctoral work. He has extensive research and development (R&amp;D) experience in cyber security, critical infrastructure protection, side-channel analysis, machine learning, and signal processing. Dr. Aguayo Gonzalez has served as Principal Investigator in multiple R&amp;D projects in cyber security protection of critical infrastructure. Key sponsors of this research include: National Science Foundation, Army, Air Force, the Defense Advanced Research Projects Agency, and the Department of Homeland Security</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134483),('3_Saturday','10','10:40','11:10','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'Analyzing VPNFilter&#x27;s Modbus Module\'','\'Patrick DeSantis, Carlos Pacho\'','ee4aa3483d13691bef53c7240273b467','\'<h1 class=\"heading-4\">\nAnalyzing VPNFilter&#x27;s Modbus Module</h1>\n<p class=\"paragraph-21\">\nAugust 11, 2018 10:40 AM</p>\n<p class=\"paragraph-17\">\nSince May of 2018 Cisco Talos has been releasing information to the\npublic detailing the capabilities of a nation-state sponsored malware\ncampaign known as VPNFilter. This global, multi-year campaign targets\nnumerous network routing devices which range from low-end small office,\nhome office (SOHO) WiFi routers to rack-mount enterprise-grade network\nappliances. Of special interest to the ICS community is the existence of\na post-exploitation module focused specifically on identifying a subset\nof Modbus traffic while also capturing credentials transmitted via HTTP.\nFor our talk, we will discuss some background on the VPNFilter campaign,\nmalware analysis, capabilities, and cover some hypothetical scenarios in\nwhich the Modbus module would be useful.</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nPatrick DeSantis</p>\n<a href=\"https://twitter.com/CarlosMPacho\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nCisco Talos</p>\n<p class=\"paragraph-19\">\nAs security researchers with Cisco Talos, Carlos Pacho (@carlosmpacho) and Patrick DeSantis (@pat_r10t) focus on discovering new and exploitable vulnerabilities in Industrial Control Systems (ICS) and other computing devices that have an impact on the physical world. The Talos ICS team has been responsible for the coordinated disclosure of dozens of ICS-related security vulnerabilities in devices ranging from secure industrial routers to programmable logic controllers (PLCs). They also built an ICS-controlled kegerator.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nCarlos Pacho</p>\n<a href=\"https://twitter.com/pat_r10t\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nCisco Talos</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134484),('3_Saturday','11','10:40','11:10','Y','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'Analyzing VPNFilter&#x27;s Modbus Module\'','\'Patrick DeSantis, Carlos Pacho\'','ee4aa3483d13691bef53c7240273b467','\'\'',0,134485),('3_Saturday','13','13:15','13:45','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'Disassembly and Hacking of Firmware Where You Least Expect It: In Your Tools- with live hacking demonstration\'','\'Monta Elkins\'','bc571dd08ad0e5ee63914249a1238226','\'<h1 class=\"heading-4\">\nDisassembly and Hacking of Firmware Where You Least Expect It: In Your Tools- with live hacking demonstration</h1>\n<p class=\"paragraph-21\">\nAugust 11, 2018 1:15 PM</p>\n<p class=\"paragraph-17\">\n\nIn this session we&#x27;ll cover: Why EVERYTHING is a computer running software and can be attacked Vulnerability and capability assessment of firmware attacks Physical ramifications of tool attacks Finding and verifying firmware Some instances where &quot;less security&quot; is better Safety / Security tips for firmware Screen reader support enabled.</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nMonta Elkins</p>\n<a href=\"https://twitter.com/montaelkins\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nFoxGuard Solutions</p>\n<p class=\"paragraph-19\">\nMonta Elkins is currently Hacker-in-Chief for FoxGuard Solutions, an ICS patch provider. Considered by many of his friends to be the Chuck Norris of ICS Cybersecurity, Rackspace enjoyed his tenure as Security Architect. Monta has been a speaker at more security conferences than even his enormous ego can remember including: DEFCON, EnergySec, ICSJWG, GridSecCon, CIP Emerging Technology Roundtable, ICS CyberSecurity, SANS ICS Summit, and Nuke CIP Pyongyang. In his spare time, Monta is the totally-safe-for-work &quot;Coke and Strippers&quot; YouTube channel creator, solving all the world&#x27;s problems using Cold War era electronic technologies. https://tinyurl.com/y6vpmbw4 Known for having once discovered ALL the devices on an ICS network, Monta has served as a guest lecturer for colleges, universities and elsewhere teaching Arduino programming/circuit design, SDR, and rapid prototyping techniques. As a small child, he entertained himself by memorizing Pi -- backwards.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134486),('3_Saturday','13','13:55','14:25','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'TOR for The IOT aka TORT Reform\'','\'Bryson Bort\'','411b4defbd336f652b041d0e2a17e293','\'<h1 class=\"heading-4\">\nTOR for The IOT aka TORT Reform</h1>\n<p class=\"paragraph-21\">\nAugust 11, 2018 1:55 PM</p>\n<p class=\"paragraph-17\">\nExploitation is a given. Unwanted parties will gain access eventually whether it is through technical, physical, or social means. The only other certainty is they will continue to come up with new ways to innovate. They have to blend in to succeed so how do they balance those two competing influences? More than just the inconvenience, at worst, of taking over simple I/IOT or the creepiness of your home webcam. We will begin by analyzing the attacks that have happened and how they worked. Then, we will build our own. I will walk through how an attacker doesn’t just attack you, but can easily build a mass attack campaign to take over thousands. Once they do, I show how instead of that inconvenience, they can laterally take over the house and hop to steal interesting things like embarrassing photos, social security numbers, bank account information, intellectual property, and tax returns for profit. If you cannot keep them out what can you do? For starters, let’s understand how they communicate including some unique ideas for protocols (Google Suite) and infrastructure (traditional smokescreen for non-attribution to re-purposing I/IoT devices). This is the attacker’s vulnerability: They have to use your connectivity. Finding them on endpoints is fairly difficult because they have numerous ways to evade. But, on the wire… the options are limited to just blending in. This talk is aimed to provide something to both offense and defense. For offense, demonstration of basic (orientation of concepts) to novel approaches for traffic protocols and infrastructure. For defense, awareness of traffic patterns along with protocol analysis with experiential detail (wireshark) helps them learn to fish (no pun intended) for a lifetime instead of just eating for a day since none of this is static in real life.\n</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nBryson Bort</p>\n<a href=\"https://twitter.com/brysonbort\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nSCYTHE</p>\n<p class=\"paragraph-19\">\nBryson is the Founder and CEO of SCYTHE, Founder of GRIMM, and Founding Member of the ICS Village, a non-profit advancing education and awareness of security for industrial control systems. Prior to launching SCYTHE and GRIMM, Bryson led an elite research &amp; development (R&amp;D) division that directly contributed towards National Security priorities and interest. Prior to that he developed an enterprise R&amp;D program and supported creation of a cybersecurity strategy as a Deputy CTO and Program Director focused on supporting technology research and global infrastructure for the DoD and the Intelligence Community. As a U.S. Army Officer, Bryson led a tactical communications platoon in support of Operation Bright Star in September 2001. He served as a Battle Captain and as a Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army at the rank of Captain. Bryson received his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point and completed numerous U.S. Army professional education courses in tactical communications and information assurance. He holds a Master’s Degree in Telecommunications Management from the University of Maryland and a Master’s in Business Administration from the University of Florida in addition to completing graduate studies in Electrical Engineering and Computer Science at the University of Texas.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134487),('3_Saturday','14','13:55','14:25','Y','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'TOR for The IOT aka TORT Reform\'','\'Bryson Bort\'','411b4defbd336f652b041d0e2a17e293','\'\'',0,134488),('3_Saturday','16','16:55','17:25','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'Reverse Engineering Physical Processes in Industrial Control Systems\'','\'Marina Krotofi, Alexander Winnicki\'','ea8a6783bd054457e9c7f53a66154539','\'<h1 class=\"heading-4\">\nReverse Engineering Physical Processes in Industrial Control Systems</h1>\n<p class=\"paragraph-21\">\nAugust 11, 2018 4:55 PM</p>\n<p class=\"paragraph-17\">\nSuccessful cyber-attacks against cyber-physical systems require expert knowledge about the dynamic behavior of the underlying physical process (yes, it is actually required). This information is a crucial part during the attack preparation. Previous work has shown manual acquisition of knowledge about process dynamics to be prohibitively laborious (we will show why). This talk will present first insights into automated process-aware system discovery that goes beyond IT-related trivia and focuses on the physical core of an industrial plant. We will share the results of 12 months’ worth of work, which approaches worked and which did not (and why). Notably, our work already had a follow up work at S4x2017, we will share the insights into that work too. Reverse engineering of the physical processes es is a novel topic for which we yet to find workable/standardized approaches. We encourage you to be a part of the process :-) </p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nMarina Krotofi</p>\n<a href=\"https://twitter.com/Marmusha\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nFireEye</p>\n<p class=\"paragraph-19\">\nMarina Krotofil is an experienced ICS/SCADA professional who specializes on offensive Industrial Control Systems (ICS) security: discovering and weaponizing unique attack vectors, engineering damage scenarios and understanding attacker techniques when exploiting ICS. She previously worked as a Principal Analyst in Cyber-Physical group at FireEye (USA), Lead Cyber Security Researcher at Honeywell (USA) and as a Senior Security Consultant at the European Network for Cyber Security (Netherlands). She authored more than 20 academic/white papers and 3 book chapters on ICS security and is a frequent speaker at the leading security events around the world. She holds MBA in Technology Management, MSc in Telecommunication and MSc in Information and Communication Systems.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nAlexander Winnicki</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nSilver Atena</p>\n<p class=\"paragraph-19\">\nAlexander Winnicki is a Security Integrator ICS at Airbus CyberSecurity (Germany). He previously worked as a security engineer at SILVER ATENA Electronics Systems Engineering GmbH (Germany) where he was involved with the embedded systems security. His interest for ICS security has started through Bachelor and Master Theses at Hamburg University of Technology (Germany). Alexander&#x27;s research contributions were presented at Black Hat and Def Con 2015 as well as published at few top ranking academic conference proceedings.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134489),('3_Saturday','17','16:55','17:25','Y','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'Reverse Engineering Physical Processes in Industrial Control Systems\'','\'Marina Krotofi, Alexander Winnicki\'','ea8a6783bd054457e9c7f53a66154539','\'\'',0,134490),('3_Saturday','17','17:35','17:59','N','ICS','Flamingo Lower Level - Red Rock Rm 6-8','\'A SOC in the Village\'','\'Thomas VanNorman\'','9eb05122658bdb4a8343f73545937b24','\'<h1 class=\"heading-4\">\nA SOC in the Village</h1>\n<p class=\"paragraph-21\">\nAugust 11, 2018 5:35 PM</p>\n<p class=\"paragraph-17\">\nSecurity operation centers (SOC) have a been around on the enterprise networks for a while now, but what about OT SOCS? This talk will cover some technologies that are available for the plant floor that works with your SOC. After the talk, a live demonstration will take place in the ICS Village.</p>\n<div class=\"speaker-block\">\n<h3 class=\"heading-6\">\nSpeaker Information</h3>\n<div class=\"div-block-13\">\n<p class=\"paragraph-18\">\nThomas VanNorman</p>\n<a href=\"https://twitter.com/Tom_VanNorman\" target=\"_blank\" class=\"speaker-twitter w-inline-block\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy\">\nDragos</p>\n<p class=\"paragraph-19\">\nThomas has been working in Operational Technology field for more than two decades. He is currently the Director of Engineering Services at Dragos, and a Founding Member of ICS Village. Thomas is also retired from the Air National Guard where he worked in Cyber Warfare Operations. For over the past 10 years Thomas focus area has been working on securing Industrial Control Systems and the networking of such systems leveraging his operational knowledge of such systems. Thomas currently holds a Certified Information Systems Security Professional (CISSP) through ISC(2), Global Industrial Cyber Security Professional (GICSP) and GIAC Certified Incident Handler (GCIH) both through GIAC.</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n<div class=\"speaker-block\">\n<div class=\"div-block-13\">\n<p class=\"paragraph-18 w-dyn-bind-empty\">\n</p>\n<a target=\"_blank\" class=\"speaker-twitter w-inline-block w-condition-invisible\">\n<img src=\"https://uploads-ssl.webflow.com/5a79eab85df125000115784b/5a79eab85df1250001157886_social-18-white.svg\" width=\"23\"/>\n</a>\n</div>\n<p class=\"paragraph-18-copy w-dyn-bind-empty\">\n</p>\n<p class=\"paragraph-19 w-dyn-bind-empty\">\n</p>\n</div>\n\n\'',0,134491),('2_Friday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon F','\'Crypto Hero\'','\'Sam Bowne, Dylan James Smith, Elizabeth Biddlecome\'','ws__bowne','\'<article class=\"talk\" id=\"bowne\">\n<h3 class=\"talkTitle\">Crypto Hero</h3>\n	<p class=\"details\">Friday, 1000-1400 in Icon F</p>\n<h4 class=\"speaker\">Sam Bowne<span class=\"speakerTitle\"> Instructor, City College San Francisco</span></h4>\n<h4 class=\"speaker\">Dylan James Smith<span class=\"speakerTitle\"> </span></h4>\n<h4 class=\"speaker\">Elizabeth Biddlecome<span class=\"speakerTitle\"> Security Consultant</span></h4>\n\n<p class=\"abstract\">Protect data with strong cryptography (AES, RSA, SHA) and attack these systems (Existential Forgery, Padding Oracle, and more). Apply these techniques to blockchains including Bitcoin, Ethereum, and Multichain.<br><br>This is a hands-on workshop with a series of CTF-style challenges, beginning with simple data conversions and extending to advanced methods appropriate for experts. We will briefly explain and demonstrate the techniques, and trainers will help participants individually with the challenges.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Prior experience with cryptography is helpful but not required.</p>\n<p class=\"abstract\"><strong>Materials:</strong> A laptop capable of running VMware virtual machines</p>\n<p class=\"abstract\"><strong>Max students:</strong> 84</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/crypto-hero-icon-f-tickets-47194055691\">https://www.eventbrite.com/e/crypto-hero-icon-f-tickets-47194055691</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Sam Bowne</strong><br> Sam Bowne is an instructor at City College San Francisco, and has been teaching hacking and security classes for ten years. He has presented talks and workshops at Defcon, HOPE, RSA, BSidesLV, BSidesSF, and many other conferences. He has a CISSP and a PhD and is like, really smart.\n<p class=\"speakerBio\"><strong>Dylan James Smith</strong><br> Dylan James Smith has assisted Sam Bowne with classes as a tutor and TA and at hands-on workshops at DEF CON, RSA, B-Sides LV and other conferences. He has worked in and around the computer support and network administration industries since adolescence. Now he\'s old(er.) Currently tearing things apart and putting them back together and seeking opportunities to practice and teach \"the cybers\".\n<p class=\"speakerBio\"><strong>Elizabeth Biddlecome</strong><br> Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.\n</article>\n\'',0,134492),('2_Friday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Crypto Hero\'','\'Sam Bowne, Dylan James Smith, Elizabeth Biddlecome\'','ws__bowne','\'\'',0,134493),('2_Friday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Crypto Hero\'','\'Sam Bowne, Dylan James Smith, Elizabeth Biddlecome\'','ws__bowne','\'\'',0,134494),('2_Friday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Crypto Hero\'','\'Sam Bowne, Dylan James Smith, Elizabeth Biddlecome\'','ws__bowne','\'\'',0,134495),('2_Friday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon D','\'JWAT...Attacking JSON Web Tokens\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger1','\'<article class=\"talk\" id=\"nyffenegger1\">\n<h3 class=\"talkTitle\">JWAT...Attacking JSON Web Tokens</h3>\n	<p class=\"details\">Friday, 1430-1830 in Icon D</p>\n<h4 class=\"speaker\">Louis Nyffenegger<span class=\"speakerTitle\"> Security Engineer, Pentester Lab</span></h4>\n<h4 class=\"speaker\">Luke Jahnke<span class=\"speakerTitle\"> Security Researcher, Elttam</span></h4>\n\n<p class=\"abstract\">Nowadays, JSON Web Tokens are everywhere. They are used as session tokens, Oauth tokens or just to pass information between applications or microservices. By design, JWT contains a high number of security and cryptography pitfalls that creates interesting vulnerabilities. In this workshop, we are going to learn how to exploit some of those issues: the none algorithm, guessing the hmac secret, using a public key as a hmac secret... and finally CVE-2018-0114: a bug in the Cisco\'s Node JOSE.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> The students should be able to use Burp and write some basic scripts in the language of their choice. They will also need to be familiar with VMWare or the virtualization software of their choice.</p>\n<p class=\"abstract\"><strong>Materials:</strong> A laptop with 4Gb of RAM and the virtualization software of their choice. Internet access during the class.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/jwatattacking-json-web-tokens-icon-d-tickets-47193664521\">https://www.eventbrite.com/e/jwatattacking-json-web-tokens-icon-d-tickets-47193664521</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Louis Nyffenegger</strong><br> Louis Nyffenegger is a security engineer and entrepreneur based in Melbourne, Australia. He performs pentest, architecture and code review on a daily basis. Louis is the founder of PentesterLab, a learning platform for web penetration testing.\n<p class=\"speakerBio\"><strong>Luke Jahnke</strong><br> Luke Jahnke is a Security Researcher at Elttam. He has extensive experience performing security assessments and running training. He enjoys working on interest vulnerabilities and runs the biennial BitcoinCTF competition.\n \n</article>\n\'',0,134496),('2_Friday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'JWAT...Attacking JSON Web Tokens\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger1','\'\'',0,134497),('2_Friday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'JWAT...Attacking JSON Web Tokens\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger1','\'\'',0,134498),('2_Friday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'JWAT...Attacking JSON Web Tokens\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger1','\'\'',0,134499),('2_Friday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'JWAT...Attacking JSON Web Tokens\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger1','\'\'',0,134500),('2_Friday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon B','\' Reverse Engineering with OpenSCAD and 3D Printing\'','\'Nick Tait\'','ws__tait','\'<article class=\"talk\" id=\"tait\">\n<h3 class=\"talkTitle\"> Reverse Engineering with OpenSCAD and 3D Printing</h3>\n	<p class=\"details\">Friday, 1000-1400 in Icon B</p>\n<h4 class=\"speaker\">Nick Tait<span class=\"speakerTitle\"> </span></h4>\n\n<p class=\"abstract\">The main focus of this class is a software tool and programming language OpenSCAD. Through a specific example we will learn to reproduce physical objects. We\'ll cover the entire workflow from measurement, sketching, modeling, and manufacturing. Additional hints for optimizing your design for 3D printing will enable rapid product iteration. All modeling in OpenSCAD is through writing commands which brings many powerful properties of software such as parameterization, version control, and reusable components to CAD modeling. Ultimately with the combination of these skills you\'ll be equipped to repair and improve your stuff.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> No previous programming experience required, but it will help you get more out of this workshop.</p>\n<p class=\"abstract\"><strong>Materials:</strong> A laptop with an up to date:<br>\n* Operating system (Linux/OS X/Win)<br>\n* OpenSCAD (free and open source) <a href=\"http://www.openscad.org/\">http://www.openscad.org/</a><br>\n* Cura (free and open source) <a href=\"https://ultimaker.com/en/products/ultimaker-cura-software\">https://ultimaker.com/en/products/ultimaker-cura-software</a></p>\n<p class=\"abstract\"><strong>Max students:</strong> 30</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/digital-manufacturing-using-reverse-engineering-open-source-3d-printers-and-software-icon-b-tickets-47194008550\">https://www.eventbrite.com/e/digital-manufacturing-using-reverse-engineering-open-source-3d-printers-and-software-icon-b-tickets-47194008550</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Nick Tait</strong><br>nickthetait (government name Nicholas Tait) is a software engineer and fixer of things currently living in Fort Collins, Colorado. His most recent job focused on producing numbers to coax 3D printers to do the user\'s bidding. Before that he helped route packages for a multinational corporation that rhymes with annex.<br><br>\n\nLately he\'s been in training for his next job - attending any cyber security event physically (and sometimes digitally) possible, contributing to a bunch of open source projects, learning to pick locks and talking about encryption to anyone that will listen. Rock climbing and mountain biking are long time passions that keep the blood pumping and ideas flowing.</p>\n \n \n</article>\n\'',0,134501),('2_Friday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\' Reverse Engineering with OpenSCAD and 3D Printing\'','\'Nick Tait\'','ws__tait','\'\'',0,134502),('2_Friday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\' Reverse Engineering with OpenSCAD and 3D Printing\'','\'Nick Tait\'','ws__tait','\'\'',0,134503),('2_Friday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\' Reverse Engineering with OpenSCAD and 3D Printing\'','\'Nick Tait\'','ws__tait','\'\'',0,134504),('2_Friday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon D','\'ARM eXploitation 101\'','\'Sneha Rajguru\'','ws__rajguru','\'<article class=\"talk\" id=\"rajguru\">\n<h3 class=\"talkTitle\">ARM eXploitation 101</h3>\n	<p class=\"details\">Friday, 1000-1400 in Icon D</p>\n<h4 class=\"speaker\">Sneha Rajguru<span class=\"speakerTitle\"> Security Consultant, Payatu Software Labs LLP</span></h4>\n\n<p class=\"abstract\">ARM architecture based systems are on the rise and seen in almost every hand-held or embedded device. The increasing popularity and growth of the Internet of Things (IoT) have allowed widespread use of ARM architecture. As with any other thing in this world, increasing popularity and usage brings new security challenges and attacks. This workshop aims to provide an introduction to ARM architecture, assembly and explore intermediate level exploitation techniques on ARM along with hands-on examples and challenges.<br><br>This session is aimed at security professionals and personnel who possess general security knowledge and wish to enter the field of ARM exploitation.<br><br>The attendees will walk away with basic knowledge and skills of ARM Architecture, Assembly, and Exploitation techniques.<br><br>The workshop will provide a base for the attendees to develop exploit research expertise on the ARM based platforms<br><br>Topics Covered:<br>\n<br>\nIntroduction to ARM CPU Architecture <br>\nRegisters<br>\nModes of Operations<br>\nARM Assembly Language Instruction Set<br>\nIntroduction to ARM functions and working<br>\nDebugging on ARM<br>\nStack Overflow on ARM<br>\nHow to write a shellcode<br>\nHow to reverse a shellcode</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> The participants are not expected to have any prior knowledge about ARM architectures whereas familiarity with C and Linux Command line will be useful.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Hardware Requirements: Minimum 4GB RAM and more than 20 GB Free Hard Disk Space<br>Software Requirements:Windows 7/8, *Nix, Mac OS X 10.5, Administrative privileges on your machines, Virtualbox or VMPlayer, SSH Client</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/arm-exploitation-101-icon-d-tickets-47194115871\">https://www.eventbrite.com/e/arm-exploitation-101-icon-d-tickets-47194115871</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Sneha Rajguru</strong><br> Sneha works as Senior Security Consultant with Payatu Software Labs LLP. Her interests lies in web, mobile application security and fuzzing. She has discovered various security flaws within various open source applications such as PDFLite, Jobberbase, Lucidchart and more. She has spoken and provided trainings at various conferences such as DEFCON, BSides LV, BSidesVienna, OWASP AppSec USA, DeepSec, DefCamp, FUDCon, and Nullcon. Sneha is passionate about promoting and encouraging Women in Security and has founded an initiative called WINJA-CTF through which she hosts women-only CTFs and Workshops at conferences and other events. Sneha is also active in the local security community and hosts local security meet-ups in Pune. She leads the Pune chapter of null community.\n \n \n</article>\n\'',0,134505),('2_Friday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'ARM eXploitation 101\'','\'Sneha Rajguru\'','ws__rajguru','\'\'',0,134506),('2_Friday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'ARM eXploitation 101\'','\'Sneha Rajguru\'','ws__rajguru','\'\'',0,134507),('2_Friday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'ARM eXploitation 101\'','\'Sneha Rajguru\'','ws__rajguru','\'\'',0,134508),('2_Friday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon B','\'Buzzing Smart Devices: Smart Band Hacking\'','\'Arun Magesh\'','ws__magesh','\'<article class=\"talk\" id=\"magesh\">\n<h3 class=\"talkTitle\">Buzzing Smart Devices: Smart Band Hacking</h3>\n	<p class=\"details\">Friday, 1430-1830 in Icon B</p>\n<h4 class=\"speaker\">Arun Magesh<span class=\"speakerTitle\"> IoT Security Researcher, Payatu Software Labs, LLP</span></h4>\n\n<p class=\"abstract\">With the recent advancement in connected/smart device and availability of ready-made framework for both hardware and software development. Companies want to rapidly get into smart device market. it is necessary to look at the security feature of these smart device as our digital lives are connected with these devices.<br><br>Bluetooth has been around for almost a decade and with the need of low power wireless network and interoperability. Bluetooth has been used in vast majority of the device because of its low power footprint and interoperability as most of our smartphones have Bluetooth<br><br>In this workshop, we will be learning on how to fuzz the Bluetooth LE functionality of smart devices and exploit it. In the process, we will learn about how the Bluetooth low energy protocol works and various tools involved in reversing a smart band. We will also introduce a Bluetooth fuzzing framework called as Buzz and use it to crash or find other information in the smart band. <br><br>By the end of the class, we will also touch base on the hardware level exploits like accessing the serial port, debugging port and bypass Flash Read protection to extract the firmware from the smart band and demos on the same.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Knowledge of Linux OS, Basic knowledge of programming (C, python) would be a plus</p>\n<p class=\"abstract\"><strong>Materials:</strong> Laptop with at least 50 GB free space , 8+ GB minimum RAM (4+GB for the VM), External USB access (min. 2 USB ports)<br>\n Administrative privileges on the system<br>\n Virtualization software &amp; Latest VirtualBox (5.2.X) (including Virtualbox extension pack)<br>\n Linux host machines should have exfat-utils and exfat-fuse installed (ex: sudo apt-get install exfat-utils exfat-fuse).<br>\n Virtualization (Vx-t) option enabled in the BIOS settings for VirtualBox to work<br>\n Tools will be provided by the instructor and to be returned.<br>\n You can also buy the hardware yourself.<br>\n SmartBand: <a href=\"https://www.banggood.com/No_1-F4-Blood-Pressure-Heart-Rate-Monitor-Pedometer-IP68-Waterproof-Smart-Wristband-For-iOS-Android-p-1182728.html\">https://www.banggood.com/No_1-F4-Blood-Pressure-Heart-Rate-Monitor-Pedometer-IP68-Waterproof-Smart-Wristband-For-iOS-Android-p-1182728.html</a><br>\n Bluetooth Dongle: <a href=\"https://www.amazon.com/DayKit-Bluetooth-Adapter-Windows-Raspberry/dp/B01IM8YKPW/\">https://www.amazon.com/DayKit-Bluetooth-Adapter-Windows-Raspberry/dp/B01IM8YKPW/</a></p>\n<p class=\"abstract\"><strong>Max students:</strong> 30</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/buzzing-smart-devices-smart-band-hacking-icon-b-tickets-47193534131\">https://www.eventbrite.com/e/buzzing-smart-devices-smart-band-hacking-icon-b-tickets-47193534131</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Arun Magesh</strong><br> Arun Magesh works as IoT Security Researcher at Payatu Software labs and has worked on numerous smart devices pentest in the past couple of years. With an electrical engineering academic background, he serves as a core committee member for several IoT local chapters and hackerspaces in India, where he regularly delivers talks and hands-on workshops. He has 5+ years hands-on experience in both building and breaking IoT devices and has been previously awarded for India\'s Top 25 under 25 technologists and Intel Software Innovator. He has delivered training to numerous governmental and private organizations around the world. He is also a speaker and trainer at several conferences like nullcon18, zer0con18, RISC17, Intel Devfest and EFY17 and His main focus area in IoT is embedded device and SDR security. He has also built and contributed to a number of projects such as Brain-Computer interfacing and Augment Reality solutions.\n \n \n</article>\n\'',0,134509),('2_Friday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Buzzing Smart Devices: Smart Band Hacking\'','\'Arun Magesh\'','ws__magesh','\'\'',0,134510),('2_Friday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Buzzing Smart Devices: Smart Band Hacking\'','\'Arun Magesh\'','ws__magesh','\'\'',0,134511),('2_Friday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Buzzing Smart Devices: Smart Band Hacking\'','\'Arun Magesh\'','ws__magesh','\'\'',0,134512),('2_Friday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Buzzing Smart Devices: Smart Band Hacking\'','\'Arun Magesh\'','ws__magesh','\'\'',0,134513),('2_Friday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon C','\'Attacking Active Directory and Advanced Defense Methods in 2018\'','\'Adam Steed, James Albany\'','ws__steed','\'<article class=\"talk\" id=\"steed\">\n<h3 class=\"talkTitle\">Attacking Active Directory and Advanced Defense Methods in 2018</h3>\n	<p class=\"details\">Friday, 1000-1400 in Icon C</p>\n<h4 class=\"speaker\">Adam Steed<span class=\"speakerTitle\"> Security Consultant, Protiviti</span></h4>\n<h4 class=\"speaker\">James Albany<span class=\"speakerTitle\"> Senior Consultant, Protiviti</span></h4>\n\n<p class=\"abstract\">This hands-on workshop teaches you how to both attack and defend Active Directory. We will start by deploying an Active Directory environment using the typical security settings found in most medium to large organizations. Participants will then learn current common methods and tools used to exploit Active Directory against a lab environment. Participants will create a hardened Active Directory environment using advanced methods to secure domain controllers from attack and then try to compromise their hardened environments.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Some basic background in Active Directory</p>\n<p class=\"abstract\"><strong>Materials:</strong> Need a laptop running a hypervisor that would support the import and running of multiple prebuilt virtual images.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 66</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/attacking-active-directory-and-advanced-defense-methods-in-2018-icon-c-tickets-47194199120\">https://www.eventbrite.com/e/attacking-active-directory-and-advanced-defense-methods-in-2018-icon-c-tickets-47194199120</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Adam Steed</strong><br> Adam Steed prides himself in not just being an Information Security professional, but has been part of the culture that has defined Defcon for the last two decades. He has over 20 years of experience in working for Financial, Websites and Healthcare organizations. Currently Adam is a Associate Director at Protiviti as part of the Security and Privacy practice, leading Active Directory assessments and remediation work for Protiviti\'s clients. He has also spoken at Defcon, Bsides and other events across the United States.\n<p class=\"speakerBio\"><strong>James Albany</strong><br> James is a Senior Consultant in the Security and Privacy practice at Protiviti. He received a B.S. in Security and Risk Analysis with a specialization in Cyber Security from Penn State University. He currently provides information security services for a wide range of clients in various industries to identify and communicate business risks.\n \n</article>\n\'',0,134514),('2_Friday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Attacking Active Directory and Advanced Defense Methods in 2018\'','\'Adam Steed, James Albany\'','ws__steed','\'\'',0,134515),('2_Friday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Attacking Active Directory and Advanced Defense Methods in 2018\'','\'Adam Steed, James Albany\'','ws__steed','\'\'',0,134516),('2_Friday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Attacking Active Directory and Advanced Defense Methods in 2018\'','\'Adam Steed, James Albany\'','ws__steed','\'\'',0,134517),('2_Friday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon E','\'Penetration Testing Environments: Client &amp; Test Security\'','\'Wesley McGrew, Kendall Blaylock\'','ws__mcgrew','\'<article class=\"talk\" id=\"mcgrew\">\n<h3 class=\"talkTitle\">Penetration Testing Environments: Client &amp; Test Security</h3>\n	<p class=\"details\">Friday, 1430-1830 in Icon E</p>\n<h4 class=\"speaker\">Wesley McGrew<span class=\"speakerTitle\"> Director of Cyber Operations, HORNE Cyber Solutions</span></h4>\n<h4 class=\"speaker\">Kendall Blaylock<span class=\"speakerTitle\"> Director of Cyber Intelligence, HORNE Cyber</span></h4>\n\n<p class=\"abstract\">Penetration testers can have the tables turned on them by attackers, to the detriment of client and tester security. Vulnerabilities exist in widely-used penetration testing tools and procedures. Testing often takes place in hostile environments: across the public Internet, over wireless, and on client networks where attackers may already have a foothold. <br><br>In these environments, common penetration testing practices can be targeted by third-party attackers. This can compromise testing teams in the style of \"ihuntpineapples\", or worse: quietly and over a long period of time. The confidentiality, integrity, and availability of client networks is also put at risk by \"sloppy\" testing techniques.<br><br>In this workshop, we present a comprehensive set of recommendations that can be used to build secure penetration testing operations. This includes technical recommendations, policies, procedures, and guidance on how to communicate and work with client organizations about the risks and mitigations. The goal is to develop testing practices that:<br><br>- ...are more professionally sound<br>\n - ...protect client organizations<br>\n - ...protect penetration testers\' infrastructure, and<br>\n - ...avoid a negative impact on speed, agility, and creativity of testers<br><br>The recommendations are illustrated with entertaining and informative hands-on exercises. For the DEF CON 26 version of this class, the exercises have been updated to take place within Docker containers, and a portion of the class will involve introducing penetration testers to the use (and abuse) of containers. <br><br>Exercises include:<br>\n - Vulnerability analysis of a penetration testing device\'s firmware<br>\n - Quick and dirty code audits of high-risk testing tools<br>\n - Monitoring and hijacking post-exploitation command and control<br>\n - Layering security around otherwise insecure tools.<br><br>After this workshop, you will walk away with actionable recommendations for improving the maturity and security of your penetration testing operations, as well as an exposure to the technical aspects of protecting the confidentiality of sensitive client data. You will participate in hands-on exercises that illustrate the importance of analyzing your own tools for vulnerabilities, and learn how to think like an attacker that hunts attackers. You\'ll hear about the challenges that are inherent in performing penetration tests on sensitive client networks, and learn how to layer security around your practices to reduce the risks.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> To get the most out of this class, students should have the ability to read/follow code in many programming languages (C/C++, Python, PHP, etc.). \n Students should also be familiar with navigation and use of the Linux command line. Experience with penetration testing will be useful, but those new to penetration testing should not be discouraged. The entire point is to pick up good operational security habits.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Students who wish to participate in the hands-on exercises should bring a laptop with at least 8GB of RAM, and a working installation of Docker (to the point of being able to run \"docker run hello-world\"). The instructor will be teaching and demonstrating with Linux, and it is recommended as your host operating system, but a Docker installation on Windows should also be able to complete the exercises (16GB RAM recommended for Windows host operating systems). Materials will be provided on USB drives at the workshop.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/penetration-testing-environments-client-test-security-icon-e-tickets-47193713668\">https://www.eventbrite.com/e/penetration-testing-environments-client-test-security-icon-e-tickets-47193713668</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Wesley McGrew</strong><br> Wesley McGrew oversees and participates in penetration testing in his role as Director of Cyber Operations for HORNE Cyber Solutions. He has presented on topics of penetration testing, vulnerabilities, and malware analysis at DEF CON and Black Hat USA. He teaches a self-designed course on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. Wesley graduated from Mississippi State University\'s Department of Computer Science and Engineering and previously worked at the Distributed Analytics and Security Institute. He holds a Ph.D. in computer science for his research in vulnerability analysis of SCADA HMI systems.\n<p class=\"speakerBio\"><strong>Kendall Blaylock</strong><br> Kendall serves as Director of Cyber Intelligence for HORNE Cyber, where his specialty is digital forensics and incident response. Prior to his role at HORNE Cyber, Kendall co-founded the National Forensics Training Center where he served as lead instructor providing training to law enforcement and U.S. military veterans in a wide range of digital forensic skills.\n \n</article>\n\'',0,134518),('2_Friday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Penetration Testing Environments: Client &amp; Test Security\'','\'Wesley McGrew, Kendall Blaylock\'','ws__mcgrew','\'\'',0,134519),('2_Friday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Penetration Testing Environments: Client &amp; Test Security\'','\'Wesley McGrew, Kendall Blaylock\'','ws__mcgrew','\'\'',0,134520),('2_Friday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Penetration Testing Environments: Client &amp; Test Security\'','\'Wesley McGrew, Kendall Blaylock\'','ws__mcgrew','\'\'',0,134521),('2_Friday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Penetration Testing Environments: Client &amp; Test Security\'','\'Wesley McGrew, Kendall Blaylock\'','ws__mcgrew','\'\'',0,134522),('2_Friday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon C','\'Threat Hunting with ELK\'','\'Ben Hughes, Fred Mastrippolito, Jeff Magloire\'','ws__hughes','\'<article class=\"talk\" id=\"hughes\">\n<h3 class=\"talkTitle\">Threat Hunting with ELK</h3>\n	<p class=\"details\">Friday, 1430-1830 in Icon C</p>\n<h4 class=\"speaker\">Ben Hughes<span class=\"speakerTitle\"> </span></h4>\n<h4 class=\"speaker\">Fred Mastrippolito<span class=\"speakerTitle\"> </span></h4>\n<h4 class=\"speaker\">Jeff Magloire<span class=\"speakerTitle\"> </span></h4>\n\n<p class=\"abstract\">This hands-on training will walk attendees through leveraging the open source ELK (Elastic) stack to proactively identify malicious activity. The basic tools and techniques taught during this class can be used to investigate isolated security incidents or implemented at scale for continuous monitoring and hunting. Attendees will be provided with access to a preconfigured ELK cluster and extensive sample logs containing diverse malicious events waiting to be discovered. The training will conclude with a friendly CTF to give attendees an opportunity to collaborate on teams and put their learning into practice in a simulated network environment.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Past blue team experience (SOC, NSM, threat hunting, IR, forensics, etc.) is helpful, but not required.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Students will need to bring their own Windows/Linux/macOS laptop with 8+ GB RAM, WiFi, and VirtualBox or VMware installed. A VM will be made available to attendees for download before class, as well as available on USB flash drives at the start of class. </p>\n<p class=\"abstract\"><strong>Max students:</strong> 66</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/threat-hunting-with-elk-icon-c-tickets-47193887187\">https://www.eventbrite.com/e/threat-hunting-with-elk-icon-c-tickets-47193887187</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Ben Hughes</strong><br> Ben (@CyberPraesidium) brings over 12 years of diverse experience in cyber security, IT, and law. He leads Polito\'s commercial services including vulnerability assessments, penetration testing, incident response, forensics, and threat hunting. Prior to joining Polito, Ben worked on APT hunt teams at federal and commercial clients, sharpening his skills in network security monitoring, IR, forensics, malware analysis, security configuration, and cyber threat intelligence. He holds CISSP, GCFA, GWAPT, and Splunk Power User certifications. Ben is also a member of the Maryland bar and volunteers at a pro bono legal clinic.\n<p class=\"speakerBio\"><strong>Fred Mastrippolito</strong><br> With over 15 years of experience in cybersecurity, Fred (@politoinc) was a founding member of an elite group of computer forensics and intrusion analysts for a major defense contractor. He has performed numerous web application assessments and penetration tests for financial services, federal government, and retail clients. He has managed SOCs, responded to incidents, and analyzed malware. Jeff is a highly skilled cleared professional with extensive knowledge working with information security and incident response cases in both the corporate and federal sector.\n<p class=\"speakerBio\"><strong>Jeff Magloire</strong><br> Jeff has 9 years of expertise in the field of Endpoint and Mobile based Intrusion Detection and Protection, Network security, e-Discovery, Mobile Application Security, and Information security. His experience includes providing Subject Matter Expertise in the area of forensics and cyber security for some of America\'s essential government entities such as the White House, FBI, DOJ, SEC to name a few. Jeffrey currently holds a Masters of Science in Digital Forensics from George Mason University along with a Bachelors in Business Information Technology from St Johns University. Jeffrey also has industry recognized certifications such as GIAC Certified Forensic Analyst, Encase Examiner and Encase E-Discovery, Xways, and Cellebrite Certifications.\n</article>\n\'',0,134523),('2_Friday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Threat Hunting with ELK\'','\'Ben Hughes, Fred Mastrippolito, Jeff Magloire\'','ws__hughes','\'\'',0,134524),('2_Friday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Threat Hunting with ELK\'','\'Ben Hughes, Fred Mastrippolito, Jeff Magloire\'','ws__hughes','\'\'',0,134525),('2_Friday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Threat Hunting with ELK\'','\'Ben Hughes, Fred Mastrippolito, Jeff Magloire\'','ws__hughes','\'\'',0,134526),('2_Friday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Threat Hunting with ELK\'','\'Ben Hughes, Fred Mastrippolito, Jeff Magloire\'','ws__hughes','\'\'',0,134527),('2_Friday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon E','\'Attacking &amp; Auditing Docker Containers Using Open Source\'','\'Madhu Akula\'','ws__akula','\'<article class=\"talk\" id=\"akula\">\n<h3 class=\"talkTitle\">Attacking &amp; Auditing Docker Containers Using Open Source</h3>\n	<p class=\"details\">Friday, 1000-1400 in Icon E</p>\n<h4 class=\"speaker\">Madhu Akula<span class=\"speakerTitle\"> Security &amp; DevOps Researcher, Appsecco</span></h4>\n\n<p class=\"abstract\">Developers and Operations teams (DevOps) have moved towards containers and modern technologies. Attackers are catching up with these technologies and finding security flaws in them. In this workshop, we will look at how we can test for security issues and vulnerabilities in Dockerised environments . Throughout the workshop we will learn how we can find security misconfigurations, insecure defaults and container escape techniques to gain access to host operating system (or) clusters. In the workshop, we will look at real world scenarios where attackers compromised containers to gain the access to applications, data and other assets.<br><br>By the end of workshop participants will be able to:<br><br>\n- Understand Docker security architecture<br>\n- Audit containerised environments<br>\n- Perform container escapes to get access to host environments<br><br>\nThe participants will get the following:<br><br>\n- A Gitbook(pdf, epub, mobi) with complete workshop content<br>\n- Virtual machines to learn &amp; practice<br>\n- Other references to learn more about topics covered in the workshop</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Basic familiarity with Linux and Docker</p>\n<p class=\"abstract\"><strong>Materials:</strong> A laptop with administrator privileges<br>10 GB of free Hard Disk Space<br>Ideally 8 GB of RAM but minimum 4 GB<br>Laptop should support hardware-based virtualization<br>If your laptop can run a 64-bit virtual machine in Oracle VirtualBox it should work<br>Other virtualisation software might work but we will not be able to provide support for that.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/attacking-auditing-docker-containers-using-open-source-icon-e-tickets-47194085781\">https://www.eventbrite.com/e/attacking-auditing-docker-containers-using-open-source-icon-e-tickets-47194085781</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Madhu Akula</strong><br> Madhu is a security ninja and published author, security and devops researcher with extensive experience in the industry ranging from client facing assignments building scalable and secure infrastructure, to publishing industry leading research to running training sessions for companies and governments alike.<br><br>Madhu\'s research papers are frequently selected for major security industry conferences including Defcon 24, Blackhat USA 2018, All Day DevOps (2016, 2017), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n, Serverless Summit, ToorCon, DefCamp, SkydogCon, NolaCon and null, etc. Madhu was a keynote speaker for the National Cyber Security conference at Dayananda Sagar College in Feb 2016.<br><br>When he\'s not working with Appsecco\'s clients or speaking at events he\'s actively involved in researching vulnerabilities in open source products/platforms such as WordPress, Ntop, Opendocman etc. and is also a contributing bug hunter with Code Vigilant (a project to Secure Open Source Software). His research has identified many vulnerabilities in over 200 organisations including US Department of Homeland Security, Google, Microsoft, Yahoo, Adobe, LinkedIn, Ebay, At&t, Blackberry, Cisco, Barracuda etc. He is also an active member with Bugcrowd, Hackerone, Synack etc.<br><br>Madhu has trained over 5000 people in information security for companies and organisations including the Indian Navy and the Ministry of e-services in a leading Gulf state. He is co-author of Security Automation with Ansible2 book published by Packt Publishing in December 2017, which is listed as a resource by the RedHat Ansible itself.\n \n \n</article>\n\'',0,134528),('2_Friday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Attacking &amp; Auditing Docker Containers Using Open Source\'','\'Madhu Akula\'','ws__akula','\'\'',0,134529),('2_Friday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Attacking &amp; Auditing Docker Containers Using Open Source\'','\'Madhu Akula\'','ws__akula','\'\'',0,134530),('2_Friday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Attacking &amp; Auditing Docker Containers Using Open Source\'','\'Madhu Akula\'','ws__akula','\'\'',0,134531),('2_Friday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon F','\'Deploying, Attacking, and Securing Software Defined Networks\'','\'Jon Medina\'','ws__medina','\'<article class=\"talk\" id=\"medina\">\n<h3 class=\"talkTitle\">Deploying, Attacking, and Securing Software Defined Networks</h3>\n	<p class=\"details\">Friday, 1430-1830 in Icon F</p>\n<h4 class=\"speaker\">Jon Medina<span class=\"speakerTitle\"> Security Architect, Protiviti</span><br>\n					Megha Kalsi <span class=\"speakerTitle\"> Security Manager, Protiviti</span></h4>\n	\n<p class=\"abstract\">Let\'s get our hands dirty in Software Defined Networking! Whether you\'re a network engineer or just a netsec enthusiast, this workshop will provide you with tools and guidance to set up, attack, and secure a software defined network from scratch using open-source tools and cloud-based switching software. Each attendee will be given access to a lab environment where they can deploy, test, configure, break, and secure a software defined network. All scripts and deployment instructions will be provided at the end, so you can continue your testing and research back home, or use it to make friends and win bets at the pub.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Basic networking, knowledge of the OSI model, and basic *nix shell familiarity.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Laptop with internet access, web browser with HTML5 capability</p>\n<p class=\"abstract\"><strong>Max students:</strong> 84</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/deploying-attacking-and-securing-software-defined-networks-icon-f-tickets-47193792905\">https://www.eventbrite.com/e/deploying-attacking-and-securing-software-defined-networks-icon-f-tickets-47193792905</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Jon Medina</strong><br> Jon is a security nerd who has worked in networking and security capacities for everything from the Department of Defense, to the Fortune 500, to state and local government. He currently works for Protiviti providing security consulting for a wide variety of clients and industries. His interests outside of security include traveling, hockey, strange beers, and his bulldog. He\'s spoken at Shmoocon, BSides, and many other security events and conferences.</p>\n <p class=\"speakerBio\"><strong>Megha Kelsi</strong><br> Megha is an Orlando-based security geek who’s worked in consulting across a wide variety of industries and solutions. She works extensively in security architecture, network security, vulnerability assessments, social engineering (Ferris Bueller style), incident response, and security operations. She enjoys spending time with her family, dancing, boxing / kickboxing (beating the crap out of punching bags is a hobby right?), and keeping up with the latest security news.</p>\n \n</article>\n\'',0,134532),('2_Friday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'Deploying, Attacking, and Securing Software Defined Networks\'','\'Jon Medina\'','ws__medina','\'\'',0,134533),('2_Friday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'Deploying, Attacking, and Securing Software Defined Networks\'','\'Jon Medina\'','ws__medina','\'\'',0,134534),('2_Friday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'Deploying, Attacking, and Securing Software Defined Networks\'','\'Jon Medina\'','ws__medina','\'\'',0,134535),('2_Friday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'Deploying, Attacking, and Securing Software Defined Networks\'','\'Jon Medina\'','ws__medina','\'\'',0,134536),('3_Saturday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon A','\'Joe Grand\'s Hardware Hacking Basics\'','\'Joe Grand\'','ws__grand1','\'<article class=\"talk\" id=\"grand1\">\n<h3 class=\"talkTitle\">Joe Grand\'s Hardware Hacking Basics</h3>\n	<p class=\"details\">Saturday, 1000-1400 in Icon A</p>\n<h4 class=\"speaker\">Joe Grand<span class=\"speakerTitle\"> Grand Idea Studio</span></h4>\n\n<p class=\"abstract\">Interested in hardware hacking, but don\'t know where to start? This workshop covers the basic skills you\'ll need for hacking modern embedded systems, including soldering/desoldering, circuit board modification, signal monitoring/analysis, and memory extraction. It is a subset of Joe Grand\'s Hands-on Hardware Hacking training class that he has been teaching since 2005.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> None. No prior electronics experience necessary.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Attendees must bring their own laptop (Windows, macOS, or Linux) with the following software pre-installed:<br><br>- Saleae Logic, https://www.saleae.com/downloads<br>\n - FTDI Virtual COM Port (VCP) drivers, http://www.ftdichip.com/Drivers/VCP.htm<br>\n - PuTTY (or other suitable terminal program), https://www.chiark.greenend.org.uk/~sgtatham/putty/<br>\n - libmpsse, https://github.com/l29ah/libmpsse<br><br>All other hardware and tools will be provided.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 24</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/joe-grands-hardware-hacking-basics-icon-a-tickets-47194166021\">https://www.eventbrite.com/e/joe-grands-hardware-hacking-basics-icon-a-tickets-47194166021</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Joe Grand</strong><br> Joe Grand (@joegrand), also known as Kingpin, is a computer engineer, hardware hacker, former DEFCON badge designer, teacher, advisor, runner, daddy, honorary doctor, TV host, member of legendary hacker group L0pht Heavy Industries, and the proprietor of Grand Idea Studio (grandideastudio.com). He has been creating, exploring, and manipulating electronic systems since the 1980s.\n \n \n</article>\n\'',0,134537),('3_Saturday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Joe Grand\'s Hardware Hacking Basics\'','\'Joe Grand\'','ws__grand1','\'\'',0,134538),('3_Saturday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Joe Grand\'s Hardware Hacking Basics\'','\'Joe Grand\'','ws__grand1','\'\'',0,134539),('3_Saturday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Joe Grand\'s Hardware Hacking Basics\'','\'Joe Grand\'','ws__grand1','\'\'',0,134540),('3_Saturday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon A','\'Build Your Own OpticSpy Receiver Module\'','\'Joe Grand\'','ws__grand2','\'<article class=\"talk\" id=\"grand2\">\n<h3 class=\"talkTitle\">Build Your Own OpticSpy Receiver Module</h3>\n	<p class=\"details\">Saturday, 1430-1830 in Icon A</p>\n<h4 class=\"speaker\">Joe Grand<span class=\"speakerTitle\"> Grand Idea Studio</span></h4>\n\n<p class=\"abstract\">OpticSpy is an open source hardware module for experimenting with optical data transmissions. It captures, amplifies, and converts an optical signal from a visible or infrared light source into a digital form that can be analyzed or decoded with a computer. With OpticSpy, electronics hobbyists and hardware hackers can search for covert channels, which intentionally exfiltrate data in a way undetectable to the human eye, add data transfer functionality to a project, or explore signals from remote controls and other systems that send information through light waves. <br><br>In this workshop, creator Joe Grand will present a brief history of the project and then guide you through the process of building, calibrating, and testing your own kit version of OpticSpy.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> None. No prior soldering experience necessary.</p>\n<p class=\"abstract\"><strong>Materials:</strong> None</p>\n<p class=\"abstract\"><strong>Max students:</strong> 12</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/build-your-own-opticspy-receiver-module-icon-a-tickets-47193834028\">https://www.eventbrite.com/e/build-your-own-opticspy-receiver-module-icon-a-tickets-47193834028</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Joe Grand</strong><br> Joe Grand (@joegrand), also known as Kingpin, is a computer engineer, hardware hacker, former DEFCON badge designer, teacher, advisor, runner, daddy, honorary doctor, TV host, member of legendary hacker group L0pht Heavy Industries, and the proprietor of Grand Idea Studio (grandideastudio.com). He has been creating, exploring, and manipulating electronic systems since the 1980s.\n \n \n</article>\n\'',0,134541),('3_Saturday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Build Your Own OpticSpy Receiver Module\'','\'Joe Grand\'','ws__grand2','\'\'',0,134542),('3_Saturday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Build Your Own OpticSpy Receiver Module\'','\'Joe Grand\'','ws__grand2','\'\'',0,134543),('3_Saturday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Build Your Own OpticSpy Receiver Module\'','\'Joe Grand\'','ws__grand2','\'\'',0,134544),('3_Saturday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Build Your Own OpticSpy Receiver Module\'','\'Joe Grand\'','ws__grand2','\'\'',0,134545),('3_Saturday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon E','\'Attack &amp; Defense in AWS Environments\'','\'Vaibhav Gupta, Sandeep Singh\'','ws__gupta','\'<article class=\"talk\" id=\"gupta\">\n<h3 class=\"talkTitle\">Attack &amp; Defense in AWS Environments</h3>\n	<p class=\"details\">Saturday, 1000-1400 in Icon E</p>\n<h4 class=\"speaker\">Vaibhav Gupta<span class=\"speakerTitle\"> Security Researcher, Adobe Systems</span></h4>\n<h4 class=\"speaker\">Sandeep Singh<span class=\"speakerTitle\"> Security Managing Consultant, NotSoSecure</span></h4>\n\n<p class=\"abstract\">AWS is the most widely used cloud environments today and almost every security professional have to encounter this environment whether you are attacking an organization or defending it. In this fast-paced workshop we will teach participants with some neat tools, techniques and procedures to attack the most widely used AWS services as well as to defend them.<br><br>- Recon / Information Gathering on AWS Services<br>\n  - Attacking S3 buckets<br>\n  - Exploiting web application flaws to compromise AWS services (IAM/KMS)<br>\n  - Attacking Serverless applications<br>\n  - Disrupting AWS Logging<br>\n  - Attacking Misconfigured Cloud SDN<br><br>\n	\nTakeaways:\n Students will be able to understand and appreciate the delta in attack surface which gets added due to moving to cloud. And subsequently design architecture and develop applications to defend them.\n	\n	<br><br>What will participants be provided?<br>\n  - PDF copy of slide deck<br>\n  - Lab VM<br>\n  - Workshop lab manual<br>\n  - Bonus labs<br><br>\n	\n	Target Audience:<br>\n  - Cloud Security Engineers<br>\n  - DevOps engineers<br>\n  - Security Analyst<br>\n  - Penetration Testers<br>\n  - Anyone else who is interested in Cloud Security<br>\n  - If you are an Expert or Advanced user, you may join us as co-trainers! :-)</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> - Need to have AWS account (Free-tier)\n  - Basic understanding of AWS</p>\n<p class=\"abstract\"><strong>Materials:</strong> - Machine with at least 8 GB RAM and 20 GB free HD space\n  - VirtualBox [VMs will be provided]</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/attack-defense-in-aws-environments-icon-e-tickets-47194715665\">https://www.eventbrite.com/e/attack-defense-in-aws-environments-icon-e-tickets-47194715665</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Vaibhav Gupta</strong><br> Vaibhav is working as a Security Researcher with Adobe Systems. His expertise lies in infusing design and architecture level security in applications hosted in-house and on cloud environments. With ~9 years of diverse InfoSec exposure, he has strong experience in attacking and defending applications including the ones hosted on the cloud. He is co-leading the OWASP and Null community in Delhi region and has delivered multiple sessions at the local and global stage. Vaibhav is also co-organizer for BSides Delhi.\n<p class=\"speakerBio\"><strong>Sandeep Singh</strong><br> Sandeep is a Security Managing Consultant with NotSoSecure. He has over 5 years of experience in delivering high end security consulting services to clients across the globe. Sandeep has also worked in Detection and Response teams in the past. He is the co-lead of OWASP Delhi chapter and Community Manager of null community and actively contributes to the local security community. He has conducted and delivered many talks and workshops for the local community in the past. Sandeep is also one of the organizers of BSides Delhi.\n \n</article>\n\'',0,134546),('3_Saturday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Attack &amp; Defense in AWS Environments\'','\'Vaibhav Gupta, Sandeep Singh\'','ws__gupta','\'\'',0,134547),('3_Saturday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Attack &amp; Defense in AWS Environments\'','\'Vaibhav Gupta, Sandeep Singh\'','ws__gupta','\'\'',0,134548),('3_Saturday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Attack &amp; Defense in AWS Environments\'','\'Vaibhav Gupta, Sandeep Singh\'','ws__gupta','\'\'',0,134549),('3_Saturday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon F','\'Securing Big Data in Hadoop\'','\'Miguel Guirao\'','ws__guirao','\'<article class=\"talk\" id=\"guirao\">\n<h3 class=\"talkTitle\">Securing Big Data in Hadoop</h3>\n	<p class=\"details\">Saturday, 1430-1830 in Icon F</p>\n<h4 class=\"speaker\">Miguel Guirao<span class=\"speakerTitle\"> </span></h4>\n\n<p class=\"abstract\">Big Data have been for quiet a good time the driving force for innovation in many markets around. Data is the current asset that companies from around the world look for to crunch and extract information and knowledge, get new insights in order to create new services and products to deliver to their customers and finally improve their profits.<br><br>Because of that, it is imperative to protect such an important asset. In this workshop we will look at Haddoop from the point of view of security. We will learn what the Hadoop ecosystem has to offer us to protect our data, starting with Kerberos, perimeter security with Apache Knox, Configuring authorization with Apache Ranger and enabling encryption of the HDFS (Hadoop File System).<br><br>1) Kerberos is used in Hadoop to provide an authentication system for users and other system interacting with the Hadoop cluster and it\'s services. Strongly authenticating and establishing a user\'s identity is the basis for secure access in Hadoop. Users need to be able to reliably \"identify\" themselves and then have that identity propagated throughout the Hadoop cluster. Hadoop uses Kerberos as the basis for strong authentication and identity propagation for both user and services. More info: https://web.mit.edu/kerberos/<br><br>2) The Apache Knox Gateway (Knox) is a system to extend the reach of Apache Hadoop services to users outside of a Hadoop cluster without reducing Hadoop Security. Knox also simplifies Hadoop security for users who access the cluster data and execute jobs. The Knox Gateway is designed as a reverse proxy. The Apache Knox Gateway is an Application Gateway for interacting with the REST APIs and UIs of Apache Hadoop deployments. The Knox Gateway provides a single access point for all REST and HTTP interactions with Apache Hadoop clusters. More info: https://knox.apache.org/<br><br>3) Apache Ranger is a framework to enable, monitor and manage comprehensive data security across the Hadoop platform. The vision with Ranger is to provide comprehensive security across the Apache Hadoop ecosystem</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> In order to get out the most of this workshop, the student needs to be comfortable working in the command line, moving around the filesystem, editing files with vi or nano, visualizing and understanding processes and the top or htop command outputs. If you have been using the UNIX or UNIX-like command line for a time, you should be good and al set.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Since this is NOT a class of how to setup a Hadoop cluster, but instead on how to secure a Hadoop cluster, it is a must that students taking this workshop come with the Hortonworks Data Platform (HDP) Docker image (<a href=\"https://hortonworks.com/products/sandbox/\">https://hortonworks.com/products/sandbox/</a>) already installed! The Docker image image is very big and it will take you a considerable time to download it during the workshop. Warning!! DO NOT download Hortonworks Data Flow (HDF), it is NOT THE SAME!<br><br>\n Please read the Intall Guide for the the type of the HDP and OS you will be using!<br><br>\n The workshop is prepared using Ubuntu Linux 18.04 and Docker!</p>\n<p class=\"abstract\"><strong>Max students:</strong> 84</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/securing-big-data-in-hadoop-icon-f-tickets-47194514062\">https://www.eventbrite.com/e/securing-big-data-in-hadoop-icon-f-tickets-47194514062</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Miguel Guirao</strong><br> Miguel Guirao (aka Chicolinux), as been in the information security industry for around twelve years, he is a freelance consultant at Futura - Open Solutions, where he also has been training professionals about Linux Management, Information Security and Programming. He has been also a professor since 2009 for the Anahuac Mayab University where he teaches at the School of CS Engineering and at the School of Multimedia Design. He teaches Information Security in the Master of Information Technology Management. He is also VicePresident of Security &amp; Internet for the National Chamber of the Electronics, Telecommunications and Information Technology in Mexico, where he helps to create awareness and infosec training in IT companies.<br><br>He is a Community Mentor for SANS Institute. He holds a GIAC GCIH Certification from the SANS Institute. Thechnical Reviewer for SANS Securing The Human Project, eForensics Magazine.<br><br>Since 2017 he got an interest in Big Data and DevOps, specially from the security perspective, and he currently runs the lab that test and research ways to to protect big data and devops systems, where he and his students have fun protecting and hacking this systems.<br><br>This is his second workshop at DEFCON!\n \n \n</article>\n\'',0,134550),('3_Saturday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'Securing Big Data in Hadoop\'','\'Miguel Guirao\'','ws__guirao','\'\'',0,134551),('3_Saturday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'Securing Big Data in Hadoop\'','\'Miguel Guirao\'','ws__guirao','\'\'',0,134552),('3_Saturday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'Securing Big Data in Hadoop\'','\'Miguel Guirao\'','ws__guirao','\'\'',0,134553),('3_Saturday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'Securing Big Data in Hadoop\'','\'Miguel Guirao\'','ws__guirao','\'\'',0,134554),('2_Friday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon A','\'Bypassing Windows Driver Signature Enforcement\'','\'Csaba Fitzl\'','ws__fitzl','\'<article class=\"talk\" id=\"fitzl\">\n<h3 class=\"talkTitle\">Bypassing Windows Driver Signature Enforcement</h3>\n	<p class=\"details\">Friday, 1000-1400 in Icon A</p>\n<h4 class=\"speaker\">Csaba Fitzl<span class=\"speakerTitle\"> </span></h4>\n\n<p class=\"abstract\">Microsoft does a great effort to harden the Windows kernel and limit attackers to load their custom drivers (kernel rootkits) with the introduction of Driver Signature Enforcement in Win7x64. In this 4 hour workshop we will learn the limitation of this enforcement and practice how we can bypass it. We will explore 4 different methods (from very easy to difficult) on various versions of Windows, including Windows 10. We will see how and why they work, and which malware used them in the past.\nFirst we will see how we can use leaked certificates to overcome DSE as well as how we can turn it OFF by design, and what are its limitations. Then we will use WinDBG to look into the kernel and find the various flags used to control DSE and use the HackSysExtremeVulnerableDriver to do kernel exploitation for setting those to the value we require. We will use a simple dummy driver to demonstrate unsigned driver loading.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Some experience with WinDBG, assembly or kernel exploitation can be helpful, but not required. Basic Python scripting knowledge will be needed.</p>\n<p class=\"abstract\"><strong>Materials:</strong> For the full experience students will require 2 Windows virtual machines (Windows 7 and Windows 10) (optionally Windows 8) with WinDBG, Python installed on all of them, and one of them will require Visual Studio with Driver development tools. Guide for setting up VMs will be provided prior the workshop.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 24</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/bypassing-windows-driver-signature-enforcement-icon-a-tickets-47194788884\">https://www.eventbrite.com/e/bypassing-windows-driver-signature-enforcement-icon-a-tickets-47194788884</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Csaba Fitzl</strong><br> Csaba graduated in 2006 as a computer engineer. He worked for 6 years\n as a network engineer, troubleshooting and designing big Cisco\n networks. After that he started to work as a blue teamer, focusing on\n network forensics, malware analysis and kernel exploitation. Recently\n he joined a red team, where he spends most of his time simulating\n adversary techniques. He gave talks / workshops on various\n international IT security conferences, including Hacktivity, hack.lu,\n hek.si, SecurityFest and BSidesBUD. He currently holds OSWP / OSCP /\n OSCE / OSEE certifications. He is the author of the \'kex\' kernel\n exploitation Python toolkit.\n \n \n</article>\n\'',0,134555),('2_Friday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Bypassing Windows Driver Signature Enforcement\'','\'Csaba Fitzl\'','ws__fitzl','\'\'',0,134556),('2_Friday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Bypassing Windows Driver Signature Enforcement\'','\'Csaba Fitzl\'','ws__fitzl','\'\'',0,134557),('2_Friday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Bypassing Windows Driver Signature Enforcement\'','\'Csaba Fitzl\'','ws__fitzl','\'\'',0,134558),('3_Saturday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon E','\'Analyzing Malscripts: Return of the Exploits!\'','\'Sergei Frankoff, Sean Wilson\'','ws__frankoff','\'<article class=\"talk\" id=\"frankoff\">\n<h3 class=\"talkTitle\">Analyzing Malscripts: Return of the Exploits!</h3>\n	<p class=\"details\">Saturday, 1430-1830 in Icon E</p>\n<h4 class=\"speaker\">Sergei Frankoff<span class=\"speakerTitle\"> Co-Founder, Open Analysis</span></h4>\n<h4 class=\"speaker\">Sean Wilson<span class=\"speakerTitle\"> Co-Founder, Open Analysis</span></h4>\n\n<p class=\"abstract\">In recent years malscripts and file based exploits have become a main delivery method for malware. Malscripts are often heavily obfuscated and they can take many different forms including WScript, Javascript, macros, and PowerShell. There has also been been a rise in document based exploits used to deliver and execute these malscripts. As a result incident responders and malware analysts need to be comfortable analyzing different document formats, identifying potential exploits, and analyze malscripts.<br><br>In this workshop you will work through the triage of a live malware delivery chain that includes a malicious document, malicious scripts, and a final malware payload. During this process you will be exposed to different document based exploits, and you will practice the skills required to manually analyze malscripts. This workshop focuses on the fundamental analysis techniques used when identifying, deobfuscating, and analyzing maldocs and malscripts. However, we will also provide an introduction to automation tools and techniques that can be used to speed up the analysis process. <br><br>This workshop is aimed at junior incident responders, hobby malware analysts, and general security or IT practitioners who are interested in learning more about the malware triage process. If you have no experience with malware analysis but you have a good understanding of scripting languages like VBScript, and Javascript, and you are familiar with windows internals you should have no problem completing the workshop. You will be provided with a VirtualMachine to use during the workshop, please make sure to bring a laptop that meets the following requirements. Your laptop must have VirtualBox installed and working (VMWare is not supported). Your laptop must have at least 60GB of disk space free, preferably 100GB. Your laptop must be able to mount USB storage devices. Make sure you have the appropriate dongle if you need one.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> None</p>\n<p class=\"abstract\"><strong>Materials:</strong> Students will be provided with a VirtualMachine to use during the workshop. They will need to bring a laptop that meets the following requirements: <br><br>\n - The laptop must have VirtualBox installed and working (VMWare is not supported).<br>\n - The laptop must have at least 60GB of disk space free, preferably 100GB.<br>\n - The laptop must be able to mount USB storage devices (ensure you have the appropriate dongle if you need one).</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/analyzing-malscripts-return-of-the-exploits-icon-e-tickets-47194482969\">https://www.eventbrite.com/e/analyzing-malscripts-return-of-the-exploits-icon-e-tickets-47194482969</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Sergei Frankoff</strong><br>\n	Sergei is a co-founder of Open Analysis, and volunteers as a malware researcher. When he is not reverse engineering malware Sergei is focused on building automation tools for malware analysis. Sergei is a strong believer in taking an open, community approach to combating cyber crime. He actively contributes to open source tools and tries to publish as much analysis as possible. With over a decade of experience Sergei has held roles both as the manager of an incident response team, and as a malware researcher.<br><br>YouTube: https://www.youtube.com/oalabs </p>\n<p class=\"speakerBio\"><strong>Sean Wilson</strong><br>\n Sean is a co-founder of Open Analysis, and volunteers as a malware researcher. He splits his time between reverse engineering malware and building automation tools for incident response. He is an active contributor to open source security tools focused on incident response and analysis. Sean brings over a decade of experience working in a number of incident response and application security roles with a focus on security testing and threat modeling. In his free time Sean loves fly fishing.<br><br>YouTube: https://www.youtube.com/oalabs </p>\n \n</article>\n\'',0,134559),('3_Saturday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Analyzing Malscripts: Return of the Exploits!\'','\'Sergei Frankoff, Sean Wilson\'','ws__frankoff','\'\'',0,134560),('3_Saturday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Analyzing Malscripts: Return of the Exploits!\'','\'Sergei Frankoff, Sean Wilson\'','ws__frankoff','\'\'',0,134561),('3_Saturday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Analyzing Malscripts: Return of the Exploits!\'','\'Sergei Frankoff, Sean Wilson\'','ws__frankoff','\'\'',0,134562),('3_Saturday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Analyzing Malscripts: Return of the Exploits!\'','\'Sergei Frankoff, Sean Wilson\'','ws__frankoff','\'\'',0,134563),('3_Saturday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon C','\'Advanced Custom Network Protocol Fuzzing\'','\'Joshua Pereyda, Timothy Clemans\'','ws__pereyda','\'<article class=\"talk\" id=\"pereyda\">\n<h3 class=\"talkTitle\">Advanced Custom Network Protocol Fuzzing</h3>\n	<p class=\"details\">Saturday, 1000-1400 in Icon C</p>\n<h4 class=\"speaker\">Joshua Pereyda<span class=\"speakerTitle\"> Software Engineer</span></h4>\n<h4 class=\"speaker\">Timothy Clemans<span class=\"speakerTitle\"> Software Engineer</span></h4>\n\n<p class=\"abstract\">Get hands on experience writing custom network protocol fuzzers. This class will cover the basics of network protocol \"smart fuzzing.\" Exercises will utilize the open source network protocol fuzzing framework, boofuzz. Attendees will gain practice reverse engineering a network protocol, implementing and iterating on a custom fuzzer, and identifying vulnerabilities.<br><br>\nAfter:<br>\n1. You will know the basics of fuzzing.<br>\n2. You will know how to write custom network protocol fuzzers using state of the art open source tools.<br>\n3. You will have hands on experience with this widely-discussed but still largely mysterious test method.<br><br>\nBefore:<br>\n1.You should be comfortable doing some programming in Python.<br>\n 2. You should understand basic network protocol concepts.<br>\n 3. You should be familiar with WireShark and how to use it.<br><br>\nWhat you won\'t learn:<br>\n 1. Exploit development.<br>\n 2. Python programming. Because you can already do that (see above).</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong><br>\n- Some basic Python programming experience (some programming ability\n is REQUIRED).<br>\n  - Basic understanding of network protocols.<br>\n  - Basic familiarity with Wireshark.<br>\n  - Optional: Fuzzing experience.</p>\n<p class=\"abstract\"><strong>Materials:</strong><br>\n - Laptop with physical Ethernet port -- strongly recommended:\n configure for secure Wi-Fi access beforehand.<br>\n  - Python 2.7 and pip installed and updated.<br>\n  - Linux recommended but Windows OK.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 66</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/advanced-custom-network-protocol-fuzzing-icon-c-tickets-47194829004\">https://www.eventbrite.com/e/advanced-custom-network-protocol-fuzzing-icon-c-tickets-47194829004</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Joshua Pereyda</strong><br> Joshua is a software engineer specializing in information and network security. He has worked in the critical infrastructure and cloud computing industries with employers heavily invested in software and hardware security. Among his passions are hacking, teaching kids to program, listening to upper-crust orchestral performances with his wife, and figuring out how he can get paid to do it all... legally.\n\nJoshua is the maintainer of the boofuzz network protocol fuzzing framework. He has written fuzzers for fun, and profit (literally).\n<p class=\"speakerBio\"><strong>Timothy Clemans</strong><br> Tim is a software engineer working in information security. He has worked for a startup and data analytics companies. He currently works in critical infrastructure with a focus on security and fuzzing. He cringes at the thought of insecure systems and so he seeks to improve the security of anyone who will listen. He enjoys a good hike, ice cream, and long walks on the beach.\n \n</article>\n\'',0,134564),('3_Saturday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Advanced Custom Network Protocol Fuzzing\'','\'Joshua Pereyda, Timothy Clemans\'','ws__pereyda','\'\'',0,134565),('3_Saturday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Advanced Custom Network Protocol Fuzzing\'','\'Joshua Pereyda, Timothy Clemans\'','ws__pereyda','\'\'',0,134566),('3_Saturday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Advanced Custom Network Protocol Fuzzing\'','\'Joshua Pereyda, Timothy Clemans\'','ws__pereyda','\'\'',0,134567),('3_Saturday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon C','\'Building Environmentally Responsive Implants with Gscript\'','\'Dan Borges, Alex Levinson\'','ws__Borges','\'<article class=\"talk\" id=\"Borges\">\n<h3 class=\"talkTitle\">Building Environmentally Responsive Implants with Gscript</h3>\n	<p class=\"details\">Saturday, 1430-1830 in Icon C</p>\n\n<h4 class=\"speaker\">Dan Borges<span class=\"speakerTitle\"> </span></h4>\n<h4 class=\"speaker\">Alex Levinson<span class=\"speakerTitle\"> Senior Security Engineer, Uber</span></h4>\n\n<p class=\"abstract\">Attendees to this workshop will experience a step by step walk through in setting up a Gscript build environment (which will include the Golang programing language as a requirement, along with the required libraries). Subsequently, attendees will obtain a basic overview of the Gscript capabilities in using conditional logic to navigate within, and deploy persistence mechanisms upon, target hosts.<br><br>Upon completion, each attendee will depart with a laptop (whichever one they brought _)containing a full Gscript build &amp; testing environment, and at least 1 custom Gscript of their own design and purpose.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong><br>\n 1. A general understanding of what an implant is, and how to use one.<br>\n  2. Experience with Javascript<br>\n  3. Experience with Metasploit and or meterpreter is a plus<br>\n  4. Experience with the Golang programing language is also a plus</p>\n<p class=\"abstract\"><strong>Materials:</strong> A laptop with an ethernet port</p>\n<p class=\"abstract\"><strong>Max students:</strong> 66</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/building-environmentally-responsive-implants-with-gscript-icon-c-tickets-47194616368\">https://www.eventbrite.com/e/building-environmentally-responsive-implants-with-gscript-icon-c-tickets-47194616368</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Dan Borges</strong><br> Dan Borges is an information security professional with over 15 years in computer science. Dan participates in a number of cyber security competitions each year, from being on the National CCDC Red Team, to leading a Blue Team in Pros Versus Joes, and helping run the Collegiate Penetration Testing Competition (CPTC). He has been publishing a blog on infosec education for more than 10 years.\n<p class=\"speakerBio\"><strong>Alex Levinson</strong><br> Alex Levinson is a Senior Security Engineer at Uber with experience in red teaming, software engineering, and incident response. Outside of Uber, he is a core member of the red team for the National Collegiate Cyber Defense Competition (CCDC), as well as the Competition Director for the Collegiate Penetration Testing Competition (CPTC). Previously, Alex worked as a Senior Consultant and Development Manager at Lares Consulting.\n</article>\n\'',0,134568),('3_Saturday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Building Environmentally Responsive Implants with Gscript\'','\'Dan Borges, Alex Levinson\'','ws__Borges','\'\'',0,134569),('3_Saturday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Building Environmentally Responsive Implants with Gscript\'','\'Dan Borges, Alex Levinson\'','ws__Borges','\'\'',0,134570),('3_Saturday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Building Environmentally Responsive Implants with Gscript\'','\'Dan Borges, Alex Levinson\'','ws__Borges','\'\'',0,134571),('3_Saturday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Building Environmentally Responsive Implants with Gscript\'','\'Dan Borges, Alex Levinson\'','ws__Borges','\'\'',0,134572),('3_Saturday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon B','\'Fuzzing with AFL (American Fuzzy Lop)\'','\'Jakub Botwicz, Wojciech Rauner\'','ws__botwicz','\'<article class=\"talk\" id=\"botwicz\">\n<h3 class=\"talkTitle\">Fuzzing with AFL (American Fuzzy Lop)</h3>\n	<p class=\"details\">Saturday, 1000-1400 in Icon B</p>\n<h4 class=\"speaker\">Jakub Botwicz<span class=\"speakerTitle\"> Primary Security Engineer, Samsun Poland R&amp;D Center</span></h4>\n<h4 class=\"speaker\">Wojciech Rauner<span class=\"speakerTitle\"> Security Engineer, Samsung Research</span></h4>\n\n<p class=\"abstract\">This workshop will give participants information how to use afl (American fuzzy lop) to identify vulnerabilities in different applications and modules.\n  afl is a security-oriented fuzzer, that allows to efficiently and automatically test software components allowing to find interesting security issues.\n  It is one of leading tools and essential component in the toolbox of security researcher and hacker (penetration tester).\n  List of afl trophies (issues found using afl) can be read at: <a href=\"http://lcamtuf.coredump.cx/afl/\">http://lcamtuf.coredump.cx/afl/</a>\n  Participants will have possibility to learn how afl works and how to use it successfully based on real life cases - vulnerabilities found by trainers in different open source components.\n  During the training multiple cases and tips will be presented (see detailed outline for more complete list).</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> None</p>\n<p class=\"abstract\"><strong>Materials:</strong> To participate in the hands-on sections, attendees need to bring a laptop with minimum 2 GB RAM which can run a virtual machine or a Docker container.\n  Virtual machine and Docker container with all necessary tools will be provided before the workshop.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 30</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/fuzzing-with-afl-american-fuzzy-lop-icon-b-tickets-47194653479\">https://www.eventbrite.com/e/fuzzing-with-afl-american-fuzzy-lop-icon-b-tickets-47194653479</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Jakub Botwicz</strong><br> Jakub works as Primary Security Engineer in Samsung Poland R&amp;D Center leading a team of security researchers.\n  He has more than 15 years of experience in information security and previously worked e.g. in: one of world leading payment card service providers, Big4 consulting company and vendor of network encryption devices. Jakub holds PhD degree of Warsaw University of Technology and security community certificates including: GWAPT, CISSP, ECSA.\n  Currently he works providing security assessments (static and dynamic analysis) of different mobile and IoT components. afl helped him find numerous vulnerabilities, also in open source components.\n<p class=\"speakerBio\"><strong>Wojciech Rauner</strong><br> Wojciech has background as a full-stack developer, currently works as a Security Engineer for Samsung Research Poland. His current area of research is IoT and mobile devices. Likes to talk about cryptography and higher level languages. Loves to take things apart, build new things (because old ones got irreversibly broken in the process) and make stuff work (again). Plays in CTF Samsung R&amp;D PL team (crypto/net/programming).\n \n</article>\n\'',0,134573),('3_Saturday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\'Fuzzing with AFL (American Fuzzy Lop)\'','\'Jakub Botwicz, Wojciech Rauner\'','ws__botwicz','\'\'',0,134574),('3_Saturday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\'Fuzzing with AFL (American Fuzzy Lop)\'','\'Jakub Botwicz, Wojciech Rauner\'','ws__botwicz','\'\'',0,134575),('3_Saturday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\'Fuzzing with AFL (American Fuzzy Lop)\'','\'Jakub Botwicz, Wojciech Rauner\'','ws__botwicz','\'\'',0,134576),('3_Saturday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon D','\'Lateral Movement 101: 2018 Update\'','\'Walter Cuestas, Mauricio Velazco\'','ws__cuestas','\'<article class=\"talk\" id=\"cuestas\">\n<h3 class=\"talkTitle\">Lateral Movement 101: 2018 Update</h3>\n	<p class=\"details\">Saturday, 1430-1830 in Icon D</p>\n<h4 class=\"speaker\">Walter Cuestas<span class=\"speakerTitle\"> Team Lead, Open-Sec</span></h4>\n<h4 class=\"speaker\">Mauricio Velazco<span class=\"speakerTitle\"> Threat Management Team Lead</span></h4>\n\n<p class=\"abstract\">During a targeted penetration test or red team engagement, consultants will have clear engagement goals and targets such as a particular database or access to specific blueprints within the environment. \n During the engagement, obtaining shells on servers &amp; workstations as standalone devices will not provide access to the target data. The pentesters will need to move from one host to another in order perform reconnaissance and eventually, get to the target.\n This workshop aims to provide the necessary background knowledge to understand and execute lateral movement techniques on both MS Windows and Linux. More than just showing which tools and parameters to use like Youtube video would, this workshop will dive deep and describe with detail, the specific services of each OS and how they can be abused to achieve lateral movement. This knowledge will allow the students to learn the actual techniques and not just a bunch of tools.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Knowledge and experience with Microsoft Windows and Linux at network and admin level.</p>\n<p class=\"abstract\"><strong>Materials:</strong> To participate in the hands-on sections, attendees need to bring a laptop with 2 GB RAM that must be dedicated to a virtual machine running lastest version of Kali Linux (installed and updated before the workshop). Both VirtualBox and VMware player will be okay. </p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/lateral-movement-101-2018-update-icon-d-tickets-47194431816\">https://www.eventbrite.com/e/lateral-movement-101-2018-update-icon-d-tickets-47194431816</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Walter Cuestas</strong><br> Walter (@wcu35745) leads the team of pentesters at Open-Sec (Peruvian company dedicated solely to provide pentesting services) since 2006. His work is based on developing attack vectors and his main interest is in the development of scripts for pentesting.\nHe has participated as speaker in events such as LimaHack, Campus Party Quito, CSI Pereira, events of OWASP Latam and as trainer at Ekoparty.\nHe has also published articles in trade magazines such as Hakin9, PenTest Magazine and Hack-in-Sight.\nDuring 2016, he was part of the team of instructors approved by the US Northern Command (US Army) for training in cybersecurity (hacking techniques and breach of security controls).\nCurrently holds OSCP certification.\n<p class=\"speakerBio\"><strong>Mauricio Velazco</strong><br> Mauricio (@mvelazco) is a security geek and python scripter with more than 9 years of experience in computer security developing offensive evaluations and implementing solutions in Latin America and North America. He currently leads the Threat Management team at a financial services organization in New York performing tasks such as Penetration  Testing, Incident Response, Vulnerability Management, Application Security, Threat Intelligence, etc.\nHe holds certifications like OSCP and OSCE.\nMauricio has presented at conferences like Derbycon and BSides.\n \n</article>\n\'',0,134577),('3_Saturday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'Lateral Movement 101: 2018 Update\'','\'Walter Cuestas, Mauricio Velazco\'','ws__cuestas','\'\'',0,134578),('3_Saturday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'Lateral Movement 101: 2018 Update\'','\'Walter Cuestas, Mauricio Velazco\'','ws__cuestas','\'\'',0,134579),('3_Saturday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'Lateral Movement 101: 2018 Update\'','\'Walter Cuestas, Mauricio Velazco\'','ws__cuestas','\'\'',0,134580),('3_Saturday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'Lateral Movement 101: 2018 Update\'','\'Walter Cuestas, Mauricio Velazco\'','ws__cuestas','\'\'',0,134581),('3_Saturday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon B','\'Weapons Training for the Empire\'','\'Jeremy Johnson\'','ws__johnson','\'<article class=\"talk\" id=\"johnson\">\n<h3 class=\"talkTitle\">Weapons Training for the Empire</h3>\n	<p class=\"details\">Saturday, 1430-1830 in Icon B</p>\n<h4 class=\"speaker\">Jeremy Johnson<span class=\"speakerTitle\"> </span></h4>\n\n<p class=\"abstract\">Dive into the world of using the PowerShell Empire Remote Access Tool (RAT). The students will learn to use Empire. They will build command &amp; control, evade some defensive controls, and other red team tips and tricks. Additionally, students will gain insight on how to build more complex infrastructure for Red Team operations, automate common tasks, and extract engagement data for reporting.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Students should have exposure to the PowerShell Empire framework. We will be working with the latest version of this tool and its features. Students should have some understanding or experience with penetration testing, though it\'s not strictly necessary.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Laptop, Kali Linux VM and one or two Windows Virtual Machines. Lab configuration specifics for the course will be broadcast prior to the class.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 30</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/weapons-training-for-the-empire-icon-b-tickets-47194311456\">https://www.eventbrite.com/e/weapons-training-for-the-empire-icon-b-tickets-47194311456</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Jeremy Johnson</strong><br> bneg has been hacking in one way or another for the past twenty years. He worked in IT operations, development, databases, and network administration before finally escaping to his true calling in offensive security. He now finds immense joy breaking into hospitals, governments, utilities, and corporations. bneg is a contributor to the Empire project, and member of the BloodHound Slack group where he helps to answer questions and hunt bugs in Empire. When he\'s not making admins cry, he\'s running, climbing, skiing, or biking on some mountain somewhere year-round. He also volunteers with Mountain Rescue and has two kids. Clearly, he\'s figured out how to slow space-time.\n \n \n</article>\n\'',0,134582),('3_Saturday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Weapons Training for the Empire\'','\'Jeremy Johnson\'','ws__johnson','\'\'',0,134583),('3_Saturday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Weapons Training for the Empire\'','\'Jeremy Johnson\'','ws__johnson','\'\'',0,134584),('3_Saturday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Weapons Training for the Empire\'','\'Jeremy Johnson\'','ws__johnson','\'\'',0,134585),('3_Saturday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Weapons Training for the Empire\'','\'Jeremy Johnson\'','ws__johnson','\'\'',0,134586),('3_Saturday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon F','\'Decentralized Hacker Net\'','\'Eijah\'','ws__eijah','\'<article class=\"talk\" id=\"eijah\">\n<h3 class=\"talkTitle\">Decentralized Hacker Net</h3>\n	<p class=\"details\">Saturday, 1000-1400 in Icon F</p>\n<h4 class=\"speaker\">Eijah<span class=\"speakerTitle\"> Founder, Promether</span></h4>\n\n<p class=\"abstract\">As hackers, sometimes we need to send data without anybody knowing anything. We don\'t want anybody to know what we\'re sending, so we use encryption. That\'s the easy part. We also don\'t want anybody to know that we\'re sending any data. That\'s the hard part. The observation of our presence on the network could be enough to get us in trouble. And that\'s just not acceptable. We need to figure out a way to hide in plain sight.<br><br>Creating an environment where data can be sent securely and our presence on the network is hidden, is not an easy thing to do. We can\'t rely on centralized technologies, which means we need to build a decentralized network. The network should be adaptive and flexible enough to send any type of data to any number of users. But how do we inject anonymity into a network while still supporting the verification of identity between parties? Can we establish trust without having to trust?<br><br>This workshop takes you through the process of creating a decentralized network that allows you to circumvent detection by governments and corporations. You\'ll be able to securely communicate and share data while masking your online identity. You\'ll create an adaptive, node-based infrastructure where data is shared via Distributed Hash Tables (DHT) backed by real-time asymmetric Elliptic-curve cryptography (ECC). If you\'ve ever wanted to punch a hole through a great (or not-so-great) firewall, this workshop is for you.<br><br>Please note that this is a medium-level, technical workshop and requires that attendees have prior experience in at least one programming language, preferably C or C++. Bring your laptop, a USB flash drive, and your favorite C/C++ 11 compiler (>= gcc/g++ 4.9.2 or msvc 2015).</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Previous experience in at least one programming language is required. Previous experience with C/C++ and cryptography is helpful, but not required.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Laptop with Windows, Linux, or OSX. USB flash drive for saving their progress.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 84</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/decentralized-hacker-net-icon-f-tickets-47194682566\">https://www.eventbrite.com/e/decentralized-hacker-net-icon-f-tickets-47194682566</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Eijah</strong><br> Eijah is the founder of Promether and has 20+ years of software development and security experience. He is also the creator of Demonsaw, an encrypted communications platform that allows you to chat, message, and transfer files without fear of data collection or surveillance. Before that Eijah was a Lead Programmer at Rockstar Games where he created games like Grand Theft Auto V. He has been a faculty member at multiple colleges, has spoken about security and development at DEFCON and other security conferences, and holds a master\'s degree in Computer Science. Eijah is an active member of the hacking community and is an avid proponent of Internet freedom.