AEV - Hack-A-Sat Launch Party -
RTV - Knock knock, who's there? Identifying assets in the cloud - Tanner Barnes (aka @_StaticFlow_),NahamSec

Friday - 09:00 PDT

AIV - (09:30-09:59 PDT) - Opening Remarks - AI Village Organizers
BHV - (09:30-10:45 PDT) - DAY1 KEYNOTE: The Trust Talks - Nina Alli,Vee Schmitt,Yusuf Henriques,Josh O'Connor,Cannibal,Devabhaktuni Srikrishna,Najla Lindsay,Nate DeNicola
DC - (09:30-09:59 PDT) - Welcome to DEF CON Safe Mode - The Dark Tangent
HHV - (09:30-09:59 PDT) - Meetup: Some HHV Challenges - rehr
ICS - Keynote - Chris Krebs
IOT - (09:15-09:45 PDT) - How to get rights for hackers - Chloé Messdaghi
MOV - (09:50-09:59 PDT) - Welcome Speech - rehr
PAYV - (09:45-09:59 PDT) - Welcome to the Payment Village - Leigh-Anne Galloway
RTV - (09:15-10:15 PDT) - Red Teaming: Born from the Hacker Community - Chris Wysopal
RTV - (09:30-15:59 PDT) - Red Team Village CTF - Finals -

AEV - Exploiting Spacecraft - Brandon Bailey
AIV - cont...(16:00-17:30 PDT) - Workshop 2
ASV - cont...(16:00-17:59 PDT) - JWT Parkour - Louis Nyffenegger
BHV - cont...(16:45-17:45 PDT) - INCLUDES NO DIRT: Threat Modeling for Healthcare
BTVT1 - Discovering ELK The First Time - Lessons Learned Over 2 Years (Beginner) - TheDrPinky
BTVW1 - cont...(16:30-17:59 PDT) - Open-Source Tools for Hunting and Practical Intelligence (Intermediate) - Joe Slowik
CNE - EFF Tech Trivia Pub Quiz -
CPV - Fireside Chat: All about Section 230, the EARN IT Act, and What They Mean for Free Speech and Encryption - Cathy Gellis,Riana Pfefferkorn
CRV - Future Proofing Your Career - Jenai Marinkovic
DC - (17:30-17:59 PDT) - A Hacker’s guide to reducing side-channel attack surfaces using deep-learning - Elie Bursztein
DL - cont...(16:00-17:55 PDT) - redlure - Matthew Creel
HHV - (17:30-17:59 PDT) - Meetup: Some HHV Challenges - rehr
IOT - cont...(16:45-17:30 PDT) - Assembling VULNtron: 4 CVEs that Turn a Teleconference Robot into a Spy - Mark Bereza
IOT - (17:45-18:15 PDT) - Pandemic In Plaintext - Troy Brown
PHVW - cont...(16:00-17:59 PDT) - Violent Python 3 - Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handleman,Sam Bowne
RGV - cont...(16:00-17:59 PDT) - Pickpocketing @ Home - James Harrison
RTV - cont...(16:45-17:45 PDT) - Enumerating Cloud File Storage Gems - Michael Wylie
WLV - (17:45-18:45 PDT) - Wireless Village Fireside Talk -

Friday - 18:00 PDT

BTVT1 - (18:30-18:59 PDT) - Fighting a Virus with a Spreadsheet (Beginner) - Allen Baranov
BTVW2 - Data Analysis for Detection Research Through Jupyter Notebooks 101 (Beginner) - Roberto Rodriguez,Jose Rodriguez
CNE - cont...(17:00-18:59 PDT) - EFF Tech Trivia Pub Quiz -
CNE - War Story Bunker -
CNE - Hacker Jeopardy -
DC - (18:30-18:59 PDT) - Office Drama on macOS - Patrick Wardle
ENT - Terrestrial Access Network -
HHV - Meetup: 3H: Hardware Happy Hour - Chris Gammell
IOT - cont...(17:45-18:15 PDT) - Pandemic In Plaintext - Troy Brown
IOT - (18:30-19:15 PDT) - The Joy of Coordinating Vulnerability Disclosure - Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh
PWDV - Getting Advanced with Hashcat - Password Village Staff
RTV - Total E(A)gression - Alvaro Folgado Rueda
WLV - cont...(17:45-18:45 PDT) - Wireless Village Fireside Talk -

Friday - 19:00 PDT

BTVT1 - (19:30-20:30 PDT) - Purple On My Mind: Cost Effective Automated Adversary Simulation (Intermediate) - Mauricio Velazco
BTVW2 - cont...(18:00-19:30 PDT) - Data Analysis for Detection Research Through Jupyter Notebooks 101 (Beginner) - Roberto Rodriguez,Jose Rodriguez
CNE - cont...(18:00-19:59 PDT) - War Story Bunker -
CNE - cont...(18:00-19:59 PDT) - Hacker Jeopardy -
ENT - Acid T -
IOT - cont...(18:30-19:15 PDT) - The Joy of Coordinating Vulnerability Disclosure - Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh
RTV - (19:15-20:15 PDT) - Password cracking beyond 15 characters and under $500 - Travis Palmer

Friday - 20:00 PDT

BTVT1 - cont...(19:30-20:30 PDT) - Purple On My Mind: Cost Effective Automated Adversary Simulation (Intermediate) - Mauricio Velazco
ENT - Icetre Normal -
FSL - D0 N0 H4RM: A Healthcare Security Conversation - Ash Luft,Christian “quaddi” Dameff,Jeff “r3plicant” Tully,Suzanne Schwartz,Vidya Murthy
RTV - cont...(19:15-20:15 PDT) - Password cracking beyond 15 characters and under $500 - Travis Palmer
RTV - (20:30-21:30 PDT) - 50 Shades of Sudo Abuse - Tyler Boykin
VMV - Live Q&A with Special Guests Regarding "Kill Chain" -

Friday - 21:00 PDT

ENT - Zebbler Encanti Experience -
FSL - Shrek, Juggs, and Toxic Trolls: a BADASS discussion about Online Sexuality and Hacktivism - Katelyn Bowden,Rachel Lamp,Allie Barnes,Kate Venable,Marleigh Farlow,Tim Doomsday
PWDV - Getting Started with Hashcat (Rebroadcast) - Password Village Staff
PWDV - (21:30-21:59 PDT) - Making Targeted Wordlists (Rebroadcast) - Password Village Staff
RTV - cont...(20:30-21:30 PDT) - 50 Shades of Sudo Abuse - Tyler Boykin
RTV - (21:45-22:45 PDT) - ATTPwn: Adversarial Emulation and Offensive Techniques Collaborative Project - Fran Ramirez,Pablo Gonzalez

Friday - 22:00 PDT

ENT - Ninjula -
PWDV - Result of Longer Passwords in Real World Application (Rebroadcast) - Minga
PWDV - (22:30-22:40 PDT) - From Printers to Silver Tickets or Something (Rebroadcast) - EvilMog
PWDV - (22:40-23:30 PDT) - Getting Advanced with Hashcat (Rebroadcast) - Password Village Staff
RTV - cont...(21:45-22:45 PDT) - ATTPwn: Adversarial Emulation and Offensive Techniques Collaborative Project - Fran Ramirez,Pablo Gonzalez

Friday - 23:00 PDT

ENT - Shadowvex -
PWDV - cont...(22:40-23:30 PDT) - Getting Advanced with Hashcat (Rebroadcast) - Password Village Staff
RTV - ERPwnage - a red team approach to targeting SAP - Austin Marck

Friday - 8:00 PDT

CLV - cont...(06:00-12:30 PDT) - Cloud Village CTF -

Friday - 9:00 PDT

CLV - cont...(06:00-12:30 PDT) - Cloud Village CTF -

Talk/Event Descriptions

CNE - Friday - 09:00-17:59 PDT

Title: (Before Con) Creative Writing Short Story Contest
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The DEF CON Short Story contest is a pre-con contest that is run entirely online utilizing the DEF CON forums and subreddit. This contest follows the theme of DEF CON for the year and encourages hackers to roll up their sleeves and write the best creative story that they can. The Short Story Contest encourages skills that are invaluable in the hacker’s world, but are sometimes overlooked. Creative writing in a contest setting helps celebrate creativity and originality in arenas other than hardware or software hacking and provides a creative outlet for individuals who may not have another place to tell their stories.

Forum: https://forum.defcon.org/node/231200

Discord: https://discord.com/channels/708208267699945503/711643275584340069

Twitter: https://twitter.com/dcshortstory

Return to Index - Add to

- ics Calendar file

ASV - Friday - 11:00-11:45 PDT

VMV - Friday - 13:00-13:59 PDT

Title: A Panel with the Feds on Election Security
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Voting Vlg
Speakers:Bryson Bort,David Imbordino,Brig. Gen. William Hartman,Matthew Masterson,Cynthia Kaiser,Dan Kimmage

SpeakerBio:Bryson Bort
Founder of SCYTHE, next generation attack emulation platform; GRIMM, cybersecurity consultancy; ICS Village Co-Founder, 501c3 for ICS security awareness. Senior Fellow for Cyber/National Security at R Street and National Security Institute; Advisor to the Army Cyber Institute and DHS/CISA.

SpeakerBio:David Imbordino , Election Security Lead, National Security Agency
No BIO available

SpeakerBio:Brig. Gen. William Hartman , Commander, Cyber National Mission Force
No BIO available

SpeakerBio:Matthew Masterson , Senior Cybersecurity Advisor, CISA
No BIO available

SpeakerBio:Cynthia Kaiser , Deputy Chief of Analysis for National Security Cyber Threats, FBI
No BIO available

SpeakerBio:Dan Kimmage , Principal Deputy Coordinator, Global Engagement Center, Department of State
No BIO available

Description:
Elections are critical in a free and fair society. Public trust in election infrastructure begins with understanding what the Government has done with transparency and how the hacker community can help. We are all citizens and our voices should be heard.

What has the Federal Government done since 2016 including with state and local?
What changes have come about with the military’s Defend Forward strategy in 2018?
How do they work together with the domestic efforts?
How are foreign and domestic campaigns of disinformation managed?
What else could we do better?
How can the hacker community help?

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

VMV - Friday - 11:00-11:30 PDT

Title: A Policy Approach to Resolving Cybersecurity Problems inthe Election Process
When: Friday, Aug 7, 11:00 - 11:30 PDT
Where: Voting Vlg

SpeakerBio:Jody Westby , CEO, Global Cyber Risk LLC
No BIO available

Description:
Cybersecurity researchers keep identifying cybersecurity vulnerabilities in voting machines andin the election process, but not much happens in closing identified vulnerabilities. The privatesector vendors involved in voter registration, manufacturing and programming voting machines,and vote tabulation are less than responsive and few have not provided evidence that they havestrong cybersecurity programs that meet best practices and standards and regular have cyberrisk assessments performed. This presentation will put forward a federal policy approach thatwill help correct these problems and advance the integrity of elections across the country.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

AEV - Friday - 08:00-19:59 PDT

Title: A-ISAC CTF
When: Friday, Aug 7, 08:00 - 19:59 PDT
Where: Aerospace Vlg

Description:
Aviation is under attack! A Tier 1 airport is in chaos!

Ticketing kiosks, airline servers, flight information displays, transportation security, runway lights, aircraft, and other critical systems have all been compromised. And there are indicators that airport insiders may have colluded with hackers to bring the airport to its knees!

It’s up to you now. YOU have 24 hours to research and investigate this crisis to regain control of the targeted airport and its airspace. From collecting evidence (and flags) to restoring all compromised assets and assisting impacted stakeholders, the clock is ticking!

Its time to apply everything you know about cybersecurity (e.g., password cracking, log analysis, computer forensics, and ethical hacking), intelligence (e.g., OSINT), and aviation (e.g., crew, avionics, air traffic control communications, airline operations, security screening, airport information systems, and aviation cyber-physical systems) to help the airport return to normal operations.

You have been given full authority to do whatever it takes to catch the hackers, seize back control of the airport, and restore aviation operations.

Discord: https://discord.com/channels/708208267699945503/734477413186273400

Return to Index - Add to

- ics Calendar file

ENT - Friday - 19:00-19:59 PDT

Title: Acid T
When: Friday, Aug 7, 19:00 - 19:59 PDT
Where: See Description or Village

Description:
DEF CON 28 may be cancelled, but our parties cannot be stopped! Tune in for a massive virtual party that will shake the NET

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Twitch: https://www.twitch.tv/defcon_music

Facebook: https://www.facebook.com/dj.sm0ke

Twitter: https://twitter.com/DJ_Sm0ke

YouTube: https://www.youtube.com/channel/UC55xsENb9PKz-IKB5zodYGA/featured

SoundCloud: https://soundcloud.com/acid_t

Return to Index - Add to

- ics Calendar file

CHV - Friday - 10:00-10:59 PDT

Title: Adding new features by manipulating CAN bus
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Car Hacking Vlg 001

SpeakerBio:Teejay
No BIO available

Description:
Overview of how I added a front camera to my vehicle last year by utilizing CAN

#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001

Return to Index - Add to

- ics Calendar file

BTVW2 - Friday - 11:30-13:30 PDT

Title: An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner)
When: Friday, Aug 7, 11:30 - 13:30 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Ben Bornholm
No BIO available

Description:
Have you ever wondered, how should I get started in Threat Hunting? How should I start? What should I hunt for? What tools should I use? How should I do it? Have you always wanted to hunt an APT? Then this intro level workshops is the right place for you. Our workshop will introduce hunting an APT style attack to detect malicious activity at each stage of an attack’s lifecycle.

This workshop will introduce you to the Attack Lifecycle model to create a fundamental framework for hunting adversaries. Our workshop will have you hunt an APT style attack to detect malicious activity at each stage of an attack’s lifecycle. This will enable you to connect information found at one stage as leverage for hunting in another stage.

Participants of this workshop will have the following takeaways: - A fundamental understanding of the attacker mindset - A fundamental understanding of the phases of the Attack Lifecycle - Knowledge of the tools and techniques used by attackers - An ability to hunt for attacker tools and techniques using a SIEM - Exposure to an APT style attack
- IMPORTANT: This is a 101 Intro Workshop

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

ASV - Friday - 12:00-12:45 PDT

Title: Android Bug Foraging
When: Friday, Aug 7, 12:00 - 12:45 PDT
Where: AppSec Vlg
Speakers:João Morais,Pedro Umbelino

SpeakerBio:João Morais
No BIO available
Twitter: @jmoraissec

SpeakerBio:Pedro Umbelino
No BIO available
Twitter: @kripthor

Description:
In this session, we will analyze four real-world examples of different high impact android vulnerabilities. We will show how we discover, developed, and leveraged the vulnerabilities into a fully working proof-of-concept, devised meaningful attack scenarios (demos included), and how our work was approached by the different vendors.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

ASV - Friday - 15:00-15:45 PDT

Title: API (in)Security TOP 10: Guided tour to the Wild Wild World of APIs
When: Friday, Aug 7, 15:00 - 15:45 PDT
Where: AppSec Vlg
Speakers:David Sopas,Paulo Silva

SpeakerBio:David Sopas
No BIO available
Twitter: @dsopas

SpeakerBio:Paulo Silva
No BIO available
Twitter: @pauloasilva_com

Description:
Do you speak API? Surely you do, even if you don't notice them in your world wide web everyday use. APIs are proved to be beneficial for business, but with great power comes great responsibility and some of them have serious problems. Last year we put a lot of effort to build and release the OWASP API Security Top 10 project. Then, we decided to go wild and have some fun. Now we will present our findings, from OWASP API Security Top 10 to lots of fun and profit. Join us to learn common API pitfalls: how to find and abuse them. It won't hurt. Unless your data is in there...

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

ASV - Friday - 11:00-12:59 PDT

Title: Applying Pysa to Identify Python Security Vulnerabilities
When: Friday, Aug 7, 11:00 - 12:59 PDT
Where: AppSec Vlg

SpeakerBio:Graham Bleaney
No BIO available
Twitter: @GrahamBleaney

Description:
The Product Security teams at Facebook make extensive use of static analysis to find security vulnerabilities. We use systems like Zoncolan and the open source Python Static Analyzer (Pysa) on a daily basis. Using static analysis helped us find more than 1100 security bugs in 2018, accounting for more than a third of the bugs found by the application security team in that timeframe.

In this tutorial, we’ll cover the basics of static analysis, how to set up Pysa, and how you can write and run rules to identify vulnerabilities in your own codebase. We’ll also cover how Pysa deals with false positives and discuss its limitations as a tool. Each new concept you learn will immediately be reinforced by a practical exercise.

Attendees should leave this tutorial with all the tools they need to start applying static analysis to their Python projects at work and in open source. A computer with Python, Pip, and Git is required for this workshop. Attendees will need to pip install pyre-check and set up a small sample project.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: AppSec Village CtF
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
CTFs test your skills, challenge your ingenuity and push mental boundaries. But what is even MORE AWESOME than a regular CTF?

A (CTF)2!! A competition that stretches your creative mind as a task author and makes you step up your game as a task player. This year, AppSec Village @ DEF CON 28 invites you to compete in both roles!

Forum: https://forum.defcon.org/node/232292

Discord: https://discord.com/channels/708208267699945503/728703600586522739

Twitter: https://twitter.com/appsec_village

Web: https://www.appsecvillage.com/

Return to Index - Add to

- ics Calendar file

IOT - Friday - 16:45-17:30 PDT

Title: Assembling VULNtron: 4 CVEs that Turn a Teleconference Robot into a Spy
When: Friday, Aug 7, 16:45 - 17:30 PDT
Where: IOT Vlg

SpeakerBio:Mark Bereza
Mark Bereza is a security researcher and new addition to McAfee's Advanced Threat Research team. A recent alumnus of Oregon State's Computer Science systems program, Mark's work has focused primarily on vulnerability discovery and exploit development for embedded systems. Mark previously presented at DEFCON 27, less than 6 months after graduating college.

Description:
Once limited to the realm of science fiction, robotics now play a vital role in many industries, including manufacturing, agriculture, and even medicine. Despite this, the kind of robot that interfaces with humans directly, outside of the occasional toy or vacuum, threatens to remain an inhabitant of fiction for the foreseeable future.

temi, a “personal robot” created by Roboteam, may help make that fiction a reality. temi is a smart device for consumer, enterprise, retail, and even medical environments that is capable of both autonomous movement and teleconferencing. It’s precisely this functionality, however, that makes it a valuable target for hackers. Unlike a simple camera exploit, a compromised temi grants an attacker mobility in addition to audio/video, greatly increasing their ability to spy on victims in the most private of situations - their homes, medical appointments, or workplaces.

Not knowing when to quit, McAfee Advanced Threat Research uncovered four 0-day vulnerabilities in the temi. We’ll show how an attacker armed with nothing besides the victim’s phone number could exploit these vulnerabilities to intercept or join an existing temi call, gain video access, and even obtain “owner” privileges, granting the ability to remotely control the robot – all with zero authentication.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

BCV - Friday - 15:00-15:59 PDT

Title: Attacking and Defending Blockchain Nodes
When: Friday, Aug 7, 15:00 - 15:59 PDT
Where: Blockchain Vlg

SpeakerBio:Peter Kacherginsky
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage

Return to Index - Add to

- ics Calendar file

Title: Baby's First 100 MLSec Words
When: Friday, Aug 7, 10:30 - 10:59 PDT
Where: AI Vlg

SpeakerBio:erickgalinkin
No BIO available
Twitter: @erickgalinkin

Description:No Description available

AI Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Be the Match - registration drive
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Be the Match registration drive is returning once again! Swing by and check out one of the coolest biohacks out there, and how you could be the next person to save a life through cellular therapy.

Discord: https://discord.com/channels/708208267699945503/711643405004046457

Web: https://bethematch.org

Return to Index - Add to

- ics Calendar file

CHV - Friday - 12:00-12:59 PDT

Title: Before J1939: A J1708/J1587 Protocol Decoder
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Car Hacking Vlg 002
Speakers:Thomas Hayes,Dan Salloum

SpeakerBio:Thomas Hayes
Thomas Hayes is a Hardware Engineer at Bendix Commercial Vehicle Systems in Elyria, OH and a member of the SAE J1939 committees. In his current role, he manages the hardware process for braking and other heavy vehicle systems from brainstorming with napkin drawings to the creation of full PCBs to product testing and manufacturing. Prior to Bendix Thomas held design and leadership roles in a number of venture backed startups and worked in simulation technology for the aviation industry. In his spare time, Thomas enjoys rebuilding vintage motorcycles and teaching kids how to solder without burning their fingers off: success rate unknow.

SpeakerBio:Dan Salloum
Daniel Salloum is a Reverse Engineer by title and curious at heart. He is currently employed by Assured Information Security where he spends his days doing security evaluations and creating tools that help. His background as both a system administrator and programmer help him to navigate system innards. If it must be done more than twice, he'll script it. If it can be recreated in a few hours, it probably will be. Daniel has recently been accepted into the world of ham radio, and may be heard on the airwaves at some point. This is his first conference and expects it won't be the last.

Description:
Medium and heavy duty equipment communicate over vehicle networks using a number of protocols and busses. While researching the interaction between tractors and semi-trailers, we identified the presence of two legacy protocols, J1708 (physical layer), and J1587 (transport layer). The current mechanisms to capture and decode this data do not promote cost efficient data DISCOVERY, but as a team, we have developed techniques that will allow us to use existing diagnostic hardware to capture and decode J1587, and J1708, messages from the vehicle bus.

pretty_1587, our software application, has been designed to process input streams and convert SAE J1708 and J1587 messages to a convenient format that a user can read or pass to another software application. Our open source python code has been designed to be versatile and to work with the output of existing diagnostic tools and can consume data over network sockets, from files, or from stdin, allowing most hardware solutions that interface directly with the serial bus will be able to pass data to pretty_1587 to decode the data contained in the J1587 messages.

