RTV - cont...(04:45-05:45 PDT) - OU having a laugh? - Petros Koutroumpis

Saturday - 06:00 PDT

RTV - All of the threats: Intelligence, modelling and hunting through an ATT&CKers lens - Tim Wadhwa-Brown

Saturday - 07:00 PDT

RTV - (07:15-08:15 PDT) - Catch Me if You Can - Eduardo Arriols

Saturday - 08:00 PDT

AEV - (08:30-08:59 PDT) - Attacking Flight Management Systems: This Is Your Captain Speaking, We Have A Small Problem! - Javad Dadgar,Mohammad-Reza Zamiri,Reza Dorosti
HHV - (08:30-08:59 PDT) - Learn to Solder the BadgeBuddy Kit - Joseph Long (hwbxr)
RTV - cont...(07:15-08:15 PDT) - Catch Me if You Can - Eduardo Arriols
RTV - (08:30-09:30 PDT) - Mechanizing the Methodology: Automating Discovery, Testing, and Alerting using Recon/Testing Tools and Amazon SES - Daniel Miessler

Saturday - 09:00 PDT

AEV - Hack-A-Sat Kickoff Segment -
AEV - (09:30-09:59 PDT) - Aerospace Village Badge - Rick Hansen
AIV - (09:30-09:59 PDT) - "SECRETS ARE LIES, SHARING IS CARING, PRIVACY IS THEFT."- A Dive into Privacy Preserving Machine Learning - Nahid Farhady
ASV - Be Like Water: What Bruce Lee Can Teach Us About AppSec - Fredrick "Flee" Lee
BTVT1 - Reversing with Dynamic Data Resolver (DDR) – Best practice (Advanced) - Holger Unterbrink
BTVW1 - Leveraging the critical YARA skills for Blue Teamers (Beginner) - David Bernal Michelena
DC - (09:30-09:59 PDT) - A Decade After Stuxnet's Printer Vulnerability: Printing is still the Stairway to Heaven - Peleg Hadar,Tomer Bar
HHV - (09:30-09:59 PDT) - Hardware hacking 101: There is plenty of room at the bottom - Federico Lucifredi
ICS - ICS SecOps: Active Defense Concept with Effective Incident Response in Industrial Control Systems
ICS - (09:45-10:45 PDT) - Confessions of an Offensive ICS Cyber Security Researcher - Marina Krotofil
IOT - Hacking smart-devices for fun and profit: From exploiting my smart-home into controlling thousands of smart-devices around the world - Barak Sternberg
PHVW - Writing Wireshark Plugins for Security Analysis - Jeswin Mathai,Nishant Sharma
RTV - cont...(08:30-09:30 PDT) - Mechanizing the Methodology: Automating Discovery, Testing, and Alerting using Recon/Testing Tools and Amazon SES - Daniel Miessler
RTV - (09:45-10:45 PDT) - Y'all Tryna Bypass Python 3.8 Audit Hooks or Nah? - Leron Gray

Saturday - 10:00 PDT

AEV - Hackers And ISACS - Erin Miller,Jeff Troy,Ken Munro,Matthew Gaffney,Pete Cooper
AIV - Misinformation & Covid - lmeyerov
ASV - Web Shell Hunting - Part 1 - Joe Schottman
ASV - 10,000 Dependencies Under The Sea: Exploring and Securing Open source dependencies - Gregg Horton,Ryan Slama
BCV - Welcome Note
BCV - Twitter’s Tax Day Disaster: The Beginning (and End) of Mainstream Crypto Scams - Victor Fang
BHV - DAY2 KEYNOTE: Understanding DIYBio and Community Labs - A Social Science Approach - Yong-Bee
BTVT1 - (10:30-10:59 PDT) - O365Squatting (Intermediate) - Juan Francisco,Jose Miguel Gómez-Casero Marichal
BTVW1 - cont...(09:00-10:30 PDT) - Leveraging the critical YARA skills for Blue Teamers (Beginner) - David Bernal Michelena
BTVW2 - (10:30-11:59 PDT) - Wireshark for Incident Response & Threat Hunting (Beginner) - Michael Wylie
CHV - Hacking TESLA Model 3 - NFC Relay Revisited - Huajiang "Kevin2600" Chen,Yuchao (Alex) Zhang
CHV - Automotive In-Vehicle Networks - Kamel Ghali
CPV - Quantum Computers & Cryptography - I. Shaheem
CRV - Cons and Careers - Steven Bernstein
DC - (10:30-10:59 PDT) - Whispers Among the Stars: Perpetrating (and Preventing) Satellite Eavesdropping Attacks - James Pavur
DCG - OWASP API Top 10 -
DL - jeopardize - Utku Sen
DL - Starkiller - Vincent “Vinnybod” Rose
ETV - Killer Robots Reconsidered - Diane Vavrichek,Larry Lewis
HRV - Single Board Computers in Amateur Radio -
HTS - Speed 2: The Poseidon Adventure – When Cruise Ships Go Wrong - Andrew Tierney
ICS - cont...(09:45-10:45 PDT) - Confessions of an Offensive ICS Cyber Security Researcher - Marina Krotofil
IOT - Your connected world isn't yours anymore! - Remote IoT attacks and data exfiltration. - Dewank Pant,Shruti Lohani
LPV - Intro to Lockpicking - The Open Orginisation Of Lockpickers
LPV - (10:45-11:45 PDT) - High Security Wafer Locks - An Oxymoron? - zeefeene
MOV - Keynote: Monero: Sound Money Safe Mode - Dr. Daniel Kim
PAYV - Identity Crisis: the mad rise of online account opening fraud - Uri Rivner
PHVT - The Vulnerability That Gmail Overlooked and Enabling Threat Hunting - Özkan Mustafa Akkus
PHVW - cont...(09:00-10:59 PDT) - Writing Wireshark Plugins for Security Analysis - Jeswin Mathai,Nishant Sharma
PWDV - Cracking at Extreme Scale: The Evolution of Hashstack - Jeremi M Gosney (epixoip)
RCV - Twitter Word Phrequency - Master Chen
RTV - cont...(09:45-10:45 PDT) - Y'all Tryna Bypass Python 3.8 Audit Hooks or Nah? - Leron Gray
VMV - War By Other Means: How Influence Operations Undermine Democracy - Ben Dubow
VMV - (10:30-10:59 PDT) - John Odum, Montpelier, VT - John Odum

Saturday - 11:00 PDT

AEV - A View From The Cockpit: Exploring Pilot Reactions To Attacks On Avionic Systems - Matt Smith
AEV - (11:30-11:59 PDT) - Checklist For Aviation Vulnerability Disclosure: Don't Go It Alone - Jay Angus
AIV - Workshop 3
ASV - Hackium: a browser for web hackers - Jarrod Overson
BCV - Decentralized Finance (DeFi) - ready for prime time ? - Ryan Rubin
BHV - How COVID19 Changed Our Understanding of Cyber Disaster Medicine - Christian “quaddi” Dameff,Jeff “r3plicant” Tully
BTVT1 - (11:30-11:59 PDT) - Low Value Indicators For High Value Decisions (Intermediate) - Allan Stojanovic,Spencer Cureton
BTVW2 - cont...(10:30-11:59 PDT) - Wireshark for Incident Response & Threat Hunting (Beginner) - Michael Wylie
CHV - OBD and what we CAN do with it - Infenet
CLV - Least privilege using infrastructure as code - Nimrod Kor
CLV - (11:45-12:30 PDT) - How Blue Penetrates You - Dani Goland,Mohsan Farid
CPV - Online Ads as a Recon and Surveillance Tool - Neil M
CPV - (11:30-11:59 PDT) - Who needs spyware when you have COVID-19 apps? A look at global trends and what to do about it. - C. Nadal,J. DeBlois,M. DeBlois,Z. Anderson
CRV - The Individual Contributor to Tech Executive, or There and Back Again - Amelie Koran
DC - (11:30-11:59 PDT) - Don't Ruck Us Again - The Exploit Returns - Gal Zror
DCG - Government Espionage on a School Lunch Budget -
DL - cont...(10:00-11:50 PDT) - jeopardize - Utku Sen
DL - cont...(10:00-11:50 PDT) - Starkiller - Vincent “Vinnybod” Rose
HHV - onkeypress=hack(); - Farith Pérez Sáez,Luis Ángel Ramírez Mendoza (@larm182luis),Mauro Cáseres
HRV - (11:30-12:30 PDT) - Discussion: What makes a good ham radio operator? -
HTS - Hack the SeaPod - Grant Romundt
ICS - Playing with Electricity: Hacking into Distribution Companies - Can Demirel,Serkan Temel
IOT - Introduction to U-Boot Interaction and Hacking - Garrett Enoch
LBV - Bypass 101 + Q&A
LPV - cont...(10:45-11:45 PDT) - High Security Wafer Locks - An Oxymoron? - zeefeene
MOV - cont...(10:00-11:30 PDT) - Keynote: Monero: Sound Money Safe Mode - Dr. Daniel Kim
PAYV - Online Banking Security - Arkadiy Litvinenko
POV - AMA w/@hackingdave & @kennwhite - hackingdave,kennwhite
RCV - Burnout is real - Chloé Messdaghi
RTV - Initial Compromise through Web Side - Walter Cuestas
VMV - Heightened Election Security Risks Admist the Pandemic - Jack Cable,Alex Zaheer
VMV - (11:30-11:59 PDT) - Hack-a-Fax - Forrest Senti,Mattie Gullixson,Caleb Gardner

Saturday - 12:00 PDT

AEV - Low-Cost VHF Receiver: Eavesdropping Pilot/Controller Communication - Allan Tart,Fabian Landis
AIV - cont...(11:00-12:30 PDT) - Workshop 3
ASV - The DevOps & Agile Security Toolkit - David Waldrop
ASV - Web Shell Hunting - Part 2 - Joe Schottman
BCV - Securing the COSMOS: How to operate and secure a validator - Ron Stoner
BHV - Medical Technology: How do we unfuck things - Veronica
BHV - (12:30-13:30 PDT) - Advancing Medical Device Security – How collaboration between providers, manufacturers, and pen testers is advancing what’s possible with security. - Mitchell Parker
BTVT1 - (12:30-13:30 PDT) - Incident Response Panel - Russell Mosley,Vyrus,Litmoose,Xavier Ashe
BTVW1 - Tracer FIRE 9 (Intermediate) - Andrew Chu
CHV - Houston, we CAV a problem - Vic Harkness
CHV - Fundamentals of Diagnostic Requests over CAN Bus - Robert Leale (CarFuCar)
CLV - cont...(11:45-12:30 PDT) - How Blue Penetrates You - Dani Goland,Mohsan Farid
CLV - (12:30-13:15 PDT) - 21 Jump Server: Going Bastionless in the Cloud - Colin Estep
CPV - Differential Privacy..more important than ever in the world of Covid-19 - Aditi Joshi
CRV - Entrepeneurial Adventures: What It Takes to Start A Company - Bryson Bort
DC - (12:30-12:59 PDT) - Applied Ca$h Eviction through ATM Exploitation - Brenda So,Trey Keown
DCG - Basic OSINT: Mining Personal Data -
DL - Phirautee - Viral Maniar
ETV - Vote @ Home Workshop - Andrea Matwyshyn
HHV - Learn to Solder the BadgeBuddy Kit - Joseph Long (hwbxr)
HRV - cont...(11:30-12:30 PDT) - Discussion: What makes a good ham radio operator? -
ICS - (12:15-13:15 PDT) - Vivisecting PowerPC - ac0rn,atlas 0f d00m
IOT - (12:30-13:15 PDT) - Kicking Devices and Taking CVEs : The Zoomer’s Guide to Hacking Shit - Sanjana Sarda
LBV - cont...(11:00-12:30 PDT) - Bypass 101 + Q&A
LBV - (12:30-13:59 PDT) - Alarm Bypass + Q&A
LPV - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - Open Office Q&A w/ Monero Research Lab's Sarang - Sarang
PAYV - Trends in the online card payment security - Dr Mohammed Aamir Ali
PWDV - What the Shuck? Layered Hash Shucking - Sam Croley (Chick3nman)
RCV - Hunting for Blue Mockingbird Coinminers - Ladislav B
RTV - (12:15-12:30 PDT) - Inside the Mind of a Threat Actor: Beyond Pentesting - Phillip Wylie
RTV - (12:45-13:45 PDT) - The Student Roadmap to Becoming A Penetration Tester - Jonathan Helmus
VMV - Analysis of the Attack Data Collected During Mobile Voting Pilots - Nimit Sawhney,Nailah Mims
VMV - (12:30-12:59 PDT) - Remote Online Balloting Delivery and Marking Options and Security Considerations for Absentee Voting During the COVID-19 Pandemic - Susan Greenhalgh,Steve Newell

Saturday - 13:00 PDT

AEV - Product Cybersecurity: Secure Airplane Development Lifecycle - Michael Vanguardia
AEV - (13:30-13:59 PDT) - Introduction To ACARS - Alex Lomas
AIV - Journal Club Live! Fawkes FR - AI Village Journal Club
ASV - cont...(12:00-13:59 PDT) - Web Shell Hunting - Part 2 - Joe Schottman
ASV - localghost: Escaping the Browser Sandbox Without 0-Days - Parsia Hakimian
BCV - Blockchain for Cyber Defense: Will it be as good as you think? - Seungjoo,Suhyeon Lee
BCV - (13:30-13:59 PDT) - Identifying and fixing out-of-gas errors in smart contracts with smart fuzzing - Sebastian Banescu
BHV - cont...(12:30-13:30 PDT) - Advancing Medical Device Security – How collaboration between providers, manufacturers, and pen testers is advancing what’s possible with security. - Mitchell Parker
BTVT1 - cont...(12:30-13:30 PDT) - Incident Response Panel - Russell Mosley,Vyrus,Litmoose,Xavier Ashe
BTVW1 - cont...(12:00-13:30 PDT) - Tracer FIRE 9 (Intermediate) - Andrew Chu
BTVW2 - (13:30-15:30 PDT) - An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner) - Ben Bornholm
CHV - CMAP: Open Source Vehicle Services Mapping Tool for noobs - Robert Leale (CarFuCar)
CHV - Cluster fuzz! - Mintynet
CLV - cont...(12:30-13:15 PDT) - 21 Jump Server: Going Bastionless in the Cloud - Colin Estep
CLV - (13:15-13:59 PDT) - Cloud Frontier - Setu Parimi
CNE - Film Festival: Project Immerse: A Deepfake Paranoid Thriller -
CPV - Rights You Can’t Exercise Can’t Protect You: Privacy by Design, Dark Patterns, and Cultural Context - Ben Brook,Maritza Johnson,Megan DeBlois,Zach Singleton
CRV - National Service Panel: Career Opportunities Supporting the Country - John Felker,Diane Janosek,Chris Pimlott,Roman Vitkovitsky,Liz Popiak,Joe Billingsley
DC - (13:30-13:59 PDT) - How we recovered $XXX,000 in Bitcoin from an encrypted zip file - Michael Stay
DCG - Intro to DC858 -
DCG - (13:15-13:59 PDT) - Saving Yourself from Microsoft: It's by design -
DL - cont...(12:00-13:50 PDT) - Phirautee - Viral Maniar
ETV - cont...(12:00-14:10 PDT) - Vote @ Home Workshop - Andrea Matwyshyn
HHV - Meetup: Some HHV Challenges - rehr
HRV - (13:30-13:59 PDT) - Practice 'Net' via Discord -
ICS - cont...(12:15-13:15 PDT) - Vivisecting PowerPC - ac0rn,atlas 0f d00m
ICS - (13:30-13:59 PDT) - MITRE ICS ATT&CK - Marie,Otis
IOT - cont...(12:30-13:15 PDT) - Kicking Devices and Taking CVEs : The Zoomer’s Guide to Hacking Shit - Sanjana Sarda
IOT - (13:45-14:15 PDT) - In search of the perfect UPnP tool - Trevor Stevado t1v0
LBV - cont...(12:30-13:59 PDT) - Alarm Bypass + Q&A
LPV - Law School for Lockpickers - Preston Thomas
MOV - (13:30-14:30 PDT) - Badge Clinic - Michael Schloh von Bennewitz
PHVT - The Worst Mobile Apps - Sam Bowne
PHVW - Wireshark for Incident Response & Threat Hunting - Michael Wylie
PWDV - PathWell: Dynamic Password Strength Enforcement - Hank Leininger
RCV - Ambly, the Smart Darknet Spider - Levi
RTV - cont...(12:45-13:45 PDT) - The Student Roadmap to Becoming A Penetration Tester - Jonathan Helmus
VMV - Don’t Go Postal Over Mail In Voting - Bianca Lewis
VMV - (13:30-13:59 PDT) - The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections - Michael A. Specter

Saturday - 14:00 PDT

AEV - Ticketing To Takeoff: An Airport Hacking Choose Your Own Adventure - Liz Wharton
AIV - Does AI Live up to the Hype?
BCV - Monetary Maximalism and Millennial Finance - Building Decentralized Tooling to Empower Everyone - Kris Jones,Matt Luongo
BHV - MedICS - Bryson Bort
BHV - (14:45-15:15 PDT) - Towards an Institutional Review Board for Biohackers - Dr. Sarah Blossom Ware
BTVT1 - Blue Team Village & Red Team Village Panel - Joseph Mlodzìanowskì (cedoXx),Adam Mashinchi,Plug,Dani,Jorge Orchilles,David J. Bianco
BTVW2 - cont...(13:30-15:30 PDT) - An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner) - Ben Bornholm
CHV - All Aboard the CAN Bus… or Motorcycle - Derrick (CanBusDutch)
CHV - Bluetooth Security in Automotive - Kamel Ghali
CLV - Attacking the Helmsman - Mohit Gupta
CLV - (14:45-15:30 PDT) - SaaSpocalypse - The Complexity and Power of AWS Cross Account Access - Alexandre Sieira
CNE - cont...(13:00-14:30 PDT) - Film Festival: Project Immerse: A Deepfake Paranoid Thriller -
CPV - Hacking like Paris Hilton 14 years later - and still winning! - Per Thorsheim
CRV - Veteran Transition Tips - Bob Wheeler
DC - (14:30-14:59 PDT) - Abusing P2P to Hack 3 Million Cameras: Ain't Nobody Got Time for NAT - Paul Marrapese
DCG - Understanding the Threat: Malicious Software, Malicious Actors, and the Promise of Connected Medical Technology -
DL - PyRDP: Remote Desktop Protocol Monster-in-the-Middle (MITM) and Library - Olivier Bilodeau,Alexandre Beaulieu
ETV - cont...(12:00-14:10 PDT) - Vote @ Home Workshop - Andrea Matwyshyn
ETV - Federal Trade Commision - Comm. Rohit Chopra
HHV - Meetup: Sourcing Parts - bombnav
HRV - Ham Radio USA License Exams (Saturday) -
ICS - (14:15-15:15 PDT) - Building a Physical Testbed for Blackstart Restoration under Cyber Fire - Tim Yardley
IOT - cont...(13:45-14:15 PDT) - In search of the perfect UPnP tool - Trevor Stevado t1v0
IOT - (14:30-15:20 PDT) - The future of IoT Security “Baselines,” Standards, and Regulatory Domain - Amit Elazari,Anahit Tarkhanyan
LBV - Reconnaissance + Q&A
LPV - (14:15-14:45 PDT) - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - cont...(13:30-14:30 PDT) - Badge Clinic - Michael Schloh von Bennewitz
PHVW - cont...(13:00-14:59 PDT) - Wireshark for Incident Response & Threat Hunting - Michael Wylie
POV - AMA w/Policymakers -
PWDV - Practical PCFG Password Cracking - Matt Weir
RCV - COVID 1984_ Propaganda and Surveillance during a Pandemic - Mauro Cáseres
RGV - Performance - Daniel Roy
RTV - (14:15-14:59 PDT) - The Art of Balancing: A Burnout Talk - Chloé Messdaghi
VMV - Vote-from-home? Review of Election Security on Remote Voting in Response to COVID-19 - Sang-Oun Lee
VMV - (14:30-14:59 PDT) - Electronic Ballot Return Standards & Guidelines - Forrest Senti,Mattie Gullixson

Saturday - 15:00 PDT

AEV - ILS and TCAS Spoofing Demonstration - Alex Lomas
AEV - (15:30-15:59 PDT) - A Deeper Dive Into ILS And ADS-B Spoofing - Harshad Sathaye
AIV - AI vs. Airplanes and IT-Security: What Security Regulations Teach Us About AI Governance - Laurin Weissinger
ASV - Can't Touch This: Detecting Lateral Movement in Zero-Touch Environments - Phillip Marlow
BCV - 7 Phases of Smart Contract Hacking - Martin Abbatemarco
BHV - cont...(14:45-15:15 PDT) - Towards an Institutional Review Board for Biohackers - Dr. Sarah Blossom Ware
BHV - (15:15-15:59 PDT) - DIY Diabetics and a Million Boluses - Dr. Mike Rushanan,Julian Suleder
BTVT1 - (15:30-16:30 PDT) - Practical Advice on Threat Hunting Panel - Plug,Roberto Rodriguez,Tony M Lambert,Valentina Palacín,Samir,Ruth Barbacil,Anna McAbee,Paul Melson
BTVW1 - (15:30-16:15 PDT) - Defending Your UNIX Hosts (Intermediate) - Daniel Ward,Samuel Gasparro
BTVW2 - cont...(13:30-15:30 PDT) - An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner) - Ben Bornholm
CHV - From Blackbox to Automotive Ransomware - Nils Weiss,Enrico Pozzobon
CHV - Automotive Ethernet for the rest of us - Infenet
CLV - cont...(14:45-15:30 PDT) - SaaSpocalypse - The Complexity and Power of AWS Cross Account Access - Alexandre Sieira
CLV - (15:30-17:30 PDT) - Discovering Cloud File Storage Artifacts - Michael Wylie
CPV - Online Voting: Theory and Practice - Emily Stamm,Porter Adams
CRV - Drinks with Recruiters - Kris Rides,Rachel Bozeman,Matt Duren,Pete Radloff
DC - (15:30-15:59 PDT) - Bypassing Biometric Systems with 3D Printing and Enhanced Grease Attacks - Yamila Levalle
DCG - Intro to DC603 -
DCG - (15:15-15:59 PDT) - DNS New World Order, version 1.4: QuadX! DoH! DoT! Da Fuq? -
DL - cont...(14:00-15:50 PDT) - PyRDP: Remote Desktop Protocol Monster-in-the-Middle (MITM) and Library - Olivier Bilodeau,Alexandre Beaulieu
ETV - cont...(14:10-15:20 PDT) - Federal Trade Commision - Comm. Rohit Chopra
ETV - (15:20-16:30 PDT) - Food and Drug Administration - Jessica Wilkerson
HHV - Meetup: OSS ASIC - Josh Marks
HRV - cont...(14:00-16:59 PDT) - Ham Radio USA License Exams (Saturday) -
HRV - OSTWERK Initiative -
ICS - cont...(14:15-15:15 PDT) - Building a Physical Testbed for Blackstart Restoration under Cyber Fire - Tim Yardley
ICS - (15:30-16:30 PDT) - Operationalizing Cyber Norms: Critical Infrastructure Protection - Chris Kubecka
IOT - cont...(14:30-15:20 PDT) - The future of IoT Security “Baselines,” Standards, and Regulatory Domain - Amit Elazari,Anahit Tarkhanyan
IOT - (15:30-16:30 PDT) - Learning to Use Logic Analyzers - Jonathan Stines
LBV - cont...(14:00-15:30 PDT) - Reconnaissance + Q&A
LBV - (15:30-16:59 PDT) - Bypass 101 + Q&A
LPV - Bobby Pins, More Effective Than Lockpicks? - John the Greek
MOV - Decentralization in a Centralized world - rehr
RTV - (15:15-16:15 PDT) - APTs <3 PowerShell and Why You Should Too - Anthony Rose,Jake “Hubbl3” Krasnov
VMV - Understanding Cyber-Attacks and Their Implications to Democratic Regimes - Javier F. Patiño García
VMV - (15:30-15:59 PDT) - A Lawyer's Reflections on Elections - Cordero Alexander Delgadillo

Saturday - 16:00 PDT

AEV - Hack-A-Sat End Of Day Recap -
AIV - Workshop 4
BCV - Panel Discussion
BHV - Chinese Military Labratory Mission + COVID-19 - The Red Dragon
BHV - (16:30-17:30 PDT) - What's up with proposed privacy legislation and how to influence the debate - Lucia Savage
BTVT1 - cont...(15:30-16:30 PDT) - Practical Advice on Threat Hunting Panel - Plug,Roberto Rodriguez,Tony M Lambert,Valentina Palacín,Samir,Ruth Barbacil,Anna McAbee,Paul Melson
BTVW1 - cont...(15:30-16:15 PDT) - Defending Your UNIX Hosts (Intermediate) - Daniel Ward,Samuel Gasparro
BTVW2 - (16:30-17:59 PDT) - A N00b's Intro to Building Your Own Lab (Beginner) - Omar Santos
CHV - ChupaCarBrah: Open Source Hardware and Software for Interacting with your Vehicle CAN Bus - Marcelo Sacchetin
CHV - Car (to Cloud) Talk: Using MQTT for Car Hacking - Jaime
CLV - cont...(15:30-17:30 PDT) - Discovering Cloud File Storage Artifacts - Michael Wylie
CPV - Next level stalker ware - Cecilie Wian
DC - (16:30-16:59 PDT) - Reverse Engineering the Tesla Battery Management System for Moar Powerrr! - Patrick Kiley
DL - CIRCO v2: Cisco Implant Raspberry Controlled Operations - Emilio Couto
DL - Cotopaxi: IoT Protocols Security Testing Toolkit - Jakub Botwicz
ETV - cont...(15:20-16:30 PDT) - Food and Drug Administration - Jessica Wilkerson
ETV - (16:30-17:40 PDT) - TechCongress - Leisel Bogan
HHV - Meetup: Certification Processes (UL, FCC, etc.) - ShortTie
HRV - cont...(14:00-16:59 PDT) - Ham Radio USA License Exams (Saturday) -
ICS - cont...(15:30-16:30 PDT) - Operationalizing Cyber Norms: Critical Infrastructure Protection - Chris Kubecka
ICS - (16:45-17:15 PDT) - Industrial Cybersecurity in Mexico - Octavio Fernandez,Victor Gomez
IOT - cont...(15:30-16:30 PDT) - Learning to Use Logic Analyzers - Jonathan Stines
LBV - cont...(15:30-16:59 PDT) - Bypass 101 + Q&A
LPV - (16:15-16:45 PDT) - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - Tricky Bundles: Smarter Dependency Management for I2P-Bundling Applications - idk
MOV - (16:30-16:59 PDT) - Kahoot! Quiz
PHVW - Advanced APT Hunting with Splunk - Matt Toth,Robert Wagner
POV - Mis/Dis Information & Democracy -
RGV - Outs, Forces, and Equivoque: A treatise on how Magicians speak - Brandon Martinez
RTV - cont...(15:15-16:15 PDT) - APTs <3 PowerShell and Why You Should Too - Anthony Rose,Jake “Hubbl3” Krasnov
RTV - (16:30-17:30 PDT) - Indicators of Emulation: Extra Spicy Adversary Emulation - Ch33r10,haydnjohnson
VMV - Protecting Elections with Data Science -- A Tool for 2020 and Beyond - Stephanie Singer

Saturday - 17:00 PDT

AEV - General Aviation (GA) Electronic Flight Bags (EFB) - David Robinson
AIV - cont...(16:00-17:30 PDT) - Workshop 4
BHV - cont...(16:30-17:30 PDT) - What's up with proposed privacy legislation and how to influence the debate - Lucia Savage
BTVT1 - Introducing the Meet a Mentor Program - Scoubi,Plug,Litmoose,Xavier Ashe,Rand0h,Muteki,PacketSqueezins,ttheveii0x,Allie Hansen,nohackme
BTVW2 - cont...(16:30-17:59 PDT) - A N00b's Intro to Building Your Own Lab (Beginner) - Omar Santos
CLV - cont...(15:30-17:30 PDT) - Discovering Cloud File Storage Artifacts - Michael Wylie
CPV - Workshop: Let's Talk About Abusability Testing - Avi Zajac,Franchesca Spektor,Ji Su Yoo,Nicole Chi
DC - (17:30-17:59 PDT) - Getting Shells on z/OS with Surrogat Chains - Jake Labelle
DCG - Introducing Melbourne DCG by Allen and Friends -
DL - cont...(16:00-17:55 PDT) - CIRCO v2: Cisco Implant Raspberry Controlled Operations - Emilio Couto
DL - cont...(16:00-17:55 PDT) - Cotopaxi: IoT Protocols Security Testing Toolkit - Jakub Botwicz
ETV - cont...(16:30-17:40 PDT) - TechCongress - Leisel Bogan
ICS - cont...(16:45-17:15 PDT) - Industrial Cybersecurity in Mexico - Octavio Fernandez,Victor Gomez
IOT - IoT Honeypots and taming Rogue appliances - Kat Fitzgerald
LPV - Intro to high security locks and lockpicking - N∅thing
PHVW - cont...(16:00-17:59 PDT) - Advanced APT Hunting with Splunk - Matt Toth,Robert Wagner
RGV - cont...(16:00-17:59 PDT) - Outs, Forces, and Equivoque: A treatise on how Magicians speak - Brandon Martinez
RTV - cont...(16:30-17:30 PDT) - Indicators of Emulation: Extra Spicy Adversary Emulation - Ch33r10,haydnjohnson
RTV - (17:45-18:45 PDT) - Emulating an Adversary with Imperfect Intelligence - Adam Pennington

Saturday - 18:00 PDT

CNE - No Tech Talks -
CNE - Hacker Jeopardy -
CNE - (18:30-19:59 PDT) - Film Festival: Project Immerse: A Deepfake Paranoid Thriller -
ENT - tense future -
IOT - Stepped on a Nail - Matthew Byrdwell
RTV - cont...(17:45-18:45 PDT) - Emulating an Adversary with Imperfect Intelligence - Adam Pennington

Saturday - 19:00 PDT

CNE - cont...(18:00-19:59 PDT) - No Tech Talks -
CNE - cont...(18:00-19:59 PDT) - Hacker Jeopardy -
CNE - cont...(18:30-19:59 PDT) - Film Festival: Project Immerse: A Deepfake Paranoid Thriller -
ENT - Mica Husky -
FSL - Ask the EFF/Meet the EFA - Abi Hassen,Alexis Hancock,Elliot,Emilie St-Pierre,Eva Galperin,Hannah Zhao,Kurt Opsahl,nash,Rory Mir,Tracy Rosenberg
RTV - Automating Threat Hunting on the Dark Web and other nitty-gritty things - Apurv Singh Gautam

Saturday - 20:00 PDT

CNE - Whose Slide is It Anyway -
DC - Movie Stream - Lost World -
ENT - Dj St3rling -
RTV - (20:15-21:15 PDT) - Bypassing in Mobile Network From Red-Team Points of View - Ali Abdollahi

Saturday - 21:00 PDT

CNE - cont...(20:00-21:59 PDT) - Whose Slide is It Anyway -
DC - cont...(20:00-21:59 PDT) - Movie Stream - Lost World -
ENT - Skittish & Bus -
PWDV - Cracking at Extreme Scale: The Evolution of Hashstack (Rebroadcast) - Jeremi M Gosney (epixoip)
RTV - cont...(20:15-21:15 PDT) - Bypassing in Mobile Network From Red-Team Points of View - Ali Abdollahi
RTV - (21:30-22:30 PDT) - Sounds Legit: Why you shouldn't trust that speaker - Luis Ángel Ramírez Mendoza (@larm182luis),Mauro Cáseres

Saturday - 22:00 PDT

ENT - Miss Jackalope -
PWDV - Length 15 & No Change. Implementing NIST SP800-63B for real (Rebroadcast - Per Thorsheim
RTV - cont...(21:30-22:30 PDT) - Sounds Legit: Why you shouldn't trust that speaker - Luis Ángel Ramírez Mendoza (@larm182luis),Mauro Cáseres
RTV - (22:45-23:59 PDT) - Weaponized XSS - Moving Beyond Alert(1) - Ray Doyle

Saturday - 23:00 PDT

ENT - Subxian -
PWDV - What the Shuck? Layered Hash Shucking (Rebroadcast) - Sam Croley (Chick3nman)
RTV - cont...(22:45-23:59 PDT) - Weaponized XSS - Moving Beyond Alert(1) - Ray Doyle

Talk/Event Descriptions

AIV - Saturday - 09:30-09:59 PDT

Title: "SECRETS ARE LIES, SHARING IS CARING, PRIVACY IS THEFT."- A Dive into Privacy Preserving Machine Learning
When: Saturday, Aug 8, 09:30 - 09:59 PDT
Where: AI Vlg

SpeakerBio:Nahid Farhady
No BIO available

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: (Before Con) Creative Writing Short Story Contest
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The DEF CON Short Story contest is a pre-con contest that is run entirely online utilizing the DEF CON forums and subreddit. This contest follows the theme of DEF CON for the year and encourages hackers to roll up their sleeves and write the best creative story that they can. The Short Story Contest encourages skills that are invaluable in the hacker’s world, but are sometimes overlooked. Creative writing in a contest setting helps celebrate creativity and originality in arenas other than hardware or software hacking and provides a creative outlet for individuals who may not have another place to tell their stories.

