Talk/Event Schedule


Friday


This Schedule is tentative and may be changed at any time. Check at an Info Booth for the latest.

 

Friday - 06:00 PDT


Return to Index  -  Locations Legend
CLV - Cloud Village CTF -

 

Friday - 07:00 PDT


Return to Index  -  Locations Legend
CLV - cont...(06:00-12:30 PDT) - Cloud Village CTF -
RTV - (07:30-07:59 PDT) - Red Team Village Opening Remarks - Joseph Mlodzìanowskì (cedoXx),Omar Ωr

 

Friday - 08:00 PDT


Return to Index  -  Locations Legend
AEV - Hack-A-Sat Launch Party -
RTV - Knock knock, who's there? Identifying assets in the cloud - Tanner Barnes (aka @_StaticFlow_),NahamSec

 

Friday - 09:00 PDT


Return to Index  -  Locations Legend
AIV - (09:30-09:59 PDT) - Opening Remarks - AI Village Organizers
BHV - (09:30-10:45 PDT) - DAY1 KEYNOTE: The Trust Talks - Nina Alli,Vee Schmitt,Yusuf Henriques,Josh O'Connor,Cannibal,Devabhaktuni Srikrishna,Najla Lindsay,Nate DeNicola
DC - (09:30-09:59 PDT) - Welcome to DEF CON Safe Mode - The Dark Tangent
HHV - (09:30-09:59 PDT) - Meetup: Some HHV Challenges - rehr
ICS - Keynote - Chris Krebs
IOT - (09:15-09:45 PDT) - How to get rights for hackers - Chloé Messdaghi
MOV - (09:50-09:59 PDT) - Welcome Speech - rehr
PAYV - (09:45-09:59 PDT) - Welcome to the Payment Village - Leigh-Anne Galloway
RTV - (09:15-10:15 PDT) - Red Teaming: Born from the Hacker Community - Chris Wysopal
RTV - (09:30-15:59 PDT) - Red Team Village CTF - Finals -

 

Friday - 10:00 PDT


Return to Index  -  Locations Legend
AEV - Opening Remarks: Getting The Aerospace Village To Take-Off - Chris Krebs,Dr Will Roper,Pete Cooper
AIV - ML Security Evasion Competition 2020 - drhyrum,zh4ck
AIV - (10:30-10:59 PDT) - Baby's First 100 MLSec Words - erickgalinkin
ASV - Who’s secure, who’s not, & who makes that choice - Maddie Stone
BCV - Welcome Note
BCV - Key Note - State of Blockchain Security - Peter Kacherginsky
BHV - cont...(09:30-10:45 PDT) - DAY1 KEYNOTE: The Trust Talks - Nina Alli,Vee Schmitt,Yusuf Henriques,Josh O'Connor,Cannibal,Devabhaktuni Srikrishna,Najla Lindsay,Nate DeNicola
BTVT1 - Quark Engine - An Obfuscation-Neglect Android Malware Scoring System (Beginner) - JunWei Song,KunYu Chen
BTVW1 - Cypher for Defenders: Leveraging Bloodhound Data Beyond the UI (Intermediate) - Scoubi
CHV - Adding new features by manipulating CAN bus - Teejay
CHV - Automotive In-Vehicle Networks - Kamel Ghali
CLV - cont...(06:00-12:30 PDT) - Cloud Village CTF -
CPV - STARTTLS is Dangerous - Hanno Böck
CRV - From Barista to Cyber Security Pro, Breaking the Entry Level Barrier - Alyssa Miller
DC - (10:30-10:59 PDT) - Spectra—New Wireless Escalation Targets - Francesco Gringoli,Jiska Classen
DL - Carnivore (Microsoft External Attack Tool) - Chris Nevin
DL - CIRCO v2: Cisco Implant Raspberry Controlled Operations - Emilio Couto
ETV - Federal Communications Commission - Comm. Geoffrey Starks
HHV - Learn to Solder the BadgeBuddy Kit - Joseph Long (hwbxr)
HRV - Village Opening Remarks -
HTS - Yacht PWNed - Stephen Gerling
ICS - (10:15-10:45 PDT) - ICS Village CTF Kick-Off - Tom
IOT - IoT Hacking Stories in Real Life - Besim Altinok
IOT - (10:45-11:45 PDT) - Getting Started – Building an IoT Hardware Hacking Lab -
LBV - Bypass 101 + Q&A
LPV - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - Keynote: Monero: Sound Money Safe Mode - Dr. Daniel Kim
PAYV - Making sense of EMV card data – decoding the TLV format - Dr Steven J. Murdoch
PHVT - Media Analysis of Disinformation Campaigns - Chet Hosmer,Mike Raggo
PWDV - Getting Started with Hashcat - Password Village Staff
RTV - cont...(09:15-10:15 PDT) - Red Teaming: Born from the Hacker Community - Chris Wysopal
RTV - cont...(09:30-15:59 PDT) - Red Team Village CTF - Finals -
RTV - (10:30-11:30 PDT) - Panel: The Joy of Coordinating Vulnerability Disclosure - Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh
VMV - Welcome and Kick-Off - Harri Hursti,Matt Blaze,Maggie MacAlpine
VMV - (10:30-10:59 PDT) - Keynote Remarks: Representative Jackie Speier - Jackie Speier

 

Friday - 11:00 PDT


Return to Index  -  Locations Legend
AEV - MITM - The Mystery In The Middle. An Introduction To The Aircraft Information Systems Domain - Matt Gaffney
AIV - Workshop 1
ASV - 2FA in 2020 and Beyond - Kelley Robinson
ASV - Applying Pysa to Identify Python Security Vulnerabilities - Graham Bleaney
BCV - Verifiable Delay Functions for preventing DDoS Attacks on Ethereum 2.0 - Gokul Alex,Tejaswa Rastogi
BHV - Fireside Chat with Dr. Amy Abernethy and Adama Ibrahim - Adama Ibrahim,Amy Abernethy
BHV - (11:30-11:59 PDT) - Porcupine: Rapid and robust tagging of physical objects using DNA with highly separable nanopore signatures - Katie Doroschak
BTVT1 - OuterHaven - The UEFI Memory Space Just Itching to be Misused (Intermediate) - Connor Morley
BTVW1 - cont...(10:00-11:30 PDT) - Cypher for Defenders: Leveraging Bloodhound Data Beyond the UI (Intermediate) - Scoubi
BTVW2 - (11:30-13:30 PDT) - An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner) - Ben Bornholm
CHV - PowerLine Truck Hacking: 2TOOLS4PLC4TRUCKS - Ben Gardiner,Chris Poore
CHV - OBD and what we CAN do with it - Infenet
CLV - cont...(06:00-12:30 PDT) - Cloud Village CTF -
CLV - Opening Keynote
CLV - (11:20-12:05 PDT) - IAM Concerned: OAuth Token Hijacking in Google Cloud (GCP) - Jenko Hwong
CPV - LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage - Akira Takahashi,F. Novaes,M. Tibouchi,Y. Yarom,Diego F. Aranha
CRV - But I Still Need A Job! - Kirsten Renner
DC - (11:30-11:59 PDT) - Pwn2Own Qualcomm compute DSP for fun and profit - Slava Makkaveev
DL - cont...(10:00-11:50 PDT) - Carnivore (Microsoft External Attack Tool) - Chris Nevin
DL - cont...(10:00-11:50 PDT) - CIRCO v2: Cisco Implant Raspberry Controlled Operations - Emilio Couto
HHV - Hardware hacking 101: There is plenty of room at the bottom - Federico Lucifredi
HRV - Ham Radio USA License Exams (Friday) -
HRV - Talking to Satellites -
ICS - Mission Kill: Process Targeting in ICS Attacks - Joe Slowik
ICS - (11:45-12:15 PDT) - Vulnerability Discovery - Tips for Surviving and Thriving - Dor Yardeni,Mike Lemley
IOT - cont...(10:45-11:45 PDT) - Getting Started – Building an IoT Hardware Hacking Lab -
LBV - cont...(10:00-11:30 PDT) - Bypass 101 + Q&A
LBV - (11:30-12:59 PDT) - DIY Bypass Tool Workshop + Q&A
LPV - Key Duplication - It's not just for the movies! - Tony Virelli
MOV - cont...(10:00-11:30 PDT) - Keynote: Monero: Sound Money Safe Mode - Dr. Daniel Kim
PAYV - Fear and Loathing in Payment Bug Bounty - Timur Yunusov
RGV - Rogues Village Introduction - Rogues Village Team
RTV - cont...(09:30-15:59 PDT) - Red Team Village CTF - Finals -
RTV - cont...(10:30-11:30 PDT) - Panel: The Joy of Coordinating Vulnerability Disclosure - Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh
RTV - (11:45-12:45 PDT) - How to hack SWIFT, SPID, and SPEI with basic hacking techniques (from a Red Team Perspective) - Guillermo Buendia
VMV - A Policy Approach to Resolving Cybersecurity Problems inthe Election Process - Jody Westby
VMV - (11:30-12:30 PDT) - Hacking Democracy II: On Securing an Election Under Times of Uncertainty and Upheaval - Casey John Ellis,Kimber Dowsett,Tod Beardsley,Jack Cable,Amèlie Koran

 

Friday - 12:00 PDT


Return to Index  -  Locations Legend
AEV - Satellite Orbits 101 - Matt Murray
AEV - (12:30-12:59 PDT) - GPS Spoofing 101 - Harshad Sathaye
AIV - cont...(11:00-12:30 PDT) - Workshop 1
ASV - cont...(11:00-12:59 PDT) - Applying Pysa to Identify Python Security Vulnerabilities - Graham Bleaney
ASV - Android Bug Foraging - João Morais,Pedro Umbelino
BCV - Security Focused Operating System Design - Colin Cantrell
BHV - Redefining patient safety in the digital era - Dena Medelsohn,Jen Goldsack
BTVT1 - (12:30-12:59 PDT) - No Question: Teamviewer, Police and Consequence (Beginner) - corvusactual
BTVW2 - cont...(11:30-13:30 PDT) - An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner) - Ben Bornholm
CHV - Before J1939: A J1708/J1587 Protocol Decoder - Thomas Hayes,Dan Salloum
CHV - Fundamentals of Diagnostic Requests over CAN Bus - Robert Leale (CarFuCar)
CLV - cont...(06:00-12:30 PDT) - Cloud Village CTF -
CLV - cont...(11:20-12:05 PDT) - IAM Concerned: OAuth Token Hijacking in Google Cloud (GCP) - Jenko Hwong
CLV - Ransom in the Cloud - Spencer Gietzen
CLV - (12:50-13:25 PDT) - Static analysis of Infrastructure as code: Terraform, Kubernetes, Cloudformation and more! - Barak Schoster
CPV - The Norwegian Blue: A lesson in Privacy Engineering - Eivind Arvesen
CRV - Hacking Security Leadership - Pete Keenan
DC - (12:30-12:59 PDT) - Detecting Fake 4G Base Stations in Real Time - Cooper Quintin
DL - PyRDP: Remote Desktop Protocol Monster-in-the-Middle (MITM) and Library - Olivier Bilodeau
DL - Mobile Security Framework - MobSF - Ajin Abraham
ETV - U.S. Privacy and Civil Liberties Oversight Board Member - Travis LeBlanc
HHV - (12:30-12:59 PDT) - onkeypress=hack(); - Farith Pérez Sáez,Luis Ángel Ramírez Mendoza (@larm182luis),Mauro Cáseres
HRV - cont...(11:00-13:59 PDT) - Ham Radio USA License Exams (Friday) -
HTS - Build a Raspberry AIS - Dr. Gary Kessler
ICS - cont...(11:45-12:15 PDT) - Vulnerability Discovery - Tips for Surviving and Thriving - Dor Yardeni,Mike Lemley
ICS - (12:30-13:30 PDT) - On the insecure nature of turbine control systems in power generation - Alexander Korotin,Radu Motspan
IOT - (12:15-12:59 PDT) - Exploring vulnerabilities in Smart Sex Toys, the exciting side of IoT research - Denise Giusto Bilic
LBV - cont...(11:30-12:59 PDT) - DIY Bypass Tool Workshop + Q&A
LPV - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - Proposed Mitigation Measures to Address a Disruption Such as The Economic Impact of COVID -19 on Transaction Capacity and Fees in Monero - Dr. Francisco "ArticMine" Cabañas
RGV - Google Maps Hacks - Simon Weckert
RTV - cont...(09:30-15:59 PDT) - Red Team Village CTF - Finals -
RTV - cont...(11:45-12:45 PDT) - How to hack SWIFT, SPID, and SPEI with basic hacking techniques (from a Red Team Perspective) - Guillermo Buendia
VMV - cont...(11:30-12:30 PDT) - Hacking Democracy II: On Securing an Election Under Times of Uncertainty and Upheaval - Casey John Ellis,Kimber Dowsett,Tod Beardsley,Jack Cable,Amèlie Koran
VMV - (12:30-12:59 PDT) - See Something, Say Something - Marten Mickos

 

Friday - 13:00 PDT


Return to Index  -  Locations Legend
AEV - Building Connections Across The Aviation Ecosystem - Katie Noble,Al Burke,Jeff Troy,Jen Ellis,John Craig,Randy Talley (CISA),Sidd Gejji
AIV - Hyperlocal Drift detection with Goko: Finding abusers of your Dataset - comathematician
AIV - (13:30-13:59 PDT) - Spectrum: An End-to-End Framework for ML-based Threat Monitoring and Detection - Nahid Farhady
ASV - Our journey into turning offsec mindset to developer's toolset - Paul Amar,Stanislas Molveau
BCV - Cryptocurrencies have superusers? - Mark Nesbitt
BCV - (13:30-13:59 PDT) - Double Spending in BSV, is it Possible? - Poming Lee
BHV - Russian Cyber Threats in The Pandemic Era - Dr. Khatuna Mshvidobadze
BTVT1 - (13:30-14:30 PDT) - Building BLUESPAWN: An Open-Source, Active Defense & EDR Software (Intermediate) - Jake Smith,Jack McDowell
BTVW1 - (13:30-14:59 PDT) - Turning Telemetry and Artifacts Into Information (Intermediate) - Omenscan
BTVW2 - cont...(11:30-13:30 PDT) - An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner) - Ben Bornholm
CHV - Cluster fuzz! - Mintynet
CLV - cont...(12:50-13:25 PDT) - Static analysis of Infrastructure as code: Terraform, Kubernetes, Cloudformation and more! - Barak Schoster
CLV - (13:25-14:10 PDT) - Can't Touch This: Detecting Lateral Movement in Zero-Touch Environments - Phillip Marlow
CPV - Dos, Donts and How-Tos of crypto building blocks using Java - Mansi Sheth
CRV - Key Ingredients for the Job Interviews (Virtual or Face-2-Face) - Roy Wattanasin
DC - (13:30-13:59 PDT) - When TLS Hacks You - Joshua Maddux
DL - cont...(12:00-13:50 PDT) - PyRDP: Remote Desktop Protocol Monster-in-the-Middle (MITM) and Library - Olivier Bilodeau
DL - cont...(12:00-13:50 PDT) - Mobile Security Framework - MobSF - Ajin Abraham
HHV - (13:30-14:30 PDT) - HackerBox 0057 Build Session - Joseph Long (hwbxr)
HRV - cont...(11:00-13:59 PDT) - Ham Radio USA License Exams (Friday) -
HRV - A Basic Ham Station Setup -
ICS - cont...(12:30-13:30 PDT) - On the insecure nature of turbine control systems in power generation - Alexander Korotin,Radu Motspan
ICS - (13:45-14:45 PDT) - The Journey of ICS Project Files - Visibility and Forensics to Exploitation - Nadav Erez
IOT - (13:15-13:59 PDT) - IoT Under the Microscope: Vulnerability Trends in the Supply Chain - Parker Wiksell
LBV - General Q&A / Drop-in and Chat
LPV - Hybrid PhySec tools - best of both worlds or just weird? - d1dymu5
MOV - This year's village badge - Michael Schloh von Bennewitz
PHVT - Dumpster Fires: 6 Things About IR I Learned by Being a Firefighter - Dr. Catherine Ullman
PHVW - Intrusion Analysis and Threat Hunting with Open Source Tools - Jack Mott,Jason Williams,Josh Stroschein
PWDV - Making Targeted Wordlists - Password Village Staff
RGV - cont...(12:00-13:59 PDT) - Google Maps Hacks - Simon Weckert
RTV - cont...(09:30-15:59 PDT) - Red Team Village CTF - Finals -
RTV - Trust, but Verify: Maintaining Democracy In Spite of Информационные контрмеры - Allie Mellen
SEV - Live SE Q&A -
VMV - A Panel with the Feds on Election Security - Bryson Bort,David Imbordino,Brig. Gen. William Hartman,Matthew Masterson,Cynthia Kaiser,Dan Kimmage

 

Friday - 14:00 PDT


Return to Index  -  Locations Legend
AEV - Experimental Aviation, Risks And Rewards - Patrick Kiley
AIV - Hacking with Skynet - How AI is Empowering Adversaries - GTKlondike
BCV - Creating a decentralized storage for Kubernetes with Tardigrade and Velero - Kevin Leffew
BHV - Digital Health Technologies in the NIH All of Us Research Program - Michelle Holko
BHV - (14:30-15:30 PDT) - Medical Device Vulnerability Disclosure - Chloé Messdaghi,Eirick Lurass,Casey John Ellis
BTVT1 - cont...(13:30-14:30 PDT) - Building BLUESPAWN: An Open-Source, Active Defense & EDR Software (Intermediate) - Jake Smith,Jack McDowell
BTVW1 - cont...(13:30-14:59 PDT) - Turning Telemetry and Artifacts Into Information (Intermediate) - Omenscan
CHV - Realistic Trends in Vulnerability based on Hacking into Vehicle - Ryosuke Uematsu,Shogo Nakao,Ryoichi Teramura,Tatsuya Katsuhara
CHV - Bluetooth Security in Automotive - Kamel Ghali
CLV - cont...(13:25-14:10 PDT) - Can't Touch This: Detecting Lateral Movement in Zero-Touch Environments - Phillip Marlow
CLV - Peeling Back the Layers and Peering Through the Clouds with Security Onion - Wes Lambert
CPV - How to store sensitive information in 2020? - Mansi Sheth
CRV - Pwning Your Resume - Kris Rides
DC - (14:30-14:59 PDT) - Finding and Exploiting Bugs in Multiplayer Game Engines - Jack Baker
DL - jeopardize - Utku Sen
ETV - Models of Privacy Norms - R. Jason Cronk,Ece Gumusel
HHV - cont...(13:30-14:30 PDT) - HackerBox 0057 Build Session - Joseph Long (hwbxr)
HHV - (14:30-14:59 PDT) - Meetup: PCB Proto and Rework - ShortTie
HRV - So You Got an SDR: Common Signals and the Wiki -
HTS - 40,000 Leagues UUV Death Match - Dr. Nina Kollars
ICS - cont...(13:45-14:45 PDT) - The Journey of ICS Project Files - Visibility and Forensics to Exploitation - Nadav Erez
IOT - (14:15-14:59 PDT) - Hella Booters: Why IoT Botnets Aren't Going Anywhere - Netspooky
LBV - cont...(13:00-14:59 PDT) - General Q&A / Drop-in and Chat
LPV - (14:15-14:45 PDT) - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - (14:30-15:30 PDT) - Getting started with the Intervillage badge - Michael Schloh von Bennewitz
PHVW - cont...(13:00-14:59 PDT) - Intrusion Analysis and Threat Hunting with Open Source Tools - Jack Mott,Jason Williams,Josh Stroschein
RGV - Performance - Daniel Roy
RTV - cont...(09:30-15:59 PDT) - Red Team Village CTF - Finals -
RTV - (14:15-15:15 PDT) - Grey Hat SSH: SShenanigans - Evan Anderson
VMV - Keynote Remarks: Senator Ron Wyden - Ron Wyden
VMV - (14:30-14:59 PDT) - Chairman Benjamin Hovland, US Election Assistance Commission - Benjamin Hovland

 

Friday - 15:00 PDT


Return to Index  -  Locations Legend
AEV - Talking To Satellites - 101 - Eric Escobar
AIV - Breakout Session
ASV - API (in)Security TOP 10: Guided tour to the Wild Wild World of APIs - David Sopas,Paulo Silva
BCV - Attacking and Defending Blockchain Nodes - Peter Kacherginsky
BHV - cont...(14:30-15:30 PDT) - Medical Device Vulnerability Disclosure - Chloé Messdaghi,Eirick Lurass,Casey John Ellis
BHV - (15:30-15:59 PDT) - Hacking the Insulin Supply Chain To Save Lives - Anthony DiFranco
BTVT1 - Indicators of Emulation (Intermediate) - Ch33r10
BTVW2 - Threat Hunting with the Elastic Stack (Beginner) - Ben Hughes
CHV - CAN be super secure: Bit Smashing FTW - Brent Stone
CHV - Automotive Ethernet for the rest of us - Infenet
CLV - cont...(14:10-16:30 PDT) - Peeling Back the Layers and Peering Through the Clouds with Security Onion - Wes Lambert
CPV - Workshop: Let's Talk About Abusability Testing - Avi Zajac,Franchesca Spektor,Ji Su Yoo,Nicole Chi
CRV - In theory, there is no difference between theory and practice - Pablo Breuer
DC - (15:30-15:59 PDT) - Don't Be Silly - It's Only a Lightbulb - Eyal Itkin
DL - cont...(14:00-15:50 PDT) - jeopardize - Utku Sen
HHV - (15:30-15:59 PDT) - Meetup: Legacy Hardware - ShortTie
ICS - 5 Quick Wins for Improving your ICS Cybersecurity Posture - Austin Scott
ICS - (15:45-16:45 PDT) - PowerLine Truck Hacking: 2TOOLS4PLC4TRUCKS - Ben Gardiner
IOT - (15:15-16:15 PDT) - NAND Flash – Recovering File Systems from Extracted Data -
LBV - Alarm Bypass + Q&A
LPV - Doors, Cameras, and Mantraps OH MY! - Dylan The Magician
MOV - cont...(14:30-15:30 PDT) - Getting started with the Intervillage badge - Michael Schloh von Bennewitz
MOV - (15:30-15:59 PDT) - Monero Wallet Basics: Sending, Receiving, Proving - rehr
POV - (15:30-16:30 PDT) - Election Security -
PWDV - Result of Longer Passwords in Real World Application - Minga
RTV - cont...(09:30-15:59 PDT) - Red Team Village CTF - Finals -
RTV - cont...(14:15-15:15 PDT) - Grey Hat SSH: SShenanigans - Evan Anderson
RTV - (15:30-16:30 PDT) - Yippee-Ki-Yay MFA'er - Bypassing Multi-Factor Authentication with Real-Time Replay Session Instantiation Attacks - Justin Hutchens (“Hutch”)
VMV - Secretary Kim Wyman, Washington - Kim Wyman

 

Friday - 16:00 PDT


Return to Index  -  Locations Legend
AEV - Hack-A-Sat Friday Recap -
AIV - Workshop 2
ASV - Threat Modelling the Death Star - Mário Areias
ASV - JWT Parkour - Louis Nyffenegger
BCV - Panel Discussion
BHV - (16:15-16:45 PDT) - Cybersecurity informed consent for medical devices -
BHV - (16:45-17:45 PDT) - INCLUDES NO DIRT: Threat Modeling for Healthcare
BTVT1 - Detecting The Not-PowerShell Gang (Intermediate) - Mangatas Tondang
BTVW1 - (16:30-17:59 PDT) - Open-Source Tools for Hunting and Practical Intelligence (Intermediate) - Joe Slowik
BTVW2 - cont...(15:00-16:30 PDT) - Threat Hunting with the Elastic Stack (Beginner) - Ben Hughes
CHV - Misbehavior Detection for V2X communication - Jaime
CHV - Car (to Cloud) Talk: Using MQTT for Car Hacking - Jaime
CLV - cont...(14:10-16:30 PDT) - Peeling Back the Layers and Peering Through the Clouds with Security Onion - Wes Lambert
CPV - DNS Privacy - Matt Cheung
CRV - Building Teams in the New Normal - Mike Murray
DC - (16:30-16:59 PDT) - Exploiting Key Space Vulnerabilities in the Physical World - Bill Graydon
DL - redlure - Matthew Creel
ETV - Security of Election Systems: A contract case study in progress - Rim Boujnah
ICS - cont...(15:45-16:45 PDT) - PowerLine Truck Hacking: 2TOOLS4PLC4TRUCKS - Ben Gardiner
IOT - cont...(15:15-16:15 PDT) - NAND Flash – Recovering File Systems from Extracted Data -
IOT - (16:45-17:30 PDT) - Assembling VULNtron: 4 CVEs that Turn a Teleconference Robot into a Spy - Mark Bereza
LBV - cont...(15:00-16:30 PDT) - Alarm Bypass + Q&A
LBV - (16:30-16:59 PDT) - General Q&A / Drop-in and Chat
LPV - (16:15-16:45 PDT) - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - Meme Competition
PHVT - Take Down the Internet! With Scapy - C8 (John Hammond)
PHVW - Violent Python 3 - Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handleman,Sam Bowne
POV - cont...(15:30-16:30 PDT) - Election Security -
PWDV - From Printers to Silver Tickets or Something - EvilMog
RGV - Pickpocketing @ Home - James Harrison
RTV - cont...(15:30-16:30 PDT) - Yippee-Ki-Yay MFA'er - Bypassing Multi-Factor Authentication with Real-Time Replay Session Instantiation Attacks - Justin Hutchens (“Hutch”)
RTV - (16:45-17:45 PDT) - Enumerating Cloud File Storage Gems - Michael Wylie

 

Friday - 17:00 PDT


Return to Index  -  Locations Legend
AEV - Exploiting Spacecraft - Brandon Bailey
AIV - cont...(16:00-17:30 PDT) - Workshop 2
ASV - cont...(16:00-17:59 PDT) - JWT Parkour - Louis Nyffenegger
BHV - cont...(16:45-17:45 PDT) - INCLUDES NO DIRT: Threat Modeling for Healthcare
BTVT1 - Discovering ELK The First Time - Lessons Learned Over 2 Years (Beginner) - TheDrPinky
BTVW1 - cont...(16:30-17:59 PDT) - Open-Source Tools for Hunting and Practical Intelligence (Intermediate) - Joe Slowik
CNE - EFF Tech Trivia Pub Quiz -
CPV - Fireside Chat: All about Section 230, the EARN IT Act, and What They Mean for Free Speech and Encryption - Cathy Gellis,Riana Pfefferkorn
CRV - Future Proofing Your Career - Jenai Marinkovic
DC - (17:30-17:59 PDT) - A Hacker’s guide to reducing side-channel attack surfaces using deep-learning - Elie Bursztein
DL - cont...(16:00-17:55 PDT) - redlure - Matthew Creel
HHV - (17:30-17:59 PDT) - Meetup: Some HHV Challenges - rehr
IOT - cont...(16:45-17:30 PDT) - Assembling VULNtron: 4 CVEs that Turn a Teleconference Robot into a Spy - Mark Bereza
IOT - (17:45-18:15 PDT) - Pandemic In Plaintext - Troy Brown
PHVW - cont...(16:00-17:59 PDT) - Violent Python 3 - Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handleman,Sam Bowne
RGV - cont...(16:00-17:59 PDT) - Pickpocketing @ Home - James Harrison
RTV - cont...(16:45-17:45 PDT) - Enumerating Cloud File Storage Gems - Michael Wylie
WLV - (17:45-18:45 PDT) - Wireless Village Fireside Talk -

 

Friday - 18:00 PDT


Return to Index  -  Locations Legend
BTVT1 - (18:30-18:59 PDT) - Fighting a Virus with a Spreadsheet (Beginner) - Allen Baranov
BTVW2 - Data Analysis for Detection Research Through Jupyter Notebooks 101 (Beginner) - Roberto Rodriguez,Jose Rodriguez
CNE - cont...(17:00-18:59 PDT) - EFF Tech Trivia Pub Quiz -
CNE - War Story Bunker -
CNE - Hacker Jeopardy -
DC - (18:30-18:59 PDT) - Office Drama on macOS - Patrick Wardle
ENT - Terrestrial Access Network -
HHV - Meetup: 3H: Hardware Happy Hour - Chris Gammell
IOT - cont...(17:45-18:15 PDT) - Pandemic In Plaintext - Troy Brown
IOT - (18:30-19:15 PDT) - The Joy of Coordinating Vulnerability Disclosure - Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh
PWDV - Getting Advanced with Hashcat - Password Village Staff
RTV - Total E(A)gression - Alvaro Folgado Rueda
WLV - cont...(17:45-18:45 PDT) - Wireless Village Fireside Talk -

 

Friday - 19:00 PDT


Return to Index  -  Locations Legend
BTVT1 - (19:30-20:30 PDT) - Purple On My Mind: Cost Effective Automated Adversary Simulation (Intermediate) - Mauricio Velazco
BTVW2 - cont...(18:00-19:30 PDT) - Data Analysis for Detection Research Through Jupyter Notebooks 101 (Beginner) - Roberto Rodriguez,Jose Rodriguez
CNE - cont...(18:00-19:59 PDT) - War Story Bunker -
CNE - cont...(18:00-19:59 PDT) - Hacker Jeopardy -
ENT - Acid T -
IOT - cont...(18:30-19:15 PDT) - The Joy of Coordinating Vulnerability Disclosure - Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh
RTV - (19:15-20:15 PDT) - Password cracking beyond 15 characters and under $500 - Travis Palmer

 

Friday - 20:00 PDT


Return to Index  -  Locations Legend
BTVT1 - cont...(19:30-20:30 PDT) - Purple On My Mind: Cost Effective Automated Adversary Simulation (Intermediate) - Mauricio Velazco
ENT - Icetre Normal -
FSL - D0 N0 H4RM: A Healthcare Security Conversation - Ash Luft,Christian “quaddi” Dameff,Jeff “r3plicant” Tully,Suzanne Schwartz,Vidya Murthy
RTV - cont...(19:15-20:15 PDT) - Password cracking beyond 15 characters and under $500 - Travis Palmer
RTV - (20:30-21:30 PDT) - 50 Shades of Sudo Abuse - Tyler Boykin
VMV - Live Q&A with Special Guests Regarding "Kill Chain" -

 

Friday - 21:00 PDT


Return to Index  -  Locations Legend
ENT - Zebbler Encanti Experience -
FSL - Shrek, Juggs, and Toxic Trolls: a BADASS discussion about Online Sexuality and Hacktivism - Katelyn Bowden,Rachel Lamp,Allie Barnes,Kate Venable,Marleigh Farlow,Tim Doomsday
PWDV - Getting Started with Hashcat (Rebroadcast) - Password Village Staff
PWDV - (21:30-21:59 PDT) - Making Targeted Wordlists (Rebroadcast) - Password Village Staff
RTV - cont...(20:30-21:30 PDT) - 50 Shades of Sudo Abuse - Tyler Boykin
RTV - (21:45-22:45 PDT) - ATTPwn: Adversarial Emulation and Offensive Techniques Collaborative Project - Fran Ramirez,Pablo Gonzalez

 

Friday - 22:00 PDT


Return to Index  -  Locations Legend
ENT - Ninjula -
PWDV - Result of Longer Passwords in Real World Application (Rebroadcast) - Minga
PWDV - (22:30-22:40 PDT) - From Printers to Silver Tickets or Something (Rebroadcast) - EvilMog
PWDV - (22:40-23:30 PDT) - Getting Advanced with Hashcat (Rebroadcast) - Password Village Staff
RTV - cont...(21:45-22:45 PDT) - ATTPwn: Adversarial Emulation and Offensive Techniques Collaborative Project - Fran Ramirez,Pablo Gonzalez

 

Friday - 23:00 PDT


Return to Index  -  Locations Legend
ENT - Shadowvex -
PWDV - cont...(22:40-23:30 PDT) - Getting Advanced with Hashcat (Rebroadcast) - Password Village Staff
RTV - ERPwnage - a red team approach to targeting SAP - Austin Marck

 

Friday - 8:00 PDT


Return to Index  -  Locations Legend
CLV - cont...(06:00-12:30 PDT) - Cloud Village CTF -

 

Friday - 9:00 PDT


Return to Index  -  Locations Legend
CLV - cont...(06:00-12:30 PDT) - Cloud Village CTF -

Talk/Event Descriptions


 

CNE - Friday - 09:00-17:59 PDT


Title: (Before Con) Creative Writing Short Story Contest
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The DEF CON Short Story contest is a pre-con contest that is run entirely online utilizing the DEF CON forums and subreddit. This contest follows the theme of DEF CON for the year and encourages hackers to roll up their sleeves and write the best creative story that they can. The Short Story Contest encourages skills that are invaluable in the hacker’s world, but are sometimes overlooked. Creative writing in a contest setting helps celebrate creativity and originality in arenas other than hardware or software hacking and provides a creative outlet for individuals who may not have another place to tell their stories.

Forum: https://forum.defcon.org/node/231200

Discord: https://discord.com/channels/708208267699945503/711643275584340069

Twitter: https://twitter.com/dcshortstory


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Friday - 11:00-11:45 PDT


Title: 2FA in 2020 and Beyond
When: Friday, Aug 7, 11:00 - 11:45 PDT
Where: AppSec Vlg

SpeakerBio:Kelley Robinson
Kelley works on the Account Security team at Twilio. Previously she worked in a variety of API platform and data engineering roles at startups. Her research focuses on authentication user experience and design trade-offs for different risk profiles and 2FA channels. Kelley lives in Brooklyn, is an avid home cook, and spends too much time on Twitter (@kelleyrobinson).
Twitter: @kelleyrobinson

Description:
Security professionals agree: SMS based Two-factor Authentication (2FA) is insecure, yet thousands of companies still employ this method to secure their customer-facing applications. This talk will look at the evolution of authentication and provide a data-driven analysis of the tradeoffs between the different types of factors available.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

HTS - Friday - 14:00-14:59 PDT


Title: 40,000 Leagues UUV Death Match
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Hack the Sea Vlg

SpeakerBio:Dr. Nina Kollars
No BIO available

Description:No Description available

Hack the Sea Village activities will be streamed to Twitch.

Twitch: https://twitch.tv/hackthesea


Return to Index    -    Add to    -    ics Calendar file

 

ICS - Friday - 15:00-15:30 PDT


Title: 5 Quick Wins for Improving your ICS Cybersecurity Posture
When: Friday, Aug 7, 15:00 - 15:30 PDT
Where: ICS Vlg

SpeakerBio:Austin Scott
With 18 years of industrial automation experience, Austin Scott (GICSP, CISSP, OSCP) is a Principal Industrial Penetration Tester at Dragos Inc., where he identifies cyber risk within industrial control networks. Before Dragos, Austin worked as part of the OT cybersecurity team at Sempra, Shell, and as an industrial cybersecurity consultant at Accenture. Austin is a SANS Cybersecurity Difference Maker (2015) winner for his industrial cybersecurity contributions. Austin has won the DEFCON UBER black badge and has also published three books on PLC programming.

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 20:30-21:30 PDT


Title: 50 Shades of Sudo Abuse
When: Friday, Aug 7, 20:30 - 21:30 PDT
Where: Red Team Vlg

SpeakerBio:Tyler Boykin
Tyler Boykin is a former 0602 (USMC), hobbyist infosec geek, and is a Security Engineer with By Light Professional IT Services LLC currently developing features for CyberCENTS (a By Light Offering). He currently holds a variety of industry credentials to include OSCE, OSCP, CISSP, CCNP, CCDP, and many others.

