Talk/Event Schedule


Sunday


This Schedule is tentative and may be changed at any time. Check at an Info Booth for the latest.

 

Sunday - 01:00 PDT


Return to Index  -  Locations Legend
PWDV - Practical PCFG Password Cracking (Rebroadcast) - Matt Weir
RTV - PatrOwl - Red flavour of SOC automation - Nicolas MATTIOCCO

 

Sunday - 02:00 PDT


Return to Index  -  Locations Legend
RTV - (02:15-03:15 PDT) - Reviewing MS08-067, Illustration Of An Old Chapter - Etizaz Mohsin

 

Sunday - 03:00 PDT


Return to Index  -  Locations Legend
RTV - cont...(02:15-03:15 PDT) - Reviewing MS08-067, Illustration Of An Old Chapter - Etizaz Mohsin
RTV - (03:30-04:30 PDT) - RedTeamOps - Managing Red Team Infrastructure as a Red Teamer - Mert Can Coşkuner

 

Sunday - 04:00 PDT


Return to Index  -  Locations Legend
RTV - cont...(03:30-04:30 PDT) - RedTeamOps - Managing Red Team Infrastructure as a Red Teamer - Mert Can Coşkuner
RTV - (04:45-05:45 PDT) - From Discovery to Disclosure - Ibad Shah

 

Sunday - 05:00 PDT


Return to Index  -  Locations Legend
RTV - cont...(04:45-05:45 PDT) - From Discovery to Disclosure - Ibad Shah

 

Sunday - 06:00 PDT


Return to Index  -  Locations Legend
RTV - Hacking Zoom: a Hacker's Journey into Zoom Security - Mazin Ahmed

 

Sunday - 07:00 PDT


Return to Index  -  Locations Legend
RTV - (07:15-08:15 PDT) - PWN The World - Chris Kubecka

 

Sunday - 08:00 PDT


Return to Index  -  Locations Legend
AEV - (08:30-08:59 PDT) - Hacking Airplane Air To Ground (A2G) Systems - Ali Abdollahi
RTV - cont...(07:15-08:15 PDT) - PWN The World - Chris Kubecka
RTV - (08:30-09:30 PDT) - Autonomous Security Analysis and Penetration Testing (ASAP) - Ankur Chowdhary

 

Sunday - 09:00 PDT


Return to Index  -  Locations Legend
AEV - Hacking Aerospace Cybersecurity Regulation - Harley Geiger,Kaylin Trychon,Nicky Keeley
AIV - Detecting hand-crafted social engineering emails with a bleeding-edge neural language model - Younghoo Lee,Joshua Saxe
ASV - Threagile - Agile Threat Modeling with Open-Source Tools from within Your IDE - Christian Schneider
BTVW1 - Introduction to Malware Analysis & Response (MA&R) (Beginner) - Michael Wylie
DC - (09:30-09:59 PDT) - Evil Printer: How to Hack Windows Machines with Printing Protocol - Chuanda Ding,Zhipeng Huo
HHV - Learn to Solder the BadgeBuddy Kit - Joseph Long (hwbxr)
PHVW - Bad Active Directory (BAD) - Dhruv Verma,Michael Roberts,Xiang Wen Kuan
RTV - cont...(08:30-09:30 PDT) - Autonomous Security Analysis and Penetration Testing (ASAP) - Ankur Chowdhary
RTV - (09:45-10:45 PDT) - Kubernetes Goat - Vulnerable by Design Kubernetes Cluster Environment - Madhu Akula

 

Sunday - 10:00 PDT


Return to Index  -  Locations Legend
AEV - Trust And Truth In Space Situational Awareness - James Pavur
AEV - (10:30-10:59 PDT) - 747 Walkthrough From A Hacker's Perspective - Alex Lomas,Ken Munro
AIV - Journal Club Live! Summoning Demons: The Pursuit of Exploitable Bugs in Machine Learning<\a>
ASV - Kubernetes Container Orchestration Security Assessment - Ali Abdollahi
ASV - The Elephant in the Room: Burnout - Chloé Messdaghi
BCV - Welcome Note
BCV - Modeling systematic threat: testing on mainnet fork - Martinet Lee
BHV - DAY3 KEYNOTE: Why is Security Hard? - Seth Carmody
BHV - (10:30-10:59 PDT) - Infodemic: Threat models for patient communities on social networks - Andrea Downing
BTVW1 - cont...(09:00-10:30 PDT) - Introduction to Malware Analysis & Response (MA&R) (Beginner) - Michael Wylie
BTVW2 - (10:30-11:59 PDT) - Incident Response and the ATT&CK Matrix (Beginner) - Sam Bowne
CHV - Hacking Ludicrous Mode on a Tesla (moar powerr!) - Patrick Kiley
CPV - (10:30-10:59 PDT) - European regulatory trends for Artificial Intelligence: same impact on US as GDPR? - Julia Reinhardt
DC - (10:30-10:59 PDT) - Bytes In Disguise - Jesse Michael,Mickey Shkatov
DL - redlure - Matthew Creel
DL - MalConfScan with Cuckoo - Tomoaki Tani,Shusei Tomonaga
ETV - Blackmail, Extortion and the Ethics of Disclosure - Michael Antonino
HHV - Meetup: Sourcing Parts - bombnav
HRV - The K0BAK Rover Van -
LPV - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - Keynote: Monero: Sound Money Safe Mode - Dr. Daniel Kim
PAYV - PoS Terminal Security Uncovered - Aleksei Stennikov
PHVW - cont...(09:00-12:59 PDT) - Bad Active Directory (BAD) - Dhruv Verma,Michael Roberts,Xiang Wen Kuan
RTV - cont...(09:45-10:45 PDT) - Kubernetes Goat - Vulnerable by Design Kubernetes Cluster Environment - Madhu Akula

 

Sunday - 11:00 PDT


Return to Index  -  Locations Legend
AEV - Critical Aerospace Cybersecurity: How Hacking And Designing Aerospace Systems Is Changing - Lawrence Rowell,Nathalie Feyt,Yannick Le Ray
ASV - cont...(10:00-11:59 PDT) - Kubernetes Container Orchestration Security Assessment - Ali Abdollahi
ASV - A Heaven for Hackers: Breaking a Web Security Virtual Appliances - Mehmet D. Ince
BCV - Building a Microcontroller Bitcoin Address Generator - chaintuts,Josh McIntyre
BHV - How Independent Security Researchers work with Medical Device Manufacturers - The Bad, The Ugly & The Great (BUG) - Kyle Erickson,Natali,Peter,Veronica
BTVW2 - cont...(10:30-11:59 PDT) - Incident Response and the ATT&CK Matrix (Beginner) - Sam Bowne
CLV - Cloud host base strategy by staging defensive tools for Threat Hunting and Forensics - Michael Mimo
CLV - (11:45-12:30 PDT) - Remediation Framework - Auto respond to AWS nightmares. - Sahir Khan,Justin Paglierani
CPV - Fear, Uncertainty, and Doubt about Human Microchip Implants - Zhanna Malekos Smith
CPV - (11:30-11:59 PDT) - What if we had TLS for phone numbers? An introduction to SHAKEN/STIR - Kelley Robinson
DC - (11:30-11:59 PDT) - Only takes a Spark - Popping a shell on a 1000 nodes - ayoul3
DL - cont...(10:00-11:50 PDT) - redlure - Matthew Creel
DL - cont...(10:00-11:50 PDT) - MalConfScan with Cuckoo - Tomoaki Tani,Shusei Tomonaga
HHV - (11:30-12:30 PDT) - HackerBox 0057 Build Session - Joseph Long (hwbxr)
HRV - cont...(10:00-11:30 PDT) - The K0BAK Rover Van -
HTS - Hack the SeaPod - Fathom5
LBV - Bypass 101 + Q&A
LPV - Safecracking for Everyone! - Jared Dygert
MOV - cont...(10:00-11:30 PDT) - Keynote: Monero: Sound Money Safe Mode - Dr. Daniel Kim
PAYV - Architecting Modern Payment Gateways in .Net core with Azure - Menaka BaskerPillai
PHVT - Packet Acquisition: Building the Haystack - Chris Abella,Pete Anderson
PHVW - cont...(09:00-12:59 PDT) - Bad Active Directory (BAD) - Dhruv Verma,Michael Roberts,Xiang Wen Kuan
RTV - Breaking the Attack Chain - Corey Ham,Matt Eidelberg

 

Sunday - 12:00 PDT


Return to Index  -  Locations Legend
AEV - Cybersecurity Lessons Learned From Human Spaceflight - Pam Melroy
ASV - Secure Your Code — Injections and Logging - Philipp Krenn
BCV - exploit insecure crypto wallet - Minzhi He,peiyu wang
BCV - (12:40-12:59 PDT) - Closing Note
BHV - (12:30-12:59 PDT) - How to Grow a Brain in a Jar - Neuroengineering 101 - Jack
BTVW1 - Deploying Pi-hole: More Than an Ad Blocker (Beginner) - Ben Hughes
CLV - cont...(11:45-12:30 PDT) - Remediation Framework - Auto respond to AWS nightmares. - Sahir Khan,Justin Paglierani
CLV - (12:30-13:30 PDT) - Cloud-Native Attack Detection and Simulation. - Nick Jones
CPV - Workshop: Let's Talk About Abusability Testing - Avi Zajac,Franchesca Spektor,Ji Su Yoo,Nicole Chi
DL - Carnivore (Microsoft External Attack Tool) - Chris Nevin
DL - Starkiller -
ETV - How to Start a Movement: Hackers Edition - Chloé Messdaghi
HHV - cont...(11:30-12:30 PDT) - HackerBox 0057 Build Session - Joseph Long (hwbxr)
HHV - (12:30-12:59 PDT) - Meetup: Wearables - ShortTie
LBV - cont...(11:00-12:30 PDT) - Bypass 101 + Q&A
LPV - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - You're not the money printer, or why we need to separate coinbase rings - sgp
PHVW - cont...(09:00-12:59 PDT) - Bad Active Directory (BAD) - Dhruv Verma,Michael Roberts,Xiang Wen Kuan
RGV - Rogues adventure & the intervillage badge - Monero Village Team,Rogues Village Team
RTV - (12:15-13:15 PDT) - Hashes; Smothered, Covered, and Scattered: Modern Password Cracking as a Methodology - Lee Wangenheim
WLV - Ghosting the PACS-man: New Tools and Techniques - Iceman,Omikron

 

Sunday - 13:00 PDT


Return to Index  -  Locations Legend
AEV - Dissecting Wireless Privacy In Aviation - Martin Strohmeier
AEV - (13:30-13:59 PDT) - Breakdown Of The FAA's Privacy ICAO Address Program - Gui Michel
AIV - Faults in our Pi Stars: Security Issues and Challenges in Deep Reinforcement Learning - Vahid Behzadan
ASV - Running an appsec program with open source projects - Vandana Verma Sehgal
BHV - (13:15-13:45 PDT) - The Underestimated Threat Vector: Homogeneity - Vidya Murthy
BHV - (13:30-14:30 PDT) - Making Next Generation Drugs at Home - Mixæl Swan Laufer
BTVW1 - cont...(12:00-13:30 PDT) - Deploying Pi-hole: More Than an Ad Blocker (Beginner) - Ben Hughes
BTVW2 - (13:30-14:59 PDT) - Cloud Security Monitoring on a Dime Store Budget (Beginner) - Wes Lambert
CLV - cont...(12:30-13:30 PDT) - Cloud-Native Attack Detection and Simulation. - Nick Jones
CLV - (13:30-13:50 PDT) - Closing Note -
CPV - File Encryption For Actual Humans - David Kane-Parry
DL - cont...(12:00-13:50 PDT) - Carnivore (Microsoft External Attack Tool) - Chris Nevin
DL - cont...(12:00-13:50 PDT) - Starkiller -
HHV - Importing vector graphics in to EagleCAD -
HRV - APRS: Automatic Packet Reporting System Demo -
LPV - Keystone to the Kingdom - Austin Marck
MOV - Locha Mesh: Monero off-the-grid - Randy Brito
MOV - (13:30-14:30 PDT) - Badge Clinic - Michael Schloh von Bennewitz
RGV - cont...(12:00-13:59 PDT) - Rogues adventure & the intervillage badge - Monero Village Team,Rogues Village Team
RTV - cont...(12:15-13:15 PDT) - Hashes; Smothered, Covered, and Scattered: Modern Password Cracking as a Methodology - Lee Wangenheim
RTV - (13:30-14:30 PDT) - You're Adversary Within - The Golden Age of Insider Threats - Adam Mashinchi

 

Sunday - 14:00 PDT


Return to Index  -  Locations Legend
AEV - Hack-A-Sat Closing Segment -
AIV - Ethics & Bias Panel
BHV - cont...(13:30-14:30 PDT) - Making Next Generation Drugs at Home - Mixæl Swan Laufer
BHV - Open Ventilator Remote Monitoring Project -
BHV - (14:45-16:45 PDT) - Securing Your Medical Device Network on a Shoestring Budget
BTVW2 - cont...(13:30-14:59 PDT) - Cloud Security Monitoring on a Dime Store Budget (Beginner) - Wes Lambert
DC - (14:30-14:59 PDT) - Beyond Root: Custom Firmware for Embedded Mobile Chipsets - Christopher Wade
ETV - Open Live Chat for all Speakers or another talk on Ethics of Moderation - Ethics Village Staff
HHV - Learn to Solder the BadgeBuddy Kit - Joseph Long (hwbxr)
HRV - (14:30-14:45 PDT) - Village Closing Commentary -
LBV - DIY Bypass Tool Workshop + Q&A
LPV - (14:15-14:45 PDT) - Intro to Lockpicking - The Open Orginisation Of Lockpickers
MOV - cont...(13:30-14:30 PDT) - Badge Clinic - Michael Schloh von Bennewitz
RTV - cont...(13:30-14:30 PDT) - You're Adversary Within - The Golden Age of Insider Threats - Adam Mashinchi

 

Sunday - 15:00 PDT


Return to Index  -  Locations Legend
AEV - Cybersecurity Meets Aviation Regulation - Aaron Cornelius,Tim Brom
AIV - (15:30-15:59 PDT) - Closing Remarks
BHV - cont...(14:45-16:45 PDT) - Securing Your Medical Device Network on a Shoestring Budget
BTVW1 - Azure AD Logs for the Blue Team (Intermediate) - Mark Morowczynski
DC - (15:30-15:59 PDT) - Practical VoIP/UC Hacking Using Mr.SIP: SIP-Based Audit & Attack Tool - Ismail Melih Tas,Kubilay Ahmet Kucuk
DCG - DEF CON Groups Panel - Brent White / B1TK1LL3R,Casey Bourbonnais / ADAM_915,Jayson E. Street,April C Wright
HRV - Ham Radio USA License Exams (Sunday) -
LBV - cont...(14:00-15:30 PDT) - DIY Bypass Tool Workshop + Q&A
LBV - (15:30-16:59 PDT) - General Q&A / Drop-in and Chat
LPV - How I defeated the Western Electric 30c - N∅thing
MOV - (15:30-15:59 PDT) - Closing talk - rehr
RTV - Have my keys been pwned? - API Edition - José Hernandez,Rod Soto

 

Sunday - 16:00 PDT


Return to Index  -  Locations Legend
AEV - What I Learned Trying To Hack A 737 - Karl Koscher
BHV - cont...(14:45-16:45 PDT) - Securing Your Medical Device Network on a Shoestring Budget
BTVT1 - Blue Team Village Closing Ceremony
DC - (16:30-16:59 PDT) - Lateral Movement and Privilege Escalation in GCP; Compromise any Organization Without Dropping an Implant - Allison Donovan,Dylan Ayrey
HRV - cont...(15:00-17:59 PDT) - Ham Radio USA License Exams (Sunday) -
LBV - cont...(15:30-16:59 PDT) - General Q&A / Drop-in and Chat
LPV - (16:15-16:45 PDT) - Intro to Lockpicking - The Open Orginisation Of Lockpickers
RTV - Red Team Village Closing Ceremony and Announcement of Winners of CTF and CyberWraith  - Joseph Mlodzìanowskì (cedoXx),Omar Ωr

 

Sunday - 17:00 PDT


Return to Index  -  Locations Legend
DC - Closing Ceremonies - The Dark Tangent
HRV - cont...(15:00-17:59 PDT) - Ham Radio USA License Exams (Sunday) -

Talk/Event Descriptions


 

CNE - Sunday - 09:00-17:59 PDT


Title: (Before Con) Creative Writing Short Story Contest
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The DEF CON Short Story contest is a pre-con contest that is run entirely online utilizing the DEF CON forums and subreddit. This contest follows the theme of DEF CON for the year and encourages hackers to roll up their sleeves and write the best creative story that they can. The Short Story Contest encourages skills that are invaluable in the hacker’s world, but are sometimes overlooked. Creative writing in a contest setting helps celebrate creativity and originality in arenas other than hardware or software hacking and provides a creative outlet for individuals who may not have another place to tell their stories.

Forum: https://forum.defcon.org/node/231200

Discord: https://discord.com/channels/708208267699945503/711643275584340069

Twitter: https://twitter.com/dcshortstory


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 10:30-10:59 PDT


Title: 747 Walkthrough From A Hacker's Perspective
When: Sunday, Aug 9, 10:30 - 10:59 PDT
Where: Aerospace Vlg
Speakers:Alex Lomas,Ken Munro

SpeakerBio:Alex Lomas
Alex Lomas is Pen Test Partner’s aerospace specialist. Alex undertakes penetration testing of traditional IT, such as networks, web applications, and APIs, as well as more aviation-specific areas including airport operational technology and avionics embedded systems such as inflight entertainment and e-enabled aircraft.

SpeakerBio:Ken Munro
Ken Munro is Partner and Founder of Pen Test Partners, a firm of ethical hackers. He and colleagues hold private pilot’s licenses and have been interested in aviation security for many years. They also publish and blog about their research into aviation cyber security, covering topics from airborne connectivity, the potential risks of publicly available avionics component information, and even the entire attack surface of the modern airport. Ken and Pen Test Partners have also been invited to speak at various aviation industry events, and on aviation at specialist security events such as DEF CON’s Aviation Village, the Global Connected Aircraft Summit, and the Aviation ISAC Summit among others.