\n \n \n</article>\n\'',0,134587),('3_Saturday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Decentralized Hacker Net\'','\'Eijah\'','ws__eijah','\'\'',0,134588),('3_Saturday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Decentralized Hacker Net\'','\'Eijah\'','ws__eijah','\'\'',0,134589),('3_Saturday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Decentralized Hacker Net\'','\'Eijah\'','ws__eijah','\'\'',0,134590),('2_Friday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon A','\'Hacking Thingz Powered By Machine Learning\'','\'Clarence Chio, Anto Joseph\'','ws__chio','\'<article class=\"talk\" id=\"chio\">\n<h3 class=\"talkTitle\">Hacking Thingz Powered By Machine Learning</h3>\n	<p class=\"details\">Friday, 1430-1830 in Icon A</p>\n<h4 class=\"speaker\">Clarence Chio<span class=\"speakerTitle\"> Security Researcher</span></h4>\n<h4 class=\"speaker\">Anto Joseph<span class=\"speakerTitle\"> Security Engineer, Tindr</span></h4>\n\n<p class=\"abstract\">\"HACKING THINGZ POWERED BY MACHINE LEARNING\" is a hands-on workshop that gives attendees a crash course in performing practical adversarial attacks on modern technology powered by machine learning. This will NOT be an intro to ML class - do that on your own time online before or after the class - deep ML knowledge is definitely *not* required. We will perform mischief on ML systems that most tech-savvy people interact with on a daily basis: face recognition, (smartphone authentication) speech recognition, (home assistants) and web application firewalls (need we say more?) ;) We won\'t just be explaining the theory and tomfoolery behind these attacks - we\'ll walk you through each step of each attack and show you how *absolutely anyone* can hack systems like these with just a little bit* of background in ML hacking.<br><br>* This is an intermediate technical class suitable for attendees with some ability to read and write basic Python code. To get the most out of this workshop, surface-level understanding of machine learning is good. (i.e. be able to give a one-line answer to the question \"What is machine learning?\")</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Basic familiarity with Linux\n Python scripting knowledge is a plus, but not essential</p>\n<p class=\"abstract\"><strong>Materials:</strong><br>\n No fee required<br>\n Latest version of virtualbox Installed<br>\n Administrative access on your laptop with external USB allowed<br>\n At least 20 GB free hard disk space<br>\n At least 4 GB RAM (the more the merrier)</p>\n<p class=\"abstract\"><strong>Max students:</strong> 24</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/hacking-thingz-powered-by-machine-learning-icon-a-tickets-47194541143\">https://www.eventbrite.com/e/hacking-thingz-powered-by-machine-learning-icon-a-tickets-47194541143</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Clarence Chio</strong><br> Clarence Chio has shared his research on ML and security at hacking events around the world. He has taught dozens of training classes and workshops to conference attendees and security teams at large tech companies. He wrote the new O\'Reilly Book \"Machine Learning &amp; Security: Protecting Systems with Data and Algorithms\", and organizes the AI Village at DEF CON. Clarence has a B.S. and M.S. in Computer Science from Stanford, specializing in data mining and artificial intelligence.\n<p class=\"speakerBio\"><strong>Anto Joseph</strong><br> Anto Joseph is a Security Engineer for Tinder. He is involved in developing and advocating security in Machine Learning Systems &amp; Application Security Research. Previously, he has worked at Intel, Citrix, and E&Y in multiple information security roles. He is very passionate about exploring new ideas in these areas and has been a presenter and trainer at various security conferences including BH USA, Defcon, BruCon, HackInParis, HITB Amsterdam, HackLu, Hacktivity, PHdays, X33fCon, NullCon, c0c0n and more. He is an active contributor to many open-source projects and some of his work is available at https://github.com/antojoseph.\n \n</article>\n\'',0,134591),('2_Friday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Hacking Thingz Powered By Machine Learning\'','\'Clarence Chio, Anto Joseph\'','ws__chio','\'\'',0,134592),('2_Friday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Hacking Thingz Powered By Machine Learning\'','\'Clarence Chio, Anto Joseph\'','ws__chio','\'\'',0,134593),('2_Friday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Hacking Thingz Powered By Machine Learning\'','\'Clarence Chio, Anto Joseph\'','ws__chio','\'\'',0,134594),('2_Friday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Hacking Thingz Powered By Machine Learning\'','\'Clarence Chio, Anto Joseph\'','ws__chio','\'\'',0,134595),('3_Saturday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon D','\'Adventures in Radio Scanning: Advanced Scanning Techniques with SDR\'','\'Richard Henderson, Bryan Passifiume\'','ws__henderson','\'<article class=\"talk\" id=\"henderson\">\n<h3 class=\"talkTitle\">Adventures in Radio Scanning: Advanced Scanning Techniques with SDR</h3>\n	<p class=\"details\">Saturday, 1000-1400 in Icon D</p>\n<h4 class=\"speaker\">Richard Henderson<span class=\"speakerTitle\"> </span></h4>\n<h4 class=\"speaker\">Bryan Passifiume<span class=\"speakerTitle\"> </span></h4>\n\n<p class=\"abstract\">Many cities around the world have implemented multi-million dollar \"trunked\" radio systems for their transit, municipal, public safety, police, fire and EMS radio networks. Large commercial organizations (like Caesar\'s) also use frequency sharing trunked radio systems due to the hundreds (if not thousands) of staff... all requiring radio access. This workshop will walk you through the basics of trunked radio systems, how they work, and how you can set up a listening post to decode these systems and listen in. This workshop will cover setting up and using the Trunk88 scanning software, and how to scan other conventional (non-trunked) radio systems such as MOTOTRBO, Tetra, EDACS, and other systems. Live interception and decoding of a trunked system and a DMR/TRBO system will be done by students. We will also quickly walk through scanning popular archaic pager systems like POCSAG. </p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> A basic understanding of SDR scanning would be incredibly helpful, but is not essential. We can walk students through it.</p>\n<p class=\"abstract\"><strong>Materials:</strong> In this case, we will require each student to bring a Windows laptop (not a Surface tablet please) and *at least* 2 USB DVB-T RTL2832U+R820T sticks in order to properly intercept and decode trunked radio systems. The more sticks students bring, the more voice channels they will be able to simultaneously monitor and record. A very limited number of additional sticks will be available to borrow. Please make sure you have them! </p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/adventures-in-radio-scanning-advanced-scanning-techniques-with-sdr-icon-d-tickets-47194754782\">https://www.eventbrite.com/e/adventures-in-radio-scanning-advanced-scanning-techniques-with-sdr-icon-d-tickets-47194754782</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n	<p class=\"speakerBio\"><strong>Richard Henderson</strong><br>Richard Henderson is a writer, researcher, and ham radio/electronics nerd who has worked in infosec and technology for well over a decade. Richard is currently co-authoring a book on cybersecurity for ICS/Scada systems.</p>\n<p class=\"speakerBio\"><strong>Bryan Passifiume</strong><br> Bryan Passifiume is a journalist, writer and photographer who writes for one of Toronto\'s largest newspapers. A National Newspaper Awards nominee, and a co-founder of the alt-amateur radio group Hamsexy, he\'s been involved in the monitoring and radio hacking scene for nearly twenty years.\n \n</article>\n\'',0,134596),('3_Saturday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'Adventures in Radio Scanning: Advanced Scanning Techniques with SDR\'','\'Richard Henderson, Bryan Passifiume\'','ws__henderson','\'\'',0,134597),('3_Saturday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'Adventures in Radio Scanning: Advanced Scanning Techniques with SDR\'','\'Richard Henderson, Bryan Passifiume\'','ws__henderson','\'\'',0,134598),('3_Saturday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'Adventures in Radio Scanning: Advanced Scanning Techniques with SDR\'','\'Richard Henderson, Bryan Passifiume\'','ws__henderson','\'\'',0,134599),('1_Thursday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon A','\'Guided Tour to IEEE 802.15.4 and BLE Exploitation\'','\'Arun Mane, Rushikesh D. Nandedkar\'','ws__mane','\'<article class=\"talk\" id=\"mane\">\n<h3 class=\"talkTitle\">Guided Tour to IEEE 802.15.4 and BLE Exploitation</h3>\n	<p class=\"details\">Thursday, 1000-1400 in Icon A</p>\n<h4 class=\"speaker\">Arun Mane<span class=\"speakerTitle\"> Principle Researcher, SecureLayer7</span></h4>\n<h4 class=\"speaker\">Rushikesh D. Nandedkar<span class=\"speakerTitle\"> Security Analyst</span></h4>\n\n<p class=\"abstract\">The workshop aims at delivering hands on experience to pentest 802.15.4 and BLE commercial devices. \n By design and purpose, IoT was meant to serve the whims of human, taking human laziness to next level.\n Hence in this due effort, there was least || no attention paid towards the state of security of IoT.\n However, this doesn\'t mean, the motives of users are deterred to use insecure IoT devices/setups.<br><br>Due to high demand for automation in M2M communication, the IoT concept took a position in the industrial sector for better and fast work ignoring security aspect. \n Absence of this aspect in the production is making all IoT communications and wireless communications vulnerable largely.<br><br>On the other hand, BLE devices have been used everywhere. They are being used in home automation, healthcare,\n SensorTags and Bluetooth Password Manager etc. As a matter of fact, these BLE devices are equally vulnerable as that of IEEE 802.15.4 based devices. The impact is huge as these technologies are used in industrial applications like water dams and other ICS systems.<br><br>\n Prebuilt VM with lab manuals will be provided to attendees.\n The workshop is structured for beginner to intermediate level attendees who do not have any experience in IoT wireless communication.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong><br>\n 1. Basic knowledge of web and mobile security<br>\n 2. Basic knowledge of Linux OS<br>\n 3. Basic knowledge of programming (C, python) would be a plus</p>\n<p class=\"abstract\"><strong>Materials:</strong><br>\n 1. Laptop with at least 50 GB free space<br>\n 2. 8+ GB minimum RAM (4+GB for the VM)<br>\n 3. External USB access<br>\n 4. Administrative privileges on the system<br>\n 5. Virtualization software - VirtualBox 5.X (including Virtualbox extension pack)/VMware player/VMware workstation/VMware Fusion<br>\n 6. Linux machines should have exfat-utils and exfat-fuse installed (ex: sudo apt-get install exfat-utils exfat-fuse).<br>\n 7. Virtualization (Vx-t) option enabled in the BIOS settings for virtualbox to work<br>\n 8. Latest OS on the host machines (For ex. Windows 7 is known to cause issues)</p>\n<p class=\"abstract\"><strong>Max students:</strong> 24</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/guided-tour-to-ieee-802154-and-ble-exploitation-icon-a-tickets-47085983444\">https://www.eventbrite.com/e/guided-tour-to-ieee-802154-and-ble-exploitation-icon-a-tickets-47085983444</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Arun Mane</strong><br> Arun: is a Hardware, IOT and ICS Security Researcher. His areas of interest are Hardware Security, SCADA, Fault Injection, RF protocols and Firmware Reverse Engineering. He also has experience in performing Security Audits for both Government and private clients. He has presented a talk at the nullcon 2016,2017,2018 Goa, GNUnify 2017, Defcamp 2017,BsidesDelhi 2017, c0c0n x 2017,EFY 2018,X33fcon2018 Also Trainer for Practical Industrial Control Systems (ICS) hacking training, delivered in X33fcon2018 and was co-Trainer for Practical IoT hacking which was delivered in HITB 2017, HIP 2017, BlackHat Asia 2018 and private clients in London, Australia, Sweden, Netherlands etc. He is an active member of null - The open Security community and G4H community.\n<p class=\"speakerBio\"><strong>Rushikesh D. Nandedkar</strong><br> Rushikesh: is a security analyst. Having more than six years of experience under his belt, his assignments have always been pointed towards reducing the state of insecurity for information. His research papers were accepted at NCACNS 2013, nullcon 2014, HITCON 2014, Defcamp 2014, BruCON 2015, DEFCON 24, BruCON 2016, x33fcon 2017, c0c0n-x 2017, BruCON 2017, BSides Delhi 2017, nullcon 2018, HITB Amsterdam 2018 and x33fcon 2018, as well he is a co-author of an intelligent evil twin tool \"DECEPTICON\". Being an avid CTF player, for him solace is messing up with packets, frames and shell codes.\n \n</article>\n\'',0,134600),('1_Thursday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Guided Tour to IEEE 802.15.4 and BLE Exploitation\'','\'Arun Mane, Rushikesh D. Nandedkar\'','ws__mane','\'\'',0,134601),('1_Thursday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Guided Tour to IEEE 802.15.4 and BLE Exploitation\'','\'Arun Mane, Rushikesh D. Nandedkar\'','ws__mane','\'\'',0,134602),('1_Thursday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon A','\'Guided Tour to IEEE 802.15.4 and BLE Exploitation\'','\'Arun Mane, Rushikesh D. Nandedkar\'','ws__mane','\'\'',0,134603),('1_Thursday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon A','\'Forensic Investigation for the Non-Forensic Investigator\'','\'Gary Bates\'','ws__bates','\'<article class=\"talk\" id=\"bates\">\n<h3 class=\"talkTitle\">Forensic Investigation for the Non-Forensic Investigator</h3>\n	<p class=\"details\">Thursday, 1430-1830 in Icon A</p>\n<h4 class=\"speaker\">Gary Bates<span class=\"speakerTitle\"> Technology Director</span></h4>\n\n<p class=\"abstract\">This workshop will provide a foundation to attendees on the basics of performing a forensic investigation on a corporate or SOHO network.  The course will primarily discuss forensics on a Windows system and network, but, Linux and Mac systems will be briefly discusses during the workshop where applicable.\n\nAttendees will learn techniques on how to properly collect possible evidentiary data, how to store the collected data, how to analyze the information and evaluate the data.\nTopics that will be covered include:\n- Pre-incident.. Setting up your forensic analysis toolkit.\n- First contact with an incident.  What should you do and not do.\n- Collecting volatile data.  Tools and techniques\n- Collecting and storing non-volatile data.\n- Utilizing open source software to analyze the data\n- Making a determination and writing the report based on the analyzed data.\n- What to do with the collected and analyzed information.\n\nThis workshop is intended to provide a basic overview of how to properly collect and handle data in a corporate or enterprise network.  The course will cover several tools and provide labs for the students to complete to familiarize themselves with how the tools work and the proper procedures to use.  However, this class will not make a deep dive into any of the tools.  Nor is this class intended for the professional forensic investigator.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Students need to have a knowledgeable background in IT Administration, basic knowledge of file structures and how the Windows OS works.  Students should be knowledgeable in utilizing VirtualBox and how to setup VMs and attach virtual hard drives.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Students will need to bring a laptop capable of running no more than 3 VMs.  The latest version of VirtualBox should be installed.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 24</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/forensic-investigation-for-the-non-forensic-investigator-icon-a-tickets-47086683538\">https://www.eventbrite.com/e/forensic-investigation-for-the-non-forensic-investigator-icon-a-tickets-47086683538</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Gary Bates</strong><br> Gary works as the Technology Director for a medium size city in Texas.  This job requires him to wear many hats to include performing forensic analysis on enterprise systems.  In addition, he has helped the City\'s police department with several criminal cases that involved the collection of network and stored data from systems under investigation.  Additionally, he teaches information security classes at the local junior college to include a forensic investigation course for IT security students.  Besides 15 years of experience in the IT field, he has a BS in Network Administration and a Masters in Information Security Assurance.  He, also, holds several industry certifications to include a Certified Ethical Forensic Investigator Certification.  Since he is easily distracted and always curious, he has a wide-range of interest and off-hour projects that run the gambit from in-depth study about  cyber security to data analysis programming to electronic projects that use the Raspberry Pi and Arduino chips.\n \n \n</article>\n\'',0,134604),('1_Thursday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Forensic Investigation for the Non-Forensic Investigator\'','\'Gary Bates\'','ws__bates','\'\'',0,134605),('1_Thursday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Forensic Investigation for the Non-Forensic Investigator\'','\'Gary Bates\'','ws__bates','\'\'',0,134606),('1_Thursday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Forensic Investigation for the Non-Forensic Investigator\'','\'Gary Bates\'','ws__bates','\'\'',0,134607),('1_Thursday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon A','\'Forensic Investigation for the Non-Forensic Investigator\'','\'Gary Bates\'','ws__bates','\'\'',0,134608),('1_Thursday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon D','\'Finding Needles in Haystacks\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger2','\'<article class=\"talk\" id=\"nyffenegger2\">\n<h3 class=\"talkTitle\">Finding Needles in Haystacks</h3>\n	<p class=\"details\">Thursday, 1000-1400 in Icon D</p>\n<h4 class=\"speaker\">Louis Nyffenegger<span class=\"speakerTitle\"> Security Engineer, Pentester Lab</span></h4>\n<h4 class=\"speaker\">Luke Jahnke<span class=\"speakerTitle\"> Security Researcher, Elttam</span></h4>\n\n<p class=\"abstract\">With more and more teams moving to Agile, security engineers need to be ready to find bugs by just looking at a diff in Stash or Github. This workshop will give you the basics to get started and know what to look for. Based on 3 exercises in 3 different languages (PHP, Golang and Ruby), we will cover simple to more advanced issues and show you where to look and what you can find. After this workshop, you will be ready to start doing code review for fun or as a way to get further as part of a post-exploitation.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> The students should be able to use a text editor and navigate source code. Basic knowledge of Git, PHP, Ruby and Go will definitely help but is not mandatory.</p>\n<p class=\"abstract\"><strong>Materials:</strong> A laptop with 4Gb of RAM. Internet access during the class.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/finding-needles-in-haystacks-icon-d-tickets-47086263281\">https://www.eventbrite.com/e/finding-needles-in-haystacks-icon-d-tickets-47086263281</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Louis Nyffenegger</strong><br> Louis Nyffenegger is a security engineer and entrepreneur based in Melbourne, Australia. He performs pentest, architecture and code review on a daily basis. Louis is the founder of PentesterLab, a learning platform for web penetration testing.\n<p class=\"speakerBio\"><strong>Luke Jahnke</strong><br> Luke Jahnke is a Security Researcher at Elttam. He has extensive experience performing security assessments and running training. He enjoys working on interest vulnerabilities and runs the biennial BitcoinCTF competition.\n \n</article>\n\'',0,134609),('1_Thursday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'Finding Needles in Haystacks\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger2','\'\'',0,134610),('1_Thursday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'Finding Needles in Haystacks\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger2','\'\'',0,134611),('1_Thursday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon D','\'Finding Needles in Haystacks\'','\'Louis Nyffenegger, Luke Jahnke\'','ws__nyffenegger2','\'\'',0,134612),('1_Thursday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon B','\'Pentesting ICS 101\'','\'Alexandrine Torrents, Arnaud SOULLIÉ\'','ws__torrents','\'<article class=\"talk\" id=\"torrents\">\n<h3 class=\"talkTitle\">Pentesting ICS 101</h3>\n	<p class=\"details\">Thursday, 1000-1400 in Icon B</p>\n<h4 class=\"speaker\">Alexandrine Torrents<span class=\"speakerTitle\"> Security Consultant, Wavestone</span></h4>\n<h4 class=\"speaker\">Arnaud SOULLIÉ<span class=\"speakerTitle\"> Manager, Wavestone</span></h4>\n\n<p class=\"abstract\">Many people talk about ICS &amp; SCADA security nowadays, but only a few people actually have the opportunity to get their hands dirty and understand how these systems work. Have you ever wanted to know how to make a train derail, or stop a production line? Well, this workshop is made for you!\nThe goal of this workshop is to give you the knowledge required to start attacking SCADA networks and PLCs, and give you hands-on experience on real devices by hacking our model train!\nIn this workshop, we will cover the main components and the commonly associated security flaws of industrial control systems, aka SCADA systems. We will then focus on their key assets, Programmable Logic Controllers (PLCs), and discover how they work, how they communicate, how they can be programmed to learn the methods and tools you can use to p*wn them.\nThen we will move on to real-world by attacking real PLCs from two major manufacturers on a dedicated setup featuring robot arms and a model train! Let\'s capture the flag!</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> A knowledge of penetration testing is a plus, but we try to make it work for newbies as well.</p>\n<p class=\"abstract\"><strong>Materials:</strong> A computer with 4gb of RAM, 30GB disk space and Virtualbox. We will provide 2 Virtual Machines for attendees.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 30</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/pentesting-ics-101-icon-b-tickets-47086318446\">https://www.eventbrite.com/e/pentesting-ics-101-icon-b-tickets-47086318446</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Alexandrine Torrents</strong><br> Alexandrine Torrents is a cybersecurity consultant at Wavestone, a French consulting company. She is specialized in penetration testing, and performed several security assessment on ICS. She worked on a few ICS models to demonstrate attacks on PLCs and she developed a particular tool to request Siemens PLCs. Moreover, she is also working at securing ICS, in the scope of the French military law, enforcing companies offering a vital service to the nation to comply to security rules.\n<p class=\"speakerBio\"><strong>Arnaud SOULLIÉ</strong><br> Arnaud Soullié is a manager at Wavestone, performing security audits and leading R&amp;D projects. He has a specific interest in Active Directory security as well as ICS, two subjects that tend to collide nowadays. He teaches ICS security and pentests workshops at security conferences (BlackHat Europe 2014, BSides Las Vegas 2015/2016, Brucon 2015/2017, DEFCON 24) as well as full trainings (Hack In Paris 2015).\n \n</article>\n\'',0,134613),('1_Thursday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\'Pentesting ICS 101\'','\'Alexandrine Torrents, Arnaud SOULLIÉ\'','ws__torrents','\'\'',0,134614),('1_Thursday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\'Pentesting ICS 101\'','\'Alexandrine Torrents, Arnaud SOULLIÉ\'','ws__torrents','\'\'',0,134615),('1_Thursday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon B','\'Pentesting ICS 101\'','\'Alexandrine Torrents, Arnaud SOULLIÉ\'','ws__torrents','\'\'',0,134616),('1_Thursday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon C','\'Where\'s My Browser? Learn Hacking iOS and Android WebViews\'','\'David Turco, Jon Overgaard Christiansen\'','ws__turco','\'<article class=\"talk\" id=\"turco\">\n<h3 class=\"talkTitle\">Where\'s My Browser? Learn Hacking iOS and Android WebViews</h3>\n	<p class=\"details\">Thursday, 1000-1400 in Icon C</p>\n<h4 class=\"speaker\">David Turco<span class=\"speakerTitle\"> Senior Security Consultant, Context Information Security</span></h4>\n<h4 class=\"speaker\">Jon Overgaard Christiansen<span class=\"speakerTitle\"> Principal Security Consultant, Context Information Security</span></h4>\n\n<p class=\"abstract\">WebViews allow developers to embed HTML pages into mobile applications and their use is widespread, from merely displaying a simple help page to wrapping an entire website inside a mobile app.\n Developers now \"control the browser\" and things can go very wrong: a cross site scripting vulnerability can be catastrophic for a mobile application and result in the exfiltration of user\'s data stored on the device or in someone listening to user conversations.\n The \"Where\'s My Browser?\" vulnerable-by-design mobile applications for Android and iOS have been written by the presenter as a teaching tool for hacking WebViews.\n The workshop covers the attack surface of Android and iOS WebViews and presents techniques and tools for identifying and exploiting those vulnerabilities. Attendees will practice their skills against the \"Where\'s My Browser?\" mobile apps. The source code of the applications will help students in recognizing common coding mistakes.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> The workshop is aimed at an audience with an intermediate skill level. It is expected a basic knowledge of mobile and web application security testing (can you tell the difference between XSS and CSRF?) and a basic understanding of JavaScript and common programming concepts.</p>\n<p class=\"abstract\"><strong>Materials:</strong> The best setup to cover all exercises is a Mac OS X laptop with Android Studio, Apple Xcode and Google Chrome installed. All exercises can be done using the Android and iOS simulators. A physical mobile device is not necessary.\n Alternatively a Linux or Windows laptop with Android Studio and Google Chrome installed plus an iPhone (preferably jailbroken) are sufficient. An Apple ID is required to deploy the iOS application to a physical device.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 66</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/wheres-my-browser-learn-hacking-ios-and-android-webviews-icon-c-tickets-47086190062\">https://www.eventbrite.com/e/wheres-my-browser-learn-hacking-ios-and-android-webviews-icon-c-tickets-47086190062</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>David Turco</strong><br> David (endless) works as a Senior Security Consultant at Context Information Security. He started his professional career as a Linux administrator and then moved to information security about 5 years ago. He has a wide skill set but has developed a specific interest in web and mobile technologies. In the past he provided training on a variety of topics, including advanced web application training to developers and pentesters. Recently he\'s done some research work on XSLT injection attacks. He also developed BHFS, a write-only filesystem based on PGP.<br><br>Personal site:\n https://www.authenticationfailure.com/\n<p class=\"speakerBio\"><strong>Jon Overgaard Christiansen</strong><br> Jon is a Principal Security Consultant at Context Information Security. After working as an enterprise dev for a few years he moved into security, spending the last 7 years breaking code instead of writing it. Mobile security has been a key topic for him since back when there was still something called the Windows Phone and he has delivered training on this topic, and others like web app hacking and scripting attacks, over the last 5 years. Most of his time these days are spent on random red teams or reverse engineer mobile applications, but other interests do include the writing of rootkits and remote access tools... just for fun... as well as the occasional dabble in game design!\n \n</article>\n\'',0,134617),('1_Thursday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Where\'s My Browser? Learn Hacking iOS and Android WebViews\'','\'David Turco, Jon Overgaard Christiansen\'','ws__turco','\'\'',0,134618),('1_Thursday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Where\'s My Browser? Learn Hacking iOS and Android WebViews\'','\'David Turco, Jon Overgaard Christiansen\'','ws__turco','\'\'',0,134619),('1_Thursday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon C','\'Where\'s My Browser? Learn Hacking iOS and Android WebViews\'','\'David Turco, Jon Overgaard Christiansen\'','ws__turco','\'\'',0,134620),('1_Thursday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon B','\'Introduction to Cryptographic Attacks\'','\'Matt Cheung\'','ws__cheung','\'<article class=\"talk\" id=\"cheung\">\n<h3 class=\"talkTitle\">Introduction to Cryptographic Attacks</h3>\n	<p class=\"details\">Thursday, 1430-1830 in Icon B</p>\n<h4 class=\"speaker\">Matt Cheung<span class=\"speakerTitle\"> </span></h4>\n\n<p class=\"abstract\">Using cryptography is often a subtle practice and mistakes can result in significant vulnerabilities. This workshop will cover many of these vulnerabilities which have shown up in the real world. This will be a hands-on workshop where you will implement the attacks after each one is explained. I will provide a VM with Python dependencies and skeleton code included so you can focus on implementing the attack. A good way to determine if this workshop is for you is to look at the challenges at cryptopals.com and see if those look interesting, but you could use in person help understanding the attacks. While not a strict subset of those challenges, there is significant overlap.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Students should have experience with Python development and comfortable with mathematics such as modular arithmetic.</p>\n<p class=\"abstract\"><strong>Materials:</strong> A laptop with VMWare or VirtualBox installed and capable of running a VM.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 30</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/introduction-to-cryptographic-attacks-icon-b-tickets-47086369599\">https://www.eventbrite.com/e/introduction-to-cryptographic-attacks-icon-b-tickets-47086369599</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Matt Cheung</strong><br> Matt Cheung started developing his interest in cryptography during an internship in 2011. He worked on implementation of a secure multi-party protocol by adding elliptic curve support to an existing secure text pattern\n matching protocol. Implementation weaknesses were not a priority and this concerned Matt. This concern prompted him to learn about cryptographic attacks from Dan Boneh\'s crypto 1 course offered on Coursera and the Matasano/cryptopals challenges. From this experience he has given talks and workshops at the Boston Application Security Conference and the DEF CON Crypto and Privacy Village.\n \n \n</article>\n\'',0,134621),('1_Thursday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Introduction to Cryptographic Attacks\'','\'Matt Cheung\'','ws__cheung','\'\'',0,134622),('1_Thursday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Introduction to Cryptographic Attacks\'','\'Matt Cheung\'','ws__cheung','\'\'',0,134623),('1_Thursday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Introduction to Cryptographic Attacks\'','\'Matt Cheung\'','ws__cheung','\'\'',0,134624),('1_Thursday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon B','\'Introduction to Cryptographic Attacks\'','\'Matt Cheung\'','ws__cheung','\'\'',0,134625),('1_Thursday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon C','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Gabriel Ryan, Justin Whitehead\'','ws__ryan','\'<article class=\"talk\" id=\"ryan\">\n<h3 class=\"talkTitle\">Advanced Wireless Attacks Against Enterprise Networks</h3>\n	<p class=\"details\">Thursday, 1430-1830 in Icon C</p>\n<h4 class=\"speaker\">Gabriel Ryan<span class=\"speakerTitle\"> Co-Founder &amp; Principle Security Consultant, Digital Silence</span></h4>\n<h4 class=\"speaker\">Justin Whitehead<span class=\"speakerTitle\"> CEO &amp; Co-Founder, Digital Silence</span></h4>\n\n<p class=\"abstract\">This workshop will instruct attendees on how to carry out sophisticated wireless attacks against corporate infrastructure. Attendees will learn how to attack and gain access to WPA2-Enterprise networks, bypass network access controls, and perform replay attacks to gain administrative control over an Active Directory environment. External wireless adapters and additional required equipment will be provided to all workshop attendees, and material learned in the lectures will be practiced within a realistic lab environment. <br><br>Areas of focus include:<br><br>* Wireless reconnaissance and target identification within a red team environment<br>\n * Attacking and gaining entry to WPA2-EAP wireless networks<br>\n * LLMNR/NBT-NS Poisoning<br>\n * Firewall and NAC Evasion Using Indirect Wireless Pivots<br>\n * MITM and SMB Relay Attacks<br>\n * Downgrading modern SSL/TLS implementations using partial HSTS bypasses</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> None</p>\n<p class=\"abstract\"><strong>Materials:</strong> Students will need to bring a laptop with at least 8 gigs of RAM, a 64-bit operating system, at least 100 gigs of hard drive space (external drives are fine), and at least one free USB port. Students will also be required to download and install a virtual lab environment prior to participating in the workshop. Everything else will be provided by the instructor team.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 66</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/advanced-wireless-attacks-against-enterprise-networks-icon-c-tickets-47086648433\">https://www.eventbrite.com/e/advanced-wireless-attacks-against-enterprise-networks-icon-c-tickets-47086648433</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Gabriel Ryan</strong><br> Gabriel Ryan is a penetration tester and researcher with a passion for wireless and infrastructure testing. He currently serves a co-founder and principle security consultant for Digital Silence, a Denver based consulting firm that specializes in impact driven penetration testing and red team engagements. <br><br>Prior to joining Digital Silence, Gabriel worked as a penetration tester and researcher for Gotham Digital Silence, contributing heavily to their wireless security practice and regularly performing large scale infrastructure assessments and red teams for Fortune 500 companies. Some of Gabriel\'s most recent work includes the development of EAPHammer, an 802.11ac focused tool for breaching WPA2-EAP networks. On the side, he serves as a member of the BSides Las Vegas senior staff, coordinating wireless security for the event. In his spare time, he enjoys producing music, exploring the outdoors, and riding motorcycles.\n<p class=\"speakerBio\"><strong>Justin Whitehead</strong><br> Justin is an Army infantry veteran with over a decade of service. After retiring from the military, he went on to have a successful 7 year career in computer forensics and incident response. In 2015, he became a penetration tester at One World Labs, working under renowned security researcher Chris Roberts. He now serves as CEO and Co-Founder of Digital Silence, bringing a unique attention to detail and blend of blue and red team experience to the company. When he\'s not focused on his role as a security professional, Justin happily pursues his hobby of synchronized figure skating.\n \n</article>\n\'',0,134626),('1_Thursday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Gabriel Ryan, Justin Whitehead\'','ws__ryan','\'\'',0,134627),('1_Thursday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Gabriel Ryan, Justin Whitehead\'','ws__ryan','\'\'',0,134628),('1_Thursday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Gabriel Ryan, Justin Whitehead\'','ws__ryan','\'\'',0,134629),('1_Thursday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon C','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Gabriel Ryan, Justin Whitehead\'','ws__ryan','\'\'',0,134630),('1_Thursday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon D','\'Fuzzing FTW\'','\'Bryce Kunz, Kevin Lustic\'','ws__kunz','\'<article class=\"talk\" id=\"kunz\">\n<h3 class=\"talkTitle\">Fuzzing FTW</h3>\n	<p class=\"details\">Thursday, 1430-1830 in Icon D</p>\n<h4 class=\"speaker\">Bryce Kunz<span class=\"speakerTitle\"> President, Stage 2 Security</span></h4>\n<h4 class=\"speaker\">Kevin Lustic<span class=\"speakerTitle\"> Information Security Researcher</span></h4>\n\n<p class=\"abstract\">Join us in this hands-on introduction to fuzzing workshop, where we will explore how common fuzzing tools (e.g. AFL, libFuzzer, BooFuzz, etc..) are used to discover previously unknown bugs within applications.<br><br>We will first cover a general process to follow when fuzzing a targeted application and then provide hands-on labs where students will be able to apply this fuzzing process to quickly discover bugs within applications. <br><br>Several different fuzzing techniques will be covered including fuzzing file inputs via blind mutations (e.g. radamsa), fuzzing specific functions within an application via in-process evolutionary fuzzing (e.g. libFuzzer), compile-time instrumentation based fuzzing (e.g. AFL), and fuzzing of network services via generation based fuzzing (e.g. BooFuzz aka Sulley).</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Students need to be comfortable in Kali Linux which includes navigating the OS via the terminal.\n An understanding of basic networking concepts (i.e TCP/IP) and the HTTP protocol is highly recommended.\n Some knowledge of the Python scripting language is highly recommended.R26</p>\n	<p class=\"abstract\"><strong>Materials:</strong></p>\n	<ul class=\"square\">\n <li>A laptop with the ability to copy a Virtual Machine (VM) off a USB drive and run the VM within VMware Workstation / Fusion or VirtualBox.\n <li>Students are required to bring their own laptops\n <li>A minimum of 8 GB RAM installed\n <li>At least 60 GB HD free\n <li>USB 2 or higher support\n <li>VMware Workstation / Fusion / VirtualBox installed\n <ul class=\"circle\"><li>Tested on Windows 10 with VMware Workstation or VirtualBox.\n	 <li>Tested on macOS High Sierra with VMware Fusion or VirtualBox.</ul></ul>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/fuzzing-ftw-icon-d-tickets-47086572205\">https://www.eventbrite.com/e/fuzzing-ftw-icon-d-tickets-47086572205</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Bryce Kunz</strong><br> Bryce Kunz (@TweekFawkes) craves righteous red team hacks. Currently, the President of Stage 2 Security. Previously he supported the NSA (network exploitation &amp; vulnerability research), Adobe (built red teaming program for cloud services), and DHS (incident response). Bryce holds numerous certifications (e.g. OSCP, etc...), and has spoken at various security conferences (i.e. BlackHat, DerbyCon, etc...).\n<p class=\"speakerBio\"><strong>Kevin Lustic</strong><br> Kevin Lustic is an InfoSec researcher located just outside Salt Lake City, Utah. He is currently a red-teamer for Adobe in Lehi, performing offensive security testing against the various Adobe Digital Experience solutions. Prior to joining Adobe, Kevin spent five years in the Intelligence Community as a global network vulnerability analyst, cryptanalyst, and developer in various positions. He earned his Bachelor\'s degree in Mathematics from Ohio University, then his Master\'s degree in Cyberspace Operations from the Air Force Institute of Technology under a full NSF-funded CyberCorps scholarship.\n \n</article>\n\'',0,134631),('1_Thursday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'Fuzzing FTW\'','\'Bryce Kunz, Kevin Lustic\'','ws__kunz','\'\'',0,134632),('1_Thursday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'Fuzzing FTW\'','\'Bryce Kunz, Kevin Lustic\'','ws__kunz','\'\'',0,134633),('1_Thursday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'Fuzzing FTW\'','\'Bryce Kunz, Kevin Lustic\'','ws__kunz','\'\'',0,134634),('1_Thursday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon D','\'Fuzzing FTW\'','\'Bryce Kunz, Kevin Lustic\'','ws__kunz','\'\'',0,134635),('1_Thursday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon E','\'Playing with RFID\'','\'Vinnie Vanhoecke, Lorenzo Bernardi\'','ws__vanhoecke','\'<article class=\"talk\" id=\"vanhoecke\">\n<h3 class=\"talkTitle\">Playing with RFID</h3>\n	<p class=\"details\">Thursday, 1430-1830 in Icon E</p>\n<h4 class=\"speaker\">Vinnie Vanhoecke<span class=\"speakerTitle\"> Penetration Tester, Ernst &amp; Young Belgium</span></h4>\n<h4 class=\"speaker\">Lorenzo Bernardi<span class=\"speakerTitle\"> Cyber Security Consultant, Ernst &amp; Young Belgium</span></h4>\n\n<p class=\"abstract\">This is a workshop about Radio-frequency Identification (RFID), including a basic introduction and a set of practical hands-on challenges. We will start with explaining the theory behind RFID, including the different types and protocols (e.g. HID, Mifare, �) and how to perform an RFID assessment. Afterwards, the participants can take on several challenges (of increasing difficulty) with RFID readers that we will provide. Our objective is to make this workshop fun and accessible to a wide audience.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Basic Linux knowledge</p>\n<p class=\"abstract\"><strong>Materials:</strong> Laptop (preferably Linux based OS)</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/playing-with-rfid-icon-e-tickets-47086519046\">https://www.eventbrite.com/e/playing-with-rfid-icon-e-tickets-47086519046</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Vinnie Vanhoecke</strong><br> Vinnie is a penetration tester of web application &amp; mobile application working for EY. During college he wrote a thesis about RFID and now he using his experience to provide a RFID workshop and make people aware of the vulnerabilities within RFID. In his spare time he strengthen his IT security skills by playing CTF\'s, reading blogs, going to conferences and develop a variety of side projects.\n<p class=\"speakerBio\"><strong>Lorenzo Bernardi</strong><br> Lorenzo is a cyber security consultant at EY. He mainly focusses on penetration testing and red team exercises. Because of the different physical intrusion he had to perform in the scope of the red teaming activities, he extended his wireless knowledge to the RFID field, where he gained experience over the years. In his spare time Lorenzo likes to learn new topics related to cyber security. He has basic knowledge of wireless signal hacking, in addition of RFID.\n \n</article>\n\'',0,134636),('1_Thursday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Playing with RFID\'','\'Vinnie Vanhoecke, Lorenzo Bernardi\'','ws__vanhoecke','\'\'',0,134637),('1_Thursday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Playing with RFID\'','\'Vinnie Vanhoecke, Lorenzo Bernardi\'','ws__vanhoecke','\'\'',0,134638),('1_Thursday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Playing with RFID\'','\'Vinnie Vanhoecke, Lorenzo Bernardi\'','ws__vanhoecke','\'\'',0,134639),('1_Thursday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon E','\'Playing with RFID\'','\'Vinnie Vanhoecke, Lorenzo Bernardi\'','ws__vanhoecke','\'\'',0,134640),('1_Thursday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon F','\'Packet Mining for Privacy Leakage\'','\'Dave Porcello, Sean Gallagher\'','ws__porcello','\'<article class=\"talk\" id=\"porcello\">\n<h3 class=\"talkTitle\">Packet Mining for Privacy Leakage</h3>\n	<p class=\"details\">Thursday, 1000-1400 in Icon F</p>\n<h4 class=\"speaker\">Dave Porcello<span class=\"speakerTitle\"> Founder, Pwnie Express</span></h4>\n<h4 class=\"speaker\">Sean Gallagher<span class=\"speakerTitle\"> IT &amp; National Security Editor, Ars Technica</span></h4>\n\n<p class=\"abstract\">Join the packet hunters behind NPR\'s Project Eavesdrop for an interactive, hands-on workshop where we\'ll hunt for juicy bits of personal &amp; corporate data on the wire. Using Wireshark, ngrep,\n tcpflow, xplico and other Linux packet digging tools, you\'ll learn how to extract PII from a packet capture or live stream, including passwords, emails, photos/images, cookies, session IDs, credit card\n numbers, SSNs, GPS coordinates, mobile device details, cell carrier info, vulnerable client software, weak SSL sessions, and much more. Useful for detecting privacy/data leakage, passive pentesting, &amp; network forensics, these techniques expose what an intermediary can discern about an individual or organization through passive monitoring of network traffic.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Students must be comfortable with Linux command line &amp; Wireshark.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Students wishing to participate in the exercises should bring a laptop running Kali Linux (or a Kali virtual machine).</p>\n<p class=\"abstract\"><strong>Max students:</strong> 84</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/packet-mining-for-privacy-leakage-icon-f-tickets-47086301395\">https://www.eventbrite.com/e/packet-mining-for-privacy-leakage-icon-f-tickets-47086301395</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Dave Porcello</strong><br> Dave Porcello is the Founder of Pwnie Express and creator of the original Pwn Plug, Power Pwn, and other covert pentesting gadgets featured on NPR, Wired, Ars Technica, Slashdot, and \"Mr. Robot\". Dave is currently a freelance pentester, packet hunter, researcher, &amp; adjunct professor at Norwich University.\n<p class=\"speakerBio\"><strong>Sean Gallagher</strong><br> Sean Gallagher is Ars Technica\'s IT and National Security Editor. He evaluates security tools and conducts privacy and security testing for Ars\' Technology Lab.\n \n</article>\n\'',0,134641),('1_Thursday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Packet Mining for Privacy Leakage\'','\'Dave Porcello, Sean Gallagher\'','ws__porcello','\'\'',0,134642),('1_Thursday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Packet Mining for Privacy Leakage\'','\'Dave Porcello, Sean Gallagher\'','ws__porcello','\'\'',0,134643),('1_Thursday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon F','\'Packet Mining for Privacy Leakage\'','\'Dave Porcello, Sean Gallagher\'','ws__porcello','\'\'',0,134644),('1_Thursday','14','14:30','18:30','N','Workshops','Linq 4th Flr - Icon F','\'The Truth is in the Network: Reverse Engineering Application-Layer Protocols Via PCAP\'','\'David Pearson\'','ws__pearson','\'<article class=\"talk\" id=\"pearson\">\n<h3 class=\"talkTitle\">The Truth is in the Network: Reverse Engineering Application-Layer Protocols Via PCAP</h3>\n	<p class=\"details\">Thursday, 1430-1830 in Icon F</p>\n<h4 class=\"speaker\">David Pearson<span class=\"speakerTitle\"> Principal Threat Researcher, Awake Security</span></h4>\n\n<p class=\"abstract\">Reverse engineering has become an increasingly important element of network security. The ability to break a system down in order to understand its base components and how they interact is critical to understanding not just how the system works, but the ways it can leave your network vulnerable. This is especially true at the application level, where insecure or poorly managed applications can leak sensitive data. In this hands-on workshop, attendees will learn how to reverse engineer real application-layer protocols. During our time together, we\'ll start at the surface and do a deep technical dive into the network traffic of a common remote access application. Along the way, we\'ll: <br><br>1. Introduce protocol reverse engineering and explain its importance<br>\n 2. Learn how to discover structured data<br>\n 3. Determine if data is encoded or encrypted<br>\n 4. Understand how various protocols interact<br>\n 5. Uncover secondary communications and information leaks in a hands-on fashion<br><br>All materials and content are freely available at <a href=\"https://dl.awakesecurity.com/defcon/nw_re_tools/resources.html\">https://dl.awakesecurity.com/defcon/nw_re_tools/resources.html</a> and will remain so.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Familiarity with a network packet capture and analysis tool -such as Wireshark - will provide a solid foundation on which to build. In addition, a basic understanding of lua scripts will be beneficial.</p>\n<p class=\"abstract\"><strong>Materials:</strong> Students will need a laptop with Wireshark installed and access to the Internet. An IDE of choice is also recommended.</p>\n<p class=\"abstract\"><strong>Max students:</strong> 84</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/the-truth-is-in-the-network-reverse-engineering-application-layer-protocols-via-pcap-icon-f-tickets-47086494974\">https://www.eventbrite.com/e/the-truth-is-in-the-network-reverse-engineering-application-layer-protocols-via-pcap-icon-f-tickets-47086494974</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>David Pearson</strong><br> Having used Wireshark ever since it was Ethereal, David has been analyzing network traffic for well over a decade. He has spent the majority of his professional career understanding how networks and applications work, currently as Principal Threat Researcher for Awake Security. David holds computer security degrees from the Rochester Institute of Technology (BS) and Carnegie Mellon University (MS).\n \n \n</article>\n\'',0,134645),('1_Thursday','15','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'The Truth is in the Network: Reverse Engineering Application-Layer Protocols Via PCAP\'','\'David Pearson\'','ws__pearson','\'\'',0,134646),('1_Thursday','16','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'The Truth is in the Network: Reverse Engineering Application-Layer Protocols Via PCAP\'','\'David Pearson\'','ws__pearson','\'\'',0,134647),('1_Thursday','17','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'The Truth is in the Network: Reverse Engineering Application-Layer Protocols Via PCAP\'','\'David Pearson\'','ws__pearson','\'\'',0,134648),('1_Thursday','18','14:30','18:30','Y','Workshops','Linq 4th Flr - Icon F','\'The Truth is in the Network: Reverse Engineering Application-Layer Protocols Via PCAP\'','\'David Pearson\'','ws__pearson','\'\'',0,134649),('1_Thursday','10','10:00','13:59','N','Workshops','Linq 4th Flr - Icon E','\'Building Autonomous AppSec Test Pipelines with the Robot Framework\'','\'Abhay Bhargav, Sharath Kumar Ramadas\'','ws__bhargav','\'<article class=\"talk\" id=\"bhargav\">\n<h3 class=\"talkTitle\">Building Autonomous AppSec Test Pipelines with the Robot Framework</h3>\n	<p class=\"details\">Thursday, 1000-1400 in Icon E</p>\n<h4 class=\"speaker\">Abhay Bhargav<span class=\"speakerTitle\"> CTO, we45</span></h4>\n<h4 class=\"speaker\">Sharath Kumar Ramadas<span class=\"speakerTitle\"> Senior Solutions Engineer, we45</span></h4>\n\n<p class=\"abstract\">It is common knowledge that automating security testing, especially for rapid-release applications is an essential requirement from multiple perspectives. One perspective is that of security testing in a Continuous Delivery Pipeline (as part of CI/CD) and the other is the perspective of a Penetration Tester. In a CI/CD Pipeline, one would like security tests to be triggered in an automated manner. These tests should provide information related to application vulnerabilities to engineering teams, early in the SDL (Software Development Lifecycle), preferably before these apps are deployed to production. From the perspective of the Pentester, there is the obvious shortage of time and resources. Pentesters spend a lot of time repeating standard manual processes, thereby losing out on time to perform more deep, insightful analysis of the target application to uncover serious security flaws. Targeted Automation, can be very useful for a Pentester as well.</p>\n<p class=\"abstract\"><strong>Prerequisites:</strong> Basic Knowledge of Application Security Testing Techniques</p>\n<p class=\"abstract\"><strong>Materials:</strong> Laptop with Virtualbox loaded - VM will be provided</p>\n<p class=\"abstract\"><strong>Max students:</strong> 33</p>\n<p class=\"abstract\"><strong>Registration:</strong><span class=\"callStatusClosed\"> -CLASS FULL- </span><a href=\"https://www.eventbrite.com/e/building-autonomous-appsec-test-pipelines-with-the-robot-framework-icon-e-tickets-47086284344\">https://www.eventbrite.com/e/building-autonomous-appsec-test-pipelines-with-the-robot-framework-icon-e-tickets-47086284344</a><br>(Opens July 8, 2018 at 15:00 PDT)</p>\n<p class=\"speakerBio\"><strong>Abhay Bhargav</strong><br> Abhay Bhargav is the CTO of we45, a focused Application Security company. Abhay is the author of two international publications. \"Secure Java for Web Application Development\" and \"PCI Compliance: A Definitive Guide\". Abhay is a builder and breaker of applications, and has authored multiple applications in Django and NodeJS. He is the Chief Architect of \"Orchestron\", a leading Application Vulnerability Correlation and Orchestration Framework. He is a passionate Pythonista and loves the idea of automation in security. This passion prompted him to author the world\'s first hands-on Security in DevOps training that has been delivered in multiple locations, and recently as a highly successful training programs at the OWASP AppSecUSA 2016, OWASP AppSec EU and USA 2017. Abhay recently delivered a workshop on SecDevOps at DEFCON 25. In addition , Abhay speaks regularly at industry events including OWASP, ISACA, Oracle OpenWorld, JavaOne, and others.\n<p class=\"speakerBio\"><strong>Sharath Kumar Ramadas</strong><br> Sharath is a Senior Solutions Engineer at we45. As part of his role, Sharath has architected and developed multiple solutions around security engineering, including an Application Vulnerability Correlation tool called Orchestron. As part of his experience with Application Security, Sharath has developed integrations for multiple security products including DAST, SAST, SCA and Cloud environments, In addition, Sharath has extensive experience with Cloud Deployments and Container Native Deployments. As part of his role in a security organization, Sharath has led teams that have created intentionally vulnerable apps for CTF competitions both inside and outside the organization.\n \n</article>\n\'',0,134650),('1_Thursday','11','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Building Autonomous AppSec Test Pipelines with the Robot Framework\'','\'Abhay Bhargav, Sharath Kumar Ramadas\'','ws__bhargav','\'\'',0,134651),('1_Thursday','12','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Building Autonomous AppSec Test Pipelines with the Robot Framework\'','\'Abhay Bhargav, Sharath Kumar Ramadas\'','ws__bhargav','\'\'',0,134652),('1_Thursday','13','10:00','13:59','Y','Workshops','Linq 4th Flr - Icon E','\'Building Autonomous AppSec Test Pipelines with the Robot Framework\'','\'Abhay Bhargav, Sharath Kumar Ramadas\'','ws__bhargav','\'\'',0,134653),('3_Saturday','10','10:00','11:50','N','Demolabs','Table 1','\'#WiFiCactus\'','\'Mike Spicer\'','dl__#WiFiCactus','\'<article class=\"talk\" id=\"#WiFiCactus\">\n<h3 class=\"talkTitle\">#WiFiCactus</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1000-1150 at Table One<br>\n	Offense, defense, hardware</p>\n<h4 class=\"speaker\">Mike Spicer</h4>\n<p class=\"abstract\">The newly upgraded #WiFiCactus for DEF CON 26 is a passive wireless monitoring backpack that listens to 60 channels of 2.4 and 5 gHz WiFi at the same time. New this year is the ability to capture 802.11AC traffic and upgrades to remove bandwidth bottlenecks. This tool uses Kismet to capture the data from the each radio and aggregates them into a single searchable web interface. This tool is also capable of identifying wireless threats, troubleshooting complex wireless environments and helping with correlation analysis between Bluetooth and WiFi.</p>\n\n<p class=\"abstract\"><a href=\"http://palshack.org/the-hashtag-wifi-cactus-wificactus-def-con-25/\">http://palshack.org/the-hashtag-wifi-cactus-wificactus-def-con-25/</a></p>\n\n<p class=\"speakerBio\"><strong>Mike Spicer</strong><br> d4rkm4tter is a mad scientist who likes to hack hardware and software. He is particularly obsessed with wireless. He has a degree in computer science which he has put to use building and breaking a wide variety of systems.\n</article>\n\'',0,134654),('3_Saturday','11','10:00','11:50','Y','Demolabs','Table 1','\'#WiFiCactus\'','\'Mike Spicer\'','dl__#WiFiCactus','\'\'',0,134655),('3_Saturday','12','12:00','13:50','N','Demolabs','Table 6','\'ADRecon: Active Directory Recon\'','\'Prashant Mahajan\'','dl__ADRecon','\'<article class=\"talk\" id=\"ADRecon\">\n<h3 class=\"talkTitle\">ADRecon: Active Directory Recon</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1200-1350 at Table Six<br>\n	Security professionals (Blue Team, Red Team), system administrators, etc.</p>\n<h4 class=\"speaker\">Prashant Mahajan</h4>\n<p class=\"abstract\">ADRecon is a tool which extracts various artifacts (as highlighted below) out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report can provide a holistic picture of the current state of the target AD environment. The tool is useful to various classes of security professionals like system administrators, security professionals, DFIR, etc. It can also be an invaluable post-exploitation tool for a penetration tester. It can be run from any workstation that is connected to the environment, even hosts that are not domain members. Furthermore, the tool can be executed in the context of a non-privileged (i.e. standard domain user) accounts. Fine Grained Password Policy, LAPS and BitLocker may require Privileged user accounts. The tool will use Microsoft Remote Server Administration Tools (RSAT) if available, otherwise it will communicate with the Domain Controller using LDAP.<br><br>\n\nThe following information is gathered by the tool: Forest; Domain; Trusts; Sites; Subnets; Default Password Policy; Fine Grained Password Policy (if implemented); Domain Controllers, SMB versions, whether SMB Signing is supported and FSMO roles; Users and their attributes; Service Principal Names (SPNs); Groups and memberships; Organizational Units (OUs); ACLs for the Domain, OUs, Root Containers and GroupPolicy objects; Group Policy Object details; DNS Zones and Records; Printers; Computers and their attributes; LAPS passwords (if implemented); BitLocker Recovery Keys (if implemented); and GPOReport (requires RSAT).</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/sense-of-security/ADRecon\">https://github.com/sense-of-security/ADRecon</a></p>\n\n<p class=\"speakerBio\"><strong>Prashant Mahajan</strong><br> Prashant Mahajan is a Security Consultant at Sense of Security Pty Ltd. He has experience with various aspects of Information Security including penetration testing, vulnerability analysis, digital forensics and incident response. Prashant is a founding member of Null&mdash;The Open Security Community and frequent speaker at industry events.\n</article>\n\'',0,134656),('3_Saturday','13','12:00','13:50','Y','Demolabs','Table 6','\'ADRecon: Active Directory Recon\'','\'Prashant Mahajan\'','dl__ADRecon','\'\'',0,134657),('3_Saturday','16','16:00','17:50','N','Demolabs','Table 2','\'Angad: A Malware Detection Framework using Multi-Dimensional Visualization\'','\'Ankur Tyagi\'','dl__Angad','\'<article class=\"talk\" id=\"Angad\">\n<h3 class=\"talkTitle\">Angad: A Malware Detection Framework using Multi-Dimensional Visualization</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1600-1750 at Table Two<br>\n	Defense, Forensics, Network, Malware</p>\n<h4 class=\"speaker\">Ankur Tyagi</h4>\n<p class=\"abstract\">Angad is a framework to automate classification of an unlabelled malware dataset using multi-dimensional modelling. The input dataset is analyzed to collect various attributes which are then arranged in a number of feature vectors. These vectors are then individually visualized, indexed and then queried for each new input file. Matching vectors are labelled as per their AV detection categories for now but this could be changed to a heuristics approach if needed. If dynamic behavior or network traffic details are available, vectors are also converted into activity graphs that depict evolution of activity with a predefined time scale. This results into an animation of malware/malware category\'s behavior traits and is also useful in identifying activity overlaps across the input dataset.<br><br>\n\nMalware detection is a challenging task as the landscape is ever-evolving. Every other day, a new variant or a known malware family is reported and signature driven tools race against time to add detection. The process worsens when the rate of incoming samples is in thousands on a daily basis, making static/dynamic analysis alone of no use.<br><br>\n\nAngad tries to address this issue by leveraging well-known data classification techniques to the malware domain. It tries to provide a known interface to the multi-dimensional modelling approach within a standalone package.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/7h3rAm/angad\">https://github.com/7h3rAm/angad</a></p>\n\n<p class=\"speakerBio\"><strong>Ankur Tyagi</strong><br> Bio: Ankur Tyagi is a Sr. Malware Research Engineer at Qualys Inc., where he analyzes malicious code and applies statistical modelling to identify suspicious patterns and evolving trends. His research interests include structural visualization techniques for classifying large collections of uncategorized samples. He has completed MS in Software Systems with focus on Applied Security.\n</article>\n\'',0,134658),('3_Saturday','17','16:00','17:50','Y','Demolabs','Table 2','\'Angad: A Malware Detection Framework using Multi-Dimensional Visualization\'','\'Ankur Tyagi\'','dl__Angad','\'\'',0,134659),('3_Saturday','10','10:00','11:50','N','Demolabs','Table 2','\'Archery&mdash;Open Source Vulnerability Assessment and Management\'','\'Anand Tiwari\'','dl__Archery','\'<article class=\"talk\" id=\"Archery\">\n<h3 class=\"talkTitle\">Archery&mdash;Open Source Vulnerability Assessment and Management</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1000-1150 at Table Two<br>\n	Offense</p>\n<h4 class=\"speaker\">Anand Tiwari</h4>\n<p class=\"abstract\">Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scanning for web application and network. It also performs web application dynamic authenticated scanning and covers the whole applications by using selenium. The developers can also utilize the tool for implementation of their DevOps CI/CD environment.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/archerysec/archerysec/\">https://github.com/archerysec/archerysec/</a></p>\n\n<p class=\"speakerBio\"><strong>Anand Tiwari</strong><br> Anand Tiwari is an information security professional with nearly 5 years of experience in offensive security, with expertise in Mobile and Web Application Security. Currently working with Philips Healthcare on securing medical devices. He has authored Archery&mdash;open source tool and has presented at Black Hat Asia 2018. In his free time, he enjoys coding and experimenting with various open source security tools. Twitter handle: @anandtiwarics\n</article>\n\'',0,134660),('3_Saturday','11','10:00','11:50','Y','Demolabs','Table 2','\'Archery&mdash;Open Source Vulnerability Assessment and Management\'','\'Anand Tiwari\'','dl__Archery','\'\'',0,134661),('3_Saturday','12','12:00','13:50','N','Demolabs','Table 5','\'BLEMystique&mdash;Affordable custom BLE target\'','\'Nishant Sharma, Jeswin Mathai\'','dl__BLEMystique','\'<article class=\"talk\" id=\"BLEMystique\">\n<h3 class=\"talkTitle\">BLEMystique&mdash;Affordable custom BLE target</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1200-1350 at Table Five<br>\n	Attack and Defence</p>\n<h4 class=\"speaker\">Nishant Sharma</h4>\n<h4 class=\"speaker\">Jeswin Mathai</span></h4>\n<p class=\"abstract\">BLEMystique is an ESP32 based custom BLE target which can be configured by the user to behave like one of the multiple BLE devices. BLEMystique allows a pentester to play with the BLE side of different kind of smart devices with a single piece of affordable ESP32 chip. BLEMystique contains multiple device profiles, for example, Smart Lock, Smart health band, Smart bulb, Heart rate monitor, Smart Bottle and more.<br><br>\n\nThe BLEMystique code and manuals will be released to general public. So, apart from using the pre-configured devices, the users can also add support for devices for their choice and use their ESP32 board for target practice. In this manner, this tool can improve the overall experience of learning BLE pentesting.</p>\n\n<p class=\"abstract\"><a href=\"\"></a></p>\n\n<p class=\"speakerBio\"><strong>Nishant Sharma</strong><br> Nishant Sharma is a Technical Manager at Pentester Academy and Hacker Arsenal where he leads the development of multiple gadgets for WiFi pentesting such as WiMonitor, WiNX, WiMini and course/training content. He has presented/published his work at Blackhat Arsenal, Wireless Village, IoT village and Demo labs (DEFCON). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the WIPS solution. He has a Master degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, AD security, forensics and cryptography.\n<p class=\"speakerBio\"><strong>Jeswin Mathai</strong><br> Jeswin Mathai is a Researcher at Pentester Academy. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals and conducted awareness workshops for government institutions. He was also the part of team Pied Piper who won Smart India Hackathon 2017, a national level competition organized by GoI. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security and Web Application Security.\n</article>\n\'',0,134662),('3_Saturday','13','12:00','13:50','Y','Demolabs','Table 5','\'BLEMystique&mdash;Affordable custom BLE target\'','\'Nishant Sharma, Jeswin Mathai\'','dl__BLEMystique','\'\'',0,134663),('3_Saturday','16','16:00','17:50','N','Demolabs','Table 5','\'boofuzz\'','\'Joshua Pereyda\'','dl__boofuzz','\'<article class=\"talk\" id=\"boofuzz\">\n<h3 class=\"talkTitle\">boofuzz</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1600-1750 at Table Five<br>\n	Vulnerability Analysis, AppSec, Offense.</p>\n<h4 class=\"speaker\">Joshua Pereyda</h4>\n<p class=\"abstract\">boofuzz is an open source network protocol fuzzing framework, competing with closed source commercial products like Defensics and Peach.<br><br>\n\nInheriting from the open source tools Spike and Sulley, boofuzz improves on a long line of block-based fuzzing frameworks.<br><br>\n\nThe framework allows hackers to specify protocol formats, and boofuzz does the heavy lifting of generating mutations specific to the format. boofuzz makes developing protocol-specific \"smart\" fuzzers relatively easy. Make no mistake, designing a smart network protocol fuzzer is no trivial task, but boofuzz provides a solid foundation for producing quality fuzzers.<br><br>\n\nWritten in Python, boofuzz builds on its predecessor, Sulley, with key features including:\n	\n	<ul class=\"square\">\n		<li>Online documentation.\n		<li>More extensibility including support for arbitrary communications mediums.\n		<li>Built-in support for serial fuzzing, ethernet- and IP-layer, UDP broadcast.\n		<li>Much easier install experience!\n		<li>Far fewer bugs.\n	</ul>\n\n<p class=\"abstract\"><a href=\"https://github.com/jtpereyda/boofuzz\">https://github.com/jtpereyda/boofuzz</a></p>\n\n<p class=\"speakerBio\"><strong>Joshua Pereyda</strong><br> Joshua is a software engineer specializing in information and network security. He has worked in the critical infrastructure and cloud computing industries with employers heavily invested in software and hardware security. He currently hunts vulnerabilities full time. Among his passions are hacking, teaching kids to program, listening to upper-crust orchestral performances with his wife, and figuring out how he can get paid to do it all... legally.\n</article>\n\'',0,134664),('3_Saturday','17','16:00','17:50','Y','Demolabs','Table 5','\'boofuzz\'','\'Joshua Pereyda\'','dl__boofuzz','\'\'',0,134665),('4_Sunday','10','10:00','11:50','N','Demolabs','Table 3','\'CHIRON\'','\'Rod Soto, Joseph Zadeh\'','dl__CHIRON','\'<article class=\"talk\" id=\"CHIRON\">\n<h3 class=\"talkTitle\">CHIRON</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1000-1150 at Table Three<br>\n	Defense</p>\n<h4 class=\"speaker\">Rod Soto</h4>\n<h4 class=\"speaker\">Joseph Zadeh</span></h4>\n<p class=\"abstract\">Home-based open source network analytics and machine learning threat detection<br><br>\n\nCHIRON is a home analytics based on ELK stack combined with Machine\nLearning threat detection framework AKTAION. CHIRON parses and\ndisplays data from P0f, Nmap, and BRO IDS. CHIRON is  designed for\nhome use and will give great visibility to home internet devices\n(IOT, Computers, Cellphones, Tablets, etc). CHIRON is integrated with\nAKTAION which detects exploit delivery ransomware/phishing.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/jzadeh/chiron-elk\">https://github.com/jzadeh/chiron-elk</a></p>\n\n<p class=\"speakerBio\"><strong>Rod Soto</strong><br> Rod Soto. Director of Security Research at JASK.AI\nFounder Pacific Hackers Conference, Co-founder Hack The Valley\n<p class=\"speakerBio\"><strong>Joseph Zadeh</strong><br> Joseph Zadeh. Director of Data science at JASK.AI\nCo-founder Hack the Valley\n</article>\n\'',0,134666),('4_Sunday','11','10:00','11:50','Y','Demolabs','Table 3','\'CHIRON\'','\'Rod Soto, Joseph Zadeh\'','dl__CHIRON','\'\'',0,134667),('3_Saturday','12','12:00','13:50','N','Demolabs','Table 2','\'Cloud Security Suite&mdash;One stop tool for AWS, GCP &amp; Azure Security Audit\'','\'Jayesh Singh Chauhan\'','dl__Cloud Security Suite','\'<article class=\"talk\" id=\"Cloud Security Suite\">\n<h3 class=\"talkTitle\">Cloud Security Suite&mdash;One stop tool for AWS, GCP &amp; Azure Security Audit</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1200-1350 at Table Two<br>\n	Defense, Cloud professionals</p>\n<h4 class=\"speaker\">Jayesh Singh Chauhan</h4>\n<p class=\"abstract\">Nowadays, cloud infrastructure is pretty much the de-facto service used by large/small companies. Most of the organisations have partially or entirely moved to cloud. With more and more companies moving to cloud, the security of cloud becomes a major concern.\nWhile AWS, GCP &amp; Azure provide you protection with traditional security methodologies and have a neat structure for authorisation/configuration, their security is as robust as the person in-charge of creating/assigning these configuration policies. We all know, human error is inevitable and any such human mistake could lead to catastrophic damage to the environment.<br><br>\n\nKnowing this, audit of cloud infrastructure becomes a hectic task! There are a few open source tools which help in cloud auditing but none of them have an exhaustive checklist. Also, collecting, setting up all the tools and looking at different result sets is a painful task. Moreover, while maintaining big infrastructures, system audit of server instances is a major task as well.<br><br>\n\nCS Suite is a one stop tool for auditing the security posture of the AWS/GCP/Azure infrastructures and does OS audits as well. CS Suite leverages current open source tools capabilities and has custom checks added into one tool to rule them all.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/SecurityFTW/cs-suite\">https://github.com/SecurityFTW/cs-suite</a></p>\n\n<p class=\"speakerBio\"><strong>Jayesh Singh Chauhan</strong><br> Jayesh Singh Chauhan is a security professional with 7 years of experience in the security space. In past, he has been part of security teams of PayPal, PwC and currently works as the senior security engineer for Sprinklr. He has authored CS-Suite, OWASP Skanda, RFID_Cloner and CSRF PoC generator and has presented in BlackHat Asia, BlackHat EU, hackmiami, c0c0n, GES and Ground Zero Summit. He is the project leader for OWASP Skanda and leads the NULL Bangalore chapter.\n</article>\n\'',0,134668),('3_Saturday','13','12:00','13:50','Y','Demolabs','Table 2','\'Cloud Security Suite&mdash;One stop tool for AWS, GCP &amp; Azure Security Audit\'','\'Jayesh Singh Chauhan\'','dl__Cloud Security Suite','\'\'',0,134669),('4_Sunday','10','10:00','11:50','N','Demolabs','Table 6','\'Conformer\'','\'Mikhail Burshteyn\'','dl__Conformer','\'<article class=\"talk\" id=\"Conformer\">\n<h3 class=\"talkTitle\">Conformer</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1000-1150 at Table Six<br>\n	Offense, AppSec</p>\n<h4 class=\"speaker\">Mikhail Burshteyn</h4>\n<p class=\"abstract\">Conformer is a penetration testing tool, mostly used for external assessments to perform password based attacks against common webforms. Conformer was created from a need for password guessing against new web forms, without having to do prior burp work each time, and wanting to automate such attacks. Conformer is modular with many different parameters and options that can be customized to make for a powerful attack. Conformer has been used in countless assessments to obtain valid user credentials for accessing the internal environment through VPN, other internal resources or data to further the assessment.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/mikhbur/conformer\">https://github.com/mikhbur/conformer</a></p>\n\n<p class=\"speakerBio\"><strong>Mikhail Burshteyn</strong><br> Mikhail Burshteyn is a security consultant at CDW, performing Penetration Tests. Mikhail currently performs External, Internal, Wireless, and Social Engineering assessments, testing the capabilities for wide range of clients and industries. He is interested in research in various security topics, including Networking, Web Apps, and Active Directory.\n</article>\n\'',0,134670),('4_Sunday','11','10:00','11:50','Y','Demolabs','Table 6','\'Conformer\'','\'Mikhail Burshteyn\'','dl__Conformer','\'\'',0,134671),('4_Sunday','12','12:00','13:50','N','Demolabs','Table 3','\'DejaVU&mdash;An Open Source Deception Framework\'','\'Bhadreshkumar Patel, Harish Ramadoss\'','dl__DejaVU','\'<article class=\"talk\" id=\"DejaVU\">\n<h3 class=\"talkTitle\">DejaVU&mdash;An Open Source Deception Framework</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1200-1350 at Table Three<br>\n	Offense/Defense</p>\n<h4 class=\"speaker\">Bhadreshkumar Patel</h4>\n<h4 class=\"speaker\">Harish Ramadoss</span></h4>\n<p class=\"abstract\">Deception techniques&mdash;if deployed well&mdash;can be very effective for organizations to improve network defense and can be a useful arsenal for blue teams to detect attacks at very early stage of cyber kill chain. But the challenge we have seen is deploying, managing and administering decoys across large networks. Although there are lot of commercial tools in this space, we haven\'t come across open source tools which can achieve this.<br><br>\n\nWith this in mind, we have developed DejaVu which is an open source deception framework which can be used to deploy, configure and administer decoys centrally across the infrastructure. A web-based management console can be used by the defender to deploy multiple interactive decoys (HTTP Servers,SQL,SMB,FTP,SSH,client side–NBNS) strategically across their network on different VLANs. Logging and alerting dashboard displays detailed information about the alerts generated and can be further configured to generate high accuracy alert; and how these alerts should be handled.<br><br>\n\nDecoys can also be placed on the client VLANs to detect client side attacks such as responder/LLMNR attacks using client side decoys. Additionally, common attacks which the adversary uses to compromise such as abusing Tomcat/SQL server for initial foothold can be deployed as decoys, luring the attacker and enabling detection.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/bhdresh/Dejavu\">https://github.com/bhdresh/Dejavu</a></p>\n\n<p class=\"speakerBio\"><strong>Bhadreshkumar Patel</strong><br> Bhadreshkumar Patel is a Reverse Engineer by nature and Security Specialist/Pentester by profession with 10 years of experience in offensive and defensive side of security. Likes to code, break stuff, play with controllers. Got lucky in finding zero days in Facebook, NGFW, wireless routers, HMS etc. Dejavu is Bhadresh\'s first conference submission, but not his first contribution to the security community.\n<p class=\"speakerBio\"><strong>Harish Ramadoss</strong><br> Harish Ramadoss has over seven years of experience in offensive security space focusing on application and infrastructure security assessments. Led large scale penetration testing engagements for various clients across Finance, Government and Defense.\n</article>\n\'',0,134672),('4_Sunday','13','12:00','13:50','Y','Demolabs','Table 3','\'DejaVU&mdash;An Open Source Deception Framework\'','\'Bhadreshkumar Patel, Harish Ramadoss\'','dl__DejaVU','\'\'',0,134673),('3_Saturday','14','14:00','15:50','N','Demolabs','Table 1','\'EAPHammer\'','\'Gabriel Ryan\'','dl__EAPHammer','\'<article class=\"talk\" id=\"EAPHammer\">\n<h3 class=\"talkTitle\">EAPHammer</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1400-1550 at Table One<br>\n	Offensive security professionals, red teamers, penetration testers, researchers.</p>\n<h4 class=\"speaker\">Gabriel Ryan</h4>\n<p class=\"abstract\">EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration. To illustrate how fast this tool is, here\'s an example of how to setup and execute a credential stealing evil twin attack against a WPA2-EAP network in just two commands:<br><br>\n\n # generate certificates<br>\n./eaphammer --cert-wizard<br><br>\n\n# launch attack<br>\n./eaphammer -i wlan0 --channel 4 --auth wpa --essid CorpWifi --creds<br><br>\n\nEAPHammer’s userbase has doubled since its debut in early 2017, and the project has matured substantially to meet this demand. It is now the first rogue AP attack tool to offer out-of-the-box support for attacks against 802.11n/ac. Most of the added complexity associated with these protocols is managed automatically by EAPHammer.<br><br>\n We’ve also added some cool feature like Hashcat support, Karma, and SSID cloaking, as well as an extended UI and config management system for advanced users who require granular control over their rogue access points.<br><br>\n \nTo check out the codebase, head to <a href=\"https://github.com/s0lst1c3/eaphammer\">https://github.com/s0lst1c3/eaphammer</a></p>\n\n<p class=\"speakerBio\"><strong>Gabriel Ryan</strong><br> Gabriel Ryan is a penetration tester and researcher with a passion for wireless and infrastructure testing. He currently serves a co-founder and managing security consultant for Digital Silence, a Denver-based consulting firm that specializes in impact driven testing and red team engagements. Prior to joining Digital Silence, Gabriel worked in penetration tester for security services firm Gotham Digital Science as well as OGSystems, a Virginia-based geospatial intelligence contractor. On the side, he serves as a member of the BSides Las Vegas senior staff, coordinating wireless security for the event. In his spare time, he enjoys writing music and riding motorcycles.\n</article>\n\'',0,134674),('3_Saturday','15','14:00','15:50','Y','Demolabs','Table 1','\'EAPHammer\'','\'Gabriel Ryan\'','dl__EAPHammer','\'\'',0,134675),('4_Sunday','12','12:00','13:50','N','Demolabs','Table 2','\'Expl-iot&mdash;IoT Security Testing and Exploitation framework\'','\'Aseem Jakhar\'','dl__Expl-iot','\'<article class=\"talk\" id=\"Expl-iot\">\n<h3 class=\"talkTitle\">Expl-iot&mdash;IoT Security Testing and Exploitation framework</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1200-1350 at Table Two<br>\n	IoT Testers- Pentesters- IoT developers- Offense- Hardware</p>\n<h4 class=\"speaker\">Aseem Jakhar</h4>\n<p class=\"abstract\">Expl-iot is an open source flexible and extendable framework for IoT Security Testing and exploitation. It will provide the building block for writing exploits and other IoT security assessment test cases with ease. Expliot will support most IoT communication protocols, firmware analysis, hardware interfacing functionality and test cases that can be used from within the framework to quickly map and exploit an IoT product or IoT Infrastructure.It will help the security community in writing quick IoT test cases and exploits. The objectives of the framework are: 1. Easy of use 2. Extendable 3. Support for hardware, radio and IoT protocol analysisWe released Expl-iot ruby version in 2017. Once we started implementing hardware and radio functionality, we realized that ruby does not have much support for hardware and radio analysis which led us to deprecate it and re-write it in python to support more functionality. We are currently working on the python3 version and will release it in a month. The new beta release is envisioned to have support for UART(serial), ZigBee, BLE, MQTT, CoAP (next version will have support for JTAG, I2C and SPI) and few miscellaneous test cases.</p>\n\n<p class=\"abstract\"><a href=\"https://bitbucket.org/aseemjakhar/expliot_framework\">https://bitbucket.org/aseemjakhar/expliot_framework</a></p>\n\n	<p class=\"speakerBio\"><strong>Aseem Jakhar</strong><br> Aseem Jakhar is the Director, research at Payatu Software Labs http://payatu.com a boutique security testing company specializing in IoT, Embedded, cloud, mobile security testing. He is the founder of null-The open security community, registered not-for-profit organization http://null.co.in and also the founder of nullcon security conference http://nullcon.net and hardwear.io security conference. He has worked on various security software including UTM appliances, messaging/security appliances, anti-spam engine, anti-virus software, bayesian engine to name a few. He currently spends his time researching on IoT security and hacking things. He is an active speaker and trainer at security conferences like AusCERT, Black Hat, Brucon, Defcon, Hack.lu, Hack in Paris, Hack In The Box, PHDays and many more. He has authored various open source security software including<ul class=\"square\"><li>ExplIoT<li>IoT Exploitation Framework<li>DIVA Android (Damn Insecure and Vulnerable App)- Jugaad/Indroid<li>Linux Thread injection kit for x86 and ARM<li>Dexfuzzer<li>Dex file format fuzzer</ul>\n</article>\n\'',0,134676),('4_Sunday','13','12:00','13:50','Y','Demolabs','Table 2','\'Expl-iot&mdash;IoT Security Testing and Exploitation framework\'','\'Aseem Jakhar\'','dl__Expl-iot','\'\'',0,134677),('3_Saturday','10','10:00','11:50','N','Demolabs','Table 3','\'firstorder\'','\'Utku Sen, Gozde Sinturk\'','dl__firstorder','\'<article class=\"talk\" id=\"firstorder\">\n<h3 class=\"talkTitle\">firstorder</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1000-1150 at Table Three<br>\n	Offense</p>\n<h4 class=\"speaker\">Utku Sen</h4>\n<h4 class=\"speaker\">Gozde Sinturk</span></h4>\n<p class=\"abstract\">Perimeter defenses are holding an important role in computer security. However, when we check the method of APT groups, a single spear-phishing usually enough to gain a foothold on the network. Therefore, red teams are mostly focused on \"assume breach\" type of scenarios. In these scenarios, testers need to use a post-exploitation framework. Besides that, testers also need to hide the server-agent communication from NIDS (Network Intrusion Detection Systems). firstorder is designed to evade Empire\'s C2-Agent communication from anomaly-based intrusion detection systems. It takes a traffic capture file (pcap) of the network and tries to identify normal traffic profile. According to results, it creates an Empire HTTP listener with appropriate options.</p>\n\n<p class=\"abstract\"><a href=\"\"></a></p>\n\n<p class=\"speakerBio\"><strong>Utku Sen</strong><br> Utku Sen is a security researcher who is mostly focused on following areas: application security, network security, tool development. He presented his tool, Leviathan Framework in Black Hat USA Arsenal and DEF CON Demo Labs in 2017. He also nominated for Pwnie Awards on \"Best Backdoor\" category in 2016.\". He currently works in Tear Security.\n<p class=\"speakerBio\"><strong>Gozde Sinturk</strong><br> Gozde Sinturk is Security Researcher and Python Developer who involved in projects related to machine learning, natural language processing, and big data. She is developing security tools in her current position. She currently works in Tear Security.\n</article>\n\'',0,134678),('3_Saturday','11','10:00','11:50','Y','Demolabs','Table 3','\'firstorder\'','\'Utku Sen, Gozde Sinturk\'','dl__firstorder','\'\'',0,134679),('3_Saturday','12','12:00','13:50','N','Demolabs','Table 3','\'GreyNoise\'','\'Andrew Morris\'','dl__GreyNoise','\'<article class=\"talk\" id=\"GreyNoise\">\n<h3 class=\"talkTitle\">GreyNoise</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1200-1350 at Table Three<br>\n	Defenders, blue teamers, SOC and network analysts</p>\n<h4 class=\"speaker\">Andrew Morris</h4>\n<p class=\"abstract\">GreyNoise is a system that collects all of the background noise of the Internet. Using a large network of geographically and logically dispersed passive collector nodes, GreyNoise collects, labels, and analyzes all of the omnidirectional, indiscriminate Internet-wide scan and attack traffic. GreyNoise data can be used to filter pointless alerts in the SOC, identify compromised devices, pinpoint targeted reconnaissance, track emerging threats, and quantify vulnerability weaponization timelines.</p>\n\n<p class=\"abstract\"><a href=\"https://greynoise.io/\">https://greynoise.io/</a></p>\n\n<p class=\"speakerBio\"><strong>Andrew Morris</strong><br> Andrew Morris is the founder of GreyNoise Intelligence, a DC-based cyber security company, and likely holds the world record for amount of time spent staring at Internet-wide scan traffic. Prior to founding GreyNoise, Andrew worked as a researcher, red team operator, and consultant for several large cyber security firms including Endgame, NCC group, and KCG. Outside of work, Andrew enjoys playing fingerstyle acoustic guitar and tries to figure out what his dreams mean.\n</article>\n\'',0,134680),('3_Saturday','13','12:00','13:50','Y','Demolabs','Table 3','\'GreyNoise\'','\'Andrew Morris\'','dl__GreyNoise','\'\'',0,134681),('4_Sunday','10','10:00','11:50','N','Demolabs','Table 2','\'GyoiThon\'','\'Isao Takaesu, Masuya Masafumi, Toshitsugu Yoneyama,\'','dl__GyoiThon','\'<article class=\"talk\" id=\"GyoiThon\">\n<h3 class=\"talkTitle\">GyoiThon</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1000-1150 at Table Two<br>\n	Offense</p>\n<h4 class=\"speaker\">Isao Takaesu</h4>\n<h4 class=\"speaker\">Masuya Masafumi</span></h4>\n<h4 class=\"speaker\">Toshitsugu Yoneyama,</span></h4>\n\n\n<p class=\"abstract\">GyoiThon is a fully automated penetration testing tool against web server. \nGyoiThon nondestructively identifies the software installed on web server (OS, Middleware, Framework, CMS, etc...) using multiple methods such as machine learning, Google Hacking, pattern matching. After that, GyoiThon executes valid exploits for the identified software. Finally, GyoiThon generates report of scan results. GyoiThon executes the above processing fully automatically.<br><br>\n\nGyoiThon consists of three engines:\n\n<ul class=\"square\">\n<li><strong>Software analysis engine:</strong><br>\nIt identifies software based on HTTP response obtained by normal access to web server using Machine Learning base and signature base. In addition, it uses Google Hacking.\n\n<li><strong>Vulnerability determination engine:</strong><br>\nIt collects vulnerability information corresponding to identified software by the software analysis engine. And, it executes an exploit corresponding to the vulnerability of the software and checks whether the software is affected by the vulnerability.\n\n<li><strong>Report generation engine:</strong><br>\nIt generates a report that summarizes the risks of vulnerabilities and the countermeasure.\n</ul>\n\n<p>Traditional penetration testing tools are very inefficient because they execute all signatures. On the other hand, GyoiThon is very efficient because it executes only valid exploits for the identified software. As a result, the user\'s burden will be greatly reduce, and GyoiThon will greatly contribute to the security improvement of many web servers.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/gyoisamurai/GyoiThon\">https://github.com/gyoisamurai/GyoiThon</a></p>\n\n<p class=\"speakerBio\"><strong>Isao Takaesu</strong><br> Isao Takaesu is working in Mitsui Bussan Secure Directions, Inc. as security engineer and researcher. In the past, he found out numerous vulnerabilities in server of client and he proposed countermeasures to client. He thinks that there\'s more and want to efficiently find out vulnerabilities. Therefore, He\'s focusing on artificial intelligence technology and developing fully automated penetration testing tool using machine learning. \n<p class=\"speakerBio\"><strong>Masuya Masafumi</strong><br> Masafumi Masuya is a security engineer on the Mitsui Bussan Secure Directions, Inc. He loves network security assessment, so he found many vulnerabilities in various servers of enterprises. He is always thinking about a method to efficiently perform network security assessment, even while sleeping. He especially loves cURL and Japanese word \'Gyoi\'. \"Gyoi\" means that there is nothing you cannot do!\n<p class=\"speakerBio\"><strong>Toshitsugu Yoneyama</strong><br> Toshitsugu Yoneyama is a Security Researcher and Manager on the Mitsui Bussan Secure Directions, Inc. He has reported several vulnerabilities in Juniper, Nessus, Amazon, Apache and various routers. He participated alone in Hack2win which is a hacking competition in CodeBlue 2017, and he pwned several devices by remote attack and get the 3rd prize.\n</article>\n\'',0,134682),('4_Sunday','11','10:00','11:50','Y','Demolabs','Table 2','\'GyoiThon\'','\'Isao Takaesu, Masuya Masafumi, Toshitsugu Yoneyama,\'','dl__GyoiThon','\'\'',0,134683),('3_Saturday','10','10:00','11:50','N','Demolabs','Table 6','\'Halcyon IDE\'','\'Sanoop Thomas\'','dl__Halcyon','\'<article class=\"talk\" id=\"Halcyon\">\n<h3 class=\"talkTitle\">Halcyon IDE</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1000-1150 at Table Six<br>\n	Offense, Defense, AppSec, Network Security, Nmap Scanners &amp; Developers</p>\n<h4 class=\"speaker\">Sanoop Thomas</h4>\n<p class=\"abstract\">Halcyon IDE lets you quickly and easily develop Nmap scripts for performing advanced scans on applications and infrastructures with a wide range capabilities from recon to exploitation. It is the first IDE released exclusively for Nmap script development. Halcyon IDE is free and open source project (always will be) released under MIT license to provide an easier development interface for rapidly growing information security community around the world. The project was initially started as an evening free time \"coffee shop\" project and has taken a serious step for its developer/contributors to spend dedicated time for its improvements very actively. More information and source code: https://halcyon-ide.org</p>\n\n<p class=\"abstract\"><a href=\"https://halcyon-ide.org\">https://halcyon-ide.org</a></p>\n\n<p class=\"speakerBio\"><strong>Sanoop Thomas</strong><br> Sanoop Thomas (@s4n7h0) is a seasoned security professional with diverse background in consulting, teaching, research and product-based industries with a passion to solve complex security problems. Today, Sanoop works as information security specialist focusing on application security and secure coding. His field of interest includes reverse engineering, malware analysis, application security and automating security pentest/analysis methodologies. He is moderating null open community chapter in Singapore and organised over 60 events &amp; workshops to spread security awareness across country. Sanoop is also the author of Halcyon IDE (https://halcyon-ide.org) an IDE that is focused to develop Nmap scripts. He has spoken at security conferences like Nullcon, OWASP India, HITBGSEC, Rootcon, and Blackhat Arsenal.\n</article>\n\'',0,134684),('3_Saturday','11','10:00','11:50','Y','Demolabs','Table 6','\'Halcyon IDE\'','\'Sanoop Thomas\'','dl__Halcyon','\'\'',0,134685),('3_Saturday','14','14:00','15:50','N','Demolabs','Table 4','\'HealthyPi&mdash;Connected Health\'','\'Ashwin K Whitchurch\'','dl__HealthyPi','\'<article class=\"talk\" id=\"HealthyPi\">\n<h3 class=\"talkTitle\">HealthyPi&mdash;Connected Health</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1400-1550 at Table Four<br>\n	Hardware and biohacking</p>\n<h4 class=\"speaker\">Ashwin K Whitchurch</h4>\n<p class=\"abstract\">We (at ProtoCentral) developed the HealthyPi HAT for the Raspberry Pi as a way of opening up the healthcare and open source medical to anyone. The HealthyPi is made of the same \"medical-grade\" components found in regular vital sign monitors, for a fraction of the cost of such system. This is our way of democratizing medical hardware to develop new areas of research.<br><br>\n\nOur objective when we began developing the HealthyPi was to make a simple vital sign monitoring system which is simple, affordable, open-source (important !) and accessible. HealthyPI is completely open-source and is our way of \"hacking\" patient monitoring systems by getting data that you need, in the way that you need and extending on that without getting involved in sticky proprietary NDAs and such.<br><br>\n\n*Demo will allow people to come, check out and play with (and possibly hack) the HealthyPi device while getting their vital signs monitored.*</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/Protocentral/protocentral-healthypi-v3\">https://github.com/Protocentral/protocentral-healthypi-v3</a></p>\n\n<p class=\"speakerBio\"><strong>Ashwin K Whitchurch</strong><br> Ashwin K Whitchurch is the CEO of ProtoCentral (Circuitects Electronics Solutions Pvt Ltd) based out of Bangalore in India. The company makes, sells and supprts open source hardware products, most of them for healthcare and medical applications. Ashwin has published research papers, book chapters and reviews in well-known international journals and conferences. ProtoCentral (and Ashwin) has been present in many hardware gatherings including Maker Faire ( New York &amp; Rome), Hackaday Superconference, OSHWA Summit and has given talks on his projects with open source hardware.\n</article>\n\'',0,134686),('3_Saturday','15','14:00','15:50','Y','Demolabs','Table 4','\'HealthyPi&mdash;Connected Health\'','\'Ashwin K Whitchurch\'','dl__HealthyPi','\'\'',0,134687),('3_Saturday','16','16:00','17:50','N','Demolabs','Table 3','\'Honeycomb&mdash;An extensible honeypot framework\'','\'Omer Cohen, Imri Goldberg\'','dl__Honeycomb','\'<article class=\"talk\" id=\"Honeycomb\">\n<h3 class=\"talkTitle\">Honeycomb&mdash;An extensible honeypot framework</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1600-1750 at Table Three<br>\n	Incident Responders, Security Researchers, Developers</p>\n<h4 class=\"speaker\">Omer Cohen</h4>\n<h4 class=\"speaker\">Imri Goldberg</span></h4>\n<p class=\"abstract\">We present Honeycomb&mdash;A repository of honeypot services and integrations for the information security community.\nOur vision: Honeycomb will be the pip or apt-get for honeypots.<br><br>\n\nWhile working hard to create various honeypots for several high profile vulnerabilities, we realized we were repeating some of the underlying work that’s involved in creating a honeypot&mdash;a useful honeypot is easy to deploy, configure and collects reports. We have these capabilities in Cymmetria’s commercial deception product but we wanted to open source this functionality to the community so everyone could benefit from it.<br><br>\n\nEventually came the idea for honeycomb&mdash;an extensible platform for writing honeypots which comes with a repository of useful honeypots which makes it super easy to create new honeypots. Honeycomb and the honeypot repository together form a powerful tool for security professionals looking to gain threat intelligence on the latest threats.<br><br>\n\nWe are currently in the process of finalizing the release of the project and working on releasing additional plugins. Join us to learn how to utilize existing honeycomb capabilities as well as writing honeypot services and integrations on your own!</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/Cymmetria/honeycomb\">https://github.com/Cymmetria/honeycomb</a></p>\n\n<p class=\"speakerBio\"><strong>Omer Cohen</strong><br> As an experienced Incident Response investigator and team leader, Omer has a wealth of knowledge and experience in the areas of cyber security, security research, software development and system administration, as well as network architecture and design. Omer has delivered and implemented numerous projects involving cutting edge technologies for multiple security related applications in addition to providing accurate and appropriate information security consulting and incident response services to Fortune 500 companies and other leading organization. Omer currently manages Customer Success in EMEA and APAC at Demisto, the leading Security Orchestration, Automation and Response (SOAR) solution provider.\n<p class=\"speakerBio\"><strong>Imri Goldberg</strong><br> An experienced technical entrepreneur, Imri has significant experience in development, architecture and security. Before joining Cymmetria as VP R&D, Imri was the founder &amp; CTO of Desti, a travel startup that was acquired by Nokia-HERE in 2014. Today Imri serves as the CTO of Cymmetria, heading innovation and research and working on product and architecture. Cymmetria is the leading Cyber Deception vendor with its main product  MazeRunner® used by Fortune 500 companies in multiple verticals including finance, insurance, health, government, retail, etc.\n</article>\n\'',0,134688),('3_Saturday','17','16:00','17:50','Y','Demolabs','Table 3','\'Honeycomb&mdash;An extensible honeypot framework\'','\'Omer Cohen, Imri Goldberg\'','dl__Honeycomb','\'\'',0,134689),('3_Saturday','14','14:00','15:50','N','Demolabs','Table 3','\'ioc2rpz\'','\'Vadim Pavlov\'','dl__ioc2rpz','\'<article class=\"talk\" id=\"ioc2rpz\">\n<h3 class=\"talkTitle\">ioc2rpz</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1400-1550 at Table Three<br>\n	Defence/Network security</p>\n<h4 class=\"speaker\">Vadim Pavlov</h4>\n<p class=\"abstract\">DNS is the control plane of the Internet. Usually DNS is used for good but:\n <ul class=\"square\">\n<li>It can be used to track users locations and their behaviour;<br>\n<li>Malware uses DNS to command and control, exfiltrate data or redirect traffic;<br>\n<li>According with 2016 Cisco annual security report, 91.3% of malware use DNS;<br>\n<li>Advertisements companies usually use separate and obscure domains to show ads;<br>\n<li>Free DNS services (e.g. 1.1.1.1, 8.8.8.8, 9.9.9.9 etc) can help you to address some concerns but you can not define your own protection settings or ad filters.</ul>\n\n<p>ioc2rpz is a custom DNS server which automatically converts indicators (e.g. malicious FQDNs, IPs) from various sources into RPZ feeds and automatically maintains/updates them. The feeds can be distributed to any open source and/or commercial DNS servers which support RPZ, e.g. ISC Bind, PowerDNS. \nYou can run your own DNS server with RPZ filtering on a router, desktop, server and even Arduino. System memory is the only limitation.<br><br>\n\nWith ioc2rpz you can define your own feeds, actions and prevent undesired communications.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/Homas/ioc2rpz\">https://github.com/Homas/ioc2rpz</a></p>\n\n<p class=\"speakerBio\"><strong>Vadim Pavlov</strong><br> Vadim Pavlov is passionate about traveling, learning foreign and programming languages, writing scripts/software, integrating solutions, interacting with colleagues and customers to solve complex problems. As a truly lazy person Vadim wants to automate all routine.<br><br>\nVadim has 15+ years of IT experience and last 5 years Vadim spent at Infoblox and became an expert in DNS and DNS Security: did researches, wrote articles, created custom DNS servers, Infoblox\'s DNS Data Exfiltration(Infiltration) Demo and Security Assessments portals, created integrations with security solutions.\nHe achieved a masters degree with honors in Computer Science (Software Development) from Russia.