Forum: https://forum.defcon.org/node/231200

The first clue was that 2 out of 3 vulns which were involved in Stuxnet were not fully patched. That was the case also for the 3rd vuln used in Stuxnet, which we were able to exploit again in a different manner. It appears that Microsoft has barely changed the code of the Print Spooler mechanism over the last 20 years. We investigated the Print Spooler mechanism of Windows 10 Insider and found two 0-day vulns providing LPE and DoS (First one can also be used as a new persistence technique)

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 15:30-15:59 PDT

Title: A Deeper Dive Into ILS And ADS-B Spoofing
When: Saturday, Aug 8, 15:30 - 15:59 PDT
Where: Aerospace Vlg

SpeakerBio:Harshad Sathaye
Harshad is a Ph.D. candidate at Northeastern University and a soon-to-be student pilot. He is a cyber security enthusiast with research interests around wireless systems security, specifically navigation systems and development of secure cyber-physical systems

Description:
Modern aircraft heavily rely on several wireless technologies for communications control and navigation. Researchers demonstrated vulnerabilities in many aviation systems e.g., spoofing ILS signals to disrupt the landing, injecting ghost aircraft into airspace, spoof locations, and manipulate key communication messages. This presentation will give the viewers a better understanding of the fundamental problems associated with these critical systems and what makes spoofing attacks possible.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 15:30-15:59 PDT

Title: A Lawyer's Reflections on Elections
When: Saturday, Aug 8, 15:30 - 15:59 PDT
Where: Voting Vlg

SpeakerBio:Cordero Alexander Delgadillo , Attorney, Sublime Law, PLLC
No BIO available
Twitter: @CORDERO_ESQ

Description:
Join Cordero Alexander Delgadillo (@CORDERO_ESQ), a business and technology lawyer, and more recently a former political candidate, as he demonstrates that elections, especially local elections, are akin to information systems (even reasonably locked down systems), because both are highly susceptible to the very non-tech, human vulnerabilities (nefarious and negligent). In this talk Cordero will provide insight by:

Examining the structures of American Democracy
Telling stories from his own election lawsuit: Delgadillo v. City of Peoria et al
Highlighting election process issues deemed “inconsequential” or “un-addressable”
Sharing information and resources

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

BTVW2 - Saturday - 16:30-17:59 PDT

Title: A N00b's Intro to Building Your Own Lab (Beginner)
When: Saturday, Aug 8, 16:30 - 17:59 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Omar Santos , Cisco
Omar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar is the author of over 20 books and video courses; numerous white papers, and other articles. Omar is a Principal Engineer of Cisco’s Product Security Incident Response Team (PSIRT) where he mentors and lead engineers and incident managers during the investigation and resolution of security vulnerabilities. Omar is often presenting at many conferences and he is the co-lead of the DEF CON Red Team Village.
Twitter: @santosomar

Description:
This is a brief introduction of how to build your own virtualized, physical, or cloud-based environment to practice your skills in a safe ecosystem. Create a lab for offensive and defensive cybersecurity concepts. You will also learn and obtain access to numerous tools that you can use to practice your skills, from virtual machines (VMs), Docker containers, and intentionally vulnerable systems. Using tools like Proxmox or even OpenStack to build your own cyber range. In addition, you will also learn how to use tools like Vagrant and Ansible to automate a lot of tasks.

Numerous cybersecurity, malware analysis, and penetration testing tools and techniques have the potential to damage or destroy the target system or the underlying network. In addition, if malware is used in testing, there is the potential for infection and spread if testing in an Internet-connected testbed. This is a brief introduction (beginners and intermediate) were you will learn how to build your own virtualized, physical, or cloud-based environment to practice your skills in a safe ecosystem.

You will learn what you need to do to create a lab for offensive and defensive cybersecurity concepts. You will also learn and obtain access to numerous tools that you can use to practice your skills, from virtual machines (VMs), Docker containers, and intentionally vulnerable systems. You will learn how you can leverage tools like Proxmox, or even OpenStack to build your own cyber range. In addition, you will also learn how to use tools like Vagrant and Ansible to automate a lot of tasks. Vagrant files and Ansible playbooks will be shared during the class for you to build complex lab environments within minutes. We will also go over a few demos on how to create environments in cloud services such as AWS, Azure, Google Cloud, and Digital Ocean.

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

Title: Advanced APT Hunting with Splunk
When: Saturday, Aug 8, 16:00 - 17:59 PDT
Where: Packet Hacking Vlg - Workshop
Speakers:Matt Toth,Robert Wagner

SpeakerBio:Matt Toth , Security Strategist, Splunk
Matt Toth is a Security Strategist at Splunk with over 20 years of experience in the Information Technology industry, with a focus on Cyber Security. Working with the US Department of Defense, he has led teams in CyberWar simulations, and has advised senior leadership on new attack vectors and threat actors.

SpeakerBio:Robert Wagner , Security Strategist
Robert Wagner is a security professional with 20+ years of InfoSec experience. He is a co-founder of "Hak4Kidz.com", an organizer with Burbsec and BurbSecCon in Chicago, and is on the Board of Directors of the ISSA Chicago Chapter.

Description:
You wanna learn how to hunt the APTs? This is the workshop for you. Using a real-worldish dataset, this workshop will teach you how to hunt the "fictional" APT group Taedonggang. We discuss the Diamond model, hypothesis building, LM Kill Chain, and Mitre ATT&CK framework and how these concepts can frame your hunting. Using Splunk and OSINT, we will hunt for APT activity riddling a small startup's network. During the event, you will be presented a hypothesis and conduct your own hunts, whether it is for persistence, exfiltration, c2 or other adversary tactics. Heck, there might be some PowerShell to be found, too. We will regroup and review the specific hunt and discuss findings and what opportunities we have to operationalize these findings as well. At the end, we give you a dataset and tools to take home and try newly learned techniques yourself.

This workshop requires registration. If you are registered, please proceed to #phv-infobooth-text and you'll be given access to join.

#phv-infobooth-text: https://discord.com/channels/708208267699945503/708242376883306526

Return to Index - Add to

- ics Calendar file

BHV - Saturday - 12:30-13:30 PDT

Title: Advancing Medical Device Security – How collaboration between providers, manufacturers, and pen testers is advancing what’s possible with security.
When: Saturday, Aug 8, 12:30 - 13:30 PDT
Where: BioHacking Vlg

SpeakerBio:Mitchell Parker
Mitchell Parker is the CISO of a $6.5B integrated delivery network (IU Health) that runs 17 hospitals and hundreds of clinics, and is responsible for securing the networks that the devices which support them live on. He is also a vice chair of IEEE P2733, Trust, Integrity, Privacy, Protection, Safety, and Security for the Internet of Medical Things.

Description:
This panel features five industry folks working toward improving medical device security through multiple channels and methods and discussing how provider, vendor, and security collaborations are leading toward significant improvements in medical device security.

These panelists and moderator represent the organizations working to actively collaborate between the independent researchers, device vendors, information security officers, clinical engineering, electronic medical records vendors, and security companies with a goal of continual improvement. These 5 represent part of a significantly larger effort, and have contributed to open standards.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 09:30-09:59 PDT

Title: Aerospace Village Badge
When: Saturday, Aug 8, 09:30 - 09:59 PDT
Where: Aerospace Vlg

SpeakerBio:Rick Hansen
Professor Rick Hansen teaches cybersecurity and IoT at Capitol Technology University. He performs original research in vulnerability assessment for embedded systems and telecommunications. Rick also serves as the CEO of APS Global llc which provides cybersecurity, research, and training to government and industry. Rick is an Air Force veteran with degrees in computer science and electronic engineering. He volunteers with Capitol’s Astronautical Engineering program, assisting students with payloads operating in near-space and low-earth orbit. Professor Hansen was honored to be featured in this year’s NSA Centers of Excellence in Cyber Defense video (https://www.captechu.edu/student-experience/centers-and-labs/center-cybersecurity-research-and-analysis-ccra). Last year Rick’s DEFCON presentation focused on exploiting vulnerabilities in automotive LIDAR, which was the focus of this article by Unicorn Riot (https://unicornriot.ninja/2019/hacking-lidar-changing-what-autonomous-vehicles-see/).

Description:
Inexpensive Software-Defined Radios (SDRs) can be used to receive digital communications from aircraft and satellites. This talk presents simple experiments in receiving these communications and assessing the associated strengths and vulnerabilities. This year’s Aerospace Village Badge can be used as an antenna for receiving aviation and satellite data. Materials can be purchased from Amazon and attendees will be able to follow along with the video.

This event will be coordinated on the DEF CON Discord server, in channel #av-terminal-text.

Discord: https://discord.com/channels/708208267699945503/732392946350948423

Return to Index - Add to

- ics Calendar file

AIV - Saturday - 15:00-15:30 PDT

Title: AI vs. Airplanes and IT-Security: What Security Regulations Teach Us About AI Governance
When: Saturday, Aug 8, 15:00 - 15:30 PDT
Where: AI Vlg

SpeakerBio:Laurin Weissinger
No BIO available

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 14:00-14:59 PDT

Title: All Aboard the CAN Bus… or Motorcycle
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: Car Hacking Vlg 002

SpeakerBio:Derrick (CanBusDutch)
Derrick is a corporate IT infrastructure professional, Cyber security hobbyist and motorcycle enthusiast, with more than a decade involved in the fields. When Derrick isn’t consulting for major firms in the San Francisco area, feeding his autodidact addiction, or working on independent projects, he can be briefly seen as a blur passing you on the highway.

Description:
Follow me as my passion for motorcycles, goes head first into my passion for computers, and I build tools and software to reverse engineer my motorcycle's CAN system. Python scripts, microcontrollers, pulse width modulation, some potentiometers, and a bit of what I like to call “Ruthless Engineering”, has helped me finally reach the pinnacle of CAN bus packet reversing. We’ll cover some engine simulation, execute some packet capture session analysis, and put it all back together again, for the development of an aftermarket gauge cluster.

#chv-track002-text: https://discord.com/channels/708208267699945503/739564953014632579

YouTube: https://www.youtube.com/watch?v=5DYhXbWkWoA&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack002

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 06:00-06:59 PDT

Title: All of the threats: Intelligence, modelling and hunting through an ATT&CKers lens
When: Saturday, Aug 8, 06:00 - 06:59 PDT
Where: Red Team Vlg

SpeakerBio:Tim Wadhwa-Brown
Tim Brown joined Cisco as part of their acquisition of Portcullis for whom he worked for almost 12 years. He is equally happy performing white box assessments with access to source code or where necessary diving into proprietary binaries and protocols using reverse engineering methodologies. Tim has contributed to a number of Cisco’s bespoke methodologies covering subjects as diverse as risk and compliance, secure development and host hardening. Tim has looked at targets as varied as risk, mainframes, MPLS, power stations, cars, banking middleware and devops as well as supporting Cisco's SOC and incident response capability. Outside of the customer driven realm of information assurance, Tim is also a prolific researcher with papers on UNIX, KDE, Vista, Active Directory and web application security to his name. Tim is credited with almost 150 vulnerability advisories covering both kernel and userland, remote and local. Most recently Tim spoke at to the ATT&CK community on some of his use of ATT&CK for data science and threat hunting research. Tim particularly like to bug hunt enterprise UNIX solutions.

Description:
ATT&CK is a game changer and where it works, it can enable both blue and red teams to co-exist and work effectively together. However, what happens when it falls short and the threat intelligence and hypotheses don't exist? How do you build threat intelligence and threat hunt hypotheses from first principles. What do attackers on UNIX do when bitcoin miners aren't their motivation? I’ll go into:
* The target I chose and why – we have ~40 years’ experience looking at UNIX from an offensive standpoint, why wouldn't attackers * Building a collection worksheet and the information you'll need to track * Figuring out what TTPs the bad guys are using to attack UNIX when no-one has documented them previously – faced with a lack of DFIR reports, how do you validate your hypotheses * Working out whether your customer is exposed and why this matters * Translating concepts we see in the wild into things our customer can consume * What this means for users of ATT&CK

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

POV - Saturday - 11:00-11:59 PDT

Title: AMA w/@hackingdave & @kennwhite
When: Saturday, Aug 8, 11:00 - 11:59 PDT
Where: See Description or Village
Speakers:hackingdave,kennwhite

SpeakerBio:hackingdave
No BIO available
Twitter: @hackingdave

SpeakerBio:kennwhite
No BIO available
Twitter: @kennwhite

Description:
This event requires registration. Please see the link below for more information.

Registration: https://www.eventbrite.com/e/def-con-policy-ama-ask-a-hacker-with-hackingdave-kennwhite-tickets-115981562977

Return to Index - Add to

- ics Calendar file

POV - Saturday - 14:00-14:59 PDT

Title: AMA w/Policymakers
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: See Description or Village

Description:
This event requires registration. Please see the below link for more information.

Registration: https://www.eventbrite.com/e/def-con-policy-ama-ask-a-policymaker-with-tbd-tickets-115983414515

Return to Index - Add to

- ics Calendar file

RCV - Saturday - 13:00-13:45 PDT

Title: Ambly, the Smart Darknet Spider
When: Saturday, Aug 8, 13:00 - 13:45 PDT
Where: Recon Vlg

SpeakerBio:Levi
No BIO available

Description:
Combating cybercriminal activity requires quick turnover time between detecting indicators of attack and moving to protect or remediate the malicious activity. Currently, investigations slow down at the bottleneck of manual labor required to identify and evaluate cyber threat intelligence before making an actionable decision. While this can be an issue on the Clearnet, it becomes a more difficult problem for analysts on the Darknet. This leaves cybersecurity analysts in a position of constant responsiveness, rather than endorsing a position of preemptive protection.

To minimize the need for manual labor in the triage stage of cyber threat intelligence identification and preliminary evaluation on the darknet, Ambly, a smart darknet spider, is currently under development. Utilizing this tool will help identify darknet webpages containing cyber threat intelligence and produce a report ranking webpages for further human evaluation.

Ambly is a tool designed for interacting with the Tor network, hosted by the Tor Project. By connecting to the onion routers, Ambly is able to access ‘.onion’ URLs and begin crawling while gathering information. During the development cycle for Ambly, further layers of machine-learning modules are being added, including Natural Language Processing (NLP) classifications, language identification, and leading toward further development into cyber threat intelligence identification. This is an ongoing and dynamic research endeavor with future updates eminent. Main Talking Points:
- OSINT into CTI
- Difficulties of CTI on the Darknet
- Ambly’s current abilities for intelligence gathering. - The future of Ambly and Darknet CTI.

Recon Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/c/ReconVillage

#rv-talks-text: https://discord.com/channels/708208267699945503/737048009732522014

Return to Index - Add to

- ics Calendar file

BTVW2 - Saturday - 13:30-15:30 PDT

Title: An Introduction to Hunting Adversaries Using the Attack Lifecycle Methodology (Beginner)
When: Saturday, Aug 8, 13:30 - 15:30 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Ben Bornholm
No BIO available

Description:
Have you ever wondered, how should I get started in Threat Hunting? How should I start? What should I hunt for? What tools should I use? How should I do it? Have you always wanted to hunt an APT? Then this intro level workshops is the right place for you. Our workshop will introduce hunting an APT style attack to detect malicious activity at each stage of an attack’s lifecycle.

This workshop will introduce you to the Attack Lifecycle model to create a fundamental framework for hunting adversaries. Our workshop will have you hunt an APT style attack to detect malicious activity at each stage of an attack’s lifecycle. This will enable you to connect information found at one stage as leverage for hunting in another stage.

Participants of this workshop will have the following takeaways: - A fundamental understanding of the attacker mindset - A fundamental understanding of the phases of the Attack Lifecycle - Knowledge of the tools and techniques used by attackers - An ability to hunt for attacker tools and techniques using a SIEM - Exposure to an APT style attack
- IMPORTANT: This is a 101 Intro Workshop

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 12:00-12:30 PDT

Title: Analysis of the Attack Data Collected During Mobile Voting Pilots
When: Saturday, Aug 8, 12:00 - 12:30 PDT
Where: Voting Vlg
Speakers:Nimit Sawhney,Nailah Mims

SpeakerBio:Nimit Sawhney , Co-Founder and CSO, Voatz, Inc.
No BIO available

SpeakerBio:Nailah Mims , Principal Security Engineer/Analyst, Voatz, Inc.
No BIO available

Description:
Since 2018, we have been experimenting with smartphone-app based mobile voting for a very small number of voters across various jurisdictions in the United States. The small-scale nature of these pilots has not prevented attackers and researchers from around the world from attempting to break into the platform at multiple levels. In this paper, we present the significant amount of attack data that has been collected over the past couple of years and an early analysis of the nature of these attack attempts, their lethality, origins, etc. We also present the mitigation measures that have worked and the ones that haven’t. Lastly, we will also dive deeper into a couple of very significant attack attempts and present a detailed analysis of the threat vectors, the attack modality, duration, etc. All this data is being shared in the public domain for the very first time and an anonymized dataset will be available for open downloads. We hope that it will further inform research in this space.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

DC - Saturday - 12:30-12:59 PDT

Title: Applied Ca$h Eviction through ATM Exploitation
When: Saturday, Aug 8, 12:30 - 12:59 PDT
Where: DEF CON Q&A Twitch
Speakers:Brenda So,Trey Keown

SpeakerBio:Brenda So , Security Researcher, Red Balloon Security
Brenda is a security researcher at Red Balloon Security. She earned her Bachelors in Electrical Engineering at The Cooper Union. She has spoken about reverse engineering at Hushcon West and CSAW. She has also organized the ATM CTF challenge at major conferences such as Recon and Defcon. When not messing around with ATMs, she is brewing a nice gallon of beer at her homebrew setup.
Twitter: @Sosogun3

SpeakerBio:Trey Keown , Security Researcher, Red Balloon Security
Trey is a security researcher at Red Balloon Security focusing on securing embedded devices and firmware reverse-engineering automation. He is the co-creator of an ATM CTF challenge which has taken place at Re:con, CSAW, Hushcon, Summercon, and the IoT Village at DEF CON 27. He has also been a speaker at Hushcon West and CSAW.
Twitter: @TreyKeown

Description:
ATMs are networked computers that dispense cash, so naturally they’re uniquely interesting devices to examine. We all remember ATM jackpotting from a decade ago. Unfortunately, it doesn’t look like ATM security has improved for some common models since then.

We present our reverse engineering process for working with an ATM and modifying its firmware. For this, we became our own "bank" by creating software that's able to speak the obscure protocols used by ATMs. For working with the device software at a low level, we restored JTAG access, defeated code signing, and developed custom debugging tools. We then leveraged this research to discover two 0-day network-based attacks, which we will demonstrate live. The first vulnerability takes advantage of the ATM’s remote administration interface, which can lead to arbitrary code execution and total device compromise. The second vulnerability is in the OEM’s implementation of a common middleware for ATM peripherals. This allows for command injection and jackpotting of ATMs over the network.

The high barrier to entry for even legally opening up one of these devices has left a lot of attack surface area unchecked. Through this talk, we want to shed light on the state of ATM security and encourage the security community to continue to challenge ATM vendors to do better.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: AppSec Village CtF
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
CTFs test your skills, challenge your ingenuity and push mental boundaries. But what is even MORE AWESOME than a regular CTF?

A (CTF)2!! A competition that stretches your creative mind as a task author and makes you step up your game as a task player. This year, AppSec Village @ DEF CON 28 invites you to compete in both roles!

Forum: https://forum.defcon.org/node/232292

Discord: https://discord.com/channels/708208267699945503/728703600586522739

Twitter: https://twitter.com/appsec_village

Web: https://www.appsecvillage.com/

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 15:15-16:15 PDT

Title: APTs <3 PowerShell and Why You Should Too
When: Saturday, Aug 8, 15:15 - 16:15 PDT
Where: Red Team Vlg
Speakers:Anthony Rose,Jake “Hubbl3” Krasnov

SpeakerBio:Anthony Rose
Anthony “Cx01N” Rose, CISSP, is the Chief Operating Officer of BC-Security and Lead Pentester at Merculite Security. He has more than a decade’s worth of experience in digital communications, working with Red and Blue teams, and as an electrical engineer. His research has focused on wireless networks and embedded systems security. Anthony leveraged his research at DEF CON 24, where he published his work revealing wide-spread vulnerabilities in Bluetooth locks and brought awareness to the masses. His workshop at DEF CON 27 resulted in the reboot of the post-exploitation framework, Empire, which he actively develops and maintains.

SpeakerBio:Jake “Hubbl3” Krasnov
Jake “Hubbl3” Krasnov is the Chief Executive Officer of BC-Security. He spent the first half of his career as an astronautical engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. His most recent focus has been on developing cybersecurity testing tools for embedded systems. He was an instructor at DEF CON 27, where he taught AMSI evasion techniques and his most recent efforts contributed to the resurrection of the post-exploitation framework Empire.

Description:
Quite often, you may have heard people mention, “Why should you bother learning PowerShell, isn’t it dead?” or “Why not just use C#?” Many individuals in the offensive security field have a common misconception that PowerShell is obsolete for red team operations. Meanwhile, it remains one of the primary attack vectors employed by Advanced Persistent Threats (APTs). APTs are known for implementing sophisticated hacking tactics, techniques, and procedures (TTPs) to gain access to a system for an extended period of time. Their actions typically focus on high-value targets, which leave potentially crippling consequences to both nation-states and corporations. It is crucial that Red Teams accurately emulate real-world threats and do not ignore viable attack options. For this talk, we will walk through how many threat actors adapt and employ PowerShell tools. Our discussion begins with examining how script block logging and AMSI are powerful anti-offensive PowerShell measures. However, the implementation of script block logging places a technical burden on organizations to conduct auditing on a substantial amount of data. While AMSI is trivial to bypass for any capable adversary. Finally, we will demonstrate APT-like PowerShell techniques that remain incredibly effective against the latest generation of network defenses.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

FSL - Saturday - 19:00-19:59 PDT

Title: Ask the EFF/Meet the EFA
When: Saturday, Aug 8, 19:00 - 19:59 PDT
Where: DEF CON Fireside Twitch
Speakers:Abi Hassen,Alexis Hancock,Elliot,Emilie St-Pierre,Eva Galperin,Hannah Zhao,Kurt Opsahl,nash,Rory Mir,Tracy Rosenberg

SpeakerBio:Abi Hassen
Abi Hassen is an attorney, technologist, and co-founder of the Black Movement-Law Project (BMLP), a legal support rapid response group that grew out of the uprisings in Ferguson, Baltimore, and elsewhere. He is currently a partner at O'Neill and Hassen LLP; a law practice focused on indigent criminal defense. Prior to his current work, he was the Mass Defense Coordinator at the National Lawyers Guild. Abi has also worked as a political campaign manager and strategist, union organizer, and community organizer. Abi conducts training, speaks, and writes on topics of race, technology, (in)justice, and the law.

SpeakerBio:Alexis Hancock
Alexis works to secure the web by working on HTTPS Everywhere. She has previously been a web developer and system administrator for 7 years and a statistician in the education realm. She has earned degrees from the Rochester Institute of Technology in Media Arts and Technology (B.Sc.) and The New School in Organizational Change Management (MS). She is very passionate about encryption and tech equity for all and has been assisting activists and educators with their tech needs for almost 10 years.

SpeakerBio:Elliot
Elliot is a motion artist and creative coder who works in interactive, fabrication, and large scale immersive experiences. Elliot blends visual work with an interest in mutual aid, security, and privacy online. Based in Brooklyn.

SpeakerBio:Emilie St-Pierre , Security Ambassador
Emilie St-Pierre is the Security Ambassador for Future Ada, a Spokane-based non-profit advocating for diversity and inclusion in STEAM. For the past six years, she has used her experience as an offensive security professional to provide privacy and security education within her community. Through her work with Future Ada, she has established free regular workshops and one-on-one technical support to the public. Emilie's focus has been to provide these workshops and services to underrepresented members of the public.

SpeakerBio:Eva Galperin , Director of Cybersecurity
Eva Galperin is EFF's Director of Cybersecurity. Prior to 2007, when she came to work for EFF, Eva worked in security and IT in Silicon Valley and earned degrees in Political Science and International Relations from SFSU. Her work is primarily focused on providing privacy and security for vulnerable populations around the world. To that end, she has applied the combination of her political science and technical background to everything from organizing EFF's Tor Relay Challenge, to writing privacy and security training materials (including Surveillance Self Defense and the Digital First Aid Kit), and publishing research on malware in Syria, Vietnam, Kazakhstan. When she is not collecting new and exotic malware, she practices aerial circus arts and learning new languages.

SpeakerBio:Hannah Zhao
Hannah is a staff attorney at EFF focusing on criminal justice and privacy issues, and is part of the Coder's Rights Project. Prior to joining EFF, Hannah represented criminal defendants on appeal in state and federal courts in New York, Illinois, and Missouri, and also worked at the human rights NGO, Human Rights in China. While pursuing her law degree at Washington University in St. Louis, she represented indigent defendants and refugee applicants in Durban, South Africa, and studied international law at Utrecht University in the Netherlands. She also competed in, and remains involved with, the Philip C. Jessup International Moot Court Competition, including as a problem author in 2019. In college, Hannah studied Computer Science and Management at Rensselaer Polytechnic Institute. In her spare time, she likes to climb things.

SpeakerBio:Kurt Opsahl , Deputy Executive Director and General Counsel, EFF
Kurt Opsahl is the Deputy Executive Director and General Counsel of the Electronic Frontier Foundation. In addition to representing clients on civil liberties, free speech and privacy law, Opsahl counsels on EFF projects and initiatives. Opsahl is the lead attorney on the Coders' Rights Project, and is representing several companies who are challenging National Security Letters. Before joining EFF, Opsahl worked at Perkins Coie, where he represented technology clients with respect to intellectual property, privacy, defamation, and other online liability matters, including working on Kelly v. Arribasoft, MGM v. Groksterand CoStar v. LoopNet. For his work responding to government subpoenas, Opsahl is proud to have been called a "rabid dog" by the Department of Justice. Prior to Perkins, Opsahl was a research fellow to Professor Pamela Samuelson at the U.C. Berkeley School of Information Management & Systems. Opsahl received his law degree from Boalt Hall, and undergraduate degree from U.C. Santa Cruz. Opsahl co-authored "Electronic Media and Privacy Law Handbook." In 2007, Opsahl was named as one of the "Attorneys of the Year" by California Lawyer magazine for his work on the O'Grady v. Superior Court appeal. In 2014, Opsahl was elected to the USENIX Board of Directors.

SpeakerBio:nash
nash leads EFF's grassroots, student, and community organizing efforts. As the lead coordinator of the Electronic Frontier Alliance, nash works to support the Alliance's member organizations in educating their neighbors on digital-privacy best practices, and advocating for privacy and innovation protecting policy and legislation.

SpeakerBio:Rory Mir
Rory is a Grassroots Advocacy Organizer primarily working on the Electronic Frontier Alliance. They are also a doctoral student of psychology at the City University of New York Graduate Center studying activist pedagogy. Before coming to the EFF they were active in several New York City groups including the Cypurr Collective, a member of the EFA engaging in community education on matters of cybersecurity. A long time advocate for open education and open science, they want to break down any barriers folks face to free expression, creativity, or knowledge.

SpeakerBio:Tracy Rosenberg
Tracy Rosenberg has worked as Media Alliance's Executive Director since 2007 and coordinates Oakland Privacy, a citizens coalition that works regionally to defend the right to privacy and enhance public transparency and oversight regarding the use of surveillance techniques and equipment. OP has written use policies and impact reports for a variety of surveillance technologies, conducted research and investigations, and developed frameworks for the implementation of equipment with respect for civil rights, privacy protections, and community control. Tracy blogs on media policy and surveillance and is published frequently around the country. She currently sits on the board of the Alliance for Community Media Western Region and Common Frequency serves on the anchor committee of the Media Action Grassroots Network

Description:
Join the Electronic Frontier Foundation—the nation's premiere digital civil liberties group fighting for freedom and privacy in the computer age—for a candid chat about how the law is racing to catch up with technological change and discovery.

Then meet representatives from Electronic Frontier Alliance (eff.org/fight) allied community and campus organizations from across the country. These technologists and advocates are working within their communities to educate and empower their neighbors in the fight for data privacy and digital rights.

This discussion will include updates on current EFF issues such as the government's effort to compromise free expression online, the fight to end face surveillance, updates on cases and legislation affecting security research, and discussion of EFF's technology projects empowering users with greater control of what information they share online.

Half of this session will be given over to question-and-answer, so it's your chance to ask EFF questions about the law, surveillance and technology issues that are important to you.

Discord: https://discord.com/channels/708208267699945503/738141986476916826

DEF CON Fireside Lounges will be live-streamed on Twitch.

#fireside-lounge-text: https://discord.com/channels/708208267699945503/738141986476916826

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 08:30-08:59 PDT

Title: Attacking Flight Management Systems: This Is Your Captain Speaking, We Have A Small Problem!
When: Saturday, Aug 8, 08:30 - 08:59 PDT
Where: Aerospace Vlg
Speakers:Javad Dadgar,Mohammad-Reza Zamiri,Reza Dorosti

SpeakerBio:Javad Dadgar
Javad Dadgar is an independent security researcher. He is currently working as a red teamer and part-time bug bounty hunter with 4 years of experience. Also he is interested in the aviation industry.

SpeakerBio:Mohammad-Reza Zamiri
Mohammad-Reza Zamiri is a cybersecurity researcher with more than 8 years of experience. His research focuses on computer and network security, with an emphasis on detecting vulnerabilities and threats, penetration testing, as well as embedded or cyber-physical systems. He has published several research papers and presented on top conferences including (ACM CCS, ACSAC, Kaspersky) and currently is working as a senior security analyst. He also likes to play CTF and was the champion of the first national ICS CTF(2019) in Iran.

SpeakerBio:Reza Dorosti
Reza Dorosti is a software reverse engineer with more than 15 years of experience with performing dynamic analysis of software binaries and also assembly language, including x86, ARM, MIPS. He is a fan of embedded devices security.

Description:
Modern aircrafts are heavily relied on flight management systems to automate a wide variety of in-flight tasks, including producing flight plans, reducing the workload on the pilot, or allow the airplane to hook up the autopilot. Vulnerabilities in such systems could allow an attacker to manipulate critical data that are important during a flight.

In this talk, we will present the result of our research on the security of a famous flight management system and how we managed to detect a weakness in its security mechanism using reverse engineering. Then we will discuss possible risk scenarios regarding manipulation of mentioned critical data.