#chv-track002-text: https://discord.com/channels/708208267699945503/739564953014632579

YouTube: https://www.youtube.com/watch?v=5DYhXbWkWoA&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack002

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Bio-Hacking - Hospital Under Siege
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Adversaries have gained a foothold in your local hospital and are increasing their control over clinical systems and medical devices. Soon they make it clear they’re not after patient records or financial information, but are out to disrupt care delivery and put patients lives at risk. Your team received an urgent request to use your blue, red, and purple team skills to defend against the escalating attacks, attempt to unmask the adversary, and - above all - protect patient lives.

Hospital Under Siege is a scenario-driven Capture the Flag contest run by the Biohacking Village, pitting teams of participants against adversaries and against a clock, to protect human life and public safety. Participants will compete against each other on both real and simulated medical devices, in the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. Teams of any size are welcome, as are players from all backgrounds and skill levels. Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with exotic protocols like DICOM, HL7 and FHIR.

Forum: https://forum.defcon.org/node/232894

Discord: https://discord.com/channels/708208267699945503/711643365120278540

Twitter: https://twitter.com/DC_BHV

Web: https://www.villageb.io/

Return to Index - Add to

- ics Calendar file

CHV - Friday - 14:00-14:50 PDT

Title: Bluetooth Security in Automotive
When: Friday, Aug 7, 14:00 - 14:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Kamel Ghali
Kamel Ghali is a veteran of the automotive security industry, with experience working both within the automotive industry and as an external consultant. His passion for automotive security goes beyond his work, with him volunteering as an instructor for the Society of Automotive Engineers (SAE) Cyber Auto Challenge and leading the Japanese branch of the Automotive Security Research Group (ASRG). He's a two-time finalist of the Car Hacking Village's annual DefCon CTF and active member of the CHV community. He currently works at White Motion, an automotive cybersecurity firm based in Tokyo, Japan.

Description:
Bluetooth is a short-range cable replacement technology that is found in millions of IoT devices around the world. Due to its ubiquity and breadth of functionality, it's been seen in vehicles as early as the late 2000s. While commonly used for phonebook access, hands-free phone usage, and media control, Bluetooth is nonetheless an important vector to consider when analyzing a vehicle's security case. In this CHV101 lecture, we'll explore Bluetooth as a technology and its relevance to automotive cybersecurity.

- ics Calendar file

CRV - Friday - 16:00-16:59 PDT

Title: Building Teams in the New Normal
When: Friday, Aug 7, 16:00 - 16:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Mike Murray
No BIO available

Description:
2020 has created massive change across our industry, both from the perspective of COVID-19 as well as the social movements that have changed the way we view ourselves. Nowhere has this affected the industry more than the experience by which we onboard employees - as an example, before 2020, even most remote employees had in person interviews in the process. In short, the "new normal" that is evolving requires us to hire and interview differently. From where and how we find (especially diverse) candidates, our interview processes and the way we onboard employees in to our culture, everything requires a thoughtful new approach. In this talk, Mike will talk about everything he has learned and how he has modified his own processes to promote diversity, find the best people to join the team, and brought them aboard as part of the culture.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

Title: Capture The Packet (CTP)
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Come compete in the world’s most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible. Follow us on Twitter or Facebook (links below) to get notifications for dates and times your team will compete, as well as what prizes will be awarded.

Twitter capturetp: https://twitter.com/capturetp

Twitter wallofsheep: https://twitter.com/wallofsheep

Discord: https://discord.com/channels/708208267699945503/711643512625430529

Web: https://www.capturethepacket.com/

Return to Index - Add to

- ics Calendar file

CHV - Friday - 16:00-16:50 PDT

Title: Car (to Cloud) Talk: Using MQTT for Car Hacking
When: Friday, Aug 7, 16:00 - 16:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Jaime
Jaime is an EE turned software developer turned security researcher. She caught the infosec bug through playing CTFs, and now works at GRIMM hacking cars. In her spare time, she adds LEDs to things and hangs out with her dog.

Description:
As with IoT, cars are becoming increasingly "smart". In the automotive and trucking world, this means adding the ability to collect real-time telemetry data, gather information for predictive maintenance, as well as consumer features like remote lock/unlock. This talk will cover the internals of how MQTT--a lightweight messaging protocol frequently used in automotive and IoT--works, and how it's used in automotive applications.

#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Car Hacking Village CTF
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Come learn, hack, play at the Car Hacking Village. The village is an open, collaborative space to hack actual vehicles that you don't have to worry about breaking! Don't have tools? We'll loan you some. Never connected to a car? We'll show you how. Don't know where the controllers are? We'll show you how to take it apart.

Additionally we'll host a Donkey Car race. Check out our web site for up to date info.

Want to race? Check out of full car simulator(s).

Want to learn more about automotive hacking and cyber security? Check out our talks.

Want to hack mobility scooters? Yes! We'll do that to.

Also, check out the CHV CTF.

Discord: https://discord.com/channels/708208267699945503/711643596658311229

Twitter: https://twitter.com/CarHackVillage

Web: https://www.carhackingvillage.com/

Return to Index - Add to

- ics Calendar file

DL - Friday - 10:00-11:50 PDT

Title: Carnivore (Microsoft External Attack Tool)
When: Friday, Aug 7, 10:00 - 11:50 PDT
Where: See Description or Village

SpeakerBio:Chris Nevin
Senior Security Consultant at NCCGroup

Description:
Carnivore is a username enumeration and password spraying tool for Microsoft services (Skype for Business, ADFS, RDWeb, Exchange and Office 365). It originally began as an on-premises Skype for Business enumeration/spray tool as I was finding that these days, organizations often seem to have locked down their implementations of Exchange, however, Skype for Business has been left externally accessible, and has not received as much attention from previous penetration tests due to the lack of tools as impactful as Mailsniper. Overtime this was improved and built upon to bring the same service discovery, username enumeration and password spraying capability to Skype, ADFS, RDWeb, Exchange, and O365 all in the same tool. Carnivore includes new post compromise functionality for Skype for Business (pulling the internal address list and user presence through the API), and smart detection of the username format for all services. As a practical means of entry into an organisation – numerous external penetration tests have uncovered an on-premises Skype for Business or ADFS server even for organisations that have moved Mail/SSO/etc to the cloud.

Audience: Offense

Interact @ #dl-nevin-carnivore-text: https://discord.com/channels/708208267699945503/730256550442041373

Watch @ #dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988

Github: https://github.com/ReverendThing/Carnivore

Forum: https://forum.defcon.org/node/233116

Return to Index - Add to

- ics Calendar file

VMV - Friday - 14:30-14:59 PDT

Title: Chairman Benjamin Hovland, US Election Assistance Commission
When: Friday, Aug 7, 14:30 - 14:59 PDT
Where: Voting Vlg

SpeakerBio:Benjamin Hovland , Chairman, U.S. Election Assistance Commission
No BIO available

Description:No Description available

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

MP4: https://media.defcon.org/DEF%20CON%2028/DEF%20CON%20Safe%20Mode%20video%20and%20slides/DEF%20CON%20Safe%20Mode%20-%20Christian%20%E2%80%9Cquaddi%E2%80%9D%20Dameff%20MD%20and%20panel%20-%20D0%20N0%20H4RM-%20A%20Healthcare%20Security%20Conversation.mp4

Return to Index - Add to

- ics Calendar file

DL - Friday - 10:00-11:50 PDT

Title: CIRCO v2: Cisco Implant Raspberry Controlled Operations
When: Friday, Aug 7, 10:00 - 11:50 PDT
Where: See Description or Village

SpeakerBio:Emilio Couto
Emilio Couto (@ekio_jp) is a Security Consultant with more than 20 years of experience in the network and security field.Born and raised in Argentina, he is currently located in Japan where multitasking between language, culture and technologies is a must.Over the last decade focusing mainly on Finance IT and presenting tools in conferences (DEF CON, BlackHat Asia, HITB, Code Blue, AV Tokyo and SECCON).In his spare time he enjoys 3D printing, tinkering electronics and home-made IoT devices.
Twitter: @ekio_jp

Description:
Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of "Sec/Net/Dev/Ops" enterprise tools to capture network credentials in stealth mode

Audience: Offense/Hardware

Interact @ #dl-couto-circo-v2-text: https://discord.com/channels/708208267699945503/730256145771659335

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Github: https://github.com/ekiojp/circo

Forum: https://forum.defcon.org/node/233127

Return to Index - Add to

- ics Calendar file

CLV - Friday - 06:00-12:30 PDT

Title: Cloud Village CTF
When: Friday, Aug 7, 06:00 - 12:30 PDT
Where: See Description or Village

Description:
Registrations Open - 6 AM PDT 7th August 2020 CTF start time - August 7th 11 AM PDT
CTF close time - August 9th 12:30 PM PDT

The winners will be announced on August 9th 1:30 PM PDT at the closing note

CTF Site: https://cloudvillagectf.co/

Return to Index - Add to

- ics Calendar file

CHV - Friday - 13:00-13:50 PDT

Title: Cluster fuzz!
When: Friday, Aug 7, 13:00 - 13:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Mintynet
Network / security architect that has a passion for car hacking, found vulnerabilities in his own car and also private Car bug bounties. Now runs Car Hacking Village UK and is part of the team behind CHV at defcon

LinkedIn https://www.linkedin.com/in/mintynet/ Twitter: https://twitter.com/mintynet
Website: www.mintynet.com

Twitter: @mintynet

Description:
How to get started in #carhacking using cheap CAN hardware and an instrument cluster, shows the hardware needed and an example of a cluster. Then show some fuzzing of the cluster, including some tips for the CTF.

#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: CMD+CTRL CyberRange
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
CMD+CTRL has evolved! Slip into an immersive scenario, spanning an entire corporate cloud environment. Intelligent chatbots acting as skilled hackers will guide you every step of the way, as you perform recon, social engineering, data exfiltration, privilege escalation and much more. Move through websites, servers, accounts and cloud services, all in an effort to thwart an evil CEO and corrupt corporation. Just don’t get caught, or you may have to burn it all down to cover your tracks!

Forum: https://forum.defcon.org/node/231474

Discord: https://discord.com/channels/708208267699945503/711643642388807800

Twitter: https://twitter.com/SecInnovation

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Coindroids
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The year is 20X5 and humanity has fallen: now there are only Coindroids. The machines we designed to manage our finances have supplanted and destroyed the human race by turning our own economy against us. Now they battle each other in the ruins of our fallen cities, driven by a single directive: money is power.

Battle your way to the top of the leaderboard by attacking rival droids and completing hidden challenges.

New to cryptocurrencies? No DEFCOIN to play with? Not a problem! Just come visit our booth in the contest area and we can help get you started.

Forum: https://forum.defcon.org/node/233033

Discord: https://discord.com/channels/708208267699945503/711643539573833878

Twitter: https://twitter.com/coindroids

Web: https://www.coindroids.com

Return to Index - Add to

- ics Calendar file

AEV - Friday - 12:00-17:59 PDT

Title: CPX SimpleSat
When: Friday, Aug 7, 12:00 - 17:59 PDT
Where: Aerospace Vlg Workshop

Description:
Can you Hack-A-Sat? You won’t know until you try! Intended for noobs, CPX SimpleSat was built to allow you to experiment with attacking a mock satellite through a ground station, mimicking the types of commands used in Hack-a-Sat to gain control of the Satellite. No previous experience required. Just curiosity and a willingness to learn!

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Crack Me If You Can (CMIYC)
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
In its tenth year, the premier password cracking contest "Crack Me If You Can" is returning to DEFCON. The world's best password cracking teams are assembled and are awaiting the hardest 48 hours of their year.

Every year, the contest has a different surprise/twist. One year it was all international passwords, last year it was password rotation and BCRYPT, and 10 years ago it was capital letters. Oh the humanity!

This year the teams will be cracking hashes, generated by the CMIYC team, using plain-texts donated by famous hackers and Internet founders. Time for you to test your password cracking skills against your heroes.

Teams have 48 hours to crack as many passwords as possible using what ever resources they can legally assemble. Teams are split into "PRO" (for the large, professional password cracking teams) and "STREET" for smaller teams, or beginners.

Each year the "Crack Me If You Can" team gives away hundreds of free password cracking shirts in the Contest area.

Forum: https://forum.defcon.org/node/231475

Discord: https://discord.com/channels/708208267699945503/711644827053457478

Twitter: https://twitter.com/CrackMeIfYouCan

Web: https://contest-2020.korelogic.com/

Return to Index - Add to

- ics Calendar file

BCV - Friday - 14:00-14:59 PDT

Title: Creating a decentralized storage for Kubernetes with Tardigrade and Velero
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Blockchain Vlg

SpeakerBio:Kevin Leffew
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage

Return to Index - Add to

- ics Calendar file

BCV - Friday - 13:00-13:30 PDT

Title: Cryptocurrencies have superusers?
When: Friday, Aug 7, 13:00 - 13:30 PDT
Where: Blockchain Vlg

SpeakerBio:Mark Nesbitt
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage

Return to Index - Add to

- ics Calendar file

BHV - Friday - 16:15-16:45 PDT

Title: Cybersecurity informed consent for medical devices
When: Friday, Aug 7, 16:15 - 16:45 PDT
Where: BioHacking Vlg

Description:
Building on conversation within the Biohacking Village at DEFCON 27, and expertise in clinical care and implementation science (Dameff, Doerr, Tully), cybersecurity in healthcare (Coravos, Dameff, Tully), device policy and regulation (Coravos, Doerr), and informed consent (Doerr), we have defined a framework for “cybersecurity informed consent,”(CIC) a platform we hope will help directly address the patient (and clinician) awareness gap of the cybersecurity vulnerabilities of connected devices, enhancing the ecosystem of trust.(Tully, et al., 2020) In February 2020, we convened a 30-person advisory team comprised of white hat hackers, clinicians, and device makers focused on identifying potentially appropriate clinical scenarios for a demonstration of CIC, informed by legal and policy research performed by Science & Society Certificate Capstone students from Duke University (phase 2). We will present an overview of this work for comment and discussion as we move into the third phase of our project: implementation and assessment of CIC within the clinic.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

BTVW1 - Friday - 10:00-11:30 PDT

Title: Cypher for Defenders: Leveraging Bloodhound Data Beyond the UI (Intermediate)
When: Friday, Aug 7, 10:00 - 11:30 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Scoubi
Mathieu Saulnier is a “Security Enthusiast” ©@h3xstream. He has held numerous positions as a consultant within several of Quebec’s largest institutions. For the last 8 years he has been focused on putting in place a few SOC and has specialized in detection (Blue Team), content creation and mentorship. He worked as a « Senior Security Architect » and acted as “Adversary Detection Team Lead” and “Threat Hunting Team Lead” for one of Canada’s largest carrier for many years and is now SOC Team Lead in a large financial institution. He loves to give talk and had the honor to do so at GoSec, BSidesCharm, NorthSec, BSidesLV, Defcon’s BTV and Derbycon.
Twitter: @ScoubiMtl

Description:
Bloodhound stores AD data in a Neo4j. The UI allows you to get some information out of the box, but that is only the tip of the iceberg. Using Cypher if you can think it, you can visualize it!

The workshop will start with a quick presentation of BloodHound (BH). This is to make sure everybody understands the product as I very often meet security practitioners that never heard of the tool. (5 minutes)

The participants will be provided with test data, either in JSON format (a few KB) that can import in the BH UI or as a Neo4j database (very big). The reason to provide both is that BH is now detected by many AV as a Hacking tool and I don't want to exclude participants who come with their work computer. Those files will be provided ahead of time via Dropbox or similar file sharing site.

The first part of the workshop will go over the various objects present in BH: Computers, Groups, OU, Domains, etc. and the properties of those objects. We will learn how to interact with them using both the UI and the Neo4j Web Console (NWC). We will then use the prebuilt queries from the BH UI and use them in the NWC. From there we will start modifying them and see what impact it has. Debugging techniques will be shown. (~20 minutes)

After that we will go into a bit more advance query type, for example multiple relationships and chaining queries together. A few examples will be provided and the participants will be able to replicate the queries and see the result. (~30 minutes)

Finally, the participants will receive a list of questions and they will need to build the Cypher Queries themselves in order to find the answer. I will be there to assist them and debug their queries as needed. (~30 minutes)

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

FSL - Friday - 20:00-20:59 PDT

Title: D0 N0 H4RM: A Healthcare Security Conversation
When: Friday, Aug 7, 20:00 - 20:59 PDT
Where: DEF CON Fireside Twitch
Speakers:Ash Luft,Christian “quaddi” Dameff,Jeff “r3plicant” Tully,Suzanne Schwartz,Vidya Murthy

SpeakerBio:Ash Luft , Software Engineer Starfish Medical
Ash Luft is an Embedded Software Engineer with a background in Computer Science, Biochemistry, and Electrical Engineering. With industry experience in Software and Biomedical Device Development, Ash specializes in designing for and implementing safety, security, and privacy in Clinical IoT and Medical Devices. Ash is passionate about protecting patient outcomes while delivering cost-effective, high quality solutions.

SpeakerBio:Christian “quaddi” Dameff , MD, Physician & Medical Director of Security at The University of California San Diego
Christian (quaddi) Dameff MD is an Assistant Professor of Emergency Medicine, Biomedical Informatics, and Computer Science (Affiliate) at the University of California San Diego. He is also a hacker, former open capture the flag champion, and prior DEF CON/RSA/Blackhat/HIMSS speaker. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients, and other Emergency Medicine related works with an emphasis on CPR optimization. Published security research topics including hacking critical healthcare infrastructure, medical devices and the effects of malware on patient care. This is his sixteenth DEF CON.
Twitter: @CDameffMD

SpeakerBio:Jeff “r3plicant” Tully , MD, Anesthesiologist at The University of California Davis
Jeff (r3plicant) Tully is an anesthesiologist, pediatrician and security researcher with an interest in understanding the ever-growing intersections between healthcare and technology.
Twitter: @JeffTullyMD

SpeakerBio:Suzanne Schwartz , MD, Associate Director for Science and Strategic Partnerships at the US Food and Drug Administration FDA
Dr. Suzanne Schwartz’s programmatic efforts in medical device cybersecurity extend beyond incident response to include raising awareness, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month on March 1st 2018 for her work in Medical Device Cybersecurity. Suzanne chairs CDRH’s Cybersecurity Working Group, tasked with formulating FDA’s medical device cybersecurity policy. She also co-chairs the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector’s healthcare cybersecurity initiatives.

SpeakerBio:Vidya Murthy , Vice President Operations, MedCrypt
Vidya is fascinated by the impact of cybersecurity on the healthcare space. Beginning her career in consulting, she realized a passion for healthcare and worked for global medical device manufacturer Becton Dickinson. She has since joined MedCrypt, a company focused on bringing cybersecurity leading practices to medical device manufacturers. Vidya holds an MBA from the Wharton School.

Description:
It is certainly a time of discovery- though the truths revealed by the COVID-19 crisis can be bitter and bleak. At a time when all attention is focused on the ERs and ICUs that make up the battle’s front lines, it is easy to cast aside old warnings to focus solely on the clinical war. But the need for safety and security only increases in the face of a pandemic- and healthcare cybersecurity is no different. From testing to ventilators, every facet of our response to COVID-19 depends on trustworthy and reliable technology.

D0 No H4rm- DEF CON’s continuing conversation on healthcare returns for another up close (but not too close) and personal dialogue between hackers at the top of their fields- from the halls of the FDA to the cutting edge of medical devices security research for an all-encompassing look at what we need to focus on in the age of COVID. Moderated by physician hackers quaddi and r3plicant, this perennially packed event aims to recruit the talent, ingenuity, and vision of the DEF CON family for the challenges we face both now and after the immediate crisis passes.

Discord: https://discord.com/channels/708208267699945503/738141986476916826

This fireside is available on YouTube, direct-download from DEF CON Media (MP4, SRT), and is part of the DC28 Torrent.

YouTube: https://www.youtube.com/watch?v=fAU7V3pvj1Q

SRT: https://media.defcon.org/DEF%20CON%2028/DEF%20CON%20Safe%20Mode%20video%20and%20slides/DEF%20CON%20Safe%20Mode%20-%20Christian%20%E2%80%9Cquaddi%E2%80%9D%20Dameff%20MD%20and%20panel%20-%20D0%20N0%20H4RM-%20A%20Healthcare%20Security%20Conversation.srt

Torrent: https://media.defcon.org/DEF%20CON%2028/DEF%20CON%2028.torrent

DEF CON Fireside Lounges will be live-streamed on Twitch.

Discord: https://discordapp.com/channels/708208267699945503/735849065593438248/737077762845704224

#fireside-lounge-text: https://discord.com/channels/708208267699945503/738141986476916826

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Darknet Contest
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Here at Darknet, We are a Real Life (RL) Massively Multiplayer Online Role Playing Game (MMORPG), where we teach you real life skills and you get in-game points for it. Some may call this Gamified learning. We assume no prior knowledge on a subject, teach you the basics, then challenge you to use what you have learned. Our contest has a range of quests, starting with simple tasks and working your way up to very complex problems.

In the past we have taught you how to lock pick, crack wifi, create a PGP Key and communicate online safely, as well as soldering, programming, and code cracking, just to name a few.From there we would have sent you on quests to go to the different villages to learn something from them, and then come back and test your skills.

But alas, we have been forced underground…And while the physical aspect of the conference has moved online, so have we. This year we will be focusing on the skills you will learn, past skills you will refresh, and your interactions with the community. There will not be a points scoreboard this year. Many of you who have previously bought the Darknet 8 Badge have not unlocked the full features. We have quests for you to learn how to interact, develop, and reprogram it. It’s time to Learn, Teach, and Play Agents, are you ready?