Description:
This will be a tour of an end of life 747 airframe, covering a 101 of the cockpit systems and avionics bays. We will also be explaining the various systems & threat surfaces.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Sunday - 11:00-11:45 PDT


Title: A Heaven for Hackers: Breaking a Web Security Virtual Appliances
When: Sunday, Aug 9, 11:00 - 11:45 PDT
Where: AppSec Vlg

SpeakerBio:Mehmet D. Ince
No BIO available
Twitter: @mdisec

Description:No Description available

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: AppSec Village CtF
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
CTFs test your skills, challenge your ingenuity and push mental boundaries. But what is even MORE AWESOME than a regular CTF?

A (CTF)2!! A competition that stretches your creative mind as a task author and makes you step up your game as a task player. This year, AppSec Village @ DEF CON 28 invites you to compete in both roles!


Forum: https://forum.defcon.org/node/232292

Discord: https://discord.com/channels/708208267699945503/728703600586522739

Twitter: https://twitter.com/appsec_village

Web: https://www.appsecvillage.com/


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Sunday - 13:00-13:30 PDT


Title: APRS: Automatic Packet Reporting System Demo
When: Sunday, Aug 9, 13:00 - 13:30 PDT
Where: Ham Radio Vlg

Description:
In this live demo, we'll go over what APRS is, what you can do with it, and a quick primer on how to get started.

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991


Return to Index    -    Add to    -    ics Calendar file

 

PAYV - Sunday - 11:00-11:59 PDT


Title: Architecting Modern Payment Gateways in .Net core with Azure
When: Sunday, Aug 9, 11:00 - 11:59 PDT
Where: Payment Vlg

SpeakerBio:Menaka BaskerPillai
No BIO available

Description:
In this session am going to explain how to work with payment gateways and how to implement a secured payment gateways in .net core web Apps. This session also includes some core concepts of Azure that plays an important role in transaction.

Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 08:30-09:30 PDT


Title: Autonomous Security Analysis and Penetration Testing (ASAP)
When: Sunday, Aug 9, 08:30 - 09:30 PDT
Where: Red Team Vlg

SpeakerBio:Ankur Chowdhary
Ankur Chowdhary is a PhD candidate at Arizona State University (ASU). His research interests include Cloud Security, Software Defined Networks, and application of Artificial Intelligence and Machine Learning in the field of cybersecurity. Ankur has over 5 years of cybersecurity industry experience. He has worked for companies like CSC Pvt. Ltd., Republic Services, Blackberry Pvt. Ltd., and Bishop Fox. Ankur has co-authored over 25 research papers and one textbook in the field of cybersecurity. Ankur co-founded cybersecurity startup CyNET LLC (2017). Ankur has been quite active in cybersecurity education. Ankur was ASU’s National Cybersecurity Defense Competition (NCCDC) captain (2015-2018), and he is current team coach (2018-). He co-founded hacking club DevilSec in 2019 to teach offensive and defensive security to students at ASU.

Description:
Penetration Testing (Pentesting) involves skilled cybersecurity professionals generating a plan of attack for finding and exploiting vulnerabilities in the networks, and applications. The current procedure used in pen-testing is semi-automated at best and requires significant human effort. Moreover, the plan of attack followed by pen-testers may not yield best outcomes in terms of exploiting vulnerabilities in the provided time. Our framework, ASAP utilizes software vulnerabilities and network topology information to provide an artificial intelligence-based automated attack plan. Our framework Autonomous Security Analysis and Penetration Testing (ASAP) utilizes the reachability information between different network hosts and software vulnerabilities to generate a state transition graph known as attack graph. Each state in the attack graph represents the current privilege of the attacker. The attack graph also encodes information about the possible next state transitions in the network. In effect attack graph maps all possible exploits and privilege escalations possible in a network. This information is provided to Artificial Intelligence (AI) module. The AI module utilizes a popular framework known as Partially Observable Markov Decision Process (POMDP) to encode uncertainty over different state transitions, and reward obtained by attackers on achieving different privilege levels. The output generated by the AI module - Attack Policy provides the best course of action for a penetration tester/ red team member in the current network setup. The attack policy generated by the ASAP framework can be deployed on target enterprise networks using automated exploitation tools such as Metasploit. Based on our experimental evaluation in a cloud network setup, the attack policy generated by our framework does significantly better than human penetration testers in terms of finding and exploiting vulnerabilities in a network.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

BTVW1 - Sunday - 15:00-15:45 PDT


Title: Azure AD Logs for the Blue Team (Intermediate)
When: Sunday, Aug 9, 15:00 - 15:45 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Mark Morowczynski
Mark Morowczynski (@markmorow) is a Principal Program Manager on the customer success team in the Microsoft Identity division. He spends most of his time working with customers on their deployments of Azure Active Directory. Previously he was Premier Field Engineer supporting Active Directory, Active Directory Federation Services and Windows Client performance. He was also one of the founders of the AskPFEPlat blog. He's spoken at various industry events such as Black Hat 2019, Bsides, Microsoft Ignite, Microsoft Inspire, Microsoft Ready, Microsoft MVP Summits, The Cloud Identity Summit, SANs Security Summits and TechMentor. He can be frequently found on Twitter as @markmorow arguing about baseball and making sometimes funny gifs.
Twitter: @markmorow

Description:
As enterprises move to cloud resources like Office365 and Azure AD it is imperative that they proactively monitor and protect against potential threats. But these vast quantities of security data are of no value if you, as a security admin, cannot make sense of it. In this session we'll explore the data that's available in Azure AD logs, how to integrate it with 3rd party SIEMs and get actionable insights from it. We'll also share the best practices on consuming Azure AD logs based on our insights from working with large enterprises.
Outline
Understanding the different types of logs in Azure AD (Sign-In, Audit, Risk, Application) what data is in each of them. (15 mins) Example Conditional Access Sign-in Logs (2 mins) Example Service Principal Log (2 mins) Understanding how to send logs to SIEMS (5 mins) Demo Configuring Azure Monitor Event Hub to send to 3rd party SIEM (2 mins) Understanding key events to look for and why (10 mins) Demo Using Azure work books and Log Analytics to look for key events (5 mins) Q and A (Remaining time)

This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

PHVW - Sunday - 09:00-12:59 PDT


Title: Bad Active Directory (BAD)
When: Sunday, Aug 9, 09:00 - 12:59 PDT
Where: Packet Hacking Vlg - Workshop
Speakers:Dhruv Verma,Michael Roberts,Xiang Wen Kuan

SpeakerBio:Dhruv Verma , Senior Security Consultant, NCC Group
Dhruv Verma is a Senior Security Consultant at NCC Group, an information security firm specializing in application, network, and mobile security. Dhruv has extensive experience performing infrastructure assessments with a special interest in Windows Active Directory environments and projects involving social engineering vectors. He has gotten domain admin on multiple client networks by chaining together vulnerabilities in a very unique and interesting fashion. For instance, Dhruv combined a misconfigured Jenkins server with a AWS IAM privilege escalation attack to gain Domain Admin on an enterprise network via a clone'n'pwn attack.

SpeakerBio:Michael Roberts , Senior Security Consultant, NCC Group
Michael Roberts is a Senior Security Consultant with NCC Group. Michael performs web, mobile application and network penetration tests, and has a passion for virtual reality and cooking outside of work life. Michael holds an bachelor's degree in computer and information technology from Purdue University.

SpeakerBio:Xiang Wen Kuan , Security Consultant, NCC Group
Xiang Wen Kuan is a Security Consultant at NCC Group. Kuan has conducted some infrastructure assessments and first started BAD under the supervision of Dhruv and Michael as his intern project at NCC. Kuan is as exciting as Kashi cereal and likes to eat free food at hacker events.

Description:
This is an introductory to intermediate level Windows active directory (AD) training. The training has two parts: a lecture component, where we'll cover how active directory works and the core things you need to know to attack it effectively, and a series of hands-on labs modeled after real attacks we've performed on client environments. The training will be heavily lab focused, with each student receiving their own AWS environment to play with. The labs are based off of how real modern networks look, not example test environments, and successfully completing each lab involves chaining together multiple vulnerabilities in a realistic kill chain methodology to get domain admin.

This workshop requires registration. If you are registered, please proceed to #phv-infobooth-text and you'll be given access to join.

#phv-infobooth-text: https://discord.com/channels/708208267699945503/708242376883306526


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Sunday - 13:30-14:30 PDT


Title: Badge Clinic
When: Sunday, Aug 9, 13:30 - 14:30 PDT
Where: Monero Vlg

SpeakerBio:Michael Schloh von Bennewitz
No BIO available

Description:
With the help of a close range circuit camera, Michael illustrates the circuits of several recent conference hardware devices, including prototype models. Devices in circulation and on display include: DC28 Intervillage Badge DC27 Rising Badge 35C3 Blockchain DC26/BCOS Badge HCPP19 Badge HCPP18 Badge This is not a speech presentation, rather it is an easy office hours with show and tell to invite questions and answers about low power electronic devices. Visit the Badge Clinic on any day of Defcon in the Monero Village channel.

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Be the Match - registration drive
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Be the Match registration drive is returning once again! Swing by and check out one of the coolest biohacks out there, and how you could be the next person to save a life through cellular therapy.

Discord: https://discord.com/channels/708208267699945503/711643405004046457

Web: https://bethematch.org


Return to Index    -    Add to    -    ics Calendar file

 

DC - Sunday - 14:30-14:59 PDT


Title: Beyond Root: Custom Firmware for Embedded Mobile Chipsets
When: Sunday, Aug 9, 14:30 - 14:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:Christopher Wade , Security Consultant at Pen Test Partners
Chris is a seasoned security researcher and consultant. His main focuses are in reverse engineering hardware, fingerprinting USB vulnerabilities and playing with Software Defined Radios, with his key strength lying in firmware analysis, which he utilizes as part of the hardware testing team at Pen Test Partners.

Description:
Rooting a smartphone is often considered the ultimate method to allow a user to take complete control of their device. Despite this, many smartphones contain hardware which is closed off to any modification. This talk aims to show how this hardware can be reverse engineered in order to bypass its protections and further expand its functionality.

Using proprietary NFC Controllers as an example, we will cover analysis of the protocols used by the chips, how the firmware protections could be broken, and how custom firmware could be developed and deployed to the phone with no hardware modifications. This will include methodologies for analyzing weaknesses in firmware update protocols, leveraging the Unicorn CPU Emulator to bypass debugging restrictions, and techniques for reverse engineering the hardware capabilities of an unknown chip in order to implement custom features. This will end with demonstration of a smartphone with passive NFC sniffing capabilities and expanded tag emulation functionality.


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Bio-Hacking - Hospital Under Siege
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Adversaries have gained a foothold in your local hospital and are increasing their control over clinical systems and medical devices. Soon they make it clear they’re not after patient records or financial information, but are out to disrupt care delivery and put patients lives at risk. Your team received an urgent request to use your blue, red, and purple team skills to defend against the escalating attacks, attempt to unmask the adversary, and - above all - protect patient lives.

Hospital Under Siege is a scenario-driven Capture the Flag contest run by the Biohacking Village, pitting teams of participants against adversaries and against a clock, to protect human life and public safety. Participants will compete against each other on both real and simulated medical devices, in the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. Teams of any size are welcome, as are players from all backgrounds and skill levels. Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with exotic protocols like DICOM, HL7 and FHIR.


Forum: https://forum.defcon.org/node/232894

Discord: https://discord.com/channels/708208267699945503/711643365120278540

Twitter: https://twitter.com/DC_BHV

Web: https://www.villageb.io/


Return to Index    -    Add to    -    ics Calendar file

 

ETV - Sunday - 10:00-10:59 PDT


Title: Blackmail, Extortion and the Ethics of Disclosure
When: Sunday, Aug 9, 10:00 - 10:59 PDT
Where: Ethics Vlg

SpeakerBio:Michael Antonino
No BIO available

Description:
This will be a live talk.


Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 13:30-13:59 PDT


Title: Breakdown Of The FAA's Privacy ICAO Address Program
When: Sunday, Aug 9, 13:30 - 13:59 PDT
Where: Aerospace Vlg

SpeakerBio:Gui Michel
Gui is a Master student in the joint degree in Cybersecurity at EPFL and ETH Zürich. His research interests lie in distributed systems, computer security and privacy.

Description:
The FAA launched the Privacy ICAO Address (PIA) program in January 2020 to address privacy concerns in General Aviation in the United States. This talk will present an analysis on the privacy performance of this program in its current state and our predictions for the future. We will demonstrate that it is possible to identify aircraft despite being enrolled in the program, using ADS-B data from crowdsourced networks. The privacy loss of participating aircraft over time is quantified through a purpose-built privacy simulator, showing that tracking is possible, even with a much greater participation in the program in the future. To address these issues, we will present two solutions that could significantly improve the privacy of the PIA program going forward.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 11:00-11:59 PDT


Title: Breaking the Attack Chain
When: Sunday, Aug 9, 11:00 - 11:59 PDT
Where: Red Team Vlg
Speakers:Corey Ham,Matt Eidelberg

SpeakerBio:Corey Ham
Corey Ham & Matt Eidelberg are principal consultants/leaders within Optiv's advanced services sub-team. Together they have 13 years combined experience delivering offensive security engagements for clients, along with personal tool development and research.

SpeakerBio:Matt Eidelberg
Corey Ham & Matt Eidelberg are principal consultants/leaders within Optiv's advanced services sub-team. Together they have 13 years combined experience delivering offensive security engagements for clients, along with personal tool development and research. Matthew has presented at multiple conferences across North America.

Description:
Despite the rising tide of security maturity, targeted attack chains are often successful due to systemic weaknesses in how modern IT administrators and blue teams operate. This talk gives the attacker's perspective on how common attack chains can be stopped before they spiral out of control. This talk is fueled by two red team operators field experience in attacking modern enterprise environments. It will cover various tactics and techniques that are used with high success during red team engagements, as well as specific countermeasures that would hamper the success of the described attack chains. The speakers will cover a hypothetical red team style engagement, starting from a limited-knowledge basis on the Internet, moving to an internal foothold, leading to data compromise. This talk will focus on technical details at an executive level, and will be performed in a "debrief" style with no technical specifics or demos.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-13:59 PDT


Title: Bricks in the Air
When: Sunday, Aug 9, 09:00 - 13:59 PDT
Where: Aerospace Vlg Workshop

Description:
A huge hit at Def Con 27, we’ve partnered with the Defense Digital Service to bring back Bricks-In-The-Air for #DEFCON28SafeMode. Whether you’re a noob or a pro, this is your chance to attempt sending messages to mock LEGO aircraft over I2C to learn and experiment with direct injection attacks on a data bus.

Return to Index    -    Add to    -    ics Calendar file

 

BCV - Sunday - 11:00-11:59 PDT


Title: Building a Microcontroller Bitcoin Address Generator
When: Sunday, Aug 9, 11:00 - 11:59 PDT
Where: Blockchain Vlg
Speakers:chaintuts,Josh McIntyre

SpeakerBio:chaintuts
No BIO available

SpeakerBio:Josh McIntyre
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

DC - Sunday - 10:30-10:59 PDT


Title: Bytes In Disguise
When: Sunday, Aug 9, 10:30 - 10:59 PDT
Where: DEF CON Q&A Twitch
Speakers:Jesse Michael,Mickey Shkatov

SpeakerBio:Jesse Michael
Jesse MichaelJesse Michael is an experienced security researcher focused on vulnerability detection and mitigation who has worked at all layers of modern computing environments from exploiting worldwide corporate network infrastructure down to hunting vulnerabilities inside processors at the hardware design level. His primary areas of expertise include reverse engineering embedded firmware and exploit development. He has also presented research at DEF CON, Black Hat, PacSec, Hackito Ergo Sum, Ekoparty, and BSides Portland.
Twitter: @JesseMichael

SpeakerBio:Mickey Shkatov
Mickey has been doing security research for almost a decade, one of specialties is simplifying complex concepts and finding security flaws in unlikely places. He has seen some crazy things and lived to tell about them at security conferences all over the world, his past talks range from web pentesting to black badges and from hacking cars to BIOS firmware.
Twitter: @HackingThings

Description:
Non-Volatile Memory. EVERY computer has it, from the chip that stores your BIOS to the controller that runs your laptop trackpad and even your new fancy USB-C monitor. These small nooks of storage can be (ab)used by anyone to store data or code without causing any side effects and none would be the wiser. We will show you more than one example of how this is possible and walk through everything you need to know to do it, too. In this talk, we will describe how to hide persistence in these obscure memory chips using simple tools that we are releasing as open source. We will show multiple ways to accomplish this without detection. On the defensive front, we’ll discuss what can be done to detect and lock down systems.

This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-15:59 PDT


Title: Cal Poly Workshop - Simulated Satellite Communications on Raspberry Pi
When: Sunday, Aug 9, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
Users will need to purchase own equiptment before the workshop/challenge is run. (users will attempt to see simulated altitude, battery level, telemetry data from the mock satellite. It will be awesome because, we will expose participants new to the convergence of space and cybersecurity a crawl/beginner experience to gain their interest. It's designed as a workshop. The Convergence of Space & Cybersecurity Innovation.

The goal of this workshop would be to construct a “CubeSat Simulator Lite https://github.com/alanbjohnston/CubeSatSim/wiki” specifically https://github.com/alanbjohnston/CubeSatSim/wiki/CubeSat-Simulator-Lite.

We would run through the installation of the software via a screensharing method. We’d show participants how to setup a Raspberry Pi, set up the device, install the necessary packages, attach a necessary antenna, and view the transmitted data using a software defined radio.

Building materials:
Raspberry Pi Kit - https://www.amazon.com/dp/B07BCC8PK7/ Software Defined Radio - https://www.amazon.com/dp/B011HVUEME/


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Capture The Packet (CTP)
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Come compete in the world’s most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible. Follow us on Twitter or Facebook (links below) to get notifications for dates and times your team will compete, as well as what prizes will be awarded.

Twitter capturetp: https://twitter.com/capturetp

Twitter wallofsheep: https://twitter.com/wallofsheep

Discord: https://discord.com/channels/708208267699945503/711643512625430529

Web: https://www.capturethepacket.com/


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Car Hacking Village CTF
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Come learn, hack, play at the Car Hacking Village. The village is an open, collaborative space to hack actual vehicles that you don't have to worry about breaking! Don't have tools? We'll loan you some. Never connected to a car? We'll show you how. Don't know where the controllers are? We'll show you how to take it apart.

Additionally we'll host a Donkey Car race. Check out our web site for up to date info.

Want to race? Check out of full car simulator(s).