\n</article>\n\'',0,134690),('3_Saturday','15','14:00','15:50','Y','Demolabs','Table 3','\'ioc2rpz\'','\'Vadim Pavlov\'','dl__ioc2rpz','\'\'',0,134691),('3_Saturday','14','14:00','15:50','N','Demolabs','Table 6','\'LHT (Lossy Hash Table)\'','\'Steve Thomas\'','dl__LHT','\'<article class=\"talk\" id=\"LHT\">\n<h3 class=\"talkTitle\">LHT (Lossy Hash Table)</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1400-1550 at Table Six<br>\n	Offense</p>\n<h4 class=\"speaker\">Steve Thomas</h4>\n<p class=\"abstract\">Cracks passwords or keys from a small key space near instantly. A small key space being a few trillion (40+ bits). It costs about 3 bytes/key and usually &lt;100ms. The largest known deployment (made by a different less efficient program) is 160 TB. It is assumed that people are running similar ones to attack brain wallets.</p>\n\n<p class=\"abstract\"><a href=\"https://tobtu.com/lhtcalc.php\">https://tobtu.com/lhtcalc.php</a></p>\n\n<p class=\"speakerBio\"><strong>Steve Thomas</strong><br> Steve specializes in crypto and password research. Steve was one of the panelists for the Password Hash Completion. \"I do stuff... sometimes.\" Like PAKE to HSM or finding bugs in Signal Protocol, CryptoCat, Adobe ColdFusion 9\'s password encryption key generator, and password hashing functions (MySQL323 meet in the middle attack, XSHA1 [Blizzard\'s old hash function], etc).\n</article>\n\'',0,134692),('3_Saturday','15','14:00','15:50','Y','Demolabs','Table 6','\'LHT (Lossy Hash Table)\'','\'Steve Thomas\'','dl__LHT','\'\'',0,134693),('3_Saturday','10','10:00','11:50','N','Demolabs','Table 5','\'Local Sheriff\'','\'Konark Modi\'','dl__Local Sheriff','\'<article class=\"talk\" id=\"Local Sheriff\">\n<h3 class=\"talkTitle\">Local Sheriff</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1000-1150 at Table Five<br>\n	Target audience would be AppSec, Code Assesments, and privacy researchers.</p>\n<h4 class=\"speaker\">Konark Modi</h4>\n<p class=\"abstract\">Think of Local sheriff as a reconnaissance tool in your browser for gathering information about what companies know about you.\nWhile you as a user normally browse the internet it works in the background and helps you identify what sensitive information(PII&mdash;Name, Date Of Birth, Email, Passwords, Passport number, Auth tokens.) are being shared/leaked to which all third-parties and by which all websites.<br><br>\n\nThe issues that Local Sheriff helps identify:\n	<ul class=\"square\">\n    <li>What sensitive information with is being shared this which parties?\n    <li>What companies are behind these third parties?\n    <li>What can they doing with this information? EG: de-anonymize users on the internet, create shadow profiles.\n	</ul>\n<p class=\"abstract\">Local Sheriff can also be used by organizations to audit:</p>\n	<ul class=\"square\">\n    <li>Which all the third-parties that are being used on their websites.\n    <li>The third-parties on the websites are implemented in a way that respect user’s privacy and sensitive data is not being leaked to them.\n	</ul>\n<p class=\"abstract\">Local Sheriff is a web-extension that can used with Chrome, Opera, Firefox.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/cliqz-oss/local-sheriff\">https://github.com/cliqz-oss/local-sheriff</a></p>\n\n<p class=\"speakerBio\"><strong>Konark Modi</strong><br> Konark works as a Tech lead with Cliqz GmbH developing privacy-focused search engine and browser. He works on projects ranging across Privacy by design, Anonymous Data collection like Human Web, Anti-Tracking etc.<br><br>\n\nPrior to Cliqz, Konark was working with one of the largest e-commerce website in India(Makemytrip.com) in data platform and security team, solving interesting challenges related to DWH, BI and data security.<br><br>\n\nHis recent personal projects, in an endeavor to help organizations fix vulnerabilities have spanned across browsers, health trackers, Government services, travel mobile apps etc.<br><br>\n\nKonark has been a speaker and presenter at numerous international conferences.<br><br>\n\n	Blog: https://medium.com/@konarkmodi</p>\n</article>\n\'',0,134694),('3_Saturday','11','10:00','11:50','Y','Demolabs','Table 5','\'Local Sheriff\'','\'Konark Modi\'','dl__Local Sheriff','\'\'',0,134695),('4_Sunday','10','10:00','11:50','N','Demolabs','Table 1','\'nzyme\'','\'Lennart Koopmann\'','dl__nzyme','\'<article class=\"talk\" id=\"nzyme\">\n<h3 class=\"talkTitle\">nzyme</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1000-1150 at Table One<br>\n	Defense, RF, WiFi/802.11</p>\n<h4 class=\"speaker\">Lennart Koopmann</h4>\n<p class=\"abstract\">Detecting attackers who use WiFi as a vector is hard because of\nsecurity issues inherent in the 802.11 protocol, as well as\ncommoditized ways of near-perfect spoofing of WiFi enabled devices.<br><br>\n\nSecurity professionals work around this by treating WiFi traffic as\ninsecure and encrypting data on higher layers of the protocol stack.\nSophisticated attackers do not limit their efforts to jamming or\ntapping of wireless communication, but try to use deception techniques\nto trick human operators of WiFi devices into revealing secrets. The\nlist of attacks that are possible after a user has been convinced to\nconnect to a rogue access point that is under the attacker\'s control\nranges from DNS spoofing to crafted captive portals that can be used\nfor classic phishing attempts.<br><br>\n\nThis is why the new nzyme release introduces its own set of WiFi\ndeception techniques. It is turning the tables and attempts to trick\nattackers into attacking our own simulated, wireless infrastructure\nthat resembles realistic clients and access points. Together with the\ngeneral collection of all 802.11 management frames already offered in\nthe existing release, nzyme now replays all relevant communication to\nand from our decoy transceivers to a log management system like\nGraylog for analysis and alerting. This combination allows tricking\nattackers into revealing themselves by leaving easy to identify traces\nduring all exploitation phases.<br><br>\n\nApplying WiFi deception to defensive perimeters gives the blue team a\nchance to reveal, delay, and condition attackers.</p>\n\n<p class=\"abstract\"><a href=\"https://wtf.horse/2017/10/02/introducing-nzyme-wifi-802-11-frame-recording-and-forensics/\">https://wtf.horse/2017/10/02/introducing-nzyme-wifi-802-11-frame-recording-and-forensics/</a></p>\n\n<p class=\"speakerBio\"><strong>Lennart Koopmann</strong><br> Born and raised in Germany, Lennart founded the Open Source log\nmanagement project Graylog in 2009 and has since then worked with many\norganizations on log management and security-related projects. He has\nan extensive background in software development and architecture.\nThere is a high chance that you will meet Lennart at a LobbyCon\nsomewhere in the country. Once he ran a marathon but was not very\nFast.\n</article>\n\'',0,134696),('4_Sunday','11','10:00','11:50','Y','Demolabs','Table 1','\'nzyme\'','\'Lennart Koopmann\'','dl__nzyme','\'\'',0,134697),('4_Sunday','12','12:00','13:50','N','Demolabs','Table 6','\'GUI Tool for OpenC2 Command Generation\'','\'Efrain Ortiz\'','dl__OpenC2','\'<article class=\"talk\" id=\"OpenC2\">\n<h3 class=\"talkTitle\">GUI Tool for OpenC2 Command Generation</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1200-1350 at Table Six<br>\n	Defense</p>\n<h4 class=\"speaker\">Efrain Ortiz</h4>\n<p class=\"abstract\">The tool is a stand alone web self service application that graphically represents all the evolving OpenC2 commands to allow OpenC2 application developers to click and generate OpenC2 commands. The tool makes it extremely easy for even beginners to work on the creation of OpenC2 commands. The tool provides the OpenC2 command output in JSON and in curl, nodejs and python code to be easily integrate into Incident Response or Orchestration platforms.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/netcoredor/openc2-cmdgen\">https://github.com/netcoredor/openc2-cmdgen</a></p>\n\n<p class=\"speakerBio\"><strong>Efrain Ortiz</strong><br> Efrain is a Director in the Office of the CTO at Symantec Corporation. \nPrior to his Director role, he worked 15 years as a field pre-sales systems engineer. \nEfrain started his digital life on a TRS-80 Color Computer II in the 1980s. Previous to his 15 years at Symantec, he worked in various roles, from pen testing to network and systems administration. His current favorite project is working on the OpenC2 language specification.\n</article>\n\'',0,134698),('4_Sunday','13','12:00','13:50','Y','Demolabs','Table 6','\'GUI Tool for OpenC2 Command Generation\'','\'Efrain Ortiz\'','dl__OpenC2','\'\'',0,134699),('3_Saturday','10','10:00','11:50','N','Demolabs','Table 4','\'Orthrus\'','\'Nick Sayer\'','dl__Orthrus','\'<article class=\"talk\" id=\"Orthrus\">\n<h3 class=\"talkTitle\">Orthrus</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1000-1150 at Table Four<br>\n	InfoSec</p>\n<h4 class=\"speaker\">Nick Sayer</h4>\n<p class=\"abstract\">Orthrus is a small appliance that allows the user to create a cryptographically secured USB volume from two microSD cards. The data on the two cards is encrypted with AES-256 XEX mode, and all of the key material used to derive the volume key is spread between the two cards. There are no passwords to manage. If you have both cards, you have everything. If you have only one, you have half the data encrypted with a key you cannot reconstruct. This allows for “two-man control” over a dataset. Orthrus itself has no keys of its own and a volume created or written with one Orthrus can be used with any other (or on any other thing that implements the Orthrus open specification). Orthrus is open source hardware and firmware.</p>\n\n<p class=\"abstract\"><a href=\"https://hackaday.io/project/20772-orthrus\">https://hackaday.io/project/20772-orthrus</a></p>\n\n<p class=\"speakerBio\"><strong>Nick Sayer</strong><br> Nick Sayer has been a software developer for most of his life and has spent the last ten years specializing in his day job on security and cryptography. He recently rediscovered the hardware hobby he abandoned in his teens and has a store on Tindie full of his creations, all of which are open.\n</article>\n\'',0,134700),('3_Saturday','11','10:00','11:50','Y','Demolabs','Table 4','\'Orthrus\'','\'Nick Sayer\'','dl__Orthrus','\'\'',0,134701),('3_Saturday','16','16:00','17:50','N','Demolabs','Table 6','\'PA Toolkit&mdash;Wireshark plugins for Pentesters\'','\'Nishant Sharma, Jeswin Mathai\'','dl__PA Toolkit','\'<article class=\"talk\" id=\"PA Toolkit\">\n<h3 class=\"talkTitle\">PA Toolkit&mdash;Wireshark plugins for Pentesters</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1600-1750 at Table Six<br>\n	Defence</p>\n<h4 class=\"speaker\">Nishant Sharma</h4>\n<h4 class=\"speaker\">Jeswin Mathai</span></h4>\n<p class=\"abstract\">PA Toolkit is a collection of traffic analysis plugins to extend the functionality of Wireshark from a micro-analysis tool and protocol dissector to the macro analyzer and threat hunter. PA Toolkit contains plugins (both dissectors and taps) covering various scenarios for multiple protocols, including:<br><br>\n\n\n<ul class=\"square\">\n<li>WiFi   (WiFi network summary, Detecting beacon, deauth floods, Evil twin etc.)<br>\n\n<li>VoIP ( Overview of extensions, servers, Detecting invite flood, message flood, SIP auth bruteforcing, Decrypting encrypted VoIP conversation)<br>\n\n<li>HTTP (Listing all visited websites, downloaded files, streaming files, Detecting HTTP Tunnels)<br>\n\n<li>HTTPS (Listing all websites opened on HTTPS, Detecting self-signed certificates)<br>\n\n<li>ARP (MAC-IP table, Detect MAC spoofing and ARP poisoning)<br>\n\n<li>DNS (Listing DNS servers used and DNS resolution, Detecting DNS Tunnels)<br><br>\n\n</ul>\n\nThe key advantage of using PA toolkit is that any user can check security related summary and detect common attacks just by running Wireshark. And, he can do this on the platform of his choice. Also, as the project is open source and written in newbie-friendly Lua language, one can easily extend existing plugins or reuse the code to write plugins of his own.</p>\n\n<p class=\"abstract\"><a href=\"\"></a></p>\n\n<p class=\"speakerBio\"><strong>Nishant Sharma</strong><br> Nishant Sharma is a Technical Manager at Pentester Academy and Hacker Arsenal where he leads the development of multiple gadgets for WiFi pentesting such as WiMonitor, WiNX, WiMini and course/training content. He has presented/published his work at Blackhat Arsenal, Wireless Village, IoT village and Demo labs (DEFCON). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the WIPS solution. He has a Master degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, AD security, forensics and cryptography.\n<p class=\"speakerBio\"><strong>Jeswin Mathai</strong><br> Jeswin Mathai is a Researcher at Pentester Academy. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals and conducted awareness workshops for government institutions. He was also the part of team Pied Piper who won Smart India Hackathon 2017, a national level competition organized by GoI. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security and Web Application Security.\n</article>\n\'',0,134702),('3_Saturday','17','16:00','17:50','Y','Demolabs','Table 6','\'PA Toolkit&mdash;Wireshark plugins for Pentesters\'','\'Nishant Sharma, Jeswin Mathai\'','dl__PA Toolkit','\'\'',0,134703),('4_Sunday','10','10:00','11:50','N','Demolabs','Table 5','\'Passionfruit\'','\'Zhi Zhou, Yifeng Zhang\'','dl__Passionfruit','\'<article class=\"talk\" id=\"Passionfruit\">\n<h3 class=\"talkTitle\">Passionfruit</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1000-1150 at Table Five<br>\n	iOS reverse engineer, Mobile security research</p>\n<h4 class=\"speaker\">Zhi Zhou</h4>\n<h4 class=\"speaker\">Yifeng Zhang</span></h4>\n<p class=\"abstract\">Passionfruit is a cross-platform app analyze tool for iOS. It aims to provide a powerful and user friendly gui for app pentesting and reverse engineering. In this demo we’ll cover the most common tasks in iOS RE, like dumping decrypted apps from AppStore, exploring filesystem and other runtime introspections.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/chaitin/passionfruit\">https://github.com/chaitin/passionfruit</a></p>\n\n<p class=\"speakerBio\"><strong>Zhi Zhou</strong><br> AntFinancial\nZhi Zhou is a security engineer at AntFinancial LightYear Lab, who mainly focus on applied software security, including both mobile and desktop platforms. He’s been working on blackbox assessment, vulnerability exploit and new attack surface discovery. He was a speaker at BlackHat USA 2017.\n<p class=\"speakerBio\"><strong>Yifeng Zhang</strong><br> Chaitin Tech\nYifeng Zhang is a penetration tester at Chaitin Tech, working in mobile security and financial malware. He has been dedicated to developing security tools to make pen-testing more efficient and effective.\n</article>\n\'',0,134704),('4_Sunday','11','10:00','11:50','Y','Demolabs','Table 5','\'Passionfruit\'','\'Zhi Zhou, Yifeng Zhang\'','dl__Passionfruit','\'\'',0,134705),('4_Sunday','10','10:00','11:50','N','Demolabs','Table 4','\'PCILeech\'','\'Ulf Frisk, Ian Vitek\'','dl__PCILeech','\'<article class=\"talk\" id=\"PCILeech\">\n<h3 class=\"talkTitle\">PCILeech</h3>\n	<p class=\"details\">Sunday 08/12/18 from 1000-1150 at Table Four<br>\n	Offense, Hardware, DFIR</p>\n<h4 class=\"speaker\">Ulf Frisk</h4>\n<h4 class=\"speaker\">Ian Vitek</span></h4>\n<p class=\"abstract\">The PCILeech direct memory access attack toolkit was presented at DEF CON 24 and quickly became popular amongst red teamers and governments alike. Hardware sold out, FPGA support was introduced and devices are once again available! We will demonstrate how to take total control of still vulnerable systems via PCIe DMA code injection. Kernels will be subverted, full disk encryption defeated and shells spawned! Processes will be enumerated and their virtual memory abused&mdash;all by using affordable hardware and the open source PCILeech toolkit.</p>\n\n<p class=\"abstract\"><a href=\"http://github.com/ufrisk/pcileech\">http://github.com/ufrisk/pcileech</a></p>\n\n<p class=\"speakerBio\"><strong>Ulf Frisk</strong><br> Ulf Frisk is a hacker/penetration tester working in the Swedish financial sector. Ulf focuses on penetration testing and it-security audits during daytime and low-level security research during nighttime. Ulf takes a special interest in DMA&mdash;direct memory access, and has a dark past as a developer.\n<p class=\"speakerBio\"><strong>Ian Vitek</strong><br> Ian Vitek has a background as a pentester but now works with information security in the Swedish financial sector. Ian has held presentations at Defcon 8, 10, 12, BSidesLV and over the last years attended as a Defcon DJ (VJ Q.Alba). Interested in web, layer 2, DMA and pin bypass attacks.\n</article>\n\'',0,134706),('4_Sunday','11','10:00','11:50','Y','Demolabs','Table 4','\'PCILeech\'','\'Ulf Frisk, Ian Vitek\'','dl__PCILeech','\'\'',0,134707),('3_Saturday','14','14:00','15:50','N','Demolabs','Table 2','\'Sh00t&mdash;An open platform for manual security testers &amp; bug hunters\'','\'Pavan Mohan\'','dl__Sh00t','\'<article class=\"talk\" id=\"Sh00t\">\n<h3 class=\"talkTitle\">Sh00t&mdash;An open platform for manual security testers &amp; bug hunters</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1400-1550 at Table Two<br>\n	AppSec, Mobile and Offensive security</p>\n<h4 class=\"speaker\">Pavan Mohan</h4>\n<p class=\"abstract\">An open platform for bug hunters emphasizing on manual security testing.<br><br>\n\nSh00t is a dynamic task manager to replace simple text editors or task management tools that are NOT meant for security testing\nprovides checklists for security testing\nhelps in reporting with custom bug templates<br><br>\n\nSh00t benefits best for pen testers, bug bounty hunters, security researchers and anybody who love bugs!<br><br>\n\nWritten in Python and powered by Django web framework.</p>\n\n<p class=\"abstract\"><a href=\"\"></a></p>\n\n<p class=\"speakerBio\"><strong>Pavan Mohan</strong><br> Pavan aka pavanw3b is a Senior Security Engineer at ServiceNow. He is one of the core members of Null security community&mdash;Hyderabad chapter. He participates in bug bounty programs in his free time and made it to hall of fames of some companies.\n</article>\n\'',0,134708),('3_Saturday','15','14:00','15:50','Y','Demolabs','Table 2','\'Sh00t&mdash;An open platform for manual security testers &amp; bug hunters\'','\'Pavan Mohan\'','dl__Sh00t','\'\'',0,134709),('3_Saturday','16','16:00','17:50','N','Demolabs','Table 4','\'Swissduino&mdash;Stealthy USB HID Networking &amp; Attack\'','\'Mike Westmacott\'','dl__Swissduino','\'<article class=\"talk\" id=\"Swissduino\">\n<h3 class=\"talkTitle\">Swissduino&mdash;Stealthy USB HID Networking &amp; Attack</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1600-1750 at Table Four<br>\n	Offense</p>\n<h4 class=\"speaker\">Mike Westmacott</h4>\n<p class=\"abstract\">The Swissduino is a set of tools on an Arduino Yun that allow for the upload of binaries to target systems remotely via USB HID Keyboard, and then provide TCP connectivity between the remote attacker system and the target purely through USB HID. The demonstration shows a Metasploit Meterpreter stub being uploaded, and then actively used without triggering anti-virus (Win 7 host…). New for 2018: (In development) Expanded toolset that allows for password extraction from login and automated installation of toolkit in Windows 10 with anti-malware/local firewall, also targeting of Linux.</p>\n\n<p class=\"abstract\">Github:<a href=\"https://github.com/drwesty/swissduino\"> https://github.com/drwesty/swissduino</a></p>\n\n<p class=\"speakerBio\"><strong>Mike Westmacott</strong><br> Mike works for Thales Cyber & Consulting at the technical end of the cyber security practice and operates broadly on the same basis as an attacker. He has conducted over one hundred penetration tests and audits against a wide variety of systems and targets, combined with activities such as secure code review, reverse engineering and wireless assessment. Mike has worked as a CREST Certified Network Intrusion Analyst and has performed breach assessments in a number of different industry sectors including finance, engineering and government. He has managed and delivered a CVI (Cyber Vulnerability Investigation) for the UK MOD in the first of a series of industry-delivered assessments.<br><br>\n\nHe has provided incident response training at board level in the form of desktop scenarios with red and blue teams engaged in a fictitious cyber-attack. This has proven to be an excellent tool for extracting tactics, forming future strategies, and educating participants.<br><br>\n\nMike founded a volunteer group in BCS (The Chartered Institute for IT) to introduce IT practitioners to the information security industry and has presented at a government select committee and taken part in numerous senior panels at industry and government events. He has also written articles for well-known industry publications included ITnow, Computer Weekly, InfoSecurity Magazine.<br><br>\n\n	Prior to working in information security Mike worked as an application support analyst on a financial trading platform and later an enterprise succession planning system. Before this Mike gained his PhD in Computer Vision at the University of Southampton.</p>\n</article>\n\'',0,134710),('3_Saturday','17','16:00','17:50','Y','Demolabs','Table 4','\'Swissduino&mdash;Stealthy USB HID Networking &amp; Attack\'','\'Mike Westmacott\'','dl__Swissduino','\'\'',0,134711),('3_Saturday','12','12:00','13:50','N','Demolabs','Table 1','\'trackerjacker\'','\'Caleb Madrigal\'','dl__trackerjacker','\'<article class=\"talk\" id=\"trackerjacker\">\n<h3 class=\"talkTitle\">trackerjacker</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1200-1350 at Table One<br>\n	Offensive and Defensive Wireless Hackers</p>\n<h4 class=\"speaker\">Caleb Madrigal</h4>\n<p class=\"abstract\">trackerjacker is a new wifi tool that allows you to (a) see all wifi devices and which wifi networks they\'re connected to, along with how much data they\'ve sent, how close by they are, etc, and (b) look for interesting traffic patterns and trigger arbitrary actions based on those patterns. The \"mapping\" functionality is sort of like nmap for wifi&mdash;it lists all wifi networks nearby, and under each network it lists all the clients connected to that network. The \"trigger\" functionality allows users to do things like \"if this device sends more than 10000 bytes in 30 seconds, do something\". It also includes a powerful Python plugin system that makes it simple to write plugins to do things like \"if I see an Apple device with a power level greater than -40dBm, deauth it\". If you want to do any sort of wifi recon/monitoring/hacking, trackerjacker will almost certainly make the job easier!</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/calebmadrigal/trackerjacker\">https://github.com/calebmadrigal/trackerjacker</a></p>\n\n<p class=\"speakerBio\"><strong>Caleb Madrigal</strong><br> Caleb is a programmer who enjoys hacking and mathing. He is a member of the Mandiant/FireEye applied research team, where he researches and builds sweet incident response software. Recently, he\'s mostly been hacking with Python, Jupyter, C, and Machine Learning. Though only recently getting into the security space professionally, Caleb has been into security for a while&mdash;in high school, he wrote his own (bad) cryptography and steganography software. In college, he did a good bit of \"informal pen testing\". These days, he has fun doing a lot of Radio/Wireless hacking, and using Machine Learning/Math to do cool security-related things.\n</article>\n\'',0,134712),('3_Saturday','13','12:00','13:50','Y','Demolabs','Table 1','\'trackerjacker\'','\'Caleb Madrigal\'','dl__trackerjacker','\'\'',0,134713),('3_Saturday','14','14:00','15:50','N','Demolabs','Table 5','\'Walrus\'','\'Daniel Underhay, Matthew Daley\'','dl__Walrus','\'<article class=\"talk\" id=\"Walrus\">\n<h3 class=\"talkTitle\">Walrus</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1400-1550 at Table Five<br>\n	Offense (physical security assessors), Defense (contactless access control system users)</p>\n<h4 class=\"speaker\">Daniel Underhay</h4>\n<h4 class=\"speaker\">Matthew Daley</span></h4>\n<p class=\"abstract\">Walrus is an open-source Android app for contactless card cloning devices such as the Proxmark3 and Chameleon Mini. Using a simple interface in the style of Google Pay, access control cards can be read into a wallet to be written or emulated later.<br><br>\n\nDesigned for physical security assessors during red team engagements, Walrus supports basic tasks such as card reading, writing and emulation, as well as device-specific functionality such as antenna tuning and device configuration. More advanced functionality such as location tagging makes handling multiple targets easy, while bulk reading allows the stealthy capture of multiple cards while “war-walking” a target.<br><br>\n\nWe’ll be demoing Walrus live with multiple short- and long-range card cloning devices, as well as giving a sneak peek of future plans for the app.</p>\n\n<p class=\"abstract\"><a href=\"https://walrus.app/\">https://walrus.app/</a></p>\n\n<p class=\"speakerBio\"><strong>Daniel Underhay</strong><br> Daniel Underhay is a Security Consultant working at Aura Information Security. He has presented at Troopers, Black Hat Asia Arsenal, ChCon, OzSecCon, and BSides Wellington. He enjoys all aspects of penetration testing, red teaming and phishing engagements.\n<p class=\"speakerBio\"><strong>Matthew Daley</strong><br> Matthew Daley is a Senior Security Consultant at Aura Information Security. He has presented at Black Hat Asia Arsenal, BSides Wellington, OzSecCon, and OWASP New Zealand. He enjoys vulnerability discovery and exploitation, developing tools to help pentesters in their work, and writing long mailing list disclosures.\n</article>\n\'',0,134714),('3_Saturday','15','14:00','15:50','Y','Demolabs','Table 5','\'Walrus\'','\'Daniel Underhay, Matthew Daley\'','dl__Walrus','\'\'',0,134715),('3_Saturday','12','12:00','13:50','N','Demolabs','Table 4','\'WHID Injector: Hot To Bring HID Attacks to the Next Level\'','\'Luca Bongiorni\'','dl__WHID Injector','\'<article class=\"talk\" id=\"WHID Injector\">\n<h3 class=\"talkTitle\">WHID Injector: Hot To Bring HID Attacks to the Next Level</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1200-1350 at Table Four<br>\n	Red Teams, Blue Teams and Hardware Hackers.</p>\n<h4 class=\"speaker\">Luca Bongiorni</h4>\n<p class=\"abstract\">Nowadays, security threats and cyber-attacks against ICS assets, became a topic of public interest worldwide. Within this demo, will be presented how HID attacks can still be used by threat actors to compromise industrial air-gapped environments.\nWHID Injector was born from the need for a cheap and dedicated hardware that could be remotely controlled in order to conduct HID attacks. WHID\'s core is mainly an Atmega 32u4 (commonly used in many Arduino boards) and an ESP-12s (which provides the WiFi capabilities and is commonly used in IoT projects).\nNontheless, during the last months, a new hardware was under R&D (i.e. WHID-Elite). It replaces the Wi-Fi capabilities with a 2G baseband, which gives unlimited operational range.<br><br>\nThis cute piece of hardware is perfect to be concealed into USB gadgets and used during engagements to get remote shell over an air-gapped environment. In practice, is the \"wet dream\" of any ICS Red Teamer out there.<br><br>\nDuring the demo we will see in depth how WHID and WHID-Elite were designed and their functionalities. We will also look at which tools and techniques Blue Teams can use to detect and mitigate this kind of attacks.</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/whid-injector/WHID\">https://github.com/whid-injector/WHID</a></p>\n\n<p class=\"speakerBio\"><strong>Luca Bongiorni</strong><br> Luca is working as Principal Offensive Security Specialist and also actively involved in InfoSec where the main fields of research are: Radio Networks, Reverse Engineering, Hardware Hacking, Antani, Internet of Things and Physical Security. Since 2012 is keeping a closer eye on FSB operations in Baltics, while trying to avoid being poisoned with Polonium or Nervin GAS. His favorite hobbies are Pasta, Grappa and ARP-Spoofing.\n</article>\n\'',0,134716),('3_Saturday','13','12:00','13:50','Y','Demolabs','Table 4','\'WHID Injector: Hot To Bring HID Attacks to the Next Level\'','\'Luca Bongiorni\'','dl__WHID Injector','\'\'',0,134717),('3_Saturday','16','16:00','17:50','N','Demolabs','Table 1','\'WiPi-Hunter&mdash;It Strikes against Illegal Wireless Network Activities (Detect and active response)\'','\'Besim Altinok, Mehmet Kutlay Kocer, M.Can KURNAZ\'','dl__WiPi-Hunter','\'<article class=\"talk\" id=\"WiPi-Hunter\">\n<h3 class=\"talkTitle\">WiPi-Hunter&mdash;It Strikes against Illegal Wireless Network Activities (Detect and active response)</h3>\n	<p class=\"details\">Saturday 08/11/18 from 1600-1750 at Table One<br>\n	Offense, Defense</p>\n<h4 class=\"speaker\">Besim Altinok</h4>\n<h4 class=\"speaker\">Mehmet Kutlay Kocer</span></h4>\n<h4 class=\"speaker\">M.Can KURNAZ</span></h4>\n\n\n<p class=\"abstract\">WiPi Hunter is developed for detecting illegal wireless network activities. But, it shouldn\'t be seen only as a piece of code. Instead, actually, it is a philosophy. You can infere from this project new wireless network illegal activity detection methods. New methods new ideas and different point of views can be obtained from this project.<br><br>\n\nExample: WiFi Pineapple attacks, Fruitywifi, mana-toolkit<br><br>\n\nWiPi-Hunter Modules:<br><br>\n<strong>PiSavar</strong>: Detects activities of PineAP module and starts deauthentication attack (for fake access points - WiFi Pineapple Activities Detection)<br><br>\n<strong>PiFinger</strong>: Searches for illegal wireless activities in networks you are connected and calculate wireless network security score (detect wifi pineapple and other fakeAPs)<br><br>\n<strong>PiDense</strong>: Monitor illegal wireless network activities. (Fake Access Points)<br><br>\n<strong>PiKarma</strong>: Detects wireless network attacks performed by KARMA module (fake AP). Starts deauthentication attack (for fake access points)<br><br>\n<strong>PiNokyo</strong>: If threats like wifi pineapple attacks or karma attacks are active around, users will be informed about these threats.Like proxy (New)</p>\n\n<p class=\"abstract\"><a href=\"https://github.com/WiPi-Hunter\">https://github.com/WiPi-Hunter</a></p>\n\n<p class=\"speakerBio\"><strong>Besim Altinok</strong><br> Besim ALTINOK (@AltnokBesim) is a security enginner at BARIKAT Internet Security. He performs penetration tests on a wide area like web, network and mobile pentesting. His main interests are IoT Pentest and WiFi Security. He wrote a book about WiFi networks: \"Wireless Network Security\". Besim also member of Octosec and Canyoupwnme teams and he supports community thru that teams. Besim was speaker at Blackhat Europe 2017 Arsenal and Blackhat Asia 2018 Arsenal.\n<p class=\"speakerBio\"><strong>Mehmet Kutlay Kocer</strong><br> Mehmet Kutlay KOCER (@kutlaykocer) was graduated from TOBB University of Economics and Technology B.S. Computer Engineering in 2016. His Senior Design Project was about VOIP systems in the name \"SIP DDoS Attacks Detection and Prevention\" with the cooperation of TOBB University and NETAS. Currently, he is working as a Penetration Tester in BARIKAT Internet Security for 2 years. He played a major role in conducting Barikat SOC in 2016. Finally Mehmet Kutlay KOCER spoke at Blackhat ASIA 2018 Arsenal\n<p class=\"speakerBio\"><strong>M.Can KURNAZ</strong><br> M. Can Kurnaz (@0x43414e) is a penetration tester and currently works at European Network for Cyber Security in Netherlands.<br><br>\nHe is conducting penetration tests over internet, internal networks, web-based applications and Operational Technology infrastructures such as smart meters, RTUs, data concentrators, telecontrol gateways, electric vehicle charging points and various ICS/SCADA systems and components, conducting robustness tests for OT devices and working on physical and wireless security assessments of IT/OT devices.<br><br>\nAt the same time, he is also contributing as an instructor to \"Red Team – Blue Team Training for Industrial Control Systems and Smart Grid Cyber Security\" training of ENCS.\n</article>\n\'',0,134718),('3_Saturday','17','16:00','17:50','Y','Demolabs','Table 1','\'WiPi-Hunter&mdash;It Strikes against Illegal Wireless Network Activities (Detect and active response)\'','\'Besim Altinok, Mehmet Kutlay Kocer, M.Can KURNAZ\'','dl__WiPi-Hunter','\'\'',0,134719),('3_Saturday','13','13:30','13:50','N','DEFCON','Track 2','\'Detecting Blue Team Research Through Targeted Ads\'','\'0x200b\'','dc__0x200b','\'<article class=\"talk\" id=\"dc__0x200b\">\n<h3 class=\"talkTitle\">Detecting Blue Team Research Through Targeted Ads</h3>\n	<p class=\"details\">Saturday at 13:30 in Track 2<br>\n	20 minutes |</p>\n<h4 class=\"speaker\">0x200b<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">When my implant gets discovered how will I know? Did the implant stop responding for some benign reason or is the IR team responding? With any luck they\'ll upload the sample somewhere public so I can find it, but what if I can find out if they start looking for specific bread crumbles in public data sources? At some point without any internal data all blue teams turn to OSINT which puts their searches within view of the advertising industry. In this talk I will detail how I was able to use online advertising to detect when a blue team is hot on my trail.</p>\n\n<p class=\"speakerBio\"><strong>0x200b</strong><br> I\'m just a Security researcher who\'s always using tools in unintended ways. I\'m a defender by trade, I work on understating the adversary then designing the mitigations based on what I\'ve learned. Currently I work at the intersection of healthcare and the cloud, designing systems that make it harder for the adversary to operate.</p>\n</article>\n\'',0,134720),('3_Saturday','11','11:00','11:45','N','DEFCON','Track  101','\'Hacking PLCs and Causing Havoc on Critical Infrastructures\'','\'Thiago Alves\'','dc__Alves','\'<article class=\"talk\" id=\"dc__Alves\">\n<h3 class=\"talkTitle\">Hacking PLCs and Causing Havoc on Critical Infrastructures</h3>\n	<p class=\"details\">Saturday at 11:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Thiago Alves<span class=\"speakerTitle\"> Ph.D. Student and Graduate Research Assistant at the University of Alabama in Huntsville</span></h4>\n<p class=\"abstract\">Programmable Logic Controllers (PLCs) are devices used on a variety of industrial plants, from small factories to critical infrastructures like nuclear power plants, dams and wastewater systems. Although PLCs were made robust to sustain tough environments, little care was taken to raise defenses against potential cyber threats. As a consequence, threats started pouring in and causing havoc. During this presentation I will talk about the architecture of a PLC and how it can be p0wned. There will be some live demonstration attacks against 3 different brands of PLCs (if the demo demons allow it, if not I will just show a video). Additionally, I will demonstrate two vulnerabilities I recently discovered, affecting the Rockwell MicroLogix 1400 series and the Schneider Modicon M221 controllers.</p>\n\n<p class=\"speakerBio\"><strong>Thiago Alves</strong><br> Thiago Alves received his B.S. degree in electrical engineering from the\"Pontifícia Universidade Católica\" (PUC) in 2013. In 2014 he created OpenPLC, the world\'s first open source industrial controller. OpenPLC is being used as a valuable tool for control system research and education. The OpenPLC project has contributions from several universities and private companies, such as Johns Hopkins and FreeWave Technologies. In 2017 Thiago won first place in CSAW, the world\'s largest student-run cybersecurity competition, with his innovative embedded security solution for OpenPLC. Currently Thiago is a Ph.D. student at the University of Alabama in Huntsville. His research interests include cybersecurity for SCADA systems, industrial controllers and embedded systems.</p>\n</article>\n\'',0,134721),('4_Sunday','13','13:30','13:50','N','DEFCON','Track 1','\'Asura: A huge PCAP file analyzer for anomaly packets detection using massive multithreading\'','\'Ruo Ando\'','dc__Ando','\'<article class=\"talk\" id=\"dc__Ando\">\n<h3 class=\"talkTitle\">Asura: A huge PCAP file analyzer for anomaly packets detection using massive multithreading</h3>\n	<p class=\"details\">Sunday at 13:30 in Track 1<br>\n	20 minutes | Tool</p>\n<h4 class=\"speaker\">Ruo Ando<span class=\"speakerTitle\"> Center for Cybersecurity Research and Development, National Institute of Informatics, Japan</span></h4>\n<p class=\"abstract\">Recently, the inspection of huge traffic log is imposing a great burden on security analysts. Unfortunately, there have been few research efforts focusing on scalablility in analyzing very large PCAP file with reasonable computing resources. Asura is a portable and scalable PCAP file analyzer for detecting anomaly packets using massive multithreading. Asura\'s parallel packet dump inspection is based on task-based decomposition and therefore can handle massive threads for large PCAP file without considering tidy parameter selection in adopting data decomposition. Asura is designed to scale out in processing large PCAP file by taking as many threads as possible. <br><br>Asura takes two steps. First, Asura extracts feature vector represented by associative containers of &lt;sourceIP, destIP&gt; pair. By doing this, the feature vector can be drastically small compared with the size of original PCAP files.  In other words, Asura can reduce packet dump data into the size of unique &lt;sourceIP, destIP&gt; pairs (for example, in experiment, Asura\'s output which is reduced in first step is about 2% compared with the size of original libpcap files). Second, a parallel clustering algorithm is applied for the feature vector which is represented as {&lt;sourceIP, destIP&gt;, V[i]} where V[i] is aggregated flow vector. In second step, Asura adopts an enhanced Kmeans algorithm. Concretely, two functions of Kmeans which are (1)calculating distance and (2)relabeling points are improved for parallel processing. <br><br>In experiment, in processing public PCAP datasets, Asura can identified 750 packets which are labeled as malicious from among 70 million (about 18GB) normal packets. In a nutshell, Asura successfully found 750 malicious packets in about 18GB packet dump. For Asura to inspect 70 million packets, it took reasonable computing time of around 350-450 minutes with 1000-5000 multithreading by running commodity workstation. Asura will be released under MIT license and available at author\'s GitHub site on the first day of DEF CON 26.</p>\n\n<p class=\"speakerBio\"><strong>Ruo Ando</strong><br> Ruo Ando is associate professor of NII (National Institute of Informatics) by special appointment in Japan. He has Ph.D of computer science. Before joining NII, he was engaged in research project supported by US AFOSR in 2003 (Grant Number AOARD 03-4049). He has presented his researches in PacSec2011 (BitTorrent crawler) and GreHack2013 (DNS security). He was co-presenter of SysCan2009 and FrHack2009 (Virtual machine instrospection). His current research interest is network security.</p>\n</article>\n\'',0,134722),('4_Sunday','14','14:00','14:45','N','DEFCON','Track 3','\'One bite and all your dreams will come true: Analyzing and Attacking Apple Kernel Drivers\'','\'Xiaolong Bai, Min (Spark) Zheng\'','dc__Bai1','\'<article class=\"talk\" id=\"dc__Bai1\">\n<h3 class=\"talkTitle\"> One bite and all your dreams will come true: Analyzing and Attacking Apple Kernel Drivers</h3>\n	<p class=\"details\">Sunday at 14:00 in Track 3<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Xiaolong Bai<span class=\"speakerTitle\"> Security Engineer, Alibaba Inc. </span></h4>\n<h4 class=\"speaker\">Min (Spark) Zheng<span class=\"speakerTitle\"> Security Expert, Alibaba Inc.</span></h4>\n<p class=\"abstract\">Though many security mechanisms are deployed in Apple\'s macOS and iOS systems, some old-fashioned or poor-quality kernel code still leaves the door widely open to attackers. Especially, as kernel\'s critical components, device drivers are frequently exploited to attack Apple systems. In fact, bug hunting in Apple kernel drivers is not easy since they are mostly closed-source and heavily relying on object-oriented programming. In this talk, we will share our experience of analyzing and attacking Apple kernel drivers. In specific, we will introduce a new tool called Ryuk. Ryuk employs static analysis techniques to discover bugs by itself or assist manual review. <br><br>In addition, we further combine static analysis with dynamic fuzzing for bug hunting in Apple drivers. In specific, we will introduce how we integrate Ryuk to the state-of-art Apple driver fuzzer, PassiveFuzzFrameworkOSX, for finding exploitable bugs. <br><br> Most importantly, we will illustrate Ryuk\'s power with several new vulnerabilities that are recently discovered by Ryuk. In specific, we will show how we exploit these vulnerabilities for privilege escalation on macOS 10.13.3 and 10.13.2. We will not only explain why these bugs occur and how we find them, but also demonstrate how we exploit them with innovative kernel exploitation techniques.</p>\n\n<p class=\"speakerBio\"><strong>Xiaolong Bai</strong><br> Xiaolong Bai (twitter@bxl1989, github@bxl1989) is a security engineer in Alibaba Orion Security Lab. Before joining Alibaba, he received his Ph.D. degree in Tsinghua University. He has published several research papers on top conferences including IEEE S&amp;P, Usenix Security, CCS, NDSS, and presented his research in Black Hat USA and Hack In The Box. He has been acknowledged by famous vendors, including Apple, Google, Facebook, Evernote, and Tencent for his contribution in discovering the vulnerabilities in their systems and improving the security of their products. He is a member of the OverSky team for private jailbreaking development.<br><br>@bxl1989</p>\n<p class=\"speakerBio\"><strong>Min (Spark) Zheng</strong><br> Min (Spark) Zheng (twitter@SparkZheng, github@zhengmin1989) is a security expert in Alibaba Orion Security Lab. He received his Ph.D. degree in the CSE department of the CUHK. His research focuses on malware analysis, smartphone (Android &amp; iOS) security, system design and implementation. Before receiving Alibaba A-Star offer award in 2015, he worked in FireEye, Baidu and Tencent. He was the champion of GeekPwn 2014 and AliCTF 2015. He won the\"best security researcher\" award in FIT 2016 for detecting the iOS/macOS vulnerabilities, XcodeGhost virus and WormHole RCE vulnerability. He is a member of the OverSky team for private jailbreaking development. He presented his research in DEF CON, HITB, BlackHat, RUXCON, etc.<br><br>@SparkZheng</p>\n</article>\n\'',0,134723),('3_Saturday','10','10:00','10:45','N','DEFCON','Track 3','\'You may have paid more than you imagine&mdash;Replay Attacks on Ethereum Smart Contracts\'','\'Zhenxuan Bai, Yuwei Zheng, Senhua Wang, Kunzhe Chai\'','dc__Bai2','\'<article class=\"talk\" id=\"dc__Bai2\">\n<h3 class=\"talkTitle\">You may have paid more than you imagine&mdash;Replay Attacks on Ethereum Smart Contracts</h3>\n	<p class=\"details\">Saturday at 10:00 in Track 3<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Zhenxuan Bai<span class=\"speakerTitle\"> Freelance Security Researcher</span></h4>\n<h4 class=\"speaker\">Yuwei Zheng<span class=\"speakerTitle\"> Senior Security Researcher, Unicorn Team, 360 Technology</span></h4>\n<h4 class=\"speaker\">Senhua Wang<span class=\"speakerTitle\"> Freelance Security Researcher</span></h4>\n<h4 class=\"speaker\">Kunzhe Chai<span class=\"speakerTitle\"> Leader of PegasusTeam at 360 Radio Security Research Department, 360 Technology</span></h4>\n<p class=\"abstract\">In this paper, a new replay attack based on Ethereum smart contracts is presented. In the token transfer, the risk of replay attack cannot be completely avoided when the sender\'s signatures are abused, which can bring the loss to users. And the reason is that the applying scope of the signatures is not properly designed in the smart contracts. To test and verify this loophole, we selected two similar smart contracts for our experiment, at the same time, we used our own accounts in these two contracts to carry out the experiment. Because the same signatures of the two contracts were used in the experiment, we got a double income from sender successfully. The experiment verified that the replay attack is really exist. Besides, the replay attack may exist in multiple smart contracts. We calculated the number of smart contracts with this loophole, as well as the corresponding transaction activities, which find some Ethereum smart contracts are risked for this loophole. According to the vulnerability of the contract signature, the risk level is calibrated and depicted. Furthermore, the replay attack pattern is extended to within contract, cross contract and cross chain, which provide the pertinence and well reference for protection. Finally, the countermeasures are proposed to fix this vulnerability.</p>\n\n<p class=\"speakerBio\"><strong>Zhenxuan Bai</strong><br> Zhenxuan Bai is a freelance Security Researcher interests in smart contract and blockchain, consultant of UnicornTeam. He is a co-researcher of the decryption blackberry project, which manage to decrypt Blackberry BBM, PIN message and  BIS secure mail without keys.</p>\n<p class=\"speakerBio\"><strong>Yuwei Zheng</strong><br> Yuwei Zheng is a senior security researcher at Radio Security Department of 360 Technology, core member of UnicornTeam. He cracked the protocols of Blackberry BBM, PIN message, BIS secure mail, and successfully decrypted the messages without keys. He is currently focusing on the security research of cellular network, IoT system, and mobile baseband. He had presented his research works at top level security conferences like BlackHat, DEF CON, HITB etc.</p>\n<p class=\"speakerBio\"><strong>Senhua Wang</strong><br> Senhua Wang is a freelance Security Researcher interested in smart contract and blockchain, consultant of UnicornTeam</p>\n<p class=\"speakerBio\"><strong>Kunzhe Chai</strong><br> Leader of PegasusTeam at 360 Radio Security Research Department in 360 Technology. He focuses on wireless security, including attack-defense research. He is the person in charge of the attack and defense technology of Skyscan Wireless Intrusion and Prevention System, One of the authors of the well-known wireless security tool MDK4. He leads his team to share the research results at HITB, HITCON, Blackhat, China ISC etc.<br><br>twitter@swe3per</p>\n</article>\n\'',0,134724),('4_Sunday','15','15:00','15:45','N','DEFCON','Track 2','\'What the Fax!?\'','\'Yaniv Balmas, Eyal Itkin\'','dc__Balmas','\'<article class=\"talk\" id=\"dc__Balmas\">\n<h3 class=\"talkTitle\">What the Fax!?</h3>\n	<p class=\"details\">Sunday at 15:00 in Track 2<br>\n	45 minutes | Demo, Tool, Exploit, Audience Participation</p>\n<h4 class=\"speaker\">Yaniv Balmas<span class=\"speakerTitle\"> Security Researcher, Check Point Software Technologies</span></h4>\n<h4 class=\"speaker\">Eyal Itkin<span class=\"speakerTitle\"> Security Researcher, Check Point Software Technologies</span></h4>\n<p class=\"abstract\">Unless you\'ve been living under a rock for the past 30 years or so, you probably know what a fax machine is.  For decades, fax machines were used worldwide as the main way of electronic document delivery. But this happened in the 1980s. Humanity has since developed far more advanced ways to send digital content, and fax machines are all in the past, right? After all, they should now be nothing more than a glorified museum item. Who on earth is still using fax machines? <br><br>The answer, to our great horror, is EVERYONE. State authorities, banks, service providers and many others are still using fax machines, despite their debatable quality and almost non-existent security. In fact, using fax machines is often mandatory and considered a solid and trustworthy method of delivering information. <br><br>What the Fax?! We embarked on a journey with the singular goal of disrupting this insane state of affairs. We went to work, determined to show that the common fax machine could be compromised via mere access to its fully exposed and unprotected telephone line -- thus completely bypassing all perimeter security protections and shattering to pieces all modern-day security concepts. <br><br>Join us as we take you through the strange world of embedded operating systems, 30-year-old protocols, museum grade compression algorithms, weird extensions and undebuggable environments. See for yourself first-hand as we give a live demonstration of the first ever full fax exploitation, leading to complete control over the entire device as well as the network, using nothing but a standard telephone line. <br><br>This talk is intended to be the canary in the coal mine. The technology community cannot sit idly by while this ongoing madness is allowed to continue. The world must stop using FAX!</p>\n\n<p class=\"speakerBio\"><strong>Yaniv Balmas</strong><br> Yaniv Balmas is a software engineer and a seasoned professional in the security field. He wrote his very first piece of code in BASIC on the new Commodore-64 he got for his 8th birthday. As a teenager, he spent his time looking for ways to hack computer games and break BBS software. This soon led to diving into more serious programming, and ultimately, the security field where he has been ever since. Yaniv is currently leading the security research group at Check Point Software Technologies where he deals mainly with analyzing malware and vulnerability research.<br><br>@ynvb</p>\n<p class=\"speakerBio\"><strong>Eyal Itkin</strong><br> Eyal Itkin is a vulnerability researcher in the Malware and Vulnerability Research group at Check Point Software Technologies. Eyal has an extensive background in security research, that includes years of experience in embedded network devices and protocols, bug bounties from all popular interpreter languages, and an award by Microsoft for his CFG enhancement white paper. When not breaking PTP or I2P, he loves bouldering, swimming, and thinking about the next target for his research.<br><br>@EyalItkin</p>\n</article>\n\'',0,134725),('4_Sunday','10','10:00','10:45','N','DEFCON','Track 1','\'Rock appround the clock: Tracking malware developers by Android \"AAPT\" timezone disclosure bug\'','\'Sheila A. Berta, Sergio De Los Santos\'','dc__Berta','\'<article class=\"talk\" id=\"dc__Berta\">\n<h3 class=\"talkTitle\">Rock appround the clock: Tracking malware developers by Android \"AAPT\" timezone disclosure bug</h3>\n	<p class=\"details\">Sunday at 10:00 in Track 1<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Sheila A. Berta<span class=\"speakerTitle\"> Security Researcher at Eleven Paths</span></h4>\n<h4 class=\"speaker\">Sergio De Los Santos<span class=\"speakerTitle\"> Head of Innovation and Lab at Eleven Paths</span></h4>\n<p class=\"abstract\">Are you a malware developer for Android devices? We have very bad news for you: the Android-SDK packager (aapt) is leaking your time zone! We have found a bug inside this Android-SDK\'s component that relies in not properly setting the value of a variable used as an argument for localtime() function, when setting the \"Last Modified\" field for the Android App\'s files. Because of this, the time zone of anyone using the Android-SDK packager to generate their APKs is leaked. The curious thing is that, despite of this bug inside aapt, the problem goes even beyond aapt itself: its roots goes deep into an incorrect handling errors in the operative system functions localtime() (Windows) and localtime_r() (UNIX). <br><br>Because of in the world of Threat Intelligence determining the attacker\'s geographical location of is one of the most valuable data for attribution techniques, we focused our research in taking advantage of this bug for tracking Android malware developers. In addition to this, we have discovered another very effective way to find out the developer\'s time zone, based on a calculation of times extracting the GMT timestamp from the Android\'s app files and the UTC timestamp of the self-signed,\"disposable\" certificate added to the application (most common cases in malware developers). This is what we call: Rock appround the clock! Using these two different techniques, we have crunched some numbers with our 10 million apps database to determine how these leaked time zones (with one or another technique) are related with malware and which are the countries that generate more Android malicious applications, what is the possible relation between time zone and\"malware likelihood\" among other interesting numbers. <br><br>But that\'s not all, we have another bad news for malware developers: no IDE (even Android Studio) removes metadata from the files added to the Android app. We will show examples with real cases in which, after analyzing the metadata of files inside the .apk, we got to know country, language, or even more specific geographical location of the developer and -in some cases- the name of the suppose-to-be-anonymous developer! Finally, we will share the scripts we have built to get all this information with just a simple click.</p>\n\n<p class=\"speakerBio\"><strong>Sheila A. Berta</strong><br> Sheila Ayelen Berta is an Information Security Specialist and Developer, who started at 12 years-old by herself. At the age of 15, she wrote her first book about Web Hacking, published by RedUSERS Editorial in several countries. Over the years, she has discovered lots of vulnerabilities in popular web applications, softwares and given courses of Hacking Techniques in universities and private institutes. Sheila currently works at Eleven Paths as Security Researcher who specializes in offensive techniques, reverse engineering and exploit writing. She is also a developer in ASM (microcontrollers, x32/x64), C/C++ and Python. Sheila is an international speaker who has spoken at important security conferences such as Black Hat EU 2017, DEF CON 25 CHV, HITBSecConf, Ekoparty Security Conference, IEEE ArgenCon, Hack.Lu, OWASP Latam Tour and others.<br><br>@UnaPibaGeek</p>\n<p class=\"speakerBio\"><strong>Sergio De Los Santos</strong><br> Sergio De Los Santos is currently head of innovation and labs in Eleven Paths, responsible for researching, creating new projects, tools and prototypes. In the past (2005-2013), he was a Technical consultant in Hispasec (where VirusTotal was developed for 10 years), responsible for antifraud, vulnerabilities alert and other services mostly bank industry oriented. Sergio is responsible for the most veteran security newsletter in spanish. Since 2000 he has worked as an auditor and technical coordinator, written three technical security books and one about the history of security. He has an informatics degree, a master in software engineering and artificial intelligence and has been awarded with Microsoft MVP Consumer Security title in 2013-2017. He is a teacher and director of different courses, masters and lectures in universities and private companies.<br><br>@ssantosv</p>\n</article>\n\'',0,134726),('1_Thursday','12','12:00','12:45','N','DEFCON','Track  101','\'Ring 0/-2 Rootkits: bypassing defenses\'','\'Alexandre Borges\'','dc__Borges','\'<article class=\"talk\" id=\"dc__Borges\">\n<h3 class=\"talkTitle\">Ring 0/-2 Rootkits: bypassing defenses</h3>\n	<p class=\"details\">Thursday at 12:00 in 101 Track, Flamingo<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">Alexandre Borges<span class=\"speakerTitle\"> Malware and Security Researcher at Blackstorm Security</span></h4>\n<p class=\"abstract\">Advanced malware such as TDL4, Rovnix, Gapz, Omasco, Mebromi and others have exposed in recent years various techniques used to circumvent the usual defenses and have shown how much companies are not prepared to deal with these sophisticated threats. <br><br>Although the industry has implemented new protections such as Virtualized Based Security, Windows SMM Security Mitigation Table (WSMT), Kernel Code Signing, HVCI, ELAM, Secure Boot, Boot Guard, BIOS Guard, and many others, it is still unknown the professionals of the architecture of these protections, what are the components attacked by these contemporary malwares in the context of BIOS / UEFI and what are the tricks used by them. Precisely because of the lack of adequate understanding, most machines (BIOS / UEFI + operating system) remain vulnerable in the same way as a few years ago. <br><br>In addition, there are a growing number of malwares that have used kernel drivers to circumvent limitations and protections in order to gain full access to the operating system and data. Exactly for these reasons, it is necessary to understand the way that malwares act as device drivers and what are the mechanisms used by these threats to infect an operating system. <br><br>The purpose of this presentation is to show clearly and without too much details that often hinders understanding, how these threats act, which components are attacked, what are the techniques used by these advanced malware to subvert the system and how existing protections work .</p>\n\n<p class=\"speakerBio\"><strong>Alexandre Borges</strong><br> Alexandre has been working as Malware and Security researcher at Blackstorm Security, where he is daily involved with malware analysis cases, forensic and fraud investigations,  reverse engineering and exploit development projects. In the past, Alexandre worked as instructor at Sun Microsystems for ten years and Symantec for six years. <br><br>Nowadays, he is reviewer of\"The Journal of Digital Forensics, Security and Law\", referee on \"Digital Investigation&mdash;The International Journal of Digital Forensics &amp; Incident Response\" and member of the Digital Law and Compliance Committee at OAB/SP. <br><br>Slides and articles written by Alexandre are available on: http://www.blackstormsecurity.com/bs/en/en_articles.html<br><br>@ale_sp_brazil, http://www.linkedin.com/in/aleborges, http://www.blackstormsecurity.com</p>\n</article>\n\'',0,134727),('4_Sunday','13','13:00','13:45','N','DEFCON','Track  101','\'Trouble in the tubes: How internet routing security breaks down and how you can do it at home\'','\'Lane Broadbent\'','dc__Broadbent','\'<article class=\"talk\" id=\"dc__Broadbent\">\n<h3 class=\"talkTitle\">Trouble in the tubes: How internet routing security breaks down and how you can do it at home</h3>\n	<p class=\"details\">Sunday at 13:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Lane Broadbent<span class=\"speakerTitle\"> Security Engineer, Vivint</span></h4>\n<p class=\"abstract\">We all protect our home networks, but how safe is your data once it leaves on its journey to the latest cat pictures? How does your traffic make it to its destination and what threats does it face on its way? What is BGP and why should you care? <br><br>\n	\nIn this talk, I\'ll explain the basic structure of the network that is the Internet and the trust relationships on which it is built.  We\'ll explore several types of attacks that you may have seen in the news that exploit this relationship to bring down websites, steal cryptocurrency, and monitor dissidents. <br><br>\n	\nBecause talking about bringing down the Internet isn\'t as much fun as doing, I\'ll show how to create a mini Internet using Mininet and demonstrate the attacks without the need for a BGP router or a lawyer. Finally, because nation states shouldn\'t get to have all the fun, I\'ll use Scapy and some novel techniques to demonstrate how a compromised router can be used to prevent attribution, frame a friend, or create a covert communication channel.</p>\n\n<p class=\"speakerBio\"><strong>Lane Broadbent</strong><br>Lane Broadbent is a Security Engineer performing threat hunting and full stack security engineering for Vivint, a tech company focused on IoT and home security. With over a decade of experience in research, pen testing, and jack of all trades systems administration, Lane now works to secure IoT devices and the systems that interact with them. In his free time, Lane tries to best the corporate NTP pool with parts salvaged from thrift stores.</p>\n</article>\n\'',0,134728),('4_Sunday','12','12:00','12:45','N','DEFCON','Track 1','\'Last mile authentication problem: Exploiting the missing link in end-to-end secure communication\'','\'Thanh Bui, Siddharth Rao\'','dc__Bui','\'<article class=\"talk\" id=\"dc__Bui\">\n<h3 class=\"talkTitle\">Last mile authentication problem: Exploiting the missing link in end-to-end secure communication</h3>\n	<p class=\"details\">Sunday at 12:00 in Track 1<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Thanh Bui<span class=\"speakerTitle\"> Security Researcher,  Aalto University, Finland</span></h4>\n<h4 class=\"speaker\">Siddharth Rao<span class=\"speakerTitle\"> Security Researcher,  Aalto University, Finland</span></h4>\n<p class=\"abstract\">With \"Trust none over the Internet\" mindset, securing all communication between a client and a server with protocols such as TLS has become a common practice. However, while the communication over Internet is routinely secured, there is still an area where such security awareness is not seen: inside individual computers, where adversaries are often not expected. <br><br>This talk discusses the security of various inter-process communication (IPC) mechanisms that local processes and applications use to interact with each other. In particular, we show IPC-related vulnerabilities that allow a non-privileged process to steal passwords stored in popular password managers and even second factors from hardware tokens. With passwords being the primary way of authentication, the insecurity of this \"last mile\" causes the security of the rest of the communication strands to be obsolete. The vulnerabilities that we demonstrate can be exploited on multi-user computers that may have processes of multiple users running at the same time. The attacker is a non-privileged user trying to steal sensitive information from other users. Such computers can be found in enterprises with centralized access control that gives multiple users access to the same host. Computers with guest accounts and shared computers at home are similarly vulnerable.</p>\n\n<p class=\"speakerBio\"><strong>Thanh Bui</strong><br> Thanh Bui is a doctoral candidate in the\"Secure systems\" group of Aalto University, Finland. His research focuses on analyzing and designing secure network protocols and distributed systems. He is a past Erasmus Mundus fellow and holds double master\'s degrees from Aalto University, Finland and KTH Royal Institute of Technology, Sweden.</p>\n<p class=\"speakerBio\"><strong>Siddharth Rao</strong><br> Siddharth (Sid) Rao is a doctoral candidate in the\"Secure systems\" group of Aalto University, Finland. He specializes in the security analysis of communication protocols, and his current interest lies in pedagogical study of the \'lack of authentication\' in different systems. He is a past Erasmus Mundus fellow and holds double master\'s degrees from Aalto University, Finland and University of Tartu, Estonia. He has been Ford-Mozilla Open Web Fellow at European Digital Rights (EDRi), where helped to define policies related to data protection, surveillance, copyright, and network neutrality. He has previous spoken at security conferences such as Blackhat and Troopers.</p>\n<p class=\"speakerBio\"><strong></strong><br>Markku Antikainen received the M.Sc. degrees in security and mobile computing from Aalto University, Espoo, Finland, and the Royal Institute of Technology, Stockholm, Sweden, in 2011. In 2017, he received a Ph.D. degree from Aalto University, Espoo, Finland. His doctoral thesis was on the security of Internet-of-things and software-defined networking. He currently works as a post-doctoral researcher at Helsinki Institute for Information Technology, Finland</p>\n<p class=\"speakerBio\"><strong></strong><br>Tuomas Aura received the M.Sc. and Ph.D. degrees from Helsinki University of Technology, Espoo, Finland, in 1996 and 2000, respectively. His doctoral thesis was on authorization and availability in distributed systems. He is a Professor of computer science and engineering with Aalto University, Espoo, Finland. Before joining Aalto University, he worked with Microsoft Research, Cambridge, U.K. He is interested in network and computer security and the security analysis of new technologies.</p>\n</article>\n\'',0,134729),('3_Saturday','15','15:00','15:45','N','DEFCON','Track 2','\'Reverse Engineering Windows Defender\'s Emulator\'','\'Alexei Bulazel\'','dc__Bulazel','\'<article class=\"talk\" id=\"dc__Bulazel\">\n<h3 class=\"talkTitle\">Reverse Engineering Windows Defender\'s Emulator</h3>\n	<p class=\"details\">Saturday at 15:00 in Track 2<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Alexei Bulazel<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Windows Defender Antivirus\'s mpengine.dll implements the core of Defender\'s functionality in an enormous ~11 MB, 30,000+ function DLL. <br><br>In this presentation, we\'ll look at Defender\'s emulator for analysis of potentially malicious Windows binaries on the endpoint. To the best of my knowledge, there has never been a conference talk or publication on reverse engineering any antivirus binary emulator before. <br><br>We\'ll cover a range of topics including emulator internals&mdash;machine code to intermediate language translation and execution; memory management; Windows API emulation; NT kernel emulation; file system and registry emulation; integration with Defender\'s antivirus features; the virtual environment; etc.&mdash;building custom tooling for instrumenting the emulator; tricks that binaries can use to evade or subvert analysis; and attack surface within the emulator. <br><br>Attendees will leave with an understanding of how modern antivirus software conducts emulation-based dynamic analysis on the endpoint, and how attackers might go about subverting or attacking these systems. I\'ll publish code for a binary for exploring the emulator from within, patches that I developed for instrumenting Defender built on top of Tavis Ormandy\'s loadlibrary project, and IDA scripts to help with analyzing mpengine.dll and Defender\'s \"VDLLs\"</p>\n\n<p class=\"speakerBio\"><strong>Alexei Bulazel</strong><br> Alexei Bulazel (@0xAlexei) is a security researcher at ForAllSecure. He also provides expertise on reverse engineering and cyber policy at River Loop Security. Alexei has previously presented his research at venues such as Black Hat, REcon, and ShmooCon, among many others, and has published scholarly work at USENIX WOOT and ROOTS. Alexei is a proud alumnus of RPISEC.<br><br>@0xAlexei</p>\n</article>\n\'',0,134730),('1_Thursday','13','13:00','13:45','N','DEFCON','Track  101','\'A Journey Into Hexagon: Dissecting a Qualcomm Baseband\'','\'Seamus Burke\'','dc__Burke','\'<article class=\"talk\" id=\"dc__Burke\">\n<h3 class=\"talkTitle\">A Journey Into Hexagon: Dissecting a Qualcomm Baseband</h3>\n	<p class=\"details\">Thursday at 13:00 in 101 Track, Flamingo<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">Seamus Burke<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Mobile phones are quite complicated and feature multiple embedded processors handling wifi, cellular connectivity, bluetooth, and other signal processing in addition to the application processor. Have you ever been curious about how your phone actually makes calls and texts on a low level? Or maybe you want to learn more about the internals of the baseband but have no clue where to start. We will dive into the internals of a qualcomm baseband, tracing it\'s evolution over the years until its current state. We will discuss the custom, in-house DSP architecture they now run on, and the proprietary RTOS running on it. We will also cover the architecture of the cellular stack, likely places vulnerabilities lie, and exploit mitigations in place. Finally we will cover debugging possibilities, and how to get started analyzing the baseband firmware&mdash;how to differentiate between RTOS and cellular functions, how to find C std library functions, and more.</p>\n\n<p class=\"speakerBio\"><strong>Seamus Burke</strong><br> Seamus Burke is an undergraduate student at UMBC pursing a degree in CS, he has been working in the security field field since he was 16 and has held a variety of positions from SOC analyst to malware analyst, to vulnerability researcher. Currently his research focus is on cellular baseband and kernel rootkits. When he\'s not staring at IDA, he likes to spend his time wrenching on cars and racing. <br><br>@AlternateAdmin</p>\n</article>\n\'',0,134731),('3_Saturday','17','17:00','17:45','N','DEFCON','Track 2','\'Relocation Bonus: Attacking the Windows Loader Makes Analysts Switch Careers\'','\'Nick Cano\'','dc__Cano1','\'<article class=\"talk\" id=\"dc__Cano1\">\n<h3 class=\"talkTitle\">Relocation Bonus: Attacking the Windows Loader Makes Analysts Switch Careers</h3>\n	<p class=\"details\">Saturday at 17:00 in Track 2<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Nick Cano<span class=\"speakerTitle\">  Senior Security Architect @ Cylance</span></h4>\n<p class=\"abstract\">The arbiters of defense wield many static analysis tools; disassemblers, PE viewers, and anti-viruses are among them. When you peer into their minds, these tools reveal their perilous implementations of PE file parsing. They assume PE files come as-is, but the Windows Loader actually applies many mutations (some at the command of the PE itself) before execution ever begins. This talk is about bending that loader to one\'s whim with the Relocations Table as a command spell. It will demonstrate how the loader can be instrumented into a mutation engine capable of transforming an utterly mangled PE file into a valid executable. This method starts with multiple ASLR Preselection attacks that force binary mapping at a predictable address. It then mangles the PE file, garbling any byte not required prior to relocation. Finally, it embeds a new Relocations Table which, when paired with a preselected base address, causes the loader to reconstruct the PE and execute it with ease. This isn\'t a packer or a POC, it is a PE rebuilder which generates completely valid, stable, and vastly tool-breaking executables. This talk will show you how this attack twists the protocols of a machine against the controls meant to protect it. It flexes on tools with various look-what-I-can-break demonstrations and, if you write similar tools, it\'ll make you rethink how you do it.</p>\n\n<p class=\"speakerBio\"><strong>Nick Cano</strong><br> Nick is a self-taught software engineer, hacker, and an avid CTFer. He started coding when he was 11 and planted his roots in video game hacking by 14. His game hacking endeavors lead to a profitable business which became the foothold for his career. Nick is the author of\"Game Hacking: Developing Autonomous Bots for Online Games,\" and has spoken about topics such as malware analysis, Windows internals, game hacking, and memory forensics at DEF CON, DerbyCon, HOPE, and other prestigious conferences. Previously a Senior Engineer at Bromium and currently a Senior Architect at Cylance, he\'s using his Windows internals experience to help make advances with endpoint protection, detection, and response.<br><br>    https://twitter.com/nickcano93,     https://nickcano.com/,     https://github.com/nickcano</p>\n</article>\n\'',0,134732),('3_Saturday','15','15:00','15:45','N','DEFCON','Track  101','\'Project Interceptor: avoiding counter-drone systems with nanodrones\'','\'David Melendez Cano\'','dc__Cano2','\'<article class=\"talk\" id=\"dc__Cano2\">\n<h3 class=\"talkTitle\">Project Interceptor: avoiding counter-drone systems with nanodrones</h3>\n	<p class=\"details\">Saturday at 15:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Tool, Audience Participation</p>\n<h4 class=\"speaker\">David Melendez Cano<span class=\"speakerTitle\"> R&amp;D Embedded Systems Engineer. Albalá Ingenieros S.A.</span></h4>\n<p class=\"abstract\">Antidrone system industries have arised. Due to several, and even classic, vulnerabilities in communication systems now used by drones , anti-drone systems are able to take down those drone by means of well documented attacks. <br><br>Drone/antidrone competition has already been set into the scene. This talk provides a new vision about drone protection against anti-drone systems, presenting \"The Interceptor Project\", a hand-sized nano drone based on single-core tiniest Linux Board: Vocore2. <br><br>This Linux board manages a WiFi (side/hidden) bidirectional channel communication that cannot be deauthenticated and it is replay-resistant, keeping all 802.11 hacking capabilities and standard utilities as any other WiFi hacker drone, with only the built-in adapter of the tiny Vocore2. Also, a \"just in case\", fallback control by SDR is implemented taking advantage of all the goods that SDR radio gives.  All embedded into a hand-sized aircraft to make detection and mitigation a real and new pain, with a very low budget: About $70.</p>\n\n<p class=\"speakerBio\"><strong>David Melendez Cano</strong><br> David Melendez Cano, Spain, works as R&amp;D software engineer for TV Studio manufacturer company, Albalá Ingenieros S.A. in Madrid. He has won several prices in robotic contests and he has been a speaker at Nuit Du Hack, RootedCON, NoConName,  Codemotion, HKOSCON, etc. Author of the book \"Hacking con Drones\" and robot builder. <br><br>@taiksontexas</p>\n</article>\n\'',0,134733),('3_Saturday','12','12:00','12:45','N','DEFCON','Track 2','\'You\'d better secure your BLE devices or we\'ll kick your butts !\'','\'Damien \"virtualabs\" Cauquil\'','dc__Cauquil','\'<article class=\"talk\" id=\"dc__Cauquil\">\n<h3 class=\"talkTitle\">You\'d better secure your BLE devices or we\'ll kick your butts !</h3>\n	<p class=\"details\">Saturday at 12:00 in Track 2<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Damien \"virtualabs\" Cauquil<span class=\"speakerTitle\"> Head of Research &amp; Development, Digital Security</span></h4>\n<p class=\"abstract\">Sniffing and attacking Bluetooth Low Energy devices has always been a real pain. Proprietary tools do the job but cannot be tuned to fit our offensive needs, while opensource tools work sometimes, but are not reliable and efficient. Even the recently released Man-in-the-Middle BLE attack tools have their limits, like their complexity and lack of features to analyze encrypted or short connections. <br><br>Furthermore, as vendors do not seem inclined to improve the security of their devices by following the best practices, we decided to create a tool to lower the ticket: BtleJack. BtleJack not only provides an affordable and reliable way to sniff and analyze Bluetooth Low Energy devices and their protocol stacks, but also implements a brand new attack dubbed \"BtleJacking\" that provides a way to take control of any already connected BLE device. <br><br>We will demonstrate how this attack works on various devices, how to protect them and avoid hijacking and of course release the source code of the tool. <br><br>Vendors, be warned: BLE hijacking is real and should be considered in your threat model.</p>\n\n<p class=\"speakerBio\"><strong>Damien \"virtualabs\" Cauquil</strong><br> Damien is a senior security researcher who joined Digital Security in 2015 as the head of research and development. He discovered how wireless protocols can be fun to hack and quickly developed BtleJuice, one of the first Bluetooth Low Energy MitM framework. <br><br>Damien presented at various security conferences including DEF CON, Hack In Paris, Chaos Communication Camp, Chaos Communication Congress, and a dozen times at Nuit du Hack, one of the oldest security conference.</p>\n</article>\n\'',0,134734),('1_Thursday','15','15:00','15:30','N','DEFCON','Track  101','\'Building the Hacker Tracker\'','\'Whitney Champion, Seth Law\'','dc__Champion','\'<article class=\"talk\" id=\"dc__Champion\">\n<h3 class=\"talkTitle\">Building the Hacker Tracker</h3>\n	<p class=\"details\">Thursday at 15:00 in 101 Track, Flamingo<br>\n	20 minutes |</p>\n<h4 class=\"speaker\">Whitney Champion<span class=\"speakerTitle\"> Senior Systems Engineer</span></h4>\n<h4 class=\"speaker\">Seth Law<span class=\"speakerTitle\"> Application Security Consultant, Redpoint Security</span></h4>\n<p class=\"abstract\">In 2012, back when DEF CON still fit in the Riviera (RIP), I recognized a gap to fill. I wanted to create a mobile version of the paper DEF CON booklet that everyone could use at the con. <br><br>I was unable to attend the conference that year. I was 8 months pregnant with my first child, and because I couldn\'t be there in person, I spent a lot of time wishing I was. <br><br>So I built it. I spent countless hours pouring my heart into what became the Hacker Tracker, shiny graphics and all, and was committing code up until the minute I went into labor. <br><br>Fast forward a few years: Seth was frustrated with the lack of a mobile app for iOS while attending DEF CON. Subsequently, he found the Android version of Hacker Tracker and reached out to me about creating an iOS version. I was thrilled that someone wanted to join me and help grow the project. Not long after that, I recruited Chris to work on the app as well. <br><br>Now, 6 years since its inception, a small team supports the app development across iOS and Android and the apps are being used by half a dozen different conferences, representing several thousand users. <br><br>From nothing to something, we\'ve experienced quite a bit in 6 years. Join us as we share our moments of joy, fear, and panic,\"things not to do\", and more.</p>\n\n<p class=\"speakerBio\"><strong>Whitney Champion</strong><br> Whitney is a systems architect in South Carolina. She has held several roles throughout her career- security engineer, systems engineer, mobile developer, cloud architect, consulting architect, to name a few. In the last 15 years, she has worked on operations teams, support teams, development teams, and consulting teams, in both the private and public sector, supporting anywhere from a handful of users to hundreds of thousands. No matter the role, security has always been an area of passion and focus. <br><br>@shortxstack</p>\n<p class=\"speakerBio\"><strong>Seth Law</strong><br> Seth is an independent security consultant with Redpoint Security in Salt Lake City, where he performs security research and consulting for a various clients. He spends the majority of his time thinking up ways to exploit and secure applications, but has been known to pull out an IDE as the need arises. Over the course of his career, Seth has honed application security skills using offensive and defensive techniques, including tool development and research. He has an (un)healthy obsession with all things security related and regularly heads down the rabbit hole to research the latest vulnerability or possible exposures. Seth can regularly be found at developer meetups and security get-togethers, whether speaking or learning.<br><br>@sethlaw</p>\n</article>\n\'',0,134735),('4_Sunday','16','16:00','17:45','N','DEFCON','Track 1','\'DEF CON Closing Ceremonies\'','\'The Dark Tangent\'','dc__Closing','\'<article class=\"talk\" id=\"dc__Closing\">\n<h3 class=\"talkTitle\">DEF CON Closing Ceremonies</h3>\n	<p class=\"details\">Sunday at 16:00 in Track 1<br>\n	105 minutes | Audience Particption</p>\n<h4 class=\"speaker\">The Dark Tangent<span class=\"speakerTitle\"> </span></h4>\n<p class=\"abstract\">DEF CON Closing Ceremonies</p>\n\n<p class=\"speakerBio\"><strong>The Dark Tangent</strong><br></p>\n</article>\n\'',0,134736),('4_Sunday','17','16:00','17:45','Y','DEFCON','Track 1','\'DEF CON Closing Ceremonies\'','\'The Dark Tangent\'','dc__Closing','\'\'',0,134737),('3_Saturday','16','16:00','16:45','N','DEFCON','Track  101','\'Outsmarting the Smart City\'','\'Daniel \"unicornFurnace\" Crowley, Mauro Paredes, Jen \"savagejen\" Savage\'','dc__Crowley','\'<article class=\"talk\" id=\"dc__Crowley\">\n<h3 class=\"talkTitle\">Outsmarting the Smart City</h3>\n	<p class=\"details\">Saturday at 16:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Daniel \"unicornFurnace\" Crowley<span class=\"speakerTitle\"> Research Baron, IBM X-Force Red</span></h4>\n<h4 class=\"speaker\">Mauro Paredes<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Jen \"savagejen\" Savage<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">The term\"smart city\" evokes imagery of flying cars, shop windows that double as informational touchscreens, and other retro-futuristic fantasies of what the future may hold. Stepping away from the smart city fantasy, the reality is actually much more mundane. Many of these technologies have already quietly been deployed in cities across the world. In this talk, we examine the security of a cross-section of smart city devices currently in use today to reveal how deeply flawed they are and how the implications of these vulnerabilities could have serious consequences. <br><br>In addition to discussing newly discovered pre-auth attacks against multiple smart city devices from different categories of smart city technology, this presentation will discuss methods for how to figure out what smart city tech a given city is using, the privacy implications of smart cities, the implications of successful attacks on smart city tech, and what the future of smart city tech may hold.</p>\n\n<p class=\"speakerBio\"><strong>Daniel \"unicornFurnace\" Crowley</strong><br> Daniel has been working in infosec since 2004, is TIME\'s 2006 Person of the Year, and brews his own beer. Daniel is the primary author of both the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool.<br><br>@dan_crowley</p>\n<p class=\"speakerBio\"><strong>Mauro Paredes</strong><br> Mauro has many years of experience performing penetration testing and security assessments for clients in Canada, USA, Germany, Mexico and Venezuela. Mauro has experience across several industries, including finance, telecommunication, e-commerce, technology providers, retail, energy, healthcare, logistics and transportation, government; and education.</p>\n<p class=\"speakerBio\"><strong>Jen \"savagejen\" Savage</strong><br> Jennifer Savage has over a decade of experience in tech including penetration testing, vulnerability assessment, vulnerability management, software development, technical management, and consulting services for companies ranging from startups to the Fortune 100.<br><br>@savagejen</p>\n</article>\n\'',0,134738),('1_Thursday','15','15:30','17:15','N','DEFCON','Track  101','\'DEF CON 101 Panel\'','\'HighWiz, Nikita, Roamer, Chris \"Suggy\" Sumner, Jericho, Wiseacre, Shaggy\'','dc__DC101','\'<article class=\"talk\" id=\"dc__DC101\">\n<h3 class=\"talkTitle\">DEF CON 101 Panel</h3>\n	<p class=\"details\">Thursday at 15:30 in 101 Track, Flamingo<br>\n	105 minutes | Audience Participation</p>\n<h4 class=\"speaker\">HighWiz<span class=\"speakerTitle\"> Founder, DC 101</span></h4>\n<h4 class=\"speaker\">Nikita<span class=\"speakerTitle\"> Director of Content &amp; Coordination, DEF CON</span></h4>\n<h4 class=\"speaker\">Roamer<span class=\"speakerTitle\"> CFP Vocal Antagonizer</span></h4>\n<h4 class=\"speaker\">Chris \"Suggy\" Sumner<span class=\"speakerTitle\"> Co-Founder, Online Privacy Foundation</span></h4>\n<h4 class=\"speaker\">Jericho<span class=\"speakerTitle\"> \"Squirrel\"</span></h4>\n<h4 class=\"speaker\">Wiseacre<span class=\"speakerTitle\"> Former Doer Of Things</span></h4>\n<h4 class=\"speaker\">Shaggy<span class=\"speakerTitle\"> The Mountain</span></h4>\n<p class=\"abstract\">Ten years ago, DEF CON 101 was founded by HighWiz as a way to introduce n00bs to DEF CON.  The idea was to help attendees get the best experience out of DEF CON (and also tell them how to survive the weekend!).  The DEF CON 101 panel has been a way for people who have participated in making DEF CON what it is today to share those experiences and, hopefully, inspire attendees to expand their horizons.  DEF CON offers so much more than just talks and the DEF CON 101 panel is the perfect place to learn about all things DEF CON so you, dear reader, can  get the best experience possible.  The panel will end with the time honored tradition of \"Name the n00b\" where lucky attendees will be brought up on stage to introduce themselves to you and earn the coveted 101 n00b handle.  Don\'t worry if you don\'t make it on to the stage, there will be plenty of other prizes for you to enjoy!</p>\n\n<p class=\"speakerBio\"><strong>HighWiz</strong><br> HighWiz is born of glitter and moon beams and he has all the right moves. He is the things that sweet dreams are made of and nightmares long to be... Years ago, with the help of some very awesome people*, he set about to create an event that would give the n00bs of DEF CON a place to feel welcomed and further their own pursuit of knowledge. For years he has held onto the simple tenet that \"You get out of DEF CON what you put into it\". HighWiz is the fabled Man on the Mountain whom people seek to gain a taste of his forbidden knowledge.  He is a rare sighting at DEF CON only to be glimpsed by those lucky few. HighWiz is a member of the DEF CON CFP Review Board and Security Tribe. <br><br>*Some (but not all) of the people HighWiz would like to thank for helping to make 101 into what it is today : Runnerup, Wiseacre, Nikita, Roamer, Shaggy, Lockheed, Pyr0, Zac, V3rtgio, 1o57, Neil, Sethalump, AlxRogan, Jenn, Zant, MalwareUnicorn, Clutch, TheDarkTangent, Siviak, Ripshy, Valkyrie, Xodia, Flipper and all the members of Security Tribe. <br><br>@highwiz</p>\n<p class=\"speakerBio\"><strong>Nikita</strong><br> For over 15 years, Nikita has worked to ensure DEF CON runs as smoothly as one can expect from a hacker conference. In addition to planning a vast array of details prior to DEF CON and thwarting issues while onsite, she also serves as the Director of Content for the CFP Review Board. <br><br>@niki7a</p>\n<p class=\"speakerBio\"><strong>Roamer</strong><br> Appearing in a cloud of (cigarette) smoke, Roamer is a man full of whiskey and ideas. He has appeared at DEF CON since before (almost) the beginning.  He is a renown author, speaker, pontificator and is famous for giving the most entertaining Worldwide Wardrive talk.  He is also the Grand Vizier of All Things Vendor&mdash;you are welcome.  When Roamer speaks, people listen.  And often fall in love.</p>\n<p class=\"speakerBio\"><strong>Chris \"Suggy\" Sumner</strong><br> Chris \"Suggy\" Sumner is the polite one. He is a co-founder of the not-for-profit Online Privacy Foundation, who contribute to the field of online behavioural research. Suggy is also the CFP review board\'s undisputed fence sitting champion.<br><br>@5uggy</p>\n<p class=\"speakerBio\"><strong>Jericho</strong><br> Since 1992, Jericho has been poking about the hacker/security scene.  His experience has allowed him to develop (and deliver&mdash;often in the form of rants) a great perspective on many topics, mostly security related.  He has been a speaker at security conferences worldwide, primarily for the free travel to exotic locales. A founding member of Attrition.org, he was also the content manager for the Open Source Vulnerability Database (OSVDB) and an officer in the Open Security Foundation (OSF).  He is a champion of security industry integrity and small misunderstood creatures.  He epitomizes the saying, \"Why be a pessimist?  It won\'t work, anyway.\"<br><br>@attritionorg</p>\n<p class=\"speakerBio\"><strong>Wiseacre</strong><br> Wiseacre was introduced to DEF CON by Roamer.  Though he appeared at his first DEF CON because of the Capture the Flag contest, Roamer and HighWiz showed him how to make DEF CON so much more than simply attending the talks.  From then on he made a point to participate in as much as he could.  Of course, this was all within the limits of social anxiety so, if it allowed participation as a wallflower, he was in!  Now, he wants to make sure everyone else gets to know as much as possible about this year\'s conference.  In his private life, Mike hacks managers and is happy anyone listens to him at all.<br><br>wiseacre_mike</p>\n<p class=\"speakerBio\"><strong>Shaggy</strong><br> Shaggy has the Voice of Barry White, the brains of Albert Einstein and the soul of Bea Arthur. He has a few philosophies on life: He believes that while the righteous keep moving forward, those with clean hands become stronger and stronger . That the field of battle between God and Satan is the human soul. It is in the soul that the battle rages every moment of life. He also believes that one should Start by doing what\'s necessary; then do what\'s possible; and suddenly you are doing the impossible. Because You learn to speak by speaking, to study by studying, to run by running, to work by working, and just so, you learn to love by loving. All those who think to learn in any other way deceive themselves.</p>\n</article>\n\'',0,134739),('1_Thursday','16','15:30','17:15','Y','DEFCON','Track  101','\'DEF CON 101 Panel\'','\'HighWiz, Nikita, Roamer, Chris \"Suggy\" Sumner, Jericho, Wiseacre, Shaggy\'','dc__DC101','\'\'',0,134740),('1_Thursday','17','15:30','17:15','Y','DEFCON','Track  101','\'DEF CON 101 Panel\'','\'HighWiz, Nikita, Roamer, Chris \"Suggy\" Sumner, Jericho, Wiseacre, Shaggy\'','dc__DC101','\'\'',0,134741),('2_Friday','20','20:00','19:59','N','DEFCON','Octavius 9','\'D0 N0 H4RM: A Healthcare Security Conversation\'','\'Christian\"quaddi\" Dameff MD, Jeff \"r3plicant\" Tully MD, Kirill Levchenko PhD, Beau Woods, Roberto Suarez, Jay Radcliffe, Joshua','dc__Dameff','\'<article class=\"talk\" id=\"dc__Dameff\">\n<h3 class=\"talkTitle\">D0 N0 H4RM: A Healthcare Security Conversation</h3>\n	<p class=\"details\">Friday at 20:00 in Octavius 9<br>\n	Fireside Hax</p>\n<h4 class=\"speaker\">Christian\"quaddi\" Dameff MD<span class=\"speakerTitle\"> Emergency physician, Clinical Informatics fellow at The University of California San Diego.</span></h4>\n<h4 class=\"speaker\">Jeff \"r3plicant\" Tully MD<span class=\"speakerTitle\"> Pediatrician, Anesthesiologist, University of California Davis  </span></h4>\n<h4 class=\"speaker\">Kirill Levchenko PhD<span class=\"speakerTitle\"> Associate Professor of Computer Science, University of California San Diego</span></h4>\n<h4 class=\"speaker\">Beau Woods<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Roberto Suarez<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Jay Radcliffe<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Joshua Corman<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">David Nathans<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Healthcare cybersecurity is in critical condition. That\'s not FUD, that\'s the bottom line from the Congressionally mandated Health Care Industry Cybersecurity Task Force report released just last year, a year which also saw the twin specters of WannaCry and NotPetya take down entire hospital systems while over half a million implanted pacemakers were recalled in the fallout of one of the most (ir?)responsible disclosures in recent memory. It\'s enough to make any concerned white hat reach for a stiff drink. And that\'s where we come in. After an incredibly successful, near-fire-code-violating jam packed session at DC25 as an Evening Lounge, \'D0 N0 H4rm\' is diving deeper and going longer as it transforms into a Fireside Hax, assembling an even larger and more distinguished panel of expert hackers, policymakers, wonks, and health care providers to continue discussing, dissecting, and most importantly, debating the ways to keep patients safe in an increasingly perilous space. Featuring continuous audience interaction and with the same loose and informal flow that characterized the initial, libation rich hotel room gatherings, moderators quaddi and r3plicant invite you to add your voice to this incredibly important conversation. Pin this one down quickly, pre-registration is going to go fast.</p>\n\n<p class=\"speakerBio\"><strong>Christian \"quaddi\" Dameff MD</strong><br> Christian (quaddi) Dameff MD is an emergency medicine doctor, former open capture the flag champion, prior DEF CON speaker, and researcher. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients, and other Emergency Medicine related works with an emphasis on CPR optimization. Security research topics including hacking critical healthcare infrastructure, medical devices and the effects of malware on patient care. This is his fourteenth DEF CON. <br><br>@cdameffmd</p>\n<p class=\"speakerBio\"><strong>Jeff \"r3plicant\" Tully MD</strong><br> Jeff (r3plicant) Tully MD is an anesthesiologist, pediatrician, and researcher with an interest in understanding the ever-growing intersections between healthcare and technology. Prior to medical school he worked on\"hacking\" the genetic code of Salmonella bacteria to create anti-cancer tools, and throughout medical training has remained involved in the conversations and projects that will secure healthcare and protect our patients as we face a brave new world of remote care, implantable medical devices, and biohacking.<br><br>@jefftullymd</p>\n<p class=\"speakerBio\"><strong>Kirill Levchenko PhD</strong><br></p>\n<p class=\"speakerBio\"><strong>Beau Woods</strong><br> Beau Woods is a leader with the I Am The Cavalry grassroots initiative, an Entrepreneur in Residence at the US Food and Drug Administration, a Cyber Safety Innovation Fellow with the Atlantic Council, and Founder/CEO of Stratigos Security. Beau has consulted with Global 100 corporations, the White House, members of Congress, foreign governments, and NGOs on some of the most critical cybersecurity issues of our time. Beau\'s focus is on Internet of Things (IoT) technologies where cybersecurity intersects public safety and human life issues, including healthcare, automotive, energy, oil and gas, aviation, transportation, and other sectors. Beau is a published author, frequent public speaker, often quoted in media, and is often engaged for public or private speaking venues.</p>\n<p class=\"speakerBio\"><strong>Roberto Suarez</strong><br> Roberto Suarez is a product security and privacy professional in the medical device and healthcare IT industry. At BD, Roberto is responsible for developing a Product Security Center of Excellence that drives process, capability and maturity to build products that are secure by design with transparency and control in mind. Giving product teams exposure to cyber security training and events, building their in-house expertise and promoting a company-wide community for product security is what Roberto is passionate about.</p>\n<p class=\"speakerBio\"><strong>Jay Radcliffe</strong><br> Jay Radcliffe is a Senior Security Consultant and Researcher. He is an offensive penetration tester with a knack for hardware hacking and embedded device security. He has given dozens of presentations at conferences around the world including DEF CON and Blackhat including several on the security of insulin pumps.</p>\n<p class=\"speakerBio\"><strong>Joshua Corman</strong><br> Joshua Corman is a Founder of I am The Cavalry (dot org) and CSO for PTC. Corman previously served as Director of the Cyber Statecraft Initiative for the Atlantic Council, CTO for Sonatype, Director of Security Intelligence for Akamai, and in senior research &amp; strategy roles for The 451 Group and IBM Internet Security Systems. He co-founded RuggedSoftware and IamTheCavalry to encourage new security approaches in response to the world\'s increasing dependence on digital infrastructure. Josh\'s unique approach to security in the context of human factors, adversary motivations and social impact has helped position him as one of the most trusted names in security. He also serves as an adjunct faculty for Carnegie Mellon\'s Heinz College and on the 2016 HHS Cybersecurity Task Force.</p>\n<p class=\"speakerBio\"><strong>David Nathans</strong><br> David Nathans currently serves as a Product Security Manager for Siemens Healthcare, where he specializes in building cybersecurity programs and Security Operation Centers. Having previously held prominent positions in the defense, retail, managed security and healthcare industries, Nathans has a wealth of cybersecurity knowledge which he shares to help protect companies from this growing threat. His experiences and lessons learned also stem from his time building security programs at one of the largest breached retail companies in history as well as working all over the world as a cyber-operations officer for the U.S. Air Force</p>\n</article>\n\'',0,134742),('2_Friday','17','17:00','17:45','N','DEFCON','Track  101','\'Your Bank\'s Digital Side Door\'','\'Steven Danneman\'','dc__Danneman','\'<article class=\"talk\" id=\"dc__Danneman\">\n<h3 class=\"talkTitle\">Your Bank\'s Digital Side Door</h3>\n	<p class=\"details\">Friday at 17:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Steven Danneman<span class=\"speakerTitle\"> Security Engineer, Security Innovation</span></h4>\n<p class=\"abstract\">Why does my bank\'s website require my MFA token but Quicken sync does not? How is using Quicken or any personal financial software different from using my bank\'s website? How are they communicating with my bank? These questions ran through my head when balancing the family checkbook every month. <br><br>Answering these questions led me to deeply explore the 20 year old Open Financial Exchange (OFX) protocol and the over 3000 North American banks that support it. They led me to the over 30 different implementations running in the wild and to a broad and inviting attack surface presented by these banks\' digital side doors. <br><br>Now I\'d like to guide you through how your Quicken, QuickBooks, Mint.com, or even GnuCash applications are gathering your checking account transactions, credit card purchases, stock portfolio, and tax documents. We\'ll watch them flow over the wire and learn about the jumble of software your bank\'s IT department deploys to provide them. We\'ll discuss how secure these systems are, that keep track of your money, and we\'ll send a few simple packets at several banks and count the number of security WTFs along the way. <br><br>Lastly, I\'ll demo and release a tool that fingerprints an OFX service, describes its capabilities, and assesses its security.</p>\n\n<p class=\"speakerBio\"><strong>Steven Danneman</strong><br> Steven Danneman is a Security Engineer at Security Innovation in Seattle, WA, making software more secure through targeted penetration testing. Previously, he lead the development team responsible for all authentication and identity management within the OneFS operating system. Steven is also a finance geek, who opens bank accounts as a hobby and loves a debate about the efficient-market hypothesis.<br><br>@sdanndev, https://www.linkedin.com/in/sdanneman/, sdann-dev.blogspot.com</p>\n</article>\n\'',0,134743),('4_Sunday','15','15:00','15:45','N','DEFCON','Track 1','\'PANEL: DEF CON GROUPS\'','\'Brent White (B1TK1LL3R), Jeff Moss (The Dark Tangent), Jayson E. Street, S0ups, Tim Roberts (byt3boy), Casey Bourbonnais, April','dc__DCGPanel','\'<article class=\"talk\" id=\"dc__DCGPanel\">\n<h3 class=\"talkTitle\">PANEL: DEF CON GROUPS</h3>\n	<p class=\"details\">Sunday at 15:00 in Track 1<br>\n	45 minutes | Audience Participation</p>\n<h4 class=\"speaker\">Brent White (B1TK1LL3R)<span class=\"speakerTitle\"> DEF CON Groups Global Coordinator</span></h4>\n<h4 class=\"speaker\">Jeff Moss (The Dark Tangent)<span class=\"speakerTitle\"> Founder, DEF CON</span></h4>\n<h4 class=\"speaker\">Jayson E. Street<span class=\"speakerTitle\"> DEF CON Groups Global Ambassador</span></h4>\n<h4 class=\"speaker\">S0ups<span class=\"speakerTitle\"></span></h4>\n<h4 class=\"speaker\">Tim Roberts (byt3boy)<span class=\"speakerTitle\"></span></h4>\n<h4 class=\"speaker\">Casey Bourbonnais<span class=\"speakerTitle\"></span></h4>\n<h4 class=\"speaker\">April Wright<span class=\"speakerTitle\"></span></h4>\n<p class=\"abstract\">Do you love DEF CON? Do you hate having to wait for it all year? Well, thanks to DEF CON groups, you\'re able to carry the spirit of DEF CON with you year round, and with local people, transcending borders, languages, and anything else that may separate us!<br><br>In this special event, your DEF CON groups team who works behind the scenes to make DCG possible will introduce themselves and provide status updates. After we\'re done talking, the remainder of time will be an informal open floor right there in the room to mingle and talk all things DCG.