Info: https://dcdark.net/

Twitter DCDarkNet: https://twitter.com/DCDarknet

Twitter Holon: https://twitter.com/Holon_Network

Return to Index - Add to

- ics Calendar file

BTVW2 - Friday - 18:00-19:30 PDT

Title: Data Analysis for Detection Research Through Jupyter Notebooks 101 (Beginner)
When: Friday, Aug 7, 18:00 - 19:30 PDT
Where: Blue Team Vlg - Workshop Track 2
Speakers:Roberto Rodriguez,Jose Rodriguez

SpeakerBio:Roberto Rodriguez
Roberto Rodriquez is a threat researcher and security engineer at the Microsoft Threat Intelligence Center (MSTIC) R&D team.

He is also the author of several open source projects, such as the Threat Hunter Playbook, Mordor, OSSEM, HELK and others, to aid the community development of techniques and tooling for threat research. He is also the founder of a new community movement to empower others in the InfoSec community named Open Threat Research.

Blog at https://medium.com/@Cyb3rWard0g

Twitter: @Cyb3rWard0g
https://medium.com/@Cyb3rWard0g

SpeakerBio:Jose Rodriguez
Jose is currently part of the ATT&CK team where he is currently revamping the concept of data sources. He is also one of the founders of Open Threat Research (OTR) and author of open source projects such as Infosec Jupyter Book, Open Source Security Event Metadata (OSSEM), Mordor, and Openhunt.
Twitter: @Cyb3rPandaH

Description:
Please see https://cfc.blueteamvillage.org/call-for-content-2020/talk/GCUYNN/ for pre-reqs.

From a detection research perspective, even after learning how to simulate a threat actor technique and generate some data in your lab environment, you might still struggle to know what to do with it. In some cases, you might need to filter, transform, correlate and visualize your data to come up with the right detection logic. In this workshop, we will walk you through a few basic data analysis techniques using open source and SIEM agnostic tools such as Jupyter Notebooks which are not only used by large organizations, but also can be deployed at home for free. Pre Requirements

Basics of Python
(optional) A computer with Docker Installed. If you are planning on deploying Jupyter in your own system, we will show you how to deploy it via Docker. It is not necessary since we are going to use BinderHub to interact with Jupyter Notebooks throughout the whole workshop.

Outline

Introduction to Jupyter Notebooks (10 mins) * Deployment Options
* Binder Project

Introduction to Apache Spark (5 mins)
* Spark Engine
* Spark SQL & DataFrames

Data Analysis Process 101 (10 mins)

We need data! (Mordor Project) (5 mins) * Download Datasets
* Raw Data -> DataFrame

A few data analysis techniques: (1 hour) * filter
* transform
* correlate
* visualize

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

BHV - Friday - 09:30-10:45 PDT

Title: DAY1 KEYNOTE: The Trust Talks
When: Friday, Aug 7, 09:30 - 10:45 PDT
Where: BioHacking Vlg
Speakers:Nina Alli,Vee Schmitt,Yusuf Henriques,Josh O'Connor,Cannibal,Devabhaktuni Srikrishna,Najla Lindsay,Nate DeNicola

SpeakerBio:Nina Alli
No BIO available

SpeakerBio:Vee Schmitt
Patient, Hacker

SpeakerBio:Yusuf Henriques
Army Veteran, Entrepreneur

SpeakerBio:Josh O'Connor
Recording Producer, Future Social Worker

SpeakerBio:Cannibal
Hacker, Maker

SpeakerBio:Devabhaktuni Srikrishna
Data Scientist

SpeakerBio:Najla Lindsay
DFIR Scientist, BHV Speaker Ops

SpeakerBio:Nate DeNicola , MD
Telehealth, Physician

Description:
Nina Alli, Executive Director of the Biohacking Village, interviews folks in the biomedical and health industry for their insight and thoughts on where healthcare is and calls to action. They were not informed of the questions, these are real reactions and real talk.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

AEV - Friday - 12:00-17:59 PDT

Title: DDSAT-1
When: Friday, Aug 7, 12:00 - 17:59 PDT
Where: Aerospace Vlg Workshop

Description:
If CPX SimpleSat was, well, too simple, try your hand at hacking DDSat-1. Here you’ll get to experiment with RF exploitation by attacking a mock satellite over RF while it is talking to a mock ground station. You’ll be able to mimic the style of RF commands being generated as a part of Hack-a-Sat, but in a more simplified and user friendly manner.

Return to Index - Add to

- ics Calendar file

AEV - Friday - 09:00-15:59 PDT

Title: Deep Space Networking
When: Friday, Aug 7, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
Deep space communications utilize TCP/IP protocols with some added assistance from a TCP Convergence Layer and the Bundle Protocol. In this workshop, participants will examine the store-and-forward techniques used to transmit "bundles" of information from one host to another via a relay system. Using the latest version of Wireshark, participants will examine the TCP Convergence Header and locate the first packet of a bundle and the first and second legs of the relay process, as reassembled by Wireshark. After identifying the content contained within the bundle, participants will create a filter to locate the last packet of a bundle and examine key fields of the Bundle Protocol, including fields that define priority, destination type, endpoint IDs, and reporting of bundle delivery.

Return to Index - Add to

- ics Calendar file

CNE - Friday - 10:00-19:59 PDT

Title: DEF CON Scavenger Hunt
When: Friday, Aug 7, 10:00 - 19:59 PDT
Where: See Description or Village

Description:
While everyone in the world finds themselves socially distanced and in some level of quarantine, we are bringing the DEF CON Scavenger Hunt to you. As this year is so different, teams will be limited to one person.

The list will drop at 10AM on Friday, with items to produce and tasks to accomplish until the game ends at noon on Sunday. You will be competing for glory, bragging rights, and prizes (that you can pick up at the table, during the next in-person DEF CON).

Forum: https://forum.defcon.org/node/232938

Discord: https://discord.com/channels/708208267699945503/711049278163779605

Twitter: https://twitter.com/DefConScavHunt

Web: http://defconscavhunt.com/

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Defcon Ham Radio Fox Hunting Contest
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
In the world of amateur radio, groups of hams will often put together a transmitter hunt (also called "fox hunting") in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. Each transmitter will provide a clue or one time use ticket which will prove the player found the fox transmitter. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon at the contest table to help people who find themselves stuck. A small prize to be determined will be given to each participant who locates all of the foxes each day. In previous years a custom made embroidered velcro-backed patch was given out or a "fun" trophy. The patches are always a big hit so it's likely we'll do that again this year if selected.

Forum: https://forum.defcon.org/node/232947

Discord: https://discord.com/channels/708208267699945503/711645275902574633

Twitter: https://twitter.com/richsentme

Web: https://defcon27foxhunt.com

Return to Index - Add to

- ics Calendar file

DC - Friday - 12:30-12:59 PDT

Title: Detecting Fake 4G Base Stations in Real Time
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Cooper Quintin , Senior Staff Technologist, EFF
Cooper is a security researcher and Senior Staff Technologist with the EFF threat lab. He has worked on projects such as Privacy Badger and Canary Watch. With his colleagues at threat lab he has helped discover state sponsored malware and nation state actors such as Dark Caracal and Operation Manul. He has also performed security trainings for activists, non profit workers and ordinary folks around the world. He also was a co-founder of the Hackbloc hacktivist collective and published several issues of the DIY hacker zine "Hack This Zine." In his spare time he enjoys playing music and playing with his kid and imagining a better future.

Description:
4G based IMSI catchers such as the Hailstorm are becoming more popular with governments and law enforcement around the world, as well as spies, and even criminals. Until now IMSI catcher detection has focused on 2G IMSI catchers such as the Stingray which are quickly falling out of favor. In this talk we will tell you how 4G IMSI Catchers might work to the best of our knowledge, and what they can and can't do. We demonstrate a brand new software project to detect fake 4G base stations, with open source software and relatively cheap hardware. And finally we will present a comprehensive plan to dramatically limit the capabilities of IMSI catchers (with the long term goal of making them useless once and for all).

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

BTVT1 - Friday - 16:00-16:30 PDT

Title: Detecting The Not-PowerShell Gang (Intermediate)
When: Friday, Aug 7, 16:00 - 16:30 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Mangatas Tondang
Professionally, Mangatas is a Threat Hunter for one of the major Canadian Telecommunication company. As a blue teamers, he is passionate on learning and breaking the hacking tools to pieces and try to develop detection against them. He also love following and building detection from the recent intelligence report on different APT groups. Coming from a school that taught him broad spectrum of Information Security, he also love exploring application security, reverse engineering, and script tools that can help him and his coworkers. He wouldn't be here without community support, that's why he love to give security training for other people and currently he is also a member of CTF challenge development team for his almamater. Outside the Security world, He is a guitarist and also "wannabe" astrophotographer.
Twitter: @tas_kmanager

Description:
Since the advancement of security features released in PowerShell version 5, Red Team folks are forced to not use PowerShell to have successful and undetectable engagements. Some of them even push the boundary and created their own Not-PowerShell tools and released it to the public. As a Blue Teamer, this means we need to reinforce our perimeter against these tools. This talk will uncovers some of the popular Not-PowerShell tools followed by how the blue teams can still spot these tools and build detection on it.

This talk will look into several not-powershell tools and craft several detection tactics based on their mechanism. We will utilize common logging tools, Sysmon and Windows Logs (Integrated to SIEM).

We will start with Introduction and will quickly go through the common mechanism used by the not-powershell tools

Tools we are going to look at are:
- InvisiShell
- NoPowerShell
- PowerShdll
- PowerLessShell
- And some other tools with similar mechanism

After getting familiar with the mechanisms, we will put our blue hat back and see what artifacts left by these tools and build reliable detection for each mechanisms leaving small room for false positives. At the end of the day, the blue team will be awarded with some queries (also known as rules or use cases) that they can use and deploy at their own SIEM solution.

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

BHV - Friday - 14:00-14:30 PDT

Title: Digital Health Technologies in the NIH All of Us Research Program
When: Friday, Aug 7, 14:00 - 14:30 PDT
Where: BioHacking Vlg

SpeakerBio:Michelle Holko , PhD, PMP
Michelle Holko, PhD, PMP, is a White House Presidential Innovation Fellow working with NIH’s All of Us Research Program. Her technical expertise is in genomics and bioinformatics, and her work lies at the intersection of health and health security, technology, data/analytics, and biosecurity policy.

Description:
The National Institutes of Health’s (NIH) All of Us Research Program (AoURP) aims to enroll at least one million US participants from diverse backgrounds; collect electronic health record (EHR) data, survey data, physical measurements, biospecimens for genomics and other assays, and digital health data; and create a researcher database and tools to enable precision medicine research. Since inception, digital health technologies (DHT) have been envisioned as integral to achieving the goals of the program. A “bring your own device” (BYOD) pilot for collecting Fitbit data from participants’ devices was developed with more recent integration of Apple HealthKit data donation and additional DHTs planned in the future. This presentation will describe 1) the initial process to assess, curate, and include Fitbit BYOD data in the All of Us Researcher Workbench, 2) the diversity and assessment of under-represented in biomedical research (UBR) in Fitbit BYOD participants compared with overall AoU participant population, and 3) future DHT studies planned for AoURP.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

BTVT1 - Friday - 17:00-17:59 PDT

Title: Discovering ELK The First Time - Lessons Learned Over 2 Years (Beginner)
When: Friday, Aug 7, 17:00 - 17:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:TheDrPinky
Dr. Pinky has been a computer scientist for the US Air Force for the last six years. She specializes in threat hunting and digital forensics for both Linux and Windows operating systems. You can find DrPinky in the infosec area as the social media coordinator for BSides San Antonio, participating in the San Antonio Hackers Association (SAHA), and presenting at events such as SANS Blue Team Summit and Texas Cyber Summit.
Twitter: @TheDrPinky

Description:
ELK has become one of the favorite tools of blue teamers across the world. However, when you’re first getting used to ELK, you may be overwhelmed and not fully understanding what is happening. There is more to do with it than simply feed in logs and search it in a pretty web UI! This talk will focus on things I wish I knew about ELK back when I was first learning it to help provide some quick wins for those new to ELK, and maybe a few tidbits for those who already use it.

Elastic, Logstash, and Kibana (ELK) continue to keep becoming more popular with blue teamers - there’s plenty of documentation, you can custom develop anything you want with it due to the fact it’s open source, and it’s free! However, those first starting out with ELK can become quickly overwhelmed. When these people finally get the hang of ELK, they still may be missing some critical understanding that limits them - why can’t I filter by hostname? What do these pretty yellow triangles really mean? This is because most people will get used to just Kibana - not rest of the stack. In this talk I’ll cover lessons I wish I learned a lot sooner about ELK that would have helped me out - and hopefully they help you too!

Lesson 1: Elastic and Kibana are NOT the same. Going into the differences, why they get confused, and what the actual differences are.

Lesson 2: Logstash is more powerful than you give it credit for, but is incredibly overwhelming. Here’s some ways to get some quick bang for buck.

Lesson 3: How do you go about feeding in your own custom documents to ELK? This will quickly go into popular ways to feed logs into ELK, and if that doesn’t help, how to feed in other information to ELK through a more manual approach. Never know when a custom script output would be better put in elastic!

Lesson 4: Don’t forget about your Linux logs! With Linux we may be more used to relying on rsyslog to forward everything - but this most likely just captures your application logs. What about the equivalency of event logs on Linux? This will (very) briefly introduce auditd, how to forward it to ELK, and how to best parse through it.

Title: Election Security
When: Friday, Aug 7, 15:30 - 16:30 PDT
Where: See Description or Village

Description:
This event requires registration. Please see the below URL for details.

Registration: https://www.eventbrite.com/e/def-con-community-roundtable-election-security-tickets-115977739541

Return to Index - Add to

- ics Calendar file

RTV - Friday - 16:45-17:45 PDT

Title: Enumerating Cloud File Storage Gems
When: Friday, Aug 7, 16:45 - 17:45 PDT
Where: Red Team Vlg

SpeakerBio:Michael Wylie , Director of Cybersecurity Services, Richey May Technology Solution
Michael Wylie (Twitter: @TheMikeWylie), MBA, CISSP is the Director of Cybersecurity Services at Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability assessments, cloud security, penetration tests, risk management, and training. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Universities, and for clients around the world. Michael is the winner of numerous SANS challenge coins and holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GMON, GPEN, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, and more.
Twitter: @TheMikeWylie

Description:
Organizational data is rapidly moving to the cloud, but it's not always intentional. The shift from on-premise data storage to the cloud constitutes a significant challenge and risk to the modern enterprise. The use of cloud file storage applications is on the rise for both consumer and business systems, which results in interesting data and metadata siting on endpoints. In this talk, we'll examine the large footprints of popular cloud file storage applications such as OneDrive and Box - learning what information can be enumerated from each cloud file storage solution. In some scenarios, data can be carved out from cache, restoring sensitive documents no longer on an endpoint.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

RTV - Friday - 23:00-23:59 PDT

Title: ERPwnage - a red team approach to targeting SAP
When: Friday, Aug 7, 23:00 - 23:59 PDT
Where: Red Team Vlg

SpeakerBio:Austin Marck
No BIO available

Description:
The crown jewels are ripe for the taking. ERP systems like SAP are being targeted more than ever and red teams need the tools to demonstrate these threats. We'll demonstrate the TTPs needed to emulate real threats with lateral movement techniques in, out, and between SAP systems.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

AEV - Friday - 14:00-14:59 PDT

Title: Experimental Aviation, Risks And Rewards
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Aerospace Vlg

SpeakerBio:Patrick Kiley , Principal Security Consultant, Rapid7
Patrick Kiley (GXPN, GPEN, GAWN, GCIH, CISSP, MCSE) has over 18 years of information security experience working with both private sector employers and the Department of Energy/National Nuclear Security Administration (NNSA). While he was with the NNSA he built the NNSA's SOC and spent several years working for emergency teams. Patrick has performed research in Avionics security and Internet connected transportation platforms. Patrick has experience in all aspects of penetration testing, security engineering, hardware hacking, IoT, Autonomous Vehicles and CAN bus.
Twitter: @gigstorm

Description:
This talk will cover a hacker’s perspective of building your own aircraft, what I consider to be the ultimate maker/hacker project. Over 10 years ago, I decided to see if I could build an aircraft from a set of plans. The model I chose was a 4 seat AeroCanard FG, a somewhat controversial derivative of the Cozy Mark IV. The Cozy itself was also a derivative, basically a widened version of the Burt Rutan designed Long EZ. This talk will cover why someone would choose to build their own aircraft. All of these topics will cover the risk as I see it as a professional who has been in the information risk field his entire professional career.

I will break this talk down into the following topics.
FAA and the 51% rule
Plans vs Kits
Composite vs riveted aluminum construction
Making changes to tested designs
Engine selection, aviation engines vs conversions
Avionics selection

I will complete the talk with some discussion around becoming a test pilot, what you will become when you finally fly your creation.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

DC - Friday - 16:30-16:59 PDT

Title: Exploiting Key Space Vulnerabilities in the Physical World
When: Friday, Aug 7, 16:30 - 16:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Bill Graydon , Principal, Research, GGR Security
Bill Graydon is a principal researcher at GGR Security, where he hacks everything from locks and alarms to critical infrastructure; this has given him some very fine-tuned skills for breaking stuff. He’s passionate about advancing the security field through research, teaching numerous courses, giving talks, and running DEF CON’s Lock Bypass Village. He’s received various degrees in computer engineering, security, and forensics and comes from a broad background of work experience in cyber security, software development, anti-money laundering, and infectious disease detection.

Description:
Imagine being able to get together with a few of your co-workers, look at your office keys and derive a building master key. Or you may not have any working key at all: you could impression the lock, or use one of the many ways we’ll present in this talk to put together little bits of information from a lock to create a working key.

We apply information theory - the concept behind the “entropy” of a password - in an easy to understand way to show how every little bit of information about a system can be used to defeat it. The audience will be able to pull any key out of their pocket and understand how it works and how an attacker can create it covertly, and open whatever lock it is for, or even a lock it isn’t for, that shares the same system.

We’ll explain how to produce either a single final key, or a set small enough to economically brute force - and release a software tool to let anyone quickly try out all possibilities in an easy-to-visualize way.

Finally, we will discuss possible solutions to these problems and introduce vulnerabilities our research has uncovered in high-security systems like Medeco, Abloy, and Mul-T-Lock - including releasing a set of only 159 possible top level master key codes for certain large Medeco mastered systems.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

AEV - Friday - 17:00-17:59 PDT

Title: Exploiting Spacecraft
When: Friday, Aug 7, 17:00 - 17:59 PDT
Where: Aerospace Vlg

SpeakerBio:Brandon Bailey
Brandon Bailey is a cybersecurity senior project leader at The Aerospace Corporation. He has more than 14 years of experience supporting the intelligence and civil space arena. Bailey’s specialties include vulnerability assessments/ penetration testing for space systems and infusing secure coding principles within the software supply chain. Before joining Aerospace, Bailey worked for NASA, where he was responsible for building and maintaining a software testing and research laboratory to include a robust cybersecurity range as well as spearheading innovative cybersecurity assessments of ground infrastructure that support NASA’s mission operations. While at NASA, Bailey was honored with several group and individual awards, including NASA’s Exceptional Service Medal for his landmark cybersecurity work, NASA’s Early Career Achievement Award, and NASA Agency Honor Awards for Information Assurance/Cybersecurity. He has also contributed to teams who have received honorable mention in the 2012 and 2016 NASA’s Software of the Year competition. Bailey graduated summa cum laude with a bachelor’s degree in electrical engineering from West Virginia University and currently holds multiple certifications in the cybersecurity field. He recently co-authored Aerospace’s Center for Space Policy and Strategy’s Defending Spacecraft in the Cyber Domain paper which outlines security principles that can be applied on-board the spacecraft to improve its security posture.

Description:
This presentation will describe the high-level cyber threat landscape for space systems and focus on three examples: Command Replay Attack, Command Link Intrusion, and Denial of Service using GPS jamming. These three attacks were performed using high fidelity ground-to-space simulators to demonstrate the benefit of performing such research using simulation. These simulations leverage many of the same software components used in operations today for several operational missions. Recommendations are provided on how to protect against the attacks and references are provided so the audience can build their own simulations to begin their own research.

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.

Discord: https://discord.com/channels/708208267699945503/732394328105943180

Return to Index - Add to

- ics Calendar file

IOT - Friday - 12:15-12:59 PDT

Title: Exploring vulnerabilities in Smart Sex Toys, the exciting side of IoT research
When: Friday, Aug 7, 12:15 - 12:59 PDT
Where: IOT Vlg

SpeakerBio:Denise Giusto Bilic
Denise Giusto Bilic is an Information Systems Engineer graduated from the National Technological University of Argentina. Nowadays she specializes in mobile and IoT security.

Denise currently works as a Security Researcher at ESET, where part of her job is preparing technical and educational materials related to information security. She has participated as a speaker in many international security conferences. She is also a co-organizer of NotPinkCon Security Conference.

Description:
Smart sex toys are a huge topic – and we’re not talking about their size! The Internet of Things (IoT) has triggered many personal items to become connected and smart, watches, toothbrushes, glasses and even toilets, to name just a few. The adult toy market has not been left behind with new models of toys that include the opportunity to connect them to the Internet and allow them to be remotely controlled.

IoT devices and their vulnerabilities are frequently discussed in the media, and sex toys are not the exception. Many of them have holes in them. Keep focused, we mean holes and bugs in the software. This is despite the sensitivity of the extremely personal information they handle. We analyzed the security of the Android applications that control the most frequently purchased models of connected sexual pleasure devices, to determine the extent to which the confidentiality of user data could be vulnerable. Our research revealed interesting security flaws derived from both the implementation of the application and the design of the device, affecting the storage and processing of information.