Want to learn more about automotive hacking and cyber security? Check out our talks.

Want to hack mobility scooters? Yes! We'll do that to.

Also, check out the CHV CTF.


Discord: https://discord.com/channels/708208267699945503/711643596658311229

Twitter: https://twitter.com/CarHackVillage

Web: https://www.carhackingvillage.com/


Return to Index    -    Add to    -    ics Calendar file

 

DL - Sunday - 12:00-13:50 PDT


Title: Carnivore (Microsoft External Attack Tool)
When: Sunday, Aug 9, 12:00 - 13:50 PDT
Where: See Description or Village

SpeakerBio:Chris Nevin
Senior Security Consultant at NCCGroup

Description:
Carnivore is a username enumeration and password spraying tool for Microsoft services (Skype for Business, ADFS, RDWeb, Exchange and Office 365). It originally began as an on-premises Skype for Business enumeration/spray tool as I was finding that these days, organizations often seem to have locked down their implementations of Exchange, however, Skype for Business has been left externally accessible, and has not received as much attention from previous penetration tests due to the lack of tools as impactful as Mailsniper. Overtime this was improved and built upon to bring the same service discovery, username enumeration and password spraying capability to Skype, ADFS, RDWeb, Exchange, and O365 all in the same tool. Carnivore includes new post compromise functionality for Skype for Business (pulling the internal address list and user presence through the API), and smart detection of the username format for all services. As a practical means of entry into an organisation – numerous external penetration tests have uncovered an on-premises Skype for Business or ADFS server even for organisations that have moved Mail/SSO/etc to the cloud.

Audience: Offense


Interact @ #dl-nevin-carnivore-text: https://discord.com/channels/708208267699945503/730256550442041373

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Github: https://github.com/ReverendThing/Carnivore

Forum: https://forum.defcon.org/node/233116


Return to Index    -    Add to    -    ics Calendar file

 

DC - Sunday - 17:00-17:59 PDT


Title: Closing Ceremonies
When: Sunday, Aug 9, 17:00 - 17:59 PDT
Where: See Description or Village

SpeakerBio:The Dark Tangent
No BIO available

Description:
The closing ceremonies will be streamed on the DEF CON Twitch. There will be a live Q&A session during part of the event, and questions can be posted in #track-1-live-qa.

Twitch: https://www.twitch.tv/defconorg

#track-1-live-qa: https://discord.com/channels/708208267699945503/733079691145117848


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Sunday - 13:30-13:50 PDT


Title: Closing Note
When: Sunday, Aug 9, 13:30 - 13:50 PDT
Where: Cloud Vlg

Description:

YouTube: https://www.youtube.com/watch?v=DSipgVlsAfo

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Sunday - 15:30-15:59 PDT


Title: Closing talk
When: Sunday, Aug 9, 15:30 - 15:59 PDT
Where: Monero Vlg

SpeakerBio:rehr
No BIO available

Description:No Description available

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Sunday - 11:00-11:45 PDT


Title: Cloud host base strategy by staging defensive tools for Threat Hunting and Forensics
When: Sunday, Aug 9, 11:00 - 11:45 PDT
Where: Cloud Vlg

SpeakerBio:Michael Mimo
No BIO available
Twitter: @securitydevops

Description:
Cloud instance forensic acquisition presents certain challenges to forensics teams. Traditional forensic methods usually are not effective in the cloud. Access and networks are designed differently than in an on-premise Data Center. Forward thinking strategies need to be implemented so that Incident Response Cyber teams can effectively use forensically sound methods to examine artifacts on hosts.

My talk is about how to prepare your organization for forensic acquisitions in a cloud infrastructure. I will quickly cover how to prepare a fleet of systems for memory and physical disk forensics. The targets are AWS EC2 instances but could be applied to any other cloud providers host provisioning infrastructure. I will focus on the process and infrastructure required to do this level of inspection. By the end you will be able to apply these strategies to activities such as Threat Hunting.

Many organizations struggle with implementing Threat Hunting programs with orchestration in mind to capture memory and disk level forensics. How does a Cyber team respond to an alert they receive from a cloud host? How can they quickly collect artifacts for further forensic inspection? Last, how can you best secure the forensics infrastructure from where you launch the orchestrated forensic examiner systems?

The first part of my talk will describe the infrastructure required to be in the place to support forensic orchestration. I will outline a strategy: servers, tools, storage, and protective measures to ensure that forensic activities are conducted behind a cloud of secrecy. Maintaining stealth mode is critically important to enabling the forensic team to do their job while the business is not impacted by the investigative activities.

In the second part, we will examine the pipeline process to implement solutions in EC2 instances with pre-configured memory and acquisition tools ready to be tapped into by the forensic team. I will discuss some of the challenges encountered when conducting forensics with the different AWS hypervisor solutions.

As a result, testing each design of the Linux instances with your forensics tools is an important part of the process. Do not expect the forensic tools to work seamlessly when the architecture teams switch fundamental infrastructure designs. Each phase of the AMI delivery pipeline needs to be tested and verified that the Cyber team can continue to perform their investigations without running into challenges during a real incident. Do not wait until forensics is really needed to only find out that the tools designed did not perform their job.


YouTube: https://www.youtube.com/watch?v=DSipgVlsAfo

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520


Return to Index    -    Add to    -    ics Calendar file

 

BTVW2 - Sunday - 13:30-14:59 PDT


Title: Cloud Security Monitoring on a Dime Store Budget (Beginner)
When: Sunday, Aug 9, 13:30 - 14:59 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Wes Lambert
Wes Lambert is a Senior Engineer at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. Wes is a huge fan of open source software projects, and loves to solve problems and enhance organizational security using completely free and easily deploy-able tools.
Twitter: @therealwlambert

Description:
As organizations continue to rely on the cloud to run critical production workloads and store potentially sensitive data, it is more important than ever to understand our cloud infrastructure, and implement monitoring to assist in providing greater insight into the "goings on” of cloud environments. In this workshop, attendees will learn how they can leverage free and open source tools to enable effective network security monitoring for major cloud providers, extending their visibility, providing greater overall context with regard to their organization's network traffic, and identifying anomalies that otherwise might have gone unnoticed.

This workshop will address the following topics:

Introduction to NSM (Network Security Monitoring Concepts) - key NSM concepts will be discussed/explained Major cloud providers, and native mechanisms to facilitate network security monitoring AWS/Google Cloud

Packet mirroring - we'll discuss what packet mirroring is, and how it can be utilized Cloud provider-specific core NSM/infrastructure/networking concepts and implementation - in this section, we'll discuss the components of each cloud provider's infrastructure, and how it relates to our approach to network security monitoring

        AWS
        Google Cloud

Automating deployment for cloud environments - in this section, we'll discuss how to automate deployment of cloud security monitoring (for free), as well as how to quickly and easily spin up and environment for testing, academia, or even a PoC for a potential production deployment.


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

CLV - Sunday - 12:30-13:30 PDT


Title: Cloud-Native Attack Detection and Simulation.
When: Sunday, Aug 9, 12:30 - 13:30 PDT
Where: Cloud Vlg

SpeakerBio:Nick Jones
Nick Jones is the cloud security lead and a senior security consultant at F-Secure Consulting (formerly MWR InfoSecurity), where he focuses on AWS security in mature, cloud-native organisations and large enterprises. He has a number of years experience delivering offensive security assessments and services to a broad client base. When he's not delivering offensively-focused engagements, he's typically found working with clients to help them develop their security operations and attack detection capabilities.
Twitter: @nojonesuk

Description:
The cloud brings a broad range of benefits from a security perspective, including network isolation by default, strong identity controls and unprecedented visibility. It does, however, bring many changes and unique challenges of its own when compared to an on-premise estate, with modern cloud environments make heavy use of containerisation, serverless functions and other new paradigms. As such, many of the data sources used for threat hunting and attack detection in traditional environments are no longer available. In addition, most attacks consist of abusing legitimate functionality, making it challenging at times to differentiate the malicious from the benign.

Based on first-hand experience attacking and defending large enterprises, this talk will compare and contrast the benefits and challenges of attack detection in the cloud against on-premise detection, and highlight some of the key advantages, common pitfalls and key data sources. It will also offer advice and guidance on developing your own cloud attack detection capabilities in house.

Lastly, it will present Leonidas - a cloud native toolchain that allows users to easily define, simulate and detect new attack vectors and techniques against cloud environments, all tied back to the MITRE ATT&CK framework. This will include deploying and using Leonidas, constructing and executing an attack path end-to-end, and how to implement your own test cases. It'll also cover Leonidas into your detection stack to track improvement over time and support learning and skills development within your team.


YouTube: https://www.youtube.com/watch?v=DSipgVlsAfo

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: CMD+CTRL CyberRange
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
CMD+CTRL has evolved! Slip into an immersive scenario, spanning an entire corporate cloud environment. Intelligent chatbots acting as skilled hackers will guide you every step of the way, as you perform recon, social engineering, data exfiltration, privilege escalation and much more. Move through websites, servers, accounts and cloud services, all in an effort to thwart an evil CEO and corrupt corporation. Just don’t get caught, or you may have to burn it all down to cover your tracks!

Forum: https://forum.defcon.org/node/231474

Discord: https://discord.com/channels/708208267699945503/711643642388807800

Twitter: https://twitter.com/SecInnovation


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Coindroids
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The year is 20X5 and humanity has fallen: now there are only Coindroids. The machines we designed to manage our finances have supplanted and destroyed the human race by turning our own economy against us. Now they battle each other in the ruins of our fallen cities, driven by a single directive: money is power.

Battle your way to the top of the leaderboard by attacking rival droids and completing hidden challenges.

New to cryptocurrencies? No DEFCOIN to play with? Not a problem! Just come visit our booth in the contest area and we can help get you started.


Forum: https://forum.defcon.org/node/233033

Discord: https://discord.com/channels/708208267699945503/711643539573833878

Twitter: https://twitter.com/coindroids

Web: https://www.coindroids.com


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-13:59 PDT


Title: CPX SimpleSat
When: Sunday, Aug 9, 09:00 - 13:59 PDT
Where: Aerospace Vlg Workshop

Description:
Can you Hack-A-Sat? You won’t know until you try! Intended for noobs, CPX SimpleSat was built to allow you to experiment with attacking a mock satellite through a ground station, mimicking the types of commands used in Hack-a-Sat to gain control of the Satellite. No previous experience required. Just curiosity and a willingness to learn!

Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Crack Me If You Can (CMIYC)
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
In its tenth year, the premier password cracking contest "Crack Me If You Can" is returning to DEFCON. The world's best password cracking teams are assembled and are awaiting the hardest 48 hours of their year.

Every year, the contest has a different surprise/twist. One year it was all international passwords, last year it was password rotation and BCRYPT, and 10 years ago it was capital letters. Oh the humanity!

This year the teams will be cracking hashes, generated by the CMIYC team, using plain-texts donated by famous hackers and Internet founders. Time for you to test your password cracking skills against your heroes.

Teams have 48 hours to crack as many passwords as possible using what ever resources they can legally assemble. Teams are split into "PRO" (for the large, professional password cracking teams) and "STREET" for smaller teams, or beginners.

Each year the "Crack Me If You Can" team gives away hundreds of free password cracking shirts in the Contest area.


Forum: https://forum.defcon.org/node/231475

Discord: https://discord.com/channels/708208267699945503/711644827053457478

Twitter: https://twitter.com/CrackMeIfYouCan

Web: https://contest-2020.korelogic.com/


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 11:00-11:59 PDT


Title: Critical Aerospace Cybersecurity: How Hacking And Designing Aerospace Systems Is Changing
When: Sunday, Aug 9, 11:00 - 11:59 PDT
Where: Aerospace Vlg
Speakers:Lawrence Rowell,Nathalie Feyt,Yannick Le Ray

SpeakerBio:Lawrence Rowell
Lawrence Rowell is the Product Security Officer for Thales Inflyt Experience. His responsibilities include cybersecurity governance, strategy and risk management for all business line products. He supports the continuous integration of cybersecurity in the product lifecycle from development to ongoing operations. He leads the cybersecurity product roadmap that includes new cybersecurity features and offerings. Lawrence also has 15 years of experience with cybersecurity in the finance industry, leading the cybersecurity program for a fortune 500 financial company. He graduated with an MS in Telecommunications Management from Oklahoma State University.

SpeakerBio:Nathalie Feyt
Nathalie Feyt - has worldwide responsibility of security activities for Thales Avionics, as Chief Product Security Officer. She leads the security solutions roadmap for the Thales aviation portfolio covering both airborne and ground operation systems to develop new generations of safe and secure avionics, enabling in-flight connectivity and digitalization of aviation operations. She also supports the governance of cybersecurity risks for products in operations. At a European policy level, she is the Chair of Cybersecurity for the ASD taskforce, and at the national level for France she is the Technical Expert Referee for Thales at Conseil de Cybersécurité du Transport Aérien.

SpeakerBio:Yannick Le Ray
Yannick Le Ray is an engineering graduate from Ecole Polytechnique of Montreal. He joined Thales in 2003 where he held a number of positions in bid and product management for air defence command & control systems as well as communication intelligence. Since 2018, Yannick has the worldwide responsibility of cybersecurity for the Thales aeronautics vertical including Air Traffic Management, Avionics & Airports.

Description:
Aerospace is changing – Its digital transformation must now be synonymous with being cyber secure. In-cabin systems are looking more like your everyday living room and the numerous potential entry points must be tested for security. During this session we will take you through the offensive testing that we put systems through to show you what is happening to improve the life cycle of aviation systems thanks to cybersecurity-by-design principles influenced by a hack/fix process.

From design to operation, blue teams and red teams are working together for a first line of defense to help identify vulnerabilities and ensure more robust and resilient systems – systems which we all rely on, and must be certified by Airworthiness Authorities when safety is at stake.

Join Nathalie Feyt, Lawrence Rowell and Yannick Le Ray as they lead a presentation on securing avionics, passenger systems, and air traffic management systems, and show how industry designs, attacks, learns and improves aerospace systems.

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.


Discord: https://discord.com/channels/708208267699945503/732394328105943180


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 12:00-12:59 PDT


Title: Cybersecurity Lessons Learned From Human Spaceflight
When: Sunday, Aug 9, 12:00 - 12:59 PDT
Where: Aerospace Vlg

SpeakerBio:Pam Melroy
Pam Melroy is a retired US Air Force test pilot and former NASA astronaut and Space Shuttle commander. After NASA she worked at Lockheed Martin on the Orion lunar exploration vehicle program, the Federal Aviation Administration’s Office of Commercial Space Transportation, and at DARPA. She is now an independent consultant and advisor.

Description:
Space is incredibly important in our daily lives – providing the GPS navigation on our phone and in our financial system, national security communications throughout the world, and remote sensing of weather conditions and other indicators of the health of the Earth. We’ve had a very complacent attitude about our satellites because physical access has been impossible. Now we know our key infrastructure is at threat on the ground, and it is in space as well from both physical and cyber threats. There are many important lessons to be learned about the software approach to human space flight and its high standards for software error rate and redundancy, tiered levels of access, distributed architecture, command protocols, and there are mistakes to learn from as well. The space industry is changing very rapidly. With commercial space stations, lunar exploration, and nation states competing for achievements – and resources – in space, we must understand the implications and prepare for the challenges ahead.

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.


Discord: https://discord.com/channels/708208267699945503/732394328105943180


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 15:00-15:59 PDT


Title: Cybersecurity Meets Aviation Regulation
When: Sunday, Aug 9, 15:00 - 15:59 PDT
Where: Aerospace Vlg
Speakers:Aaron Cornelius,Tim Brom

SpeakerBio:Aaron Cornelius
Aaron Cornelius is a Senior Security Researcher at GRIMM specializing in the security of automotive, aerospace, critical infrastructure and industrial control systems. Aaron has over 15 years developing embedded and safety critical systems for telecom, aviation, medical, and industrial applications.

SpeakerBio:Tim Brom
Tim Brom is the Managing, Senior Security Researcher for Embedded Systems at GRIMM specializing in automotive security research. Tim has over ten years experience as a software developer and security researcher with a focus on automotive, aerospace, critical infrastructure and industrial control systems. Additionally, Tim has contributed extensively to the development of CanCat, GRIMM’s open source CAN bus reverse-engineering tool, and CANT, a tool for interacting with CAN bus at the electrical layer. Tim was the lead engineer in the development of GRIMM’s car-hacking workbenches. Tim has also had publications about car-hacking tools and techniques, including on the Macchina M2.

Description:
Software development for aviation is highly regulated, and process driven. The current processes, as defined in DO-178C and related standards, originate from a history of designing and testing mechanical components. In the past you designed a part and once installed it only had to be monitored for physical condition. It was assumed that maintenance procedures would be able to identify which components are in flight condition and which are not. But now that there are USB ports and iPads in the cockpit, do these previous assumptions remain valid? How can we ensure that flight systems are not compromised after being installed? What can be done to help ensure aviation systems are secure?

There are 4 primary areas of concern on a modern aircraft: - Maintenance interfaces - What is necessary to ensure that software communicating with the aircraft is correct and operates in a secure manner? - Passenger interfaces - What is necessary to ensure that systems passengers interact with cannot interfere with the aircraft operation? - Crew accessible interfaces - What is necessary to ensure that the crew cannot accidentally connect a malicious device to flight systems? - Pre-flight software validation - Is there a procedure that could be used to ensure that the software running on aircraft systems is 100% correct and unmodified?

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-11:59 PDT


Title: Darknet Contest
When: Sunday, Aug 9, 09:00 - 11:59 PDT
Where: See Description or Village

Description:
Here at Darknet, We are a Real Life (RL) Massively Multiplayer Online Role Playing Game (MMORPG), where we teach you real life skills and you get in-game points for it. Some may call this Gamified learning. We assume no prior knowledge on a subject, teach you the basics, then challenge you to use what you have learned. Our contest has a range of quests, starting with simple tasks and working your way up to very complex problems.

In the past we have taught you how to lock pick, crack wifi, create a PGP Key and communicate online safely, as well as soldering, programming, and code cracking, just to name a few.From there we would have sent you on quests to go to the different villages to learn something from them, and then come back and test your skills.

But alas, we have been forced underground…And while the physical aspect of the conference has moved online, so have we. This year we will be focusing on the skills you will learn, past skills you will refresh, and your interactions with the community. There will not be a points scoreboard this year. Many of you who have previously bought the Darknet 8 Badge have not unlocked the full features. We have quests for you to learn how to interact, develop, and reprogram it. It’s time to Learn, Teach, and Play Agents, are you ready?