Description:
Privilege escalation often includes abusing pre-existing features on a system. This talk gives a quick overview of sudo, sudoers, and ways of leveraging misconfigurations to increase access. Included in this talk, are vectors that range from common low-hanging fruit to downright crafty.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Friday - 13:00-13:30 PDT


Title: A Basic Ham Station Setup
When: Friday, Aug 7, 13:00 - 13:30 PDT
Where: Ham Radio Vlg

Description:
In this live demo, we'll go over a basic home ham radio station setup, including all of the components and how they work together.

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 17:30-17:59 PDT


Title: A Hacker’s guide to reducing side-channel attack surfaces using deep-learning
When: Friday, Aug 7, 17:30 - 17:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Elie Bursztein , Google
Elie Bursztein leads Google' security & anti-abuse research team. He has authored over fifty research papers in the field for which he was awarded 8 best papers awards and multiple industry distinctions including the Black Hat pwnie award. Born in Paris, he received a Ph.D. from ENS-cachan in 2008 before working at Stanford University and ultimately joining Google in 2011.
Twitter: @elie

Description:
in recent years, deep-learning based side-channel attacks have been proven to be very effective and opened the door to automated implementation techniques. Building on this line of work, this talk explores how to take the approach a step further and showcases how to leverage the recent advance in AI explainability to quickly assess which parts of the implementation is responsible for the information. Through a concrete set by step example, we will showcase the promise of this approach, its limitations, and how it can be used today.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 13:00-13:59 PDT


Title: A Panel with the Feds on Election Security
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Voting Vlg
Speakers:Bryson Bort,David Imbordino,Brig. Gen. William Hartman,Matthew Masterson,Cynthia Kaiser,Dan Kimmage

SpeakerBio:Bryson Bort
Founder of SCYTHE, next generation attack emulation platform; GRIMM, cybersecurity consultancy; ICS Village Co-Founder, 501c3 for ICS security awareness. Senior Fellow for Cyber/National Security at R Street and National Security Institute; Advisor to the Army Cyber Institute and DHS/CISA.

SpeakerBio:David Imbordino , Election Security Lead, National Security Agency
No BIO available

SpeakerBio:Brig. Gen. William Hartman , Commander, Cyber National Mission Force
No BIO available

SpeakerBio:Matthew Masterson , Senior Cybersecurity Advisor, CISA
No BIO available

SpeakerBio:Cynthia Kaiser , Deputy Chief of Analysis for National Security Cyber Threats, FBI
No BIO available

SpeakerBio:Dan Kimmage , Principal Deputy Coordinator, Global Engagement Center, Department of State
No BIO available

Description:
Elections are critical in a free and fair society. Public trust in election infrastructure begins with understanding what the Government has done with transparency and how the hacker community can help. We are all citizens and our voices should be heard.


YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 11:00-11:30 PDT


Title: A Policy Approach to Resolving Cybersecurity Problems inthe Election Process
When: Friday, Aug 7, 11:00 - 11:30 PDT
Where: Voting Vlg

SpeakerBio:Jody Westby , CEO, Global Cyber Risk LLC
No BIO available

Description:
Cybersecurity researchers keep identifying cybersecurity vulnerabilities in voting machines andin the election process, but not much happens in closing identified vulnerabilities. The privatesector vendors involved in voter registration, manufacturing and programming voting machines,and vote tabulation are less than responsive and few have not provided evidence that they havestrong cybersecurity programs that meet best practices and standards and regular have cyberrisk assessments performed. This presentation will put forward a federal policy approach thatwill help correct these problems and advance the integrity of elections across the country.


YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 08:00-19:59 PDT


Title: A-ISAC CTF
When: Friday, Aug 7, 08:00 - 19:59 PDT
Where: Aerospace Vlg

Description:
Aviation is under attack! A Tier 1 airport is in chaos!

Ticketing kiosks, airline servers, flight information displays, transportation security, runway lights, aircraft, and other critical systems have all been compromised. And there are indicators that airport insiders may have colluded with hackers to bring the airport to its knees!

It’s up to you now. YOU have 24 hours to research and investigate this crisis to regain control of the targeted airport and its airspace. From collecting evidence (and flags) to restoring all compromised assets and assisting impacted stakeholders, the clock is ticking!

Its time to apply everything you know about cybersecurity (e.g., password cracking, log analysis, computer forensics, and ethical hacking), intelligence (e.g., OSINT), and aviation (e.g., crew, avionics, air traffic control communications, airline operations, security screening, airport information systems, and aviation cyber-physical systems) to help the airport return to normal operations.

You have been given full authority to do whatever it takes to catch the hackers, seize back control of the airport, and restore aviation operations.


Discord: https://discord.com/channels/708208267699945503/734477413186273400


Return to Index    -    Add to    -    ics Calendar file

 

ENT - Friday - 19:00-19:59 PDT


Title: Acid T
When: Friday, Aug 7, 19:00 - 19:59 PDT
Where: See Description or Village

Description:
DEF CON 28 may be cancelled, but our parties cannot be stopped! Tune in for a massive virtual party that will shake the NET

Forum: https://forum.defcon.org/node/230970

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Twitch: https://www.twitch.tv/defcon_music

Facebook: https://www.facebook.com/dj.sm0ke

Twitter: https://twitter.com/DJ_Sm0ke

YouTube: https://www.youtube.com/channel/UC55xsENb9PKz-IKB5zodYGA/featured

SoundCloud: https://soundcloud.com/acid_t


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 10:00-10:59 PDT


Title: Adding new features by manipulating CAN bus
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Car Hacking Vlg 001

SpeakerBio:Teejay
No BIO available

Description:
Overview of how I added a front camera to my vehicle last year by utilizing CAN


#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001


Return to Index    -    Add to    -    ics Calendar file

 

BTVW2 - Friday - 11:30-13:30 PDT


Title: An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner)
When: Friday, Aug 7, 11:30 - 13:30 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Ben Bornholm
No BIO available

Description:
Have you ever wondered, how should I get started in Threat Hunting? How should I start? What should I hunt for? What tools should I use? How should I do it? Have you always wanted to hunt an APT? Then this intro level workshops is the right place for you. Our workshop will introduce hunting an APT style attack to detect malicious activity at each stage of an attack’s lifecycle.

This workshop will introduce you to the Attack Lifecycle model to create a fundamental framework for hunting adversaries. Our workshop will have you hunt an APT style attack to detect malicious activity at each stage of an attack’s lifecycle. This will enable you to connect information found at one stage as leverage for hunting in another stage.

Participants of this workshop will have the following takeaways: - A fundamental understanding of the attacker mindset - A fundamental understanding of the phases of the Attack Lifecycle - Knowledge of the tools and techniques used by attackers - An ability to hunt for attacker tools and techniques using a SIEM - Exposure to an APT style attack
- IMPORTANT: This is a 101 Intro Workshop


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Friday - 12:00-12:45 PDT


Title: Android Bug Foraging
When: Friday, Aug 7, 12:00 - 12:45 PDT
Where: AppSec Vlg
Speakers:João Morais,Pedro Umbelino

SpeakerBio:João Morais
No BIO available
Twitter: @jmoraissec

SpeakerBio:Pedro Umbelino
No BIO available
Twitter: @kripthor

Description:
In this session, we will analyze four real-world examples of different high impact android vulnerabilities. We will show how we discover, developed, and leveraged the vulnerabilities into a fully working proof-of-concept, devised meaningful attack scenarios (demos included), and how our work was approached by the different vendors.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Friday - 15:00-15:45 PDT


Title: API (in)Security TOP 10: Guided tour to the Wild Wild World of APIs
When: Friday, Aug 7, 15:00 - 15:45 PDT
Where: AppSec Vlg
Speakers:David Sopas,Paulo Silva

SpeakerBio:David Sopas
No BIO available
Twitter: @dsopas

SpeakerBio:Paulo Silva
No BIO available
Twitter: @pauloasilva_com

Description:
Do you speak API? Surely you do, even if you don't notice them in your world wide web everyday use. APIs are proved to be beneficial for business, but with great power comes great responsibility and some of them have serious problems. Last year we put a lot of effort to build and release the OWASP API Security Top 10 project. Then, we decided to go wild and have some fun. Now we will present our findings, from OWASP API Security Top 10 to lots of fun and profit. Join us to learn common API pitfalls: how to find and abuse them. It won't hurt. Unless your data is in there...

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Friday - 11:00-12:59 PDT


Title: Applying Pysa to Identify Python Security Vulnerabilities
When: Friday, Aug 7, 11:00 - 12:59 PDT
Where: AppSec Vlg

SpeakerBio:Graham Bleaney
No BIO available
Twitter: @GrahamBleaney

Description:
The Product Security teams at Facebook make extensive use of static analysis to find security vulnerabilities. We use systems like Zoncolan and the open source Python Static Analyzer (Pysa) on a daily basis. Using static analysis helped us find more than 1100 security bugs in 2018, accounting for more than a third of the bugs found by the application security team in that timeframe.

In this tutorial, we’ll cover the basics of static analysis, how to set up Pysa, and how you can write and run rules to identify vulnerabilities in your own codebase. We’ll also cover how Pysa deals with false positives and discuss its limitations as a tool. Each new concept you learn will immediately be reinforced by a practical exercise.

Attendees should leave this tutorial with all the tools they need to start applying static analysis to their Python projects at work and in open source. A computer with Python, Pip, and Git is required for this workshop. Attendees will need to pip install pyre-check and set up a small sample project.


AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: AppSec Village CtF
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
CTFs test your skills, challenge your ingenuity and push mental boundaries. But what is even MORE AWESOME than a regular CTF?

A (CTF)2!! A competition that stretches your creative mind as a task author and makes you step up your game as a task player. This year, AppSec Village @ DEF CON 28 invites you to compete in both roles!


Forum: https://forum.defcon.org/node/232292

Discord: https://discord.com/channels/708208267699945503/728703600586522739

Twitter: https://twitter.com/appsec_village

Web: https://www.appsecvillage.com/


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 16:45-17:30 PDT


Title: Assembling VULNtron: 4 CVEs that Turn a Teleconference Robot into a Spy
When: Friday, Aug 7, 16:45 - 17:30 PDT
Where: IOT Vlg

SpeakerBio:Mark Bereza
Mark Bereza is a security researcher and new addition to McAfee's Advanced Threat Research team. A recent alumnus of Oregon State's Computer Science systems program, Mark's work has focused primarily on vulnerability discovery and exploit development for embedded systems. Mark previously presented at DEFCON 27, less than 6 months after graduating college.

Description:
Once limited to the realm of science fiction, robotics now play a vital role in many industries, including manufacturing, agriculture, and even medicine. Despite this, the kind of robot that interfaces with humans directly, outside of the occasional toy or vacuum, threatens to remain an inhabitant of fiction for the foreseeable future.

temi, a “personal robot” created by Roboteam, may help make that fiction a reality. temi is a smart device for consumer, enterprise, retail, and even medical environments that is capable of both autonomous movement and teleconferencing. It’s precisely this functionality, however, that makes it a valuable target for hackers. Unlike a simple camera exploit, a compromised temi grants an attacker mobility in addition to audio/video, greatly increasing their ability to spy on victims in the most private of situations - their homes, medical appointments, or workplaces.

Not knowing when to quit, McAfee Advanced Threat Research uncovered four 0-day vulnerabilities in the temi. We’ll show how an attacker armed with nothing besides the victim’s phone number could exploit these vulnerabilities to intercept or join an existing temi call, gain video access, and even obtain “owner” privileges, granting the ability to remotely control the robot – all with zero authentication.


IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Friday - 15:00-15:59 PDT


Title: Attacking and Defending Blockchain Nodes
When: Friday, Aug 7, 15:00 - 15:59 PDT
Where: Blockchain Vlg

SpeakerBio:Peter Kacherginsky
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 21:45-22:45 PDT


Title: ATTPwn: Adversarial Emulation and Offensive Techniques Collaborative Project
When: Friday, Aug 7, 21:45 - 22:45 PDT
Where: Red Team Vlg
Speakers:Fran Ramirez,Pablo Gonzalez

SpeakerBio:Fran Ramirez
Fran Ramirez has a University degree in Computing Engineering, a Certificate of higher education in Industrial and Digital Electronics, and a Master's degree in Cybersecurity. He has experience working as an IT Senior System Engineer in the USA and Canada, consolidating IT technologies and datacenters. He began working as a Security Researcher at Telefonica and ElevenPaths in 2017. Francisco has also co-written books about Docker and Machine Learning, and been a speaker at Mobile World Congress (Barcelona), Black Hat Europe Arsenal (London), Hacktivity (Hungary), LeHack (Paris) and many other conferences.

SpeakerBio:Pablo Gonzalez
Pablo Gonzalez has a University degree in Computing Engineering and Master's degree in Cybersecurity. He has presented at Black Hat Europe Arsenal (2017, 2018, 2019), BlackHat USA Arsenal 2020, EkoParty 2018, 8dot8 Chile, DragonJAR Colombia, RootedCON, LeHACK 2019, etc. He is a Microsoft MVP 2017-2020. Pablo has written several computer security books, including Metasploit for Pentesters, Ethical Hacking, Pentesting with Kali, Metasploit hacking, Got Root and PowerShell pentesting. He is also a co-founder of flu-project and the founder of hackersClub. With more than 10 years working in cybersecurity and teaching several masters in cybersecurity in Spain, he is currently working as Project/Team Manager and Security Researcher at Telefonica (Ideas Locas department).

Description:
ATTPwn is a computer security open source tool designed to emulate adversaries. The tool aims to bring emulation of a real threat into closer contact with implementations based on the techniques and tactics from the MITRE ATT&CK framework. The goal is to simulate how a threat works in an intrusion scenario, where the threat has been successfully deployed. It is focused on Microsoft Windows systems through the use of the Powershell command line. This enables the different techniques based on MITRE ATT&CK to be applied. ATTPwn is designed to allow the emulation of adversaries as for a Red Team exercise and to verify the effectiveness and efficiency of the organization's controls in the face of a real threat. Furthermore, ATTPwn provides the possibility of knowledge transfer between users. This knowledge is exchanged through implementation of ATT&CK techniques. This new user-generated knowledge can be shared with the community through a special feature within ATTPwn. The collaborative part of ATTPwn enhances the know-how that every users can bring to the community in the shape of offensive techniques, which are always being mapped with ATT&CK.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 15:00-15:50 PDT


Title: Automotive Ethernet for the rest of us
When: Friday, Aug 7, 15:00 - 15:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Infenet
Lifelong hacker and hacker of all the things. Founder of Enterprise Offensive Security, creator of security tools for DevOps Engineers such as auto-remediation using AWS Lambda and CIS Compliance Scanning Tools, SSO implementations on the Service Provider and Identity Provider side(s). Simulated Advanced Persistent Threat Actor. Started DEFCON group in Detroit DC313 and Director of #misec Detroit.

Description:
Discover the latest in Automotive Ethernet adoption, learn who is using Automotive Ethernet and why are they using Automotive Ethernet.


#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 10:00-10:50 PDT


Title: Automotive In-Vehicle Networks
When: Friday, Aug 7, 10:00 - 10:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Kamel Ghali
Kamel Ghali is a veteran of the automotive security industry, with experience working both within the automotive industry and as an external consultant. His passion for automotive security goes beyond his work, with him volunteering as an instructor for the Society of Automotive Engineers (SAE) Cyber Auto Challenge and leading the Japanese branch of the Automotive Security Research Group (ASRG). He's a two-time finalist of the Car Hacking Village's annual DefCon CTF and active member of the CHV community. He currently works at White Motion, an automotive cybersecurity firm based in Tokyo, Japan.

Description:
Modern vehicles are home to tens of Electronic Control Units (ECUs) that each manage a different subsystem of the vehicle. With the control of the vehicle distributed across so many machines, sharing information in a robust, timely manner becomes a necessity. In-Vehicle Networks were developed to meet these communication needs, bringing functionality optimized for the automotive environment into the industry. In this CHV101 lecture, we'll explore the different In-Vehicle Network technologies used in vehicles today and each of their strengths and applications.


#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 09:00-15:59 PDT


Title: Aviation Privacy Treasure Hunt
When: Friday, Aug 7, 09:00 - 15:59 PDT
Where: Aerospace Vlg

SpeakerBio:Martin Strohmeier
Martin Strohmeier is a Junior Research Fellow of Kellogg College, University of Oxford and a Senior Scientist at the Swiss Cyber Defence Campus.The main focus of his work has been the design, implementation, and analysis of security protocols for cyber-physical systems, specifically those used in critical infrastructures such as aviation (civil and military). Using these domains as a driver for the real-world applicability of his research, his work has been published in many diverse venues, spanning wireless communications, cryptography, systems security, sensor networking, privacy, and aviation.

After his DPhil, he has been extending his interests towards areas of open-source intelligence, privacy issues in aviation and satellite environments, and most recently adversarial machine learning. Martin is also a co-founder of the aviation research network OpenSky where he is responsible for communication and research activities.


Description:
This OSINT CTF sends the participant on a wild treasure hunt across open aviation data, demonstrating the severe impact of some of the issues surrounding aviation tracking and datalink privacy. The participants will learn how the lack of security in wireless protocols affects the privacy of passengers and aircraft operators alike and how to exploit them. This treasure hunt will cover privacy leaks on datalinks and ATC communication used by corporate, government, military and commercial aircraft. We will actively engage with countermeasures and mitigations, showing which ones are helpful and which ones are not. This will include the most current industry attempts, including the FAA’s Privacy ICAO Address programme and ACARS encryption measures. For this CTF, we will use a mixture of OSINT data sources available on the web, exclusive real-world datasets, and mock data based on our research over the past five years.

Return to Index    -    Add to    -    ics Calendar file

 

AIV - Friday - 10:30-10:59 PDT


Title: Baby's First 100 MLSec Words
When: Friday, Aug 7, 10:30 - 10:59 PDT
Where: AI Vlg

SpeakerBio:erickgalinkin
No BIO available
Twitter: @erickgalinkin

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Be the Match - registration drive
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Be the Match registration drive is returning once again! Swing by and check out one of the coolest biohacks out there, and how you could be the next person to save a life through cellular therapy.

Discord: https://discord.com/channels/708208267699945503/711643405004046457

Web: https://bethematch.org


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 12:00-12:59 PDT


Title: Before J1939: A J1708/J1587 Protocol Decoder
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Car Hacking Vlg 002
Speakers:Thomas Hayes,Dan Salloum

SpeakerBio:Thomas Hayes
Thomas Hayes is a Hardware Engineer at Bendix Commercial Vehicle Systems in Elyria, OH and a member of the SAE J1939 committees. In his current role, he manages the hardware process for braking and other heavy vehicle systems from brainstorming with napkin drawings to the creation of full PCBs to product testing and manufacturing. Prior to Bendix Thomas held design and leadership roles in a number of venture backed startups and worked in simulation technology for the aviation industry. In his spare time, Thomas enjoys rebuilding vintage motorcycles and teaching kids how to solder without burning their fingers off: success rate unknow.

SpeakerBio:Dan Salloum
Daniel Salloum is a Reverse Engineer by title and curious at heart. He is currently employed by Assured Information Security where he spends his days doing security evaluations and creating tools that help. His background as both a system administrator and programmer help him to navigate system innards. If it must be done more than twice, he'll script it. If it can be recreated in a few hours, it probably will be. Daniel has recently been accepted into the world of ham radio, and may be heard on the airwaves at some point. This is his first conference and expects it won't be the last.

Description:
Medium and heavy duty equipment communicate over vehicle networks using a number of protocols and busses. While researching the interaction between tractors and semi-trailers, we identified the presence of two legacy protocols, J1708 (physical layer), and J1587 (transport layer). The current mechanisms to capture and decode this data do not promote cost efficient data DISCOVERY, but as a team, we have developed techniques that will allow us to use existing diagnostic hardware to capture and decode J1587, and J1708, messages from the vehicle bus.

pretty_1587, our software application, has been designed to process input streams and convert SAE J1708 and J1587 messages to a convenient format that a user can read or pass to another software application. Our open source python code has been designed to be versatile and to work with the output of existing diagnostic tools and can consume data over network sockets, from files, or from stdin, allowing most hardware solutions that interface directly with the serial bus will be able to pass data to pretty_1587 to decode the data contained in the J1587 messages.



#chv-track002-text: https://discord.com/channels/708208267699945503/739564953014632579

YouTube: https://www.youtube.com/watch?v=5DYhXbWkWoA&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack002


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Bio-Hacking - Hospital Under Siege
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Adversaries have gained a foothold in your local hospital and are increasing their control over clinical systems and medical devices. Soon they make it clear they’re not after patient records or financial information, but are out to disrupt care delivery and put patients lives at risk. Your team received an urgent request to use your blue, red, and purple team skills to defend against the escalating attacks, attempt to unmask the adversary, and - above all - protect patient lives.

Hospital Under Siege is a scenario-driven Capture the Flag contest run by the Biohacking Village, pitting teams of participants against adversaries and against a clock, to protect human life and public safety. Participants will compete against each other on both real and simulated medical devices, in the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. Teams of any size are welcome, as are players from all backgrounds and skill levels. Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with exotic protocols like DICOM, HL7 and FHIR.


Forum: https://forum.defcon.org/node/232894

Discord: https://discord.com/channels/708208267699945503/711643365120278540

Twitter: https://twitter.com/DC_BHV

Web: https://www.villageb.io/


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 14:00-14:50 PDT


Title: Bluetooth Security in Automotive
When: Friday, Aug 7, 14:00 - 14:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Kamel Ghali
Kamel Ghali is a veteran of the automotive security industry, with experience working both within the automotive industry and as an external consultant. His passion for automotive security goes beyond his work, with him volunteering as an instructor for the Society of Automotive Engineers (SAE) Cyber Auto Challenge and leading the Japanese branch of the Automotive Security Research Group (ASRG). He's a two-time finalist of the Car Hacking Village's annual DefCon CTF and active member of the CHV community. He currently works at White Motion, an automotive cybersecurity firm based in Tokyo, Japan.

Description:
Bluetooth is a short-range cable replacement technology that is found in millions of IoT devices around the world. Due to its ubiquity and breadth of functionality, it's been seen in vehicles as early as the late 2000s. While commonly used for phonebook access, hands-free phone usage, and media control, Bluetooth is nonetheless an important vector to consider when analyzing a vehicle's security case. In this CHV101 lecture, we'll explore Bluetooth as a technology and its relevance to automotive cybersecurity.


#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 12:00-17:59 PDT


Title: Bricks in the Air
When: Friday, Aug 7, 12:00 - 17:59 PDT
Where: Aerospace Vlg Workshop

Description:
A huge hit at Def Con 27, we’ve partnered with the Defense Digital Service to bring back Bricks-In-The-Air for #DEFCON28SafeMode. Whether you’re a noob or a pro, this is your chance to attempt sending messages to mock LEGO aircraft over I2C to learn and experiment with direct injection attacks on a data bus.

Return to Index    -    Add to    -    ics Calendar file

 

HTS - Friday - 12:00-12:59 PDT


Title: Build a Raspberry AIS
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Hack the Sea Vlg

SpeakerBio:Dr. Gary Kessler
No BIO available

Description:No Description available

Hack the Sea Village activities will be streamed to Twitch.

Twitch: https://twitch.tv/hackthesea


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 13:30-14:30 PDT


Title: Building BLUESPAWN: An Open-Source, Active Defense & EDR Software (Intermediate)
When: Friday, Aug 7, 13:30 - 14:30 PDT
Where: Blue Team Vlg - Talks Track 1
Speakers:Jake Smith,Jack McDowell

SpeakerBio:Jake Smith
Jake is recent graduate of the University of Virginia where he studied Computer Science and Cybersecurity. During his time in school, he was a Rodman Scholar and served as President of the Computer and Network Security (CNS) Club at UVA. In addition, he co-started UVA’s Cyber Defense and Offense Teams to compete in the Collegiate Cyber Defense Competition (CCDC) and Collegiate Penetration Testing Competition (CPTC). Outside of school, Jake co-founded MetaCTF, a cybersecurity training company, which has run CTF events across the United States and beyond.
Twitter: @jtsmith282

SpeakerBio:Jack McDowell
No BIO available

Description:
Our team has developed BLUESPAWN, a fully open-source, active defense and EDR tool for Windows. While there are ample offensive oriented tools publicly available, there is very little on the defensive side. We aim to use this project to demonstrate how modern-day security solutions work by building our own from the ground up. In addition, we integrate a number of popular community libraries and tools such as MITRE ATT&CK, DoD STIGs, YARA, and PE-Sieve with one goal: to enable any security analyst to quickly detect, identify, and eliminate malicious activity on a system.

In today’s world, computers running Microsoft’s Windows operating system remain a top target for threat actors given its popularity. While there are a number of commercial defensive cybersecurity tools and multi-purpose system analysis programs such as SysInternals, this software is often closed-source, operates in a black-box manner, or requires a payment to obtain. These characteristics impose costs for both attackers and defenders. In particular, while the restrictions prevent attackers from knowing exactly what these tools detect, defenders often end up not having a good understanding of how their tools work or exactly what malicious activity they can identify.

Building on prior work and other open-source software, our team decided to create BLUESPAWN. This open-source program is an active defense and endpoint detection & response (EDR) tool designed to quickly prevent, detect, and eliminate malicious activity on a Windows system. In addition, BLUESPAWN is centered around the MITRE ATT&CK Framework and the Department of Defense’s published STIGs. We have also integrated popular malware analysis libraries such as VirusTotal’s YARA to increase the tool’s effectiveness and accessibility. Currently, our team is developing the alpha version of the client which can already detect real-world malware. In the future, we will continue to build out the client and eventually integrate both a server component for controlling clients and a cloud component to deliver enhanced detection capabilities.

Github: https://github.com/ION28/BLUESPAWN


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 13:00-13:59 PDT


Title: Building Connections Across The Aviation Ecosystem
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Aerospace Vlg
Speakers:Katie Noble,Al Burke,Jeff Troy,Jen Ellis,John Craig,Randy Talley (CISA),Sidd Gejji

SpeakerBio:Katie Noble , Intel Corp
Katie currently serves as a Director of PSIRT and Bug Bounty at Intel Corp. Where she leads the cyber security vulnerability Bug Bounty program, researcher outreach, and strategic planning efforts. Previous to this position, Katie served as the Section Chief of the Vulnerability Management and Coordination at the Department of Homeland Security, Cyber and Infrastructure Security Agency (CISA) where she led DHS’ primary operations arm for coordinating the responsible disclosure and mitigation of identified cyber vulnerabilities in control systems, enterprise, hardware and software. Katies team is credited by the Secretary of Homeland Security with the coordination and public disclosure of over 20,000 cyber security vulnerabilities within a two year period. Katie is a highly accomplished manager with over 14 years of U.S. Government experience, both in the Intelligence Community and Cyber Security Program Management. She has operated at all levels from individual contributor as an Intelligence Analyst for the National Intelligence Community to Senior Policy Advisor for White House led National Security Council (NSC) Cyber programs. Her work has directly impacted the decision making of the NSC, Defense Information Systems Agency, Office of the Director of National Intelligence, Department of Defense, Federal Communications Commission, Central Intelligence Agency, U.S. Coast Guard, U.K.Ministry of Defense, Canadian Government agencies, and Australian Cabinet Ministry.

SpeakerBio:Al Burke , Associate Deputy Director, Air Force Cyberspace Operations and Warfighter Communications
Mr. Alan W. Burke is the Associate Deputy Director, Air Force Cyberspace Operations and Warfighter Communications and the DOD Chair for the interagency Aviation Cyber Initiative Task Force. Most recently he was a Distinguished Graduate of the College of Information and Cyberspace, National Defense University. He has 36-years of combined active military and government service in the U.S. Air Force and Department of Defense. Previously, he was Chief of the Integrated Air and Missile Defense (IAMD) Division, U.S. Air Forces in Europe-Africa responsible for integrating joint and coalition air, space and missile defense capabilities in support of the Joint Force Air Component Commander and implementation of Presidential policy for missile defense in Europe. On active duty, Colonel Burke was the Director, Operations Support Group and Deputy Director, Warfighter Support Center, Missile Defense Agency (MDA) that delivered global support for Ballistic Missile Defense operations and led the initial Missile Defense Agency Ballistic Missile Defense system deployments in Israel. His active duty service includes operational, staff and command experience in nuclear missile operations, space surveillance, space control, missile warning, national-level command and control, air and missile defense, military training and education, and Research, Development, Test and Evaluation.

SpeakerBio:Jeff Troy , President, CEO, Aviation ISAC
Over the past three years, Jeff developed the A-ISAC comprehensive strategy, led the team’s expansion of the Aviation ISACs services, and tripled membership. He established relationships with global regulators, industry associations, and private sector companies to drive cyber risk reduction across the aviation eco-system. Concurrently, Jeff employed by General Electric and is on the Board of Directors, National Defense ISAC. ND-ISAC provides cutting edge cyber security training, intelligence development and a trusted information sharing environment for US cleared defense contractors. Jeff spent 25 years as a Special Agent of the FBI. He retired as the Deputy Assistant Director for Cyber National Security and Cyber Criminal Investigations.

SpeakerBio:Jen Ellis , Rapid7
Jen Ellis is the vice president of community and public affairs at Rapid7 and her primary focus is on advancing cybersecurity for all by building productive collaboration between those in the security community and those operating outside it. She works extensively with security researchers, technology providers and operators, and various government entities to help them understand and address cybersecurity challenges. She believes effective collaboration is our only path forward to reducing cybercrime and protecting consumers and businesses. Jen is a nonresident fellow of the Atlantic Council, sits on the boards of the Center for Cybersecurity Policy and Law, I Am The Cavalry, and the Aerospace Village, and is a member of the board of advisors for the CyberPeace Institute. She has testified before U.S. Congress and spoken at numerous security or business conferences.

SpeakerBio:John Craig , Boeing
John Craig is currently the Chief Engineer of Cabin, Network and Security Systems and Product Security Officer for Boeing Commercial Airplanes. In this role, he is responsible for cabin systems, connectivity, onboard networks, cyber security, and airborne software design and implementation. In addition, he is the chairman of the board of the Aviation Information Sharing and Analysis Center, formed to encourage sharing of cyber threat information within the aviation industry. He is on the policy board and program management committee of RTCA to provide input for policy and programs for the aviation. In his 34 years of aviation experience, he has held roles in Electrical Subsystems, Engine Systems, Avionics, Cabin Systems, Onboard Networks, and Connectivity Systems. He is experienced in large scale systems development, software developmental programs and, as a previous FAA Designated Engineering Representative, knowledge of airplane certification programs.

SpeakerBio:Randy Talley (CISA)
Mr. Talley is a Senior Advisor assigned to the U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) located in Arlington, VA. He uses his aviation expertise and operational Homeland Security background to provide aviation-specific advice to CISA leadership. In his primary role, Mr. Talley serves as the DHS Lead for the Aviation Cyber Initiative (ACI), a Tri-Chaired Task Force assigned to collaborate across the Federal Government, aviation industry and the research community to reduce risks and improve resilience within the Nation’s Aviation Ecosystem.

SpeakerBio:Sidd Gejji , FAA
Siddharth (Sidd) Gejji is a Manager in the Federal Aviation Administration (FAA) Office of Information Security and Privacy, within the FAA Office of Information and Technology. Mr. Gejji leads the Aviation Ecosystem Stakeholder Engagement Branch, which is a team of experts responsible for conducting cybersecurity stakeholder engagements throughout the Aviation Ecosystem, including in the Airlines, Airports, Aviation Management, and Aircraft areas. Mr. Gejji serves as a Tri-Chair for the U.S. Aviation Cyber Initiative (ACI). The ACI is a US Government task force with Tri-Chairs from Department of Homeland Security (DHS), Department of Defense (DoD), and FAA. Mr. Gejji and his team support this important interagency mission to reduce cybersecurity risks and improve cyber resilience to support safe, secure, and efficient operations of the Nation’s Aviation Ecosystem. Prior to his current engagement, Sidd spent 12 years in various roles at the FAA, most notably in the FAA Office of Policy where he served as an Acting Manager of the Systems and Policy Analysis Group. He also spent a year on detail to the U.S. Senate Commerce, Science, and Transportation Committee.

Description:
Across the Aviation Ecosystem, there is an increased effort to collaborate and coordinate to protect Information Technology (IT) and Operational Technology (OT) systems at airports, airlines, aviation management, and manufacturers and vendors via the supply chain. This diverse panel will share their insights and current activities between government, industry, and the security research community. Learn how you can participate in and ensure the safety and security of the Aviation Ecosystem.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

CRV - Friday - 16:00-16:59 PDT


Title: Building Teams in the New Normal
When: Friday, Aug 7, 16:00 - 16:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Mike Murray
No BIO available

Description:
2020 has created massive change across our industry, both from the perspective of COVID-19 as well as the social movements that have changed the way we view ourselves. Nowhere has this affected the industry more than the experience by which we onboard employees - as an example, before 2020, even most remote employees had in person interviews in the process. In short, the "new normal" that is evolving requires us to hire and interview differently. From where and how we find (especially diverse) candidates, our interview processes and the way we onboard employees in to our culture, everything requires a thoughtful new approach. In this talk, Mike will talk about everything he has learned and how he has modified his own processes to promote diversity, find the best people to join the team, and brought them aboard as part of the culture.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw


Return to Index    -    Add to    -    ics Calendar file

 

CRV - Friday - 11:00-11:59 PDT


Title: But I Still Need A Job!
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Kirsten Renner
No BIO available

Description:
As if finding your next gig wasn't already a challenge, now we have to do it in the midst of a pandemic. Let's talk about the new hurdles, how to get around them and the classic fundamentals like searching, networking, and negotiating

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 09:00-15:59 PDT


Title: Cal Poly Workshop - Simulated Satellite Communications on Raspberry Pi
When: Friday, Aug 7, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
Users will need to purchase own equiptment before the workshop/challenge is run. (users will attempt to see simulated altitude, battery level, telemetry data from the mock satellite. It will be awesome because, we will expose participants new to the convergence of space and cybersecurity a crawl/beginner experience to gain their interest. It's designed as a workshop. The Convergence of Space & Cybersecurity Innovation.

The goal of this workshop would be to construct a “CubeSat Simulator Lite https://github.com/alanbjohnston/CubeSatSim/wiki” specifically https://github.com/alanbjohnston/CubeSatSim/wiki/CubeSat-Simulator-Lite.

We would run through the installation of the software via a screensharing method. We’d show participants how to setup a Raspberry Pi, set up the device, install the necessary packages, attach a necessary antenna, and view the transmitted data using a software defined radio.

Building materials:
Raspberry Pi Kit - https://www.amazon.com/dp/B07BCC8PK7/ Software Defined Radio - https://www.amazon.com/dp/B011HVUEME/


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 15:00-15:59 PDT


Title: CAN be super secure: Bit Smashing FTW
When: Friday, Aug 7, 15:00 - 15:59 PDT
Where: Car Hacking Vlg 002

SpeakerBio:Brent Stone
No BIO available

Description:
Bit smashing CAN transceivers are already on the market and cost pennies. Using them would make vehicles, robots, and medical devices effectively immune from almost every layer 2 attack including denial of service. Brent explains why this security measure works so well. This is also a call to action for industries using exclusively multicast ICS protocols like CAN to invest the <$5/platform to greatly improve their product's security.