If you’re one of the many users who have a smart sex toy connected to the internet, or plan to buy one, you cannot miss this talk, it may have you shaking in your seat. Our presentation may make you reconsider connecting it ever again or not purchasing one at all.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

PAYV - Friday - 11:00-11:59 PDT

Title: Fear and Loathing in Payment Bug Bounty
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Payment Vlg

SpeakerBio:Timur Yunusov
No BIO available

Description:
Bug bounty - is an easy-to-start-and-succeed Information Security area. Low entry barriers, money engagement, low risks of being sued. But none of these can be applied when it comes to payment vulnerabilities. It's hard to find banks which allow digging into their assets. We're here to try and change it! Start with payment security today, vulnerabilities are waiting.

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q

Return to Index - Add to

- ics Calendar file

ETV - Friday - 10:00-10:59 PDT

Title: Federal Communications Commission
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Ethics Vlg

SpeakerBio:Comm. Geoffrey Starks
No BIO available

Description:
This will be a pre-recorded talk.

Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449

Return to Index - Add to

- ics Calendar file

BTVT1 - Friday - 18:30-18:59 PDT

Title: Fighting a Virus with a Spreadsheet (Beginner)
When: Friday, Aug 7, 18:30 - 18:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Allen Baranov
Allen is a seasoned information security professional with over 15 years of experience in diverse industry verticals such as banking and finance, manufacturing, retail and communications. He has extensive knowledge of IT Security Management, Compliance including ISO 27001 and PCI DSS, Network Security Architecture Review, Vulnerability assessment and Security Architecture.

As a senior information security consultant (GRC) at Sense of Security, Allen brings a keen interest in IT risk assessments and risk treatment, security architecture and design, PCI-DSS gap assessments, security strategy and roadmaps as well as the creation of frameworks, policies, standards and procedures.

Supported by his Bachelor of Commerce and multiple industry-recognised certifications such as PCI QSA, CISSP, and SABSA, Allen has extensive experience across many security compliance implementations and security operation requirements. His strengths include understanding the technical intricacies of security and the need for a balanced approach to meet business objectives and addressing risks appropriately.

Twitter: @abaranov

Description:
On 27 June 2017, a piece of malware raced across the globe and took out many organisations including some that were similar to the one I was employed at. But we were safe and, in fact, not worried at all.

All thanks to clever use of spreadsheets.

In this talk, given entirely within Excel (yes, really) I go through the methods used to protect the organisation from this malware. If a talk given entirely in Excel sounds boring - you haven't seen this talk.

I have (virtually) given this talk twice - at a local Australian conference called ComfyCon and at a charity event hosted by Second Order Chaos. In both cases - they were blown away by the creativity of the "slides" and the fun way that this is presented.

There is a serious aspect to this though. It goes through the different phases of getting an effective patch program established. It has a 'hacker' aspect to it in that it asks people to be excited and interested and curious about their security controls and the processes that lead to the outcomes that are achieved.

I've thrown some humour and some easter eggs into the presentation.

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

DC - Friday - 14:30-14:59 PDT

Title: Finding and Exploiting Bugs in Multiplayer Game Engines
When: Friday, Aug 7, 14:30 - 14:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Jack Baker
Jack Baker is a professional reverse engineer and amateur video game hacker. Jack is most known for having the same name as a Resident Evil villain.

Description:
Unreal Engine 4 and Unity3D dominate the multiplayer gaming landscape. They're also complicated pieces of software written in C and C++. In this talk, Jack will share the results of months of bug hunting in multiplayer game networking protocols. Be prepared for memory disclosures, speedhacks, and WONTFIX vulnerabilities.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

BHV - Friday - 11:00-11:45 PDT

Title: Fireside Chat with Dr. Amy Abernethy and Adama Ibrahim
When: Friday, Aug 7, 11:00 - 11:45 PDT
Where: BioHacking Vlg
Speakers:Adama Ibrahim,Amy Abernethy

SpeakerBio:Adama Ibrahim
No BIO available

SpeakerBio:Amy Abernethy
Amy P. Abernethy, M.D., Ph.D. is an oncologist and internationally recognized clinical data expert and clinical researcher. As the Principal Deputy Commissioner of Food and Drugs, Dr. Abernethy helps oversee FDA’s day-to-day functioning and directs special and high-priority cross-cutting initiatives that impact the regulation of drugs, medical devices, tobacco and food. As acting Chief Information Officer, she oversees FDA’s data and technical vision, and its execution. She has held multiple executive roles at Flatiron Health and was professor of medicine at Duke University School of Medicine, where she ran the Center for Learning Health Care and the Duke Cancer Care Research Program. Dr. Abernethy received her M.D. at Duke University, where she did her internal medicine residency, served as chief resident, and completed her hematology/oncology fellowship. She received her Ph.D. from Flinders University, her B.A. from the University of Pennsylvania and is boarded in palliative medicine.

Description:
Discussions around:
- Intersection of big data and patient rights - Real World Data and how to best serve patients in the digital era - Cybersecurity risk for medical devices - How FDA is working with security researchers (e.g., the FDA-led Evidence Accelerator at the FDA)

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

CPV - Friday - 17:00-17:59 PDT

Title: Fireside Chat: All about Section 230, the EARN IT Act, and What They Mean for Free Speech and Encryption
When: Friday, Aug 7, 17:00 - 17:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Cathy Gellis,Riana Pfefferkorn

SpeakerBio:Cathy Gellis
Frustrated that people were making the law without asking her for her opinion, Cathy Gellis gave up a career as a web developer to become a lawyer so that she could help them not make it badly, especially where it came to technology. A former aspiring journalist and longtime fan of free speech her legal work includes defending the rights of Internet users and advocating for policy that protects online speech and innovation. She also writes about the policy implications of technology regulation on sites such as the Daily Beast, Law.com, and Techdirt.com, where she is a regular contributor.

SpeakerBio:Riana Pfefferkorn
Riana Pfefferkorn is the Associate Director of Surveillance and Cybersecurity at the Stanford Center for Internet and Society.”

Description:
It seems like everyone's talking about Section 230 these days, and keen to change it, even without really knowing what it says and does. Or how badly most of the proposals to change it, such as the EARN IT Act bill, threaten all sorts of things we value, including encryption, privacy, security, and free speech online. Come to this crash course in Section 230 basics, followed by a fireside chat about EARN IT between two seasoned lawyers, to learn the truth about this crucial law, why these proposals are so terrible, and how you can take action to protect the Internet.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

Title: Future Proofing Your Career
When: Friday, Aug 7, 17:00 - 17:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Jenai Marinkovic
No BIO available

Description:
We have entered the 4th industrial revolution, a time marked by the interconnection of hyper-instrumented physical, biological, and digital worlds. The accompanying pace of technological development will exert profound changes in the way people live and work, impacting all disciplines, economies, and industries. Preparing the cybersecurity workforce for the changes that will reframe their careers requires insight and a vision of our possible future.

Next-generation security professionals will both leverage and work alongside purpose-based digital assistants to help navigate the explosion of data created by intelligent ecosystems. These virtual assistants will replace current knowledge management platforms/intranets, dashboards, and manage any security process that can be automated. As machine learning and cognitive solutions evolve in sophistication, security teams must re-examine how they organize work, design jobs, and plan for future growth. Let's futurecast near term technological trends and identify the concrete steps all security professionals need in the Age of the Intelligent Ecosystem and the Augmented Workforce.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

- ics Calendar file

PWDV - Friday - 22:40-23:30 PDT

Title: Getting Advanced with Hashcat (Rebroadcast)
When: Friday, Aug 7, 22:40 - 23:30 PDT
Where: Password Vlg

SpeakerBio:Password Village Staff
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ

Return to Index - Add to

- ics Calendar file

PWDV - Friday - 18:00-18:59 PDT

Title: Getting Advanced with Hashcat
When: Friday, Aug 7, 18:00 - 18:59 PDT
Where: Password Vlg

SpeakerBio:Password Village Staff
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ

Return to Index - Add to

- ics Calendar file

Title: Getting started with the Intervillage badge
When: Friday, Aug 7, 14:30 - 15:30 PDT
Where: Monero Vlg

SpeakerBio:Michael Schloh von Bennewitz
No BIO available

Description:
Codenamed Bob, this year's electronic badge enjoys collaboration from several villages and is called the Intervillage Badge. https://bob.monerodevices.com/ In this hour, we focus on ways to use the Intervillage Badge including: - Out of the box data storage with NFCTools - Onboarding procedure for your village use - Impersonating radio IDs in your environment - Backing up data from mobile applications - Playing the Rogues Village Game online - Navigating the Bob village network Continuing, we consider modification strategies to make the badge suit your personal village style, like adding a lanyard, printing a new enclosure, and disassembly strategies. We conclude by reviewing hardware hacks the badge may support as well as VNA assisted antenna tuning. For more information about this year's village badge (and many others), please visit the Monero Village office hours. View the schedule at Monerovillage.org and look for 'Badge Clinic'.

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676

Return to Index - Add to

- ics Calendar file

RGV - Friday - 12:00-13:59 PDT

Title: Google Maps Hacks
When: Friday, Aug 7, 12:00 - 13:59 PDT
Where: Rogues Vlg

SpeakerBio:Simon Weckert
No BIO available

Description:
You’ve seen his Google Maps Hacks on international news just earlier this year, now come see the methodology behind his projects. Simon uses technology in the digital space to cleverly impact the physical space, all the while creating some playful mischief. Excited to welcome Simon to our village this year.

From Simon:
99 second hand smartphones are transported in a handcart to generate virtual traffic jam in Google Maps. Through this activity, it is possible to turn a green street red which has an impact in the physical world by navigating cars on another route to avoid being stuck in traffic. The presentation will give an insight of the hack. #googlemapshacks

Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage

Return to Index - Add to

- ics Calendar file

AEV - Friday - 12:30-12:59 PDT

Title: GPS Spoofing 101
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: Aerospace Vlg

SpeakerBio:Harshad Sathaye
Harshad is a Ph.D. candidate at Northeastern University and a soon-to-be student pilot. He is a cyber security enthusiast with research interests around wireless systems security, specifically navigation systems and development of secure cyber-physical systems

Description:
With the advent of autonomous cyber-physical systems such as self-driving cars and unmanned aerial vehicles, the use of Global Positioning System (GPS) for positioning and navigation has become ubiquitous. In recent years we have seen a lot of GPS "incidents" which involve either denial of services or spoofing to mislead the receiver. This workshop will include the basics of GPS spoofing with a hands-on exercise and a discussion of state-of-the-art spoofing mitigation techniques

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.

Discord: https://discord.com/channels/708208267699945503/732394328105943180

Return to Index - Add to

- ics Calendar file

RTV - Friday - 14:15-15:15 PDT

Title: Grey Hat SSH: SShenanigans
When: Friday, Aug 7, 14:15 - 15:15 PDT
Where: Red Team Vlg

SpeakerBio:Evan Anderson
Evan Anderson is the Director of Offense at Randori. He has over 15 years of experience in red teaming, vulnerability research and exploit development and is a founding member of the NCCDC Red Team. Prior to co-founding Randori, he worked at Kyrus Technologies supporting commercial and federal projects.

Description:
The Secure Shell (SSH) was designed to replace telnet/rsh with a secure channel over unsecured networks. SSH is a swiss army knife for red team engagements letting malicious actors accomplish a multitude of interesting tasks. Aside from providing access to run commands on remote systems SSH can be used to complete a myriad of other activities including hop network boundaries, maintain persistent access, download files, steal credentials, hide access and even configure what commands users run on login. This talk goes through details of how to configure and abuse ssh for a number of red team oriented goals from beginner too advanced.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: H@cker Runw@y
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
For the second year, H@ck3r Runw@y is bringing together fashionistas out there. Make it SMART, LIGHT it up, OBFUSCATE something, or be GEEKY on fleek. Enter clothing, shoes, jewelry, hats or accessories. If you wear it, the runway can handle it. Predesign entry or create something on the fly. Just do it before the stage and bring proof.

Awards will be handed out in 4 categories for predesign and one (1) for anything designed during contest hours. There will also be a People’s Choice category where the winner is anyone’s guess:

Digital (electronic, led, etc)
Smart wear (interactive, temperature sensing, mood changing, etc) Aesthetics (3d printed, geeky wear, passive design) Miscellaneous (obfuscation, lock picks, shims, card skimmers) Live creations
People’s Choice

Judgement based on, but not limited to:

Uniqueness
Trendy
Practical
Couture
Creativity
Relevance
Originality
Presentation
Mastery

Forum: https://forum.defcon.org/node/232893

Discord: https://discord.com/channels/708208267699945503/711644666239647824

Twitter: https://twitter.com/Hack3rRunway

Web: https://hack3rrunway.github.io

Return to Index - Add to

- ics Calendar file

AEV - Friday - 16:00-16:30 PDT

Title: Hack-A-Sat Friday Recap
When: Friday, Aug 7, 16:00 - 16:30 PDT
Where: Aerospace Vlg

Description:
Recap of Friday's Hack-A-Sat competition and a look ahead to Saturday.

This event will be coordinated on the DEF CON Discord server, in channel #av-hack-a-sat-text.

Discord: https://discord.com/channels/708208267699945503/732393766677119087

Return to Index - Add to

- ics Calendar file

AEV - Friday - 08:00-08:25 PDT

Title: Hack-A-Sat Launch Party
When: Friday, Aug 7, 08:00 - 08:25 PDT
Where: Aerospace Vlg

Description:
Overview of the Hack-A-Sat competition, teams and CTF challenges.

This event will be coordinated on the DEF CON Discord server, in channel #av-hack-a-sat-text.

Discord: https://discord.com/channels/708208267699945503/732393766677119087

Return to Index - Add to

- ics Calendar file

AEV - Friday - 08:30-15:59 PDT

Title: Hack-a-Sat
When: Friday, Aug 7, 08:30 - 15:59 PDT
Where: Aerospace Vlg

Description:
The democratization of space has opened up a new frontier for exploration and innovation. But with this opportunity, new cybersecurity vulnerabilities are also being created. One human can design, build and launch a satellite, adhering to very few standards and security protocols. So how can we achieve safe, reliable and trustworthy operations to truly realize the promise of space?

...BY HACKING A SATELLITE

The United States Air Force, in conjunction with the Defense Digital Service, presents this year’s Space Security Challenge, Hack-A-Sat. This challenge asks hackers from around the world to focus their skills and creativity on solving cybersecurity challenges on space systems.

Security experts from around the globe are invited to pull together a team for our Hack-A-Sat Capture the Flag contest. Participants who successfully complete a set of qualification challenges on cybersecurity and space this spring will be invited to the ultimate challenge: to (ethically) hack a satellite.

Forum: https://forum.defcon.org/node/231203

Twitter: https://twitter.com/hackasat

Web: https://www.HackASat.com

Discord: https://discord.com/channels/708208267699945503/732393766677119087

Return to Index - Add to

- ics Calendar file

Title: Hacking Democracy II: On Securing an Election Under Times of Uncertainty and Upheaval
When: Friday, Aug 7, 11:30 - 12:30 PDT
Where: Voting Vlg
Speakers:Casey John Ellis,Kimber Dowsett,Tod Beardsley,Jack Cable,Amèlie Koran

SpeakerBio:Casey John Ellis , Founder and CTO, Bugcrowd
Casey Ellis is the Founder, Chairman and CTO of Bugcrowd and the co-founder of the The disclose.io Project. Casey has been making computers, companies, and markets misbehave for great justice since his youth, and pioneered the crowdsourced security-as-a-service industry in 2012.

SpeakerBio:Kimber Dowsett , Director of Security Engineering, Truss
No BIO available

SpeakerBio:Tod Beardsley , Director of Research, Rapid7
No BIO available

SpeakerBio:Jack Cable , Election Security Technical Advisor, U.S. CISA
No BIO available

SpeakerBio:Amèlie Koran , Senior Technology Advocate, Splunk
No BIO available

Description:
Democracy is the cornerstone of America’s Constitution, identity, and ideology, and this foundation was shaken during the 2016 Presidential Election. Four years later, we still have great lengths to go to ensure that the integrity of the 2020 Presidential Election, and any election moving forward, is protected.

In February, this panel convened to discuss the threats and challenges that are present and may arise between then and the November election. We discussed the intersection of people,technology, security, and elections, with a focus on themes including:

The true scope of the problem when it comes to “hacking elections”
The biggest threats to the 2020 vote–threat modeling for disinformation, voting machine vulnerabilities, website hacking, and election manipulation
The role of hackers and coordinated vulnerability disclosure in building voter trust and improve cyber-resilience
The impact for the elections in the west at large, driven by the U.S.’s prominence as the champion for democracy.

However, we did not know a pandemic and a constantly changing rhetoric by candidates and government leaders, along with several court cases, primaries and other events would add even more challenges for the 2020 election. We will discuss what is left in the 90 days left between now and the election, what can be feasibly helped by the public, governments, and others to ensure a secure and valid election, as well as what will need to be carried forward as lessons learned.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

CRV - Friday - 12:00-12:59 PDT

Title: Hacking Security Leadership
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Pete Keenan
No BIO available

Description:
So you are a great hacker who can pop shells all day and make the IT team weep. At some point, that will have diminishing returns for both you and the company you serve. Every one of us has delivered or received that dreaded vulnerability report with 100,000+ items on it and heard (or made) that desperate sigh of defeat. Too many times we perform amazing red team work and deliver reports full of detailed findings, only to come back a year later and see nothing has been fixed. Breaking things is the easy part; how do you drive change when you don’t have direct authority? Our goal is to make an enterprise or product more secure while not driving it out of business and alienating everyone along the way.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

- ics Calendar file

BHV - Friday - 15:30-15:59 PDT

Title: Hacking the Insulin Supply Chain To Save Lives
When: Friday, Aug 7, 15:30 - 15:59 PDT
Where: BioHacking Vlg

SpeakerBio:Anthony DiFranco
No BIO available

Description:No Description available

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

AIV - Friday - 14:00-14:50 PDT

Title: Hacking with Skynet - How AI is Empowering Adversaries
When: Friday, Aug 7, 14:00 - 14:50 PDT
Where: AI Vlg

SpeakerBio:GTKlondike
No BIO available
Twitter: @GTKlondike

Description:No Description available

AI Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

HRV - Friday - 11:00-13:59 PDT

Title: Ham Radio USA License Exams (Friday)
When: Friday, Aug 7, 11:00 - 13:59 PDT
Where: See Description or Village

Description:
The Ham Radio Village team is happy to announce that we will be offering virtual license exams this year during DEF CON Safe Mode. The team has negotiated a special discount rate of $5 for the exams. Additionally, the fee is waived for any applicants that are under the age of 18, a student with a current student ID, active military, or a veteran of the armed forces. Registration for exams is required.

Twitter: https://twitter.com/DC_Ham_Exams

Discord: https://discord.com/channels/708208267699945503/732733631667372103

Info/Reg: https://ham.study/sessions/5f0e7677295c50941c2cad5f/1

Return to Index - Add to

- ics Calendar file

HHV - Friday - 11:00-11:59 PDT

Title: Hardware hacking 101: There is plenty of room at the bottom
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Federico Lucifredi
Federico Lucifredi is the Product Management Director for Ceph Storage at Red Hat and a co-author of O'Reilly's "Peccary Book" on AWS System Administration. Previously, he was the Ubuntu Server product manager at Canonical, where he oversaw a broad portfolio and the rise of Ubuntu Server to the rank of most popular OS on Amazon AWS.

Description:
This is a live demonstration of hacking into the processor embedded in an SD card, effectively turning the device into a potentially covert Raspberry Pi-class computer under your complete control. The ARM926EJ-S ARM processor made its appearance as the embedded CPU in Transcend’s WiFi-enabled SD cards, clocking in at an impressive 426 BogoMips – we can’t possibly leave that territory unexplored, can we?

In this session we root the card’s own CPU, install a more featureful OS, and explore the system’s common and unusual capabilities (in hardware AES encryption and native support for Java bytecode among them). These provide plenty of building blocks for our projects.

Clearly, complete control of such a hidden computer running with full network connectivity can be used in network penetration scenarios. We’ll discuss applicable security threat countermeasures.

There is plenty of room at the bottom, and opening these computer-within-the computer configurations create interesting miniaturized automation scenarios alongside the obvious, more ominous security aspects.

Use your newfound knowledge for good, with great power comes great responsibility!

#hhv-hw101-talk-qa-text: https://discord.com/channels/708208267699945503/709255105479704636

Twitch: https://twitch.tv/dchhv

Return to Index - Add to

- ics Calendar file

IOT - Friday - 14:15-14:59 PDT

Title: Hella Booters: Why IoT Botnets Aren't Going Anywhere
When: Friday, Aug 7, 14:15 - 14:59 PDT
Where: IOT Vlg

SpeakerBio:Netspooky
netspooky is a reverse engineer in the ICS and IoT space.

Description:
This talk discusses the rise of IoT botnets, the culture that surrounds them, and the vulnerabilities that enable their continued existence. I will discuss various analyses of major botnet families, discuss exploits and vulnerability classes in IoT devices, and examine the rapid growth of these botnets for commercial use. I will also discuss newer innovations in IoT malware, and outline some of the ways that vendors could reduce their impact moving forward.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: HomebrewHardware Contest
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Have you learned how to build your own hacking hardware at home? Are you etching circuit-boards in your lab, or soldering in a toaster oven in your garage? Are you hosting a MUD on your helmet, or making malicious USB hardware? Did you make something to help you in your everyday life, a unique wearable, or something really nefarious? Are you discovering what old boards do, bending circuits, or re-appropriating the innards of your local e-waste?

We want to see the awesome things you've been building over the last year.

The HomebrewHardware competition is a place to showcase your skill, techniques, and project.

Check our website and twitter for this year’s rules.