During this research, we have found a method to modify the navigation data on a flight management computer and also identified some risk scenarios that we think could cause some problems. We hope this may lead to future research and make the aviation industry more secure.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

CLV - Saturday - 14:00-14:45 PDT

Title: Attacking the Helmsman
When: Saturday, Aug 8, 14:00 - 14:45 PDT
Where: Cloud Vlg

SpeakerBio:Mohit Gupta
Mohit has been a Security Consultant at F-Secure Consulting (previously known as MWR InfoSecurity) for the past four years with one of his specialiastions in containerisation and orchestration technologies. Mohit leads the delivery of security services in these areas, and has been involved in a wide variety of offensive and defensive security engagements involving Docker, Docker Swarm and Kubernetes. In addition to this, he has developed and led training both externally and internally for these areas.
Twitter: @_Skybound

Description:
Kubernetes is rapidly growing in popularity and is the most popular technology for container orchestration. However, it also brings its own set of challenges and security issues which may lead to novel or unexpected attack scenarios. This talk aims to go over various areas of Kubernetes security and ways that Kubernetes features could be leveraged by an attacker. It will review the core architecture and functionality of Kubernetes from a security perspective, and cover most of the common Kubernetes security features, including Pod Security Policies, Network Policies, and RBAC.

These discussions will be underlined by examples of attack paths that have been found in real-world environments, discussing how it was possible to exploit misconfigurations to escalate privileges with the end goal of compromising the cluster and breaking out into the broader environment.

YouTube: https://www.youtube.com/watch?v=gwBG_oKDINQ

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520

Return to Index - Add to

- ics Calendar file

Title: Back to the future: Computer science and systems biology
When: Saturday, Aug 8, 01:00 - 01:59 PDT
Where: Red Team Vlg
Speakers:Dr Lorenz Adlung,Noa Novogroder

SpeakerBio:Dr Lorenz Adlung
Dr. Lorenz Adlung (@lorenzadlung) obtained his PhD from Heidelberg University in Germany. Since 2017 he's a visiting scientist at the Weizmann Institute of Science in Israel working in the field of computational biology, with strong emphasis on both, the computation and the biology. Besides his profession, his main passion is science communication, preferably through poetry and performance.

SpeakerBio:Noa Novogroder
Noa Novogroder (@noanovo) graduated from the first round of the Israeli cyber security academy and is currently a master student at the Weizmann Institute of Science in Israel. Before turning into biology, she’s worked for several years at Checkpoint, an Israeli high-tech company in the field of cyber security. In her free time, she likes to swim and offer cure to obese mice.
Twitter: @noanovo

Description:
Which creature implemented code injection 1.5 billion years before any computer malware did? What is the decoding algorithm being used in each of our cells to run the program written in our genes? As computer scientists, we are pushing the edge to develop disruptive technologies for the future. In fact, we can learn from an industry that has been evolving since long before humankind existed: The evolution of biological systems. With our proposal we hope to show the incredible parallels between bacteria and computer malware, the complex algorithms implemented in each of our cells, and how each plays a pivotal role in furthering the research of the other. This lecture will take the audience on an educational journey through both disciplines. This will foster interdisciplinary collaboration and inspire innovative solutions to future challenges for instance in the context of synthetic biology (i.e. creating artificial life), or personalized medicine (i.e. machine learning to treat patients). We are made up of trillions of computational devices. The cells within our body are information-processing units, with memory, storage, cooling and communication devices. Hardware for executable programs was very successfully shaped during the evolution of uncountable biological entities. We are presenting a wormhole between the two parallel universes of computer science and systems biology. A leap through space and time will allow us to connect the evolution of life with recent advances in computer science. An intimate exchange between the computational and the biological spheres is a prerequisite for future generations to work together on aspects of gene editing, robotics and artificial intelligence. As an incentive, we will perform a small quiz during our lecture with attractive prizes. It is our firm belief that we are the right team to foster discussions on life-inspired computer (r)evolution. Lorenz holds a PhD in Systems Biology and works as a freelancing author, consultant and keynote speaker besides being a visiting scientist at the Weizmann Institute of Science, Israel. Noa is a cyber-security expert with seven years of work experience in a high-profile IT company in Israel. Together we will stir an interactive debate on the subject.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

MOV - Saturday - 13:30-14:30 PDT

Title: Badge Clinic
When: Saturday, Aug 8, 13:30 - 14:30 PDT
Where: Monero Vlg

SpeakerBio:Michael Schloh von Bennewitz
No BIO available

Description:
With the help of a close range circuit camera, Michael illustrates the circuits of several recent conference hardware devices, including prototype models. Devices in circulation and on display include: DC28 Intervillage Badge DC27 Rising Badge 35C3 Blockchain DC26/BCOS Badge HCPP19 Badge HCPP18 Badge This is not a speech presentation, rather it is an easy office hours with show and tell to invite questions and answers about low power electronic devices. Visit the Badge Clinic on any day of Defcon in the Monero Village channel.

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676

Return to Index - Add to

- ics Calendar file

DCG - Saturday - 12:00-12:59 PDT

Title: Basic OSINT: Mining Personal Data
When: Saturday, Aug 8, 12:00 - 12:59 PDT
Where: DEF CON Groups

Description:
Presentation by DC574 (Indiana, USA)

All DEF CON Groups presentations are happening in AltSpace.

AltSpace: https://account.altvr.com/events/1520704529866162594

Listen @ #dcg-stage-voice: https://discord.com/channels/708208267699945503/740428852999880704

Interact @ #dcg-stage-text: https://discord.com/channels/708208267699945503/710379858429083698

Return to Index - Add to

- ics Calendar file

ASV - Saturday - 09:00-09:59 PDT

Title: Be Like Water: What Bruce Lee Can Teach Us About AppSec
When: Saturday, Aug 8, 09:00 - 09:59 PDT
Where: AppSec Vlg

SpeakerBio:Fredrick "Flee" Lee
No BIO available
Twitter: @fredrickl

Description:
Every few years, security “thought leaders” tell us what is the one, proper way to practice application security. I’m just as guilty of this as anyone else in the “industry”. But, it turns out there isn’t just one true style of effective AppSec. This talk walks through my path of letting go of dogma, finding my style, and returning back to always being a student of the game. “Absorb what is useful, reject what is useless, add what is essentially your own.”

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Be the Match - registration drive
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Be the Match registration drive is returning once again! Swing by and check out one of the coolest biohacks out there, and how you could be the next person to save a life through cellular therapy.

Discord: https://discord.com/channels/708208267699945503/711643405004046457

Web: https://bethematch.org

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Bio-Hacking - Hospital Under Siege
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Adversaries have gained a foothold in your local hospital and are increasing their control over clinical systems and medical devices. Soon they make it clear they’re not after patient records or financial information, but are out to disrupt care delivery and put patients lives at risk. Your team received an urgent request to use your blue, red, and purple team skills to defend against the escalating attacks, attempt to unmask the adversary, and - above all - protect patient lives.

Hospital Under Siege is a scenario-driven Capture the Flag contest run by the Biohacking Village, pitting teams of participants against adversaries and against a clock, to protect human life and public safety. Participants will compete against each other on both real and simulated medical devices, in the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. Teams of any size are welcome, as are players from all backgrounds and skill levels. Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with exotic protocols like DICOM, HL7 and FHIR.

Forum: https://forum.defcon.org/node/232894

Discord: https://discord.com/channels/708208267699945503/711643365120278540

Twitter: https://twitter.com/DC_BHV

Web: https://www.villageb.io/

Return to Index - Add to

- ics Calendar file

BCV - Saturday - 13:00-13:30 PDT

Title: Blockchain for Cyber Defense: Will it be as good as you think?
When: Saturday, Aug 8, 13:00 - 13:30 PDT
Where: Blockchain Vlg
Speakers:Seungjoo,Suhyeon Lee

SpeakerBio:Seungjoo
No BIO available

SpeakerBio:Suhyeon Lee
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

BTVT1 - Saturday - 14:00-14:59 PDT

Title: Blue Team Village & Red Team Village Panel
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: Blue Team Vlg - Talks Track 1
Speakers:Joseph Mlodzìanowskì (cedoXx),Adam Mashinchi,Plug,Dani,Jorge Orchilles,David J. Bianco

SpeakerBio:Joseph Mlodzìanowskì (cedoXx)
No BIO available
Twitter: @cedoxX

SpeakerBio:Adam Mashinchi
Adam Mashinchi is SCYTHE's VP of Product Management where he leads the project management, design, and quality assurance departments for SCYTHE's product portfolio. Before SCYTHE, Adam defined and managed the development of enterprise security and privacy solutions with an emphasis on usable encryption at a global scale and led numerous technical integration projects with a variety of partners and services.
Twitter: @adam_mashinchi

SpeakerBio:Plug
No BIO available
Twitter: @plugxor

SpeakerBio:Dani
No BIO available
Twitter: @_ChezDaniela

SpeakerBio:Jorge Orchilles
No BIO available
Twitter: @jorgeorchilles

SpeakerBio:David J. Bianco
David is a defensive security researcher specializing in incident detection & response. HIs major focus areas are threat hunting and the strategic consumption of Cyber Threat Intelligence. He's currently a Principal Engineer, Cybersecurity at a major US retailer.

David is probably most well known as the originator of the Pyramid of Pain and the Hunting Maturity Model. You can follow him online via Twitter @DavidJBianco or subscribe to his blog, Enterprise Detection & Response.

Twitter: @DavidJBianco

Description:No Description available

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 14:00-14:50 PDT

Title: Bluetooth Security in Automotive
When: Saturday, Aug 8, 14:00 - 14:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Kamel Ghali
Kamel Ghali is a veteran of the automotive security industry, with experience working both within the automotive industry and as an external consultant. His passion for automotive security goes beyond his work, with him volunteering as an instructor for the Society of Automotive Engineers (SAE) Cyber Auto Challenge and leading the Japanese branch of the Automotive Security Research Group (ASRG). He's a two-time finalist of the Car Hacking Village's annual DefCon CTF and active member of the CHV community. He currently works at White Motion, an automotive cybersecurity firm based in Tokyo, Japan.

Description:
Bluetooth is a short-range cable replacement technology that is found in millions of IoT devices around the world. Due to its ubiquity and breadth of functionality, it's been seen in vehicles as early as the late 2000s. While commonly used for phonebook access, hands-free phone usage, and media control, Bluetooth is nonetheless an important vector to consider when analyzing a vehicle's security case. In this CHV101 lecture, we'll explore Bluetooth as a technology and its relevance to automotive cybersecurity.

#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs

Return to Index - Add to

- ics Calendar file

LPV - Saturday - 15:00-15:59 PDT

Title: Bobby Pins, More Effective Than Lockpicks?
When: Saturday, Aug 8, 15:00 - 15:59 PDT
Where: Lockpick Vlg

SpeakerBio:John the Greek
No BIO available

Description:
When should you not have picks in your pocket? Answer, never... but

This course will present to the novice and the less prepared suggestions for improvising lockpicks when the proper tools are not on hand as well as techniques of bypass that are more effective than trying to pick a lock especially when you don't have the proper tools on hand. This class is ideal for our current situation! Those interested should look around their locations for the following:

Bobby pins
Paper clips (big ones)
Pocket clips from ink pens (Pilot rollerball) Old Wind Shield Wipers
Spark Plug Gappers
Bra Underwire

... and my favorite
Street cleaner bristles

The course will take approximately and hour

Lockpick Village activities will be streamed to Twitch.

Return to Index - Add to

Title: Bypassing Biometric Systems with 3D Printing and Enhanced Grease Attacks
When: Saturday, Aug 8, 15:30 - 15:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Yamila Levalle , Researcher at Dreamlab Technologies
Yamila Vanesa Levalle is an Information Systems Engineer, Security Researcher and Offensive Security Professional with more than 15 years of experience in the InfoSec area.

Yamila currently works as Security Researcher and Consultant at Dreamlab Technologies where she specializes in offensive techniques, conducts researches, gives trainings and write papers and blog posts. She is an international security conferences speaker and has presented her researches at important events such as BlackHat Arsenal Vegas, PHDays Moscow, Northsec Montreal, AusCERT Australia, 8.8 Security Conference Vegas, SCSD Fribourg, Ekoparty Ekolabs, OWASP Latam Tour and others. She has taught ethical hacking courses for women, CTF courses for beginners and several information security trainings.

Description:
Due to the well-known vulnerabilities in traditional authentication methods through users, passwords and tokens; biometric systems began to be widely implemented in millions of devices with the aim of having a more practical authentication system for users and -supposedly- more robust in terms of security.

Security researchers were not far behind and started to analyze the security of these biometric controls. In recent years, different techniques have been presented to bypass the authentication of, for example, the smartphones that began to implement these systems.

What is new in this talk? avoiding focusing on a particular device, we have gone deeper studying the operation of the sensors implemented in different biometric systems (Optical, Capacitive, Ultrasonic, Facial, etc.) and consequently, we discovered new techniques to bypass them. Through this talk, we will show how to fool biometric sensors by the enhanced grease attacks and, even better, the techniques to succeed at bypassing these controls using 3D printing.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 20:15-21:15 PDT

Title: Bypassing in Mobile Network From Red-Team Points of View
When: Saturday, Aug 8, 20:15 - 21:15 PDT
Where: Red Team Vlg

SpeakerBio:Ali Abdollahi
Ali Abdollahi is a cyber security expert with over 8 years of experience working in a variety of security fields. Ali is a full-time consultant helping clients with product security testing, reverse engineering, penetration testing, exploit developing, red-teaming, secure coding, and more, giving him ample opportunity to use his skills in a diversity of ways. In addition, He is instructor, author and board of review at Hakin9 company. Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs. Ali is a regular speaker and trainer at industry conferences.
Twitter: @AliAbdollahi2

Description:
This talk focus on reviewing implementation of new security features in mobile networks as well as detecting techniques and bypassing methods from red team perspective . The scope of the illustration include both radio (SDR) and signalling core network attacks. - The outline of the presentation // max 500 words One of the most complicated network is mobile telecom network. There are some segments include signalling, charging, packet data, Radio etc. Still there are many security holes that allow attackers to compromise the network and however telecom companies enable security mechanisms and put some security devices. In this talk, I will cover common high-tech security solutions used by telecom operators and and all ways to detect and after that bypass it as well as security recommendations to prevent theses activities. In this talk I will start the presentation with recent telecom abuse and related hacking news in 2019. In the next section I will cover common mobile network vulnerabilities and architecture. After that illustrate security of radio access network (RAN) and bypassing scenarios and techniques: 1. Mobile Phone Registration (IMEI policies) Bypass 2. Bypassing Unrevealed Ciphering Algorithms 3. 5G, LTE/LTE Advanced Bypass
The next part of the talk will be assign to Circuit Switch network (Signaling) and the technical bypass techniques are as below: 1. Home Routing Detection
2. Bypassing Home Routing
3. Signalling Firewall Detection
4. Bypassing Signalling Firewall
And at the final section I will explain security solutions to defend against these malicious techniques.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 09:00-15:59 PDT

Title: Cal Poly Workshop - Simulated Satellite Communications on Raspberry Pi
When: Saturday, Aug 8, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
Users will need to purchase own equiptment before the workshop/challenge is run. (users will attempt to see simulated altitude, battery level, telemetry data from the mock satellite. It will be awesome because, we will expose participants new to the convergence of space and cybersecurity a crawl/beginner experience to gain their interest. It's designed as a workshop. The Convergence of Space & Cybersecurity Innovation.

The goal of this workshop would be to construct a “CubeSat Simulator Lite https://github.com/alanbjohnston/CubeSatSim/wiki” specifically https://github.com/alanbjohnston/CubeSatSim/wiki/CubeSat-Simulator-Lite.

We would run through the installation of the software via a screensharing method. We’d show participants how to setup a Raspberry Pi, set up the device, install the necessary packages, attach a necessary antenna, and view the transmitted data using a software defined radio.

Building materials:
Raspberry Pi Kit - https://www.amazon.com/dp/B07BCC8PK7/ Software Defined Radio - https://www.amazon.com/dp/B011HVUEME/

Return to Index - Add to

- ics Calendar file

ASV - Saturday - 15:00-15:45 PDT

Title: Can't Touch This: Detecting Lateral Movement in Zero-Touch Environments
When: Saturday, Aug 8, 15:00 - 15:45 PDT
Where: AppSec Vlg

SpeakerBio:Phillip Marlow
Phillip Marlow is a cybersecurity and DevOps engineer. He helps organizations understand how to adopt DevOps practices to increase their security rather than sacrifice it in the name of speed. Phillip holds several security, cloud, and agile certifications and is currently pursuing a Master’s Degree in Information Security Engineering at SANS Technology Institute.
Twitter: @wolramp

Description:
Zero-touch environments are a product of the fast-moving world of DevOps which is being adopted by an increasing number of successful companies. This session will show that by leveraging the constraints of this environment, we can identify malicious network traffic which would otherwise blend into the noise.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Capture The Packet (CTP)
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Come compete in the world’s most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible. Follow us on Twitter or Facebook (links below) to get notifications for dates and times your team will compete, as well as what prizes will be awarded.

Twitter capturetp: https://twitter.com/capturetp

Twitter wallofsheep: https://twitter.com/wallofsheep

Discord: https://discord.com/channels/708208267699945503/711643512625430529

Web: https://www.capturethepacket.com/

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 16:00-16:50 PDT

Title: Car (to Cloud) Talk: Using MQTT for Car Hacking
When: Saturday, Aug 8, 16:00 - 16:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Jaime
Jaime is an EE turned software developer turned security researcher. She caught the infosec bug through playing CTFs, and now works at GRIMM hacking cars. In her spare time, she adds LEDs to things and hangs out with her dog.

Description:
As with IoT, cars are becoming increasingly "smart". In the automotive and trucking world, this means adding the ability to collect real-time telemetry data, gather information for predictive maintenance, as well as consumer features like remote lock/unlock. This talk will cover the internals of how MQTT--a lightweight messaging protocol frequently used in automotive and IoT--works, and how it's used in automotive applications.

#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Car Hacking Village CTF
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Come learn, hack, play at the Car Hacking Village. The village is an open, collaborative space to hack actual vehicles that you don't have to worry about breaking! Don't have tools? We'll loan you some. Never connected to a car? We'll show you how. Don't know where the controllers are? We'll show you how to take it apart.

Additionally we'll host a Donkey Car race. Check out our web site for up to date info.

Want to race? Check out of full car simulator(s).

Want to learn more about automotive hacking and cyber security? Check out our talks.

Want to hack mobility scooters? Yes! We'll do that to.

Also, check out the CHV CTF.

Discord: https://discord.com/channels/708208267699945503/711643596658311229

Twitter: https://twitter.com/CarHackVillage

Web: https://www.carhackingvillage.com/

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 07:15-08:15 PDT

Title: Catch Me if You Can
When: Saturday, Aug 8, 07:15 - 08:15 PDT
Where: Red Team Vlg

SpeakerBio:Eduardo Arriols
Eduardo Arriols is RootPointer's Founder, a Cybersecurity Startup. Previously, he has worked for 6 years as head of Red Team teams in different organizations, coordinating and developing only advanced intrusion exercises (Red Team) at the international level (America, South America and Europe). Undergraduate and postgraduate university professor at U-tad University, where he teaches in the different courses of the Software Engineering degree. Likewise, he also teaches in different postgraduate courses at other Spanish Universities like UCLM and URJC. Author of the book "The Company's Red Team" by the 0xWord publisher (Spanish), which describes the Red Team concept, and how to run intrusion simulations on an organization at a technical level. Security researcher and speaker at national and international conferences such as RootedCON, Navaja Negra, STIC Conference (CCN-Cert) or 8.8 Security Conference (Chile and Bolivia).

Description:
The presentation will show, from a technical point of view, how to deploy backdoors to guarantee access to an organization. Initially, a brief review about types of persistance, locations where it can be deploy and common aspects to be taken into account will be carried out, to then go on to describe all the details that allow a Red Team to guarantee access to the entity without the organization being able to detect it or being able to expel the attacker before the attacker re-enters using another alternative persistence. The presentation will feature the following highlights: - General introduction to the concepts necessary to understand the details regarding the scenarios where it is necessary to deploy persistence in an organization (in real intrusion). - Reverse connection typology such as situations where there is direct access to the Internet, connection via proxy, proxy with authentication, DNS, … - Infrastructure and techniques for persistence deployment, indicating the type of servers and advanced techniques such as Domain fronting, IP laundry, ... - Traditional deployment of persistence on an organization both in existing systems in DMZ, internal servers, workstations, Cloud servers, Active Directory, … - Alternative persistence to guarantee unknown access through users with predictable credentials based on password history, Wireless backdoor on workstations (in both directions), extracting internal WiFi passwords, pivoting through resource reconstruction, periodic tasks to modify AD setting, monthly Outlook rules configured and upload interna GAL table of users, visual information extraction using screen and others. - Anti-forensic techniques for the deployment of persistence, to avoid the identification of these by the Security team. - Types of behavior to act and techniques when the security team detects a persistence, allowing access to the entity to be recovered before having lost access to company. The combined use of the exposed techniques and actions, as will be shown in the presentation, means that the security team does not have the ability to expel the Red Team in any case, allowing the intrusion to be carried out with greater freedom. The presentation is the result of experience in developing deep Red Team exercises on the main organizations in Spain (IBEX35), as well as large banking and industrial entities in Europe and America for more than 6 years. After the presentation, an Open Source tool will be published to help in the development of the persistence deployment.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 11:30-11:59 PDT

Title: Checklist For Aviation Vulnerability Disclosure: Don't Go It Alone
When: Saturday, Aug 8, 11:30 - 11:59 PDT
Where: Aerospace Vlg

SpeakerBio:Jay Angus
Mr. Jay Angus is a career civil servant with 16 years of experience as a federal employee. He currently serves as the federal lead for the Industrial Control Systems Vulnerability Management and Coordination program within Cybersecurity Infrastructure Security Agency. Prior to joining CISA, he worked for 10 years as an Information Assurance Manager at Naval Hospital Pensacola and SpaWar.

In his current role, he manages day to day operations within the Cybersecurity Infrastructure Security Agency ICS vulnerability disclosure program. As the federal lead for this program he provides oversight of the responsible disclosure of Industrial Control Systems, IoT equipment, and medical devices. One of the significant challenges of this mission space is developing the trust of vendors, asset owners, and researchers, while providing actionable mitigation and remediation strategies to the system owners across the sixteen critical infrastructure sectors.

Description:
Cybersecurity vulnerabilities are ever present in IT and OT systems and the aerospace sector is not exempt from these findings. What should a researcher or vendor do when they find a vulnerability? This is a common question but can have many and variety complex answers. Showing how a few simple steps by each participant in the process of coordinated disclosure can decrease the stress of the efforts and result in trust among researchers and a more resilient aviation sector.

Major points will focus on:
- What researchers should be doing in preparation of disclosure. - When a researcher should be looking for help with coordination. - Questions vendor should be asking in preparation of a public disclosure. - Each disclosure is a unique event and should be leveraged to build upon.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

BHV - Saturday - 16:00-16:30 PDT

Title: Chinese Military Labratory Mission + COVID-19
When: Saturday, Aug 8, 16:00 - 16:30 PDT
Where: BioHacking Vlg

SpeakerBio:The Red Dragon
No BIO available

Description:
Chinese Military Labratory Mission + COVID-19 discusses respectful research regarding military labs in the People's Republic of China and potential implications for weaponizing viruses, such as COVID-19. Audience will receive a filled experienced trip in the Chinese Military bio-weapons programs.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 16:00-16:59 PDT

Title: ChupaCarBrah: Open Source Hardware and Software for Interacting with your Vehicle CAN Bus
When: Saturday, Aug 8, 16:00 - 16:59 PDT
Where: Car Hacking Vlg 002

SpeakerBio:Marcelo Sacchetin
No BIO available

Description:
Commercial products for interacting with CAN can be pricey and not easily extensible. Some good open source hardware are very often out of stock by distributors. ChupaCarBrah is a Python based device for sending and receiving CAN messages from your vehicle that requires just a BeagleBone Blue and some wiring.

We cover how to build a device 100% based on open source software and hardware. It makes it more affordable, and easy to use/extend. It is designed for newcomers to the car hacking community, and also for more seasoned hackers that will be able to leverage a single board computer attached to the car's CAN bus. As an example on how to extend it, we show how to use cellular LTE network to exfiltrate all the OBDII/CAN and GPS data to the cloud. It is pretty useful specially for remotely monitoring the car, and also for online training and/or virtual meetings. All source code and detailed instructions on how to install, assemble and use the device are shared on Github and Hackster.io.

#chv-track002-text: https://discord.com/channels/708208267699945503/739564953014632579

YouTube: https://www.youtube.com/watch?v=5DYhXbWkWoA&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack002

Return to Index - Add to

- ics Calendar file

DL - Saturday - 16:00-17:55 PDT

Title: CIRCO v2: Cisco Implant Raspberry Controlled Operations
When: Saturday, Aug 8, 16:00 - 17:55 PDT
Where: See Description or Village

SpeakerBio:Emilio Couto
Emilio Couto (@ekio_jp) is a Security Consultant with more than 20 years of experience in the network and security field.Born and raised in Argentina, he is currently located in Japan where multitasking between language, culture and technologies is a must.Over the last decade focusing mainly on Finance IT and presenting tools in conferences (DEF CON, BlackHat Asia, HITB, Code Blue, AV Tokyo and SECCON).In his spare time he enjoys 3D printing, tinkering electronics and home-made IoT devices.
Twitter: @ekio_jp

Description:
Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of "Sec/Net/Dev/Ops" enterprise tools to capture network credentials in stealth mode

Audience: Offense/Hardware

Interact @ #dl-couto-circo-v2-text: https://discord.com/channels/708208267699945503/730256145771659335

Watch @ #dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988

Github: https://github.com/ekiojp/circo

Forum: https://forum.defcon.org/node/233127

Return to Index - Add to

- ics Calendar file

CLV - Saturday - 13:15-13:59 PDT

Title: Cloud Frontier
When: Saturday, Aug 8, 13:15 - 13:59 PDT
Where: Cloud Vlg

SpeakerBio:Setu Parimi
Setu Parimi is a Cloud Security Architect with specialization towards defense-in-depth and incident response in the cloud-native environments.
Twitter: @setuparimi

Description:
Cloud Frontier is a security monitoring tool for Internet Facing Assets in AWS, GCP, and Azure. It can be quickly deployed into AWS and will periodically enumerate internet-facing IP addresses, Domain Names, Block Storages, CDNs, and Object Storage resources from AWS, GCP, and Azure.

The results from this enumeration process are pushed into a DynamoDB and then are sent to analyzers using an asynchronous queuing system. Analyzers use Shodan, VirusTotal, URLScan.io, Mozilla Observatory, and whois to provide insights around the following:

-Web Reputation
-IP Reputation
-DNS Information
-GeoIP Information
-IP and Domain Blacklist check etc
License: MIT License

YouTube: https://www.youtube.com/watch?v=gwBG_oKDINQ

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 13:00-13:50 PDT

Title: Cluster fuzz!
When: Saturday, Aug 8, 13:00 - 13:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Mintynet
Network / security architect that has a passion for car hacking, found vulnerabilities in his own car and also private Car bug bounties. Now runs Car Hacking Village UK and is part of the team behind CHV at defcon

LinkedIn https://www.linkedin.com/in/mintynet/ Twitter: https://twitter.com/mintynet
Website: www.mintynet.com

Twitter: @mintynet

Description:
How to get started in #carhacking using cheap CAN hardware and an instrument cluster, shows the hardware needed and an example of a cluster. Then show some fuzzing of the cluster, including some tips for the CTF.

#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 13:00-13:59 PDT

Title: CMAP: Open Source Vehicle Services Mapping Tool for noobs
When: Saturday, Aug 8, 13:00 - 13:59 PDT
Where: Car Hacking Vlg 001

SpeakerBio:Robert Leale (CarFuCar)
Robert Leale (@carfucar) is an automotive hacker and a founding member of the Car Hacking Village. For more information please visit carhackingvillage.com/about
Twitter: @carfucar

Description:
CMAP works to catalog open services on vehicle Ex is by using the Diagnostic Scanning to automatically capture as much information as possible from your vehicle.

#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: CMD+CTRL CyberRange
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
CMD+CTRL has evolved! Slip into an immersive scenario, spanning an entire corporate cloud environment. Intelligent chatbots acting as skilled hackers will guide you every step of the way, as you perform recon, social engineering, data exfiltration, privilege escalation and much more. Move through websites, servers, accounts and cloud services, all in an effort to thwart an evil CEO and corrupt corporation. Just don’t get caught, or you may have to burn it all down to cover your tracks!

Forum: https://forum.defcon.org/node/231474

Discord: https://discord.com/channels/708208267699945503/711643642388807800

Twitter: https://twitter.com/SecInnovation

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Coindroids
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The year is 20X5 and humanity has fallen: now there are only Coindroids. The machines we designed to manage our finances have supplanted and destroyed the human race by turning our own economy against us. Now they battle each other in the ruins of our fallen cities, driven by a single directive: money is power.

Battle your way to the top of the leaderboard by attacking rival droids and completing hidden challenges.

New to cryptocurrencies? No DEFCOIN to play with? Not a problem! Just come visit our booth in the contest area and we can help get you started.

Forum: https://forum.defcon.org/node/233033

Discord: https://discord.com/channels/708208267699945503/711643539573833878

Twitter: https://twitter.com/coindroids

Web: https://www.coindroids.com

Return to Index - Add to

- ics Calendar file

ICS - Saturday - 09:45-10:45 PDT

Title: Confessions of an Offensive ICS Cyber Security Researcher
When: Saturday, Aug 8, 09:45 - 10:45 PDT
Where: ICS Vlg

SpeakerBio:Marina Krotofil
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Forum: https://forum.defcon.org/node/231475

Discord: https://discord.com/channels/708208267699945503/711644827053457478

Twitter: https://twitter.com/CrackMeIfYouCan

Web: https://contest-2020.korelogic.com/

Return to Index - Add to

- ics Calendar file

PWDV - Saturday - 21:00-21:59 PDT

Title: Cracking at Extreme Scale: The Evolution of Hashstack (Rebroadcast)
When: Saturday, Aug 8, 21:00 - 21:59 PDT
Where: Password Vlg

SpeakerBio:Jeremi M Gosney (epixoip)
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ

Return to Index - Add to

- ics Calendar file

PWDV - Saturday - 10:00-10:59 PDT

Title: Cracking at Extreme Scale: The Evolution of Hashstack
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: Password Vlg

SpeakerBio:Jeremi M Gosney (epixoip)
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Discord: https://discordapp.com/channels/708208267699945503/735849065593438248/737077762845704224

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Darknet Contest
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Here at Darknet, We are a Real Life (RL) Massively Multiplayer Online Role Playing Game (MMORPG), where we teach you real life skills and you get in-game points for it. Some may call this Gamified learning. We assume no prior knowledge on a subject, teach you the basics, then challenge you to use what you have learned. Our contest has a range of quests, starting with simple tasks and working your way up to very complex problems.

In the past we have taught you how to lock pick, crack wifi, create a PGP Key and communicate online safely, as well as soldering, programming, and code cracking, just to name a few.From there we would have sent you on quests to go to the different villages to learn something from them, and then come back and test your skills.

But alas, we have been forced underground…And while the physical aspect of the conference has moved online, so have we. This year we will be focusing on the skills you will learn, past skills you will refresh, and your interactions with the community. There will not be a points scoreboard this year. Many of you who have previously bought the Darknet 8 Badge have not unlocked the full features. We have quests for you to learn how to interact, develop, and reprogram it. It’s time to Learn, Teach, and Play Agents, are you ready?

Info: https://dcdark.net/

Twitter DCDarkNet: https://twitter.com/DCDarknet

Twitter Holon: https://twitter.com/Holon_Network

Return to Index - Add to

- ics Calendar file

BHV - Saturday - 10:00-10:45 PDT

Title: DAY2 KEYNOTE: Understanding DIYBio and Community Labs - A Social Science Approach
When: Saturday, Aug 8, 10:00 - 10:45 PDT
Where: BioHacking Vlg

SpeakerBio:Yong-Bee
Yong-Bee is a doctoral candidate at George Mason’s Biodefense program. He studies how biotechnology and society are expanding the population of those participating in the life sciences. He loves to go for hikes, travel outside the US, play video games, and strike up conversations with random people.