#chv-track002-text: https://discord.com/channels/708208267699945503/739564953014632579

YouTube: https://www.youtube.com/watch?v=5DYhXbWkWoA&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack002


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Friday - 13:25-14:10 PDT


Title: Can't Touch This: Detecting Lateral Movement in Zero-Touch Environments
When: Friday, Aug 7, 13:25 - 14:10 PDT
Where: Cloud Vlg

SpeakerBio:Phillip Marlow
Phillip Marlow is a cybersecurity and DevOps engineer. He helps organizations understand how to adopt DevOps practices to increase their security rather than sacrifice it in the name of speed. Phillip holds several security, cloud, and agile certifications and is currently pursuing a Master’s Degree in Information Security Engineering at SANS Technology Institute.
Twitter: @wolramp

Description:
Attackers frequently use valid accounts to access servers with sensitive data. This gives them ninja-like stealth in most environments, but this session will show you how to turn the tables and use a zero-touch environment to catch them.

Zero-touch environments are a product of the fast-moving world of DevOps which is being adopted by an increasing number of successful companies including Google. This session will show that by leveraging the constraints of this environment, we can identify malicious network traffic which would otherwise blend into the noise.

This proposal is based on active research and new details may emerge during preparation of the final session. A brief overview of expected included topics:

• Why care about DevOps and Zero-Touch? • How application servers are deployed in traditional environments • What lateral movement with valid credentials looks like in traditional environments • How deployment works in Zero-Touch environments • What lateral movement with valid credentials looks like in zero-touch • Detecting the lateral movement with existing network sensors


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Capture The Packet (CTP)
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Come compete in the world’s most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible. Follow us on Twitter or Facebook (links below) to get notifications for dates and times your team will compete, as well as what prizes will be awarded.

Twitter capturetp: https://twitter.com/capturetp

Twitter wallofsheep: https://twitter.com/wallofsheep

Discord: https://discord.com/channels/708208267699945503/711643512625430529

Web: https://www.capturethepacket.com/


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 16:00-16:50 PDT


Title: Car (to Cloud) Talk: Using MQTT for Car Hacking
When: Friday, Aug 7, 16:00 - 16:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Jaime
Jaime is an EE turned software developer turned security researcher. She caught the infosec bug through playing CTFs, and now works at GRIMM hacking cars. In her spare time, she adds LEDs to things and hangs out with her dog.

Description:
As with IoT, cars are becoming increasingly "smart". In the automotive and trucking world, this means adding the ability to collect real-time telemetry data, gather information for predictive maintenance, as well as consumer features like remote lock/unlock. This talk will cover the internals of how MQTT--a lightweight messaging protocol frequently used in automotive and IoT--works, and how it's used in automotive applications.


#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Car Hacking Village CTF
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Come learn, hack, play at the Car Hacking Village. The village is an open, collaborative space to hack actual vehicles that you don't have to worry about breaking! Don't have tools? We'll loan you some. Never connected to a car? We'll show you how. Don't know where the controllers are? We'll show you how to take it apart.

Additionally we'll host a Donkey Car race. Check out our web site for up to date info.

Want to race? Check out of full car simulator(s).

Want to learn more about automotive hacking and cyber security? Check out our talks.

Want to hack mobility scooters? Yes! We'll do that to.

Also, check out the CHV CTF.


Discord: https://discord.com/channels/708208267699945503/711643596658311229

Twitter: https://twitter.com/CarHackVillage

Web: https://www.carhackingvillage.com/


Return to Index    -    Add to    -    ics Calendar file

 

DL - Friday - 10:00-11:50 PDT


Title: Carnivore (Microsoft External Attack Tool)
When: Friday, Aug 7, 10:00 - 11:50 PDT
Where: See Description or Village

SpeakerBio:Chris Nevin
Senior Security Consultant at NCCGroup

Description:
Carnivore is a username enumeration and password spraying tool for Microsoft services (Skype for Business, ADFS, RDWeb, Exchange and Office 365). It originally began as an on-premises Skype for Business enumeration/spray tool as I was finding that these days, organizations often seem to have locked down their implementations of Exchange, however, Skype for Business has been left externally accessible, and has not received as much attention from previous penetration tests due to the lack of tools as impactful as Mailsniper. Overtime this was improved and built upon to bring the same service discovery, username enumeration and password spraying capability to Skype, ADFS, RDWeb, Exchange, and O365 all in the same tool. Carnivore includes new post compromise functionality for Skype for Business (pulling the internal address list and user presence through the API), and smart detection of the username format for all services. As a practical means of entry into an organisation – numerous external penetration tests have uncovered an on-premises Skype for Business or ADFS server even for organisations that have moved Mail/SSO/etc to the cloud.

Audience: Offense


Interact @ #dl-nevin-carnivore-text: https://discord.com/channels/708208267699945503/730256550442041373

Watch @ #dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988

Github: https://github.com/ReverendThing/Carnivore

Forum: https://forum.defcon.org/node/233116


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 14:30-14:59 PDT


Title: Chairman Benjamin Hovland, US Election Assistance Commission
When: Friday, Aug 7, 14:30 - 14:59 PDT
Where: Voting Vlg

SpeakerBio:Benjamin Hovland , Chairman, U.S. Election Assistance Commission
No BIO available

Description:No Description available


YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

DL - Friday - 10:00-11:50 PDT


Title: CIRCO v2: Cisco Implant Raspberry Controlled Operations
When: Friday, Aug 7, 10:00 - 11:50 PDT
Where: See Description or Village

SpeakerBio:Emilio Couto
Emilio Couto (@ekio_jp) is a Security Consultant with more than 20 years of experience in the network and security field.Born and raised in Argentina, he is currently located in Japan where multitasking between language, culture and technologies is a must.Over the last decade focusing mainly on Finance IT and presenting tools in conferences (DEF CON, BlackHat Asia, HITB, Code Blue, AV Tokyo and SECCON).In his spare time he enjoys 3D printing, tinkering electronics and home-made IoT devices.
Twitter: @ekio_jp

Description:
Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of "Sec/Net/Dev/Ops" enterprise tools to capture network credentials in stealth mode

Audience: Offense/Hardware


Interact @ #dl-couto-circo-v2-text: https://discord.com/channels/708208267699945503/730256145771659335

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Github: https://github.com/ekiojp/circo

Forum: https://forum.defcon.org/node/233127


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Friday - 06:00-12:30 PDT


Title: Cloud Village CTF
When: Friday, Aug 7, 06:00 - 12:30 PDT
Where: See Description or Village

Description:
Registrations Open - 6 AM PDT 7th August 2020 CTF start time - August 7th 11 AM PDT
CTF close time - August 9th 12:30 PM PDT

The winners will be announced on August 9th 1:30 PM PDT at the closing note


CTF Site: https://cloudvillagectf.co/


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 13:00-13:50 PDT


Title: Cluster fuzz!
When: Friday, Aug 7, 13:00 - 13:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Mintynet
Network / security architect that has a passion for car hacking, found vulnerabilities in his own car and also private Car bug bounties. Now runs Car Hacking Village UK and is part of the team behind CHV at defcon

LinkedIn https://www.linkedin.com/in/mintynet/ Twitter: https://twitter.com/mintynet
Website: www.mintynet.com

Twitter: @mintynet

Description:
How to get started in #carhacking using cheap CAN hardware and an instrument cluster, shows the hardware needed and an example of a cluster. Then show some fuzzing of the cluster, including some tips for the CTF.


#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: CMD+CTRL CyberRange
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
CMD+CTRL has evolved! Slip into an immersive scenario, spanning an entire corporate cloud environment. Intelligent chatbots acting as skilled hackers will guide you every step of the way, as you perform recon, social engineering, data exfiltration, privilege escalation and much more. Move through websites, servers, accounts and cloud services, all in an effort to thwart an evil CEO and corrupt corporation. Just don’t get caught, or you may have to burn it all down to cover your tracks!

Forum: https://forum.defcon.org/node/231474

Discord: https://discord.com/channels/708208267699945503/711643642388807800

Twitter: https://twitter.com/SecInnovation


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Coindroids
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The year is 20X5 and humanity has fallen: now there are only Coindroids. The machines we designed to manage our finances have supplanted and destroyed the human race by turning our own economy against us. Now they battle each other in the ruins of our fallen cities, driven by a single directive: money is power.

Battle your way to the top of the leaderboard by attacking rival droids and completing hidden challenges.

New to cryptocurrencies? No DEFCOIN to play with? Not a problem! Just come visit our booth in the contest area and we can help get you started.


Forum: https://forum.defcon.org/node/233033

Discord: https://discord.com/channels/708208267699945503/711643539573833878

Twitter: https://twitter.com/coindroids

Web: https://www.coindroids.com


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 12:00-17:59 PDT


Title: CPX SimpleSat
When: Friday, Aug 7, 12:00 - 17:59 PDT
Where: Aerospace Vlg Workshop

Description:
Can you Hack-A-Sat? You won’t know until you try! Intended for noobs, CPX SimpleSat was built to allow you to experiment with attacking a mock satellite through a ground station, mimicking the types of commands used in Hack-a-Sat to gain control of the Satellite. No previous experience required. Just curiosity and a willingness to learn!

Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Crack Me If You Can (CMIYC)
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
In its tenth year, the premier password cracking contest "Crack Me If You Can" is returning to DEFCON. The world's best password cracking teams are assembled and are awaiting the hardest 48 hours of their year.

Every year, the contest has a different surprise/twist. One year it was all international passwords, last year it was password rotation and BCRYPT, and 10 years ago it was capital letters. Oh the humanity!

This year the teams will be cracking hashes, generated by the CMIYC team, using plain-texts donated by famous hackers and Internet founders. Time for you to test your password cracking skills against your heroes.

Teams have 48 hours to crack as many passwords as possible using what ever resources they can legally assemble. Teams are split into "PRO" (for the large, professional password cracking teams) and "STREET" for smaller teams, or beginners.

Each year the "Crack Me If You Can" team gives away hundreds of free password cracking shirts in the Contest area.


Forum: https://forum.defcon.org/node/231475

Discord: https://discord.com/channels/708208267699945503/711644827053457478

Twitter: https://twitter.com/CrackMeIfYouCan

Web: https://contest-2020.korelogic.com/


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Friday - 14:00-14:59 PDT


Title: Creating a decentralized storage for Kubernetes with Tardigrade and Velero
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Blockchain Vlg

SpeakerBio:Kevin Leffew
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Friday - 13:00-13:30 PDT


Title: Cryptocurrencies have superusers?
When: Friday, Aug 7, 13:00 - 13:30 PDT
Where: Blockchain Vlg

SpeakerBio:Mark Nesbitt
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 16:15-16:45 PDT


Title: Cybersecurity informed consent for medical devices
When: Friday, Aug 7, 16:15 - 16:45 PDT
Where: BioHacking Vlg

Description:
Building on conversation within the Biohacking Village at DEFCON 27, and expertise in clinical care and implementation science (Dameff, Doerr, Tully), cybersecurity in healthcare (Coravos, Dameff, Tully), device policy and regulation (Coravos, Doerr), and informed consent (Doerr), we have defined a framework for “cybersecurity informed consent,”(CIC) a platform we hope will help directly address the patient (and clinician) awareness gap of the cybersecurity vulnerabilities of connected devices, enhancing the ecosystem of trust.(Tully, et al., 2020) In February 2020, we convened a 30-person advisory team comprised of white hat hackers, clinicians, and device makers focused on identifying potentially appropriate clinical scenarios for a demonstration of CIC, informed by legal and policy research performed by Science & Society Certificate Capstone students from Duke University (phase 2). We will present an overview of this work for comment and discussion as we move into the third phase of our project: implementation and assessment of CIC within the clinic.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

BTVW1 - Friday - 10:00-11:30 PDT


Title: Cypher for Defenders: Leveraging Bloodhound Data Beyond the UI (Intermediate)
When: Friday, Aug 7, 10:00 - 11:30 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Scoubi
Mathieu Saulnier is a “Security Enthusiast” ©@h3xstream. He has held numerous positions as a consultant within several of Quebec’s largest institutions. For the last 8 years he has been focused on putting in place a few SOC and has specialized in detection (Blue Team), content creation and mentorship. He worked as a « Senior Security Architect » and acted as “Adversary Detection Team Lead” and “Threat Hunting Team Lead” for one of Canada’s largest carrier for many years and is now SOC Team Lead in a large financial institution. He loves to give talk and had the honor to do so at GoSec, BSidesCharm, NorthSec, BSidesLV, Defcon’s BTV and Derbycon.
Twitter: @ScoubiMtl

Description:
Bloodhound stores AD data in a Neo4j. The UI allows you to get some information out of the box, but that is only the tip of the iceberg. Using Cypher if you can think it, you can visualize it!

The workshop will start with a quick presentation of BloodHound (BH). This is to make sure everybody understands the product as I very often meet security practitioners that never heard of the tool. (5 minutes)

The participants will be provided with test data, either in JSON format (a few KB) that can import in the BH UI or as a Neo4j database (very big). The reason to provide both is that BH is now detected by many AV as a Hacking tool and I don't want to exclude participants who come with their work computer. Those files will be provided ahead of time via Dropbox or similar file sharing site.

The first part of the workshop will go over the various objects present in BH: Computers, Groups, OU, Domains, etc. and the properties of those objects. We will learn how to interact with them using both the UI and the Neo4j Web Console (NWC). We will then use the prebuilt queries from the BH UI and use them in the NWC. From there we will start modifying them and see what impact it has. Debugging techniques will be shown. (~20 minutes)

After that we will go into a bit more advance query type, for example multiple relationships and chaining queries together. A few examples will be provided and the participants will be able to replicate the queries and see the result. (~30 minutes)

Finally, the participants will receive a list of questions and they will need to build the Cypher Queries themselves in order to find the answer. I will be there to assist them and debug their queries as needed. (~30 minutes)


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

FSL - Friday - 20:00-20:59 PDT


Title: D0 N0 H4RM: A Healthcare Security Conversation
When: Friday, Aug 7, 20:00 - 20:59 PDT
Where: DEF CON Fireside Twitch
Speakers:Ash Luft,Christian “quaddi” Dameff,Jeff “r3plicant” Tully,Suzanne Schwartz,Vidya Murthy

SpeakerBio:Ash Luft , Software Engineer Starfish Medical
Ash Luft is an Embedded Software Engineer with a background in Computer Science, Biochemistry, and Electrical Engineering. With industry experience in Software and Biomedical Device Development, Ash specializes in designing for and implementing safety, security, and privacy in Clinical IoT and Medical Devices. Ash is passionate about protecting patient outcomes while delivering cost-effective, high quality solutions.

SpeakerBio:Christian “quaddi” Dameff , MD, Physician & Medical Director of Security at The University of California San Diego
Christian (quaddi) Dameff MD is an Assistant Professor of Emergency Medicine, Biomedical Informatics, and Computer Science (Affiliate) at the University of California San Diego. He is also a hacker, former open capture the flag champion, and prior DEF CON/RSA/Blackhat/HIMSS speaker. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients, and other Emergency Medicine related works with an emphasis on CPR optimization. Published security research topics including hacking critical healthcare infrastructure, medical devices and the effects of malware on patient care. This is his sixteenth DEF CON.
Twitter: @CDameffMD

SpeakerBio:Jeff “r3plicant” Tully , MD, Anesthesiologist at The University of California Davis
Jeff (r3plicant) Tully is an anesthesiologist, pediatrician and security researcher with an interest in understanding the ever-growing intersections between healthcare and technology.
Twitter: @JeffTullyMD

SpeakerBio:Suzanne Schwartz , MD, Associate Director for Science and Strategic Partnerships at the US Food and Drug Administration FDA
Dr. Suzanne Schwartz’s programmatic efforts in medical device cybersecurity extend beyond incident response to include raising awareness, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month on March 1st 2018 for her work in Medical Device Cybersecurity. Suzanne chairs CDRH’s Cybersecurity Working Group, tasked with formulating FDA’s medical device cybersecurity policy. She also co-chairs the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector’s healthcare cybersecurity initiatives.

SpeakerBio:Vidya Murthy , Vice President Operations, MedCrypt
Vidya is fascinated by the impact of cybersecurity on the healthcare space. Beginning her career in consulting, she realized a passion for healthcare and worked for global medical device manufacturer Becton Dickinson. She has since joined MedCrypt, a company focused on bringing cybersecurity leading practices to medical device manufacturers. Vidya holds an MBA from the Wharton School.

Description:
It is certainly a time of discovery- though the truths revealed by the COVID-19 crisis can be bitter and bleak. At a time when all attention is focused on the ERs and ICUs that make up the battle’s front lines, it is easy to cast aside old warnings to focus solely on the clinical war. But the need for safety and security only increases in the face of a pandemic- and healthcare cybersecurity is no different. From testing to ventilators, every facet of our response to COVID-19 depends on trustworthy and reliable technology.

D0 No H4rm- DEF CON’s continuing conversation on healthcare returns for another up close (but not too close) and personal dialogue between hackers at the top of their fields- from the halls of the FDA to the cutting edge of medical devices security research for an all-encompassing look at what we need to focus on in the age of COVID. Moderated by physician hackers quaddi and r3plicant, this perennially packed event aims to recruit the talent, ingenuity, and vision of the DEF CON family for the challenges we face both now and after the immediate crisis passes.

Discord: https://discord.com/channels/708208267699945503/738141986476916826

This fireside is available on YouTube, direct-download from DEF CON Media (MP4, SRT), and is part of the DC28 Torrent.

YouTube: https://www.youtube.com/watch?v=fAU7V3pvj1Q

MP4: https://media.defcon.org/DEF%20CON%2028/DEF%20CON%20Safe%20Mode%20video%20and%20slides/DEF%20CON%20Safe%20Mode%20-%20Christian%20%E2%80%9Cquaddi%E2%80%9D%20Dameff%20MD%20and%20panel%20-%20D0%20N0%20H4RM-%20A%20Healthcare%20Security%20Conversation.mp4

SRT: https://media.defcon.org/DEF%20CON%2028/DEF%20CON%20Safe%20Mode%20video%20and%20slides/DEF%20CON%20Safe%20Mode%20-%20Christian%20%E2%80%9Cquaddi%E2%80%9D%20Dameff%20MD%20and%20panel%20-%20D0%20N0%20H4RM-%20A%20Healthcare%20Security%20Conversation.srt

Torrent: https://media.defcon.org/DEF%20CON%2028/DEF%20CON%2028.torrent


DEF CON Fireside Lounges will be live-streamed on Twitch.

Twitch: https://www.twitch.tv/defconorg

#fireside-lounge-text: https://discord.com/channels/708208267699945503/738141986476916826


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Darknet Contest
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Here at Darknet, We are a Real Life (RL) Massively Multiplayer Online Role Playing Game (MMORPG), where we teach you real life skills and you get in-game points for it. Some may call this Gamified learning. We assume no prior knowledge on a subject, teach you the basics, then challenge you to use what you have learned. Our contest has a range of quests, starting with simple tasks and working your way up to very complex problems.

In the past we have taught you how to lock pick, crack wifi, create a PGP Key and communicate online safely, as well as soldering, programming, and code cracking, just to name a few.From there we would have sent you on quests to go to the different villages to learn something from them, and then come back and test your skills.

But alas, we have been forced underground…And while the physical aspect of the conference has moved online, so have we. This year we will be focusing on the skills you will learn, past skills you will refresh, and your interactions with the community. There will not be a points scoreboard this year. Many of you who have previously bought the Darknet 8 Badge have not unlocked the full features. We have quests for you to learn how to interact, develop, and reprogram it. It’s time to Learn, Teach, and Play Agents, are you ready?


Info: https://dcdark.net/

Discord: https://discordapp.com/channels/708208267699945503/735849065593438248/737077762845704224

Twitter DCDarkNet: https://twitter.com/DCDarknet

Twitter Holon: https://twitter.com/Holon_Network


Return to Index    -    Add to    -    ics Calendar file

 

BTVW2 - Friday - 18:00-19:30 PDT


Title: Data Analysis for Detection Research Through Jupyter Notebooks 101 (Beginner)
When: Friday, Aug 7, 18:00 - 19:30 PDT
Where: Blue Team Vlg - Workshop Track 2
Speakers:Roberto Rodriguez,Jose Rodriguez

SpeakerBio:Roberto Rodriguez
Roberto Rodriquez is a threat researcher and security engineer at the Microsoft Threat Intelligence Center (MSTIC) R&D team.

He is also the author of several open source projects, such as the Threat Hunter Playbook, Mordor, OSSEM, HELK and others, to aid the community development of techniques and tooling for threat research. He is also the founder of a new community movement to empower others in the InfoSec community named Open Threat Research.

Blog at https://medium.com/@Cyb3rWard0g

Twitter: @Cyb3rWard0g
https://medium.com/@Cyb3rWard0g

SpeakerBio:Jose Rodriguez
Jose is currently part of the ATT&CK team where he is currently revamping the concept of data sources. He is also one of the founders of Open Threat Research (OTR) and author of open source projects such as Infosec Jupyter Book, Open Source Security Event Metadata (OSSEM), Mordor, and Openhunt.
Twitter: @Cyb3rPandaH

Description:
Please see https://cfc.blueteamvillage.org/call-for-content-2020/talk/GCUYNN/ for pre-reqs.

From a detection research perspective, even after learning how to simulate a threat actor technique and generate some data in your lab environment, you might still struggle to know what to do with it. In some cases, you might need to filter, transform, correlate and visualize your data to come up with the right detection logic. In this workshop, we will walk you through a few basic data analysis techniques using open source and SIEM agnostic tools such as Jupyter Notebooks which are not only used by large organizations, but also can be deployed at home for free. Pre Requirements

Basics of Python
(optional) A computer with Docker Installed. If you are planning on deploying Jupyter in your own system, we will show you how to deploy it via Docker. It is not necessary since we are going to use BinderHub to interact with Jupyter Notebooks throughout the whole workshop.

Outline

Introduction to Jupyter Notebooks (10 mins) * Deployment Options
* Binder Project

Introduction to Apache Spark (5 mins)
* Spark Engine
* Spark SQL & DataFrames

Data Analysis Process 101 (10 mins)

We need data! (Mordor Project) (5 mins) * Download Datasets
* Raw Data -> DataFrame

A few data analysis techniques: (1 hour) * filter
* transform
* correlate
* visualize


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 09:30-10:45 PDT


Title: DAY1 KEYNOTE: The Trust Talks
When: Friday, Aug 7, 09:30 - 10:45 PDT
Where: BioHacking Vlg
Speakers:Nina Alli,Vee Schmitt,Yusuf Henriques,Josh O'Connor,Cannibal,Devabhaktuni Srikrishna,Najla Lindsay,Nate DeNicola

SpeakerBio:Nina Alli
No BIO available

SpeakerBio:Vee Schmitt
Patient, Hacker

SpeakerBio:Yusuf Henriques
Army Veteran, Entrepreneur

SpeakerBio:Josh O'Connor
Recording Producer, Future Social Worker

SpeakerBio:Cannibal
Hacker, Maker

SpeakerBio:Devabhaktuni Srikrishna
Data Scientist

SpeakerBio:Najla Lindsay
DFIR Scientist, BHV Speaker Ops

SpeakerBio:Nate DeNicola , MD
Telehealth, Physician

Description:
Nina Alli, Executive Director of the Biohacking Village, interviews folks in the biomedical and health industry for their insight and thoughts on where healthcare is and calls to action. They were not informed of the questions, these are real reactions and real talk.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 12:00-17:59 PDT


Title: DDSAT-1
When: Friday, Aug 7, 12:00 - 17:59 PDT
Where: Aerospace Vlg Workshop

Description:
If CPX SimpleSat was, well, too simple, try your hand at hacking DDSat-1. Here you’ll get to experiment with RF exploitation by attacking a mock satellite over RF while it is talking to a mock ground station. You’ll be able to mimic the style of RF commands being generated as a part of Hack-a-Sat, but in a more simplified and user friendly manner.

Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 09:00-15:59 PDT


Title: Deep Space Networking
When: Friday, Aug 7, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
Deep space communications utilize TCP/IP protocols with some added assistance from a TCP Convergence Layer and the Bundle Protocol. In this workshop, participants will examine the store-and-forward techniques used to transmit "bundles" of information from one host to another via a relay system. Using the latest version of Wireshark, participants will examine the TCP Convergence Header and locate the first packet of a bundle and the first and second legs of the relay process, as reassembled by Wireshark. After identifying the content contained within the bundle, participants will create a filter to locate the last packet of a bundle and examine key fields of the Bundle Protocol, including fields that define priority, destination type, endpoint IDs, and reporting of bundle delivery.

Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 10:00-19:59 PDT


Title: DEF CON Scavenger Hunt
When: Friday, Aug 7, 10:00 - 19:59 PDT
Where: See Description or Village

Description:
While everyone in the world finds themselves socially distanced and in some level of quarantine, we are bringing the DEF CON Scavenger Hunt to you. As this year is so different, teams will be limited to one person.

The list will drop at 10AM on Friday, with items to produce and tasks to accomplish until the game ends at noon on Sunday. You will be competing for glory, bragging rights, and prizes (that you can pick up at the table, during the next in-person DEF CON).


Forum: https://forum.defcon.org/node/232938

Discord: https://discord.com/channels/708208267699945503/711049278163779605

Twitter: https://twitter.com/DefConScavHunt

Web: http://defconscavhunt.com/


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Defcon Ham Radio Fox Hunting Contest
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
In the world of amateur radio, groups of hams will often put together a transmitter hunt (also called "fox hunting") in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. Each transmitter will provide a clue or one time use ticket which will prove the player found the fox transmitter. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon at the contest table to help people who find themselves stuck. A small prize to be determined will be given to each participant who locates all of the foxes each day. In previous years a custom made embroidered velcro-backed patch was given out or a "fun" trophy. The patches are always a big hit so it's likely we'll do that again this year if selected.

Forum: https://forum.defcon.org/node/232947

Discord: https://discord.com/channels/708208267699945503/711645275902574633

Twitter: https://twitter.com/richsentme

Web: https://defcon27foxhunt.com


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 12:30-12:59 PDT


Title: Detecting Fake 4G Base Stations in Real Time
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Cooper Quintin , Senior Staff Technologist, EFF
Cooper is a security researcher and Senior Staff Technologist with the EFF threat lab. He has worked on projects such as Privacy Badger and Canary Watch. With his colleagues at threat lab he has helped discover state sponsored malware and nation state actors such as Dark Caracal and Operation Manul. He has also performed security trainings for activists, non profit workers and ordinary folks around the world. He also was a co-founder of the Hackbloc hacktivist collective and published several issues of the DIY hacker zine "Hack This Zine." In his spare time he enjoys playing music and playing with his kid and imagining a better future.

Description:
4G based IMSI catchers such as the Hailstorm are becoming more popular with governments and law enforcement around the world, as well as spies, and even criminals. Until now IMSI catcher detection has focused on 2G IMSI catchers such as the Stingray which are quickly falling out of favor. In this talk we will tell you how 4G IMSI Catchers might work to the best of our knowledge, and what they can and can't do. We demonstrate a brand new software project to detect fake 4G base stations, with open source software and relatively cheap hardware. And finally we will present a comprehensive plan to dramatically limit the capabilities of IMSI catchers (with the long term goal of making them useless once and for all).

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 16:00-16:30 PDT


Title: Detecting The Not-PowerShell Gang (Intermediate)
When: Friday, Aug 7, 16:00 - 16:30 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Mangatas Tondang
Professionally, Mangatas is a Threat Hunter for one of the major Canadian Telecommunication company. As a blue teamers, he is passionate on learning and breaking the hacking tools to pieces and try to develop detection against them. He also love following and building detection from the recent intelligence report on different APT groups. Coming from a school that taught him broad spectrum of Information Security, he also love exploring application security, reverse engineering, and script tools that can help him and his coworkers. He wouldn't be here without community support, that's why he love to give security training for other people and currently he is also a member of CTF challenge development team for his almamater. Outside the Security world, He is a guitarist and also "wannabe" astrophotographer.
Twitter: @tas_kmanager

Description:
Since the advancement of security features released in PowerShell version 5, Red Team folks are forced to not use PowerShell to have successful and undetectable engagements. Some of them even push the boundary and created their own Not-PowerShell tools and released it to the public. As a Blue Teamer, this means we need to reinforce our perimeter against these tools. This talk will uncovers some of the popular Not-PowerShell tools followed by how the blue teams can still spot these tools and build detection on it.

This talk will look into several not-powershell tools and craft several detection tactics based on their mechanism. We will utilize common logging tools, Sysmon and Windows Logs (Integrated to SIEM).

We will start with Introduction and will quickly go through the common mechanism used by the not-powershell tools

Tools we are going to look at are:
- InvisiShell
- NoPowerShell
- PowerShdll
- PowerLessShell
- And some other tools with similar mechanism

After getting familiar with the mechanisms, we will put our blue hat back and see what artifacts left by these tools and build reliable detection for each mechanisms leaving small room for false positives. At the end of the day, the blue team will be awarded with some queries (also known as rules or use cases) that they can use and deploy at their own SIEM solution.


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 14:00-14:30 PDT


Title: Digital Health Technologies in the NIH All of Us Research Program
When: Friday, Aug 7, 14:00 - 14:30 PDT
Where: BioHacking Vlg

SpeakerBio:Michelle Holko , PhD, PMP
Michelle Holko, PhD, PMP, is a White House Presidential Innovation Fellow working with NIH’s All of Us Research Program. Her technical expertise is in genomics and bioinformatics, and her work lies at the intersection of health and health security, technology, data/analytics, and biosecurity policy.

Description:
The National Institutes of Health’s (NIH) All of Us Research Program (AoURP) aims to enroll at least one million US participants from diverse backgrounds; collect electronic health record (EHR) data, survey data, physical measurements, biospecimens for genomics and other assays, and digital health data; and create a researcher database and tools to enable precision medicine research. Since inception, digital health technologies (DHT) have been envisioned as integral to achieving the goals of the program. A “bring your own device” (BYOD) pilot for collecting Fitbit data from participants’ devices was developed with more recent integration of Apple HealthKit data donation and additional DHTs planned in the future. This presentation will describe 1) the initial process to assess, curate, and include Fitbit BYOD data in the All of Us Researcher Workbench, 2) the diversity and assessment of under-represented in biomedical research (UBR) in Fitbit BYOD participants compared with overall AoU participant population, and 3) future DHT studies planned for AoURP.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 17:00-17:59 PDT


Title: Discovering ELK The First Time - Lessons Learned Over 2 Years (Beginner)
When: Friday, Aug 7, 17:00 - 17:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:TheDrPinky
Dr. Pinky has been a computer scientist for the US Air Force for the last six years. She specializes in threat hunting and digital forensics for both Linux and Windows operating systems. You can find DrPinky in the infosec area as the social media coordinator for BSides San Antonio, participating in the San Antonio Hackers Association (SAHA), and presenting at events such as SANS Blue Team Summit and Texas Cyber Summit.
Twitter: @TheDrPinky

Description:
ELK has become one of the favorite tools of blue teamers across the world. However, when you’re first getting used to ELK, you may be overwhelmed and not fully understanding what is happening. There is more to do with it than simply feed in logs and search it in a pretty web UI! This talk will focus on things I wish I knew about ELK back when I was first learning it to help provide some quick wins for those new to ELK, and maybe a few tidbits for those who already use it.

Elastic, Logstash, and Kibana (ELK) continue to keep becoming more popular with blue teamers - there’s plenty of documentation, you can custom develop anything you want with it due to the fact it’s open source, and it’s free! However, those first starting out with ELK can become quickly overwhelmed. When these people finally get the hang of ELK, they still may be missing some critical understanding that limits them - why can’t I filter by hostname? What do these pretty yellow triangles really mean? This is because most people will get used to just Kibana - not rest of the stack. In this talk I’ll cover lessons I wish I learned a lot sooner about ELK that would have helped me out - and hopefully they help you too!

Lesson 1: Elastic and Kibana are NOT the same. Going into the differences, why they get confused, and what the actual differences are.

Lesson 2: Logstash is more powerful than you give it credit for, but is incredibly overwhelming. Here’s some ways to get some quick bang for buck.

Lesson 3: How do you go about feeding in your own custom documents to ELK? This will quickly go into popular ways to feed logs into ELK, and if that doesn’t help, how to feed in other information to ELK through a more manual approach. Never know when a custom script output would be better put in elastic!

Lesson 4: Don’t forget about your Linux logs! With Linux we may be more used to relying on rsyslog to forward everything - but this most likely just captures your application logs. What about the equivalency of event logs on Linux? This will (very) briefly introduce auditd, how to forward it to ELK, and how to best parse through it.


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Friday - 16:00-16:59 PDT


Title: DNS Privacy
When: Friday, Aug 7, 16:00 - 16:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Matt Cheung
Matt developed his interest and skills in cryptography during graduate work in Mathematics and Computer Science. During this time he had an internship at HRL Laboratories LLC working on implementing elliptic curve support for a Secure (in the honest-but-curious model) Two-Party Computation protocol. From there he implemented the version secure in the malicious model. He currently works as an Application Security Consultant at Veracode, but continues to learn about cryptography in his spare time.

Description:
While there are many protocols such as https that encrypt network sessions to preserve the security and privacy of that communication, typically the first step is a DNS query. DNS, being a plaintext protocol, can compromise the privacy of a user. In this talk we will discuss what can be currently done and potential future protocols such as Oblivious DNS.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 15:30-15:59 PDT


Title: Don't Be Silly - It's Only a Lightbulb
When: Friday, Aug 7, 15:30 - 15:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Eyal Itkin , Vulnerability Researcher at Check Point Software Technologies
Eyal Itkin is a vulnerability researcher in the Malware and Vulnerability Research group at Check Point Software Technologies. Eyal has an extensive background in security research, that includes years of experience in embedded network devices and protocols, bug bounties from all popular interpreter languages, and an award by Microsoft for his CFG enhancement white paper. When not breaking RDP or FAX, he loves bouldering, swimming, and thinking about the next target for his research.
Twitter: @EyalItkin

Description:
A few years ago, a team of academic researchers showed how they can take over and control smart lightbulbs, and how this in turn allows them to create a chain reaction that can spread throughout a modern city. Their research brought up an interesting question: aside from triggering a blackout (and maybe a few epilepsy seizures), could these lightbulbs pose a serious risk to our network security? Could attackers somehow bridge the gap between the physical IoT network (the lightbulbs) and even more appealing targets, such as the computer network in our homes, offices or even our smart cities?

We’re here to tell you the answer is: Yes.

Join us as we take a deep dive into the world of ZigBee IoT devices. Continuing from where the previous research left off, we go right to the core: the smart hub that acts as a bridge between the IP network and the ZigBee network. And let me tell you this, this harsh embedded environment is surely not on our side. With a maximal message size of less than 128 bytes, complex state machines and various strict timing constraints, this challenge is going to be tough.

After a long journey, we finally made it. By masquerading as a legitimate ZigBee lightbulb, we were able to exploit vulnerabilities we found in the bridge, which enabled us to infiltrate the lucrative IP network using a remote over-the-air ZigBee exploit.