Info: https://dcdark.net/

Discord: https://discordapp.com/channels/708208267699945503/735849065593438248/737077762845704224

Twitter DCDarkNet: https://twitter.com/DCDarknet

Twitter Holon: https://twitter.com/Holon_Network


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Sunday - 10:00-10:59 PDT


Title: DAY3 KEYNOTE: Why is Security Hard?
When: Sunday, Aug 9, 10:00 - 10:59 PDT
Where: BioHacking Vlg

SpeakerBio:Seth Carmody , PhD
Seth Carmody, PhD is the Vice President of Regulatory Strategy at MedCrypt. Prior to MedCrypt, Dr. Carmody worked as the cybersecurity program manager at the U.S. FDA's Center for Devices. Carmody brings eight years of experience in guiding medical device technology policy.

Description:
Security debt, the byproduct of market incentives, creates risk for healthcare stakeholders. The manifestation of that risk into harm and the resulting impact do not necessarily change active market incentives. As result, there is a series of cascading failures in the development, regulation, and maintenance of healthcare technology. Therefore, to make a significant impact on the security posture of healthcare and medical devices in particular, a system of policy and technological solutions must; align with active market incentives, enhance the effect of latent market incentives, or create new market incentives. A comprehensive solution is explored.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-13:59 PDT


Title: DDSAT-1
When: Sunday, Aug 9, 09:00 - 13:59 PDT
Where: Aerospace Vlg Workshop

Description:
If CPX SimpleSat was, well, too simple, try your hand at hacking DDSat-1. Here you’ll get to experiment with RF exploitation by attacking a mock satellite over RF while it is talking to a mock ground station. You’ll be able to mimic the style of RF commands being generated as a part of Hack-a-Sat, but in a more simplified and user friendly manner.

Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-15:59 PDT


Title: Deep Space Networking
When: Sunday, Aug 9, 09:00 - 15:59 PDT
Where: Aerospace Vlg Workshop

Description:
Deep space communications utilize TCP/IP protocols with some added assistance from a TCP Convergence Layer and the Bundle Protocol. In this workshop, participants will examine the store-and-forward techniques used to transmit "bundles" of information from one host to another via a relay system. Using the latest version of Wireshark, participants will examine the TCP Convergence Header and locate the first packet of a bundle and the first and second legs of the relay process, as reassembled by Wireshark. After identifying the content contained within the bundle, participants will create a filter to locate the last packet of a bundle and examine key fields of the Bundle Protocol, including fields that define priority, destination type, endpoint IDs, and reporting of bundle delivery.

Return to Index    -    Add to    -    ics Calendar file

 

DCG - Sunday - 15:00-15:59 PDT


Title: DEF CON Groups Panel
When: Sunday, Aug 9, 15:00 - 15:59 PDT
Where: DEF CON Groups
Speakers:Brent White / B1TK1LL3R,Casey Bourbonnais / ADAM_915,Jayson E. Street,April C Wright

SpeakerBio:Brent White / B1TK1LL3R
Brent is a Sr. Security Consultant at NTT Security as well as a Trusted Advisor for the Tennessee Department of Safety and Homeland Security on the topics of Physical and Cyber Security. He is also the founder of the Nashville DEF CON group (DC615), and is the Global Coordinator for the DEF CON conference “Groups” program. He has held the role of Web/Project Manager and IT Security Director for a global franchise company as well as Web Manager and information security positions for multiple television personalities and television shows on The Travel Channel.
Twitter: @brentwdesign

SpeakerBio:Casey Bourbonnais / ADAM_915
No BIO available
Twitter: @Bourbonnais_c

SpeakerBio:Jayson E. Street
Jayson E. Street is the VP of InfoSec at SphereNY ... He is also DEF CON Groups Global Ambassador. Jayson battled a dragon during the Fire Run in Barcelona Spain. He 'accidentally broke into a shark tank in the Dominican Republic and climbed the pyramid of Giza (until the guards carrying AK-47s expressed their displeasure). He consulted with the Secret Service in 2007 on the WIFI security of the White House, and has had tea with a Lebanese General in Beirut. Jayson never finished High School but does have his GED. His first book is used as course material at four colleges in three countries (that he knows of), and he has spoken at numerous universities in the US and gave an eight-hour lecture at the Beijing Institute of Technology in 2014. Outside of standardized education, Jayson has spoken numerous times at DEF CON, at the first six DerbyCons and at many other Cons (Hack in Paris, Nuit Du Hack, IT-Defense, SYSCAN360, PH-Neutral, etc....) around the world. He was also on the David Letterman show (seriously) though he is still waiting for Stephen Colbert to have him on his show! Jayson is only one degree away from Kevin Bacon after awkward hugging Oliver Stone and Jimmy Fallon. He started in security and law enforcement over 30 years ago and has always striven to make things more secure. Jayson has been in the Information Security industry for over 18 years, and once broke into a high scale hotel in the South of France - barefoot - wearing Teenage Mutant Ninja Turtles pajamas. He was also noted as the best janitor of all McDonald's in the South East Texas region for 2 consecutive years.

SpeakerBio:April C Wright
April C. Wright is a hacker, author, teacher, and community leader who has been breaking, making, fixing, and defending the security of global critical communications and connections for over 25 years. She is an international speaker and trainer, educating and advising on matters of privacy and information security with the goal of safeguarding the digital components we rely on every day. April has held roles on defensive, operational, adversarial, and development teams throughout her career and is currently a Senior Application Security Architect. Her book, “Fixing An Insecure Software Life Cycle” was published through O’Reilly, and she is currently writing a new book to be published by No Starch Press. She is a co-host for the SecurityWeekly family of webcasts. April has spoken and contributed to numerous worldwide security conferences (often during repeat appearances), including BlackHat on three continents, DEF CON on two continents, DerbyCon, GRRcon, Layer 8, Hack in Paris, DefCamp Romania, ITWeb South Africa. She has also presented for the US Government and industry organizations such as OWASP and ISSA. She has started multiple small businesses including a non-profit and a photography studio. April currently handles communications for the Official DEF CON Groups global community outreach, and in 2017 she co-founded the local Boston meetup “DC617”. April has collected dozens of certifications to add capital letters at the end of her name, almost died in Dracula’s secret staircase, and once read on The Onion that researchers at the University of North Carolina released a comprehensive report in 2014 confirming her status as the “most significant and interesting person currently inhabiting the earth”, and it was on ‘teh internet’ so it must be true.
Twitter: @aprilwright

Description:
Do you love DEF CON? Do you hate having to wait for it all year? Well, thanks to DEF CON groups, you're able to carry the spirit of DEF CON with you year round, and with local people, transcending borders, languages, and anything else that may separate us! In this moderated panel, your DEF CON groups team who works behind the scenes to make DCG possible will discuss what DCG is all about, getting involved in the community, starting your own local group, and Q&A.

Twitch: https://www.twitch.tv/jaysonstreet

Interact @ #dcg-stage-text: https://discord.com/channels/708208267699945503/710379858429083698


All DEF CON Groups presentations are happening in AltSpace.

AltSpace: https://account.altvr.com/events/1520704529866162594

Listen @ #dcg-stage-voice: https://discord.com/channels/708208267699945503/740428852999880704

Interact @ #dcg-stage-text: https://discord.com/channels/708208267699945503/710379858429083698


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 10:00-11:59 PDT


Title: DEF CON Scavenger Hunt
When: Sunday, Aug 9, 10:00 - 11:59 PDT
Where: See Description or Village

Description:
While everyone in the world finds themselves socially distanced and in some level of quarantine, we are bringing the DEF CON Scavenger Hunt to you. As this year is so different, teams will be limited to one person.

The list will drop at 10AM on Friday, with items to produce and tasks to accomplish until the game ends at noon on Sunday. You will be competing for glory, bragging rights, and prizes (that you can pick up at the table, during the next in-person DEF CON).


Forum: https://forum.defcon.org/node/232938

Discord: https://discord.com/channels/708208267699945503/711049278163779605

Twitter: https://twitter.com/DefConScavHunt

Web: http://defconscavhunt.com/


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Defcon Ham Radio Fox Hunting Contest
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
In the world of amateur radio, groups of hams will often put together a transmitter hunt (also called "fox hunting") in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. Each transmitter will provide a clue or one time use ticket which will prove the player found the fox transmitter. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon at the contest table to help people who find themselves stuck. A small prize to be determined will be given to each participant who locates all of the foxes each day. In previous years a custom made embroidered velcro-backed patch was given out or a "fun" trophy. The patches are always a big hit so it's likely we'll do that again this year if selected.

Forum: https://forum.defcon.org/node/232947

Discord: https://discord.com/channels/708208267699945503/711645275902574633

Twitter: https://twitter.com/richsentme

Web: https://defcon27foxhunt.com


Return to Index    -    Add to    -    ics Calendar file

 

BTVW1 - Sunday - 12:00-13:30 PDT


Title: Deploying Pi-hole: More Than an Ad Blocker (Beginner)
When: Sunday, Aug 9, 12:00 - 13:30 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Ben Hughes
Ben Hughes (@CyberPraesidium) brings over 15 years of diverse experience in cyber security, IT, and law. He leads Polito's commercial services including pen testing, DFIR, and threat hunting. Prior to joining Polito, Ben worked on APT hunt teams at federal and commercial clients. He holds CISSP, GWAPT, and GCFA certifications.
Twitter: @CyberPraesidium

Description:
Pi-hole is a popular open source DNS server that can block ads network-wide, before they even reach your browser. As it effectively functions as a DNS sinkhole, Pi-hole can be configured to securely handle DNS requests for your network devices and automatically block not just ads, but a variety of malicious traffic. This workshop will walk you through how to quickly deploy Pi-hole to protect your home network or in a lab environment. A Raspberry Pi is optional; a Docker container, lightweight virtual machine, or even an old computer will work just fine.

This hands-on workshop will cover the following training outline: * Intro to Pi-hole
* Main features and latest features in the brand new 5.0 release * Deployment options * Network design and DNS/DHCP considerations * HA/failover considerations
* Initial install and configuration
* Using blacklists and whitelists
* Viewing metrics and logs
* What's next? Advanced features and possibilities


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

AIV - Sunday - 09:00-09:30 PDT


Title: Detecting hand-crafted social engineering emails with a bleeding-edge neural language model
When: Sunday, Aug 9, 09:00 - 09:30 PDT
Where: AI Vlg
Speakers:Younghoo Lee,Joshua Saxe

SpeakerBio:Younghoo Lee
No BIO available

SpeakerBio:Joshua Saxe
No BIO available

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 13:00-13:30 PDT


Title: Dissecting Wireless Privacy In Aviation
When: Sunday, Aug 9, 13:00 - 13:30 PDT
Where: Aerospace Vlg

SpeakerBio:Martin Strohmeier
Martin Strohmeier is a Junior Research Fellow of Kellogg College, University of Oxford and a Senior Scientist at the Swiss Cyber Defence Campus.The main focus of his work has been the design, implementation, and analysis of security protocols for cyber-physical systems, specifically those used in critical infrastructures such as aviation (civil and military). Using these domains as a driver for the real-world applicability of his research, his work has been published in many diverse venues, spanning wireless communications, cryptography, systems security, sensor networking, privacy, and aviation.

After his DPhil, he has been extending his interests towards areas of open-source intelligence, privacy issues in aviation and satellite environments, and most recently adversarial machine learning. Martin is also a co-founder of the aviation research network OpenSky where he is responsible for communication and research activities.


Description:
A multitude of wireless technologies are used within air traffic communication. From a conceptual perspective, all of them are insecure as confidentiality was never part of their design and they could not keep up with the change in threat models. This talk analyzes the current state of wireless privacy in aviation, covering air traffic control and datalink communication. We show how combining publicly available data sources enables global tracking of every aircraft for anyone interested. In particular, we present various case studies to demonstrate how anyone can undermine the privacy of military, governmental and corporate operators. Finally, we look at some industry responses and illustrate the futility of the current attempts to maintain privacy for aircraft owners in a world of ubiquitous sensor surveillance.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Sunday - 10:30-10:59 PDT


Title: European regulatory trends for Artificial Intelligence: same impact on US as GDPR?
When: Sunday, Aug 9, 10:30 - 10:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Julia Reinhardt
Julia is based in San Francisco and works as a tech policy consultant and privacy professional. As a Mozilla Fellow in Residence, she assesses opportunities and limitations of European approaches on Trustworthy AI in Silicon Valley and their potential for US businesses and advocacy.

In her first career as a German diplomat, she worked, among others, in EU negotiations on GDPR and on doing outreach and communicating for Germany in the Western US. Inspired by the Silicon Valley tech and policy network she built over the years and her understanding of EU policy-making, she has been consulting tech companies and non-profits in the Bay Area on European tech regulation for four years now. She holds an M.A. in International Relations from Sciences Po Paris, an M.A. in European Studies from Universität Osnabrück, and completed graduate and postgraduate coursework at UC Berkeley, American University of Beirut and Stanford University.


Description:
My paper focuses on how the European Ethics Guidelines for Trustworthy AI will be implemented – whether directly or indirectly and if at all – in Silicon Valley. My perspective incorporates also other related EU regulation that affects AI, in particular the GDPR and the deriving obligation to implement the principles of “privacy by design” and “privacy by default” (Art. 25 GDPR).

During my Mozilla Fellowship (April 2020 through April 2021), I work on finding out what impact the new European Ethics Guidelines for Trustworthy AI will have on US businesses, how useful they find these, as well as how they’re evaluated by activists, and whether we therefore will see a similar trend with them as we saw with the GDPR. I want to share with DEFCON Privacy Village an insight into my research and what this means for Silicon Valley positions on future EU regulation.


Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

DC - Sunday - 09:30-09:59 PDT


Title: Evil Printer: How to Hack Windows Machines with Printing Protocol
When: Sunday, Aug 9, 09:30 - 09:59 PDT
Where: DEF CON Q&A Twitch
Speakers:Chuanda Ding,Zhipeng Huo

SpeakerBio:Chuanda Ding , Senior Researcher, Tencent Security Xuanwu Lab
Chuanda Ding is a senior security researcher on Windows platform security. He leads EcoSec team at Tencent Security Xuanwu Lab. He was a speaker at Black Hat Europe 2018, DEF CON China 2018, CanSecWest 2017, CanSecWest 2016, and QCon Beijing 2016.
Twitter: @FlowerCode_

SpeakerBio:Zhipeng Huo , Senior Researcher, Tencent Security Xuanwu Lab
Zhipeng Huo is a senior security researcher on Windows and macOS platform security at Tencent Security Xuanwu Lab. He reported Microsoft Edge sandbox escape bugs in 2017, 2018, and 2020. He was a speaker at Black Hat Europe 2018.
Twitter: @R3dF09

Description:
Printer Spooler service, one of the important services in Microsoft Windows, has existed for more than 25 years. It runs at highest privilege level, unsandboxed, does networking, and dynamically loads third-party binaries. What could possibly go wrong?

In this talk, we will walk you through an incredibly fun bug we have discovered in printer spooler service. It can be exploited both locally and remotely, escapes sandbox, executes arbitrary code, and also elevates to SYSTEM. While Microsoft managed to develop the most restrictive sandbox for Microsoft Edge, this bug easily goes through it like it's a sieve.

We will talk in detail the implementation of this ancient service, the method we used to discover and exploit the bug, and also throw in some tips and tricks for logic bugs in between.


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Sunday - 12:00-12:40 PDT


Title: exploit insecure crypto wallet
When: Sunday, Aug 9, 12:00 - 12:40 PDT
Where: Blockchain Vlg
Speakers:Minzhi He,peiyu wang

SpeakerBio:Minzhi He
No BIO available

SpeakerBio:peiyu wang
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

AIV - Sunday - 13:00-13:59 PDT


Title: Faults in our Pi Stars: Security Issues and Challenges in Deep Reinforcement Learning
When: Sunday, Aug 9, 13:00 - 13:59 PDT
Where: AI Vlg

SpeakerBio:Vahid Behzadan
No BIO available

Description:No Description available

AI Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/aivillage


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Sunday - 11:00-11:30 PDT


Title: Fear, Uncertainty, and Doubt about Human Microchip Implants
When: Sunday, Aug 9, 11:00 - 11:30 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Zhanna Malekos Smith
No BIO available

Description:
Why are some U.S. lawmakers calling for a preemptive ban on human microchip implants? Today, more than 50,000 people worldwide have elected to receive microchip implants. This technology is especially popular in Sweden, where more than 4,000 Swedes are replacing keycards for chip implants to use for gym access, e-tickets on railway travel, and even store emergency contact information and social media profiles. While chip implants are gradually being embraced, some U.S. lawmakers are taking preemptive action to prohibit forced microchipping and calling it “a rabbit hole I don’t think we should go down". Together, let's go down this 'rabbit hole' to explore the legal, technical, and ethical implications of human microchipping.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Sunday - 13:00-13:30 PDT


Title: File Encryption For Actual Humans
When: Sunday, Aug 9, 13:00 - 13:30 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:David Kane-Parry
dkp has been breaking and building the software you depend on for decades. Presently, at Spotify. Previously, security lead for login.gov and other projects at 18F, cryptography policy owner at Amazon, and hacker-for-hire just about everywhere else.

Description:
I wrote a proof-of-concept tool to demonstrate that, by combining modern cryptography and human-centered design, emailing encrypted files doesn't have to be so thoroughly insecure. Better than Signal? No, but for many, emailing password-protected zip files is the only user-accessible and/or policy-approved method at their disposal. Leaving them at the mercy of broken algorithms and broken approaches to password selection. But both of which can fixed in about 100 lines of Python.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 04:45-05:45 PDT


Title: From Discovery to Disclosure
When: Sunday, Aug 9, 04:45 - 05:45 PDT
Where: Red Team Vlg

SpeakerBio:Ibad Shah
Professional Red Teamer in daylight and Security Researcher at night.