<br><br>There will be a:<br><br>Designated area in the room for those wanting to start/join a group<br>Designated area in the room for those wanting to share project ideas</p>\n\n<p class=\"speakerBio\"><strong>Brent White (B1TK1LL3R)</strong><br>Bio Coming Soon</p>\n<p class=\"speakerBio\"><strong>Jeff Moss (The Dark Tangent)</strong><br>Bio Coming Soon</p>\n<p class=\"speakerBio\"><strong>Jayson E. Street</strong><br>Bio Coming Soon</p>\n<p class=\"speakerBio\"><strong>S0ups</strong><br>Bio Coming Soon</p>\n<p class=\"speakerBio\"><strong>Tim Roberts (byt3boy)</strong><br>Bio Coming Soon</p>\n<p class=\"speakerBio\"><strong>Casey Bourbonnais</strong><br>Bio Coming Soon</p>\n<p class=\"speakerBio\"><strong>April Wright</strong><br>Bio Coming Soon</p>\n</article>\n\'',0,134744),('2_Friday','16','16:00','16:45','N','DEFCON','Track 3','\'Your Voice is My Passport\'','\'_delta_zero, Azeem Aqil\'','dc__Delta','\'<article class=\"talk\" id=\"dc__Delta\">\n<h3 class=\"talkTitle\">Your Voice is My Passport</h3>\n	<p class=\"details\">Friday at 16:00 in Track 3<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">_delta_zero<span class=\"speakerTitle\"> Senior Data Scientist, Salesforce</span></h4>\n<h4 class=\"speaker\">Azeem Aqil<span class=\"speakerTitle\"> Senior Security Software Engineer, Salesforce</span></h4>\n<p class=\"abstract\">Financial institutions, home automation products, and offices near universal cryptographic decoders have increasingly used voice fingerprinting as a method for authentication. Recent advances in machine learning and text-to-speech have shown that synthetic, high-quality audio of subjects can be generated using transcripted speech from the target. Are current techniques for audio generation enough to spoof voice authentication algorithms? We demonstrate, using freely available machine learning models and limited budget, that standard speaker recognition and voice authentication systems are indeed fooled by targeted text-to-speech attacks. We further show a method which reduces data required to perform such an attack, demonstrating that more people are at risk for voice impersonation than previously thought.</p>\n\n<p class=\"speakerBio\"><strong>_delta_zero</strong><br> _delta_zero performs machine learning on log data by day, and writes his dissertation on malware datasets by night. He was voted\"most likely to create Skynet\" by @alexcpsec, and he toys with offensive uses for machine learning in his free time. He has spoken at BlackHat USA, DEF CON, SecTor, BSidesLV/Charm, and the NIPS workshop on Machine Deception.<br><br>@_delta_zero</p>\n<p class=\"speakerBio\"><strong>Azeem Aqil</strong><br> Azeem Aqil is a security engineer at Salesforce. He works on building and maintaining the detection and response infrastructure that powers Salesforce security. Azeem is an academic turned hacker who has published and spoken at various academic security conferences.</p>\n</article>\n\'',0,134745),('3_Saturday','13','13:30','13:50','N','DEFCON','Track 1','\'The ring 0 façade: awakening the processor\'s inner demons\'','\'Christopher Domas\'','dc__Domas1','\'<article class=\"talk\" id=\"dc__Domas1\">\n<h3 class=\"talkTitle\">The ring 0 façade: awakening the processor\'s inner demons</h3>\n	<p class=\"details\">Saturday at 13:30 in Track 1<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Christopher Domas<span class=\"speakerTitle\"> </span></h4>\n<p class=\"abstract\">Your computer is not yours. You may have shelled out thousands of dollars for it.  It may be sitting right there on your desk.  You may have carved your name deep into its side with a blowtorch and chisel. But it\'s still not yours. Some vendors are building secret processor registers into your system\'s hardware, only accessible by shadowy third parties with trusted keys. We as the end users are being intentionally locked out and left in the dark, unable to access the heart of our own processors, while select organizations are granted full control of the internals of our CPUs. In this talk, we\'ll demonstrate our work on how to probe for and unlock these previously invisible secret registers, to break into all-powerful features buried deep within the processor core, to finally take back our own computers.</p>\n\n<p class=\"speakerBio\"><strong>Christopher Domas</strong><br> Christopher Domas is a security researcher and embedded systems engineer, currently investigating scalable IoT security.  He is best known for releasing impractical solutions to non-existent problems, including the world\'s first single instruction C compiler (M/o/Vfuscator), toolchains for generating images in program control flow graphs (REpsych), showing that all programs can be reduced to the same instruction stream (reductio), and the branchless DOOM meltdown mitigations.  His more relevant work includes the sandsifter processor fuzzer, the binary visualization tool ..cantor.dust.., and the memory sinkhole x86 privilege escalation exploit.<br><br>@xoreaxeaxeax</p>\n</article>\n\'',0,134746),('2_Friday','14','14:00','14:45','N','DEFCON','Track 1','\'GOD MODE UNLOCKED: Hardware Backdoors in [redacted] x86 CPUs\'','\'Christopher Domas\'','dc__Domas2','\'<article class=\"talk\" id=\"dc__Domas2\">\n<h3 class=\"talkTitle\">GOD MODE UNLOCKED: Hardware Backdoors in [redacted] x86 CPUs</h3>\n	<p class=\"details\">Friday at 14:00 in Track 1<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Christopher Domas<span class=\"speakerTitle\"> </span></h4>\n<p class=\"abstract\">Complexity is increasing. Trust eroding. In the wake of Spectre and Meltdown, when it seems that things cannot get any darker for processor security, the last light goes out. This talk will demonstrate what everyone has long feared but never proven: there are hardware backdoors in some x86 processors, and they\'re buried deeper than we ever imagined possible. While this research specifically examines a third-party processor, we use this as a stepping stone to explore the feasibility of more widespread hardware backdoors.</p>\n\n<p class=\"speakerBio\"><strong>Christopher Domas</strong><br> Christopher Domas is a security researcher and embedded systems engineer, currently investigating scalable IoT security.  He is best known for releasing impractical solutions to non-existent problems, including the world\'s first single instruction C compiler (M/o/Vfuscator), toolchains for generating images in program control flow graphs (REpsych), showing that all programs can be reduced to the same instruction stream (reductio), and the branchless DOOM meltdown mitigations.  His more relevant work includes the sandsifter processor fuzzer, the binary visualization tool ..cantor.dust.., and the memory sinkhole x86 privilege escalation exploit.<br><br>@xoreaxeaxeax</p>\n</article>\n\'',0,134747),('2_Friday','11','11:00','11:45','N','DEFCON','Track 2','\'One-liners to Rule Them All\'','\'egypt, William Vu\'','dc__Egypt','\'<article class=\"talk\" id=\"dc__Egypt\">\n<h3 class=\"talkTitle\">One-liners to Rule Them All</h3>\n	<p class=\"details\">Friday at 11:00 in Track 2<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">egypt<span class=\"speakerTitle\"> Security Analyst, Black Hills Information Security</span></h4>\n<h4 class=\"speaker\">William Vu<span class=\"speakerTitle\"> Security Researcher, Rapid7</span></h4>\n<p class=\"abstract\"> It began with the forging of the command line. And some things that should not have been forgotten, were lost. History became legend, legend became myth. <br><br>  Sometimes you just need to pull out the third column of a CSV file. Sometimes you just need to sort IP addresses. Sometimes you have to pull out IP addresses from the third column and sort them, but only if the first column is a particular string and for some reason the case is random. <br><br>  In this DEF CON 101 talk, we\'ll cover a ton of bash one-liners that we use to speed up our hacking. Along the way, we\'ll talk about the concepts behind each of them and how we apply various strategies to accomplish whatever weird data processing task comes up while testing exploits and attacking a network.</p>\n\n<p class=\"speakerBio\"><strong>egypt</strong><br>   egypt is a penetration tester for Black Hills Information Security and a contributor to the Metasploit Project. He is not a country.<br><br>@egyp7</p>\n<p class=\"speakerBio\"><strong>William Vu</strong><br>   William Vu is a security researcher at Rapid7 who works on the Metasploit Project.</p>\n</article>\n\'',0,134748),('4_Sunday','13','13:30','13:50','N','DEFCON','Track 2','\'Lost and Found Certificates: dealing with residual certificates for pre-owned domains\'','\'Ian Foster, Dylan Ayrey\'','dc__Foster','\'<article class=\"talk\" id=\"dc__Foster\">\n<h3 class=\"talkTitle\">Lost and Found Certificates: dealing with residual certificates for pre-owned domains</h3>\n	<p class=\"details\">Sunday at 13:30 in Track 2<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Ian Foster<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Dylan Ayrey<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">When purchasing a new domain name you would expect that you are the only one who can obtain a valid SSL certificate for it, however that is not always the case. When the domain had a prior owner(s), even several years prior, they may still possess a valid SSL certificate for it and there is very little you can do about it. <br><br>Using Certificate Transparency, we examined millions of domains and certificates and found thousands of examples where the previous owner for a domain still possessed a valid SSL certificate for the domain long after it changed ownership. We will review the results from our ongoing large scale quantitative analysis over past and current domains and certificates. We\'ll explore the massive scale of the problem, what we can do about it, how you can protect yourself, and a proposed process change to make this less of a problem going forwards. <br><br>We end by introducing BygoneSSL, a new tool and dashboard that shows an up to date view of affected domains and certificates using publicly available DNS data and Certificate Transparency logs. BygoneSSL will demonstrate how widespread the issue is, let domain owners determine if they could be affected, and can be used to track the number of affected domains over time.</p>\n\n<p class=\"speakerBio\"><strong>Ian Foster</strong><br> Ian enjoys researching systems and networking problems and solutions in an effort to make the world more secure. He has published research papers analyzing the new gTLD land rush and crawling and parsing most WHOIS records. From demonstrating how insecure aftermarket OBD \"dongles\" can be used to compromise and take over automobiles; to measuring the paths an email traverses online with encryption in an effort to increase integrity, authenticity, and confidentiality; and more. During the day Ian is a Security Engineer fighting for the users.</p>\n<p class=\"speakerBio\"><strong>Dylan Ayrey</strong><br> Dylan is a security engineer, who in his free time authors lots of open source projects, such as truffleHog. He graduated college in 2015 and has been working in security ever since.</p>\n</article>\n\'',0,134749),('4_Sunday','10','10:00','10:45','N','DEFCON','Track 2','\'Defending the 2018 Midterm Elections from Foreign Adversaries\'','\'Joshua M Franklin , Kevin Franklin\'','dc__Franklin','\'<article class=\"talk\" id=\"dc__Franklin\">\n<h3 class=\"talkTitle\">Defending the 2018 Midterm Elections from Foreign Adversaries </h3>\n	<p class=\"details\">Sunday at 10:00 in Track 2<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Joshua M Franklin <span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Kevin Franklin<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Election Buster is an open source tool created in 2014 to identify malicious domains masquerading as candidate webpages and voter registration systems. During 2016, fake domains were used to compromise credentials of a Democratic National Committee (DNC) IT services company, and foreign adversaries probed voter registration systems. The tool now cross-checks domain information against open source threat intelligence feeds, and uses a semi-autonomous scheme for identifying phundraising and false flag sites via ensembled data mining and deep learning techniques. We identified Russian nationals registering fake campaign sites, candidates deploying defensive&mdash;and offensive&mdash;measures against their opponents, and candidates unintentionally exposing sensitive PII to the public. This talk provides an analysis of our 2016 Presidential Election data, and all data recently collected during the 2018 midterm elections. The talk also details technological and procedural measures that government offices and campaigns can use to defend themselves.</p>\n\n<p class=\"speakerBio\"><strong>Joshua M Franklin </strong><br> Joshua Franklin has over a decade of experience working with election technology, and is a security engineer at the National Institute of Standards and Technology (NIST) focusing on cellular and electronic voting security. Prior to NIST, Joshua worked at the U.S. Election Assistance Commission gathering hands-on experience with a variety of voting technologies. Joshua managed federal certification efforts and alongside election officials, labs, and manufacturers across the United States. Joshua recently co-chaired the Election Cybersecurity Working Group, and was the principal author for the security portions of the next generation of federal voting system standards.</p>\n<p class=\"speakerBio\"><strong>Kevin Franklin</strong><br> Kevin Franklin has several decades of technology experience in big data. He possesses an undergraduate degree in Engineering from Mississippi State University and a masters degree in Computer Science from Southern Polytechnic University.</p>\n</article>\n\'',0,134750),('4_Sunday','10','10:00','10:45','N','DEFCON','Track 3','\'For the Love of Money: Finding and exploiting vulnerabilities in mobile point of sales systems\'','\'Leigh-Anne Galloway, Tim Yunusov\'','dc__Galloway','\'<article class=\"talk\" id=\"dc__Galloway\">\n<h3 class=\"talkTitle\">For the Love of Money: Finding and exploiting vulnerabilities in mobile point of sales systems</h3>\n	<p class=\"details\">Sunday at 10:00 in Track 3<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Leigh-Anne Galloway<span class=\"speakerTitle\"> Cyber Security Resilience Lead, Positive Technologies</span></h4>\n<h4 class=\"speaker\">Tim Yunusov<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">These days it\'s hard to find a business that doesn\'t accept faster payments. Mobile Point of Sales (mPOS) terminals have propelled this growth lowering the barriers for small and micro-sized businesses to accept non-cash payments. Older payment technologies like mag-stripe still account for the largest majority of all in-person transactions. This is complicated further by the introduction of new payment standards such as NFC. As with each new iteration in payment technology, inevitably weaknesses are introduced into this increasingly complex payment eco-system. <br><br>In this talk, we ask, what are the security and fraud implications of removing the economic barriers to accepting card payments; and what are the risks associated with continued reliance on old card standards like mag-stripe? In the past, testing for payment attack vectors has been limited to the scope of individual projects and to those that have permanent access to POS and payment infrastructure. Not anymore! <br><br>In what we believe to be the most comprehensive research conducted in this area, we consider four of the major mPOS providers spread across the US and Europe; Square, SumUp, iZettle and Paypal. We provide live demonstrations of new vulnerabilities that allow you to MitM transactions, send arbitrary code via Bluetooth and mobile application, modify payment values for mag-stripe transactions, and a vulnerability in firmware; DoS to RCE. Using this sampled geographic approach, we are able to show the current attack surface of mPOS and, to predict how this will evolve over the coming years. <br><br>For audience members that are interested in integrating testing practices into their organization or research practices, we will show you how to use mPOS to identify weaknesses in payment technologies, and how to remain undetected in spite of anti-fraud and security mechanisms.</p>\n\n<p class=\"speakerBio\"><strong>Leigh-Anne Galloway</strong><br> Leigh-Anne Galloway is a Security Researcher who specializes in the areas of application and payment security. Leigh-Anne started her career in incident response, leading investigations into payment card data breaches. This is where she discovered her passion for security advisory and payment technologies. She has presented and authored research on ATM security, application security and payment technology vulnerabilities, and has previously spoken at DevSecCon, BSides, Hacktivity, 8dot8, OWASP, and Troopers.<br><br>@L_AGalloway</p>\n<p class=\"speakerBio\"><strong>Tim Yunusov</strong><br> Tim Yunusov is a Senior Expert in the area of banking security and application security. He has authored multiple research in these areas including \"Apple Pay replay attacks\" (Black Hat USA 2017), \"7 sins of ATM protection against logical attacks\" (PacSec, POC), \"Bruteforce of PHPSESSID\", \"XML Out-Of-Band\" (Black Hat EU), and is rated in the Top Ten Web Hacking Techniques by WhiteHat Security. He regularly speaks at conferences and has previously spoken at CanSecWest, Black Hat USA, Black Hat EU, HackInTheBox, Nullcon, NoSuchCon, Hack In Paris, ZeroNights and Positive Hack Days.<br><br>@a66at</p>\n</article>\n\'',0,134751),('2_Friday','12','12:00','12:45','N','DEFCON','Track  101','\'It\'s Assembler, Jim, but not as we know it: (ab)using binaries from embedded devices for fun and profit\'','\'Morgan ``indrora\'\' Gangwere\'','dc__Gangwere','\'<article class=\"talk\" id=\"dc__Gangwere\">\n<h3 class=\"talkTitle\">It\'s Assembler, Jim, but not as we know it: (ab)using binaries from embedded devices for fun and profit</h3>\n	<p class=\"details\">Friday at 12:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Morgan ``indrora\'\' Gangwere<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">With the proliferation of Linux-based SoCs -- you\'ve likely got one or two in your house, on your person or in your pocket -- it is often useful to look \"under the hood\" at what is running; Additionally, in-situ debugging may be unavailable due to read-only filesystems, memory is often limited, and other factors keep us from attacking a live device. This talk looks at attacking binaries outside their native environment using QEMU, the Quick Emulator, as well as techniques for extracting relevant content from devices and exploring them.</p>\n\n<p class=\"speakerBio\"><strong>Morgan ``indrora\'\' Gangwere</strong><br> Morgan is a student at the University of New Mexico where he studies an unrelated topic entirely, but does network security because it\'s interesting. Previously, he\'s spoken on subjects such as web proxies, community engagement, and typesetting. He started working with computers when he was a young child and hasn\'t given them up since, even if his wrists seem to disagree.</p>\n</article>\n\'',0,134752),('2_Friday','15','15:00','15:45','N','DEFCON','Track 2','\'Playback: a TLS 1.3 story\'','\'Alfonso García Alguacil, Alejo Murillo Moya\'','dc__García','\'<article class=\"talk\" id=\"dc__García\">\n<h3 class=\"talkTitle\">Playback: a TLS 1.3 story</h3>\n	<p class=\"details\">Friday at 15:00 in Track 2<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Alfonso García Alguacil<span class=\"speakerTitle\"> Senior Penetration Tester, Cisco</span></h4>\n<h4 class=\"speaker\">Alejo Murillo Moya<span class=\"speakerTitle\"> Red Team Lead EMEAR, Cisco</span></h4>\n<p class=\"abstract\">TLS 1.3 is the new secure communication protocol that should be already with us. One of its new features is 0-RTT (Zero Round Trip Time Resumption) that could potentially allow replay attacks. This is a known issue acknowledged by the TLS 1.3 specification, as the protocol does not provide replay protections for 0-RTT data, but proposed countermeasures that would need to be implemented on other layers, not at the protocol level. Therefore, the applications deployed with TLS 1.3 support could end up exposed to replay attacks depending on the implementation of those protections. <br><br>      This talk will describe the technical details regarding the TLS 1.3 0-RTT feature and its associated risks. It will include Proof of Concepts (PoC) showing real-world replay attacks against TLS 1.3 libraries and browsers. Finally, potential solutions or mitigation controls would be discussed that will help to prevent those attacks when deploying software using a library with TLS 1.3 support.</p>\n\n<p class=\"speakerBio\"><strong>Alfonso García Alguacil</strong><br> Alfonso Garcia Alguacil is a penetration tester and security consultant with 7 years of experience. Words like exploit, code or binary would quickly catch his attention. He currently works at Cisco as a senior security consultant.</p>\n<p class=\"speakerBio\"><strong>Alejo Murillo Moya</strong><br>  Alejo Murillo Moya has been always passionate about security with 10+ years of experience as a penetration tester and security consultant, achieving during that journey important technical certifications like CREST and GIAC GSE. He is currently working at Cisco as a red teaming lead and managing security consultant.</p>\n</article>\n\'',0,134753),('3_Saturday','14','14:00','14:45','N','DEFCON','Track  101','\'Having fun with IoT: Reverse Engineering and Hacking of Xiaomi IoT Devices\'','\'Dennis Giese\'','dc__Giese','\'<article class=\"talk\" id=\"dc__Giese\">\n<h3 class=\"talkTitle\">Having fun with IoT: Reverse Engineering and Hacking of Xiaomi IoT Devices</h3>\n	<p class=\"details\">Saturday at 14:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Dennis Giese<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">While most IoT accessory manufacturers have a narrow area of focus, Xiaomi, an Asian based vendor, controls a vast IoT ecosystem, including smart lightbulbs, sensors, cameras, vacuum cleaners, network speakers, electric scooters and even washing machines. In addition, Xiaomi also manufactures smartphones. Their products are sold not only in Asia, but also in Europe and North America. The company claims to have the biggest IoT platform worldwide.<br><br>\n\nIn my talk, I will give a brief overview of the most common, Wi-Fi based, Xiaomi IoT devices. Their devices may have a deep integration in the daily life (like vacuum cleaners, smart toilet seats, cameras, sensors, lights).<br><br>\n\nI will focus on the features, computational power, sensors, security and ability to root the devices. Let’s explore how you can have fun with the devices or use them for something useful, like mapping Wi-Fi signal strength while vacuuming your house. I will also cover some interesting things I discovered while reverse engineering Xiaomi\'s devices and discuss which protections were deployed by the developers (and which not).<br><br>\n\nBe prepared to see the guts of many of these devices. We will exploit them and use them to exploit other devices.</p>\n\n<p class=\"speakerBio\"><strong>Dennis Giese</strong><br>Dennis is a grad student at TU Darmstadt and a researcher at Northeastern University. He was a member of one european ISP\'s CERT for several years.<br><br>\n\nWhile being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kind of devices.<br><br>\n\nHis latest victim is the Xiaomi IoT cloud. Hehas presented at the Chaos Communication Congress and the REcon BRX.</p>\n</article>\n\'',0,134754),('3_Saturday','20','20:00','19:59','N','DEFCON','Octavius 9','\'Beyond the Lulz:  Black-Hat Trolling, White-Hat Trolling, Attacking and Defending Our Attention Landscape\'','\'Matt Goerzen, Dr. Jeanna Matthews, Joan Donovan\'','dc__Goerzen','\'<article class=\"talk\" id=\"dc__Goerzen\">\n<h3 class=\"talkTitle\">Beyond the Lulz:  Black-Hat Trolling, White-Hat Trolling, Attacking and Defending Our Attention Landscape</h3>\n	<p class=\"details\">Saturday at 20:00 in Octavius 9<br>\n	Fireside Hax |</p>\n<h4 class=\"speaker\">Matt Goerzen<span class=\"speakerTitle\"> Researcher, Data &amp; Society</span></h4>\n<h4 class=\"speaker\">Dr. Jeanna Matthews<span class=\"speakerTitle\"> Fellow at Data &amp; Society, Associate Professor of Computer Science at Clarkson University</span></h4>\n<h4 class=\"speaker\">Joan Donovan<span class=\"speakerTitle\"> Media Manipulation/Platform Accountability Research Lead, Data and Society in Manhattan</span></h4>\n<p class=\"abstract\">White hat or critical grey hat trolling? Trolling as art? Trolling as hybrid warfare? Trolling as propaganda? In this Fireside Hax, we will challenge your assumptions about trolling. Trolls are attention hackers, using social and technical means to bait journalists, set agendas, game media gatekeepers, and direct audiences. Sometimes they also have fun. We will discuss a range of trolling techniques like sockpuppeting, dogpiling, doxing, attention honeypots, and cognitive denial of service attacks that we have not seen concisely catalogued elsewhere. We will also discuss high-profile examples of trolling such as\"training\" the Microsoft Tay chatbot, fake Antifa accounts, Russian sockpuppet accounts, and Phineas Fisher\'s use of Hacking Team\'s twitter account--and ask attendees to consider each as black hat attacks or grey hat attempts to point out critical societal vulnerabilities that should be\"patched.\" We will also talk about\"troll the troll\" accounts like ImposterBuster and YesYoureRacist and the role\"white hat trolls\" might play in auditing platforms or proposing platform-based controls. Time permitting, we will discuss art projects that trollishly critiqued the European Commission, Google AdSense, and the NSA. This will not be a lecture and it will not shy away from controversy. Join two members of the Media Manipulation Team at Data &amp; Society to collectively consider the role trolling can play in pointing out the flaws in our attention/media landscape.</p>\n\n<p class=\"speakerBio\"><strong>Matt Goerzen</strong><br> Matt Goerzen studies trolling techniques and cultures as part of the Media Manipulation team at Data &amp; Society. He\'s also applied many of the techniques in the art world, for example by once developing an absurdist AdSense campaign ostensibly designed to sell a hideous sculpture to art collector Shaquille O\'Neal, but more accurately designed to piggyback off of free clickbait media attention to inform readers about psychometric ad tech practices. He has written an academic study of contemporary artists who function as what he calls\"critical trolls,\" arguing that trolling can be seen as an extension of the politicized attentional strategies used by the 20th-century avant-garde. His current work at Data &amp; Society focuses on mapping the way white supremacists and state actors have appropriated trolling techniques for use in influence operations as a form of\"bottom-up agenda setting.\"</p>\n<p class=\"speakerBio\"><strong>Dr. Jeanna Matthews</strong><br> Jeanna Matthews is an associate professor of Computer Science at Clarkson University and a 2017-18 fellow at Data and Society where she has been collaborating with the Media Manipulation team. She was a speaker and DEF CON 23 and 24, both times on the topic of vulnerabilities in virtual networks. Her broader research interests include virtualization, cloud computing, computer security, computer networks, operating systems and algorithmic accountability and transparency. Jeanna received her Ph.D. in Computer Science from the University of California at Berkeley and is an ACM Distinguished Speaker.<br><br>@jeanna_matthews</p>\n<p class=\"speakerBio\"><strong>Joan Donovan</strong><br> Joan Donovan is the Media Manipulation/Platform Accountability Research Lead at Data and Society in Manhattan. After completing her PhD in Sociology  and Science Studies at the University of California San Diego, she was a postdoctoral fellow at the UCLA Institute for Society and Genetics, where she researched white supremacists\' use of DNA ancestry tests, social movements, and technology. For several years, Joan has conducted action research with different networked social movements in order to map and improve the communication infrastructures built by protesters. In her role as a participant, she identifies information bottlenecks, decodes algorithmic behavior, and connects organizations with other like-minded networks.</p>\n</article>\n\'',0,134755),('1_Thursday','11','11:00','11:45','N','DEFCON','Track  101','\'Pwning \"the toughest target\": the exploit chain of winning the largest bug bounty in the history of ASR program\'','\'Guang Gong, Wenlin Yang, Jianjun Dai\'','dc__Gong','\'<article class=\"talk\" id=\"dc__Gong\">\n<h3 class=\"talkTitle\">Pwning \"the toughest target\": the exploit chain of winning the largest bug bounty in the history of ASR program</h3>\n	<p class=\"details\">Thursday at 11:00 in 101 Track, Flamingo<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">Guang Gong<span class=\"speakerTitle\"> Alpha Team at Qihoo 360</span></h4>\n<h4 class=\"speaker\">Wenlin Yang<span class=\"speakerTitle\"> Alpha Team at Qihoo 360</span></h4>\n<h4 class=\"speaker\">Jianjun Dai<span class=\"speakerTitle\"> Security researcher of Qihoo360 Alpha Team</span></h4>\n<p class=\"abstract\">In recent years, Google has made many great efforts in exploit mitigation and attack surface reduction to strengthen the security of android system. It is becoming more and more difficult to remotely compromise Android phones especially Google’s Pixel phone.<br><br>\n\nThe Pixel phone is protected by many layers of security. It was the only device that was not pwned in the 2017 Mobile Pwn2Own competition. But our team discovered a remote exploit chain—the first of its kind since the Android Security Rewards (ASR) program expansion, which could compromise The Pixel phone remotely. The exploit chain was reported to Android security team directly. They took it seriously and patched it quickly. Because of the severity and our detailed report, we were awarded the highest reward ($112,500) in the history of the ASR program.<br><br>\n\nIn this talk we will detail how we used the exploit chain to inject arbitrary code into system_server process and get system user permissions. The exploit chain includes two bugs, CVE-2017-5116 and CVE-2017-14904. CVE-2017-5116 is a V8 engine bug related with Webassembly and SharedArrayBuffer. It is used to get remote code execution in sandboxed Chrome render process. CVE-2017-14904 is a bug in Android\'s libgralloc module that is used to escape from the sandbox. The way we used for sandbox escaping is very interesting, rarely talked about before. All details of vulnerabilities and mitigation bypassing techniques will be given in this talk.</p>\n\n<p class=\"speakerBio\"><strong>Guang Gong</strong><br> Guang Gong (@oldfresher) is a senior security researcher of Qihoo360 and the team leader of 360 Alpha Team. His research interests included Windows rootkits, virtualization and cloud computing. He currently focuses on mobile security, especially on hunting and exploiting Android\'s vulnerabilities. He has spoken at several security conferences such as Black Hat, CanSecWest, PHDays, SyScan360, MOSEC, PacSec and so on. He is the winner of Mobile Pwn2Own 2015(the target: Nexus 6), Pwn0Rama 2016 (the category of mobile devices), Pwn2Own 2016 (the target: Chrome), PwnFest 2016(the target: Pixel XL), Mobile Pwn2Own 2017(the target: Galaxy S8).<br><br>@oldfresher</p>\n<p class=\"speakerBio\"><strong>Wenlin Yang</strong><br> Wenlin Yang is a junior researcher of Qihoo 360 and the team member of 360 Alpha Team. He currently focuses on Android\'s vulnerabilities. He has submitted multiple bugs to Google and several other vendors in China and received some acknowledgments.</p>\n<p class=\"speakerBio\"><strong>Jianjun Dai</strong><br> Jianjun Dai (@Jioun_dai) is a security researcher of Qihoo360 Alpha Team, he focus on Android system security research, vulnerability hunting and exploiting development. Previously, he is a security developer, major work include network protocol analysis, vulnerability detection, botnet and backdoor detection, sandbox technology research and development, etc. He have been in Android vulnerability research for more than two years, he found lots of vulnerabilities in AOSP, and won the Bug Bounty. He is a speaker at the CanSecWest conference.</p>\n</article>\n\'',0,134756),('2_Friday','10','10:00','10:45','N','DEFCON','Track 2','\'De-anonymizing Programmers from Source Code and Binaries\'','\'Rachel Greenstadt, Dr. Aylin Caliskan\'','dc__Greenstadt','\'<article class=\"talk\" id=\"dc__Greenstadt\">\n<h3 class=\"talkTitle\">De-anonymizing Programmers from Source Code and Binaries</h3>\n	<p class=\"details\">Friday at 10:00 in Track 2<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">Rachel Greenstadt<span class=\"speakerTitle\"> Associate Professor, Drexel University</span></h4>\n<h4 class=\"speaker\">Dr. Aylin Caliskan<span class=\"speakerTitle\"> Assistant professor of Computer Science, George Washington University</span></h4>\n<p class=\"abstract\">Many hackers like to contribute code, binaries, and exploits under pseudonyms, but how anonymous are these contributions really? In this talk, we will discuss our work on programmer de-anonymization from the standpoint of machine learning. We will show how abstract syntax trees contain stylistic fingerprints and how these can be used to potentially identify programmers from code and binaries. We perform programmer de-anonymization using both obfuscated binaries, and real-world code found in single-author GitHub repositories and the leaked Nulled.IO hacker forum.</p>\n\n<p class=\"speakerBio\"><strong>Rachel Greenstadt</strong><br> Dr. Rachel Greenstadt (PI) is an Associate Professor of Computer Science at Drexel University where she teaches graduate-level courses in computer security, privacy, and machine learning. She founded the Privacy, Security, and Automation Laboratory at Drexel University in 2008. Dr. Greenstadt was among the first to explore the effect of adversarial attacks on stylometric methods, and the first to demonstrate empirically how stylometric methods can fail in adversarial settings while succeeding in non-adversarial settings. <br><br>She has a history of speaking at hacker conferences including DEF CON 14, ShmooCon 2009, 31C3, and 32C3. <br><br>Dr. Greenstadt\'s scholarship has been recognized by the privacy research community. She is an alum of the DARPA Computer Science Study Group and a recipient of the NSF CAREER Award. Her work has received the PET Award for Outstanding Research in Privacy Enhancing Technologies and the Andreas Pfitzmann Best Student Paper Award. She currently serves as co-editor-in-chief of the journal Proceedings on Privacy Enhancing Technologies (PoPETs).  Her research has been featured in the New York Times, the New Republic, Der Spiegel, and other local and international media outlets.<br><br>@ragreens</p>\n<p class=\"speakerBio\"><strong>Dr. Aylin Caliskan</strong><br> Aylin Caliskan is an assistant professor of computer science at George Washington University. Her research interests include the emerging science of bias in machine learning, fairness in artificial intelligence, data privacy, and security. Her work aims to characterize and quantify aspects of natural and artificial intelligence using a multitude of machine learning and language processing techniques. In her recent publication in Science, she demonstrated how semantics derived from language corpora contain human-like biases. In addition, she developed novel privacy attacks to de-anonymize programmers using code stylometry. Her presentations on both de-anonymization and bias in machine learning are the recipients of best talk awards. Her work on semi-automated anonymization of writing style furthermore received the Privacy Enhancing Technologies Symposium Best Paper Award. Her research has received extensive press coverage across the globe. Aylin holds a PhD in Computer Science from Drexel University and a Master of Science in Robotics from the University of Pennsylvania. She has previously spoken at 29C3, 31C3, 32C3, and 33C3.<br><br>@aylin_cim</p>\n</article>\n\'',0,134757),('2_Friday','16','16:00','16:45','N','DEFCON','Track  101','\'Automated Discovery of Deserialization Gadget Chains\'','\'Ian Haken\'','dc__Haken','\'<article class=\"talk\" id=\"dc__Haken\">\n<h3 class=\"talkTitle\">Automated Discovery of Deserialization Gadget Chains</h3>\n	<p class=\"details\">Friday at 16:00 in 101 Track, Flamingo<br>\n	45 minutes | Tool</p>\n<h4 class=\"speaker\">Ian Haken<span class=\"speakerTitle\"> Senior Security Software Engineer, Netflix</span></h4>\n<p class=\"abstract\">Although vulnerabilities stemming from the deserialization of untrusted data have been understood for many years, unsafe deserialization continues to be a vulnerability class that isn\'t going away. Attention on Java deserialization vulnerabilities skyrocketed in 2015 when Frohoff and Lawrence published an RCE gadget chain in the Apache Commons library and as recently as last year\'s Black Hat, Muñoz and Miroshis presented a survey of dangerous JSON deserialization libraries. While much research and automated detection technology has so far focused on the discovery of vulnerable entry points (i.e. code that deserializes untrusted data), finding a \"gadget chain\" to actually make the vulnerability exploitable has thus far been a largely manual exercise. In this talk, I present a new technique for the automated discovery of deserialization gadget chains in Java, allowing defensive teams to quickly identify the significance of a deserialization vulnerability and allowing penetration testers to quickly develop working exploits. At the conclusion we will also be releasing a FOSS toolkit which utilizes this methodology and has been used to successfully develop many deserialization exploits in both internal applications and open source projects.</p>\n\n<p class=\"speakerBio\"><strong>Ian Haken</strong><br> Ian Haken is a senior security software engineer at Netflix where he works on the platform security team to develop tools and services that defend the Netflix platform. Before working at Netflix, he spent two years as security researcher at Coverity where he developed defensive application security tools and helped to develop automated discovery of security vulnerabilities through static software analysis. He received his Ph.D. in mathematics from the University of California, Berkeley in 2014 with a focus in computability theory and algorithmic information theory.</p>\n</article>\n\'',0,134758),('2_Friday','14','14:00','14:45','N','DEFCON','Track 2','\'4G&mdash;Who is paying your cellular phone bill?\'','\'Dr. Silke Holtmanns, Isha Singh\'','dc__Holtmanns','\'<article class=\"talk\" id=\"dc__Holtmanns\">\n<h3 class=\"talkTitle\">4G&mdash;Who is paying your cellular phone bill?</h3>\n	<p class=\"details\">Friday at 14:00 in Track 2<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Dr. Silke Holtmanns<span class=\"speakerTitle\"> Distinguished Member of Technical Staff, Security Expert, Nokia Bell Labs</span></h4>\n<h4 class=\"speaker\">Isha Singh<span class=\"speakerTitle\"> Master student, Aalto University in Helsinki (Finland</span></h4>\n<p class=\"abstract\">Cellular networks are connected with each other through a worldwide private, but not unaccessible network, called IPX network. Through this network user related information is exchanged for roaming purposes or for cross-network communication. This private network has been breached by criminals and nation states. Cellular networks are extremely complex and many attacks have been already been found e.g. DoS, location tracking, SMS interception, data interception. Many attacks have been seen in practice, but not all attack are understood and not all attack avenues using the IPX network have been explored. This presentation shows how a S9 interface in 4G networks, which is used for charging related user information exchange between operators can be exploited to perform fraud attacks. A demonstration with technical details will be given and guidance on practical countermeasures.</p>\n\n<p class=\"speakerBio\"><strong>Dr. Silke Holtmanns</strong><br> Silke is a security expert at Nokia Bell Labs (Research branch of Nokia). She holds a PhD in Mathematics and has 18 years of experience in mobile security research and standardization. In her current research she investigates new and existing mobile network security attacks using SS7, Diameter and GTP protocols via the interconnection network and how to counter those attacks in 4G/5G networks. She found many 4G related IPX attacks and countermeasures e.g. Location Tracking (NATO CyCon), DoS (Black Hat EU 2016), cellular data interception (34C3 Chaos Computer Congress). She drives in the operator association GSMA the security of cellular network and being responsible there for the Diameter Signaling Security Specification. She served as a special matter expert on cellular security to the US Federal Communication Commission and to the European Union Agency for Network and Information Security. She is rapporteur of ten 3GPP security specifications and has a long track record of security publications. <br><br>Currently, she is actively supporting the 5G Roaming security developments. For her the interesting part is fixing problems in world wide network without breaking it, not finding an issue.<br><br>@SHoltmanns</p>\n<p class=\"speakerBio\"><strong>Isha Singh</strong><br> Isha is a master student at Aalto University in Helsinki (Finland) and doing her Thesis research work at Nokia Bell Labs under supervision of Professor Raimo Kantola. She is completing her Master\'s in Wireless Communication as major subject and Machine Learning as minor. Her research covers smart city environmental perception from ambient cellular signals and 5G Ubiquitous sensing. She is passionate about IoT devices and their security in 5G scenario. She has experiences on embedded devices (Arduino, Raspberry Pi) for multiple projects like Analog to Digital converter used in optical communication. Presently she is exploring Cybersecurity, starting from the mobile communication core network security. Testing for vulnerabilities and loopholes and providing solutions using Machine Learning.</p>\n</article>\n\'',0,134759),('4_Sunday','12','12:00','12:45','N','DEFCON','Track  101','\'Breaking Smart Speakers: We are Listening to You.\'','\'Wu HuiYu, Qian Wenxiang\'','dc__HuiYu','\'<article class=\"talk\" id=\"dc__HuiYu\">\n<h3 class=\"talkTitle\"> Breaking Smart Speakers: We are Listening to You.</h3>\n	<p class=\"details\">Sunday at 12:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Wu HuiYu<span class=\"speakerTitle\"> Security Researcher At Tencent Blade Team</span></h4>\n<h4 class=\"speaker\">Qian Wenxiang<span class=\"speakerTitle\"> Security Researcher At Tencent Blade Team</span></h4>\n<p class=\"abstract\">In the past two years, smart speakers have become the most popular IoT device, Amazon_ Google and Apple have introduced their own smart speaker products. Most of these smart speakers have natural language recognition, chat, music playback, IoT device control, shopping, and so on. Manufacturers use artificial intelligence technology to make smart speakers have similar human capabilities in the chat conversation. However, with the smart speakers coming into more and more homes, and the function is becoming more powerful, its security has been questioned by many people. People are worried that smart speakers will be hacked to leak their privacy, and our research proves that this concern is very necessary.<br><br>In this talk, we will present how to use multiple vulnerabilities to achieve remote attack some of the most popular smart speakers. Our final attack effects include silent listening, control speaker speaking content and other demonstrations. And we\'re also going to talk about how to extract firmware from BGA packages Flash chips such as EMMC, EMCP, NAND Flash, etc. In addition, it contains how to turn on debug interfaces and get root privileges by modifying firmware content and Re-soldering Flash chips, which can be of great help for subsequent vulnerability analysis and debugging. Finally, we will play several demo videos to demonstrate how we can remotely access some Smart Speaker Root permissions and use smart speakers for eavesdropping and playing voice.</p>\n\n<p class=\"speakerBio\"><strong>Wu HuiYu</strong><br>  Wu HuiYu is a security researcher at Tencent Blade Team of Tencent Security Platform Department. Now his job is mainly focus on IoT security research and mobile security research. He is also a bug hunter, winner of GeekPwn 2015, and speaker of HITB 2018 AMS &amp; POC2017.</p>\n<p class=\"speakerBio\"><strong>Qian Wenxiang</strong><br> Qian Wenxiang is a security researcher at the Tencent Blade Team of Tencent Security Platform Department. His is focusing on security research of IoT devices. He also performed security audits for web browsers. He was on the top 100 of annual MSRC list (2016 &amp; 2017 ).  He published a book called \"Whitehat Talk About Web Browser Security \".</p>\n</article>\n\'',0,134760),('4_Sunday','13','13:30','13:50','N','DEFCON','Track 3','\'Edge Side Include Injection: Abusing Caching Servers into SSRF and Transparent Session Hijacking\'','\'ldionmarcil\'','dc__Ldionmarcil','\'<article class=\"talk\" id=\"dc__Ldionmarcil\">\n<h3 class=\"talkTitle\">Edge Side Include Injection: Abusing Caching Servers into SSRF and Transparent Session Hijacking</h3>\n	<p class=\"details\">Sunday at 13:30 in Track 3<br>\n	20 minutes | Demo</p>\n<h4 class=\"speaker\">ldionmarcil<span class=\"speakerTitle\"> Pentester at GoSecure</span></h4>\n<p class=\"abstract\">When caching servers and load balancers became an integral part of the Internet\'s infrastructure, vendors introduced \"Edge Side Includes\" (ESI), a technology allowing malleability in caching systems. This legacy technology, still implemented in nearly all popular HTTP surrogates (caching/load balancing services), is dangerous by design and brings a yet unexplored vector for web-based attacks. <br><br>The ESI language consists of a small set of instructions represented by XML tags, served by the backend application server, which are processed on the Edge servers (load balancers, reverse proxies). Due to the upstream-trusting nature of Edge servers, ESI engines are not able to distinguish between ESI instructions legitimately provided by the application server and malicious instructions injected by a malicious party. We identified that ESI can be used to perform SSRF, bypass reflected XSS filters (Chrome), and perform Javascript-less cookie theft, including HTTPOnly cookies. <br><br>Identified affected vendors include Akamai, Varnish, Squid, Fastly, WebSphere, WebLogic, F5, and countless language-specific solutions (NodeJS, Ruby, etc.). This presentation will start by introducing ESI and visiting typical infrastructures leveraging it. We will then delve into identification, exploitation of popular ESI engines, and mitigation.</p>\n\n<p class=\"speakerBio\"><strong>ldionmarcil</strong><br> Louis is a Security Analyst working at GoSecure in Montreal where he specializes in offensive appsec and pentest on medium to large scale organizations. Seasoned CTF participant and sometimes finalist with the DCIETS team, he has also written challenges for various competitions. Having recently obtained his Software Engineering degree, he dabbles in various research engagements between pentests.<br><br>@ldionmarcil</p>\n</article>\n\'',0,134761),('3_Saturday','14','14:00','14:30','N','DEFCON','Track 2','\'Digital Leviathan: a comprehensive list of Nation-State Big Brothers (from huge to little ones\'','\'Eduardo Izycki, Rodrigo Colli\'','dc__Izycki','\'<article class=\"talk\" id=\"dc__Izycki\">\n<h3 class=\"talkTitle\">Digital Leviathan: a comprehensive list of Nation-State Big Brothers (from huge to little ones</h3>\n	<p class=\"details\">Saturday at 14:00 in Track 2<br>\n	20 minutes |</p>\n<h4 class=\"speaker\">Eduardo Izycki<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Rodrigo Colli<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">In his notorious book Leviathan, the XVII century English philosopher Thomas Hobbes stated that: we should give our obedience to an unaccountable sovereign otherwise what awaits us is a state of nature that closely resembles civil war&mdash;a situation of universal insecurity. It looks like a lot of current political leaders have red and found the teachings of Hobbes applicable to modern day online life.<br><br>We witness the rise of the Digital Leviathan. The same apps and applications that people use to connect, express opinions and dissatisfaction are used by governments (even democratic ones) to perform surveillance and censorship.<br><br>This talk will focus on evidence of Nation-State spying, performing surveillance, and censorship. The aim is to present a systematical approach of data regarding cyber attacks against political targets (NGO/political groups/media outlets/opposition), acquisition and/or use of spywares from private vendors, requested content/metadata from social media/content providers, and blocking of websites/censorship reported by multiple sources.<br><br>The findings of the research imply that: <br>- 25 nations that have already used cyber offensive capabilities against political targets. <br>- 60 nations acquired/developed spyware.<br>- 117 nations requested content/metadata from social media/content providers.<br>- 21 countries perform some level of censorship to online content.</p>\n\n<p class=\"speakerBio\"><strong>Eduardo Izycki</strong><br> Eduardo Izycki and Rodrigo Colli are both independent researchers with experience on information security and incident response. They worked in private-public task force for threat and risk assessment to major events in Brazil during the Confederations Cup 2013, World Cup 2014 and Olympic Games 2016.</p>\n<p class=\"speakerBio\"><strong>Rodrigo Colli</strong><br></p>\n</article>\n\'',0,134762),('2_Friday','12','12:00','12:45','N','DEFCON','Track 1','\'Vulnerable Out of the Box: An Evaluation of Android Carrier Devices\'','\'Ryan Johnson, Angelos Stavrou\'','dc__Johnson','\'<article class=\"talk\" id=\"dc__Johnson\">\n<h3 class=\"talkTitle\">Vulnerable Out of the Box: An Evaluation of Android Carrier Devices</h3>\n	<p class=\"details\">Friday at 12:00 in Track 1<br>\n	45 minutes | Audience Participation, Exploit</p>\n<h4 class=\"speaker\">Ryan Johnson<span class=\"speakerTitle\"> Director of Research at Kryptowire</span></h4>\n<h4 class=\"speaker\">Angelos Stavrou<span class=\"speakerTitle\"> CEO at Kryptowire</span></h4>\n<p class=\"abstract\">Pre-installed apps and firmware pose a risk due to vulnerabilities that can be pre-positioned on a device, rendering the device vulnerable on purchase. This means that the vulnerabilities are present even before the user enables wireless communications and starts installing third-party apps. To quantify the exposure of the Android end-users to vulnerabilities residing within pre-installed apps and firmware, we analyzed a wide range of Android vendors and carriers using devices spanning from low-end to flagship. Our primary focus was exposing pre-positioned threats on Android devices sold by United States (US) carriers, although our results affect devices worldwide. We will provide details of vulnerabilities in devices from all four major US carriers, as well two smaller US carriers, among others. The vulnerabilities we discovered on devices offered by the major US carriers are the following: arbitrary command execution as the system user, obtaining the modem logs and logcat logs, wiping all user data from a device (i.e., factory reset), obtaining and modifying a user’s text messages, sending arbitrary text messages, and getting the phone numbers of the user’s contacts, and more. All of the aforementioned capabilities are obtained outside of the normal Android permission model. Including both locked and unlocked devices, we provide details for 37 unique vulnerabilities affecting 25 Android devices with 11 of them being sold by US carriers. In this talk, we will present our framework that is capable of discovering 0-day vulnerabilities from binary firmware images and applications at scale allowing us to continuously monitor devices across different manufacturers and firmware versions. During the talk, we plan to perform a live demo of how our system works.</p>\n\n<p class=\"speakerBio\"><strong>Ryan Johnson</strong><br>Ryan Johnson is a PhD student at George Mason University in Fairfax, VA. His research interests are static and dynamic analysis of Android apps and reverse engineering. He is a co-founder of Kryptowire LLC.</p>\n<p class=\"speakerBio\"><strong>Angelos Stavrou</strong><br>Dr. Angelos Stavrou founded Kryptowire LLC, and he is an Associate Professor at George Mason University (GMU) and the Director of the Center for Assurance Research and Engineering (CARE) at GMU.</p>\n</article>\n\'',0,134763),('2_Friday','11','11:00','11:45','N','DEFCON','Track 1','\'NSA Talks Cybersecurity\'','\'Rob Joyce\'','dc__Joyce','\'<article class=\"talk\" id=\"dc__Joyce\">\n<h3 class=\"talkTitle\">NSA Talks Cybersecurity</h3>\n	<p class=\"details\">Friday at 11:00 in Track 1<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">Rob Joyce<span class=\"speakerTitle\"> </span></h4>\n<p class=\"abstract\">The National Security Agency (NSA) has authorities for both foreign intelligence and cyber security.  This unique position gives NSA insights into the ways networks are exploited and the methods that are effective in defending against threats.  Over time, NSA has adapted the focus of its security efforts and continues to evolve with technologies and the adversaries we face.  The talk will look back at some of the inflection points that have influenced NSA and US Government cybersecurity efforts and look at what is necessary to stay safe in the new environment.\n</p>\n\n<p class=\"speakerBio\"><strong>Rob Joyce</strong><br>Rob Joyce (@RGB_Lights) has been with the Nation Security Agency (NSA) for 29 years and has led organizations doing both foreign intelligence and cybersecurity work.  He is the Senior Advisor for Cybersecurity, having recently returned from the White House as the Cybersecurity Coordinator where he worked national policy, synchronizing activity across the government and partners.  His previous assignment was leading Tailored Access Operations (TAO), the organization developing tools, techniques and capabilities to exploit computers for NSA\'s foreign intelligence mission.  Prior to that, he was the Deputy Director for Information Assurance, overseeing the protection of national security systems, which includes the nation\'s cryptographic key material, classified networks and warfighting networks.  In his spare time, Rob builds a computerized Christmas light show.  His most recent display was likely visible from the International Space Station. In addition to an infatuation with Christmas light displays, he helped a Boy Scout troop built catapults for the annual Punkin Chunkin competition until lawyers ruined it for all of us.</p>\n</article>\n\'',0,134764),('3_Saturday','12','12:00','12:45','N','DEFCON','101 Track','\'Building Absurd Christmas Light Shows\'','\'Rob Joyce\'','dc__Joyce2','\'<article class=\"talk\" id=\"dc__Joyce2\">\n<h3 class=\"talkTitle\">Building Absurd Christmas Light Shows</h3>\n	<p class=\"details\">Saturday at 12:00 in 101 Track<br>\n	45 minutes</p>\n<h4 class=\"speaker\">Rob Joyce<span class=\"speakerTitle\"> </span></h4>\n<p class=\"abstract\">Learn about the elements that go into a computerized light display and how you outfit your own house with dazzling blinking lights set to music.  Components of the show are individually explained and live demonstrations of the technology are on display.  Come get inspired to computerize your  own holiday cheer!</p>\n\n<p class=\"speakerBio\"><strong>Rob Joyce</strong><br>Rob Joyce (@RGB_Lights) has been with the Nation Security Agency (NSA) for 29 years and has led organizations doing both foreign intelligence and cybersecurity work.  He is the Senior Advisor for Cybersecurity, having recently returned from the White House as the Cybersecurity Coordinator where he worked national policy, synchronizing activity across the government and partners.  His previous assignment was leading Tailored Access Operations (TAO), the organization developing tools, techniques and capabilities to exploit computers for NSA\'s foreign intelligence mission.  Prior to that, he was the Deputy Director for Information Assurance, overseeing the protection of national security systems, which includes the nation\'s cryptographic key material, classified networks and warfighting networks.  In his spare time, Rob builds a computerized Christmas light show.  His most recent display was likely visible from the International Space Station. In addition to an infatuation with Christmas light displays, he helped a Boy Scout troop built catapults for the annual Punkin Chunkin competition until lawyers ruined it for all of us.</p>\n</article>\n\'',0,134765),('2_Friday','13','13:30','13:50','N','DEFCON','Track 1','\'Dragnet&mdash;Your Social Engineering Sidekick\'','\'Truman Kain\'','dc__Kain','\'<article class=\"talk\" id=\"dc__Kain\">\n<h3 class=\"talkTitle\">Dragnet&mdash;Your Social Engineering Sidekick</h3>\n	<p class=\"details\">Friday at 13:30 in Track 1<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Truman Kain<span class=\"speakerTitle\"> Security Associate, Tevora</span></h4>\n<p class=\"abstract\">First, Dragnet collects dozens of OSINT data points on past and present social engineering targets. Then, using conversion data from previous engagements, Dragnet provides recommendations for use on your current targets: phishing templates, vishing scripts and physical pretexts- all to increase conversions with minimal effort. Finally, features like landing page cloning and domain registration (alongside your standard infrastructure deployment, call scheduling and email delivery) make Dragnet one hell of a catch.</p>\n\n<p class=\"speakerBio\"><strong>Truman Kain</strong><br> Truman Kain has taken everything he has learned as a web designer, internet marketer and mobile developer, and applied these insights directly into the development and experience of Dragnet. Why shouldn\'t your go-to social-engineering tool be as smooth and intuitive as your favorite mobile app?</p>\n</article>\n\'',0,134766),('4_Sunday','14','14:00','14:45','N','DEFCON','Track 1','\'Your Watch Can Watch You! Gear Up for the Broken Privilege Pitfalls in the Samsung Gear Smartwatch\'','\'Dongsung Kim, Hyoung-Kee Choi\'','dc__Kim','\'<article class=\"talk\" id=\"dc__Kim\">\n<h3 class=\"talkTitle\">Your Watch Can Watch You! Gear Up for the Broken Privilege Pitfalls in the Samsung Gear Smartwatch</h3>\n	<p class=\"details\">Sunday at 14:00 in Track 1<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Dongsung Kim<span class=\"speakerTitle\"> Graduate Student, Sungkyunkwan University</span></h4>\n<h4 class=\"speaker\">Hyoung-Kee Choi<span class=\"speakerTitle\"> Professor, Sungkyunkwan University</span></h4>\n<p class=\"abstract\">You buy a brand-new smartwatch. You receive emails and send messages, right on your wrist. How convenient, this mighty power! But great power always comes with great responsibility. Smartwatches hold precious information just like smartphones, so do they actually fulfill their responsibilities?<br><br>\n\nIn this talk, we will investigate if the Samsung Gear smartwatch series properly screens unauthorized access to user information. More specifically, we will focus on a communication channel between applications and system services, and how each internal Tizen OS components play the parts in access control.<br><br>\n\nBased on the analysis, we have developed a new simple tool to discover privilege violations in Tizen-based products. We will present an analysis on the Gear smartwatch which turns out to include a number of vulnerabilities in system services.<br><br>\n\nWe will disclose several previously unknown exploits in this presentation. They enable an unprivileged application to take over the wireless services, the user’s email account, and more. Further discussions will center on the distribution of those exploits through a registered application in the market, and the causes of the vulnerabilities in detail.</p>\n\n<p class=\"speakerBio\"><strong>Dongsung Kim</strong><br>Dongsung Kim is a graduate student at Sungkyunkwan University, South Korea. After developing software as a profession for several years, his interests have shifted to Internet security. He participated in bug bounty programs like Jet, The New York Times, United Airlines, and at his own university. His research interests span from reverse engineering to web security.<br><br>@kid1ng</p>\n<p class=\"speakerBio\"><strong>Hyoung-Kee Choi</strong><br>Prof. Hyoung-Kee Choi received his Ph.D. in electrical and computer engineering from Georgia Institute of Technology in 2001. He is a professor at Sungkyunkwan University, South Korea. He joined Lancope in 2001 until his leave in 2004, where he guided and contributed to research in Internet security. His research interests span network security and vulnerability assessment.</p>\n</article>\n\'',0,134767),('4_Sunday','13','13:00','13:30','N','DEFCON','Track 2','\'Micro-Renovator: Bringing Processor Firmware up to Code\'','\'Matt King\'','dc__King','\'<article class=\"talk\" id=\"dc__King\">\n<h3 class=\"talkTitle\">Micro-Renovator: Bringing Processor Firmware up to Code</h3>\n	<p class=\"details\">Sunday at 13:00 in Track 2<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Matt King<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">The mitigations for Spectre highlighted a weak link in the patching process for many users: firmware (un)availability. While updated microcode was made publicly available for many processors, end-users are unable to directly consume it. Instead, platform and operating system vendors need to distribute firmware and kernel patches which include the new microcode. Inconsistent support from those vendors has left millions of users without a way to consume these critical security updates, until now. Micro-Renovator provides the ability to apply microcode updates without modifying either platform firmware or the operating system, through simple (and reversible) modifications to the EFI boot partition.</p>\n\n<p class=\"speakerBio\"><strong>Matt King</strong><br> Matt is a security geek responsible for ensuring platform and firmware trust at a cloud service provider, and dedicates an inordinate amount of time to updating firmware as a result. He has pen tested a broad range of systems as a product security validation lead at a prominent processor vendor, and has a history of rendering all manner of computing devices inoperable.</p>\n</article>\n\'',0,134768),('4_Sunday','11','11:00','11:45','N','DEFCON','Track  101','\'Searching for the Light: Adventures with OpticSpy\'','\'Joe Grand\'','dc__Kingpin','\'<article class=\"talk\" id=\"dc__Kingpin\">\n<h3 class=\"talkTitle\">Searching for the Light: Adventures with OpticSpy</h3>\n	<p class=\"details\">Sunday at 11:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Joe Grand<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">In the counter-future where we, the dissidents and hackers, have control of technology, sending secret messages through blinkenlights can let us exchange information without being detected by dystopian leaders. By modulating light in a way that the human eye cannot see, this simple, yet clever, covert channel lets us hide in plain sight. To decode such transmissions, we must employ some sort of optical receiver.<br><br>\n\nEnter OpticSpy, an open source hardware module that captures, amplifies, and converts an optical signal from a visible or infrared light source into a digital form that can be analyzed or decoded with a computer. This presentation provides a brief history of covert channels and optical communications, explores the development process and operational details of OpticSpy, and gives a variety of demonstrations of the unit in action.</p>\n\n<p class=\"speakerBio\"><strong>Joe Grand</strong><br> Joe Grand (@joegrand), also known as Kingpin, is a computer engineer, hardware hacker, former DEF CON badge designer, teacher, advisor, runner, daddy, honorary doctor, TV host, member of legendary hacker group L0pht Heavy Industries, and the proprietor of Grand Idea Studio (grandideastudio.com). He has been creating, exploring, and manipulating electronic systems since the 1980s.<br><br>@joegrand</p>\n</article>\n\'',0,134769),('4_Sunday','12','12:00','12:45','N','DEFCON','Track 3','\'Designing and Applying Extensible RF Fuzzing Tools to Expose PHY Layer Vulnerabilities\'','\'Matt Knight, Ryan Speers\'','dc__Knight','\'<article class=\"talk\" id=\"dc__Knight\">\n<h3 class=\"talkTitle\">Designing and Applying Extensible RF Fuzzing Tools to Expose PHY Layer Vulnerabilities</h3>\n	<p class=\"details\">Sunday at 12:00 in Track 3<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Matt Knight<span class=\"speakerTitle\"> Senior Security Engineer, Cruise Automation</span></h4>\n<h4 class=\"speaker\">Ryan Speers<span class=\"speakerTitle\"> Director of Research, Ionic Security</span></h4>\n<p class=\"abstract\">In this session, we introduce an open source hardware and software framework for fuzzing arbitrary RF protocols, all the way down to the PHY.  While fuzzing has long been relied on by security researchers to identify software bugs, applying fuzzing methodologies to RF and hardware systems has historically been challenging due to siloed tools and the limited capabilities of commodity RF chipsets.<br><br>\n\nWe created the TumbleRF fuzzing orchestration framework to address these shortfalls by defining core fuzzing logic while abstracting a hardware interface API that can be mapped for compatibility with any RF driver.  Thus, supporting a new radio involves merely extending an API, rather than writing a protocol-specific fuzzer from scratch.<br><br>\n\nAdditionally, we introduce Orthrus, a low-cost 2.4 GHz offensive radio tool that provides PHY-layer mutability to offer Software Defined Radio-like features in a flexible and low-latency embedded form factor.  By combining the two, researchers will be able to fuzz and test RF protocols with greater depth and precision than ever before.<br><br>\n\nAttendees can expect to leave this talk with an understanding of how RF and hardware physical layers actually work, and how to identify security issues that lie latent in these designs.</p>\n\n<p class=\"speakerBio\"><strong>Matt Knight</strong><br> Matt Knight (@embeddedsec) is a Senior Security Engineer with Cruise Automation, where he works on securing autonomous cars and the infrastructure that supports them. Matt also leads the RF practice at River Loop Security, an embedded systems security and design consultancy. With specific interests in RF networks and physical layers, he notably reverse engineered the LoRa PHY based on blind signal analysis, and has run several trainings on RF reverse engineering fundamentals. Matt holds a BE in Electrical Engineering from Dartmouth College.<br><br>@embeddedsec</p>\n<p class=\"speakerBio\"><strong>Ryan Speers</strong><br> Ryan Speers (@rmspeers) is a security researcher and developer who enjoys embedded systems, low-power radio protocols, and reversing proprietary systems. He has worked in offensive and defensive roles on networks, Windows, micro controllers, and many things in-between. As co-founder at River Loop Security, he tests embedded systems for security issues, and helps clients build more secure systems. He is also Director of Research for Ionic Security where he leads system and cryptographic research. He has previously spoken at a number of security conferences and written some articles for journals ranging from peer-reviewed academic publications to PoC||GTFO.<br><br>@rmspeers</p>\n</article>\n\'',0,134770),('3_Saturday','10','10:00','10:45','N','DEFCON','Track  101','\'Through the Eyes of the Attacker: Designing Embedded Systems Exploits for Industrial Control Systems\'','\'Jos Wetzels, Marina Krotofil\'','dc__Krotofil','\'<article class=\"talk\" id=\"dc__Krotofil\">\n<h3 class=\"talkTitle\">Through the Eyes of the Attacker: Designing Embedded Systems Exploits for Industrial Control Systems</h3>\n	<p class=\"details\">Saturday at 10:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Jos Wetzels<span class=\"speakerTitle\"> Security Researcher, Midnight Blue Labs</span></h4>\n<h4 class=\"speaker\">Marina Krotofil<span class=\"speakerTitle\"> ICS/SCADA Security Professional</span></h4>\n\n<p class=\"abstract\">In 2017 a malware framework dubbed TRITON (also referred to as TRISIS or HatMan) was discovered targeting a petrochemical plant in Saudi Arabia. TRITON was designed to compromise the Schneider Electric Triconex line of Safety Instrumented Systems (SIS), potentially in order to cause physical damage. TRITON is the most complex publicly known ICS attack framework to date and the first publicly known one to target safety controllers. While the functionality of the malware is understood, little is known about the complexity of developing such an implant. The goal of this talk is to provide the audience with a “through the eyes of the attacker” experience in designing advanced embedded systems exploits & implants for Industrial Control Systems (ICS). Attendees will learn about the background of the TRITON incident, the process of reverse-engineering and exploiting ICS devices and developing implants and OT payloads as part of a cyber-physical attack and will be provided with details on real-world ICS vulnerabilities and implant strategies.<br><br>\n\nIn the first part of the talk we will provide an introduction to ICS attacks in general and the TRITON incident in particular. We will outline the danger of TRITON being repurposed by copycats and estimate the complexity and development cost of such offensive ICS capabilities.<br><br>\n\nIn the second and third parts of the talk we will discuss the process of exploiting ICS devices to achieve code execution and developing ICS implants and OT payloads. We will discuss real-world ICS vulnerabilities and present several implant scenarios such as arbitrary code execution backdoors (as used in TRITON), pin configuration attacks, protocol handler hooking to spoof monitored signal values, suppressing interrupts & alarm functionality, preventing implant removal and control logic restoration and achieving cross-boot persistence. We will discuss several possible OT payload scenarios and how these could be implemented on ICS devices such as the Triconex safety controllers.<br><br>\n\nIn the final part of the talk we\'ll wrap up our assessment of the complexity & cost of developing offensive ICS capabilities such as the TRITON attack and offer recommendations to defenders and ICS vendors.</p>\n	\n<p class=\"speakerBio\"><strong>Jos Wetzels</strong><br> Jos Wetzels is an independent security researcher with Midnight Blue specializing in embedded systems security across various domains ranging from industrial and automotive systems to IoT and networking equipment. He previously worked as a researcher at the Distributed and Embedded Security group (DIES) at the University of Twente (UT) where he developed exploit mitigation solutions for constrained Industrial Control Systems (ICS) used in critical infrastructure, performed various security analyses of state-of-the-art network and host-based intrusion detection systems and has been involved in the AVATAR research project regarding on-the-fly detection and containment of unknown malware and Advanced Persistent Threats. He has assisted teaching hands-on offensive security classes for graduate students at the Dutch Kerckhoffs Institute for several years.<br><br>@s4mvartaka</p>\n\n<p class=\"speakerBio\"><strong>Marina Krotofil</strong><br> Marina Krotofil is an experienced ICS/SCADA professional. She previously worked as a Principal Analyst in Cyber-Physical group at FireEye (USA), Lead Cyber Security Researcher at Honeywell (USA) and as a Senior Security Consultant at the European Network for Cyber Security (Netherlands). She spent seven years researching on offensive Industrial Control Systems (ICS) security: discovering and weaponizing unique attack vectors, engineering damage scenarios and understanding attacker techniques when exploiting ICS. Marina offensive security skills serves her well during Incident Responses, ICS malware analysis and when engineering defenses. She authored more than 20 academic and white papers on ICS security and is a frequent speaker at the leading security events around the world. She holds MBA in Technology Management, MSc in Telecommunication and MSc in Information and Communication Systems.<br><br>@marmusha</p>\n\n</article>\n\'',0,134771),('2_Friday','17','17:00','17:45','N','DEFCON','Track 2','\'The L0pht Testimony, 20 Years Later (and Other Things You Were Afraid to Ask)\'','\'L0pht Heavy Industries, Elinor Mills, DilDog, Joe Grand, Kingpin, Space Rogue, Mudge, Silicosis , John Tan, Weld Pond\'','dc__L0pht','\'<article class=\"talk\" id=\"dc__L0pht\">\n<h3 class=\"talkTitle\">The L0pht Testimony, 20 Years Later (and Other Things You Were Afraid to Ask)</h3>\n	<p class=\"details\">Friday at 17:00 in Track 2<br>\n	45 minutes | Audience Participation</p>\n<h4 class=\"speaker\">L0pht Heavy Industries<span class=\"speakerTitle\"> Hacker Collective</span></h4>\n<h4 class=\"speaker\">Elinor Mills<span class=\"speakerTitle\"> Senior Vice President of Content and Media Strategy at Bateman Group</span></h4>\n<h4 class=\"speaker\">DilDog<span class=\"speakerTitle\"> Hacker, Co-Founder, Veracode</span></h4>\n<h4 class=\"speaker\">Joe Grand, Kingpin<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Space Rogue<span class=\"speakerTitle\"> Global Strategy Lead for X-Force Red, IBM</span></h4>\n<h4 class=\"speaker\">Mudge<span class=\"speakerTitle\"> Head of Security, Stripe.</span></h4>\n<h4 class=\"speaker\">Silicosis <span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">John Tan<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Weld Pond<span class=\"speakerTitle\"> Hacker, Co-Founder, Veracode</span></h4>\n<p class=\"abstract\">2018 is the 20th anniversary of the hacker think-tank L0pht Heavy Industries testimony before the US Senate Homeland Security &amp; Governmental Affairs Committee on the topic of weak computer security in government. The testimony made national news when the group announced they could take down the Internet in 30 minutes. It was also the first-time hackers using handles appeared before a US Legislative body. <br><br>Members of the L0pht have grown from their hacker roots to become distinguished leaders and contributors in the security community and beyond. They run multi-million dollar security-focused organizations, have lobbied the government for better security laws, work for some of the largest companies in the world, and continue to spread the message of the positive aspects of hacking. <br><br>With several of the L0pht\'s original members, this discussion will cover the original testimony and the changes that have happened over the last 20 years. Is the government any more secure? Have they provided enough influence to help protect its citizens\' data? What steps should we take to ensure user security and privacy in the future? We are hoping for audience participation and also welcome questions about any other time in the L0pht\'s relatively short, but poignant, existence.</p>\n\n<p class=\"speakerBio\"><strong>L0pht Heavy Industries</strong><br> L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. The L0pht was one of the first viable hackerspaces in the US, and a pioneer of coordinated disclosure. In May, 1998, the group testified in front of a US Senate committee on weak computer security in government where they famously exclaimed they could take down the Internet in 30 minutes.</p>\n<p class=\"speakerBio\"><strong>Elinor Mills</strong><br> Elinor Mills has been intrigued by hackers since she covered DEF CON III as a journalist in 1995. Following four years reporting for the Associated Press, she joined IDG News Service and for an early travel assignment headed off to the Las Vegas desert for the annual hacker pilgrimage (a trek she\'s taken more than a dozen times since). There she learned about the nuances of hacking, delighted in the Spot-the-Fed contests and met youth who would one day be leaders in securing the internet today. She went on to reporting jobs at The Industry Standard, Reuters and CNET over the next two decades covering a variety of tech topics, but her main interest remained security and the passion and intellectual drive of the people looking for the flaws that threaten our digital lives. Today, she helps hackers and security entrepreneurs spread the gospel as Senior Vice President of Content and Media Strategy at Bateman Group. Software may be eating the world, but hackers are keeping it safe.<br><br>@elinormills</p>\n<p class=\"speakerBio\"><strong>DilDog</strong><br> DilDog joined the L0pht shortly after graduating from MIT, leaving his job at a major bank to work on a password cracker in a warehouse with a bunch of hacker misfits. Thankfully, that wasn\'t as ridiculous as it sounded, and it turned out that L0phtCrack would be kind of a big deal. He\'s still the primary maintainer of the codebase today, 20 years later. Also at L0pht and @stake, he developed AntiSniff, a promiscuous-mode device detection system, wrote a bunch of security advisories, and developed a fine cDc-brand remote administration tool named Back Orifice 2000. Also at L0pht and throughout the @stake acquisition, he developed an automated software decompilation system that would become the core of the static analysis technology for the startup he and Chris Wysopal would found in 2006, Veracode.</p>\n<p class=\"speakerBio\"><strong>Joe Grand, Kingpin</strong><br>Joe Grand, also known as Kingpin, is a computer engineer, hardware hacker, former DEF CON badge designer, and proprietor of Grand Idea Studio (grandideastudio.com). He joined the L0pht as a 16-year-old in 1992. The youngest member and technological juvenile delinquent, the L0pht kept him out of trouble and helped redirect his passion towards good. Kingpin worked on the POCSAG Pager Decoder Kit, AMPS-based cellular phone hacking, and Palm OS application development, among other things. He was also a t-shirt shipper, food picker-upper, MIT Flea Market hawker, and terrified speaker at the US Senate Testimony in 1998. Kingpin was responsible for getting everyone sick in his attempt at making the infamous L0pht R00t B33r. He still hasn\'t apologized.<br><br>@joegrand</p>\n<p class=\"speakerBio\"><strong>Space Rogue</strong><br> Space Rogue (Cris Thomas) joined the L0pht in 1992. While there he created one of the first Macintosh hacking sites, The Whacked Mac Archives and released an early MacOS exploit for FWB Hard Disk ToolKit. Later, while still at the L0pht he created and ran the Hacker News Network. He was part of the L0pht\'s US Senate Testimony in 1998. After the L0pht Space Rogue went on to work at security companies such as @Stake, Guardent, Trustwave and Tenable. He currently works as the Global Strategy Lead for X-Force Red at IBM.<br><br>@spacerog</p>\n<p class=\"speakerBio\"><strong>Mudge</strong><br> Mudge was responsible for early research into a type of security vulnerability known as the buffer overflow. He also published some of the first security advisories and research demonstrating early vulnerabilities such as code injection, side-channel attacks, and information leaks. In addition to these advisories he has had numerous technical papers published in peer reviewed journals. <br><br>Mudge has testified to the US Congress multiple times in addition to having a long history of teaching and lecturing at universities, military academies, and government agencies. He was the initial author of L0phtCrack and the author of early BGP attacks made famous in testimony to the US Senate referencing how to \'take down the Internet in 30 minutes.\' <br><br>In 2010 he took an appointed position as a Department of Defense official within the Defense Advanced Research Projects Agency (DARPA), where he was responsible for redirecting the DoD\'s cyber research efforts.  After his tenure at DARPA he was corporate VP of engineering at Motorola, and then the Deputy Director of Google\'s Advanced Technology and Projects group, before starting the 501(c)3 organization Cyber-ITL at the behest of the White House. He is presently Head of Security at Stripe.<br><br>@dotmudge</p>\n<p class=\"speakerBio\"><strong>Silicosis </strong><br> Silicosis (Paul Nash) joined the l0pht in 1998 and contributed to vulnerability research, with a focus on network protocols. In 1999, along with Mudge, he consulted with Marcus Ranum\'s new startup&mdash;Network Flight Recorder. Paul wrote a series of hybrid protocol analysis &amp; anomaly detectors for the common protocols of the time.  They successfully identified both known and unknown attacks. He continued on as a founder of @stake and continued research on network protocols&mdash;including fiber channel and 3G cellular networking.  Paul was the last member of the L0pht to remain at Symantec after the acquisition.</p>\n<p class=\"speakerBio\"><strong>John Tan</strong><br> John Tan joined the L0pht in 1996 contributing to the Full Disclosure movement with an advisory on Novell Netware 3.x.  He was part of the L0pht\'s 1998 US Senate Testimony and published a widely cited essay called CyberUL which pointed out the conflict of interest that exists with the still current model of security certifications for people and products.  He has over 20 years experience within the Financial industry and most recently shifted his focus to Health Insurance.</p>\n<p class=\"speakerBio\"><strong>Weld Pond</strong><br>When Weld Pond (Chris Wysopal)  joined the L0pht in 1993 there was no internet connection. He then built the l0pht.com gateway machine using Slackware 1.0 on 24 floppies. Weld was the webmaster of the l0pht.com website where all those hacker t-files from the BBS era could be found. Weld worked on the software side of L0pht researching vulnerabilities, writing advisories, building Netcat for Windows, and making L0phtCrack the first password cracker with a GUI. Weld was part of the 7 person group that testified at the US Senate in 1998 where he spoke about software transparency and liability. He joined @stake with the L0pht acquisition and worked there managing the research team and consulting at top customers like Microsoft until @stake was purchased by Symantec. Weld and Dildog then spun out the @stake static binary analysis technology to create Veracode, where he is co-founder and CTO.<br><br>@weldpond</p>\n</article>\n\'',0,134772),('2_Friday','12','12:00','12:45','N','DEFCON','Track 3','\'Who Controls the Controllers&mdash;Hacking Crestron IoT Automation Systems\'','\'Ricky \"HeadlessZeke\" Lawshae\'','dc__Lawshae','\'<article class=\"talk\" id=\"dc__Lawshae\">\n<h3 class=\"talkTitle\">Who Controls the Controllers&mdash;Hacking Crestron IoT Automation Systems</h3>\n	<p class=\"details\">Friday at 12:00 in Track 3<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Ricky \"HeadlessZeke\" Lawshae<span class=\"speakerTitle\"> Security Researcher, Trend Micro</span></h4>\n<p class=\"abstract\">While you may not always be aware of them or even have heard of them, Crestron devices are everywhere. They can be found in universities, modern office buildings, sports arenas, and even high-end Las Vegas hotel rooms. If an environment has a lot of audio/video infrastructure, needs to interconnect or automate different IoT and building systems, or just wants the shades to close when the TV is turned on, chances are high that a Crestron device is controlling things from behind the scenes. And as these types of environments become the norm and grow ever more complex, the number of systems that Crestron devices are connected to grows as well. But it is in large part because of this complexity that installing and programming these devices is difficult enough without considering adding security. Instead of being a necessity, it\'s an extra headache that almost always gets entirely passed over. In this talk, I will take a look at different Crestron devices from a security perspective and discuss the many vulnerabilities and opportunities for fun to be found within. I will demonstrate both documented and undocumented features that can be used to achieve full system compromise and show the need to make securing these systems a priority, instead of an afterthought, in every deployment. In short, hijinx will ensue.</p>\n\n<p class=\"speakerBio\"><strong>Ricky \"HeadlessZeke\" Lawshae</strong><br> Ricky \"HeadlessZeke\" Lawshae is an offensive security researcher for the Advanced Security Research team at Trend Micro. He spends his days breaking interesting things in interesting ways with his focus mainly centered on IoT research. His work has been featured in Forbes, Wired, Ars Technica, Hackaday, and more. He tries his best to be responsible with the vulnerabilities he finds, but despite that his work has also been featured in the likes of Satori, BrickerBot, and JenX. This will be his fourth time speaking at DEF CON, and he has also spoken at Recon, Ruxcon, Insomnihack, and many more. He spends his off-hours reading (mostly comics), drinking (mostly dark beers), and gaming (mostly PS4).<br><br>@HeadlessZeke</p>\n</article>\n\'',0,134773),('2_Friday','17','17:00','17:45','N','DEFCON','Track 1','\'I\'ll See Your Missile and Raise You A MIRV: An overview of the Genesis Scripting Engine\'','\'Alex Levinson, Dan Borges\'','dc__Levinson','\'<article class=\"talk\" id=\"dc__Levinson\">\n<h3 class=\"talkTitle\">I\'ll See Your Missile and Raise You A MIRV: An overview of the Genesis Scripting Engine</h3>\n	<p class=\"details\">Friday at 17:00 in Track 1<br>\n	45 minutes | Demo, Audience Participation, Tool</p>\n<h4 class=\"speaker\">Alex Levinson<span class=\"speakerTitle\"> Senior Security Engineer</span></h4>\n<h4 class=\"speaker\">Dan Borges<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Typically, the activities of a malware attack occur on an execution timeline that generally consists of 3 segments&mdash;the vector, the stage, and the persistence. First, a vector, or method of exploitation is identified. This could be anything from logging in over a credentialed method like RDP or SSH and running a malicious payload directly, to exploiting a memory corruption vulnerability remotely. Second, that access is leveraged into running malicious code that prepares the victim for the deployment of persistence (commonly \"implant\"). While segments one and three have been extensively automated, a effective automated utility for deploying persistence in a dynamic and unified context has yet to present itself. <br><br>Enter the Genesis Scripting Engine. <br><br>The Genesis Scripting Engine, or Gscript for short, is a framework for building multi-tenant executors for several implants in a stager. The engine works by embedding runtime logic (powered by the V8 Javascript Virtual Machine) for each persistence technique. This logic gets run at deploy time on the victim machine, in parallel for every implant contained with the stager. The Gscript engine leverages the multi-platform support of Golang to produce final stage one binaries for Windows, Mac, and Linux. <br><br>This talk will consist of an overview of the origins of the project,  a technical deep dive into the inner workings including the modified Javascript VM, a walk through of the CLI utility, and examples of how we\'ve leveraged Gscript in the real world. <br><br>Multiple demos involving practical application scenarios will be presented, as well as an opportunity for audience members to submit their own implants and have them built into a hydra on stage in a matter of minutes.</p>\n\n<p class=\"speakerBio\"><strong>Alex Levinson</strong><br> Alex Levinson is a Senior Security Engineer at Uber with experience in red teaming, software engineering, and incident response. Outside of Uber, he is a core member of the red team for the National Collegiate Cyber Defense Competition (CCDC), as well as the Competition Director for the Collegiate Penetration Testing Competition (CPTC). Previously, Alex worked as a Senior Consultant and Development Manager at Lares Consulting.<br><br>@alexlevinson, github.com/gen0cide, alexlevinson.wordpress.com</p>\n<p class=\"speakerBio\"><strong>Dan Borges</strong><br> Dan Borges is an information security professional with over 15 years in computer science. Dan participates in a number of cyber security competitions each year, from being on the National CCDC Red Team, to leading a Blue Team in Pros Versus Joes, and helping run the Collegiate Penetration Testing Competition (CPTC). He has been publishing a blog on infosec education for more than 10 years.<br><br>@1jection</p>\n</article>\n\'',0,134774),('3_Saturday','15','15:00','15:45','N','DEFCON','Track 3','\'Booby Trapping Boxes\'','\'Ladar Levison, hon1nbo\'','dc__Levison','\'<article class=\"talk\" id=\"dc__Levison\">\n<h3 class=\"talkTitle\">Booby Trapping Boxes</h3>\n	<p class=\"details\">Saturday at 15:00 in Track 3<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Ladar Levison<span class=\"speakerTitle\"> Founder, Lavabit LLC</span></h4>\n<h4 class=\"speaker\">hon1nbo<span class=\"speakerTitle\"> Proprietor, Hacking &amp; Coffee LLC</span></h4>\n<p class=\"abstract\">Ever worry about the hardware you leave behind? In a world where servers are co-located, and notebooks get left in hotel rooms, the ability to resist tampering, and if necessary actively respond to attack, has become increasingly important. And of course everybody knows the best booby traps are the ones you don\'t know are there. This talk will prepare you for life in 1984, where the maids are evil, and step brothers can\'t be trusted. Whether your running servers as a high value target, or simply want to protect your Monero private key, this talk will show you to achieve FIPS 140-2 level 4 security, without the FIPS 140-2 level 4 price tag. Specifically, we\'ll cover acquisition considerations, physical hardening, firmware mitigation, tamper detection and more.</p>\n\n<p class=\"speakerBio\"><strong>Ladar Levison</strong><br>Ladar Levison serves as the founder, president, and chief executive of Lavabit, where he has worked the past 14 years. Founded in 2004 (and originally called Nerdshack), Lavabit was created because Mr. Levison believes that privacy is a fundamental, necessary right for a functioning, free and fair democratic society. Presently, Mr. Levison is focused on Lavabit\'s Dark Mail Initiative, which aims to make end-to-end email encryption automatic and ubiquitous, while continuing to vigorously advocate for the privacy and free speech rights of all. Mr. Levison’s involvement in the internet can be traced to the early days of the world wide web, when he built his first website, in the early nineties for the fledgling Mosiac web browser (from the National Center for Supercomputing Applications).<br><br>\n\nPrior, Mr. Levison operated a dialup bulletin board service, and worked as a computer technician assembling custom computer systems. With more than 10 years of experience as an independent consultant, Mr. Levison has brought to bear his skills as a project manager, business analyst, systems engineer, software developer, database administrator, systems administrator, and information security specialist.<br><br>\n\nMr. Levison’s career has involved working with several dozen multinational companies in the financial, consumer electronics, and retail sectors. The websites Mr. Levison built have drawn millions of visitors, and the software he\'s written has touched, albeit behind the scenes, the lives of millions more. Over the years, Mr. Levison has written and published numerous technical specifications and authored several editorial pieces. Mr. Levison frequently speaks at a variety of conferences, has appeared as an expert on numerous network television shows, and appeared in several documentaries; including the Oscar winning film, /Citizenfour/.<br><br>\n\nMr. Levison has also been involved with several popular free open source software projects. Mr. Levison holds fifteen certifications, with the vast majority from Microsoft and International Business Machines. Mr. Levison received his Bachelor of Arts and Bachelor of Science degrees from Southern Methodist University, where he studied finance, English, political science and computer science. Additionally, Mr. Levison spent a year studying international relations at Georgetown University. A native of San Francisco, California, he currently resides in Dallas, Texas where he lives with his best friend, and principal cheerleader,\nPrincess, the Italian Greyhound he rescued in 2010.<br><br>Twitter: @kingladar<br>\nFacebook: kingladar<br>\nWebsite: https://lavabit.com </p>\n<p class=\"speakerBio\"><strong>hon1nbo</strong><br>Hon1nbo is a hacker who tinkers for fun and to satisfy the basic human need to light things on fire. Hon1nbo allegedly has a job, where they get paid to take selfies in other people’s secure vaults in the middle of the night. We don’t know if this job is real, or merely a cover story. This possible delusion has taken them around the world entering into some of the largest organizations in both people size and technical expanse, using every possible entry method at their disposal. No domain left without an admin, no email left without a phish, and every office a wolf tail hiding in the air vents.<br><br>\n\nIn addition to their night job, Hon1nbo runs Hacking & Coffee, a small hosting firm in Texas, where excess network capacity abounds, to perform security research and mirror F/OSS repositories. They also provide infrastructure support to a variety community projects, small businesses, and student groups.<br><br>\n\nA wild Hon1nbo can be spotted at DEF CON, its natural habitat, and identified via their purple tail, ears, and getting into shenanigans.<br><br>Twitter: @hon1nbo<br>\nFacebook: hon1nbo<br>\nWebsite: https://hackingand.coffee<br>\nSpecies: Wolf-Dog<br>\nPronouns: them/their/schlee/generalisimo whatever be consistent</p>\n</article>\n\'',0,134775),('2_Friday','10','10:30','10:50','N','DEFCON','Track 3','\'Please do not Duplicate: Attacking the Knox Box and Other Keyed Alike Systems\'','\'m010ch_\'','dc__M010ch_','\'<article class=\"talk\" id=\"dc__M010ch_\">\n<h3 class=\"talkTitle\">Please do not Duplicate: Attacking the Knox Box and Other Keyed Alike Systems</h3>\n	<p class=\"details\">Friday at 10:30 in Track 3<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">m010ch_<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Knox Boxes, along with other rapid entry systems are increasing in popularity, as they allow first responders such as police, fire, and paramedics to quickly gain access to a building in the event of an emergency without having to force entry. These devices rely on the security and key control provided by various locks to prevent unauthorized access to buildings. In this talk, I will focus on vulnerabilities of the widely used Knox Box and Medeco cam lock to key duplication attacks. I will demonstrate how a sufficiently skilled attacker could obtain a key that would grant them access to thousands of residential and commercial buildings throughout America, as well as show off new tools designed to streamline the process of duplicating physical keys using CAD and 3D printing. What could possibly go wrong when someone tries to backdoor an entire city?</p>\n\n<p class=\"speakerBio\"><strong>m010ch_</strong><br> m010ch_ is a physical security enthusiast and computer science student who spends most of his free time doing terrible things to locks. He enjoys participating in locksport competitions, and can often be found hunched over his desk, poking at small pieces of metal until he gets frustrated.</p>\n</article>\n\'',0,134776),('3_Saturday','14','14:00','14:30','N','DEFCON','Track 3','\'Playing Malware Injection with Exploit thoughts\'','\'Sheng-Hao Ma\'','dc__Ma','\'<article class=\"talk\" id=\"dc__Ma\">\n<h3 class=\"talkTitle\">Playing Malware Injection with Exploit thoughts</h3>\n	<p class=\"details\">Saturday at 14:00 in Track 3<br>\n	20 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Sheng-Hao Ma<span class=\"speakerTitle\"> CSIE, NTUST</span></h4>\n<p class=\"abstract\">In the past, when hackers did malicious program code injection, they used to adopt RunPE, AtomBombing, cross-process creation threads, and other approaches. They could forge their own execution program as any critical system service. However with increasing process of anti-virus techniques, these sensitive approaches have been gradually proactively killed. Therefore, hackers began to aim at another place, namely memory-level weakness, due to the breakages of critical system service itself. <br><br>This agenda will simply introduce a new memory injection technique that emerged after 2013, PowerLoadEx. Based on this concept,  three new injection methods will be disclosed as well. These makes good use of the memory vulnerability in Windows to inject malicious behavior into system critical services. The content will cover Windows reverse analysis, memory weakness analysis, how to use and utilize, and so on. The relevant PoC will be released at the end of the agenda.</p>\n\n<p class=\"speakerBio\"><strong>Sheng-Hao Ma</strong><br> Sheng-Hao Ma (aaaddress1) is a core member of CHROOT Security Group and TDOHacker security community in Taiwan, he has over ten years of experience in reverse engineering and machine language, and mastered the intel 8086. He expert in Windows vulnerability, reverse engineering.<br><br>Moreover, Sheng-Hao Ma has many papers presented in security conferences such as BlackHat Asia Arsenal, BSidesLV, ICNC, MC2015 and CISC, he was also a speaker at HITCON (Hackers In Taiwan Conference), SITCON (Students In Taiwan Conference), iThome#Chatbot.<br><br>@aaaddress1</p>\n</article>\n\'',0,134777),('4_Sunday','13','13:00','13:30','N','DEFCON','Track 1','\'Man-In-The-Disk\'','\'Slava Makkaveev\'','dc__Makkaveev','\'<article class=\"talk\" id=\"dc__Makkaveev\">\n<h3 class=\"talkTitle\">Man-In-The-Disk</h3>\n	<p class=\"details\">Sunday at 13:00 in Track 1<br>\n	20 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Slava Makkaveev<span class=\"speakerTitle\"> Security Researcher, Check Point</span></h4>\n<p class=\"abstract\">Most of modern OS are using sandboxing in order to prevent malicious apps from affecting other apps or even harming the OS itself. Google is constantly reinforcing Android’s sandbox protection, introducing new features to prevent any kind of sandbox bypass.<br><br>\n                                  \nIn this talk we want to shed new light on a less known attack surface which affects all Android devices and allows an attacker to hijack the communication between privileged apps and the disk, bypassing Android’s latest sandbox protection.<br><br>\n \nThe problem begins when privileged apps interact with files stored in exposed areas, and even worse, some of them will unintentionally break the sandbox by insecurely appending such data to its confinements.<br><br>\n \nCan you imagine if someone could execute code in the context of your keyboard, or install an unwanted app without your consent? Well… It’s hardly within the realm of imagination.<br><br>\nThe external storage and network based vulnerabilities we discovered, can be leveraged by the attacker to corrupt data, steal sensitive information or even take control of your device.</p>\n\n<p class=\"speakerBio\"><strong>Slava Makkaveev</strong><br>Slava Makkaveev is a Security Researcher at Check Point. Holds a PhD in Computer Science. Slava has found himself in the security field more than seven years ago and since then gained a vast experience in reverse engineering and malware analysis. Recently Slava has taken a particularly strong interest in mobile platforms and firmware security.