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Friday - 15:00-15:30 PDT


Title: Doors, Cameras, and Mantraps OH MY!
When: Friday, Aug 7, 15:00 - 15:30 PDT
Where: Lockpick Vlg

SpeakerBio:Dylan The Magician
No BIO available

Description:
Lockpicking, door bypassing, and physical security are among the more eye catching components of an on premises risk assessment. It always draws the most questions and gets the most staff popping over to see what's going on. I suppose it's because the physical space is personal, it isn't digital and hence it draws more focus. I do on premises risk assessment and I want to tell you a bit about how the process goes with my company and share my personal philosophies on how I do my engagements. What I hope to gain is a stronger focus on Physical Security, or PhysSec, in the Cybersecurity domain.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Friday - 13:00-13:59 PDT


Title: Dos, Donts and How-Tos of crypto building blocks using Java
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Mansi Sheth
Mansi Sheth is a Principal Security Researcher at Veracode Inc. In her career, she has been involved with breaking, defending and building secure applications. Mansi researches various languages and technologies, finds insecure usage in customer code and suggests automation measures in finding vulnerabilities for Veracode's Binary Static Analysis service. She is an avid traveller with the motto "If not now, then when?”

Description:
Do you feel unequipped to understand real world crypto attacks? Are you overwhelmed with the over-abundance of choices provided by any modern cryptography API, to make a secure decision while choosing a randomness provider, encryption scheme or digital signature APIs? Are you on top of all the latest happenings in cryptographic communities, to know which cryptographic primitives is deemed broken? Due to sheer lack of documentation of the chosen API, do you feel paralyzed on where and how to start designing or analyzing any cryptographic systems?

If any of these answers are "yes", come join me in this talk. I will be going over each cryptographic primitive like Random Number Generators, Encryption/Decryption algorithms, message authentication codes, digital signatures, password storage etc pointing out dos and donts based on evaluating bunch of leading cryptographic implementations. Java being one of the most widely used enterprise language, and simultaneously one of the most chaotic cryptography architecture, we chose it to get into some live coding exercises to showcase its secure usage, while also future-proofing your cryptographic applications.


Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Friday - 13:30-13:59 PDT


Title: Double Spending in BSV, is it Possible?
When: Friday, Aug 7, 13:30 - 13:59 PDT
Where: Blockchain Vlg

SpeakerBio:Poming Lee
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

PHVT - Friday - 13:00-13:59 PDT


Title: Dumpster Fires: 6 Things About IR I Learned by Being a Firefighter
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Packet Hacking Vlg - Talk

SpeakerBio:Dr. Catherine Ullman , Sr. Information Security Forensic Analyst
Dr. Catherine J. Ullman (Twitter: @investigatorchi) is a security researcher, speaker, and Senior Information Security Forensic Analyst at University at Buffalo with over 20 years of highly technical experience. In her current role, Cathy is a data forensics and incident response (DFIR) specialist, performing incident management, intrusion detection, investigative services, and personnel case resolution in a dynamic academic environment. She additionally builds security awareness amongst faculty and staff via a comprehensive department-wide program which educates and informs users about how to prevent and detect social engineering threats, and how to compute and digitally communicate safely. Cathy has presented at numerous prestigious information security conferences including DEF CON and Hacker Halted. In her (minimal) spare time, she enjoys visiting her adopted two-toed sloth Flash at the Buffalo zoo, researching death and the dead, and learning more about hacking things to make the world a more secure place.
Twitter: @investigatorchi

Description:
Threats surround us like a ring of burning fire. Unfortunately, incident response doesn't come naturally to an operational mindset where the focus tends to be on reactive problem solving. As a volunteer firefighter for over twenty years, investigatorchic has learned a lot about what is and isnt effective. There are surprising parallels between fighting real-life fires and the fire-fighting that passes for today's incident response. For example, striking a balance between swift response and patient reflection is often the difference between life and death, in a very literal sense for the firefighter and a figurative sense for the security professional. It's also all too easy to get tunnel vision and focus on the wrong areas, costing precious time. The security world is full of dumpster fires these days, so join this session to learn from a good firefighter what makes a good security person.


YouTube: http://youtube.com/wallofsheep

Twitch: http://twitch.tv/wallofsheep

Facebook: http://facebook.com/wallofsheep/

Periscope: https://t.co/gnl7JLlftA?amp=1


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 17:00-18:59 PDT


Title: EFF Tech Trivia Pub Quiz
When: Friday, Aug 7, 17:00 - 18:59 PDT
Where: See Description or Village

Description:
EFF's team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Plaque and EFF swag pack. The second and third place teams will also win great EFF gear.

Forum: https://forum.defcon.org/node/232941

Discord: https://discord.com/channels/708208267699945503/711644552573747350

Twitter: https://twitter.com/EFF

Web: https://eff.org


Return to Index    -    Add to    -    ics Calendar file

 

POV - Friday - 15:30-16:30 PDT


Title: Election Security
When: Friday, Aug 7, 15:30 - 16:30 PDT
Where: See Description or Village

Description:
This event requires registration. Please see the below URL for details.

Registration: https://www.eventbrite.com/e/def-con-community-roundtable-election-security-tickets-115977739541


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 16:45-17:45 PDT


Title: Enumerating Cloud File Storage Gems
When: Friday, Aug 7, 16:45 - 17:45 PDT
Where: Red Team Vlg

SpeakerBio:Michael Wylie , Director of Cybersecurity Services, Richey May Technology Solution
Michael Wylie (Twitter: @TheMikeWylie), MBA, CISSP is the Director of Cybersecurity Services at Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability assessments, cloud security, penetration tests, risk management, and training. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Universities, and for clients around the world. Michael is the winner of numerous SANS challenge coins and holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GMON, GPEN, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, and more.
Twitter: @TheMikeWylie

Description:
Organizational data is rapidly moving to the cloud, but it's not always intentional. The shift from on-premise data storage to the cloud constitutes a significant challenge and risk to the modern enterprise. The use of cloud file storage applications is on the rise for both consumer and business systems, which results in interesting data and metadata siting on endpoints. In this talk, we'll examine the large footprints of popular cloud file storage applications such as OneDrive and Box - learning what information can be enumerated from each cloud file storage solution. In some scenarios, data can be carved out from cache, restoring sensitive documents no longer on an endpoint.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 23:00-23:59 PDT


Title: ERPwnage - a red team approach to targeting SAP
When: Friday, Aug 7, 23:00 - 23:59 PDT
Where: Red Team Vlg

SpeakerBio:Austin Marck
No BIO available

Description:
The crown jewels are ripe for the taking. ERP systems like SAP are being targeted more than ever and red teams need the tools to demonstrate these threats. We'll demonstrate the TTPs needed to emulate real threats with lateral movement techniques in, out, and between SAP systems.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 14:00-14:59 PDT


Title: Experimental Aviation, Risks And Rewards
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Aerospace Vlg

SpeakerBio:Patrick Kiley , Principal Security Consultant, Rapid7
Patrick Kiley (GXPN, GPEN, GAWN, GCIH, CISSP, MCSE) has over 18 years of information security experience working with both private sector employers and the Department of Energy/National Nuclear Security Administration (NNSA). While he was with the NNSA he built the NNSA's SOC and spent several years working for emergency teams. Patrick has performed research in Avionics security and Internet connected transportation platforms. Patrick has experience in all aspects of penetration testing, security engineering, hardware hacking, IoT, Autonomous Vehicles and CAN bus.
Twitter: @gigstorm

Description:
This talk will cover a hacker’s perspective of building your own aircraft, what I consider to be the ultimate maker/hacker project. Over 10 years ago, I decided to see if I could build an aircraft from a set of plans. The model I chose was a 4 seat AeroCanard FG, a somewhat controversial derivative of the Cozy Mark IV. The Cozy itself was also a derivative, basically a widened version of the Burt Rutan designed Long EZ. This talk will cover why someone would choose to build their own aircraft. All of these topics will cover the risk as I see it as a professional who has been in the information risk field his entire professional career.

I will complete the talk with some discussion around becoming a test pilot, what you will become when you finally fly your creation.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 16:30-16:59 PDT


Title: Exploiting Key Space Vulnerabilities in the Physical World
When: Friday, Aug 7, 16:30 - 16:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Bill Graydon , Principal, Research, GGR Security
Bill Graydon is a principal researcher at GGR Security, where he hacks everything from locks and alarms to critical infrastructure; this has given him some very fine-tuned skills for breaking stuff. He’s passionate about advancing the security field through research, teaching numerous courses, giving talks, and running DEF CON’s Lock Bypass Village. He’s received various degrees in computer engineering, security, and forensics and comes from a broad background of work experience in cyber security, software development, anti-money laundering, and infectious disease detection.

Description:
Imagine being able to get together with a few of your co-workers, look at your office keys and derive a building master key. Or you may not have any working key at all: you could impression the lock, or use one of the many ways we’ll present in this talk to put together little bits of information from a lock to create a working key.

We apply information theory - the concept behind the “entropy” of a password - in an easy to understand way to show how every little bit of information about a system can be used to defeat it. The audience will be able to pull any key out of their pocket and understand how it works and how an attacker can create it covertly, and open whatever lock it is for, or even a lock it isn’t for, that shares the same system.

We’ll explain how to produce either a single final key, or a set small enough to economically brute force - and release a software tool to let anyone quickly try out all possibilities in an easy-to-visualize way.

Finally, we will discuss possible solutions to these problems and introduce vulnerabilities our research has uncovered in high-security systems like Medeco, Abloy, and Mul-T-Lock - including releasing a set of only 159 possible top level master key codes for certain large Medeco mastered systems.


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 17:00-17:59 PDT


Title: Exploiting Spacecraft
When: Friday, Aug 7, 17:00 - 17:59 PDT
Where: Aerospace Vlg

SpeakerBio:Brandon Bailey
Brandon Bailey is a cybersecurity senior project leader at The Aerospace Corporation. He has more than 14 years of experience supporting the intelligence and civil space arena. Bailey’s specialties include vulnerability assessments/ penetration testing for space systems and infusing secure coding principles within the software supply chain. Before joining Aerospace, Bailey worked for NASA, where he was responsible for building and maintaining a software testing and research laboratory to include a robust cybersecurity range as well as spearheading innovative cybersecurity assessments of ground infrastructure that support NASA’s mission operations. While at NASA, Bailey was honored with several group and individual awards, including NASA’s Exceptional Service Medal for his landmark cybersecurity work, NASA’s Early Career Achievement Award, and NASA Agency Honor Awards for Information Assurance/Cybersecurity. He has also contributed to teams who have received honorable mention in the 2012 and 2016 NASA’s Software of the Year competition. Bailey graduated summa cum laude with a bachelor’s degree in electrical engineering from West Virginia University and currently holds multiple certifications in the cybersecurity field. He recently co-authored Aerospace’s Center for Space Policy and Strategy’s Defending Spacecraft in the Cyber Domain paper which outlines security principles that can be applied on-board the spacecraft to improve its security posture.

Description:
This presentation will describe the high-level cyber threat landscape for space systems and focus on three examples: Command Replay Attack, Command Link Intrusion, and Denial of Service using GPS jamming. These three attacks were performed using high fidelity ground-to-space simulators to demonstrate the benefit of performing such research using simulation. These simulations leverage many of the same software components used in operations today for several operational missions. Recommendations are provided on how to protect against the attacks and references are provided so the audience can build their own simulations to begin their own research.

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.


Discord: https://discord.com/channels/708208267699945503/732394328105943180


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 12:15-12:59 PDT


Title: Exploring vulnerabilities in Smart Sex Toys, the exciting side of IoT research
When: Friday, Aug 7, 12:15 - 12:59 PDT
Where: IOT Vlg

SpeakerBio:Denise Giusto Bilic
Denise Giusto Bilic is an Information Systems Engineer graduated from the National Technological University of Argentina. Nowadays she specializes in mobile and IoT security.

Denise currently works as a Security Researcher at ESET, where part of her job is preparing technical and educational materials related to information security. She has participated as a speaker in many international security conferences. She is also a co-organizer of NotPinkCon Security Conference.


Description:
Smart sex toys are a huge topic – and we’re not talking about their size! The Internet of Things (IoT) has triggered many personal items to become connected and smart, watches, toothbrushes, glasses and even toilets, to name just a few. The adult toy market has not been left behind with new models of toys that include the opportunity to connect them to the Internet and allow them to be remotely controlled.

IoT devices and their vulnerabilities are frequently discussed in the media, and sex toys are not the exception. Many of them have holes in them. Keep focused, we mean holes and bugs in the software. This is despite the sensitivity of the extremely personal information they handle. We analyzed the security of the Android applications that control the most frequently purchased models of connected sexual pleasure devices, to determine the extent to which the confidentiality of user data could be vulnerable. Our research revealed interesting security flaws derived from both the implementation of the application and the design of the device, affecting the storage and processing of information.

If you’re one of the many users who have a smart sex toy connected to the internet, or plan to buy one, you cannot miss this talk, it may have you shaking in your seat. Our presentation may make you reconsider connecting it ever again or not purchasing one at all.


IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

PAYV - Friday - 11:00-11:59 PDT


Title: Fear and Loathing in Payment Bug Bounty
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Payment Vlg

SpeakerBio:Timur Yunusov
No BIO available

Description:
Bug bounty - is an easy-to-start-and-succeed Information Security area. Low entry barriers, money engagement, low risks of being sued. But none of these can be applied when it comes to payment vulnerabilities. It's hard to find banks which allow digging into their assets. We're here to try and change it! Start with payment security today, vulnerabilities are waiting.

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q


Return to Index    -    Add to    -    ics Calendar file

 

ETV - Friday - 10:00-10:59 PDT


Title: Federal Communications Commission
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Ethics Vlg

SpeakerBio:Comm. Geoffrey Starks
No BIO available

Description:
This will be a pre-recorded talk.


Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 18:30-18:59 PDT


Title: Fighting a Virus with a Spreadsheet (Beginner)
When: Friday, Aug 7, 18:30 - 18:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Allen Baranov
Allen is a seasoned information security professional with over 15 years of experience in diverse industry verticals such as banking and finance, manufacturing, retail and communications. He has extensive knowledge of IT Security Management, Compliance including ISO 27001 and PCI DSS, Network Security Architecture Review, Vulnerability assessment and Security Architecture.

As a senior information security consultant (GRC) at Sense of Security, Allen brings a keen interest in IT risk assessments and risk treatment, security architecture and design, PCI-DSS gap assessments, security strategy and roadmaps as well as the creation of frameworks, policies, standards and procedures.

Supported by his Bachelor of Commerce and multiple industry-recognised certifications such as PCI QSA, CISSP, and SABSA, Allen has extensive experience across many security compliance implementations and security operation requirements. His strengths include understanding the technical intricacies of security and the need for a balanced approach to meet business objectives and addressing risks appropriately.

Twitter: @abaranov

Description:
On 27 June 2017, a piece of malware raced across the globe and took out many organisations including some that were similar to the one I was employed at. But we were safe and, in fact, not worried at all.

All thanks to clever use of spreadsheets.

In this talk, given entirely within Excel (yes, really) I go through the methods used to protect the organisation from this malware. If a talk given entirely in Excel sounds boring - you haven't seen this talk.

I have (virtually) given this talk twice - at a local Australian conference called ComfyCon and at a charity event hosted by Second Order Chaos. In both cases - they were blown away by the creativity of the "slides" and the fun way that this is presented.

There is a serious aspect to this though. It goes through the different phases of getting an effective patch program established. It has a 'hacker' aspect to it in that it asks people to be excited and interested and curious about their security controls and the processes that lead to the outcomes that are achieved.

I've thrown some humour and some easter eggs into the presentation.


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 14:30-14:59 PDT


Title: Finding and Exploiting Bugs in Multiplayer Game Engines
When: Friday, Aug 7, 14:30 - 14:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Jack Baker
Jack Baker is a professional reverse engineer and amateur video game hacker. Jack is most known for having the same name as a Resident Evil villain.

Description:
Unreal Engine 4 and Unity3D dominate the multiplayer gaming landscape. They're also complicated pieces of software written in C and C++. In this talk, Jack will share the results of months of bug hunting in multiplayer game networking protocols. Be prepared for memory disclosures, speedhacks, and WONTFIX vulnerabilities.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 11:00-11:45 PDT


Title: Fireside Chat with Dr. Amy Abernethy and Adama Ibrahim
When: Friday, Aug 7, 11:00 - 11:45 PDT
Where: BioHacking Vlg
Speakers:Adama Ibrahim,Amy Abernethy

SpeakerBio:Adama Ibrahim
No BIO available

SpeakerBio:Amy Abernethy
Amy P. Abernethy, M.D., Ph.D. is an oncologist and internationally recognized clinical data expert and clinical researcher. As the Principal Deputy Commissioner of Food and Drugs, Dr. Abernethy helps oversee FDA’s day-to-day functioning and directs special and high-priority cross-cutting initiatives that impact the regulation of drugs, medical devices, tobacco and food. As acting Chief Information Officer, she oversees FDA’s data and technical vision, and its execution. She has held multiple executive roles at Flatiron Health and was professor of medicine at Duke University School of Medicine, where she ran the Center for Learning Health Care and the Duke Cancer Care Research Program. Dr. Abernethy received her M.D. at Duke University, where she did her internal medicine residency, served as chief resident, and completed her hematology/oncology fellowship. She received her Ph.D. from Flinders University, her B.A. from the University of Pennsylvania and is boarded in palliative medicine.

Description:
Discussions around:
- Intersection of big data and patient rights - Real World Data and how to best serve patients in the digital era - Cybersecurity risk for medical devices - How FDA is working with security researchers (e.g., the FDA-led Evidence Accelerator at the FDA)

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Friday - 17:00-17:59 PDT


Title: Fireside Chat: All about Section 230, the EARN IT Act, and What They Mean for Free Speech and Encryption
When: Friday, Aug 7, 17:00 - 17:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Cathy Gellis,Riana Pfefferkorn

SpeakerBio:Cathy Gellis
Frustrated that people were making the law without asking her for her opinion, Cathy Gellis gave up a career as a web developer to become a lawyer so that she could help them not make it badly, especially where it came to technology. A former aspiring journalist and longtime fan of free speech her legal work includes defending the rights of Internet users and advocating for policy that protects online speech and innovation. She also writes about the policy implications of technology regulation on sites such as the Daily Beast, Law.com, and Techdirt.com, where she is a regular contributor. 

SpeakerBio:Riana Pfefferkorn
Riana Pfefferkorn is the Associate Director of Surveillance and Cybersecurity at the Stanford Center for Internet and Society.”

Description:
It seems like everyone's talking about Section 230 these days, and keen to change it, even without really knowing what it says and does. Or how badly most of the proposals to change it, such as the EARN IT Act bill, threaten all sorts of things we value, including encryption, privacy, security, and free speech online. Come to this crash course in Section 230 basics, followed by a fireside chat about EARN IT between two seasoned lawyers, to learn the truth about this crucial law, why these proposals are so terrible, and how you can take action to protect the Internet.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

CRV - Friday - 10:00-10:59 PDT


Title: From Barista to Cyber Security Pro, Breaking the Entry Level Barrier
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Alyssa Miller
No BIO available

Description:
If you're a barista that has never worked in a tech job, how do you land a role in security? What if I told you there are skills you have that apply directly to roles in security. In this session we're going to get into some real talk about landing your first security gig. We will analyze the challenges that aspiring security professionals need to overcome in order to find their way into an entry level position. We'll look at the issues of job descriptions, certifications, degrees, and other job search related challenges. We'll analyze data from a recent primary research to better understand how education, certifications, mentoring, and other characteristics impact the job search. Finally we'll use that information to share tangible real strategies you can use to overcome those hiring obstacles.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 22:30-22:40 PDT


Title: From Printers to Silver Tickets or Something (Rebroadcast)
When: Friday, Aug 7, 22:30 - 22:40 PDT
Where: Password Vlg

SpeakerBio:EvilMog
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 16:00-16:59 PDT


Title: From Printers to Silver Tickets or Something
When: Friday, Aug 7, 16:00 - 16:59 PDT
Where: Password Vlg

SpeakerBio:EvilMog
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 12:00-12:50 PDT


Title: Fundamentals of Diagnostic Requests over CAN Bus
When: Friday, Aug 7, 12:00 - 12:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Robert Leale (CarFuCar)
Robert Leale (@carfucar) is an automotive hacker and a founding member of the Car Hacking Village. For more information please visit carhackingvillage.com/about
Twitter: @carfucar

Description:
Data can be requested using CAN Network, but what data can you ask for? How do you know how to send requests? What type of requests can you send? What can data do with the data that you get back? How do you handle errors? So many questions on how to get started. We will answer the fundamentals of shaping a request and handling the response.Diagnostics are a way of communicating directly with Electronic Control Units in vehicle. UDS is a standard diagnostic protocol. We will explore how to format a UDS request and handle its response.


#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs


Return to Index    -    Add to    -    ics Calendar file

 

CRV - Friday - 17:00-17:59 PDT


Title: Future Proofing Your Career
When: Friday, Aug 7, 17:00 - 17:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Jenai Marinkovic
No BIO available

Description:
We have entered the 4th industrial revolution, a time marked by the interconnection of hyper-instrumented physical, biological, and digital worlds. The accompanying pace of technological development will exert profound changes in the way people live and work, impacting all disciplines, economies, and industries. Preparing the cybersecurity workforce for the changes that will reframe their careers requires insight and a vision of our possible future.

Next-generation security professionals will both leverage and work alongside purpose-based digital assistants to help navigate the explosion of data created by intelligent ecosystems. These virtual assistants will replace current knowledge management platforms/intranets, dashboards, and manage any security process that can be automated. As machine learning and cognitive solutions evolve in sophistication, security teams must re-examine how they organize work, design jobs, and plan for future growth. Let's futurecast near term technological trends and identify the concrete steps all security professionals need in the Age of the Intelligent Ecosystem and the Augmented Workforce.


Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 22:40-23:30 PDT


Title: Getting Advanced with Hashcat (Rebroadcast)
When: Friday, Aug 7, 22:40 - 23:30 PDT
Where: Password Vlg

SpeakerBio:Password Village Staff
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 18:00-18:59 PDT


Title: Getting Advanced with Hashcat
When: Friday, Aug 7, 18:00 - 18:59 PDT
Where: Password Vlg

SpeakerBio:Password Village Staff
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 10:45-11:45 PDT


Title: Getting Started – Building an IoT Hardware Hacking Lab
When: Friday, Aug 7, 10:45 - 11:45 PDT
Where: IOT Vlg

Description:
This learning session will focus on the subject of building an IoT hardware hacking lab. During this learning session various tools and technologies will be shown and discussed that are needed for physical disassembly, soldering, debugging, and analyzing. Covering the basic entry level to the more advanced lab equipment needed and used. After each learning objective we will have Q&A sessions

IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 21:00-21:30 PDT


Title: Getting Started with Hashcat (Rebroadcast)
When: Friday, Aug 7, 21:00 - 21:30 PDT
Where: Password Vlg

SpeakerBio:Password Village Staff
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 10:00-10:59 PDT


Title: Getting Started with Hashcat
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Password Vlg

SpeakerBio:Password Village Staff
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Friday - 14:30-15:30 PDT


Title: Getting started with the Intervillage badge
When: Friday, Aug 7, 14:30 - 15:30 PDT
Where: Monero Vlg

SpeakerBio:Michael Schloh von Bennewitz
No BIO available

Description:
Codenamed Bob, this year's electronic badge enjoys collaboration from several villages and is called the Intervillage Badge. https://bob.monerodevices.com/ In this hour, we focus on ways to use the Intervillage Badge including: - Out of the box data storage with NFCTools - Onboarding procedure for your village use - Impersonating radio IDs in your environment - Backing up data from mobile applications - Playing the Rogues Village Game online - Navigating the Bob village network Continuing, we consider modification strategies to make the badge suit your personal village style, like adding a lanyard, printing a new enclosure, and disassembly strategies. We conclude by reviewing hardware hacks the badge may support as well as VNA assisted antenna tuning. For more information about this year's village badge (and many others), please visit the Monero Village office hours. View the schedule at Monerovillage.org and look for 'Badge Clinic'.

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

RGV - Friday - 12:00-13:59 PDT


Title: Google Maps Hacks
When: Friday, Aug 7, 12:00 - 13:59 PDT
Where: Rogues Vlg

SpeakerBio:Simon Weckert
No BIO available

Description:
You’ve seen his Google Maps Hacks on international news just earlier this year, now come see the methodology behind his projects. Simon uses technology in the digital space to cleverly impact the physical space, all the while creating some playful mischief. Excited to welcome Simon to our village this year.

From Simon:
99 second hand smartphones are transported in a handcart to generate virtual traffic jam in Google Maps. Through this activity, it is possible to turn a green street red which has an impact in the physical world by navigating cars on another route to avoid being stuck in traffic. The presentation will give an insight of the hack. #googlemapshacks


Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 12:30-12:59 PDT


Title: GPS Spoofing 101
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: Aerospace Vlg

SpeakerBio:Harshad Sathaye
Harshad is a Ph.D. candidate at Northeastern University and a soon-to-be student pilot. He is a cyber security enthusiast with research interests around wireless systems security, specifically navigation systems and development of secure cyber-physical systems

Description:
With the advent of autonomous cyber-physical systems such as self-driving cars and unmanned aerial vehicles, the use of Global Positioning System (GPS) for positioning and navigation has become ubiquitous. In recent years we have seen a lot of GPS "incidents" which involve either denial of services or spoofing to mislead the receiver. This workshop will include the basics of GPS spoofing with a hands-on exercise and a discussion of state-of-the-art spoofing mitigation techniques

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.


Discord: https://discord.com/channels/708208267699945503/732394328105943180


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 14:15-15:15 PDT


Title: Grey Hat SSH: SShenanigans
When: Friday, Aug 7, 14:15 - 15:15 PDT
Where: Red Team Vlg

SpeakerBio:Evan Anderson
Evan Anderson is the Director of Offense at Randori. He has over 15 years of experience in red teaming, vulnerability research and exploit development and is a founding member of the NCCDC Red Team. Prior to co-founding Randori, he worked at Kyrus Technologies supporting commercial and federal projects.

Description:
The Secure Shell (SSH) was designed to replace telnet/rsh with a secure channel over unsecured networks. SSH is a swiss army knife for red team engagements letting malicious actors accomplish a multitude of interesting tasks. Aside from providing access to run commands on remote systems SSH can be used to complete a myriad of other activities including hop network boundaries, maintain persistent access, download files, steal credentials, hide access and even configure what commands users run on login. This talk goes through details of how to configure and abuse ssh for a number of red team oriented goals from beginner too advanced.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: H@cker Runw@y
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
For the second year, H@ck3r Runw@y is bringing together fashionistas out there. Make it SMART, LIGHT it up, OBFUSCATE something, or be GEEKY on fleek. Enter clothing, shoes, jewelry, hats or accessories. If you wear it, the runway can handle it. Predesign entry or create something on the fly. Just do it before the stage and bring proof.

Awards will be handed out in 4 categories for predesign and one (1) for anything designed during contest hours. There will also be a People’s Choice category where the winner is anyone’s guess:

Digital (electronic, led, etc)
Smart wear (interactive, temperature sensing, mood changing, etc) Aesthetics (3d printed, geeky wear, passive design) Miscellaneous (obfuscation, lock picks, shims, card skimmers) Live creations
People’s Choice

Judgement based on, but not limited to:

Uniqueness
Trendy
Practical
Couture
Creativity
Relevance
Originality
Presentation
Mastery


Forum: https://forum.defcon.org/node/232893

Discord: https://discord.com/channels/708208267699945503/711644666239647824

Twitter: https://twitter.com/Hack3rRunway

Web: https://hack3rrunway.github.io


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 16:00-16:30 PDT


Title: Hack-A-Sat Friday Recap
When: Friday, Aug 7, 16:00 - 16:30 PDT
Where: Aerospace Vlg

Description:
Recap of Friday's Hack-A-Sat competition and a look ahead to Saturday.

This event will be coordinated on the DEF CON Discord server, in channel #av-hack-a-sat-text.


Discord: https://discord.com/channels/708208267699945503/732393766677119087


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 08:00-08:25 PDT


Title: Hack-A-Sat Launch Party
When: Friday, Aug 7, 08:00 - 08:25 PDT
Where: Aerospace Vlg

Description:
Overview of the Hack-A-Sat competition, teams and CTF challenges.

This event will be coordinated on the DEF CON Discord server, in channel #av-hack-a-sat-text.


Discord: https://discord.com/channels/708208267699945503/732393766677119087


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 08:30-15:59 PDT


Title: Hack-a-Sat
When: Friday, Aug 7, 08:30 - 15:59 PDT
Where: Aerospace Vlg

Description:
The democratization of space has opened up a new frontier for exploration and innovation. But with this opportunity, new cybersecurity vulnerabilities are also being created. One human can design, build and launch a satellite, adhering to very few standards and security protocols. So how can we achieve safe, reliable and trustworthy operations to truly realize the promise of space?

...BY HACKING A SATELLITE

The United States Air Force, in conjunction with the Defense Digital Service, presents this year’s Space Security Challenge, Hack-A-Sat. This challenge asks hackers from around the world to focus their skills and creativity on solving cybersecurity challenges on space systems.

Security experts from around the globe are invited to pull together a team for our Hack-A-Sat Capture the Flag contest. Participants who successfully complete a set of qualification challenges on cybersecurity and space this spring will be invited to the ultimate challenge: to (ethically) hack a satellite.


Forum: https://forum.defcon.org/node/231203

Twitter: https://twitter.com/hackasat

Web: https://www.HackASat.com

Discord: https://discord.com/channels/708208267699945503/732393766677119087


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 18:00-19:59 PDT


Title: Hacker Jeopardy
When: Friday, Aug 7, 18:00 - 19:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/232964

Discord: https://discord.com/channels/708208267699945503/732439600391389184

Twitch: https://www.twitch.tv/dfiutv


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 13:30-14:30 PDT


Title: HackerBox 0057 Build Session
When: Friday, Aug 7, 13:30 - 14:30 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Joseph Long (hwbxr)
Joseph Long (hwbxr) is the founder of HackerBoxes: the monthly subscription box for DIY electronics, computer technology, and hacker culture. He has extensive experience in technology R&D and is an attorney of technology law. A former member of the research faculty at Georgia Tech, Joseph is a licensed professional engineer, amateur radio volunteer examiner, past IEEE senior member and chair of multiple IEEE chapters. He has directed or contributed to numerous engineering projects in diverse technology areas including digital and embedded systems, medical devices, broadband communications, and information security. Joseph has provided engineering expertise to technology startups, Fortune 500 companies, NASA, various other government agencies, and research laboratories. He has also prepared and prosecuted hundreds of patent applications for technology leaders such as Google, Microsoft, IBM, AT&T, Cisco, and Boeing as well as technology startups and various university clients.

Description:
Build HackerBox 0057 to explore microcontroller programming, IoT WiFi exploits, Bluetooth control, IR hacks, lockpicking tools, audio/video signaling, and more. HackerBoxes are the monthly subscription box for DIY electronics and computer technology. Each monthly HackerBox is a surprise. But this month the cathode is out of the bag, so to speak. The theme is SAFE MODE.

There will be an indie badge kit featuring dual core ESP32, IPS full-color 240x135 display, AV out, IR in/out, micro joystick, USB-C interface, battery charger, Wi-Fi, Bluetooth, and it's Arduino programmable. Of course there will be swag galore. HackerBox 0057 will bring home a "village" of IoT, Wireless, Lockpicking, and of course Hardware Hacking that should not disappoint.

Monthly HackerBoxes usually ship around the last day of the month. However, SAFE MODE HackerBox 0057 will ship a few days early (for both existing a new members) and should be received in time for DEF CON 28 SAFE MODE. We recommend ordering by July 22, but earlier is always better in light of recent postal delays.


#hhv-badgebuddy-qa-text: https://discord.com/channels/708208267699945503/709254868329693214

Twitch: https://twitch.tv/dchhv


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Hackfortress
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Hackfortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers, TF2 players duke it out while hackers are busy solving puzzles. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store.

Forum: https://forum.defcon.org/node/232291

Discord: https://discord.com/channels/708208267699945503/711643831275225125

Twitter: https://twitter.com/tf2shmoo

Web: http://hackfortress.net


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 11:30-12:30 PDT


Title: Hacking Democracy II: On Securing an Election Under Times of Uncertainty and Upheaval
When: Friday, Aug 7, 11:30 - 12:30 PDT
Where: Voting Vlg
Speakers:Casey John Ellis,Kimber Dowsett,Tod Beardsley,Jack Cable,Amèlie Koran

SpeakerBio:Casey John Ellis , Founder and CTO, Bugcrowd
Casey Ellis is the Founder, Chairman and CTO of Bugcrowd and the co-founder of the The disclose.io Project. Casey has been making computers, companies, and markets misbehave for great justice since his youth, and pioneered the crowdsourced security-as-a-service industry in 2012.

SpeakerBio:Kimber Dowsett , Director of Security Engineering, Truss
No BIO available

SpeakerBio:Tod Beardsley , Director of Research, Rapid7
No BIO available

SpeakerBio:Jack Cable , Election Security Technical Advisor, U.S. CISA
No BIO available

SpeakerBio:Amèlie Koran , Senior Technology Advocate, Splunk
No BIO available

Description:
Democracy is the cornerstone of America’s Constitution, identity, and ideology, and this foundation was shaken during the 2016 Presidential Election. Four years later, we still have great lengths to go to ensure that the integrity of the 2020 Presidential Election, and any election moving forward, is protected.

In February, this panel convened to discuss the threats and challenges that are present and may arise between then and the November election. We discussed the intersection of people,technology, security, and elections, with a focus on themes including:

However, we did not know a pandemic and a constantly changing rhetoric by candidates and government leaders, along with several court cases, primaries and other events would add even more challenges for the 2020 election. We will discuss what is left in the 90 days left between now and the election, what can be feasibly helped by the public, governments, and others to ensure a secure and valid election, as well as what will need to be carried forward as lessons learned.



YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

CRV - Friday - 12:00-12:59 PDT


Title: Hacking Security Leadership
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Pete Keenan
No BIO available

Description:
So you are a great hacker who can pop shells all day and make the IT team weep. At some point, that will have diminishing returns for both you and the company you serve. Every one of us has delivered or received that dreaded vulnerability report with 100,000+ items on it and heard (or made) that desperate sigh of defeat. Too many times we perform amazing red team work and deliver reports full of detailed findings, only to come back a year later and see nothing has been fixed. Breaking things is the easy part; how do you drive change when you don’t have direct authority? Our goal is to make an enterprise or product more secure while not driving it out of business and alienating everyone along the way.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 15:30-15:59 PDT


Title: Hacking the Insulin Supply Chain To Save Lives
When: Friday, Aug 7, 15:30 - 15:59 PDT
Where: BioHacking Vlg

SpeakerBio:Anthony DiFranco
No BIO available

Description:No Description available

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

AIV - Friday - 14:00-14:50 PDT


Title: Hacking with Skynet - How AI is Empowering Adversaries
When: Friday, Aug 7, 14:00 - 14:50 PDT
Where: AI Vlg

SpeakerBio:GTKlondike
No BIO available
Twitter: @GTKlondike

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Friday - 11:00-13:59 PDT


Title: Ham Radio USA License Exams (Friday)
When: Friday, Aug 7, 11:00 - 13:59 PDT
Where: See Description or Village

Description:
The Ham Radio Village team is happy to announce that we will be offering virtual license exams this year during DEF CON Safe Mode. The team has negotiated a special discount rate of $5 for the exams. Additionally, the fee is waived for any applicants that are under the age of 18, a student with a current student ID, active military, or a veteran of the armed forces. Registration for exams is required.