Forum: https://forum.defcon.org/node/233025

Discord: https://discord.com/channels/708208267699945503/711644075110957096

Twitter: https://twitter.com/homebrewhardwa1

Web: https://homebrewhardwarecontest.github.io/

Return to Index - Add to

- ics Calendar file

IOT - Friday - 09:15-09:45 PDT

Title: How to get rights for hackers
When: Friday, Aug 7, 09:15 - 09:45 PDT
Where: IOT Vlg

SpeakerBio:Chloé Messdaghi
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.

Description:
Sixty percent of hackers don’t submit vulnerabilities due to the fear of out-of-date legislation, press coverage, and companies misdirected policies. This fear is based on socially constructed beliefs. This talk dives into the brain's response to fear while focusing on increasing public awareness in order to bring legislation that supports ethical hackers, ending black hoodie and ski mask imagery, and encourage organizations to support bilateral trust within their policies.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

RTV - Friday - 11:45-12:45 PDT

Title: How to hack SWIFT, SPID, and SPEI with basic hacking techniques (from a Red Team Perspective)
When: Friday, Aug 7, 11:45 - 12:45 PDT
Where: Red Team Vlg

SpeakerBio:Guillermo Buendia
Guillermo Buendia is a Red Team Lead in one of the biggest insurance companies in the USA, he has worked for many Financial Institutions for the last 8 years. He has presented his previous research in DEF CON, BSidesLV, BSides Manchester, Hackfest, etc.

Description:
Back in 2018, Financial entities in Mexico were hit by one of the biggest cybersecurity breaches in the history of Mexico, and in 2019 "The Bandidos Hacker Team", who allegedly committed the crime, were captured. But do you really need to be a 1337 H4x0r to compromise those systems? In this talk, I will be sharing (from a Red Team Perspective) How I was compromising the SWIFT, SPID, and SPEI systems in a Financial Institution until I gained root access to all the systems using basic hacking techniques like the pretty good old 1337 days. For the blue teamers, I will be sharing ways to detect these techniques that, although may appear simple, they pose a very challenging scenario to create a detection.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

CPV - Friday - 14:00-14:59 PDT

Title: How to store sensitive information in 2020?
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Mansi Sheth
Mansi Sheth is a Principal Security Researcher at Veracode Inc. In her career, she has been involved with breaking, defending and building secure applications. Mansi researches various languages and technologies, finds insecure usage in customer code and suggests automation measures in finding vulnerabilities for Veracode's Binary Static Analysis service. She is an avid traveller with the motto "If not now, then when?”

Description:
It goes without saying never ever store personal/sensitive information in clear text. It is also a well-known fact salting, hashing or stretching your information can just provide little offline information cracking protection against contemporary computer architectures and modern brute force attack constructs. Those abreast with this subject would have come across countless advocatory material suggesting to use key derivation functions (KDFs) to store sensitive information.

There are handful of solid KDFs, which are good candidates to use for storing sensitive information such as pbkdf2, bcrypt, scrypt, Argon2. In this talk, lets dive deeper to study some of its underlying crypto, what and how to tune these algorithms with secure input parameter configurations and how to decide which algorithm would be the right choice for your needs? Lastly, I will present some statistics on how well do all these different algorithms compare against each other.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

LPV - Friday - 13:00-13:30 PDT

Title: Hybrid PhySec tools - best of both worlds or just weird?
When: Friday, Aug 7, 13:00 - 13:30 PDT
Where: Lockpick Vlg

SpeakerBio:d1dymu5
No BIO available

Description:
A few years ago, I invented lock pick collar stays (#GentlemansLockPicks). Since then, I've had some other ideas of practical, small-form factored lockpicking and bypass tools that I can easily carry. I came up with a few ideas. I'll talk about inspiration, designing, manufacturing, and possible collab projects.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us

Return to Index - Add to

- ics Calendar file

AIV - Friday - 13:00-13:30 PDT

Title: Hyperlocal Drift detection with Goko: Finding abusers of your Dataset
When: Friday, Aug 7, 13:00 - 13:30 PDT
Where: AI Vlg

SpeakerBio:comathematician
No BIO available
Twitter: @comathematician

Description:No Description available

AI Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CLV - Friday - 11:20-12:05 PDT

Title: IAM Concerned: OAuth Token Hijacking in Google Cloud (GCP)
When: Friday, Aug 7, 11:20 - 12:05 PDT
Where: Cloud Vlg

SpeakerBio:Jenko Hwong
Jenko Hwong is on the Threat Research Team at Netskope, focusing on cloud threats/vectors. He's spent time in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and windows security.
Twitter: @jenkohwong

Description:
Imagine you've protected your production Google Cloud environment from compromised credentials, using MFA and a hardware security key. However, you find that your GCP environment has been breached through hijacking of OAuth session tokens cached by gcloud access. Tokens were exfiltrated and used to invoke API calls from another host. The tokens were refreshed by the attacker and did not require MFA. Detecting the breach via Strackdriver was confusing, slowing incident response. And revoking the active OAuth sessions required finding OAuth tokens from logs and using a REST API call, causing further delays in remediation.

This talk will demonstrate a compromised credential attack in Google Cloud Platform by:

hijacking cached OAuth tokens stored on a GCP administrator's client machine and
reusing existing gcloud CLI sessions to gain access to multiple GCP environments
showing that MFA does not apply to OAuth token refreshes for cached credentials (only the initial login)

The POC takes advantage of several issues with GCP IAM design or configuration: OAuth tokens are cached and unencrypted, allowing easy access once the client endpoint has been exploited.

Tokens can have long or no expiration, allowing potentially long time windows for compromise.
The attacker can easily refresh tokens, allowing persistence.
Token refresh does not require MFA making it easy to maintain persistence, creating a false sense of security when MFA is enabled.
Authentication and Access policies are defined in different admin areas, are confusing, and easily misconfigured.
Configuring Stackdriver Logging is confusing, leading to slow or ineffective incident response.
OAuth tokens cannot be revoked easily making remediation difficult.

We will discuss various approaches and challenges to defending:

Prevention
- MFA is not required to refresh the OAuth token
- Google cloud session timeout (GSuite Admin)
- IP whitelisting (using VPC Service Controls and Access Context Manager)
- Explicit client-side revokes (manual)
Detection
- Stackdriver logging data access events must be enabled for all services or else the abuse of OAuth tokens will not be logged and remediation will not be possible.
- Periodic audit checks on the logs or IAM configurations can be somewhat useful for compliance, but are not real-time so are of limited use for detection.
Remediation
- OAuth tokens can be revoked, but there are caveats: + ""gcloud auth revoke"" only works on the compromised user's endpoint and requires the user account in order to look up the locally cached OAuth token. This will fail if the attacker deletes the gcloud credential cache. + A REST API revoke call works and requires the OAuth token, so reliable logging and event parsing must be implemented to ensure tokens can be extracted quickly for IR.
- Deletion of user accounts has a huge impact.
- Browser sessions can be revoked but does not apply to Google Cloud sessions.

Return to Index - Add to

- ics Calendar file

ENT - Friday - 20:00-20:59 PDT

Title: Icetre Normal
When: Friday, Aug 7, 20:00 - 20:59 PDT
Where: See Description or Village

Description:
Icetre has been a premier jubilation hacker, and party host since DEF CON X. People are still talking about the various shenanigans he's orchestrated and videos he's played. Even with this long history, it's still amazing how many people have to still tell him to turn it down. For what?

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Facebook: https://www.facebook.com/icetre.normal/

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: ICS Hack the Plan[e]t
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Hack the Plan[e]t Capture the Flag (CTF) contest will feature Howdy Neighbor and the Industrial Control System (ICS) Range. This first of its kind CTF will integrate both Internet of Things (IoT) and ICS environments with interactive components for competitors to test their skills and knowledge.

Howdy Neighbor is an interactive IoT CTF challenge where competitors can test their hacking skills and learn about common oversights made in development, configuration, and setup of IoT devices. Howdy Neighbor is a miniature home - made to be “smart” from basement to garage. It’s a test-bed for reverse engineering and hacking distinct consumer-focused smart devices, and to understand how the (in)security of individual devices can implicate the safety of your home or office, and ultimately your family or business. Within Howdy Neighbor there are over 25 emulated or real devices and over 50 vulnerabilities that have been staged as challenges. Each of the challenges are of varying levels to test a competitors ability to find vulnerabilities in an IoT environment. Howdy Neighbor’s challenges are composed of a real or simulated devices controlled by an App or Network interface and additional hardware sensors; each Howdy Neighbor device contains 1 to 3 staged vulnerabilities which when solved present a key for scoring/reporting that it was discovered.

In the same vein, this CTF challenge will also leverage the ICS Village’s ICS Ranges including physical and virtual environments to provide an additional testbed for more advanced challenges in critical infrastructure and ICS environments. New this year, there will be integrated elements from DHS/CISA with their newly built mobile environments that are realistically miniaturized assets (ie - operational oil and natural gas pipeline, etc.) and will be the first they’ll be opened to the public for hacking.

Forum: https://forum.defcon.org/node/233029

Discord: https://discord.com/channels/708208267699945503/711643691877531698

Twitter: https://twitter.com/ICS_Village

Web: https://www.icsvillage.com

Return to Index - Add to

- ics Calendar file

ICS - Friday - 10:15-10:45 PDT

Title: ICS Village CTF Kick-Off
When: Friday, Aug 7, 10:15 - 10:45 PDT
Where: ICS Vlg

SpeakerBio:Tom
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village

Return to Index - Add to

- ics Calendar file

CRV - Friday - 15:00-15:59 PDT

Title: In theory, there is no difference between theory and practice
When: Friday, Aug 7, 15:00 - 15:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Pablo Breuer
No BIO available

Description:
There are three general paths to an INFOSEC career: the school of hard knocks, certificates, and college. Every few months a flame war erupts out arguing which is the "right" path. What are the pros and cons of each of these paths? Come have a balanced conversation about the three paths and learn which is the best one for you depending upon your unique needs

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

- ics Calendar file

BTVT1 - Friday - 15:00-15:30 PDT

Title: Indicators of Emulation (Intermediate)
When: Friday, Aug 7, 15:00 - 15:30 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Ch33r10
@ch33r10 works for a Financial Services Fortune 500 Company. She is a graduate of the SANS 2017 Women’s Academy, has an MBA in IT Management, and currently holds the GSEC, GCIH, GCFE, GMON, GDAT, GPEN and GCTI certifications. She is a member of the Financial Services Information Sharing and Analysis Center (FS-ISAC), Yara Exchange, and FuzzySnugglyDuck. @ch33r10 is a doctoral student at Marymount University and has served on multiple CFP review boards.
Twitter: @ch33r10

Description:
Cyber threat intelligence, in the past, has primarily focused on extracting, preparing, and analyzing indicators of compromise for digital forensics and incident response, the security operations center, and other teams. This talk proposes that cyber threat intelligence analysts extract indicators of emulation and include them in their threat reports for red team operations, adversary emulation, and purple team exercises. Learn how to extract Indicators of Emulation in Windows-based malware for high-value adversary emulation and purple team exercises based upon org specific data.

Cyber threat intelligence plays a pivotal role in collecting and analyzing data to produce intelligence for an organization. Most of the cyber threat intelligence reports include indicators of compromise that various teams, such as incident response, hunt, and security operations, consume; however, there is limited intelligence in most threat reports geared towards adversary emulation. There is a lack of research or information regarding indicators related to emulating an attacker’s malware, mainly Windows-based malware. As cyber threat intel teams mature through using their internal attack data to produce intelligence, it becomes necessary to determine how to build out existing capabilities and provide additional value to other teams in the organization. Cyber threat intelligence analysts can contribute to adversary emulation exercises through extracting indicators of emulation to include in their threat intelligence reports for a realistic emulation of the adversary. Here’s what I plan on showing the audience how to do step-by-step and with a pre-recorded demo: -Audit Log setup for Win10 VM
-Disable Window Defender SmartScreen before downloading samples -Create custom “test” malware to ensure command-line Audit logging is set up properly (blue teamers popping calc with a custom compiled program made in C++). -walk through how I picked samples from URLhaus so they can practice at home or use their own org’s samples -walk through of what I looked for in the command-line -Discussion of where I am at in the research -Ideas/suggestions on how to package the Indicators of Emulation for Adversary Emulation, Red Teams, and Purple Exercises. ***I will document everything very well and include it in my presentation as a resource. I only need 15 minutes.

Forum: https://forum.defcon.org/node/233129

Return to Index - Add to

- ics Calendar file

ASV - Friday - 16:00-17:59 PDT

Title: JWT Parkour
When: Friday, Aug 7, 16:00 - 17:59 PDT
Where: AppSec Vlg

SpeakerBio:Louis Nyffenegger
No BIO available
Twitter: @snyff

Description:
Nowadays, JSON Web Tokens are everywhere. They are used as session tokens or just to pass data between applications or µservices. By design, JWT contains a high number of security and cryptography pitfalls. In this workshop, we are going to learn how to exploit some of those issues!

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

LPV - Friday - 11:00-11:50 PDT

Title: Key Duplication - It's not just for the movies!
When: Friday, Aug 7, 11:00 - 11:50 PDT
Where: Lockpick Vlg

SpeakerBio:Tony Virelli
No BIO available

Description:
Have you ever seen someone just walking around with a key hanging on their belt? How about a wall of keys behind a security desk? Better yet, has anyone you know every posted a picture of the keys to the new home they just bought? Well, what if you could take a picture and easily duplicate that key with a 3D Printer? Sound like something from a James Bond film? Well it's not! Better yet, if you can just get a moment alone with a key, you can get an imprint of it in less than 2 minutes, return the key to the owner and then cast a duplicate of that key for later use.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us

Return to Index - Add to

- ics Calendar file

CRV - Friday - 13:00-13:59 PDT

Title: Key Ingredients for the Job Interviews (Virtual or Face-2-Face)
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Roy Wattanasin
No BIO available

Description:
This presentation focuses on the major key areas to become more successful in your interviews. This includes (6) items: preparation, looking great, resume-review, confidence, note-taking and asking back. This talk will include both considerations when having a virtual or face to face interview(s).

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

- ics Calendar file

Title: Keynote: Monero: Sound Money Safe Mode
When: Friday, Aug 7, 10:00 - 11:30 PDT
Where: Monero Vlg

SpeakerBio:Dr. Daniel Kim
No BIO available

Description:
"Monero Means Money" -- with updated data, new data on government budget deficits, and increased emphasis on Monero's importance in the current medical & economic crisis

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676

Return to Index - Add to

- ics Calendar file

ICS - Friday - 09:00-09:59 PDT

Title: Keynote
When: Friday, Aug 7, 09:00 - 09:59 PDT
Where: ICS Vlg

SpeakerBio:Chris Krebs
Christopher Krebs - serves as the first director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). Mr. Krebs was originally sworn in on June 15, 2018 as the Under Secretary for the predecessor of CISA, the National Protection and Programs Directorate (NPPD). Mr. Krebs was nominated for that position by President Trump in February 2018.

Before serving as CISA Director, Mr. Krebs was appointed in August 2017 as the Assistant Secretary for Infrastructure Protection. In the absence of a permanent NPPD Under Secretary at the time, Mr. Krebs took on the role of serving as the Senior Official Performing the Duties of the Under Secretary for NPPD until he was subsequently nominated as the Under Secretary and confirmed by the Senate the following year.

Mr. Krebs joined DHS in March 2017, first serving as Senior Counselor to the Secretary, where he advised DHS leadership on a range of cybersecurity, critical infrastructure, and national resilience issues. Prior to coming to DHS, he was a member of Microsoft’s U.S. Government Affairs team as the Director for Cybersecurity Policy, where he led Microsoft’s U.S. policy work on cybersecurity and technology issues.

Before Microsoft, Mr. Krebs advised industry and Federal, State, and local government customers on a range of cybersecurity and risk management issues. This is his second tour working at DHS, previously serving as the Senior Advisor to the Assistant Secretary for Infrastructure Protection and playing a formative role in a number of national and international risk management programs.

As Director, Mr. Krebs oversees CISA’s efforts to defend civilian networks, manage systemic risk to National critical functions, and work with stakeholders to raise the security baseline of the Nation’s cyber and physical infrastructure.

Mr. Krebs holds a bachelor’s degree in environmental sciences from the University of Virginia and a J.D. from the Antonin Scalia Law School at George Mason University.

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village

Title: Live Q&A with Special Guests Regarding "Kill Chain"
When: Friday, Aug 7, 20:00 - 20:59 PDT
Where: Voting Vlg

Description:
Exciting News for DEF CON Safe Mode! Voting Village and HBO have arranged for a limited time FREE access to the Kill Chain Documentary on YouTube!

In conjunction, the Voting Village will host a LIVE Q + A with SPECIAL GUESTS at 20:00 on FRIDAY August 7.

View the Q and A on the Voting Village Twitch and YouTube streams; there is ongoing discussion on Discord in #vmhv-talks-text, and you can submit questions at #vmhv-talks-questions-text.

Movie: https://www.youtube.com/watch?v=nQuwTdrVrg4

Village YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Village Twitch: https://www.twitch.tv/votingvillagedc/about

Store: https://www.bonfire.com/store/eif/

#vmhv-talks-text: https://discord.com/channels/708208267699945503/737818386796511312

#vmhv-talks-questions-text: https://discord.com/channels/708208267699945503/737818504627093575

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

Title: Media Analysis of Disinformation Campaigns
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Packet Hacking Vlg - Talk
Speakers:Chet Hosmer,Mike Raggo

SpeakerBio:Chet Hosmer , Owner, Python Forensics
Chet Hosmer (Twitter: @chethosmer) is an international author, educator & researcher, and founder of Python Forensics, Inc., a non-profit research institute focused on the collaborative development of open source investigative technologies using the Python programming language. Chet is also a Visiting Professor at Utica College in the Cybersecurity Graduate Program, where his research and teaching is focused on data hiding, active cyber defense and security of industrial control systems. Additionally, Chet is an Adjunct Professor at Champlain College in the Digital Forensics Graduate Program, where his research and teaching is focused on solving hard digital investigation problems using the Python programming language.
Twitter: @chethosmer

SpeakerBio:Mike Raggo , Co-Founder, SilentSignals.com
Mike Raggo (Twitter: @MikeRaggo) has over 20 years of security research experience. Over the years he has uncovered numerous vulnerabilities in commercial networking, mobile, and security products. His current research focuses on multimedia disinformation campaigns. His research has been highlighted on television's CNN Tech, and numerous media publications including TIME, Forbes, Bloomberg, Dark Reading, TechCrunch, TechTarget, The Register, and countless others. Michael is the author of "Mobile Data Loss: Threats & Countermeasures" and "Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols" for Syngress Books, and is a contributing author for "Information Security the Complete Reference 2nd Edition". His Data Hiding book is also included at the NSA's National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI, Pentagon, and Queensland Police; and is a former participating member of FSISAC/BITS and the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon Norway, and SANS. He was also awarded the Pentagon's Certificate of Appreciation.
Twitter: @MikeRaggo

Description:
In this session we'll focus on the media aspects of disinformation campaigns with deep analysis of altered images, audio, and video to uncover methods used to twist narratives and mislead perceptions surrounding topical news stories. We'll dive into the taxonomy of fake photos, deepfakes, phishing audio fraud attacks, keyword squatting malware, fake rallies, narrative laundering, nation state fake intelligence. and media generated to inspire mass hysteria. We'll then further categorize these threats by their TTPs and provide methods for enhancing detection and response strategies. Real world examples will be demonstrated to provide deep and tangible insights into this systemic problem.

YouTube: http://youtube.com/wallofsheep

Title: MITM - The Mystery In The Middle. An Introduction To The Aircraft Information Systems Domain
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Aerospace Vlg

SpeakerBio:Matt Gaffney
Matt is an aviation cybersecurity consultant at BSSI UK where he also holds the position of Managing Director. He started his cybersecurity career whilst serving in the British Army after being volunteered for a mandatory IT Security Officer course because he ‘has some experience with IT’. With more than 14 years experience across multiple industries from Military and Government to banking and aviation, Matt has mostly worked on the entry into service of e-Enabled aircraft at the operator (airline) level. Due to this, his focus is primarily on systems implemented by the operator and whose touchpoints are the Aircraft Information Systems Domain (AISD). His particular areas of interest are the Electronic Flight Bag (EFB) and ground systems. A relative newbie to the research field, he recently released his first paper ‘Securing e-Enabled aircraft information systems’ and plans on releasing others in the coming months.

Description:
The mordern e-Enabled aircraft is often descrbed as a flying data center with half of it on the ground. Sometimes overlooked by researchers in favour of avionics and In-Flight Entertainment systems, this presentation will give an introduction to the Aircraft Information Systems Domain (AISD). This hidden yet important domain logically sits between the Avionics and the passenger network and operators need to consider security in the AISD when bringing e-Enabaled aircraft in to their fleet.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

AIV - Friday - 10:00-10:30 PDT

Title: ML Security Evasion Competition 2020
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: AI Vlg
Speakers:drhyrum,zh4ck

SpeakerBio:drhyrum
No BIO available
Twitter: @drhyrum

SpeakerBio:zh4ck
No BIO available
Twitter: @zh4ck

Description:No Description available

AI Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

DL - Friday - 12:00-13:50 PDT

Title: Mobile Security Framework - MobSF
When: Friday, Aug 7, 12:00 - 13:50 PDT
Where: See Description or Village

SpeakerBio:Ajin Abraham
Ajin Abraham is a Security Engineer with 7+ years of experience in Application Security and Offensive Security Research. He is passionate on developing new and unique security tools. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Droid Application Fuzz Framework (DAFF), NodeJsScan etc to name a few. He has been invited to speak at multiple security conferences including ClubHack, Nullcon, OWASP AppSec Eu, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In Paris, Hack In the Box, c0c0n and PHDays.