</p>\n</article>\n\'',0,134778),('2_Friday','10','10:00','10:30','N','DEFCON','Track 3','\'Securing our Nation\'s Election Infrastructure\'','\'Jeanette Manfra\'','dc__Manfra','\'<article class=\"talk\" id=\"dc__Manfra\">\n<h3 class=\"talkTitle\">Securing our Nation\'s Election Infrastructure</h3>\n	<p class=\"details\">Friday at 10:00 in Track 3<br>\n	20 minutes |</p>\n<h4 class=\"speaker\">Jeanette Manfra<span class=\"speakerTitle\"> Assistant Secretary, Office of Cybersecurity and Communications, Department of Homeland Security</span></h4>\n<p class=\"abstract\">Fair elections are at the core of every democracy and are of paramount importance to our national security. The confidence in our electoral process is fundamental to ensuring that every vote- and therefore every voice- matters. In recent years, our Nation has become increasingly uneasy about the potential threats to our election infrastructure. The activities to undermine the confidence in the 2016 presidential election have been well documented and the United States (U.S.) Government has assessed that our adversaries will apply lessons learned from the 2016 election and will continue in their attempts to influence the U.S. and their allies\' upcoming elections, including the 2018 mid-term elections. As the lead agency for securing the Nation\'s cyber infrastructure, the Department of Homeland Security (DHS) has a mission to maintain public trust and protect America\'s election systems. In January 2017, the DHS Secretary designated election systems as critical infrastructure. This designation means election infrastructure has become a priority in shaping our planning and policy initiatives, as well as how we allocate our resources. DHS is working directly with election officials across 8,000 election jurisdictions and throughout 55 States and territories, to help them safeguard their systems. As the threat environment evolves, DHS will continue to work with state and local partners to enhance our understanding of the threat, share timely and actionable threat information, and provide essential physical and cybersecurity tools and resources available to the public and private sectors to increase security and resiliency. DHS is committed to ensuring that our adversaries never succeed with their campaign to undermine our democracy.</p>\n\n<p class=\"speakerBio\"><strong>Jeanette Manfra</strong><br> Jeanette Manfra serves as the National Protection and Programs Directorate (NPPD) Assistant Secretary for the Office of Cybersecurity and Communications (CS&amp;C). She is the chief cybersecurity official for the Department of Homeland Security (DHS) and supports its mission of strengthening the security and resilience of the nation\'s critical infrastructure. Prior to this position, Ms. Manfra served as Acting Deputy Under Secretary for Cybersecurity and Director for Strategy, Policy, and Plans for the NPPD. <br><br>Previously, Ms. Manfra served as Senior Counselor for Cybersecurity to the Secretary of Homeland Security and Director for Critical Infrastructure Cybersecurity on the National Security Council staff at the White House. <br><br>At DHS, she held multiple positions in the Office of Cybersecurity and Communications, including advisor for the Assistant Secretary for Cybersecurity and Communications and Deputy Director, Office of Emergency Communications, during which time she led the Department\'s efforts in establishing the Nationwide Public Safety Broadband Network. Before joining DHS, Jeanette served in the U.S. Army as a communications specialist and a Military Intelligence Officer.</p>\n</article>\n\'',0,134779),('3_Saturday','13','13:00','13:30','N','DEFCON','Track 3','\'Looking for the perfect signature: an automatic YARA rules generation algorithm in the AI-era\'','\'Andrea Marcelli\'','dc__Marcelli','\'<article class=\"talk\" id=\"dc__Marcelli\">\n<h3 class=\"talkTitle\">Looking for the perfect signature: an automatic YARA rules generation algorithm in the AI-era</h3>\n	<p class=\"details\">Saturday at 13:00 in Track 3<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Andrea Marcelli<span class=\"speakerTitle\"> PhD Student and Security Researcher. Politecnico di Torino </span></h4>\n<p class=\"abstract\">Given the high pace at which new malware variants are generated, antivirus programs struggle to keep their signatures up-to-date, and AV scanners suffer from a considerable quantity of false negatives. The generation of effective signatures against new malware variants, while avoiding false positive detections, is a highly desirable but challenging task, typically requiring a substantial portion of human expert’s time. Artificial intelligence techniques can be applied to solve the malware signature generation problem.<br><br>\n\nThe ultimate goal is to develop an algorithm able to automatically create a generalized family signature, eventually reducing threat exposure and increasing the quality of the detection. The proposed technique automatically generates an optimal signature to identify a malware family with very high precision and good recall using heuristics, evolutionary and linear programming algorithms.<br><br>\n\nIn this talk I will present YaYaGen (Yet Another YARA Rule Generator), a tool to automatically generate Android malware signatures. Performances have been evaluated on a massive dataset of millions of applications available in the Koodous project, showing that in a few minutes the algorithm can generate precise ruleset able to catch 0-day malware, better than human generated ones.</p>\n\n<p class=\"speakerBio\"><strong>Andrea Marcelli</strong><br>Andrea Marcelli is a PhD Student and Security Researcher at Hispasec Sistemas. He received his M.Sc. degree in Computer Engineering from Politecnico of Torino, Italy, in 2015 and he is currently a third year doctoral student in Computer and Control Engineering at the same institute. His research interests include malware analysis, semi-supervised modeling, machine learning and optimization problems, with main applications in computer security. Since the end of 2016 he has been part of the security research team at Hispasec Sistemas, working on the Koodous project, where he develops new AI-based tools to automate large scale Android malware analysis, including malware clustering, network graph analytics and automatic YARA signatures generation.<br><br>@_S0nn1_, https://jimmy-sonny.github.io/</p>\n</article>\n\'',0,134780),('2_Friday','13','13:00','13:30','N','DEFCON','Track 3','\'One-Click to OWA\'','\'William Martin\'','dc__Martin1','\'<article class=\"talk\" id=\"dc__Martin1\">\n	<h3 class=\"talkTitle\">One-Click to OWA</h3>\n	<p class=\"details\">Friday at 13:00 in Track 3<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">William Martin<span class=\"speakerTitle\"> Security &amp; Privacy Senior Associate</span></h4>\n<p class=\"abstract\">With the presense of 2FA/MFA solutions growing, the attack surface for external attackers that have successfully phished/captured/cracked credentials is shrinking. However, many 2FA/MFA solutions leave gaps in their coverage which can allow attackers to leverage those credentials. For example, while OWA may be protected with 2FA, the Exchange Web Services Management API (EWS) offers many of the same features and functionalities without the same protections.<br>\n<br>\nIn this talk, I will introduce ExchangeRelayX, an NTLM relay tool that provides attackers with access to an interface that resembles a victim\'s OWA UI and has many of its functionalities - without ever cracking the relayed credentials.  ExchangeRelayX takes advantage of the gap in some 2FA/MFA solutions protecting Exchange, potentially resulting in a single-click phishing scheme enabling an attacker to exfiltrate sensitive data, perform limited active-directory enumeration, and execute further internal phishing attacks.</p>\n\n<p class=\"speakerBio\"><strong>William Martin</strong><br> William Martin is a penetration tester & information security researcher with more than five years of experience in the Information Security Industry. William became an Offensive Security Certified Professional(OSCP) in November of 2015 and is currently a senior associate at RSM US LLP in the Security and Privacy practice with a focus on penetration testing and social engineering. www.linkedin.com/in/william-martin-OSCP<br><br>@quickbreach<br>\nwww.linkedin.com/in/william-martin-OSCP</p>\n</article>\n\'',0,134781),('3_Saturday','14','14:00','14:45','N','DEFCON','Track 1','\'SMBetray&mdash;Backdooring and breaking signatures\'','\'William Martin\'','dc__Martin2','\'<article class=\"talk\" id=\"dc__Martin2\">\n<h3 class=\"talkTitle\">SMBetray&mdash;Backdooring and breaking signatures</h3>\n	<p class=\"details\">Saturday at 14:00 in Track 1<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">William Martin<span class=\"speakerTitle\"> Security &amp; Privacy Senior Associate</span></h4>\n<p class=\"abstract\">When it comes to taking advantage of SMB connections, most tools available to penetration testers aim for system enumeration or for performing relay attacks to gain RCE. If signatures are required, or if the victims relayed are not local admins anywhere, that can put a real stint in leveraging SMB to gain any serious footholds in a network. Fortunately, the mentioned attacks are only the tip of the iceberg of the ways to gain RCE with insecure SMB connections – and there’s a new tool to help take full advantage of these opportunities.</p>\n\n<p class=\"speakerBio\"><strong>William Martin</strong><br> William Martin is a penetration tester & information security researcher with more than five years of experience in the Information Security Industry. William became an Offensive Security Certified Professional(OSCP) in November of 2015, and is currently a senior associate at RSM US LLP in the Security and Privacy practice with a focus on penetration testing and social engineering. <br><br>@quickbreach<br>\nwww.linkedin.com/in/william-martin-OSCP</p>\n</article>\n\'',0,134782),('3_Saturday','10','10:00','10:45','N','DEFCON','Track 2','\'You\'re just complaining because you\'re guilty: A DEF CON Guide to Adversarial Testing of Software Used In the Criminal Justice System\'','\'Dr. Jeanna N. Matthews:, Nathan Adams, Jerome Greco\'','dc__Matthews','\'<article class=\"talk\" id=\"dc__Matthews\">\n<h3 class=\"talkTitle\">You\'re just complaining because you\'re guilty: A DEF CON Guide to Adversarial Testing of Software Used In the Criminal Justice System</h3>\n	<p class=\"details\">Saturday at 10:00 in Track 2<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Dr. Jeanna N. Matthews:<span class=\"speakerTitle\"> Associate Professor, Clarkson University and Fellow, Data and Society</span></h4>\n<h4 class=\"speaker\">Nathan Adams<span class=\"speakerTitle\"> Systems Engineer, Forensic Bioinformatic Services</span></h4>\n<h4 class=\"speaker\">Jerome Greco<span class=\"speakerTitle\"> Digital Forensics Staff Attorney, Legal Aid Society</span></h4>\n<p class=\"abstract\">Software is increasingly used to make huge decisions about people\'s lives and often these decisions are made with little transparency or accountability to individuals.  If there is any place where transparency, third-party review, adversarial testing and true accountability is essential, it is the criminal justice system. Nevertheless, proprietary software is used throughout the system, and the trade secrets of software vendors are regularly deemed more important than the rights of the accused to understand and challenge decisions made by these complex systems.  In this talk, we will lay out the map of software in this space from DNA testing to facial recognition to estimating the likelihood that someone will commit a future crime. We will detail the substantial hurdles that prevent oversight and stunning examples of real problems found when hard won third-party review is finally achieved.  Finally, we will outline what you as a concerned citizen/hacker can do.  Nathan Adams will demo his findings from reviewing NYC\'s FST source code, which was finally made public by a federal judge after years of the city\'s lab fighting disclosure or even review. Jerome Greco will provide his insight into the wider world of software used in the criminal justice system&mdash;from technology that law enforcement admits to using but expects the public to trust without question to technology that law enforcement denies when the evidence says otherwise. Jeanna Matthews will talk about the wider space of algorithmic accountability and transparency and why even open source software is not enough.</p>\n\n<p class=\"speakerBio\"><strong>Dr. Jeanna N. Matthews:</strong><br> Dr. Matthews is an associate professor of Computer Science at Clarkson University and a 2017-18  fellow at Data and Society. She is member of the Executive Committee of US-ACM, the U.S. Public Policy Committee of ACM and a founding co-chair of their subcommittee on algorithmic transparency and accountability. She was a speaker and DEF CON 23 and 24, both times on the topic of vulnerabilities in virtual networks.  Her broader research interests include virtualization, cloud computing, computer security, computer networks and operating systems. Jeanna received her Ph.D. in Computer Science from the University of California at Berkeley and is an ACM Distinguished Speaker.<br><br>@jeanna_matthews</p>\n<p class=\"speakerBio\"><strong>Nathan Adams</strong><br> Nathan Adams works as a Systems Engineer in Ohio at the forensic DNA consulting firm Forensic Bioinformatic Services. He reviews DNA analyses performed in criminal cases in the US, the UK, and Australia. His focus includes DNA mixture interpretation, statistical weightings of evidence, probabilistic genotyping, and software development. When its disclosure was ordered by a federal judge in 2016, Nathan was part of the first team to independently examine FST, NYC\'s DNA mixture interpretation program. He helped identify and evaluate previously undisclosed behaviors of the software. Following the team\'s review and a motion filed by Yale\'s Media Freedom center and ProPublica, the judge recently ordered the release of the FST source code, which allowed open discourse for the first time since FST was brought online in 2011. He has a BS in Computer Science and is working on an MS in the same, both at Wright State University in Dayton, Ohio.</p>\n<p class=\"speakerBio\"><strong>Jerome Greco</strong><br> Jerome Greco is a public defender in the Digital Forensics Unit of the Legal Aid Society in New York City. Along with four analysts, he works with attorneys and investigators in all five boroughs on issues involving historical cell-site location information, cell phone extraction, electronic surveillance technology, social media, and hard drive analysis, among other fields. He is currently engaged in challenging the NYPD\'s use of cell-site simulators, facial recognition, and the execution of overbroad search warrants for electronic devices. Prior to his work with the Digital Forensics Unit, he was a trial attorney in the Legal Aid Society\'s Manhattan and Staten Island criminal defense offices. He graduated magna cum laude from New York Law School in 2011 and received his B.A. from Columbia University in 2008.<br><br>@JeromeDGreco</p>\n</article>\n\'',0,134783),('3_Saturday','14','14:30','14:50','N','DEFCON','Track 2','\'Sex Work After SESTA/FOSTA\'','\'Maggie Mayhem\'','dc__Mayhem','\'<article class=\"talk\" id=\"dc__Mayhem\">\n<h3 class=\"talkTitle\">Sex Work After SESTA/FOSTA</h3>\n	<p class=\"details\">Saturday at 14:30 in Track 2<br>\n	20 minutes |</p>\n<h4 class=\"speaker\">Maggie Mayhem<span class=\"speakerTitle\"> MaggieMayhem.Com</span></h4>\n<p class=\"abstract\">Surveillance had been a fact of life for sex workers wherever they have faced prohibition. Only two elements, communication and association, can differentiate between commercial and personal sex, criminal enforcement of prostitution laws have necessarily meant targeting the speech and affiliation of perceived sex workers. Enforcement of this nature is facilitated by profiling, institutional bias, and broad overreaching policies that fundamentally violate individual human rights. This has included condoms as evidence, non-consensual medical screenings, and targeted harassment of black transgender women as well as license plate recording projects and stings that focus disrupting immigration or migrant workers.  <br><br>For all of its risks, screening potential clients is safer over email than it is in person during a street based negotiation often in an isolated part of town. SESTA (Stop Enabling Sex Traffickers Act) comes at a time when compelling research demonstrates that Craigslist resulted in a 17% drop in the female homicide rate. SESTA will also put victims at risk by delaying their identification and recovery by eliminating a digital paper trail. Additionally, Section 230 of the Communications Decency Act is a vital protection for a free internet. Subverting SESTA will create greater economic disparity between sex workers and ultimately empower pimps and agencies over independent  providers.</p>\n\n<p class=\"speakerBio\"><strong>Maggie Mayhem</strong><br> Maggie Mayhem is a sex worker, birth worker, and death worker from San Francisco, CA. She has served on the Board of Directors for the Sex Worker Outreach Project-USA and founded the health, hygiene, and harm reduction project HarmReduxSF. She has been involved in public health since 2003 and is an international advocate for sex worker rights and reproductive justice. She has spoken about sexual biometrics at SxSW; debated pornography at Yale with Gail Dines; shared the history of pre-WWII porn at the University of Toronto; was artist-in-residence at the Museumsquartier in Vienna; talked about developing sex worker centered policy at DymaxiCon in Helsinki; presented her crack pipe distribution project at the Harm Reduction Coalition conference; shared statistics and research on sex workers and violence at the University of Winchester; and examined public mourning in human rights activism at the University of Southampton. Her independent adult website MeetTheMayhems was the recipient of a feminist porn award. <br><br>@MsMaggieMayhem // Insta @MaggieMayhem // Web MaggieMayhem.Com //</p>\n</article>\n\'',0,134784),('2_Friday','11','11:00','11:45','N','DEFCON','Track  101','\'An Attacker Looks at Docker: Approaching Multi-Container Applications\'','\'Wesley McGrew\'','dc__McGrew','\'<article class=\"talk\" id=\"dc__McGrew\">\n<h3 class=\"talkTitle\">An Attacker Looks at Docker: Approaching Multi-Container Applications</h3>\n	<p class=\"details\">Friday at 11:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Wesley McGrew<span class=\"speakerTitle\"> Director of Cyber Operations, HORNE Cyber</span></h4>\n<p class=\"abstract\">Containerization, such as that provided by Docker, is becoming very popular among developers of large-scale applications. The good news: this is likely to make your life easier as an attacker. <br><br>While exploitation and manipulation of traditional monolithic applications might require specialized experience and training in the target languages and execution environment, applications made up of services distributed among multiple containers can be effectively explored and exploited \"from within\" using many of the system- and network-level techniques that attackers, such as penetration testers, already know. <br><br>The goal of this talk is to provide a hacker experienced in exploitation and post-exploitation of networks and systems with an exposure to containerization and the implications it has on offensive operations. Docker is used as a concrete example for the case study. A hacker can expect to leave this presentation with a practical exposure to multi-container application post-exploitation.</p>\n\n<p class=\"speakerBio\"><strong>Wesley McGrew</strong><br> Wesley currently oversees and participates in offense-oriented operations as Director of Cyber Operations for HORNE Cyber. He has presented on topics of penetration testing and and malware analysis at DEF CON and Black Hat USA. He teaches a self-designed course on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. Wesley has a Ph.D. in Computer Science from  Mississippi State University for his research in vulnerability analysis of SCADA HMI systens.</p>\n</article>\n\'',0,134785),('3_Saturday','16','16:00','16:45','N','DEFCON','Track 1','\'80 to 0 in under 5 seconds: Falsifying a medical patient\'s vitals\'','\'Douglas McKee\'','dc__McKee','\'<article class=\"talk\" id=\"dc__McKee\">\n<h3 class=\"talkTitle\">80 to 0 in under 5 seconds: Falsifying a medical patient\'s vitals</h3>\n	<p class=\"details\">Saturday at 16:00 in Track 1<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Douglas McKee<span class=\"speakerTitle\"> Senior Security Researcher for the McAfee Advanced Threat Research team</span></h4>\n<p class=\"abstract\">It seems each day that passes brings new technology and an increasing dependence upon it. The medical field is no exception; medical professionals rely upon technology to provide them with accurate information and base life-changing decisions on this data. <br><br>In recent years there has been more attention paid to the security of medical devices; however, there has been little research done on the unique protocols used by these devices. In large, health care systems medical personnel take advantage of to make decisions on patient treatment and other critical care, use central monitoring stations. This information is gathered from many devices on the network using uncommon networking protocols.  What if this information wasn\'t accurate when a doctor prescribed medication?  What if a patient was thought to be peacefully resting, when in fact they are under cardiac arrest? <br><br>McAfee\'s Advanced Threat Research team has discovered a weakness in the RWHAT protocol, one of the networking protocols used by medical devices to monitor a patient\'s condition.  This protocol is utilized in some of the most critical systems used in hospitals.  This weakness allows the data to be modified by an attacker in real-time to provide false information to medical personnel.   Lack of authentication also allows rogue devices to be placed onto the network and mimic patient monitors.   <br><br>This presentation will include a technical dissection of the security issues inherent in this relatively unknown protocol.  It will describe real-world attack scenarios and demonstrate the ability to modify the communications in-transit to directly influence the receiving devices.  We will also explore the general lack of security mitigations in the medical devices field, the risks they pose, and techniques to address them.  The talk will conclude with a demonstration using actual medical device hardware and a live modification of a patient\'s critical data.</p>\n\n<p class=\"speakerBio\"><strong>Douglas McKee</strong><br> Douglas McKee is a Senior Security Researcher for the McAfee Advanced Threat Research team, focused on finding new vulnerabilities in both software and hardware. Douglas has an extensive background in penetration testing, reverse engineering, malware analysis and forensics and throughout his career has provided software exploitation training to many audiences, including law enforcement.</p>\n</article>\n\'',0,134786),('3_Saturday','11','11:00','11:45','N','DEFCON','Track 1','\'Exploiting Active Directory Administrator Insecurities\'','\'Sean Metcalf\'','dc__Metcalf','\'<article class=\"talk\" id=\"dc__Metcalf\">\n<h3 class=\"talkTitle\">Exploiting Active Directory Administrator Insecurities</h3>\n	<p class=\"details\">Saturday at 11:00 in Track 1<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Sean Metcalf<span class=\"speakerTitle\"> CTO, Trimarc</span></h4>\n<p class=\"abstract\">Defenders have been slowly adapting to the new reality: Any organization is a target. They bought boxes that blink and software that floods the SOC with alerts. None of this matters as much as how administration is performed: Pop an admin, own the system. Admins are being dragged into a new paradigm where they have to more securely administer the environment. What does this mean for the pentester or Red Teamer? <br><br>Admins are gradually using better methods like two-factor and more secure administrative channels. Security is improving at many organizations, often quite rapidly. If we can quickly identify the way that administration is being performed, we can better highlight the flaws in the admin process. <br><br>This talk explores some common methods Active Directory administrators (and others) use to protect their admin credentials and the flaws with these approaches. New recon methods will be provided on how to identify if the org uses an AD Red Forest (aka Admin Forest) and what that means for one hired to test the organization\'s defenses, as well as how to successfully avoid the Red Forest and still be successful on an engagement.<br><br>Some of the areas explored in this talk:\n	<ul class=\"square\"><li>Current methods organizations use to administer Active Directory and the weaknesses around them.<li>Using RODCs in the environment in ways the organization didn\'t plan for (including persistence).<li>Exploiting access to agents typically installed on Domain Controllers and other highly privileged systems to run/install code when that\'s not their typical purpose.<li>Discovering and exploiting an AD forest that leverages an AD Admin Forest (aka Red Forest) without touching the Admin Forest.</ul> <p>If you are wondering how to pentest/red team against organizations that are improving their defenses, this talk is for you. If you are a blue team looking for inspiration on effective defenses, this talk is also for you to gain better insight into how you can be attacked.</p>\n\n<p class=\"speakerBio\"><strong>Sean Metcalf</strong><br> Sean Metcalf is founder and principal consultant at Trimarc (www.TrimarcSecurity.com) a consulting company which focuses on improving enterprise Active Directory security. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) certification, is a former Microsoft MVP, and has presented on Active Directory attack and defense at Black Hat, BSides, DEF CON, DerbyCon, BlueHat, &amp; Shakacon security conferences. He currently provides security consulting services to customers and regularly posts interesting Active Directory security information on his blog, ADSecurity.org.</p>\n</article>\n\'',0,134787),('3_Saturday','12','12:00','12:45','N','DEFCON','Track 3','\'Ridealong Adventures&mdash;Critical Issues with Police Body Cameras\'','\'Josh Mitchell\'','dc__Mitchell','\'<article class=\"talk\" id=\"dc__Mitchell\">\n<h3 class=\"talkTitle\">Ridealong Adventures&mdash;Critical Issues with Police Body Cameras</h3>\n	<p class=\"details\">Saturday at 12:00 in Track 3<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Josh Mitchell<span class=\"speakerTitle\"> Principal cybersecurity Consultant, Nuix</span></h4>\n<p class=\"abstract\">The police body camera market has been growing in popularity over the last few years. A recent (2016) Johns Hopkins University market survey found 60 different models have been produced specifically for law enforcement use. Rapid adoption is fueling this meteoric increase in availability and utilization. Additionally, device manufactures are attempting to package more and more technology into these devices. This has caused a deficiency in local municipalities\' skills and budget to accurately assess the attack surface and exposure to the organization. Furthermore, departmental policies and procedures governing the secure deployment of these devices is largely insufficient. <br><br>At DEF CON, we will be introducing tactics, techniques, and procedures to assess the security of these devices. We will cover attacks against the physical devices, RF components, smartphone app\'s, and desktop software. The capabilities demonstrated and discussed will encompass publicly and privately available technologies. Additionally, the talk will cover multiple products and vendors, shedding light on industry wide issues and trends. Finally, we will be releasing software to detect and track various devices and tie these issues into real world events.</p>\n\n<p class=\"speakerBio\"><strong>Josh Mitchell</strong><br> Josh Mitchell (Twitter: @bx_lr) has more than a decade\'s experience as an information security researcher. He has authored numerous technical documents and presented his findings at conferences, academic discussions, and in the classroom. Josh is an expert at discovering and exploiting vulnerabilities and writing code to protect operating systems and programs. Josh has served in the United States Air Force and held numerous defense contracting roles covering electronic signals intelligence exploitation, electronic warfare, malware analysis, exploit development, and reverse engineering<br><br>@bx_lr</p>\n</article>\n\'',0,134788),('3_Saturday','11','11:00','11:45','N','DEFCON','Track 2','\'Compression Oracle Attacks on VPN Networks\'','\'Nafeez\'','dc__Nafeez','\'<article class=\"talk\" id=\"dc__Nafeez\">\n<h3 class=\"talkTitle\">Compression Oracle Attacks on VPN Networks</h3>\n	<p class=\"details\">Saturday at 11:00 in Track 2<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Nafeez<span class=\"speakerTitle\"> Security Researcher</span></h4>\n<p class=\"abstract\">Security researchers have done a good amount of practical attacks in the past using chosen plain-text attacks on compressed traffic to steal sensitive data. In spite of how popular CRIME and BREACH were, little was talked about how this class of attacks was relevant to VPN networks. Compression oracle attacks are not limited to just TLS protected data. In this talk, we try these attacks on browser requests and responses which usually tunnel their HTTP traffic through VPNs. We also show a case study with a well-known VPN server and their plethora of clients. We then go into practical defenses and how mitigations in HTTP/2\'s HPACK and other mitigation techniques are the way forward rather than claiming \'Thou shall not compress traffic at all.\' One of the things that we would like to showcase is how impedance mismatches in these different layers of technologies affect security and how they don\'t play well together.</p>\n\n<p class=\"speakerBio\"><strong>Nafeez</strong><br> Ahamed Nafeez has a varied offensive security background with some emphasis on browsers, web services, and cryptography. He believes defending is much harder than attacking most of the time and appreciates the variables and challenges defenders have. These days he is interested in writing secure frameworks, automating attacks and more or less trying to learn to write good code. <br><br>He has spoken at a few security conferences in the past around web apps, browsers and security analysis of javascript. He tweets at @skeptic_fx and builds his side project assetwatch.io in free time, an automated asset discovery/monitoring service.</p>\n</article>\n\'',0,134789),('3_Saturday','13','13:00','13:30','N','DEFCON','Track  101','\'One Step Ahead of Cheaters -- Instrumenting Android Emulators\'','\'Nevermoe (@n3v3rm03)\'','dc__Nevermoe','\'<article class=\"talk\" id=\"dc__Nevermoe\">\n<h3 class=\"talkTitle\">One Step Ahead of Cheaters -- Instrumenting Android Emulators</h3>\n	<p class=\"details\">Saturday at 13:00 in 101 Track, Flamingo<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Nevermoe (@n3v3rm03)<span class=\"speakerTitle\"> Security Engineer, DeNA Co., Ltd.</span></h4>\n<p class=\"abstract\">Commercial Android emulators such as NOX, BlueStacks and Leidian are very popular at the moment and most games can run on these emulators fast and soundly. The bad news for game vendors is that these emulators are usually shipped with root permission in the first place. On the other hand, cheating tools developers are happy because they can easily distribute their tools to abusers without requiring the abusers to have a physical rooted device, nor do they need to perform laborious tuning for different Android OS / firmware version. However, luckily for game vendors, commercial Android emulators usually use an x86/ARM mixed-mode emulation for speed-up. As a result, a standard native hooking/DBI framework won\'t work on this kind of platform. This drawback could discourage the cheating developers. <br><br>In this talk, I will introduce a native hooking framework on such a kind of mixed-mode emulators. The talk will include the process start routine of both command-line applications and Android JNI applications as well as how these routines differ on an emulator. The different emulation strategies adopted by different emulators and runtime environments (Dalvik/ART) will also be discussed. Based on these knowledge, I will explain why the existing hooking/DBI frameworks do not work on these emulators and how to make one that works. <br><br>Lastly, I will present a demo of using this hooking framework to cheat a game on emulator. With this demo, I will discuss how the dark market of mobile game cheating may develop in the foreseeable future.</p>\n\n<p class=\"speakerBio\"><strong>Nevermoe (@n3v3rm03)</strong><br> Nevermoe (@n3v3rm03) is a security engineer in DeNA Co., Ltd. His main focuses are web security, game hacking and reverse engineering. He loves writing tools for game hacking / analyzing and publishing them on https://github.com/nevermoe.</p>\n</article>\n\'',0,134790),('2_Friday','17','17:00','17:45','N','DEFCON','Track 3','\'Reverse Engineering, hacking documentary series\'','\'Michael Lee Nirenberg, Dave Buchwald\'','dc__Nirenberg','\'<article class=\"talk\" id=\"dc__Nirenberg\">\n<h3 class=\"talkTitle\">Reverse Engineering, hacking documentary series</h3>\n	<p class=\"details\">Friday at 17:00 in Track 3<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Michael Lee Nirenberg<span class=\"speakerTitle\"> Director, Restraining Order, Ltd</span></h4>\n<h4 class=\"speaker\">Dave Buchwald<span class=\"speakerTitle\"> Producer</span></h4>\n<p class=\"abstract\">We will present a sample scene and panel talk on our documentary series Reverse Engineering to the hacking community, which has been in the works for 4 years. We have dozens of interviews spanning the first 3 decades of computer hacking, ultimately there will be hundreds. It\'s a big story, but for the purposes of DEF CON, we\'ve put together a 17 min. Scene covering the 80s WarGames/Legion of Doom-era of computer hacking in the US. <br><br> We\'ve spoken to great people, but there are other viewpoints&mdash;this is a history that needs to be told by 1st person accounts. The accuracy and strength of our completed series is tantamount to the quality of who we interview and the questions that get asked. Accuracy is particularly important, there\'s been no shortage of media hype and lies regarding hacking since the 1980s. <br><br> Our vision for this film series is inclusive and collaborative. We\'d like to hear from attendees how to best tell the origin story of hacking to new generations, and more so the outside world who\'ve been fed a lot of myths by the media. Those are the lawmakers and citizens of tomorrow that we need to reach. Little attention has been paid to the pioneering hacker spirit that has literally changed every aspect of life. We want to address and correct that.</p>\n\n<p class=\"speakerBio\"><strong>Michael Lee Nirenberg</strong><br> Michael Lee Nirenberg&mdash;documentary director (Back Issues: The Hustler Magazine Story), writer, blogger, commercial artist for movies and TV</p>\n<p class=\"speakerBio\"><strong>Dave Buchwald</strong><br> Dave Buchwald&mdash;former hacker in the mid-80s (\"Bill\nfrom RNOC\"), film editor (Love Simple, Urchin), film consultant (Hackers) and 2600 Magazine cover artist</p>\n</article>\n\'',0,134791),('3_Saturday','20','20:00','19:59','N','DEFCON','Roman Chillout','\'EFF Fireside Hax (AKA Ask the EFF)\'','\'Kurt Opsahl, Nate Cardozo, Jamie Lee Williams, Andrés Arrieta, Katiza Rodriguez, Nathan \'nash\' Sheard\'','dc__Opsahl','\'<article class=\"talk\" id=\"dc__Opsahl\">\n<h3 class=\"talkTitle\">EFF Fireside Hax (AKA Ask the EFF)</h3>\n	<p class=\"details\">Saturday at 20:00 in Roman Chillout<br>\n	Fireside Hax | Audience Participation</p>\n<h4 class=\"speaker\">Kurt Opsahl<span class=\"speakerTitle\"> Deputy Executive Director &amp; General Counsel, Electronic Frontier Foundation</span></h4>\n<h4 class=\"speaker\">Nate Cardozo<span class=\"speakerTitle\"> EFF Senior Staff Attorney</span></h4>\n<h4 class=\"speaker\">Jamie Lee Williams<span class=\"speakerTitle\"> EFF Staff Attorney</span></h4>\n<h4 class=\"speaker\">Andrés Arrieta<span class=\"speakerTitle\"> Technology Products Manager</span></h4>\n<h4 class=\"speaker\">Katiza Rodriguez<span class=\"speakerTitle\"> International Rights Director</span></h4>\n<h4 class=\"speaker\">Nathan \'nash\' Sheard<span class=\"speakerTitle\"> Grassroots Advocacy Organizer</span></h4>\n<p class=\"abstract\">Relax and enjoy a Fireside Hax chat while you get the latest information about how the law is racing to catch up with technological change from staffers at the Electronic Frontier Foundation, the nation\'s premiere digital civil liberties group fighting for freedom and privacy in the computer age. This Fireside Hax discussion will include updates on current EFF issues such as the government\'s effort to undermine encryption (and add backdoors), the fight for network neutrality, discussion of our technology projects to spread encryption across the Web and emails, updates on cases and legislation affecting security research, and much more.  Half the session will be given over to question-and-answer, so it\'s your chance to ask EFF questions about the law and technology issues that are important to you.</p>\n\n<p class=\"speakerBio\"><strong>Kurt Opsahl</strong><br> Kurt Opsahl is the Deputy Executive Director and General Counsel of the Electronic Frontier Foundation. In addition to representing clients on civil liberties, free speech and privacy law, Opsahl counsels on EFF projects and initiatives.  Opsahl is the lead attorney on the Coders\' Rights Project.  Before joining EFF, Opsahl worked at Perkins Coie, where he represented technology clients with respect to intellectual property, privacy, defamation, and other online liability matters, including working on Kelly v. Arribasoft, MGM v. Grokster and CoStar v. LoopNet. For his work responding to government subpoenas, Opsahl is proud to have been called a \"rabid dog\" by the Department of Justice. Prior to Perkins, Opsahl was a research fellow to Professor Pamela Samuelson at the U.C. Berkeley School of Information Management &amp; Systems. Opsahl received his law degree from Boalt Hall, and undergraduate degree from U.C. Santa Cruz. Opsahl co-authored \"Electronic Media and Privacy Law Handbook.\" In 2007, Opsahl was named as one of the \"Attorneys of the Year\" by California Lawyer magazine for his work on the O\'Grady v. Superior Court appeal. In 2014, Opsahl was elected to the USENIX Board of Directors.<br><br>@kurtopsahl</p>\n<p class=\"speakerBio\"><strong>Nate Cardozo</strong><br> Nate Cardozo is a Senior Staff Attorney on the Electronic Frontier Foundation\'s digital civil liberties team. In addition to his focus on free speech and privacy litigation, Nate works on EFF\'s Who Has Your Back? report and Coders\' Rights Project. Nate has projects involving cryptography and the law, automotive privacy, government transparency, hardware hacking rights, anonymous speech, electronic privacy law reform, Freedom of Information Act litigation, and resisting the expansion of the surveillance state. A 2009-2010 EFF Open Government Legal Fellow, Nate spent two years in private practice before returning to his senses and to EFF in 2012.  Nate has a B.A. in Anthropology and Politics from U.C. Santa Cruz and a J.D. from U.C. Hastings where he has taught first-year legal writing and moot court. He brews his own beer, has been to India four times, and watches too much Bollywood.</p>\n<p class=\"speakerBio\"><strong>Jamie Lee Williams</strong><br> Jamie Williams is a staff attorney at the Electronic Frontier Foundation, where she is part of EFF\'s civil liberties team. Jamie focuses on the First and Fourth Amendment implications of new technologies, and is part of EFF\'s Coder\'s Rights Project, which protects programmers and developers engaged in cutting-edge exploration of technology. Jamie joined EFF in 2014. Prior to joining EFF, Jamie clerked for Judge Saundra Brown Armstrong in the Northern District of California, and practiced at Paul Hastings LLP, as an associate in the firms\' litigation department. Jamie was also a law clerk at the Alameda County Public Defender. Jamie has a J.D. from the University of California, Berkeley School of Law (Boalt Hall) and a B.A. in journalism from the University of Wisconsin, Madison.</p>\n<p class=\"speakerBio\"><strong>Andrés Arrieta</strong><br> Andrés Arrieta is the Technology Projects Manager for the Electronic Frontier Foundation. A Telecom and Electronics Engineer, he previously worked for Mobile Operators managing and developing projects from the Radio and Core networks to IT systems like Spotify Premium for Movistar. Seeing the state of privacy in the digital world from previous experiences, he joins the EFF to help develop tools that address these issues.</p>\n<p class=\"speakerBio\"><strong>Katiza Rodriguez</strong><br> Katitza Rodriguez is EFF\'s international rights director. She concentrates on comparative policy of international privacy issues, with special emphasis on law enforcement, government surveillance, and cross border data flows. Her work in EFF\'s International Program also focuses on cybersecurity at the intersection of human rights. Katitza also manages EFF\'s growing Latin American programs. She was an advisor to the UN Internet Governance Forum (2009-2010). Before joining EFF, Katitza was director of the international privacy program at the Electronic Privacy Information Center in Washington D.C., where amongst other things, she worked on The Privacy and Human Rights Report,an international survey of privacy law and developments. Katitza is well known to many in global civil society and in international policy venues for her work at the U.N. Internet Governance Forum and her pivotal role in the creation and ongoing success of the Civil Society Information Society Advisory Council at the Organisation for Economic Co-operation and Development, for which she served as the civil society liaison while at EPIC from 2008 to March 2010. Katitza holds a Bachelor of Law degree from the University of Lima, Peru. Katitza\'s twitter handle is @txitua.</p>\n<p class=\"speakerBio\"><strong>Nathan \'nash\' Sheard</strong><br> Nathan \'nash\' Sheard is EFF\'s Grassroots Advocacy Organizer. nash works directly with community members and organizations to take advantage of the full range of tools provided by access to tech, while engaging in empowering action toward the maintenance of digital privacy and information security.</p>\n</article>\n\'',0,134792),('2_Friday','14','14:00','14:45','N','DEFCON','Track 3','\'Revolting Radios\'','\'Michael Ossmann, Dominic Spill\'','dc__Ossmann','\'<article class=\"talk\" id=\"dc__Ossmann\">\n<h3 class=\"talkTitle\">Revolting Radios</h3>\n	<p class=\"details\">Friday at 14:00 in Track 3<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Michael Ossmann<span class=\"speakerTitle\"> Great Scott Gadgets</span></h4>\n<h4 class=\"speaker\">Dominic Spill<span class=\"speakerTitle\"> Great Scott Gadgets</span></h4>\n<p class=\"abstract\">There are many Software Defined Radios (SDRs) available, with a great deal of time and effort having gone in to their design.  These are not those radios.  We present four radios that we have designed using crude, novel, and sometimes ridiculous methods for transmitting and receiving signals. <br><br>The arrival of SDR allowed more hackers than ever to experiment with radio protocols, but we\'re still using hardware built by other people. In the time honored hacker tradition of rolling our own tools, we\'ll demonstrate four simple radios that can be home-built using commonly available parts for little to no cost.</p>\n\n<p class=\"speakerBio\"><strong>Michael Ossmann</strong><br> Michael is a wireless security researcher who makes hardware for hackers. Best known for the open source HackRF, Ubertooth, and GreatFET projects, he founded Great Scott Gadgets in an effort to put open source hardware into the hands of innovative people.<br><br>@michaelossmann</p>\n<p class=\"speakerBio\"><strong>Dominic Spill</strong><br> Dominic is a senior security researcher at Great Scott Gadgets, where he builds tools and investigates communications protocols.<br><br>@dominicgs</p>\n</article>\n\'',0,134793),('3_Saturday','10','10:00','10:45','N','DEFCON','Track 1','\'It WISN\'t me, attacking industrial wireless mesh networks\'','\'Erwin Paternotte, Mattijs van Ommeren\'','dc__Paternotte','\'<article class=\"talk\" id=\"dc__Paternotte\">\n<h3 class=\"talkTitle\">It WISN\'t me, attacking industrial wireless mesh networks</h3>\n	<p class=\"details\">Saturday at 10:00 in Track 1<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Erwin Paternotte<span class=\"speakerTitle\"> Lead security consultant at Nixu</span></h4>\n<h4 class=\"speaker\">Mattijs van Ommeren<span class=\"speakerTitle\"> principal security consultant at Nixu</span></h4>\n<p class=\"abstract\">Wireless sensor networks are commonly thought of as IoT devices communicating using familiar short-range wireless protocols like Zigbee, MiWi, Thread and OpenWSN. A lesser known fact is that about a decade ago, two industrial wireless protocols (WirelessHART and ISA100.11a) have been designed for industrial applications, which are based on the common IEEE 802.15.4 RF standard. These Wireless Industrial Sensor Networks (WISN) are used in process field device networks to monitor temperature, pressure, levels, flow or vibrations. The petrochemical industry uses WISN in oil and gas fields and plants around the world. <br><br>Both IEC ratified standards have been commonly praised by the ICS industry for their security features, including strong encryption on multiple layers within the protocol stack, resistance to RF interference, and replay protection. While the standards in general look safe on paper, there are potential interesting attack vectors that require verification. However, security research so far has not yielded any significant results beyond basic attack vectors. Often these attacks have only been theorized, and not (publically) demonstrated. In addition, vendor implementations have not been thoroughly tested for security by independent third parties, due to protocol complexity and the lack of proper (hardware/software) tools. We strongly believe in Wright\'s principle,\"Security does not improve until practical tools for exploration of the attack surface are made available.\"</p>\n\n<p class=\"speakerBio\"><strong>Erwin Paternotte</strong><br> Erwin works as a lead security consultant at Nixu Benelux. He has 15 years experience conducting penetration tests and security assessments on a wide variety of systems and technology. In the recent years his focus is shifting towards more advanced tests like red teaming, embedded systems, ICS/SCADA, and telco systems. Within Nixu he is also the practice lead for penetration and security testing.</p>\n<p class=\"speakerBio\"><strong>Mattijs van Ommeren</strong><br> Mattijs leads the Red Teaming and Hardware Testing team at Nixu Benelux. He has spent most of his career as an information security consultant, both on the offensive as well as the defensive side. Mattijs has a special interest in process automation and industrial systems. Over the years he has discovered numerous vulnerabilities in RTUs, process controllers, industrial firewalls and other equipment. Industrial sensor networks currently have most of his focus, as this is still mainly unexplored terrain.</p>\n</article>\n\'',0,134794),('1_Thursday','10','10:00','10:45','N','DEFCON','Track  101','\'ThinSIM-based Attacks on Mobile Money Systems\'','\'Rowan Phipps\'','dc__Phipps','\'<article class=\"talk\" id=\"dc__Phipps\">\n<h3 class=\"talkTitle\">ThinSIM-based Attacks on Mobile Money Systems</h3>\n	<p class=\"details\">Thursday at 10:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Rowan Phipps<span class=\"speakerTitle\"> Undergraduate researcher, University of Washington</span></h4>\n<p class=\"abstract\">Phone-based mobile money is becoming the dominant paradigm for financial services in the developing world processing more than a billion dollars per day for over 690 million users. For example, mPesa has an annual cash flow of over thirty billion USD, equivalent to nearly half of Kenya\'s GDP. Numerous other products exist inside of nearly every other market, including GCash in the Philippines and easyPaisa in Pakistan. As a part of this growth, competitors have appeared who leverage ThinSIMS, small SIM card add ons, to provide alternative mobile money implementations without operating their own mobile networks. However, the security implications of ThinSIMs are not well understood. <br><br>This talk dives into decade old telecom standards to explore how ThinSIMs work and what attackers of mobile money systems can do when they control the interface between the SIM card and the phone.  We will also demo two proof of concept exploits that use ThinSIMs to steal money from mobile money platforms and detail the difficulties of defense.</p>\n\n<p class=\"speakerBio\"><strong>Rowan Phipps</strong><br> Rowan is an undergraduate at the University of Washington where he studies Computer Science.  He\'s a member of Batman\'s Kitchen and has participated in CTF and CCDC competitions. Last summer he worked in the Digital Financial Services Research Group looking into the security of mobile money.  In his spare time he likes to dabble with hardware design.<br><br>@RowanPhipps</p>\n</article>\n\'',0,134795),('2_Friday','20','20:00','19:59','N','DEFCON','Roman Chillout','\'Oh Noes!&mdash;A Role Playing Incident Response Game\'','\'Bruce Potter, Robert Potter\'','dc__Potter','\'<article class=\"talk\" id=\"dc__Potter\">\n<h3 class=\"talkTitle\">Oh Noes!&mdash;A Role Playing Incident Response Game</h3>\n	<p class=\"details\">Friday at 20:00 in Roman Chillout<br>\n	Fireside Hax | Demo, Audience Participation, Tool</p>\n<h4 class=\"speaker\">Bruce Potter<span class=\"speakerTitle\"> Founder, The Shmoo Group</span></h4>\n<h4 class=\"speaker\">Robert Potter<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">The term\"incident response exercise\" can strike fear in the hearts of even the mostly steely-eyed professional. The idea of sitting around a table, talking through a catastrophic security event can be both simultaneously exhausting and incredibly boring. However, what instead of an participating in an\"incident response exercise,\" you instead got to plan an\"incident response role playing game?\" <br><br>Enter our IR roleplaying game,\"Oh Noes! An Adventure Through the Cybers and Shit.\" As part of our day job, we do quarterly IR exercises. In order to make these exercises more engaging, more fun, and more useful, we turned these exercises into a role playing game. We found it so useful and fun, we\'re releasing it at DEF CON along with numerous scenarios for your dungeon master to take you through. <br><br>At this talk, we will talk about gamifying IR exercises and the rules of Oh Noes! We will equip you with dice and your own character sheet and we will walk you through the character creating process. That\'s right, in Oh Noes! you create your own character with specific skills and abilities that you level up as you play. A group of us will play through a short scenario so you can see how the game works. We will provide several sample scenarios, some ripped from the headlines (and some cribbed from @badthingsdaily) as well as provide guidance on what makes successful scenarios as you transition to be your own dungeon master.</p>\n\n<p class=\"speakerBio\"><strong>Bruce Potter</strong><br> Bruce Potter is the founder of The Shmoo Group, CISO at Expel, and helps run ShmooCon each year in Washington DC. Bruce has over 20 years (yikes!) of experience in hacking and cyber security including working with DoD an Intelligence Community clients as well as numerous finance, healthcare, and transportation companies. Bruce used to do a lot of wireless and network attack and defense work but lately focuses on risk management, threat categorization, and building more secure systems. Bruce has never played D&amp;D but has a son who plays extensively. <br><br>@gdead</p>\n<p class=\"speakerBio\"><strong>Robert Potter</strong><br> Robert Potter is a 16 year old 10th grader who wears Invisalign. He is the son of Mr.Bow-To-My-Firewall and Mrs.Heidi\"clever name\" Potter. He likes things that begin with M, including but not limited to Math, Music, and his Mother (my mom told me to put that there).<br><br>@TauManiac</p>\n</article>\n\'',0,134796),('3_Saturday','16','16:00','16:45','N','DEFCON','Track 2','\'All your family secrets belong to us&mdash;Worrisome security issues in tracker apps\'','\'Dr. Siegfried Rasthofer, Stephan Huber, Dr. Steven Arzt\'','dc__Rasthofer','\'<article class=\"talk\" id=\"dc__Rasthofer\">\n<h3 class=\"talkTitle\">All your family secrets belong to us&mdash;Worrisome security issues in tracker apps</h3>\n	<p class=\"details\">Saturday at 16:00 in Track 2<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Dr. Siegfried Rasthofer<span class=\"speakerTitle\"> Fraunhofer SIT</span></h4>\n<h4 class=\"speaker\">Stephan Huber<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Dr. Steven Arzt<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Google Play Store provides thousands of applications for monitoring your children/family members. Since these apps deal with highly sensitive information, they immediately raise questions on privacy and security. Who else can track the users? Is this data properly protected? To answer these questions, we analyzed a selection of the most popular tracking apps from the Google Play Store. <br><br>Many apps and services suffer from grave security issues. Some apps use self-made algorithms instead of proper cryptography for data storage and transmission. Others do not even attempt to protect their communication at all and make use of the unprotected http protocol, or even give an attacker full access to a vulnerable backend system. Hard coded database credentials in apps allowed access to all stored user locations. We would be able to extract hundreds of thousands of tracking profiles, even in real time. In others, this wasn\'t even necessary, because the user authentication could be bypassed altogether. Flaws in server API allowed us to extract all user credentials (1.7m plain text passwords), further we saw full communication histories containing messages, pictures and location data. <br><br>In total, the state of tracker apps is worrisome, effectively leading to users unknowingly installing espionage software on their devices.</p>\n\n<p class=\"speakerBio\"><strong>Dr. Siegfried Rasthofer</strong><br> Siegfried is the head of department Secure Software Engineering at Fraunhofer SIT (Germany) and his main research focus is on <br><br>applied software security. He has received a PhD, master\'s degree and bachelor\'s degree in computer science and IT-security. He is the founder of the CodeInspect reverse engineering tool and founded TeamSIK. <br><br>During his research, he develops tools that combine static and dynamic code analysis for security purposes. Most of his research is published at top tier academic conferences and industry conferences <br><br>like DEF CON, BlackHat, AVAR or VirusBulletin.</p>\n<p class=\"speakerBio\"><strong>Stephan Huber</strong><br> Stephan is a security researcher at the Testlab mobile security group at the Fraunhofer Institute for Secure Information Technology (SIT). <br><br>His main focus is Android application security testing and developing new static and dynamic analysis techniques for app security evaluation. <br><br>He found different vulnerabilities in well-known Android applications and the AOSP. He gave talks on conferences like DEF CON, HITB, AppSec or VirusBulletin. In his spare time he enjoys teaching students in Android hacking.</p>\n<p class=\"speakerBio\"><strong>Dr. Steven Arzt</strong><br> Steven is currently a researcher at the Fraunhofer Institute for Secure Information Technology (SIT) in Darmstadt. <br><br>He has received a PhD, a master\'s degree in computer science, and a master\'s degree in IT Security from Technische Universität Darmstadt. <br><br>Steven is one of the core maintainers of the Soot open-source compiler framework that is now used for static analysis and program instrumentation by various research groups around the world. He is also actively maintaining the FLOWDROID open-source static data flow tracker. <br><br>His main research interests center on (mobile) security and static and dynamic program analysis applied to real-world security problems, an area in which he has published various research papers over the last years.</p>\n</article>\n\'',0,134797),('3_Saturday','12','12:00','12:45','N','DEFCON','Track 1','\'Tineola: Taking a Bite Out of Enterprise Blockchain\'','\'Stark Riedesel, Parsia Hakimian\'','dc__Riedesel','\'<article class=\"talk\" id=\"dc__Riedesel\">\n<h3 class=\"talkTitle\">Tineola: Taking a Bite Out of Enterprise Blockchain</h3>\n	<p class=\"details\">Saturday at 12:00 in Track 1<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Stark Riedesel<span class=\"speakerTitle\"> Synopsys, Senior Consultant</span></h4>\n<h4 class=\"speaker\">Parsia Hakimian<span class=\"speakerTitle\"> Synopsys, Senior Consultant</span></h4>\n<p class=\"abstract\">Blockchain adaptation has reached a fever pitch, andthe community is late to the game of securing these platforms against attack. With the open source community enamored with the success of Ethereum, the enterprise community has been quietly building the next generation of distributed trustless applications on permissioned blockchain technologies. As of early 2018, an estimated half of these blockchain projects relied on the Hyperledger Fabric platform.<br><br>\n \nIn this talk we will discuss tools and techniques attackers can use to target Fabric. To this end we are demoing and releasing a new attack suite, Tineola, capable of performing network reconnaissance of a Hyperledger deployment, adding evil network peers to this deployment, using existing trusted peers for lateral network movement with reverse shells, and fuzzing application code deployed on Fabric.<br><br>\n \nAs George Orwell said: \"Who controls the past controls the future. Who controls the present controls the past.\" This talk will demonstrate how a sufficiently armed red team can modify the blockchain past to control our digital future.</p>\n\n<p class=\"speakerBio\"><strong>Stark Riedesel</strong><br> Stark Riedesel is a senior consultant at Synopsys with six years of security industry experience. He has filled a variety of roles, including penetration tester, researcher, lecturer, and security architect. Stark’s active areas of research are public and private blockchain platforms, NoSQL-based exploitation techniques, and container orchestration. Outside work,Stark speaks and hosts CTF events at the Dallas, Texas, OWASP chapter and local universities.</p>\n<p class=\"speakerBio\"><strong>Parsia Hakimian</strong><br>Parsia Hakimian is a senior consultant at Synopsys with seven years of security industry experience. He has worked on enterprise blockchains, online multiplayer games, stock exchange platforms, mobile device management suites, and IoT devices. On a different continent, he was a C developer, university instructor, and single-player game cheater. Parsia is currently evangelizing Golang to the security community and practicing in-memory fuzzing.</p>\n</article>\n\'',0,134798),('4_Sunday','11','11:00','11:45','N','DEFCON','Track 1','\'Breaking Extreme Networks WingOS: How to own millions of devices running on Aircrafts, Government, Smart cities and more.\'','\'Josep Pi Rodriguez\'','dc__Rodriguez','\'<article class=\"talk\" id=\"dc__Rodriguez\">\n<h3 class=\"talkTitle\">Breaking Extreme Networks WingOS: How to own millions of devices running on Aircrafts, Government, Smart cities and more.</h3>\n	<p class=\"details\">Sunday at 11:00 in Track 1<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Josep Pi Rodriguez<span class=\"speakerTitle\"> Senior security consultant, IOActive</span></h4>\n<p class=\"abstract\">Extreme network\'s embedded WingOS (Originally created by Motorola) is an operating system used in several wireless devices such as access points and controllers. This OS is being used in Motorola devices, Zebra devices and Extreme network\'s devices. This research started focusing in an access point widely used in many Aircrafts by several worldwide airlines but ended up in something bigger in terms of devices affected as this embedded operating system is not only used in AP\'s for Aircrafts but also in Healthcare, Government, Transportation, Smart cities, small to big enterprises... and more. <br><br>Based on public information, we will see how vulnerable devices are actively used (outdoors) in big cities around the world. But also in Universities, Hotels,Casinos, Big companies, Mines, Hospitals and provides the Wi-Fi access for places such as the New york City Subway. <br><br>In this presentation we will show with technical details how several critical vulnerabilities were found in this embedded OS. First we will introduce some internals and details about the OS and then we will show the techniques used to reverse engineering the mipsN32 ABI code for the Cavium Octeon processor. It will be discussed how some code was emulated to detect how a dynamic password is generated with a cryptographic algorithm for a root shell backdoor. Besides, it will be shown how some protocols used by some services were reverse engineered to find unauthenticated heap and stack overflow vulnerabilities that could be exploitable trough Wireless or Ethernet connection. <br><br>This OS also uses a proprietary layer 2/3 protocol called MiNT. This protocol is used for communication between WingOS devices through VLAN or IP. This protocol was also reverse engineered and remote heap/stack overflow vulnerabilities were found on services using this protocol and will be shown. As a live demonstration, 2 devices will be used to exploit a remote stack overflow chaining several vulnerabilities as the attacker could do inside an aircraft (or other scenarios) through the Wi-Fi. As there are not public shellcodes for mipsN32 ABI, the particularities of creating a Shellcode for mipsN32 ABI will be also discussed.</p>\n\n<p class=\"speakerBio\"><strong>Josep Pi Rodriguez</strong><br> Josep Pi Rodriguez is experienced in network penetration and web application testing, reverse engineering, industrial control systems, transportation, RF, embedded systems, vulnerability research, exploit development, and malware analysis. As a senior consultant at IOActive, Mr. Rodriguez performs penetration testing, identifies system vulnerabilities and researches cutting-edge technologies. Mr. Rodriguez has performed security services and penetration tests for numerous global organizations and a wide range of financial, technical, and educational institutions. He has presented at international conferences including Immunity infiltrate, Hack in paris and Japan CCDS iot conference.</p>\n</article>\n\'',0,134799),('3_Saturday','13','13:00','13:30','N','DEFCON','Track 2','\'Reaping and breaking keys at scale: when crypto meets big data\'','\'Yolan Romailler, Nils Amiet\'','dc__Romailler','\'<article class=\"talk\" id=\"dc__Romailler\">\n<h3 class=\"talkTitle\">Reaping and breaking keys at scale: when crypto meets big data</h3>\n	<p class=\"details\">Saturday at 13:00 in Track 2<br>\n	20 minutes | Demo, Audience Participation, Tool</p>\n<h4 class=\"speaker\">Yolan Romailler<span class=\"speakerTitle\"> Security Researcher at Kudelski Security</span></h4>\n<h4 class=\"speaker\">Nils Amiet<span class=\"speakerTitle\"> Security Engineer at Kudelski Security</span></h4>\n<p class=\"abstract\">Public keys are everywhere, after all, they are public. These keys are waiting to be reaped by those who know their real value. Hidden behind this public face lurks some potentially dangerous issues which could lead to a compromise of data and privacy. <br><br>Leveraging hundreds of minion devices, we built a public key reaping machine (which we are open sourcing) and operated it on a global scale. Collected keys are tested for vulnerabilities such as the recent ROCA vulnerability or factorization using batch-GCD. We\'ve collected over 300 million keys so far and built a database 4 to 10 times bigger than previous public works. <br><br>Performing the initial computation on over 300 million keys took about 10 days on a 280 vCPU cluster. Many optimizations allow our tool to incrementally test new RSA keys for common prime factors against the whole dataset in just a few minutes. <br><br>As a result of our research, we could have impersonated hundreds of people by breaking their PGP keys, mimicked thousands of servers thanks to their factored SSH keys and performed MitM attacks on over 200k websites relying on vulnerable X509 certificates. <br><br>In the end, we were able to do this in an entirely passive way. Going further is possible, but it would lead us to the dark side. Would big brother hesitate to go there?</p>\n\n<p class=\"speakerBio\"><strong>Yolan Romailler</strong><br> Yolan Romailler is a Security Researcher at Kudelski Security, where he delves into (and dwells on) cryptography, crypto code, blockchains and other fun things. He has spoken at Black Hat USA, BSidesLV and DEF CON\'s Cryptovillage on automation in cryptography, vulnerability research, and presented at FDTC 2017 the first known practical fault attack against EdDSA. Yolan tweets as @anomalroil.</p>\n<p class=\"speakerBio\"><strong>Nils Amiet</strong><br> Nils Amiet is a Security Engineer at Kudelski Security, where he performs big data analytics, leveraging Spark, Hadoop and Chapel clusters to analyze large datasets. He designed a data pipeline to snapshot the whole IPv4 address space for selected network protocols, allowing automated and reproducible offline data analysis. He also built an automated country security ranking. Nils likes open source software, data analytics, distributed systems and data processing.</p>\n</article>\n\'',0,134800),('2_Friday','13','13:00','13:30','N','DEFCON','Track 2','\'Finding Xori: Malware Analysis Triage with Automated Disassembly\'','\'Amanda Rousseau, Rich Seymour\'','dc__Rousseau','\'<article class=\"talk\" id=\"dc__Rousseau\">\n<h3 class=\"talkTitle\">Finding Xori: Malware Analysis Triage with Automated Disassembly</h3>\n	<p class=\"details\">Friday at 13:00 in Track 2<br>\n	20 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Amanda Rousseau<span class=\"speakerTitle\"> Senior Malware Researcher at Endgame Inc.</span></h4>\n<h4 class=\"speaker\">Rich Seymour<span class=\"speakerTitle\"> Senior Data Scientist at Endgame Inc</span></h4>\n<p class=\"abstract\">In a world of high volume malware and limited researchers we need a dramatic improvement in our ability to process and analyze new and old malware at scale. Unfortunately what is currently available to the community is incredibly cost prohibitive or does not rise to the challenge. As malware authors and distributors share code and prepackaged tool kits, the corporate sponsored research community is dominated by solutions aimed at profit as opposed to augmenting capabilities available to the broader community. With that in mind, we are introducing our library for malware disassembly called Xori as an open source project. Xori is focused on helping reverse engineers analyze binaries, optimizing for time and effort spent per sample. <br><br>Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and provides triage analysis data. This Rust library emulates the stack, register states, and reference tables to identify suspicious functionality for manual analysis. Xori extracts structured data from binaries to use in machine learning and data science pipelines. <br><br>We will go over the pain-points of conventional open source disassemblers that Xori solves, examples of identifying suspicious functionality, and some of the interesting things we\'ve done with the library.  We invite everyone in the community to use it, help contribute and make it an increasingly valuable tool for researchers alike.</p>\n\n<p class=\"speakerBio\"><strong>Amanda Rousseau</strong><br> Amanda Rousseau absolutely loves malware. She works as a Senior Malware Researcher at Endgame who focuses on dynamic behavior detection both on Windows and OSX platforms. She worked as a malware researcher at FireEye before joining Endgame. She previously worked a reverse engineer and computer forensic examiner working for DoD forensic investigations and commercial incident response engagements. She received her MS in Information Systems Engineering from Johns Hopkins University. Research interests include malware evasion techniques, dynamic behavior classification, and developing runtime detections.<br><br>@malwareunicorn</p>\n<p class=\"speakerBio\"><strong>Rich Seymour</strong><br> Rich Seymour is a senior data scientist at Endgame, where he works on integrating R&amp;D successes into the company\'s platform and experimenting with new techniques to make security sensible. He\'s currently working on improving natural language understanding in the Artemis chatbot in the Endgame platform and understanding how to catch adversary tradecraft.  He holds a PhD in materials science and an MS in computer science, both from the University of Southern California, where he worked on high-performance computing simulations of nanoscale materials under stress. He has spoken at USENIX SOUPS, Shmoocon and O\'Reilly Security.<br><br>@rseymour</p>\n</article>\n\'',0,134801),('2_Friday','10','10:00','10:45','N','DEFCON','Track  101','\'Synfuzz: Building a Grammar Based Re-targetable Test Generation Framework\'','\'Joe Rozner\'','dc__Rozner','\'<article class=\"talk\" id=\"dc__Rozner\">\n<h3 class=\"talkTitle\">Synfuzz: Building a Grammar Based Re-targetable Test Generation Framework </h3>\n	<p class=\"details\">Friday at 10:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Joe Rozner<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Fuzzers have played an important role in the discovery of reliability and security flaws in software for decades. They have allowed for test case generation at a rate impossible by hand and the creation of test cases humans may never conceive of. While there are many excellent fuzzers available most are designed for mutating source files or input in random ways and attempting to discover edge cases in the handling of them. Some others are designed with structured input in mind and use grammars to more strategically generate and mutate possible inputs that adhere to the format defined. These specifically are the ones we care about for the goals of identifying differences between multiple implementations of a single language, finding bugs in parse tree generation/handling of tokens, and handling of the data at runtime once it has been successfully lexically and syntactically analyzed. We\'ll look at some of the shortcomings of existing fuzzers and discuss the implementation for a new platform designed to make fuzzer creation easier with the goal of being able utilize grammars from the implementations of the languages themselves.</p>\n\n<p class=\"speakerBio\"><strong>Joe Rozner</strong><br> Joe (@jrozner) is a software engineer at Prevoty where he has built semantic analysis tools, language runtimes, generalized solutions to common vulnerability classes, and designed novel integration technology leveraging runtime memory patching. He has a passion for reverse engineering, exploitation, teaching, and sharing research with others. He is the undisputed champion of the Brawndo and Booze competition from DEF CONs past with his Irish Car Mutilator winning in both the drink and dip categories.<br><br> @jrozner</p>\n</article>\n\'',0,134802),('2_Friday','15','15:00','15:45','N','DEFCON','Track 1','\'Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010\'','\'Gabriel Ryan\'','dc__Ryan','\'<article class=\"talk\" id=\"dc__Ryan\">\n<h3 class=\"talkTitle\">Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010</h3>\n	<p class=\"details\">Friday at 15:00 in Track 1<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Gabriel Ryan<span class=\"speakerTitle\"> Co-Founder / Principal Security Consultant @ Digital Silence</span></h4>\n<p class=\"abstract\">Existing techniques for bypassing wired port security are limited to attacking 802.1x-2004, which does not provide encryption or the ability to perform authentication on a packet-by-packet basis [1][2][3][4]. The development of 802.1x-2010 mitigates these issues by using MacSEC to provide Layer 2 encryption and packet integrity check to the protocol [5]. Since MacSEC encrypts data on a hop-by-hop basis, it successfully protects against the bridge-based attacks pioneered by the likes of Steve Riley, Abb, and Alva Duckwall [5][6]. <br><br>In addition to the development of 802.1x-2010, improved 802.1x support by peripheral devices such as printers also poses a challenge to attackers. Gone are the days in which bypassing 802.1x was as simple as finding a printer and spoofing address, as hardware manufacturers have gotten smarter. <br><br>In this talk, we will introduce a novel technique for bypassing 802.1x-2010 by demonstrating how MacSEC fails when weak forms of EAP are used. Additionally, we will discuss how improved 802.1x support by peripheral devices does not necessarily translate to improved port-security due to the widespread use of weak EAP. Finally, we will consider how improvements to the Linux kernel have made bridge-based techniques easier to implement and demonstrate an alternative to using packet injection for network interaction. We have packaged each of these techniques and improvements into an open source tool called Silent Bridge, which we plan on releasing at the conference.</p>\n\n<p class=\"speakerBio\"><strong>Gabriel Ryan</strong><br> Gabriel Ryan is a penetration tester and researcher with a passion for wireless and infrastructure testing. He currently serves a co-founder and principal security consultant for Digital Silence, a Denver based consulting firm that specializes in impact driven penetration testing and red team engagements. <br><br>Prior to joining Digital Silence, Gabriel worked as a penetration tester and researcher for Gotham Digital Silence, contributing heavily to their wireless security practice and regularly performing large scale infrastructure assessments and red teams for Fortune 500 companies. Some of Gabriel\'s most recent work includes the development of EAPHammer, an 802.11ac focused tool for breaching WPA2-EAP networks. On the side, he serves as a member of the BSides Las Vegas senior staff, coordinating wireless security for the event. In his spare time, he enjoys producing music, exploring the outdoors, and riding motorcycles.<br><br>@s0lst1c3, https://digitalsilence.com, solstice.sh</p>\n</article>\n\'',0,134803),('3_Saturday','13','13:00','13:30','N','DEFCON','Track 1','\'In Soviet Russia Smartcard Hacks You\'','\'Eric Sesterhenn\'','dc__Sesterhenn','\'<article class=\"talk\" id=\"dc__Sesterhenn\">\n<h3 class=\"talkTitle\">In Soviet Russia Smartcard Hacks You</h3>\n	<p class=\"details\">Saturday at 13:00 in Track 1<br>\n	20 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Eric Sesterhenn<span class=\"speakerTitle\"> Principal Security Consultant at X41, D-Sec GmbH</span></h4>\n<p class=\"abstract\">The classic spy movie hacking sequence: The spy inserts a magic smartcard provided by the agency technicians into the enemy\'s computer, ...the screen unlocks... What we all laughed about is possible! <br><br>Smartcards are secure and trustworthy. This is the idea smartcard driver developers have in mind when developing drivers and smartcard software. The work presented in this talk not only challenges, but crushes this assumption by attacking smartcard drivers using malicious smartcards. <br><br>A fuzzing framework for *nix and Windows is presented along with some interesting bugs found by auditing and fuzzing smartcard drivers and middleware. Among them classic stack and heap buffer overflows, double frees, but also a replay attack against smartcard authentication. <br><br>Since smartcards are used in the authentication process, a lot of vulnerabilities can be triggered by an unauthenticated user, in code running with high privileges. During the authors research, bugs were discovered in OpenSC (EPass, PIV, OpenPGP, CAC, Cryptoflex,...), YubiKey drivers, pam_p11, pam_pkc11, Apple smartcardservices...</p>\n\n<p class=\"speakerBio\"><strong>Eric Sesterhenn</strong><br> Eric Sesterhenn is working as an IT Security consultant for more than 15 years, working mostly in the areas of source code auditing and penetration testing. His experience in the field includes:</p>\n<ul class=\"square\">\n<li>Identified vulnerabilities in various software projects including\nthe Linux kernel, X.org and multiple IoT Operating Systems\n<li>Speaker at nullcon 2018, Internet of Teens (Issues in IoT Operating\nSystems)\n<li>Speaker at 30C3 about fingerprinting Java web-applications\n(lightning talk).\n<li>Part of the winning team of the Deutsche Post Security Cup 2013.\n</ul>\n</article>\n\'',0,134804),('3_Saturday','15','15:00','15:45','N','DEFCON','Track 1','\'All your math are belong to us\'','\'sghctoma\'','dc__Sghctoma','\'<article class=\"talk\" id=\"dc__Sghctoma\">\n<h3 class=\"talkTitle\">All your math are belong to us</h3>\n	<p class=\"details\">Saturday at 15:00 in Track 1<br>\n	45 minutes | Demo, Tool, Exploit, Audience Participation</p>\n<h4 class=\"speaker\">sghctoma<span class=\"speakerTitle\"> Lead security researcher @ PR-Audit Ltd., Hungary</span></h4>\n<p class=\"abstract\">First of all, it\'s math. Not meth. So everybody be cool, I\'m not gonna touch your central nervous system stimulant substances. Now that this is established, I can start telling my story. And this story, like all good stories, begins where it ends. <br><br>Wait, no, not really. <br><br>It begins at a birthday party where the sister of a friend asked if I could help her with MATLAB. No matter how horrible memories I had about MATLAB, I just couldn\'t say no. So the next day, there was I, sitting in my room, installing the trial. And that\'s when the hacking started... <br><br>Believe me, there were a lot to hack in this case! Several gigabytes of installed materials, a few web servers, cloud integration, clustering capabilities, you name it. These software are bloated, they are basically their own little operating systems. <br><br>Yup, I used plural. Because I thought why discriminate MATLAB? I should really give a chance to Maple and Mathematica to fail too!. I did, and they did fail, and these failures gave the material for my talk. Basically this will be a dump of exploits (RCEs, file disclosures, etc.), and if you use any of those software and you are at least a bit security conscious, you should definitely listen to it.</p>\n\n<p class=\"speakerBio\"><strong>sghctoma</strong><br> Toma is the lead IT security researcher at PR-Audit Ltd., a company focusing mainly on penetration testing and SIEM software development. Previously he participated in a cooperation between ELTE Department of Meteorology and the Paks Nuclear Power Plant Ltd., the goal of which was to develop TREX, a toxic waste emission simulator using CUDA. <br><br>The scene from RoboCop where Nikko defeats the ED-209 with just a laptop and a serial cable made a huge impression on him, and after seeing the movie, his path was set: he was bound to be a hacker. His first experiences in this field involved poking around various copy protection schemes, and to this day his favorite areas of expertise are the ones that require some mangling of binary files. Besides computer security he also loves mountain biking, flight simulators, and builds and flies acro quadcopters.</p>\n</article>\n\'',0,134805),('3_Saturday','13','13:30','13:50','N','DEFCON','Track  101','\'House of Roman&mdash;a \"leakless\" heap fengshui to achieve RCE on PIE Binaries\'','\'Sanat Sharma\'','dc__Sharma','\'<article class=\"talk\" id=\"dc__Sharma\">\n<h3 class=\"talkTitle\">House of Roman&mdash;a \"leakless\" heap fengshui to achieve RCE on PIE Binaries</h3>\n	<p class=\"details\">Saturday at 13:30 in 101 Track, Flamingo<br>\n	20 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Sanat Sharma<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Regarding ptmalloc2, many heap exploitation techniques have been invented in the recent years, well documented on the famous how2heap repository, or as writeups of famous CTF challenges (like House of Orange). However, most of them require atleast a libc/heap leak , or fail in non-PIE binaries. My new technique titled House of Roman leverages a single bug to gain shell leaklessly on a PIE enabled Binary. I shall showcase the ease of aligning the heap to perform this attack, thus demonstrating its versatility. <br><br>Since this a 20 mins talk, attendees should be aware of basic heap exploitation techniques, like fastbin attacks and unsorted bin attacks, and have a general idea of how the ptmalloc2 algorithm works. As a bonus, I also discuss how to land a fastbin chunk in memory regions with no size alignment (like __free_hook ).</p>\n\n<p class=\"speakerBio\"><strong>Sanat Sharma</strong><br> Sanat (@romanking98) is a 19 y o Junior Security Engineer at GoRoot GmbH in Berlin, Germany. He regularly plays CTFs with \"dcua\" , globally ranked in the world top 10 teams on ctftime.org , qualified for multiple prestigious onsite finals, including an invitation for DEF CON China offline CTF.<br><br>@romanking98</p>\n</article>\n\'',0,134806),('2_Friday','14','14:00','14:45','N','DEFCON','Track  101','\'UEFI exploitation for the masses\'','\'Mickey Shkatov  , Jesse Michael\'','dc__Shkatov','\'<article class=\"talk\" id=\"dc__Shkatov\">\n<h3 class=\"talkTitle\">UEFI exploitation for the masses</h3>\n	<p class=\"details\">Friday at 14:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">Mickey Shkatov  <span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Jesse Michael<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">So how do you debug bios and triage a vulnerability for exploitability with no stack trace or error log? How do BIOS developers do it? Do not worry! We will explain how anyone can have debug capabilities on modern Intel platforms and show you how this massively simplifies exploit dev. Developing an exploit for a BIOS vulnerability is a different experience than other types of exploit dev. Your available code base to draw from is unlike what you would expect when running at the operating system level and you have no gdb you can use. <br><br>In this talk we will summarize BIOS exploitation techniques and dive deeper into the specifics of an exploit we developed to provide reliable arbitrary code execution for an\"over-the-internet\" bios update vulnerability we found and responsibly disclosed. We will explain the relevant parts of UEFI and talk more about the exploit mitigations that exist there. We will also explain how to explore System Management Mode (SMM) in an Intel based platform, utilizing Intel hardware debug capabilities on an Intel 8th gen platform to obtain SMRAM content, analyze its contents, and search for vulnerable code.</p>\n\n<p class=\"speakerBio\"><strong>Mickey Shkatov  </strong><br> Mickey Shkatov, a principal researcher at Eclypsium, has been performing security research and product security validation since 2010, He has also presented multiple times at DEF CON A and BlackHat, PacSec, CanSecWest, BruCon, Hackito Ergo Sum, and BSides Portland.<br><br>@HackingThings</p>\n<p class=\"speakerBio\"><strong>Jesse Michael</strong><br> Jesse Michael is an experienced security researcher focused on vulnerability detection and mitigation who has worked at all layers of modern computing environments from exploiting worldwide corporate network infrastructure down to hunting vulnerabilities inside processors at the hardware design level.  His primary areas of expertise include reverse engineering embedded firmware and exploit development.  He has also presented multiple times at DEF CON, PacSec, Hackito Ergo Sum, and BSides Portland.<br><br>@JesseMichael</p>\n</article>\n\'',0,134807),('4_Sunday','15','15:00','15:45','N','DEFCON','Track 3','\'Fuzzing Malware For Fun &amp; Profit. Applying Coverage-guided Fuzzing to Find and Exploit Bugs in Modern Malware\'','\'Maksim Shudrak\'','dc__Shudrak','\'<article class=\"talk\" id=\"dc__Shudrak\">\n<h3 class=\"talkTitle\">Fuzzing Malware For Fun &amp; Profit. Applying Coverage-guided Fuzzing to Find and Exploit Bugs in Modern Malware</h3>\n	<p class=\"details\">Sunday at 15:00 in Track 3<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Maksim Shudrak<span class=\"speakerTitle\"> Senior Offensive Security Researcher, Salesforce</span></h4>\n<p class=\"abstract\">Practice shows that even the most secure software written by the best engineers contain bugs. Malware is not an exception. In most cases their authors do not follow the best secure software development practices thereby introducing an interesting attack scenario which can be used to stop or slow-down malware spreading, defend against DDoS attacks and take control over C&amp;Cs and botnets. Several previous researches have demonstrated that such bugs exist and can be exploited. To find those bugs it would be reasonable to use coverage-guided fuzzing. <br><br>This talk aims to answer the following two questions: ___ we defend against malware by exploiting bugs in them ? How can we use fuzzing to find those bugs automatically ? <br><br>The author will show how we can apply coverage-guided fuzzing to automatically find bugs in sophisticated malicious samples such as botnet Mirai which was used to conduct one of the most destructive DDoS in history and various banking trojans. A new cross-platform tool implemented on top of WinAFL will be released and a set of 0day vulnerabilities will be presented. <br><br>Do you want to see how a small addition to HTTP-response can stop a large-scale DDoS attack or how a smart bitflipping can cause RCE in a sophisticated banking trojan? If the answer is yes, this is definitely your talk.</p>\n\n<p class=\"speakerBio\"><strong>Maksim Shudrak</strong><br> Maksim is a security researcher, hacker who loves vulnerabilities hunting, fuzzing acrobatics and complex malicious samples reversing. Maksim had a change to work on binary instrumentation, Windows operating system emulators and malware analysis at large cyber security companies around the world.<br><br>https://github.com/mxmssh, https://www.linkedin.com/in/mshudrak</p>\n</article>\n\'',0,134808),('1_Thursday','14','14:00','14:45','N','DEFCON','Track  101','\'WAGGING THE TAIL&mdash;COVERT PASSIVE SURVEILLANCE AND HOW TO MAKE THEIR LIFE DIFFICULT\'','\'Si, Agent X\'','dc__Si','\'<article class=\"talk\" id=\"dc__Si\">\n<h3 class=\"talkTitle\">WAGGING THE TAIL&mdash;COVERT PASSIVE SURVEILLANCE AND HOW TO MAKE THEIR LIFE DIFFICULT</h3>\n	<p class=\"details\">Thursday at 14:00 in 101 Track, Flamingo<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">Si<span class=\"speakerTitle\"> Independent Security Consultant</span></h4>\n<h4 class=\"speaker\">Agent X<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">In this modern digital age of technically competent adversaries we forget that there may still be a need to conduct old school physical surveillance against a target.  Many organisations utilise surveillance teams and these may be in-house in the case of government agencies or third-party teams contracted for a specific task and their targets range from suspected terrorists to people accused of bogus insurance claims. <br><br>Whilst most people think that they may never be placed under surveillance some professions increase this probability.  For example, if you are a member of the press with sources that you only meet face to face you could be a target especially if the source is a whistleblower or has information that their employer would rather they didn\'t give to you.  Would it seem far-fetched to think that a hacker, security researcher or a member of the EFF could be placed under surveillance?  Maybe even some current and former DEF CON speakers and attendees? <br><br>These teams are not the lone Private Investigator sat in their car at the bottom of your street but are highly trained individuals whose job is to remain undetected.  Their mission is to observe and identify interactions and document everything they see.  They aim to be \"The Grey Man\", that person, when asked to describe, you are unable to.  Their techniques have changed very little over decades because they work. <br><br>This talk will focus on mobile and foot surveillance techniques used by surveillance teams.  It will also include tips on identifying if you are under surveillance and how to make their life difficult.</p>\n\n<p class=\"speakerBio\"><strong>Si</strong><br> Si previously served 22 years in the British Army and is now an independent security consultant with over 25 years of combined experience in various security fields.  He always tries to follow the mantra \"security must make sense\".<br><br>@SecuritySense</p>\n<p class=\"speakerBio\"><strong>Agent X</strong><br> Agent X is a hacker, interested in offensive security, espionage, and operational security. He\'s been a DEF CON goon for the last twenty years and spent a majority of that time as head of speaker operations. A loud-mouth, he\'s spoken at DEF CON, Notacon, Shmoocon, Hackcon, Pumpcon, and Hushcon. He travels internationally more than most but not as much as he\'d like. He lives in a van down by the river.</p>\n</article>\n\'',0,134809),('2_Friday','16','16:00','16:45','N','DEFCON','Track 2','\'Practical &amp; Improved Wifi MitM with Mana\'','\'singe\'','dc__Singe','\'<article class=\"talk\" id=\"dc__Singe\">\n<h3 class=\"talkTitle\">Practical &amp; Improved Wifi MitM with Mana</h3>\n	<p class=\"details\">Friday at 16:00 in Track 2<br>\n	45 minutes | Demo, Audience Participation, Tool</p>\n<h4 class=\"speaker\">singe<span class=\"speakerTitle\"> CTO @ SensePost</span></h4>\n<p class=\"abstract\">In 2014, we released the mana rogue AP toolkit at DEF CON 22. This fixed KARMA attacks which no longer worked against modern devices, added new capabilities such as KARMA against some EAP networks and provided an easy to use toolkit for conducting MitM attacks once associated. <br><br>Since then, several changes in wifi client devices, including MAC randomisation, significant use of the 5GHz spectrum and an increased variety of configurations has made these attacks harder to conduct. Just firing up a vanilla script gets fewer credentials than it used to. <br><br>To address this mana will be re-released in this talk with several significant improvements to make it easier to conduct rogue AP MitM attacks against modern devices and networks. <br><br>After years of using mana in many security assessments, we\'ve realised rogue AP\'ing and MitM\'ing is no simple affair. This extended talk will provide an overview of mana, the new capabilities and features, and walk attendees through three scenarios and their nuances:</p>\n	<ul class=\"square\"><li>Intercepting corporate credentials at association (PEAP/EAP-GTC)<li>Targeting one or more devices for MitM &amp; collecting credentials<li>\"Snoopy\" style geolocation &amp; randomised MAC deanonymization </ul><p>As a bonus, you\'ll be able to download a training environment to practise all of this without requiring any wifi hardware (or breaking any laws).</p>\n\n<p class=\"speakerBio\"><strong>singe</strong><br> singe has been hacking for 14 years, the last 8 of them at SensePost. He is the primary author of mana-toolkit and has developed wifi hacking training for places like BlackHat.<br><br>@singe</p>\n</article>\n\'',0,134810),('3_Saturday','11','11:00','11:45','N','DEFCON','Track 3','\'Jailbreaking the 3DS through 7 years of hardening\'','\'smea\'','dc__Smea','\'<article class=\"talk\" id=\"dc__Smea\">\n<h3 class=\"talkTitle\">Jailbreaking the 3DS through 7 years of hardening</h3>\n	<p class=\"details\">Saturday at 11:00 in Track 3<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">smea<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">The 3DS was one of Nintendo\'s first serious attempts at security, featuring a cool microkernel based OS and actual exploit mitigations. That didn\'t stop it from getting hacked pretty hard, making it possible for people to write their own homebrew software for the console. But Nintendo isn\'t one to back off from a fight and, as a result, has put significant effort into not only fixing vulnerabilities but also introducing new security features targeted specifically at killing exploit techniques used by hackers. This talk will describe hacking the console through all these defensive features by walking through a 0-day exploit chain that takes us all the way from zero access to a full system jailbreak.</p>\n\n<p class=\"speakerBio\"><strong>smea</strong><br> smea got his start making video games for closed consoles like the Nintendo DS using whatever hacks were available at the time. At some point consoles started getting actual security features and he transitioned from simply making homebrew software to making the jailbreaks that let people run it. He\'s best known for his work on the Nintendo 3DS and Wii U but has also done exploitation work against high profile web browsers and virtualization stacks.<br><br>@smealum, https://github.com/smealum</p>\n</article>\n\'',0,134811),('3_Saturday','20','20:00','19:59','N','DEFCON','Octavius 13','\'Privacy Is Equality&mdash;And It\'s Far from Dead\'','\'Sarah St. Vincent\'','dc__StVincent','\'<article class=\"talk\" id=\"dc__StVincent\">\n<h3 class=\"talkTitle\">Privacy Is Equality&mdash;And It\'s Far from Dead</h3>\n	<p class=\"details\">Saturday at 20:00 in Octavius 13<br>\n	Fireside Hax</p>\n<h4 class=\"speaker\">Sarah St. Vincent<span class=\"speakerTitle\"> Researcher/Advocate on National Security, Surveillance, and Domestic Law Enforcement, Human Rights Watch</span></h4>\n<p class=\"abstract\">A talk at DEF CON 25 claimed that privacy is \"gone and never coming back.\" This talk offers a different view, inviting the audience to see privacy as fundamentally about equality-something we have never fully had but also should never regard as gone.<br><br>\n\nThe speaker is a human rights lawyer and investigator, and will draw on decades of human rights thinking about state surveillance as well as her 2017 revelations about Defense Department monitoring of \"homegrown violent extremists.\" Adopting a feminist and race-conscious perspective and inviting audience participation, the talk will challenge received wisdom about basic concepts such as privacy, national security, the warrant requirement, and online radicalization. With a view to the future, it will also offer a thought-provoking history of the connections between privacy and equality in the United States-and the ways unchecked surveillance operates to categorize us and reinforce divisions between us.<br><br>\n\nIt is easy to forget that _1984_ was partly a story about poverty and economic inequality. This talk embraces Orwell\'s insight into the connection between the erosion of privacy and a dangerous loss of equality, and carries it forward.</p>\n\n<p class=\"speakerBio\"><strong>Sarah St. Vincent</strong><br> Sarah St. Vincent is a researcher and advocate on national security, surveillance, and domestic law enforcement for the US Program at Human Rights Watch. She has investigated and documented the deliberate concealment of surveillance-based and other evidence from US criminal defendants, the Defense Department\'s monitoring of \"homegrown violent extremists,\" and the potential use of US intelligence surveillance for anti-drug purposes. Before joining Human Rights Watch, she was a legal fellow on international human rights and surveillance at the Center for Democracy & Technology. She writes regularly about surveillance, privacy, and related issues under US and European Union law and is a member of the New York bar.<br><br>@SarahStV_HRW</p>\n\n</article>\n\'',0,134812),('3_Saturday','16','16:00','16:45','N','DEFCON','Track 3','\'Inside the Fake Science Factory\'','\'Dr Cindy Poppins - Computer Scientist (AKA Svea Eckert), Dr Dade Murphy - Reformed Hacker (AKA Suggy), Professor Dr Edgar Munch','dc__Svea','\'<article class=\"talk\" id=\"dc__Svea\">\n<h3 class=\"talkTitle\">Inside the Fake Science Factory</h3>\n	<p class=\"details\">Saturday at 16:00 in Track 3<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">Dr Cindy Poppins - Computer Scientist (AKA Svea Eckert)<span class=\"speakerTitle\"></span></h4>\n<h4 class=\"speaker\">Dr Dade Murphy - Reformed Hacker (AKA Suggy)<span class=\"speakerTitle\"></span></h4>\n<h4 class=\"speaker\">Professor Dr Edgar Munchhausen – Struwwelpeter Fellow (AKA Till Krause)<span class=\"speakerTitle\"></span></h4>\n<p class=\"abstract\">Fake News has got a sidekick and it\'s called Fake Science. This talk presents the findings and methodology from a team of investigative journalists, hackers and data scientists who delved into the parallel universe of fraudulent pseudo-academic conferences and journals; Fake science factories, twilight companies whose sole purpose is to give studies an air of scientific credibility while cashing in on millions of dollars in the process. Until recently, these fake science factories have remained relatively under the radar, with few outside of academia aware of their presence; but the highly profitable industry is growing significantly and with it, so are the implications. To the public, fake science is indistinguishable from legitimate science, which is facing similar accusations itself. Our findings highlight the prevalence of the pseudo-academic conferences, journals and publications and the damage they can and are doing to society.</p>\n\n<p class=\"speakerBio\"><strong>Svea Eckert</strong><br>Svea is a freelance journalist for Germany’s main public service broadcaster “Das Erste” (ARD). She is researching and reporting investigative issues with main focus on new technology, computer and network security, digital economics and data protection. Svea’s academic alter ego is Dr Cindy Poppins, a well-known computer scientist from the University of Applied Sciences of Lower Saxony at Wiepenkathen, Germany. Dr Poppin’s main focus lies on novel solutions for the analysis of agents. She recently discovered COP, an algorithm which improves compact technology and suffix trees, winning her the best presentation award at an international conference.<br><br>@sveckert</p>\n<p class=\"speakerBio\"><strong>Chris \"Suggy\" Sumner</strong><br>Suggy is the lead researcher and co-founder of the not-for-profit Online Privacy Foundation, who contribute to the field of psychological research in online contexts. He has authored papers and spoken on this topic at DEF CON, other noteworthy conferences and a fake conference. For the past five years, Suggy has served as a member of the DEF CON CFP review board. Suggy’s academic alter ego is Dr Dade Murphy, a reformed hacker whose eagerly anticipated work on polymorphic machine learning defences for Gibson mainframe computers was recently accepted at an international cyber security conference.<br><br>@5uggy</p>\n<p class=\"speakerBio\"><strong>Till Krause</strong><br>Till is an editor and investigative reporter at Süddeutsche Zeitung Magazine, the supplement of Germany’s major broadsheet newspaper. Ever since he studied Electronic Communication Arts as a Fulbright Scholar in the Bay Area in 2005, he is interested in all things tech, writing about surveillance, data protection and cybercrime.  Till’s academic alter ego is Professor Dr. Edgar Munchhausen, a Struwwelpeter Fellow for Applied Sciences at various universities in Europe and Asia and a renowned researcher who has published his research in countless peer-reviewed journals. He holds a PhD from the University of Wiepenkathen and is a laureate of the Horst Schimanski Award and CEO of IOIR, the Institute of International Research.</p>\n</article>\n\'',0,134813),('4_Sunday','14','14:00','14:45','N','DEFCON','Track 2','\'Hacking BLE Bicycle Locks for Fun and a Small Profit\'','\'Vincent Tan\'','dc__Tan','\'<article class=\"talk\" id=\"dc__Tan\">\n<h3 class=\"talkTitle\">Hacking BLE Bicycle Locks for Fun and a Small Profit</h3>\n	<p class=\"details\">Sunday at 14:00 in Track 2<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">Vincent Tan<span class=\"speakerTitle\"> Senior Security Consultant, MWR InfoSecurity</span></h4>\n<p class=\"abstract\">Hack a lock and get free rides! (No free beer yet though...). This talk will explore the ever growing ride sharing economy and look at how the BLE \"Smart\" locks on shared bicycles work. The entire solution will be deconstructed and examined, from the mobile application to its supporting web services and finally communications with the lock. We will look at how to go about analysing communications between a mobile device and the lock, what works, what doesn\'t. <br><br>Previous talks on attacking BLE targeted the protocol itself using various hardware and software such as Ubertooth and Wireshark, which could be potentially difficult for someone new wanting to explore BLE and the ever connected IoT world. I\'ll simplify and stupidify the entire process such that anyone with a mobile phone and basic experience with Frida can go about breaking locks and hacking BLE the world over.