Twitter: https://twitter.com/DC_Ham_Exams

Discord: https://discord.com/channels/708208267699945503/732733631667372103

Info/Reg: https://ham.study/sessions/5f0e7677295c50941c2cad5f/1


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 11:00-11:59 PDT


Title: Hardware hacking 101: There is plenty of room at the bottom
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Federico Lucifredi
Federico Lucifredi is the Product Management Director for Ceph Storage at Red Hat and a co-author of O'Reilly's "Peccary Book" on AWS System Administration. Previously, he was the Ubuntu Server product manager at Canonical, where he oversaw a broad portfolio and the rise of Ubuntu Server to the rank of most popular OS on Amazon AWS.

Description:
This is a live demonstration of hacking into the processor embedded in an SD card, effectively turning the device into a potentially covert Raspberry Pi-class computer under your complete control. The ARM926EJ-S ARM processor made its appearance as the embedded CPU in Transcend’s WiFi-enabled SD cards, clocking in at an impressive 426 BogoMips – we can’t possibly leave that territory unexplored, can we?

In this session we root the card’s own CPU, install a more featureful OS, and explore the system’s common and unusual capabilities (in hardware AES encryption and native support for Java bytecode among them). These provide plenty of building blocks for our projects.

Clearly, complete control of such a hidden computer running with full network connectivity can be used in network penetration scenarios. We’ll discuss applicable security threat countermeasures.

There is plenty of room at the bottom, and opening these computer-within-the computer configurations create interesting miniaturized automation scenarios alongside the obvious, more ominous security aspects.

Use your newfound knowledge for good, with great power comes great responsibility!


#hhv-hw101-talk-qa-text: https://discord.com/channels/708208267699945503/709255105479704636

Twitch: https://twitch.tv/dchhv


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 14:15-14:59 PDT


Title: Hella Booters: Why IoT Botnets Aren't Going Anywhere
When: Friday, Aug 7, 14:15 - 14:59 PDT
Where: IOT Vlg

SpeakerBio:Netspooky
netspooky is a reverse engineer in the ICS and IoT space.

Description:
This talk discusses the rise of IoT botnets, the culture that surrounds them, and the vulnerabilities that enable their continued existence. I will discuss various analyses of major botnet families, discuss exploits and vulnerability classes in IoT devices, and examine the rapid growth of these botnets for commercial use. I will also discuss newer innovations in IoT malware, and outline some of the ways that vendors could reduce their impact moving forward.

IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: HomebrewHardware Contest
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Have you learned how to build your own hacking hardware at home? Are you etching circuit-boards in your lab, or soldering in a toaster oven in your garage? Are you hosting a MUD on your helmet, or making malicious USB hardware? Did you make something to help you in your everyday life, a unique wearable, or something really nefarious? Are you discovering what old boards do, bending circuits, or re-appropriating the innards of your local e-waste?

We want to see the awesome things you've been building over the last year.

The HomebrewHardware competition is a place to showcase your skill, techniques, and project.

Check our website and twitter for this year’s rules.


Forum: https://forum.defcon.org/node/233025

Discord: https://discord.com/channels/708208267699945503/711644075110957096

Twitter: https://twitter.com/homebrewhardwa1

Web: https://homebrewhardwarecontest.github.io/


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 09:15-09:45 PDT


Title: How to get rights for hackers
When: Friday, Aug 7, 09:15 - 09:45 PDT
Where: IOT Vlg

SpeakerBio:Chloé Messdaghi
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.

Description:
Sixty percent of hackers don’t submit vulnerabilities due to the fear of out-of-date legislation, press coverage, and companies misdirected policies. This fear is based on socially constructed beliefs. This talk dives into the brain's response to fear while focusing on increasing public awareness in order to bring legislation that supports ethical hackers, ending black hoodie and ski mask imagery, and encourage organizations to support bilateral trust within their policies.

IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 11:45-12:45 PDT


Title: How to hack SWIFT, SPID, and SPEI with basic hacking techniques (from a Red Team Perspective)
When: Friday, Aug 7, 11:45 - 12:45 PDT
Where: Red Team Vlg

SpeakerBio:Guillermo Buendia
Guillermo Buendia is a Red Team Lead in one of the biggest insurance companies in the USA, he has worked for many Financial Institutions for the last 8 years.  He has presented his previous research in DEF CON, BSidesLV, BSides Manchester, Hackfest, etc.

Description:
Back in 2018, Financial entities in Mexico were hit by one of the biggest cybersecurity breaches in the history of Mexico, and in 2019 "The Bandidos Hacker Team", who allegedly committed the crime, were captured. But do you really need to be a 1337 H4x0r to compromise those systems? In this talk, I will be sharing (from a Red Team Perspective) How I was compromising the SWIFT, SPID, and SPEI systems in a Financial Institution until I gained root access to all the systems using basic hacking techniques like the pretty good old 1337 days. For the blue teamers, I will be sharing ways to detect these techniques that, although may appear simple, they pose a very challenging scenario to create a detection.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Friday - 14:00-14:59 PDT


Title: How to store sensitive information in 2020?
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Mansi Sheth
Mansi Sheth is a Principal Security Researcher at Veracode Inc. In her career, she has been involved with breaking, defending and building secure applications. Mansi researches various languages and technologies, finds insecure usage in customer code and suggests automation measures in finding vulnerabilities for Veracode's Binary Static Analysis service. She is an avid traveller with the motto "If not now, then when?”

Description:
It goes without saying never ever store personal/sensitive information in clear text. It is also a well-known fact salting, hashing or stretching your information can just provide little offline information cracking protection against contemporary computer architectures and modern brute force attack constructs. Those abreast with this subject would have come across countless advocatory material suggesting to use key derivation functions (KDFs) to store sensitive information.

There are handful of solid KDFs, which are good candidates to use for storing sensitive information such as pbkdf2, bcrypt, scrypt, Argon2. In this talk, lets dive deeper to study some of its underlying crypto, what and how to tune these algorithms with secure input parameter configurations and how to decide which algorithm would be the right choice for your needs? Lastly, I will present some statistics on how well do all these different algorithms compare against each other.


Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Friday - 13:00-13:30 PDT


Title: Hybrid PhySec tools - best of both worlds or just weird?
When: Friday, Aug 7, 13:00 - 13:30 PDT
Where: Lockpick Vlg

SpeakerBio:d1dymu5
No BIO available

Description:
A few years ago, I invented lock pick collar stays (#GentlemansLockPicks). Since then, I've had some other ideas of practical, small-form factored lockpicking and bypass tools that I can easily carry. I came up with a few ideas. I'll talk about inspiration, designing, manufacturing, and possible collab projects.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

AIV - Friday - 13:00-13:30 PDT


Title: Hyperlocal Drift detection with Goko: Finding abusers of your Dataset
When: Friday, Aug 7, 13:00 - 13:30 PDT
Where: AI Vlg

SpeakerBio:comathematician
No BIO available
Twitter: @comathematician

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Friday - 11:20-12:05 PDT


Title: IAM Concerned: OAuth Token Hijacking in Google Cloud (GCP)
When: Friday, Aug 7, 11:20 - 12:05 PDT
Where: Cloud Vlg

SpeakerBio:Jenko Hwong
Jenko Hwong is on the Threat Research Team at Netskope, focusing on cloud threats/vectors. He's spent time in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and windows security.
Twitter: @jenkohwong

Description:
Imagine you've protected your production Google Cloud environment from compromised credentials, using MFA and a hardware security key. However, you find that your GCP environment has been breached through hijacking of OAuth session tokens cached by gcloud access. Tokens were exfiltrated and used to invoke API calls from another host. The tokens were refreshed by the attacker and did not require MFA. Detecting the breach via Strackdriver was confusing, slowing incident response. And revoking the active OAuth sessions required finding OAuth tokens from logs and using a REST API call, causing further delays in remediation.

This talk will demonstrate a compromised credential attack in Google Cloud Platform by:

The POC takes advantage of several issues with GCP IAM design or configuration: OAuth tokens are cached and unencrypted, allowing easy access once the client endpoint has been exploited.

We will discuss various approaches and challenges to defending:

  1. Prevention
  2. Detection
  3. Remediation

Return to Index    -    Add to    -    ics Calendar file

 

ENT - Friday - 20:00-20:59 PDT


Title: Icetre Normal
When: Friday, Aug 7, 20:00 - 20:59 PDT
Where: See Description or Village

Description:
Icetre has been a premier jubilation hacker, and party host since DEF CON X. People are still talking about the various shenanigans he's orchestrated and videos he's played. Even with this long history, it's still amazing how many people have to still tell him to turn it down. For what?

Forum: https://forum.defcon.org/node/230970

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Location: https://www.twitch.tv/defcon_music

Facebook: https://www.facebook.com/icetre.normal/


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: ICS Hack the Plan[e]t
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Hack the Plan[e]t Capture the Flag (CTF) contest will feature Howdy Neighbor and the Industrial Control System (ICS) Range. This first of its kind CTF will integrate both Internet of Things (IoT) and ICS environments with interactive components for competitors to test their skills and knowledge.

Howdy Neighbor is an interactive IoT CTF challenge where competitors can test their hacking skills and learn about common oversights made in development, configuration, and setup of IoT devices. Howdy Neighbor is a miniature home - made to be “smart” from basement to garage. It’s a test-bed for reverse engineering and hacking distinct consumer-focused smart devices, and to understand how the (in)security of individual devices can implicate the safety of your home or office, and ultimately your family or business. Within Howdy Neighbor there are over 25 emulated or real devices and over 50 vulnerabilities that have been staged as challenges. Each of the challenges are of varying levels to test a competitors ability to find vulnerabilities in an IoT environment. Howdy Neighbor’s challenges are composed of a real or simulated devices controlled by an App or Network interface and additional hardware sensors; each Howdy Neighbor device contains 1 to 3 staged vulnerabilities which when solved present a key for scoring/reporting that it was discovered.

In the same vein, this CTF challenge will also leverage the ICS Village’s ICS Ranges including physical and virtual environments to provide an additional testbed for more advanced challenges in critical infrastructure and ICS environments. New this year, there will be integrated elements from DHS/CISA with their newly built mobile environments that are realistically miniaturized assets (ie - operational oil and natural gas pipeline, etc.) and will be the first they’ll be opened to the public for hacking.


Forum: https://forum.defcon.org/node/233029

Discord: https://discord.com/channels/708208267699945503/711643691877531698

Twitter: https://twitter.com/ICS_Village

Web: https://www.icsvillage.com


Return to Index    -    Add to    -    ics Calendar file

 

ICS - Friday - 10:15-10:45 PDT


Title: ICS Village CTF Kick-Off
When: Friday, Aug 7, 10:15 - 10:45 PDT
Where: ICS Vlg

SpeakerBio:Tom
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village


Return to Index    -    Add to    -    ics Calendar file

 

CRV - Friday - 15:00-15:59 PDT


Title: In theory, there is no difference between theory and practice
When: Friday, Aug 7, 15:00 - 15:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Pablo Breuer
No BIO available

Description:
There are three general paths to an INFOSEC career: the school of hard knocks, certificates, and college. Every few months a flame war erupts out arguing which is the "right" path. What are the pros and cons of each of these paths? Come have a balanced conversation about the three paths and learn which is the best one for you depending upon your unique needs

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 15:00-15:30 PDT


Title: Indicators of Emulation (Intermediate)
When: Friday, Aug 7, 15:00 - 15:30 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Ch33r10
@ch33r10 works for a Financial Services Fortune 500 Company. She is a graduate of the SANS 2017 Women’s Academy, has an MBA in IT Management, and currently holds the GSEC, GCIH, GCFE, GMON, GDAT, GPEN and GCTI certifications. She is a member of the Financial Services Information Sharing and Analysis Center (FS-ISAC), Yara Exchange, and FuzzySnugglyDuck. @ch33r10 is a doctoral student at Marymount University and has served on multiple CFP review boards.
Twitter: @ch33r10

Description:
Cyber threat intelligence, in the past, has primarily focused on extracting, preparing, and analyzing indicators of compromise for digital forensics and incident response, the security operations center, and other teams. This talk proposes that cyber threat intelligence analysts extract indicators of emulation and include them in their threat reports for red team operations, adversary emulation, and purple team exercises. Learn how to extract Indicators of Emulation in Windows-based malware for high-value adversary emulation and purple team exercises based upon org specific data.

Cyber threat intelligence plays a pivotal role in collecting and analyzing data to produce intelligence for an organization. Most of the cyber threat intelligence reports include indicators of compromise that various teams, such as incident response, hunt, and security operations, consume; however, there is limited intelligence in most threat reports geared towards adversary emulation. There is a lack of research or information regarding indicators related to emulating an attacker’s malware, mainly Windows-based malware. As cyber threat intel teams mature through using their internal attack data to produce intelligence, it becomes necessary to determine how to build out existing capabilities and provide additional value to other teams in the organization. Cyber threat intelligence analysts can contribute to adversary emulation exercises through extracting indicators of emulation to include in their threat intelligence reports for a realistic emulation of the adversary. Here’s what I plan on showing the audience how to do step-by-step and with a pre-recorded demo: -Audit Log setup for Win10 VM
-Disable Window Defender SmartScreen before downloading samples -Create custom “test” malware to ensure command-line Audit logging is set up properly (blue teamers popping calc with a custom compiled program made in C++). -walk through how I picked samples from URLhaus so they can practice at home or use their own org’s samples -walk through of what I looked for in the command-line -Discussion of where I am at in the research -Ideas/suggestions on how to package the Indicators of Emulation for Adversary Emulation, Red Teams, and Purple Exercises. ***I will document everything very well and include it in my presentation as a resource. I only need 15 minutes.


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Friday - 10:00-10:30 PDT


Title: Intro to Lockpicking
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Friday - 12:00-12:30 PDT


Title: Intro to Lockpicking
When: Friday, Aug 7, 12:00 - 12:30 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Friday - 14:15-14:45 PDT


Title: Intro to Lockpicking
When: Friday, Aug 7, 14:15 - 14:45 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Friday - 16:15-16:45 PDT


Title: Intro to Lockpicking
When: Friday, Aug 7, 16:15 - 16:45 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

PHVW - Friday - 13:00-14:59 PDT


Title: Intrusion Analysis and Threat Hunting with Open Source Tools
When: Friday, Aug 7, 13:00 - 14:59 PDT
Where: Packet Hacking Vlg - Workshop
Speakers:Jack Mott,Jason Williams,Josh Stroschein

SpeakerBio:Jack Mott , Security Researcher
Jack Mott is a security researcher who focuses on open source solutions to detect, track and hunt malware and malicious activity. He has been a signature writer for the Emerging Threats team for several years, producing community/premium Suricata signatures to help protect networks worldwide. Jack is a strong believer in the open source mission as well as helping people and organizations solve security issues with open source solutions. He resides in the USA.

SpeakerBio:Jason Williams , Security Researcher
Jason Williams is a security researcher with global enterprise experience in detecting, hunting and remediating threats with open source technologies. Primarily focusing on network communications, Jason has written thousands of commercial and community Suricata rules for Emerging Threats to help defenders protect their networks. Jason participates as a Signature Development and User Training instructor for the OISF.

SpeakerBio:Josh Stroschein , Director of Training, Open Information Security Foundation (OISF) / Suricata
Josh Stroschein is an experienced malware analyst and reverse engineer who has a passion for sharing his knowledge with others. He is the Director of Training for OISF, where he leads all training activities for the foundation and is also responsible for academic outreach and developing research initiatives. Josh is an accomplished trainer, providing training in the aforementioned subject areas at BlackHat, DerbyCon, Toorcon, Hack-In-The-Box, Suricon and other public and private venues. Josh is an Assistant Professor of Cyber Security at Dakota State University where he teaches malware analysis and reverse engineering, an author on Pluralsight, and a threat researcher for Bromium.

Description:
In today's threat landscape, sophisticated adversaries have routinely demonstrated the ability to compromise enterprise networks and remain hidden for extended periods of time. In Intrusion Analysis and Threat Hunting with Open Source Tools, you will learn how to dig deep into network traffic to identify key evidence that a compromise has occurred, learn how to deal with new forms of attack, and develop the skills necessary to proactively search for evidence of new breaches. We will explore key phases of adversary tactics and techniques - from delivery mechanisms to post-infection traffic to get hands-on analysis experience. Open-source tools such as Suricata and Moloch will be utilized to generate data, perform exhaustive traffic analysis, and develop comprehensive threat hunting strategies. By the end of this workshop, you will have the knowledge and skills necessary to discover new threats in your network.

This workshop requires registration. If you are registered, please proceed to #phv-infobooth-text and you'll be given access to join.

#phv-infobooth-text: https://discord.com/channels/708208267699945503/708242376883306526


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 10:00-10:30 PDT


Title: IoT Hacking Stories in Real Life
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: IOT Vlg

SpeakerBio:Besim Altinok
Besim Altinok (@AltnokBesim) has been researching Wi-Fi security for over a decade. He created WiPi-Hunter project against Wi-Fi hackers. He is the author of a book on Wi-Fi security. Besim's work on wireless security has been published in ArkaKapi Magazine and others. He has also spoken at top conferences including BlackHat Europe, Blackhat ASIA, Defcon, and others. Besim ALTINOK works currently at a Private Company which is located in Ankara, Turkey
Twitter: @AltnokBesim

Description:
Throughout this year, we had the chance to analyze two different models of electric scooters, three different models of smart locks, various kind of smart home devices and lastly one robot assistant which is in use at airports. During the analysis process, we have found some critical security vulnerabilities including privilege escalation, insecure communication and taking over the servers which these communications are being performed on. Additionally, we have identified two hard-coded secret keys and lastly one cryptographic key in the result of our analysis. In this presentation, we will be sharing the details of the vulnerabilities that we have identified during our analysis.

IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 13:15-13:59 PDT


Title: IoT Under the Microscope: Vulnerability Trends in the Supply Chain
When: Friday, Aug 7, 13:15 - 13:59 PDT
Where: IOT Vlg

SpeakerBio:Parker Wiksell
Parker Wiksell (@pwiksell) is a security researcher and engineer at Finite State, an IoT security research company, and is the author of the AFL-Unicorn fuzzer and the Patchwerk kernel patching framework. Parker has over 25 years industry experience, with the last 9 being focused primarily on software and hardware security research, presenting at several major conferences. When not geeking out on computers, Parker has been known to write the occasional musical composition professionally.
Twitter: @pwiksell

Description:
IoT device manufacturers have no idea what's running on their devices -- they really don't.

In 2002 then-US Secretary of Defense, Donald Rumsfield, brought public attention to a notion that information can be divided into three categories: known knowns, known unknowns, and unknown unknowns. As hackers, how can we apply this formulation to IoT vulnerabilities?

The known knowns: Vulnerabilities that have been explicitly discovered through scanning and testing. The known unknowns: Newly created software that has yet to undergo any application security testing. The unknown unknowns: Systems that the defender does not know about.

There is, in fact, a fourth dimension: unknown knowns, which comprise “that which we intentionally refuse to acknowledge that we know” or “do not like to know.” The unknown knowns: Vulnerabilities that are known to exist, but that have not been associated with all the systems they actually affect.

In this talk, we report on IoT device vulnerability findings at massive scale, as a result of our firmware collection and analysis. For this research we have selected approximately 50k firmware images, representing over 7M files, 10k products, and 150 vendors, spanning many different architectures and operating systems. We will highlight some of the trends we've uncovered in supply chain vulnerabilities, and reveal specific examples of device backdoors, botnets, and vulnerabilities discovered in medical, home, and commercial device firmware.


IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

DL - Friday - 14:00-15:50 PDT


Title: jeopardize
When: Friday, Aug 7, 14:00 - 15:50 PDT
Where: See Description or Village

SpeakerBio:Utku Sen
Utku Sen is a security researcher who is mostly focused on application security, network security and tool development. He presented his different tools and researches in Black Hat USA Arsenal, DEF CON Demo Labs, Packet Hacking Village and Recon Village in the recent years. He's also nominated for Pwnie Awards on "Best Backdoor" category in 2016. He is currently working for HackerOne.

Description:
Jeopardize tool is developed to provide basic threat intelligence&response capabilities against phishing domains at the minimum cost as possible. It detects registered phishing domain candidates (typosquatting, homograph etc.), analyzes them and assigns a risk score to them. After then, it sends valid-looking credentials to the login forms on those phishing sites. Main goals are to confuse the attackers and to buy organizations some time to take precautions.

Audience: Defense


Discord: #dl-sen-jeopardize-text: https://discord.com/channels/708208267699945503/730256291032989728

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Github: https://github.com/utkusen/jeopardize

Forum: https://forum.defcon.org/node/233129


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Friday - 16:00-17:59 PDT


Title: JWT Parkour
When: Friday, Aug 7, 16:00 - 17:59 PDT
Where: AppSec Vlg

SpeakerBio:Louis Nyffenegger
No BIO available
Twitter: @snyff

Description:
Nowadays, JSON Web Tokens are everywhere. They are used as session tokens or just to pass data between applications or µservices. By design, JWT contains a high number of security and cryptography pitfalls. In this workshop, we are going to learn how to exploit some of those issues!

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Friday - 11:00-11:50 PDT


Title: Key Duplication - It's not just for the movies!
When: Friday, Aug 7, 11:00 - 11:50 PDT
Where: Lockpick Vlg

SpeakerBio:Tony Virelli
No BIO available

Description:
Have you ever seen someone just walking around with a key hanging on their belt? How about a wall of keys behind a security desk? Better yet, has anyone you know every posted a picture of the keys to the new home they just bought? Well, what if you could take a picture and easily duplicate that key with a 3D Printer? Sound like something from a James Bond film? Well it's not! Better yet, if you can just get a moment alone with a key, you can get an imprint of it in less than 2 minutes, return the key to the owner and then cast a duplicate of that key for later use.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

CRV - Friday - 13:00-13:59 PDT


Title: Key Ingredients for the Job Interviews (Virtual or Face-2-Face)
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Roy Wattanasin
No BIO available

Description:
This presentation focuses on the major key areas to become more successful in your interviews. This includes (6) items: preparation, looking great, resume-review, confidence, note-taking and asking back. This talk will include both considerations when having a virtual or face to face interview(s).

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Friday - 10:10-10:59 PDT


Title: Key Note - State of Blockchain Security
When: Friday, Aug 7, 10:10 - 10:59 PDT
Where: Blockchain Vlg

SpeakerBio:Peter Kacherginsky
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 10:30-10:59 PDT


Title: Keynote Remarks: Representative Jackie Speier
When: Friday, Aug 7, 10:30 - 10:59 PDT
Where: Voting Vlg

SpeakerBio:Jackie Speier
Representative Jackie Speier, 14th District, California

Description:No Description available


YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 14:00-14:30 PDT


Title: Keynote Remarks: Senator Ron Wyden
When: Friday, Aug 7, 14:00 - 14:30 PDT
Where: Voting Vlg

SpeakerBio:Ron Wyden , Senator, Oregon
No BIO available

Description:No Description available


YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Friday - 10:00-11:30 PDT


Title: Keynote: Monero: Sound Money Safe Mode
When: Friday, Aug 7, 10:00 - 11:30 PDT
Where: Monero Vlg

SpeakerBio:Dr. Daniel Kim
No BIO available

Description:
"Monero Means Money" -- with updated data, new data on government budget deficits, and increased emphasis on Monero's importance in the current medical & economic crisis

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

ICS - Friday - 09:00-09:59 PDT


Title: Keynote
When: Friday, Aug 7, 09:00 - 09:59 PDT
Where: ICS Vlg

SpeakerBio:Chris Krebs
Christopher Krebs - serves as the first director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). Mr. Krebs was originally sworn in on June 15, 2018 as the Under Secretary for the predecessor of CISA, the National Protection and Programs Directorate (NPPD). Mr. Krebs was nominated for that position by President Trump in February 2018.

Before serving as CISA Director, Mr. Krebs was appointed in August 2017 as the Assistant Secretary for Infrastructure Protection. In the absence of a permanent NPPD Under Secretary at the time, Mr. Krebs took on the role of serving as the Senior Official Performing the Duties of the Under Secretary for NPPD until he was subsequently nominated as the Under Secretary and confirmed by the Senate the following year.

Mr. Krebs joined DHS in March 2017, first serving as Senior Counselor to the Secretary, where he advised DHS leadership on a range of cybersecurity, critical infrastructure, and national resilience issues. Prior to coming to DHS, he was a member of Microsoft’s U.S. Government Affairs team as the Director for Cybersecurity Policy, where he led Microsoft’s U.S. policy work on cybersecurity and technology issues.

Before Microsoft, Mr. Krebs advised industry and Federal, State, and local government customers on a range of cybersecurity and risk management issues. This is his second tour working at DHS, previously serving as the Senior Advisor to the Assistant Secretary for Infrastructure Protection and playing a formative role in a number of national and international risk management programs.

As Director, Mr. Krebs oversees CISA’s efforts to defend civilian networks, manage systemic risk to National critical functions, and work with stakeholders to raise the security baseline of the Nation’s cyber and physical infrastructure.

Mr. Krebs holds a bachelor’s degree in environmental sciences from the University of Virginia and a J.D. from the Antonin Scalia Law School at George Mason University.


Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 08:00-08:59 PDT


Title: Knock knock, who's there? Identifying assets in the cloud
When: Friday, Aug 7, 08:00 - 08:59 PDT
Where: Red Team Vlg
Speakers:Tanner Barnes (aka @_StaticFlow_),NahamSec

SpeakerBio:Tanner Barnes (aka @_StaticFlow_)
Tanner Barnes (aka @StaticFlow) Software engineer and hacker who develops tools for the Cyber Security world. You can find the tools I build on stream here at https://github.com/Static-Flow
Twitter: @_StaticFlow_

SpeakerBio:NahamSec
NahamSec currently works as the Head of Hacked Education at HackerOne by day, and a hacker by night. He has helped identify and exploit over 600 security vulnerabilities across 100+ of web and mobile applications for companies such as Yahoo, Google, Airbnb, Snapchat, The US Department of Defense, Yelp, and more. He also cofounded Bug Bounty Forum, a community of 500+ active hackers sharing ideas and their experiences. He also streams live hacking on Twitch, and create educational content about hacking on YouTube. 

Description:
Identifying and enumerating assets has become incredibly easy thanks to all the tools that have been released in the past few years, but being the first to a new target can be the difference between a P1 and a Duplicate! This talk will cover how we were able to monitor, fingerprint, and catalog cloud assets at a rate of over 200 thousand hosts a second in an attempt to find bounty targets and the bugs within them before anyone else.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Friday - 11:00-11:59 PDT


Title: LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Akira Takahashi,F. Novaes,M. Tibouchi,Y. Yarom,Diego F. Aranha

SpeakerBio:Akira Takahashi
Akira Takahashi is currently a PhD student at Cryptography and Security Group, Aarhus University, Denmark. He was an intern in the Cryptography Research Laboratory at NTT Corporation, Japan and has also worked as a software developer at Richie Oy, Finland. His research interests cover implementation attack on public key cryptographic algorithms and construction of efficient secure two-/multi-party computation protocols. He has given talks about his research projects in different top-tier conferences, including Eurocrypt [3], Euro S&P, and CHES [4].

SpeakerBio:F. Novaes
No BIO available

SpeakerBio:M. Tibouchi
No BIO available

SpeakerBio:Y. Yarom
No BIO available

SpeakerBio:Diego F. Aranha
Diego F. Aranha is an Associate Professor of Computer Science at Aarhus University, Denmark. His professional experience is in Cryptography and Computer Security, with a special interest in the efficient implementation of cryptographic algorithms and security analysis of real-world systems. He received the Google Latin America Research Award for research on privacy twice, and the MIT TechReview's Innovators Under 35 Brazil Award for his work in electronic voting. He has given talks about his research in more than 100 occasions in 10 different countries, including BlackHat Asia [1] and DEF CON Voting Village [2].

Description:
Although it is one of the most popular signature schemes today, ECDSA presents a number of implementation pitfalls, in particular due to the very sensitive nature of the random value (known as the nonce) generated as part of the signing algorithm. It is known that any small amount of nonce exposure or nonce bias can in principle lead to a full key recovery: the key recovery is then a particular instance of Boneh and Venkatesan's hidden number problem (HNP). That observation has been practically exploited in many attacks in the literature, taking advantage of implementation defects or side-channel vulnerabilities in various concrete ECDSA implementations. However, most of the attacks so far have relied on at least 2 bits of nonce bias (except for the special case of curves at the 80-bit security level, for which attacks against 1-bit biases are known, albeit with a very high number of required signatures).

In this paper, we uncover LadderLeak, a novel class of side-channel vulnerabilities in implementations of the Montgomery ladder used in ECDSA scalar multiplication. The vulnerability is in particular present in several recent versions of OpenSSL. However, it leaks less than 1 bit of information about the nonce, in the sense that it reveals the most significant bit of the nonce, but with probability <1. Exploiting such a mild leakage would be intractable using techniques present in the literature so far. However, we present a number of theoretical improvements of the Fourier analysis approach to solving the HNP (an approach originally due to Bleichenbacher), and this lets us practically break LadderLeak-vulnerable ECDSA implementations instantiated over the sect163r1 and NIST P-192 elliptic curves. In so doing, we achieve several significant computational records in practical attacks against the HNP.


Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 10:00-10:30 PDT


Title: Learn to Solder the BadgeBuddy Kit
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Joseph Long (hwbxr)
Joseph Long (hwbxr) is the founder of HackerBoxes: the monthly subscription box for DIY electronics, computer technology, and hacker culture. He has extensive experience in technology R&D and is an attorney of technology law. A former member of the research faculty at Georgia Tech, Joseph is a licensed professional engineer, amateur radio volunteer examiner, past IEEE senior member and chair of multiple IEEE chapters. He has directed or contributed to numerous engineering projects in diverse technology areas including digital and embedded systems, medical devices, broadband communications, and information security. Joseph has provided engineering expertise to technology startups, Fortune 500 companies, NASA, various other government agencies, and research laboratories. He has also prepared and prosecuted hundreds of patent applications for technology leaders such as Google, Microsoft, IBM, AT&T, Cisco, and Boeing as well as technology startups and various university clients.

Description:
Learn to Solder with HackerBoxes. Assemble your very own BadgeBuddy. HackerBoxes has updated a special edition BadgeBuddy soldering kit for DEF CON 28 SAFE MODE.

The BadgeBuddy is a simple and fun kit to introduce basic soldering skills. Once assembled, the blinky mini-badge PCB can be hung from a conference lanyard, backpack, purse, belt, etc using the included bead-chain. The BadgeBuddy uses self-cycling rainbow LEDs for a reduced bill of materials requiring no external control circuitry. The result is a very nice colorful effect that is still simple enough for a first time soldering project.

As in past years, the BadgeBuddy is free (as in beer) and in light of DEF CON 28 SAFE MODE, HackerBoxes will send it directly to you, anywhere in the United States, for only $1 S&H. If you do not already have soldering tools on hand, HackerBoxes is also making a set of basic soldering tools available at cost. Both can be found at HackerBoxes.com and can be ordered now to ship starting on July 20. Orders as late as July 25 should still be received in time for DEF CON 28 SAFE MODE, but earlier is always better in light of recent postal delays.


#hhv-badgebuddy-qa-text: https://discord.com/channels/708208267699945503/709254868329693214

Twitch: https://twitch.tv/dchhv


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 20:00-20:59 PDT


Title: Live Q&A with Special Guests Regarding "Kill Chain"
When: Friday, Aug 7, 20:00 - 20:59 PDT
Where: Voting Vlg

Description:
Exciting News for DEF CON Safe Mode! Voting Village and HBO have arranged for a limited time FREE access to the Kill Chain Documentary on YouTube!

In conjunction, the Voting Village will host a LIVE Q + A with SPECIAL GUESTS at 20:00 on FRIDAY August 7.

View the Q and A on the Voting Village Twitch and YouTube streams; there is ongoing discussion on Discord in #vmhv-talks-text, and you can submit questions at #vmhv-talks-questions-text.


Movie: https://www.youtube.com/watch?v=nQuwTdrVrg4

Village YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Village Twitch: https://www.twitch.tv/votingvillagedc/about

Store: https://www.bonfire.com/store/eif/

#vmhv-talks-text: https://discord.com/channels/708208267699945503/737818386796511312

#vmhv-talks-questions-text: https://discord.com/channels/708208267699945503/737818504627093575



YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

SEV - Friday - 13:00-13:59 PDT


Title: Live SE Q&A
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Social Engineer Village

Description:

#sev-qa-voice: https://discord.com/channels/708208267699945503/736686395631992852

Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: lo57 Mystery Challenge
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231985

Discord: https://discord.com/channels/708208267699945503/732439421973954571


Return to Index    -    Add to    -    ics Calendar file

 

PAYV - Friday - 10:00-10:59 PDT


Title: Making sense of EMV card data – decoding the TLV format
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Payment Vlg

SpeakerBio:Dr Steven J. Murdoch
No BIO available

Description:
EMV (sometimes known as Chip and PIN) is the worldwide standard for smart card payments. It was designed to allow credit and debit cards issued by any bank work to make a payment through any terminal, even across international borders and despite chip cards being extremely limited in the computation they can perform. In this talk I’ll discuss how EMV achieves this difficult task, through the use of the TLV (Tag-Length-Value) data format. I will demonstrate how to decode TLV data found on real EMV chip cards, and what significance this data has in the wider payment ecosystem. Finally I’ll discuss how the use of TLV, despite its advantages, has contributed to the creation of security vulnerabilities in Chip and PIN.

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 21:30-21:59 PDT


Title: Making Targeted Wordlists (Rebroadcast)
When: Friday, Aug 7, 21:30 - 21:59 PDT
Where: Password Vlg

SpeakerBio:Password Village Staff
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 13:00-13:30 PDT


Title: Making Targeted Wordlists
When: Friday, Aug 7, 13:00 - 13:30 PDT
Where: Password Vlg

SpeakerBio:Password Village Staff
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

PHVT - Friday - 10:00-10:59 PDT


Title: Media Analysis of Disinformation Campaigns
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Packet Hacking Vlg - Talk
Speakers:Chet Hosmer,Mike Raggo

SpeakerBio:Chet Hosmer , Owner, Python Forensics
Chet Hosmer (Twitter: @chethosmer) is an international author, educator & researcher, and founder of Python Forensics, Inc., a non-profit research institute focused on the collaborative development of open source investigative technologies using the Python programming language. Chet is also a Visiting Professor at Utica College in the Cybersecurity Graduate Program, where his research and teaching is focused on data hiding, active cyber defense and security of industrial control systems. Additionally, Chet is an Adjunct Professor at Champlain College in the Digital Forensics Graduate Program, where his research and teaching is focused on solving hard digital investigation problems using the Python programming language.
Twitter: @chethosmer

SpeakerBio:Mike Raggo , Co-Founder, SilentSignals.com
Mike Raggo (Twitter: @MikeRaggo) has over 20 years of security research experience. Over the years he has uncovered numerous vulnerabilities in commercial networking, mobile, and security products. His current research focuses on multimedia disinformation campaigns. His research has been highlighted on television's CNN Tech, and numerous media publications including TIME, Forbes, Bloomberg, Dark Reading, TechCrunch, TechTarget, The Register, and countless others. Michael is the author of "Mobile Data Loss: Threats & Countermeasures" and "Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols" for Syngress Books, and is a contributing author for "Information Security the Complete Reference 2nd Edition". His Data Hiding book is also included at the NSA's National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI, Pentagon, and Queensland Police; and is a former participating member of FSISAC/BITS and the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon Norway, and SANS. He was also awarded the Pentagon's Certificate of Appreciation.
Twitter: @MikeRaggo

Description:
In this session we'll focus on the media aspects of disinformation campaigns with deep analysis of altered images, audio, and video to uncover methods used to twist narratives and mislead perceptions surrounding topical news stories. We'll dive into the taxonomy of fake photos, deepfakes, phishing audio fraud attacks, keyword squatting malware, fake rallies, narrative laundering, nation state fake intelligence. and media generated to inspire mass hysteria. We'll then further categorize these threats by their TTPs and provide methods for enhancing detection and response strategies. Real world examples will be demonstrated to provide deep and tangible insights into this systemic problem.