Description:
The Do-It-Yourself Biology (DIYBio) community arose starting in the mid-2000's. This community falls is typically described in two ways in public discourse. More conservative elements paint this community as a cause of concern - increased access to life sciences technology, knowledge, and capabilities raises concerns that community members may produce biological products for harmful purposes. More progressive elements highlight that the self-enforcing nature of the community mitigates harmful outcomes, and that the DIYBio community can also contribute to society by addressing gaps in science education, innovation, and workforce training.

This presentation will be a distillation of work I have been doing during my PhD work to build a better understanding of community labs - one of several significant segments of the DIYBio community. I will provide a risk assessment framework that national security experts appear to use in assessing risks from emerging technologies and related phenomena. I will then describe how this risk assessment framework may interpret DIYBio as an emerging threat to national security. The remainder of the presentation will be on presenting the nuances that complicate this allegedly straightforward assessment.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 09:00-15:59 PDT

Title: DDSAT-1
When: Saturday, Aug 8, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
If CPX SimpleSat was, well, too simple, try your hand at hacking DDSat-1. Here you’ll get to experiment with RF exploitation by attacking a mock satellite over RF while it is talking to a mock ground station. You’ll be able to mimic the style of RF commands being generated as a part of Hack-a-Sat, but in a more simplified and user friendly manner.

Return to Index - Add to

- ics Calendar file

MOV - Saturday - 15:00-15:30 PDT

Title: Decentralization in a Centralized world
When: Saturday, Aug 8, 15:00 - 15:30 PDT
Where: Monero Vlg

SpeakerBio:rehr
No BIO available

Description:No Description available

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

Return to Index - Add to

- ics Calendar file

BTVW1 - Saturday - 15:30-16:15 PDT

Title: Defending Your UNIX Hosts (Intermediate)
When: Saturday, Aug 8, 15:30 - 16:15 PDT
Where: Blue Team Vlg - Workshop Track 1
Speakers:Daniel Ward,Samuel Gasparro

SpeakerBio:Daniel Ward
Information Security / Linux Systems Engineer, based in Strasbourg, France.

My background is comprised largely of Linux Systems Administration, Architecture & Engineering, data recovery / incident response.

Twitter: @ghostinthecable

SpeakerBio:Samuel Gasparro
No BIO available

Description:
Over the past 7 months, I have created an open-source monitoring suite called Secsuite. Secsuite is a fully automated Threat Detection, System Monitorization / Notifier suite for UNIX Sysadmins & Users alike. Secsuite has multiple packages, the focus in this workshop shall be Inframon, which is able to monitor, defend & notify you about your infrastructure, probing your hosts for: - Apache Server Status
- Bandwidth Usage
- CPU Load Averages & Temperatures
- Disk Space Usage
- Latency time
- Memory (RAM) Usage
- Users Monitor

Over the past 7 months, I have created an open-source monitoring suite called Secsuite. Secsuite is a fully automated Threat Detection, System Monitorization / Notifier suite for UNIX Sysadmins & Users alike. Secsuite has multiple packages, the focus in this workshop shall be Inframon, which is able to monitor, defend & notify you about your infrastructure, probing your hosts for: - Apache Server Status
- Bandwidth Usage
- CPU Load Averages & Temperatures
- Disk Space Usage
- Latency time
- Memory (RAM) Usage
- Users Monitor

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 12:00-12:59 PDT

Title: Differential Privacy..more important than ever in the world of Covid-19
When: Saturday, Aug 8, 12:00 - 12:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Aditi Joshi
Aditi Joshi works in Google Cloud's Security and Privacy Engineering team. Before Google, she was focused on data privacy research especially in health care with a focus on user trust at the core. She joined Google because she was excited about the work that Google was doing in privacy on a massive scale. She believes that privacy is a human right and will continue to work towards that end.

Description:
The goal of this talk is to explain the concept of anonymization and differential privacy, as well as offer up Codelabs and modules with the purpose of explaining Google’s open source Differential Privacy library and other tools for implementation purposes. We will offer up our Covid Mobility reports as a case study and talk about the importance of privacy preserving aggregation from a social science perspective.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

CLV - Saturday - 15:30-17:30 PDT

Title: Discovering Cloud File Storage Artifacts
When: Saturday, Aug 8, 15:30 - 17:30 PDT
Where: Cloud Vlg

SpeakerBio:Michael Wylie , Director of Cybersecurity Services, Richey May Technology Solution
Michael Wylie (Twitter: @TheMikeWylie), MBA, CISSP is the Director of Cybersecurity Services at Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability assessments, cloud security, penetration tests, risk management, and training. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Universities, and for clients around the world. Michael is the winner of numerous SANS challenge coins and holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GMON, GPEN, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, and more.
Twitter: @TheMikeWylie

Description:
Organizational data is rapidly moving to the cloud, but it's not always intentional. The shift from on-premise data storage to the cloud constitutes a significant challenge and risk to the modern enterprise. The use of cloud file storage applications is on the rise for both consumer and business systems, which results in interesting data and metadata siting on endpoints. In this talk, we'll examine the large footprints of popular cloud file storage applications such as OneDrive and Box - learning what information can be enumerated from each cloud file storage solution. In some scenarios, data can be carved out from cache, restoring sensitive documents no longer on an endpoint.

Attendees will:

Understand why it's critical to investigate cloud file storage applications during an incident
Learn what files are available to examiners during an incident (e.g. local, cloud, deleted, and cached)
See what kind of cloud file storage user activity can be audited
Be introduced to two scenarios of unauthorized data transfer to investigate
Be introduced to where and how different cloud file storage applications log
Learn how to examine incidents with suspected data exfiltration using corporate issued and person cloud file storage use

The slides and labs will take a deep dive into Microsoft OneDrive, Google Drive, Dropbox, Box, and Citrix ShareFile to first understand what is known about the applications and artifacts left behind, then move into hands-on labs to analyze registry keys, log files, and other traces left behind by the applications.

YouTube: https://www.youtube.com/watch?v=gwBG_oKDINQ

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520

Return to Index - Add to

- ics Calendar file

HRV - Saturday - 11:30-12:30 PDT

Title: Discussion: What makes a good ham radio operator?
When: Saturday, Aug 8, 11:30 - 12:30 PDT
Where: Ham Radio Vlg

Description:
Panel discussion around what makes a good ham operator, as opposed to a 'lid' (a bad operator). We'll also talk about all of the strange lingo ham radio loves to use.

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991

Return to Index - Add to

- ics Calendar file

BHV - Saturday - 15:15-15:59 PDT

Title: DIY Diabetics and a Million Boluses
When: Saturday, Aug 8, 15:15 - 15:59 PDT
Where: BioHacking Vlg
Speakers:Dr. Mike Rushanan,Julian Suleder

SpeakerBio:Dr. Mike Rushanan
Dr. Mike Rushanan is the Director of Medical Security at Harbor Labs and is a security expert in diabetes management. Dr. Rushanan received his PhD in Computer Science through the Johns Hopkins University Health and Medical Security Lab studying under Dr. Avi Rubin.

SpeakerBio:Julian Suleder
Julian Suleder is a Security Analyst & Researcher at ERNW Research GmbH in Heidelberg, Germany. His research interest is the security of medical devices as he holds a master’s degree in medical informatics from Heidelberg University and Heilbronn University, Germany.

Description:No Description available

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

ENT - Saturday - 20:00-20:59 PDT

Title: Dj St3rling
When: Saturday, Aug 8, 20:00 - 20:59 PDT
Where: See Description or Village

Description:
Performing for his second year in a row at DEF CON, Dj St3rling loves to spin electronic music. When he's not making music, he enjoys: bowling, eating tacos, sleeping, and CTF!

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Facebook: https://www.facebook.com/OfficialDjSt3rling

Soundcloud: https://soundcloud.com/theycallmest3r

Instagram: https://www.instagram.com/theycallmest3r/

Return to Index - Add to

- ics Calendar file

DCG - Saturday - 15:15-15:59 PDT

Title: DNS New World Order, version 1.4: QuadX! DoH! DoT! Da Fuq?
When: Saturday, Aug 8, 15:15 - 15:59 PDT
Where: DEF CON Groups

Description:
Presentation by DC603 (New Hampshire, USA)

All DEF CON Groups presentations are happening in AltSpace.

AltSpace: https://account.altvr.com/events/1520704529866162594

Listen @ #dcg-stage-voice: https://discord.com/channels/708208267699945503/740428852999880704

Interact @ #dcg-stage-text: https://discord.com/channels/708208267699945503/710379858429083698

Return to Index - Add to

- ics Calendar file

DC - Saturday - 11:30-11:59 PDT

Title: Don't Ruck Us Again - The Exploit Returns
When: Saturday, Aug 8, 11:30 - 11:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Gal Zror , Research team leader in Aleph Research
Gal Zror is a research team leader in Aleph Research group at HCL AppScan, based in Herzliya Israel. Gal has extensive experience with vulnerability research and specialized in embedded systems and protocols. Gal is also an amateur boxer and a tiki culture enthusiast.
Twitter: @waveburst

Description:
From the researchers who brought to you "Don't Ruck Us Too Hard" comes a brand new follow-up research. This summer! We will show that all of Ruckus Wireless "ZoneDirector" and the ""Unleashed"" devices are still vulnerable.

This follow-up research includes six new vulnerabilities, such as command injection, information leakage, credentials overwrite, and stack overflow and XSS. With these vulnerabilities, we were able to achieve two new and different pre-auth RCEs. Combined with the first research, that is five entirely different RCEs in total. We also found that Ruckus did not fix some of the vulnerabilities from the first research correctly, and they are still exploitable by using a very neat payload :).

Other cool stuff about this research:
We will share a new Ghidra script we used to map the critical sections in the webserver binary that were later found vulnerable. We managed to fingerprinted Universities and Organizations that were vulnerable from the internet. BlackHat uses Ruckus Wireless for Wi-Fi solutions.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 13:00-13:30 PDT

Title: Don’t Go Postal Over Mail In Voting
When: Saturday, Aug 8, 13:00 - 13:30 PDT
Where: Voting Vlg

SpeakerBio:Bianca Lewis , Founder and CEO, Girls Who Hack; Secure OpenVote
No BIO available

Description:
As the previous DEF CON Voting Villages have proved, our voting equipment and infrastructure are very vulnerable to multiple types of attacks. But now, with everything that’s going on in the world ,voting by mail is the new vulnerable thing! Instead of focusing on problems and broken things, this talk will focus on simple fixes that vendors and governments can put into action right now. Starting with the registering to vote, then moving through parts of the entire system, BiaSciLab will offer suggestions on how simple practices and changes in thinking can improve the security of the entire system.

Last year, in the Voting Village BiaSciLab did a talk on the election systems problems and howto fix them. This year with voting by mail, new problems are appearing! Like States not allowing people to vote by mail! Breaking down these flaws and offering real solutions for each one, BiaSciLab will bring hope in the face of this daunting and complex security problem in these hard times.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

CRV - Saturday - 15:00-15:59 PDT

Title: Drinks with Recruiters
When: Saturday, Aug 8, 15:00 - 15:59 PDT
Where: Career Hacking Vlg
Speakers:Kris Rides,Rachel Bozeman,Matt Duren,Pete Radloff

SpeakerBio:Kris Rides
No BIO available

SpeakerBio:Rachel Bozeman
No BIO available

SpeakerBio:Matt Duren
No BIO available

SpeakerBio:Pete Radloff
No BIO available

Description:
Recruiters are people too, but given the backlashes we have seen along with the poor spam messages from "recruiters" you would think otherwise. So a group of recruiters familiar with the community will sit down over drinks and share some of their horror stories. From this you will learn how to improve your job search, your interviewing and maybe come to enjoy working with recruiters.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 14:30-14:59 PDT

Title: Electronic Ballot Return Standards & Guidelines
When: Saturday, Aug 8, 14:30 - 14:59 PDT
Where: Voting Vlg
Speakers:Forrest Senti,Mattie Gullixson

SpeakerBio:Forrest Senti , Director of Business & Government Affairs, National Cybersecurity Center
No BIO available

SpeakerBio:Mattie Gullixson , Secure the Vote Project Manager, National Cybersecurity Center
No BIO available

Description:
The emergence of new electronic ballot return methods creates an opportunity for greater vote access and potential enfranchisement, but also raises concerns about security in an increasingly tumultuous cyber-election landscape. The challenge of security is further compounded by a lack of proactive guidance from the federal level on developing these new technologies, leaving a gap in the secure development of the technologies to adopt an elections framework and approach to security. Experts from the National Cybersecurity Center (NCC) will offer a draft of security guidelines for the new electronic ballot return platforms to consider, and for federal agencies to adopt. The guidelines format mimics the Voluntary Voting System Guidelines created by the Election Assistance Commission.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 17:45-18:45 PDT

Title: Emulating an Adversary with Imperfect Intelligence
When: Saturday, Aug 8, 17:45 - 18:45 PDT
Where: Red Team Vlg

SpeakerBio:Adam Pennington
Adam Pennington (@_whatshisface) leads ATT&CK at The MITRE Corporation and collected much of the intelligence leveraged in creating ATT&CK’s initial techniques. He has spent much of his 11 years with MITRE studying and preaching the use of deception for intelligence gathering. Prior to joining MITRE, Adam was a researcher at Carnegie Mellon's Parallel Data Lab and earned his BS and MS degrees in Computer Science and Electrical and Computer Engineering as well as the 2017 Alumni Service Award from Carnegie Mellon University. Adam has presented and published in a number of venues including FIRST CTI, USENIX Security and ACM Transactions on Information and System Security.
Twitter: @ _whatshisface

Description:
Adversary emulation has become an increasingly common type of engagement where red teams look to known threat groups to inspire the actions and behaviors used. While scoping activity might make operating easier, emulation introduces a new set of challenges to planning. How do you know how an adversary behaves? What do you do if you only know part of the picture? How do you turn all of that into a plan? In this talk I’ll examine how we can start building an adversary profile from the open source intel in MITRE ATT&CK. Open source intel often doesn’t give a complete picture of an adversary, and I’ll talk about some of where these gaps come from, how to spot them, and some ways of filling them in. I’ll work through a process for turning the profile we’ve created into an adversary emulation plan expressed in ATT&CK and how we can stay aligned with that plan as we operate.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

CRV - Saturday - 12:00-12:59 PDT

Title: Entrepeneurial Adventures: What It Takes to Start A Company
When: Saturday, Aug 8, 12:00 - 12:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Bryson Bort
Founder of SCYTHE, next generation attack emulation platform; GRIMM, cybersecurity consultancy; ICS Village Co-Founder, 501c3 for ICS security awareness. Senior Fellow for Cyber/National Security at R Street and National Security Institute; Advisor to the Army Cyber Institute and DHS/CISA.

Description:
So you’re not crazy, you just want to start your own company. Which kinda takes a level of crazy to pull it off. We’ll talk through what it takes to be an entrepreneur, ideation and the phases of startup, different kinds of companies (service, product, non-profit), how and why (or why not) to raise capital, types of investors, legal requirements, working (or not) with friends, challenges, building total/service addressable market size, back-office administration, employee benefits, equity, pricing, Intellectual Property Rights, economics, and resources for more information and networking. Will include anecdotes and insights my experiences starting several companies and from multiple Founders across the spectrum.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

Title: From Blackbox to Automotive Ransomware
When: Saturday, Aug 8, 15:00 - 15:59 PDT
Where: Car Hacking Vlg 001
Speakers:Nils Weiss,Enrico Pozzobon

SpeakerBio:Nils Weiss
Nils Weiss and Enrico Pozzobon are PhD students at the University of Applied Sciences in Regensburg. Both are focusing on automotive security research since more than 4 years. After an internship at Tesla Motors, Nils decided to focus on automotive security as a research field. During his bachelor and master program, he started with penetration testing of entire vehicles.

Enrico Pozzobon started with automotive security during his Erasmus semester at the University of Applied Sciences in Regensburg. He studied telecommunication engineering at the University of Padua. Since 3 years, Nils and Enrico are building up a laboratory for automotive penetration testing at the University of Applied Sciences in Regensburg. Besides penetration testing of automotive systems, both are contributing to open source penetration testing frameworks for automotive systems (Scapy).

SpeakerBio:Enrico Pozzobon
Nils Weiss and Enrico Pozzobon are PhD students at the University of Applied Sciences in Regensburg. Both are focusing on automotive security research since more than 4 years. After an internship at Tesla Motors, Nils decided to focus on automotive security as a research field. During his bachelor and master program, he started with penetration testing of entire vehicles.

Description:
The lack of state of the art security features in many current cars can lead to devastating impacts for the vehicle owners and passengers. This talk presents the full path from the investigation of safety critical ECUs to the development of a proof of concept malware/ransomware affecting the whole car.

#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 12:00-12:50 PDT

Title: Fundamentals of Diagnostic Requests over CAN Bus
When: Saturday, Aug 8, 12:00 - 12:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Robert Leale (CarFuCar)
Robert Leale (@carfucar) is an automotive hacker and a founding member of the Car Hacking Village. For more information please visit carhackingvillage.com/about
Twitter: @carfucar

Description:
Data can be requested using CAN Network, but what data can you ask for? How do you know how to send requests? What type of requests can you send? What can data do with the data that you get back? How do you handle errors? So many questions on how to get started. We will answer the fundamentals of shaping a request and handling the response.Diagnostics are a way of communicating directly with Electronic Control Units in vehicle. UDS is a standard diagnostic protocol. We will explore how to format a UDS request and handle its response.

#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 17:00-17:59 PDT

Title: General Aviation (GA) Electronic Flight Bags (EFB)
When: Saturday, Aug 8, 17:00 - 17:59 PDT
Where: Aerospace Vlg

SpeakerBio:David Robinson
Dave/Karit is currently part of the team at ZX Security in Wellington, New Zealand and works as a penetration tester. Since joining ZX Security Dave has presented at Defcon and Kiwicon along with other Cons and meetups. Along with aerospace, he has a keen interest in lock-picking and all things wireless.

Description:
Over the last while I have been looking at General Aviation (GA) Electronic Flight Bags (EFB). This talk will look at some of the potential security related issues I have noticed along the way. This talk will be a high level overview of the classes of problems which have been observed, opposed to focusing on particular products and individual bugs in these products. The goal here is to help an industry who is adding more connected services to their products and understanding the risks which the benefits bring.

The talk will highlight some categories of issues which have been identified. Along with information about why it is an issue, there will be information on methods to mitigating these security risks. I would like to see as an outcome form this talk people who develop EFBs taking away some of the ideas and mitigating the risk in their own products.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

DC - Saturday - 17:30-17:59 PDT

Title: Getting Shells on z/OS with Surrogat Chains
When: Saturday, Aug 8, 17:30 - 17:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Jake Labelle , Security Consultant - F-Secure
Jake Labelle graduated from Southampton University with a MEng in Computer Science. He currently works at F-Secure in Basingstoke as a Security Consultant.

He discovered z/OS this year in January, and now can not stop dabbling. He has created a number of security labs in z/OS and is currently scripting everything in REXX. If he had a choice between a windows host and an emulated z/OS host on his laptop, it would not be a competition.

He is currently ecstatic that Hercules, a mainframe emulator, can be compiled for arm and ran on a Raspberry Pi. There is also an open source mainframe (http://wotho.ethz.ch/tk4-/). I'm probably carrying my portable open source mainframe with me right now.

https://github.com/southamptonjake

Description:
z/OS allows a user to submit a job as another user without a password with the surrogat class. However, z/OS systems often have hundreds of thousands of users and have been running for decades. This means that it is very likely that from a low priv user there is a surrogat chain that will give you special (z/OS' root).

RACF (z/OS' Security), does not allow users to view the security of resources to which they do not have access. This means that manually enumerating a chain required you to submit a reverse shell each time you wanted to move up the chain. This will take a long time with 200k users.

Gator (my tool), submits a batch job that will call a REXX program which will output the user's privs and the current surrogat chain of that user. It will then list all of that user’s surrogat privs, and call the same batch job as before, but running as those users.

Gator also provides a macro that will generate a CATSO (similar to a meterpreter shell), for any of the users in the surrogat chain.

Gator can also be exported to a GraphVis python program, which will display the users information and chain as a network of nodes.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

DCG - Saturday - 11:00-11:59 PDT

Title: Government Espionage on a School Lunch Budget
When: Saturday, Aug 8, 11:00 - 11:59 PDT
Where: DEF CON Groups

Description:
Presentation by DC664 (Mexico)

All DEF CON Groups presentations are happening in AltSpace.

AltSpace: https://account.altvr.com/events/1520704529866162594

Listen @ #dcg-stage-voice: https://discord.com/channels/708208267699945503/740428852999880704

Interact @ #dcg-stage-text: https://discord.com/channels/708208267699945503/710379858429083698

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: H@cker Runw@y
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
For the second year, H@ck3r Runw@y is bringing together fashionistas out there. Make it SMART, LIGHT it up, OBFUSCATE something, or be GEEKY on fleek. Enter clothing, shoes, jewelry, hats or accessories. If you wear it, the runway can handle it. Predesign entry or create something on the fly. Just do it before the stage and bring proof.

Awards will be handed out in 4 categories for predesign and one (1) for anything designed during contest hours. There will also be a People’s Choice category where the winner is anyone’s guess:

Digital (electronic, led, etc)
Smart wear (interactive, temperature sensing, mood changing, etc) Aesthetics (3d printed, geeky wear, passive design) Miscellaneous (obfuscation, lock picks, shims, card skimmers) Live creations
People’s Choice

Judgement based on, but not limited to:

Uniqueness
Trendy
Practical
Couture
Creativity
Relevance
Originality
Presentation
Mastery

Forum: https://forum.defcon.org/node/232893

Discord: https://discord.com/channels/708208267699945503/711644666239647824

Twitter: https://twitter.com/Hack3rRunway

Web: https://hack3rrunway.github.io

Return to Index - Add to

- ics Calendar file

Title: Hack-a-Sat
When: Saturday, Aug 8, 09:30 - 15:59 PDT
Where: Aerospace Vlg

Description:
The democratization of space has opened up a new frontier for exploration and innovation. But with this opportunity, new cybersecurity vulnerabilities are also being created. One human can design, build and launch a satellite, adhering to very few standards and security protocols. So how can we achieve safe, reliable and trustworthy operations to truly realize the promise of space?

...BY HACKING A SATELLITE

The United States Air Force, in conjunction with the Defense Digital Service, presents this year’s Space Security Challenge, Hack-A-Sat. This challenge asks hackers from around the world to focus their skills and creativity on solving cybersecurity challenges on space systems.

Security experts from around the globe are invited to pull together a team for our Hack-A-Sat Capture the Flag contest. Participants who successfully complete a set of qualification challenges on cybersecurity and space this spring will be invited to the ultimate challenge: to (ethically) hack a satellite.

Forum: https://forum.defcon.org/node/231203

Twitter: https://twitter.com/hackasat

Web: https://www.HackASat.com

Discord: https://discord.com/channels/708208267699945503/732393766677119087

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 18:00-19:59 PDT

Title: Hacker Jeopardy
When: Saturday, Aug 8, 18:00 - 19:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/232964

Discord: https://discord.com/channels/708208267699945503/732439600391389184

Twitch: https://www.twitch.tv/dfiutv

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 10:00-10:59 PDT

Title: Hackers And ISACS
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: Aerospace Vlg
Speakers:Erin Miller,Jeff Troy,Ken Munro,Matthew Gaffney,Pete Cooper

SpeakerBio:Erin Miller , VP of Operations for Space ISAC, National Cybersecurity Center
Erin has over a decade of experience building meaningful tech collaborations and has formed hundreds of formal partnerships between government, industry and academia to solve problems for warfighters and national security. Currently Erin is building a Public-Private Partnership (P3), called Space ISAC. This is the third non-profit launch Erin has led and has been passionate about P3 for her entire career.

Erin was the Managing Director of the Center for Technology, Research and Commercialization (C-TRAC) and brought three USAF-funded programs to bear at the Catalyst Campus for Technology & Innovation (www.catalystcampus.org) from 2016-2018. Her expertise in brokering unique partnerships using non-FAR type agreements led to the standup of the Air Force’s first cyber focused design studio, AFCyberWorx at the United States Air Force Academy, and the first space accelerator, Catalyst Accelerator, at Catalyst Campus in Colorado Springs - in partnership with Air Force Research Laboratory and AFWERX.

In 2018 Erin was recognized by the Mayor of Colorado Springs as Mayor’s Young Leader (MYL) of the Year Award for Technology. She is also the recipient of Southern Colorado Women’s Chamber of Commerce Award for Young Female Leader in 2018. Erin serves on the board of cyber teaching certifications at Handshake Leadership. A company putting purpose over profit.

SpeakerBio:Jeff Troy , President, CEO, Aviation ISAC
Over the past three years, Jeff developed the A-ISAC comprehensive strategy, led the team’s expansion of the Aviation ISACs services, and tripled membership. He established relationships with global regulators, industry associations, and private sector companies to drive cyber risk reduction across the aviation eco-system. Concurrently, Jeff employed by General Electric and is on the Board of Directors, National Defense ISAC. ND-ISAC provides cutting edge cyber security training, intelligence development and a trusted information sharing environment for US cleared defense contractors. Jeff spent 25 years as a Special Agent of the FBI. He retired as the Deputy Assistant Director for Cyber National Security and Cyber Criminal Investigations.

SpeakerBio:Ken Munro
Ken Munro is Partner and Founder of Pen Test Partners, a firm of ethical hackers. He and colleagues hold private pilot’s licenses and have been interested in aviation security for many years. They also publish and blog about their research into aviation cyber security, covering topics from airborne connectivity, the potential risks of publicly available avionics component information, and even the entire attack surface of the modern airport. Ken and Pen Test Partners have also been invited to speak at various aviation industry events, and on aviation at specialist security events such as DEF CON’s Aviation Village, the Global Connected Aircraft Summit, and the Aviation ISAC Summit among others.

SpeakerBio:Matthew Gaffney , Managing Director, BSSI UK
Matt is an aviation cybersecurity consultant at BSSI UK where he also holds the position of Managing Director. He started his cybersecurity career whilst serving in the British Army after being volunteered for a mandatory IT Security Officer course because he ‘has some experience with IT’. With more than 14 years experience across multiple industries from Military and Government to banking and aviation, Matt has mostly worked on the entry into service of e-Enabled aircraft at the operator (airline) level. Due to this, his focus is primarily on systems implemented by the operator and whose touchpoints are the Aircraft Information Systems Domain (AISD). His particular areas of interest are the Electronic Flight Bag (EFB) and ground systems. A relative newbie to the research field, he recently released his first paper ‘Securing e-Enabled aircraft information systems’ and plans on releasing others in the coming months.

SpeakerBio:Pete Cooper
Pete Cooper - Dir Aerospace Village. His first tech love was a ZX Spectrum but then he then moved on to flying fast jets in the UK Royal Air Force. Then he moved into cyber operations before leaving the military 4 years ago. Since then he has started up his own cyber security firm and has advised on everything from developing global cyber security strategies with UN bodies such as ICAO, advising the ICRC on the nature of state vs state cyber conflict and also enjoys playing with active cyber defence and deception. Pete is also the founder and Dir of the UK Cyber Strategy Challenge “Cyber9/12”, holds an MSc in Cyberspace Operations, is a Senior Fellow at Kings College London, a Non-Resident Senior Fellow at the Atlantic Council Cyber Statecraft Initiative and a Fellow of the Royal Aeronautical Society.

Description:
Across the aerospace sector, good faith research has a key role in highlighting both risks and vulnerabilities but it hasn’t always been welcomed with open arms. ISACs are often seen as a key point of contact for researchers and hackers doing this work but how best do we create relationships across hackers and ISACs to learn the lessons of the past and build the trust that we need?

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Hackfortress
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Hackfortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers, TF2 players duke it out while hackers are busy solving puzzles. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store.

Forum: https://forum.defcon.org/node/232291

Discord: https://discord.com/channels/708208267699945503/711643831275225125

Twitter: https://twitter.com/tf2shmoo

Web: http://hackfortress.net

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 14:00-14:59 PDT

Title: Hacking like Paris Hilton 14 years later - and still winning!
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Per Thorsheim
Per Thorsheim is the founder of PasswordsCon. By day he works as CSO of a large hotel chain in northern europe, holds multiple relevant certifications & bla bla bla. By evening, night, weekends & vacations he is passionate about passwords, digital authentication, email & DNS security/privacy.

He has spoken at conferences in many countries around the world (including Cryptovillage!), and is frequently interviewed in media. He is known for his passionate & easy to understand presentations, mixing technical topics with humor, stories from real life & practical advice.

Description:
Simswap attacks has increased in recent years, with several high-profile cases in the media showing very fast & effective ways of duping people or getting access to valuable accounts . All the way back in 2006 Paris Hilton got accused of hacking into the voicemail of Lindsay Lohan, while similar scandals has been observed since then in other countries as well.

Asking around in my home country of Norway, neither simswap attacks or voicemail hacking seemed to be known among most infosec people, or at least not part of anyone's risk analysis. So I decided to take a closer look.

The results were shocking at many levels, from technical levels to political decisions & apathy. Several million customers of 3 different carriers in 3 countries were exposed to potential voicemail hacking for up to 13 years. A fake business card was enough to do a simswap & hijack the number of a famous female blogger, while credential stuffing against a mobile carrier allowed for account hijacking of women who used SMS 2FA with their accounts at various services.

This talk will explain what I found, what I did, and how it changed carriers, government agencies, politics & law.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

IOT - Saturday - 09:00-09:45 PDT

Title: Hacking smart-devices for fun and profit: From exploiting my smart-home into controlling thousands of smart-devices around the world
When: Saturday, Aug 8, 09:00 - 09:45 PDT
Where: IOT Vlg

SpeakerBio:Barak Sternberg
Barak Sternberg is an Experienced Security Researcher who specializes in Offensive Security. Previously, he spent five years at Unit 8200, as an officer, PO and team leader of security researchers.

Barak is highly-skilled in cyber-security, from vulnerabilities research in various areas (IoT, embedded devices, Linux and web apps) to analyzing malware in the wild. Barak also acquires MSC (in CS) focused on algorithms from Tel-Aviv University.

Description:
Smart-devices are anywhere, connecting lights, AC, cameras and even heat-sensors. They present a weak spot in which hackers can hack and learn about internal network-configuration, change arbitrary controllers, and lead to high physical & software damage. In our scenario, thousands of HDL smart devices could have been exploited & remotely controlled in the wild. 4 unique vulnerabilities have been found and presented here - We show how they can be utilized by a sophisticated attacker to stealth-access smart-devices remotely, change, control and take advantage of their data. Also, we show how a full data-extraction of smart-devices managing accounts: private data and credentials could have been extracted as well. This unique attack scenario demonstrates the high-security impact of deploying IoT devices over any organization, especially when using dedicated IoT hardware and proprietary components which are interconnected and even remotely managed. A coordinated responsible disclosure was done and thankful to HDL responsiveness & approach - All was fixed.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 10:00-10:59 PDT

Title: Hacking TESLA Model 3 - NFC Relay Revisited
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: Car Hacking Vlg 001
Speakers:Huajiang "Kevin2600" Chen,Yuchao (Alex) Zhang

SpeakerBio:Huajiang "Kevin2600" Chen
Huajiang "Kevin2600" Chen (Twitter: @kevin2600) is a senior security researcher at the Ingeek security research lab. He mainly focuses on vulnerability research in wireless and embedded systems. Kevin2600 has spoken at various conferences including XCON; KCON; DEFCON; BLACKHAT; CANSECWEST; OZSecCon and BSIDES
Twitter: @kevin2600

SpeakerBio:Yuchao (Alex) Zhang
Yuchao (Alex) Zhang is a senior security researcher at the Ingeek security research lab. Alex specializes in Vehicle and IOT Pentesting; Android reverse engineering and mobile vulnerability research.)

Description:
NFC technology is widely developed in payment; ticketing and access control systems. In the automobiles key fob field, Tesla Model 3 is one of the modern vehicles using an NFC tag as a digital car key. By implementing such a system, allows owners driving experience much conveniently.