</p>\n\n<p class=\"speakerBio\"><strong>Vincent Tan</strong><br> Vincent is a Senior Security Consultant at MWR Labs (the forefront of innovation and research in cyber security). He has a passion for all things\"mobile\" and anything\"wireless\". Vincent spends most of his free time focused on reverse engineering esoteric protocols, mobile devices and all things IOT to make the real(cyber)world a better and (where possible) a safer place to be for all. (All this while trying to survive by getting free rides.) Singaporean by birth, Vincent defies the local stereotype of accepting \"cannot\" for an answer and lives in a world of only pure possibility.</p>\n</article>\n\'',0,134814),('2_Friday','13','13:30','13:50','N','DEFCON','Track  101','\'You can run, but you can\'t hide.  Reverse engineering using X-Ray.\'','\'George Tarnovsky\'','dc__Tarnovsky','\'<article class=\"talk\" id=\"dc__Tarnovsky\">\n<h3 class=\"talkTitle\">You can run, but you can\'t hide.  Reverse engineering using X-Ray.</h3>\n	<p class=\"details\">Friday at 13:30 in 101 Track, Flamingo<br>\n	20 minutes |</p>\n<h4 class=\"speaker\">George Tarnovsky<span class=\"speakerTitle\"> Engineer, Cisco Systems</span></h4>\n<p class=\"abstract\">Most of us have knowledge of PCB construction. In the past reversing someone\'s design was an easy task due to the simplicity of the PCB design. Now with BGA\'s( Ball Grid Array\'s), manufacturers using several plane layers cover the entire PCB design and obscuring the details of the PCB from view. Thru the use of X-Ray, we are able to reverse engineer virtually anything. Slides will be presented show several PCB designs and how easy it was to reverse engineer the PCB. Also presenting videos of live views and dynamic zoom; this will demonstrate the true power of the X-Ray and its ability to see sub-micron features within the PCB structure and devices while manipulating the PCB.</p>\n\n<p class=\"speakerBio\"><strong>George Tarnovsky</strong><br> George Tarnovsky has been working a Design Engineer since the 80\'s.  His designs for industries such as:  Industrial process control instrumentation, Visible light spectroscopy, Semiconductor FAB instrumentation, Smart card security &amp; countermeasures, Automotive systems vulnerability.  George holds several patents, has given papers at many internal conferences, and currently continues to expand FPGA designs vulnerability and hardening.</p>\n</article>\n\'',0,134815),('2_Friday','15','15:00','15:45','N','DEFCON','Track  101','\'Weaponizing Unicode: Homographs Beyond IDNs\'','\'The Tarquin\'','dc__Tarquin','\'<article class=\"talk\" id=\"dc__Tarquin\">\n<h3 class=\"talkTitle\">Weaponizing Unicode: Homographs Beyond IDNs</h3>\n	<p class=\"details\">Friday at 15:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Tool</p>\n<h4 class=\"speaker\">The Tarquin<span class=\"speakerTitle\"> Senior Security Engineer, Amazon.com</span></h4>\n<p class=\"abstract\">Most people are familiar with homograph attacks due to phishing or other attack campaigns using Internationalized Domain Names with look-alike characters. But homograph attacks exist against wide variety of systems that have gotten far less attention. This talk discusses the use of homographs to attack machine learning systems, to submit malicious software patches, and to craft cryptographic canary traps and leak repudiation mechanisms. It then introduces a generalized defense strategy that should work against homograph attacks in any context.</p>\n\n<p class=\"speakerBio\"><strong>The Tarquin</strong><br> The Tarquin is a security engineer at Amazon.com. His security background is in browser development and application security. His hacking background is mainly in attempting to maximize the absurdity content of systems. He also studied philosophy, specializing in the Phenomenology of Technology and seeks to understand the ways in which our systems help the human brain lie to itself. His years as a dev have given him a bad habit of needling red teamers. His years in philosophy have given him a bad habit of switching sides in an argument seemingly at random.</p>\n</article>\n\'',0,134816),('3_Saturday','17','17:00','17:45','N','DEFCON','Track 1','\'The Road to Resilience: How Real Hacking Redeems this Damnable Profession\'','\'Richard Thieme, a.k.a. neural cowboy\'','dc__Thieme','\'<article class=\"talk\" id=\"dc__Thieme\">\n<h3 class=\"talkTitle\">The Road to Resilience: How Real Hacking Redeems this Damnable Profession</h3>\n	<p class=\"details\">Saturday at 17:00 in Track 1<br>\n	45 minutes | </p>\n<h4 class=\"speaker\">Richard Thieme, a.k.a. neural cowboy<span class=\"speakerTitle\"> Author and professional speaker, ThiemeWorks</span></h4>\n<p class=\"abstract\">Two years ago Richard Thieme spoke on “Playing Through the Pain: The Impact of Dark Knowledge on Security and Intelligence Professionals” for Def Con 24. He relied on dozens of experiences provided by colleagues over a quarter-century, colleagues from NSA, CIA, corporate, and military. Responses to the presentation have often been emotional and have corroborated his thesis. The real impact of this work on people over the long term has to be mitigated by counter-measures and strategies so scars can be endured or,even better,incorporated and put to use.<br><br>\n\nIn this presentation, Thieme elaborates those strategies and counter-measures. In what is likely his final speech at Def Con, he speaks directly to the “human in the machine” AS a human being. It’s not about leaving the profession: it’s about what we can do to thrive and transcend the challenges. It‘s about “saving this space,” this play space of hacking, work and life, and knowing the cost of being fully human while encountering dehumanizing impacts.<br><br>\n\nIt is easier to focus on exploits, cool tools, zero days, and the games we play in the space that “makes us smile.” It is not so easy to know how to play through the pain successfully. The damage to us does not show up in brain scans. It shows up in our families, our relationships, and our lives.<br><br>\n\nThieme is not preaching, he is sharing insights based on what he too has had to transcend in his own life. They call a lot of us “supernormals,” which means we discovered resilient responses to deprivation, abuse, profound loss … or the daily challenges of work that makes clear that evil is real. We are driven, we never quit, we fight through adversity, we create and recreate personas that work, we do what has to be done. It pays to know how we do that and know THAT we know so we can recreate resilience in the face of whatever comes our way. \n<br><br>\nA contractor for NSA suggested that everyone inside the agency should see the video of “Playing Through the Pain.” A long-time Def Con attendee asks all new hires to watch “Staring into the Abyss,” a talk Thieme did a few years before. This subject matter is seldom discussed aloud “out here” and by all accounts is not taken seriously “inside,” which is perhaps why there have been half a dozen suicides lately at NSA and a CIA veteran said, “I have 23 suicides on my mind, the most recent senior people who could not live with what they knew.”<br><br>\n\nThe assumption baked into this talk: real hacking, its ethos and its execution, provides the tools we need to do this damn thing right.<br><br>\nThis talk is in honor of Perry Barlow and the EFF.</p>\n\n<p class=\"speakerBio\"><strong>Richard Thieme</strong><br>Richard Thieme (www.thiemeworks.com) is an author and professional speaker focused on the deeper implications of technology, religion, and science for twenty-first century life. He speaks professionally about the challenges posed by new technologies and the future, how to redesign ourselves to meet these challenges, and creativity in response to radical change. His speaking generally addresses “the human in the machine,” technology-related security and intelligence issues as they come home to our humanity.<br><br>\n\nThieme has published hundreds of articles, dozens of short stories, five books with more coming, and has delivered hundreds of speeches. His pre-blog column, \"Islands in the Clickstream,\" was distributed to thousands of subscribers in sixty countries before collection as a book in 2004. When a friend at the NSA told him, \"The only way you can tell the truth [that we discuss} is through fiction,\" he returned to writing short stories, one result of which is \"Mind Games,\" a collection of nineteen stories about anomalies, infosec, professional intelligence and edgy realities. More edgy realities are illuminated in the recently published and critically extolled “UFOs and Government: A Historical Inquiry” to which he contributed, a 5-year research project using material from inside the military and intelligence communities to document government responses to the phenomena from WW2 to the present. It is in the collections of 100+ libraries. He is primary editor for a sequel which is in the works.<br><br>\n\nMany speeches address technology-related security and intelligence issues. Richard keynoted the first two Black Hats and has keynoted conferences around the world. Clients range from GE, Microsoft and Medtronic to the National Security Agency, the Pentagon, FBI, US Dept of the Treasury, and the US Secret Service. His work has been taught at universities in Europe, Australia, Canada, and the United States, and he has guest lectured at numerous universities.</p>\n</article>\n\'',0,134817),('2_Friday','12','12:00','12:45','N','DEFCON','Track 2','\'Breaking Parser Logic: Take Your Path Normalization Off and Pop 0days Out!\'','\'Orange Tsai\'','dc__Tsai','\'<article class=\"talk\" id=\"dc__Tsai\">\n<h3 class=\"talkTitle\">Breaking Parser Logic: Take Your Path Normalization Off and Pop 0days Out!</h3>\n	<p class=\"details\">Friday at 12 in Track 2<br>\n	45 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Orange Tsai<span class=\"speakerTitle\"> Security Researcher from DEVCORE</span></h4>\n<p class=\"abstract\">We propose a new exploit technique that brings a whole-new attack surface to defeat path normalization, which is complicated in implementation due to many implicit properties and edge cases. This complication, being under-estimated or ignored by developers for a long time, has made our proposed attack vector possible, lethal, and general. Therefore, many 0days have been discovered via this approach in popular web frameworks written in trending programming languages, including Python, Ruby, Java, and JavaScript. <br><br>Being a very fundamental problem that exists in path normalization logic, sophisticated web frameworks can also suffer. For example, we\'ve found various 0days on Java Spring Framework, Ruby on Rails, Next.js, and Python aiohttp, just to name a few. This general technique can also adapt to multi-layered web architecture, such as using Nginx or Apache as a proxy for Tomcat. In that case, reverse proxy protections can be bypassed. To make things worse, we\'re able to chain path normalization bugs to bypass authentication and achieve RCE in real world Bug Bounty Programs. Several scenarios will be demonstrated to illustrate how path normalization can be exploited to achieve sensitive information disclosure, SMB-Relay and RCE. <br><br>Understanding the basics of this technique, the audience won\'t be surprised to know that more than 10 vulnerabilities have been found in sophisticated frameworks and multi-layered web architectures aforementioned via this technique.</p>\n\n<p class=\"speakerBio\"><strong>Orange Tsai</strong><br> Cheng-Da Tsai, also as known as Orange Tsai, is member of DEVCORE and CHROOT from Taiwan. He has spoken at conferences such as Black Hat USA, Black Hat ASIA, DEF CON, HITCON, HITB, CODEBLUE and WooYun. He participates in numerous Capture-the-Flags (CTF), and won 2nd place in DEF CON 22/25 as team member of HITCON. <br><br>Currently, he is focusing on vulnerability research and web application security. Orange enjoys finding vulnerabilities and participating in Bug Bounty Programs. He is enthusiastic about Remote Code Execution (RCE), and uncovered RCEs in several vendors, such as Facebook, Uber, Apple, GitHub, Amazon, Yahoo and Imgur.<br><br>@orange_8361, Blog: http://blog.orange.tw/</p>\n</article>\n\'',0,134818),('2_Friday','13','13:00','13:30','N','DEFCON','Track 1','\'Compromising online accounts by cracking voicemail systems\'','\'Martin Vigo\'','dc__Vigo','\'<article class=\"talk\" id=\"dc__Vigo\">\n<h3 class=\"talkTitle\">Compromising online accounts by cracking voicemail systems</h3>\n	<p class=\"details\">Friday at 13:00 in Track 1<br>\n	20 minutes | Demo, Audience Participation, Tool</p>\n<h4 class=\"speaker\">Martin Vigo<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">Voicemail systems have been with us since the 80s. They played a big role in the earlier hacking scene and re-reading those e-zines, articles and tutorials paints an interesting picture. Not much has changed. Not in the technology nor in the attack vectors. Can we leverage the last 30 years innovations to further compromise voicemail systems? And what is the real impact today of pwning these? <br><br>In this talk I will cover voicemail systems, it\'s security and how we can use oldskool techniques and new ones on top of current technology to compromise them. I will discuss the broader impact of gaining unauthorized access to voicemail systems today and introduce a new tool that automates the process.</p>\n\n<p class=\"speakerBio\"><strong>Martin Vigo</strong><br> Martin Vigo is a Lead Product Security Engineer and Researcher responsible for Mobile security, Identity and Authentication. He helps design secure systems and applications, conducts security reviews, penetration testing and generally helps keep \"the cloud\" secure. Martin is also involved in educating developers on security essentials and best practices. <br><br>Martin has presented several topics including breaking password managers, exploiting Apple\'s Facetime to create a spy program and mobile app development best practices. These were given at conferences such as Blackhat EU, Ekoparty, Kaspersky Security Analyst Summit and Shakacon. <br><br>Outside the office, Martin enjoys research, bug bounties, gin tonics and scuba diving.<br><br>@martin_vigo</p>\n</article>\n\'',0,134819),('4_Sunday','12','12:00','12:45','N','DEFCON','Track 2','\'Attacking the macOS Kernel Graphics Driver\'','\'Yu Wang\'','dc__Wang','\'<article class=\"talk\" id=\"dc__Wang\">\n<h3 class=\"talkTitle\">Attacking the macOS Kernel Graphics Driver</h3>\n	<p class=\"details\">Sunday at 12:00 in Track 2<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Yu Wang<span class=\"speakerTitle\"> Senior Staff Engineer at Didi Research America</span></h4>\n<p class=\"abstract\">Just like the Windows platform, graphic drivers of macOS kernel are complicated and provide a large promising attack surface for EoPs and sandbox escapes from low-privileged processes. After auditing part of the binaries, I discovered a number of vulnerabilities last year. Including, NULL pointer dereference, stack-based buffer overflow, arbitrary kernel memory read and write, use-after-free, etc. Some of these vulnerabilities were reported to Apple Inc., such as the CVE-2017-7155, CVE-2017-7163, CVE-2017-13883.<br><br>In this presentation, I will share with you the detailed information about these vulnerabilities. Furthermore, from the attacker\'s perspective, I will also reveal some new exploit techniques and zero-days.</p>\n\n<p class=\"speakerBio\"><strong>Yu Wang</strong><br> Yu Wang is a senior staff engineer at Didi Research America. He has previously presented on Syscan360 2012/2013, Hitcon 2013, Black Hat USA 2014, Black Hat ASIA 2016, Black Hat USA Arsenal 2018 and other conferences.</p>\n</article>\n\'',0,134820),('3_Saturday','14','14:30','14:50','N','DEFCON','Track 3','\'Fire &amp; Ice: Making and Breaking macOS Firewalls\'','\'Patrick Wardle\'','dc__Wardle1','\'<article class=\"talk\" id=\"dc__Wardle1\">\n<h3 class=\"talkTitle\">Fire &amp; Ice: Making and Breaking macOS Firewalls</h3>\n	<p class=\"details\">Saturday at 14:30 in Track 3<br>\n	20 minutes | Demo, Tool, Exploit</p>\n<h4 class=\"speaker\">Patrick Wardle<span class=\"speakerTitle\"> Chief Research Officer, Digita Security</span></h4>\n<p class=\"abstract\">In the ever raging battle between malicious code and anti-malware tools, firewalls play an essential role. Many a malware has been generically thwarted thanks to the watchful eye of these products. <br><br>However on macOS, firewalls are rather poorly understood. Apple\'s documentation surrounding it\'s network filter interfaces is rather lacking and all commercial macOS firewalls are closed source. <br><br>This talk aims to take a peek behind the proverbial curtain revealing how to both create and \'destroy\' macOS firewalls. <br><br>In this talk, we\'ll first dive into what it takes to create an effective firewall for macOS. Yes we\'ll discuss core concepts such as kernel-level socket filtering&mdash;but also how to communicate with user-mode components, install privileged code in a secure manner, and simple ways to implement self-defense mechanisms (including protecting the UI from synthetic events). <br><br>Of course any security tool, including firewalls, can be broken. After looking at various macOS malware specimens that proactively attempt to detect such firewalls, we\'ll don our \'gray\' (black?) hats to discuss various attacks against these products. And while some attacks are well known, others are currently undisclosed and can generically bypass even today\'s most vigilant Mac firewalls. <br><br>But all is not lost. By proactively discussing such attacks, combined with our newly-found understandings of firewall internals, we can improve the existing status quo, advancing firewall development. With a little luck, such advancements may foil, or at least complicate the lives of tomorrow\'s sophisticated Mac malware!</p>\n\n<p class=\"speakerBio\"><strong>Patrick Wardle</strong><br> Patrick Wardle is the Chief Research Officer at Digita Security and founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users.<br><br>@patrickwardle</p>\n</article>\n\'',0,134821),('4_Sunday','10','10:00','10:45','N','DEFCON','Track  101','\'The Mouse is Mightier than the Sword\'','\'Patrick Wardle\'','dc__Wardle2','\'<article class=\"talk\" id=\"dc__Wardle2\">\n<h3 class=\"talkTitle\">The Mouse is Mightier than the Sword</h3>\n	<p class=\"details\">Sunday at 10:00 in 101 Track, Flamingo<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Patrick Wardle<span class=\"speakerTitle\"> Chief Research Officer, Digita Security</span></h4>\n<p class=\"abstract\">In today\'s digital world the mouse, not the pen is arguably mightier than the sword. Via a single click, countless security mechanisms may be completely bypassed. Run untrusted app? click ...allowed. Authorize keychain access? click ...allowed. Load 3rd-party kernel extension? click ...allowed. Authorize outgoing network connection? click ...allowed. Luckily security-conscious users will (hopefully) heed such warning dialogues&mdash;stopping malicious code in its tracks. But what if such clicks can be synthetically generated and interact with such prompts in a completely invisible way? Well, then everything pretty much goes to hell. <br><br>Of course OS vendors such as Apple are keenly aware of this \'attack\' vector, and thus strive to design their UI in a manner that is resistant against synthetic events. Unfortunately they failed. <br><br>In this talk we\'ll discuss a vulnerability (CVE-2017-7150) found in all recent versions of macOS that allowed unprivileged code to interact with any UI component including \'protected\' security dialogues. Armed with the bug, it was trivial to programmatically bypass Apple\'s touted \'User-Approved Kext\' security feature, dump all passwords from the keychain, bypass 3rd-party security tools, and much more! And as Apple\'s patch was incomplete (surprise surprise) we\'ll drop an 0day that (still) allows unprivileged code to post synthetic events and bypass various security mechanisms on a fully patched macOS box! <br><br>And while it may seem that such synthetic interactions with the UI will be visible to the user, we\'ll discuss an elegant way to ensure they happen completely invisibly!</p>\n\n<p class=\"speakerBio\"><strong>Patrick Wardle</strong><br> Patrick Wardle is the Chief Research Officer at Digita Security and founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users.<br><br>@patrickwardle</p>\n</article>\n\'',0,134822),('2_Friday','10','10:00','10:45','N','DEFCON','Track 1','\'Welcome To DEF CON &amp; Badge Maker Talk\'','\'The Dark Tangent\'','dc__Welcome','\'<article class=\"talk\" id=\"dc__Welcome\">\n<h3 class=\"talkTitle\">Welcome To DEF CON &amp; Badge Maker Talk</h3>\n	<p class=\"details\">Friday at 10:00 in Track 1<br>\n	45 minutes | Demo</p>\n<h4 class=\"speaker\">The Dark Tangent<span class=\"speakerTitle\"> </span></h4>\n<p class=\"abstract\"></p>\n\n<p class=\"speakerBio\"><strong>The Dark Tangent</strong><br></p>\n</article>\n\'',0,134823),('4_Sunday','13','13:00','13:30','N','DEFCON','Track 3','\'barcOwned&mdash;Popping shells with your cereal box\'','\'Michael West, magicspacekiwi (Colin Campbell)\'','dc__West','\'<article class=\"talk\" id=\"dc__West\">\n<h3 class=\"talkTitle\">barcOwned&mdash;Popping shells with your cereal box</h3>\n	<p class=\"details\">Sunday at 13:00 in Track 3<br>\n	20 minutes | Demo</p>\n<h4 class=\"speaker\">Michael West<span class=\"speakerTitle\"> Technical Advisor at CyberArk</span></h4>\n<h4 class=\"speaker\">magicspacekiwi (Colin Campbell)<span class=\"speakerTitle\"> Web Developer</span></h4>\n<p class=\"abstract\">Barcodes and barcode scanners are ubiquitous in many industries and work with untrusted data on labels, boxes, and even phone screens. Most scanners also allow programming via barcodes to manipulate and inject keystrokes. See the problem? By scanning a few programming barcodes, you can infect a scanner and access the keyboard of the host device, letting you type commands just like a Rubber Ducky. This culminates in barcOwned&mdash;a small web app that allows you to program scanners and execute complex, device-agnostic payloads in seconds. Possible applications include keystroke injection (including special keys), infiltration and exfiltration of data on air-gapped systems, and good ol\' denial of service attacks.</p>\n\n<p class=\"speakerBio\"><strong>Michael West</strong><br> Michael West, aka T3h Ub3r K1tten, is a National Technical Advisor at CyberArk who likes cats. His homelab has over 640 kilobytes of RAM. Michael presents regularly at Dallas Hackers Association and enjoys combining his software dev background with infosec to build tools for others. His interests include OSINT, amateur radio, and scanning long barcodes on the beach.<br><br>@t3hub3rk1tten, https://mwe.st, https://barcowned.com</p>\n<p class=\"speakerBio\"><strong>magicspacekiwi (Colin Campbell)</strong><br> magicspacekiwi, aka Colin Campbell, is a Web Developer with a focus on user experience and considers security an important (but often neglected) part of that experience. They\'ve managed to log over 1500 hours in Overwatch while being stuck in plat. Ask them about their nginx configs.</p>\n</article>\n\'',0,134824),('2_Friday','20','20:00','19:59','N','DEFCON','Octavius 13','\'Disrupting the Digital Dystopia or What the hell is happening in computer law?\'','\'Nathan White, Nate Cardozo\'','dc__White','\'<article class=\"talk\" id=\"dc__White\">\n<h3 class=\"talkTitle\">Disrupting the Digital Dystopia or What the hell is happening in computer law?</h3>\n	<p class=\"details\">Friday at 20:00 in Octavius 13<br>\n	Fireside Hax | Audience Participation</p>\n<h4 class=\"speaker\">Nathan White<span class=\"speakerTitle\"> Senior Legislative Manager, Access Now</span></h4>\n<h4 class=\"speaker\">Nate Cardozo<span class=\"speakerTitle\"> Senior Staff Attorney, EFF</span></h4>\n<p class=\"abstract\">1984 didn\'t just happen because of a calendar. The world of 1984 was built by politicians who used the rule of law to change society into an oppressive surveillance state. In Washington D.C., politicians today are making decisions about what technologies we\'re permitted to use and how they\'ll be used in society. In this talk we\'ll break down 4-5 bills currently under discussion in Congress and explain who they\'ll impact the DEF CON community.</p>\n\n<p class=\"speakerBio\"><strong>Nathan White</strong><br> Nathan White spent five years working for the U.S. congress before starting a political consulting firm as a registered lobbyist. He now serves as the Senior Legislative Manager for Access Now, where he works to defend our digital rights. He has run political and issue campaigns from Maui to Maryland to Melbourne. He helped advocacy campaigns including the fight to save Net Neutrality at the FCC (2015) and the USA FREEDOM Act in Congress. At Access Now he co-organized the Crypto Summit and Crypto Summit 2.0. He worked to build the SaveCrypto.org campaign and helped create the international coalition to Secure The Internet (securetheinternet.org). He works everyday to educate Washington D.C. beltway types about our community. <br><br>@NathanielDWhite</p>\n<p class=\"speakerBio\"><strong>Nate Cardozo</strong><br> Nate Cardozo is a Senior Staff Attorney on EFF\'s civil liberties team where he focuses on cybersecurity policy and defending coders\' rights. Nate has litigated cases involving electronic surveillance, freedom of information, digital anonymity, online free expression, and government hacking. His other projects include defending encryption, fighting software export controls, preserving automotive privacy, and assisting surveillance law reform efforts. As an expert in technology law and civil liberties, Nate works on EFF\'s Who Has Your Back report and regularly assists companies in crafting rights-preserving policies and advising on compliance with legal process. When he\'s not brewing beer with his EFF colleagues, Nate serves on the boards of directors of the First Amendment Coalition and the South Asian Film Preservation Society. Nate has a B.A. in Anthropology and Politics from U.C. Santa Cruz and a J.D. from U.C. Hastings where he has taught first-year legal writing and moot court.</p>\n</article>\n\'',0,134825),('4_Sunday','14','14:00','14:45','N','DEFCON','Track  101','\'Betrayed by the keyboard: How what you type can give you away\'','\'Matt Wixey\'','dc__Wixey','\'<article class=\"talk\" id=\"dc__Wixey\">\n<h3 class=\"talkTitle\">Betrayed by the keyboard: How what you type can give you away</h3>\n	<p class=\"details\">Sunday at 14:00 in 101 Track, Flamingo<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">Matt Wixey<span class=\"speakerTitle\"> Vulnerability R&amp;D Lead, PwC</span></h4>\n<p class=\"abstract\">Attribution is hard. Typically, the most useful identifiers&mdash;IP addresses, email address, domains, and so on&mdash;are also the easiest things to spoof, obfuscate, or anonymise. Whilst more advanced techniques, such as correlating malicious activity with timezones, or linking attacks through the use of similar techniques or malware, can be useful, they tend to take investigators further away from the individuals responsible; at best, some inference about the country or specific actor group/collective can be made. <br><br>In this talk, I present a method for linking incidents to individual attackers with a high degree of accuracy, based on extremely fine-grained behavioural characteristics. This involves an investigatory technique known as \"case linkage analysis\" (CLA), which uses granular aspects of crime scene behaviours to link common offenders together through statistical comparison. It\'s been applied to some crime types before, but never to cyber attacks. <br><br>I\'ll cover how CLA works, its advantages and disadvantages, and how it has previously been applied to a range of crimes, from burglary to homicide. I\'ll place it within the context of personality psychology, biometrics, forensic criminology, offender profiling, and forensic linguistics; and will walk through applying it practically. <br><br>I\'ll then show the results of a novel experiment I conducted applying CLA to network intrusion attacks, which involved logging the keystrokes of volunteer attackers across different simulated intrusions, breaking these down into specific behaviours and syntax, and using these to link individuals to their offences. The end result: the way you type commands, including your choice and order of syntax, switches, and options, can form distinctive behavioural signatures, which can be used to link attackers together. Linking accuracy rates as high as 99% were achieved. <br><br>Finally, I\'ll talk about the implications for both defenders and everyone else (particularly focusing on the privacy implications), explore ways in which these techniques could be defeated, and outline some ideas for future research in these areas.</p>\n\n<p class=\"speakerBio\"><strong>Matt Wixey</strong><br> Matt leads technical research for the PwC Cyber Security practice in the UK, works on its Ethical Hacking team, and is a PhD candidate at University College London. Prior to joining PwC, Matt led a technical R&amp;D team for a law enforcement agency in the UK. His research interests include antivirus and sandboxing technologies, unconventional attack vectors, side-channels, and radio security. <br><br>@darkartlab</p>\n</article>\n\'',0,134826),('2_Friday','13','13:30','13:50','N','DEFCON','Track 2','\'Hacking the Brain: Customize Evil Protocol to Pwn an SDN Controller\'','\'Feng Xiao, Jianwei Huang, Peng Liu\'','dc__Xiao','\'<article class=\"talk\" id=\"dc__Xiao\">\n<h3 class=\"talkTitle\">Hacking the Brain: Customize Evil Protocol to Pwn an SDN Controller</h3>\n	<p class=\"details\">Friday at 13:30 in Track 2<br>\n	20 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Feng Xiao<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Jianwei Huang<span class=\"speakerTitle\"> Hacker</span></h4>\n<h4 class=\"speaker\">Peng Liu<span class=\"speakerTitle\">Raymond G. Tronzo, M.D. Professor of Cybersecurity</span></h4>\n<p class=\"abstract\">Software-Defined Networking (SDN) is now widely deployed in production environments with an ever-growing community. Though SDN\'s software-based architecture enables network programmability, it also introduces dangerous code vulnerabilities into SDN controllers. However, the decoupled SDN control plane and data plane only communicate with each other with pre-defined protocol interactions, which largely increases the difficulty of exploiting such security weaknesses from the data plane.<br><br>\n\n In this talk, we extend the attack surface and introduce Custom Attack, a novel attack against SDN controllers that leverages legitimate SDN protocol messages (i.e., the custom protocol field) to facilitate Java code vulnerability exploitation. Our research shows that it was possible for a weak adversary to execute arbitrary command or manipulate data in the SDN controller without accessing the SDN controller or any applications, but only controlling a host or a switch.<br><br>\n\nTo the best of our knowledge, Custom Attack is the first attack that can remotely compromise SDN software stack to simultaneously cause multiple kinds of attack effects in SDN controllers. Till now we have tested 5 most popular SDN controllers and their applications and found all of them are vulnerable to Custom Attack in some degree. 14 serious vulnerabilities are discovered, all of which can be exploited remotely to launch advanced attacks against controllers (e.g., executing arbitrary commands, exfiltrating confidential files, crashing SDN service, etc.).<br><br>\n\nThis presentation will include:<br><br>\n<ul class=\"square\">\n<li>an overview of SDN security research and practices.\n<li>a new attack methodology for SDN that is capable of compromising the entire network.\n<li>our research process that leads to these discoveries, including technical specifics of exploits.\n<li>showcases of interesting Custom Attack chains in real-world SDN projects.\n</ul></p>\n\n<p class=\"speakerBio\"><strong>Feng Xiao</strong><br>Feng Xiao will be a Ph.D. student at The Pennsylvania State University soon. He enjoys hacking all kinds of systems as well as finding vulnerabilities. He received his B.S. in Computer Science from Wuhan University in 2018. <br><br>\nHe has published three papers (including posters) in well-known security conferences like CCS, MobiCom, ICICS etc. He was also the recipient of First Prize in 2016 China Undergraduate Security Contest, First Prize of 2015 BCTF, and Third Prize of 2015 0CTF.<br><br><!--https://xiaofen9.github.io-->http://fxiao.me</p>\n<p class=\"speakerBio\"><strong>Jianwei Huang</strong><br>Jianwei Huang is a researcher at Wuhan University. He is interested in finding and solving security related problems.</p>\n<p class=\"speakerBio\"><strong>Peng Liu</strong><br>Dr. Liu is a professor at The Pennsylvania State University. His research interests are in computer security.  He has published a monograph and over 270 refereed technical papers.</p>\n</article>\n\'',0,134827),('2_Friday','15','15:00','15:45','N','DEFCON','Track 3','\'Privacy infrastructure, challenges and opportunities\'','\'yawnbox\'','dc__Yawnbox','\'<article class=\"talk\" id=\"dc__Yawnbox\">\n<h3 class=\"talkTitle\">Privacy infrastructure, challenges and opportunities</h3>\n	<p class=\"details\">Friday at 15:00 in Track 3<br>\n	45 minutes |</p>\n<h4 class=\"speaker\">yawnbox<span class=\"speakerTitle\"> Executive Director, Emerald Onion</span></h4>\n<p class=\"abstract\">We started our own transit Internet Service Provider (ISP) to safely route anonymized packets across the globe, and you can too. Emerald Onion is a Seattle-based 501(c)3 not-for-profit and we want to help other hacker collectives start their own. Getting your own Autonomous System Number (ASN), managing Internet Protocol (IP) scopes, using Border Gateway Protocol (BGP) in Internet Exchange Points (IXPs), dealing with abuse complaints or government requests for user data -- this is all stuff that you can do. Not every technologist is comfortable with launching and managing a nonprofit organization let alone has all of the technical knowhow to run an ISP. We didn\'t either when we started. We had a goal, and that was to route unfiltered Tor exit traffic in the Seattle Internet Exchange despite National Security Agency (NSA) wiretaps in the Westin Exchange Building. This talk will cover high level challenges and opportunities surrounding privacy infrastructure in the United States.</p>\n\n<p class=\"speakerBio\"><strong>yawnbox</strong><br> yawnbox is the co-founder and executive director for Emerald Onion and has a background in network administration, datacenter operations, and security engineering. He has been running Tor guard and middle relays since 2010 and exit relays since 2012. Being a victim of domestic violence at a young age, yawnbox has been acutely aware of physical location metadata since the age of 8 and has been researching, publishing, and training at-risk communities about threat modeling and operational security since becoming a part of the Tor community. In 2013, yawnbox got involved with political activism through the Seattle Privacy Coalition, and in 2015 performed an internship with the ACLU of Washington where he helped roll out the first instance of SecureDrop in a non-journalist organization. In 2016, yawnbox was brought on as Tor Project\'s first full time Grant Writer but left shortly after.</p>\n</article>\n\'',0,134828),('3_Saturday','13','13:30','14:15','N','DEFCON','Track 3','\'Infecting The Embedded Supply Chain\'','\'Zach, Alex\'','dc__Zach','\'<article class=\"talk\" id=\"dc__Zach\">\n<h3 class=\"talkTitle\">Infecting The Embedded Supply Chain</h3>\n	<p class=\"details\">Saturday at 13:30 in Track 3<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Zach<span class=\"speakerTitle\"> Security Researcher at Somerset Recon</span></h4>\n<h4 class=\"speaker\">Alex<span class=\"speakerTitle\"> Security Researcher at Somerset Recon</span></h4>\n<p class=\"abstract\">With a surge in the production of internet of things (IoT) devices, embedded development tools are becoming commonplace and the software they run on is often trusted to run in escalated modes. However, some of the embedded development tools on the market contain serious vulnerabilities that put users at risk. In this talk we discuss the various attack vectors that these embedded development tools expose users to, and why users should not blindly trust their tools. This talk will detail a variety reverse engineering, fuzzing, exploit development and protocol analysis techniques that we used to analyze and exploit the security of a common embedded debugger.</p>\n\n<p class=\"speakerBio\"><strong>Zach</strong><br> Zach is a security researcher with Somerset Recon, a security consulting firm in San Diego. In this role he focuses on reverse engineering and web application penetration testing. In his free time Zach loves reading and long walks through the PE file format. Prior to working at Somerset Recon, Zach was a goat farmer in Maryland.</p>\n<p class=\"speakerBio\"><strong>Alex</strong><br> Alex is a security researcher with Somerset Recon, a security consulting firm in San Diego. In this role he focuses on hardware security and reverse engineering.</p>\n</article>\n\'',0,134829),('3_Saturday','14','13:30','14:15','Y','DEFCON','Track 3','\'Infecting The Embedded Supply Chain\'','\'Zach, Alex\'','dc__Zach','\'\'',0,134830),('2_Friday','11','11:00','11:45','N','DEFCON','Track 3','\'Lora Smart Water Meter Security Analysis\'','\'Yingtao Zeng, Lin Huang, Jun Li\'','dc__Zeng','\'<article class=\"talk\" id=\"dc__Zeng\">\n<h3 class=\"talkTitle\">Lora Smart Water Meter Security Analysis</h3>\n	<p class=\"details\">Friday at 11:00 in Track 3<br>\n	45 minutes | Tool</p>\n<h4 class=\"speaker\">Yingtao Zeng<span class=\"speakerTitle\"> Security Researcher at UnicornTeam, Radio Security Research Department of 360 Security Technology</span></h4>\n<h4 class=\"speaker\">Lin Huang<span class=\"speakerTitle\"> Senior Wireless Security Researcher and SDR technology expert, 360 Security Technology</span></h4>\n<h4 class=\"speaker\">Jun Li<span class=\"speakerTitle\"> Senior Security Researcher, Radio Security Department of 360 Security Technology</span></h4>\n<p class=\"abstract\">To avoid the tedious task of collecting water usage data by go user\'s home _ water meters that are equipped with wireless communication modules are now being put into use, in this talk we will take a water meter _which is using Lora wireless protocol_ as an example to analyze the security and privacy risks of this kind of meters_we will explain how to reverse engineer and analyze both the firmware and the hardware of a water meter system, we will be talking about its security risks from multiple perspectives , physical, data link, and sensors. Do notice that LORA is not only used in water meter ,it is being used in a lot of IoT scenarios_so the methods we employed to analyze LORA in this talk are also useful when you do tests of other LORA based systems .</p>\n\n<p class=\"speakerBio\"><strong>Yingtao Zeng</strong><br> Yingtao Zeng is a security researcher at UnicornTeam in the Radio Security Research Department of 360 Technology. He mainly focus on the security of Internet of things, car remote control systems and automotive radar safety research. He has found vulnerabilities in a variety of automobile manufacturers including Tesla, Buick, Volvo, Chevrolet, Toyota, Nissan, BYD and more. He has presented his researches at conferences like HITB, DEF CON Car Hacking Village, Black Hat Arsenal etc.</p>\n<p class=\"speakerBio\"><strong>Lin Huang</strong><br> Lin HUANG is a senior wireless security researcher and the manager of UnicornTeam in 360 Technology. She is also the 360 Technology\'s 3GPP standard SA3 delegate and a research supervisor for master students in BUPT. Her interests include security issues in wireless communication, especially cellular network security. She was a speaker at BlackHat, DEF CON, and HITB security conferences.</p>\n<p class=\"speakerBio\"><strong>Jun Li</strong><br> Jun Li is a senior security researcher at the UnicornTeam, Qihoo 360. He is the POC of DEF CON Group 010, and member of the DEF CON Group Global Advisory Board. His researches have been presented at conferences such as Blackhat, DEF CON, HITB, KCon, SyScan360, ISC, etc. His is interested in IoT security and connected car security. Along with his colleagues, has previously found several automobile vulnerabilities in Tesla, GM cars, Volvo, BMW, Audi, Mercedes Benz and BYD. He is the author of <<_________>> (\"Connected Car Security Demystified\"). He is also the co-author of \"Inside Radio: An Attack &amp; Defense Guide\".</p>\n</article>\n\'',0,134831),('2_Friday','13','13:00','13:30','N','DEFCON','Track  101','\'Dissecting the Teddy Ruxpin: Reverse Engineering the Smart Bear\'','\'zenofex\'','dc__Zenofex','\'<article class=\"talk\" id=\"dc__Zenofex\">\n<h3 class=\"talkTitle\">Dissecting the Teddy Ruxpin: Reverse Engineering the Smart Bear</h3>\n	<p class=\"details\">Friday at 13:00 in 101 Track, Flamingo<br>\n	20 minutes | Demo, Audience Participation, Tool</p>\n<h4 class=\"speaker\">zenofex<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">The Teddy Ruxpin is an iconic toy from the 1980\'s featuring an animatronic teddy bear that reads stories from cassette tapes to children. In late 2017, a new model of the toy was released with improvements including Bluetooth connectivity, LCD eyes, and a companion mobile application. While the new bear features a number of improvements, the Teddy Ruxpin\'s original ability to add new stories by replacing the included cassettes is no longer applicable, and it requires users to supply files to the bear in a proprietary format. <br><br>This presentation aims to show how the new Teddy Ruxpin was reverse engineered down to a very low level in order to create new content. I will reveal the inner workings of the hardware and software within the bear and document the process used to reverse engineer it. I will then examine the communication between the mobile application and Teddy Ruxpin as well as the custom structure of the digital books read by the bear. I will end the presentation by releasing a toolset that allows users to create their own stories followed by a demo showcasing the Teddy Ruxpin greeting the DEF CON audience.</p>\n\n<p class=\"speakerBio\"><strong>zenofex</strong><br> Zenofex (@zenofex) is a senior research scientist at Cylance. Zenofex founded the Exploitee.rs which is a public research group that has released exploits for over 65 devices including the Amazon FireTV, Roku Media Player and the Google Chromecast. Zenofex is also a member of Austin Hackers (AHA) and has spoken at a number of security conferences including BlackHat and DEF CON.<br><br>@zenofex</p>\n</article>\n\'',0,134832),('4_Sunday','11','11:00','11:45','N','DEFCON','Track 3','\'Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits\'','\'zerosum0x0\'','dc__Zerosum0x0','\'<article class=\"talk\" id=\"dc__Zerosum0x0\">\n<h3 class=\"talkTitle\">Demystifying MS17-010: Reverse Engineering the ETERNAL Exploits</h3>\n	<p class=\"details\">Sunday at 11:00 in Track 3<br>\n	45 minutes | Demo, Tool, Exploit, Audience Participation</p>\n<h4 class=\"speaker\">zerosum0x0<span class=\"speakerTitle\"> Hacker</span></h4>\n<p class=\"abstract\">MS17-010 is the most important patch in the history of operating systems, fixing remote code execution vulnerabilities in the world of modern Windows. The ETERNAL exploits, written by the Equation Group and dumped by the Shadow Brokers, have been used in the most damaging cyber attacks in computing history: WannaCry, NotPetya, Olympic Destroyer, and many others. <br><br>Yet, how these complicated exploits work has not been made clear to most. This is due to the ETERNAL exploits taking advantage of undocumented features of the Windows kernel and the esoteric SMBv1 protocol. <br><br>This talk will condense years of research into Windows internals and the SMBv1 protocol driver. Descriptions of full reverse engineering of internal structures and all historical background info needed to understand how the exploit chains for ETERNALBLUE, ETERNALCHAMPION, ETERNALROMANCE, and ETERNALSYNERGY work will be provided. <br><br>This talk will also describe how the MS17-010 patch fixed the vulnerabilities, and identify additional vulnerabilities that were patched around the same time.</p>\n\n<p class=\"speakerBio\"><strong>zerosum0x0</strong><br> zerosum0x0 is the author of all MS17-010 ETERNAL Metasploit exploit modules and was the first to reverse engineer the DOUBLEPULSAR backdoor. He has taught workshops on Windows internals at DEF CON and to government agencies.<br><br>@zerosum0x0</p>\n</article>\n\'',0,134833),('2_Friday','13','13:30','13:50','N','DEFCON','Track 3','\'Fasten your seatbelts: We are escaping iOS 11 sandbox!\'','\'Min (Spark) Zheng, Xiaolong Bai\'','dc__Zheng1','\'<article class=\"talk\" id=\"dc__Zheng1\">\n<h3 class=\"talkTitle\">Fasten your seatbelts: We are escaping iOS 11 sandbox!</h3>\n	<p class=\"details\">Friday at 13:30 in Track 3<br>\n	20 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Min (Spark) Zheng<span class=\"speakerTitle\"> Security Expert, Alibaba Inc.</span></h4>\n<h4 class=\"speaker\">Xiaolong Bai<span class=\"speakerTitle\"> Security Engineer, Alibaba Inc. </span></h4>\n<p class=\"abstract\">Apple\'s sandbox was introduced as \"SeatBelt\" in macOS 10.5 which provided the first full-fledged implementation of the MACF policy. After a successful trial on macOS, Apple applied sandbox mechanism to iOS 6. In its implementation, the policy hooked dozens of operations. The number of hooks has been growing steadily when new system calls or newly discovered threats appeared. In the beginning, Apple\'s sandbox used a black list approach which means Apple originally concentrated on the known dangerous APIs and blocked them, allowing all others by default. However, with the evolution of Apple\'s sandbox, it applies a white list approach that denies all APIs and only allows secure ones that Apple trusts. <br><br>In this talk, we will first introduce Apple\'s sandbox mechanism and profiles in the latest iOS. Then, we discuss iOS IPC mechanism and review several old classic sandbox escape bugs. Most importantly, we show two new zero-day sandbox escape vulnerabilities we recently discovered in the latest iOS 11.4. Besides, we share our experience of exploiting vulnerabilities in system services through OOL msg heap spray and ROP (Return-oriented programming). In addition, we discuss a task port exploit technique which can be used to control the whole remote process through Mach messages. By using these techniques, security researchers could find and exploit sandbox escape bugs to control iOS user mode system services and further attack the kernel.</p>\n\n<p class=\"speakerBio\"><strong>Min (Spark) Zheng</strong><br> Min (Spark) Zheng (twitter@SparkZheng, github@zhengmin1989) is a security expert in Alibaba Orion Security Lab. He received his Ph.D. degree in the CSE department of the CUHK. His research focuses on malware analysis, smartphone (Android &amp; iOS) security, system design and implementation. Before receiving Alibaba A-Star offer award in 2015, he worked in FireEye, Baidu and Tencent. He was the champion of GeekPwn 2014 and AliCTF 2015. He won the\"best security researcher\" award in FIT 2016 for detecting the iOS/macOS vulnerabilities, XcodeGhost virus and WormHole RCE vulnerability. He is a member of the OverSky team for private jailbreaking development. He presented his research in DEF CON, HITB, BlackHat, RUXCON, etc.<br><br>@SparkZheng</p>\n<p class=\"speakerBio\"><strong>Xiaolong Bai</strong><br> Xiaolong Bai (twitter@bxl1989, github@bxl1989) is a security engineer in Alibaba Orion Security Lab. Before joining Alibaba, he received his Ph.D. degree in Tsinghua University. He has published several research papers on top conferences including IEEE S&amp;P, Usenix Security, CCS, NDSS, and presented his research in Black Hat USA and Hack In The Box. He has been acknowledged by famous vendors, including Apple, Google, Facebook, Evernote, and Tencent for his contribution in discovering the vulnerabilities in their systems and improving the security of their products. He is a member of the OverSky team for private jailbreaking development.<br><br>@bxl1989</p>\n</article>\n\'',0,134834),('2_Friday','16','16:00','16:45','N','DEFCON','Track 1','\'Your Peripheral Has Planted Malware&mdash;An Exploit of NXP SOCs Vulnerability\'','\'Yuwei Zheng, Shaokun Cao, Yunding Jian, Mingchuang Qun\'','dc__Zheng2','\'<article class=\"talk\" id=\"dc__Zheng2\">\n<h3 class=\"talkTitle\">Your Peripheral Has Planted Malware&mdash;An Exploit of NXP SOCs Vulnerability</h3>\n	<p class=\"details\">Friday at 16:00 in Track 1<br>\n	45 minutes | Demo, Exploit</p>\n<h4 class=\"speaker\">Yuwei Zheng<span class=\"speakerTitle\"> Senior Security Researcher, Unicorn Team, 360 Technology</span></h4>\n<h4 class=\"speaker\">Shaokun Cao<span class=\"speakerTitle\"> Freelance Security Researcher</span></h4>\n<h4 class=\"speaker\">Yunding Jian<span class=\"speakerTitle\"> Senior Security Researcher, Unicorn Team, 360 Technology</span></h4>\n<h4 class=\"speaker\">Mingchuang Qun<span class=\"speakerTitle\"> Senior security researcher at the Radio Security Research Department of 360 Technology,</span></h4>\n<p class=\"abstract\">There are billions of ARM Cortex M based SOC being deployed in embedded systems.  Most of these devices are Internet ready and definitely security is always the main concern. Vendors would always apply security measurements into the ARM Cortex M product for few major reasons: 1) People will not be able to copy and replicate the product; 2) License control for the hardware and software; 3) Prevent malicious code injection in to the firmware. Vendors normally rely on the security measurements built within the chip (unique ID number/signature) or security measurements built around the chip (secure boot).<br><br>In this talk, we will share the ARM Cortex M SOC vulnerability that we discovered and it will be two parts:<br><br>The first is security measurement build within the SOC and how we break it. We could gain control of changing the SOC unique ID and write the firmware or even turn the device into a trojan or bot.<br><br>The second is security measure built around the SOC and how we break the Secure Boot elements and write into the firmware.</p>\n\n<p class=\"speakerBio\"><strong>Yuwei Zheng</strong><br> Yuwei Zheng is a senior security researcher at Radio Security Department of 360 Technology, core member of UnicornTeam. He is the core researcher of decryption blackberry project, which manage to decrypt Blackberry BBM, PIN message, and BIS secure mail without keys. He is currently focusing on the security research of cellular network, IoT system, and mobile baseband. He had presented his research works at top level security conferences like BlackHat, DEF CON, HITB etc.</p>\n<p class=\"speakerBio\"><strong>Shaokun Cao</strong><br> Shaokun Cao is a freelance Security researcher, a consultant of UnicornTeam. He is currently focusing on the chip-level security issues, such as microcode, ROM, bootloader, and firmware.</p>\n	<p class=\"speakerBio\"><strong>Yunding Jian</strong><br> Yunding Jian is the co-founder of UnicornTeam. He is the leader of RocTeam in the Radio Security Research Department of 360 Technology. He is the designer of all pervious SyScan360 Conference badges. He also made serial presentations on Blackhat USA, Blackhat Europe &amp; Asia (Arsenal) ,HITB about his hardware security research and design experience.</p>\n<p class=\"speakerBio\"><strong>Mingchuang Qun</strong><br> Mingchuang Qin is a senior security researcher at the Radio Security Research Department of 360 Technology,the core developer of Skyscan Wireless Intrusion and Prevention System,specializing in IoT and wireless device security. With rich experience in embedded system development, he is proficient in with WiFi and Bluetooth protocol analysis and vulnerability discovery.</p>\n</article>\n\'',0,134835),('4_Sunday','11','11:00','11:45','N','DEFCON','Track 2','\'Politics and the Surveillance State. The story of a young politician\'s successful efforts to fight surveillance and pass the nation\'s strongest privacy bills.\'','\'Daniel Zolnikov\'','dc__Zolnikov','\'<article class=\"talk\" id=\"dc__Zolnikov\">\n<h3 class=\"talkTitle\">Politics and the Surveillance State. The story of a young politician\'s successful efforts to fight surveillance and pass the nation\'s strongest privacy bills. </h3>\n	<p class=\"details\">Sunday at 11:00 in Track 2<br>\n	45 minutes | Audience Participation</p>\n<h4 class=\"speaker\">Daniel Zolnikov<span class=\"speakerTitle\"> Montana State Representative</span></h4>\n<p class=\"abstract\">Orwell\'s concept of 1984 has more to do with government misuse of technology than technology itself. New technology allows for more opportunity, but unchecked, it allows for complete government control. <br><br>Representative Daniel Zolnikov is the nation\'s leading politician regarding privacy and surveillance and has enacted numerous laws safeguarding fourth amendment rights regarding digital communications and technology. Daniel will walk you down the road of how political misuse of technology can and will turn the Federal Government into an unprecedented nanny state that will lead to a suppressed free flow of information and fear of stepping out of line. His story includes insights on how unique left and right coalitions were formed to pass these laws in his home state of Montana, and how he prevailed against law enforcement groups who opposed implementing warrant requirements. <br><br>This discussion is aimed at sharing insights no matter your political affiliation. All of Daniel\'s legislation has passed with overwhelming bi-partisan support through both bodies in Montana\'s legislature and was signed by the governor of the opposite party. Although most speeches involving politicians tend to lead towards rhetoric, Daniel\'s goal is to share enough information to be able to understand why change has not taken place yet, and leave you understanding how to remedy that. <br><br>His story will give you insights into the politics that states and the nation face when reforming these issues, and his down to earth approach will bring the topic down to a level of humor and easy understanding. There is no need for any technical or political insight to be able to appreciate this topic and the work Daniel has done on behalf of the more technologically savvy enthusiasts. <br><br>The theme of DEF CON 26 would be inconsistent without taking into consideration policy and how it ties in closely with technology. Technology relies on policy, and policy has the implications of dictating the use of technology. The two can go hand in hand, or end up squaring up against each other. You are an important, and lesser heard voice in the world of aged politicians with limited vision. The Orwellian state existed due to a mixture of bad policies and technology. Although the theme focuses on technology used to disrupt the surveillance state, the other half of the battle is ensuring this state does not reach the disastrous conclusions of 1984. <br><br>Daniel believes we can move forward with technology without living in fear of our government. If you want to have some hope and direction towards the future of policy regarding surveillance and technology, Daniel will leave you with the optimism that there is still a chance that our nation can have a balanced approach that ensures 1984 does not become the norm in the future and will help you understand how to take part in this action.</p>\n\n<p class=\"speakerBio\"><strong>Daniel Zolnikov</strong><br> Daniel Zolnikov is a third term liberty-minded State Representative serving in the Montana Legislature. He is a been a strong advocate for civil rights concerning our freedoms and liberties, and limited government, and is working to make Montana the Last Best Place for future generations. As a 31-year-old representative who first served in his mid-20\'s, Daniel has specialized in 21st Century policy areas addressing the opportunities and risks associated with new technologies. Zolnikov has also lead on energy policy as the Chairman of the House Energy, Technology and Federal Relations Committee. <br><br>Daniel is the nation\'s leading legislator regarding laws protecting digital information and devices. In 2017, he passed leading legislation requiring a warrant for digital communication devices, warrant requirements for digital communications, limits on license plate readers that prevent the DEA from using Montana\'s information in their national vehicle tracking program and reformed and created strict limits on vehicle spot checks. <br><br>He has also successfully passed laws requiring government to get a warrant to access cellphone location information, passing the strongest Freedom of the Press legislation in the nation, protecting reporters\' electronic communications from government intrusion, and give immunity from MIP laws to minors who seek emergency medical attention. He also helped lead the effort to revise Montana\'s outdated transportation laws to allow ride-sharing services like Uber to operate in Montana, which is expected to reduce the drunk driving epidemic in many communities. <br><br>Forbes ranked Daniel among the top\"30 Under 30\" policymakers in the nation, and Red Alert Politics recognized him as one of the country\'s Top 30 Conservatives under the age of 30. He has also received the Montana Library Association\'s\"Intellectual Freedom Award\", along with Responsibility.org\'s\"Advancing Alcohol Responsibility\" leadership award. <br><br>Daniel is a strong advocate of transparency in government, and has posted his votes on his public Facebook page. He regularly interacts with constituents on his Twitter profile, @DanielZolnikov. <br><br>Daniel received his undergraduate degree from the University of Montana where he earned three business majors in Information Systems, Marketing, and Management, along with a minor in Political Science. Outside of the Legislature, Daniel has worked as a small business consultant and is currently obtaining his MBA. Daniel enjoys fishing, swimming, and the freedom that only Big Sky Country can offer.<br><br>@DanielZolnikov, www.facebook.com/danielzolnikov, www.linkedin.com/ind/zolnikov, www.danielzolnikov.com</p>\n</article>\n\'',0,134836),('2_Friday','09','09:00','09:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Story Time - Biggest ITSec fuck-ups I\'ve seen over the past 25 years.\'','\'Uncle G.\'','df0d82ada827ac28685c80759ee29604','\'Title:\n<br>Story Time - Biggest ITSec fuck-ups I\'ve seen over the past 25 years.\n<br>\n<br>Uncle G.<br>Story Time - Biggest ITSec fuck-ups I\'ve seen over the past 25 years.<br><br><br>I\'m old. Especially compared to most people here at DC26. I\'ve been at this since before the OJ Simpson trial. I\'ve worked on ARCNet networks! I\'ve seen some shit, man.... Good shit, bad shit, you name it. It\'s finally time to get this shit off my chest and go over some of the mistakes I\'ve seen (and allegedly caused), so you can be better.<br><br>In this talk I will go over IT and IT Security mistakes that the industry, businesses and individuals (including myself) have made over the past few decades. No holds barred, naming names, and having a laugh and breaking a few NDA\'s.<br>\'',0,134837),('2_Friday','10','10:00','10:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Stalker In A Haystack\'','\'MasterChen\'','c0547f7de5191b30f9d124ab75efd381','\'Title:\n<br>Stalker In A Haystack\n<br>\n<br>MasterChen<br>@chenb0x<br>Stalker In A Haystack<br>In 2015, I did a Skytalk called \"Automate Your Stalking\". In that talk, I demonstrated how one can monitor a target by not following them directly, but by following their followers to and who they follow to get an idea of their social life without direct interaction. I felt bad for releasing a tool to enable potential stalkers, but not an antidote. This year\'s presentation IS that antidote. I will be discussing how we can uncover those stalkers that lie in the shadows.	<br>\'',0,134838),('2_Friday','11','11:00','11:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Deconstructing DeFeNeStRaTe.C: The first public buffer overflow on a mainframe?\'','\'Soldier of FORTRAN\'','8863782476172d226f1fe1367f47777f','\'Title:\n<br>Deconstructing DeFeNeStRaTe.C: The first public buffer overflow on a mainframe?\n<br>\n<br>Soldier of FORTRAN<br>@mainframed767	<br>Deconstructing DeFeNeStRaTe.C: The first public buffer overflow on a mainframe?	<br><br>In 2012 hackers were running rampant in Swedens federal mainframes. During the course of the investigation it was thought it might be a good idea to release *ALL* the investigation documentation to the public. Included in these public files were snippets (or full programs) of the tools the hackers developed to work on an IBM z/OS mainframe (see: https://wikileaks.org/gottfrid-docs/). But not every tool developed were included in those papers. Shortly after the documents were released, your speaker was sent a DM out of the blue with a link to a pastebin (https://pastebin.com/Apk5zWDj) and two simple questions: \"was this an exploit? how did it work?\" Why did they contact the speaker? Because it was thought he originally was the one who did the breach. This talk will go over the breach in a high level before diving DEEP in to the unix part of a mainframe, looking at exactly what this C program was doing (or attempting to do) and how it accomplished it. This talks got it all when it comes to mainframe privilege escalation, APF authorized unix programs (a special attribute on z/OS), buffer overflows, hijacking return addresses, debugging C programs and changing ACEEs. All of these will be peppered with demos to show how it worked. After this talk you\'ll be able to know exactly what DeFeNeStRaTe.C was (trying?) to do and see it in action!	<br><br>\'',0,134839),('2_Friday','12','12:00','12:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'When Incident Response Meets Reality\'','\'Magg	\'','a53e26bc76db664659056ff29c9302a0','\'Title:\n<br>When Incident Response Meets Reality\n<br>\n<br>Magg	<br>@mysticalthng	<br>When Incident Response Meets Reality<br><br>Incident Response is a topic that gets major marketing and educational time but what does it actually look like for an average company. <br><br>This talk is an overview of a real incident response at an average organization. Full of the mistakes and stumbling blocks and a few wins. What does it look like when you have an organization without genius technical resources or unlimited pockets. <br><br>\'',0,134840),('2_Friday','13','13:00','13:30','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Practical attack simulations in Critical National Infrastructure (CNI): Oh the perils, or oh the fun?\'','\'William Knowles and James Coote	\'','52990e94450fac253c770dcd08c10fa3','\'Title:\n<br>Practical attack simulations in Critical National Infrastructure (CNI): Oh the perils, or oh the fun?\n<br>\n<br>William Knowles and James Coote	<br>@william_knows	<br>Practical attack simulations in Critical National Infrastructure (CNI): Oh the perils, or oh the fun?	<br><br>\"There are two commonly held perceptions when it comes to CNI security: that they are under constant threat, and that any form of practical security testing is a bad idea. So how can we provide demonstrable assurance that these environments are secure?<br><br>This talk intends to challenge the perception that practical security testing should be avoided, and will discuss MWR\'s successes, failures, and lessons learned when conducting goal-oriented CNI attack simulations.<br><br>The key topics of discussion will focus on:<br><br>- Ignoring theory, what are the technologies being used in real-world CNI environments? Where does IT end and Operational Technology (OT) begin when it comes to assets that a targeted attacker would realistically look to compromise? In particular for affecting the availability and integrity of data sources, or gaining the capability to control physical processes (hint: it is more IT than you would think).<br><br>- How can we apply red team methodologies in environments with high stability requirements, while minimising operational risk and testing time?<br><br>- Want to know how to turn off the water, stop the gas, or simply control the control room? Commonly found ways of elevating privileges will be discussed, along with paths for moving towards key asset compromise. \"	<br><br>\'',0,134841),('2_Friday','13','13:30','13:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'penetration testing sex toys: \"I\'ve seen things you people wouldn\'t believe\"\'','\'Renderman\'','a084a0a5f1c199e904c7de5b4bacba00','\'Title:\n<br>penetration testing sex toys: \"I\'ve seen things you people wouldn\'t believe\"\n<br>\n<br>Renderman<br>@internetofdongs @ihackedwhat<br><br><br>The Internet of Dongs project took on the branch of IoT that no one wanted to touch; Internet connected sex toys and intimate wearables. Helping vendors and the public understand the unique challenges associated with privacy and security of these devices has had some \"interesting\" discoveries and revelations along the way. This talk will cover some of the wierd, bizarre, and sometimes intriguing discoveries that have been made along the way that may or may not have required mindbleach afterwards.<br><br><br>\'',0,134842),('2_Friday','14','14:00','14:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'From MormonLeaks to FaithLeaks\'','\'Ethan Gregory Dodge	\'','3bf2720e9f5d64f99ff222c13b8f9595','\'Title:\n<br>From MormonLeaks to FaithLeaks\n<br>\n<br>Ethan Gregory Dodge	<br>@Mormon_Leaks @FaithLeaks @egd_io	<br>From MormonLeaks to FaithLeaks<br><br>Last year Ethan spoke as Privacy P. Pratt, the anonymous technical mind behind the whistle-blowing organization MormonLeaks and chronicled its history and impact up to that point. Since then, he has abandoned the pseudonym, FaithLeaks has been born, and MormonLeaks has uncovered a great deal more. Join Ethan in this sequel to last year and hear about Skytalks-2017-inspired FaithLeaks, exposed sexual and ecclesiastical abuse, financial information the Mormon Church went through great lengths to hide, mistakes made along the way, and how this model is promoting increased transparency in a part of society that desperately needs it.	<br><br>\'',0,134843),('2_Friday','15','15:00','15:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'OSINT IS FOR SOCCER MOMS\'','\'Laura H	\'','e3f51bc8cfc5d1bbea02ea512fea73df','\'Title:\n<br>OSINT IS FOR SOCCER MOMS\n<br>\n<br>Laura H	<br>@h0tdish	<br><br>OSINT IS FOR SOCCER MOMS	<br><br>A brief but riveting mini-history of why and how most soccer mom\'s can out OSINT your collective information security asses any day of the week using actual case studies of two unbelievable unsolved, in real time, homicide investigations, turned SOLVED. This introductory and fast paced talk will take a look at the history of OSINT from \"web-sleuthing\" to \"crowdsourcing\" and illustrate how, from the experience of the presenter, OSINT is utilized within modern homicide investigations from & via the internet. We will discover along the way the very real consequences and benefits that can occur when policing entities ignore or include OSINT gathered by well meaning public tipsters. Afterall, the large majority of criminal events are solved by the public sending in information. Finally, we will touch on the truth that OSINT is not actually a career path or even a subset skill specific to information security but rather is a set of ever evolving tools, that was born from curiosity and caring about communities and continues to evolve to this day.	<br><br>\'',0,134844),('2_Friday','16','16:00','16:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Robots and AI: What scares the experts?\'','\'Brittany \"Straithe\" Postnikoff, Sara-Jayne Terp	\'','88a49564e4aec1d0b6ea50ffaa3c4f44','\'Title:\n<br>Robots and AI: What scares the experts?\n<br>\n<br>Brittany \"Straithe\" Postnikoff, Sara-Jayne Terp	<br>@straithe, @bodaceacat	<br><br>Robots and AI: What scares the experts?	<br><br>The potential for robots and AI to shake up our lives has scared people for generations, just look at the scenarios put out by sci-fi. A number of these issues, plus many others, have made it to the real world. Cambridge Analytica anyone? How about surveillance robots such as Knight? Our researchers have been investigating and preparing defenses to combat against these artificial beings, but it is a continuous battle. Come participate in a discussion of the concerns, efforts, and gaps that are present in this space.	<br><br>\'',0,134845),('2_Friday','17','17:00','17:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'The Least Common Denominator Strategy (AKA Don\'t make DevOps too easy)\'','\'Daniel Williams (fbus)	\'','4971324852c27f726bc0ce212e4a922b','\'Title:\n<br>The Least Common Denominator Strategy (AKA Don\'t make DevOps too easy)\n<br>\n<br>Daniel Williams (fbus)	<br>@thefbus	<br>The Least Common Denominator Strategy (AKA Don\'t make DevOps too easy)	<br><br>\"Today, much time and effort is spent on making development and deployment easier for the application developer. Simplification and automation are wonderful efforts to pursue, but with great power comes great responsibility. Deployments can grow to be a support and technical-debt nightmare if the automation and simplification efforts are not closely managed. <br><br>This talk will walk through a number of case studies, both in software development & deployment and in the greater wild world in an attempt to provide a lens to help judge when automation and simplification are going too far.\"	<br><br>\'',0,134846),('2_Friday','18','18:00','18:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Real Simple Blue Team Shit\'','\'@wornbt\'','421ea3d4107a4053053669ded6f1ac49','\'Title:\n<br>Real Simple Blue Team Shit\n<br>\n<br>@wornbt<br>Real Simple Blue Team Shit	<br><br>\"N00b friendly! While the vuln of the week club keeps finding new and fascinating technical exploits all the time, malicious actors keep using old and surprisingly uncomplicated methods; old and simple stuff still works. This talk, we’ll explore real shit aimed at a financial institution and what’s been effective at mitigating these old and simple attacks. If you’re starting out in blue team defense, you’ll come away real simple shit you can do to raise the cost to attackers doing the same old credential stuffing, phishing, and script-kiddie RCE attempts.<br><br>While new technical vulnerabilities are found continuously, malicious actors often rely on tried and true methods to exploit. These exploits are surprisingly uncomplicated. In this talk, we’ll share attempts we’ve seen from malicious actors. We’ll break down actual attacks and share what’s been most effective in mitigating credential stuffing, phishing, and common RCE attempts. At the end of this talk, you’ll walk away with simple takeaways to raise the cost to attackers for these simple attacks.\"<br><br>\'',0,134847),('2_Friday','22','22:00','25:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'skytalks (303) FRIDAY PARTY - Read the Details\'','\'@wornbt\'','40a1d37a61d3c4a98dc7d84be448af32','\'Title:\n<br>skytalks (303) FRIDAY PARTY - Read the Details\n<br>\n<br>2200-2300 303, Enforcer & Grunt Only<br>2300-2400 Open to all skytalks Associate + badge holders<br>0000-0200 Open to all DEF CON attendees<br>\'',0,134848),('2_Friday','23','22:00','25:59','Y','SKY','Flamingo 3rd Flr - Virginia City Rm','\'skytalks (303) FRIDAY PARTY - Read the Details\'','\'@wornbt\'','40a1d37a61d3c4a98dc7d84be448af32','\'\'',0,134849),('2_Friday','24','22:00','25:59','Y','SKY','Flamingo 3rd Flr - Virginia City Rm','\'skytalks (303) FRIDAY PARTY - Read the Details\'','\'@wornbt\'','40a1d37a61d3c4a98dc7d84be448af32','\'\'',0,134850),('2_Friday','25','22:00','25:59','Y','SKY','Flamingo 3rd Flr - Virginia City Rm','\'skytalks (303) FRIDAY PARTY - Read the Details\'','\'@wornbt\'','40a1d37a61d3c4a98dc7d84be448af32','\'\'',0,134851),('3_Saturday','09','09:00','09:30','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'What happened behind the closed doors at MS\'','\'Dimitri	\'','3b163a1879290ed2ff34ea006259c3ee','\'Title:\n<br>What happened behind the closed doors at MS\n<br>\n<br>Dimitri	<br>@DimitriNL	<br><br>What happened behind the closed doors at MS	<br><br>In the year 2000 several Microsoft sites have been hacked by a Dutch Hacker named Dimitri. Several subdomain servers, such as windowsupdate.microsoft.com, 128download.microsoft.com, events.microsoft.com and so on has been hacked. Not even once but twice in a short period of time. A secret meeting was planned by Microsoft with Dimitri. Why was it secretly? What actually happened behind the closed doors at MS? And why even after 18 years it is still a secret? This presentation includes some Mystery, Drama, Action & NSFW.	<br><br>\'',0,134852),('3_Saturday','09','09:30','09:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'http2 and you\'','\'security panda	\'','12da8a08ec9f19a84b3df79dc863cfae','\'Title:\n<br>http2 and you\n<br>\n<br>security panda	<br>@security_panda	<br><br>http2 and you	<br><br>\"Although not commonly known, HTTP2 was first published in May 2015 as an update to HTTP 1.1. By the end of that year, the majority of major browsers added HTTP2 support; it is now being utilized all across the Internet. Sites such as Google, Twitter, Facebook, and perhaps even your company’s site have HTTP2 enabled. If so, you probably do not realize you are using it. In fact, many Web Application Firewalls (WAFs) are not keeping pace with HTTP2 security needs and common AppSec testing tools such Burp, Zap, and other DAST products don’t support HTTP2.<br><br>This talk will discuss the details of the presenter’s discovery process in identifying how many site hosts are utilizing HTTP2, and a sample of common vulnerabilities which were found on these sites. Attendees will come away with having a better understanding of the security implications of HTTP2 and how you can detect these potential pitfalls on your network using freely available tools.\"	<br><br>\'',0,134853),('3_Saturday','10','10:00','10:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Don\'t Bring Me Down: Weaponizing botnets\'','\'@3ncr1pted	\'','8e18fe05b2c677b3e91df96d34dd2eeb','\'Title:\n<br>Don\'t Bring Me Down: Weaponizing botnets\n<br>\n<br><br>@3ncr1pted	<br><br>Don\'t Bring Me Down: Weaponizing botnets	<br><br>\"We\'re seeing an evolution in botnets. The impact of Mirai bringing down a huge swath of the internet two years ago raised awareness but the release of the Mirai code has raised a new army of botnets that are capable of more than just DDOS on basic systems. But Mirai isn’t the only botnet in town. There are some serious contenders with unexpected enhancements looking for new recruits to work in the bitcoin mines.<br><br><br>Routers and cameras and toasters – oh my! The ongoing deluge of devices that connect to the Internet is an IoT nightmare, and an attacker’s dream. Default credentials and weak passwords are only the beginning. Especially with a bevy of unpatched, vulnerable systems on which to unleash some substantial exploits. Persistence and lateral movement ftw! <br>DDoS isn’t just child’s play when attacks are in the realm of terabytes. What happens when we move past outages, and into destructive payloads? And what happens when weaponization meets automation? In this talk, we’ll explore what may come next when nation states move into the turf once held by script kiddies, and build-a-bot gets leveled up in a very bad way.\"<br><br>\'',0,134854),('3_Saturday','11','11:00','11:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'The Abyss is Waving Back…\'','\'Sidragon	\'','455b56778876c9fa9fa9514975273c6e','\'Title:\n<br>The Abyss is Waving Back…\n<br>\n<br>Sidragon	<br>@sidragon1	<br>The Abyss is Waving Back…	<br><br>The four paths that human evolution is charging down, and how we choose which one’s right…	<br><br>\'',0,134855),('3_Saturday','12','12:00','12:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Cloud Security Myths\'','\'Xavier Ashe	\'','49b7f086faf5440d2ebf363d58ce7e99','\'Title:\n<br>Cloud Security Myths\n<br>\n<br>Xavier Ashe	<br>@xavierashe	<br><br>Cloud Security Myths	<br><br>Cloud Security is a magical world of as-a-service miracles. Just spin up your intrusion-detection-as-a-service, SOC-as-a-service, incident-response-as-a-service, and start feeding it security-intelligence-as-a-service. Come hear from this CISO-as-a-service unwrap the onion of cloud access security brokers (CASB), cloud workload protection platforms (CWPP), microsegmentation, cloud security posture management (CPSM), and software-defined perimeters (SDP). What do they do? Do they really work? What do you with all those security appliances you’ve accumulated?	<br><br>\'',0,134856),('3_Saturday','13','13:00','13:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Exploiting IoT Communications - A Cover within a Cover\'','\'Mike Raggo & Chet Hosmer \'','b19ad0aa01adafaa3b06f68e80cef081','\'Title:\n<br>Exploiting IoT Communications - A Cover within a Cover\n<br>\n<br>Mike Raggo & Chet Hosmer <br> @MikeRaggo & @ChetHosmer	<br><br>Exploiting IoT Communications - A Cover within a Cover	<br><br>As IoT continues to introduce new operating systems, protocols, and frequencies the attack surface available for hidden communications increases substantially. In this presentation we explore the fundamental flaws in many of these IoT designs to identify methods of exploiting these communications by hiding data and riding these channels to deliver data and messages between devices and networks. We’ll cover M2M carrier packets, IoT Hub out-of-band communications, and IoT dead-drops in the cloud. Then with proof of concept code we’ll demonstrate these exploits for the audience, and provide the basis for enhancing one’s forensic strategy by looking deeper into these mysterious IoT communications. <br><br>\'',0,134857),('3_Saturday','14','14:00','14:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Hacking the Technical Interview\'','\'Marcelle & Kelley	\'','23b67dddaf9f657ce21cc886f3c04e67','\'Title:\n<br>Hacking the Technical Interview\n<br>\n<br>Marcelle & Kelley	<br>@marcelle_fsg & @ccsleuth	<br><br>Hacking the Technical Interview	<br><br>\"Marcelle and Kelley will provide tips to the audience on how to survive a technical interview and possibly even shine in one! We are not recruiters or HR professionals. We have, however, a LOT of experience as interviewees and have developed some strategies that we’d like to share. Our industry experience lies in various technical arenas, including public sector, private sector, and law enforcement. Topics will include the not-so-subtle art of salary negotiation, how to best prepare for questions (TCP 3-way handshake, anyone?), recognizing the roles of different interviewers, and how to keep your cool. We are also not attorneys, but will touch on illegal interview questions and how to handle them, as well as new laws about salary history. Also featured will be tales from the trenches, hopefully amusing and/or illuminating. Time permitting, we will cover some resume best practices.\"	<br><br>\'',0,134858),('3_Saturday','15','15:00','15:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Leveling the Bug Bounty Playfield - Introducing the #LEGALBUGBOUNTY project \'','\'Amit Elazari & Keren Elazari \'','08e19ad3ff74a0127506e03acb01bd1e','\'Title:\n<br>Leveling the Bug Bounty Playfield - Introducing the #LEGALBUGBOUNTY project \n<br>\n<br>Amit Elazari & Keren Elazari <br><br>@amitelazari, @k3r3n3 <br><br>Leveling the Bug Bounty Playfield - Introducing the #LEGALBUGBOUNTY project <br><br>Bug Bounties are one of the fastest growing, most popular and cost-effective ways for companies to engage with the security community and find unknown security vulnerabilities.  Now it’s time to make them fair to the most important element in the Internet’s immune system:  the friendly hackers and algorithmic auditors. This talk will showcase how bug bounty programs put hackers at risk, and how to fix a problem that affects all of us, hunters, security practitioners and technology users. #LEGALBUGBOUNTY – because Bug Bounties are already popular, it’s time we make them great again. <br><br>\'',0,134859),('3_Saturday','16','16:00','16:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Healthcare Exposure on Public Internet\'','\'Shawn Merdinger	\'','d383f2a03c4d13f034365d94aa00ac2b','\'Title:\n<br>Healthcare Exposure on Public Internet\n<br>\n<br>Shawn Merdinger	<br>Healthcare Exposure on Public Internet	<br><br>Real-world healthcare exposure of hospitals, patient records, medical devices <br><br>\'',0,134860),('3_Saturday','17','17:00','17:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'The challenge of building an secure and safe digital environment in the healthcare\'','\'@_j3lena_	\'','02fb3c51dfdc5d0b969654c706b0aac8','\'Title:\n<br>The challenge of building an secure and safe digital environment in the healthcare\n<br>\n<br>@_j3lena_	<br><br>The challenge of building an secure and safe digital environment in the healthcare<br><br>It is of utmost importance to keep healthcare data safe, secure and private. As security and healthcare professionals it is important to be aware of the many ways and reasons a criminal can bring harm to a patient. While a criminal may maliciously seek to cause harm to a patient, they are just as likely to impact a hospital or patient as an unintended consequence of a different attack. By making everything digital and connecting it online without making it safe and secure, we have made this possible.<br>The environment within the organization must enable infosec professionals to do the best possible job.<br>We, hospital staff, IT staff, and vendors, can work together to build safe and secure environment in the healthcare.<br><br>\'',0,134861),('3_Saturday','18','18:00','18:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Macabre stories of a hacker in the public health sector (Chile)\'','\'Philippe Delteil	\'','b481689bbde502b7e03523b5e0a090fe','\'Title:\n<br>Macabre stories of a hacker in the public health sector (Chile)\n<br>\n<br>Philippe Delteil	<br><br>@philippedelteil	<br><br>Macabre stories of a hacker in the public health sector (Chile)	<br><br>Want to know what happens when a national wide network in the public health sector has no experts on cybersecurity? I will explain how I managed to get over 3 millions files including patients records, people with HIV, abortions and a long etc. And how I managed to get it fixed (spoiler: press was involved).	<br><br>\'',0,134862),('3_Saturday','22','22:00','25:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'skytalks (303) PARTY - FLAMINGO POOL PARTY Open to All\'','\'Flamingo \'','cb75c572e6942fd15dda000a806aa110','\'Title:\n<br>skytalks (303) PARTY - FLAMINGO POOL PARTY Open to All\n<br>\n<br>Flamingo <br><br>Open to all DEF CON attendees!<br><br>Bands:<br>Loveshack<br>https://www.gigmasters.com/80\'s-hits/loveshack<br>\'',0,134863),('3_Saturday','23','22:00','25:59','Y','SKY','Flamingo 3rd Flr - Virginia City Rm','\'skytalks (303) PARTY - FLAMINGO POOL PARTY Open to All\'','\'Flamingo \'','cb75c572e6942fd15dda000a806aa110','\'\'',0,134864),('3_Saturday','24','22:00','25:59','Y','SKY','Flamingo 3rd Flr - Virginia City Rm','\'skytalks (303) PARTY - FLAMINGO POOL PARTY Open to All\'','\'Flamingo \'','cb75c572e6942fd15dda000a806aa110','\'\'',0,134865),('3_Saturday','25','22:00','25:59','Y','SKY','Flamingo 3rd Flr - Virginia City Rm','\'skytalks (303) PARTY - FLAMINGO POOL PARTY Open to All\'','\'Flamingo \'','cb75c572e6942fd15dda000a806aa110','\'\'',0,134866),('4_Sunday','09','09:00','09:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Master Baiting! Don’t Click Bait, Click Yourself\'','\'BACE16	\'','7f6ddf21b3c761c679497affb31ff13d','\'Title:\n<br>Master Baiting! Don’t Click Bait, Click Yourself\n<br>\n<br>BACE16	<br>@bace16_	<br><br>Master Baiting! Don’t Click Bait, Click Yourself	<br><br>The talk that lives up to its name! Completely self-centered on how to work with your bait and tackle to jerk off the line of stories in your head and get back to reality. Avoid phishing by not falling for the hookers! Even yourself! Social engineering! Deep penetrating psychology mixed with blatant innuendo and enough buzzwords to make a CISO throw BitCoin at it...then make engineers figure out a POC for what this Purple Team Darknet vaporware actually does!	<br><br>\'',0,134867),('4_Sunday','10','10:00','10:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Facial Recognition - Let me let you in on a secret\'','\'Stumbles The Drunk	\'','2647faaa9723c91468ccd64055161c01','\'Title:\n<br>Facial Recognition - Let me let you in on a secret\n<br>\n<br>Stumbles The Drunk	<br><br>@stumblesthedrunk	<br><br>Facial Recognition - Let me let you in on a secret	<br><br>Facial Recognition is being inserted in to the authentication and verification process of our Driver Licences, Passports, and other unimportant government documents. Let\'s talk about how it short falls and how to #$@! with it.	<br><br>\'',0,134868),('4_Sunday','11','11:00','11:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Sex Work After SESTA\'','\'Maggie Mayhem	\'','507de3f8a731d203c65bc55e178c03de','\'Title:\n<br>Sex Work After SESTA\n<br>\n<br>Maggie Mayhem	<br><br>@MsMaggieMayhem<br><br>Sex Work After SESTA	<br><br>\"Surveillance had been a fact of life for sex workers wherever they have faced prohibition. Only two elements, communication and association, can differentiate between commercial and personal sex, criminal enforcement of prostitution laws have necessarily meant targeting the speech and affiliation of perceived sex workers. Enforcement of this nature is facilitated by profiling, institutional bias, and broad overreaching policies that fundamentally violate individual human rights. This has included condoms as evidence, non-consensual medical screenings, and targeted harassment of black transgender women as well as license plate recording projects and stings that focus disrupting immigration or migrant workers. <br><br>For all of its risks, screening potential clients is safer over email than it is in person during a street based negotiation often in an isolated part of town. SESTA (Stop Enabling Sex Traffickers Act) comes at a time when compelling research demonstrates that Craigslist resulted in a 17% drop in the female homicide rate. SESTA will also put victims at risk by delaying their identification and recovery by eliminating a digital paper trail. Additionally, Section 230 of the Communications Decency Act is a vital protection for a free internet. Subverting SESTA will create greater economic disparity between sex workers and ultimately empower pimps and agencies over independent providers. \"	<br><br>\'',0,134869),('4_Sunday','12','12:00','12:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else\'','\'Guy Barnhart-Magen and Ezra Caltum\'','c6497f84aa8db06a11c28134ff9d9c51','\'Title:\n<br>JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else\n<br>\n<br>Guy Barnhart-Magen and Ezra Caltum<br>@acaltum, @barnhartguy<br><br>JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else<br><br>\"Exploits, Backdoors, and Hacks: words we do not commonly hear when speaking of Machine Learning (ML). In this talk, I will present the relatively new field of hacking and manipulate machine learning systems and the potential these techniques pose for active offensive research. <br>The study of Adversarial ML allows us to leverage the techniques used by these algorithms to find weak points and exploit them in order to achieve: <br>* Unexpected consequences (why did it decide this rifle is a banana?), <br>* Data leakage (how did they know Joe has diabetes) <br>* Memory corruption and other exploitation techniques (boom! RCE)<br>* Influence the output (input: virus, output: safe!, as seen on (DEF CON 25 - Hyrum Anderson - Evading next-gen AV using AI)[https://www.youtube.com/watch?v=FGCle6T0Jpc]).<br>In other words, while ML is great at identifying and classifying patterns, and an attacker can take advantage of this and take control of the system.<br>This talk is an extension of research made by many people, including presenters at DefCon, CCC, and others - a live demo will be shown on stage!<br>Garbage In, RCE Out :-)\"	<br><br>\'',0,134870),('4_Sunday','13','13:00','13:59','N','SKY','Flamingo 3rd Flr - Virginia City Rm','\'Game Runner 2049: The Battles Fought by the King of the Replicants\'','\'Nick Cano	\'','52c239f5a4ca7a18457e8e4aea63a81b','\'Title:\n<br>Game Runner 2049: The Battles Fought by the King of the Replicants\n<br>\n<br>Nick Cano	<br>@nickcano93	<br><br>Game Runner 2049: The Battles Fought by the King of the Replicants	<br><br>\"XenoBot is an engineered player, provided to cheaters for use in-game. It\'s enhanced reaction speed and inability to tire made it ideal for power leveling.<br><br>After a series of technological breakthroughs, it\'s use became ubiquitous and Tibia became a botter haven.<br><br>The collapse of fair play in the early 2000\'s led to the rise of DarkstaR, as his bot masked it\'s synthetic properties and averted detection.<br><br>Through XenoBot, DarkstaR acquired the keys to a line of botted characters that would silently obey and benefit him.<br><br>Many usurpers – in-game guilds, software crackers, and DDoSers – came forth. They hunted him to prove themselves.<br><br>Those he defeated still know him by the name... Game Runner<br><br>This is a talk for gamers and hackers about the battles I fought during a decade selling an MMORPG bot. I\'ll talk about what it was like to wield a surveillance system comprised of thousands of botted characters providing me with military-grade in-game intelligence. I\'ll outline the lessons I learned fighting off massive DDoS attacks on my own, including how I turned the laser on a mirror. I\'ll share a funny story about how serendipity convinced a forum that I had hacked them, as well as the the time I actually mass-hacked hundreds of users on a forum where child-porn was talked about with normalcy. I\'ll go into how CloudFlare doxxed me to that forum and how I hacked my way to the top of the situation without anyone being the wiser. After these and other tales, I hope you\'ll walk away from this talk laughing at my shenanigans while also having learned a few things about game development, hacking, and how to outmaneuver your opposition.\"	<br><br>\'',0,134871),('2_Friday','10','10:00','10:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Welcome\'','\'\'','ee30ecbc2c1c49f7c2f719dcd7c02ee3','\'Title:\n<br>Welcome\n<br>\n<br>10:00am<br>\n <br>\nWelcome<br>\nWhen<br>\nFri, August 10, 10:00am – 10:30am<br>\n\'',0,134872),('2_Friday','10','10:30','11:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'\"Won\'t Somebody Think of the Children?\" Examining COPPA Compliance at Scale\'','\'Irwin Reyes, Amit Elazari Bar On\'','b4010a6f71b90116826935fe0353f960','\'Title:\n<br>\"Won\'t Somebody Think of the Children?\" Examining COPPA Compliance at Scale\n<br>\n<br>10:30am<br>\n <br>\n\"Won\'t Somebody Think of the Children?\" Examining COPPA Compliance at Scale<br>\nWhen<br>\nFri, August 10, 10:30am – 11:00am<br>\nDescription<br>\n<br>\nSpeakers<br>\n-------<br>\nIrwin Reyes<br>\nAmit Elazari Bar On<br>\n<br>\nAbstract<br>\n--------<br>\nWe present a scalable dynamic analysis framework that allows for the automatic evaluation of the privacy behaviors of Android apps. We use our system to analyze mobile apps\' compliance with the Children\'s Online Privacy Protection Act (COPPA), one of the few stringent privacy laws in the U.S. Based on our automated analysis of 5,855 of the most popular free children\'s apps, we found that a majority are potentially in violation of COPPA, mainly due to their use of third-party SDKs. While many of these SDKs offer configuration options to respect COPPA by disabling tracking and behavioral advertising, our data suggest that a majority of apps either do not make use of these options or incorrectly propagate them across mediation SDKs. Worse, we observed that 19% of children\'s apps collect identifiers or other personally identifiable information (PII) via SDKs whose terms of service outright prohibit their use in child-directed apps. Finally, we show that efforts by Google to limit tracking through the use of a resettable advertising ID have had little success: of the 3,454 apps that share the resettable ID with advertisers, 66% transmit other, non-resettable, persistent identifiers as well, negating any intended privacy-preserving properties of the advertising ID.<br>\n<br>\nBio  <br>\n-----------------<br>\nIrwin is a researcher in the Usable Security and Privacy Group at the International Computer Science Institute (ICSI) affiliated with the University of California at Berkeley. He earned Bachelor\'s and Master\'s degrees from the University of Virginia in 2009 and 2011, respectively. Irwin has held positions developing ballistic missile defense systems at the Johns Hopkins University Applied Physics Laboratory and applying usable security concepts to commercial products at Dell. His research interests include measuring the privacy risks of everyday consumer products, user perceptions of security issues, and the online advertising ecosystem.<br>\n<br>\nAmit is a doctoral law candidate at UC Berkeley School of Law and a Berkeley Center for Long-Term Cybersecurity Grantee. Her work has been published in leading technology law journals, presented in conferences such as RSA, USENIX Enigma, BsidesLV, BsidesSF, DEF CON-Skytalks and Black Hat, and featured in leading news sites such as the Wall Street Journal, Washington Post, The Guardian and the Verge. Additionally, Amit teaches at UC Berkeley’s School of Information Master of Information and Cybersecurity (MICS) program and serves as the submissions editor of BTLJ, the world’s leading Tech Law Journal. On 2018, Amit was granted a CLTC grant for her work on private ordering regulating information security<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\nirwinreyescom<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://appcensus.mobi<br>\n\'',0,134873),('2_Friday','11','11:00','12:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Hamilton\'s Private Key: American Exceptionalism and the Right to Anonymity\'','\'Jeff Kosseff\'','4fdd8bf92a13e961e10d8188c33a2203','\'Title:\n<br>Hamilton\'s Private Key: American Exceptionalism and the Right to Anonymity\n<br>\n<br>11:00am<br>\n <br>\nHamilton\'s Private Key: American Exceptionalism and the Right to Anonymity<br>\nWhen<br>\nFri, August 10, 11am – 12pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nJeff Kosseff<br>\n<br>\nAbstract<br>\n--------<br>\nIn the Sixteenth Century, English Puritan preacher John Udal published a series of pamphlets criticizing the Anglican Church.  He signed the pamphlets under a pseudonym, Martin Marprelate.  The Bishops soon determined his identity, and Udal was sent to prison, where he died.  Such prosecutions for political views were common throughout in England throughout the Sixteenth, Seventeenth, and Eighteenth centuries.  <br>\n<br>\nSo it was not surprising that once the British colonies in America had achieved independence and were determining the future of their government, much of the debate occurred without real names.  When Alexander Hamilton, James Madison, and John Jay published the Federalist Papers, they did so under a single pseudonym, Publius.  <br>\n<br>\nAlthough the First Amendment does not explicitly require anonymity, U.S. courts repeatedly have held that that its free speech protections guarantee a strong (but not absolute) right to speak anonymously. In 1960, the Supreme Court struck down a Los Angeles ordinance that prohibited the distribution of anonymous handbills, and it invalidated a similar Ohio law in 1995.  Since the mid ’90s, state and federal courts have relied on this right to anonymity in rejecting defamation plaintiffs’ attempts to use the court discovery process to unmask the identities of anonymous Internet posters.   Although the United States is not the only nation to protect anonymity, its anonymity protections are among the strongest in the world, and have helped establish the robust online debate that we know today.<br>\n<br>\nLegal and policy debates surrounding encryption often focus on privacy rights and the Fourth Amendment.  While these discussions are vital, that they too often overlook the free speech-based anonymity rights that have been fundamental to the United States since its founding.  In this presentation, I present the research conducted to date for my book-in-progress, United States of Anonymity, tracing the history of this First Amendment-based right to speak anonymously.  I explain how this strong history of ensuring the right to speak anonymously applies to the current encryption debates, as well as the distinct but related issue of anonymity tools such as Tor.  I argue that encryption and anonymity are essential for Twenty-First Century free speech, and explain how the legal protection of pamphleteers extends to encryption and anonymity. <br>\n<br>\nTo be sure, some efforts to weaken encryption may not necessarily threaten an individual’s anonymity. And encryption is not the only protection for anonymity. However, there is significant overlap between the values underlying the First Amendment anonymity opinions and some justifications for encryption. Moreover, encryption has been an essential component of many of the most innovative anonymity tools (such as the techniques that newsrooms have adopted to receive anonymous tips). <br>\n<br>\n<br>\nBio  <br>\n-----------------<br>\nJeff Kosseff is an assistant professor of cybersecurity law at the U.S. Naval Academy. He is the author of Cybersecurity Law, a textbook, and his latest book, The Twenty-Six Words That Created the Internet, a history of Section 230 of the Communications Decency Act, will be published early next year by Cornell University Press. He previously practiced cybersecurity law at Covington & Burling, and clerked for Judges Milan Smith on the Ninth Circuit and Leonie Brinkema in the Eastern District of Virginia. Before becoming a lawyer, he was a technology journalist for The Oregonian and finalist for the Pulitzer Prize.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@jkosseff<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nwww.jeffkosseff.com<br>\n\'',0,134874),('2_Friday','12','12:00','13:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Cryptography, Codes, and Secret Writing: An Introduction to Secret Communications\'','\'Tess Schrodinger\'','7d558cc267ed2071dce78e08a5447985','\'Title:\n<br>Cryptography, Codes, and Secret Writing: An Introduction to Secret Communications\n<br>\n<br>12:00pm<br>\n <br>\nCryptography, Codes, and Secret Writing: An Introduction to Secret Communications<br>\nWhen<br>\nFri, August 10, 12:00pm – 1:30pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nTess Schrodinger<br>\n<br>\nAbstract<br>\n--------<br>\nWhat\'s the difference between a code and a cipher? What is the earliest known use of cryptography? Are there any codes that have never been solved? Whether you are new to the subject or a seasoned pro, this talk will have something for you. We will journey from the beginnings of secret writing to the future of secure communications in a post quantum world.