Description:
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Interact @ #dl-ajin-mobile-securit-framework-text: https://discord.com/channels/708208267699945503/730256193683062825

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Github: https://mobsf.github.io/Mobile-Security-Framework-MobSF/

Forum: https://forum.defcon.org/node/233122

Return to Index - Add to

- ics Calendar file

ETV - Friday - 14:00-14:59 PDT

Title: Models of Privacy Norms
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Ethics Vlg
Speakers:R. Jason Cronk,Ece Gumusel

SpeakerBio:R. Jason Cronk
No BIO available

SpeakerBio:Ece Gumusel
No BIO available

Description:
This will be a live talk.

Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449

Return to Index - Add to

- ics Calendar file

MOV - Friday - 15:30-15:59 PDT

Title: Monero Wallet Basics: Sending, Receiving, Proving
When: Friday, Aug 7, 15:30 - 15:59 PDT
Where: Monero Vlg

SpeakerBio:rehr
No BIO available

Description:No Description available

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676

Return to Index - Add to

- ics Calendar file

IOT - Friday - 15:15-16:15 PDT

Title: NAND Flash – Recovering File Systems from Extracted Data
When: Friday, Aug 7, 15:15 - 16:15 PDT
Where: IOT Vlg

Description:
This learning session will introduce attendees to the process of recovering file systems from data extracted from NAND flash chips. As part of this learning session we will be discussing and demoing the tools, methods and common processes for successfully recovering data. After each learning objective we will have Q&A sessions

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

ENT - Friday - 22:00-22:59 PDT

Title: Ninjula
When: Friday, Aug 7, 22:00 - 22:59 PDT
Where: See Description or Village

Description:
#1 DJ in my mothers eyes

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Facebook: https://facebook.com/countninjula

Twitter: https://twitter.com/countninjula

Soundcloud: https://soundcloud.com/ninjula

Return to Index - Add to

- ics Calendar file

BTVT1 - Friday - 12:30-12:59 PDT

Title: No Question: Teamviewer, Police and Consequence (Beginner)
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:corvusactual
Bill Dungey is a media maker, infoholic and professional nerd. Grab his latest work from postpunksuperhero.com.
Twitter: @corvusactual
https://postpunksuperhero.com

Description:
In the summer of 2019, I attended DEFCON for the first time and spent my days lingering around the Blue Team Village. Two weeks after I returned, our largest client was breached. A malicious actor remotely installed keyloggers on over a hundred computers.

After a marathon of logs and OSINT, I traced the bad guy to his house. I offered a dossier with everything I’d found to the local Cyber Crime unit, leading to a full confession and finally, the release of the suspect for circumstances I’m not authorized to know.

This talk discusses an internal breach of a non-profit organization. A delicate mix of politics, technical challenge and pressure, this event fundamentally shifted my career.

A strange log file triggered a closer look at some servers. Within minutes, we had realized a massive breach had taken place.

We found a keylogger installed on over a hundred computers. After a little digging, we found an unknown username referenced in a handful of Teamviewer connection logs.

Teamviewer was uninterested in helping us without an international warrant of some kind. Through a day of parsing log files (no, we don’t have SIEM, IDS or IPS at this client), OSINT and the confidence I’d gained from finding a tribe at the BTV, I was able to identify the person responsible and gain insight into a real-world breach.

A search warrant was executed, devices were nabbed for forensics and the detective secured a full confession. I was told there was ‘No Question', this was the person responsible, a client from the very organization that had been hit.

Some time later, after some political meetings between the parties involved, it was determined that a charge would not be levied against the malicious actor for reasons I have yet to be told. The organization is still actively under attack via weekly spear-phishing and whaling. After six weeks, the organization allowed the confirmed suspect back into the fold, accessing programs within the umbrella of the agency and within reach of the very systems he used to gain his foothold.

HHV - Friday - 12:30-12:59 PDT

Title: onkeypress=hack();
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: Hardware Hacking Vlg
Speakers:Farith Pérez Sáez,Luis Ángel Ramírez Mendoza (@larm182luis),Mauro Cáseres

SpeakerBio:Farith Pérez Sáez
Farith Pérez Sáez (@f_perezs) is a colombian engineer, hardware hacker and speaker. He spoke at DragonJAR Colombia (Biggest hacking spanish speaking conference in LATAM) and teaches at Universidad de La Guajira.
Twitter: @f_perezs

SpeakerBio:Luis Ángel Ramírez Mendoza (@larm182luis)
Luis Ángel Ramírez Mendoza (@larm182luis) is a colombian electronic engineer, hacker and speaker. He spoke at DragonJAR Colombia (Biggest hacking spanish speaking conference in LATAM) and is currently working as a Cybersecurity and Artificial Intelligence Professor at University of Guajira in Colombia.
Twitter: @larm182luis

SpeakerBio:Mauro Cáseres
Mauro Cáseres (@mauroeldritch) is an argentine hacker and speaker. He spoke at DEF CON 26 Las Vegas (Recon & Data Duplication Villages), DevFest Siberia, DragonJAR Colombia, Roadsec Brasil, and DC7831 Nizhny Novgorod. Currently working as SecOps for the Argentine Ministry of Production.
Twitter: @mauroeldritch

Description:
In this talk we will see the assembly and use of a modified BadUSB keyboard with an integrated DIY physical keylogger. Using a built-in WiFi module, this keyboard is capable of sending user keystrokes to a remote server and storing it in a database. Both the piece by piece assembly, its diagram, and its programming will be demonstrated. Also there will also be a live demo to demonstrate its operation.

This talk is recommended for both novice and experienced users alike.

#hhv-onkeypresshack-talk-qa-text: https://discord.com/channels/708208267699945503/736750677128249360

Twitch: https://twitch.tv/dchhv

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Online MUD - EvilMog
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
This CTF is a MUD with 8-9 quests, intentional exploits, and about 1200 rooms has been setup at mog.ninja port 4000. A website documenting the MUD is at https://mog.ninja and a CTFd is setup at https://ctf.mog.ninja. The game is an LPMud and runs on gurbalib and DGD. If you complete all the quests you become a wizard. You connect by telneting on port 4000. The game has been balanced out to take about a week to complete all the quests and hit max level if you find most of the in game exploits.

Forum: https://forum.defcon.org/node/232895

Discord: https://discord.com/channels/708208267699945503/728707998796480590

MUD Docs: https://mog.ninja

CTFd: https://ctf.mog.ninja

Return to Index - Add to

- ics Calendar file

BTVW1 - Friday - 16:30-17:59 PDT

Title: Open-Source Tools for Hunting and Practical Intelligence (Intermediate)
When: Friday, Aug 7, 16:30 - 17:59 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Joe Slowik
Joe Slowik has experience across multiple facets of cyber and information operations stretching over 10 years. Past roles include operations planning and mission development within the US Department of Defense; planning network defense strategies for US Naval assets afloat; running incident response operations at Los Alamos National Laboratory; building a threat intelligence program within the US Department of Energy; critical infrastructure attack analysis and activity tracking; and assisting industrial control system asset owners and operators in defensive planning and response.
Twitter: @jfslowik

Description:
Organizations need to identify and disposition new threats to ensure active, adaptive defense. This workshop will walk through open source resources and freely-available techniques to identify new threats and attack trends, and how to then formulate defensive strategies for enterprise protection.

Open source intelligence and information gathering Company blogs, articles, and media reporting Distinguishing between technical reporting and pure marketing "Reading between the lines" for search terms Social media and Twitter
Suggested accounts
Source vetting and evaluation
Public threat feeds: AlienVault, IBM X-Force Registration and data retrieval

Timeliness and value

Sample gathering and extracting information HybridAnalysis, ANY.RUN, MalShare, VirusShare – VT (commercial) Capabilities and limitations of free services Evaluating different reporting types, extracting information for further searching How to read an analysis or incident report More reading between the lines
Going beyond hashes and IPs

Extracting information for use and application

Formulating information into hypotheses and pivoting Network pivoting: DomainTools, RiskIQ, Censys, Shodan, Urlscan, VirusTotal (free) The art of network pivoting without going 'too far' Pivoting types: registration information, SOA leaks, infrastructure similarities, etc. Host/Binary pivoting: VirusTotal, HybridAnalysis, ANY.RUN, etc. File metadata and compilation artifacts

Identifying common tooling, techniques, and references to publicly-available projects

Overview and exercise:
Beginning with a single sample (malicious document file), extracting additional information Identifying items of interest in document, identifying payload Using information to identify general patterns, trends, and behaviors Translating identified information into rules, hunting hypotheses, and defensive measures Deliverable: Additional IOCs, brief report for review and feedback (after conclusion of workshop)

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

AEV - Friday - 10:00-10:59 PDT

Title: Opening Remarks: Getting The Aerospace Village To Take-Off
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Aerospace Vlg
Speakers:Chris Krebs,Dr Will Roper,Pete Cooper

SpeakerBio:Chris Krebs
Christopher Krebs - serves as the first director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). Mr. Krebs was originally sworn in on June 15, 2018 as the Under Secretary for the predecessor of CISA, the National Protection and Programs Directorate (NPPD). Mr. Krebs was nominated for that position by President Trump in February 2018.

Mr. Krebs holds a bachelor’s degree in environmental sciences from the University of Virginia and a J.D. from the Antonin Scalia Law School at George Mason University.

SpeakerBio:Dr Will Roper
Dr. Will Roper - is the Assistant Secretary of the Air Force for Acquisition, Technology and Logistics. As the Air Force’s Service Acquisition Executive, Dr. Roper is responsible for and oversees Air Force research, development and acquisition activities totaling an annual budget in excess of $60 billion for more than 550 acquisition programs. In this position, Dr. Roper serves as the principal adviser to the Secretary and Chief of Staff of the Air Force for research and development, test, production and modernization efforts within the Air Force.

Prior to his current position, Dr. Roper was the founding Director of the Pentagon’s Strategic Capabilities Office. Established in 2012, the SCO imagines new—often unexpected and game-changing—uses of existing government and commercial systems: extending their shelf- life and restoring surprise to the military’s playbook. Since 2012, SCO has grown from an annual budget of $50 million to the current $1.5 billion request in the President’s 2018 budget with projects spanning new concepts such as hypervelocity artillery, multi-purpose missiles, autonomous fast-boats, smartphone-navigating weapons, big-data- enabled sensing, 3D-printed systems, standoff arsenal planes, fighter avatars and fighter-dispersed swarming micro-drones which formed the world’s then-largest swarm of 103 systems. During his tenure as SCO Director, Dr. Roper served on the Department’s 2018 National Defense Strategy Steering Group, Cloud Executive Steering Group and Defense Modernization Team.

Previously, Dr. Roper served as the Acting Chief Architect at the Missile Defense Agency where he developed 11 new systems, including the current European Defense architecture, advanced drones, and classified programs. Before this, he worked at MIT Lincoln Laboratory and served as a missile defense advisor to the Under Secretary of Defense for Acquisition, Technology and Logistics.

SpeakerBio:Pete Cooper
Pete Cooper - Dir Aerospace Village. His first tech love was a ZX Spectrum but then he then moved on to flying fast jets in the UK Royal Air Force. Then he moved into cyber operations before leaving the military 4 years ago. Since then he has started up his own cyber security firm and has advised on everything from developing global cyber security strategies with UN bodies such as ICAO, advising the ICRC on the nature of state vs state cyber conflict and also enjoys playing with active cyber defence and deception. Pete is also the founder and Dir of the UK Cyber Strategy Challenge “Cyber9/12”, holds an MSc in Cyberspace Operations, is a Senior Fellow at Kings College London, a Non-Resident Senior Fellow at the Atlantic Council Cyber Statecraft Initiative and a Fellow of the Royal Aeronautical Society.

Description:
Let’s face it, relationships between the hacker / researcher community and the aerospace sector in the past – haven’t been great. 20 months ago, a passionate voluntary group of hackers, pilots, engineers, policy wonks and others, decided to do something about it and start creating a community that would foster trusted relationships across all those interested in aviation cyber security. Here we are at our second DEF CON in the Aerospace Village with a rapidly growing hacker / researcher community supported by the aerospace industry, USAF, DDS, CISA, academia, regulators and more including the first satellite CTF.

A short intro to the Aerospace Village tells the story of how and why we do this, how we got here and where we are going.

Then we are honoured to have two guest speakers where we hear from Dir CISA, Chris Krebs, who will be chatting about all things CISA and Aerospace Cybersecurity, after which things are rounded off by Dr Will Roper, Assistant Secretary of the Air Force for Acquisition, Technology and Logistics who will talk to the Space Security Challenge – Hack-a-Sat and their support for the Aerospace Village and its vision.

This event will be coordinated on the DEF CON Discord server, in channel #av-terminal-text.

Discord: https://discord.com/channels/708208267699945503/732392946350948423

Return to Index - Add to

- ics Calendar file

AIV - Friday - 09:30-09:59 PDT

Title: Opening Remarks
When: Friday, Aug 7, 09:30 - 09:59 PDT
Where: AI Vlg

SpeakerBio:AI Village Organizers
No BIO available

Description:No Description available

AI Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CNE - Friday - 10:00-23:59 PDT

Title: OpenSOC Blue Team CTF - General Round
When: Friday, Aug 7, 10:00 - 23:59 PDT
Where: See Description or Village

Description:
OpenSOC is a Digital Forensics, Incident Response (DFIR), and Threat Hunting challenge meant to teach and test practical incident response skills in an environment that closely resembles a real enterprise network. This virtual environment is representative of what you would find in an enterprise network, including: workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high-fidelity training environment for unleashing real-world attacks and testing responders’ abilities to filter and detect malicious activity on the network. This isn’t just another CTF. We’ve built this platform to train real-world responders to handle real-world situations, and each year we incorporate new scenarios that are modeled after threat actors and breaches experienced by the OpenSOC team. From APT attacks using 0-days and heavily weaponized shellcode to sneaky lateral movement and exfiltration techniques, we expose contestants to a wide-range of techniques that we see actively used in the wild.We encourage team participation, and always have folks on hand to assist those just getting started out.Even better - 100% of the security tools demonstrated within OpenSOC are Free and/or Open Source! These projects include Velociraptor, Sysmon, osquery, Suricata, Moloch, pfSense and Graylog + ELK bringing it all together in an awesome way. This allows our contestants to not only have fun at DEF CON, but also learn skills and tools they can take back to work on Monday.

The Challenge:

Given an initial IOC (indicator of compromise), identify attacks that are being carried out against and within the enterprise environment, pivoting between key artifacts
Trace the attackers throughout the kill chain, submitting key IOCs and observables to the scoreboard as you reveal their tactics.
Reverse engineer any artifacts connected to hostile activities.
Perform forensics analysis on PCAPs (Packet Captures), memory images, etc.
Win awesome prizes, learn new skills, and get experience with some of the best Open Source tools for SecOps!

Forum: https://forum.defcon.org/node/232949

Discord: https://discord.com/channels/708208267699945503/711644213170667562

Twitter: https://twitter.com/Recon_InfoSec

Web: https://opensoc.io

Registration: https://docs.google.com/document/d/1TbfOwv5C64ciirCQELq0HxJVd5oJd4qjvzXhidFgijw/edit?usp=sharing

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: OSINTSECCryptoAIBlockchain
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231050

Discord: https://discord.com/channels/708208267699945503/732439527213367346

Return to Index - Add to

- ics Calendar file

ASV - Friday - 13:00-13:45 PDT

Title: Our journey into turning offsec mindset to developer's toolset
When: Friday, Aug 7, 13:00 - 13:45 PDT
Where: AppSec Vlg
Speakers:Paul Amar,Stanislas Molveau

SpeakerBio:Paul Amar
No BIO available
Twitter: @PaulWebSec

SpeakerBio:Stanislas Molveau
No BIO available

Description:No Description available

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

BTVT1 - Friday - 11:00-11:59 PDT

Title: OuterHaven - The UEFI Memory Space Just Itching to be Misused (Intermediate)
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Connor Morley
A computer security obsessive, Connor has been a threat hunter for the past 3 years spending half his job time looking for vulnerabilities and ripping apart exploitation tools/malware. In addition to his investigative action, he also participates in enhancement and development of the industry leading detection system employed to actively detect and disrupt active attackers. Enjoying advanced attack methods, he has participated in active attack prevention and remediation as well as publishing white papers on APT level attack frameworks (Is Killsuit laying in wait? - Equation group) and tackling detection problems (Truecrypt detection and distributed attack system - TCrunch).
Twitter: @Lavi16

Description:
This presentation will cover research which explores the methods in which all levels of attackers can work with exploiting the UEFI memory space as well as methods for monitoring & enumerating this data haven and the associated access difficulties. I will also demonstrate some scripting and Python code that leverages Windows hosted elements to both exploit, enumerate and monitor this safe space for everyone to play with.

The exploitaiton of UEFI memory has previously only been thought of as something that is used for rootkits or advanced/targeted offensive operations. However, offensive actors and researchers have shown that they are willing to exploit this area with increasing ease. This presentation goes one step further and highlights the extremely basic level of computer knowledge needed to exploit this in current Windows OS, one-click and copy-paste scripts being able to generate the same results. However, the presentation also highlights solutions to monitor/access/analyze issues for this reclusive data set which allows active threats to be scrutinized and detection & preventative methods developed for both local and remote security solutions.

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

IOT - Friday - 17:45-18:15 PDT

Title: Pandemic In Plaintext
When: Friday, Aug 7, 17:45 - 18:15 PDT
Where: IOT Vlg

SpeakerBio:Troy Brown
Troy has been a RF and physical security hardware engineer for multiple manufacturers of access control, locks, and wireless security devices for over a decade. Troy holds multiple patents in areas of electronic security, energy harvesting, and wireless. Troy also hosts the YouTube channel for HackerWarehouse.TV and can be found on Twitter at @waveguyd.

Description:
When a wireless engineer decides to tune into hospitals to determine the state of COVID in the community, he finds detailed patient info being broadcast into thin air. By capturing, decoding, and analyzing the info, the true state of the pandemic is realized.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

RTV - Friday - 10:30-11:30 PDT

Title: Panel: The Joy of Coordinating Vulnerability Disclosure
When: Friday, Aug 7, 10:30 - 11:30 PDT
Where: Red Team Vlg
Speakers:Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh

SpeakerBio:Daniel Gruss , TU Graz
No BIO available

SpeakerBio:CRob , Red Hat
No BIO available

SpeakerBio:Lisa Bradley , Dell
No BIO available

SpeakerBio:Katie Noble , Intel Corp
Katie currently serves as a Director of PSIRT and Bug Bounty at Intel Corp. Where she leads the cyber security vulnerability Bug Bounty program, researcher outreach, and strategic planning efforts. Previous to this position, Katie served as the Section Chief of the Vulnerability Management and Coordination at the Department of Homeland Security, Cyber and Infrastructure Security Agency (CISA) where she led DHS’ primary operations arm for coordinating the responsible disclosure and mitigation of identified cyber vulnerabilities in control systems, enterprise, hardware and software. Katies team is credited by the Secretary of Homeland Security with the coordination and public disclosure of over 20,000 cyber security vulnerabilities within a two year period. Katie is a highly accomplished manager with over 14 years of U.S. Government experience, both in the Intelligence Community and Cyber Security Program Management. She has operated at all levels from individual contributor as an Intelligence Analyst for the National Intelligence Community to Senior Policy Advisor for White House led National Security Council (NSC) Cyber programs. Her work has directly impacted the decision making of the NSC, Defense Information Systems Agency, Office of the Director of National Intelligence, Department of Defense, Federal Communications Commission, Central Intelligence Agency, U.S. Coast Guard, U.K.Ministry of Defense, Canadian Government agencies, and Australian Cabinet Ministry.

SpeakerBio:Omar Santos , Cisco
Omar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar is the author of over 20 books and video courses; numerous white papers, and other articles. Omar is a Principal Engineer of Cisco’s Product Security Incident Response Team (PSIRT) where he mentors and lead engineers and incident managers during the investigation and resolution of security vulnerabilities. Omar is often presenting at many conferences and he is the co-lead of the DEF CON Red Team Village.
Twitter: @santosomar

SpeakerBio: Anders Fogh , Intel
No BIO available

Description:
Under the best of circumstances, coordinating disclosure of vulnerabilities can be a challenge. At times it can feel like everyone involved in CVD has conflicting motivations. The truth is that all of us are aspiring to do the right thing for end-users based on our perspective. The panel will share experiences and show how researchers and technology companies can work together to improve the impact of disclosing vulnerabilities on the technology ecosystem. Join CRob (Red Hat), Lisa Bradley (Dell), Katie Noble (Intel), Omar Santos (Cisco), Anders Fogh (Intel) and Daniel Gruss (TU Graz) for an exciting and engaging dialog between security researchers and industry experts on the Joy of coordinating vulnerability disclosure.

Presentation Outline
This will be an interactive session between the panelists. The following questions are seeds for what will be a dynamic and lively discussion: What does CVD mean to you and what is your motivation to disclose? What benefits have the panelists seen in coordinating vulnerability disclosure? What problems have you had with CVD?
How does CVD work in open source projects? How do you prepare for coordinated vulnerability disclosure and what challenges do you face? How could researchers and industries work better together?

Takeaways
Learn about the exciting world of Coordinated Vulnerability Disclosure. Hear from experts from both the research community as well as the vendors they report issues to. Learn from the coordination mistakes from the past to not repeat them in the future. Learn about the current struggles with CVD and what needs to be done to improve CVD.