However, on the other hand, attacking methods against the NFC system also emerge endlessly. The NFC Relay attack is one of the top methods. In this talk, we will reveal the research and attack methods for Tesla Model 3 NFC key tag system. By investigating how this feature works, and how to exploit the protocol by a design flaw. By the end of this talk, we will demonstrate the security limitations of such a system. And the attendees will not only understand how to exploit Tesla's NFC key tag system. But can also apply the same research methods for other brands of vehicles with similar NFC technology.

#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001

Return to Index - Add to

- ics Calendar file

ASV - Saturday - 11:00-11:45 PDT

Title: Hackium: a browser for web hackers
When: Saturday, Aug 8, 11:00 - 11:45 PDT
Where: AppSec Vlg

SpeakerBio:Jarrod Overson
No BIO available
Twitter: @jsoverson

Description:
The web has changed. Sites went from being a few kilobytes of static, hand-written HTML to monstrosities of tangled JavaScript that eat hundreds of megs of RAM. Web sites are applications now, complete with security controls, complex state, and custom protocols. Our tools need to become smarter.

Hackium is part of a new tool suite designed to both give greater control over browsers and the content they execute, as well as make work more sharable and portable. Hackium itself acts like a CLI-driven browser that runs automation scripts. Add libraries like shift-refactor, a JavaScript transformation library, and shift-interpreter, a JavaScript meta-interpreter, and you can intercept and manipulate JavaScript with just a few lines of code, no proxies necessary. This session will introduce Hackium and how you can use features like the REPL to automate in-page tasks, work with 3rd party APIs for tasks like CAPTCHA solving, and intercept traffic to automatically deobfuscate JavaScript.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

HRV - Saturday - 14:00-16:59 PDT

Title: Ham Radio USA License Exams (Saturday)
When: Saturday, Aug 8, 14:00 - 16:59 PDT
Where: See Description or Village

Description:
The Ham Radio Village team is happy to announce that we will be offering virtual license exams this year during DEF CON Safe Mode. The team has negotiated a special discount rate of $5 for the exams. Additionally, the fee is waived for any applicants that are under the age of 18, a student with a current student ID, active military, or a veteran of the armed forces. Registration for exams is required.

Twitter: https://twitter.com/DC_Ham_Exams

Discord: https://discord.com/channels/708208267699945503/732733631667372103

Info/Reg: https://ham.study/sessions/5f0e7799017958f2523dbb97/1

Return to Index - Add to

- ics Calendar file

HHV - Saturday - 09:30-09:59 PDT

Title: Hardware hacking 101: There is plenty of room at the bottom
When: Saturday, Aug 8, 09:30 - 09:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Federico Lucifredi
Federico Lucifredi is the Product Management Director for Ceph Storage at Red Hat and a co-author of O'Reilly's "Peccary Book" on AWS System Administration. Previously, he was the Ubuntu Server product manager at Canonical, where he oversaw a broad portfolio and the rise of Ubuntu Server to the rank of most popular OS on Amazon AWS.

Description:
This is a live demonstration of hacking into the processor embedded in an SD card, effectively turning the device into a potentially covert Raspberry Pi-class computer under your complete control. The ARM926EJ-S ARM processor made its appearance as the embedded CPU in Transcend’s WiFi-enabled SD cards, clocking in at an impressive 426 BogoMips – we can’t possibly leave that territory unexplored, can we?

In this session we root the card’s own CPU, install a more featureful OS, and explore the system’s common and unusual capabilities (in hardware AES encryption and native support for Java bytecode among them). These provide plenty of building blocks for our projects.

Clearly, complete control of such a hidden computer running with full network connectivity can be used in network penetration scenarios. We’ll discuss applicable security threat countermeasures.

There is plenty of room at the bottom, and opening these computer-within-the computer configurations create interesting miniaturized automation scenarios alongside the obvious, more ominous security aspects.

Use your newfound knowledge for good, with great power comes great responsibility!

#hhv-hw101-talk-qa-text: https://discord.com/channels/708208267699945503/709255105479704636

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 11:00-11:30 PDT

Title: Heightened Election Security Risks Admist the Pandemic
When: Saturday, Aug 8, 11:00 - 11:30 PDT
Where: Voting Vlg
Speakers:Jack Cable,Alex Zaheer

SpeakerBio:Jack Cable , Election Security Technical Advisor, U.S. CISA
No BIO available

SpeakerBio:Alex Zaheer , Election Security Technical Advisor, U.S. CISA
No BIO available

Description:
Amidst the COVID-19 pandemic, countless aspects of American life have been impacted, including our elections. Accommodations for the pandemic include an unprecedented shift towards absentee balloting across the United States, as well as drastically reduced in-person voting options. While we cannot predict the state of the pandemic come November, it is clear that elections will operate differently, constrained by health concerns around in-person voting,reduced polling place staff, and massive budget shortfalls. Such large-scale change will necessarily impact election security, as new attack surfaces open due to states relying on rapidly expanded infrastructure. With political polarization at a high, it is crucial that elections remain safe and secure despite the pandemic, and that American citizens believe their elections credible. In this talk, we will explore the areas of election infrastructure that are changing, and new associated security concerns based on our work at the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

LPV - Saturday - 10:45-11:45 PDT

Title: High Security Wafer Locks - An Oxymoron?
When: Saturday, Aug 8, 10:45 - 11:45 PDT
Where: Lockpick Vlg

SpeakerBio:zeefeene
No BIO available

Description:
There's a lot that's been said about the poor quality of common wafer locks which lurk in offices today, but what if I told you there's a wafer lock that's been made since the 1800s, and you don't have a chance of picking it...?

Take a deep dive with me into the wonders and horrors of one of the most secure mechanical locks in the world, and let me show you why wafer locks might just hold the secret to better physical security!

Lockpick Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: HomebrewHardware Contest
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Have you learned how to build your own hacking hardware at home? Are you etching circuit-boards in your lab, or soldering in a toaster oven in your garage? Are you hosting a MUD on your helmet, or making malicious USB hardware? Did you make something to help you in your everyday life, a unique wearable, or something really nefarious? Are you discovering what old boards do, bending circuits, or re-appropriating the innards of your local e-waste?

We want to see the awesome things you've been building over the last year.

The HomebrewHardware competition is a place to showcase your skill, techniques, and project.

Check our website and twitter for this year’s rules.

Forum: https://forum.defcon.org/node/233025

Discord: https://discord.com/channels/708208267699945503/711644075110957096

Twitter: https://twitter.com/homebrewhardwa1

Web: https://homebrewhardwarecontest.github.io/

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 12:00-12:59 PDT

Title: Houston, we CAV a problem
When: Saturday, Aug 8, 12:00 - 12:59 PDT
Where: Car Hacking Vlg 002

SpeakerBio:Vic Harkness
Vic is a security consultant working at F-Secure Consulting in England. She works with a wide variety of tech, but her pet areas are novel networks, facial recognition systems, and novel biometric modalities. Outside of work she enjoys annoying birds, travel (or did), and photography. Find her on Twitter @vicharkness, where she mainly shitposts.

Description:
In the future, connected and autonomous vehicles (CAVs) will be everywhere. A lot of different technologies have been proposed for use in CAV intelligent roadways. This talk presents the results of a literature review which aimed to examine the security of the proposals and standards. The proposed CAM/DENM protocols for maintaining awareness between vehicles are paid particular attention, as well as the use of 802.11p/OCB to create base-stationless ad-hoc networks. The results of threat modelling exercises to examine how an attacker may pivot through CAV networks to reach their goals are also described.

#chv-track002-text: https://discord.com/channels/708208267699945503/739564953014632579

YouTube: https://www.youtube.com/watch?v=5DYhXbWkWoA&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack002

Return to Index - Add to

- ics Calendar file

CLV - Saturday - 11:45-12:30 PDT

Title: How Blue Penetrates You
When: Saturday, Aug 8, 11:45 - 12:30 PDT
Where: Cloud Vlg
Speakers:Dani Goland,Mohsan Farid

SpeakerBio:Dani Goland
Dani Goland, at the age of 20 he founded his own boutique company for innovative software and hardware solutions. He is a certified AWS Cloud Solutions Architect. While gaining experience in business and finance, Dani did not neglect his hands-on capabilities in both making and breaking systems. Dani recently relocated from Israel to the United States to study Data Science at the prestigious UC Berkeley. During his studies, Dani founded VirusBay, a collaborative malware research community that skyrocketed amongst the global security community with over 2500 researchers. Dani spoke at numerous cybersecurity conferences such as BlackHat USA, CodeBlue Japan, CONfidence, SEC-T, and more. After serving in the Israeli Defense Forces as a commander of a Field Intelligence unit, Dani went on an 8-month journey across South America. He loves snowboarding, music concerts, and having crazy, breathtaking experiences such as spending 5 days in the Bolivian Jungle with no food or water.
Twitter: @DaniGoland

SpeakerBio:Mohsan Farid
Mohsan has over 13 years of experience in the cyber security game. Mohsan has ran the gamut in the security space: from penetration testing as a Rapid7 consultant, pen testing for numerous federal agencies, hacking mobile applications, pentesting Fortune 500 companies, and speaking at cybersecurity conferences such as Defcon, Sec-T, Black Alps, and others. Mohsan’s traveled to over 100 countries and counting. When he isn’t isn't breaking into things, he likes to travel the globe in search of incredible surf, scuba diving, rock climbing, hiking, and is an avid yogi.

Description:
When we started taking a proactive approach to blue teaming, the number of daily scans by automated vulnerability scanners dropped immensely.

In this talk, we will present the mindset we found useful and the techniques we used to make scanning our applications and infrastructure a slow and manual process.

Starting with blocking path and subdomain enumeration with a couple of lines on the proxy bombarding the banners with randomized content that is not differentiable from real content.

Next, we will simulate known vulnerabilities in a subtle way, allowing attackers to connect, pivot, perform lateral movement, and let them exfiltrate terabytes of useless data, wasting their time, resources, and letting your systems fingerprint their TTPs and IOCs

We had a blast presenting at the cloud village last year, and we have many interesting things cooking for this year!

YouTube: https://www.youtube.com/watch?v=gwBG_oKDINQ

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520

Return to Index - Add to

- ics Calendar file

BHV - Saturday - 11:00-11:30 PDT

Title: How COVID19 Changed Our Understanding of Cyber Disaster Medicine
When: Saturday, Aug 8, 11:00 - 11:30 PDT
Where: BioHacking Vlg
Speakers:Christian “quaddi” Dameff,Jeff “r3plicant” Tully

SpeakerBio:Christian “quaddi” Dameff , MD, Physician & Medical Director of Security at The University of California San Diego
Christian (quaddi) Dameff MD is an Assistant Professor of Emergency Medicine, Biomedical Informatics, and Computer Science (Affiliate) at the University of California San Diego. He is also a hacker, former open capture the flag champion, and prior DEF CON/RSA/Blackhat/HIMSS speaker. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients, and other Emergency Medicine related works with an emphasis on CPR optimization. Published security research topics including hacking critical healthcare infrastructure, medical devices and the effects of malware on patient care. This is his sixteenth DEF CON.
Twitter: @CDameffMD

SpeakerBio:Jeff “r3plicant” Tully , MD, Anesthesiologist at The University of California Davis
Jeff (r3plicant) Tully is an anesthesiologist, pediatrician and security researcher with an interest in understanding the ever-growing intersections between healthcare and technology.
Twitter: @JeffTullyMD

Description:
Evangelists for improved security in healthcare have long been concerned about vulnerabilities and impacts stretching beyond privacy and personal health information into the disruption of care and worsening of patient outcomes. As the healthcare system struggles under the burden of the COVID-19 crisis, are there parallels between pandemic preparedness and response and the aims and objectives of healthcare security? Join quaddi and r3plicant, hackers who have been moonlighting as practicing physicians caring for COVID patients, as they discuss what recent experiences and events have taught them about how to reframe and re-address security challenges with the hard-earned hindsight and wisdom of medicine's collective struggles.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

DC - Saturday - 13:30-13:59 PDT

Title: How we recovered $XXX,000 in Bitcoin from an encrypted zip file
When: Saturday, Aug 8, 13:30 - 13:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Michael Stay , CTO, Pyrofex Corp.
Mike Stay was a reverse engineer and cryptanalyst in the 1990s, worked for six years on Google's security team, and is currently the CTO of Pyrofex Corp.
Twitter: @metaweta

Description:
About six months ago, a Russian guy contacted me on LinkedIn with an intriguing offer. He had hundreds of thousands of dollars in Bitcoin keys locked in a zip file, and he couldn't remember the password. Could I break into it for him? He found my name by reading an old cryptanalysis paper I wrote nearly 20 years ago. In that attack, I needed five files to break into a zip archive. This one only had two files in it. Was it possible? How much would it cost? We had to modify my old attack with some new cryptanalytic techniques and rent a GPU farm, but we pulled it off. Come hear how.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

RCV - Saturday - 12:00-12:30 PDT

Title: Hunting for Blue Mockingbird Coinminers
When: Saturday, Aug 8, 12:00 - 12:30 PDT
Where: Recon Vlg

SpeakerBio:Ladislav B
No BIO available

Description:
During March-May 2020 the Blue Mockingbird group infected thousands of computer systems, mainly in the enterprise environments. There are known incidents in which they exploited the CVE-2019-18935 vulnerability in Telerik Web UI for ASP.NET, then they used various backdoors and finally, they deployed XMRig-based CoinMiners for mining Monero cryptocurrency. Interesting about these cases is the persistence which they used for CoinMiners - lot of techniques including scheduled tasks, services, but also WMI Event Subscription and COR Profilers.

During forensic analysis and incident response process it was possible to find these persistences and many coinminers artifacts, but malware samples responsible for their installation and persistence creation have been missing. However, when we enriched results of the standard malware analysis with the Threat Intelligence data and OSInt, we were able to find the missed pieces of puzzle and reconstruct the original attack chain including the initial exploitation, local privilege exploit, two backdoors, main payload and multiple persistence techniques. Moreover, this research reveal many about the tools, techniques and procedures (TTP) of Blue Mockingbird Threat Actor.

Finally, with more knowledge about the attackers it is possible to collect more samples of coinminers used by them. After next step of reconnaissance we can get insight into profit of their attacks and compare them with the damages caused by these attacks.

Recon Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/c/ReconVillage

#rv-talks-text: https://discord.com/channels/708208267699945503/737048009732522014

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: ICS Hack the Plan[e]t
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Hack the Plan[e]t Capture the Flag (CTF) contest will feature Howdy Neighbor and the Industrial Control System (ICS) Range. This first of its kind CTF will integrate both Internet of Things (IoT) and ICS environments with interactive components for competitors to test their skills and knowledge.

Howdy Neighbor is an interactive IoT CTF challenge where competitors can test their hacking skills and learn about common oversights made in development, configuration, and setup of IoT devices. Howdy Neighbor is a miniature home - made to be “smart” from basement to garage. It’s a test-bed for reverse engineering and hacking distinct consumer-focused smart devices, and to understand how the (in)security of individual devices can implicate the safety of your home or office, and ultimately your family or business. Within Howdy Neighbor there are over 25 emulated or real devices and over 50 vulnerabilities that have been staged as challenges. Each of the challenges are of varying levels to test a competitors ability to find vulnerabilities in an IoT environment. Howdy Neighbor’s challenges are composed of a real or simulated devices controlled by an App or Network interface and additional hardware sensors; each Howdy Neighbor device contains 1 to 3 staged vulnerabilities which when solved present a key for scoring/reporting that it was discovered.

In the same vein, this CTF challenge will also leverage the ICS Village’s ICS Ranges including physical and virtual environments to provide an additional testbed for more advanced challenges in critical infrastructure and ICS environments. New this year, there will be integrated elements from DHS/CISA with their newly built mobile environments that are realistically miniaturized assets (ie - operational oil and natural gas pipeline, etc.) and will be the first they’ll be opened to the public for hacking.

Forum: https://forum.defcon.org/node/233029

Discord: https://discord.com/channels/708208267699945503/711643691877531698

Twitter: https://twitter.com/ICS_Village

Web: https://www.icsvillage.com

Return to Index - Add to

- ics Calendar file

BCV - Saturday - 13:30-13:59 PDT

Title: Identifying and fixing out-of-gas errors in smart contracts with smart fuzzing
When: Saturday, Aug 8, 13:30 - 13:59 PDT
Where: Blockchain Vlg

SpeakerBio:Sebastian Banescu
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

PAYV - Saturday - 10:00-10:59 PDT

Title: Identity Crisis: the mad rise of online account opening fraud
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: Payment Vlg

SpeakerBio:Uri Rivner
No BIO available

Description:
Identity data is a commodity these days, and conducting identity theft or synthetic ID operations has never been easier. In this 100% real case study we’ll track the second-by-second operation of cyber criminals attempting to target major card issuers and digital banks.

We’ll discuss their behavior, choices and motivations, what makes them so different than honest folks who wish to open an account online, and what next-gen data sources and analysis domains the industry is beginning to leverage against such attacks. It’s time to put up a good fight!

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 15:00-15:30 PDT

Title: ILS and TCAS Spoofing Demonstration
When: Saturday, Aug 8, 15:00 - 15:30 PDT
Where: Aerospace Vlg

SpeakerBio:Alex Lomas
Alex Lomas is Pen Test Partner’s aerospace specialist. Alex undertakes penetration testing of traditional IT, such as networks, web applications, and APIs, as well as more aviation-specific areas including airport operational technology and avionics embedded systems such as inflight entertainment and e-enabled aircraft.

Description:
The Traffic Alert & Collision Avoidance System or TCAS was first developed in the early 1980s using transponders on aircraft to interrogate other aircraft within a set range about their distance, altitude, and heading. If a collision course is detected and the aircraft is suitably equipped, a TCAS alert will be sounded. In certain autopilot modes (mostly on Airbus), the aircraft will automatically follow the TCAS Resolution Advisory and climb or descend with no input from the pilot.Others have shown that it’s possible to create fake TCAS traffic. We’ve taken this further and investigated how airplanes equipped with autopilots capable of flying a resolution advisory themselves would respond in certain scenarios.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

IOT - Saturday - 13:45-14:15 PDT

Title: In search of the perfect UPnP tool
When: Saturday, Aug 8, 13:45 - 14:15 PDT
Where: IOT Vlg

SpeakerBio:Trevor Stevado t1v0
Trevor is the Founding Partner of Loudmouth Security, an elite penetration testing and red teaming company in Canada's National Capital. Trevor has a black badge from DefCon 26 and is co-organizer for IoT Village at conferences across the Canada and the US.
Twitter: @_t1v0_

Description:
While researching UPnP vulnerabilities I became frustrated with the currently available UPnP tools. Some devices that I knew had UPnP just weren't found with any of the tools I tried. Out of this frustration, came a new and improved BHunter extension for Burp Suite. In this lightning talk I'll go over some of the issues I found and the improvements made to it, and I'll give a demo of the tool in action.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

BTVT1 - Saturday - 12:30-13:30 PDT

Title: Incident Response Panel
When: Saturday, Aug 8, 12:30 - 13:30 PDT
Where: Blue Team Vlg - Talks Track 1
Speakers:Russell Mosley,Vyrus,Litmoose,Xavier Ashe

SpeakerBio:Russell Mosley
Russell is a 'hands-on' CISO who 'still knows how to use tcpdump' with over 20 years experience in systems administration, secops, audits and compliance. Russell is an volunteer with several Bsides events and the Blue Team Village, who prefers turning wrenches and crashing drones in his spare time.
Twitter: @sm0kem

SpeakerBio:Vyrus
No BIO available
Twitter: @vyrus001

SpeakerBio:Litmoose
No BIO available
Twitter: @LitMoose

SpeakerBio:Xavier Ashe
No BIO available

Description:
Our panel of experts will discuss lessons learned from their experiences on the front lines of incident response. What happens during a breach? What are common mistakes victims make? What are key steps you can take to prepare for the worst? How can you best secure your organization today?

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 16:30-17:30 PDT

Title: Indicators of Emulation: Extra Spicy Adversary Emulation
When: Saturday, Aug 8, 16:30 - 17:30 PDT
Where: Red Team Vlg
Speakers:Ch33r10,haydnjohnson

SpeakerBio:Ch33r10
@ch33r10 works for a Financial Services Fortune 500 Company. She is a graduate of the SANS 2017 Women’s Academy, has an MBA in IT Management, and currently holds the GSEC, GCIH, GCFE, GMON, GDAT, GPEN and GCTI certifications. She is a member of the Financial Services Information Sharing and Analysis Center (FS-ISAC), Yara Exchange, and FuzzySnugglyDuck. @ch33r10 is a doctoral student at Marymount University and has served on multiple CFP review boards.
Twitter: @ch33r10

SpeakerBio:haydnjohnson
@haydnjohnson has over 7 years of information security experience, including network/web penetration testing, vulnerability assessments and Cyber Threat Intelligence. He was on the 2019 SANS Purple Team CFP review board and currently holds the OSCP, GXPN and eCIR certifications. @haydnjohnson has gained both red and blue team experience.
Twitter: @haydnjohnson

Description:
Cyber threat intelligence, in the past, has primarily focused on extracting, preparing, and analyzing indicators of compromise for digital forensics and incident response, the security operations center, and other teams. This talk proposes that there is a benefit to including cyber threat intelligence analysts in adversarial threat emulation. By including indicators of emulation (IOE) based upon internal organizational attack data, CTI analysts can enrich and customize red team TTPs to specific threats the organization is currently facing. Don’t have a CTI team? Well, we have solutions for you! From pulling TTPs and IOEs out of thin air to a custom Golang C2 tool you can use to execute payloads that are relevant to your organization. Sit back, relax, and enjoy the show!

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

ICS - Saturday - 16:45-17:15 PDT

Title: Industrial Cybersecurity in Mexico
When: Saturday, Aug 8, 16:45 - 17:15 PDT
Where: ICS Vlg
Speakers:Octavio Fernandez,Victor Gomez

SpeakerBio:Octavio Fernandez
No BIO available

SpeakerBio:Victor Gomez
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 11:00-11:59 PDT

Title: Initial Compromise through Web Side
When: Saturday, Aug 8, 11:00 - 11:59 PDT
Where: Red Team Vlg

SpeakerBio:Walter Cuestas
Walter Cuestas - Pentester and Red Teamer for Open-Sec LLC and Cobalt Labs Inc with more then 15 years of experience focused on infrastructure and web applications pentesting and red team operations. Speaker at Ekoparty (several years) and instructor at DEF CON 26 (Lateral Movement workshop).

Description:
Initial compromise seems to be tied to client side, but, there are several attack vectors on Web side besides a simple RCE. During this talk I will show 3 cases of getting the initial compromise through vulnerabilities found in application servers and thin clients services going from breaking authentication process, escaping controls and how to solve some challenges during exploitation of what seems an easy peasy. Objectives of this talk are : show how important is to make a good OSINT, make a good dictionary, manage escape sequences in thin client services, how to modify already developed exploits for our current target and the benefit for blue teams to have applications security integrated with infrastructure/operations security.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

Title: Intro to high security locks and lockpicking
When: Saturday, Aug 8, 17:00 - 17:59 PDT
Where: Lockpick Vlg

SpeakerBio:N∅thing
No BIO available

Description:
This is a quick introduction to high security locks, what they are, what they look like and how to get started defeating them.

Lockpick Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

LPV - Saturday - 10:00-10:30 PDT

Title: Intro to Lockpicking
When: Saturday, Aug 8, 10:00 - 10:30 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

LPV - Saturday - 12:00-12:30 PDT

Title: Intro to Lockpicking
When: Saturday, Aug 8, 12:00 - 12:30 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

LPV - Saturday - 14:15-14:45 PDT

Title: Intro to Lockpicking
When: Saturday, Aug 8, 14:15 - 14:45 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Return to Index - Add to

Title: Introduction To ACARS
When: Saturday, Aug 8, 13:30 - 13:59 PDT
Where: Aerospace Vlg

SpeakerBio:Alex Lomas
Alex Lomas is Pen Test Partner’s aerospace specialist. Alex undertakes penetration testing of traditional IT, such as networks, web applications, and APIs, as well as more aviation-specific areas including airport operational technology and avionics embedded systems such as inflight entertainment and e-enabled aircraft.

Description:
We'll go through what ACARS is, its roots in Telex, through to how it's implemented and used in modern airline operations today over VHF, HF, and SATCOM.

We'll talk about how to setup your own ACARS receiver using an RTL-SDR and do a live demo of capturing real ACARS transmissions and attempt to decode what those messages are about. Then we'll take a thought experiment on how potentially malicious transmissions could be made to affect the aircraft.

There will also be a discussion around how ACARS is used in modern CPDLC air traffic to pilot data links, instead of voice communications and how these could be vulnerable, and a brief look at SELCAL which reduces the need for pilots to monitor the radio.

Lastly we'll look at the future of ACARS over IP and how this will integrate with modern e-enabled aircraft.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

IOT - Saturday - 11:00-11:59 PDT

Title: Introduction to U-Boot Interaction and Hacking
When: Saturday, Aug 8, 11:00 - 11:59 PDT
Where: IOT Vlg

SpeakerBio:Garrett Enoch
No BIO available

Description:
This learning session will guide the attendees through various concepts related U-boot including hacks to gain access to U-boot console, U-boot console commands and structure and various methods on using U-boot to exploit an embedded IoT systems. After each learning objective we will have Q&A sessions.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

IOT - Saturday - 17:00-17:45 PDT

Title: IoT Honeypots and taming Rogue appliances
When: Saturday, Aug 8, 17:00 - 17:45 PDT
Where: IOT Vlg

SpeakerBio:Kat Fitzgerald
Based in Pittsburgh and a natural creature of winter, you can typically find me sipping Grand Mayan Extra Anejo whilst simultaneously defending my systems using OSS, magic spells and Dancing Flamingos. Honeypots & Refrigerators are a few of my favorite things! Fun Fact: I rescue Feral Pop Tarts and have the only Pop Tart Sanctuary in the Pittsburgh area.

Description:
Honeypots AND IoT security, all in one place? Yes, why YES I tell you, and this is it! Oh sure, honeypots are not new, but how they are used is what makes this talk just a little bit different. Presented for your viewing pleasure will be IoT specific honeypot configurations, some deployed with k8s (some not) and how they are used to not only trap attacks against your IoT devices but also detect attacks FROM a compromised IoT device.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

DL - Saturday - 10:00-11:50 PDT

Title: jeopardize
When: Saturday, Aug 8, 10:00 - 11:50 PDT
Where: See Description or Village

SpeakerBio:Utku Sen
Utku Sen is a security researcher who is mostly focused on application security, network security and tool development. He presented his different tools and researches in Black Hat USA Arsenal, DEF CON Demo Labs, Packet Hacking Village and Recon Village in the recent years. He's also nominated for Pwnie Awards on "Best Backdoor" category in 2016. He is currently working for HackerOne.

Description:
Jeopardize tool is developed to provide basic threat intelligence&response capabilities against phishing domains at the minimum cost as possible. It detects registered phishing domain candidates (typosquatting, homograph etc.), analyzes them and assigns a risk score to them. After then, it sends valid-looking credentials to the login forms on those phishing sites. Main goals are to confuse the attackers and to buy organizations some time to take precautions.

Audience: Defense

Discord: #dl-sen-jeopardize-text: https://discord.com/channels/708208267699945503/730256291032989728

Watch @ #dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988

Github: https://github.com/utkusen/jeopardize

Forum: https://forum.defcon.org/node/233129

Return to Index - Add to

- ics Calendar file

Title: Learn to Solder the BadgeBuddy Kit
When: Saturday, Aug 8, 08:30 - 08:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Joseph Long (hwbxr)
Joseph Long (hwbxr) is the founder of HackerBoxes: the monthly subscription box for DIY electronics, computer technology, and hacker culture. He has extensive experience in technology R&D and is an attorney of technology law. A former member of the research faculty at Georgia Tech, Joseph is a licensed professional engineer, amateur radio volunteer examiner, past IEEE senior member and chair of multiple IEEE chapters. He has directed or contributed to numerous engineering projects in diverse technology areas including digital and embedded systems, medical devices, broadband communications, and information security. Joseph has provided engineering expertise to technology startups, Fortune 500 companies, NASA, various other government agencies, and research laboratories. He has also prepared and prosecuted hundreds of patent applications for technology leaders such as Google, Microsoft, IBM, AT&T, Cisco, and Boeing as well as technology startups and various university clients.

Description:
Learn to Solder with HackerBoxes. Assemble your very own BadgeBuddy. HackerBoxes has updated a special edition BadgeBuddy soldering kit for DEF CON 28 SAFE MODE.

The BadgeBuddy is a simple and fun kit to introduce basic soldering skills. Once assembled, the blinky mini-badge PCB can be hung from a conference lanyard, backpack, purse, belt, etc using the included bead-chain. The BadgeBuddy uses self-cycling rainbow LEDs for a reduced bill of materials requiring no external control circuitry. The result is a very nice colorful effect that is still simple enough for a first time soldering project.

As in past years, the BadgeBuddy is free (as in beer) and in light of DEF CON 28 SAFE MODE, HackerBoxes will send it directly to you, anywhere in the United States, for only $1 S&H. If you do not already have soldering tools on hand, HackerBoxes is also making a set of basic soldering tools available at cost. Both can be found at HackerBoxes.com and can be ordered now to ship starting on July 20. Orders as late as July 25 should still be received in time for DEF CON 28 SAFE MODE, but earlier is always better in light of recent postal delays.

#hhv-badgebuddy-qa-text: https://discord.com/channels/708208267699945503/709254868329693214

Return to Index - Add to

- ics Calendar file

HHV - Saturday - 12:00-12:30 PDT

Title: Learn to Solder the BadgeBuddy Kit
When: Saturday, Aug 8, 12:00 - 12:30 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Joseph Long (hwbxr)
Joseph Long (hwbxr) is the founder of HackerBoxes: the monthly subscription box for DIY electronics, computer technology, and hacker culture. He has extensive experience in technology R&D and is an attorney of technology law. A former member of the research faculty at Georgia Tech, Joseph is a licensed professional engineer, amateur radio volunteer examiner, past IEEE senior member and chair of multiple IEEE chapters. He has directed or contributed to numerous engineering projects in diverse technology areas including digital and embedded systems, medical devices, broadband communications, and information security. Joseph has provided engineering expertise to technology startups, Fortune 500 companies, NASA, various other government agencies, and research laboratories. He has also prepared and prosecuted hundreds of patent applications for technology leaders such as Google, Microsoft, IBM, AT&T, Cisco, and Boeing as well as technology startups and various university clients.

Description:
Learn to Solder with HackerBoxes. Assemble your very own BadgeBuddy. HackerBoxes has updated a special edition BadgeBuddy soldering kit for DEF CON 28 SAFE MODE.

#hhv-badgebuddy-qa-text: https://discord.com/channels/708208267699945503/709254868329693214

Return to Index - Add to

Title: Leveraging the critical YARA skills for Blue Teamers (Beginner)
When: Saturday, Aug 8, 09:00 - 10:30 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:David Bernal Michelena
David Bernal Michelena holds a bachelor's degree in Computer Engineering from the National Autonomous University of Mexico (UNAM) and 10 industry security certifications. He is a Senior Incident Handler Consultant in Mandiant and formerly has worked as Lead Security Researcher, Forensic Analyst and Digital Handler in both private and educational security organizations. David has spoken in various security conferences, such as Black Hat USA, SANS Threat Hunting Summit, Digital Crimes Consortium, 8.8 and BSidesCDMX. On his free time, he likes to code, swim and play music.
Twitter: @d4v3c0d3r

Description:
YARA rules have become one of the de facto industry standards for threat detection on files. It is important that blue teamers know what are YARA rules and the basic skills to correctly leverage them on file system, memory dumps and traffic analysis. This is useful for multiple blue team roles mainly malware researchers, security analysts, threat hunters and intelligence analyst.

YARA rules have become one of the de facto industry standards for threat detection on files. It is important that blue teamers know what are YARA rules and the basic skills to correctly leverage them on file system, memory dumps and traffic analysis. This is useful for multiple blue team roles mainly malware researchers, security analysts, threat hunters and intelligence analyst.