<br>\n<br>\nBio  <br>\n-----------------<br>\nZero Point Field Operative and Cyber Shaman<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@TessSchrodinger<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://www.patreon.com/TessSchrodinger<br>\n\'',0,134875),('2_Friday','13','12:00','13:30','Y','CPV','Caesars Promenade Level - Milano BR 1,2','\'Cryptography, Codes, and Secret Writing: An Introduction to Secret Communications\'','\'Tess Schrodinger\'','7d558cc267ed2071dce78e08a5447985','\'\'',0,134876),('2_Friday','13','13:30','14:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Opportunistic Onion: More Protection Some of the Time\'','\'Mahrud Sayrafi\'','1002e9a71ea98aa3c2de38172c545cbd','\'Title:\n<br>Opportunistic Onion: More Protection Some of the Time\n<br>\n<br>1:30pm<br>\n <br>\nOpportunistic Onion: More Protection Some of the Time<br>\nWhen<br>\nFri, August 10, 1:30pm – 2:00pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nMahrud Sayrafi<br>\n<br>\nAbstract<br>\n--------<br>\nI will present results of a collaboration between the Tor Project, Mozilla, and Cloudflare to deploy onion services in Cloudflare\'s infrastructure in order to protect the security and privacy of Tor user connections terminating in our network. Leveraging the HTTP Alternative Services, we demonstrate how to defend against passive attacks by malicious Exit Nodes. As a secondary feature, this method enables distinguishing individual Tor circuits, which allows Cloudflare to assign reputation to circuits rather than IP addresses, therefore showing less CAPTCHA to humans.<br>\nAdditionally, I will introduce an open-source plugin for the Caddy Web Server which allows website admins to enable Opportunistic Onion using an existing HTTPS certificate with a simple configuration, nullifying the need to purchase Extended Validation certificates. Moreover, this plugin enables load balancing for the onion service.<br>\n<br>\nBio  <br>\n-----------------<br>\nFull-time mathematics student and part-time hacker.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\nmahrudsay<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nperfectoid.space<br>\n\'',0,134877),('2_Friday','14','14:00','15:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'\"Probably\": an Irreverent Overview of the GDPR\'','\'Brendan O’Connor\'','1d91873a968235421288cc66bf1ee10c','\'Title:\n<br>\"Probably\": an Irreverent Overview of the GDPR\n<br>\n<br>2:00pm<br>\n <br>\n\"Probably\": an Irreverent Overview of the GDPR<br>\nWhen<br>\nFri, August 10, 2pm – 3pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nBrendan O’Connor<br>\n<br>\nAbstract<br>\n--------<br>\nIf you work in privacy, technology, marketing, or the law, or if you have an email account, you\'ve heard of the GDPR. But what is it really? Why is your in-house lawyer grumpy all the time? Why is your marketing team walking around with stickers that say \"legitimate business use of data\" and trying to slap them on random objects to see if they stick? Why, legally, can\'t you remember anyone\'s names anymore? This presentation will attempt to take a look at the GDPR from the perspective of a confused outsider who can\'t quite believe what\'s going on (as opposed to a burned-out practitioner), without getting too worked up about it. We\'ll cover why the GDPR exists, what it does, why some people are freaked out about it, why to be concerned and/or unconcerned, and whether kittens or puppies make the better reference animal for GDPR compliance memes. Relax! It\'s all going to be fine! Probably.<br>\n<br>\n<br>\nBio  <br>\n-----------------<br>\nDescribed by coworkers as “not the lawyer we need, but the lawyer we deserve” (and he\'s pretty sure that wasn\'t meant as a compliment), Brendan O’Connor is a security researcher, consultant, and attorney based in Seattle. His day job is building security programs, but at night, he transforms into a person who spends too much time arguing with people who are wrong on the Internet. If caught, his companies will deny all knowledge of this presentation.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\nUSSJoin<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://ussjoin.com<br>\n\'',0,134878),('2_Friday','15','15:00','16:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Hiding in plain sight: Disguising HTTPS traffic with domain-fronting\'','\'Matt Urquhart\'','cf379814ba02e469b4ba8f88536a70b1','\'Title:\n<br>Hiding in plain sight: Disguising HTTPS traffic with domain-fronting\n<br>\n<br>3:00pm<br>\n <br>\nHiding in plain sight: Disguising HTTPS traffic with domain-fronting<br>\nWhen<br>\nFri, August 10, 3pm – 4pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nMatt Urquhart<br>\n<br>\nAbstract<br>\n--------<br>\nDomain-fronting is a technique used to disguise HTTPS traffic as being destined for one service, but actually communicating with a different service. It relies on an implementation detail of HTTPS stacks which share infrastructure between customers. Recently, there has been a large amount of media attention surrounding a popular instant-messaging app using this technique to evade censorship. What is domain fronting and how does it work? This talk aims to give you everything you need to fully understand domain fronting, try it yourself, and understand how domain-fronting can also open a path to DoS and IP spoofing attacks.<br>\n<br>\nBio  <br>\n-----------------<br>\nMatt is a software developer from Australia who first became interested in Infosec after hearing of hilarious pranks played during the early days of the Internet. In his spare time he enjoys playing the drums.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@arrtchiu<br>\n\'',0,134879),('2_Friday','16','16:00','17:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Cicada: What the Puzzles Can Teach Us About Cryptography and Privacy.\'','\'Nox\'','03d02b999efb3681d7162947c5d844ba','\'Title:\n<br>Cicada: What the Puzzles Can Teach Us About Cryptography and Privacy.\n<br>\n<br>4:00pm<br>\n <br>\nCicada: What the Puzzles Can Teach Us About Cryptography and Privacy.<br>\nWhen<br>\nFri, August 10, 4pm – 5pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nNox<br>\n<br>\nAbstract<br>\n--------<br>\nThe online cryptography challenge that\'s been sometimes called by the mainstream \"the hardest puzzle on the internet\" and \"one of the greatest online mysteries\" certainly earned those titles. Though mostly completed now for some years, there\'s a number of valuable things to be learned from how they handled and presented cryptography for both the well-versed as well as the uninitiated. A staggering number of individuals found themselves trying to study cryptography for the first time because of the pull the puzzles had on anyone who came across them, and somehow despite a massive online undertaking to find the creators, the question of their identity remains unanswered now 6 years later. The strategies and the attitudes used in the creation of these challenges could teach us all something about how we approach cryptography teaching and study, as well as how modern approaches to privacy actually fare against interested threats.<br>\n<br>\nBio  <br>\n-----------------<br>\nI\'ve long had a love for online cryptography challenges and puzzles, even before being one of a small number to finish the 2013 Cicada puzzle. I run a series on YouTube explaining puzzle steps and solutions, as well as tutorials on the skills required to approach these problems for people that want to learn. I\'m also a Canadian, a Computing Science student, and an obsessive fan of online privacy and the tools that allow for it.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@NoxPopuli3301<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nyoutube.com/c/noxpopuli<br>\n\'',0,134880),('2_Friday','17','17:00','18:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Revolutionizing Authentication with Oblivious Cryptography\'','\'Dr Adam Everspaugh\'','769adba2242c404846c80235057e04ac','\'Title:\n<br>Revolutionizing Authentication with Oblivious Cryptography\n<br>\n<br>5:00pm<br>\n <br>\nRevolutionizing Authentication with Oblivious Cryptography<br>\nWhen<br>\nFri, August 10, 5pm – 6pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nDr Adam Everspaugh<br>\n<br>\nAbstract<br>\n--------<br>\nCurrent schemes to protect user passwords like bcrypt, scrypt, and iterative hashing are insufficient to resist offline dictionary attacks when password databases are stolen. We present a modern cloud service, called Pythia, which protects passwords using a cryptographically keyed pseudorandom function (PRF). Unlike existing schemes like HMAC, Pythia permits key updates as a response to compromises. Key updates nullify stolen password digests, enable digests to be updated to the new key, and don\'t require users to change their passwords. The keystone of is a new cryptographic construction called a partially-oblivious PRF that provides these new features.<br>\n<br>\nPythia was originally unveiled at Usenix Security 2015. In 2018, a production implementation of Pythia was created and open sourced via GitHub by Virgil Security. In addition to a presenting the Pythia construction, and demonstrating it\'s unique security features and performance advantage over the state of the art, we will provide a live demonstration of Virgil Security\'s Pythia client tool from installation through protecting and checking passwords.<br>\n<br>\n<br>\nBio  <br>\n-----------------<br>\nDr Adam Everspaugh is a principal engineer and cryptographer for Uptake Technologies, an industrial predictive analytics company in Chicago. He holds a PhD in computer science from the University of Wisconsin where he researched applied cryptography for internet-scale systems.<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttp://pages.cs.wisc.edu/~ace/<br>\n\'',0,134881),('2_Friday','18','18:00','18:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Announcing the Underhanded Crypto Contest Winners\'','\'Adam Caudill, Taylor Hornby\'','b2f479041988636a8460bbfc79ee6716','\'Title:\n<br>Announcing the Underhanded Crypto Contest Winners\n<br>\n<br>6:00pm<br>\n <br>\nAnnouncing the Underhanded Crypto Contest Winners<br>\nWhen<br>\nFri, August 10, 6:00pm – 6:30pm<br>\nDescription<br>\nSpeakers<br>\n-------<br>\nAdam Caudill<br>\nTaylor Hornby<br>\n<br>\nAbstract<br>\n--------<br>\nThis session announces the winners of the 5th annual Underhanded Crypto Contest.<br>\n<br>\nBio  <br>\n-----------------<br>\nAdam Caudill and Taylor Hornby are the founders and organizers of Underhanded Crypto Contest; a contest dedicated to research in how to undermine cryptography in unusual and hard to detect ways.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@adamcaudill @DefuseSec<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://underhandedcrypto.com<br>\n\'',0,134882),('2_Friday','18','18:30','19:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Closing Time\'','\'\'','d343b392823ea16505704bfacb133994','\'Title:\n<br>Closing Time\n<br>\n<br>6:30pm<br>\n <br>\nClosing Time<br>\nWhen<br>\nFri, August 10, 6:30pm – 7:00pm<br>\n\'',0,134883),('3_Saturday','10','10:00','10:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Welcome\'','\'\'','1fe6df8b7e0fcf0f34e1518769999a70','\'Title:\n<br>Welcome\n<br>\n<br>10:00am<br>\n <br>\nWelcome<br>\nWhen<br>\nSat, August 11, 10:00am – 10:30am<br>\n\'',0,134884),('3_Saturday','10','10:30','11:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Cloud Encryption: How to not suck at securing your encryption keys\'','\'Marie Fromm\'','00397c884688a0a79e1fa933f4c0d015','\'Title:\n<br>Cloud Encryption: How to not suck at securing your encryption keys\n<br>\n<br>10:30am<br>\n <br>\nCloud Encryption: How to not suck at securing your encryption keys<br>\nWhen<br>\nSat, August 11, 10:30am – 11:30am<br>\nDescription<br>\nSpeaker<br>\n------<br>\nMarie Fromm<br>\n<br>\nAbstract<br>\n--------<br>\nCommon Cloud Data Encryption patterns are not preventing data breaches because many are doing encryption key management wrong. There is a tendency to apply \"compliance checkbox\" encryption, which does nothing to protect data against common threats. In many cases, it\'s like buying a strong FIPS140-2 certified deadbolt but leaving the key in the door. <br>\n<br>\nWe\'ll roll up our sleeves and take a deep dive at the problem and explore practical, actionable ways a security practitioner can get better control of encryption keys used in cloud solutions.  Finally, we\'ll discuss new ways of detecting when Bad Things are happening, and ways of using cloud automation to stop the bleeding.<br>\n<br>\n<br>\nBio  <br>\n-----------------<br>\nMarie leads a Cryptography team in a large global company, helping to design encryption solutions for I.T. as well as specialized cryptographic designs used in products and systems.  Marie is passionate about both coffee and computer security and has 20 years experience in a variety of Infosec roles. Marie is a happy #RealLiveTransAdult<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@msfromm<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttp://www.mariefromm.com<br>\n\'',0,134885),('3_Saturday','11','10:30','11:30','Y','CPV','Caesars Promenade Level - Milano BR 1,2','\'Cloud Encryption: How to not suck at securing your encryption keys\'','\'Marie Fromm\'','00397c884688a0a79e1fa933f4c0d015','\'\'',0,134886),('3_Saturday','11','11:30','12:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Green Locks for You and Me\'','\'Wendy Knox Everette\'','8665d475c152911bdea5e3470a66865d','\'Title:\n<br>Green Locks for You and Me\n<br>\n<br>11:30am<br>\n <br>\nGreen Locks for You and Me<br>\nWhen<br>\nSat, August 11, 11:30am – 12:00pm<br>\nDescription<br>\n<br>\n<br>\n<br>\nSpeaker<br>\n------<br>\nWendy Knox Everette<br>\n<br>\nAbstract<br>\n--------<br>\nHow do you give your personal domain a green \"Secure\" lock? Can you prevent your domain from being used for spam and phishing emails? <br>\n<br>\nThis talk is a little different from most \"crypto\" talks - it\'s not about how some neat new encryption algorithm works, or writing code. Instead, it\'s about how to use the awesome crypto tools already available to make your online presence more secure. This talk came out of my frustration with tutorials online for setting up my personal website domain with TLS and my email domain with DMARC/DKIM/SPF. We\'ll walk through how to use free services to serve a website over TLS and how to configure a personal email domain to block it from being used to send spam and phishing emails.<br>\n<br>\nBio  <br>\n-----------------<br>\nWendy Knox Everette (@wendyck) is a hacker lawyer who began her career as a software developer, before going to law school, where she focused on national security law and computer security issues. Currently she lives in Washington State where she advises companies on risk and security regulations. She created and hosted the first student webserver to host personal homepages at her undergrad in 1995, and registered her personal domain in 2000, but only recently got it moved to TLS.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@wendyck<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://www.wendyk.org<br>\n\'',0,134887),('3_Saturday','12','12:00','13:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'No Way JOSE! Designing Cryptography Features for Mere Mortals\'','\'Scott Arciszewski\'','fea5fb72758d1c6d4a84bb6aa1cc839b','\'Title:\n<br>No Way JOSE! Designing Cryptography Features for Mere Mortals\n<br>\n<br>12:00pm<br>\n <br>\nNo Way JOSE! Designing Cryptography Features for Mere Mortals<br>\nWhen<br>\nSat, August 11, 12pm – 1pm<br>\nDescription<br>\nSpeaker<br>\n<br>\n------<br>\nScott Arciszewski<br>\n<br>\nAbstract<br>\n--------<br>\nThe past three years of vulnerability research and cryptanalysis has not been kind to the JOSE family of Internet standards (most commonly known as JSON Web Tokens a.k.a. JWT). This has led to many security experts declaring boldly, \"Don\'t use JWT!\" but has left many developers in want of a viable alternative. Scott went a step further and designed a safer alternative: PASETO (Platform-Agnostic SEcurity TOkens), which is currently implemented in 10 programming languages.<br>\n<br>\nBio  <br>\n-----------------<br>\nScott Arciszewski specializes in security, and not just compliance either. His passion is to encourage companies to get reasonable protection against data breaches. This is why he cofounded Paragon Initiative Enterprises.<br>\n<br>\nScott has over 15 years of software development, system administration, and of course, application security under his belt. He has a passion for Open Source software and believes no one should be limited by the diversity or quality of their software.<br>\n<br>\nWhen he’s not solving security problems, you can find Scott writing on his company blog, contributing secure code snippets to Stack Overflow, attending security conferences, and educating people about security on Twitter.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\nCiPHPerCoder<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://paragonie.com/blog/author/scott-arciszewski<br>\n\'',0,134888),('3_Saturday','13','13:00','13:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Sluts, Bullies, and Best Selves: Rethinking Digital Privacy Education\'','\'Caroline D. Hardin, Jen Dalsen\'','42b0d624c9b0895834ca5938c069abfa','\'Title:\n<br>Sluts, Bullies, and Best Selves: Rethinking Digital Privacy Education\n<br>\n<br>1:00pm<br>\n <br>\nSluts, Bullies, and Best Selves: Rethinking Digital Privacy Education<br>\nWhen<br>\nSat, August 11, 1:00pm – 1:30pm<br>\nDescription<br>\nSpeakers<br>\n-------<br>\nCaroline D. Hardin<br>\nJen Dalsen<br>\n<br>\nAbstract<br>\n--------<br>\nYou try to lock down your privacy on apps, but the settings are poorly thought out. You use a Signal and VPN, but all the best privacy technology in the world isn’t going to save you from the gossipy neighbor who overshares your information. And when it comes to kids, well, we know better than anyone that they’ll figure a way around netnanny, but they make horrible choices when they do. All these problems stem from the general public needing to be more sophisticated in the design and use of digital privacy. We took a hard look at  the digital privacy curriculum most people are getting, and propose a new way forward which ditches slut shaming for celebrating identity, and trades silencing voices for negotiating boundaries.<br>\n<br>\nBio  <br>\n-----------------<br>\nCaroline D. Hardin is a PhD student studying Computer Science Education. She is interested in digital privacy, e-textiles, hackathons, and the educational culture of hackers.  Currently she is the Southern Wisconsin Regional Manager for Microsoft TEALS, which helps pair new high school CS teachers with industry mentors.<br>\n<br>\nJennifer Dalsen is a doctoral student in the Department of Curriculum & Instruction at UW-Madison. She looks at strategies students use to build scientific capacity and coordinate artifacts through gameplay. Her professional background includes user experience testing, qualitative analyses, quantitative analyses, data collecting, conducting interviews, focus groups, building surveys, and more.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@carolinescastle<br>\n\'',0,134889),('3_Saturday','13','13:30','14:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Building a Cryptographic Backdoor in OpenSSL\'','\'Lei Shi, Allen Cai\'','4ada2ed87ca76b216d1ae5b940a2a601','\'Title:\n<br>Building a Cryptographic Backdoor in OpenSSL\n<br>\n<br>1:30pm<br>\n <br>\nBuilding a Cryptographic Backdoor in OpenSSL<br>\nWhen<br>\nSat, August 11, 1:30pm – 2:00pm<br>\nDescription<br>\nSpeakers<br>\n-------<br>\nLei Shi<br>\nAllen Cai<br>\n<br>\nAbstract<br>\n--------<br>\nUnlike common examples of a backdoor, cryptographic backdoors are the field of surreptitiosly weakening cryptographic systems such as deliberately inserting vulnerabilities to a pseudorandom number gen-erator to make cryptanalysis easier. OpenSSL as become since many years ago, the defacto library/tool for implementing cryptographic protocols into our applications and secure them. In this talk, we will try to modify the code of OpenSSL to bulid a new method of cryptographic backdoor, and then the attacker can easy decrypt the encryption data by RSA or ECC.<br>\n<br>\nBio  <br>\n-----------------<br>\nLei Shi is a security researcher of 360-CERT, mainly focus on cryptography security and vulnerability discovery. He has discovered 100+ bugs and gained 20+ CVEs(E.g: SSL Death Alert) from OpenSSL, OpenSSH, VMware. He obsesses with math and computer security, and currently is working on Windows Search protocol security, Linux kernel security and development of vulnerability discovery tools. He has made talks at BlueHat2017, SysCAN.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\ncyg0x7<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://cert.360.cn<br>\n\'',0,134890),('3_Saturday','14','14:00','14:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'CATs - A Tale of Scalable Authentication\'','\'Yueting Lee\'','f22264eb52cf64dd20bec9f3b0af6c54','\'Title:\n<br>CATs - A Tale of Scalable Authentication\n<br>\n<br>2:00pm<br>\n <br>\nCATs - A Tale of Scalable Authentication<br>\nWhen<br>\nSat, August 11, 2:00pm – 2:30pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nYueting Lee<br>\n<br>\nAbstract<br>\n--------<br>\nCrypto Auth Tokens (CATs) are used in Facebook’s scalable, token-based authentication backend infrastructure. They were created to deal with an ever growing, large-scale, multi-system organization. CATs are flexible, performant, and reliable. They support authentication at scope and scale for Facebook’s backend infrastructure.<br>\n<br>\nBio <br>\n-----------------<br>\nYueting Lee is a software engineer at Facebook, building security infrastructure within Facebook’s infrastructure. Yueting is originally from Hong Kong but went on to study at the Georgia Institute of Technology, where she graduated with a degree in Computer Science.<br>\n\'',0,134891),('3_Saturday','14','14:30','15:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Jailed by a Google Search: the Surveillance State\'s War on Self-induced Abortion\'','\'Pigeon\'','9cc5fa3a5af5d11b352f48227e3aaeed','\'Title:\n<br>Jailed by a Google Search: the Surveillance State\'s War on Self-induced Abortion\n<br>\n<br>2:30pm<br>\n <br>\nJailed by a Google Search: the Surveillance State\'s War on Self-induced Abortion<br>\nWhen<br>\nSat, August 11, 2:30pm – 3:00pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nPigeon<br>\n<br>\nAbstract<br>\n--------<br>\nFar from a chapter in A Handmaids Tale, today those who try, succeed, or even consider ending their own pregnancies are arrested and imprisoned, often incriminated by their own devices. We have the opportunity to lend our security skills to those disproportionately likely to experience surveillance: those seeking to self-induce abortions by ordering medication online. We\'ll cover what the portal to online care (and resulting digital paper trail) looks like, and why \"single-use” privacy needs are the next major challenge in protecting our digital reproductive rights.<br>\n<br>\nBio  <br>\n-----------------<br>\nPigeon is Director of a security nonprofit and organizer of civic hackathons. A self-professed tech regulatory nerd, she leads a team building technologies for safer abortion access, security research and open data projects to reinforce government and tech company accountability to reproductive rights. In her free time she recreationally files FOIA requests, fundraises for abortions, and builds and plays games.<br>\n\'',0,134892),('3_Saturday','15','15:00','16:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else\'','\'Guy Barnhart-Magen, Ezra Caltum\'','11d7b6ed405cf0b0afcf94632cb5f3ec','\'Title:\n<br>JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else\n<br>\n<br>3:00pm<br>\n <br>\nJARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else<br>\nWhen<br>\nSat, August 11, 3pm – 4pm<br>\nDescription<br>\nSpeakers<br>\n-------<br>\nGuy Barnhart-Magen<br>\nEzra Caltum<br>\n<br>\nAbstract<br>\n--------<br>\nExploits, Backdoors, and Hacks: words we do not commonly hear when speaking of Machine Learning (ML). In this talk, I will present the relatively new field of hacking and manipulate machine learning systems and the potential these techniques pose for active offensive research. <br>\nThe study of Adversarial ML allows us to leverage the techniques used by these algorithms to find weak points and exploit them in order to achieve: <br>\n* Privacy leakage - can we tell if someone was part of the dataset the ML trained on?<br>\n* Unexpected consequences (why did it decide this rifle is a banana?), <br>\n* Data leakage (how did they know Joe has diabetes) <br>\n* Memory corruption and other exploitation techniques (boom! RCE)<br>\n* Influence the output (input: virus, output: safe!, as seen on (DEF CON 25 - Hyrum Anderson - Evading next-gen AV using AI)[https://www.youtube.com/watch?v=FGCle6T0Jpc]).<br>\nIn other words, while ML is great at identifying and classifying patterns, and an attacker can take advantage of this and take control of the system.<br>\nThis talk is an extension of research made by many people, including presenters at DefCon, CCC, and others - a live demo will be shown on stage!<br>\n<br>\nGarbage In, RCE Out :-)<br>\n<br>\n<br>\nBio  <br>\n-----------------<br>\nGuy is a member of the BSidesTLV organizing team and recipient of the Cisco “black belt” security ninja honor – the highest cyber security advocate rank.<br>\nWith over 15 years of experience in the cyber-security industry, he held various positions in both corporates and start-ups. <br>\nHe is currently a security research manager at Intel, where he focuses on AI Security, reverse engineering and researching various embedded systems.<br>\n<br>\nEzra is a cyber-security practitioner, with a passion for reverse engineering, data analysis, and exploitation. He is the leader of the Tel Aviv DC9723 Defcon group and a co-founder and organizer of BSidesTlv.<br>\nCurrently, he works as a Security Research Manager at Intel.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@barnhartguy<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://productsecurity.info/<br>\n\'',0,134893),('3_Saturday','16','16:00','17:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Anonymous rate-limiting in services with Direct Anonymous Attestation\'','\'Alex Catarineu, Philipp Claßen, Konark Modi, Josep M. Pujol\'','b8f4e74f6792a1f4da606b0a955c5dee','\'Title:\n<br>Anonymous rate-limiting in services with Direct Anonymous Attestation\n<br>\n<br>4:00pm<br>\n <br>\nAnonymous rate-limiting in services with Direct Anonymous Attestation<br>\nWhen<br>\nSat, August 11, 4pm – 5pm<br>\nDescription<br>\nAuthors<br>\n-------<br>\nAlex Catarineu<br>\nPhilipp Claßen<br>\nKonark Modi<br>\nJosep M. Pujol<br>\n<br>\nAbstract<br>\n--------<br>\nAnonymous data collection systems allows users to contribute the data necessary to build services and applications while preserving their privacy.<br>\n<br>\nAnonymity, however, can be abused by malicious agents, injecting fabricated data, aiming to subvert or to sabotage the data collection.<br>\n<br>\nAt Cliqz we deal with the same challenge. Our data collection systems in Cliqz Browser and Extension which power our search engine[1], anti-tracking systems[2] are designed in a way that server cannot link that two messages are from the same user.<br>\nBut if the user is fully anonymous, how can the system prevent an attacker<br>\nfrom polluting the data collection?<br>\n<br>\nWe will showcase an efficient mechanism to block an attacker without compromising the privacy and anonymity of the users. <br>\nThis system builds on top of Direct Anonymous Attestation, a proven cryptographic primitive to implement service rate-limiting in a scenario where messages between users and the service are sent anonymously and message unlinkability is to be preserved. <br>\nRate-limiting constraints for a service are defined as an arbitrary mapping from every possible valid message to a \'rate-limiting tag\' string, in such a way that the constraints can be enforced if the service never accepts more than one message from the same user with same tag. <br>\nUnder this definition, we employ DAA protocol to enforce these \'message quotas\' without being able to link user messages. If authorized, users receive credentials issued by the service. These can be used to sign messages with respect to a \'basename\' string, in such a way that two signatures performed with the same credentials are unlinkable if and only if their basenames are different. By forcing the mentioned rate-limiting tag to be in the signature basename the rate-limiting constraints can be enforced. <br>\nService will verify the signature according to the DAA protocol and accept the message if and only if the tag that maps to the rate-limiting ‘basename’ has still not been seen. <br>\n<br>\nWe present all components needed to build and deploy such protection on existing<br>\ndata collection systems with little overhead.<br>\n<br>\nThis system which is running in production for Cliqz browser is however not limited to browsers or extensions, it has been implemented in a scenario where user code is running in a web browser, thanks to WebAssembly and asm.js.<br>\n<br>\nReferences:<br>\n1.	Human-web Overview: https://gist.github.com/solso/423a1104a9e3c1e3b8d7c9ca14e885e5<br>\n2.	Anti-tracking: https://static.cliqz.com/wp-content/uploads/2016/07/Cliqz-Studie-Tracking-the-Trackers.pdf<br>\n<br>\n<br>\nBio  <br>\n-----------------<br>\nSpeaker 1: Alex Catarineu<br>\nAlex works with Cliqz GmbH as a Software Engineer – developing privacy-focused search engine and browser. He works on projects ranging across Privacy by design, Human-web, Human-web proxy network, Connect etc. Prior to Cliqz, he started working in a mobile analytics startup in Barcelona. After that, Alex and some colleagues won an entrepreneurship grant to build a web application for helping people better organize their trips.He is interested in many fields, such as algorithms and data structures, cryptography, machine learning, graphics and video games. He is also a decent chess player and enjoys playing and improving at it.<br>\n<br>\nSpeaker 2: Konark Modi<br>\nKonark works as a Tech lead with Cliqz GmbH – developing privacy-focused search engine and browser. He works on projects ranging across Privacy by design, Anonymous Data collection like Human Web, Anti-Tracking etc.<br>\n<br>\nPrior to Cliqz, Konark was working with one of the largest e-commerce website in India(Makemytrip.com) in data platform and security team, solving interesting challenges related to DWH, BI and data security.<br>\n<br>\nHis recent personal projects, in an endeavor to help organizations fix vulnerabilities have spanned across browsers, health trackers, Government services, travel mobile apps etc.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\nSpeaker 2: @konarkmodi<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nSpeaker 1: http://github.com/acatarineu/ , Speaker 2: https://medium.com/@konarkmodi<br>\n\'',0,134894),('3_Saturday','17','17:00','18:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Prototyping Cryptographic Protocols With Charm\'','\'Matt Cheung\'','f5909a5d6a1fc007c5ec1f327c33af6b','\'Title:\n<br>Prototyping Cryptographic Protocols With Charm\n<br>\n<br>5:00pm<br>\n <br>\nPrototyping Cryptographic Protocols With Charm<br>\nWhen<br>\nSat, August 11, 5pm – 6pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nMatt Cheung<br>\n<br>\nAbstract<br>\n--------<br>\nModern cryptographic research uses a variety of lesser known primitives like homomorphic encryption, sigma protocols, oblivious transfer, and bilinear groups.  Charm is a Python framework that implements many of these primitives and makes it easy to implement your own.  In this workshop, I will discuss the primitives and demonstrate how they can be used. If you would like to follow along you can clone the charm repo from https://github.com/JHUISI/charm<br>\n<br>\nBio  <br>\n-----------------<br>\nMatt Cheung started developing his interest in cryptography during an internship in 2011. He worked on implementation of a secure multi-party protocol by adding elliptic curve support to an existing secure text pattern matching protocol. From this experience he has given talks and workshops at the Boston Application Security Conference, DEF CON, and the DEF CON Crypto and Privacy Village.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\nnullpsifer<br>\n\'',0,134895),('3_Saturday','18','18:00','18:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'(Not Recorded) Ask Me Anything about Tor: AMA with Roger Dingledine\'','\'Roger Dingledine\'','89e60cf83f838c7a248371b4d2b80eea','\'Title:\n<br>(Not Recorded) Ask Me Anything about Tor: AMA with Roger Dingledine\n<br>\n<br>6:00pm<br>\n <br>\n(Not Recorded) Ask Me Anything about Tor: AMA with Roger Dingledine<br>\nWhen<br>\nSat, August 11, 6:00pm – 6:30pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nRoger Dingledine<br>\n<br>\nAbstract<br>\n--------<br>\nRoger Dingledine, president and co-founder of the Tor Project, a nonprofit that develops free and open source software to protect people from tracking, censorship, and surveillance online, will give an overview of several aspects of Tor, including new developments since he last spoke at DEF CON. The majority of the session will be devoted to questions from the audience, AMA style.<br>\n<br>\nBio  <br>\n-----------------<br>\nRoger Dingledine is president and co-founder of the Tor Project, a nonprofit that develops free and open source software to protect people from tracking, censorship, and surveillance online. Wearing one hat, Roger works with journalists and activists on nearly every continent to help them understand and defend against the threats they face. Wearing another hat, he is a lead researcher in the online anonymity field, coordinating and mentoring academic researchers working on Tor-related topics, and, since 2002, has helped to organize the yearly international Privacy Enhancing Technologies Symposium (PETS). Among his achievements, Roger was chosen by the MIT Technology Review as one of its top 35 innovators under 35, he co-authored the Tor design paper that won the Usenix Security \"Test of Time\" award, and he has been recognized by Foreign Policy magazine as one of its top 100 global thinkers.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@RogerDingledine, @TorProject<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\ntorproject.org<br>\n\'',0,134896),('3_Saturday','18','18:30','19:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Closing\'','\'\'','697d8256a12a800842ef5b5e0704921a','\'Title:\n<br>Closing\n<br>\n<br>6:30pm<br>\n <br>\nClosing<br>\nWhen<br>\nSat, August 11, 6:30pm – 7:00pm<br>\n\'',0,134897),('4_Sunday','10','10:00','10:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Welcome\'','\'\'','d2e13708cb56b71bf1423ffd44bfb8fe','\'Title:\n<br>Welcome\n<br>\n<br>10:00am<br>\n <br>\nWelcome<br>\nWhen<br>\nSun, August 12, 10:00am – 10:30am<br>\n\'',0,134898),('4_Sunday','10','10:30','11:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Geolocation and Homomorphic Encryption\'','\'Nicholas Doiron\'','054e4751ee6fea1b86638f567fff7a73','\'Title:\n<br>Geolocation and Homomorphic Encryption\n<br>\n<br>10:30am<br>\n <br>\nGeolocation and Homomorphic Encryption<br>\nWhen<br>\nSun, August 12, 10:30am – 11:00am<br>\nDescription<br>\nSpeaker<br>\n------<br>\nNicholas Doiron<br>\n<br>\nAbstract<br>\n--------<br>\nHow often are apps asking for your location? Lat/lng coordinates reveal a lot about you, but we share them every day with web services to look up our location and find nearby businesses.<br>\n<br>\nWhat if it were possible to encrypt the coordinates which we were searching, and a web service could find results for us anyway? This talk shows sample code of homomorphic encryption being used in geo/location searches (Paillier cryptosystem, JavaScript and Python), and potential futures for private geodata.<br>\n<br>\nBio  <br>\n-----------------<br>\nNick is a web developer and mapmaker currently at McKinsey & Company\'s New York City office. Previously he worked at One Laptop per Child, Code for America, and the Museum of Modern Art.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@mapmeld<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://github.com/georeactor/crypto-geofence<br>\n\'',0,134899),('4_Sunday','11','11:00','12:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Two-Steps to Owning MFA\'','\'Sherrie Cowley, Dennis Taggart\'','d6476111d4ca4f3de9616a4258ebb422','\'Title:\n<br>Two-Steps to Owning MFA\n<br>\n<br>11:00am<br>\n <br>\nTwo-Steps to Owning MFA<br>\nWhen<br>\nSun, August 12, 11am – 12pm<br>\nDescription<br>\nSpeakers<br>\n-------<br>\nSherrie Cowley<br>\nDennis Taggart<br>\n<br>\nAbstract<br>\n--------<br>\nAuthentication is not a company’s silver bullet. We will walk through common methods used in MFA including SMS, TOTP (i.e. Google Authenticator), Push Notifications, and U2F Security Keys. We will show how each method works in simple terms and the weaknesses of all of them. You will be able to generate your own TOTP six digit code and learn how to break each MFA method. You will also learn additional controls to protect your environments. This presentation will appeal to both red and blue teams.<br>\n<br>\nBio  <br>\n-----------------<br>\nSherrie Cowley has a Masters in Information Systems with an emphasis on software engineering and cyber security. She has managed help desk, software engineering, and identity and access management teams and is currently an Information Security Manager for a large organization. She has presented at SaintCon, HackWest, and multiple universities, was a keynote for Splunk Live, and acts as a liaison for InfraGard members and the FBI Cyber Task Force.<br>\n<br>\nDennis Taggart is the Sr. Penetration Tester for a large organization. He holds over five years of information security experience and has diverse interests. He earned a B.A. in Middle Eastern Studies (Arabic), an M.A. in Political Science, holds seven GIAC certs, winner of a hardware hacking village and NetWars, and is currently pursuing the MSISE from SANS.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@SherrieCowley @dennisdt3<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nBreakingmfa.com<br>\n\'',0,134900),('4_Sunday','12','12:00','13:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Implementing a Library for Pairing-based Transform Cryptography\'','\'Bob Wall, Colt Frederickson\'','5b74ede93b31b4a4b36bee845424d1eb','\'Title:\n<br>Implementing a Library for Pairing-based Transform Cryptography\n<br>\n<br>12:00pm<br>\n <br>\nImplementing a Library for Pairing-based Transform Cryptography<br>\nWhen<br>\nSun, August 12, 12pm – 1pm<br>\nDescription<br>\nSpeakers<br>\n-------<br>\nBob Wall<br>\nColt Frederickson<br>\n<br>\nAbstract<br>\n--------<br>\nWe will present background on transform cryptography, also known as proxy re-encryption, We start with an overview of elliptic curves over finite fields and pairings using bilinear maps and discuss how they can be used to implement cryptographic primitives. We next describe the idea of transform cryptography and enumerate desirable properties of transform cryptography schemes, then examine in more detail a specific multi-hop transform encryption scheme.<br>\n<br>\nWe will then describe how we implemented a library to provide the primitives required for that multi-hop transform encryption scheme. Finally, we discuss the security implications of recent advances in evaluating discrete logarithms using the special number field sieve, and why that led us to increase the key length of the scheme from 256 bits to 480 bits.<br>\n<br>\nBio  <br>\n-----------------<br>\nBob: Co-founder & CTO of IronCore Labs, a startup focused on building products to help app developers build strong security into their offerings.<br>\n<br>\nColt: Senior software engineer at IronCore Labs. Functional programming guru with a strong background in big data.<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\n@bithead_bob, @coltfred<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://github.com/IronCoreLabs/recrypt, http://ironcorelabs.com<br>\n\'',0,134901),('4_Sunday','13','13:00','14:00','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'Integrating post-quantum crypto into real-life applications\'','\'Christian Paquin\'','fe059f8ee697c157e6b1e7f08bb950d9','\'Title:\n<br>Integrating post-quantum crypto into real-life applications\n<br>\n<br>1:00pm<br>\n <br>\nIntegrating post-quantum crypto into real-life applications<br>\nWhen<br>\nSun, August 12, 1pm – 2pm<br>\nDescription<br>\nSpeaker<br>\n------<br>\nChristian Paquin<br>\n<br>\nAbstract<br>\n--------<br>\nQuantum computers pose a grave threat to the public-key cryptography we use today. Many quantum-safe alternatives have been proposed to alleviate this problem. None of these, however, provide a perfect replacement for our conventional algorithms. Indeed, they either result in increased bandwidth, bigger keys, and/or slower runtime, thus greatly impacting their integration into crypto applications.<br>\n<br>\nIn this talk, I’ll give an overview of the emerging post-quantum cryptography (PQC) schemes. I’ll then present the lessons we have learned from our prototype integrations into real-life protocols and applications (such as TLS, SSH, and VPN), and our experiments on a variety of devices, ranging from IoT devices, to cloud servers, to HSMs. I’ll discuss the Open Quantum Safe project for PQC development, and related open-source forks of OpenSSL, OpenSSH, and OpenVPN that can be used to experiment with PQC today. I’ll present a demo of a full (key exchange + authentication) PQC TLS 1.3 connection.<br>\n<br>\nThis work sheds lights on the practicality of PQC, encouraging early adoption and experimentation by the security community.<br>\n<br>\nBio  <br>\n-----------------<br>\nI am a crypto specialist in MSR’s Security and Cryptography team [1]. I’m currently involved in projects related to post-quantum cryptography, such as the Open Quantum Safe project [2], and leading the development of the U-Prove technology [3]. I’m also interested in privacy-enhancing technologies, smart cloud encryption (e.g., searchable and homomorphic encryption), and the intersection of AI and security.<br>\n<br>\nPrior to joining Microsoft in 2008, I was the Chief Security Engineer at Credentica, a crypto developer at Silanis Technology working on digital signature systems, and a security engineer at Zero-Knowledge Systems working on TOR-like systems.<br>\n<br>\n[1] https://www.microsoft.com/en-us/research/group/security-and-cryptography/<br>\n[2] https://github.com/open-quantum-safe<br>\n[3] https://microsoft.com/uprove<br>\n<br>\nTwitter handle of presenter(s)<br>\n------------------------------<br>\nchpaquin<br>\n<br>\nWebsite of presenter(s) or content<br>\n----------------------------------<br>\nhttps://www.microsoft.com/en-us/research/people/cpaquin/<br>\n\'',0,134902),('4_Sunday','14','14:00','14:30','N','CPV','Caesars Promenade Level - Milano BR 1,2','\'(Not Recorded) Closing Remarks\'','\'\'','973f75c50fe52c5914ea882c59db285d','\'Title:\n<br>(Not Recorded) Closing Remarks\n<br>\n<br>2:00pm<br>\n <br>\n(Not Recorded) Closing Remarks<br>\nWhen<br>\nSun, August 12, 2:00pm – 2:30pm<br>\n\'',0,134903),('2_Friday','11','11:00','11:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Goodwatch Update\'','\'Travis Goodspeed\'','wv__goodwatch_update','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"travis_goodspeed\">Travis Goodspeed</h1>\n            <h3>Bio</h3>\n            <p>The REAL Travis Goodspeed </p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@travisgoodspeed\">@travisgoodspeed</a>\n            </p>\n\n            <h2 id=\"goodwatch_update\">Goodwatch Update</h2>\n            <h3>Abstract</h3>\n            <p>Goodwatch </p>\n        </div>\n\'',0,134904),('2_Friday','12','12:00','12:25','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'BSSI [Brain Signal Strength Indicator] - finding foxis with acoustic help (piClicker)\'','\'steve0\'','wv__bssi','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"stev0\">stev0</h1>\n            <h3>Bio</h3>\n            <p>Ops guy and security hobbyist</p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@_stevo\">@_stevo</a><br>\n                <a href=\"https://github.com/shollingsworth/piClicker\">piClicker Github</a>\n            </p>\n\n            <h2 id=\"bssi\">BSSI [Brain Signal Strength Indicator] - finding foxes with acoustic help (piClicker)</h2>\n            <h3>Abstract</h3>\n            <p>Present, and (hopefully) Demo using a raspberry pi to detect wifi signal strength via audio click frequency.</p>\n        </div>\n\'',0,134905),('2_Friday','12','12:30','12:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'RFNoC: Accelerating the Spectrum with the FPGA\'','\'Neel Pandeya and Nate Temple\'','wv__rfnoc','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"neel_pandeya\">Neel Pandeya</h1>\n            <h3>Bio</h3>\n            <p>Neel Pandeya is a Senior Software Engineer and Manager of the Technical Support Group at Ettus Research, a National Instruments Company, in Santa Clara, California, USA. His background and interests are in open-source software development, kernel and embedded software development, wireless and cellular communications, DSP and signal processing, and software-defined radio (SDR). Prior to joining Ettus Research in 2014, he worked at several start-up and mid-sized companies, such as Envoy Networks, Range Networks, Draper Laboratory, and Texas Instruments. He is a co-founder and co-organizer of the New England Workshop for SDR (NEWSDR), and is a co-organizer of the GNU Radio Conference. He holds a Bachelor\'s Degree in electrical engineering (BSEE) from Worcester Polytechnic Institute (WPI), and a Master\'s Degree in electrical engineering (MSEE) from Northeastern University. He has an Amateur Radio License, and is aspiring to obtain a private pilot license.</p>\n            <p class=\"contact_info\">\n            </p>\n\n            <h1 id=\"nate_temple\">Nate Temple</h1>\n            <h3>Bio</h3>\n            <p>Nate Temple is a Software Engineer at Ettus Research, a National Instruments Company, in Santa Clara, California, USA, working in the areas of product support and software development. His background is in Embedded Linux Development, Micro-controller Development, Web Application Development and Security. He is passionate about SDR technology and is an Officer of the free and open-source software development toolkit, GNU Radio. His general interests are programming, wireless security, amateur radio, radio direction finding, and SATCOM hunting/hacking. He has contributed to many open-source SDR software projects over the years. </p>\n            <p class=\"contact_info\">\n            </p>\n\n            <h2 id=\"rfnoc\">RFNoC: Accelerating The Spectrum with the FPGA</h2>\n            <h3>Abstract</h3>\n            <p>This presentation will introduce RFNoC (RF Network-On-Chip), a network-distributed heterogeneous processing framework that enables FPGA processing for USRP software-defined radios (SDR). It provides a way to leverage FPGA processing capabilities and IP in your SDR application. RFNoC and FPGA-based systems provide low latencies and deterministic throughput for large bandwidths. A demonstration of RFNoC running the Fosphor real-time spectrum monitoring application will be presented.</p>\n        </div>\n\'',0,134906),('2_Friday','13','13:00','13:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Can you hear me now, DEF CON?\'','\'Wasabi\'','wv__can_you_hear_me_now','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"wasabi\">wasabi</h1>\n            <h3>Bio</h3>\n            <p>wasabi is a security researcher who loves to experiment with embedded devices, signals, and really anything electrical. </p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@spieceywasabi\">@spieceywasabi</a>\n            </p>\n\n            <h2 id=\"can_you_hear_me_now\">Can you hear me now, DEF CON?</h2>\n            <h3>Abstract</h3>\n            <p>Using cheap commodity RF hardware to act as secure or backchannel communications for security research and pen tests.  Wireless communication is getting cheaper and hobby projects are integrating long range low powered communication to link devices in all sorts of unique ways. But what about in the world of information security? This talk will cover the acronym soup of current communication systems including LoRA, RFM, Satellite, ASK, and many others to identify what protocols make sense when you are trying to communicate either stealthily or in remote areas. In addition, this talk will cover how to improve reliability of wireless communication and the costs associated with making your super pen test box. Or perhaps even what evil things can be done with these and how to protect yourself. The aim for this talk is to be interactive, and allow people to share experiences.</p>\n        </div>\n\'',0,134907),('2_Friday','15','15:00','15:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'WEP and WPA Cracking 101\'','\'Zero_Chaos and Tay-Tay fanboi Wasabi\'','wv__101','NULL',0,134908),('2_Friday','16','16:00','16:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'SirenJack: Cracking a \'Secure\' Emergency Waring Siren System\'','\'Balint Seeber\'','wv__sirenjack','\'                <div class=\"speaker_wrap\">\n\n            <h1 id=\"balint_seeber\">Balint Seeber</h1>\n            <h3>Bio</h3>\n            <p>A software engineer by training, Balint is a perpetual hacker, the Director of Vulnerability Research at Bastille Networks, and guy behind spench.net. His passion is Software Defined Radio and discovering all that can be decoded from the ether, as well as extracting interesting information from lesser-known data sources and visualising them in novel ways.  When not receiving electromagnetic radiation, he likes to develop interactive web apps for presenting spatial data. Originally from Australia, he moved to the United States in 2012 to pursue his love of SDR as the Applications Specialist and SDR Evangelist at Ettus Research.</p>\n            <p class=\"contact_info\">\n                 <a href=\"http://www.twitter.com/@spenchdotnet\">@spenchdotnet</a>\n            </p>\n\n            <h2 id=\"sirenjack\">SirenJack: Cracking a ‘Secure’ Emergency Warning Siren System</h2>\n            <h3>Abstract</h3>\n            <p>\"SirenJack is a vulnerability that was found to affect radio-controlled emergency warning siren systems from ATI Systems. It allows a bad actor, with a $30 handheld radio and a laptop, to set off all sirens in a deployment. Hackers can trigger false alarms at will because the custom digital radio protocol does not implement encryption in vulnerable deployments.\n\nEmergency warning siren systems are public safety tools used to alert the population of incidents, such as weather and man-made threats. They are widely deployed in cities, industrial sites, military installations and educational institutions across the US and abroad.\n\nSirens are often activated via a radio frequency (RF) communications system to provide coverage over a large area. Does the security of these RF-based systems match their status as critical infrastructure? The 2017 Dallas siren hack showed that many older siren systems are susceptible to replay attacks, but what about more modern ones?\n\nI studied San Francisco’s Outdoor Public Warning System, an ATI deployment, for two years to learn how it was controlled. After piecing together clues on siren poles, and searching the entire radio spectrum for one unknown signal, I found the system’s frequency and began passive analysis of the protocol. Monitoring the weekly siren tests, I made sense of patterns in the raw binary data and found the system was insecure and vulnerable to attack.\n\nThis presentation will take you on the journey of the research, and detail the tools and techniques used, including leveraging Software Defined Radio and open source software to collect and analyse massive sets of RF data, and analyse a custom digital protocol. It will also cover the Responsible Disclosure process with the vendor, their response, and subsequent change to the protocol. A proof-of-concept will be shown for good measure.\"</p>\n        </div>\n\'',0,134909),('2_Friday','17','17:00','17:25','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Hunting Rogue APs: Hard Lessons\'','\'toddpar0dy\'','wv__hunting_rogue_aps','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"t0ddpar0dy\">t0ddpar0dy</h1>\n            <h3>Bio</h3>\n            <p>WiFi hobbyist, member of last year\'s 4th place team, former fed, curious engineer</p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@t0ddpar0dy\">@t0ddpar0dy</a>\n            </p>\n\n            <h2 id=\"hunting_rogue_aps\">Hunting Rogue APs: Hard Lessons</h2>\n            <h3>Abstract</h3>\n            <p>Given the challenge of locating a static Access Point this presentation highlights our strategy, pitfalls, and success.</p>\n        </div>\n\'',0,134910),('2_Friday','17','17:30','17:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Exploring the 802.15.4 Attack Surface\'','\'Faz\'','wv__exploring_the_802.15.4_attack_surface','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"faz\">Faz</h1>\n            <h3>Bio</h3>\n            <p>Edward Farrell (AKA Faz) runs his own cybersecurity practice in Sydney (Australia) & lectures at UNSW Canberra in wireless security.</p>\n            <p class=\"contact_info\">\n            </p>\n\n            <h2 id=\"exploring_the_802.15.4_attack_surface\">Exploring the 802.15.4 attack surface</h2>\n            <h3>Abstract</h3>\n            <p>Whilst 802.15.4 technologies such as Zigbee have been around for some time, our understanding of threats and risks associated with it have been lacking. As new use cases evolve, so have the opportunities for attack and exploitation. The purpose of this talk is to provide a real world exploration of where I\'ve been finding zigbee devices with a purpose built war driving kit, some of the live collection I\'ve done as well as an exploration of risks and what can be done.  By the end of this talk, audience members will have an appreciation for cool technologies floating around their environments, an appreciation the issues associated with the 802.15.4 protocol, and how to plan and prepare from a security standpoint.</p>\n        </div>\n\'',0,134911),('2_Friday','18','18:00','18:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Blue_Sonar\'','\'Zero_Chaos and  Rick \"Captain Marko Ramius\" Mellendick\'','wv__blue_sonar','\'        <div class=\"speaker_wrap\">\n\n            <h2 id=\"blue_sonar\">Blue_Sonar</h2>\n            <h3>Abstract</h3>\n            <p> BlueTooth is everywhere, it is in all of our pockets and the only protection most use is not being in discoverable mode.  This will be a talk on enumeration, tracking non-discoverable Bluetooth devices, as well as an operators perspective on some awesome use cases for Blue_Sonar.  Of course it is already in Pentoo.  This talk is imperative for those in the WCTF, because you will need this tool to find many of the BlueTooth foxes.</p>\n        </div>\n\'',0,134912),('3_Saturday','11','11:00','11:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Learning to Listen: Machine Learning for Adaptive Wireless Adversary Detection\'','\'John Dunlap\'','wv__learning_to_listen','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"john_dunlap\">John Dunlap</h1>\n            <h3>Bio</h3>\n            <p>John Dunlap is a NYC cyber security expert. He has given presentations on his exploit development research both at home and abroad, including talks at Defcon, Derbycon, and Australia’s Ruxcon. John Dunlap is a major proponent of hacker culture preservation, and is a supporter of the international demoscene. John Dunlap specializes in reverse engineering, exploit development, social engineering and source code analysis. </p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@JohnDunlap2\">@JohnDunlap2</a>\n            </p>\n\n            <h2 id=\"learning_to_listen\">Learning to Listen: Machine Learning for Adaptive Wireless Adversary Detection</h2>\n            <h3>Abstract</h3>\n            <p>In 2017 Defcon alumnai Gabrial Ryan presented his research on using statistical analysis to detect rogue wifi signals. In this talk, John Dunlap will expand on Gabe’s research by presenting an extension to Ryan’s tool to use machine learning algorithms to better detect and anticipate rogue wifi signals. A practical demonstration and tool will be presented with this work. </p>\n        </div>\n\'',0,134913);
INSERT INTO `events` VALUES ('3_Saturday','12','12:00','12:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Attacking Gotenna Networks\'','\'recompiler\'','wv__attacking_gotenna_networks','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"recompiler\">recompiler</h1>\n            <h3>Bio</h3>\n            <p>Vlad is a driven security researcher with a passion for securing technology that makes civilized life possible. He is particularly focused on automotive security, satellite systems security, SCADA systems supporting the critical infrastructure and wireless networks. He specializes in the intersection of physical and network security. He has worked on DARPA projects, established and lead penetration testing teams for Fortune 50 organizations, performed incident response and forensics on sensitive production systems within controlled environments, reverse engineered security devices, and participated in countless red team engagements for banks, critical infrastructure, pharmaceutical companies, law firms and research organizations. Vlad has spoken at various security conferences including Bsides, DEFCON, Black Hat USA, HOPE, and ShmooCon. Vlad was a board member for NYC OWASP and remains committed to the security community working together to improve the security posture through developer education, end user training, peer- reviewed code and rigorous standardized testing methodologies.</p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@recompiler\">@recompiler</a>\n            </p>\n\n            <h2 id=\"attacking_gotenna_networks\">Attacking Gotenna Networks</h2>\n            <h3>Abstract</h3>\n            <p>\"Talk will focus on privacy (or lack thereof) of gotenna networks. We will cover traditional attacks which have only been available to state sponsored prior to popularization and wide availability of software defined radios. We will cover signal analysis, triangulation, protocol analysis, deanonimization, cryptanalysis, spoofing and selective jamming. Since the gotenna ecosystem also includes an app we will cover the vulnerabilities in the underlying crypto libraries, weak token generation, broken API segregation as well as other vulnerabilities.\nYou too can learn how to analyze, snoop on and exploit RF networks like a pro with a hackrf, laptop and some elbow grease, sweat and sleep deprivation.\n\"</p>\n        </div>\n\'',0,134914),('3_Saturday','13','13:00','13:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Wardrivers Anonymous\'','\'Aadvark and Darkmatter and elkentaro and Zero_Chaos and  Rick \"Ward River\" Mellendick\'','wv__wardrivers_anonymous','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"elkentaro\">elkentaro</h1>\n            <h3>Bio</h3>\n            <p>Kentaro is the guy who builds funky wifi gadgets for fun. Kentaro is known as \"that guy in Tokyo who build crazy hacker gadgets.\" Creations include the HackChip, Kismet Mobile Dashboard, Wifi Centipede. </p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@elkentaro\">@elkentaro</a>\n            </p>\n\n            <h1 id=\"aadvark\">Aadvark</h1>\n            <h3>Bio</h3>\n            <p>Aadvark has a personal connection with his wifi adaptors, he names every single one of them and refers to them as humans.</p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@aadvark\">@aadvark</a>\n            </p>\n\n\n            <h1 id=\"Darkmatter\">Darkmatter</h1>\n            <h3>Bio</h3>\n            <p>Darkmatter has a very mobile capturing rig known as the #wifiCactus. </p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@darkmatter\">@Darkmatter</a>\n            </p>\n\n            <h2 id=\"wardrivers_anonymous\">Wardrivers Anonymous</h2>\n            <h3>Abstract</h3>\n            <p>For some us wardriving is a way of life, its what we do for fun and sometimes for work. Wardriving is seeing a resurgence in importance with all devices connecting to the network. Truly we are in a wardriving renaissance, we are seeing more and more devices and protocols being used. The tools we use have adopted to the changing landscape as well , no longer are we wardriving with 3 alfa cards to our laptop in our car, some of us have build wifi wardriving devices that fit in our pocket, some of us have build rigs that can capture all dem waves. This talk will be a panel discussion between panelists covering the wardriving scene of today. It will cover all aspects of wardriving from the why and how and anecdotal stories of wardriving in different situations. It will cover topics as “SDR: The ultimate tool? or the nuclear option?”,“How do you travel (internationally) with your wifi gear?” , “Isn’t wardriving wiretapping?” , “The bestest wifi adaptor eva” , “Do you even Wigle, bro?” and others. The talk aims to be a supportive dialogue for wardrivers. </p>\n        </div>\n\'',0,134915),('3_Saturday','14','14:30','15:25','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'SDR Basics Class\'','\'Balint Seeber\'','wv__sdr_basics','NULL',0,134916),('3_Saturday','15','14:30','15:25','Y','WLV','Caesars Promenade Level - Milano BR 5,6','\'SDR Basics Class\'','\'Balint Seeber\'','wv__sdr_basics','\'\'',0,134917),('3_Saturday','15','15:30','15:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'BLE CTF\'','\'Ryan Holeman\'','wv__ble_ctf','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"ryan_holeman\">Ryan Holeman</h1>\n            <h3>Bio</h3>\n            <p>Ryan Holeman resides in Austin Texas where he works as the Global Head of Security Intelligence for Atlassian\'s Security team. He is also an advisor for the endpoint security software company Ziften Technologies. He received a Masters of Science in Software Engineering from Kent State University. His graduate research and masters thesis focused on C++ template metaprograming. He has spoken at many respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon.  He has also  published papers though venues such as ICSM and ICPC . You can keep up with his current activity, open source contributions and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, and shredding local skateparks.</p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@hackgnar\">@hackgnar</a>\n            </p>\n\n            <h2 id=\"ble_ctf\">BLE CTF</h2>\n            <h3>Abstract</h3>\n            <p>The purpose of BLE CTF (https://github.com/hackgnar/ble_ctf) is to teach the core concepts of Bluetooth low energy client and server interactions. While it has also been built to be fun, it was built with the intent to teach and reinforce core concepts that are needed to plunge into the world of Bluetooth hacking. After completing this CTF, you should have everything you need to start fiddling with any BLE GATT device you can find.\n            </p>\n        </div>\n\'',0,134918),('3_Saturday','16','16:00','16:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Introduction to Railroad Telemetry\'','\'Eric Reuter\'','wv__intro_to_railroad_telemetry','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"eric_reuter\">Eric Reuter</h1>\n            <h3>Bio</h3>\n            <p>\"Eric enjoys photographing trains and hardware/RF hacking.  The natural overlap of these interests is the exploration of ways to use RF to find trains in the wild. By day, he is an Associate Professor at a Berklee College of Music, where he teaches acoustics and electronics, and runs an acoustical consulting firm in Portsmouth, NH. Eric holds an Amateur Extra license.</p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@EricReuter\">@EricReuter</a>\n            </p>\n\n            <h2 id=\"introduction_to_railroad_telemetry\">Introduction to Railroad Telemetry</h2>\n            <h3>Abstract</h3>\n            <p>North American railroads use several wireless systems for remote control, monitoring, and tracking of locomotives, railcars, signals, and other equipment.  This talk will provide an overview of the systems in use, an in-depth look of two of them: \nThe end-of-train (EOT) device contributed to the demise of the caboose 35 years ago, taking over one of its primary functions: monitoring brake pipe pressure.  The EOT transmits pressure, its unique ID, and other data, encoded into AFSK packets, to a corresponding head-of-train (HOT) device in the locomotive.  A secondary function is venting the line in an emergency braking event, under command of the HOT.  BCH error correction is employed for reliability, but there are inherent security flaws.  A SDR/GNU Radio/Python workflow for decoding and verifying packets will be demonstrated.\nAttempts at automatically identifying passing railcars were largely unsuccessful until the introduction of the Automatic Equipment Identification (AEI) system in the early 90s.  This 900 MHz RFID system consists of passive tags on each locomotive and car and wayside readers at rail yard entrances and other locations of interest.  The author\'s day job in environmental noise consulting led to a study of the feasibility of using AEI for rail noise studies.  It had to be reverse-engineered first, of course.  Using a repurposed commercial reader, Raspberry Pi, and cellular modem, a remote monitoring system gathered tag date for 5 weeks.  Details of the protocol and monitoring system will be presented, along with video demonstrations.\n</p>\n        </div>\n\'',0,134919),('3_Saturday','17','17:00','17:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'It\'s not wifi: Stories in Wireless Reverse Engineering\'','\'Dominic Spill and Russ Handorf\'','wv__its_not_wifi','NULL',0,134920),('3_Saturday','18','18:00','18:55','N','WLV','Caesars Promenade Level - Milano BR 5,6','\'Little Fluffy Pineapple Clouds - Commanding a Fleet of Wireless Fruit\'','\'Darren Kitchen and Seb Kinne\'','wv__SO_FLUFFY','\'        <div class=\"speaker_wrap\">\n\n            <h1 id=\"darren_kitchen\">Darren Kitchen</h1>\n            <h3>Bio</h3>\n            <p>Darren Kitchen is the founder of Hak5, the award winning Internet television show inspiring hackers and enthusiasts since 2005. Breaking out of the 90s phone phreak scene, he has continued contributing to the hacker community as a speaker, instructor, author and developer of leading penetration testing tools.</p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@hak5darren\">@hak5darren</a>\n            </p>\n\n            <h1 id=\"seb_kinne\">Sebastian Kinne</h1>\n            <h3>Bio</h3>\n            <p>Sebastian Kinne has lead software development at Hak5 since 2011. His background in embedded systems and reverse engineering has been instrumental in the success of the WiFi Pineapple, the popular WiFi auditing tool. As an instructor and speaker on WiFi security, chances are he\'s sniffed your packets in a demo or two.</p>\n            <p class=\"contact_info\">\n                <a href=\"http://www.twitter.com/@sebkinne\">@sebkinne</a>\n            </p>\n\n            <h2 id=\"SO_FLUFFY\">Little Fluffy Pineapple Clouds - Commanding a Fleet of Wireless Fruit</h2>\n            <h3>Abstract</h3>\n            <p>What happens when a Pineapple, a Turtle and a Squirrel get high...up in the clouds? It\'s been a solid year for Hak5 and we\'re excited to debut some epic new features! Like a centralized web consoles for all your networked Hak5 Gear, WiFi Pineapple WPA Enterprise harvesting, credential capturing and pass-through, or LIVE reconnaissance and more! Join Sebastian Kinne and Darren Kitchen of famed pentesting tools for a peek into what\'s right around the corner.</p>\n        </div>\n\'',0,134921),('2_Friday','06','06:00','06:59','N','Meetup','Local Bikeshop','\'8th Defcon Bike Ride\'','\' \'','becb20776ed4d0cbb333df055308d54c','\'Title:<br>8th Defcon Bike Ride<br><br>At 6am on Friday, the @cycle_override crew will be hosting the 8th Defcon Bikeride. We\'ll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It\'s about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See at 6am Friday! @jp_bourget @gdead @heidishmoo. Go to cycleoverride.org for more info.<br><br>More Info: <a href=\" https://twitter.com/cycle_override\">@Cycle_Override</a> &nbsp;&nbsp; <a href=\"http://cycleoverride.org/\">http://cycleoverride.org/</a><br>\'',0,134922),('3_Saturday','12','12:00','12:59','N','Meetup','Chill Out Lounge','\'Deaf Con Meet Up\'','\' \'','6e783f45ce48070c72078842f637432f','\'Title:<br>Deaf Con Meet Up<br><br>DEAF CON is a California 501 (c)(3) Non-profit organization. We provide outreach to the Deaf and HH community and information security community. We encourage Deaf and HH information security professionals to attend conferences, like Defcon. We help to provide communication services and spaces for professionals to meet and network with others. Anyone can come and attend our meet up and hangout!<br><br>More Info: <a href=\"https://www.deafconinc.org/\">https://www.deafconinc.org/</a> &nbsp;&nbsp; <a href=\"https://twitter.com/_DEAFCON_\">@_DEAFCON_</a><br>\'',0,134923),('2_Friday','18','18:00','19:59','N','Contest','Contest Stage','\'DEF CON Beard and Moustache Contest\'','\' \'','3fbac488ef25f939bea1b829cf52a95f','\'Title:<br>DEF CON Beard and Moustache Contest<br><br>Held every year since DEF CON 19 in 2011 (R.I.P. Riviera), the DEF CON Beard and Moustache Contest highlights the intersection of facial hair and hacker culture.<br><br> More Info: <a href=\"http://www.dcbeard.com/\">http://www.dcbeard.com/</a> &nbsp;&nbsp; <a href=\"https://twitter.com/DCBeardContest\">@DCBeardContest</a><br>\'',0,134924),('2_Friday','19','18:00','19:59','Y','Contest','Contest Stage','\'DEF CON Beard and Moustache Contest\'','\' \'','3fbac488ef25f939bea1b829cf52a95f','\'\'',0,134925),('3_Saturday','18','18:00','19:59','N','Contest','Contest Stage','\'DEF CON Blitz Chess Tournament\'','\' \'','e66827aa458edb5cb50b317fee11e82c','\'Title:<br>DEF CON Blitz Chess Tournament<br><br>The first-ever DEF CON Chess Tournament, in Blitzkrieg format, in which there will be just 5 minutes on each player’s clock. During the tournament, each player will play every other player one time. A victory is 1 point, a draw 1/2, and a loss 0. At the end of the tournament, the player with the highest score wins the grand prize (tbd) and a trophy. In the event of a tie, there will be a sudden death playoff between the highest scorers to determine the champion.<br>More Info: <a href=\"https://twitter.com/defconchess\">@DefconChess</a><br>\'',0,134926),('3_Saturday','19','18:00','19:59','Y','Contest','Contest Stage','\'DEF CON Blitz Chess Tournament\'','\' \'','e66827aa458edb5cb50b317fee11e82c','\'\'',0,134927),('3_Saturday','21','21:00','22:59','N','Contest','Contest Stage','\'Drunk Hacker History\'','\' \'','83d18a8bf9a1d5dccfac3f49cdd377b1','\'Title:<br>Drunk Hacker History<br><br>One night only at DEF CON 26, Drunk Hacker History is back by popular demand for a 4th historic year! The past three years proved to the entire galaxy that in the game of intoxicated nostalgic recall, there are no losers and those who won, lost. The DEF CON community has a history of sorts. It is a history is filled with mephitic adventures, quarter-truths, poor life choices, incontinence, and various forms of C2H6O. This year, we will connect our stacks to extract some of the most celebrated, exaggerated and entertaining moments in Hacker History through the interpretation of a group of well-trained participants. In the end, we will, again, crown the Drunkest Hacker in History and you, the audience, will rejoice! Hosted by c7five & jaku, if you like eating from an 80s candy cannon, “Cats” the musical, and feats of strength, you won’t want to miss the return of Drunk Hacker History! Presented in DEF CON 4D and made possible by a grant from monkeyhelpers.org.<br><br>More Info: <a href=\"https://twitter.com/DrunkHackerHist\">@DrunkHackerHist</a><br>\'',0,134928),('3_Saturday','22','21:00','22:59','Y','Contest','Contest Stage','\'Drunk Hacker History\'','\' \'','83d18a8bf9a1d5dccfac3f49cdd377b1','\'\'',0,134929),('3_Saturday','10','10:00','11:59','N','Contest','Contest Stage','\'D(Struction)20 CTF\'','\' \'','fac96520debdc403bebf92a92e6be8df','\'Title:<br>D(Struction)20 CTF<br><br>Part CTF, part lemon race, part game show, part demolition derby, the D(struction)20 CTF is a contest best played with a low-cost, usable, rugged, and powerful hacking platform! Bring your \"indestructible\" phones, your single-board computers with welded cases, or just take that old clunker gathering dust in the closet and put it to good (and possibly hilarious) use! Periodically during the competition, a random contestant from the leaderboard will roll the d20 of Destruction to decide what will happen to their rig. If they\'re very lucky, they roll a natural 20 and no damage will be inflicted! Otherwise, the d20 of Destruction will decide what type of damage will be done to their rig, be it physical impact, intense vibration, or something else! If the rig survives their chosen fate, the contestant may continue playing, but either way, rolling the d20 of Destruction results in a big point bonus that may make the difference between winning and losing, even if the rig is destroyed in the process! <br><br>More Info: <a href=\"https://twitter.com/d20ctf\">@d20ctf</a><br>\'',0,134930),('3_Saturday','11','10:00','11:59','Y','Contest','Contest Stage','\'D(Struction)20 CTF\'','\' \'','fac96520debdc403bebf92a92e6be8df','\'\'',0,134931),('2_Friday','16','16:00','17:59','N','Contest','Contest Stage','\'EFF Tech Trivia\'','\' \'','d4d1f647d54678c7e3ccc95505dd455a','\'Title:<br>EFF Tech Trivia<br><br>EFF\'s team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Cup and EFF swag pack. The second and third place teams will also win great EFF gear.<br>Judged by Jack Adniel, Alex Stamos, Noise, and Gritty Grease<br><br> More Info: <a href=\"https://twitter.com/EFF\">@EFF</a>&nbsp;&nbsp; <a href=\"https://eff.org/\">https://eff.org/</a><br>\'',0,134932),('2_Friday','17','16:00','17:59','Y','Contest','Contest Stage','\'EFF Tech Trivia\'','\' \'','d4d1f647d54678c7e3ccc95505dd455a','\'\'',0,134933),('2_Friday','10','10:00','12:59','N','Contest','Contest Stage','\'GeekPwn\'','\' \'','e3cc9bd21d3ddc63b0294ba638b043ee','\'Title:<br>GeekPwn<br><br>Started by KEEN - and the first in 2014, GeekPwn enables security geeks around the world to exchange their thoughts and research findings. As the international intelligence security community, GeekPwn tries to create secure life with secure techniques. In GeekPwn, YOU are encouraged to exploit unknown vulnerabilities of the cyber world. And together, WE aim to help manufacturers develop their security systems and create a better world.<br> <br> The most unique and extraordinary character of a GeekPwn attendee is his/her open-minding and rich variety of PWN.<br> <br> Security researchers are welcomed to GeekPwn if they are able to take control or obtain data without authorization under reasonable, realistic conditions (without tampering, pre-implanted Trojans or certain pre-granted privileges), and target software and protocols of mobile phones, smart devices, Internet of Things, new I/O modules (gesture capture, VR, AR, etc.), AI-featured modules and services (robots, visual recognition and voice recognition), etc.<br> <br> More Info: <a href=\"http://www.geekpwn.org/\">http://www.geekpwn.org/</a><br>\'',0,134934),('2_Friday','11','10:00','12:59','Y','Contest','Contest Stage','\'GeekPwn\'','\' \'','e3cc9bd21d3ddc63b0294ba638b043ee','\'\'',0,134935),('2_Friday','12','10:00','12:59','Y','Contest','Contest Stage','\'GeekPwn\'','\' \'','e3cc9bd21d3ddc63b0294ba638b043ee','\'\'',0,134936),('2_Friday','20','20:00','25:59','N','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','305783adb66a424148a4cf232cce8843','\'Title:<br>Hacker Karaoke<br><br>Do you like to sing? Do you want to perform? Ever wanted to sing in front of others? Come on down to the 10th Annual Hacker Karaoke, DEFCON\'s on-site karaoke experience. You can be a star, or if you don\'t want to be a star, you can also take pride in making an utter fool of yourself.<br><br> More Info: <a href=\"https://hackerkaraoke.org/\">https://hackerkaraoke.org/</a>&nbsp;&nbsp; <a href=\"https://twitter.com/hackerkaraoke\">@HackerKaraoke</a><br>\'',0,134937),('2_Friday','21','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','305783adb66a424148a4cf232cce8843','\'\'',0,134938),('2_Friday','22','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','305783adb66a424148a4cf232cce8843','\'\'',0,134939),('2_Friday','23','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','305783adb66a424148a4cf232cce8843','\'\'',0,134940),('2_Friday','24','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','305783adb66a424148a4cf232cce8843','\'\'',0,134941),('2_Friday','25','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','305783adb66a424148a4cf232cce8843','\'\'',0,134942),('3_Saturday','20','20:00','25:59','N','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','b1f511c99931d7610cbf5b358b2790b0','\'Title:<br>Hacker Karaoke<br><br>Do you like to sing? Do you want to perform? Ever wanted to sing in front of others? Come on down to the 10th Annual Hacker Karaoke, DEFCON\'s on-site karaoke experience. You can be a star, or if you don\'t want to be a star, you can also take pride in making an utter fool of yourself.<br><br> More Info: <a href=\"https://hackerkaraoke.org/\">https://hackerkaraoke.org/</a>&nbsp;&nbsp; <a href=\"https://twitter.com/hackerkaraoke\">@HackerKaraoke</a><br>\'',0,134943),('3_Saturday','21','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','b1f511c99931d7610cbf5b358b2790b0','\'\'',0,134944),('3_Saturday','22','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','b1f511c99931d7610cbf5b358b2790b0','\'\'',0,134945),('3_Saturday','23','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','b1f511c99931d7610cbf5b358b2790b0','\'\'',0,134946),('3_Saturday','24','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','b1f511c99931d7610cbf5b358b2790b0','\'\'',0,134947),('3_Saturday','25','20:00','25:59','Y','Night Life','Caesars - Emperors Level - Chillout Rm','\'Hacker Karaoke\'','\' \'','b1f511c99931d7610cbf5b358b2790b0','\'\'',0,134948),('3_Saturday','15','15:00','16:59','N','Contest','Contest Stage','\'Spell Check: The Hacker Spelling Bee\'','\' \'','e9e422a33f71cda824b2be4bb6d2174a','\'Title:<br>Spell Check: The Hacker Spelling Bee<br><br>The year is 1983. Supplies and entertainment are both running low and the machines are closing in. Suddenly, a technical editor from the future appears with a security style guide from 2018 and challenges you to spell terms as they appear in the guide. Maybe this quaint ritual will warm the hearts of the robots and bring in a new era of understanding to this troubled world. You’re confident you can make it past “asset” and “botnet,“ but you get a sinking feeling that in later rounds, capitalization is going to count too. The odds are against you, but it’s the end of the world… you might as well go out in a blaze of glory.<br><br> More Info: <a href=\"https://www.bishopfox.com/news/2018/07/def-con-26-spellcheck-the-hacker-spelling-bee/\">https://www.bishopfox.com/news/2018/07/def-con-26-spellcheck-the-hacker-spelling-bee/</a><br>\'',0,134949),('3_Saturday','16','15:00','16:59','Y','Contest','Contest Stage','\'Spell Check: The Hacker Spelling Bee\'','\' \'','e9e422a33f71cda824b2be4bb6d2174a','\'\'',0,134950),('2_Friday','10','10:00','15:59','N','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','2365d690d20ad6da5da624ce51203ca4','\'Title:<br>Ham Radio Exams<br><br>Take HAM Radio Exams at DEF CON 26!\'',0,134951),('2_Friday','11','10:00','15:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','2365d690d20ad6da5da624ce51203ca4','\'\'',0,134952),('2_Friday','12','10:00','15:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','2365d690d20ad6da5da624ce51203ca4','\'\'',0,134953),('2_Friday','13','10:00','15:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','2365d690d20ad6da5da624ce51203ca4','\'\'',0,134954),('2_Friday','14','10:00','15:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','2365d690d20ad6da5da624ce51203ca4','\'\'',0,134955),('2_Friday','15','10:00','15:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','2365d690d20ad6da5da624ce51203ca4','\'\'',0,134956),('3_Saturday','12','12:00','17:59','N','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','f7d8eccd6653990e660cb6274684018f','\'Title:<br>Ham Radio Exams<br><br>Take HAM Radio Exams at DEF CON 26!\'',0,134957),('3_Saturday','13','12:00','17:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','f7d8eccd6653990e660cb6274684018f','\'\'',0,134958),('3_Saturday','14','12:00','17:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','f7d8eccd6653990e660cb6274684018f','\'\'',0,134959),('3_Saturday','15','12:00','17:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','f7d8eccd6653990e660cb6274684018f','\'\'',0,134960),('3_Saturday','16','12:00','17:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','f7d8eccd6653990e660cb6274684018f','\'\'',0,134961),('3_Saturday','17','12:00','17:59','Y','Service','Caesars - Promenade Level - Anzio Rm past Registration','\'Ham Radio Exams\'','\' \'','f7d8eccd6653990e660cb6274684018f','\'\'',0,134962),('1_Thursday','16','16:00','21:59','N','Meetup','(off Site)Sunset Park, Pavilion F, (36.0636, -115.1178)','\'Toxic BBQ\'','\' \'','8030bcac490e510ed3e030130eab3bc2','\'Title:<br>Toxic BBQ<br><br>The humans of Vegas invite everyone to sear their meat in the searing heat! Kick off the con at Sunset Park, Pavilion F on Thursday afternoon with meat, beer, and conversation at this unofficial welcome party. Burgers and dogs are provided; contribute the rest as you can (more food, drinks, grilling, donations, and rides). This event is off-site, so watch the Info Booth <a href=https://twitter.com/dcib\"\">@dcib</a> for carpool times and event updates.<br>\'',0,134963),('1_Thursday','17','16:00','21:59','Y','Meetup','(off Site)Sunset Park, Pavilion F, (36.0636, -115.1178)','\'Toxic BBQ\'','\' \'','8030bcac490e510ed3e030130eab3bc2','\'\'',0,134964),('1_Thursday','18','16:00','21:59','Y','Meetup','(off Site)Sunset Park, Pavilion F, (36.0636, -115.1178)','\'Toxic BBQ\'','\' \'','8030bcac490e510ed3e030130eab3bc2','\'\'',0,134965),('1_Thursday','19','16:00','21:59','Y','Meetup','(off Site)Sunset Park, Pavilion F, (36.0636, -115.1178)','\'Toxic BBQ\'','\' \'','8030bcac490e510ed3e030130eab3bc2','\'\'',0,134966),('1_Thursday','20','16:00','21:59','Y','Meetup','(off Site)Sunset Park, Pavilion F, (36.0636, -115.1178)','\'Toxic BBQ\'','\' \'','8030bcac490e510ed3e030130eab3bc2','\'\'',0,134967),('1_Thursday','21','16:00','21:59','Y','Meetup','(off Site)Sunset Park, Pavilion F, (36.0636, -115.1178)','\'Toxic BBQ\'','\' \'','8030bcac490e510ed3e030130eab3bc2','\'\'',0,134968),('2_Friday','20','20:00','21:59','N','Contest','Contest Stage','\'Whose Slide is it Anyway?\'','\' \'','20b8f36a5bae26c700e0127a7e83a12e','\'Title:<br>Whose Slide is it Anyway?<br><br>\'Whose Slide Is It Anyway?\' is an unholy union of improv comedy, hacking and slide deck sado-masochism.<br> <br> Our team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our abnormal fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.<br> <br> What you playing for? Awesome prize packs from our generous sponsors Red Canary, TrustedSec, Binary Defense, Toool, Dragos, CoreGroup and more! Players are chosen on a first come, first served basis so get there early.<br> <br> Whether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.<br> <br> More Info: <a href=\"https://twitter.com/ImprovHacker\">@ImprovHacker</a>, <a href=\"https://www.ImprovHacker.com\">https://www.ImprovHacker.com</a><br>\'',0,134969),('2_Friday','21','20:00','21:59','Y','Contest','Contest Stage','\'Whose Slide is it Anyway?\'','\' \'','20b8f36a5bae26c700e0127a7e83a12e','\'\'',0,134970),('2_Friday','18','18:00','20:30','N','Meetup','Stage Door 4000 Linq Ln., Las Vegas (Right across the street from Caesars Palace)','\'/R/defcon redit Meetup\'','\' \'','0f19ddde7b64d39624de67b13426006e','\'Title:<br>/R/defcon redit Meetup<br><br>Do you participate in the DEF CON subreddit? This Meetup is for you! A gathering of the denizens of /r/DEF CON while at DEF CON to mingle and meet face to face. Newcomers and veterans alike are welcome to meet and greet while sharing the DEF CON experience.<br> More Info: <a href=\"https://www.reddit.com/r/Defcon/comments/8zxun3/reminder_updated_location_def_con_26_meetup_for/\"> DEF CON 26 Meetup for /r/defcon</a><br>\'',0,134971),('2_Friday','19','18:00','20:30','Y','Meetup','Stage Door 4000 Linq Ln., Las Vegas (Right across the street from Caesars Palace)','\'/R/defcon redit Meetup\'','\' \'','0f19ddde7b64d39624de67b13426006e','\'\'',0,134972),('2_Friday','20','18:00','20:30','Y','Meetup','Stage Door 4000 Linq Ln., Las Vegas (Right across the street from Caesars Palace)','\'/R/defcon redit Meetup\'','\' \'','0f19ddde7b64d39624de67b13426006e','\'\'',0,134973),('2_Friday','20','20:30','23:59','N','Meetup','Flamingo - 3rd Floor - Chillout Rm','\'/R/defcon redit Meetup\'','\' \'','3267e21eb2fba0f002fcfc54029a0bc2','\'Title:<br>/R/defcon redit Meetup<br><br>Do you participate in the DEF CON subreddit? This Meetup is for you! A gathering of the denizens of /r/DEF CON while at DEF CON to mingle and meet face to face. Newcomers and veterans alike are welcome to meet and greet while sharing the DEF CON experience.<br> More Info: <a href=\"https://www.reddit.com/r/Defcon/comments/8zxun3/reminder_updated_location_def_con_26_meetup_for/\"> DEF CON 26 Meetup for /r/defcon</a><br>\'',0,134974),('2_Friday','21','20:30','23:59','Y','Meetup','Flamingo - 3rd Floor - Chillout Rm','\'/R/defcon redit Meetup\'','\' \'','3267e21eb2fba0f002fcfc54029a0bc2','\'\'',0,134975),('2_Friday','22','20:30','23:59','Y','Meetup','Flamingo - 3rd Floor - Chillout Rm','\'/R/defcon redit Meetup\'','\' \'','3267e21eb2fba0f002fcfc54029a0bc2','\'\'',0,134976),('2_Friday','23','20:30','23:59','Y','Meetup','Flamingo - 3rd Floor - Chillout Rm','\'/R/defcon redit Meetup\'','\' \'','3267e21eb2fba0f002fcfc54029a0bc2','\'\'',0,134977),('3_Saturday','20','20:30','26:30','N','Night Life','Flamingo - 3rd Floor - Carson City Rm','\'BlanketFortCon\'','\' \'','f9c73728e80e09a264d7b04090a4b1d7','\'Title:<br>BlanketFortCon<br><br>Check your ego at the door, grab some building materials and join in the celebration of the creativity and originality that is the pillow fort! A host of DJs will be spinning from a pirate ship as you share and create your own unique environment. All aboard!<br> More Info: <a href=\"http://blanketfortcon.com\">BlanketFortCon.com</a><br>\'',0,134978),('3_Saturday','21','20:30','26:30','Y','Night Life','Flamingo - 3rd Floor - Carson City Rm','\'BlanketFortCon\'','\' \'','f9c73728e80e09a264d7b04090a4b1d7','\'\'',0,134979),('3_Saturday','22','20:30','26:30','Y','Night Life','Flamingo - 3rd Floor - Carson City Rm','\'BlanketFortCon\'','\' \'','f9c73728e80e09a264d7b04090a4b1d7','\'\'',0,134980),('3_Saturday','23','20:30','26:30','Y','Night Life','Flamingo - 3rd Floor - Carson City Rm','\'BlanketFortCon\'','\' \'','f9c73728e80e09a264d7b04090a4b1d7','\'\'',0,134981),('3_Saturday','24','20:30','26:30','Y','Night Life','Flamingo - 3rd Floor - Carson City Rm','\'BlanketFortCon\'','\' \'','f9c73728e80e09a264d7b04090a4b1d7','\'\'',0,134982),('3_Saturday','25','20:30','26:30','Y','Night Life','Flamingo - 3rd Floor - Carson City Rm','\'BlanketFortCon\'','\' \'','f9c73728e80e09a264d7b04090a4b1d7','\'\'',0,134983),('3_Saturday','26','20:30','26:30','Y','Night Life','Flamingo - 3rd Floor - Carson City Rm','\'BlanketFortCon\'','\' \'','f9c73728e80e09a264d7b04090a4b1d7','\'\'',0,134984),('1_Thursday','16','16:00','16:59','N','Meetup','Caesars - Promenade Level - Livorno/Village Talks Rm','\'BruCamp\'','\' \'','4484164e6f289057dc4363e25f519cd2','\'Title:<br>BruCamp<br><br>A play within a play, this Meetup is for conference organizers to come together and share their best ideas, tips and methods of running their cons in a social environment. The goal is to help improve teh conference experiences for all and to help take away some of the headaches in running a con. A great gathering for con organization veterans as well as anyone looking to start their own con.<br>\'',0,134985),('1_Thursday','12','12:00','12:59','N','Meetup','Caesars - Promenade Level - Office 4 behind Info Booth near Promenade South','\'Friends of Bill W\'','\' \'','efdb4839bc8185c2059dbe87dc562c7e','\'Title:<br>Friends of Bill W<br><br>For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon &5pm Thurs-Sat, Noon Sun. The location is Office 4 Behind the @dcib.<br> <br> Stop by, refresh yourself.<br> <br> We\\x92ll be here.<br>\'',0,134986),('1_Thursday','17','17:00','17:59','N','Meetup','Caesars - Promenade Level - Office 4 behind Info Booth near Promenade South','\'Friends of Bill W\'','\' \'','e8d5df7bb146cc39449eff83dcd661a7','\'Title:<br>Friends of Bill W<br><br>For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon &5pm Thurs-Sat, Noon Sun. The location is Office 4 Behind the @dcib.<br> <br> Stop by, refresh yourself.<br> <br> We\\x92ll be here.<br>\'',0,134987),('2_Friday','12','12:00','12:59','N','Meetup','Caesars - Promenade Level - Office 4 behind Info Booth near Promenade South','\'Friends of Bill W\'','\' \'','255cf3096af35cf0cce3d0395ce44bc1','\'Title:<br>Friends of Bill W<br><br>For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon &5pm Thurs-Sat, Noon Sun. The location is Office 4 Behind the @dcib.<br> <br> Stop by, refresh yourself.<br> <br> We\\x92ll be here.<br>\'',0,134988),('2_Friday','17','17:00','17:59','N','Meetup','Caesars - Promenade Level - Office 4 behind Info Booth near Promenade South','\'Friends of Bill W\'','\' \'','7589509619da0833f9a8c9cb7dad31d3','\'Title:<br>Friends of Bill W<br><br>For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon &5pm Thurs-Sat, Noon Sun. The location is Office 4 Behind the @dcib.<br> <br> Stop by, refresh yourself.<br> <br> We\\x92ll be here.<br>\'',0,134989),('3_Saturday','12','12:00','12:59','N','Meetup','Caesars - Promenade Level - Office 4 behind Info Booth near Promenade South','\'Friends of Bill W\'','\' \'','0178ad08ceaf799bf2f2928ce12bb276','\'Title:<br>Friends of Bill W<br><br>For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon &5pm Thurs-Sat, Noon Sun. The location is Office 4 Behind the @dcib.<br> <br> Stop by, refresh yourself.<br> <br> We\\x92ll be here.<br>\'',0,134990),('3_Saturday','17','17:00','17:59','N','Meetup','Caesars - Promenade Level - Office 4 behind Info Booth near Promenade South','\'Friends of Bill W\'','\' \'','cb928273bf3617006191e7b2c5f68f64','\'Title:<br>Friends of Bill W<br><br>For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon &5pm Thurs-Sat, Noon Sun. The location is Office 4 Behind the @dcib.<br> <br> Stop by, refresh yourself.<br> <br> We\\x92ll be here.<br>\'',0,134991),('4_Sunday','12','12:00','12:59','N','Meetup','Caesars - Promenade Level - Office 4 behind Info Booth near Promenade South','\'Friends of Bill W\'','\' \'','44f0d31da20affa748adde51c00f55e1','\'Title:<br>Friends of Bill W<br><br>For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon &5pm Thurs-Sat, Noon Sun. The location is Office 4 Behind the @dcib.<br> <br> Stop by, refresh yourself.<br> <br> We\\x92ll be here.<br>\'',0,134992),('2_Friday','20','20:30','23:59','N','Night Life','Flamingo - 3rd floor - Track 101 Scenic BR','\'GeekPwn Party\'','\' \'','3487d726d8b6801a582b7b081440dddf','\'Title:<br>GeekPwn Party<br><br>Part contest, part open discussion of security, part talent show and 100% fun! Join the folks from GEEKPWN for a evening of entertainment with a focus on information security from China. Expect contests, serious discussion, music, and an enviroment open to your ideas.<br>\'',0,134993),('2_Friday','21','20:30','23:59','Y','Night Life','Flamingo - 3rd floor - Track 101 Scenic BR','\'GeekPwn Party\'','\' \'','3487d726d8b6801a582b7b081440dddf','\'\'',0,134994),('2_Friday','22','20:30','23:59','Y','Night Life','Flamingo - 3rd floor - Track 101 Scenic BR','\'GeekPwn Party\'','\' \'','3487d726d8b6801a582b7b081440dddf','\'\'',0,134995),('2_Friday','23','20:30','23:59','Y','Night Life','Flamingo - 3rd floor - Track 101 Scenic BR','\'GeekPwn Party\'','\' \'','3487d726d8b6801a582b7b081440dddf','\'\'',0,134996),('3_Saturday','23','23:55','24:59','N','Night Life','Caesars - Lobby bar','\'DC 26 GothCon\'','\' \'','3c2ee61b9c0174e8afe4f6c5100d10a5','\'Title:<br>DC 26 GothCon<br><br>Yes! Join us! Follow <a href=\"https://twitter.com/search?q=%23dcgothcon&src=typd\">#DCGothCon</a> for updates. Saturday night at 11:55pm we\'re flashmobbing the lobbycon bar for the witching hour. Wear your favorite things. (All goths, goth-adjacent, and friends allowed.) If you want in on the ad-hoc planning, dm me your email for the slack.<br> More Info: <a href=\"https://twitter.com/clevrcat/status/1022851252349284353\">https://twitter.com/clevrcat/status/1022851252349284353</a><br> More Info: <a href=\"https://twitter.com/clevrcat\">@ClevrCat</a><br>\'',0,134997),('3_Saturday','24','23:55','24:59','Y','Night Life','Caesars - Lobby bar','\'DC 26 GothCon\'','\' \'','3c2ee61b9c0174e8afe4f6c5100d10a5','\'\'',0,134998),('3_Saturday','20','20:30','23:59','N','Meetup','Flamingo - 3rd floor - Chillout Rm','\'Hacker Flairgrounds\'','\' \'','6231f0b8e07e86e806734917c8158923','\'Title:<br>Hacker Flairgrounds<br><br>This is the Meetup destination for badge collectors, designers, and prototypers that you have been waiting for! A social environment to show off you custom badges, discuss projects to make you own badges and to talk to collectors who cherish your work. Flashing LEDs, crafting time, trading, and the celebration of badge craft all in one.<br>\'',0,134999),('3_Saturday','21','20:30','23:59','Y','Meetup','Flamingo - 3rd floor - Chillout Rm','\'Hacker Flairgrounds\'','\' \'','6231f0b8e07e86e806734917c8158923','\'\'',0,135000),('3_Saturday','22','20:30','23:59','Y','Meetup','Flamingo - 3rd floor - Chillout Rm','\'Hacker Flairgrounds\'','\' \'','6231f0b8e07e86e806734917c8158923','\'\'',0,135001),('3_Saturday','23','20:30','23:59','Y','Meetup','Flamingo - 3rd floor - Chillout Rm','\'Hacker Flairgrounds\'','\' \'','6231f0b8e07e86e806734917c8158923','\'\'',0,135002),('1_Thursday','17','17:00','17:59','N','Meetup','Caesars - Promenade Level - Anzio Rm past Registration','\'Hacking for Special Needs\'','\' \'','5d0c21a47f6391789e318a5f1491b7c5','\'Title:<br>Hacking for Special Needs<br><br>A Meetup for parents of children and individuals with special needs within the DEF CON community. The meeting is not only social but also a exchange of information and helpful tips to help improve the lives of families and individuals and to celebrate their place in the DEF CON community.<br>\'',0,135003),('2_Friday','20','20:30','23:59','N','Night Life','Flamingo - 3rd Floor - Track 101 Twilight BR','\'House of Kenzo\'','\' \'','3ad8132607f2ad895c0d47f5d5f12929','\'Title:<br>House of Kenzo<br><br>Come celebrate teh culture of DIY or die! The future has not been written yet so come and mingle with the authors of the time to come and celebrate creating a culture of global communication and culture. Live music and open minds will meet your ideas and help you trailblazer the next century.<br>\'',0,135004),('2_Friday','21','20:30','23:59','Y','Night Life','Flamingo - 3rd Floor - Track 101 Twilight BR','\'House of Kenzo\'','\' \'','3ad8132607f2ad895c0d47f5d5f12929','\'\'',0,135005),('2_Friday','22','20:30','23:59','Y','Night Life','Flamingo - 3rd Floor - Track 101 Twilight BR','\'House of Kenzo\'','\' \'','3ad8132607f2ad895c0d47f5d5f12929','\'\'',0,135006),('2_Friday','23','20:30','23:59','Y','Night Life','Flamingo - 3rd Floor - Track 101 Twilight BR','\'House of Kenzo\'','\' \'','3ad8132607f2ad895c0d47f5d5f12929','\'\'',0,135007),('2_Friday','19','19:00','19:59','N','Meetup','Flamingo - 3rd Floor - Carson City Rm','\'Lawyer Meet\'','\' \'','ba08d4547751bc897933771d44cf7763','\'Title:<br>Lawyer Meet<br><br>If you\'re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join your host Jeff McNamara at 19:00 on Friday, August 10th, for a friendly get-together, followed by dinner/drinks and conversation.<br>\'',0,135008),('2_Friday','21','21:00','23:59','N','Night Life','Flamingo - 3rd Floor - Track 101 Vista BR','\'Live Band Karaoke\'','\' \'','ee2aa69fa4e90a444c756b8bc03bd6d7','\'Title:<br>Live Band Karaoke<br><br>Think you have karaoke chops? Kick it up to the next level by performing your favorite songs with a live band! The band with the best name ever , DON\'T PANIC provides the music and you provide the vocal talent. You won\'t need an electronic thumb or the help of the Dentrasi to get into this Party, just bring yourself and your towel. Come early for free swag (towel included!)!<br> <br> Event info and singer sign up:<br> <a href=\"http://ibm.biz/dontpanic\">ibm.biz/dontpanic</a><br> <br> Facebook: <a href=\"https://www.facebook.com/DontPanicReally/\">https://www.facebook.com/DontPanicReally/</a><br> Twitter: <a href=\"https://twitter.com/PanicReally\">@DontPanicReally</a><br>\'',0,135009),('2_Friday','22','21:00','23:59','Y','Night Life','Flamingo - 3rd Floor - Track 101 Vista BR','\'Live Band Karaoke\'','\' \'','ee2aa69fa4e90a444c756b8bc03bd6d7','\'\'',0,135010),('2_Friday','23','21:00','23:59','Y','Night Life','Flamingo - 3rd Floor - Track 101 Vista BR','\'Live Band Karaoke\'','\' \'','ee2aa69fa4e90a444c756b8bc03bd6d7','\'\'',0,135011),('3_Saturday','20','20:30','23:59','N','Night Life','Flamingo - 3rd Floor - El Dorado BR','\'Lonely Hackers Club Party\'','\' \'','e361847644b49e58babcdbe909cd0b41','\'Title:<br>Lonely Hackers Club Party<br><br>If only Sergeant Pepper had owned a Commodore 64! Come meet the people you communicate with on a daily basis in person as you dance and chat the night away. Just keep in mind that this IS Las Vegas and when you wake up in the morning those marriage certificates are still binding!  Come meet the people you communicate with on a daily basis via telegram in person as you dance and chat the night away. All are welcome!<br>\'',0,135012),('3_Saturday','21','20:30','23:59','Y','Night Life','Flamingo - 3rd Floor - El Dorado BR','\'Lonely Hackers Club Party\'','\' \'','e361847644b49e58babcdbe909cd0b41','\'\'',0,135013),('3_Saturday','22','20:30','23:59','Y','Night Life','Flamingo - 3rd Floor - El Dorado BR','\'Lonely Hackers Club Party\'','\' \'','e361847644b49e58babcdbe909cd0b41','\'\'',0,135014),('3_Saturday','23','20:30','23:59','Y','Night Life','Flamingo - 3rd Floor - El Dorado BR','\'Lonely Hackers Club Party\'','\' \'','e361847644b49e58babcdbe909cd0b41','\'\'',0,135015),('3_Saturday','22','22:00','25:59','N','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'SecKC the World\'','\' \'','38e4d00bf3b12e5d38616cfddb8248ca','\'Title:<br>SecKC the World<br><br>A Tiki themed gathering of the people who make up seckc.org. Come get a taste of this slice of hacker culture as you Party the night away. The hotel won\'t let us have Tiki torches so grab some glow-sticks and bamboo and help the theme while live DJs keep your feet moving.<br>Brought to you by the people at <a href=\"http://seckc.org\">seckc.org</a>, DEFCON proudly presents the feature Midwestern party, SecKC the World. Come join us for an out of this world cosmic tiki event, where the rum is cold and the music is hot. Pair your VIP token with some glowsticks to get the top secret surprise at midnight.<br>When: Saturday, August 11, 2018 8:00 PM - 2:00 AM<br> DJs: <a href=\"https://twitter.com/sysaaron\">@sysaaron</a> 10:00 PM-12:00 AM / <a href=\"https://twitter.com/archwisp\">@archwisp</a> 12:00 AM - 02:00 AM<br> Where: Mesquite Room | Flamingo Las Vegas Hotel and Casino<br><br> Order $5 VIP party token at: <a href=\"http://www.badgepirates.com\">www.badgepirates.com</a><br>More Info: <a href=\"https://seckc.org/defcon-party\">https://seckc.org/defcon-party</a><br>\'',0,135016),('3_Saturday','23','22:00','25:59','Y','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'SecKC the World\'','\' \'','38e4d00bf3b12e5d38616cfddb8248ca','\'\'',0,135017),('3_Saturday','24','22:00','25:59','Y','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'SecKC the World\'','\' \'','38e4d00bf3b12e5d38616cfddb8248ca','\'\'',0,135018),('3_Saturday','25','22:00','25:59','Y','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'SecKC the World\'','\' \'','38e4d00bf3b12e5d38616cfddb8248ca','\'\'',0,135019),('2_Friday','20','20:30','25:59','N','Night Life','Flamingo - Lower Level - Red Rock RM 6','\'Vet Con\'','\' \'','d1643e167a2f2864c995ffe2ff495855','\'Title:<br>Vet Con<br><br>A Party thrown by Veterans for everyone! Come join in as veterans from all branches come together to celebrate and take on challenges that you only hear about in movies. Space force recruiting? Airmen in a chair race? Military drill displays? All this and more. It\'s time to raise hell the way our people in uniform are famous for.