Problem to solve
The hope is that this constructive interaction will remove some of the impediments of relationships between product developers and security researchers. The goal is to open a door for dialogue that will bring more stability in the experiences we all have in coordinating vulnerability disclosure. All technology users are impacted by security vulnerabilities, how those issues are communicated and dealt with are critical to impacted individuals and organizations to effectively manage the information security risk. The panel hopes to show "both sides" of the issue and highlight our different perspectives, and ideally showcase we're all working to help secure end-users around the globe.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

RTV - Friday - 19:15-20:15 PDT

Title: Password cracking beyond 15 characters and under $500
When: Friday, Aug 7, 19:15 - 20:15 PDT
Where: Red Team Vlg

SpeakerBio:Travis Palmer
Travis Palmer is a Red Team Engineer at Intercontinental Exchange and a certified OSCP and OSCE. Most recently he has been a "surprise" backup speaker at DEFCON 27, DEFCON Red Team Village Staff, and a speaker at Wild West Hacking Fest and Cisco Offensive Summit. He is a fan (and sometimes-contributor) of a number of simulator/sandbox video games, and keeper of too many unfinished hardware projects. In his video games he enjoys long assaults on the beach, and dancing jets in the rain.

Description:
Most of us understand that it is a good idea to tailor an attack to a password policy. That being said, most password policies are fairly homogeneous. Does a minimum eight characters and at least three of four categories for complexity sound familiar? The hashcat-herders among us have prepared well for this endeavor. Many have hoarded hundreds of gigabytes of dumped passwords from hacked sites using these exact kinds of policies. Which means, when the hashes get dumped, sometimes more than half of a domain can be cracked in a single day. So… what if you have to crack passwords written under a different policy, like a paranoid 15 character minimum? Those gigabytes of dictionaries, full of shorter passwords, aren’t going to rockyou into domain admin anymore. It’s time to dive into the hashes with combinations of combinators, purple rain attacks, and word-level linguistically correct Markov chains. Along with the techniques themselves, this presentation will include the real-world results of various cracking attacks against a ~6000 person domain, at a Fortune 500 with a mature security program. As well as some recommendations for policies that allow memorable passwords while actually making them difficult to crack.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

CLV - Friday - 14:10-16:30 PDT

Title: Peeling Back the Layers and Peering Through the Clouds with Security Onion
When: Friday, Aug 7, 14:10 - 16:30 PDT
Where: Cloud Vlg

SpeakerBio:Wes Lambert
Wes Lambert is a Senior Engineer at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. Wes is a huge fan of open source software projects, and loves to solve problems and enhance organizational security using completely free and easily deploy-able tools.
Twitter: @therealwlambert

Description:
Peeling Back the Layers and Peering Through the Clouds with Security Onion As the number of production assets and workloads transition to cloud, it is more important than ever to be able to understand the ""goings-on"" of these type of environments. Unfortunately, many organizations still have little visibility into cloud infrastructure. Vendor-specific solutions can be cost-prohibitive, and don't always offer a complete solution for security monitoring. In this session, we'll discuss how we can better defend cloud environments by leveraging Security Onion, a completely free and open source platform for intrusion detection, enterprise security monitoring, and log management. By using Security Onion, we can pierce the veil of the cloud, and gain better visibility to facilitate threat detection, identify application misconfigurations, and assist with compliance-related efforts. Attendees should walk away with a firm grasp of the platform, understanding how they can utilize Security Onion to improve their organization's security posture, and make their adversaries cry.

Outline

(1) Cloud
(a) Assets/Data
(b) Threats
(c) Monitoring Challenges
(2) Introduction to Security Onion
(a) Components
(b) Data types
(3) Security Onion in the Cloud
(a) Facilitating cloud-based intrustion detection and monitoring with traffic mirroring (b) Ingesting telemetry from external/vendor-specific sources (4) Automating the Onion
(a) Automating Security Onion Deployment

This talk assumes you have secured your individual AWS accounts at the basic level by locking down your root accounts with 2FA, and etc.

For more details on the workshop pre-requisites, please refer the following link: https://docs.google.com/document/d/1kYHM3B3Opok4UXZALBKdYsJppPhNbBMUovNR4dclnhg/edit?usp=sharing

Return to Index - Add to

- ics Calendar file

RGV - Friday - 14:00-14:59 PDT

Title: Performance
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Rogues Vlg

SpeakerBio:Daniel Roy
No BIO available

Description:
In this hybrid performance talk, Daniel will introduce you to the storied history of card cheats and con games and demonstrate some of the most legendary scams – and won’t have to bet a penny!

Daniel Roy is a magician who specializes in the most difficult branch of card manipulation: the sleight of hand techniques used by professional card cheats. He has appeared at the World-Famous Magic Castle in Hollywood, and his audiences have included Hollywood actors, millionaires, and members of U.S. Congress. In 2019, he received the Milbourne Christopher award for Close-Up Magician of the Year.

Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage

Return to Index - Add to

- ics Calendar file

Title: PowerLine Truck Hacking: 2TOOLS4PLC4TRUCKS
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Car Hacking Vlg 001
Speakers:Ben Gardiner,Chris Poore

SpeakerBio:Ben Gardiner
Ben Gardiner is a Senior Cybersecurity Research Engineer contractor at the National Motor Freight Traffic Association, Inc. (NMFTA) specializing in hardware and low-level software security. Prior to joining the NMFTA team in 2019, Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He is a DEF CON Hardware Hacking Village (DC HHV) volunteer. He is chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2), and a voting member of the SAE Vehicle Electronic Systems Security Committee.

SpeakerBio:Chris Poore
Chris Poore is a Senior Computer Engineer at Assured Information Security in Rome, NY and a member of the Systems Analysis and Exploitation (SAE) group. He works to analyze, understand, characterize, and exploit cyber systems using adversarial techniques with a focus on RF-enabled devices. He has experience writing code for software-defined radios and GNU Radio to reverse-engineer RF communication protocols and perform sophisticated attacks. Mr. Poore has a degree in Social Engineering, is an active somnambulist, was King of the Pirates for three years, and frequently violates PornHub’s terms of service.

Description:
Trailer ABS functionality has been a regulated requirement in the US & Canada for decades now. The 'PLC4TRUCKS' technology that realizes this requirement is ubiquitous on the road today and can also be found in buses, trains and some other unexpected places. We are releasing tools to read and write PLC4TRUCKS traffic. The first, gr-j2497 is a GNU Radio flowgraph with custom block and the second is an extension to the Truck Duck tool released at DEF CON 24. With these tools in hand, attendees can read PLC traffic without touching the bus -- or control their own trailer air brake controllers connected at home and we will show them how

#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001

Return to Index - Add to

- ics Calendar file

MOV - Friday - 12:00-12:30 PDT

Title: Proposed Mitigation Measures to Address a Disruption Such as The Economic Impact of COVID -19 on Transaction Capacity and Fees in Monero
When: Friday, Aug 7, 12:00 - 12:30 PDT
Where: Monero Vlg

SpeakerBio:Dr. Francisco "ArticMine" Cabañas
No BIO available

Description:
Monero uses an adaptive block weight based upon the CryptoNote excess size penalty with a median over the last 100 blocks, cryptonote.org/whitepaper.pdf, to provide the capacity for increases and decreases in the number of transactions. In 2019 this adaptive block weight was modified by the introduction of a long term median over the last 100,000 blocks to mitigate against a sharp increase in the block weight, due to possible spam attacks. We will consider the scenario of external economic events causing a sharp decrease in he number of transactions after several years of growth, followed by a recovery and then further growth several months later. We will also consider the possibility of a sharp increase in the number of transactions, due to economic disruptions, during the current COVID-19 pandemic. and in its aftermath. We will propose changes to the Monero adaptive block weight in order to mitigate against a sharp increase in transaction fees and allow for a smooth recovery, and further growth in the block weight after a sharp drop in the number of transactions . The period between the initial drop in the number of transactions to the full recovery with further growth of the block weight would be in the order of months.

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676

Return to Index - Add to

- ics Calendar file

BTVT1 - Friday - 19:30-20:30 PDT

Title: Purple On My Mind: Cost Effective Automated Adversary Simulation (Intermediate)
When: Friday, Aug 7, 19:30 - 20:30 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Mauricio Velazco
Mauricio Velazco (@mvelazco) is a Peruvian, Infosec professional who started his career as a penetration tester and jumped to the blue team 8 years ago. He currently leads the Threat Management team at a Fortune 500 where he focuses on threat detection/hunting and adversary simulation. Mauricio has presented and hosted workshops at conferences like Defcon, Derbycon, BSides and the SANS Threat Hunting Summit. He holds a few certifications including OSCP and OSCE.
Twitter: @mvelazco

Description:
Automated adversary simulation is often perceived as a hard, dangerous and complicated program to implement and run. Fear no longer, our methodology and tooling will let you test and measure your defenses throughout your production environment to test not only your detection rule’s resilience but the whole event pipeline as well as your team’s response procedures. In this talk, we’ll share with the audience the open source tools we built and the methodology we use that will allow them to hit the ground running at nearly no cost.

Introduction (5 min)

Automated Adversary simulation - Design & Methodology (10 min)

State of the art (3 min)

Our approach (25 min )

Takeaways ( 3 min)

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

DC - Friday - 11:30-11:59 PDT

Title: Pwn2Own Qualcomm compute DSP for fun and profit
When: Friday, Aug 7, 11:30 - 11:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Slava Makkaveev , Security Researcher, Check Point
Slava Makkaveev is a Security Researcher at Check Point. Holds a PhD in Computer Science. Slava has found himself in the security field more than ten years ago and since that gained vast experience in reverse engineering and vulnerability research. Recently Slava has taken a particularly strong interest in mobile platforms and firmware security.

Description:
Qualcomm Snapdragon SoC integrates multiple subsystems, each one is customized for a particular application domain. Compute digital-signal processor (cDSP) is a subsystem which allows a mobile device to process simple sets of data with high performance on low power. In the talk we will show that this little studied proprietary subsystem has many security problems that open the door to malicious Android applications for PE and DoS attacks of the device.

Title: Red Team Village Opening Remarks
When: Friday, Aug 7, 07:30 - 07:59 PDT
Where: Red Team Vlg
Speakers:Joseph Mlodzìanowskì (cedoXx),Omar Ωr

SpeakerBio:Joseph Mlodzìanowskì (cedoXx)
No BIO available
Twitter: @cedoxX

SpeakerBio:Omar Ωr
No BIO available

Description:No Description available

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

RTV - Friday - 09:15-10:15 PDT

Title: Red Teaming: Born from the Hacker Community
When: Friday, Aug 7, 09:15 - 10:15 PDT
Where: Red Team Vlg

SpeakerBio:Chris Wysopal
Chris Wysopal is currently Veracode's CTO and Co-Founder. He is responsible for the company's software security analysis capabilities. One of the original vulnerability researchers and a member of L0pht Heavy Industries, Chris has testified on Capitol Hill in the US on the subjects of government computer security and how vulnerabilities are discovered in software. He published his first advisory in 1996 on parameter tampering in Lotus Domino and has been trying to help people not repeat this type of mistake for 15 years. Back in 1997 he first got paid for hacking someone else's network and later a company's web application. Chris was hooked and has been performing security testing one way or another since.

Description:No Description available

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

BHV - Friday - 12:00-12:59 PDT

Title: Redefining patient safety in the digital era
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: BioHacking Vlg
Speakers:Dena Medelsohn,Jen Goldsack

SpeakerBio:Dena Medelsohn
Dena Medelsohn is a passionate consumer advocate and boldly believe in data rights and access to quality healthcare. Dena is the director of health policy and data governance at Elektra Labs. Previously, Dena was the senior attorney at Consumer Reports.

SpeakerBio:Jen Goldsack
Jen Goldsack is the executive director of the Digital Medicine Society (DiMe), a 501c3 dedicated to advancing digital medicine to optimize human health. Jen’s research focuses on applied approaches to the safe, effective & equitable use of digital technologies to improve health, healthcare & health research.

Description:
Digital technologies are the future of medicine--and perhaps also public health--but these innovative tools that offer great promise for higher quality, more affordable, more accessible care also pose new risks to patients.

Using real-world examples, this presentation will make the case for expanding the list of harms considered when determining the risk-benefit profile of a medical product in the digital era of health. We will consider security practices -- and sometimes their absence -- and disparities in both access to technologies and technical literacy.

Digital technologies - and in particular remote monitoring technologies such as wearables and other in - home smart sensors have the potential to transform health, healthcare, and health research. But these innovative tools also pose new risks to patients.

Risk-benefit analysis is the bedrock of clinical decision making, from formulating individual treatment plans to drug approval decisions. However, while shaky data rights in the United States put patients at risk when they use digital health products, these risks are poorly understood and rarely included in risk-benefit analyses.

This presentation will illustrate the new risks to patients posed by their digital health footprint-from challenges accessing health care to discrimination in the workplace-and explain for readers why data rights and security must be folded into a contemporary definition of 'patient safety'.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

DL - Friday - 16:00-17:55 PDT

Title: redlure
When: Friday, Aug 7, 16:00 - 17:55 PDT
Where: See Description or Village

SpeakerBio:Matthew Creel
Matt has been a member of the Schneider Downs cybersecurity practice since 2017 where he helps provide clients with penetration testing, red teaming and incident response services. One of Matt's focuses is offensive tool development, notably password spraying and phishing tools. Matt has served clients in manufacturing, healthcare, automotive, finanaical and higher education industires.

Description:
redlure can be descirbed as a distributed phishing platform. There is a centeralized API (redlure-console) where you can create the different aspects of your phishing campaigns. This console controls secondary servers running a more basic API (redlure-workers) that do the actual hosting of your phishing sites/files and communicate results back to the main server. Obviosuly there are existing tools that can accomplish phishing, but here are a few features to this tool that differentiate it and will be descirbed in the abstract.

Audience: Offense

Interact @ #dl-creel-redlure-text: https://discord.com/channels/708208267699945503/730256326868860949

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Forum: https://forum.defcon.org/node/233131

Return to Index - Add to

- ics Calendar file

PWDV - Friday - 22:00-22:30 PDT

Title: Result of Longer Passwords in Real World Application (Rebroadcast)
When: Friday, Aug 7, 22:00 - 22:30 PDT
Where: Password Vlg

SpeakerBio:Minga
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ

Return to Index - Add to

- ics Calendar file

PWDV - Friday - 15:00-15:30 PDT

Title: Result of Longer Passwords in Real World Application
When: Friday, Aug 7, 15:00 - 15:30 PDT
Where: Password Vlg

SpeakerBio:Minga
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ

Return to Index - Add to

- ics Calendar file

RGV - Friday - 11:00-11:59 PDT

Title: Rogues Village Introduction
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Rogues Vlg

SpeakerBio:Rogues Village Team
No BIO available

Description:
Who are we? What are we doing? How many ham-sandwiches can you fit into a handbag? Well, tune in to find out all of our secrets at Rogues Village this year.

Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage

Return to Index - Add to

- ics Calendar file

BHV - Friday - 13:00-13:59 PDT

Title: Russian Cyber Threats in The Pandemic Era
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: BioHacking Vlg

SpeakerBio:Dr. Khatuna Mshvidobadze
Dr. Khatuna Mshvidobadze teaches cybersecurity and information management at Utica College and George Washington University. Her constantly updated “Russian Cyber Threats” has been presented around the world. Her articles have appeared throughout the international press.

Description:
Russia has seized upon the global Covid-19 pandemic as an opportunity to use its multifaceted, multidirectional information and cyberwarfare strategy against its prospective enemies. Russian state-sponsored hackers are using the coronavirus to spread different types of malware against western nations. Universities, hospitals and scientific facilities with access to classified information are targeted to steal data and research related to Covid-19. In this respect, the presentation will cover cyber-attack efforts against the healthcare industry in the United States and Europe. The presentation will discuss tactics, techniques and procedures (TTPs) of the advanced persistent threat (APT) groups. It will review Russian ransomware criminal actors and their communication channels (dark web).

The presentation also will highlight the role of the siloviki (people of power) in the country’s information warfare efforts. It will examine the structural units of the Russian Federal Security service (FSB) and Russian military intelligence (GRU), their projects and their networks of allied criminal groups. It will discuss how intelligence organizations are using APT groups through complex outsourcing strategies to conduct cyberwarfare over a broad spectrum. The presentation suggests several factors that drive the current trends in Russian cyber capabilities. It will also survey current trends: growing sophistication of TTPs and tools, supply chain threats, false flag operations, deception tactics, third party entry vectors and cyber espionage. Finally, the Russian Cyber Threat presentation will cover the role and mission of the Russian Foundation for Advanced Research Projects in the Defense Industry, the Russian Army’s Technopolis, and Russia’s chemical, biological, medical, informational and research efforts.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

ENT - Friday - 23:00-23:59 PDT

Title: Shadowvex
When: Friday, Aug 7, 23:00 - 23:59 PDT
Where: See Description or Village

Description:
Underground hacker, audio/visual artist and researcher of entheogenic blockchain technology.¬† Music is magick.

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Web: https://shadowvex.com

Twitter: https://twitter.com/shadowvex

Return to Index - Add to

- ics Calendar file

FSL - Friday - 21:00-21:59 PDT

Title: Shrek, Juggs, and Toxic Trolls: a BADASS discussion about Online Sexuality and Hacktivism
When: Friday, Aug 7, 21:00 - 21:59 PDT
Where: DEF CON Fireside Twitch
Speakers:Katelyn Bowden,Rachel Lamp,Allie Barnes,Kate Venable,Marleigh Farlow,Tim Doomsday

SpeakerBio:Katelyn Bowden , CEO and Founder, BADASS
No BIO available

SpeakerBio:Rachel Lamp , COO, BADASS
No BIO available

SpeakerBio:Allie Barnes , CTO, BADASS
No BIO available

SpeakerBio:Kate Venable , Head of Legal, BADASS
No BIO available

SpeakerBio:Marleigh Farlow , CMO, BADASS
No BIO available

SpeakerBio:Tim Doomsday , CISO, BADASS
No BIO available

Description:
In this panel discussion, the BADASS army team will be talking about the intersection between security and sex, the problem of online exploitation and harassment, and what needs to be done to address these issues. After an introduction to the org and the culture of NOn Consensual Pornography, The panel will be a free form conversation with audience participation, covering a wide variety of topics related to NCP and online sexual abuse.

BADASS is a nonprofit org dedicated to fighting image based abuse. Founded in 2017 by victims of NCP, it has grown to be one of the major organizations trying to prevent online exploitation.

DEF CON Fireside Lounges will be live-streamed on Twitch.

Web: https://www.social-engineer.org/sevillage-def-con/the-sectf4teens/

#fireside-lounge-text: https://discord.com/channels/708208267699945503/738141986476916826

Return to Index - Add to

- ics Calendar file

HRV - Friday - 14:00-14:59 PDT

Title: So You Got an SDR: Common Signals and the Wiki
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Ham Radio Vlg

Description:
Come learn about how to use an software defined radio (SDR) to pick up and signals, and how to identify what they are and what they mean.

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Social Engineer SECTF4Teens
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231051

Discord: https://discord.com/channels/708208267699945503/726609125760434176

Return to Index - Add to

- ics Calendar file

DC - Friday - 10:30-10:59 PDT

Title: Spectra—New Wireless Escalation Targets
When: Friday, Aug 7, 10:30 - 10:59 PDT
Where: DEF CON Q&A Twitch
Speakers:Francesco Gringoli,Jiska Classen

SpeakerBio:Francesco Gringoli , University of Brescia
No BIO available

SpeakerBio:Jiska Classen , Secure Mobile Networking Lab
jiska likes to break things, and Francesco loves reverse engineering. They both have a history in binary patching on Broadcom chips. While jiska focuses on the Bluetooth side of this project, Francesco is the Wi-Fi specialist.
Twitter: @naehrdine

Description:
Wireless coexistence enables high-performance communication on platforms with a small form factor despite overlapping frequency bands. On-chip coexistence is essential to combine wireless technologies, and manufacturers implement various proprietary solutions. This presentation demonstrates multiple attacks on two coexistence features of Broadcom and Cypress Wi-Fi/Bluetooth combo chips. Various popular devices that were released over a decade are affected, such as the Google Nexus 5 and iPhone 6, but also the newest iPhone 11 and Samsung Galaxy S20.

On the analyzed chips, Wi-Fi and Bluetooth run on separate processing cores, but various information leaks and even code execution become possible through their coexistence interfaces. As these escalations concern an internal chip interface, the operating system cannot prevent them. However, coexistence exploitation widens the possibilities to escalate into drivers and the operating system on top.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

AIV - Friday - 13:30-13:59 PDT

Title: Spectrum: An End-to-End Framework for ML-based Threat Monitoring and Detection
When: Friday, Aug 7, 13:30 - 13:59 PDT
Where: AI Vlg

SpeakerBio:Nahid Farhady
No BIO available

Description:No Description available

AI Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CPV - Friday - 10:00-10:59 PDT

Title: STARTTLS is Dangerous
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Hanno Böck
Hanno is a freelance writer and IT security professional. He has discovered high profile TLS vulnerabilities in the past, including the ROBOT attack and flaws in TLS GCM implementations. He is the author of the monthly Bulletproof TLS Newsletter.

Description:
The STARTTLS mechanism allows upgrading insecure protocols to a TLS encrypted connection. This mechanism is incredibly fragile and almost by default leads to vulnerable implementations. In 2011 Wietse Venema discovered a flaw in Postfix that allowed a man in the middle attacker to inject commands into an encrypted connection [1].

We discovered that the flaw is still widely present in E-Mail servers and also, previously unknown, the same flaw exists in many mail clients. In some cases these flaws allow stealing E-Mail credentials. Furthermore the STARTTLS mechanism is weakly specified and in part contradictory, which allows other attacks.