Description:
This session will discuss about journey from discovering vulnerabilities in an android application having premium features leading towards approaching relevant authorities, disclosing all of the required details and solutions. It is to be noted that the application has been downloaded by more than 1.5 million users and exploiting such vulnerabilities would have adverse affect on organization as reputational and regulatory. The talk will also focus on how security researchers can contact relevant authorities of organization more effectively and disclose such critical vulnerabilities.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

WLV - Sunday - 12:00-12:59 PDT


Title: Ghosting the PACS-man: New Tools and Techniques
When: Sunday, Aug 9, 12:00 - 12:59 PDT
Where: Wireless Vlg
Speakers:Iceman,Omikron

SpeakerBio:Iceman
No BIO available

SpeakerBio:Omikron
No BIO available

Description:
Do you fear the PACS-man? Do you lie awake at night atop your pile of RFID cards of unknown origin, pondering grand questions of access control? Is Wiegand a card or a data format? What is an "encrypted" credential and is it actually any more secure? Fear not, fellow explorer. Come discuss your woes with professional ghosts of access control and learn how to keep the PACS-man at bay. This livestream will provide a holistic context of modern access control and outline common design limitations that can be exploited when systems are not implemented correctly. From credentials, to readers, to door controllers and beyond, Babak Javadi and Iceman from the Red Team Alliance will share a practical understanding of what PACS looks like in the field, and how to intercept, clone, downgrade, replay, and one's way through the system.

The talk will demonstrate several new tools, exploits, and refined methods for compromising modern PACS, including:

Customers, integrators, and system designers will also learn more about best practices and defensive methods that can be used to defend systems and deter attackers.


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: H@cker Runw@y
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
For the second year, H@ck3r Runw@y is bringing together fashionistas out there. Make it SMART, LIGHT it up, OBFUSCATE something, or be GEEKY on fleek. Enter clothing, shoes, jewelry, hats or accessories. If you wear it, the runway can handle it. Predesign entry or create something on the fly. Just do it before the stage and bring proof.

Awards will be handed out in 4 categories for predesign and one (1) for anything designed during contest hours. There will also be a People’s Choice category where the winner is anyone’s guess:

Digital (electronic, led, etc)
Smart wear (interactive, temperature sensing, mood changing, etc) Aesthetics (3d printed, geeky wear, passive design) Miscellaneous (obfuscation, lock picks, shims, card skimmers) Live creations
People’s Choice

Judgement based on, but not limited to:

Uniqueness
Trendy
Practical
Couture
Creativity
Relevance
Originality
Presentation
Mastery


Forum: https://forum.defcon.org/node/232893

Discord: https://discord.com/channels/708208267699945503/711644666239647824

Twitter: https://twitter.com/Hack3rRunway

Web: https://hack3rrunway.github.io


Return to Index    -    Add to    -    ics Calendar file

 

HTS - Sunday - 11:00-11:59 PDT


Title: Hack the SeaPod
When: Sunday, Aug 9, 11:00 - 11:59 PDT
Where: Hack the Sea Vlg

SpeakerBio:Fathom5
No BIO available

Description:No Description available

Hack the Sea Village activities will be streamed to Twitch.

Twitch: https://twitch.tv/hackthesea


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 14:00-14:59 PDT


Title: Hack-A-Sat Closing Segment
When: Sunday, Aug 9, 14:00 - 14:59 PDT
Where: Aerospace Vlg

Description:
This segment will officially end the Hack-A-Sat competition. Tune in for awards and celebrations!

This event will be coordinated on the DEF CON Discord server, in channel #av-hack-a-sat-text.


Discord: https://discord.com/channels/708208267699945503/732393766677119087


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-13:59 PDT


Title: Hack-a-Sat
When: Sunday, Aug 9, 09:00 - 13:59 PDT
Where: Aerospace Vlg

Description:
The democratization of space has opened up a new frontier for exploration and innovation. But with this opportunity, new cybersecurity vulnerabilities are also being created. One human can design, build and launch a satellite, adhering to very few standards and security protocols. So how can we achieve safe, reliable and trustworthy operations to truly realize the promise of space?

...BY HACKING A SATELLITE

The United States Air Force, in conjunction with the Defense Digital Service, presents this year’s Space Security Challenge, Hack-A-Sat. This challenge asks hackers from around the world to focus their skills and creativity on solving cybersecurity challenges on space systems.

Security experts from around the globe are invited to pull together a team for our Hack-A-Sat Capture the Flag contest. Participants who successfully complete a set of qualification challenges on cybersecurity and space this spring will be invited to the ultimate challenge: to (ethically) hack a satellite.


Forum: https://forum.defcon.org/node/231203

Twitter: https://twitter.com/hackasat

Web: https://www.HackASat.com

Discord: https://discord.com/channels/708208267699945503/732393766677119087


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Sunday - 11:30-12:30 PDT


Title: HackerBox 0057 Build Session
When: Sunday, Aug 9, 11:30 - 12:30 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Joseph Long (hwbxr)
Joseph Long (hwbxr) is the founder of HackerBoxes: the monthly subscription box for DIY electronics, computer technology, and hacker culture. He has extensive experience in technology R&D and is an attorney of technology law. A former member of the research faculty at Georgia Tech, Joseph is a licensed professional engineer, amateur radio volunteer examiner, past IEEE senior member and chair of multiple IEEE chapters. He has directed or contributed to numerous engineering projects in diverse technology areas including digital and embedded systems, medical devices, broadband communications, and information security. Joseph has provided engineering expertise to technology startups, Fortune 500 companies, NASA, various other government agencies, and research laboratories. He has also prepared and prosecuted hundreds of patent applications for technology leaders such as Google, Microsoft, IBM, AT&T, Cisco, and Boeing as well as technology startups and various university clients.

Description:
Build HackerBox 0057 to explore microcontroller programming, IoT WiFi exploits, Bluetooth control, IR hacks, lockpicking tools, audio/video signaling, and more. HackerBoxes are the monthly subscription box for DIY electronics and computer technology. Each monthly HackerBox is a surprise. But this month the cathode is out of the bag, so to speak. The theme is SAFE MODE.

There will be an indie badge kit featuring dual core ESP32, IPS full-color 240x135 display, AV out, IR in/out, micro joystick, USB-C interface, battery charger, Wi-Fi, Bluetooth, and it's Arduino programmable. Of course there will be swag galore. HackerBox 0057 will bring home a "village" of IoT, Wireless, Lockpicking, and of course Hardware Hacking that should not disappoint.

Monthly HackerBoxes usually ship around the last day of the month. However, SAFE MODE HackerBox 0057 will ship a few days early (for both existing a new members) and should be received in time for DEF CON 28 SAFE MODE. We recommend ordering by July 22, but earlier is always better in light of recent postal delays.


#hhv-badgebuddy-qa-text: https://discord.com/channels/708208267699945503/709254868329693214

Twitch: https://twitch.tv/dchhv


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Hackfortress
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Hackfortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers, TF2 players duke it out while hackers are busy solving puzzles. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store.

Forum: https://forum.defcon.org/node/232291

Discord: https://discord.com/channels/708208267699945503/711643831275225125

Twitter: https://twitter.com/tf2shmoo

Web: http://hackfortress.net


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-09:59 PDT


Title: Hacking Aerospace Cybersecurity Regulation
When: Sunday, Aug 9, 09:00 - 09:59 PDT
Where: Aerospace Vlg
Speakers:Harley Geiger,Kaylin Trychon,Nicky Keeley

SpeakerBio:Harley Geiger , Director of Public Policy, Rapid7
Harley Geiger is Director of Public Policy at Rapid7, where he leads the company's policy engagement on cybersecurity, encryption, computer crime, exports, and digital trade issues. Prior to working at Rapid7, Geiger was Advocacy Director at the Center for Democracy & Technology (CDT), where he worked on issues related to government surveillance, privacy and computer crime. Prior to that, Geiger was Senior Legislative Counsel for U.S. Representative Zoe Lofgren of California, serving as lead staffer for technology policy. Geiger is an attorney and is CIPP/US certified.

SpeakerBio:Kaylin Trychon
No BIO available

SpeakerBio:Nicky Keeley , Head of Cyber Security Oversight, Civil Aviation Authority
Nicole leads the team responsible for regulatory cyber security oversight, for aviation in the UK. Her aim is to have a proportionate and effective approach that enables aviation to manage cyber security risks without compromising aviation safety, security or resilience (with a particular focus on critical national infrastructure). Having worked in a variety of industries in various GRC and technical information security roles, she loves the interconnected and diverse nature of aviation.

Description:
The aerospace industry is highly regulated with a great deal of focus on cybersecurity. Other sectors have seen how good faith hackers and researchers can help increase resilience and highlight vulnerability – how best to do that in a highly regulated, safety critical industry like aerospace? Aerospace regulators have a key role in understanding risk and putting in place the legal frameworks and creating rules, regulations and best practice around good faith research, join us on a panel with the research community and aerospace regulators to chat about what where we are and what we need to do.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 08:30-08:59 PDT


Title: Hacking Airplane Air To Ground (A2G) Systems
When: Sunday, Aug 9, 08:30 - 08:59 PDT
Where: Aerospace Vlg

SpeakerBio:Ali Abdollahi
Ali Abdollahi is a cyber security expert with over 8 years of experience working in a variety of security fields. Ali is a full-time consultant helping clients with product security testing, reverse engineering, penetration testing, exploit developing, red-teaming, secure coding, and more, giving him ample opportunity to use his skills in a diversity of ways. In addition, He is instructor, author and board of review at Hakin9 company. Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs. Ali is a regular speaker and trainer at industry conferences.
Twitter: @AliAbdollahi2

Description:
One of the most important parts of avionic systems is the communication. Airplanes use mobile communication to connect to stations on the ground. In many cases the connection is based on LTE-Advanced technology and in some cases when an airplane is on the seas or somewhere else that there is no base station on the ground, It uses the satellite as a hub. In this presentation I will explain vulnerabilities and ways to take advantage of A2G systems and other avionic components.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

CHV - Sunday - 10:00-10:59 PDT


Title: Hacking Ludicrous Mode on a Tesla (moar powerr!)
When: Sunday, Aug 9, 10:00 - 10:59 PDT
Where: Car Hacking Vlg 001

SpeakerBio:Patrick Kiley , Principal Security Consultant, Rapid7
Patrick Kiley (GXPN, GPEN, GAWN, GCIH, CISSP, MCSE) has over 18 years of information security experience working with both private sector employers and the Department of Energy/National Nuclear Security Administration (NNSA). While he was with the NNSA he built the NNSA's SOC and spent several years working for emergency teams. Patrick has performed research in Avionics security and Internet connected transportation platforms. Patrick has experience in all aspects of penetration testing, security engineering, hardware hacking, IoT, Autonomous Vehicles and CAN bus.
Twitter: @gigstorm

Description:
This talk will cover how I reverse engineered the ludicrous upgrade process on the P85D. I then successfully upgraded the hardware and firmware on a P85D to make the car faster. I will cover the hardware upgrades, the firmware changes as well as the architecture of the Tesla Battery Management System.


#chv-track001-text: https://discord.com/channels/708208267699945503/735650705930453173

YouTube: https://www.youtube.com/watch?v=VvojAHUej1Q&feature=youtu.be

Twitch: https://www.twitch.tv/chvtrack001


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 06:00-06:59 PDT


Title: Hacking Zoom: a Hacker's Journey into Zoom Security
When: Sunday, Aug 9, 06:00 - 06:59 PDT
Where: Red Team Vlg

SpeakerBio:Mazin Ahmed
Mazin Ahmed is a security consultant who specializes in AppSec and offensive security. He is passionate about information security and has previously found vulnerabilities in Facebook, Twitter, Linkedin, and Oracle to name a few. Mazin is the developer of a number of popular open-source security tools that have been integrated into security testing frameworks and distributions. Furthermore, Mazin’s research of WAF security has earned the 4th place on top web hacking techniques of 2015 award. Mazin also built FullHunt, the next-generation vulnerability intelligence platform.

Description:
Zoom is a popular digital video conferencing company. Zoom has become one of the most valuable companies in the world during the pandemic, with millions of users and hundreds of millions of monthly participants globally. I have done a security research experiment in spare time to test Zoom and to find security risks and vulnerabilities on Zoom. The experiment resulted in interesting findings along with interesting vectors I identified within the journey. In this talk, I will be showcasing my findings and the results of my experiment. I will also discuss some of the challenges in the conducted responsible disclosure.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Sunday - 15:00-17:59 PDT


Title: Ham Radio USA License Exams (Sunday)
When: Sunday, Aug 9, 15:00 - 17:59 PDT
Where: See Description or Village

Description:

The Ham Radio Village team is happy to announce that we will be offering virtual license exams this year during DEF CON Safe Mode. The team has negotiated a special discount rate of $5 for the exams. Additionally, the fee is waived for any applicants that are under the age of 18, a student with a current student ID, active military, or a veteran of the armed forces. Registration for exams is required.

Twitter: https://twitter.com/DC_Ham_Exams

Discord: https://discord.com/channels/708208267699945503/732733631667372103

Info/Reg: https://ham.study/sessions/5f0e77d9a47e313e8e5295d9/1


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 12:15-13:15 PDT


Title: Hashes; Smothered, Covered, and Scattered: Modern Password Cracking as a Methodology
When: Sunday, Aug 9, 12:15 - 13:15 PDT
Where: Red Team Vlg

SpeakerBio:Lee Wangenheim
Lee Wangenheim works as a security consultant for the Attack and Penetration team at Optiv. As part of his job he helps to maintain the teams password crackers as well as perform enterprise password audits for various clients. After fielding several questions from the team about best practices, he set out to define the methodology a modern consultant can use to attack passwords they find on an engagement.

Description:
With the explosion of GPU enabled processing power password cracking has long grown beyond the standard wordlist. New tools and techniques are being used in order to effectively and efficiently crack passwords that just a few years ago would have be unfathomable. People often ask me, what is the best way to crack this hash, and the truth is it really depends. Let us introduce some of the more modern and best ways to attack passwords by analyzing the language structures and character patterns of passwords, as well as developing custom rules and rule chains to maximize effort. Password cracking is one of those things that has been around for a long time, however people often do not associate a methodology behind it and consider it just a tool. My presentation has a large amount of content to cover within a 50-minute window, therefore our demos are light and quick showing the different tools built for cracking locally, in the cloud, or in a distributed environment. I feel that by passing along the knowledge of the ins and outs of the tools will be more valuable than having people watch us crack passwords on the screen. The slide decks can be made available to participants and contains sample commands for them to try out each technique I present.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 15:00-15:59 PDT


Title: Have my keys been pwned? - API Edition
When: Sunday, Aug 9, 15:00 - 15:59 PDT
Where: Red Team Vlg
Speakers:José Hernandez,Rod Soto

SpeakerBio:José Hernandez
José Hernandez is a Principal Security Researcher at Splunk. He started his professional career at Prolexic Technologies (now Akamai), fighting DDOS attacks from “anonymous” and “lulzsec” against Fortune 100 companies. As an engineering co-founder of Zenedge Inc. (acquired by Oracle Inc.), José helped build technologies to fight bots and web-application attacks. While working at Splunk as a Security Architect, he built and released an auto-mitigation framework that has been used to automatically fight attacks in large organizations. He has also built security operation centers and run a public threat-intelligence service. Although security information has been the focus of his career, José has found that his true passion is in solving problems and creating solutions. As an example, he built an underwater remote-control vehicle called the SensorSub, which was used to test and measure toxicity in Miami's waterways.

SpeakerBio:Rod Soto
Rod Soto worked at Prolexic, Akamai, Caspida. Won BlackHat CTF in 2012. Co-founded Hackmiami, Pacific Hackers meetup and conferences.

Description:
Current status quo of credential management in cloud related DEVOPS environments enables attackers to easily obtain leaked credentials. This presentation showcases how leaked credentials in public repositories can potentially lead to further compromise in enterprise environments.The focus will be on the DEVOPS attack surface and the toolchains involved within this process in cloud platform environments. Presenters will use a recently released tool (Git Wild Hunt) to show how public leaks can lead to further compromise of individuals and enterprises with actual examples of derived information from compromised secrets. An analysis of credentials leaked globally and its source (company affected and user) will be provided as examples.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: HomebrewHardware Contest
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Have you learned how to build your own hacking hardware at home? Are you etching circuit-boards in your lab, or soldering in a toaster oven in your garage? Are you hosting a MUD on your helmet, or making malicious USB hardware? Did you make something to help you in your everyday life, a unique wearable, or something really nefarious? Are you discovering what old boards do, bending circuits, or re-appropriating the innards of your local e-waste?

We want to see the awesome things you've been building over the last year.

The HomebrewHardware competition is a place to showcase your skill, techniques, and project.

Check our website and twitter for this year’s rules.


Forum: https://forum.defcon.org/node/233025

Discord: https://discord.com/channels/708208267699945503/711644075110957096

Twitter: https://twitter.com/homebrewhardwa1

Web: https://homebrewhardwarecontest.github.io/


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Sunday - 15:00-15:59 PDT


Title: How I defeated the Western Electric 30c
When: Sunday, Aug 9, 15:00 - 15:59 PDT
Where: Lockpick Vlg

SpeakerBio:N∅thing
No BIO available

Description:
I will take you through my thoughts, motivation and techniques on how I defeated the infamous Western Electric 30c.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Sunday - 11:00-11:59 PDT


Title: How Independent Security Researchers work with Medical Device Manufacturers - The Bad, The Ugly & The Great (BUG)
When: Sunday, Aug 9, 11:00 - 11:59 PDT
Where: BioHacking Vlg
Speakers:Kyle Erickson,Natali,Peter,Veronica

SpeakerBio:Kyle Erickson
Kyle Erickson, the Director of Product Security & Privacy Engineering, Cardiac Rhythm Heart Failure (CRHF), Medtronic. Leading a team of 10 engineers focused on Pre-Market & Post Market Medical Device Cyber Security. He has over a 10 years of incident response leadership at one of the largest HDOs.

SpeakerBio:Natali
Natali brings over 10 years of experience, both as a researcher and a team leader, in the field of offensive cyber security and software development. After graduating magna cum laude B.Sc. in Computer Science at the age of 19, as part of a special program for gifted and talented kids, Natali was handpicked to an elite technology unit at 8200. As part of her military service, she researched various devices and platforms and designed and implemented mission-critical, zero fault software components. Following her military service, Natali joined Cellebrite, a global company that provides digital intelligence solutions for investigations and operations, as Vulnerability & Security Researcher. Her focus was on reverse engineering of mobile platforms, vulnerability research and exploitation and later on she served as a team leader, focusing on Linux kernel exploitation. Prior to founding Sternum, Natali held several security research related roles, including leading different R&D teams at two global cyber intelligence market leaders. In her (limited) spare time, Natali is a content junkie and writes short fiction stories. Natali holds an M.Sc. in Computer Science from Bar Ilan University.