<br>More Info: <a href=\"https://twitter.com/VetConActual\">@VetConActual</a><br>\'',0,135020),('2_Friday','21','20:30','25:59','Y','Night Life','Flamingo - Lower Level - Red Rock RM 6','\'Vet Con\'','\' \'','d1643e167a2f2864c995ffe2ff495855','\'\'',0,135021),('2_Friday','22','20:30','25:59','Y','Night Life','Flamingo - Lower Level - Red Rock RM 6','\'Vet Con\'','\' \'','d1643e167a2f2864c995ffe2ff495855','\'\'',0,135022),('2_Friday','23','20:30','25:59','Y','Night Life','Flamingo - Lower Level - Red Rock RM 6','\'Vet Con\'','\' \'','d1643e167a2f2864c995ffe2ff495855','\'\'',0,135023),('2_Friday','24','20:30','25:59','Y','Night Life','Flamingo - Lower Level - Red Rock RM 6','\'Vet Con\'','\' \'','d1643e167a2f2864c995ffe2ff495855','\'\'',0,135024),('2_Friday','25','20:30','25:59','Y','Night Life','Flamingo - Lower Level - Red Rock RM 6','\'Vet Con\'','\' \'','d1643e167a2f2864c995ffe2ff495855','\'\'',0,135025),('2_Friday','20','20:30','25:59','N','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'Arcade Party\'','\' \'','e4b6e952b5e958ef1093fe250f231b43','\'Title:<br>Arcade Party<br><br>Ever had the awesome experience of seeing the renowned <a href=\"https://twitter.com/dualcoremusic\">@dualcoremusic</a>  or maybe you\'ve heard the mad mixing skills of <a href=\"https://twitter.com/KeithMyers\">@KeithMyers</a> - Well imagine BOTH of them, at one party! The EPIC #defcon26 <a href=\"https://twitter.com/CarHackVillage\">@CarHackVillage</a> and <a href=\"https://twitter.com/ICS_Village\">@ICS_Village</a> Party will be Sat Night 10:30-2 Hope to see you there!<br>\'',0,135026),('2_Friday','21','20:30','25:59','Y','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'Arcade Party\'','\' \'','e4b6e952b5e958ef1093fe250f231b43','\'\'',0,135027),('2_Friday','22','20:30','25:59','Y','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'Arcade Party\'','\' \'','e4b6e952b5e958ef1093fe250f231b43','\'\'',0,135028),('2_Friday','23','20:30','25:59','Y','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'Arcade Party\'','\' \'','e4b6e952b5e958ef1093fe250f231b43','\'\'',0,135029),('2_Friday','24','20:30','25:59','Y','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'Arcade Party\'','\' \'','e4b6e952b5e958ef1093fe250f231b43','\'\'',0,135030),('2_Friday','25','20:30','25:59','Y','Night Life','Flamingo - 3rd Floor - Mesquite Rm','\'Arcade Party\'','\' \'','e4b6e952b5e958ef1093fe250f231b43','\'\'',0,135031),('2_Friday','18','18:30','20:30','N','Meetup','The Park on Las Vegas Blvd. by TMobile Arena','\'DEF CON Dinner Con\'','\' \'','b391771e6bf18c9db9507507d0680af4','\'Title:<br>DEF CON Dinner Con<br><br>Who\'s ready for <a href=\"https://twitter.com/defcon\">@defcon</a> ? Rumors going around that it\'s been cancelled once again. Even if it is, you gotta eat so come to <a href=\"https://twitter.com/DEFCONDinner\">@DEFCONDinner</a> on Friday, August 10th 2018 at The Park 3782 S Las Vegas Blvd. by <a href=\"https://twitter.com/TMobile\">@TMobile Arena</a>. 6:30 pm until about 8:00 pm. Then off to your parties!\'',0,135032),('2_Friday','19','18:30','20:30','Y','Meetup','The Park on Las Vegas Blvd. by TMobile Arena','\'DEF CON Dinner Con\'','\' \'','b391771e6bf18c9db9507507d0680af4','\'\'',0,135033),('2_Friday','20','18:30','20:30','Y','Meetup','The Park on Las Vegas Blvd. by TMobile Arena','\'DEF CON Dinner Con\'','\' \'','b391771e6bf18c9db9507507d0680af4','\'\'',0,135034),('2_Friday','20','20:00','23:59','N','Night Life','Forum Tower Duplex Hangover Suite','\'503 Party 2018\'','\' \'','7548ef10c330b536d3876a461d86ec66','\'Title:<br>503 Party 2018<br><br>It\'s 2018, and it\'s time again for another 503 Party!<br> <br> This year we\'ll be re-introducing the music, but keeping the drink focus on local microbrews.  We\'ve got the Hangover suite in Caesars Palace for the entire weekend, Thursday through Sunday, so we\'re going to be running the 503 Suite again this year like we did in 2016, which means we may have some random events during the day throughout the weekend.  This also means we need to raise a bit more money, so I\'ve set the goal this year to 15k.  The room is already paid for, so it\'s happening even if the goal isn\'t reached.  Top donors (100ish dollars?) will get fun prizes and early admission to the Friday night party.  All funds raised will of course be going to the party/suite.  Further details will be posted on https://503.party . <br>More Info: <a href=\"https://503.party/\">503.party</a><br>More Info: <a href=\"https://www.gofundme.com/503party2018\">gofundme</a><br>\'',0,135035),('2_Friday','21','20:00','23:59','Y','Night Life','Forum Tower Duplex Hangover Suite','\'503 Party 2018\'','\' \'','7548ef10c330b536d3876a461d86ec66','\'\'',0,135036),('2_Friday','22','20:00','23:59','Y','Night Life','Forum Tower Duplex Hangover Suite','\'503 Party 2018\'','\' \'','7548ef10c330b536d3876a461d86ec66','\'\'',0,135037),('2_Friday','23','20:00','23:59','Y','Night Life','Forum Tower Duplex Hangover Suite','\'503 Party 2018\'','\' \'','7548ef10c330b536d3876a461d86ec66','\'\'',0,135038),('1_Thursday','21','21:00','21:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - YurkMeister\'','\' \'','f6b2e53a11b09dc60026f269e9a73479','\'Title:<br>Party Music - YurkMeister<br><br> \'',0,135039),('1_Thursday','22','22:00','22:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - OS System\'','\' \'','0db3c221e6b81e9f1adec7b748093cf2','\'Title:<br>Party Music - OS System<br><br> \'',0,135040),('1_Thursday','23','23:00','23:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Icetre Normal\'','\' \'','66590187d6f3ff526c2438c0335710b6','\'Title:<br>Party Music - Icetre Normal<br><br> \'',0,135041),('1_Thursday','24','24:00','24:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - DJ v.27\'','\' \'','cdc67ade316b39e14871fce4fd0fa1b9','\'Title:<br>Party Music - DJ v.27<br><br> \'',0,135042),('1_Thursday','25','25:00','25:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Acid-T\'','\' \'','d8b866fb88be60ff5e2da68424a61378','\'Title:<br>Party Music - Acid-T<br><br> \'',0,135043),('1_Thursday','26','26:00','26:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Tineh Nimjeh\'','\' \'','26e14864e7356029056b7abac48cda5c','\'Title:<br>Party Music - Tineh Nimjeh<br><br> \'',0,135044),('2_Friday','21','21:00','21:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - JG & The Robots\'','\' \'','519a7ef32b3353a3ab60b8eb1d3b98cc','\'Title:<br>Party Music - JG & The Robots<br><br> \'',0,135045),('2_Friday','22','22:00','22:45','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - YT Cracker\'','\' \'','a86febe8e9071ea1878883059f193e25','\'Title:<br>Party Music - YT Cracker<br><br> \'',0,135046),('2_Friday','22','22:45','23:30','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Dualcore\'','\' \'','da37b2d841f179ad2916ed2ca0383f4b','\'Title:<br>Party Music - Dualcore<br><br> \'',0,135047),('2_Friday','23','22:45','23:30','Y','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Dualcore\'','\' \'','da37b2d841f179ad2916ed2ca0383f4b','\'\'',0,135048),('2_Friday','23','23:30','24:15','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - MC Frontalot\'','\' \'','8b26d11acbcb09e6c37731c9cf4e8d1c','\'Title:<br>Party Music - MC Frontalot<br><br> \'',0,135049),('2_Friday','24','23:30','24:15','Y','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - MC Frontalot\'','\' \'','8b26d11acbcb09e6c37731c9cf4e8d1c','\'\'',0,135050),('2_Friday','24','24:15','25:15','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - TBD\'','\' \'','84f5e41191b62325af187dafb63e7b2e','\'Title:<br>Party Music - TBD<br><br> \'',0,135051),('2_Friday','25','24:15','25:15','Y','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - TBD\'','\' \'','84f5e41191b62325af187dafb63e7b2e','\'\'',0,135052),('2_Friday','25','25:15','26:15','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Scotch & Bubbles\'','\' \'','2eb9dccf3b54052c2940453ff0cf414b','\'Title:<br>Party Music - Scotch & Bubbles<br><br> \'',0,135053),('2_Friday','26','25:15','26:15','Y','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Scotch & Bubbles\'','\' \'','2eb9dccf3b54052c2940453ff0cf414b','\'\'',0,135054),('2_Friday','26','26:15','26:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Circuit Static\'','\' \'','7df20c1d0cb37d11f4607ff0485671e3','\'Title:<br>Party Music - Circuit Static<br><br> \'',0,135055),('3_Saturday','21','21:30','22:30','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Skittish & Bus\'','\' \'','35f928c6755177d5776ae24e5854bfac','\'Title:<br>Party Music - Skittish & Bus<br><br> \'',0,135056),('3_Saturday','22','21:30','22:30','Y','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Skittish & Bus\'','\' \'','35f928c6755177d5776ae24e5854bfac','\'\'',0,135057),('3_Saturday','22','22:30','23:30','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Zebbler Encanti\'','\' \'','a45280729c69f56eb9749785f6d1b6b0','\'Title:<br>Party Music - Zebbler Encanti<br><br> \'',0,135058),('3_Saturday','23','22:30','23:30','Y','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Zebbler Encanti\'','\' \'','a45280729c69f56eb9749785f6d1b6b0','\'\'',0,135059),('3_Saturday','23','23:30','24:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Juno Reactor\'','\' \'','a538db7914eae5da00c997bd23ccf1c6','\'Title:<br>Party Music - Juno Reactor<br><br> \'',0,135060),('3_Saturday','24','23:30','24:59','Y','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Juno Reactor\'','\' \'','a538db7914eae5da00c997bd23ccf1c6','\'\'',0,135061),('3_Saturday','25','25:00','25:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - Miss Jackalope\'','\' \'','08b9a5343c8832631745ac0cf522c7ec','\'Title:<br>Party Music - Miss Jackalope<br><br> \'',0,135062),('3_Saturday','26','26:00','26:59','N','Night Life','Caesars Emperor\'s Level - Track 1 Palace BR','\'Party Music - s7a73farm\'','\' \'','d63f9ada619f1c0913d4f26c90fa0f9e','\'Title:<br>Party Music - s7a73farm<br><br> \'',0,135063),('3_Saturday','21','21:00','25:59','N','Night Life','Off-site party, Register and receive adddress from IOT VIllage','\'IoT Village Manson Party\'','\' \'','ee3e0b23375a781abd958899923b3a3a','\'Title:<br>IoT Village Manson Party<br><br>Come party with the Defcon IoT Village organizers! If you enjoy mansions, pools, water slides, waterfall caves, food, and practically unlimited drinks, this is the place to be. Additional excitement to come as well.<br> <br> To receive the address, please register a waitlist ticket and visit the Defcon IoT Village:<br> <br> Promenade Level, rooms Verona, Turin, and Trevi<br> Come between 10am-6pm Friday and Saturday to reserve a spot<br> Spots are limited so hurry!<br> <br> More Info: <a href=\"https://www.eventbrite.com/e/iot-village-mansion-party-tickets-48041961801\">https://www.eventbrite.com/e/iot-village-mansion-party-tickets-48041961801</a><br>\'',0,135064),('3_Saturday','22','21:00','25:59','Y','Night Life','Off-site party, Register and receive adddress from IOT VIllage','\'IoT Village Manson Party\'','\' \'','ee3e0b23375a781abd958899923b3a3a','\'\'',0,135065),('3_Saturday','23','21:00','25:59','Y','Night Life','Off-site party, Register and receive adddress from IOT VIllage','\'IoT Village Manson Party\'','\' \'','ee3e0b23375a781abd958899923b3a3a','\'\'',0,135066),('3_Saturday','24','21:00','25:59','Y','Night Life','Off-site party, Register and receive adddress from IOT VIllage','\'IoT Village Manson Party\'','\' \'','ee3e0b23375a781abd958899923b3a3a','\'\'',0,135067),('3_Saturday','25','21:00','25:59','Y','Night Life','Off-site party, Register and receive adddress from IOT VIllage','\'IoT Village Manson Party\'','\' \'','ee3e0b23375a781abd958899923b3a3a','\'\'',0,135068),('1_Thursday','20','20:00','23:59','N','Night Life','Rockhouse Bar 3370 S Las Vegas Blvd','\'DEF CON 26: Bugcrowd House Party\'','\' \'','b2e916ea914f7244ccb6f72db45ee98d','\'Title:<br>DEF CON 26: Bugcrowd House Party<br><br>Don’t miss out on Bugcrowd’s 2nd annual House Party at the Rockhouse Bar! Join us for an epic night of live-action chefs, flair bartenders, games and a live performance by DualCore.<br> <br> There are only a few spots left so register now!<br> <br> When: Thursday, August 9, 2018: 8:00PM – Midnight<br> <br> Where: Rockhouse Bar | 3377 S Las Vegas Blvd, Las Vegas, NV<br> <br> More Info: <a href=\"https://ww2.bugcrowd.com/2018-defcon-house-party.html\">https://ww2.bugcrowd.com/2018-defcon-house-party.html</a><br>\'',0,135069),('1_Thursday','21','20:00','23:59','Y','Night Life','Rockhouse Bar 3370 S Las Vegas Blvd','\'DEF CON 26: Bugcrowd House Party\'','\' \'','b2e916ea914f7244ccb6f72db45ee98d','\'\'',0,135070),('1_Thursday','22','20:00','23:59','Y','Night Life','Rockhouse Bar 3370 S Las Vegas Blvd','\'DEF CON 26: Bugcrowd House Party\'','\' \'','b2e916ea914f7244ccb6f72db45ee98d','\'\'',0,135071),('1_Thursday','23','20:00','23:59','Y','Night Life','Rockhouse Bar 3370 S Las Vegas Blvd','\'DEF CON 26: Bugcrowd House Party\'','\' \'','b2e916ea914f7244ccb6f72db45ee98d','\'\'',0,135072),('1_Thursday','17','17:00','18:59','N','Meetup','Caesars - Cafe Americano','\'[Networking/Social] Blackhat/DefCon Meet-up at Cafe Americano\'','\' \'','51f46e714b60cb848f87f5f66e469b85','\'Title:<br>[Networking/Social] Blackhat/DefCon Meet-up at Cafe Americano<br><br>BlackHat/DEFCON Annual Meet-up - August 9th <br> <br> Join Women\'s Society of Cyberjutsu at Cafe Americano inside Caesars Palace for our Annual Blackhat/DefCon Meet-up.<br> <br> Meet like minded security professionals from around the world for free appetizers and drinks<br> <br> Thank you to our event sponsors and partners:<br> <br> More Info: <a href=\"https://womenscyberjutsu.org/events/EventDetails.aspx?id=1121627&group=\">https://womenscyberjutsu.org/events/EventDetails.aspx?id=1121627&group=</a><br> Contact: events@womenscyberjutsu.org<br>\'',0,135073),('1_Thursday','18','17:00','18:59','Y','Meetup','Caesars - Cafe Americano','\'[Networking/Social] Blackhat/DefCon Meet-up at Cafe Americano\'','\' \'','51f46e714b60cb848f87f5f66e469b85','\'\'',0,135074),('2_Friday','15','15:00','16:59','N','Meetup','Caesars - Palace Suites','\'Women, Wisdom, & Wine @ DEF CON 26 by IOActive\'','\' \'','2e26b96032d26a32bbb519fed67b945b','\'Title:<br>Women, Wisdom, & Wine @ DEF CON 26 by IOActive<br><br>IOActive is once again hosting our popular Women, Wisdom, & Wine event in Las Vegas during DEFCON 26 - a chance to escape from the conference, relax, share our experiences, and catch up. It\'s the perfect chance to see your security sector friends and acquaintances – and meet new ones.<br> <br> Food and wine (of course!) will be provided for your enjoyment. Please share this with other women who might be interested. It’s a great way for all of our to expand our collective network. <br> <br> **Based on feedback from last year\'s attendees, this event will be exclusively for women and non-binary individuals.**<br> More Info: <a href=\"https://www.eventbrite.com/e/women-wisdom-wine-def-con-26-tickets-47877418648\">https://www.eventbrite.com/e/women-wisdom-wine-def-con-26-tickets-47877418648</a><br>\'',0,135075),('2_Friday','16','15:00','16:59','Y','Meetup','Caesars - Palace Suites','\'Women, Wisdom, & Wine @ DEF CON 26 by IOActive\'','\' \'','2e26b96032d26a32bbb519fed67b945b','\'\'',0,135076),('3_Saturday','21','21:00','25:59','N','Night Life','Caesars Palace Forum Tower, Rm TBA','\'Defcon Monero Party 2018\'','\' \'','3da3135ea36c065149079ccacece455a','\'Title:<br>Defcon Monero Party 2018<br><br>For immediate release<br> <br> From: The Monero Enterprise Alliance<br> <br> Last year, the Monero Enterprise Alliance reached out to the privacy loving hackers of Defcon and hosted an open house gathering of a few hundred friends and supporters at the first Defcon Monero Party. It brought people together, and everyone had a blast.<br> <br> The event was such a success, that we\'re doing it again, and we\'re going bigger. Once again at Caesar\'s Palace; once again, YTcracker is kicking off the event on Saturday night at 9pm. DJ KSODIP spins at 10pm and FuzzyNop slices 11pm. The room is bigger, the music is bolder.<br> . . .<br> More info: <a href=\"https://np.reddit.com/r/Monero/comments/8v2lz2/defcon_monero_party_2018/\">Defcon Monero Party 2018 reddit announcment</a><br> More info: <a href=\"https://twitter.com/cinnamonflower\">@cinnamonflower</a><br>\'',0,135077),('3_Saturday','22','21:00','25:59','Y','Night Life','Caesars Palace Forum Tower, Rm TBA','\'Defcon Monero Party 2018\'','\' \'','3da3135ea36c065149079ccacece455a','\'\'',0,135078),('3_Saturday','23','21:00','25:59','Y','Night Life','Caesars Palace Forum Tower, Rm TBA','\'Defcon Monero Party 2018\'','\' \'','3da3135ea36c065149079ccacece455a','\'\'',0,135079),('3_Saturday','24','21:00','25:59','Y','Night Life','Caesars Palace Forum Tower, Rm TBA','\'Defcon Monero Party 2018\'','\' \'','3da3135ea36c065149079ccacece455a','\'\'',0,135080),('3_Saturday','25','21:00','25:59','Y','Night Life','Caesars Palace Forum Tower, Rm TBA','\'Defcon Monero Party 2018\'','\' \'','3da3135ea36c065149079ccacece455a','\'\'',0,135081),('1_Thursday','12','12:00','14:30','N','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Promether, 1st Party of Defcon\'','\' \'','1144a05c25385baaaec604d019487a0f','\'Title:<br>Promether, 1st Party of Defcon<br><br>Badges get you VIP access to the party, free Promether lanyard, and free entries into the raffle for awesome swag during the party. You can preorder a badge at <a href=\"http://eijah.com\">eijah.com</a> Badges aren\'t necessary to enter the party, people will just need to wait in line, etc. (normal party stuff at defcon) Ytcracker and Dual Core will be performing<br>More Info: <a href=\"https://promether.com/\">https://promether.com/</a><br>\'',0,135082),('1_Thursday','13','12:00','14:30','Y','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Promether, 1st Party of Defcon\'','\' \'','1144a05c25385baaaec604d019487a0f','\'\'',0,135083),('1_Thursday','14','12:00','14:30','Y','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Promether, 1st Party of Defcon\'','\' \'','1144a05c25385baaaec604d019487a0f','\'\'',0,135084),('1_Thursday','16','16:00','17:59','N','Meetup','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Mixer\'','\' \'','5be2e80da7097ecb21a3076626bef2bc','\'Title:<br>Queercon Mixer<br><br>Join us in the Queercon Lounge for the first Queercon Mixer of DEF CON.  Come find old friends, and make some new ones, in the Queercon Lounge at Caesars.  No DEF CON badge required; Open to all LGBTQ, as well as friends and allies.<br>More Info: <a href=\"https://queercon.org/blog/2018/07/13/queercon-15-schedule/\">https://queercon.org/blog/2018/07/13/queercon-15-schedule/</a><br>\'',0,135085),('1_Thursday','17','16:00','17:59','Y','Meetup','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Mixer\'','\' \'','5be2e80da7097ecb21a3076626bef2bc','\'\'',0,135086),('1_Thursday','20','20:00','23:45','N','Meetup','Caesars Palace Forum Tower Duplex Suite, Diana Initiative Suite Rm TBA','\'Quiet Party\'','\' \'','1c9b1ddcb86e949ff415ff6a1ddaf117','\'Title:<br>Quiet Party<br><br>Come join us for a night of quiet networking and game play. We will have a variety of board and card games available.<br>More Info: <a href=\"https://www.dianainitiative.org/\">The Diana Initiative</a><br>\'',0,135087),('1_Thursday','21','20:00','23:45','Y','Meetup','Caesars Palace Forum Tower Duplex Suite, Diana Initiative Suite Rm TBA','\'Quiet Party\'','\' \'','1c9b1ddcb86e949ff415ff6a1ddaf117','\'\'',0,135088),('1_Thursday','22','20:00','23:45','Y','Meetup','Caesars Palace Forum Tower Duplex Suite, Diana Initiative Suite Rm TBA','\'Quiet Party\'','\' \'','1c9b1ddcb86e949ff415ff6a1ddaf117','\'\'',0,135089),('1_Thursday','23','20:00','23:45','Y','Meetup','Caesars Palace Forum Tower Duplex Suite, Diana Initiative Suite Rm TBA','\'Quiet Party\'','\' \'','1c9b1ddcb86e949ff415ff6a1ddaf117','\'\'',0,135090),('2_Friday','20','20:30','23:45','N','Meetup','Caesars Palace Forum Tower Duplex Suite, Diana Initiative Suite Rm TBA','\'Loud Party\'','\' \'','88d7d3d1048fb84c187b9643fb0d9ae7','\'Title:<br>Loud Party<br><br>Come dance the night away to some sweet beats dropped by our DJ Tineh Nimjeh<br>More Info: <a href=\"https://www.dianainitiative.org/\">The Diana Initiative</a><br>\'',0,135091),('2_Friday','21','20:30','23:45','Y','Meetup','Caesars Palace Forum Tower Duplex Suite, Diana Initiative Suite Rm TBA','\'Loud Party\'','\' \'','88d7d3d1048fb84c187b9643fb0d9ae7','\'\'',0,135092),('2_Friday','22','20:30','23:45','Y','Meetup','Caesars Palace Forum Tower Duplex Suite, Diana Initiative Suite Rm TBA','\'Loud Party\'','\' \'','88d7d3d1048fb84c187b9643fb0d9ae7','\'\'',0,135093),('2_Friday','23','20:30','23:45','Y','Meetup','Caesars Palace Forum Tower Duplex Suite, Diana Initiative Suite Rm TBA','\'Loud Party\'','\' \'','88d7d3d1048fb84c187b9643fb0d9ae7','\'\'',0,135094),('3_Saturday','20','20:00','26:59','N','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Rainbow Ball\'','\' \'','57cd5dd7b14d8a3db291416db460524c','\'Title:<br>Queercon Rainbow Ball<br><br>Who needs a black and white ball when we have a Rainbow Ball?!  The Queercon Lounge turns into the biggest dance party, and keeps going all night long.  <br>More Info: <a href=\"https://queercon.org/blog/2018/07/13/queercon-15-schedule/\">https://queercon.org/blog/2018/07/13/queercon-15-schedule/</a><br>\'',0,135095),('3_Saturday','21','20:00','26:59','Y','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Rainbow Ball\'','\' \'','57cd5dd7b14d8a3db291416db460524c','\'\'',0,135096),('3_Saturday','22','20:00','26:59','Y','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Rainbow Ball\'','\' \'','57cd5dd7b14d8a3db291416db460524c','\'\'',0,135097),('3_Saturday','23','20:00','26:59','Y','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Rainbow Ball\'','\' \'','57cd5dd7b14d8a3db291416db460524c','\'\'',0,135098),('3_Saturday','24','20:00','26:59','Y','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Rainbow Ball\'','\' \'','57cd5dd7b14d8a3db291416db460524c','\'\'',0,135099),('3_Saturday','25','20:00','26:59','Y','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Rainbow Ball\'','\' \'','57cd5dd7b14d8a3db291416db460524c','\'\'',0,135100),('3_Saturday','26','20:00','26:59','Y','Night Life','Caesars Palace, Queercon Lounge Suite, Rm TBA','\'Queercon Rainbow Ball\'','\' \'','57cd5dd7b14d8a3db291416db460524c','\'\'',0,135101),('3_Saturday','20','20:00','23:59','N','Night Life','Flamingo, Rm # after registration','\'Cobalt DEF CON Party 2018\'','\' \'','dee396004f7de1028b59d84d076b0832','\'Title:<br>Cobalt DEF CON Party 2018<br><br>Another year, another DEF CON Party. Start your night at the Flamingo Hotel with the Cobalt team. Join us for a night of drinks, music, and good company.<br> <br> Drinks + Music + Snacks provided<br> Meet the Cobalt Team and the Cobalt Core<br> Network with others in the security space<br> Bring your InfoSec peers<br> <br> Register: <a href=\"https://event.cobalt.io/def-con-party-2018\">https://event.cobalt.io/def-con-party-2018</a><br>\'',0,135102),('3_Saturday','21','20:00','23:59','Y','Night Life','Flamingo, Rm # after registration','\'Cobalt DEF CON Party 2018\'','\' \'','dee396004f7de1028b59d84d076b0832','\'\'',0,135103),('3_Saturday','22','20:00','23:59','Y','Night Life','Flamingo, Rm # after registration','\'Cobalt DEF CON Party 2018\'','\' \'','dee396004f7de1028b59d84d076b0832','\'\'',0,135104),('3_Saturday','23','20:00','23:59','Y','Night Life','Flamingo, Rm # after registration','\'Cobalt DEF CON Party 2018\'','\' \'','dee396004f7de1028b59d84d076b0832','\'\'',0,135105),('3_Saturday','22','22:00','25:59','N','Night Life','Location TBA','\'DC801 Party\'','\' \'','27fd7707425377a780f67fe556b8174b','\'Title:<br>DC801 Party<br><br>DC801 group Party<br>More Info: <a href=\"https://www.dc801.org/party2018/\">https://www.dc801.org/party2018/</a><br>\'',0,135106),('3_Saturday','23','22:00','25:59','Y','Night Life','Location TBA','\'DC801 Party\'','\' \'','27fd7707425377a780f67fe556b8174b','\'\'',0,135107),('3_Saturday','24','22:00','25:59','Y','Night Life','Location TBA','\'DC801 Party\'','\' \'','27fd7707425377a780f67fe556b8174b','\'\'',0,135108),('3_Saturday','25','22:00','25:59','Y','Night Life','Location TBA','\'DC801 Party\'','\' \'','27fd7707425377a780f67fe556b8174b','\'\'',0,135109),('1_Thursday','06','06:00','06:59','N','Meetup','corner of W Flamingo and Las Vegas Blvd underneath the circular temple structure','\'Defcon 26 4X5K run\'','\' \'','616278e08f6b02294e806bc1847a37bb','\'Title:<br>Defcon 26 4X5K run<br><br>\"Good Livin\" is returning to DefCon 26, because maybe you want a little more! Maybe you feel like getting up at 5:30 in Vegas. Maybe you didn\'t stop the night before. Maybe because 6 AM is the coolest time for a run in Vegas (It\'s only 80!) Who cares let\'s go for a run!<br> We hit all the hot spots on the 4x5K <a href=\"https://twitter.com/defcon\">@defcon</a> with <a href=\"https://twitter.com/whereiskurt\">@whereiskurt</a> ! Details here. <a href=\"https://www.reddit.com/r/Defcon/comments/8rcc5m/defcon_26_4_x_5k_is_on_again/\">https://www.reddit.com/r/Defcon/comments/8rcc5m/defcon_26_4_x_5k_is_on_again/</a> . . .<br> Also don\'t forget a World Run by Hackers <a href=\"https://www.eventbrite.com/e/world-run-by-hackers-5th-edition-registration-47811111321\">https://www.eventbrite.com/e/world-run-by-hackers-5th-edition-registration-47811111321</a> . . . for even more running.<br> More info: <a href=\"https://twitter.com/Agent__X__/status/1023975436211183616\">@Agent__X__ tweet</a><br>\'',0,135110),('2_Friday','06','06:00','06:59','N','Meetup','corner of W Flamingo and Las Vegas Blvd underneath the circular temple structure','\'Defcon 26 4X5K run\'','\' \'','324e34aa0a318b826f7bc94b6159d03b','\'Title:<br>Defcon 26 4X5K run<br><br>\"Good Livin\" is returning to DefCon 26, because maybe you want a little more! Maybe you feel like getting up at 5:30 in Vegas. Maybe you didn\'t stop the night before. Maybe because 6 AM is the coolest time for a run in Vegas (It\'s only 80!) Who cares let\'s go for a run!<br> We hit all the hot spots on the 4x5K <a href=\"https://twitter.com/defcon\">@defcon</a> with <a href=\"https://twitter.com/whereiskurt\">@whereiskurt</a> ! Details here. <a href=\"https://www.reddit.com/r/Defcon/comments/8rcc5m/defcon_26_4_x_5k_is_on_again/\">https://www.reddit.com/r/Defcon/comments/8rcc5m/defcon_26_4_x_5k_is_on_again/</a> . . .<br> Also don\'t forget a World Run by Hackers <a href=\"https://www.eventbrite.com/e/world-run-by-hackers-5th-edition-registration-47811111321\">https://www.eventbrite.com/e/world-run-by-hackers-5th-edition-registration-47811111321</a> . . . for even more running.<br> More info: <a ref=\"https://twitter.com/Agent__X__/status/1023975436211183616\">@Agent__X__ tweet</a><br>\'',0,135111),('3_Saturday','06','06:00','06:59','N','Meetup','corner of W Flamingo and Las Vegas Blvd underneath the circular temple structure','\'Defcon 26 4X5K run\'','\' \'','8ff5dc933079d0ae756677cedc696a2a','\'Title:<br>Defcon 26 4X5K run<br><br>\"Good Livin\" is returning to DefCon 26, because maybe you want a little more! Maybe you feel like getting up at 5:30 in Vegas. Maybe you didn\'t stop the night before. Maybe because 6 AM is the coolest time for a run in Vegas (It\'s only 80!) Who cares let\'s go for a run!<br> We hit all the hot spots on the 4x5K <a href=\"https://twitter.com/defcon\">@defcon</a> with <a href=\"https://twitter.com/whereiskurt\">@whereiskurt</a> ! Details here. <a href=\"https://www.reddit.com/r/Defcon/comments/8rcc5m/defcon_26_4_x_5k_is_on_again/\">https://www.reddit.com/r/Defcon/comments/8rcc5m/defcon_26_4_x_5k_is_on_again/</a> . . .<br> Also don\'t forget a World Run by Hackers <a href=\"https://www.eventbrite.com/e/world-run-by-hackers-5th-edition-registration-47811111321\">https://www.eventbrite.com/e/world-run-by-hackers-5th-edition-registration-47811111321</a> . . . for even more running.<br> More info: <a ref=\"https://twitter.com/Agent__X__/status/1023975436211183616\">@Agent__X__ tweet</a><br>\'',0,135112),('4_Sunday','06','06:00','06:59','N','Meetup','corner of W Flamingo and Las Vegas Blvd underneath the circular temple structure','\'Defcon 26 4X5K run\'','\' \'','953025a6821104000ecf29d4499dd6e7','\'Title:<br>Defcon 26 4X5K run<br><br>\"Good Livin\" is returning to DefCon 26, because maybe you want a little more! Maybe you feel like getting up at 5:30 in Vegas. Maybe you didn\'t stop the night before. Maybe because 6 AM is the coolest time for a run in Vegas (It\'s only 80!) Who cares let\'s go for a run!<br> We hit all the hot spots on the 4x5K <a href=\"https://twitter.com/defcon\">@defcon</a> with <a href=\"https://twitter.com/whereiskurt\">@whereiskurt</a> ! Details here. <a href=\"https://www.reddit.com/r/Defcon/comments/8rcc5m/defcon_26_4_x_5k_is_on_again/\">https://www.reddit.com/r/Defcon/comments/8rcc5m/defcon_26_4_x_5k_is_on_again/</a> . . .<br> Also don\'t forget a World Run by Hackers <a href=\"https://www.eventbrite.com/e/world-run-by-hackers-5th-edition-registration-47811111321\">https://www.eventbrite.com/e/world-run-by-hackers-5th-edition-registration-47811111321</a> . . . for even more running.<br> More info: <a ref=\"https://twitter.com/Agent__X__/status/1023975436211183616\">@Agent__X__ tweet</a><br>\'',0,135113),('2_Friday','19','19:00','23:59','N','Night Life','Caesars - Location printed on badges','\'Cubcon 2018\'','\' \'','d1583e84aeaa1d0ad763d3581461fc8d','\'Title:<br>Cubcon 2018<br><br>Welcome to Cubcon 2018<br> <br> A one night event celebrating newcomers to DEFCON and the industry.<br> Creating a space where veterans and newcomers alike can meet, talk, and form personal and professional support networks. <br> <br> Caesar\'s Palace <br> Friday August 10, 2018 at 7 pm <br> <br> Exact location will be printed on our badges, which we will be handing out in person at DEFCON. <br> For more information, please reach out to us at <a href=\"https://twitter.com/_cubcon\">@_cubcon</a>. <br> <br> More Info: <a href=\"https://cubcon.party/\">https://cubcon.party/</a><br>\'',0,135114),('2_Friday','20','19:00','23:59','Y','Night Life','Caesars - Location printed on badges','\'Cubcon 2018\'','\' \'','d1583e84aeaa1d0ad763d3581461fc8d','\'\'',0,135115),('2_Friday','21','19:00','23:59','Y','Night Life','Caesars - Location printed on badges','\'Cubcon 2018\'','\' \'','d1583e84aeaa1d0ad763d3581461fc8d','\'\'',0,135116),('2_Friday','22','19:00','23:59','Y','Night Life','Caesars - Location printed on badges','\'Cubcon 2018\'','\' \'','d1583e84aeaa1d0ad763d3581461fc8d','\'\'',0,135117),('2_Friday','23','19:00','23:59','Y','Night Life','Caesars - Location printed on badges','\'Cubcon 2018\'','\' \'','d1583e84aeaa1d0ad763d3581461fc8d','\'\'',0,135118),('2_Friday','20','20:00','21:59','N','Contest','Caesars - Track 3 - Pool Level - Forum BR 1-11,25','\'Hacker Jeopardy\'','\' \'','4f35bcb384d19a600a3b9057e5843ae3','\'Title:<br>Hacker Jeopardy<br><br>Hacker Jeopardy is back for its 24th unbelievable year! Three teams of three battle each round to face last year\'s champion in the final. 100 points for every beer consumed makes the answers, well, less predictable as the game goes on. Antics, swag, and audience participation -- how can you go wrong? WARNING: 18+ only due to adult language and innuendo. We\'re offended if you\'re not offended.<br> <br> More Info: <a href=\"http://www.hackerjeopardy.org\">http://www.hackerjeopardy.org</a><br>\'',0,135119),('2_Friday','21','20:00','21:59','Y','Contest','Caesars - Track 3 - Pool Level - Forum BR 1-11,25','\'Hacker Jeopardy\'','\' \'','4f35bcb384d19a600a3b9057e5843ae3','\'\'',0,135120),('3_Saturday','20','20:00','21:59','N','Contest','Caesars - Track 3 - Pool Level - Forum BR 1-11,25','\'Hacker Jeopardy\'','\' \'','75ef90fe6a6a24c97c1c8a790e646f9d','\'Title:<br>Hacker Jeopardy<br><br>Hacker Jeopardy is back for its 24th unbelievable year! Three teams of three battle each round to face last year\'s champion in the final. 100 points for every beer consumed makes the answers, well, less predictable as the game goes on. Antics, swag, and audience participation -- how can you go wrong? WARNING: 18+ only due to adult language and innuendo. We\'re offended if you\'re not offended.<br> <br> More Info: <a href=\"http://www.hackerjeopardy.org\">http://www.hackerjeopardy.org</a><br>\'',0,135121),('3_Saturday','21','20:00','21:59','Y','Contest','Caesars - Track 3 - Pool Level - Forum BR 1-11,25','\'Hacker Jeopardy\'','\' \'','75ef90fe6a6a24c97c1c8a790e646f9d','\'\'',0,135122),('2_Friday','20','20:00','23:59','N','Night Life','Caesars - Track 2 - Promenade South - Octavius BR 12-24','\'Movie Night\'','\' \'','d34aee11b01f32631214b3c19c4f10ea','\'Title:<br>Movie Night<br><br> \'',0,135123),('2_Friday','21','20:00','23:59','Y','Night Life','Caesars - Track 2 - Promenade South - Octavius BR 12-24','\'Movie Night\'','\' \'','d34aee11b01f32631214b3c19c4f10ea','\'\'',0,135124),('2_Friday','22','20:00','23:59','Y','Night Life','Caesars - Track 2 - Promenade South - Octavius BR 12-24','\'Movie Night\'','\' \'','d34aee11b01f32631214b3c19c4f10ea','\'\'',0,135125),('2_Friday','23','20:00','23:59','Y','Night Life','Caesars - Track 2 - Promenade South - Octavius BR 12-24','\'Movie Night\'','\' \'','d34aee11b01f32631214b3c19c4f10ea','\'\'',0,135126),('3_Saturday','20','20:00','23:59','N','Night Life','Caesars - Track 2 - Promenade South - Octavius BR 12-24','\'Movie Night\'','\' \'','00e89b87d2a7f1cc918bb85dee24dd01','\'Title:<br>Movie Night<br><br> \'',0,135127),('3_Saturday','21','20:00','23:59','Y','Night Life','Caesars - Track 2 - Promenade South - Octavius BR 12-24','\'Movie Night\'','\' \'','00e89b87d2a7f1cc918bb85dee24dd01','\'\'',0,135128),('3_Saturday','22','20:00','23:59','Y','Night Life','Caesars - Track 2 - Promenade South - Octavius BR 12-24','\'Movie Night\'','\' \'','00e89b87d2a7f1cc918bb85dee24dd01','\'\'',0,135129),('3_Saturday','23','20:00','23:59','Y','Night Life','Caesars - Track 2 - Promenade South - Octavius BR 12-24','\'Movie Night\'','\' \'','00e89b87d2a7f1cc918bb85dee24dd01','\'\'',0,135130),('2_Friday','17','17:00','18:59','N','Meetup','Caesars - Circle Bar','\'DEFCON 909 Meet Up\'','\' \'','6a4fcf41972b13b4920eb29c111ff046','\'Title:<br>DEFCON 909 Meet Up<br><br>More Info: <a href=\"https://twitter.com/defcon909/status/1026524118164750336?s=03\">https://twitter.com/defcon909/status/1026524118164750336?s=03</a><br>\'',0,135131),('2_Friday','18','17:00','18:59','Y','Meetup','Caesars - Circle Bar','\'DEFCON 909 Meet Up\'','\' \'','6a4fcf41972b13b4920eb29c111ff046','\'\'',0,135132),('1_Thursday','17','17:00','18:59','N','Night Life','Flamingo - 3rd floor - Track 101 Sunset BR','\'n00b Party\'','\' \'','237b086f2a4b8d7c99ec2f03448dbc09','\'Title:<br>n00b Party<br><br>More Info: <a href=\"https://twitter.com/highwiz/status/1026633407848165377?s=03\">https://twitter.com/highwiz/status/1026633407848165377?s=03</a><br>\'',0,135133),('1_Thursday','18','17:00','18:59','Y','Night Life','Flamingo - 3rd floor - Track 101 Sunset BR','\'n00b Party\'','\' \'','237b086f2a4b8d7c99ec2f03448dbc09','\'\'',0,135134),('2_Friday','12','12:00','12:59','N','Service','Vendors Area - No Starch Press Table','\'Book Signing - Craig Smith - The Car Hacker\'s Handbook\'','\'Craig Smith\'','ff9621608f428bfa4a8cc3f5cb04447e','\'Title:<br>Book Signing - Craig Smith - The Car Hacker\'s Handbook<br><br>No description available\'',0,135135),('2_Friday','13','13:00','14:30','N','Service','Vendors Area - No Starch Press Table','\'Book Signing - Travis Goodspeed - PoC || GTFO\'','\'Travis Goodspeed\'','a2d666da41be3cdc921c8b019aa289d9','\'Title:<br>Book Signing - Travis Goodspeed - PoC || GTFO<br><br>Travis Goodspeed\'',0,135136),('2_Friday','14','13:00','14:30','Y','Service','Vendors Area - No Starch Press Table','\'Book Signing - Travis Goodspeed - PoC || GTFO\'','\'Travis Goodspeed\'','a2d666da41be3cdc921c8b019aa289d9','\'\'',0,135137),('2_Friday','14','14:30','15:59','N','Service','Vendors Area - No Starch Press Table','\'Book Signing - Tarah Wheeler, with Keren Elazari - Women in Tech\'','\'Tarah Wheeler, Keren Elazari\'','980588b7716625f128b96444f87fe917','\'Title:<br>Book Signing - Tarah Wheeler, with Keren Elazari - Women in Tech<br><br>No description available\'',0,135138),('2_Friday','15','14:30','15:59','Y','Service','Vendors Area - No Starch Press Table','\'Book Signing - Tarah Wheeler, with Keren Elazari - Women in Tech\'','\'Tarah Wheeler, Keren Elazari\'','980588b7716625f128b96444f87fe917','\'\'',0,135139),('2_Friday','14','14:30','15:59','N','Service','Vendors Area - No Starch Press Table','\'Book Signing - Violet Blue - The Smart Girls\'s Guide to Privacy\'','\'Violet Blue\'','6dfea1c83b1eec8c67ec651838c4b41b','\'Title:<br>Book Signing - Violet Blue - The Smart Girls\'s Guide to Privacy<br><br>No description available\'',0,135140),('2_Friday','15','14:30','15:59','Y','Service','Vendors Area - No Starch Press Table','\'Book Signing - Violet Blue - The Smart Girls\'s Guide to Privacy\'','\'Violet Blue\'','6dfea1c83b1eec8c67ec651838c4b41b','\'\'',0,135141),('2_Friday','14','14:30','15:59','N','Service','Vendors Area - No Starch Press Table','\'Book Signing - Georgia Weidman - Penetration Testing\'','\'Georgia Weidman\'','5b344bf00156773925e8943e3621bf51','\'Title:<br>Book Signing - Georgia Weidman - Penetration Testing<br><br>No description available\'',0,135142),('2_Friday','15','14:30','15:59','Y','Service','Vendors Area - No Starch Press Table','\'Book Signing - Georgia Weidman - Penetration Testing\'','\'Georgia Weidman\'','5b344bf00156773925e8943e3621bf51','\'\'',0,135143),('2_Friday','14','14:30','15:59','N','Service','Vendors Area - No Starch Press Table','\'Book Signing - Elissa Shevinsky - Lean Out\'','\'Elissa Shevinsky\'','7b3a14e05411211a3efcc2c9f1a51540','\'Title:<br>Book Signing - Elissa Shevinsky - Lean Out<br><br>No description available\'',0,135144),('2_Friday','15','14:30','15:59','Y','Service','Vendors Area - No Starch Press Table','\'Book Signing - Elissa Shevinsky - Lean Out\'','\'Elissa Shevinsky\'','7b3a14e05411211a3efcc2c9f1a51540','\'\'',0,135145),('3_Saturday','13','13:00','13:59','N','Service','Vendors Area - No Starch Press Table','\'Book Signing - Nick Cano - Game Hacking\'','\'Nick Cano\'','351f8f8d7d8ae24028e3be40df1cc70b','\'Title:<br>Book Signing - Nick Cano - Game Hacking<br><br>No description available\'',0,135146),('4_Sunday','10','10:30','10:59','N','Meetup','HHV - Caesars Pool Level - Forum 17-19','\'Breakfast at Defcon\'','\' \'','1a20c72e05949804cfe530180d49b4a8','\'Title:<br>Breakfast at Defcon<br><br>Sunday\'s cure for the <a href=\"https://twitter.com/defcon\">@defcon</a> hangover is our annual <a href=\"https://twitter.com/hashtag/BreakfastAtDefcon?src=hash\">#BreakfastAtDefcon</a>.  Join <a href=\"https://twitter.com/hackaday\">@Hackaday</a> and <a href=\"https://twitter.com/tindie\">@Tindie</a> in the Hardware Hacking Village on Sunday at 10:30!<br>More Info: <a href=\"https://hackaday.com/2018/08/08/sunday-breakfast-at-def-con-2/\">https://hackaday.com/2018/08/08/sunday-breakfast-at-def-con-2/</a><br>\'',0,135147),('2_Friday','11','11:00','11:59','N','VMHV','Caesars Pool Level - Forum 14-16','\'Lessons Learned: DEFCON Voting Village 2017\'','\'Jake Braun, Hari Hursti, Matt Blaze\'','fd77a70c2bb6f4d5ff1033bc688d31d7','\'Title:<br>Lessons Learned: DEFCON Voting Village 2017<br><br>No description available\'',0,135148),('2_Friday','12','12:00','12:59','N','VMHV','Caesars Pool Level - Forum 14-16','\'Lunch Keynote: State and Local Perspectives on Election Security\'','\'Jake Braun(moderator), Neal Kelley, Jeanette Manfra, Amber McReynolds, Alex Padilla, Noah Praetz\'','09666a6e148b2a60acd1fe17a3f898dc','\'Title:<br>Lunch Keynote: State and Local Perspectives on Election Security<br><br>No description available\'',0,135149),('2_Friday','13','13:00','13:59','N','VMHV','Caesars Pool Level - Forum 14-16','\'Assessments of Election Infrastructure and Our Understanding and sometimes whY\'','\'Robert Karas, Jason Hill\'','87a549adea5e61ca38dc37055fda9b99','\'Title:<br>Assessments of Election Infrastructure and Our Understanding and sometimes whY<br><br>No description available\'',0,135150),('2_Friday','14','14:00','14:30','N','VMHV','Caesars Pool Level - Forum 14-16','\'Current Policy Responses to Election Security Concerns\'','\'J. Alex Halderman\'','9dd12c5d5de2aab92e75bf7cb531cc13','\'Title:<br>Current Policy Responses to Election Security Concerns<br><br>No description available\'',0,135151),('2_Friday','14','14:30','14:59','N','VMHV','Caesars Pool Level - Forum 14-16','\'A Comprehensive Forensic Analysis of WINVote Voting Machines\'','\'Carsten Schurmann\'','6d8f0b96e6af613f73226b91854a09da','\'Title:<br>A Comprehensive Forensic Analysis of WINVote Voting Machines<br><br>No description available\'',0,135152),('2_Friday','15','15:00','15:15','N','VMHV','Caesars Pool Level - Forum 14-16','\'Lightning Talks - A Crash Course on Election Security\'','\'Matthew Bernhard\'','2a1ac273538e3cfc29dfe621a52e4ed8','\'Title:<br>Lightning Talks - A Crash Course on Election Security<br><br>No description available\'',0,135153),('2_Friday','15','15:15','15:30','N','VMHV','Caesars Pool Level - Forum 14-16','\'Lightning Talks - Mechanics & Pitfalls of Auditing with Scanners\'','\'Margaret MacAlpine\'','78cbaf2d353164b70988453cc5357650','\'Title:<br>Lightning Talks - Mechanics & Pitfalls of Auditing with Scanners<br><br>No description available\'',0,135154),('2_Friday','15','15:30','15:45','N','VMHV','Caesars Pool Level - Forum 14-16','\'Lightning Talks - The Return of Software Vulnerabilities in the Brazilian Voting Machine\'','\'Diego Aranha\'','d8b43660c28a57a2fe2f1f6df6a64459','\'Title:<br>Lightning Talks - The Return of Software Vulnerabilities in the Brazilian Voting Machine<br><br>No description available\'',0,135155),('2_Friday','16','16:00','16:30','N','VMHV','Caesars Pool Level - Forum 14-16','\'Trustworthy Elections\'','\'Joseph Kiniry\'','7bfcf824c16ffa31b17e612448e8cb7a','\'Title:<br>Trustworthy Elections<br><br>No description available\'',0,135156),('2_Friday','16','16:30','16:59','N','VMHV','Caesars Pool Level - Forum 14-16','\'Keynote Address: Alejandro Mayorkas\'','\'Alejandro Mayorkas\'','005d4ef0c61067a57daeb8c5b0a723ee','\'Title:<br>Keynote Address: Alejandro Mayorkas<br><br>No description available\'',0,135157),('2_Friday','17','17:00','17:59','N','VMHV','Caesars Pool Level - Forum 14-16','\'Keynote Address: TBA\'','\' \'','8f0998d3d1c9f9b872ec28b5bb95301a','\'Title:<br>Keynote Address: TBA<br><br>No description available\'',0,135158),('2_Friday','10','10:30','10:59','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'How to Microdose Yourself\'','\'a nurse\'','bc761f47ca18d66b8bcfc992abd69a72','\'Title:<br>How to Microdose Yourself<br><br>primer on microdosing yourself for fun and performance, from a nurse (though not medical advice)\'',0,135159),('2_Friday','11','11:00','11:45','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'Weed Hacking: A Pragmatic Primer For Home Grows\'','\'Cristina Munoz\'','3ee7ce6f0c5f0cd192942f44c41b04f1','\'Title:<br>Weed Hacking: A Pragmatic Primer For Home Grows<br><br>A general intro to Cannabis, with an eye towards setting up closet grows\'',0,135160),('2_Friday','13','13:00','13:45','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'Cruising the Cannabis Highway: Major Breaches in Cannabis Software\'','\'Rex\'','0ccfc4524553afebb84edf3d044b9e32','\'Title:<br>Cruising the Cannabis Highway: Major Breaches in Cannabis Software<br><br>The context & implications of several breaches in 2017\'',0,135161),('2_Friday','14','14:00','14:45','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'The Real History of Marijuana Prohibition\'','\'Annie Rouse\'','75ec18048bfec4ba1c32e91371d05c4d','\'Title:<br>The Real History of Marijuana Prohibition<br><br>podcaster\'',0,135162),('2_Friday','15','15:00','15:45','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'About the Open Cannabis Project\'','\'Beth Schechter\'','a70f3aa7ede644e7fca8456e26f20d6e','\'Title:<br>About the Open Cannabis Project<br><br>Open sourcing the full sequence of genomes of many strains\'',0,135163),('2_Friday','16','16:00','16:30','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'Diagnosing Sick Plants with Computer Vision\'','\'Harry Moreno\'','6a49e75143c96f77a734683c3f02577c','\'Title:<br>Diagnosing Sick Plants with Computer Vision<br><br>Machine Learning + webcam = auto-diagnosing of Cannabis\'',0,135164),('2_Friday','17','17:00','17:30','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'THC Producing, Genetically Modified Yeast\'','\'Kevin Chen\'','4b340050a8b67274bec6cfb58e3fec7d','\'Title:<br>THC Producing, Genetically Modified Yeast<br><br>No description available\'',0,135165),('2_Friday','17','17:30','18:15','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'An Overview of Hydroponic Grow Techniques\'','\'Adrian, Alex\'','240d03bee956c5369ad32c0843e3a3ec','\'Title:<br>An Overview of Hydroponic Grow Techniques<br><br>No description available\'',0,135166),('2_Friday','18','17:30','18:15','Y','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'An Overview of Hydroponic Grow Techniques\'','\'Adrian, Alex\'','240d03bee956c5369ad32c0843e3a3ec','\'\'',0,135167),('2_Friday','18','18:15','18:59','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'Vulnerabilities in Cannabis Software\'','\'Project Nexus\'','fdd540e746e1e1bb90dd29ae38f2a96c','\'Title:<br>Vulnerabilities in Cannabis Software<br><br>No description available\'',0,135168),('3_Saturday','11','11:00','11:45','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'The Cantankerous Cannabis Cryptocurrency Kerfuffle\'','\'Octet In Triplicate\'','9d43fc5d5c6b717b0266eeb32cc1b124','\'Title:<br>The Cantankerous Cannabis Cryptocurrency Kerfuffle<br><br>Cryptocurrency, Big Data & their efficacies re: security, economics, and operations\'',0,135169),('3_Saturday','13','13:00','13:59','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'How Compliance Affects the Surface Area of Cannabis POS\'','\'WeedAnon\'','104d64442fc4af0f2381b51cd862e95c','\'Title:<br>How Compliance Affects the Surface Area of Cannabis POS<br><br>No description available\'',0,135170),('3_Saturday','14','14:00','14:59','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'Hacking Phenotypic Pathways In Cannabis\'','\'Mark Lewi\'','7f3e36405c1cc512603c19291a682c8e','\'Title:<br>Hacking Phenotypic Pathways In Cannabis<br><br>Notes from a Cannabis breeder\'',0,135171),('3_Saturday','15','15:00','15:59','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'The Invisible Hands Tending the Secret Greens\'','\'Keith Conway (@algirhythm), Frank (@cosmovaltran\'','a364debd71cec08d5ea0412ab4084edd','\'Title:<br>The Invisible Hands Tending the Secret Greens<br><br>The macroeconomics of Big Cannabis\'',0,135172),('3_Saturday','16','16:00','16:59','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'The Ongoing Federal Lawsuit Against Jeff Sessions\'','\'Michael Hiller\'','390dc13a2c671921509fc1a4716c798a','\'Title:<br>The Ongoing Federal Lawsuit Against Jeff Sessions<br><br>No description available\'',0,135173),('3_Saturday','17','17:00','17:59','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'Primer On Dealing w/ Local Gov. for Legal Cannabis\'','\'Mayor Chad Wanke\'','641acf3fa11b190838e6c036800dfe8c','\'Title:<br>Primer On Dealing w/ Local Gov. for Legal Cannabis<br><br>No description available\'',0,135174),('3_Saturday','18','18:00','19:15','N','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'Panel on digital & Physical Security in Cannabis\'','\'OCP (by proxy), Michael Hiller, Project Nexus, Weed Anon, Mark Lewis, Chad Wanke\'','23ca1c30676ff1f25497733c395ffed7','\'Title:<br>Panel on digital & Physical Security in Cannabis<br><br>What\'s the current state of Infosec in Cannabis and what\'s it lacking? If there is such a deficit, how can it best be resolved?\'',0,135175),('3_Saturday','19','18:00','19:15','Y','PPV','Flamingo Lower Level - Valley Of Fire Rms','\'Panel on digital & Physical Security in Cannabis\'','\'OCP (by proxy), Michael Hiller, Project Nexus, Weed Anon, Mark Lewis, Chad Wanke\'','23ca1c30676ff1f25497733c395ffed7','\'\'',0,135176);
/*!40000 ALTER TABLE `events` ENABLE KEYS */;
UNLOCK TABLES;

--
-- Table structure for table `speakers`
--

DROP TABLE IF EXISTS `speakers`;
/*!40101 SET @saved_cs_client     = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `speakers` (
  `speaker_sort` varchar(128) COLLATE utf8_unicode_ci NOT NULL,
  `speaker` varchar(128) COLLATE utf8_unicode_ci NOT NULL,
  `hash` varchar(75) COLLATE utf8_unicode_ci NOT NULL,
  `autoincre` int(11) NOT NULL AUTO_INCREMENT,
  PRIMARY KEY (`autoincre`),
  KEY `speaker_sort` (`speaker_sort`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=111362 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
/*!40101 SET character_set_client = @saved_cs_client */;

--
-- Dumping data for table `speakers`
--

LOCK TABLES `speakers` WRITE;
/*!40000 ALTER TABLE `speakers` DISABLE KEYS */;
INSERT INTO `speakers` VALUES ('\'Hannah Silvers\'','\'Hannah Silvers\'','sev__HS',110641),('\'Ryan MacDougall\'','\'Ryan MacDougall\'','sev__RM',110642),('\'Neil Fallon\'','\'Neil Fallon\'','sev__NF',110643),('\'Billy Boatright\'','\'Billy Boatright\'','sev__BB',110644),('\'Wayne Ronaldson\'','\'Wayne Ronaldson\'','sev__WR',110645),('\'Nancy Eckert\'','\'Nancy Eckert\'','sev__NE',110646),('\'Kathleen Mullen\'','\'Kathleen Mullen\'','sev__KM',110647),('\'Chris Roberts\'','\'Chris Roberts\'','sev__CR',110648),('\'Chris Hadnagy\'','\'Chris Hadnagy\'','sev__CH',110649),('\'Chris Silvers\'','\'Chris Silvers\'','sev__CS',110650),('\'Taylor Banks\'','\'Taylor Banks\'','sev__CS',110651),('\'Aunsuhl Rege\'','\'Aunsuhl Rege\'','sev__AR',110652),('\'@rainbow_tables\'','\'@rainbow_tables\'','3e61f73611dda5e0c2f17084b93b7111',110653),('\'Xavier Ashe\'','\'Xavier Ashe\'','ff1b0a0232cf373f3f65678fe3a08efd',110654),('\'Russell Mosley\'','\'Russell Mosley\'','ff482e9eee8f8805195d026d4bbfd9e7',110655),('\'@IrishMASMS\'','\'@IrishMASMS\'','292fc5241987596188269a0c441710cd',110656),('\'@jtpereyda\'','\'@jtpereyda\'','cb8edb891b045a3d26d962c696118e73',110657),('\'@Plug\'','\'@Plug\'','5c003f7ec52622d961cb1047d6f6fbf3',110658),('\'mwguy\'','\'mwguy\'','5c003f7ec52622d961cb1047d6f6fbf3',110659),('\'Judy Towers\'','\'Judy Towers\'','b39b9e038926d9735b66e6c7b6002a31',110660),('\'Andy Applebaum\'','\'Andy Applebaum\'','9fb2e4bcd56bacee0ff9805520855ca4',110661),('\'Rik van Duijn\'','\'Rik van Duijn\'','57447136b431b011e1b27d3ac2e9e090',110662),('\'Leandro Velasco\'','\'Leandro Velasco\'','57447136b431b011e1b27d3ac2e9e090',110663),('\'Jessica “Zhanna” Malekos Smith\'','\'Jessica “Zhanna” Malekos Smith\'','1a82185d8da9f5aa375ae7fc6100e326',110664),('\'Lior Kolnik\'','\'Lior Kolnik\'','4a9def49a674691400ff20661f89b684',110665),('\'Mauro Cáseres\'','\'Mauro Cáseres\'','9476171c94ff1c37c2bb98be3da8ddcb',110666),('\'To be announced\'','\'To be announced\'','ccfaec139e7e06103224dc207ea37381',110667),('\'Howard (hyc) Chu\'','\'Howard (hyc) Chu\'','1c754c5fba70fc0a40adc6ee3f961a67',110668),('\'MSvB\'','\'MSvB\'','26dd2412a10700897eea07ea4e13cfbd',110669),('\'midipoet\'','\'midipoet\'','26dd2412a10700897eea07ea4e13cfbd',110670),('\'Parasew\'','\'Parasew\'','807276089368872580469c5567f8a940',110671),('\'Marko Bencun\'','\'Marko Bencun\'','81ef3fad375b5ea610ff035859ae751e',110672),('\'Michael Schloh\'','\'Michael Schloh\'','15e582fcbdc75ae734c086989a5f1ec8',110673),('\'Stephanie Stroka\'','\'Stephanie Stroka\'','30d131f982fc7075a3ab5b29e305eec2',110674),('\'Marko Bencun\'','\'Marko Bencun\'','30d131f982fc7075a3ab5b29e305eec2',110675),('\'Francisco \"ArticMine\" Cabañas\'','\'Francisco \"ArticMine\" Cabañas\'','6f4d300bdba548b7ae6dc7d024a55740',110676),('\'Devin \"Bearded Warrior\" Pearson\'','\'Devin \"Bearded Warrior\" Pearson\'','27d1e80b722a03a816d2ce156dcad26d',110677),('\'Felix \"Crypto_Cat\" Honigwachs\'','\'Felix \"Crypto_Cat\" Honigwachs\'','27d1e80b722a03a816d2ce156dcad26d',110678),('\'Philip Martin\'','\'Philip Martin\'','7fdce8d40efb389a9fc624e7add37beb',110679),('\'midipoet\'','\'midipoet\'','5f0c6a395063b86b62b03944d5491aec',110680),('\'MSvB\'','\'MSvB\'','5f0c6a395063b86b62b03944d5491aec',110681),('\'Fluffy Pony\'','\'Fluffy Pony\'','61925f9aaec44273f843143f1469e591',110682),('\'Michael Schloh\'','\'Michael Schloh\'','03df8e0ab67d22208ccc0eb0b927ad78',110683),('\'Justin Ehrenhofer\'','\'Justin Ehrenhofer\'','6faa87c59a9420fed05b34ddbb3cafea',110684),('\'Zhiniang Peng\'','\'Zhiniang Peng\'','85c908d9ffc75020eb32faf6e53165bc',110685),('\'Anonimal\'','\'Anonimal\'','1673afa2b4764e9d5f2e5e05d34d0245',110686),('\'Shamiq\'','\'Shamiq\'','9af814164421b182fa2a281ed5bac461',110687),('\'Paul Shapiro\'','\'Paul Shapiro\'','9af814164421b182fa2a281ed5bac461',110688),('\'A.\'','\'A.\'','9af814164421b182fa2a281ed5bac461',110689),('\'Fluffy Pony\'','\'Fluffy Pony\'','9af814164421b182fa2a281ed5bac461',110690),('\'Cinnamonflower\'','\'Cinnamonflower\'','4c8f1b6b36bbc36c70cb6c231030dafd',110691),('\'pwrcycle\'','\'pwrcycle\'','4c8f1b6b36bbc36c70cb6c231030dafd',110692),('\'Sarang Noether\'','\'Sarang Noether\'','6aea3b6dc7c11e864f496e40a23d7106',110693),('\'Michael Schloh\'','\'Michael Schloh\'','3840e9116faa22b37ebd293dff3f8e11',110694),('\'Justin Ehrenhofer\'','\'Justin Ehrenhofer\'','1107fddc4b8d1dc9671560233d4a4998',110695),('\'Robin \"midipoet\" Renwick\'','\'Robin \"midipoet\" Renwick\'','1b51d048dcb52e81e87ca5c8e06c88c2',110696),('\'Rod Soto\'','\'Rod Soto\'','152b01a793a2659279bc22232782ddb2',110697),('\'Jason Malley\'','\'Jason Malley\'','152b01a793a2659279bc22232782ddb2',110698),('\'Anonimal\'','\'Anonimal\'','99a6ea3b5b67e2674cf69fdf0274b689',110699),('\'Diego \"rehrar\" Salazar\'','\'Diego \"rehrar\" Salazar\'','7e0e4a68dbb618fa841ec62980677f2c',110700),('\'Speaker TBA\'','\'Speaker TBA\'','59c8e7fa6829346177dabeba4e5f316d',110701),('\'Speaker TBA\'','\'Speaker TBA\'','c375c28e578efffa636261511b39a2f1',110702),('\'Speaker TBA\'','\'Speaker TBA\'','7e313ea480a8bd2f6df46ff333b7b251',110703),('\'Speaker TBA\'','\'Speaker TBA\'','c8839a7daa5079bba77aa9fce1cbdb8b',110704),('\'Speaker TBA\'','\'Speaker TBA\'','009c3f91649eca4bef151560b7395bcd',110705),('\'Speaker TBA\'','\'Speaker TBA\'','8ad33bcdf1625de70cd81879148d0067',110706),('\'Speaker TBA\'','\'Speaker TBA\'','1f4a5a085a8ab0e7f89ff34d2e263340',110707),('\'Speaker TBA\'','\'Speaker TBA\'','cf2a26b7f1ac14c397b49c60c0b1aeec',110708),('\'Speaker TBA\'','\'Speaker TBA\'','8766386367223b29a5d163739a5cec84',110709),('\'David Scott Lewis\'','\'David Scott Lewis\'','df7d07b21bb99a6f91a532fed6fd2617',110710),('\'Speaker TBA\'','\'Speaker TBA\'','68933d887b74ee8eeda163043baf8619',110711),('\'Speaker TBA\'','\'Speaker TBA\'','66bb9d4e8070b0bdc6bc476b3eb911b2',110712),('\'AI Village Organizers \'','\'AI Village Organizers \'','e3dae87ef54e888e5a244e9796a918be',110713),('\'Sven Cattell \'','\'Sven Cattell \'','44790c035c69c30920507fe84384ac07',110714),('\'Mark Mager \'','\'Mark Mager \'','187bf16fb015596d00798d3e8356ed8b',110715),('\'Rob Brandon \'','\'Rob Brandon \'','a444c3fd1ec110c65e534d597e75d8d9',110716),('\'Mansour Ahmadi \'','\'Mansour Ahmadi \'','051b6e5ea69725443e39df2e5639cd0e',110717),('\'Andrew Morris \'','\'Andrew Morris \'','5715db47367ddb53052c8b984ec57923',110718),('\'Matt \'','\'Matt \'','fef3a597387a900d4eff9a133877a2a2',110719),('\'@drhyrum\'','\'@drhyrum\'','a794f329fa887b0476006d021fa52719',110720),('\'@gradient_janitor\'','\'@gradient_janitor\'','a794f329fa887b0476006d021fa52719',110721),('\'@malwareunicorn\'','\'@malwareunicorn\'','a794f329fa887b0476006d021fa52719',110722),('\'@rharang\'','\'@rharang\'','a794f329fa887b0476006d021fa52719',110723),('\'@bwall (Moderator) \'','\'@bwall (Moderator) \'','a794f329fa887b0476006d021fa52719',110724),('\'Fedor Sakharov \'','\'Fedor Sakharov \'','31ab3f5ddfa34aa94743ef7dac659416',110725),('\'Sebastian Garcia \'','\'Sebastian Garcia \'','2f77e2db4164e202bdad6ad151e68e59',110726),('\'dj beep code \'','\'dj beep code \'','9b085c3675681f1875f5b691a2371c39',110727),('\'Evan Yang \'','\'Evan Yang \'','c4907b1456af176884af348102037af3',110728),('\'Isao Takaesu \'','\'Isao Takaesu \'','10ea4a8ea5b524dfcb0ac557dff85e04',110729),('\'Leo Meyerovich & Eugene Teo \'','\'Leo Meyerovich & Eugene Teo \'','a55cc4d31ac7dc92bb5188fed4af5497',110730),('\'infosecanon \'','\'infosecanon \'','f96e94d885d9b71a6aaa96cc3f2ec7cd',110731),('\'Chris Gardner \'','\'Chris Gardner \'','77a36ed3e73b6972ac6ff711856f4b62',110732),('\'Aylin Caliskan \'','\'Aylin Caliskan \'','130bd12cc44e488dab9b495f06bac0d5',110733),('\'Ivan Torroledo \'','\'Ivan Torroledo \'','41cc49b4c4bee106deabba171bc75e17',110734),('\'Ariel Herbert-Voss \'','\'Ariel Herbert-Voss \'','f74e222fe284663a8c998440fb2fd226',110735),('\'Andy Applebaum \'','\'Andy Applebaum \'','6d3e4fae677053ec33f140d7d1493b9e',110736),('\'Kang Li \'','\'Kang Li \'','b28d85812c17322d146d6b9831236c18',110737),('\'@bodaceacat\'','\'@bodaceacat\'','974439978aa963dc84bf76a5c9d43181',110738),('\'@filar\'','\'@filar\'','974439978aa963dc84bf76a5c9d43181',110739),('\'@Straithe\'','\'@Straithe\'','974439978aa963dc84bf76a5c9d43181',110740),('\'@_delta_zero \'','\'@_delta_zero \'','974439978aa963dc84bf76a5c9d43181',110741),('\'Ram Shankar Siva Kumar \'','\'Ram Shankar Siva Kumar \'','7198bfe78420d2006179c480b97db997',110742),('\'Raphael Norwitz \'','\'Raphael Norwitz \'','b0df7495c9623501553a9b52dc23d403',110743),('\'TonTon Huang \'','\'TonTon Huang \'','4e3d920d0ce10749604839f4c1b9d63e',110744),('\'Pranshu Bajpai \'','\'Pranshu Bajpai \'','a6f76a4449a4535ab0e5311e58ae4004',110745),('\'Leo Meyerovich & Eugene Teo \'','\'Leo Meyerovich & Eugene Teo \'','a43da49cc88904742516b976bb18fd20',110746),('\'Brian Genz \'','\'Brian Genz \'','2e1297d29d7997d432ecd317802fd064',110747),('\'Alex Long \'','\'Alex Long \'','bc973a0e52c3576e1e83ceb883ebbb9b',110748),('\'Li Chen \'','\'Li Chen \'','50603f0034900ccf4232330e4abc8ed2',110749),('\'Staff\'','\'Staff\'','f306aa6f7aa12fd3e1fd7710cf228c5c',110750),('\'Jen Ellis\'','\'Jen Ellis\'','85262197b05c0fa68679956930492593',110751),('\'Christian \"quaddi\" Dameff MD\'','\'Christian \"quaddi\" Dameff MD\'','0c0938a20689022e53003c33bc700389',110752),('\'Mr. Br!ml3y\'','\'Mr. Br!ml3y\'','cadd4c23f43d5673291936df67c8382d',110753),('\'Prof Andrea M. Matwyshyn, Professor of Law, NUSL\'','\'Prof Andrea M. Matwyshyn, Professor of Law, NUSL\'','9a6f4a4d09ca2beb92ea25d15727f639',110754),('\'Nick - GraphX\'','\'Nick - GraphX\'','a82c535166cd8d214d2254742cccce08',110755),('\'Jeffrey Ladish\'','\'Jeffrey Ladish\'','bed4d94945b453a93b2bc6e4f4488034',110756),('\'Debra Laefer\'','\'Debra Laefer\'','a3d565079af9fdd15f51869b4a18988f',110757),('\'Andy Coravos\'','\'Andy Coravos\'','e7640f1838bcedc5d2f74ee457cc89c0',110758),('\'Robert Portvliet\'','\'Robert Portvliet\'','0d0932bbc53b5d6ca403e0426de7639d',110759),('\'Staff\'','\'Staff\'','60c907befba13edf8db8cadeb9006a49',110760),('\'BiaSciLab \'','\'BiaSciLab \'','7bf01b86fd766b0211ac95e8574718e4',110761),('\'Gerry Scott\'','\'Gerry Scott\'','87dfb6e7bc062cbedb53b53ff79cd7d7',110762),('\'Almost Human\'','\'Almost Human\'','dd921e5fdac15fc12d9007e9032dcfc7',110763),('\'siDragon\'','\'siDragon\'','0e002cf3153df3fe068d6d3936b60bcd',110764),('\'John Dunlap\'','\'John Dunlap\'','aefab6262bf2fa799045c1ea798fee57',110765),('\'Joel Murphy\'','\'Joel Murphy\'','7bd6a7dcd011dc5e2a430ee736de3bd3',110766),('\'Mixæl Laufer\'','\'Mixæl Laufer\'','105155ca6f21183bbc0744cdc581a628',110767),('\'Erin Hefley\'','\'Erin Hefley\'','940fcfe1996864066dc26f5dd14e4162',110768),('\'Gabriel Bergel\'','\'Gabriel Bergel\'','1624f125b7d1d529ccfab99593a259e6',110769),('\'Katherine Pratt\'','\'Katherine Pratt\'','85bfcf559a58d0e53b637c8c76666e61',110770),('\'Nick Delewski\'','\'Nick Delewski\'','38900f882698eafe5637045c13aea8c8',110771),('\'Saurabh Harit\'','\'Saurabh Harit\'','38900f882698eafe5637045c13aea8c8',110772),('\'Maybe you?\'','\'Maybe you?\'','923def8db72024bfc26f52ab11e70a44',110773),('\'Saurabh Harit\'','\'Saurabh Harit\'','923def8db72024bfc26f52ab11e70a44',110774),('\'Staff\'','\'Staff\'','c06e4f1a62199737f80e819f948334e1',110775),('\'Saurabh Harit\'','\'Saurabh Harit\'','c06e4f1a62199737f80e819f948334e1',110776),('\'Guy Propper\'','\'Guy Propper\'','39ff48f70efaecb52f9c3440071e8fb2',110777),('\'Saurabh Harit\'','\'Saurabh Harit\'','39ff48f70efaecb52f9c3440071e8fb2',110778),('\'Vlad Gostomelsky\'','\'Vlad Gostomelsky\'','011abca4f8552f43cbeea53bbbf208db',110779),('\'Dr. Stan Naydin \'','\'Dr. Stan Naydin \'','011abca4f8552f43cbeea53bbbf208db',110780),('\'Anne Kim \'','\'Anne Kim \'','cb55a21a564c7baca4e6118126eb12e3',110781),('\'Dr. Stan Naydin \'','\'Dr. Stan Naydin \'','cb55a21a564c7baca4e6118126eb12e3',110782),('\'Cyberlass\'','\'Cyberlass\'','851a221e91b145d5ed9add8cda15a5e8',110783),('\'Dr. Stan Naydin \'','\'Dr. Stan Naydin \'','851a221e91b145d5ed9add8cda15a5e8',110784),('\'Veronica Schmit\'','\'Veronica Schmit\'','3ad5c186295297cee010fe818298a411',110785),('\'Dr. Stan Naydin \'','\'Dr. Stan Naydin \'','3ad5c186295297cee010fe818298a411',110786),('\'Joe FitzPatriclk\'','\'Joe FitzPatriclk\'','applied-physical-attacks-on-embedded-systems-introductory-version',110787),('\'@arinerron\'','\'@arinerron\'','applied-physical-attacks-on-embedded-systems-introductory-version',110788),('\'@pixieofchaos\'','\'@pixieofchaos\'','applied-physical-attacks-on-embedded-systems-introductory-version',110789),('\'Chris Gammell\'','\'Chris Gammell\'','getting-to-blinky-badgelife-begins-with-a-single-blink',110790),('\'Mike Davis\'','\'Mike Davis\'','hacking-your-hackrf',110791),('\'Brian Milliron\'','\'Brian Milliron\'','disabling-intel-me-in-firmware',110792),('\'Salvador Mendoza\'','\'Salvador Mendoza\'','nfc-payments-the-art-of-relay--replay-attacks',110793),('\'Bryan Austin\'','\'Bryan Austin\'','breaking-in-building-a-home-lab-without-having-to-rob-a-bank',110794),('\'Commodore Z\'','\'Commodore Z\'','the-cactus-6502-blinkenlights-40-years-late',110795),('\'John Aho\'','\'John Aho\'','wifi-beacons-will-give-you-up',110796),('\'David Melendez Cano\'','\'David Melendez Cano\'','building-drones-the-hard-way',110797),('\'Shubham Mittal\'','\'Shubham Mittal\'','7c978ccb7ea932fd9b8acc700fdc1f58',110798),('\'Sudhanshu Chahuhan\'','\'Sudhanshu Chahuhan\'','7c978ccb7ea932fd9b8acc700fdc1f58',110799),('\'Andrew Macpherson\'','\'Andrew Macpherson\'','782b79701b666656199c45cd14089fa9',110800),('\'Jason Haddix\'','\'Jason Haddix\'','84719331df91733c1600d6e7b854b457',110801),('\'William Suthers\'','\'William Suthers\'','75a14e1e206e73050a7eb0e896fd8108',110802),('\'Marc DaCosta\'','\'Marc DaCosta\'','4ad2eda8a8320b06c95d968724e522fa',110803),('\'Ethan Gregory Dodge\'','\'Ethan Gregory Dodge\'','a8955809ac24fec08a9f079612dc4290',110804),('\'Dino Covotsos\'','\'Dino Covotsos\'','fb0094f5a03c2c207e38fd8961cd0ea0',110805),('\'Micah Hoffman\'','\'Micah Hoffman\'','71b873f38ec30f09b9ba20319b8c35d1',110806),('\'Rod Soto\'','\'Rod Soto\'','bc859dffe717b77f533549bc65553d77',110807),('\'Joseph Zadeh\'','\'Joseph Zadeh\'','bc859dffe717b77f533549bc65553d77',110808),('\'Mauro Caseres\'','\'Mauro Caseres\'','7a55935598304e2001acd0f406f2658b',110809),('\'Bharath Kumar\'','\'Bharath Kumar\'','a8a9df43766ed98786d8c5f7b2dafdbb',110810),('\'Madhu\'','\'Madhu\'','a8a9df43766ed98786d8c5f7b2dafdbb',110811),('\'Anshuman Bhartiya\'','\'Anshuman Bhartiya\'','de6e7cf7b8929b9de29e42221ec79d8a',110812),('\'Glen Grant\'','\'Glen Grant\'','de6e7cf7b8929b9de29e42221ec79d8a',110813),('\'Mbis0n Shadoru\'','\'Mbis0n Shadoru\'','abec67d05b3684f5d5b597e6413696f1',110814),('\'illwill\'','\'illwill\'','ab11f046b2cb1ee2670b6168615c3539',110815),('\'Lloyd Miller\'','\'Lloyd Miller\'','a229b65356257173d411b4b4a133f81d',110816),('\'Jennifer Roderick\'','\'Jennifer Roderick\'','c1d14177821c8bce0225d3bdc31ea8f5',110817),('\'Micah Hoffman\'','\'Micah Hoffman\'','7e6eabc54c8f7a7d9954205cff8ad720',110818),('\'Olivia Thet\'','\'Olivia Thet\'','52b57e8152226c3ae4f4c93f1472523e',110819),('\'Nicolas Kseib\'','\'Nicolas Kseib\'','52b57e8152226c3ae4f4c93f1472523e',110820),('\'Raye Keslensky\'','\'Raye Keslensky\'','7e4416320eba4e095db507606e9fdbcf',110821),('\'Caleb Madrigal\'','\'Caleb Madrigal\'','18e28d4edcf76ef1c8cb98cf42fd2695',110822),('\'Mark Klink\'','\'Mark Klink\'','59daee53417c1c3c9e6978c705f11c39',110823),('\'Michael Gianarakis\'','\'Michael Gianarakis\'','c60de331f05f61ff3562c90ddd186969',110824),('\'Shubham Shah\'','\'Shubham Shah\'','c60de331f05f61ff3562c90ddd186969',110825),('\'HackaThon Product(s) Shocase by Participants\'','\'HackaThon Product(s) Shocase by Participants\'','65225d031c703d5ead99aadab5b6ed42',110826),('\'Wbbigdave\'','\'Wbbigdave\'','cdd94ab844d52a9069efd621c52d8e13',110827),('\'MasterChen\'','\'MasterChen\'','0614decae62662a54fe444ebdc3c129d',110828),('\'Jacob Wilkin\'','\'Jacob Wilkin\'','e19f8dbbd35969ee587a96b13a289bea',110829),('\'Recon Village Team\'','\'Recon Village Team\'','1241579938d80293928f49e021e40921',110830),('\'Shubham Mittal\'','\'Shubham Mittal\'','f125115d772c69e0fd517a3c5a9a2691',110831),('\'Sudhanshu Chauhan\'','\'Sudhanshu Chauhan\'','f125115d772c69e0fd517a3c5a9a2691',110832),('\'Rogan Dawes\'','\'Rogan Dawes\'','wos__rdawes',110833),('\'Esteban Rodriguez\'','\'Esteban Rodriguez\'','wos__erodriguez',110834),('\'Gita Ziabari\'','\'Gita Ziabari\'','wos__gziabari',110835),('\'Kat Sweet\'','\'Kat Sweet\'','wos__ksweet',110836),('\'Alex Stanev\'','\'Alex Stanev\'','wos__astanev',110837),('\'gh057\'','\'gh057\'','wos__gh057',110838),('\'Silas Cutler\'','\'Silas Cutler\'','wos__scutler',110839),('\'TryCatchHCF\'','\'TryCatchHCF\'','wos__trycatch',110840),('\'Lokesh Pidawekar\'','\'Lokesh Pidawekar\'','wos__lpidawekar',110841),('\'Joseph Muniz\'','\'Joseph Muniz\'','wos__munizlakhani',110842),('\'Aamir Lakhani\'','\'Aamir Lakhani\'','wos__munizlakhani',110843),('\'Ed Miles\'','\'Ed Miles\'','wos__emiles',110844),('\'Garett Montgomery\'','\'Garett Montgomery\'','wos__gmontgomery',110845),('\'Hadar Yudovich\'','\'Hadar Yudovich\'','wos__hyudovich',110846),('\'Tom Kahana\'','\'Tom Kahana\'','wos__hyudovich',110847),('\'Tom Sela\'','\'Tom Sela\'','wos__hyudovich',110848),('\'Damon \"ch3f\" Small\'','\'Damon \"ch3f\" Small\'','wos__dsmall',110849),('\'Sam Erb\'','\'Sam Erb\'','wos__serb',110850),('\'Pedro Fortuna\'','\'Pedro Fortuna\'','wos__pfortuna',110851),('\'Andrew Johnson\'','\'Andrew Johnson\'','wos__ajohnson',110852),('\'Utku Sen\'','\'Utku Sen\'','wos__sensinturk',110853),('\'Gozde Sinturk\'','\'Gozde Sinturk\'','wos__sensinturk',110854),('\'Elliott Brink\'','\'Elliott Brink\'','wos__ebrink',110855),('\'Huajiang \"Kevin2600\" Chen\'','\'Huajiang \"Kevin2600\" Chen\'','wos__chenyang',110856),('\'Jin Yang\'','\'Jin Yang\'','wos__chenyang',110857),('\'Jay Turla\'','\'Jay Turla\'','wos__jturla',110858),('\'Josh Mitchell\'','\'Josh Mitchell\'','wos__jmitchell',110859),('\'Chris Hanlon\'','\'Chris Hanlon\'','wos__chanlon',110860),('\'Mike Raggo\'','\'Mike Raggo\'','wos__raggohosmer',110861),('\'Chet Hosmer\'','\'Chet Hosmer\'','wos__raggohosmer',110862),('\'Caleb Madrigal\'','\'Caleb Madrigal\'','wos__cmadrigal',110863),('\'Malware Unicorn\'','\'Malware Unicorn\'','phw__malwareunicorn',110864),('\'Ryan Kovar\'','\'Ryan Kovar\'','phw__kovarstoner',110865),('\'John Stoner\'','\'John Stoner\'','phw__kovarstoner',110866),('\'Ryan Mitchell\'','\'Ryan Mitchell\'','phw__rmitchell',110867),('\'Davin Potts\'','\'Davin Potts\'','phw__dpotts',110868),('\'Johnny Long\'','\'Johnny Long\'','phw__jlong',110869),('\'Omar Santos\'','\'Omar Santos\'','phw__santostaylor',110870),('\'Ron Taylor\'','\'Ron Taylor\'','phw__santostaylor',110871),('\'Rogan Dawes\'','\'Rogan Dawes\'','phw__rdawestraining',110872),('\'Ryan Kovar\'','\'Ryan Kovar\'','phw__kovarstoner',110873),('\'John Stoner\'','\'John Stoner\'','phw__kovarstoner',110874),('\'Veronica Schmitt\'','\'Veronica Schmitt\'','iot__iom',110875),('\'Rick Ramgattie\'','\'Rick Ramgattie\'','iot__soho2',110876),('\'Jacob Holcomb\'','\'Jacob Holcomb\'','iot__soho2',110877),('\'Matt Mahler\'','\'Matt Mahler\'','iot__nest',110878),('\'Kat Mansourimoaied\'','\'Kat Mansourimoaied\'','iot__nest',110879),('\'Hwiwon Lee\'','\'Hwiwon Lee\'','iot__iot_hub',110880),('\'Changhyun Park\'','\'Changhyun Park\'','iot__iot_hub',110881),('\'Amit Elazari\'','\'Amit Elazari\'','iot__laws',110882),('\'Jamie Williams\'','\'Jamie Williams\'','iot__laws',110883),('\'Stephen Hilt\'','\'Stephen Hilt\'','iot__sound',110884),('\'David Tomaschik\'','\'David Tomaschik\'','iot__knock',110885),('\'John Dunlap\'','\'John Dunlap\'','iot__fpga',110886),('\'Erez Yalon\'','\'Erez Yalon\'','iot__scale',110887),('\'Panel\'','\'Panel\'','iot__panel_iot',110888),('\'Matt Wixey\'','\'Matt Wixey\'','iot__worms',110889),('\'Ben Nassi\'','\'Ben Nassi\'','iot__irrigate',110890),('\'Dennis Giese\'','\'Dennis Giese\'','iot__arm_core',110891),('\'Srinivas Rao\'','\'Srinivas Rao\'','iot__uboot',110892),('\'Abhijeth D\'','\'Abhijeth D\'','iot__uboot',110893),('\'Ken Keiser\'','\'Ken Keiser\'','2bd2b33399fc528d2d5351d5a928dfd5',110894),('\'Ben Barenz\'','\'Ben Barenz\'','2bd2b33399fc528d2d5351d5a928dfd5',110895),('\'Joe Slowik\'','\'Joe Slowik\'','5a3b53d9158ff24fbd58243d8681ce43',110896),('\'Mike Godfrey\'','\'Mike Godfrey\'','b37b886dc252932b8d4f06acf0bf09ad',110897),('\'Brandon Workentin\'','\'Brandon Workentin\'','5a3b6b5a18247ab7b2f2775e4bdb7b25',110898),('\'James Harris\'','\'James Harris\'','9dee2fbfc98d8db5f3a231f369d8799a',110899),('\'Carlos Aguayo\'','\'Carlos Aguayo\'','9dee2fbfc98d8db5f3a231f369d8799a',110900),('\'Patrick DeSantis\'','\'Patrick DeSantis\'','ee4aa3483d13691bef53c7240273b467',110901),('\'Carlos Pacho\'','\'Carlos Pacho\'','ee4aa3483d13691bef53c7240273b467',110902),('\'Monta Elkins\'','\'Monta Elkins\'','bc571dd08ad0e5ee63914249a1238226',110903),('\'Bryson Bort\'','\'Bryson Bort\'','411b4defbd336f652b041d0e2a17e293',110904),('\'Marina Krotofi\'','\'Marina Krotofi\'','ea8a6783bd054457e9c7f53a66154539',110905),('\'Alexander Winnicki\'','\'Alexander Winnicki\'','ea8a6783bd054457e9c7f53a66154539',110906),('\'Thomas VanNorman\'','\'Thomas VanNorman\'','9eb05122658bdb4a8343f73545937b24',110907),('\'Sam Bowne\'','\'Sam Bowne\'','ws__bowne',110908),('\'Dylan James Smith\'','\'Dylan James Smith\'','ws__bowne',110909),('\'Elizabeth Biddlecome\'','\'Elizabeth Biddlecome\'','ws__bowne',110910),('\'Louis Nyffenegger\'','\'Louis Nyffenegger\'','ws__nyffenegger1',110911),('\'Luke Jahnke\'','\'Luke Jahnke\'','ws__nyffenegger1',110912),('\'Nick Tait\'','\'Nick Tait\'','ws__tait',110913),('\'Sneha Rajguru\'','\'Sneha Rajguru\'','ws__rajguru',110914),('\'Arun Magesh\'','\'Arun Magesh\'','ws__magesh',110915),('\'Adam Steed\'','\'Adam Steed\'','ws__steed',110916),('\'James Albany\'','\'James Albany\'','ws__steed',110917),('\'Wesley McGrew\'','\'Wesley McGrew\'','ws__mcgrew',110918),('\'Kendall Blaylock\'','\'Kendall Blaylock\'','ws__mcgrew',110919),('\'Ben Hughes\'','\'Ben Hughes\'','ws__hughes',110920),('\'Fred Mastrippolito\'','\'Fred Mastrippolito\'','ws__hughes',110921),('\'Jeff Magloire\'','\'Jeff Magloire\'','ws__hughes',110922),('\'Madhu Akula\'','\'Madhu Akula\'','ws__akula',110923),('\'Jon Medina\'','\'Jon Medina\'','ws__medina',110924),('\'Joe Grand\'','\'Joe Grand\'','ws__grand1',110925),('\'Joe Grand\'','\'Joe Grand\'','ws__grand2',110926),('\'Vaibhav Gupta\'','\'Vaibhav Gupta\'','ws__gupta',110927),('\'Sandeep Singh\'','\'Sandeep Singh\'','ws__gupta',110928),('\'Miguel Guirao\'','\'Miguel Guirao\'','ws__guirao',110929),('\'Csaba Fitzl\'','\'Csaba Fitzl\'','ws__fitzl',110930),('\'Sergei Frankoff\'','\'Sergei Frankoff\'','ws__frankoff',110931),('\'Sean Wilson\'','\'Sean Wilson\'','ws__frankoff',110932),('\'Joshua Pereyda\'','\'Joshua Pereyda\'','ws__pereyda',110933),('\'Timothy Clemans\'','\'Timothy Clemans\'','ws__pereyda',110934),('\'Dan Borges\'','\'Dan Borges\'','ws__Borges',110935),('\'Alex Levinson\'','\'Alex Levinson\'','ws__Borges',110936),('\'Jakub Botwicz\'','\'Jakub Botwicz\'','ws__botwicz',110937),('\'Wojciech Rauner\'','\'Wojciech Rauner\'','ws__botwicz',110938),('\'Walter Cuestas\'','\'Walter Cuestas\'','ws__cuestas',110939),('\'Mauricio Velazco\'','\'Mauricio Velazco\'','ws__cuestas',110940),('\'Jeremy Johnson\'','\'Jeremy Johnson\'','ws__johnson',110941),('\'Eijah\'','\'Eijah\'','ws__eijah',110942),('\'Clarence Chio\'','\'Clarence Chio\'','ws__chio',110943),('\'Anto Joseph\'','\'Anto Joseph\'','ws__chio',110944),('\'Richard Henderson\'','\'Richard Henderson\'','ws__henderson',110945),('\'Bryan Passifiume\'','\'Bryan Passifiume\'','ws__henderson',110946),('\'Arun Mane\'','\'Arun Mane\'','ws__mane',110947),('\'Rushikesh D. Nandedkar\'','\'Rushikesh D. Nandedkar\'','ws__mane',110948),('\'Gary Bates\'','\'Gary Bates\'','ws__bates',110949),('\'Louis Nyffenegger\'','\'Louis Nyffenegger\'','ws__nyffenegger2',110950),('\'Luke Jahnke\'','\'Luke Jahnke\'','ws__nyffenegger2',110951),('\'Alexandrine Torrents\'','\'Alexandrine Torrents\'','ws__torrents',110952),('\'Arnaud SOULLIÉ\'','\'Arnaud SOULLIÉ\'','ws__torrents',110953),('\'David Turco\'','\'David Turco\'','ws__turco',110954),('\'Jon Overgaard Christiansen\'','\'Jon Overgaard Christiansen\'','ws__turco',110955),('\'Matt Cheung\'','\'Matt Cheung\'','ws__cheung',110956),('\'Gabriel Ryan\'','\'Gabriel Ryan\'','ws__ryan',110957),('\'Justin Whitehead\'','\'Justin Whitehead\'','ws__ryan',110958),('\'Bryce Kunz\'','\'Bryce Kunz\'','ws__kunz',110959),('\'Kevin Lustic\'','\'Kevin Lustic\'','ws__kunz',110960),('\'Vinnie Vanhoecke\'','\'Vinnie Vanhoecke\'','ws__vanhoecke',110961),('\'Lorenzo Bernardi\'','\'Lorenzo Bernardi\'','ws__vanhoecke',110962),('\'Dave Porcello\'','\'Dave Porcello\'','ws__porcello',110963),('\'Sean Gallagher\'','\'Sean Gallagher\'','ws__porcello',110964),('\'David Pearson\'','\'David Pearson\'','ws__pearson',110965),('\'Abhay Bhargav\'','\'Abhay Bhargav\'','ws__bhargav',110966),('\'Sharath Kumar Ramadas\'','\'Sharath Kumar Ramadas\'','ws__bhargav',110967),('\'Mike Spicer\'','\'Mike Spicer\'','dl__#WiFiCactus',110968),('\'Prashant Mahajan\'','\'Prashant Mahajan\'','dl__ADRecon',110969),('\'Ankur Tyagi\'','\'Ankur Tyagi\'','dl__Angad',110970),('\'Anand Tiwari\'','\'Anand Tiwari\'','dl__Archery',110971),('\'Nishant Sharma\'','\'Nishant Sharma\'','dl__BLEMystique',110972),('\'Jeswin Mathai\'','\'Jeswin Mathai\'','dl__BLEMystique',110973),('\'Joshua Pereyda\'','\'Joshua Pereyda\'','dl__boofuzz',110974),('\'Rod Soto\'','\'Rod Soto\'','dl__CHIRON',110975),('\'Joseph Zadeh\'','\'Joseph Zadeh\'','dl__CHIRON',110976),('\'Jayesh Singh Chauhan\'','\'Jayesh Singh Chauhan\'','dl__Cloud Security Suite',110977),('\'Mikhail Burshteyn\'','\'Mikhail Burshteyn\'','dl__Conformer',110978),('\'Bhadreshkumar Patel\'','\'Bhadreshkumar Patel\'','dl__DejaVU',110979),('\'Harish Ramadoss\'','\'Harish Ramadoss\'','dl__DejaVU',110980),('\'Gabriel Ryan\'','\'Gabriel Ryan\'','dl__EAPHammer',110981),('\'Aseem Jakhar\'','\'Aseem Jakhar\'','dl__Expl-iot',110982),('\'Utku Sen\'','\'Utku Sen\'','dl__firstorder',110983),('\'Gozde Sinturk\'','\'Gozde Sinturk\'','dl__firstorder',110984),('\'Andrew Morris\'','\'Andrew Morris\'','dl__GreyNoise',110985),('\'Isao Takaesu\'','\'Isao Takaesu\'','dl__GyoiThon',110986),('\'Masuya Masafumi\'','\'Masuya Masafumi\'','dl__GyoiThon',110987),('\'Toshitsugu Yoneyama,\'','\'Toshitsugu Yoneyama,\'','dl__GyoiThon',110988),('\'Sanoop Thomas\'','\'Sanoop Thomas\'','dl__Halcyon',110989),('\'Ashwin K Whitchurch\'','\'Ashwin K Whitchurch\'','dl__HealthyPi',110990),('\'Omer Cohen\'','\'Omer Cohen\'','dl__Honeycomb',110991),('\'Imri Goldberg\'','\'Imri Goldberg\'','dl__Honeycomb',110992),('\'Vadim Pavlov\'','\'Vadim Pavlov\'','dl__ioc2rpz',110993),('\'Steve Thomas\'','\'Steve Thomas\'','dl__LHT',110994),('\'Konark Modi\'','\'Konark Modi\'','dl__Local Sheriff',110995),('\'Lennart Koopmann\'','\'Lennart Koopmann\'','dl__nzyme',110996),('\'Efrain Ortiz\'','\'Efrain Ortiz\'','dl__OpenC2',110997),('\'Nick Sayer\'','\'Nick Sayer\'','dl__Orthrus',110998),('\'Nishant Sharma\'','\'Nishant Sharma\'','dl__PA Toolkit',110999),('\'Jeswin Mathai\'','\'Jeswin Mathai\'','dl__PA Toolkit',111000),('\'Zhi Zhou\'','\'Zhi Zhou\'','dl__Passionfruit',111001),('\'Yifeng Zhang\'','\'Yifeng Zhang\'','dl__Passionfruit',111002),('\'Ulf Frisk\'','\'Ulf Frisk\'','dl__PCILeech',111003),('\'Ian Vitek\'','\'Ian Vitek\'','dl__PCILeech',111004),('\'Pavan Mohan\'','\'Pavan Mohan\'','dl__Sh00t',111005),('\'Mike Westmacott\'','\'Mike Westmacott\'','dl__Swissduino',111006),('\'Caleb Madrigal\'','\'Caleb Madrigal\'','dl__trackerjacker',111007),('\'Daniel Underhay\'','\'Daniel Underhay\'','dl__Walrus',111008),('\'Matthew Daley\'','\'Matthew Daley\'','dl__Walrus',111009),('\'Luca Bongiorni\'','\'Luca Bongiorni\'','dl__WHID Injector',111010),('\'Besim Altinok\'','\'Besim Altinok\'','dl__WiPi-Hunter',111011),('\'Mehmet Kutlay Kocer\'','\'Mehmet Kutlay Kocer\'','dl__WiPi-Hunter',111012),('\'M.Can KURNAZ\'','\'M.Can KURNAZ\'','dl__WiPi-Hunter',111013),('\'0x200b\'','\'0x200b\'','dc__0x200b',111014),('\'Nathan Adams\'','\'Nathan Adams\'','dc__Matthews',111015),('\'Agent X\'','\'Agent X\'','dc__Si',111016),('\'Alex\'','\'Alex\'','dc__Zach',111017),('\'Thiago Alves\'','\'Thiago Alves\'','dc__Alves',111018),('\'Nils Amiet\'','\'Nils Amiet\'','dc__Romailler',111019),('\'Ruo Ando\'','\'Ruo Ando\'','dc__Ando',111020),('\'Azeem Aqil\'','\'Azeem Aqil\'','dc__Delta',111021),('\'Andrés Arrieta\'','\'Andrés Arrieta\'','dc__Opsahl',111022),('\'Dr. Steven Arzt\'','\'Dr. Steven Arzt\'','dc__Rasthofer',111023),('\'Dylan Ayrey\'','\'Dylan Ayrey\'','dc__Foster',111024),('\'Xiaolong Bai\'','\'Xiaolong Bai\'','dc__Bai1',111025),('\'Xiaolong Bai\'','\'Xiaolong Bai\'','dc__Zheng1',111026),('\'Zhenxuan Bai\'','\'Zhenxuan Bai\'','dc__Bai2',111027),('\'Yaniv Balmas\'','\'Yaniv Balmas\'','dc__Balmas',111028),('\'Sheila A. Berta\'','\'Sheila A. Berta\'','dc__Berta',111029),('\'Alexandre Borges\'','\'Alexandre Borges\'','dc__Borges',111030),('\'Dan Borges\'','\'Dan Borges\'','dc__Levinson',111031),('\'Casey Bourbonnais\'','\'Casey Bourbonnais\'','dc__DCGPanel',111032),('\'Lane Broadbent\'','\'Lane Broadbent\'','dc__Broadbent',111033),('\'Dave Buchwald\'','\'Dave Buchwald\'','dc__Nirenberg',111034),('\'Thanh Bui\'','\'Thanh Bui\'','dc__Bui',111035),('\'Alexei Bulazel\'','\'Alexei Bulazel\'','dc__Bulazel',111036),('\'Seamus Burke\'','\'Seamus Burke\'','dc__Burke',111037),('\'Dr. Aylin Caliskan\'','\'Dr. Aylin Caliskan\'','dc__Greenstadt',111038),('\'Nick Cano\'','\'Nick Cano\'','dc__Cano1',111039),('\'Shaokun Cao\'','\'Shaokun Cao\'','dc__Zheng2',111040),('\'Nate Cardozo\'','\'Nate Cardozo\'','dc__Opsahl',111041),('\'Nate Cardozo\'','\'Nate Cardozo\'','dc__White',111042),('\'Damien \"virtualabs\" Cauquil\'','\'Damien \"virtualabs\" Cauquil\'','dc__Cauquil',111043),('\'Kunzhe Chai\'','\'Kunzhe Chai\'','dc__Bai2',111044),('\'Whitney Champion\'','\'Whitney Champion\'','dc__Champion',111045),('\'Hyoung-Kee Choi\'','\'Hyoung-Kee Choi\'','dc__Kim',111046),('\'Rodrigo Colli\'','\'Rodrigo Colli\'','dc__Izycki',111047),('\'Joshua Corman\'','\'Joshua Corman\'','dc__Dameff ',111048),('\'Daniel \"unicornFurnace\" Crowley\'','\'Daniel \"unicornFurnace\" Crowley\'','dc__Crowley',111049),('\'Jianjun Dai\'','\'Jianjun Dai\'','dc__Gong',111050),('\'The Dark Tangent\'','\'The Dark Tangent\'','dc__Welcome',111051),('\'The Dark Tangent\'','\'The Dark Tangent\'','dc__Closing',111052),('\'Christian\"quaddi\" Dameff MD\'','\'Christian\"quaddi\" Dameff MD\'','dc__Dameff ',111053),('\'Steven Danneman\'','\'Steven Danneman\'','dc__Danneman',111054),('\'Sergio De Los Santos\'','\'Sergio De Los Santos\'','dc__Berta',111055),('\'_delta_zero\'','\'_delta_zero\'','dc__Delta',111056),('\'DilDog\'','\'DilDog\'','dc__L0pht',111057),('\'Christopher Domas\'','\'Christopher Domas\'','dc__Domas1',111058),('\'Christopher Domas\'','\'Christopher Domas\'','dc__Domas2',111059),('\'Joan Donovan\'','\'Joan Donovan\'','dc__Goerzen',111060),('\'Svea Eckert\'','\'Svea Eckert\'','dc__Svea',111061),('\'egypt\'','\'egypt\'','dc__Egypt',111062),('\'Ian Foster\'','\'Ian Foster\'','dc__Foster',111063),('\'Joshua M Franklin \'','\'Joshua M Franklin \'','dc__Franklin',111064),('\'Kevin Franklin\'','\'Kevin Franklin\'','dc__Franklin',111065),('\'Leigh-Anne Galloway\'','\'Leigh-Anne Galloway\'','dc__Galloway',111066),('\'Morgan \"indrora\" Gangwere\'','\'Morgan \"indrora\" Gangwere\'','dc__Gangwere',111067),('\'Alfonso García\'','\'Alfonso García\'','dc__García',111068),('\'Dennis Giese\'','\'Dennis Giese\'','dc__Giese',111069),('\'Matt Goerzen\'','\'Matt Goerzen\'','dc__Goerzen',111070),('\'Guang Gong\'','\'Guang Gong\'','dc__Gong',111071),('\'Joe Grand (Kingpin)\'','\'Joe Grand (Kingpin)\'','dc__Kingpin',111072),('\'Joe Grand (Kingpin)\'','\'Joe Grand (Kingpin)\'','dc__L0pht',111073),('\'Jerome Greco\'','\'Jerome Greco\'','dc__Matthews',111074),('\'Rachel Greenstadt\'','\'Rachel Greenstadt\'','dc__Greenstadt',111075),('\'Ian Haken\'','\'Ian Haken\'','dc__Haken',111076),('\'Parsia Hakimian\'','\'Parsia Hakimian\'','dc__Riedesel',111077),('\'HighWiz\'','\'HighWiz\'','dc__DC101',111078),('\'Dr. Silke Holtmanns\'','\'Dr. Silke Holtmanns\'','dc__Holtmanns',111079),('\'hon1nbo\'','\'hon1nbo\'','dc__Levison',111080),('\'Jianwei Huang\'','\'Jianwei Huang\'','dc__Xiao',111081),('\'Lin Huang\'','\'Lin Huang\'','dc__Zeng',111082),('\'Stephan Huber\'','\'Stephan Huber\'','dc__Rasthofer',111083),('\'Wu HuiYu\'','\'Wu HuiYu\'','dc__HuiYu',111084),('\'ldionmarcil\'','\'ldionmarcil\'','dc__Ldionmarcil',111085),('\'Eyal Itkin\'','\'Eyal Itkin\'','dc__Balmas',111086),('\'Eduardo Izycki\'','\'Eduardo Izycki\'','dc__Izycki',111087),('\'Jericho\'','\'Jericho\'','dc__DC101',111088),('\'Yunding Jian\'','\'Yunding Jian\'','dc__Zheng2',111089),('\'Ryan Johnson\'','\'Ryan Johnson\'','dc__Johnson',111090),('\'Rob Joyce\'','\'Rob Joyce\'','dc__Joyce',111091),('\'Rob Joyce\'','\'Rob Joyce\'','dc__Joyce2',111092),('\'Truman Kain\'','\'Truman Kain\'','dc__Kain',111093),('\'Dongsung Kim\'','\'Dongsung Kim\'','dc__Kim',111094),('\'Matt King\'','\'Matt King\'','dc__King',111095),('\'Matt Knight\'','\'Matt Knight\'','dc__Knight',111096),('\'Till Krause\'','\'Till Krause\'','dc__Svea',111097),('\'Marina Krotofil\'','\'Marina Krotofil\'','dc__Krotofil',111098),('\'L0pht Heavy Industries\'','\'L0pht Heavy Industries\'','dc__L0pht',111099),('\'Seth Law\'','\'Seth Law\'','dc__Champion',111100),('\'Ricky \"HeadlessZeke\" Lawshae\'','\'Ricky \"HeadlessZeke\" Lawshae\'','dc__Lawshae',111101),('\'Michael Leibowitz\'','\'Michael Leibowitz\'','dc__Leibowitz',111102),('\'Kirill Levchenko PhD\'','\'Kirill Levchenko PhD\'','dc__Dameff ',111103),('\'Alex Levinson\'','\'Alex Levinson\'','dc__Levinson',111104),('\'Ladar Levison\'','\'Ladar Levison\'','dc__Levison',111105),('\'Jun Li\'','\'Jun Li\'','dc__Zeng',111106),('\'Peng Liu\'','\'Peng Liu\'','dc__Xiao',111107),('\'m010ch_\'','\'m010ch_\'','dc__M010ch_',111108),('\'Sheng-Hao Ma\'','\'Sheng-Hao Ma\'','dc__Ma',111109),('\'magicspacekiwi (Colin Campbell)\'','\'magicspacekiwi (Colin Campbell)\'','dc__West',111110),('\'Slava Makkaveev\'','\'Slava Makkaveev\'','dc__Makkaveev',111111),('\'Jeanette Manfra\'','\'Jeanette Manfra\'','dc__Manfra',111112),('\'Andrea Marcelli\'','\'Andrea Marcelli\'','dc__Marcelli',111113),('\'William Martin\'','\'William Martin\'','dc__Martin1',111114),('\'William Martin\'','\'William Martin\'','dc__Martin2',111115),('\'Jeanna Matthews\'','\'Jeanna Matthews\'','dc__Matthews',111116),('\'Jeanna Matthews\'','\'Jeanna Matthews\'','dc__Goerzen',111117),('\'Maggie Mayhem\'','\'Maggie Mayhem\'','dc__Mayhem',111118),('\'Wesley McGrew\'','\'Wesley McGrew\'','dc__McGrew',111119),('\'Douglas McKee\'','\'Douglas McKee\'','dc__McKee',111120),('\'David Melendez Cano\'','\'David Melendez Cano\'','dc__Cano2',111121),('\'Sean Metcalf\'','\'Sean Metcalf\'','dc__Metcalf',111122),('\'Jesse Michael\'','\'Jesse Michael\'','dc__Shkatov',111123),('\'Elinor Mills\'','\'Elinor Mills\'','dc__L0pht',111124),('\'Josh Mitchell\'','\'Josh Mitchell\'','dc__Mitchell',111125),('\'Mudge\'','\'Mudge\'','dc__L0pht',111126),('\'Alejo Murillo\'','\'Alejo Murillo\'','dc__García',111127),('\'Nafeez\'','\'Nafeez\'','dc__Nafeez',111128),('\'David Nathans\'','\'David Nathans\'','dc__Dameff ',111129),('\'Nevermoe (@n3v3rm03)\'','\'Nevermoe (@n3v3rm03)\'','dc__Nevermoe',111130),('\'Nikita\'','\'Nikita\'','dc__DC101',111131),('\'Michael Lee Nirenberg\'','\'Michael Lee Nirenberg\'','dc__Nirenberg',111132),('\'Kurt Opsahl\'','\'Kurt Opsahl\'','dc__Opsahl',111133),('\'Michael Ossmann\'','\'Michael Ossmann\'','dc__Ossmann',111134),('\'Mauro Paredes\'','\'Mauro Paredes\'','dc__Crowley',111135),('\'Erwin Paternotte\'','\'Erwin Paternotte\'','dc__Paternotte',111136),('\'Rowan Phipps\'','\'Rowan Phipps\'','dc__Phipps',111137),('\'Bruce Potter\'','\'Bruce Potter\'','dc__Potter',111138),('\'Robert Potter\'','\'Robert Potter\'','dc__Potter',111139),('\'Mingchuang Qun\'','\'Mingchuang Qun\'','dc__Zheng2',111140),('\'Jay Radcliffe\'','\'Jay Radcliffe\'','dc__Dameff ',111141),('\'Siddharth Rao\'','\'Siddharth Rao\'','dc__Bui',111142),('\'Dr. Siegfried Rasthofer\'','\'Dr. Siegfried Rasthofer\'','dc__Rasthofer',111143),('\'Stark Riedesel\'','\'Stark Riedesel\'','dc__Riedesel',111144),('\'Roamer\'','\'Roamer\'','dc__DC101',111145),('\'Tim Roberts (byt3boy)\'','\'Tim Roberts (byt3boy)\'','dc__DCGPanel',111146),('\'Josep Pi Rodriguez\'','\'Josep Pi Rodriguez\'','dc__Rodriguez',111147),('\'Katiza Rodriguez\'','\'Katiza Rodriguez\'','dc__Opsahl',111148),('\'Yolan Romailler\'','\'Yolan Romailler\'','dc__Romailler',111149),('\'Amanda Rousseau\'','\'Amanda Rousseau\'','dc__Rousseau',111150),('\'Joe Rozner\'','\'Joe Rozner\'','dc__Rozner',111151),('\'Gabriel Ryan\'','\'Gabriel Ryan\'','dc__Ryan',111152),('\'Jen \"savagejen\" Savage\'','\'Jen \"savagejen\" Savage\'','dc__Crowley',111153),('\'Eric Sesterhenn\'','\'Eric Sesterhenn\'','dc__Sesterhenn',111154),('\'Rich Seymour\'','\'Rich Seymour\'','dc__Rousseau',111155),('\'sghctoma\'','\'sghctoma\'','dc__Sghctoma',111156),('\'Shaggy\'','\'Shaggy\'','dc__DC101',111157),('\'Sanat Sharma\'','\'Sanat Sharma\'','dc__Sharma',111158),('\'Nathan \'nash\' Sheard\'','\'Nathan \'nash\' Sheard\'','dc__Opsahl',111159),('\'Mickey Shkatov  \'','\'Mickey Shkatov  \'','dc__Shkatov',111160),('\'Maksim Shudrak\'','\'Maksim Shudrak\'','dc__Shudrak',111161),('\'Si\'','\'Si\'','dc__Si',111162),('\'Silicosis \'','\'Silicosis \'','dc__L0pht',111163),('\'singe\'','\'singe\'','dc__Singe',111164),('\'Isha Singh\'','\'Isha Singh\'','dc__Holtmanns',111165),('\'smea\'','\'smea\'','dc__Smea',111166),('\'S0ups\'','\'S0ups\'','dc__DCGPanel',111167),('\'Space Rogue\'','\'Space Rogue\'','dc__L0pht',111168),('\'Ryan Speers\'','\'Ryan Speers\'','dc__Knight',111169),('\'Dominic Spill\'','\'Dominic Spill\'','dc__Ossmann',111170),('\'Angelos Stavrou\'','\'Angelos Stavrou\'','dc__Johnson',111171),('\'Jayson E. Street\'','\'Jayson E. Street\'','dc__DCGPanel',111172),('\'Sarah St. Vincent\'','\'Sarah St. Vincent\'','dc__StVincent',111173),('\'Roberto Suarez\'','\'Roberto Suarez\'','dc__Dameff ',111174),('\'Chris\"Suggy\" Sumner\'','\'Chris\"Suggy\" Sumner\'','dc__Svea',111175),('\'John Tan\'','\'John Tan\'','dc__L0pht',111176),('\'Vincent Tan\'','\'Vincent Tan\'','dc__Tan',111177),('\'George Tarnovsky\'','\'George Tarnovsky\'','dc__Tarnovsky',111178),('\'The Tarquin\'','\'The Tarquin\'','dc__Tarquin',111179),('\'Richard Thieme\'','\'Richard Thieme\'','dc__Thieme',111180),('\'Orange Tsai\'','\'Orange Tsai\'','dc__Tsai',111181),('\'Jeff\"r3plicant\" Tully MD\'','\'Jeff\"r3plicant\" Tully MD\'','dc__Dameff ',111182),('\'Mattijs van Ommeren\'','\'Mattijs van Ommeren\'','dc__Paternotte',111183),('\'Martin Vigo\'','\'Martin Vigo\'','dc__Vigo',111184),('\'William Vu\'','\'William Vu\'','dc__Egypt',111185),('\'Senhua Wang\'','\'Senhua Wang\'','dc__Bai2',111186),('\'Yu Wang\'','\'Yu Wang\'','dc__Wang',111187),('\'Patrick Wardle\'','\'Patrick Wardle\'','dc__Wardle1',111188),('\'Patrick Wardle\'','\'Patrick Wardle\'','dc__Wardle2',111189),('\'Weld Pond\'','\'Weld Pond\'','dc__L0pht',111190),('\'Qian Wenxiang\'','\'Qian Wenxiang\'','dc__HuiYu',111191),('\'Michael West\'','\'Michael West\'','dc__West',111192),('\'Jos Wetzels\'','\'Jos Wetzels\'','dc__Krotofil',111193),('\'Brent White (B1TK1LL3R)\'','\'Brent White (B1TK1LL3R)\'','dc__DCGPanel',111194),('\'Nathan White\'','\'Nathan White\'','dc__White',111195),('\'Jamie Lee Williams\'','\'Jamie Lee Williams\'','dc__Opsahl',111196),('\'Wiseacre\'','\'Wiseacre\'','dc__DC101',111197),('\'Matt Wixey\'','\'Matt Wixey\'','dc__Wixey',111198),('\'Beau Woods\'','\'Beau Woods\'','dc__Dameff',111199),('\'April Wright\'','\'April Wright\'','dc__DCGPanel',111200),('\'Feng Xiao\'','\'Feng Xiao\'','dc__Xiao',111201),('\'Wenlin Yang\'','\'Wenlin Yang\'','dc__Gong',111202),('\'yawnbox\'','\'yawnbox\'','dc__Yawnbox',111203),('\'Tim Yunusov\'','\'Tim Yunusov\'','dc__Galloway',111204),('\'Zach\'','\'Zach\'','dc__Zach',111205),('\'Yingtao Zeng\'','\'Yingtao Zeng\'','dc__Zeng',111206),('\'zenofex\'','\'zenofex\'','dc__Zenofex',111207),('\'zerosum0x0\'','\'zerosum0x0\'','dc__Zerosum0x0',111208),('\'Min (Spark) Zheng\'','\'Min (Spark) Zheng\'','dc__Zheng1',111209),('\'Min (Spark) Zheng\'','\'Min (Spark) Zheng\'','dc__Bai1',111210),('\'Yuwei Zheng\'','\'Yuwei Zheng\'','dc__Zheng2',111211),('\'Yuwei Zheng\'','\'Yuwei Zheng\'','dc__Bai2',111212),('\'Daniel Zolnikov\'','\'Daniel Zolnikov\'','dc__Zolnikov',111213),('\'Uncle G.\'','\'Uncle G.\'','df0d82ada827ac28685c80759ee29604',111214),('\'MasterChen\'','\'MasterChen\'','c0547f7de5191b30f9d124ab75efd381',111215),('\'Soldier of FORTRAN\'','\'Soldier of FORTRAN\'','8863782476172d226f1fe1367f47777f',111216),('\'Magg	\'','\'Magg	\'','a53e26bc76db664659056ff29c9302a0',111217),('\'William Knowles\'','\'William Knowles\'','52990e94450fac253c770dcd08c10fa3',111218),('\'James Coote	\'','\'James Coote	\'','52990e94450fac253c770dcd08c10fa3',111219),('\'Renderman\'','\'Renderman\'','a084a0a5f1c199e904c7de5b4bacba00',111220),('\'Ethan Gregory Dodge	\'','\'Ethan Gregory Dodge	\'','3bf2720e9f5d64f99ff222c13b8f9595',111221),('\'Laura H	\'','\'Laura H	\'','e3f51bc8cfc5d1bbea02ea512fea73df',111222),('\'Brittany \"Straithe\" Postnikoff\'','\'Brittany \"Straithe\" Postnikoff\'','88a49564e4aec1d0b6ea50ffaa3c4f44',111223),('\'Sara-Jayne Terp	\'','\'Sara-Jayne Terp	\'','88a49564e4aec1d0b6ea50ffaa3c4f44',111224),('\'Daniel Williams (fbus)	\'','\'Daniel Williams (fbus)	\'','4971324852c27f726bc0ce212e4a922b',111225),('\'@wornbt\'','\'@wornbt\'','421ea3d4107a4053053669ded6f1ac49',111226),('\'Dimitri	\'','\'Dimitri	\'','3b163a1879290ed2ff34ea006259c3ee',111227),('\'security panda	\'','\'security panda	\'','12da8a08ec9f19a84b3df79dc863cfae',111228),('\'@3ncr1pted	\'','\'@3ncr1pted	\'','8e18fe05b2c677b3e91df96d34dd2eeb',111229),('\'Sidragon	\'','\'Sidragon	\'','455b56778876c9fa9fa9514975273c6e',111230),('\'Xavier Ashe	\'','\'Xavier Ashe	\'','49b7f086faf5440d2ebf363d58ce7e99',111231),('\'Mike Raggo\'','\'Mike Raggo\'','b19ad0aa01adafaa3b06f68e80cef081',111232),('\'Chet Hosmer \'','\'Chet Hosmer \'','b19ad0aa01adafaa3b06f68e80cef081',111233),('\'Marcelle\'','\'Marcelle\'','23b67dddaf9f657ce21cc886f3c04e67',111234),('\'Kelley	\'','\'Kelley	\'','23b67dddaf9f657ce21cc886f3c04e67',111235),('\'Amit Elazari\'','\'Amit Elazari\'','08e19ad3ff74a0127506e03acb01bd1e',111236),('\'Keren Elazari \'','\'Keren Elazari \'','08e19ad3ff74a0127506e03acb01bd1e',111237),('\'Shawn Merdinger	\'','\'Shawn Merdinger	\'','d383f2a03c4d13f034365d94aa00ac2b',111238),('\'@_j3lena_	\'','\'@_j3lena_	\'','02fb3c51dfdc5d0b969654c706b0aac8',111239),('\'Philippe Delteil	\'','\'Philippe Delteil	\'','b481689bbde502b7e03523b5e0a090fe',111240),('\'Flamingo \'','\'Flamingo \'','cb75c572e6942fd15dda000a806aa110',111241),('\'BACE16	\'','\'BACE16	\'','7f6ddf21b3c761c679497affb31ff13d',111242),('\'Stumbles The Drunk	\'','\'Stumbles The Drunk	\'','2647faaa9723c91468ccd64055161c01',111243),('\'Maggie Mayhem	\'','\'Maggie Mayhem	\'','507de3f8a731d203c65bc55e178c03de',111244),('\'Guy Barnhart-Magen\'','\'Guy Barnhart-Magen\'','c6497f84aa8db06a11c28134ff9d9c51',111245),('\'Ezra Caltum\'','\'Ezra Caltum\'','c6497f84aa8db06a11c28134ff9d9c51',111246),('\'Nick Cano	\'','\'Nick Cano	\'','52c239f5a4ca7a18457e8e4aea63a81b',111247),('\'Irwin Reyes\'','\'Irwin Reyes\'','b4010a6f71b90116826935fe0353f960',111248),('\'Amit Elazari Bar On\'','\'Amit Elazari Bar On\'','b4010a6f71b90116826935fe0353f960',111249),('\'Jeff Kosseff\'','\'Jeff Kosseff\'','4fdd8bf92a13e961e10d8188c33a2203',111250),('\'Tess Schrodinger\'','\'Tess Schrodinger\'','7d558cc267ed2071dce78e08a5447985',111251),('\'Mahrud Sayrafi\'','\'Mahrud Sayrafi\'','1002e9a71ea98aa3c2de38172c545cbd',111252),('\'Brendan O’Connor\'','\'Brendan O’Connor\'','1d91873a968235421288cc66bf1ee10c',111253),('\'Matt Urquhart\'','\'Matt Urquhart\'','cf379814ba02e469b4ba8f88536a70b1',111254),('\'Nox\'','\'Nox\'','03d02b999efb3681d7162947c5d844ba',111255),('\'Dr Adam Everspaugh\'','\'Dr Adam Everspaugh\'','769adba2242c404846c80235057e04ac',111256),('\'Adam Caudill\'','\'Adam Caudill\'','b2f479041988636a8460bbfc79ee6716',111257),('\'Taylor Hornby\'','\'Taylor Hornby\'','b2f479041988636a8460bbfc79ee6716',111258),('\'Marie Fromm\'','\'Marie Fromm\'','00397c884688a0a79e1fa933f4c0d015',111259),('\'Wendy Knox Everette\'','\'Wendy Knox Everette\'','8665d475c152911bdea5e3470a66865d',111260),('\'Scott Arciszewski\'','\'Scott Arciszewski\'','fea5fb72758d1c6d4a84bb6aa1cc839b',111261),('\'Caroline D. Hardin\'','\'Caroline D. Hardin\'','42b0d624c9b0895834ca5938c069abfa',111262),('\'Jen Dalsen\'','\'Jen Dalsen\'','42b0d624c9b0895834ca5938c069abfa',111263),('\'Lei Shi\'','\'Lei Shi\'','4ada2ed87ca76b216d1ae5b940a2a601',111264),('\'Allen Cai\'','\'Allen Cai\'','4ada2ed87ca76b216d1ae5b940a2a601',111265),('\'Yueting Lee\'','\'Yueting Lee\'','f22264eb52cf64dd20bec9f3b0af6c54',111266),('\'Pigeon\'','\'Pigeon\'','9cc5fa3a5af5d11b352f48227e3aaeed',111267),('\'Guy Barnhart-Magen\'','\'Guy Barnhart-Magen\'','11d7b6ed405cf0b0afcf94632cb5f3ec',111268),('\'Ezra Caltum\'','\'Ezra Caltum\'','11d7b6ed405cf0b0afcf94632cb5f3ec',111269),('\'Alex Catarineu\'','\'Alex Catarineu\'','b8f4e74f6792a1f4da606b0a955c5dee',111270),('\'Philipp Claßen\'','\'Philipp Claßen\'','b8f4e74f6792a1f4da606b0a955c5dee',111271),('\'Konark Modi\'','\'Konark Modi\'','b8f4e74f6792a1f4da606b0a955c5dee',111272),('\'Josep M. Pujol\'','\'Josep M. Pujol\'','b8f4e74f6792a1f4da606b0a955c5dee',111273),('\'Matt Cheung\'','\'Matt Cheung\'','f5909a5d6a1fc007c5ec1f327c33af6b',111274),('\'Roger Dingledine\'','\'Roger Dingledine\'','89e60cf83f838c7a248371b4d2b80eea',111275),('\'Nicholas Doiron\'','\'Nicholas Doiron\'','054e4751ee6fea1b86638f567fff7a73',111276),('\'Sherrie Cowley\'','\'Sherrie Cowley\'','d6476111d4ca4f3de9616a4258ebb422',111277),('\'Dennis Taggart\'','\'Dennis Taggart\'','d6476111d4ca4f3de9616a4258ebb422',111278),('\'Bob Wall\'','\'Bob Wall\'','5b74ede93b31b4a4b36bee845424d1eb',111279),('\'Colt Frederickson\'','\'Colt Frederickson\'','5b74ede93b31b4a4b36bee845424d1eb',111280),('\'Christian Paquin\'','\'Christian Paquin\'','fe059f8ee697c157e6b1e7f08bb950d9',111281),('\'Travis Goodspeed\'','\'Travis Goodspeed\'','wv__goodwatch_update',111282),('\'steve0\'','\'steve0\'','wv__bssi',111283),('\'Neel Pandeya\'','\'Neel Pandeya\'','wv__rfnoc',111284),('\'Nate Temple\'','\'Nate Temple\'','wv__rfnoc',111285),('\'Wasabi\'','\'Wasabi\'','wv__can_you_hear_me_now',111286),('\'Zero_Chaos\'','\'Zero_Chaos\'','wv__101',111287),('\'Tay-Tay fanboi Wasabi\'','\'Tay-Tay fanboi Wasabi\'','wv__101',111288),('\'Balint Seeber\'','\'Balint Seeber\'','wv__sirenjack',111289),('\'toddpar0dy\'','\'toddpar0dy\'','wv__hunting_rogue_aps',111290),('\'Faz\'','\'Faz\'','wv__exploring_the_802.15.4_attack_surface',111291),('\'Zero_Chaos\'','\'Zero_Chaos\'','wv__blue_sonar',111292),('\'Rick \"Captain Marko Ramius\" Mellendick\'','\'Rick \"Captain Marko Ramius\" Mellendick\'','wv__blue_sonar',111293),('\'John Dunlap\'','\'John Dunlap\'','wv__learning_to_listen',111294),('\'recompiler\'','\'recompiler\'','wv__attacking_gotenna_networks',111295),('\'Aadvark\'','\'Aadvark\'','wv__wardrivers_anonymous',111296),('\'Darkmatter\'','\'Darkmatter\'','wv__wardrivers_anonymous',111297),('\'elkentaro\'','\'elkentaro\'','wv__wardrivers_anonymous',111298),('\'Zero_Chaos\'','\'Zero_Chaos\'','wv__wardrivers_anonymous',111299),('\'Rick \"Ward River\" Mellendick\'','\'Rick \"Ward River\" Mellendick\'','wv__wardrivers_anonymous',111300),('\'Balint Seeber\'','\'Balint Seeber\'','wv__sdr_basics',111301),('\'Zero_Chaos\'','\'Zero_Chaos\'','wv__sdr_basics',111302),('\'Rick \"Ward River\" Mellendick\'','\'Rick \"Ward River\" Mellendick\'','wv__sdr_basics',111303),('\'Ryan Holeman\'','\'Ryan Holeman\'','wv__ble_ctf',111304),('\'Zero_Chaos\'','\'Zero_Chaos\'','wv__ble_ctf',111305),('\'Rick \"Ward River\" Mellendick\'','\'Rick \"Ward River\" Mellendick\'','wv__ble_ctf',111306),('\'Eric Reuter\'','\'Eric Reuter\'','wv__intro_to_railroad_telemetry',111307),('\'Zero_Chaos\'','\'Zero_Chaos\'','wv__intro_to_railroad_telemetry',111308),('\'Rick \"Ward River\" Mellendick\'','\'Rick \"Ward River\" Mellendick\'','wv__intro_to_railroad_telemetry',111309),('\'Dominic Spill\'','\'Dominic Spill\'','wv__its_not_wifi',111310),('\'Russ Handorf\'','\'Russ Handorf\'','wv__its_not_wifi',111311),('\'Darren Kitchen\'','\'Darren Kitchen\'','wv__SO_FLUFFY',111312),('\'Seb Kinne\'','\'Seb Kinne\'','wv__SO_FLUFFY',111313),('\'Craig Smith\'','\'Craig Smith\'','ff9621608f428bfa4a8cc3f5cb04447e',111314),('\'Travis Goodspeed\'','\'Travis Goodspeed\'','a2d666da41be3cdc921c8b019aa289d9',111315),('\'Tarah Wheeler\'','\'Tarah Wheeler\'','980588b7716625f128b96444f87fe917',111316),('\'Keren Elazari\'','\'Keren Elazari\'','980588b7716625f128b96444f87fe917',111317),('\'Violet Blue\'','\'Violet Blue\'','6dfea1c83b1eec8c67ec651838c4b41b',111318),('\'Georgia Weidman\'','\'Georgia Weidman\'','5b344bf00156773925e8943e3621bf51',111319),('\'Elissa Shevinsky\'','\'Elissa Shevinsky\'','7b3a14e05411211a3efcc2c9f1a51540',111320),('\'Nick Cano\'','\'Nick Cano\'','351f8f8d7d8ae24028e3be40df1cc70b',111321),('\'Jake Braun\'','\'Jake Braun\'','fd77a70c2bb6f4d5ff1033bc688d31d7',111322),('\'Hari Hursti\'','\'Hari Hursti\'','fd77a70c2bb6f4d5ff1033bc688d31d7',111323),('\'Matt Blaze\'','\'Matt Blaze\'','fd77a70c2bb6f4d5ff1033bc688d31d7',111324),('\'Jake Braun(moderator)\'','\'Jake Braun(moderator)\'','09666a6e148b2a60acd1fe17a3f898dc',111325),('\'Neal Kelley\'','\'Neal Kelley\'','09666a6e148b2a60acd1fe17a3f898dc',111326),('\'Jeanette Manfra\'','\'Jeanette Manfra\'','09666a6e148b2a60acd1fe17a3f898dc',111327),('\'Amber McReynolds\'','\'Amber McReynolds\'','09666a6e148b2a60acd1fe17a3f898dc',111328),('\'Alex Padilla\'','\'Alex Padilla\'','09666a6e148b2a60acd1fe17a3f898dc',111329),('\'Noah Praetz\'','\'Noah Praetz\'','09666a6e148b2a60acd1fe17a3f898dc',111330),('\'Robert Karas\'','\'Robert Karas\'','87a549adea5e61ca38dc37055fda9b99',111331),('\'Jason Hill\'','\'Jason Hill\'','87a549adea5e61ca38dc37055fda9b99',111332),('\'J. Alex Halderman\'','\'J. Alex Halderman\'','9dd12c5d5de2aab92e75bf7cb531cc13',111333),('\'Carsten Schurmann\'','\'Carsten Schurmann\'','6d8f0b96e6af613f73226b91854a09da',111334),('\'Matthew Bernhard\'','\'Matthew Bernhard\'','2a1ac273538e3cfc29dfe621a52e4ed8',111335),('\'Margaret MacAlpine\'','\'Margaret MacAlpine\'','78cbaf2d353164b70988453cc5357650',111336),('\'Diego Aranha\'','\'Diego Aranha\'','d8b43660c28a57a2fe2f1f6df6a64459',111337),('\'Joseph Kiniry\'','\'Joseph Kiniry\'','7bfcf824c16ffa31b17e612448e8cb7a',111338),('\'Alejandro Mayorkas\'','\'Alejandro Mayorkas\'','005d4ef0c61067a57daeb8c5b0a723ee',111339),('\'a nurse\'','\'a nurse\'','bc761f47ca18d66b8bcfc992abd69a72',111340),('\'Cristina Munoz\'','\'Cristina Munoz\'','3ee7ce6f0c5f0cd192942f44c41b04f1',111341),('\'Rex\'','\'Rex\'','0ccfc4524553afebb84edf3d044b9e32',111342),('\'Annie Rouse\'','\'Annie Rouse\'','75ec18048bfec4ba1c32e91371d05c4d',111343),('\'Beth Schechter\'','\'Beth Schechter\'','a70f3aa7ede644e7fca8456e26f20d6e',111344),('\'Harry Moreno\'','\'Harry Moreno\'','6a49e75143c96f77a734683c3f02577c',111345),('\'Kevin Chen\'','\'Kevin Chen\'','4b340050a8b67274bec6cfb58e3fec7d',111346),('\'Adrian, Alex\'','\'Adrian, Alex\'','240d03bee956c5369ad32c0843e3a3ec',111347),('\'Project Nexus\'','\'Project Nexus\'','fdd540e746e1e1bb90dd29ae38f2a96c',111348),('\'Octet In Triplicate\'','\'Octet In Triplicate\'','9d43fc5d5c6b717b0266eeb32cc1b124',111349),('\'WeedAnon\'','\'WeedAnon\'','104d64442fc4af0f2381b51cd862e95c',111350),('\'Mark Lewi\'','\'Mark Lewi\'','7f3e36405c1cc512603c19291a682c8e',111351),('\'Keith Conway (@algirhythm)\'','\'Keith Conway (@algirhythm)\'','a364debd71cec08d5ea0412ab4084edd',111352),('\'Frank (@cosmovaltran\'','\'Frank (@cosmovaltran\'','a364debd71cec08d5ea0412ab4084edd',111353),('\'Michael Hiller\'','\'Michael Hiller\'','390dc13a2c671921509fc1a4716c798a',111354),('\'Mayor Chad Wanke\'','\'Mayor Chad Wanke\'','641acf3fa11b190838e6c036800dfe8c',111355),('\'OCP (by proxy)\'','\'OCP (by proxy)\'','23ca1c30676ff1f25497733c395ffed7',111356),('\'Michael Hiller\'','\'Michael Hiller\'','23ca1c30676ff1f25497733c395ffed7',111357),('\'Project Nexus\'','\'Project Nexus\'','23ca1c30676ff1f25497733c395ffed7',111358),('\'Weed Anon\'','\'Weed Anon\'','23ca1c30676ff1f25497733c395ffed7',111359),('\'Mark Lewis\'','\'Mark Lewis\'','23ca1c30676ff1f25497733c395ffed7',111360),('\'Chad Wanke\'','\'Chad Wanke\'','23ca1c30676ff1f25497733c395ffed7',111361);
/*!40000 ALTER TABLE `speakers` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;

/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

-- Dump completed on 2018-08-11  9:27:46