Writing YARA rules
Reading YARA rules
Enhancing YARA rules
I will prepare a LINUX virtual machine that will be given to the attendees with some malware samples, memory dumps and pcaps and they will perform various exercises to learn the basic YARA skills. In this training, the attendees will learn:

• How to install on Linux and Windows
• How to develop several YARA rules for several malware samples • How to do targeted scans with YARA on file system • How to do memory YARA scans with volatility and rekall • How to YARA scan files on the network traffic • Video showing YARA detection on malicious files on pcap • Tool for automatically extracting and analyzing files with YARA rules on network traffic created by the author (YARAZeek) • Getting open YARA open source rules from well-known security researchers and other reputable sources. • Using VirusTotal Retrohunt

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: lo57 Mystery Challenge
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231985

Discord: https://discord.com/channels/708208267699945503/732439421973954571

Return to Index - Add to

- ics Calendar file

ASV - Saturday - 13:00-13:45 PDT

Title: localghost: Escaping the Browser Sandbox Without 0-Days
When: Saturday, Aug 8, 13:00 - 13:45 PDT
Where: AppSec Vlg

SpeakerBio:Parsia Hakimian
No BIO available
Twitter: @cryptogangsta

Description:No Description available

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

BTVT1 - Saturday - 11:30-11:59 PDT

Title: Low Value Indicators For High Value Decisions (Intermediate)
When: Saturday, Aug 8, 11:30 - 11:59 PDT
Where: Blue Team Vlg - Talks Track 1
Speakers:Allan Stojanovic,Spencer Cureton

SpeakerBio:Allan Stojanovic
Allan Stojanovic has survived IT for over 25 years. He has worked in nearly every vertical doing may different roles, mostly in the Information Security field. A jack of all trades, Allan tries to know a little bit about everything, and is a self-proclaimed expert at nothing.
Twitter: @allansto

SpeakerBio:Spencer Cureton
No BIO available

Description:
We will present how the Abuse Operations team uses collections of indicators to fingerprint and track adversaries on one of the largest pure-play, remote-code-execution-as-as service platforms on the Internet: Heroku. We can detect when they change tactics, we can spot the number of people involved, and we can misdirect them to the point that they become even easier to track!

We hope the ideas presented here will help your day to day routine as well as provide a solid model to guide future decisions from architecture to automation.

Introduction

Allan and Spencer
Heroku - A PaaS that's basically RCEaaS We keep customers from doing bad things on, to, and from the platform

Adversaries

Adversary classification and evolution - skids to apex threat actors Establishing intent to differentiate good from bad actor.

Definitions

"Abuse" - misuse, malice, crime
Indicators, TTPs, Fingerprints
Slang: splash, pivot, etc.

Methodology

Hunting - environment and tools (and lack of) Leveraging the home field advantage Determining intent with constellation of indicators Detecting adversary changes when pressure is applied - from TTP shifts to spotting multiple actors from a campaign Leading the adversary - limit their available choices

Examples of frustrating specific actors/campaigns

Cryptocurrency mining
Phishing
Blackhat SEO

Takeaways

Break spirits, not code!
Identify all sources of indicators - internal and external TI All low value indicators are equal until they are not.

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 12:00-12:59 PDT

Title: Low-Cost VHF Receiver: Eavesdropping Pilot/Controller Communication
When: Saturday, Aug 8, 12:00 - 12:59 PDT
Where: Aerospace Vlg
Speakers:Allan Tart,Fabian Landis

SpeakerBio:Allan Tart
Allan Tart joined OpenSky network in July 2019, where his main responsibilities include leading special research and development projects. He has more than a decade worth of experience working in the air traffic management domain, where he has filled different positions ranging from being surveillance systems engineer to leading various development projects. In addition to his work in ATM, he has been actively conducting research in the field of array processing and spatial filtering at Tallinn University of Technology. In recent years his research interests have shifted toward the area of radio network deployment, in which he cooperates with the Standards and Technology department in Ericsson AB.

SpeakerBio:Fabian Landis
Fabian Landis received his master's degree at the Swiss Federal Institute of Technology Zurich in 2004 in the areas of computer networks, computer vision, IT security and speech processing. He has been a developer since, working for banks and software providers in the area of infrastructure, trade finance and IAM. He has recently joined Opensky Networks and is now focusing on the ATCO2 project which this talk will cover to some extent.

Description:
The objective of the talk is to give an overview of the latest development in OpenSky Network – recording Air Traffic Control ATC voice communications.

As the receiver-feeder system will be developed within ATCO2 project, an undertaking financed by the European Union, a short overview of the ATCO2 project will be given. The central question covered in this first part of the talk is: “What will happen with the voice recording after it’s uploaded to OpenSky Network?”

The main part of the talk will focus on how to set up the receiver which is built around RTLSDR-Airband - an open source multichannel AM/NFM receiver (more about it here: https://github.com/szpajder/RTLSDR-Airband/wiki).

Participants are encouraged to take an active role during the workshop and set up the receiver during the talk. In order to do that, listeners should make sure they have the following items available: - Raspberry Pi (any version should work). - SDR-RTL dongle (RTL-SDR Blog R820T2 RTL2832U 1PPM TCXO SMA Software Defined Radio with Dipole Antenna Kit available from https://www.rtl-sdr.com/buy-rtl-sdr-dvb-t-dongles/ as includes antenna and antenna cables). - SD card (with memory of 16GB is sufficient)

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Github: https://github.com/szpajder/RTLSDR-Airband/wiki

Return to Index - Add to

- ics Calendar file

Title: Mica Husky
When: Saturday, Aug 8, 19:00 - 19:59 PDT
Where: See Description or Village

Description:
Mica has been absolutely obsessed with electronic music since she was a small child. She has been producing electronica for over a decade and DJing at house parties and conventions for 5 years. She first discovered psytrance in particular after going to Equinox 2015 because it "sounded fun". She was instantly hooked. Mica's favorite noises are reminiscent of psychedelic crystals shattering into a million pieces on a forest floor. She can take a crowd on a journey through the world of psychedelia by catching them at the perfect time with the best of alien music.

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Web: http://www.barkbarkbarkbark.com

Return to Index - Add to

- ics Calendar file

POV - Saturday - 16:00-16:59 PDT

Title: Mis/Dis Information & Democracy
When: Saturday, Aug 8, 16:00 - 16:59 PDT
Where: See Description or Village

Description:
This event requires registration. Please see the below link for more information.

Registration: https://www.eventbrite.com/e/def-con-policy-community-roundtable-misdis-information-democracy-tickets-115984678295

Return to Index - Add to

- ics Calendar file

AIV - Saturday - 10:00-10:30 PDT

Title: Misinformation & Covid
When: Saturday, Aug 8, 10:00 - 10:30 PDT
Where: AI Vlg

SpeakerBio:lmeyerov
No BIO available
Twitter: @lmeyerov

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage

Return to Index - Add to

- ics Calendar file

ENT - Saturday - 22:00-22:59 PDT

Title: Miss Jackalope
When: Saturday, Aug 8, 22:00 - 22:59 PDT
Where: See Description or Village

Description:
DEF CON's Resident Community DJ. Miss Jackalope has been DJing drum and bass and breakbeats for a long time and doing InfoSec stuff, too! ($dayjob) She can be seen DJing parties, swagulating in the Vendor room, and making sure everyone is having a good time. Mega thanks to the Jackalope Army for their support.

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Twitter: https://twitter.com/djjackalope

Web: https://missjackalope.com

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 09:00-15:59 PDT

Title: Mission Alenium: Launching the Next Generation into an Immersive Cybersecurity and Space Systems Challenge
When: Saturday, Aug 8, 09:00 - 15:59 PDT
Where: Aerospace Vlg

SpeakerBio:Henry Danielson
No BIO available

Description:
The Convergence of Space and Cybersecurity is here! The goal of this immersive, two-part challenge is to expose beginner-level participants to Space Networks, Cybersecurity, Satellites, IoT devices and Digital Forensics Analysis through a gamified satellite cybercrime scenario. The first part includes a series of five online 3D “escape rooms” which each simulate different locations that contain important evidence. After all the information is collected, participants enter the second phase of the challenge and begin conducting forensic analysis. Participants will respond to a fictional storyline where the flight control system of a Low Earth Orbit (LEO) is compromised. Due to the hack, the rocket and its accompanying satellite crash before reaching orbit. The software payload survives the crash and is sufficiently intact for digital forensic analysis. The participants act as cybersecurity digital forensics analysts, attempting to find out how and why the system was hacked and by whom. It is being deployed at the California Cyber Innovation Challenge 2020, the state championship for cybersecurity competitions in California, for teams of middle school and high school students this upcoming October.

Discord: https://discord.com/channels/708208267699945503/732393009215176854

Return to Index - Add to

- ics Calendar file

ICS - Saturday - 13:30-13:59 PDT

Title: MITRE ICS ATT&CK
When: Saturday, Aug 8, 13:30 - 13:59 PDT
Where: ICS Vlg
Speakers:Marie,Otis

SpeakerBio:Marie
No BIO available

SpeakerBio:Otis
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 02:15-03:15 PDT

Title: Modern Red Team Tradecraft - Informing Defenders by Evolving Your Attackers
When: Saturday, Aug 8, 02:15 - 03:15 PDT
Where: Red Team Vlg

SpeakerBio:Sajal Thomas
Sajal Thomas is a Senior Consultant at FireEye Mandiant. He works with the Mandiant Red Team in the Asia Pacific region. Sajal has simulated adversaries and helped secure customers in India, Singapore, Malaysia, Thailand, Japan, Indonesia, Philippines, Hong Kong, Taiwan, Australia, New Zealand, United Kingdom, Germany and the United States which provides him a unique insight into the diverse landscape of the challenges faced by attackers and defenders. In his free time, Sajal enjoys brewing coffee, watching football and reading about nation-state cyber espionage tradecraft.

Description:
Modern attacks against complex network infrastructure highlight a massive gap between state-affiliated cyber espionage attacks and Red Teams. As Red Teams face challenges that real-world attackers do not, replicating the sophisticated threat groups becomes all the more challenging with tight engagement deadlines and report submissions. The talk aims to bridge this gap by providing insights into modern tradecraft employed by the apex predators as well as the coin-miners and ransomware authors. The talk will also discuss the unique relationship between speed and stealth during Red Team operations. Sometimes "speed is the new stealth" but with evolved defensive technologies that baseline behaviour of endpoints on the host and network level, slow and steady may be the way to go instead. Additionally, the talk will walk through publicly-known implant design considerations to defeat mature host and network defences. Bleeding-edge credential harvesting techniques and the evolution of running Invoke-Mimikatz.ps1 to digging deep into C/C++ and Win32 API programming will be featured. Lastly, the evolution of a modern Red Team operator/developer/both will be discussed. The skills and mindset required to successfully complete objectives and evade defences have changed over time. A Red Teamer must evolve to be able to inform defence better.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

BCV - Saturday - 14:00-14:59 PDT

Title: Monetary Maximalism and Millennial Finance - Building Decentralized Tooling to Empower Everyone
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: Blockchain Vlg
Speakers:Kris Jones,Matt Luongo

SpeakerBio:Kris Jones
No BIO available

SpeakerBio:Matt Luongo
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

DC - Saturday - 20:00-21:59 PDT

Title: Movie Stream - Lost World
When: Saturday, Aug 8, 20:00 - 21:59 PDT
Where: See Description or Village

Description:
'The Lost World' - Like Jurassic park but with title cards. Silent FIlm era, with dinosaurs. From 1925.

Banter @ #movie-night-text: https://discord.com/channels/708208267699945503/741067993617924227

Watch @ #movie-night-voice: https://discord.com/channels/708208267699945503/741068040132624505

Return to Index - Add to

- ics Calendar file

CRV - Saturday - 13:00-13:59 PDT

Title: National Service Panel: Career Opportunities Supporting the Country
When: Saturday, Aug 8, 13:00 - 13:59 PDT
Where: Career Hacking Vlg
Speakers:John Felker,Diane Janosek,Chris Pimlott,Roman Vitkovitsky,Liz Popiak,Joe Billingsley

SpeakerBio:John Felker , Assistant Director of the DHS Cybersecurity and Infrastructure Security Agency (CISA)
No BIO available
https://www.linkedin.com/in/jofelker/

SpeakerBio:Diane Janosek , Commandant of the NSA's National Cryptologic School and President of the Women in Cybersecurity Mid-Atlantic Affiliate
No BIO available
https://www.linkedin.com/in/diane-janosek-abc/

SpeakerBio:Chris Pimlott , Engineer at the US Digital Service
No BIO available
https://www.linkedin.com/in/pimlottc/

SpeakerBio:Roman Vitkovitsky , US Marine Marine Corps Cyber Auxiliar
No BIO available
https://www.linkedin.com/in/rvitko/

SpeakerBio:Liz Popiak
Created the US Army Cyber Speciality Direct Commissioning Program
https://www.linkedin.com/in/elizabeth-popiak-mba-881a4b16/

SpeakerBio:Joe Billingsley , Founder of the Military Cyber Professionals Association
No BIO available
https://www.linkedin.com/in/joebillingsley/

Description:
The National Service Panel highlights the opportunities and challenges with national service, focusing on tech-related programs across the federal government. The panel is organized by the Military Cyber Professionals Association (MCPA) and includes reps discussing the US Digital Service, US Marine Corps Cyber Auxiliary, National Security Agency (NSA), US Army Cyber Direct Commissioning Program, and Cybersecurity and Infrastructure Security Agency (CISA).

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 16:00-16:59 PDT

Title: Next level stalker ware
When: Saturday, Aug 8, 16:00 - 16:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Cecilie Wian
Cecilie wian has a background in psychology and healthcare. She holds a BA in Educational psychology and a MA in Philosophy of technology. Her human-centric approach to software testing and development challenges established ways of creating systems meant for end-users.

Description:
What if parents could see everything their children had ever purchased? What if your ex could get a list of all your expenses? Without you knowing, or using the service yourself? It's already happening because many companies allow this kind of spying with nothing more than a person's bank card number, account number or license plate number.

Norway is far ahead in adoption of digital solutions. Services, bank services, and citizenship. Automatic detection of license plates, and digital receipt. Now the dark side of this is revealed: several cases of the next level stalker ware. Where bad actors gain access to other peoples information via centralized services, using easily obtainable, pieces of information.

Even when made aware of the problem the companies choose to accept the risk, pushing the responsibility and cost to stay safe on to the unknowing users. But what can we do ?

The talk will describe the process of pursuing some of the cases in a country with GDPR implemented, as well as discuss efforts to provide non-users with additional security and privacy.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

https://0xword.com/es/libros/85-infraestructuras-criticas-y-sistemas-industriales-auditorias-de-seguridad-y-fortificacion.html.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 18:00-19:59 PDT

Title: No Tech Talks
When: Saturday, Aug 8, 18:00 - 19:59 PDT
Where: See Description or Village

Description:
No tech? No problem. Come tell your no-tech stories here. It’s like karaoke, except without the music, or cheesy lyrics, or singing. OK, it’s not exactly like karaoke but it’ll still be entertaining. Suggested theme: “Discovery” and “Apocalypse”

Selected speakers will get 15 minutes to tell their stories on the Discord voice channel, and audience members will be able to ask questions, or discuss on the text channel.

The sign up form won’t be open until the night of the event, participation will be first come first serve, and subject to moderation.

#war-story-and-no-tech-talk-voice: https://discord.com/channels/708208267699945503/733562286572306492

#war-story-and-no-tech-talk-text: https://discord.com/channels/708208267699945503/733562098315034735

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 09:00-15:59 PDT

Title: Nyan Sat Workshop
When: Saturday, Aug 8, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
What’s another way to hack a satellite? Through ground stations.

Nyansat consists of three fun, non-competitive challenges: building your own satellite tracking antenna, exploiting a ground station modem, and participating in our livestreamed, internet-accessible, community ground station event.

Return to Index - Add to

- ics Calendar file

BTVT1 - Saturday - 10:30-10:59 PDT

Title: O365Squatting (Intermediate)
When: Saturday, Aug 8, 10:30 - 10:59 PDT
Where: Blue Team Vlg - Talks Track 1
Speakers:Juan Francisco,Jose Miguel Gómez-Casero Marichal

SpeakerBio:Juan Francisco
Juan Francisco Bolivar is Chief Security Envoy at ElevenPaths and IT Security Manager on Pharma Industry, involved on security researching since more than 10 years, web, mobile applications and Industrial systems. His main focus is Industrial security critical infrastructures. He has recently published the first book in Spanish about Industrial security,

Previously he has been working as pentester and security engineer for international companies, releasing more than 10 0-days for vendors as Cisco, Honeywell, Siemens.... His is teaching at several university masters in Spain and South-America and public speaking on different security conferences Vicon, Hackron, TizonaConf, Honeycon, Isaca...

Twitter: @jfran_cbit

SpeakerBio:Jose Miguel Gómez-Casero Marichal
No BIO available

Description:
0365Squatting is a python tool created to identify that domains before the attack start. The tool can create a list of typo squatted domains based on the domain provided by the user and check all the domains against O365 infrastructure, (these domains will not appear on a DNS request).

At the same time, this tool can also be used by red teams and bug bunters, one of the classic attacks is the domain takeover so, the second option of this too is to check if the domain is registered in O365 in order to launch a domain takeover attack.

One of the main benefits of cloud technology is to deploy quickly services, with minimum interaction from the administrator side, this is an advantage exploited by cyber criminals too. Nowadays the main threats all size companies are facing is phishing, every day cyber criminals are creating more sophisticated techniques to cheat users and make more difficult the job of blue teams. The most common technique used is typo squatting. Part of the Blue team mission is to detect phishing, typo squatters, and attack domains before the phishing campaign begins, there is outside plenty of tools trying to detect that domains based on DNS, however none of them are focus into the cloud.

0365Squatting is an OpenSource tool created on Pyhton3, that can be launched automatically using cron. This is a unique tool, not only because of the cloud capabilities, if not because is prepared to be integrated with commercial SIEM as ArcSight based on the output possibilities, on screen or in format CEF and JSON.

When you create an account into O365 you can get a domain to use on your server mail on O365, however this domain is not published into DNS servers. Not publishing the domain automatically as AWS or GCloud is doing create a serious problem for organizations and blue team keeping a grey area for monitoring of domains. Our team has detected 100's of attacks using this method that classic tools are not detecting 0365Squatting runs locally without sharing any info allowing:

Create list of squatted domains
Check squatted domains on O365
Check possible domain takeover on O365 Export in several formats (CEF, JSON)

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CHV - Saturday - 11:00-11:50 PDT

Title: OBD and what we CAN do with it
When: Saturday, Aug 8, 11:00 - 11:50 PDT
Where: Car Hacking Vlg 101

SpeakerBio:Infenet
Lifelong hacker and hacker of all the things. Founder of Enterprise Offensive Security, creator of security tools for DevOps Engineers such as auto-remediation using AWS Lambda and CIS Compliance Scanning Tools, SSO implementations on the Service Provider and Identity Provider side(s). Simulated Advanced Persistent Threat Actor. Started DEFCON group in Detroit DC313 and Director of #misec Detroit.

Description:
Learn about the history of on-board diagnostics, OBD I and II Standards, Data Is Accessible From the OBD II and Architecture of OBD-II and CAN.

#chv-101-talks-text: https://discord.com/channels/708208267699945503/735651343007744051

YouTube: https://www.youtube.com/watch?v=N4y_K4GGsLs

Return to Index - Add to

- ics Calendar file

HHV - Saturday - 11:00-11:30 PDT

Title: onkeypress=hack();
When: Saturday, Aug 8, 11:00 - 11:30 PDT
Where: Hardware Hacking Vlg
Speakers:Farith Pérez Sáez,Luis Ángel Ramírez Mendoza (@larm182luis),Mauro Cáseres

SpeakerBio:Farith Pérez Sáez
Farith Pérez Sáez (@f_perezs) is a colombian engineer, hardware hacker and speaker. He spoke at DragonJAR Colombia (Biggest hacking spanish speaking conference in LATAM) and teaches at Universidad de La Guajira.
Twitter: @f_perezs

SpeakerBio:Luis Ángel Ramírez Mendoza (@larm182luis)
Luis Ángel Ramírez Mendoza (@larm182luis) is a colombian electronic engineer, hacker and speaker. He spoke at DragonJAR Colombia (Biggest hacking spanish speaking conference in LATAM) and is currently working as a Cybersecurity and Artificial Intelligence Professor at University of Guajira in Colombia.
Twitter: @larm182luis

SpeakerBio:Mauro Cáseres
Mauro Cáseres (@mauroeldritch) is an argentine hacker and speaker. He spoke at DEF CON 26 Las Vegas (Recon & Data Duplication Villages), DevFest Siberia, DragonJAR Colombia, Roadsec Brasil, and DC7831 Nizhny Novgorod. Currently working as SecOps for the Argentine Ministry of Production.
Twitter: @mauroeldritch

Description:
In this talk we will see the assembly and use of a modified BadUSB keyboard with an integrated DIY physical keylogger. Using a built-in WiFi module, this keyboard is capable of sending user keystrokes to a remote server and storing it in a database. Both the piece by piece assembly, its diagram, and its programming will be demonstrated. Also there will also be a live demo to demonstrate its operation.

This talk is recommended for both novice and experienced users alike.

#hhv-onkeypresshack-talk-qa-text: https://discord.com/channels/708208267699945503/736750677128249360

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 11:00-11:30 PDT

Title: Online Ads as a Recon and Surveillance Tool
When: Saturday, Aug 8, 11:00 - 11:30 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Neil M
I am a member of the US Army and work in a cybersecurity-focused software development role. I am also an OSINT and online privacy enthusiast.

Description:
Inspired by and building on previous research and presentations on the topic (namely 0x200b's presentation from DEFCON 26*), this presentation will explore the possibility and feasibility of leveraging features of online targeted advertising platforms including Google and Facebook as a reconnaissance and surveillance tool. Unlike previous presentations at DEFCON, I intend to demonstrate that the targeted advertising attack has potential to be applied beyond the context of a red team targeting blue team personnel and can be leveraged against many average Internet users by a determined and resourced attacker. By exploring the advertising surveillance systems built into the majority of today’s Internet-connected devices and services, I hope to enable privacy-conscious individuals to better protect themselves against targeted ad information collection schemes.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

PAYV - Saturday - 11:00-11:59 PDT

Title: Online Banking Security
When: Saturday, Aug 8, 11:00 - 11:59 PDT
Where: Payment Vlg

SpeakerBio:Arkadiy Litvinenko
No BIO available

Description:
Competition between banks leads to new opportunities for clients, which are the cause of new risks for the banks and for the clients themselves. During the talk we will discuss the internals of Online and Mobile banking, what vulnerabilities are common or specific for these services and what best practices exist for solving these problems.

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Online MUD - EvilMog
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
This CTF is a MUD with 8-9 quests, intentional exploits, and about 1200 rooms has been setup at mog.ninja port 4000. A website documenting the MUD is at https://mog.ninja and a CTFd is setup at https://ctf.mog.ninja. The game is an LPMud and runs on gurbalib and DGD. If you complete all the quests you become a wizard. You connect by telneting on port 4000. The game has been balanced out to take about a week to complete all the quests and hit max level if you find most of the in game exploits.

Forum: https://forum.defcon.org/node/232895

Discord: https://discord.com/channels/708208267699945503/728707998796480590

MUD Docs: https://mog.ninja

CTFd: https://ctf.mog.ninja

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 15:00-15:59 PDT

Title: Online Voting: Theory and Practice
When: Saturday, Aug 8, 15:00 - 15:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Emily Stamm,Porter Adams

SpeakerBio:Emily Stamm
Emily Stamm is a security research engineer at Allstate specializing in cryptography. She graduated from Vassar college in 2018 with a degree in mathematics where she published original research papers in number theory. Her knowledge and interest in mathematics, quantum physics, and computer science motivated her passion for cryptography and quantum computing. Emily is also passionate about education and security awareness. She co-founded CyberSecurity Non-Profit (CSNP.org), an organization that provides free security educational resources, training, and events globally, with the purpose of making security more accessible, inclusive, and diverse.

SpeakerBio:Porter Adams
Porter Adams is a software engineer at Blacktop Government Solutions, co-founder of Disappear Digital, and member of CyberSecurity Non-Profit (CSNP). He loves cryptography, privacy, and protecting people online. He lives in Washington DC with his dog.

Description:
The concept of voting online is daunting to many because of the security risks, feasibility, and reliability. However, given the presence of election interference, limitations of in-person voting, and adoption of new technology, many countries are converting to electronic voting. In this talk, we discuss the theoretical and practical benefits and limitations of electronic voting. Emily Stamm will discuss the mathematics behind homomorphic encryption and blind signature schemes, with an emphasis on schemes that are secure against quantum computers. Porter Adams will discuss how these schemes and others are used in practice, and analyze the advantages and disadvantages of electronic voting.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

MOV - Saturday - 12:00-12:59 PDT

Title: Open Office Q&A w/ Monero Research Lab's Sarang
When: Saturday, Aug 8, 12:00 - 12:59 PDT
Where: Monero Vlg

SpeakerBio:Sarang
No BIO available

Description:
Ever wanted to have one of your Monero or cryptography related questions answered by the Monero Research Lab? Ask away!

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676

Return to Index - Add to

- ics Calendar file

ICS - Saturday - 15:30-16:30 PDT

Title: Operationalizing Cyber Norms: Critical Infrastructure Protection
When: Saturday, Aug 8, 15:30 - 16:30 PDT
Where: ICS Vlg

SpeakerBio:Chris Kubecka
Chris Kubecka - "Fearless and powerful speaker, saves countries, fights cyber terrorism, advises several governments as a subject matter expert on cyber warfare national defense. Profiled by major media in the USA and Europe. USAF military combat veteran, former military aviator, and USAF Space Command. Defends critical infrastructure and handles country level cyber incidents, cyberwarfare, and cyber espionage. Reconnected Saudi Aramco international business operations & established digital security after the world’s most devastating cyberwarfare attack. Developing the highest level of exploit code against IT/IOT/ICS SCADA control systems whilst working with governments. Involved in the world’s biggest hacks, advising nations, NATO, Europol, Interpol exposing corruption and national security risks.

“She is a go-to professional for governments. There are only a certain number who can both frame the problem conceptually and put it in straight fuc**** English so somebody can understand. And she can do that.”

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: OSINTSECCryptoAIBlockchain
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231050

Discord: https://discord.com/channels/708208267699945503/732439527213367346

Return to Index - Add to

- ics Calendar file

HRV - Saturday - 15:00-15:30 PDT

Title: OSTWERK Initiative
When: Saturday, Aug 8, 15:00 - 15:30 PDT
Where: Ham Radio Vlg

Description:
OSTWERK stands for Open Source Tactical Wireless Emergency Radio Kit, an all-in-one customizable solution for building ham radio kits. This will be a a 30 minute talk and Q&A about the initiative, my sample kit, and what I hope to accomplish (website features, sponsorships for kits for schools, etc). Feel free to ask any questions!

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 04:45-05:45 PDT

Title: OU having a laugh?
When: Saturday, Aug 8, 04:45 - 05:45 PDT
Where: Red Team Vlg

SpeakerBio:Petros Koutroumpis
Petros Koutroumpis is a security consultant and has delivered multiple red and purple team engagements. His research is mainly focused on Active Directory and Windows post-exploitation. He likes to spend his free time developing new tools and contributing to open-source projects.

Description:
Whether you are trying to attack or defend Active Directory, BloodHound has been the default tool for identifying attack paths. With its latest release, BloodHound3 has introduced a number of new edges including the collection of ACLs for Organizational Units.

In this talk we will present a method to abuse edit rights on an OU by serving malicious Group Policy Objects in order to compromise any computer or user object that is a member of the vulnerable OU or any of its child OUs.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

RGV - Saturday - 16:00-17:59 PDT

Title: Outs, Forces, and Equivoque: A treatise on how Magicians speak
When: Saturday, Aug 8, 16:00 - 17:59 PDT
Where: Rogues Vlg

SpeakerBio:Brandon Martinez
No BIO available

Description:
In this talk, BM explores the similarities of language between both a magician and social engineer. Learn about common language tricks and methods used in magic and how those same methods could be used to make your social engineering more effective. After learning these principals, learn how to apply them them in ethical scenarios to help practice your skills, as well as having the tools to create new ones.

Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage

Return to Index - Add to

- ics Calendar file

DCG - Saturday - 10:00-10:59 PDT

Title: OWASP API Top 10
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: DEF CON Groups

Description:
Presentation by DC9111 (New Delhi, India)

All DEF CON Groups presentations are happening in AltSpace.

AltSpace: https://account.altvr.com/events/1520704529866162594

Listen @ #dcg-stage-voice: https://discord.com/channels/708208267699945503/740428852999880704

Interact @ #dcg-stage-text: https://discord.com/channels/708208267699945503/710379858429083698

Return to Index - Add to

- ics Calendar file

PWDV - Saturday - 00:00-00:59 PDT

Title: PathWell: Dynamic Password Strength Enforcement (Rebroadcast)
When: Saturday, Aug 8, 00:00 - 00:59 PDT
Where: Password Vlg

SpeakerBio:Hank Leininger
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ

Return to Index - Add to

- ics Calendar file

PWDV - Saturday - 13:00-13:59 PDT

Title: PathWell: Dynamic Password Strength Enforcement
When: Saturday, Aug 8, 13:00 - 13:59 PDT
Where: Password Vlg

SpeakerBio:Hank Leininger
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ

Return to Index - Add to

- ics Calendar file

RGV - Saturday - 14:00-14:59 PDT

Title: Performance
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: Rogues Vlg

SpeakerBio:Daniel Roy
No BIO available

Description:
In this hybrid performance talk, Daniel will introduce you to the storied history of card cheats and con games and demonstrate some of the most legendary scams – and won’t have to bet a penny!

Daniel Roy is a magician who specializes in the most difficult branch of card manipulation: the sleight of hand techniques used by professional card cheats. He has appeared at the World-Famous Magic Castle in Hollywood, and his audiences have included Hollywood actors, millionaires, and members of U.S. Congress. In 2019, he received the Milbourne Christopher award for Close-Up Magician of the Year.

Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage

Return to Index - Add to

- ics Calendar file

DL - Saturday - 12:00-13:50 PDT

Title: Phirautee
When: Saturday, Aug 8, 12:00 - 13:50 PDT
Where: See Description or Village

SpeakerBio:Viral Maniar
Viral Maniar is currently working as Technical Manager at RiskIQ managing the attack surface outside of the firewall for clients in the APAC region through his boutique cyber security firm Preemptive Cyber Security (www.preemptivecybersec.com) providing offensive and defensive consulting services based in Australia. Viral has provided security consulting services for over 8 years including infrastructure (internal-external), application penetration testing, vulnerability assessments, wireless penetration testing, social engineering, red team engagements, API testing, Thick & Thin client testing and cloud architecture security reviews to numerous clients across various industries in the APAC region. Viral has presented at conferences like Black Hat, ROOTCON and (ISC)2. Viral has also participated in a number of bug bounty programs and won awards for responsible disclosure of security vulnerabilities. In his leisure time, he enjoys developing security tools and maintains several projects on the GitHub. He has achieved industry certifications such as Offensive Security Certified Professional (OSCP) and SANS GPEN - Network Penetration Testing. Twitter: @ManiarViral / @PreemptiveCyber

Description:
Over the past few years, ransomware has gone wild and organisations around the world are getting targeted leading to the damage and disruption. As we all know that the threat landscape is changing rapidly and we hear the fuss about ransomware infection at the offices or read about it in the news.

Have you ever wondered how threat actors are writing ransomwares? What level of sophistication and understanding is required to target an organisation? In this demo, we will utilise the native Windows commands to build ransomware and target a host via phishing.

Introducing Phirautee, a proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation's data to hostage for payments or permanently encrypts/deletes the organisation data. The tool uses public-key cryptography to encrypt the data on the disk.