SpeakerBio:Peter
Peter came from Clever Security, a boutique security research company he founded. Clever Security focused on hardware and software reverse engineering, software defined radio, applied cryptography, exploitation and vulnerability research. Previously, he was CTO at Boldend, a cybersecurity-focused software defense contractor focused on cutting-edge research and development for the US DoD and Intelligence community. Before that, he was VP of Research and Development at Accuvant/Optiv where he led the Applied and Vulnerability Research teams focused on product security auditing, and capability development for the US DoD and Intelligence community. Before that, he was a security researcher with Matasano Security, where he was responsible for the Midwest practice region out of Chicago, IL. Peter’s career has focused on attacking the intersection of software and hardware to identify security vulnerabilities in products that most security researchers do not have the skillset to audit. While the vast majority of his work is protected via NDA some bespoke output is listed below.

SpeakerBio:Veronica
Veronica started her forensic career in 2008. She is the Director of Incident Response within DFIRLABS. Veronica is also an Assistant Professor at Noroff University, where she will be given her own Minions to plan her world domination. Veronica holds a Master in Science at Rhodes University in Information Security with specialisation in the forensic analysis of malware. She prides herself in keeping patients safe as this is something which is near to her heart. She is also a cyborg sporting an embedded medical device herself. She also is a DEF CON Goon and she is the founder of DC2751. Her particular research interests include research into security vulnerabilities in medical devices forming part of the Internet of Things, and how these could be exploited by malicious attackers, as well as what types of forensic artefacts could be identified from any attacks. She is extremely passionate about protecting people whose lives depend on these medical devices, and her passion saw her becoming a researcher within an MDM . At her core Veronica is a forensicator and hacker and in love with every bit, byte and nibble of knowledge she has obtained.

Description:
"Hear some of the top Security Researchers share their trials and tribulations with Medical Device Manufacturers.

Topics will include:
How they have succeeded in their interactions with larger organizations and what they are working on next. The success stories and failures of working with Medical Device Manufacturers. How working with diverse backgrounds and being open to researchers has helped one company mature its cybersecurity program. What is a proactive security approach and how can it help anticipate failure? How can we tackle the legacy device problem? Explore new ways the community can bring innovative solutions to Medical Device Security."


BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Sunday - 12:30-12:59 PDT


Title: How to Grow a Brain in a Jar - Neuroengineering 101
When: Sunday, Aug 9, 12:30 - 12:59 PDT
Where: BioHacking Vlg

SpeakerBio:Jack
Jack is a biomedical engineer, implantable hardware developer, and EMT. His research involves developing new tools for studying and interacting with the nervous system, including culture systems for emulating brain regions in miniature outside of the body for bioelectrical and neurochemical study.

Description:
As the organ of consciousness, the brain represents the ultimate target for researchers and biohackers interested in investigating and eventually modifying the human organism. Advanced monitoring systems and - more recently - early prostheses targeting the central nervous system have been developed. At the same time, dramatic progress in cell culture techniques and stem cell differentiation have allowed for the creation of autonomous neural structures and “mini-brains” ex-vivo, which have been used for therapeutic purposes, microphysiological studies, and more. Additionally, researchers have worked towards creating electronics that mimic the function of the nervous system to enhance computing capabilities. All three of these thrusts fall under the broader umbrella of neuroengineering. This talk aims to provide a crash course in recent developments in the field of neuroengineering, and to show how some of this research might be replicated in the home lab. Come learn about the bleeding edge of neuroengineering, as these technologies begin to move out of the lab and into the biohacking world, and as the line between human and machine grows ever blurrier.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

ETV - Sunday - 12:00-12:59 PDT


Title: How to Start a Movement: Hackers Edition
When: Sunday, Aug 9, 12:00 - 12:59 PDT
Where: Ethics Vlg

SpeakerBio:Chloé Messdaghi
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.

Description:
This will be a live talk.


Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: ICS Hack the Plan[e]t
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Hack the Plan[e]t Capture the Flag (CTF) contest will feature Howdy Neighbor and the Industrial Control System (ICS) Range. This first of its kind CTF will integrate both Internet of Things (IoT) and ICS environments with interactive components for competitors to test their skills and knowledge.

Howdy Neighbor is an interactive IoT CTF challenge where competitors can test their hacking skills and learn about common oversights made in development, configuration, and setup of IoT devices. Howdy Neighbor is a miniature home - made to be “smart” from basement to garage. It’s a test-bed for reverse engineering and hacking distinct consumer-focused smart devices, and to understand how the (in)security of individual devices can implicate the safety of your home or office, and ultimately your family or business. Within Howdy Neighbor there are over 25 emulated or real devices and over 50 vulnerabilities that have been staged as challenges. Each of the challenges are of varying levels to test a competitors ability to find vulnerabilities in an IoT environment. Howdy Neighbor’s challenges are composed of a real or simulated devices controlled by an App or Network interface and additional hardware sensors; each Howdy Neighbor device contains 1 to 3 staged vulnerabilities which when solved present a key for scoring/reporting that it was discovered.

In the same vein, this CTF challenge will also leverage the ICS Village’s ICS Ranges including physical and virtual environments to provide an additional testbed for more advanced challenges in critical infrastructure and ICS environments. New this year, there will be integrated elements from DHS/CISA with their newly built mobile environments that are realistically miniaturized assets (ie - operational oil and natural gas pipeline, etc.) and will be the first they’ll be opened to the public for hacking.


Forum: https://forum.defcon.org/node/233029

Discord: https://discord.com/channels/708208267699945503/711643691877531698

Twitter: https://twitter.com/ICS_Village

Web: https://www.icsvillage.com


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Sunday - 13:00-13:59 PDT


Title: Importing vector graphics in to EagleCAD
When: Sunday, Aug 9, 13:00 - 13:59 PDT
Where: Hardware Hacking Vlg

Description:

Twitch: https://www.twitch.tv/dchhv

Return to Index    -    Add to    -    ics Calendar file

 

BTVW2 - Sunday - 10:30-11:59 PDT


Title: Incident Response and the ATT&CK Matrix (Beginner)
When: Sunday, Aug 9, 10:30 - 11:59 PDT
Where: Blue Team Vlg - Workshop Track 2

SpeakerBio:Sam Bowne , Founder, Infosec Decoded Inc.; Instructor, City College San Francisco
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.

Credentials: PhD, CISSP, DEF CON Black Badge Co-Winner

Twitter: @sambowne

Description:
Practice techniques to detect, analyze and respond to intrusions on cloud servers. We will emulate APT attacks and detect them with Splunk, Suricata, Sysmon, Wireshark, Yara and other tools. We will use the ATT&CK Matrix to enumerate threat actors, tactics and techniques.

Beginners are welcome. No previous experience with these techniques is required. Participants need a credit card and a few dollars to rent Google Cloud servers.

Practice techniques to detect, analyze and respond to intrusions. We will construct targets and attackers on the Google cloud, and send attacks using Metasploit and Caldera to emulate APT attackers. We will monitor and analyze the attacks using Splunk, Suricata, Sysmon, Wireshark, Yara and online analysis tools including PacketTotal and VirusTotal.

We will cover the ATT&CK Matrix in detail, which enumerates threat actors, tactics and techniques, so red and blue teams can better communicate and work together to secure networks.

The workshop is structured in a CTF format. Each participant works at their own pace. The techniques will be demonstrated, with complete step-by-step instructions to lead beginners through the easy challenges. There are also harder challenges for more experienced participants. We will help participants as needed, to ensure that everyone learns new techniques.

Participants need a credit card and a few dollars to rent Google Cloud servers. We will use Debian Linux and Windows Server 2016 systems. All the tools we will use are freely available, and all the training materials will remain available to everyone after the workshop ends.


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Sunday - 10:30-10:59 PDT


Title: Infodemic: Threat models for patient communities on social networks
When: Sunday, Aug 9, 10:30 - 10:59 PDT
Where: BioHacking Vlg

SpeakerBio:Andrea Downing
Andrea Downing is a Community Data Organizer, security researcher, and advocate hereditary cancer community. In 2018, she discovered the a security vulnerability that affected all closed groups on Facebook. She served on the organizing team at Stanford Medicine X.

Description:
People going through trauma are more vulnerable to misinformation. First coined by the World Health Organization, COVID19 has sparked a widespread infodemic. This talk will examine examples of disinformation campaigns. We'll look at ways that sock puppets target, scrape, at spread misinformation on COVID. Finally, we'll look at some examples of how disinformation has caused harm and loss of life for vulnerable populations.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Sunday - 10:00-10:30 PDT


Title: Intro to Lockpicking
When: Sunday, Aug 9, 10:00 - 10:30 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Sunday - 12:00-12:30 PDT


Title: Intro to Lockpicking
When: Sunday, Aug 9, 12:00 - 12:30 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Sunday - 14:15-14:45 PDT


Title: Intro to Lockpicking
When: Sunday, Aug 9, 14:15 - 14:45 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Sunday - 16:15-16:45 PDT


Title: Intro to Lockpicking
When: Sunday, Aug 9, 16:15 - 16:45 PDT
Where: Lockpick Vlg

SpeakerBio:The Open Orginisation Of Lockpickers
No BIO available
Twitter: @toool

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

BTVW1 - Sunday - 09:00-10:30 PDT


Title: Introduction to Malware Analysis & Response (MA&R) (Beginner)
When: Sunday, Aug 9, 09:00 - 10:30 PDT
Where: Blue Team Vlg - Workshop Track 1

SpeakerBio:Michael Wylie , Director of Cybersecurity Services, Richey May Technology Solution
Michael Wylie (Twitter: @TheMikeWylie), MBA, CISSP is the Director of Cybersecurity Services at Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability assessments, cloud security, penetration tests, risk management, and training. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Universities, and for clients around the world. Michael is the winner of numerous SANS challenge coins and holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GMON, GPEN, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, and more.
Twitter: @TheMikeWylie

Description:
In this introductory hands-on fundamental malware analysis workshop. IT and Cybersecurity professionals will learn the basic skills necessary to safely analyze the characteristics and behavior of malware. Students will walk away with practical techniques and methodologies that can be immediately applied to statically and dynamically analyzing software with an emphasis on malicious software. Gone are the days where incident responders reformat infected systems destroying valuable evidence. Preserving and analyzing malware artifacts will give attendees the skills to understand, at a high level, the techniques and malicious intents of malware that defeated their security controls.

LEARNING OBJECTIVES

  1. Understand fundamentals of malware analysis
  2. Understand the goals and benefits of performing malware analysis
  3. Be able to perform basic static analysis on Windows malware
  4. Be able to setup a malware analysis lab
  5. Be able to perform dynamic analysis on Windows malware

Who should take this course?
IT and Cybersecurity students and professionals. This is an introduction to malware analysis course for beginners.

What will students be provided with?
Students will be provided with a Windows 10 virtual machines (trial version) with malware analysis tools and training material. Attendees will be provided with step-by-step instructional labs.


This is a workshop that requires pre-registration. Details for how to participate in this workshop can be obtained by contacting the Blue Team Village staff.

Return to Index    -    Add to    -    ics Calendar file

 

MOV - Sunday - 10:00-11:30 PDT


Title: Keynote: Monero: Sound Money Safe Mode
When: Sunday, Aug 9, 10:00 - 11:30 PDT
Where: Monero Vlg

SpeakerBio:Dr. Daniel Kim
No BIO available

Description:
"Monero Means Money" -- with updated data, new data on government budget deficits, and increased emphasis on Monero's importance in the current medical & economic crisis

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Sunday - 13:00-13:30 PDT


Title: Keystone to the Kingdom
When: Sunday, Aug 9, 13:00 - 13:30 PDT
Where: Lockpick Vlg

SpeakerBio:Austin Marck
No BIO available

Description:
SFICs are very popular locks, but there are some tricks that might get you in the front door. By the end of this talk participants should be familiar with SFIC picking, Key Duplication, Lateral movement, and System decoding. There is even a remote CTF!

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Sunday - 10:00-11:59 PDT


Title: Kubernetes Container Orchestration Security Assessment
When: Sunday, Aug 9, 10:00 - 11:59 PDT
Where: AppSec Vlg

SpeakerBio:Ali Abdollahi
Ali Abdollahi is a cyber security expert with over 8 years of experience working in a variety of security fields. Ali is a full-time consultant helping clients with product security testing, reverse engineering, penetration testing, exploit developing, red-teaming, secure coding, and more, giving him ample opportunity to use his skills in a diversity of ways. In addition, He is instructor, author and board of review at Hakin9 company. Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs. Ali is a regular speaker and trainer at industry conferences.
Twitter: @AliAbdollahi2

Description:
In this workshop, we will first discuss the fundamentals. After grasping underlying containerization technology, we will go deep about technology vulnerabilities, exploitation techniques, auditing, and hardening solutions.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 09:45-10:45 PDT


Title: Kubernetes Goat - Vulnerable by Design Kubernetes Cluster Environment
When: Sunday, Aug 9, 09:45 - 10:45 PDT
Where: Red Team Vlg

SpeakerBio:Madhu Akula
Madhu Akula is creator of Kubernetes Goat, security ninja, published author and cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops and cloud native communities (null, DevSecOps, AllDayDevOps, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26 & 27), BlackHat USA (2018 & 19), USENIX LISA (2018 & 19), O’Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018 & 19), All Day DevOps (2016, 17, 18, 19 & 20), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18), Nullcon (2018, 19), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Also won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams."

Description:
Kubernetes Goat is “vulnerable by design” Kubernetes Cluster environment to practice and learn about Kubernetes Security. In this session Madhu Akula will present how to get started with Kubernetes Goat by exploring different vulnerabilities in Kubernetes Cluster and Containerised environments. Also he demonstrates the real-world vulnerabilities and maps the Kubernetes Goat scenarios with them. Also, we will see the complete documentation and instruction to practice Kubernetes Security for performing security assessments. As a defender you will see how we can learn these attacks, misconfigurations to understand and improve your cloud native infrastructure security posture.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

DC - Sunday - 16:30-16:59 PDT


Title: Lateral Movement and Privilege Escalation in GCP; Compromise any Organization Without Dropping an Implant
When: Sunday, Aug 9, 16:30 - 16:59 PDT
Where: DEF CON Q&A Twitch
Speakers:Allison Donovan,Dylan Ayrey

SpeakerBio:Allison Donovan , Security Engineer
Allison Donovan is a security researcher who specializes in cloud-based platforms and devices. She is currently employed as a Senior Infrastructure Security Engineer at Cruise, where she secures cloud-based environments at scale, and previously she worked at Microsoft on mobile application security and site reliability engineering.

SpeakerBio:Dylan Ayrey , Security Engineer
I'm a Senior Security. I've been heavily involved in the open source community for a few years, and I've been doing my best to bring security practices into the cloud/devsecops world.

Description:
Google Cloud’s security model in many ways is quite different from AWS. Spark jobs, Cloud Functions, Jupyter Notebooks, and more default to having administrative capabilities over cloud API's. Instead of defaulting to no capabilities, permissions are granted to default identities. One default permission these identities have is called actAs, which allows a service by default to assume the identity of every service account in its project; many of which typically have role bindings into other projects and across an organization's resources.

This means by default many API's and identities can compromise large swaths of an organization by moving laterally by impersonating or gaining access to other identities. This can all be done without dropping a single implant on a machine.

In this talk we'll demonstrate several techniques to perform identity compromise via the ActAs permission, privilege escalation, lateral movement, and widespread project compromise in Google Cloud. As well as release tools for exploitation.

Next we'll show what detection capabilities are possible in the Google Cloud ecosystem, by showing Stackdriver logs that correspond with our exploitation techniques, and showing limitations in what's available. We'll also release tools and queries that can be used for detection . As well as insight to how we have attempted to tackle this problem at scale.

Lastly we'll go over remediation efforts you can take as a Google Cloud customer, and show how difficult it can be to secure yourself against these attacks. We will release tools that can be used to harden your organization, and walk through user stories and anecdotes of what this process looks at scale within our organization.


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Sunday - 09:00-09:30 PDT


Title: Learn to Solder the BadgeBuddy Kit
When: Sunday, Aug 9, 09:00 - 09:30 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Joseph Long (hwbxr)
Joseph Long (hwbxr) is the founder of HackerBoxes: the monthly subscription box for DIY electronics, computer technology, and hacker culture. He has extensive experience in technology R&D and is an attorney of technology law. A former member of the research faculty at Georgia Tech, Joseph is a licensed professional engineer, amateur radio volunteer examiner, past IEEE senior member and chair of multiple IEEE chapters. He has directed or contributed to numerous engineering projects in diverse technology areas including digital and embedded systems, medical devices, broadband communications, and information security. Joseph has provided engineering expertise to technology startups, Fortune 500 companies, NASA, various other government agencies, and research laboratories. He has also prepared and prosecuted hundreds of patent applications for technology leaders such as Google, Microsoft, IBM, AT&T, Cisco, and Boeing as well as technology startups and various university clients.

Description:
Learn to Solder with HackerBoxes. Assemble your very own BadgeBuddy. HackerBoxes has updated a special edition BadgeBuddy soldering kit for DEF CON 28 SAFE MODE.

The BadgeBuddy is a simple and fun kit to introduce basic soldering skills. Once assembled, the blinky mini-badge PCB can be hung from a conference lanyard, backpack, purse, belt, etc using the included bead-chain. The BadgeBuddy uses self-cycling rainbow LEDs for a reduced bill of materials requiring no external control circuitry. The result is a very nice colorful effect that is still simple enough for a first time soldering project.

As in past years, the BadgeBuddy is free (as in beer) and in light of DEF CON 28 SAFE MODE, HackerBoxes will send it directly to you, anywhere in the United States, for only $1 S&H. If you do not already have soldering tools on hand, HackerBoxes is also making a set of basic soldering tools available at cost. Both can be found at HackerBoxes.com and can be ordered now to ship starting on July 20. Orders as late as July 25 should still be received in time for DEF CON 28 SAFE MODE, but earlier is always better in light of recent postal delays.