The talk will give an overview on why STARTTLS is dangerous and should be avoided.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

https://github.com/bridgecrewio/checkov/tree/master/docs

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

CLV - Friday - 12:50-13:25 PDT

Title: Static analysis of Infrastructure as code: Terraform, Kubernetes, Cloudformation and more!
When: Friday, Aug 7, 12:50 - 13:25 PDT
Where: Cloud Vlg

SpeakerBio:Barak Schoster
Barak Schosteris CTO and Co-founder at Bridgecrew, working from Tel Aviv, Israel, Helping teams secure cloud infrastructure. Often contributing to open source projects including Checkov, AirIAM, Terragoat, Prowler, and others. He has previously worked for RSA focused on cybersecurity machine learning and big data architecture as well as at Fortscale and IDF tech unit. When not writing code or Barak loves to drink coffee and wine (but not at the same time).
Twitter: @BarakSchoster

Description:
Planning, provisioning, and changing infrastructure are becoming vital to rapid cloud application development. Incorporating infrastructure-as-code into software development promotes transparency and immutability and helps prevent bad configurations upstream.

About this talk: Planning, provisioning, and changing infrastructure are becoming vital to rapid cloud application development. Incorporating infrastructure-as-code into software development promotes transparency and immutability and helps prevent bad configurations upstream.

In this talk:

We'll cover the current state of infrastructure security in the open source registries.

From there we will continue to discuss best practices for writing, testing, and maintaining infrastructure at scale, keeping the infrastructure code secured using open source scanners.

We will cover infrastructure security use cases like encryption, public-facing data entities and plain text secrets, And will show how to find those using policy as code.

Based on the open source tool:

And the training resources:

https://github.com/bridgecrewio/terragoat/ https://github.com/madhuakula/kubernetes-goat

Return to Index - Add to

- ics Calendar file

PHVT - Friday - 16:00-16:59 PDT

Title: Take Down the Internet! With Scapy
When: Friday, Aug 7, 16:00 - 16:59 PDT
Where: Packet Hacking Vlg - Talk

SpeakerBio:C8 (John Hammond)
John Hammond (Twitter: @_johnhammond) is a cybersecurity instructor, developer, red teamer, and CTF enthusiast. Cyber Training Academy curriculum developer and teacher for the Cyber Threat Emulation course, educating both civilian and military members on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He personally developed training material and infosec challenges for events such as PicoCTF and the "Capture the Packet" competition at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the University of North Carolina Greensboro, and other events like the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality to showcase programming tutorials, cyber security guides, and CTF video walkthroughs. John currently holds the following certifications: Security+, eJPT, CEH, PCAP, OSWP, OSCP, OSCE, and OSWE.
Twitter: @_johnhammond

Description:
You know Python remains a hacker's favorite language... and for both network defenders and attackers alike, Scapy shines as their favorite Python module! This talk introduces Scapy and its syntax, discusses and showcases multiple attacks that can be performed with Scapy (SYN flood, Ping of Death, DNS amplification attacks and more) as well as offering some defensive techniques to mitigate these attacks. These network attacks are often a "denial of service" and have dire consequences – so you choose your role as an attacker or defender, and be part of either the cause or the solution to take down the Internet!

YouTube: http://youtube.com/wallofsheep

Twitch: http://twitch.tv/wallofsheep

Facebook: http://facebook.com/wallofsheep/

Periscope: https://t.co/gnl7JLlftA?amp=1

Return to Index - Add to

Title: Terrestrial Access Network
When: Friday, Aug 7, 18:00 - 18:59 PDT
Where: See Description or Village

Description:
If packets could dance, they would surely dance to this...

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Twitch: https://www.twitch.tv/defcon_music

Soundcloud: https://soundcloud.com/collinsullivan

Spotify: https://open.spotify.com/artist/53WcPPzAkgtrcJhAfytwMN

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: The Gold Bug – Crypto and Privacy Village Puzzle
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go.

The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too! PELCGBTENCUL VF UNEQ

Forum: https://forum.defcon.org/node/232942

Discord: https://discord.com/channels/708208267699945503/711644108837486602

Twitter: https://twitter.com/CryptoVillage

Web: https://goldbug.cryptovillage.org/

Return to Index - Add to

- ics Calendar file

ICS - Friday - 13:45-14:45 PDT

Title: The Journey of ICS Project Files - Visibility and Forensics to Exploitation
When: Friday, Aug 7, 13:45 - 14:45 PDT
Where: ICS Vlg

SpeakerBio:Nadav Erez
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village

Return to Index - Add to

- ics Calendar file

IOT - Friday - 18:30-19:15 PDT

Title: The Joy of Coordinating Vulnerability Disclosure
When: Friday, Aug 7, 18:30 - 19:15 PDT
Where: IOT Vlg
Speakers:Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh

SpeakerBio:Daniel Gruss , TU Graz
No BIO available

SpeakerBio:CRob , Red Hat
No BIO available

SpeakerBio:Lisa Bradley , Dell
No BIO available

SpeakerBio:Katie Noble , Intel Corp
Katie currently serves as a Director of PSIRT and Bug Bounty at Intel Corp. Where she leads the cyber security vulnerability Bug Bounty program, researcher outreach, and strategic planning efforts. Previous to this position, Katie served as the Section Chief of the Vulnerability Management and Coordination at the Department of Homeland Security, Cyber and Infrastructure Security Agency (CISA) where she led DHS’ primary operations arm for coordinating the responsible disclosure and mitigation of identified cyber vulnerabilities in control systems, enterprise, hardware and software. Katies team is credited by the Secretary of Homeland Security with the coordination and public disclosure of over 20,000 cyber security vulnerabilities within a two year period. Katie is a highly accomplished manager with over 14 years of U.S. Government experience, both in the Intelligence Community and Cyber Security Program Management. She has operated at all levels from individual contributor as an Intelligence Analyst for the National Intelligence Community to Senior Policy Advisor for White House led National Security Council (NSC) Cyber programs. Her work has directly impacted the decision making of the NSC, Defense Information Systems Agency, Office of the Director of National Intelligence, Department of Defense, Federal Communications Commission, Central Intelligence Agency, U.S. Coast Guard, U.K.Ministry of Defense, Canadian Government agencies, and Australian Cabinet Ministry.

SpeakerBio:Omar Santos , Cisco
Omar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar is the author of over 20 books and video courses; numerous white papers, and other articles. Omar is a Principal Engineer of Cisco’s Product Security Incident Response Team (PSIRT) where he mentors and lead engineers and incident managers during the investigation and resolution of security vulnerabilities. Omar is often presenting at many conferences and he is the co-lead of the DEF CON Red Team Village.
Twitter: @santosomar

SpeakerBio: Anders Fogh , Intel
No BIO available

Description:
Under the best of circumstances, coordinating disclosure of vulnerabilities can be a challenge. At times it can feel like everyone involved in CVD has conflicting motivations. The truth is that all of us are aspiring to do the right thing for end-users based on our perspective. The panel will share experiences and show how researchers and technology companies can work together to improve the impact of disclosing vulnerabilities on the technology ecosystem. Join CRob (Red Hat), Lisa Bradley (Dell), Katie Noble (Intel), Omar Santos (Cisco), Anders Fogh (Intel) and Daniel Gruss (TU Graz) for an exciting and engaging dialog between security researchers and industry experts on the Joy of coordinating vulnerability disclosure.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CPV - Friday - 12:00-12:59 PDT

Title: The Norwegian Blue: A lesson in Privacy Engineering
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Eivind Arvesen
Eivind is a senior software developer and architect who works as a consultant for Bouvet, specializing in security and privacy. He holds a master’s degree with a focus on machine learning, and has experience ranging from his own startup during his studies to large organizations both public and private. Eivind was recently temporarily pulled from his usual project within critical infrastructure to be part of a government appointed expert panel tasked with evaluating the Norwegian COVID-19 app. In his spare time, Eivind writes about privacy issues, participates in bug bounties, contributes to open source software and records music.

Description:
"Can smartphones automate contact tracing?" As COVID-19 spread like wildfire earlier this year, health authorities around the world asked themselves this question. If so: What data would you need, from whom, under what circumstances – and which safeguards should be in place? You could just upload all of everyone's data from every sensor continuously, right? It's not like you know for certain what data you'll need anyways. Besides, people should trust their government. What could go possibly wrong? Join me as I explore how Norway became worst-in-class in contact tracing. I'll be telling the story of how I became a member of the government appointed expert panel tasked with evaluating the Norwegian COVID-19 app, what we found, as well as the weirdness that unfolded around us before, during, and after our work.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: The Schemaverse Championship
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The Schemaverse [skee-muh vurs] is a space battleground that lives inside a PostgreSQL database. Mine the hell out of resources and build up your fleet of ships, all while trying to protect your home planet. Once you're ready, head out and conquer the map from other DEF CON rivals.

This unique game gives you direct access to the database that governs the rules. Write SQL queries directly by connecting with any supported PostgreSQL client or use your favourite language to write AI that plays on your behalf. This is DEF CON of course so start working on your SQL Injections - anything goes!

Forum: https://forum.defcon.org/node/233021

Discord: https://discord.com/channels/708208267699945503/711644182116040784

Twitter: https://twitter.com/schemaverse

Web: https://schemaverse.com

Return to Index - Add to

- ics Calendar file

MOV - Friday - 13:00-13:59 PDT

Title: This year's village badge
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Monero Vlg

SpeakerBio:Michael Schloh von Bennewitz
No BIO available

Description:
Codenamed Bob, this year's electronic badge enjoys collaboration from several villages and is called the Intervillage Badge. https://bob.monerodevices.com/ In this hour, we review the construction and feature set of this unique electronic badge. We consider it's energy harvesting ability, hackable nature, and radio signature. This year's badge contains three RFID/NFC long range circuits, dome switches never seen before on badges, and a trapazoidal 13.56 MHz trace antenna. It is enclosed in a translucent colored plastic frame, a full colour front overlay, and back mounted color leatherette (to protect your phone lens.) The Opensource design is located on scm.monerodevices.com with several of your Monero friends participating in the project. The Intervillage Badge is distributed by well known sellers, please see shop.monerodevices.com for information. For more information about this year's village badge (and many others), please visit the Monero Village office hours. View the schedule at Monerovillage.org and look for 'Badge Clinic'.

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676

Return to Index - Add to

- ics Calendar file

BTVW2 - Friday - 15:00-16:30 PDT

Title: Threat Hunting with the Elastic Stack (Beginner)
When: Friday, Aug 7, 15:00 - 16:30 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Ben Hughes
Ben Hughes (@CyberPraesidium) brings over 15 years of diverse experience in cyber security, IT, and law. He leads Polito's commercial services including pen testing, DFIR, and threat hunting. Prior to joining Polito, Ben worked on APT hunt teams at federal and commercial clients. He holds CISSP, GWAPT, and GCFA certifications.
Twitter: @CyberPraesidium

Description:
This hands-on workshop will walk you through leveraging the open source Elastic (ELK) stack to proactively identify attacker activity hiding within diverse data sets. The basic tools and techniques taught during this workshop can be used to investigate isolated security incidents or implemented at scale for continuous monitoring and threat hunting. You will be provided with access to a preconfigured Elastic cluster and extensive sample logs containing malicious endpoint and network events waiting to be discovered on a simulated enterprise network. Emphasis will be placed on live demos and practical training exercises throughout.

With all new logs and revamped material from our past versions of this workshop, this year's hands-on workshop will walk attendees through leveraging the open source Elastic (ELK) stack to proactively identify malicious activity hiding within diverse data sets. The basic tools and techniques taught during this class can be used to investigate isolated security incidents or implemented at scale for continuous monitoring and threat hunting. Attendees will be provided with access to a preconfigured Elastic cluster and extensive sample logs containing malicious endpoint and network events waiting to be discovered on a simulated enterprise network. New for this year, attacker artifacts will be more closely mapped to the MITRE ATT&CK Framework and tagged accordingly in the provided logs to help demonstrate the value of log enrichment, showcase both common and novel real-world attacker TTPs, and leverage a methodological approach to adversary and anomaly detection. Emphasis will be placed on live demos and practical training exercises throughout.

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

ASV - Friday - 16:00-16:45 PDT

Title: Threat Modelling the Death Star
When: Friday, Aug 7, 16:00 - 16:45 PDT
Where: AppSec Vlg

SpeakerBio:Mário Areias
No BIO available

Description:
It is a known fact the Empire needs to up their security game. The Rebellion hack their ships, steal their plans, and even create backdoors! In this talk, we will help the Empire by threat modeling the Death Star. Traditionally, Threat Models have been a slow and boring process that ends up with a giant document detailed any possible security problem. This approach, although useful in the past, is not necessarily good in an ever-changing environment (or when you have Jedis as enemies!).

I will introduce Attack Trees and how they can fit in nicely in a DevOps world. Come and join the Dark Side! We might save the Empire after all!

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

RTV - Friday - 18:00-18:59 PDT

Return to Index - Add to

- ics Calendar file

AEV - Friday - 10:00-13:30 PDT

Title: Understanding Space Through a CyberSecurity Lens
When: Friday, Aug 7, 10:00 - 13:30 PDT
Where: Aerospace Vlg Workshop

Description:
This exciting, fast-paced course delivers the "big picture" of space missions from cradle to grave. Understanding Space is the ideal course for technical or non-technical professionals new to the space industry or who need a refresher on the fundamentals.

Learning outcomes will be:
- Gain Core Space Knowledge
- Comprehend space mission Capabilities, Trade-offs and Limitations - Apply Space Concepts to real-world problems - Analyze Typical Space Problems
- Synthesize concepts to Design a Space Mission - Evaluate basic technical and programmatic space issues

This will be a half-day course instead of the normal 2-day course.

Return to Index - Add to

- ics Calendar file

AEV - Friday - 14:30-17:59 PDT

Title: Understanding Space Through a CyberSecurity Lens
When: Friday, Aug 7, 14:30 - 17:59 PDT
Where: Aerospace Vlg Workshop

Description:
This exciting, fast-paced course delivers the "big picture" of space missions from cradle to grave. Understanding Space is the ideal course for technical or non-technical professionals new to the space industry or who need a refresher on the fundamentals.

This will be a half-day course instead of the normal 2-day course.

Return to Index - Add to

Title: Welcome to the Payment Village
When: Friday, Aug 7, 09:45 - 09:59 PDT
Where: Payment Vlg

SpeakerBio:Leigh-Anne Galloway
No BIO available

Description:
Leigh-Anne will introduce you to the Payment Village and cover key information required to participate in the Payment Village at DEF CON

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q

Return to Index - Add to

- ics Calendar file

DC - Friday - 13:30-13:59 PDT

Title: When TLS Hacks You
When: Friday, Aug 7, 13:30 - 13:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Joshua Maddux , Security Engineer, Latacora
Joshua Maddux started out as a software engineer. After a few years, having introduced his share of bugs to the world, he started hunting for vulnerabilities in his own code and elsewhere. At PKC Security he gained additional experience in software development and white-box penetration testing, and gave his first ever conference talk at Blackhat USA on a series of systemic SSRF vulnerabilities in sites supporting Apple Pay. Now on the Appsec team at Latacora, he helps advise startups in building secure products. Aside from work for clients, Joshua is also active in the bug bounty world. His past research has led to security updates in Java, Netflix, Gitlab, United Airlines, Zapier, and others.
Twitter: @joshmdx

Description:
Lots of people try to attack the security of TLS. But what if we use TLS to attack other things? It's a huge standard, and it turns out that features intended to make TLS fast have also made it useful as an attack vector.

Among other things, these features provide a lot of flexibility for Server-Side Request Forgery (SSRF). While past work using HTTPS URLs in SSRF has relied upon platform-specific bugs such as SNI injection, we can go further. In this talk, I present a novel, cross-platform way of leveraging TLS to target internal services.

Uniquely, these attacks are more effective the more comprehensively a platform supports modern TLS, so won't go away with library upgrades. It is also unlikely that the TLS spec will change overnight at the whim of a random security researcher. Instead, we need to walk through scenarios and dispel common assumptions so the audience can know what to look out for. Of course, the best way to do so is with demos!

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

ASV - Friday - 10:00-10:59 PDT

Title: Who’s secure, who’s not, & who makes that choice
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: AppSec Vlg

SpeakerBio:Maddie Stone
No BIO available
Twitter: @maddiestone

Description:No Description available

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

CNE - Friday - 09:00-17:59 PDT

Title: Wireless Capture the Flag
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Do you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Wireless Capture the Flag (WCTF) at DEF CON.

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The WCTF can be completely done with a little knowledge, a pen tester’s determination, and $40 or $4000 worth of equipment; the key is to read the clues and determine the goal of each challenge.

Each WCTF event begins with a presentation: How to WCTF. There will be clues everywhere, and we will provide periodic updates. Make sure you pay attention to what’s happening at the WCTF desk, on Twitter https://twitter.com/wctf_us, https://twitter.com/rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer at our discretion.

Forum: https://forum.defcon.org/node/233017

Discord: https://discord.com/channels/708208267699945503/711644270976696380

Twitter: https://twitter.com/wctf_us

Web: https://wctf.us/

Return to Index - Add to

- ics Calendar file

WLV - Friday - 17:45-18:45 PDT

Title: Wireless Village Fireside Talk
When: Friday, Aug 7, 17:45 - 18:45 PDT
Where: Wireless Vlg

Description:
FIRESIDE Talk, on stryngs, scapy with a dash of bluetooth, anyone want a code release and some demo on packet creation in BT and other work

#wv-general-voice: https://discord.com/channels/708208267699945503/731262451974144071

Return to Index - Add to

- ics Calendar file

CPV - Friday - 15:00-15:59 PDT

Title: Workshop: Let's Talk About Abusability Testing
When: Friday, Aug 7, 15:00 - 15:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Avi Zajac,Franchesca Spektor,Ji Su Yoo,Nicole Chi

SpeakerBio:Avi Zajac
Avi (@_llzes, Avi/they/he) is a privacy-focused hacker and engineer. They love rabbits, cheesecake, and cute things like privacy and security, locksport, cryptography.
Twitter: @_llzes

SpeakerBio:Franchesca Spektor
Franky’s (@3llsaria, she/her) expertise is in ethical design practices around bioethics, disability & sexuality, and she previously served as a Lab Manager for the Disability Design Lab at UC Berkeley.

SpeakerBio:Ji Su Yoo
Ji Su (she/her) is a PhD at UC Berkeley’s School of Information and former researcher at the Harvard Data Privacy Lab, where she worked on security protocol and data privacy.

SpeakerBio:Nicole Chi
Nicole’s (@tinween, she/her) focus is on the “tech for good” space in its many forms, having worked in civic tech, nonprofit digital capacity building, tech policy, and ML ethics. Her strength is bridging connections and expertise across disciplines.
Twitter: @tinween

Description:
Are you concerned about how your products may be used for harm: intentionally or unintentionally? We will be covering the concept of abusability testing for platform abuse in this hybrid panel and workshop, with a clicker style method of interacting to foster deep understanding and participate in discussions on abusability testing. You’ll walk away with an understanding of abusability testing, join a community passionate about fighting platform abuse, and maybe walk away with actionable steps you can take to alleviate harm in your own products.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

HTS - Friday - 10:00-10:30 PDT

Title: Yacht PWNed
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: Hack the Sea Vlg

SpeakerBio:Stephen Gerling
No BIO available

Description:No Description available

Hack the Sea Village activities will be streamed to Twitch.

Twitch: https://twitch.tv/hackthesea

Return to Index - Add to

- ics Calendar file

RTV - Friday - 15:30-16:30 PDT

Title: Yippee-Ki-Yay MFA'er - Bypassing Multi-Factor Authentication with Real-Time Replay Session Instantiation Attacks
When: Friday, Aug 7, 15:30 - 16:30 PDT
Where: Red Team Vlg

SpeakerBio:Justin Hutchens (“Hutch”)
Justin Hutchens (“Hutch”) is a seasoned cyber-security professional who specializes in vulnerability management, attack simulations, penetration testing, and red teaming. In 2008, Hutch began his information security career doing Threat and Vulnerability Management for the United States Air Force. Since separating from the Air Force, he has gone on to lead multiple penetration testing teams in both consulting and internal capacities. He has also achieved a Master’s degree in Computer Security Management and multiple information security certifications to include CISSP, GPEN, GWAPT, and OSCP. Hutch has significant experience in the field and has led assessments in nearly every industry and vertical. He is skilled in coding in Python, JavaScript, PowerShell, and Bash -- and emphasizes the importance of automation for both assessment methodology and development of internal processes.

Description:
In the not-too-distance past, it was fairly easy for red-teamers to conquer almost any environment with a combination of password sprays, or by leveraging social engineering to lure victims to fake login sites and harvest their credentials. But in the current landscape, there are new road-blocks to contend with. Nearly every company and organization has now deployed some form of Multi-Factor Authentication (MFA) on their perimeter services. Fortunately, for red-teamers, the vast majority of implementations of MFA across the Internet (email-based, SMS, OTP, and push requests) all share a common critical flaw that can still be easily circumvented using a modern revision of the classic “credential harvesting” attacks. This talk will offer a comprehensive methodology for how a red team can effectively bypass nearly any MFA service using Python-Flask and browser emulation libraries (Mechanize or Selenium) to replay MFA credentials in real-time, establish legitimate user sessions, and then harvest the session tokens to assume access to those compromised sessions. This methodology will prove once again, that the advantage is still square in the hands of the red team, and that even now…ALL YOUR BASE ARE BELONG TO US!!!

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

ENT - Friday - 21:00-21:59 PDT

Title: Zebbler Encanti Experience
When: Friday, Aug 7, 21:00 - 21:59 PDT
Where: See Description or Village

Description:
Zebbler Encanti Experience (aka ZEE) is an audio/visual collaboration between video artist Zebbler and electronic music producer Encanti, based out of Boston and the Scottish Highlands. The Experience is a performance of mapped visuals on three custom winged projection screens, synchronized with heavy peak-hour psychedelic bass music, resulting in the creation of an immersive A/V fantasy world.

Discord: https://discord.com/channels/708208267699945503/735624334302904350