Before encrypting, it exfiltrates the files from the network to the attacker. Once the files are encrypted and exfiltrated, the original files are permanently deleted from the host and then tool demands a ransom. The ransom is asked using the cryptocurrency for payments, so transactions are more difficult for law enforcement to trace.

During the demonstration of Phirautee, you will see a complete attack chain i.e. from receiving ransomware attack via a phishing email and how the files get encrypted on the compromised systems. A detailed walkthrough of the source code would be provided to understand how hackers utilise simple methods to create something dangerous. I will end the demo with several defence mechanisms by performing forensics analysis on Phirautee using publicly available tools.

Audience: Offense

Interact @ #dl-maniar-phirautee-text: https://discord.com/channels/708208267699945503/730256398277148774

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Github: https://github.com/Viralmaniar/Phirautee

Return to Index - Add to

- ics Calendar file

ICS - Saturday - 11:00-11:59 PDT

Title: Playing with Electricity: Hacking into Distribution Companies
When: Saturday, Aug 8, 11:00 - 11:59 PDT
Where: ICS Vlg
Speakers:Can Demirel,Serkan Temel

SpeakerBio:Can Demirel
No BIO available

SpeakerBio:Serkan Temel
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Return to Index - Add to

- ics Calendar file

BTVT1 - Saturday - 15:30-16:30 PDT

Title: Practical Advice on Threat Hunting Panel
When: Saturday, Aug 8, 15:30 - 16:30 PDT
Where: Blue Team Vlg - Talks Track 1
Speakers:Plug,Roberto Rodriguez,Tony M Lambert,Valentina Palacín,Samir,Ruth Barbacil,Anna McAbee,Paul Melson

SpeakerBio:Plug
No BIO available
Twitter: @plugxor

SpeakerBio:Roberto Rodriguez
Roberto Rodriquez is a threat researcher and security engineer at the Microsoft Threat Intelligence Center (MSTIC) R&D team.

He is also the author of several open source projects, such as the Threat Hunter Playbook, Mordor, OSSEM, HELK and others, to aid the community development of techniques and tooling for threat research. He is also the founder of a new community movement to empower others in the InfoSec community named Open Threat Research.

Blog at https://medium.com/@Cyb3rWard0g

Twitter: @Cyb3rWard0g
https://medium.com/@Cyb3rWard0g

SpeakerBio:Tony M Lambert
Tony is a professional geek who loves to jump into all things related to detection and digital forensics. After working in enterprise IT administration and detection engineering for several years, he now applies his DFIR skills to research malware, detect malicious activity, and recommend remediation paths. Tony is a natural teacher and regularly shares his findings and expertise through blogs, research reports, and presentations at conferences and events.
Twitter: @ForensicITGuy

SpeakerBio:Valentina Palacín
Valentina is a Threat Intelligence Senior Analyst, specializing in tracking Advanced Persistent Threats (APTs) worldwide and using the ATT&CK Framework to analyze their tools, tactics and techniques. She is a self-taught developer with a degree in Translation and Interpretation from the Universidad de Málaga (UMA), and a Cyber Security Diploma from the Universidad Tecnológica Nacional (UTN).

She recently published an article on how to get started with Threat Hunting using Atomic Red Team on the blog she shares with Ruth Barbacil: https://medium.com/intelforge

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 10:00-10:59 PDT

Title: Quantum Computers & Cryptography
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:I. Shaheem
Imran Shaheem joined Cyberis Limited in early 2018 following the successful completion of an MSc in Theoretical Physics (Gravity, Particles and Fields) at the University of Nottingham. Prior to joining Cyberis, Imran participated in online bug bounty programs which led to private security research work for a Fortune 10 company. In conjunction to this, his work earned him BugCrowd’s VIP researcher accolade in 2017, placing him in the top 300 of over 50,000 researchers who use the platform.

Description:
Quantum Cryptography has exploded, both in terms of active research and public awareness, since scientific interest in the field took off in the 90s. The ramifications of quantum computers on classical (current) cryptography and what will be considered the standard for secure communication in the near future mandates a radical change in our approach. Successful trials that secure communication through the unique properties of quantum physics have already been undertaken. Progress in quantum technologies has been swift in the last decade. Quantum Key Distribution (QKD) systems have been tested by banks and governments, similar systems were deployed at the 2010 World Cup in South Africa. In 2017, researchers held a QKD-protected video conference between China and Austria using the quantum satellite Micius as a trusted relay, further strides and greater worldwide adoption is anticipated for the coming decade. This presentation will start with an overview of quantum information and its impact on classical cryptography. Following this, we’ll delve into the weird and wonderful world of quantum physics and its relationship to cryptography; the making, breaking and subsequent fixing of quantum protocols. We’ll discuss how much of the theoretical possibilities that are achievable with quantum computers we’ll likely see in practice in the near future and how we can go about building our own relatively inexpensive quantum lab to test new protocols and quantum devices. Everything will be discussed from an InfoSec perspective, looking at how testing methodologies can be adapted and what remediation advice can be given to clients during the transitory period as we migrate to quantum safe solutions. While some light mathematics may be called upon during the presentation, this talk is aimed squarely at cyber security professionals and enthusiasts, not physicists or mathematicians.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 12:30-12:59 PDT

Title: Remote Online Balloting Delivery and Marking Options and Security Considerations for Absentee Voting During the COVID-19 Pandemic
When: Saturday, Aug 8, 12:30 - 12:59 PDT
Where: Voting Vlg
Speakers:Susan Greenhalgh,Steve Newell

SpeakerBio:Susan Greenhalgh , Senior Advisor on Election Security, Free Speech for People
No BIO available

SpeakerBio:Steve Newell , Project Director, Center for Scientific Evidence in Public Issues, American Association for the Advancement of Science, Center for Scientific Evidence in Public Issues
No BIO available

Description:
As States grapple with the difficult task of holding elections during the novel coronavirus pandemic, election administrators are exploring and implementing technology to deliver blank ballots electronically. The expansion of vote by mail in many states also necessitates a remote accessible ballot marking option for voters with disabilities.

A number of available systems allow the voter to receive a blank ballot electronically, mark it on their computer and print it for mailing or drop off without transmitting the voted ballot to the election office. However, these remote accessible ballot marking systems can be designed indifferent ways that have significantly different security and privacy profiles.

We explore the different architectures for remote ballot marking, comparing systems that conduct the marking process over the internet, (on a remote server), and those that mark ballots statelessly, on the client’s device. We consider the security and privacy issues associated with both technologies, and offer specific recommendations to limit security and privacy risks.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

DC - Saturday - 16:30-16:59 PDT

Title: Reverse Engineering the Tesla Battery Management System for Moar Powerrr!
When: Saturday, Aug 8, 16:30 - 16:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Patrick Kiley , Principal Security Consultant, Rapid7
Patrick Kiley (GXPN, GPEN, GAWN, GCIH, CISSP, MCSE) has over 18 years of information security experience working with both private sector employers and the Department of Energy/National Nuclear Security Administration (NNSA). While he was with the NNSA he built the NNSA's SOC and spent several years working for emergency teams. Patrick has performed research in Avionics security and Internet connected transportation platforms. Patrick has experience in all aspects of penetration testing, security engineering, hardware hacking, IoT, Autonomous Vehicles and CAN bus.
Twitter: @gigstorm

Description:
Tesla released the P85D in 2014. At that time the vehicle came with "insane mode" acceleration with a 0-60 time of 3.2 seconds. Later in July of 2015, Tesla announced "Ludicrous mode" that cut the 0-60 time down to 2.8 seconds. This upgrade was offered both new and as a hardware and firmware change to the existing fleet of P85D vehicles. Since then, Tesla has released newer ludicrous vehicles. What makes the P85D upgrade unique was how the process required changes to the vehicle's Battery Management System(BMS). The 'BMS' handles power requests from the drive units of the car. I was able to reverse engineer this upgrade process by examining the CAN bus messages, CAN bus UDS routines and various firmware files that I extracted from a car. I also decrypted and decompiled Python source code used for diagnostics to determine that the process involved replacing the contactors and fuse with higher current versions as well as modifying the current sensing high voltage "shunt" inside the battery pack. I then performed this process on an actual donor P85D. I bricked the car in the process, forcing me to pay to have it towed to another state so I could troubleshoot. I came to understand that the BMS is the deciding module that allows the drive units to have only as much power as the BMS allows. The car is fixed and is faster.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

BTVT1 - Saturday - 09:00-09:59 PDT

Title: Reversing with Dynamic Data Resolver (DDR) – Best practice (Advanced)
When: Saturday, Aug 8, 09:00 - 09:59 PDT
Where: Blue Team Vlg - Talks Track 1

SpeakerBio:Holger Unterbrink
Holger is a security researcher working for Cisco Talos. His day job is to find and analyze new malware campaigns. He is the author of DDR and several other tools.
Twitter: @hunterbr72

Description:
DDR is an IDA plugin that instruments binaries using the DynamoRIO framework. In this presentation we will show you best practices how to reverse engineer malware with DDR. The talk will discuss the internals of DDR and show you by demonstration, the advantages of the tool.

The DDR plugin can easily resolve the majority of dynamic values for registers and memory locations which are usually missed in a static analysis. It can help to find jump locations such as “call eax” or interesting strings such as “PE” which are decoded at runtime. The tool can be used to dump interesting buffers, and gives the opportunity to patch the binary at runtime to bypass anti-analysis techniques.

In this presentation we will show you best practices for working with this tool, and the many ways in which it can facilitate malware analysis. More details and features can be found here: https://blog.talosintelligence.com/2020/05/dynamic-data-resolver-1-0.html

Blue Team Village activities in 'Talks Track 1' will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 13:00-13:59 PDT

Title: Rights You Can’t Exercise Can’t Protect You: Privacy by Design, Dark Patterns, and Cultural Context
When: Saturday, Aug 8, 13:00 - 13:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Ben Brook,Maritza Johnson,Megan DeBlois,Zach Singleton

SpeakerBio:Ben Brook
Ben Brook is the CEO and co-founder of Transcend, working to make it easy for companies to give users control over their data. Originally from Toronto, Canada, Brook is also a passionate and award-winning filmmaker.

SpeakerBio:Maritza Johnson
Maritza Johnson is Senior User Experience Researcher at Google Research. Her research interests include human-centered security and privacy with a focus on how end-users think about personal data management. Previously, she was a research at the independent nonprofit International Computer Science Institute.

SpeakerBio:Megan DeBlois
Megan DeBlois is a grad student at Oxford University, security consultant, and an infosec technologist working on usable technology development at Internews. She is passionate about making products usable and useful for communities who need them most.

SpeakerBio:Zach Singleton
No BIO available

Description:
Privacy isn’t a one-size-fits-all solution and different perspectives, disciplines, and cultures are important considerations for giving consumers the choice & control they deserve—and the rights they are entitled to under the law. How can we bring new stakeholders to the table, build privacy controls users can find and understand, and hold companies accountable for respecting data rights?

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

CLV - Saturday - 14:45-15:30 PDT

Title: SaaSpocalypse - The Complexity and Power of AWS Cross Account Access
When: Saturday, Aug 8, 14:45 - 15:30 PDT
Where: Cloud Vlg

SpeakerBio:Alexandre Sieira
Alexandre (or Alex) Sieira is a successful information security entrepreneur in the information security field with a global footprint since 2003. He began his security career as a Co-Founder and CTO of CIPHER, an international security consulting and MSSP headquartered in Brazil which was later acquired by Prosegur. In 2015, he became Co-Founder and CTO of Niddel, a bootstrapped security analytics SaaS startup running entirely on the cloud, which was awarded a Gartner Cool Vendor award in 2016. After the acquisition of Niddel by Verizon in January 2018, he became the Senior manager and global leader of the Managed Security Services - analytics products under the Detect & Respond portfolio tower at Verizon.

Currently is the Founder of Tenchi Security, a startup focused on cloud security headquartered in Brazil.

Alexandre is an experienced conference speaker in English and Brazilian Portuguese, with previous talks accepted at Black Hat, BSides San Francisco, FIRST Conference and local Latin American conferences.

Twitter: @AlexandreSieira

Description:
AWS is a very complex and ever-changing platform, which presents a challenge to defenders and an opportunity for attackers. Among some of the most complex and powerful features of AWS is its IAM functionality, which allows for very granular control but is famously complex to learn and set up.

One the features of access control in AWS is that AWS accounts are a self-contained unit of processing, storage and access control. Given how AWS itself recommends segregation across accounts as a best practice, and the fact that many SaaS vendors request access to their customers' accounts in order to perform their services, this presents a challenge.

In this talk we will present in detail the policy-fu needed in order to securely allow principals from one account to perform actions on another, both inside different accounts in an organization but especially from the perspective of a SaaS provider that needs to access hundreds or thousands of customer accounts. Existing research on defenses and possible attacks will be presented and demonstrated to illustrate the concepts.

SaaS vendors like ""single pane of glass"" offerings, multi-cloud solutions and CSPM offerings are huge concentrators of risk since they have access to potentially thousands of customer AWS accounts. By exploring how this access can be uniquely secured due to capabilities only AWS provides and how vendors can fail at this we hope to allow attendees to better understand the risks of using these services, and also help service providers mitigate them.

YouTube: https://www.youtube.com/watch?v=gwBG_oKDINQ

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520

Return to Index - Add to

- ics Calendar file

DCG - Saturday - 13:15-13:59 PDT

Title: Saving Yourself from Microsoft: It's by design
When: Saturday, Aug 8, 13:15 - 13:59 PDT
Where: DEF CON Groups

Description:
Presentation by DC858 (San Diego, California, USA)

All DEF CON Groups presentations are happening in AltSpace.

AltSpace: https://account.altvr.com/events/1520704529866162594

Listen @ #dcg-stage-voice: https://discord.com/channels/708208267699945503/740428852999880704

Interact @ #dcg-stage-text: https://discord.com/channels/708208267699945503/710379858429083698

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 06:00-15:59 PDT

Title: SEATF: Maritime Hacking CTF
When: Saturday, Aug 8, 06:00 - 15:59 PDT
Where: See Description or Village

Description:
Fathom5’s Maritime-Industrial CTF event allows competitors to gain hands-on experience hacking real maritime hardware in a controlled environment using Fathom5’s Grace maritime cybersecurity testbed. Grace is an accessible, realistic configuration of maritime systems where competitors complete challenges in a simulated afloat environment, with real ICS components and fieldbus protocols. The Grace testbed replicates a series of different maritime-industrial environments, including navigation, fire main, and hydraulic steering systems. The testbed makes both physical and simulated components available to competitors in order to replicate performance of maritime systems at lifelike scale. The CTF challenges scale from novice to expert-level on both IT and OT fronts such that competitors can gain experience on either side of the system. This CTF event has been deployed at DEFCON 27 (Aug 2019) as part of the Hack The Sea Village v1.0 and at HACKtheMACHINE-NYC (Sept 2019). It is also planned for to be deployed at DEFC ON 28 and HACKtheMACHINE- Atlanta in Aug 2020. This CTF can support approximately 20 teams of 3-5 individuals concurrently and typically takes 14 hours for skilled teams to navigate the challenges. The number of teams, size of teams, and depth of challenges can be adjusted to fit within host event timelines.

Forum: https://forum.defcon.org/node/233012

Discord: https://discord.com/channels/708208267699945503/711644244753776640

Return to Index - Add to

- ics Calendar file

BCV - Saturday - 12:00-12:59 PDT

Title: Securing the COSMOS: How to operate and secure a validator
When: Saturday, Aug 8, 12:00 - 12:59 PDT
Where: Blockchain Vlg

SpeakerBio:Ron Stoner
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

HRV - Saturday - 10:00-10:59 PDT

Title: Single Board Computers in Amateur Radio
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: Ham Radio Vlg

Description:
Have you ever tried Raspberry Pi and Ham together? It's a surprisingly good combination. In this talk, learn about how Raspberry Pis (and other single-board computers) play with ham radio.

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991

Return to Index - Add to

- ics Calendar file

ENT - Saturday - 21:00-21:59 PDT

Title: Skittish & Bus
When: Saturday, Aug 8, 21:00 - 21:59 PDT
Where: See Description or Village

Description:
Married DJ/Producer duo,¬† and hosts of underground dance music show Sonic Electronic.

@skittishandbus on instagram/twitter/facebook/soundcloud/mixcloud

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Web: https://www.social-engineer.org/sevillage-def-con/the-sectf4teens/

Twitter: https://twitter.com/skittishandbus

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Social Engineer SECTF4Teens
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231051

Discord: https://discord.com/channels/708208267699945503/726609125760434176

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 10:00-13:59 PDT

Title: SOHOpelessly Broken CTF
When: Saturday, Aug 8, 10:00 - 13:59 PDT
Where: See Description or Village

Description:
In this 3 time DEF CON Black Badge CTF hosted in IoT Village, players compete against one another by exploiting off-the-shelf IoT devices. These 25+ devices all have known vulnerabilities, but to successfully exploit these devices requires lateral thinking, knowledge of networking, and competency in exploit development. CTFs are a great experience to learn more about security and test your skills, so join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can during the con and the top three teams will be rewarded.

Forum: https://forum.defcon.org/node/232897

Discord: https://discord.com/channels/708208267699945503/711644307597164665

Twitter: https://twitter.com/IoTvillage

Web: https://www.iotvillage.org/#yolo

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 21:30-22:30 PDT

Title: Sounds Legit: Why you shouldn't trust that speaker
When: Saturday, Aug 8, 21:30 - 22:30 PDT
Where: Red Team Vlg
Speakers:Luis Ángel Ramírez Mendoza (@larm182luis),Mauro Cáseres

SpeakerBio:Luis Ángel Ramírez Mendoza (@larm182luis)
Luis Ángel Ramírez Mendoza (@larm182luis) is a colombian electronic engineer, hacker and speaker. He spoke at DragonJAR Colombia (Biggest hacking spanish speaking conference in LATAM) and is currently working as a Cybersecurity and Artificial Intelligence Professor at University of Guajira in Colombia.
Twitter: @larm182luis

SpeakerBio:Mauro Cáseres
Mauro Cáseres (@mauroeldritch) is an argentine hacker and speaker. He spoke at DEF CON 26 Las Vegas (Recon & Data Duplication Villages), DevFest Siberia, DragonJAR Colombia, Roadsec Brasil, and DC7831 Nizhny Novgorod. Currently working as SecOps for the Argentine Ministry of Production.
Twitter: @mauroeldritch

Description:
BadUSB devices are popular worldwide, and almost no one ignores their nature: an object with a USB connection (usually a pendrive) connects to a computer and tells it "I am a keyboard", proceeding to send ("type") arbitrary commands, usually malicious. In this talk we have decided to go beyond the classic concept of a malicious pendrive. We use a set of classic USB speakers from a well-known brand available worldwide, which we disassemble to add our own hardware modification. This modification, which consists of cheap parts that can be acquired worldwide, makes this set of speakers an unprecedented local and remote attack vector: a device that looks and functions as a speaker, but is capable of acting as a keyboard, exfiltrate information, and use a SIM card to receive remote commands by telephone to leak information. When connected, the speaker passively waits for a phone call to its internal SIM from a specific number. Upon receiving it, launches a payload against the computer to which it was connected, allowing the attacker to obtain a shell. Now then, what would happen if someone left this speaker in its original box in a corner of an office? What would happen if someone connected this innocent device to their work terminal? Well, it is a speaker after all. And it definitely sounds legit...

Red Team Village events will be streamed to YouTube and Twitch.

Web: https://www.bc-security.org/post/an-introduction-to-starkiller

Return to Index - Add to

- ics Calendar file

HTS - Saturday - 10:00-10:59 PDT

Title: Speed 2: The Poseidon Adventure – When Cruise Ships Go Wrong
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: Hack the Sea Vlg

SpeakerBio:Andrew Tierney
No BIO available

Description:No Description available

Hack the Sea Village activities will be streamed to Twitch.

Twitch: https://twitch.tv/hackthesea

Return to Index - Add to

- ics Calendar file

DL - Saturday - 10:00-11:50 PDT

Title: Starkiller
When: Saturday, Aug 8, 10:00 - 11:50 PDT
Where: See Description or Village

SpeakerBio:Vincent “Vinnybod” Rose
Vincent "Vinnybod" Rose is a software engineer with experience in cloud services. He has a decade of experience in software development and networking. Recently, his focus has been on building ad-serving technologies, web and server-side applications. He is the lead developer for Starkiller, the graphical user interface for the Empire framework.

Description:
The ultimate goal for any security team is to increase resiliency within an organization and adapt to the modern threat. Starkiller aims to provide red teams with a platform to emulate Advanced Persistent Threat (APT) tactics. Starkiller is a frontend for the post-exploitation framework, PowerShell Empire, which incorporates a multi-user GUI application that interfaces with a remote Command and Control (C2) server. Empire is powered by Python 3 and PowerShell and includes many widely used offensive security tools for Windows, Linux, and macOS exploitation. The framework's flexibility to easily incorporate new modules allows for a single solution for red team operations. Both red and blue teams can utilize Starkiller to emulate and defend against the most used APT attack vectors.

Audience: Offense, Defense

Interact @ #dl-rose-starkiller-text: https://discord.com/channels/708208267699945503/730256356292165682

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Forum: https://forum.defcon.org/node/233126

Return to Index - Add to

- ics Calendar file

IOT - Saturday - 18:00-18:45 PDT

Title: Stepped on a Nail
When: Saturday, Aug 8, 18:00 - 18:45 PDT
Where: IOT Vlg

SpeakerBio:Matthew Byrdwell
Matthew Byrdwell ("Nerdwell") is passionate about securing the Internet and helping others achieve their infosec career goals. He's been building and breaking IT systems for 20 years and currently works in Critical Infrastructure Protection. He enjoys doing cybersecurity research, both independently and through bug bounty programs, and contributes to the community as a Bugcrowd Ambassador.

Description:
It was a crisp October evening as Nerdwell walked the streets of the Internet looking for juicy bugs. Suddenly, his attention was drawn to something that he could not ignore. ""Is that memory?"" He thought to himself, ""it sure is ... a whole heap of it!""

In this talk, Nerdwell will share the story of how a chance observation, along with healthy doses of curiosity and persistence, ultimately led to a high severity finding of unauthenticated remote memory disclosure in the Mitel MiVoice 6800 and 6900 series SIP Phones. Nerdwell will take us through the technical details of CVE-2020-13617 and demonstrate exploitation. He'll then share some of the insights gained along the way, including:

Unexpected benefits of the emerging bug bounty industry upon IoT security in general;
The roles of curiosity and creativity in the hacker's mindset, and how these traits influence security research; and
Ways to use open source tools, like Shodan.io and GitHub, to select IoT devices for further research.

The talk will close with suggestions for future research and tips for new researchers looking to break into the field of IoT hacking.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

ENT - Saturday - 23:00-23:59 PDT

Title: Subxian
When: Saturday, Aug 8, 23:00 - 23:59 PDT
Where: See Description or Village

Description:
LA/Seattle Underground Music 1997-present. DEF CON SoundGuy. Moontribe collective. So,many parties and so much good music made me picky but I love halftime beats! Twice as much opportunity for intricate layers!

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Return to Index - Add to

- ics Calendar file

ETV - Saturday - 16:30-17:40 PDT

Title: TechCongress
When: Saturday, Aug 8, 16:30 - 17:40 PDT
Where: Ethics Vlg

SpeakerBio:Leisel Bogan
No BIO available

Description:
This will be a 40-minute pre-recorded talk, followed by a 30-minute live Q&A session.

Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 00:00-23:59 PDT

Title: TeleChallenge
When: Saturday, Aug 8, 00:00 - 23:59 PDT
Where: See Description or Village

Description:
It’s Election 2020! The national vote-by-phone polls are about to open and it’s a knock down, drag-out battle of political wits between Presidential candidates Michael Key and Founder Jack Carson, VC. DEF CON hackers, team up and take to the phones: lie, cheat, and steal your way to the ultimate victory. Every hacker vote counts—so vote early and often!

Forum: https://forum.defcon.org/node/231949

Discord: https://discord.com/channels/708208267699945503/711644470063399012

Twitter: https://twitter.com/TeleChallenge

Web: https://telechallenge.org

Return to Index - Add to

- ics Calendar file

ENT - Saturday - 18:00-18:59 PDT

Title: tense future
When: Saturday, Aug 8, 18:00 - 18:59 PDT
Where: See Description or Village

Description:
Los Angeles, CA. Trapped in an autonomous car during a solar flare. Anxiety attack over spying home appliances that tip their hand. General AI caretaker grappling over competing logical fallacies. Dark techno sounds from the tense future that was once distant.

Discord: https://discord.com/channels/708208267699945503/735624334302904350

Soundcloud: https://soundcloud.com/tensefuture

Twitter: https://twitter.com/tensefutur3

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 14:15-14:59 PDT

Title: The Art of Balancing: A Burnout Talk
When: Saturday, Aug 8, 14:15 - 14:59 PDT
Where: Red Team Vlg

SpeakerBio:Chloé Messdaghi
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.

Description:
Mental health is an ongoing issue within infosec before and during COVID-19. There's a fine balance between hacking and personal life. Majority of the time, they cross over. This talk shares an overview of the warning signs, symptoms, and practices to prevent burnout and how to deal with burnout to keep balanced.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 13:30-13:59 PDT

Title: The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections
When: Saturday, Aug 8, 13:30 - 13:59 PDT
Where: Voting Vlg

SpeakerBio:Michael A. Specter , EECS PhD Candidate, Massachusetts Institute of Technology (MIT)
No BIO available

Description:
In the 2018 midterm elections, West Virginia became the first state in the U.S. to allow select voters to cast their ballot on a mobile phone via a proprietary app called “Voatz.” Although there was no public formal description of Voatz's security model, the company claimed that election security and integrity were maintained through the use of a permissioned blockchain, biometrics, a mixnet, and hardware-backed key storage modules on the user's device. In this work, we present the first public security analysis of Voatz, based on a reverse engineering of their Android application and the minimal available documentation. We performed a cleanroom reimplementation of Voatz's server and present an analysis of the election process as visible from the app itself.

We find that Voatz has vulnerabilities that allow different kinds of adversaries to alter, stop, or expose a user's vote, including a sidechannel attack in which a completely passive network adversary can recover a user's secret ballot. We additionally find that Voatz has a number of privacy issues stemming from their use of third party services for crucial app functionality. Our findings serve as a concrete illustration of the common wisdom against Internet voting, and of the importance of transparency to the legitimacy of elections.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

ASV - Saturday - 12:00-12:45 PDT

Title: The DevOps & Agile Security Toolkit
When: Saturday, Aug 8, 12:00 - 12:45 PDT
Where: AppSec Vlg

SpeakerBio:David Waldrop
No BIO available

Description:
The DevOps & Agile Security Toolkit - In this talk, we will look at integrating security into Agile and DevOps. We will discuss strategies, training, tools, and techniques that will let your organization move quickly while doing so safely.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

IOT - Saturday - 14:30-15:20 PDT

Title: The future of IoT Security “Baselines,” Standards, and Regulatory Domain
When: Saturday, Aug 8, 14:30 - 15:20 PDT
Where: IOT Vlg
Speakers:Amit Elazari,Anahit Tarkhanyan

SpeakerBio:Amit Elazari
Dr. Amit Elazari is a Director, Global Cybersecurity Policy at Intel Corporation and a Lecturer at UC Berkeley’s School of Information Master in Information and Cybersecurity. She holds a Doctoral Degree in the Law (J.S.D.) from UC Berkeley School of Law and graduated summa cum laude three prior degrees. Her research in information security law and policy has appeared in leading technology law and computer science journals, presented at conferences such as RSA, Black Hat, USENIX Enigma, USENIX Security, BsidesLV, BsidesSF and DEF CON Villages, and featured at leading news sites such as The Wall Street Journal, The Washington Post and the New York Times. In 2018, she received a Center for Long Term Cybersecurity grant for her work on private ordering regulating information security, exploring safe harbors for security researchers. She practiced law in Israel.

SpeakerBio:Anahit Tarkhanyan
Anahit Tarkhanyan is Platform Architect at Intel and leads IoT hardware-based security product architecture. She joined Intel in 2011 and has over 20 years of industry experience delivering security solutions to the market. Her area of expertise covers silicon-based Edge to Cloud systems security and AI/ML protection. Anahit is a recognized contributor to Intel’s hardware security and a trusted advisor for ecosystem partners. She has PhD in Distributed Computer Systems and Networks, holds several patents, and has publications in diverse security technology areas.

Description:
Security is one of the most dynamic and impactful landscapes in the regulatory sphere. Proposed initiatives and standards in IoT security specifically, are shaping the industry at a fast pace and on a global scale. With the potential for marked impact to the researcher community, this evolving landscape also serves as an opportunity for technology innovation and collaboration. This talk, a joint presentation from policy expert, Dr. Amit Elazari, and IoT platform architect, Anahit Tarkhanyan, will introduce the audience to a variety of regulatory concepts and baseline proposals shaping the future of IoT security. They’ll focus on recent trends including: NISTIR 8259, C2, international standards, supply chain transparency, researchers’ collaboration, proposed legislation, Coordinated Vulnerability Disclosure, and the innovative, technical capabilities that can support and enhance development from the foundation up.

IOT Village activities will be streamed to Twitch.

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: The Gold Bug – Crypto and Privacy Village Puzzle
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go.

The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too! PELCGBTENCUL VF UNEQ

Forum: https://forum.defcon.org/node/232942

Discord: https://discord.com/channels/708208267699945503/711644108837486602

Twitter: https://twitter.com/CryptoVillage

Web: https://goldbug.cryptovillage.org/

Return to Index - Add to

- ics Calendar file

CRV - Saturday - 11:00-11:59 PDT

Title: The Individual Contributor to Tech Executive, or There and Back Again
When: Saturday, Aug 8, 11:00 - 11:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Amelie Koran
No BIO available

Description:
It’s common perceived expectation that you’re expected to move from an individual contributor on a team to eventually a senior leadership role, if given time an interest, but what works for somebody else may not work for you based on interests, changes in career demands, as well as life in general. Following a similar role, I’d like to impart how, like the Hobbit’s journey, explore, adventure and challenges will forge a life you can be proud of and be able to live to tell the tale.

Audience: This presentation is geared towards all levels of attendees, entry to senior-level professionals. It’s a discussion on the journey, a “lessons learned” but also novel perspectives given experiences in multiple roles and industries, both private and public sectors. Also, as an LGBTQ+ community member, I will offer a rather unique perspective on the challenge of career development and advancement within multiple “ceilings”.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: The Schemaverse Championship
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The Schemaverse [skee-muh vurs] is a space battleground that lives inside a PostgreSQL database. Mine the hell out of resources and build up your fleet of ships, all while trying to protect your home planet. Once you're ready, head out and conquer the map from other DEF CON rivals.

This unique game gives you direct access to the database that governs the rules. Write SQL queries directly by connecting with any supported PostgreSQL client or use your favourite language to write AI that plays on your behalf. This is DEF CON of course so start working on your SQL Injections - anything goes!

Forum: https://forum.defcon.org/node/233021

Discord: https://discord.com/channels/708208267699945503/711644182116040784

Twitter: https://twitter.com/schemaverse

Web: https://schemaverse.com

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 12:45-13:45 PDT

Title: The Student Roadmap to Becoming A Penetration Tester
When: Saturday, Aug 8, 12:45 - 13:45 PDT
Where: Red Team Vlg

SpeakerBio:Jonathan Helmus
Jonathan Helmus - Security engineer and educator who has been working in engineering, security, and information technology for 10 years. Specializations in Penetration Testing, Threat and Adversarial Assessments, Vulnerability Management, Cloud Technology (AWS), and experience as a Technical Educator and University Level Professor.