#hhv-badgebuddy-qa-text: https://discord.com/channels/708208267699945503/709254868329693214

Twitch: https://twitch.tv/dchhv


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Sunday - 14:00-14:30 PDT


Title: Learn to Solder the BadgeBuddy Kit
When: Sunday, Aug 9, 14:00 - 14:30 PDT
Where: Hardware Hacking Vlg

SpeakerBio:Joseph Long (hwbxr)
Joseph Long (hwbxr) is the founder of HackerBoxes: the monthly subscription box for DIY electronics, computer technology, and hacker culture. He has extensive experience in technology R&D and is an attorney of technology law. A former member of the research faculty at Georgia Tech, Joseph is a licensed professional engineer, amateur radio volunteer examiner, past IEEE senior member and chair of multiple IEEE chapters. He has directed or contributed to numerous engineering projects in diverse technology areas including digital and embedded systems, medical devices, broadband communications, and information security. Joseph has provided engineering expertise to technology startups, Fortune 500 companies, NASA, various other government agencies, and research laboratories. He has also prepared and prosecuted hundreds of patent applications for technology leaders such as Google, Microsoft, IBM, AT&T, Cisco, and Boeing as well as technology startups and various university clients.

Description:
Learn to Solder with HackerBoxes. Assemble your very own BadgeBuddy. HackerBoxes has updated a special edition BadgeBuddy soldering kit for DEF CON 28 SAFE MODE.

The BadgeBuddy is a simple and fun kit to introduce basic soldering skills. Once assembled, the blinky mini-badge PCB can be hung from a conference lanyard, backpack, purse, belt, etc using the included bead-chain. The BadgeBuddy uses self-cycling rainbow LEDs for a reduced bill of materials requiring no external control circuitry. The result is a very nice colorful effect that is still simple enough for a first time soldering project.

As in past years, the BadgeBuddy is free (as in beer) and in light of DEF CON 28 SAFE MODE, HackerBoxes will send it directly to you, anywhere in the United States, for only $1 S&H. If you do not already have soldering tools on hand, HackerBoxes is also making a set of basic soldering tools available at cost. Both can be found at HackerBoxes.com and can be ordered now to ship starting on July 20. Orders as late as July 25 should still be received in time for DEF CON 28 SAFE MODE, but earlier is always better in light of recent postal delays.


#hhv-badgebuddy-qa-text: https://discord.com/channels/708208267699945503/709254868329693214

Twitch: https://twitch.tv/dchhv


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 00:00-15:59 PDT


Title: lo57 Mystery Challenge
When: Sunday, Aug 9, 00:00 - 15:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231985

Discord: https://discord.com/channels/708208267699945503/732439421973954571


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Sunday - 13:00-13:30 PDT


Title: Locha Mesh: Monero off-the-grid
When: Sunday, Aug 9, 13:00 - 13:30 PDT
Where: Monero Vlg

SpeakerBio:Randy Brito
No BIO available

Description:No Description available

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Sunday - 13:30-14:30 PDT


Title: Making Next Generation Drugs at Home
When: Sunday, Aug 9, 13:30 - 14:30 PDT
Where: BioHacking Vlg

SpeakerBio:Mixæl Swan Laufer
Mixæl Swan Laufer worked in mathematics and high energy physics until he decided to use his background in science to tackle problems of global health and human rights. Perpetually disruptive, he continues to work to make it possible for people to manufacture their own medications at home.

Description:
The structures of drugs and their delivery mechanisms have become orders of magnitude more sophisticated in recent years. Polymer subdermal trickle-delivery implants can now be manufactured with a 3D printer filament extruder. We can now find simple new synthesis pathways for complex molecules using machine learning systems, and these compounds can be made at home. The Four Thieves Vinegar Collective will show the free, open access, supercomputing platform they have built so that anyone can do research in this arena independently on our hardware. Additionally, they will show the latest version of the automated chemical reactor, the Apothecary Microlab, which requires no soldering, and is built entirely from off-the-shelf and 3D printed parts.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

DL - Sunday - 10:00-11:50 PDT


Title: MalConfScan with Cuckoo
When: Sunday, Aug 9, 10:00 - 11:50 PDT
Where: See Description or Village
Speakers:Tomoaki Tani,Shusei Tomonaga

SpeakerBio:Tomoaki Tani
Tomoaki Tani works as a Forensic Analyst at Incident Response Group of JPCERT/CC. His primary responsibility is in providing coordination and assistance for cybersecurity incidents related to Japanese constituents. With his technical insight, he is also in charge of analyzing incident trends and attack methods. He presented at CODE BLUE, BsidesLV, BlackHat USA Arsenal, PHDays, VB Conference, and more. Prior to joining JPCERT/CC, he was engaged in security analysis operations and incident handling at a major Japanese telco.

SpeakerBio:Shusei Tomonaga
Shusei Tomonaga is a member of the Incident Response Group of JPCERT/CC. Since December 2012, he has been engaged in malware analysis and forensic investigation. In particular, he spearheads the analysis of targeted attacks affecting critical Japanese industries. In addition, he has written blog posts on malware analysis and technical findings (https://blogs.jpcert.or.jp/en/). Prior to joining JPCERT/CC, he was engaged in security monitoring and analysis operations at a foreign-affiliated IT vendor. He has presented at CODE BLUE, BsidesLV, Botconf, VB Conference, PHDays, PacSec, FIRST Conference, BlackHat USA Arsenal, and more.

Description:
"MalConfScan with Cuckoo" is a tool for automatically extracting known Windows and Linux malware's configuration data.

Audience: Defense (Malware Analyst, BlueTeam)


Interact @ #dl-tani-malconfscan-text: https://discord.com/channels/708208267699945503/730256507702345813

Watch @ #dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505

Github: https://github.com/JPCERTCC/MalConfScan-with-Cuckoo

Forum: https://forum.defcon.org/node/233121


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Sunday - 10:00-10:30 PDT


Title: Meetup: Sourcing Parts
When: Sunday, Aug 9, 10:00 - 10:30 PDT
Where: Hardware Hacking Vlg

SpeakerBio:bombnav
No BIO available

Description:
Sourcing parts in the COVID involves new challenges due to supply chain issues. Counterfeiting continues to be an problem with out of production parts. This meetup is designed to share ideas and sources for acquiring parts for electronic hobbyists.

#hhv-meetups-a-text: https://discord.com/channels/708208267699945503/739567085004521533

#hhv-meetups-a-voice: https://discord.com/channels/708208267699945503/739571117756383333


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Sunday - 12:30-12:59 PDT


Title: Meetup: Wearables
When: Sunday, Aug 9, 12:30 - 12:59 PDT
Where: Hardware Hacking Vlg

SpeakerBio:ShortTie
No BIO available

Description:
A place to meet people with the same interests or challenges and discuss. The meetup is a nexus for finding and starting the conversation. Bring your expertise and your questions.

#hhv-meetups-a-text: https://discord.com/channels/708208267699945503/739567085004521533

#hhv-meetups-a-voice: https://discord.com/channels/708208267699945503/739571117756383333


Return to Index    -    Add to    -    ics Calendar file

 

BCV - Sunday - 10:10-10:59 PDT


Title: Modeling systematic threat: testing on mainnet fork
When: Sunday, Aug 9, 10:10 - 10:59 PDT
Where: Blockchain Vlg

SpeakerBio:Martinet Lee
No BIO available

Description:No Description available

Blockchain Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/blockchainvillage


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-13:59 PDT


Title: Nyan Sat Workshop
When: Sunday, Aug 9, 09:00 - 13:59 PDT
Where: Aerospace Vlg Workshop

Description:
What’s another way to hack a satellite? Through ground stations.

Nyansat consists of three fun, non-competitive challenges: building your own satellite tracking antenna, exploiting a ground station modem, and participating in our livestreamed, internet-accessible, community ground station event.


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Online MUD - EvilMog
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
This CTF is a MUD with 8-9 quests, intentional exploits, and about 1200 rooms has been setup at mog.ninja port 4000. A website documenting the MUD is at https://mog.ninja and a CTFd is setup at https://ctf.mog.ninja. The game is an LPMud and runs on gurbalib and DGD. If you complete all the quests you become a wizard. You connect by telneting on port 4000. The game has been balanced out to take about a week to complete all the quests and hit max level if you find most of the in game exploits.

Forum: https://forum.defcon.org/node/232895

Discord: https://discord.com/channels/708208267699945503/728707998796480590

MUD Docs: https://mog.ninja

CTFd: https://ctf.mog.ninja


Return to Index    -    Add to    -    ics Calendar file

 

DC - Sunday - 11:30-11:59 PDT


Title: Only takes a Spark - Popping a shell on a 1000 nodes
When: Sunday, Aug 9, 11:30 - 11:59 PDT
Where: DEF CON Q&A Twitch

SpeakerBio:ayoul3
Ayoub currently works as Lead Security at Qonto. He spent several years working as a pentester and an incident responder. He gave talks at various security conferences about Mainframe hacking. Lately, his main focus is Cloud security.
Twitter: @ayoul3__

Description:
Apache Spark is one of the major players if not the leader when it comes to distributed computing and processing. Want to use machine learning to build models and uncover fraud, make predictions, estimate future sales or calculate revenue ? Whip out a 200 nodes cluster on Spark and you are good to go.

This talk will show you how to get a shell on each one of these nodes! We are talking about systems that, by design, have access to almost every datastore in the company (S3, Cassandra, BigQuery, MySQL, Redshift, etc.). This is game over for most companies. I will also release a tool that will help pentesters pwn Spark clusters, execute code and even bypass authentication (CVE-2020-9480).


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

ETV - Sunday - 14:00-14:59 PDT


Title: Open Live Chat for all Speakers or another talk on Ethics of Moderation
When: Sunday, Aug 9, 14:00 - 14:59 PDT
Where: Ethics Vlg

SpeakerBio:Ethics Village Staff
No BIO available

Description:
This will be a live and open chat for everyone to participate in.


Twitch: https://www.twitch.tv/ethicsvillage

#ev-talks-voice: https://discord.com/channels/708208267699945503/730299696454696980

#ev-general-text: https://discord.com/channels/708208267699945503/732732980342030449


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Sunday - 14:00-14:30 PDT


Title: Open Ventilator Remote Monitoring Project
When: Sunday, Aug 9, 14:00 - 14:30 PDT
Where: BioHacking Vlg

Description:
2020 has been the year of COVID-19. The healthcare sector has been on the frontlines of battling this pandemic. There was significant projected demand for rapidly-manufactured ventilators during the early stages of the COVID-19 pandemic in the United States. Massachusetts was hard hit during the early stages of this pandemic, and the state’s largest healthcare delivery organization brought together the open source community to develop new technologies and processes for rapidly developing resources needed to treat predicted growth of infections. The open source community came together to develop rapid prototype ventilators that could be potentially mass produced in quick succession. Many of these devices did not have built-in monitoring capabilities, so there was an anticipated need for staff to adequately track alarms in a centralized manner for these devices.

The Open Ventilator Monitoring Project addressed this need by rapidly creating a system that allows hospitals to monitor alarms and patient data from ventilators, integrating the status of multiple devices into a single display, similar to a central nursing station. During the design process of this project, an additional need was brought to the team’s attention. Due to infection control procedures that require closing doors to patient rooms, clinical staff were unable to hear alarms from ventilators that were not already integrated into a traditional central monitoring system. The team then pivoted to develop a solution to modify the hardware and software system to include the ability to auditorily monitor and alert based on the sound pressure of these ventilator alarms.

To date, the team has delivered a Minimum Viable Product (MVP), which has undergone limited lab testing in the Massachusetts General Hospital’s Medical Device Interoperability and Cybersecurity Program Lab (MGH MD PnP). The project has longer term goals of safety/integration, and ultimately, deployment within settings such as field hospitals. It is expected that this project's capabilities may be useful to many hospitals, extending beyond the constantly-changing emergency of COVID-19's spread.

This open source project is led by Sam Cervantes, MakerGear CTO and David Guffrey, MGB/Partners HealthCare Medical Device Cybersecurity Program Lead and includes ten contributors from the open source community, students, clinical engineers, and MITRE. The project utilizes both a cloud-based and embedded architecture, deployed on affordable & widely available consumer-grade hardware such as Raspberry Pi & Arduino. Software stacks used include Ruby on Rails, Javascript, Python, and C++.

While the software has been designed to monitor ventilators, the project's architecture - utilizing APIs and plugins - is extensible to other network environments and other device types.

Ultimately, hospitals in the U.S. have not experienced a shortage of traditional ventilators, and so our software was not needed during the Covid-19 crisis. However, we present a framework for rapidly developing software in crisis situations along with a set of lessons learned for those who follow in future crises.

In this talk, we will cover topics such as:


BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-11:59 PDT


Title: OpenSOC Blue Team CTF - Finals Round
When: Sunday, Aug 9, 09:00 - 11:59 PDT
Where: See Description or Village

Description:
OpenSOC is a Digital Forensics, Incident Response (DFIR), and Threat Hunting challenge meant to teach and test practical incident response skills in an environment that closely resembles a real enterprise network. This virtual environment is representative of what you would find in an enterprise network, including: workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high-fidelity training environment for unleashing real-world attacks and testing responders’ abilities to filter and detect malicious activity on the network. This isn’t just another CTF. We’ve built this platform to train real-world responders to handle real-world situations, and each year we incorporate new scenarios that are modeled after threat actors and breaches experienced by the OpenSOC team. From APT attacks using 0-days and heavily weaponized shellcode to sneaky lateral movement and exfiltration techniques, we expose contestants to a wide-range of techniques that we see actively used in the wild.We encourage team participation, and always have folks on hand to assist those just getting started out.Even better - 100% of the security tools demonstrated within OpenSOC are Free and/or Open Source! These projects include Velociraptor, Sysmon, osquery, Suricata, Moloch, pfSense and Graylog + ELK bringing it all together in an awesome way. This allows our contestants to not only have fun at DEF CON, but also learn skills and tools they can take back to work on Monday.

The Challenge:


Forum: https://forum.defcon.org/node/232949

Discord: https://discord.com/channels/708208267699945503/711644213170667562

Twitter: https://twitter.com/Recon_InfoSec

Web: https://opensoc.io


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 00:00-15:59 PDT


Title: OSINTSECCryptoAIBlockchain
When: Sunday, Aug 9, 00:00 - 15:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231050

Discord: https://discord.com/channels/708208267699945503/732439527213367346


Return to Index    -    Add to    -    ics Calendar file

 

PHVT - Sunday - 11:00-11:59 PDT


Title: Packet Acquisition: Building the Haystack
When: Sunday, Aug 9, 11:00 - 11:59 PDT
Where: Packet Hacking Vlg - Talk
Speakers:Chris Abella,Pete Anderson

SpeakerBio:Chris Abella , P SE, ExtraHop Networks
No BIO available

SpeakerBio:Pete Anderson , Sr. SE, ExtraHop Networks
No BIO available

Description:
Packet hacking doesn't happen without packets. There are multiple methods to get packets from a network; from local tcpdump and Wireshark all the way to enterprise wide tapping and span aggregation. In this talk, we'll discuss enterprise packet acquisition strategies and challenges, and the methods, tools, and techniques necessary to build the data foundation for effective network-based detection and forensics.

Garbage data in means garbage analysis out. Chris and Pete have spent decades working with Fortune 500 NOC and SOC teams to implement advanced packet analysis solutions, build better packet pipelines, and get more from those packets.



YouTube: http://youtube.com/wallofsheep

Twitch: http://twitch.tv/wallofsheep

Facebook: http://facebook.com/wallofsheep/

Periscope: https://t.co/gnl7JLlftA?amp=1


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 01:00-01:59 PDT


Title: PatrOwl - Red flavour of SOC automation
When: Sunday, Aug 9, 01:00 - 01:59 PDT
Where: Red Team Vlg

SpeakerBio:Nicolas MATTIOCCO
Nicolas MATTIOCCO is an information security expert since 12 years and was involved in various security consulting engagements from penetration tests to global risk assessments and security operations implementation. Today, he is working as a red teamer and in automating security operations at a large scale.

Description:
A company, regardless of its size and market power, may go out of business or lose a lot of value because of a security incident on its information system. The number of vulnerabilities and the interest of cyber-attackers is only increasing. With the advent of the monetization of botnet cyber attacks or the installation of crypto-miners for example, the threats are going more varied and intensified, but less targeted. The vast majority of companies are digital and increasingly exposed on the Internet. The level of cyber exposure is also higher. The "Cyber" risk has become vital. Today, everything has changed and tomorrow everything will change even faster. Where manual analysis was sufficient, paradigms of risk assessment are moving towards more automation. But **we need intelligent automation**.

This automation strategy also tends to address the drastic lack of competent cyber security resources and retention of talents. The automation of recurrent, time-consuming and low-value-added tasks will allow teams to focus on more complex and therefore more motivating topics. To efficiently support this strategy, we developed PatrOwl, an Open Source, Free and Scalable Security Operations Orchestration Platform. Technically, PatrOwl is a solution for automating calls to commercial or open source tools that perform checks. To date, more than 140 tools or online services are supported. Beyond centralizing the results (vulnerabilities, meta-data, asset metadata) obtained, the PatrOwl analysis engine compares these results with its knowledge base and other third-party services to determine scenarios of attacks (predictive analysis) or to trigger actions (alerting, program calls, ...). Largely customizable, PatrOwl is suitable for supporting penetration testing, vulnerability audit and compliance, static source audit, threat research (CTI) and security incident response activities (SOC / DFIR).


Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

PAYV - Sunday - 10:00-10:59 PDT


Title: PoS Terminal Security Uncovered
When: Sunday, Aug 9, 10:00 - 10:59 PDT
Where: Payment Vlg

SpeakerBio:Aleksei Stennikov
No BIO available

Description:
"Everyone uses different types of payment hardware in order to pay by card everyday. But how often do you think, how secure is it?

The speaker will talk about the payment terminals hardware internals and the approach to the security of common manufacturers, typical vulnerabilities, approaches to research and the consequences of research related to the payment security. This presentation uncovers some of results from our payment security projects."


Payment Village activities will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/paymentvillage

YouTube: https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q


Return to Index    -    Add to    -    ics Calendar file

 

PWDV - Sunday - 01:00-01:59 PDT


Title: Practical PCFG Password Cracking (Rebroadcast)
When: Sunday, Aug 9, 01:00 - 01:59 PDT
Where: Password Vlg

SpeakerBio:Matt Weir
No BIO available

Description:No Description available

Password Village events will be streamed to both YouTube and Twitch concurrently.