YouTube: http://youtube.com/wallofsheep

Twitch: http://twitch.tv/wallofsheep

Facebook: http://facebook.com/wallofsheep/

Periscope: https://t.co/gnl7JLlftA?amp=1


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 14:30-15:30 PDT


Title: Medical Device Vulnerability Disclosure
When: Friday, Aug 7, 14:30 - 15:30 PDT
Where: BioHacking Vlg
Speakers:Chloé Messdaghi,Eirick Lurass,Casey John Ellis

SpeakerBio:Chloé Messdaghi
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.

SpeakerBio:Eirick Lurass
Eirick Lurass is a Chaotic Good Dual-class warrior mage. After trying many jobs, he eventually found out he could do magical things with computers. He works in MedSec and he spends most of his time failing and hearing no. His cats and dog still love him.

SpeakerBio:Casey John Ellis , Founder and CTO, Bugcrowd
Casey Ellis is the Founder, Chairman and CTO of Bugcrowd and the co-founder of the The disclose.io Project. Casey has been making computers, companies, and markets misbehave for great justice since his youth, and pioneered the crowdsourced security-as-a-service industry in 2012.

Description:
Humans write code, humans make mistakes, and hackers are here to help. While this has been true since the beginning of the Internet, 2020 still see's laws like the DMCA and CFAA create a chilling effect on establishing a healthy "Internet immune system" between builders and breakers. In safety critical technology domains like Medical and Medical Devices, this has become especially obvious, and particularly urgent to solve. This mini-panel will run through the past, current, and future state of vulnerability disclosure in the medical sector; provide examples of where it has been needed, gone well, and where it has failed; and ends with an introduction to the The disclose.io Project and some practical steps that anyone in the audience can take to improve the ubiquity of healthy hacker/vendor relationships.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 18:00-18:59 PDT


Title: Meetup: 3H: Hardware Happy Hour
When: Friday, Aug 7, 18:00 - 18:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Chris Gammell
No BIO available

Description:
Wind down the first official day of DEF CON Safe Mode talking about hardware! Bring a project to share! All hardware projects are welcome, from a simple Arduino based thingamabob to your company's newest hardware product (and how you earn your living). The main focus is meeting like minded people who are building fun things!

#hhv-meetups-a-text: https://discord.com/channels/708208267699945503/739567085004521533

#hhv-meetups-a-voice: https://discord.com/channels/708208267699945503/739571117756383333


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 15:30-15:59 PDT


Title: Meetup: Legacy Hardware
When: Friday, Aug 7, 15:30 - 15:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:ShortTie
No BIO available

Description:
A place to meet people with the same interests or challenges and discuss. The meetup is a nexus for finding and starting the conversation. Bring your expertise and your questions.

#hhv-meetups-a-text: https://discord.com/channels/708208267699945503/739567085004521533

#hhv-meetups-a-voice: https://discord.com/channels/708208267699945503/739571117756383333


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 14:30-14:59 PDT


Title: Meetup: PCB Proto and Rework
When: Friday, Aug 7, 14:30 - 14:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:ShortTie
No BIO available

Description:
A place to meet people with the same interests or challenges and discuss. The meetup is a nexus for finding and starting the conversation. Bring your expertise and your questions.

#hhv-meetups-a-text: https://discord.com/channels/708208267699945503/739567085004521533

#hhv-meetups-a-voice: https://discord.com/channels/708208267699945503/739571117756383333


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 09:30-09:59 PDT


Title: Meetup: Some HHV Challenges
When: Friday, Aug 7, 09:30 - 09:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:rehr
No BIO available

Description:
HHV members have created a few challenges for this year's DEF CON. Come learn and chat about those challenges, or bring new challenges to share with the community. This time will start with an introduction to this year's HHV challenges, but the remaining time will be open to community questions and conversations.

#hhv-challenge-text: https://discord.com/channels/708208267699945503/739567199647301702

#hhv-meetups-a-voice: https://discord.com/channels/708208267699945503/739571117756383333


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 17:30-17:59 PDT


Title: Meetup: Some HHV Challenges
When: Friday, Aug 7, 17:30 - 17:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:rehr
No BIO available

Description:
HHV members have created a few challenges for this year's DEF CON. Come learn and chat about those challenges, or bring new challenges to share with the community. This time will start with an introduction to this year's HHV challenges, but the remaining time will be open to community questions and conversations

#hhv-challenge-text: https://discord.com/channels/708208267699945503/739567199647301702

#hhv-meetups-a-voice: https://discord.com/channels/708208267699945503/739571117756383333


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 16:00-16:59 PDT


Title: Misbehavior Detection for V2X communication
When: Friday, Aug 7, 16:00 - 16:59 PDT
Where: Car Hacking Vlg 001

SpeakerBio:Jaime
Jaime is an EE turned software developer turned security researcher. She caught the infosec bug through playing CTFs, and now works at GRIMM hacking cars. In her spare time, she adds LEDs to things and hangs out with her dog.

Description:
In this talk, we will present network attacks that aim at fooling V2X applications. Then, we will show how our misbehavior detection system can detect such attacks. We will also demonstrate the progression of an attacker that becomes smarter and smarter in order to highlight the limitations of current misbehavior detection systems. Attacks and defenses will be shown working on production-ready onboard unit.


#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 09:00-15:59 PDT


Title: Mission Alenium: Launching the Next Generation into an Immersive Cybersecurity and Space Systems Challenge
When: Friday, Aug 7, 09:00 - 15:59 PDT
Where: Aerospace Vlg

SpeakerBio:Henry Danielson
No BIO available

Description:
The Convergence of Space and Cybersecurity is here! The goal of this immersive, two-part challenge is to expose beginner-level participants to Space Networks, Cybersecurity, Satellites, IoT devices and Digital Forensics Analysis through a gamified satellite cybercrime scenario. The first part includes a series of five online 3D “escape rooms” which each simulate different locations that contain important evidence. After all the information is collected, participants enter the second phase of the challenge and begin conducting forensic analysis. Participants will respond to a fictional storyline where the flight control system of a Low Earth Orbit (LEO) is compromised. Due to the hack, the rocket and its accompanying satellite crash before reaching orbit. The software payload survives the crash and is sufficiently intact for digital forensic analysis. The participants act as cybersecurity digital forensics analysts, attempting to find out how and why the system was hacked and by whom. It is being deployed at the California Cyber Innovation Challenge 2020, the state championship for cybersecurity competitions in California, for teams of middle school and high school students this upcoming October.

Discord: https://discord.com/channels/708208267699945503/732393009215176854


Return to Index    -    Add to    -    ics Calendar file

 

ICS - Friday - 11:00-11:30 PDT


Title: Mission Kill: Process Targeting in ICS Attacks
When: Friday, Aug 7, 11:00 - 11:30 PDT
Where: ICS Vlg

SpeakerBio:Joe Slowik
Joe Slowik has experience across multiple facets of cyber and information operations stretching over 10 years. Past roles include operations planning and mission development within the US Department of Defense; planning network defense strategies for US Naval assets afloat; running incident response operations at Los Alamos National Laboratory; building a threat intelligence program within the US Department of Energy; critical infrastructure attack analysis and activity tracking; and assisting industrial control system asset owners and operators in defensive planning and response.
Twitter: @jfslowik

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 11:00-11:59 PDT


Title: MITM - The Mystery In The Middle. An Introduction To The Aircraft Information Systems Domain
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Aerospace Vlg

SpeakerBio:Matt Gaffney
Matt is an aviation cybersecurity consultant at BSSI UK where he also holds the position of Managing Director. He started his cybersecurity career whilst serving in the British Army after being volunteered for a mandatory IT Security Officer course because he ‘has some experience with IT’. With more than 14 years experience across multiple industries from Military and Government to banking and aviation, Matt has mostly worked on the entry into service of e-Enabled aircraft at the operator (airline) level. Due to this, his focus is primarily on systems implemented by the operator and whose touchpoints are the Aircraft Information Systems Domain (AISD). His particular areas of interest are the Electronic Flight Bag (EFB) and ground systems. A relative newbie to the research field, he recently released his first paper ‘Securing e-Enabled aircraft information systems’ and plans on releasing others in the coming months.

Description:
The mordern e-Enabled aircraft is often descrbed as a flying data center with half of it on the ground. Sometimes overlooked by researchers in favour of avionics and In-Flight Entertainment systems, this presentation will give an introduction to the Aircraft Information Systems Domain (AISD). This hidden yet important domain logically sits between the Avionics and the passenger network and operators need to consider security in the AISD when bringing e-Enabaled aircraft in to their fleet.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

AIV - Friday - 10:00-10:30 PDT


Title: ML Security Evasion Competition 2020
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: AI Vlg
Speakers:drhyrum,zh4ck

SpeakerBio:drhyrum
No BIO available
Twitter: @drhyrum

SpeakerBio:zh4ck
No BIO available
Twitter: @zh4ck

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage


Return to Index    -    Add to    -    ics Calendar file

 

DL - Friday - 12:00-13:50 PDT


Title: Mobile Security Framework - MobSF
When: Friday, Aug 7, 12:00 - 13:50 PDT
Where: See Description or Village

SpeakerBio:Ajin Abraham
Ajin Abraham is a Security Engineer with 7+ years of experience in Application Security and Offensive Security Research. He is passionate on developing new and unique security tools. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Droid Application Fuzz Framework (DAFF), NodeJsScan etc to name a few. He has been invited to speak at multiple security conferences including ClubHack, Nullcon, OWASP AppSec Eu, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In Paris, Hack In the Box, c0c0n and PHDays.

Description:
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Interact @ #dl-ajin-mobile-securit-framework-text: https://discord.com/channels/708208267699945503/730256193683062825

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Github: https://mobsf.github.io/Mobile-Security-Framework-MobSF/

Forum: https://forum.defcon.org/node/233122


Return to Index    -    Add to    -    ics Calendar file

 

ETV - Friday - 14:00-14:59 PDT


Title: Models of Privacy Norms
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Ethics Vlg
Speakers:R. Jason Cronk,Ece Gumusel

SpeakerBio:R. Jason Cronk
No BIO available

SpeakerBio:Ece Gumusel
No BIO available

Description:
This will be a live talk.


Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Friday - 15:30-15:59 PDT


Title: Monero Wallet Basics: Sending, Receiving, Proving
When: Friday, Aug 7, 15:30 - 15:59 PDT
Where: Monero Vlg

SpeakerBio:rehr
No BIO available

Description:No Description available

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 15:15-16:15 PDT


Title: NAND Flash – Recovering File Systems from Extracted Data
When: Friday, Aug 7, 15:15 - 16:15 PDT
Where: IOT Vlg

Description:
This learning session will introduce attendees to the process of recovering file systems from data extracted from NAND flash chips. As part of this learning session we will be discussing and demoing the tools, methods and common processes for successfully recovering data. After each learning objective we will have Q&A sessions

IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

ENT - Friday - 22:00-22:59 PDT


Title: Ninjula
When: Friday, Aug 7, 22:00 - 22:59 PDT
Where: See Description or Village

Description:
#1 DJ in my mothers eyes

Forum: https://forum.defcon.org/node/230970

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Location: https://www.twitch.tv/defcon_music

Facebook: https://facebook.com/countninjula

Twitter: https://twitter.com/countninjula

Soundcloud: https://soundcloud.com/ninjula


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 12:30-12:59 PDT


Title: No Question: Teamviewer, Police and Consequence (Beginner)
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:corvusactual
Bill Dungey is a media maker, infoholic and professional nerd. Grab his latest work from postpunksuperhero.com.
Twitter: @corvusactual
https://postpunksuperhero.com

Description:
In the summer of 2019, I attended DEFCON for the first time and spent my days lingering around the Blue Team Village. Two weeks after I returned, our largest client was breached. A malicious actor remotely installed keyloggers on over a hundred computers.

After a marathon of logs and OSINT, I traced the bad guy to his house. I offered a dossier with everything I’d found to the local Cyber Crime unit, leading to a full confession and finally, the release of the suspect for circumstances I’m not authorized to know.

This talk discusses an internal breach of a non-profit organization. A delicate mix of politics, technical challenge and pressure, this event fundamentally shifted my career.

A strange log file triggered a closer look at some servers. Within minutes, we had realized a massive breach had taken place.

We found a keylogger installed on over a hundred computers. After a little digging, we found an unknown username referenced in a handful of Teamviewer connection logs.

Teamviewer was uninterested in helping us without an international warrant of some kind. Through a day of parsing log files (no, we don’t have SIEM, IDS or IPS at this client), OSINT and the confidence I’d gained from finding a tribe at the BTV, I was able to identify the person responsible and gain insight into a real-world breach.

A search warrant was executed, devices were nabbed for forensics and the detective secured a full confession. I was told there was ‘No Question', this was the person responsible, a client from the very organization that had been hit.

Some time later, after some political meetings between the parties involved, it was determined that a charge would not be levied against the malicious actor for reasons I have yet to be told. The organization is still actively under attack via weekly spear-phishing and whaling. After six weeks, the organization allowed the confirmed suspect back into the fold, accessing programs within the umbrella of the agency and within reach of the very systems he used to gain his foothold.

This is a vital topic to Blue Teamers. The real-world implications of a breach aren’t clear or fair and it’s all up to you.


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 09:00-15:59 PDT


Title: Nyan Sat Workshop
When: Friday, Aug 7, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
What’s another way to hack a satellite? Through ground stations.

Nyansat consists of three fun, non-competitive challenges: building your own satellite tracking antenna, exploiting a ground station modem, and participating in our livestreamed, internet-accessible, community ground station event.


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 11:00-11:50 PDT


Title: OBD and what we CAN do with it
When: Friday, Aug 7, 11:00 - 11:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Infenet
Lifelong hacker and hacker of all the things. Founder of Enterprise Offensive Security, creator of security tools for DevOps Engineers such as auto-remediation using AWS Lambda and CIS Compliance Scanning Tools, SSO implementations on the Service Provider and Identity Provider side(s). Simulated Advanced Persistent Threat Actor. Started DEFCON group in Detroit DC313 and Director of #misec Detroit.

Description:
Learn about the history of on-board diagnostics, OBD I and II Standards, Data Is Accessible From the OBD II and Architecture of OBD-II and CAN.


#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 18:30-18:59 PDT


Title: Office Drama on macOS
When: Friday, Aug 7, 18:30 - 18:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Patrick Wardle , Principal Security Researcher
Patrick Wardle is the Principal Security Researcher at Jamf and founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users.
Twitter: @Jamf

Description:
On the Windows platform, macro-based Office attacks are well understood (and frankly are rather old news). However on macOS, though such attacks are growing in popularity and are quite en vogue, they have received far less attention from the research and security community.

In this talk, we will begin by analyzing recent documents that contain macro-based attacks targeting Apple's desktop OS, highlighting the macOS-specific exploit code and payloads. Though sophisticated APT groups are behind several of these attacks, (luckily) these malicious documents and their payloads are constrained by recent application and OS-level security mechanisms.

However, things could be far worse! To illustrate this claim, we'll detail the creation of a powerful exploit chain, that begins with CVE-2019-1457, leveraged a new sandbox escape and ended with a full bypass of Apple's stringent notarization requirements. Triggered by simply opening a malicious (macro-laced) Office document, no other user interaction was required in order to persistently infect even a fully-patched macOS Catalina system!

To end the talk, we'll discuss various prevention and detection mechanisms that could thwart each stage of the exploit chain, as well as that aim to generically provide protection against future attacks!


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

ICS - Friday - 12:30-13:30 PDT


Title: On the insecure nature of turbine control systems in power generation
When: Friday, Aug 7, 12:30 - 13:30 PDT
Where: ICS Vlg
Speakers:Alexander Korotin,Radu Motspan

SpeakerBio:Alexander Korotin
Alexander Korotin is ICS security specialist at Kaspresky, focused on ICS security assessment, analysis of industrial software and protocols and penetration testing. At his previous job at Russian Railway Cybersecurity Center Alexander was involved in the security research of the railway transportation systems. Alexander has over five years of experience in this field. He is also OSCP certified.

SpeakerBio:Radu Motspan
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Friday - 12:30-12:59 PDT


Title: onkeypress=hack();
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: Hardware Hacking Vlg
Speakers:Farith Pérez Sáez,Luis Ángel Ramírez Mendoza (@larm182luis),Mauro Cáseres

SpeakerBio:Farith Pérez Sáez
Farith Pérez Sáez (@f_perezs) is a colombian engineer, hardware hacker and speaker. He spoke at DragonJAR Colombia (Biggest hacking spanish speaking conference in LATAM) and teaches at Universidad de La Guajira.
Twitter: @f_perezs

SpeakerBio:Luis Ángel Ramírez Mendoza (@larm182luis)
Luis Ángel Ramírez Mendoza (@larm182luis) is a colombian electronic engineer, hacker and speaker. He spoke at DragonJAR Colombia (Biggest hacking spanish speaking conference in LATAM) and is currently working as a Cybersecurity and Artificial Intelligence Professor at University of Guajira in Colombia.
Twitter: @larm182luis

SpeakerBio:Mauro Cáseres
Mauro Cáseres (@mauroeldritch) is an argentine hacker and speaker. He spoke at DEF CON 26 Las Vegas (Recon & Data Duplication Villages), DevFest Siberia, DragonJAR Colombia, Roadsec Brasil, and DC7831 Nizhny Novgorod. Currently working as SecOps for the Argentine Ministry of Production.
Twitter: @mauroeldritch

Description:
In this talk we will see the assembly and use of a modified BadUSB keyboard with an integrated DIY physical keylogger. Using a built-in WiFi module, this keyboard is capable of sending user keystrokes to a remote server and storing it in a database. Both the piece by piece assembly, its diagram, and its programming will be demonstrated. Also there will also be a live demo to demonstrate its operation.

This talk is recommended for both novice and experienced users alike.


#hhv-onkeypresshack-talk-qa-text: https://discord.com/channels/708208267699945503/736750677128249360

Twitch: https://twitch.tv/dchhv


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Online MUD - EvilMog
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
This CTF is a MUD with 8-9 quests, intentional exploits, and about 1200 rooms has been setup at mog.ninja port 4000. A website documenting the MUD is at https://mog.ninja and a CTFd is setup at https://ctf.mog.ninja. The game is an LPMud and runs on gurbalib and DGD. If you complete all the quests you become a wizard. You connect by telneting on port 4000. The game has been balanced out to take about a week to complete all the quests and hit max level if you find most of the in game exploits.

Forum: https://forum.defcon.org/node/232895

Discord: https://discord.com/channels/708208267699945503/728707998796480590

MUD Docs: https://mog.ninja

CTFd: https://ctf.mog.ninja


Return to Index    -    Add to    -    ics Calendar file

 

BTVW1 - Friday - 16:30-17:59 PDT


Title: Open-Source Tools for Hunting and Practical Intelligence (Intermediate)
When: Friday, Aug 7, 16:30 - 17:59 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Joe Slowik
Joe Slowik has experience across multiple facets of cyber and information operations stretching over 10 years. Past roles include operations planning and mission development within the US Department of Defense; planning network defense strategies for US Naval assets afloat; running incident response operations at Los Alamos National Laboratory; building a threat intelligence program within the US Department of Energy; critical infrastructure attack analysis and activity tracking; and assisting industrial control system asset owners and operators in defensive planning and response.
Twitter: @jfslowik

Description:
Organizations need to identify and disposition new threats to ensure active, adaptive defense. This workshop will walk through open source resources and freely-available techniques to identify new threats and attack trends, and how to then formulate defensive strategies for enterprise protection.

Open source intelligence and information gathering Company blogs, articles, and media reporting Distinguishing between technical reporting and pure marketing "Reading between the lines" for search terms Social media and Twitter
Suggested accounts
Source vetting and evaluation
Public threat feeds: AlienVault, IBM X-Force Registration and data retrieval

Timeliness and value

Sample gathering and extracting information HybridAnalysis, ANY.RUN, MalShare, VirusShare – VT (commercial) Capabilities and limitations of free services Evaluating different reporting types, extracting information for further searching How to read an analysis or incident report More reading between the lines
Going beyond hashes and IPs

Extracting information for use and application

Formulating information into hypotheses and pivoting Network pivoting: DomainTools, RiskIQ, Censys, Shodan, Urlscan, VirusTotal (free) The art of network pivoting without going 'too far' Pivoting types: registration information, SOA leaks, infrastructure similarities, etc. Host/Binary pivoting: VirusTotal, HybridAnalysis, ANY.RUN, etc. File metadata and compilation artifacts

Identifying common tooling, techniques, and references to publicly-available projects

Overview and exercise:
Beginning with a single sample (malicious document file), extracting additional information Identifying items of interest in document, identifying payload Using information to identify general patterns, trends, and behaviors Translating identified information into rules, hunting hypotheses, and defensive measures Deliverable: Additional IOCs, brief report for review and feedback (after conclusion of workshop)


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 10:00-10:59 PDT


Title: Opening Remarks: Getting The Aerospace Village To Take-Off
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Aerospace Vlg
Speakers:Chris Krebs,Dr Will Roper,Pete Cooper

SpeakerBio:Chris Krebs
Christopher Krebs - serves as the first director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). Mr. Krebs was originally sworn in on June 15, 2018 as the Under Secretary for the predecessor of CISA, the National Protection and Programs Directorate (NPPD). Mr. Krebs was nominated for that position by President Trump in February 2018.

Before serving as CISA Director, Mr. Krebs was appointed in August 2017 as the Assistant Secretary for Infrastructure Protection. In the absence of a permanent NPPD Under Secretary at the time, Mr. Krebs took on the role of serving as the Senior Official Performing the Duties of the Under Secretary for NPPD until he was subsequently nominated as the Under Secretary and confirmed by the Senate the following year.

Mr. Krebs joined DHS in March 2017, first serving as Senior Counselor to the Secretary, where he advised DHS leadership on a range of cybersecurity, critical infrastructure, and national resilience issues. Prior to coming to DHS, he was a member of Microsoft’s U.S. Government Affairs team as the Director for Cybersecurity Policy, where he led Microsoft’s U.S. policy work on cybersecurity and technology issues.

Before Microsoft, Mr. Krebs advised industry and Federal, State, and local government customers on a range of cybersecurity and risk management issues. This is his second tour working at DHS, previously serving as the Senior Advisor to the Assistant Secretary for Infrastructure Protection and playing a formative role in a number of national and international risk management programs.

As Director, Mr. Krebs oversees CISA’s efforts to defend civilian networks, manage systemic risk to National critical functions, and work with stakeholders to raise the security baseline of the Nation’s cyber and physical infrastructure.

Mr. Krebs holds a bachelor’s degree in environmental sciences from the University of Virginia and a J.D. from the Antonin Scalia Law School at George Mason University.


SpeakerBio:Dr Will Roper
Dr. Will Roper - is the Assistant Secretary of the Air Force for Acquisition, Technology and Logistics. As the Air Force’s Service Acquisition Executive, Dr. Roper is responsible for and oversees Air Force research, development and acquisition activities totaling an annual budget in excess of $60 billion for more than 550 acquisition programs. In this position, Dr. Roper serves as the principal adviser to the Secretary and Chief of Staff of the Air Force for research and development, test, production and modernization efforts within the Air Force.

Prior to his current position, Dr. Roper was the founding Director of the Pentagon’s Strategic Capabilities Office. Established in 2012, the SCO imagines new—often unexpected and game-changing—uses of existing government and commercial systems: extending their shelf- life and restoring surprise to the military’s playbook. Since 2012, SCO has grown from an annual budget of $50 million to the current $1.5 billion request in the President’s 2018 budget with projects spanning new concepts such as hypervelocity artillery, multi-purpose missiles, autonomous fast-boats, smartphone-navigating weapons, big-data- enabled sensing, 3D-printed systems, standoff arsenal planes, fighter avatars and fighter-dispersed swarming micro-drones which formed the world’s then-largest swarm of 103 systems. During his tenure as SCO Director, Dr. Roper served on the Department’s 2018 National Defense Strategy Steering Group, Cloud Executive Steering Group and Defense Modernization Team.

Previously, Dr. Roper served as the Acting Chief Architect at the Missile Defense Agency where he developed 11 new systems, including the current European Defense architecture, advanced drones, and classified programs. Before this, he worked at MIT Lincoln Laboratory and served as a missile defense advisor to the Under Secretary of Defense for Acquisition, Technology and Logistics.


SpeakerBio:Pete Cooper
Pete Cooper - Dir Aerospace Village. His first tech love was a ZX Spectrum but then he then moved on to flying fast jets in the UK Royal Air Force. Then he moved into cyber operations before leaving the military 4 years ago. Since then he has started up his own cyber security firm and has advised on everything from developing global cyber security strategies with UN bodies such as ICAO, advising the ICRC on the nature of state vs state cyber conflict and also enjoys playing with active cyber defence and deception. Pete is also the founder and Dir of the UK Cyber Strategy Challenge “Cyber9/12”, holds an MSc in Cyberspace Operations, is a Senior Fellow at Kings College London, a Non-Resident Senior Fellow at the Atlantic Council Cyber Statecraft Initiative and a Fellow of the Royal Aeronautical Society.

Description:
Let’s face it, relationships between the hacker / researcher community and the aerospace sector in the past – haven’t been great. 20 months ago, a passionate voluntary group of hackers, pilots, engineers, policy wonks and others, decided to do something about it and start creating a community that would foster trusted relationships across all those interested in aviation cyber security. Here we are at our second DEF CON in the Aerospace Village with a rapidly growing hacker / researcher community supported by the aerospace industry, USAF, DDS, CISA, academia, regulators and more including the first satellite CTF.

A short intro to the Aerospace Village tells the story of how and why we do this, how we got here and where we are going.

Then we are honoured to have two guest speakers where we hear from Dir CISA, Chris Krebs, who will be chatting about all things CISA and Aerospace Cybersecurity, after which things are rounded off by Dr Will Roper, Assistant Secretary of the Air Force for Acquisition, Technology and Logistics who will talk to the Space Security Challenge – Hack-a-Sat and their support for the Aerospace Village and its vision.

This event will be coordinated on the DEF CON Discord server, in channel #av-terminal-text.


Discord: https://discord.com/channels/708208267699945503/732392946350948423


Return to Index    -    Add to    -    ics Calendar file

 

AIV - Friday - 09:30-09:59 PDT


Title: Opening Remarks
When: Friday, Aug 7, 09:30 - 09:59 PDT
Where: AI Vlg

SpeakerBio:AI Village Organizers
No BIO available

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 10:00-23:59 PDT


Title: OpenSOC Blue Team CTF - General Round
When: Friday, Aug 7, 10:00 - 23:59 PDT
Where: See Description or Village

Description:
OpenSOC is a Digital Forensics, Incident Response (DFIR), and Threat Hunting challenge meant to teach and test practical incident response skills in an environment that closely resembles a real enterprise network. This virtual environment is representative of what you would find in an enterprise network, including: workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high-fidelity training environment for unleashing real-world attacks and testing responders’ abilities to filter and detect malicious activity on the network. This isn’t just another CTF. We’ve built this platform to train real-world responders to handle real-world situations, and each year we incorporate new scenarios that are modeled after threat actors and breaches experienced by the OpenSOC team. From APT attacks using 0-days and heavily weaponized shellcode to sneaky lateral movement and exfiltration techniques, we expose contestants to a wide-range of techniques that we see actively used in the wild.We encourage team participation, and always have folks on hand to assist those just getting started out.Even better - 100% of the security tools demonstrated within OpenSOC are Free and/or Open Source! These projects include Velociraptor, Sysmon, osquery, Suricata, Moloch, pfSense and Graylog + ELK bringing it all together in an awesome way. This allows our contestants to not only have fun at DEF CON, but also learn skills and tools they can take back to work on Monday.

The Challenge:


Forum: https://forum.defcon.org/node/232949

Discord: https://discord.com/channels/708208267699945503/711644213170667562

Twitter: https://twitter.com/Recon_InfoSec

Web: https://opensoc.io

Registration: https://docs.google.com/document/d/1TbfOwv5C64ciirCQELq0HxJVd5oJd4qjvzXhidFgijw/edit?usp=sharing


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: OSINTSECCryptoAIBlockchain
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231050

Discord: https://discord.com/channels/708208267699945503/732439527213367346


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Friday - 13:00-13:45 PDT


Title: Our journey into turning offsec mindset to developer's toolset
When: Friday, Aug 7, 13:00 - 13:45 PDT
Where: AppSec Vlg
Speakers:Paul Amar,Stanislas Molveau

SpeakerBio:Paul Amar
No BIO available
Twitter: @PaulWebSec

SpeakerBio:Stanislas Molveau
No BIO available

Description:No Description available

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 11:00-11:59 PDT


Title: OuterHaven - The UEFI Memory Space Just Itching to be Misused (Intermediate)
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Connor Morley
A computer security obsessive, Connor has been a threat hunter for the past 3 years spending half his job time looking for vulnerabilities and ripping apart exploitation tools/malware. In addition to his investigative action, he also participates in enhancement and development of the industry leading detection system employed to actively detect and disrupt active attackers. Enjoying advanced attack methods, he has participated in active attack prevention and remediation as well as publishing white papers on APT level attack frameworks (Is Killsuit laying in wait? - Equation group) and tackling detection problems (Truecrypt detection and distributed attack system - TCrunch).
Twitter: @Lavi16

Description:
This presentation will cover research which explores the methods in which all levels of attackers can work with exploiting the UEFI memory space as well as methods for monitoring & enumerating this data haven and the associated access difficulties. I will also demonstrate some scripting and Python code that leverages Windows hosted elements to both exploit, enumerate and monitor this safe space for everyone to play with.

The exploitaiton of UEFI memory has previously only been thought of as something that is used for rootkits or advanced/targeted offensive operations. However, offensive actors and researchers have shown that they are willing to exploit this area with increasing ease. This presentation goes one step further and highlights the extremely basic level of computer knowledge needed to exploit this in current Windows OS, one-click and copy-paste scripts being able to generate the same results. However, the presentation also highlights solutions to monitor/access/analyze issues for this reclusive data set which allows active threats to be scrutinized and detection & preventative methods developed for both local and remote security solutions.


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 17:45-18:15 PDT


Title: Pandemic In Plaintext
When: Friday, Aug 7, 17:45 - 18:15 PDT
Where: IOT Vlg

SpeakerBio:Troy Brown
Troy has been a RF and physical security hardware engineer for multiple manufacturers of access control, locks, and wireless security devices for over a decade. Troy holds multiple patents in areas of electronic security, energy harvesting, and wireless. Troy also hosts the YouTube channel for HackerWarehouse.TV and can be found on Twitter at @waveguyd.

Description:
When a wireless engineer decides to tune into hospitals to determine the state of COVID in the community, he finds detailed patient info being broadcast into thin air. By capturing, decoding, and analyzing the info, the true state of the pandemic is realized.

IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 10:30-11:30 PDT


Title: Panel: The Joy of Coordinating Vulnerability Disclosure
When: Friday, Aug 7, 10:30 - 11:30 PDT
Where: Red Team Vlg
Speakers:Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh

SpeakerBio:Daniel Gruss , TU Graz
No BIO available

SpeakerBio:CRob , Red Hat
No BIO available

SpeakerBio:Lisa Bradley , Dell
No BIO available

SpeakerBio:Katie Noble , Intel Corp
Katie currently serves as a Director of PSIRT and Bug Bounty at Intel Corp. Where she leads the cyber security vulnerability Bug Bounty program, researcher outreach, and strategic planning efforts. Previous to this position, Katie served as the Section Chief of the Vulnerability Management and Coordination at the Department of Homeland Security, Cyber and Infrastructure Security Agency (CISA) where she led DHS’ primary operations arm for coordinating the responsible disclosure and mitigation of identified cyber vulnerabilities in control systems, enterprise, hardware and software. Katies team is credited by the Secretary of Homeland Security with the coordination and public disclosure of over 20,000 cyber security vulnerabilities within a two year period. Katie is a highly accomplished manager with over 14 years of U.S. Government experience, both in the Intelligence Community and Cyber Security Program Management. She has operated at all levels from individual contributor as an Intelligence Analyst for the National Intelligence Community to Senior Policy Advisor for White House led National Security Council (NSC) Cyber programs. Her work has directly impacted the decision making of the NSC, Defense Information Systems Agency, Office of the Director of National Intelligence, Department of Defense, Federal Communications Commission, Central Intelligence Agency, U.S. Coast Guard, U.K.Ministry of Defense, Canadian Government agencies, and Australian Cabinet Ministry.

SpeakerBio:Omar Santos , Cisco
Omar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar is the author of over 20 books and video courses; numerous white papers, and other articles. Omar is a Principal Engineer of Cisco’s Product Security Incident Response Team (PSIRT) where he mentors and lead engineers and incident managers during the investigation and resolution of security vulnerabilities. Omar is often presenting at many conferences and he is the co-lead of the DEF CON Red Team Village.
Twitter: @santosomar

SpeakerBio: Anders Fogh , Intel
No BIO available

Description:
Under the best of circumstances, coordinating disclosure of vulnerabilities can be a challenge. At times it can feel like everyone involved in CVD has conflicting motivations. The truth is that all of us are aspiring to do the right thing for end-users based on our perspective. The panel will share experiences and show how researchers and technology companies can work together to improve the impact of disclosing vulnerabilities on the technology ecosystem. Join CRob (Red Hat), Lisa Bradley (Dell), Katie Noble (Intel), Omar Santos (Cisco), Anders Fogh (Intel) and Daniel Gruss (TU Graz) for an exciting and engaging dialog between security researchers and industry experts on the Joy of coordinating vulnerability disclosure.

Presentation Outline
This will be an interactive session between the panelists. The following questions are seeds for what will be a dynamic and lively discussion: What does CVD mean to you and what is your motivation to disclose? What benefits have the panelists seen in coordinating vulnerability disclosure? What problems have you had with CVD?
How does CVD work in open source projects? How do you prepare for coordinated vulnerability disclosure and what challenges do you face? How could researchers and industries work better together?

Takeaways
Learn about the exciting world of Coordinated Vulnerability Disclosure. Hear from experts from both the research community as well as the vendors they report issues to. Learn from the coordination mistakes from the past to not repeat them in the future. Learn about the current struggles with CVD and what needs to be done to improve CVD.

Problem to solve
The hope is that this constructive interaction will remove some of the impediments of relationships between product developers and security researchers. The goal is to open a door for dialogue that will bring more stability in the experiences we all have in coordinating vulnerability disclosure. All technology users are impacted by security vulnerabilities, how those issues are communicated and dealt with are critical to impacted individuals and organizations to effectively manage the information security risk. The panel hopes to show "both sides" of the issue and highlight our different perspectives, and ideally showcase we're all working to help secure end-users around the globe.


Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 19:15-20:15 PDT


Title: Password cracking beyond 15 characters and under $500
When: Friday, Aug 7, 19:15 - 20:15 PDT
Where: Red Team Vlg

SpeakerBio:Travis Palmer
Travis Palmer is a Red Team Engineer at Intercontinental Exchange and a certified OSCP and OSCE. Most recently he has been a "surprise" backup speaker at DEFCON 27, DEFCON Red Team Village Staff, and a speaker at Wild West Hacking Fest and Cisco Offensive Summit. He is a fan (and sometimes-contributor) of a number of simulator/sandbox video games, and keeper of too many unfinished hardware projects. In his video games he enjoys long assaults on the beach, and dancing jets in the rain.

Description:
Most of us understand that it is a good idea to tailor an attack to a password policy. That being said, most password policies are fairly homogeneous. Does a minimum eight characters and at least three of four categories for complexity sound familiar? The hashcat-herders among us have prepared well for this endeavor. Many have hoarded hundreds of gigabytes of dumped passwords from hacked sites using these exact kinds of policies. Which means, when the hashes get dumped, sometimes more than half of a domain can be cracked in a single day. So… what if you have to crack passwords written under a different policy, like a paranoid 15 character minimum? Those gigabytes of dictionaries, full of shorter passwords, aren’t going to rockyou into domain admin anymore. It’s time to dive into the hashes with combinations of combinators, purple rain attacks, and word-level linguistically correct Markov chains. Along with the techniques themselves, this presentation will include the real-world results of various cracking attacks against a ~6000 person domain, at a Fortune 500 with a mature security program. As well as some recommendations for policies that allow memorable passwords while actually making them difficult to crack.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Friday - 14:10-16:30 PDT


Title: Peeling Back the Layers and Peering Through the Clouds with Security Onion
When: Friday, Aug 7, 14:10 - 16:30 PDT
Where: Cloud Vlg

SpeakerBio:Wes Lambert
Wes Lambert is a Senior Engineer at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. Wes is a huge fan of open source software projects, and loves to solve problems and enhance organizational security using completely free and easily deploy-able tools.
Twitter: @therealwlambert

Description:
Peeling Back the Layers and Peering Through the Clouds with Security Onion As the number of production assets and workloads transition to cloud, it is more important than ever to be able to understand the ""goings-on"" of these type of environments. Unfortunately, many organizations still have little visibility into cloud infrastructure. Vendor-specific solutions can be cost-prohibitive, and don't always offer a complete solution for security monitoring. In this session, we'll discuss how we can better defend cloud environments by leveraging Security Onion, a completely free and open source platform for intrusion detection, enterprise security monitoring, and log management. By using Security Onion, we can pierce the veil of the cloud, and gain better visibility to facilitate threat detection, identify application misconfigurations, and assist with compliance-related efforts. Attendees should walk away with a firm grasp of the platform, understanding how they can utilize Security Onion to improve their organization's security posture, and make their adversaries cry.
Outline

(1) Cloud
(a) Assets/Data
(b) Threats
(c) Monitoring Challenges
(2) Introduction to Security Onion
(a) Components
(b) Data types
(3) Security Onion in the Cloud
(a) Facilitating cloud-based intrustion detection and monitoring with traffic mirroring (b) Ingesting telemetry from external/vendor-specific sources (4) Automating the Onion
(a) Automating Security Onion Deployment

This talk assumes you have secured your individual AWS accounts at the basic level by locking down your root accounts with 2FA, and etc.

For more details on the workshop pre-requisites, please refer the following link: https://docs.google.com/document/d/1kYHM3B3Opok4UXZALBKdYsJppPhNbBMUovNR4dclnhg/edit?usp=sharing


Return to Index    -    Add to    -    ics Calendar file

 

RGV - Friday - 14:00-14:59 PDT


Title: Performance
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Rogues Vlg

SpeakerBio:Daniel Roy
No BIO available

Description:
In this hybrid performance talk, Daniel will introduce you to the storied history of card cheats and con games and demonstrate some of the most legendary scams – and won’t have to bet a penny!

Daniel Roy is a magician who specializes in the most difficult branch of card manipulation: the sleight of hand techniques used by professional card cheats. He has appeared at the World-Famous Magic Castle in Hollywood, and his audiences have included Hollywood actors, millionaires, and members of U.S. Congress. In 2019, he received the Milbourne Christopher award for Close-Up Magician of the Year.


Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage


Return to Index    -    Add to    -    ics Calendar file

 

RGV - Friday - 16:00-17:59 PDT


Title: Pickpocketing @ Home
When: Friday, Aug 7, 16:00 - 17:59 PDT
Where: Rogues Vlg

SpeakerBio:James Harrison
No BIO available

Description:
James Harrison returns to share his pickpocketing tips (a smash hit at Rogues Village at DEFCON 27 last year) via the internet. In this talk, James will show you how to practice your own pickpocketing skills inside your very own home! Come take a peek inside James’ own setup, and learn some of his tricks of the trade. Safeguard yourself while learning a new skill!

Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 11:30-11:59 PDT


Title: Porcupine: Rapid and robust tagging of physical objects using DNA with highly separable nanopore signatures
When: Friday, Aug 7, 11:30 - 11:59 PDT
Where: BioHacking Vlg

SpeakerBio:Katie Doroschak
Katie Doroschak is a PhD candidate in the MISL lab in the Allen School for Computer Science & Engineering at the University of Washington. She specializes in data science & machine learning for computational & synthetic biology.

Description:
Molecular tagging is an approach to labeling physical objects using DNA or other molecules that can be used in cases where methods like RFID tags and QR codes are not suitable. No molecular tagging method exists that is inexpensive, fast and reliable to decode, and usable outside a lab setting to create or read tags. To address this, we present Porcupine, an end-user molecular tagging system that features DNA-based tags readable within seconds using a portable nanopore device. Porcupine's digital bits are represented by the presence or absence of distinct, nanopore-orthogonal DNA strands, which we call molecular bits (molbits). We classify molbits directly from the raw nanopore signal, avoiding basecalling. To extend the tag's shelf life, decrease readout time, and make tags robust to environmental contamination, molbits are prepared for readout during tag assembly and can be stabilized by dehydration. The result is an extensible, real time, high accuracy tagging system that includes a novel approach to developing nanopore-orthogonal barcodes.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

ICS - Friday - 15:45-16:45 PDT


Title: PowerLine Truck Hacking: 2TOOLS4PLC4TRUCKS
When: Friday, Aug 7, 15:45 - 16:45 PDT
Where: ICS Vlg

SpeakerBio:Ben Gardiner
Ben Gardiner is a Senior Cybersecurity Research Engineer contractor at the National Motor Freight Traffic Association, Inc. (NMFTA) specializing in hardware and low-level software security. Prior to joining the NMFTA team in 2019, Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He is a DEF CON Hardware Hacking Village (DC HHV) volunteer. He is chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2), and a voting member of the SAE Vehicle Electronic Systems Security Committee.

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 11:00-11:59 PDT


Title: PowerLine Truck Hacking: 2TOOLS4PLC4TRUCKS
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Car Hacking Vlg 001
Speakers:Ben Gardiner,Chris Poore

SpeakerBio:Ben Gardiner
Ben Gardiner is a Senior Cybersecurity Research Engineer contractor at the National Motor Freight Traffic Association, Inc. (NMFTA) specializing in hardware and low-level software security. Prior to joining the NMFTA team in 2019, Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He is a DEF CON Hardware Hacking Village (DC HHV) volunteer. He is chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2), and a voting member of the SAE Vehicle Electronic Systems Security Committee.

SpeakerBio:Chris Poore
Chris Poore is a Senior Computer Engineer at Assured Information Security in Rome, NY and a member of the Systems Analysis and Exploitation (SAE) group. He works to analyze, understand, characterize, and exploit cyber systems using adversarial techniques with a focus on RF-enabled devices. He has experience writing code for software-defined radios and GNU Radio to reverse-engineer RF communication protocols and perform sophisticated attacks. Mr. Poore has a degree in Social Engineering, is an active somnambulist, was King of the Pirates for three years, and frequently violates PornHub’s terms of service.

Description:
Trailer ABS functionality has been a regulated requirement in the US & Canada for decades now. The 'PLC4TRUCKS' technology that realizes this requirement is ubiquitous on the road today and can also be found in buses, trains and some other unexpected places. We are releasing tools to read and write PLC4TRUCKS traffic. The first, gr-j2497 is a GNU Radio flowgraph with custom block and the second is an extension to the Truck Duck tool released at DEF CON 24. With these tools in hand, attendees can read PLC traffic without touching the bus -- or control their own trailer air brake controllers connected at home and we will show them how


#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Friday - 12:00-12:30 PDT


Title: Proposed Mitigation Measures to Address a Disruption Such as The Economic Impact of COVID -19 on Transaction Capacity and Fees in Monero
When: Friday, Aug 7, 12:00 - 12:30 PDT
Where: Monero Vlg

SpeakerBio:Dr. Francisco "ArticMine" Cabañas
No BIO available

Description:
Monero uses an adaptive block weight based upon the CryptoNote excess size penalty with a median over the last 100 blocks, cryptonote.org/whitepaper.pdf, to provide the capacity for increases and decreases in the number of transactions. In 2019 this adaptive block weight was modified by the introduction of a long term median over the last 100,000 blocks to mitigate against a sharp increase in the block weight, due to possible spam attacks. We will consider the scenario of external economic events causing a sharp decrease in he number of transactions after several years of growth, followed by a recovery and then further growth several months later. We will also consider the possibility of a sharp increase in the number of transactions, due to economic disruptions, during the current COVID-19 pandemic. and in its aftermath. We will propose changes to the Monero adaptive block weight in order to mitigate against a sharp increase in transaction fees and allow for a smooth recovery, and further growth in the block weight after a sharp drop in the number of transactions . The period between the initial drop in the number of transactions to the full recovery with further growth of the block weight would be in the order of months.

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 19:30-20:30 PDT


Title: Purple On My Mind: Cost Effective Automated Adversary Simulation (Intermediate)
When: Friday, Aug 7, 19:30 - 20:30 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Mauricio Velazco
Mauricio Velazco (@mvelazco) is a Peruvian, Infosec professional who started his career as a penetration tester and jumped to the blue team 8 years ago. He currently leads the Threat Management team at a Fortune 500 where he focuses on threat detection/hunting and adversary simulation. Mauricio has presented and hosted workshops at conferences like Defcon, Derbycon, BSides and the SANS Threat Hunting Summit. He holds a few certifications including OSCP and OSCE.
Twitter: @mvelazco

Description:
Automated adversary simulation is often perceived as a hard, dangerous and complicated program to implement and run. Fear no longer, our methodology and tooling will let you test and measure your defenses throughout your production environment to test not only your detection rule’s resilience but the whole event pipeline as well as your team’s response procedures. In this talk, we’ll share with the audience the open source tools we built and the methodology we use that will allow them to hit the ground running at nearly no cost.

Introduction (5 min)

Automated Adversary simulation - Design & Methodology (10 min)

State of the art (3 min)

Our approach (25 min )

Takeaways ( 3 min)


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 11:30-11:59 PDT


Title: Pwn2Own Qualcomm compute DSP for fun and profit
When: Friday, Aug 7, 11:30 - 11:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Slava Makkaveev , Security Researcher, Check Point
Slava Makkaveev is a Security Researcher at Check Point. Holds a PhD in Computer Science. Slava has found himself in the security field more than ten years ago and since that gained vast experience in reverse engineering and vulnerability research. Recently Slava has taken a particularly strong interest in mobile platforms and firmware security.

Description:
Qualcomm Snapdragon SoC integrates multiple subsystems, each one is customized for a particular application domain. Compute digital-signal processor (cDSP) is a subsystem which allows a mobile device to process simple sets of data with high performance on low power. In the talk we will show that this little studied proprietary subsystem has many security problems that open the door to malicious Android applications for PE and DoS attacks of the device.

For security reasons, the cDSP is licensed for programming by OEMs and by a limited number of third-party software vendors. The code running on DSP is signed by Qualcomm. However, we will demonstrate how an Android application can bypass Qualcomm’s signature and execute privileged code on DSP, and what further security issues this can lead to.

Hexagon SDK is the official way for the vendors to prepare DSP related code. We discovered serious bugs in the SDK that have led to the hundreds of hidden vulnerabilities in the Qualcomm-owned and vendors’ code. The truth is that almost all DSP executable libraries embedded in Qualcomm-based smartphones are vulnerable to attacks due to issues in the Hexagon SDK. We are going to highlight the auto generated security holes in the DSP software and then exploit them.


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

CRV - Friday - 14:00-14:59 PDT


Title: Pwning Your Resume
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Kris Rides
No BIO available

Description:
Does your resume writing professional know the Cyber Security Industry? If not why are you paying them to do a job you’re better qualified to do your self? Put that money towards building your knowledge or something that will really help further your career. This presentation will focus on what makes an excellent cyber security resume and how to write it yourself.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw


Return to Index    -    Add to    -    ics Calendar file

 

DL - Friday - 12:00-13:50 PDT


Title: PyRDP: Remote Desktop Protocol Monster-in-the-Middle (MITM) and Library
When: Friday, Aug 7, 12:00 - 13:50 PDT
Where: See Description or Village

SpeakerBio:Olivier Bilodeau
Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 10 years of infosec experience, he enjoys luring malware operators into his traps, writing tools for malware research, reverse-engineering all-the-things and vulnerability research. Passionate communicator, Olivier has spoken at several conferences like BlackHat, Defcon, Botconf, SecTor, Derbycon, HackFest and more. Invested in his community, he co-organizes MontréHack, a monthly workshop focused on hands-on CTF problem solving, and NorthSec, a large non-profit conference and CTF based in Montreal.

Description:
PyRDP is a Remote Desktop Protocol (RDP) monster-in-the-middle (MITM) tool and library useful in intrusion testing and malware research. Its out of the box offensive capabilities can be divided in three broad categories: client-side, MITM-side and server-side. On the client-side PyRDP can actively steal any clipboard activity, crawl mapped drives and collect all keystrokes. On the MITM-side PyRDP records everything on the wire in several formats (logs, json events), allows the attacker to take control of an active session and performs a pixel perfect recording of the RDP screen. On the server-side, on-logon PowerShell or cmd injection can be performed when a legitimate client connects. Over the last year, we implemented several features that we are going to uncover in this brand-new demo lab workshop: a headless mode that allows deployment on systems with less resources or without an X11 stack, a fully transparent layer-2 deployment capability leveraging IP_TRANSPARENT sockets, a brand new Windows Graphical Device Interface (GDI) implementation and the ability to convert recorded sessions into MP4 videos. On the malware research side, PyRDP can be used as part of a fully interactive honeypot. It can be placed in front of a Windows RDP server to intercept malicious sessions. It can replace the credentials provided in the connection sequence with working credentials to accelerate compromise and malicious behavior collection. It also saves a visual and textual recording of each RDP session, which is useful for investigation or to generate IOCs. Additionally, PyRDP saves a copy of the files that are transferred via the drive redirection feature, allowing it to collect malicious payloads.

Audience: Offense and Malware Researchers


Interact @ #dl-bilodeau-pyrdp-text: https://discord.com/channels/708208267699945503/730256435916832849

Watch @ #dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988

Github: https://github.com/GoSecure/pyrdp

Forum: https://forum.defcon.org/node/233124


Return to Index    -    Add to    -    ics Calendar file

 

BTVT1 - Friday - 10:00-10:30 PDT


Title: Quark Engine - An Obfuscation-Neglect Android Malware Scoring System (Beginner)
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: Blue Team Vlg - Talks Track 1
Speakers:JunWei Song,KunYu Chen

SpeakerBio:JunWei Song
JunWei is a Security Researcher from Taiwan. A paranoid Pythonista who focuses on cybersecurity, reverse engineering, and malware analysis. And as a CPython contributor, PyCon Taiwan Program Committee, presented at DEFCON, HITB, Europython, PyCon Taiwan, PyCon Korea, PyCon Malaysia. He’s the co-founder of Quark-Engine and a security research group, TWBGC.
Twitter: @JunWei__Song

SpeakerBio:KunYu Chen
No BIO available

Description:
Android malware analysis engine is not a new story. Every antivirus company has their own secrets to build it. With python and curiosity, we develop a malware scoring system from the perspective of Taiwan Criminal Law in an easy but solid way.

We have an order theory of criminal which explains stages of committing a crime. For example, crime of murder consists of five stages, they are determined, conspiracy, preparation, start and practice. The latter the stage the more we’re sure that the crime is practiced.

According to the above principle, we developed our order theory of android malware. We develop five stages to see if the malicious activity is being practiced. They are:

Permission requested.
Native API call.
Certain combination of native API.
Calling sequence of native API.
APIs that handle the same register.

We not only define malicious activities and their stages but also develop weights and thresholds for calculating the threat level of a malware.

Malware evolved with new techniques to gain difficulties for reverse engineering. Obfuscation is one of the most commonly used techniques. In this talk, we present a Dalvik bytecode loader with the order theory of android malware to neglect certain cases of obfuscation.

Inspired by the design principles of the CPython interpreter, our Dalvik bytecode loader consists of functionalities such as 1. Finding cross-reference and calling sequence of the native API. 2. Tracing the bytecode register. The combination of these functionalities (yes, the order theory) not only can neglect obfuscation but also match perfectly to the design of our malware scoring system.

Further, we will also show a case study of Android malware and demonstrate how the obfuscation technique is useless to our engine. Last but not least, we will be open-sourcing everything (Malware Scoring System, Dalvik Bytecode Loader) during our presentation.

Github: https://github.com/quark-engine/quark-engine


Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Twitch: https://twitch.tv/BlueTeamVillage


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Friday - 12:05-12:50 PDT


Title: Ransom in the Cloud
When: Friday, Aug 7, 12:05 - 12:50 PDT
Where: Cloud Vlg

SpeakerBio:Spencer Gietzen
Spencer Gietzen comes from a background in web development and penetration testing. He is now a Cloud Security Researcher at CrowdStrike, spearheading research and development of new and upcoming cloud threats. Spencer has published a variety of research blogs and developed cloud security tools for the open source community, such as Pacu, an offensive AWS pentesting framework.
Twitter: @SpenGietz

Description:
Traditional ransomware has become a popular tool for cybercriminals to make their buck and has cost a variety of industries hundreds of millions to billions of dollars in recent years. As trends change and corporations move from traditional data centers to cloud environments like AWS, GCP, and Azure, adversaries are adapting their techniques to match the new climate. Because of this, attackers abusing cloud APIs rather than host/network-based commands are becoming more prevalent. This talk explores the services most likely to be targeted by ransomware in AWS cloud, techniques that attackers may use, and preventative/detective measures to assist the blue team.

Spencer Gietzen comes from a background in web development and penetration testing. He is now a Cloud Security Researcher at CrowdStrike, spearheading research and development of new and upcoming cloud threats. Spencer has published a variety of research blogs and developed cloud security tools for the open source community, such as Pacu, an offensive AWS pentesting framework.


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Friday - 14:00-14:59 PDT


Title: Realistic Trends in Vulnerability based on Hacking into Vehicle
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Car Hacking Vlg 001
Speakers:Ryosuke Uematsu,Shogo Nakao,Ryoichi Teramura,Tatsuya Katsuhara

SpeakerBio:Ryosuke Uematsu
No BIO available

SpeakerBio:Shogo Nakao
No BIO available

SpeakerBio:Ryoichi Teramura
No BIO available

SpeakerBio:Tatsuya Katsuhara
No BIO available

Description:
This presentation introduces the trends in the ECU vulnerabilities and the mitigations against the ones, and also our assessment method.

We have worked with more than 10 auto manufacturers and suppliers, and we have assessed a lot of their ECUs in development. Here, we had already found over 200 vulnerabilities, making it reveal the trends in both the vulnerabilities and mitigations statistically. Some of them make a huge impact on automotive safety, that is we can hack into the vehicle via the wireless connection.



#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 09:30-15:59 PDT


Title: Red Team Village CTF - Finals
When: Friday, Aug 7, 09:30 - 15:59 PDT
Where: Red Team Vlg

Description:
The first part of the CTF will be qualifiers in jeopardy format, then the top teams will move into finals where each will compete in the Pendulum Red Team environment, a full corporate network (each team will have their own env) .

Skills required to win: pentesting/red team, scripting, reversing, exploitation, privilege escalation, pivoting, exploit development and anti-virus evasion.


Info: https://redteamvillage.io/ctf.html


Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 07:30-07:59 PDT


Title: Red Team Village Opening Remarks
When: Friday, Aug 7, 07:30 - 07:59 PDT
Where: Red Team Vlg
Speakers:Joseph Mlodzìanowskì (cedoXx),Omar Ωr

SpeakerBio:Joseph Mlodzìanowskì (cedoXx)
No BIO available
Twitter: @cedoxX

SpeakerBio:Omar Ωr
No BIO available

Description:No Description available

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 09:15-10:15 PDT


Title: Red Teaming: Born from the Hacker Community
When: Friday, Aug 7, 09:15 - 10:15 PDT
Where: Red Team Vlg

SpeakerBio:Chris Wysopal
Chris Wysopal is currently Veracode's CTO and Co-Founder. He is responsible for the company's software security analysis capabilities. One of the original vulnerability researchers and a member of L0pht Heavy Industries, Chris has testified on Capitol Hill in the US on the subjects of government computer security and how vulnerabilities are discovered in software. He published his first advisory in 1996 on parameter tampering in Lotus Domino and has been trying to help people not repeat this type of mistake for 15 years. Back in 1997 he first got paid for hacking someone else's network and later a company's web application. Chris was hooked and has been performing security testing one way or another since.

Description:No Description available

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 12:00-12:59 PDT


Title: Redefining patient safety in the digital era
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: BioHacking Vlg
Speakers:Dena Medelsohn,Jen Goldsack

SpeakerBio:Dena Medelsohn
Dena Medelsohn is a passionate consumer advocate and boldly believe in data rights and access to quality healthcare. Dena is the director of health policy and data governance at Elektra Labs. Previously, Dena was the senior attorney at Consumer Reports.

SpeakerBio:Jen Goldsack
Jen Goldsack is the executive director of the Digital Medicine Society (DiMe), a 501c3 dedicated to advancing digital medicine to optimize human health. Jen’s research focuses on applied approaches to the safe, effective & equitable use of digital technologies to improve health, healthcare & health research.

Description:
Digital technologies are the future of medicine--and perhaps also public health--but these innovative tools that offer great promise for higher quality, more affordable, more accessible care also pose new risks to patients.

Using real-world examples, this presentation will make the case for expanding the list of harms considered when determining the risk-benefit profile of a medical product in the digital era of health. We will consider security practices -- and sometimes their absence -- and disparities in both access to technologies and technical literacy.

Digital technologies - and in particular remote monitoring technologies such as wearables and other in - home smart sensors have the potential to transform health, healthcare, and health research. But these innovative tools also pose new risks to patients.

Risk-benefit analysis is the bedrock of clinical decision making, from formulating individual treatment plans to drug approval decisions. However, while shaky data rights in the United States put patients at risk when they use digital health products, these risks are poorly understood and rarely included in risk-benefit analyses.

This presentation will illustrate the new risks to patients posed by their digital health footprint-from challenges accessing health care to discrimination in the workplace-and explain for readers why data rights and security must be folded into a contemporary definition of 'patient safety'.


BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

DL - Friday - 16:00-17:55 PDT


Title: redlure
When: Friday, Aug 7, 16:00 - 17:55 PDT
Where: See Description or Village

SpeakerBio:Matthew Creel
Matt has been a member of the Schneider Downs cybersecurity practice since 2017 where he helps provide clients with penetration testing, red teaming and incident response services. One of Matt's focuses is offensive tool development, notably password spraying and phishing tools. Matt has served clients in manufacturing, healthcare, automotive, finanaical and higher education industires.

Description:
redlure can be descirbed as a distributed phishing platform. There is a centeralized API (redlure-console) where you can create the different aspects of your phishing campaigns. This console controls secondary servers running a more basic API (redlure-workers) that do the actual hosting of your phishing sites/files and communicate results back to the main server. Obviosuly there are existing tools that can accomplish phishing, but here are a few features to this tool that differentiate it and will be descirbed in the abstract.

Audience: Offense


Interact @ #dl-creel-redlure-text: https://discord.com/channels/708208267699945503/730256326868860949

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Forum: https://forum.defcon.org/node/233131


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 22:00-22:30 PDT


Title: Result of Longer Passwords in Real World Application (Rebroadcast)
When: Friday, Aug 7, 22:00 - 22:30 PDT
Where: Password Vlg

SpeakerBio:Minga
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Friday - 15:00-15:30 PDT


Title: Result of Longer Passwords in Real World Application
When: Friday, Aug 7, 15:00 - 15:30 PDT
Where: Password Vlg

SpeakerBio:Minga
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

RGV - Friday - 11:00-11:59 PDT


Title: Rogues Village Introduction
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Rogues Vlg

SpeakerBio:Rogues Village Team
No BIO available

Description:
Who are we? What are we doing? How many ham-sandwiches can you fit into a handbag? Well, tune in to find out all of our secrets at Rogues Village this year.

Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Friday - 13:00-13:59 PDT


Title: Russian Cyber Threats in The Pandemic Era
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: BioHacking Vlg

SpeakerBio:Dr. Khatuna Mshvidobadze
Dr. Khatuna Mshvidobadze teaches cybersecurity and information management at Utica College and George Washington University. Her constantly updated “Russian Cyber Threats” has been presented around the world. Her articles have appeared throughout the international press.

Description:
Russia has seized upon the global Covid-19 pandemic as an opportunity to use its multifaceted, multidirectional information and cyberwarfare strategy against its prospective enemies. Russian state-sponsored hackers are using the coronavirus to spread different types of malware against western nations. Universities, hospitals and scientific facilities with access to classified information are targeted to steal data and research related to Covid-19. In this respect, the presentation will cover cyber-attack efforts against the healthcare industry in the United States and Europe. The presentation will discuss tactics, techniques and procedures (TTPs) of the advanced persistent threat (APT) groups. It will review Russian ransomware criminal actors and their communication channels (dark web).

The presentation also will highlight the role of the siloviki (people of power) in the country’s information warfare efforts. It will examine the structural units of the Russian Federal Security service (FSB) and Russian military intelligence (GRU), their projects and their networks of allied criminal groups. It will discuss how intelligence organizations are using APT groups through complex outsourcing strategies to conduct cyberwarfare over a broad spectrum. The presentation suggests several factors that drive the current trends in Russian cyber capabilities. It will also survey current trends: growing sophistication of TTPs and tools, supply chain threats, false flag operations, deception tactics, third party entry vectors and cyber espionage. Finally, the Russian Cyber Threat presentation will cover the role and mission of the Russian Foundation for Advanced Research Projects in the Defense Industry, the Russian Army’s Technopolis, and Russia’s chemical, biological, medical, informational and research efforts.


BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 12:00-12:30 PDT


Title: Satellite Orbits 101
When: Friday, Aug 7, 12:00 - 12:30 PDT
Where: Aerospace Vlg

SpeakerBio:Matt Murray
With a degree in Electrical and Computer Engineering at the undergraduate level and Computer Information Systems Engineering with concentrations in Networks and Cyber Security at the Graduate level; Matthew Murray has spent the last twelve of a twenty year career supporting aerospace, cyber and software engineering contracts with Lockheed Martin. His industry knowledge and expertise includes infrastructure hardware, software/hardware interfaces, software development, networking and cyber security. Throughout his career he has gained an in-depth understanding of an array of disciplines and technologies that include satellite orbits and the software development techniques tied to them.

Description:
Satellite Orbits 101 will provide an introductory understanding of the orbit of satellites/space vehicles. Leveraging knowledge, experience and visualization tools designed to describe and present orbital behaviors; the presentation will cover introductions to an array of orbital topics including what it even takes to reach and maintain orbit; which launch sites and windows are as important as they are; altitude classifications, such as HEO and LEO; directional classifications; inclination classifications, eccentricity classifications and more. The overlaps and interactions of these topics will also be discussed, as for example a satellite launched from near the equator and destined for a low-inclination orbit could receive help in reaching orbit from the rotation of the earth itself, but how this is not true for satellites bound for high inclination orbits. An attendee will walk away layman’s introductory demystification of just how many layers are beneath the phrase Satellite Orbit.

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.


Discord: https://discord.com/channels/708208267699945503/732394328105943180


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 06:00-15:59 PDT


Title: SEATF: Maritime Hacking CTF
When: Friday, Aug 7, 06:00 - 15:59 PDT
Where: See Description or Village

Description:
Fathom5’s Maritime-Industrial CTF event allows competitors to gain hands-on experience hacking real maritime hardware in a controlled environment using Fathom5’s Grace maritime cybersecurity testbed. Grace is an accessible, realistic configuration of maritime systems where competitors complete challenges in a simulated afloat environment, with real ICS components and fieldbus protocols. The Grace testbed replicates a series of different maritime-industrial environments, including navigation, fire main, and hydraulic steering systems. The testbed makes both physical and simulated components available to competitors in order to replicate performance of maritime systems at lifelike scale. The CTF challenges scale from novice to expert-level on both IT and OT fronts such that competitors can gain experience on either side of the system. This CTF event has been deployed at DEFCON 27 (Aug 2019) as part of the Hack The Sea Village v1.0 and at HACKtheMACHINE-NYC (Sept 2019). It is also planned for to be deployed at DEFC ON 28 and HACKtheMACHINE- Atlanta in Aug 2020. This CTF can support approximately 20 teams of 3-5 individuals concurrently and typically takes 14 hours for skilled teams to navigate the challenges. The number of teams, size of teams, and depth of challenges can be adjusted to fit within host event timelines.

Forum: https://forum.defcon.org/node/233012

Discord: https://discord.com/channels/708208267699945503/711644244753776640


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 15:00-15:30 PDT


Title: Secretary Kim Wyman, Washington
When: Friday, Aug 7, 15:00 - 15:30 PDT
Where: Voting Vlg

SpeakerBio:Kim Wyman , Secretary of State, Washington
No BIO available

Description:No Description available


YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Friday - 12:00-12:59 PDT


Title: Security Focused Operating System Design
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Blockchain Vlg

SpeakerBio:Colin Cantrell
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

ETV - Friday - 16:00-16:59 PDT


Title: Security of Election Systems: A contract case study in progress
When: Friday, Aug 7, 16:00 - 16:59 PDT
Where: Ethics Vlg

SpeakerBio:Rim Boujnah
No BIO available

Description:
This will be a live talk.


Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 12:30-12:59 PDT


Title: See Something, Say Something
When: Friday, Aug 7, 12:30 - 12:59 PDT
Where: Voting Vlg

SpeakerBio:Marten Mickos , CEO, HackerOne
No BIO available

Description:No Description available


YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

ENT - Friday - 23:00-23:59 PDT


Title: Shadowvex
When: Friday, Aug 7, 23:00 - 23:59 PDT
Where: See Description or Village

Description:
Underground hacker, audio/visual artist and researcher of entheogenic blockchain technology.  Music is magick.

Forum: https://forum.defcon.org/node/230970

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Location: https://www.twitch.tv/defcon_music

Web: https://shadowvex.com

Twitter: https://twitter.com/shadowvex


Return to Index    -    Add to    -    ics Calendar file

 

FSL - Friday - 21:00-21:59 PDT


Title: Shrek, Juggs, and Toxic Trolls: a BADASS discussion about Online Sexuality and Hacktivism
When: Friday, Aug 7, 21:00 - 21:59 PDT
Where: DEF CON Fireside Twitch
Speakers:Katelyn Bowden,Rachel Lamp,Allie Barnes,Kate Venable,Marleigh Farlow,Tim Doomsday

SpeakerBio:Katelyn Bowden , CEO and Founder, BADASS
No BIO available

SpeakerBio:Rachel Lamp , COO, BADASS
No BIO available

SpeakerBio:Allie Barnes , CTO, BADASS
No BIO available

SpeakerBio:Kate Venable , Head of Legal, BADASS
No BIO available

SpeakerBio:Marleigh Farlow , CMO, BADASS
No BIO available

SpeakerBio:Tim Doomsday , CISO, BADASS
No BIO available

Description:
In this panel discussion, the BADASS army team will be talking about the intersection between security and sex, the problem of online exploitation and harassment, and what needs to be done to address these issues. After an introduction to the org and the culture of NOn Consensual Pornography, The panel will be a free form conversation with audience participation, covering a wide variety of topics related to NCP and online sexual abuse.

BADASS is a nonprofit org dedicated to fighting image based abuse. Founded in 2017 by victims of NCP, it has grown to be one of the major organizations trying to prevent online exploitation.


DEF CON Fireside Lounges will be live-streamed on Twitch.

Twitch: https://www.twitch.tv/defconorg

#fireside-lounge-text: https://discord.com/channels/708208267699945503/738141986476916826


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Friday - 14:00-14:59 PDT


Title: So You Got an SDR: Common Signals and the Wiki
When: Friday, Aug 7, 14:00 - 14:59 PDT
Where: Ham Radio Vlg

Description:
Come learn about how to use an software defined radio (SDR) to pick up and signals, and how to identify what they are and what they mean.

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Social Engineer SECTF4Teens
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231051

Discord: https://discord.com/channels/708208267699945503/726609125760434176

Web: https://www.social-engineer.org/sevillage-def-con/the-sectf4teens/


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 10:30-10:59 PDT


Title: Spectra—New Wireless Escalation Targets
When: Friday, Aug 7, 10:30 - 10:59 PDT
Where: DEF CON Q&A Twitch
Speakers:Francesco Gringoli,Jiska Classen

SpeakerBio:Francesco Gringoli , University of Brescia
No BIO available

SpeakerBio:Jiska Classen , Secure Mobile Networking Lab
jiska likes to break things, and Francesco loves reverse engineering. They both have a history in binary patching on Broadcom chips. While jiska focuses on the Bluetooth side of this project, Francesco is the Wi-Fi specialist.
Twitter: @naehrdine

Description:
Wireless coexistence enables high-performance communication on platforms with a small form factor despite overlapping frequency bands. On-chip coexistence is essential to combine wireless technologies, and manufacturers implement various proprietary solutions. This presentation demonstrates multiple attacks on two coexistence features of Broadcom and Cypress Wi-Fi/Bluetooth combo chips. Various popular devices that were released over a decade are affected, such as the Google Nexus 5 and iPhone 6, but also the newest iPhone 11 and Samsung Galaxy S20.

On the analyzed chips, Wi-Fi and Bluetooth run on separate processing cores, but various information leaks and even code execution become possible through their coexistence interfaces. As these escalations concern an internal chip interface, the operating system cannot prevent them. However, coexistence exploitation widens the possibilities to escalate into drivers and the operating system on top.


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

AIV - Friday - 13:30-13:59 PDT


Title: Spectrum: An End-to-End Framework for ML-based Threat Monitoring and Detection
When: Friday, Aug 7, 13:30 - 13:59 PDT
Where: AI Vlg

SpeakerBio:Nahid Farhady
No BIO available

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Friday - 10:00-10:59 PDT


Title: STARTTLS is Dangerous
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Hanno Böck
Hanno is a freelance writer and IT security professional. He has discovered high profile TLS vulnerabilities in the past, including the ROBOT attack and flaws in TLS GCM implementations. He is the author of the monthly Bulletproof TLS Newsletter.

Description:
The STARTTLS mechanism allows upgrading insecure protocols to a TLS encrypted connection. This mechanism is incredibly fragile and almost by default leads to vulnerable implementations. In 2011 Wietse Venema discovered a flaw in Postfix that allowed a man in the middle attacker to inject commands into an encrypted connection [1].