Description:
This presentation will go through various steps on how students can bridge the gap between academia and becoming a penetration tester. This will include a breakdown of certifications to get, career fields to take on before getting in the industry, what to expect, and speed bumps and road blocks that students can expect to see in their journey.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

PHVT - Saturday - 10:00-10:59 PDT

Title: The Vulnerability That Gmail Overlooked and Enabling Threat Hunting
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: Packet Hacking Vlg - Talk

SpeakerBio:Özkan Mustafa Akkus , Vulnerability Researcher and Penetration Testing Expert, Barikat Cyber Security
Ozkan (Twitter: @ehakkus) is a vulnerability researcher and penetration testing expert in Turkey. While studying sports sciences and technologies, he decided to leave the University and step into the world of Cyber Security. His purpose is to provide added value to the world of cyber security through the training he has given and the research he has conducted. Ozkan publish security vulnerabilities on international platforms that he has discovered. He shares his experiences and works on his personal blog https://www.pentest.com.tr. Ozkan also has many internationally recognized certificates such as OSWE, OSCE, OSCP, OSWP, CEH, CCNA, TSE-STU. He gave trainings and presentations in many universities and institutions in his country. In addition to these studies, He gave the presentation of "0day Hunting and RCE Exploitation in Web Applications" in AppSec Village at Defcon 27.
Twitter: @ehakkus

Description:
The use and working logic of the SMTP protocol is very simple, but it poses different threats. Large e-mail infrastructures such as Gmail can forget important and critical points that may threaten the security of people while using this protocol. By explaining this primitive structure of the SMTP protocol, we will examine the vulnerability that I discovered in Gmail. We will also do live examples.

YouTube: http://youtube.com/wallofsheep

Twitch: http://twitch.tv/wallofsheep

Facebook: http://facebook.com/wallofsheep/

Periscope: https://t.co/gnl7JLlftA?amp=1

Return to Index - Add to

- ics Calendar file

PHVT - Saturday - 13:00-13:59 PDT

Title: The Worst Mobile Apps
When: Saturday, Aug 8, 13:00 - 13:59 PDT
Where: Packet Hacking Vlg - Talk

SpeakerBio:Sam Bowne , Founder, Infosec Decoded Inc.; Instructor, City College San Francisco
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.

Credentials: PhD, CISSP, DEF CON Black Badge Co-Winner

Twitter: @sambowne

Description:
I've audited hundreds of Android apps and now, thanks to the Checkra1n jailbreak, iOS apps as well. Many of these apps have security flaws such as exposing passwords on the phone or in network traffic, but a few of them are spectacularly insecure, exposing the entire user database to every user. I will explain how to perform simple tests to detect such errors and demonstrate them with live apps on both Android and iOS devices. Don't let this happen to your app!

YouTube: http://youtube.com/wallofsheep

Twitch: http://twitch.tv/wallofsheep

Facebook: http://facebook.com/wallofsheep/

Periscope: https://t.co/gnl7JLlftA?amp=1

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 14:00-14:59 PDT

Title: Ticketing To Takeoff: An Airport Hacking Choose Your Own Adventure
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: Aerospace Vlg

SpeakerBio:Liz Wharton
Liz, a technology-focused business and public policy attorney, has advised researchers, startups, and policymakers at the federal, state, and local level. Currently SCYTHE’s Chief of Staff, she was the World’s Busiest Airport’s technology attorney and hosted the Buzz Off with Lawyer Liz podcast.

Description:
Check-in software glitches, payment system data breaches, gate signage ransomware attacks... Airports are an interconnected, mini-smart city of retail, dining, infrastructure, and transportation logistics operated by a hodgepodge of business interests + federal, state, and local entities and agencies. Join an interactive adventure as a passenger navigating the airport to catch a flight before hackers cause chaos, highlighting security pitfalls and risks all based on publicly disclosed incidents.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.

Discord: https://discord.com/channels/708208267699945503/732394164209057793

Return to Index - Add to

- ics Calendar file

BHV - Saturday - 14:45-15:15 PDT

Title: Towards an Institutional Review Board for Biohackers
When: Saturday, Aug 8, 14:45 - 15:15 PDT
Where: BioHacking Vlg

SpeakerBio:Dr. Sarah Blossom Ware
Dr. Sarah Blossom Ware is Founder of BioBlaze Community Bio Lab in West Chicago, Illinois. She also teaches biology, humanities and writing at the university level. Sarah strives to bridge gaps between traditional scientists/members of regulatory agencies and non-traditional scientists/biohackers.

Description:
Institutional Review Boards (IRBs) are groups that examine research plans of fellow members by applying community standards to that research. IRBs help researchers consider rigorous methodology, ethics and safety and the protection of vulnerable populations of people or animals. IRB approval is required by the FDA before human clinical trials can begin. People who serve on IRBs include general community members, researchers, bioethicists, physicians, clinicians, lawyers and members of regulatory agencies. Traditional research corporations and universities have internal IRBs, but external independent IRBs do also already exist. However, it is usually very expensive to hire an independent IRB, so most non-traditional scientists cannot afford it. This creates a major hindrance to bringing innovative human health related solutions to the general public. There has recently been a small grassroots push in the biohacking community to try to create an independent IRB for the biohacking community to help bridge this gap.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/

Return to Index - Add to

- ics Calendar file

BTVW1 - Saturday - 12:00-13:30 PDT

Title: Tracer FIRE 9 (Intermediate)
When: Saturday, Aug 8, 12:00 - 13:30 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Andrew Chu
I am a senior undergraduate student working towards a B.S. in Computer Science at Purdue University. I’ve also worked as a year round R&D intern at Sandia National Laboratories for ~6 years, doing work on topics such as web exploitation, network virtualization, and malware classification.

Description:
Tracer FIRE 9 (Forensic Incident Response Exercise) is a team-oriented, CTF-style exercise in which participants develop forensic incident response skills through a virtual simulated environment. It aims to provide a target rich setting for practicing forensic techniques, and utilizes malware from real-world APT campaigns to bridge the gap between reality, and a synthetic task context. At the end of the exercise, participants will have had the chance to interact with various forensic tools and files widely encountered in actual Blue Team operations, and will additionally be exposed to invaluable reflection on potential attack matrices used in exploitation.

Tracer FIRE (Forensic Incident Response Exercise) is a combined simulation and live exercise program developed by Sandia National Laboratories to help cyber security incident responders, analysts, and operators become proficient in critical skill areas. These exercises simulate various events such as attacks, emergencies, and disruptions to critical infrastructure. Participants in this latest Tracer FIRE scenario are hired by the electric skateboard company, WheelByte, to investigate a series of cyber attacks resulting in exfiltration of company data, degradation of service, and damage to consumer confidence. Provided with a set of artifacts spanning raw email sessions, network packet captures, disk images, and memory images, participants conduct analysis to advance their investigation. Tools such as Security Onion and Ghidra are then used to parse said artifacts, yielding intriguing findings which may then be merged for development of an overarching view of the scenario. Through such means, participants can gain understanding of potential approaches for emerging cybersecurity issues.

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

PAYV - Saturday - 12:00-12:59 PDT

Title: Trends in the online card payment security
When: Saturday, Aug 8, 12:00 - 12:59 PDT
Where: Payment Vlg

SpeakerBio:Dr Mohammed Aamir Ali
Mohammed (Mo) Ali is currently the global head for digital development GCO at Boehringer Ingelheim Pharmaceuticals. Prior to this role he served as a Director within the R&D Operations and Innovations group at J&J Pharmaceuticals and also as one of the first founding members of the digital development group and Strategic Program Office at Novartis, responsible for several "E" initiatives within Digital Health. These programs aim to serve the needs of patients by creating a digital footprint and platform which would assist in the overall delivery and enrichment of their experience.

Description:
Ever since the world-wide web emerged in the early nineties we have seen dramatic changes in how we pay, including the proliferation of online card payments, the introduction of mobile and contactless payment as well as the rise of bitcoin. Security is a key concern in the design and use of these payment methods, but these cannot be understood without also considering legacy issues, usability concerns and business incentives.

In this talk, I will start from the fundamentals of the online card payment system, its types and will also expand on the security features of each type. I’ll then discuss the inherent vulnerabilities of the system, the competing incentives of the many parties that are involved in payment and the role of PCI DSS and other approaches to resolve security challenges. This talk exposes attendees to the relevant industrial standards and approaches, introduces some cutting-edge research outcomes, and provides insight in the many competing concerns that impact on the online card payment security.

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q

Return to Index - Add to

- ics Calendar file

MOV - Saturday - 16:00-16:30 PDT

Title: Tricky Bundles: Smarter Dependency Management for I2P-Bundling Applications
When: Saturday, Aug 8, 16:00 - 16:30 PDT
Where: Monero Vlg

SpeakerBio:idk
No BIO available

Description:
We will explore the use of I2P distributions like Monero's own i2p-zero and how they can be used to create and distribute I2P applications that use I2P for networking in non-JVM languages, best practices for creating a tricky bundle, and how tricky bundles can help bridge the gaps between I2P and the applications that it can adapt. As part of this, we will examine the structure of I2P from a non-I2P developer's perspective, and explore it's relationships to the applications that use it with examples from the Java distribution and with third-party applications that use SAM.

Monero Village activities will be streamed to Twitch and YouTube.

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676

Return to Index - Add to

- ics Calendar file

RCV - Saturday - 10:00-10:30 PDT

Title: Twitter Word Phrequency
When: Saturday, Aug 8, 10:00 - 10:30 PDT
Where: Recon Vlg

SpeakerBio:Master Chen
No BIO available

Description:
What you say can hurt you, but how? In this talk, I will take a deep dive into Twitter Word Phrequency analysis and the implications of the resulting data. I will cover data acquisition, curation, analysis, weaponization, and maybe even profit. What is revealed by everyday social media engagent? Predictive speech? Password lists? Automated trolling? Let's find out!

Recon Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/c/ReconVillage

#rv-talks-text: https://discord.com/channels/708208267699945503/737048009732522014

Return to Index - Add to

- ics Calendar file

BCV - Saturday - 10:10-10:59 PDT

Title: Twitter’s Tax Day Disaster: The Beginning (and End) of Mainstream Crypto Scams
When: Saturday, Aug 8, 10:10 - 10:59 PDT
Where: Blockchain Vlg

SpeakerBio:Victor Fang
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Web: https://discover.securecodewarrior.com/DEFCON28-tournament.html

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 00:00-23:59 PDT

Title: ULTIMATE Secure Coding Throwdown (Secure Code Warrior)
When: Saturday, Aug 8, 00:00 - 23:59 PDT
Where: See Description or Village

Description:
Are. You. Ready? Head to the AppSec battlefield and prove that you are the ultimate secure coding champion. Go head-to-head with your peers as you test your web application security knowledge of the OWASP Top 10. Strut your skills. Crush the competition. Score excellent prizes and take home the title of Secure Code Warrior!

Players will be presented with a series of vulnerable code challenges that will ask them to identify the problem, locate the insecure code, and fix the vulnerability. Select from a range of software languages to complete the tournament, including Java EE, Java Spring, C MVC, C WebForms, Ruby on Rails, Python Django, Scala Play & Node.JS. It’s gamified, it’s relevant, but most of all - it’s fun.

Watch as you earn points and climb to the top of the real-time leaderboard during the event. Prizes will be awarded to the top 3 point scorers, with one security superhero being crowned the ultimate Secure Code Warrior. Will it be you?

Psst: Want to test your secure coding skills at your own pace, without the competition? You’re welcome to come along and join the fun

Forum: https://forum.defcon.org/node/232898

Discord: https://discord.com/channels/708208267699945503/741327638815309984

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 15:00-15:30 PDT

Title: Understanding Cyber-Attacks and Their Implications to Democratic Regimes
When: Saturday, Aug 8, 15:00 - 15:30 PDT
Where: Voting Vlg

SpeakerBio:Javier F. Patiño García , MPP Candidate, University of Chicago Harris School of Public Policy
No BIO available

Description:
Cyber-security experts have documented how authoritarian regimes attacked the US voting infrastructure or how this type of governments stole information from American companies. This evidence suggests that authoritarian regimes are more likely to conduct cyber-attacks than democratic ones. The purpose of this research is to prove this hypothesis. With information from the Center for Strategic and International Studies (CSIS), this research provides a descriptive analysis of the Significant Cyber Incidents that occurred worldwide from 2006 to 2019. To prove the former hypothesis, this research shows the results from panel data models with random and fixed effects, which provide evidence that confirms this hypothesis: authoritarian regimes are more likely to commit cyber-attacks than democratic states. However, there is no evidence to sustain that democracies are more likely to be attacked than authoritarian regimes. In otherwords, all regimes are subject to cyber-attacks.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 09:00-12:30 PDT

Title: Understanding Space Through a CyberSecurity Lens
When: Saturday, Aug 8, 09:00 - 12:30 PDT
Where: Aerospace Vlg Workshop

Description:
This exciting, fast-paced course delivers the "big picture" of space missions from cradle to grave. Understanding Space is the ideal course for technical or non-technical professionals new to the space industry or who need a refresher on the fundamentals.

Learning outcomes will be:
- Gain Core Space Knowledge
- Comprehend space mission Capabilities, Trade-offs and Limitations - Apply Space Concepts to real-world problems - Analyze Typical Space Problems
- Synthesize concepts to Design a Space Mission - Evaluate basic technical and programmatic space issues

This will be a half-day course instead of the normal 2-day course.

Return to Index - Add to

- ics Calendar file

AEV - Saturday - 13:30-16:59 PDT

Title: Understanding Space Through a CyberSecurity Lens
When: Saturday, Aug 8, 13:30 - 16:59 PDT
Where: Aerospace Vlg Workshop

Description:
This exciting, fast-paced course delivers the "big picture" of space missions from cradle to grave. Understanding Space is the ideal course for technical or non-technical professionals new to the space industry or who need a refresher on the fundamentals.

This will be a half-day course instead of the normal 2-day course.

Return to Index - Add to

- ics Calendar file

DCG - Saturday - 14:00-14:59 PDT

Title: Understanding the Threat: Malicious Software, Malicious Actors, and the Promise of Connected Medical Technology
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: DEF CON Groups

Description:
Presentation by DC858 (San Diego, California, USA)

All DEF CON Groups presentations are happening in AltSpace.

AltSpace: https://account.altvr.com/events/1520704529866162594

Listen @ #dcg-stage-voice: https://discord.com/channels/708208267699945503/740428852999880704

Interact @ #dcg-stage-text: https://discord.com/channels/708208267699945503/710379858429083698

Return to Index - Add to

- ics Calendar file

CRV - Saturday - 14:00-14:59 PDT

Title: Veteran Transition Tips
When: Saturday, Aug 8, 14:00 - 14:59 PDT
Where: Career Hacking Vlg

SpeakerBio:Bob Wheeler
No BIO available

Description:
There’s no shortage of advice out there for transitioning veteran job seekers – unfortunately much of the advice tends to be cookie cutter tips focusing on the most basic of topics. This program will help transitioning veterans in the cyber security industry understand the hiring landscape, highlight the difference between the recruiters who put you in the service and ones working to help you land that first job as a civilian, as well as how to leverage job board and job fairs, including virtual events. We’ll even put some special emphasis on how to really build your professional network and manage a your transition from different geographical locations.

Career Hacking Village activities can be watched on YouTube.

CHV YouTube: https://www.youtube.com/channel/UCxF_PpndJEoi4fsrQx6yuQw

Return to Index - Add to

- ics Calendar file

ICS - Saturday - 12:15-13:15 PDT

Title: Vivisecting PowerPC
When: Saturday, Aug 8, 12:15 - 13:15 PDT
Where: ICS Vlg
Speakers:ac0rn,atlas 0f d00m

SpeakerBio:ac0rn
No BIO available

SpeakerBio:atlas 0f d00m
No BIO available

Description:No Description available

ICS Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw

Return to Index - Add to

- ics Calendar file

ETV - Saturday - 12:00-14:10 PDT

Title: Vote @ Home Workshop
When: Saturday, Aug 8, 12:00 - 14:10 PDT
Where: Ethics Vlg

SpeakerBio:Andrea Matwyshyn
No BIO available

Description:
This will be a 40-minute pre-recorded talk, followed by a 30-minute live Q&A session.

Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 14:00-14:30 PDT

Title: Vote-from-home? Review of Election Security on Remote Voting in Response to COVID-19
When: Saturday, Aug 8, 14:00 - 14:30 PDT
Where: Voting Vlg

SpeakerBio:Sang-Oun Lee , Applied Data Fellow, International Innovation Corps, University of Chicago
No BIO available

Description:
This presentation poses a question on whether the remote voting by online or vote-by-mail is trustworthy under the COVID-19 pandemic situation. One of the worldwide efforts to contain thevirus was to work-from-home and restriction orders. Besides, because of the human contact is critical in the dissemination of the virus, possibilities of alternative methods of voting such as online voting, blockchain voting, vote-by-mail are proposed. In light of such a situation, the article proposes a framework to evaluate the election security of remote voting methods. Further, the article provides a case of best practice for election administration from the case of the Republic of Korea. Based off of the assessment results from the proposed evaluation framework, the article provides modest suggestions and policy implications to the election administrators.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

VMV - Saturday - 10:00-10:30 PDT

Title: War By Other Means: How Influence Operations Undermine Democracy
When: Saturday, Aug 8, 10:00 - 10:30 PDT
Where: Voting Vlg

SpeakerBio:Ben Dubow , CTO and President, Omelas
No BIO available

Description:
New tactics and capabilities in information warfare give authoritarians unprecedented power to "hack" the electorates. Our research on campaigns in Poland and Taiwan show the breadth and impact of operations against democracies around the world and what they foreshadow for the US Presidential election.

YouTube: https://www.youtube.com/watch?v=GTiltX4vwLA

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 22:45-23:59 PDT

Title: Weaponized XSS - Moving Beyond Alert(1)
When: Saturday, Aug 8, 22:45 - 23:59 PDT
Where: Red Team Vlg

SpeakerBio:Ray Doyle
No BIO available

Description:No Description available

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

ASV - Saturday - 10:00-10:59 PDT

Title: Web Shell Hunting - Part 1
When: Saturday, Aug 8, 10:00 - 10:59 PDT
Where: AppSec Vlg

SpeakerBio:Joe Schottman
No BIO available
Twitter: @JoeSchottman

Description:
Web shells 101.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A

Return to Index - Add to

- ics Calendar file

Title: Whispers Among the Stars: Perpetrating (and Preventing) Satellite Eavesdropping Attacks
When: Saturday, Aug 8, 10:30 - 10:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:James Pavur , DPhil Student, Oxford University
James Pavur is a Rhodes Scholar at Oxford University working on a DPhil in Cyber Security. His academic research is primarily on the threats to satellite systems with a focus on satellite communications and trustworthy spaceflight operations. Prior to Oxford, he majored in Science, Technology and International Affairs (STIA) at Georgetown University where he graduated with the School of Foreign Service Dean’s Medal (highest cumulative GPA) in 2017.

He has held numerous internships and professional positions related to information security. This included acting as Director of Information Security for Students of Georgetown Inc. (The Corp), a student run non-profit with more than 300 employees. He has also assisted with computer crimes investigations as an intern with the United States Postal Service Office of the Inspector General, worked on embedded systems reverse-engineering as an intern at Booz Allen Hamilton, and even pentested air-conditioners for the Public Buildings Services while working for Telos Corporation.

Outside of computers, James enjoys flying kites and collecting rare and interesting teas.

Twitter: @JamesPavur

Description:
Space is changing. The number of satellites in orbit will increase from around 2,000 today to more than 15,000 by 2030. This briefing provides a practical look at the considerations an attacker may take when targeting satellite broadband communications networks. Using $300 of widely available home television equipment I show that it is possible to intercept deeply sensitive data transmitted on satellite links by some of the world's largest organizations.

The talk follows a series of case studies looking at satellite communications affecting three domains: air, land, and sea. From home satellite broadband customers, to wind farms, to oil tankers and aircraft, I show how satellite eavesdroppers can threaten privacy and communications security. Beyond eavesdropping, I also discuss how, under certain conditions, this inexpensive hardware can be used to hijack active sessions over the satellite link.

The talk concludes by presenting new open source tools we have developed to help researchers seeking to improve satellite communications security and individual satellite customers looking to encrypt their traffic.

The talk assumes no background in satellite communications or cryptography but will be most interesting to researchers interested in tackling further unsolved security challenges in outer space.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 11:30-11:59 PDT

Title: Who needs spyware when you have COVID-19 apps? A look at global trends and what to do about it.
When: Saturday, Aug 8, 11:30 - 11:59 PDT
Where: Crypto & Privacy Vlg
Speakers:C. Nadal,J. DeBlois,M. DeBlois,Z. Anderson

SpeakerBio:C. Nadal
No BIO available

SpeakerBio:J. DeBlois
No BIO available

SpeakerBio:M. DeBlois
No BIO available

SpeakerBio:Z. Anderson
No BIO available

Description:
With the current pandemic, privacy concerns have emerged around the large number of applications being published and promoted around the globe. From symptom tracking to contact tracing, the COVID-19 App Tracker Project (https://covid19apptracker.org) aims to automate detection of new and modified applications published on the Google Play Store.

Our session will discuss C19 app trends around the globe, emerging concerns, and what is required for greater transparency around the applications created and data collected by governments around the world.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 20:00-21:59 PDT

Title: Whose Slide is It Anyway
When: Saturday, Aug 8, 20:00 - 21:59 PDT
Where: See Description or Village

Description:
"Whose Slide Is It Anyway?” is an unholy union of improv comedy, hacking and slide deck sado-masochism.

Our team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.

But....why?
Whether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.

Oh, and prizes. Lots and lots of prizes. Sign ups will be the day of the contest with some special ways to secure your spot early.

Forum: https://forum.defcon.org/node/232955

Discord: https://discord.com/channels/708208267699945503/711644337942822925

Return to Index - Add to

- ics Calendar file

CNE - Saturday - 09:00-17:59 PDT

Title: Wireless Capture the Flag
When: Saturday, Aug 8, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Do you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Wireless Capture the Flag (WCTF) at DEF CON.

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The WCTF can be completely done with a little knowledge, a pen tester’s determination, and $40 or $4000 worth of equipment; the key is to read the clues and determine the goal of each challenge.

Each WCTF event begins with a presentation: How to WCTF. There will be clues everywhere, and we will provide periodic updates. Make sure you pay attention to what’s happening at the WCTF desk, on Twitter https://twitter.com/wctf_us, https://twitter.com/rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer at our discretion.

Forum: https://forum.defcon.org/node/233017

Discord: https://discord.com/channels/708208267699945503/711644270976696380

Twitter: https://twitter.com/wctf_us

Web: https://wctf.us/

Return to Index - Add to

- ics Calendar file

BTVW2 - Saturday - 10:30-11:59 PDT

Title: Wireshark for Incident Response & Threat Hunting (Beginner)
When: Saturday, Aug 8, 10:30 - 11:59 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Michael Wylie , Director of Cybersecurity Services, Richey May Technology Solution
Michael Wylie (Twitter: @TheMikeWylie), MBA, CISSP is the Director of Cybersecurity Services at Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability assessments, cloud security, penetration tests, risk management, and training. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Universities, and for clients around the world. Michael is the winner of numerous SANS challenge coins and holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GMON, GPEN, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, and more.
Twitter: @TheMikeWylie

Description:
This workshop will take student’s Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and malicious network traffic analysis. We will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Placement, techniques, and collection of network traffic will be discussed in detail. Throughout the workshop, we’ll examine what different attacks and malware look like in Wireshark.

This workshop will take student’s Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and malicious network traffic analysis. We will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Placement, techniques, and collection of network traffic will be discussed in detail. Throughout the workshop, we’ll examine what different attacks and malware look like in Wireshark. Students will then have hands-on time in the lab to search for Indicators of Compromise (IOCs) and a potential breach to the network. There will be plenty of take home labs for additional practice.

Attendees will learn:
- How to build traffic specific Wireshark profiles - How to setup Wireshark for threat hunting - How to enrich packets with threat intel - How to identify IOCs in a sea of packets - How to tap networks and where to setup sensors - NSM techniques
- Techniques to quickly identify evil on a network

Students are provided with PCAPs of incidents starting with 8 packets and growing to 10,000+ packet captures where students need to build a timeline of a breach.

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index - Add to

- ics Calendar file

PHVW - Saturday - 13:00-14:59 PDT

Title: Wireshark for Incident Response & Threat Hunting
When: Saturday, Aug 8, 13:00 - 14:59 PDT
Where: Packet Hacking Vlg - Workshop

SpeakerBio:Michael Wylie , Director of Cybersecurity Services, Richey May Technology Solution
Michael Wylie (Twitter: @TheMikeWylie), MBA, CISSP is the Director of Cybersecurity Services at Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability assessments, cloud security, penetration tests, risk management, and training. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Universities, and for clients around the world. Michael is the winner of numerous SANS challenge coins and holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GMON, GPEN, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, and more.
Twitter: @TheMikeWylie

Description:
This workshop will take student's Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and malicious network traffic analysis. We will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Placement, techniques, and collection of network traffic will be discussed in detail. Throughout the workshop, we'll examine what different attacks and malware look like in Wireshark. Students will then have hands-on time in the lab to search for Indicators of Compromise (IOCs) and a potential breach to the network. There will be plenty of take home labs for additional practice.

This workshop requires registration. If you are registered, please proceed to #phv-infobooth-text and you'll be given access to join.

#phv-infobooth-text: https://discord.com/channels/708208267699945503/708242376883306526

Return to Index - Add to

- ics Calendar file

CPV - Saturday - 17:00-17:59 PDT

Title: Workshop: Let's Talk About Abusability Testing
When: Saturday, Aug 8, 17:00 - 17:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Avi Zajac,Franchesca Spektor,Ji Su Yoo,Nicole Chi

SpeakerBio:Avi Zajac
Avi (@_llzes, Avi/they/he) is a privacy-focused hacker and engineer. They love rabbits, cheesecake, and cute things like privacy and security, locksport, cryptography.
Twitter: @_llzes

SpeakerBio:Franchesca Spektor
Franky’s (@3llsaria, she/her) expertise is in ethical design practices around bioethics, disability & sexuality, and she previously served as a Lab Manager for the Disability Design Lab at UC Berkeley.

SpeakerBio:Ji Su Yoo
Ji Su (she/her) is a PhD at UC Berkeley’s School of Information and former researcher at the Harvard Data Privacy Lab, where she worked on security protocol and data privacy.

SpeakerBio:Nicole Chi
Nicole’s (@tinween, she/her) focus is on the “tech for good” space in its many forms, having worked in civic tech, nonprofit digital capacity building, tech policy, and ML ethics. Her strength is bridging connections and expertise across disciplines.
Twitter: @tinween

Description:
Are you concerned about how your products may be used for harm: intentionally or unintentionally? We will be covering the concept of abusability testing for platform abuse in this hybrid panel and workshop, with a clicker style method of interacting to foster deep understanding and participate in discussions on abusability testing. You’ll walk away with an understanding of abusability testing, join a community passionate about fighting platform abuse, and maybe walk away with actionable steps you can take to alleviate harm in your own products.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ

Return to Index - Add to

- ics Calendar file

PHVW - Saturday - 09:00-10:59 PDT

Title: Writing Wireshark Plugins for Security Analysis
When: Saturday, Aug 8, 09:00 - 10:59 PDT
Where: Packet Hacking Vlg - Workshop
Speakers:Jeswin Mathai,Nishant Sharma

SpeakerBio:Jeswin Mathai , Security Researcher, Pentester Academy
Jeswin Mathai (Twitter: @jeswinmathai) is a Researcher at Pentester Academy and Attack Defense. He has presented/published his work at DEF CON China, Blackhat Arsenal and Demo labs (DEFCON). He has a Bachelor's degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. He was also the part of team Pied Piper who won Smart India Hackathon 2017, a national level competition organized by GoI. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security and Web Application Security.
Twitter: @jeswinmathai

SpeakerBio:Nishant Sharma , R&D Manager, Pentester Academy
Nishant Sharma (Twitter: @wifisecguy) is an R&D Manager at Pentester Academy and Attack Defense. He is also the Architect at Hacker Arsenal where he leads the development of multiple gadgets for WiFi pentesting such as WiMonitor, WiNX and WiMini. He also handles technical content creation and moderation for Pentester Academy TV. He has 7+ years of experience in information security field including 5+ years in WiFi security research and development. He has presented/published his work at Blackhat USA/Asia, DEF CON China, Wireless Village, IoT village and Demo labs (DEFCON USA). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the state of art WiFi Intrusion Prevention System (WIPS). He has a Master's degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, AD security, Forensics and Cryptography.
Twitter: @wifisecguy

Description:
Network traffic always proves to be a gold mine when mined with proper tools. There are various open source and paid tools to analyze the traffic but most of them either have predefined functionality or scalability issues or one of a dozen other problems. And, in some cases when we are dealing with non-standard protocols, the analysis becomes more difficult. But, what if we can extend our favorite traffic analysis tool Wireshark to accommodate our requirements? As most people know, Wireshark supports custom plugins created in C and Lua which can be used to analyze or dissect the packets. In this workshop, we will learn the basics of Wireshark plugins and move on to create different types of plugins to perform dissection of non-standard protocol, provide macro statistics, detect attacks etc. We will use examples of older and newer protocols (including non-standard ones) to understand the plugin workflow and development.

This workshop requires registration. If you are registered, please proceed to #phv-infobooth-text and you'll be given access to join.

#phv-infobooth-text: https://discord.com/channels/708208267699945503/708242376883306526

Return to Index - Add to

- ics Calendar file

RTV - Saturday - 09:45-10:45 PDT

Title: Y'all Tryna Bypass Python 3.8 Audit Hooks or Nah?
When: Saturday, Aug 8, 09:45 - 10:45 PDT
Where: Red Team Vlg

SpeakerBio:Leron Gray
Leron Gray is a ten year Navy veteran and former NSA operator with six years of offensive security experience. He's currently works on the Azure Red Team at Microsoft, loves winning all the CTFs, and enjoys writing things in Python and Pythonic languages. Also a dope rapper. #BARS

Description:
Python 3.8, released October 2019, boasts a new security feature called “audit hooks”. According to PEP 578 and PEP 551, the purpose of audit hooking is to allow transparency into Python’s runtime so that events can be monitored and logged just like any other process. While additional insight is great for defenders, it's likely to become another hurdle for attackers to overcome in the same vein as PowerShell. Y'all tryna bypass these audit hooks or nah? Come through.

Red Team Village events will be streamed to YouTube and Twitch.

Return to Index - Add to

- ics Calendar file

IOT - Saturday - 10:00-10:45 PDT

Title: Your connected world isn't yours anymore! - Remote IoT attacks and data exfiltration.
When: Saturday, Aug 8, 10:00 - 10:45 PDT
Where: IOT Vlg
Speakers:Dewank Pant,Shruti Lohani

SpeakerBio:Dewank Pant
Dewank Pant is a Security Engineer working with NCC Group Inc. He graduated from and worked at Johns Hopkins University under the Information Security Track. He is skilled in IoT Security, Radio Hacking, Bot Development, and penetration testing. He has published several CVEs and holds 3+ years of work experience in the industry.

SpeakerBio:Shruti Lohani
Shruti Lohani is a Computer Scientist working in IoT Research & Development in the sectors of Energy, Petrochemical, Aerospace, Automotive, etc. at Nexess, France. She completed her M.Sc. from EURECOM, France and has 3 years of experience in the IoT domain. Her expertise in IoT application and security is not limited to Smart homes, autonomous vehicles, indoor/outdoor Geolocation.

Description:
From smart home devices to smart cars, IoT actually gave us our “connected world”, but maybe not a “Safe” one. Imagine all your smart devices on your home network being controlled by someone on the other side of the world, your smart TVs, smart lights, baby monitors, routers, printers, workspace surveillance cameras, and literally everything else!

This talk explores how the methods of manipulating domain name resolution can be used to exploit and remotely take over most of the connected devices in a private network. We will talk about how it can be used to scan a private network externally for IoT devices, and how it can put even private devices open to the public! We will cover some tools that can be used to takeover a device and exfiltrate the data of a victim under a minute with minimum user interaction. We demonstrate how the data can be exfiltrated and used to perform unwanted actions on the victim's devices from anywhere in the world.

We furthermore, talk about methods of prevention and best practices that a developer and product designer can consider to protect their devices against such attacks. So if you're a pentester or a developer we've got something for everyone!

IOT Village activities will be streamed to Twitch.