We discovered that the flaw is still widely present in E-Mail servers and also, previously unknown, the same flaw exists in many mail clients. In some cases these flaws allow stealing E-Mail credentials. Furthermore the STARTTLS mechanism is weakly specified and in part contradictory, which allows other attacks.

The talk will give an overview on why STARTTLS is dangerous and should be avoided.


Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Friday - 12:50-13:25 PDT


Title: Static analysis of Infrastructure as code: Terraform, Kubernetes, Cloudformation and more!
When: Friday, Aug 7, 12:50 - 13:25 PDT
Where: Cloud Vlg

SpeakerBio:Barak Schoster
Barak Schosteris CTO and Co-founder at Bridgecrew, working from Tel Aviv, Israel, Helping teams secure cloud infrastructure. Often contributing to open source projects including Checkov, AirIAM, Terragoat, Prowler, and others. He has previously worked for RSA focused on cybersecurity machine learning and big data architecture as well as at Fortscale and IDF tech unit. When not writing code or Barak loves to drink coffee and wine (but not at the same time).
Twitter: @BarakSchoster

Description:
Planning, provisioning, and changing infrastructure are becoming vital to rapid cloud application development. Incorporating infrastructure-as-code into software development promotes transparency and immutability and helps prevent bad configurations upstream.

About this talk: Planning, provisioning, and changing infrastructure are becoming vital to rapid cloud application development. Incorporating infrastructure-as-code into software development promotes transparency and immutability and helps prevent bad configurations upstream.

In this talk:

We'll cover the current state of infrastructure security in the open source registries.

From there we will continue to discuss best practices for writing, testing, and maintaining infrastructure at scale, keeping the infrastructure code secured using open source scanners.

We will cover infrastructure security use cases like encryption, public-facing data entities and plain text secrets, And will show how to find those using policy as code.

Based on the open source tool:

https://github.com/bridgecrewio/checkov/tree/master/docs

And the training resources:

https://github.com/bridgecrewio/terragoat/ https://github.com/madhuakula/kubernetes-goat


Return to Index    -    Add to    -    ics Calendar file

 

PHVT - Friday - 16:00-16:59 PDT


Title: Take Down the Internet! With Scapy
When: Friday, Aug 7, 16:00 - 16:59 PDT
Where: Packet Hacking Vlg - Talk

SpeakerBio:C8 (John Hammond)
John Hammond (Twitter: @_johnhammond) is a cybersecurity instructor, developer, red teamer, and CTF enthusiast. Cyber Training Academy curriculum developer and teacher for the Cyber Threat Emulation course, educating both civilian and military members on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He personally developed training material and infosec challenges for events such as PicoCTF and the "Capture the Packet" competition at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the University of North Carolina Greensboro, and other events like the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality to showcase programming tutorials, cyber security guides, and CTF video walkthroughs. John currently holds the following certifications: Security+, eJPT, CEH, PCAP, OSWP, OSCP, OSCE, and OSWE.
Twitter: @_johnhammond

Description:
You know Python remains a hacker's favorite language... and for both network defenders and attackers alike, Scapy shines as their favorite Python module! This talk introduces Scapy and its syntax, discusses and showcases multiple attacks that can be performed with Scapy (SYN flood, Ping of Death, DNS amplification attacks and more) as well as offering some defensive techniques to mitigate these attacks. These network attacks are often a "denial of service" and have dire consequences – so you choose your role as an attacker or defender, and be part of either the cause or the solution to take down the Internet!


YouTube: http://youtube.com/wallofsheep

Twitch: http://twitch.tv/wallofsheep

Facebook: http://facebook.com/wallofsheep/

Periscope: https://t.co/gnl7JLlftA?amp=1


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Friday - 11:00-11:59 PDT


Title: Talking to Satellites
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Ham Radio Vlg

Description:
Reaching out into space may seem like it would require a PhD and thousands of dollars of equipment, but it can actually be done for about $100. In this talk I will detail how to get started talking to satellites using basic equipment. With just a Ham Radio license and some gear, you too can talk to satellites and by extension people thousands of miles away.

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 15:00-15:59 PDT


Title: Talking To Satellites - 101
When: Friday, Aug 7, 15:00 - 15:59 PDT
Where: Aerospace Vlg

SpeakerBio:Eric Escobar
Eric is a seasoned pentester and a Principal Security Consultant at Secureworks. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. He has successfully compromised companies from all sectors of business including: Healthcare, Pharmaceutical, Entertainment, Amusement Parks, Banking, Finance, Technology, Insurance, Retail, Food Distribution, Government, Education, Transportation, Energy and Industrial Manufacturing.

His team consecutively won first place at DEF CON 23, 24, and 25's Wireless CTF, snagging a black badge along the way. Forcibly retired from competing in the Wireless CTF, he now helps create challenges!


Description:
Reaching out into space may seem like it would require a PhD and thousands of dollars of equipment, but it can actually be done for about $100. In this talk I will detail how to get started talking to satellites using basic equipment. With just a Ham Radio license and some gear, you too can talk to satellites and by extension people thousands of miles away.

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.


Discord: https://discord.com/channels/708208267699945503/732394328105943180


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-23:59 PDT


Title: TeleChallenge
When: Friday, Aug 7, 09:00 - 23:59 PDT
Where: See Description or Village

Description:
It’s Election 2020! The national vote-by-phone polls are about to open and it’s a knock down, drag-out battle of political wits between Presidential candidates Michael Key and Founder Jack Carson, VC. DEF CON hackers, team up and take to the phones: lie, cheat, and steal your way to the ultimate victory. Every hacker vote counts—so vote early and often!

Forum: https://forum.defcon.org/node/231949

Discord: https://discord.com/channels/708208267699945503/711644470063399012

Twitter: https://twitter.com/TeleChallenge

Web: https://telechallenge.org


Return to Index    -    Add to    -    ics Calendar file

 

ENT - Friday - 18:00-18:59 PDT


Title: Terrestrial Access Network
When: Friday, Aug 7, 18:00 - 18:59 PDT
Where: See Description or Village

Description:
If packets could dance, they would surely dance to this...

Forum: https://forum.defcon.org/node/230970

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Twitch: https://www.twitch.tv/defcon_music

Soundcloud: https://soundcloud.com/collinsullivan

Spotify: https://open.spotify.com/artist/53WcPPzAkgtrcJhAfytwMN


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: The Gold Bug – Crypto and Privacy Village Puzzle
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go.

The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too! PELCGBTENCUL VF UNEQ


Forum: https://forum.defcon.org/node/232942

Discord: https://discord.com/channels/708208267699945503/711644108837486602

Twitter: https://twitter.com/CryptoVillage 

Web: https://goldbug.cryptovillage.org/


Return to Index    -    Add to    -    ics Calendar file

 

ICS - Friday - 13:45-14:45 PDT


Title: The Journey of ICS Project Files - Visibility and Forensics to Exploitation
When: Friday, Aug 7, 13:45 - 14:45 PDT
Where: ICS Vlg

SpeakerBio:Nadav Erez
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village


Return to Index    -    Add to    -    ics Calendar file

 

IOT - Friday - 18:30-19:15 PDT


Title: The Joy of Coordinating Vulnerability Disclosure
When: Friday, Aug 7, 18:30 - 19:15 PDT
Where: IOT Vlg
Speakers:Daniel Gruss,CRob,Lisa Bradley,Katie Noble,Omar Santos, Anders Fogh

SpeakerBio:Daniel Gruss , TU Graz
No BIO available

SpeakerBio:CRob , Red Hat
No BIO available

SpeakerBio:Lisa Bradley , Dell
No BIO available

SpeakerBio:Katie Noble , Intel Corp
Katie currently serves as a Director of PSIRT and Bug Bounty at Intel Corp. Where she leads the cyber security vulnerability Bug Bounty program, researcher outreach, and strategic planning efforts. Previous to this position, Katie served as the Section Chief of the Vulnerability Management and Coordination at the Department of Homeland Security, Cyber and Infrastructure Security Agency (CISA) where she led DHS’ primary operations arm for coordinating the responsible disclosure and mitigation of identified cyber vulnerabilities in control systems, enterprise, hardware and software. Katies team is credited by the Secretary of Homeland Security with the coordination and public disclosure of over 20,000 cyber security vulnerabilities within a two year period. Katie is a highly accomplished manager with over 14 years of U.S. Government experience, both in the Intelligence Community and Cyber Security Program Management. She has operated at all levels from individual contributor as an Intelligence Analyst for the National Intelligence Community to Senior Policy Advisor for White House led National Security Council (NSC) Cyber programs. Her work has directly impacted the decision making of the NSC, Defense Information Systems Agency, Office of the Director of National Intelligence, Department of Defense, Federal Communications Commission, Central Intelligence Agency, U.S. Coast Guard, U.K.Ministry of Defense, Canadian Government agencies, and Australian Cabinet Ministry.

SpeakerBio:Omar Santos , Cisco
Omar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar is the author of over 20 books and video courses; numerous white papers, and other articles. Omar is a Principal Engineer of Cisco’s Product Security Incident Response Team (PSIRT) where he mentors and lead engineers and incident managers during the investigation and resolution of security vulnerabilities. Omar is often presenting at many conferences and he is the co-lead of the DEF CON Red Team Village.
Twitter: @santosomar

SpeakerBio: Anders Fogh , Intel
No BIO available

Description:
Under the best of circumstances, coordinating disclosure of vulnerabilities can be a challenge. At times it can feel like everyone involved in CVD has conflicting motivations. The truth is that all of us are aspiring to do the right thing for end-users based on our perspective. The panel will share experiences and show how researchers and technology companies can work together to improve the impact of disclosing vulnerabilities on the technology ecosystem. Join CRob (Red Hat), Lisa Bradley (Dell), Katie Noble (Intel), Omar Santos (Cisco), Anders Fogh (Intel) and Daniel Gruss (TU Graz) for an exciting and engaging dialog between security researchers and industry experts on the Joy of coordinating vulnerability disclosure.

IOT Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/iotvillage


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Friday - 12:00-12:59 PDT


Title: The Norwegian Blue: A lesson in Privacy Engineering
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Eivind Arvesen
Eivind is a senior software developer and architect who works as a consultant for Bouvet, specializing in security and privacy. He holds a master’s degree with a focus on machine learning, and has experience ranging from his own startup during his studies to large organizations both public and private. Eivind was recently temporarily pulled from his usual project within critical infrastructure to be part of a government appointed expert panel tasked with evaluating the Norwegian COVID-19 app. In his spare time, Eivind writes about privacy issues, participates in bug bounties, contributes to open source software and records music.

Description:
"Can smartphones automate contact tracing?" As COVID-19 spread like wildfire earlier this year, health authorities around the world asked themselves this question. If so: What data would you need, from whom, under what circumstances – and which safeguards should be in place? You could just upload all of everyone's data from every sensor continuously, right? It's not like you know for certain what data you'll need anyways. Besides, people should trust their government. What could go possibly wrong? Join me as I explore how Norway became worst-in-class in contact tracing. I'll be telling the story of how I became a member of the government appointed expert panel tasked with evaluating the Norwegian COVID-19 app, what we found, as well as the weirdness that unfolded around us before, during, and after our work.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: The Schemaverse Championship
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The Schemaverse [skee-muh vurs] is a space battleground that lives inside a PostgreSQL database. Mine the hell out of resources and build up your fleet of ships, all while trying to protect your home planet. Once you're ready, head out and conquer the map from other DEF CON rivals.

This unique game gives you direct access to the database that governs the rules. Write SQL queries directly by connecting with any supported PostgreSQL client or use your favourite language to write AI that plays on your behalf. This is DEF CON of course so start working on your SQL Injections - anything goes!


Forum: https://forum.defcon.org/node/233021

Discord: https://discord.com/channels/708208267699945503/711644182116040784

Twitter: https://twitter.com/schemaverse

Web: https://schemaverse.com


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Friday - 13:00-13:59 PDT


Title: This year's village badge
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Monero Vlg

SpeakerBio:Michael Schloh von Bennewitz
No BIO available

Description:
Codenamed Bob, this year's electronic badge enjoys collaboration from several villages and is called the Intervillage Badge. https://bob.monerodevices.com/ In this hour, we review the construction and feature set of this unique electronic badge. We consider it's energy harvesting ability, hackable nature, and radio signature. This year's badge contains three RFID/NFC long range circuits, dome switches never seen before on badges, and a trapazoidal 13.56 MHz trace antenna. It is enclosed in a translucent colored plastic frame, a full colour front overlay, and back mounted color leatherette (to protect your phone lens.) The Opensource design is located on scm.monerodevices.com with several of your Monero friends participating in the project. The Intervillage Badge is distributed by well known sellers, please see shop.monerodevices.com for information. For more information about this year's village badge (and many others), please visit the Monero Village office hours. View the schedule at Monerovillage.org and look for 'Badge Clinic'.

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

BTVW2 - Friday - 15:00-16:30 PDT


Title: Threat Hunting with the Elastic Stack (Beginner)
When: Friday, Aug 7, 15:00 - 16:30 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Ben Hughes
Ben Hughes (@CyberPraesidium) brings over 15 years of diverse experience in cyber security, IT, and law. He leads Polito's commercial services including pen testing, DFIR, and threat hunting. Prior to joining Polito, Ben worked on APT hunt teams at federal and commercial clients. He holds CISSP, GWAPT, and GCFA certifications.
Twitter: @CyberPraesidium

Description:
This hands-on workshop will walk you through leveraging the open source Elastic (ELK) stack to proactively identify attacker activity hiding within diverse data sets. The basic tools and techniques taught during this workshop can be used to investigate isolated security incidents or implemented at scale for continuous monitoring and threat hunting. You will be provided with access to a preconfigured Elastic cluster and extensive sample logs containing malicious endpoint and network events waiting to be discovered on a simulated enterprise network. Emphasis will be placed on live demos and practical training exercises throughout.

With all new logs and revamped material from our past versions of this workshop, this year's hands-on workshop will walk attendees through leveraging the open source Elastic (ELK) stack to proactively identify malicious activity hiding within diverse data sets. The basic tools and techniques taught during this class can be used to investigate isolated security incidents or implemented at scale for continuous monitoring and threat hunting. Attendees will be provided with access to a preconfigured Elastic cluster and extensive sample logs containing malicious endpoint and network events waiting to be discovered on a simulated enterprise network. New for this year, attacker artifacts will be more closely mapped to the MITRE ATT&CK Framework and tagged accordingly in the provided logs to help demonstrate the value of log enrichment, showcase both common and novel real-world attacker TTPs, and leverage a methodological approach to adversary and anomaly detection. Emphasis will be placed on live demos and practical training exercises throughout.


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Friday - 16:00-16:45 PDT


Title: Threat Modelling the Death Star
When: Friday, Aug 7, 16:00 - 16:45 PDT
Where: AppSec Vlg

SpeakerBio:Mário Areias
No BIO available

Description:
It is a known fact the Empire needs to up their security game. The Rebellion hack their ships, steal their plans, and even create backdoors! In this talk, we will help the Empire by threat modeling the Death Star. Traditionally, Threat Models have been a slow and boring process that ends up with a giant document detailed any possible security problem. This approach, although useful in the past, is not necessarily good in an ever-changing environment (or when you have Jedis as enemies!).

I will introduce Attack Trees and how they can fit in nicely in a DevOps world. Come and join the Dark Side! We might save the Empire after all!


AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 18:00-18:59 PDT


Title: Total E(A)gression
When: Friday, Aug 7, 18:00 - 18:59 PDT
Where: Red Team Vlg

SpeakerBio:Alvaro Folgado Rueda
Rebujacker works as a Product Security Engineer at Salesforce. He has multiple years of experience performing penetration tests, security assessment against different technologies, building automation tools for this purpose and performing application level research. In the recent years his field of study has been focused into red teaming and automation. The combination of his application level security and pentesting knowledge leads him to build tools/implants that blends-in better with nowadays cloud infrastructure and application stack of tested organizations.  Working recently in its main project: Siesta Time Implant Framework for red teamers, presented in last Defcon Red team Village. Last progress includes new persistence and stealthier network modules.

Description:
Defensive techniques and tools keep getting better and therefore the creation of implants that are not detected is a harder and time consuming task every Red Team operator has to go through. Focusing on the network detection field; recent Intrusion Detection Systems (IDS) that uses new network analysis techniques can detect easily some of our handcrafted implants by analyzing connection fingerprints from both client and server side. In some environments , techniques like Deep Packet Inspection can map our implants to possible threats to be addressed. In this talk, I provide solutions that can be used on implants; a modified TLS Go package that allows circumventing tools like JA3 by providing desired fingerprints that will help to mimic rightful client software, egression to Gmail servers and techniques like steganography/encryption to hide obvious payloads. All these ideas are tailored into a new network modules for the Siesta Time Framework, to help to automate the creation of desired Implants. As a finale, possible new defensive techniques to improve tools like JA3 will be explained.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 13:00-13:59 PDT


Title: Trust, but Verify: Maintaining Democracy In Spite of Информационные контрмеры
When: Friday, Aug 7, 13:00 - 13:59 PDT
Where: Red Team Vlg

SpeakerBio:Allie Mellen
Allie Mellen - I’ve spent several years in cybersecurity and have been recognized globally for my security research. Over the past year, I have helped organize and execute multiple election security tabletop exercises with participants from the FBI, Secret Service, Department of Homeland Security, and state law enforcement. In these sessions, it’s hackers versus law enforcement as an exercise in what attackers can do to disrupt Election Day and what the government is prepared to do - or should be prepared to do - to stop them.

Description:
In this session, we’ll discuss how Russia has influenced worldwide elections using cyberwarfare and how countries have fought back. We’ll understand the natural asymmetry between how countries are able to respond, and how they have changed their approach since 2016.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

BTVW1 - Friday - 13:30-14:59 PDT


Title: Turning Telemetry and Artifacts Into Information (Intermediate)
When: Friday, Aug 7, 13:30 - 14:59 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Omenscan
No BIO available

Description:
There are many excellent FOSS triage and live response tools for Windows. They can dive deep into Windows systems to extract the artifacts and telemetry that might identify what happened on a machine.

However, after extracting those artifacts, it is usually up to the analyst to parse and reformat the raw data from these artifacts to make sense of them.

What if you are looking for a basic, repeatable, automated way to create an overview of what happened on a machine? In this Show And Tell we'll walk through the process of turning raw artifacts into useful information.

The presenter has spent many years developing tools and methods to help junior forensicators collect, parse, and make sense of Windows telemetry and artifacts. And in the process help them learn more.

In this Show And Tell, we will walk through the process of doing an automated, targeted collection on a suspicious machine. We will take that collection, and use Open Source tools to turn that data into an immediately useful report. We will also cover how to collect locally, and remotely - and the unique challenges that each presents.

We will start with collecting data from a suspicious endpoint using AChoir, and creating a report from that data using AChReport. We will also use tools like Volatility and Loki to automate memory analysis and determine if something malicious is located in memory. We will cover this process for both live systems, and collected memory dumps. And we will talk about when you would use one method over the other.

Finally, we will take the collected data, and show how to run Plaso against it to get a timeline which can be further processed for a more detailed analysis.

This workshop is relevant for both the novice and experienced forensic analyst. It is targeted at automating parts of the forensic analysis process to find common signs of malicious activity. We will use specific tools, but the goal is to show how forensic tools can be automated to enhance the forensic analysis process.


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

ETV - Friday - 12:00-12:59 PDT


Title: U.S. Privacy and Civil Liberties Oversight Board Member
When: Friday, Aug 7, 12:00 - 12:59 PDT
Where: Ethics Vlg

SpeakerBio:Travis LeBlanc
No BIO available

Description:
This will be a pre-recorded talk.


Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-23:59 PDT


Title: ULTIMATE Secure Coding Throwdown (Secure Code Warrior)
When: Friday, Aug 7, 09:00 - 23:59 PDT
Where: See Description or Village

Description:
Are. You. Ready? Head to the AppSec battlefield and prove that you are the ultimate secure coding champion. Go head-to-head with your peers as you test your web application security knowledge of the OWASP Top 10. Strut your skills. Crush the competition. Score excellent prizes and take home the title of Secure Code Warrior!

Players will be presented with a series of vulnerable code challenges that will ask them to identify the problem, locate the insecure code, and fix the vulnerability. Select from a range of software languages to complete the tournament, including Java EE, Java Spring, C MVC, C WebForms, Ruby on Rails, Python Django, Scala Play & Node.JS. It’s gamified, it’s relevant, but most of all - it’s fun.

Watch as you earn points and climb to the top of the real-time leaderboard during the event. Prizes will be awarded to the top 3 point scorers, with one security superhero being crowned the ultimate Secure Code Warrior. Will it be you?

Psst: Want to test your secure coding skills at your own pace, without the competition? You’re welcome to come along and join the fun


Web: https://discover.securecodewarrior.com/DEFCON28-tournament.html

Forum: https://forum.defcon.org/node/232898

Discord: https://discord.com/channels/708208267699945503/741327638815309984


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 10:00-13:30 PDT


Title: Understanding Space Through a CyberSecurity Lens
When: Friday, Aug 7, 10:00 - 13:30 PDT
Where: Aerospace Vlg Workshop

Description:
This exciting, fast-paced course delivers the "big picture" of space missions from cradle to grave. Understanding Space is the ideal course for technical or non-technical professionals new to the space industry or who need a refresher on the fundamentals.

Learning outcomes will be:
- Gain Core Space Knowledge
- Comprehend space mission Capabilities, Trade-offs and Limitations - Apply Space Concepts to real-world problems - Analyze Typical Space Problems
- Synthesize concepts to Design a Space Mission - Evaluate basic technical and programmatic space issues

This will be a half-day course instead of the normal 2-day course.


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Friday - 14:30-17:59 PDT


Title: Understanding Space Through a CyberSecurity Lens
When: Friday, Aug 7, 14:30 - 17:59 PDT
Where: Aerospace Vlg Workshop

Description:
This exciting, fast-paced course delivers the "big picture" of space missions from cradle to grave. Understanding Space is the ideal course for technical or non-technical professionals new to the space industry or who need a refresher on the fundamentals.

Learning outcomes will be:
- Gain Core Space Knowledge
- Comprehend space mission Capabilities, Trade-offs and Limitations - Apply Space Concepts to real-world problems - Analyze Typical Space Problems
- Synthesize concepts to Design a Space Mission - Evaluate basic technical and programmatic space issues

This will be a half-day course instead of the normal 2-day course.


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Friday - 11:00-11:59 PDT


Title: Verifiable Delay Functions for preventing DDoS Attacks on Ethereum 2.0
When: Friday, Aug 7, 11:00 - 11:59 PDT
Where: Blockchain Vlg
Speakers:Gokul Alex,Tejaswa Rastogi

SpeakerBio:Gokul Alex
No BIO available

SpeakerBio:Tejaswa Rastogi
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Friday - 10:00-10:15 PDT


Title: Village Opening Remarks
When: Friday, Aug 7, 10:00 - 10:15 PDT
Where: Ham Radio Vlg

Description:
Welcome to Ham Radio Village @ DEF CON Safe Mode

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991


Return to Index    -    Add to    -    ics Calendar file

 

PHVW - Friday - 16:00-17:59 PDT


Title: Violent Python 3
When: Friday, Aug 7, 16:00 - 17:59 PDT
Where: Packet Hacking Vlg - Workshop
Speakers:Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handleman,Sam Bowne

SpeakerBio:Elizabeth Biddlecome , Part-time Instructor, City College San Francisco
Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She is a senior instructor for Infosec Decoded, Inc. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.

SpeakerBio:Irvin Lemus
Irvin Lemus has served clients throughout California, providing valuable professional services that bring peace of mind to clients as well as security against the constant threats with our ever-connected world.

SpeakerBio:Kaitlyn Handleman
Kaitlyn Handleman is a Professional Red Teamer.

SpeakerBio:Sam Bowne , Founder, Infosec Decoded Inc.; Instructor, City College San Francisco
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.

Credentials: PhD, CISSP, DEF CON Black Badge Co-Winner

Twitter: @sambowne

Description:
Even if you have never programmed before, you can quickly and easily learn how to make custom hacking tools in Python. We build tools that perform port scanning, brute-force attacks, crack password hashes, and XOR encryption. Python is among the top three programming languages in the world, for good reason: it's the easiest language to use for general purposes.

This workshop requires registration. If you are registered, please proceed to #phv-infobooth-text and you'll be given access to join.

#phv-infobooth-text: https://discord.com/channels/708208267699945503/708242376883306526


Return to Index    -    Add to    -    ics Calendar file

 

ICS - Friday - 11:45-12:15 PDT


Title: Vulnerability Discovery - Tips for Surviving and Thriving
When: Friday, Aug 7, 11:45 - 12:15 PDT
Where: ICS Vlg
Speakers:Dor Yardeni,Mike Lemley

SpeakerBio:Dor Yardeni
No BIO available

SpeakerBio:Mike Lemley
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Twitch: https://www.twitch.tv/ics_village


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 18:00-19:59 PDT


Title: War Story Bunker
When: Friday, Aug 7, 18:00 - 19:59 PDT
Where: See Description or Village

Description:
One of our favorite parts of DEF CON every year is hearing about what other hackers have been up with harrowing tales of red team exercises gone wrong, or so very right. We’ve also heard of valiant efforts of defense from our blue team folks while waiting in Linecon. Do you have a cool “war story” to share? Would you like to listen to some fun stories from your fellow hackers? This is the place to be. Join the DEF CON CFP Board, Goons, and fellow hackers around the bunker.

Selected speakers will get 15 minutes to tell their stories on the Discord voice channel, and audience members will be able to ask questions, or discuss on the text channel.

The sign up form won’t be open until the night of the event, participation will be first come first serve, and subject to moderation.


Discord: https://discordapp.com/channels/708208267699945503/733562251285495818/736711109037522944


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Friday - 10:00-10:30 PDT


Title: Welcome and Kick-Off
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: Voting Vlg
Speakers:Harri Hursti,Matt Blaze,Maggie MacAlpine

SpeakerBio:Harri Hursti
Co-Founder, DEF CON Voting Village
Founding Partner, Nordic Innovation Labs

SpeakerBio:Matt Blaze
Co-Founder, DEF CON Voting Village
Professor of Law and McDevitt Chair for the Department of Computer Science, Georgetown University

SpeakerBio:Maggie MacAlpine
Co-Founder, DEF CON Voting Village
Co-Founder, Nordic Innovation Labs

Description:No Description available


YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Twitch: https://www.twitch.tv/votingvillagedc


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Friday - 09:50-09:59 PDT


Title: Welcome Speech
When: Friday, Aug 7, 09:50 - 09:59 PDT
Where: Monero Vlg

SpeakerBio:rehr
No BIO available

Description:No Description available

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 09:30-09:59 PDT


Title: Welcome to DEF CON Safe Mode
When: Friday, Aug 7, 09:30 - 09:59 PDT
Where: See Description or Village

SpeakerBio:The Dark Tangent
No BIO available

Description:

YouTube: https://www.youtube.com/watch?v=pn68aAZc5Sg

Twitch: https://www.twitch.tv/defconorg


Return to Index    -    Add to    -    ics Calendar file

 

PAYV - Friday - 09:45-09:59 PDT


Title: Welcome to the Payment Village
When: Friday, Aug 7, 09:45 - 09:59 PDT
Where: Payment Vlg

SpeakerBio:Leigh-Anne Galloway
No BIO available

Description:
Leigh-Anne will introduce you to the Payment Village and cover key information required to participate in the Payment Village at DEF CON

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q


Return to Index    -    Add to    -    ics Calendar file

 

DC - Friday - 13:30-13:59 PDT


Title: When TLS Hacks You
When: Friday, Aug 7, 13:30 - 13:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Joshua Maddux , Security Engineer, Latacora
Joshua Maddux started out as a software engineer. After a few years, having introduced his share of bugs to the world, he started hunting for vulnerabilities in his own code and elsewhere. At PKC Security he gained additional experience in software development and white-box penetration testing, and gave his first ever conference talk at Blackhat USA on a series of systemic SSRF vulnerabilities in sites supporting Apple Pay. Now on the Appsec team at Latacora, he helps advise startups in building secure products. Aside from work for clients, Joshua is also active in the bug bounty world. His past research has led to security updates in Java, Netflix, Gitlab, United Airlines, Zapier, and others.
Twitter: @joshmdx

Description:
Lots of people try to attack the security of TLS. But what if we use TLS to attack other things? It's a huge standard, and it turns out that features intended to make TLS fast have also made it useful as an attack vector.

Among other things, these features provide a lot of flexibility for Server-Side Request Forgery (SSRF). While past work using HTTPS URLs in SSRF has relied upon platform-specific bugs such as SNI injection, we can go further. In this talk, I present a novel, cross-platform way of leveraging TLS to target internal services.

Uniquely, these attacks are more effective the more comprehensively a platform supports modern TLS, so won't go away with library upgrades. It is also unlikely that the TLS spec will change overnight at the whim of a random security researcher. Instead, we need to walk through scenarios and dispel common assumptions so the audience can know what to look out for. Of course, the best way to do so is with demos!


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Friday - 10:00-10:59 PDT


Title: Who’s secure, who’s not, & who makes that choice
When: Friday, Aug 7, 10:00 - 10:59 PDT
Where: AppSec Vlg

SpeakerBio:Maddie Stone
No BIO available
Twitter: @maddiestone

Description:No Description available

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Friday - 09:00-17:59 PDT


Title: Wireless Capture the Flag
When: Friday, Aug 7, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Do you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Wireless Capture the Flag (WCTF) at DEF CON.

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The WCTF can be completely done with a little knowledge, a pen tester’s determination, and $40 or $4000 worth of equipment; the key is to read the clues and determine the goal of each challenge.

Each WCTF event begins with a presentation: How to WCTF. There will be clues everywhere, and we will provide periodic updates. Make sure you pay attention to what’s happening at the WCTF desk, on Twitter https://twitter.com/wctf_us, https://twitter.com/rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer at our discretion.

Forum: https://forum.defcon.org/node/233017

Discord: https://discord.com/channels/708208267699945503/711644270976696380

Twitter: https://twitter.com/wctf_us

Web: https://wctf.us/


Return to Index    -    Add to    -    ics Calendar file

 

WLV - Friday - 17:45-18:45 PDT


Title: Wireless Village Fireside Talk
When: Friday, Aug 7, 17:45 - 18:45 PDT
Where: Wireless Vlg

Description:
FIRESIDE Talk, on stryngs, scapy with a dash of bluetooth, anyone want a code release and some demo on packet creation in BT and other work

#wv-general-voice: https://discord.com/channels/708208267699945503/731262451974144071


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Friday - 15:00-15:59 PDT


Title: Workshop: Let's Talk About Abusability Testing
When: Friday, Aug 7, 15:00 - 15:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Avi Zajac,Franchesca Spektor,Ji Su Yoo,Nicole Chi

SpeakerBio:Avi Zajac
Avi (@_llzes, Avi/they/he) is a privacy-focused hacker and engineer. They love rabbits, cheesecake, and cute things like privacy and security, locksport, cryptography.
Twitter: @_llzes

SpeakerBio:Franchesca Spektor
Franky’s (@3llsaria, she/her) expertise is in ethical design practices around bioethics, disability & sexuality, and she previously served as a Lab Manager for the Disability Design Lab at UC Berkeley.

SpeakerBio:Ji Su Yoo
Ji Su (she/her) is a PhD at UC Berkeley’s School of Information and former researcher at the Harvard Data Privacy Lab, where she worked on security protocol and data privacy.

SpeakerBio:Nicole Chi
Nicole’s (@tinween, she/her) focus is on the “tech for good” space in its many forms, having worked in civic tech, nonprofit digital capacity building, tech policy, and ML ethics. Her strength is bridging connections and expertise across disciplines.
Twitter: @tinween

Description:
Are you concerned about how your products may be used for harm: intentionally or unintentionally? We will be covering the concept of abusability testing for platform abuse in this hybrid panel and workshop, with a clicker style method of interacting to foster deep understanding and participate in discussions on abusability testing. You’ll walk away with an understanding of abusability testing, join a community passionate about fighting platform abuse, and maybe walk away with actionable steps you can take to alleviate harm in your own products.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

HTS - Friday - 10:00-10:30 PDT


Title: Yacht PWNed
When: Friday, Aug 7, 10:00 - 10:30 PDT
Where: Hack the Sea Vlg

SpeakerBio:Stephen Gerling
No BIO available

Description:No Description available

Hack the Sea Village activities will be streamed to Twitch.

Twitch: https://twitch.tv/hackthesea


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Friday - 15:30-16:30 PDT


Title: Yippee-Ki-Yay MFA'er - Bypassing Multi-Factor Authentication with Real-Time Replay Session Instantiation Attacks
When: Friday, Aug 7, 15:30 - 16:30 PDT
Where: Red Team Vlg

SpeakerBio:Justin Hutchens (“Hutch”)
Justin Hutchens (“Hutch”) is a seasoned cyber-security professional who specializes in vulnerability management, attack simulations, penetration testing, and red teaming. In 2008, Hutch began his information security career doing Threat and Vulnerability Management for the United States Air Force. Since separating from the Air Force, he has gone on to lead multiple penetration testing teams in both consulting and internal capacities. He has also achieved a Master’s degree in Computer Security Management and multiple information security certifications to include CISSP, GPEN, GWAPT, and OSCP. Hutch has significant experience in the field and has led assessments in nearly every industry and vertical. He is skilled in coding in Python, JavaScript, PowerShell, and Bash -- and emphasizes the importance of automation for both assessment methodology and development of internal processes.

Description:
In the not-too-distance past, it was fairly easy for red-teamers to conquer almost any environment with a combination of password sprays, or by leveraging social engineering to lure victims to fake login sites and harvest their credentials. But in the current landscape, there are new road-blocks to contend with. Nearly every company and organization has now deployed some form of Multi-Factor Authentication (MFA) on their perimeter services. Fortunately, for red-teamers, the vast majority of implementations of MFA across the Internet (email-based, SMS, OTP, and push requests) all share a common critical flaw that can still be easily circumvented using a modern revision of the classic “credential harvesting” attacks. This talk will offer a comprehensive methodology for how a red team can effectively bypass nearly any MFA service using Python-Flask and browser emulation libraries (Mechanize or Selenium) to replay MFA credentials in real-time, establish legitimate user sessions, and then harvest the session tokens to assume access to those compromised sessions. This methodology will prove once again, that the advantage is still square in the hands of the red team, and that even now…ALL YOUR BASE ARE BELONG TO US!!!

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

ENT - Friday - 21:00-21:59 PDT


Title: Zebbler Encanti Experience
When: Friday, Aug 7, 21:00 - 21:59 PDT
Where: See Description or Village

Description:
Zebbler Encanti Experience (aka ZEE) is an audio/visual collaboration between video artist Zebbler and electronic music producer Encanti, based out of Boston and the Scottish Highlands. The Experience is a performance of mapped visuals on three custom winged projection screens, synchronized with heavy peak-hour psychedelic bass music, resulting in the creation of an immersive A/V fantasy world.

Forum: https://forum.defcon.org/node/230970

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Location: https://www.twitch.tv/defcon_music

Web: http://zebblerencantiexperience.com/

Facebook: https://www.facebook.com/zebblerencantiexperience

Instagram: https://www.instagram.com/zebblerencantiexperience/


Return to Index    -    Add to    -    ics Calendar file