Twitch: https://twitch.tv/passwordvillage

YouTube: https://youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ


Return to Index    -    Add to    -    ics Calendar file

 

DC - Sunday - 15:30-15:59 PDT


Title: Practical VoIP/UC Hacking Using Mr.SIP: SIP-Based Audit & Attack Tool
When: Sunday, Aug 9, 15:30 - 15:59 PDT
Where: DEF CON Q&A Twitch
Speakers:Ismail Melih Tas,Kubilay Ahmet Kucuk

SpeakerBio:Ismail Melih Tas , Senior Expert in Offensive Security (PhD), Private Bank
Melih Tas received B.Sc., M.Sc., and Ph.D. degrees in Computer Science & Engineering. He is working as Principal Penetration Tester in a private bank since 2015 in Istanbul, Turkey. He worked as multiple times award-winning entrepreneur and security expert in a private cybersecurity R&D company between 2010 and 2015 where he worked on funded projects. Previous to them, he also worked in a global troubleshooting center where he found the root causes of telecommunication security incidents and frauds and designed measures to prevent them from happening again. He wrote the National VoIP/UC Security Standard Draft by cooperating with Turkish Standards Institute. He is the author of open-source projects Mr.SIP:SIP-Based Audit and Attack Tool and SIP-DD: SIP-Based DDoS Defense Tool. He holds an OSCP certificate. He is an active speaker in hacker conferences including Black Hat Arsenal, Offzone and Nopcon. He likes to do bug bounty hunting in his spare time. His research interests include the design and analysis of both offensive and defensive security mechanisms in the fields of VoIP Security, Network Security, and Web/Mobile Application Security.
Twitter: @artinscience

SpeakerBio:Kubilay Ahmet Kucuk , Senior Security Researcher (PhD), University of Oxford
Kubilay Ahmet Kucuk is a DPhil (Ph.D.) candidate at the University of Oxford. His research interests include the problem of secure remote computation, and architectures with TPM, TEEs, ARM TZ, seL4. With a focus on SGX, he received Ph.D. studentship from Intel and completed the AppTRE (Trustworthy Remote Entity) project in Prof. Andrew Martin's group. Before Oxford, he was a research assistant for five years at ETH Zürich, in D-MAVT Simulation Group. He led the software engineering in two CTI/Innosuisse funded projects in Industry 4.0 domain. These projects, the Face-gear Drive and the Next-Generation Virtual Feeder resulted in software products alive in the industry other than the journals.

Description:
In this talk, we will introduce the most comprehensive offensive VoIP security tool ever developed, Mr.SIP (comprehensive version). We will make a live attack demonstration using Mr.SIP in our security laboratory. Furthermore, we will also introduce novel SIP-based attacks using the vulnerabilities we found in the SIP retransmission mechanism and reflection logic.

Mr.SIP is developed to assist security experts and system administrators who want to perform security tests for VoIP systems and to measure and evaluate security risks. It quickly discovers all VoIP components and services in a network topology along with the vendor, brand, and version information, detects current vulnerabilities, configuration errors. It provides an environment to assist in performing advanced attacks to simulate abuse of detected vulnerabilities. It detects SIP components and existing users on the network, intervenes, filters and manipulates call information, develops DoS attacks, breaks user passwords, and can test the server system by sending irregular messages.

Status-controlled call flow and ability to bypass anomaly systems stand out as Mr.SIP’s unique aspects. It also has strengths and competencies in terms of advanced fake IP address generation, fuzzing, password cracker, interactive inter-module attack kit, and MiTM features.


This is a live Question & Answer stream. You'll want to have watched the corresponding pre-recorded talk prior to this Q&A session.

All DEF CON Q&A streams will happen on Twitch. Discussions and attendee-to-speaker participation will happen on Discord (#track-1-live).


Twitch: https://www.twitch.tv/defconorg

#track-1-live: https://discord.com/channels/708208267699945503/733079621402099732


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 07:15-08:15 PDT


Title: PWN The World
When: Sunday, Aug 9, 07:15 - 08:15 PDT
Where: Red Team Vlg

SpeakerBio:Chris Kubecka
Chris Kubecka - "Fearless and powerful speaker, saves countries, fights cyber terrorism, advises several governments as a subject matter expert on cyber warfare national defense. Profiled by major media in the USA and Europe. USAF military combat veteran, former military aviator, and USAF Space Command. Defends critical infrastructure and handles country level cyber incidents, cyberwarfare, and cyber espionage. Reconnected Saudi Aramco international business operations & established digital security after the world’s most devastating cyberwarfare attack. Developing the highest level of exploit code against IT/IOT/ICS SCADA control systems whilst working with governments. Involved in the world’s biggest hacks, advising nations, NATO, Europol, Interpol exposing corruption and national security risks.

“She is a go-to professional for governments. There are only a certain number who can both frame the problem conceptually and put it in straight fuc**** English so somebody can understand. And she can do that.”


Description:
Want to learn the basics of how to hack cool industrial IOT, industrial control systems and technology that moves the world? How to find them, leverage weaknesses in protocols & systems. Turn engineer technical tools into dual use reconnaissance and attack tools. Components of energy grids, digital security systems, production systems and more.

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 16:00-16:59 PDT


Title: Red Team Village Closing Ceremony and Announcement of Winners of CTF and CyberWraith 
When: Sunday, Aug 9, 16:00 - 16:59 PDT
Where: Red Team Vlg
Speakers:Joseph Mlodzìanowskì (cedoXx),Omar Ωr

SpeakerBio:Joseph Mlodzìanowskì (cedoXx)
No BIO available
Twitter: @cedoxX

SpeakerBio:Omar Ωr
No BIO available

Description:No Description available

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

DL - Sunday - 10:00-11:50 PDT


Title: redlure
When: Sunday, Aug 9, 10:00 - 11:50 PDT
Where: See Description or Village

SpeakerBio:Matthew Creel
Matt has been a member of the Schneider Downs cybersecurity practice since 2017 where he helps provide clients with penetration testing, red teaming and incident response services. One of Matt's focuses is offensive tool development, notably password spraying and phishing tools. Matt has served clients in manufacturing, healthcare, automotive, finanaical and higher education industires.

Description:
redlure can be descirbed as a distributed phishing platform. There is a centeralized API (redlure-console) where you can create the different aspects of your phishing campaigns. This console controls secondary servers running a more basic API (redlure-workers) that do the actual hosting of your phishing sites/files and communicate results back to the main server. Obviosuly there are existing tools that can accomplish phishing, but here are a few features to this tool that differentiate it and will be descirbed in the abstract.

Audience: Offense


Interact @ #dl-creel-redlure-text: https://discord.com/channels/708208267699945503/730256326868860949

Watch @ #dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988

Forum: https://forum.defcon.org/node/233131


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 03:30-04:30 PDT


Title: RedTeamOps - Managing Red Team Infrastructure as a Red Teamer
When: Sunday, Aug 9, 03:30 - 04:30 PDT
Where: Red Team Vlg

SpeakerBio:Mert Can Coşkuner
Mert Can Coşkuner is a Security Engineer at Trendyol. He is maintaining a Penetration Testing and Malware Analysis blog at medium.com/@mcoskuner. In his free time Mert Can is performing mobile malware research and threat intelligence.

Description:
Red team operations involve many skills, the operation requires a lot of monitoring, consolidating and caution. In order to perform red team operations faster, and stealthier without thinking about the infrastructure every team has its’ own habits and standarts. However, there is a problem with those habits and standarts; - There are tons of tools but no operation management, - No aggregation between these tools,
- When OPSEC fails due to problems above or any other reason, it’s essential to possess the capability of maintaining robust infrastructure which can be recreated if discovered, and more importantly, without any issues upon deployment. In this talk, infrastructure challenges we face as a red teamer will be discussed. Along with challenges, a solution will be proposed based on DevOps practices such as; - Design your infrastructure based on the standarts and habits which your team has - Create playbooks which suits your needs based on your design - Create CI pipeline to test and maintain your playbooks

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Sunday - 11:45-12:30 PDT


Title: Remediation Framework - Auto respond to AWS nightmares.
When: Sunday, Aug 9, 11:45 - 12:30 PDT
Where: Cloud Vlg
Speakers:Sahir Khan,Justin Paglierani

SpeakerBio:Sahir Khan
Sahir Khan is Senior Security Engineer at Flatiron Health focused on Cloud Security and has deep interests in Security automation.

SpeakerBio:Justin Paglierani
Justin Paglierani is a Staff Security Engineer at Flatiron Health. Prior to Flatiron, Justin worked at Bishop Fox and within the Federal Reserve System.

Description:
Remediation Framework is event driven, near real time, multi account, serverless platform which identifies and remediates AWS security issues to ensure AWS usage is in compliance with a set of rules. Major focus is on remediations for misconfigurations which could make resources(ec2-ami,snapshots, s3, redshift, rds..) publicly exposed, making it low lift for attackers to get foothold or data exfiltration. The framework is easily customizable, giving the ability to add new modules for AWS resources you want to watch for/automatically fix, when they become non compliant.

This talk will be structured as below:

Introductions (1-2 minutes): Brief bio of what we do. Background (3 minutes): Introduction to the problem statement which led us to work on automated remediation. First iteration - Independent Lambda for remediation of each resource and the challenges we faced. Introduction to the Framework: (5 minutes) A walkthrough of the framework, how it is pieced together to support event driven remediation for multiple AWS accounts and regions. Demo and Q&A (10 minutes): We will open source and demo the Remediation Framework by making few AWS resources publicly exposed and letting the remediation framework fix it automatically.


YouTube: https://www.youtube.com/watch?v=DSipgVlsAfo

#cloudv-general-text: https://discord.com/channels/708208267699945503/732733373172285520


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 02:15-03:15 PDT


Title: Reviewing MS08-067, Illustration Of An Old Chapter
When: Sunday, Aug 9, 02:15 - 03:15 PDT
Where: Red Team Vlg

SpeakerBio:Etizaz Mohsin
Etizaz Mohsin is an information security researcher and enthusiast. His core interest lies in low level software exploitation both in user and kernel mode, vulnerability research, reverse engineering. He holds a Bachelors in Software Engineering and started his career in Penetration Testing. He is an active speaker at international security conferences. He has achieved industry certifications, the prominent of which are OSCP, OSCE, OSWP, OSWE, OSEE, CREST CRT, CPSA, EWPTX, CEH.

Description:No Description available

Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

RGV - Sunday - 12:00-13:59 PDT


Title: Rogues adventure & the intervillage badge
When: Sunday, Aug 9, 12:00 - 13:59 PDT
Where: Rogues Vlg
Speakers:Monero Village Team,Rogues Village Team

SpeakerBio:Monero Village Team
No BIO available

SpeakerBio:Rogues Village Team
No BIO available

Description:
You’ve played the game, now hear the story. ZY, the author of the Rogues Adventure (http://www.foursuits.co/game) will be here to answer your questions and talk about his journey in creating the adventure game, along with its integrations with the InterVillage Badge. Michael from Monero Village joins us to talk about the badge itself, and his collaborative process throughout its creation!

Rogues Village activities will be streamed via Twitch.

Twitch: https://www.twitch.tv/roguesvillage


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Sunday - 13:00-13:45 PDT


Title: Running an appsec program with open source projects
When: Sunday, Aug 9, 13:00 - 13:45 PDT
Where: AppSec Vlg

SpeakerBio:Vandana Verma Sehgal
No BIO available
Twitter: @InfosecVandana

Description:
We are all heading towards the modernization of applications. However, we still see the companies being impacted with the most common website vulnerabilities like SQL Injection, Sensitive data exposure, security misconfiguration, etc.

OWASP has many projects which can be tied seamlessly into the application development pipeline structure. However, firstly we don’t know if the projects exist, second, if we know about the projects, we do not know the exact working of the projects. In the talk, I will be talking about how to run an AppSec program with open source projects (OWASP Projects).


AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Sunday - 11:00-11:50 PDT


Title: Safecracking for Everyone!
When: Sunday, Aug 9, 11:00 - 11:50 PDT
Where: Lockpick Vlg

SpeakerBio:Jared Dygert
No BIO available

Description:
Safecracking is one of the more obscure type of lock in locksport. However, in most cases they can be manipulated without the need for any tools and opened in 5 minutes. This talk will get you an understanding of how that's done and started on your path to cracking your first safe!

Lockpick Village activities will be streamed to Twitch.

Twitch: https://www.twitch.tv/toool_us


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 06:00-15:59 PDT


Title: SEATF: Maritime Hacking CTF
When: Sunday, Aug 9, 06:00 - 15:59 PDT
Where: See Description or Village

Description:
Fathom5’s Maritime-Industrial CTF event allows competitors to gain hands-on experience hacking real maritime hardware in a controlled environment using Fathom5’s Grace maritime cybersecurity testbed. Grace is an accessible, realistic configuration of maritime systems where competitors complete challenges in a simulated afloat environment, with real ICS components and fieldbus protocols. The Grace testbed replicates a series of different maritime-industrial environments, including navigation, fire main, and hydraulic steering systems. The testbed makes both physical and simulated components available to competitors in order to replicate performance of maritime systems at lifelike scale. The CTF challenges scale from novice to expert-level on both IT and OT fronts such that competitors can gain experience on either side of the system. This CTF event has been deployed at DEFCON 27 (Aug 2019) as part of the Hack The Sea Village v1.0 and at HACKtheMACHINE-NYC (Sept 2019). It is also planned for to be deployed at DEFC ON 28 and HACKtheMACHINE- Atlanta in Aug 2020. This CTF can support approximately 20 teams of 3-5 individuals concurrently and typically takes 14 hours for skilled teams to navigate the challenges. The number of teams, size of teams, and depth of challenges can be adjusted to fit within host event timelines.

Forum: https://forum.defcon.org/node/233012

Discord: https://discord.com/channels/708208267699945503/711644244753776640


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Sunday - 12:00-12:45 PDT


Title: Secure Your Code — Injections and Logging
When: Sunday, Aug 9, 12:00 - 12:45 PDT
Where: AppSec Vlg

SpeakerBio:Philipp Krenn
No BIO available
Twitter: @xeraa

Description:
This talk combines two of the OWASP top ten security risks to highlight some widespread "this is fine" issues:

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 00:00-15:59 PDT


Title: Social Engineer SECTF4Teens
When: Sunday, Aug 9, 00:00 - 15:59 PDT
Where: See Description or Village

Description:

Forum: https://forum.defcon.org/node/231051

Discord: https://discord.com/channels/708208267699945503/726609125760434176

Web: https://www.social-engineer.org/sevillage-def-con/the-sectf4teens/


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 10:00-13:59 PDT


Title: SOHOpelessly Broken CTF
When: Sunday, Aug 9, 10:00 - 13:59 PDT
Where: See Description or Village

Description:
In this 3 time DEF CON Black Badge CTF hosted in IoT Village, players compete against one another by exploiting off-the-shelf IoT devices. These 25+ devices all have known vulnerabilities, but to successfully exploit these devices requires lateral thinking, knowledge of networking, and competency in exploit development. CTFs are a great experience to learn more about security and test your skills, so join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can during the con and the top three teams will be rewarded.

Forum: https://forum.defcon.org/node/232897

Discord: https://discord.com/channels/708208267699945503/711644307597164665

Twitter: https://twitter.com/IoTvillage

Web: https://www.iotvillage.org/#yolo


Return to Index    -    Add to    -    ics Calendar file

 

DL - Sunday - 12:00-13:50 PDT


Title: Starkiller
When: Sunday, Aug 9, 12:00 - 13:50 PDT
Where: See Description or Village

Description:
The ultimate goal for any security team is to increase resiliency within an organization and adapt to the modern threat. Starkiller aims to provide red teams with a platform to emulate Advanced Persistent Threat (APT) tactics. Starkiller is a frontend for the post-exploitation framework, PowerShell Empire, which incorporates a multi-user GUI application that interfaces with a remote Command and Control (C2) server. Empire is powered by Python 3 and PowerShell and includes many widely used offensive security tools for Windows, Linux, and macOS exploitation. The framework's flexibility to easily incorporate new modules allows for a single solution for red team operations. Both red and blue teams can utilize Starkiller to emulate and defend against the most used APT attack vectors.

Audience: Offense, Defense


Interact @ #dl-rose-starkiller-text: https://discord.com/channels/708208267699945503/730256356292165682

Watch @ #dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988

Web: https://www.bc-security.org/post/an-introduction-to-starkiller

Forum: https://forum.defcon.org/node/233126


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 00:00-11:59 PDT


Title: TeleChallenge
When: Sunday, Aug 9, 00:00 - 11:59 PDT
Where: See Description or Village

Description:
It’s Election 2020! The national vote-by-phone polls are about to open and it’s a knock down, drag-out battle of political wits between Presidential candidates Michael Key and Founder Jack Carson, VC. DEF CON hackers, team up and take to the phones: lie, cheat, and steal your way to the ultimate victory. Every hacker vote counts—so vote early and often!

Forum: https://forum.defcon.org/node/231949

Discord: https://discord.com/channels/708208267699945503/711644470063399012

Twitter: https://twitter.com/TeleChallenge

Web: https://telechallenge.org


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Sunday - 10:00-10:45 PDT


Title: The Elephant in the Room: Burnout
When: Sunday, Aug 9, 10:00 - 10:45 PDT
Where: AppSec Vlg

SpeakerBio:Chloé Messdaghi
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.

Description:
Burnout. We all go through it at one point, especially during a pandemic. It feels like you are low on battery and it can cause emotional and physical issues. This talk shares an overview of the warning signs, symptoms, and practices to prevent burnout and how to deal with burnout to keep balanced.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: The Gold Bug – Crypto and Privacy Village Puzzle
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go.

The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too! PELCGBTENCUL VF UNEQ


Forum: https://forum.defcon.org/node/232942

Discord: https://discord.com/channels/708208267699945503/711644108837486602

Twitter: https://twitter.com/CryptoVillage

Web: https://goldbug.cryptovillage.org/


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Sunday - 10:00-11:30 PDT


Title: The K0BAK Rover Van
When: Sunday, Aug 9, 10:00 - 11:30 PDT
Where: Ham Radio Vlg

Description:
Come see how Pete (K0BAK) is converting an old TV news station van, the kind used to produce and relay live TV reporting, into a mobile ham radio station!

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: The Schemaverse Championship
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
The Schemaverse [skee-muh vurs] is a space battleground that lives inside a PostgreSQL database. Mine the hell out of resources and build up your fleet of ships, all while trying to protect your home planet. Once you're ready, head out and conquer the map from other DEF CON rivals.

This unique game gives you direct access to the database that governs the rules. Write SQL queries directly by connecting with any supported PostgreSQL client or use your favourite language to write AI that plays on your behalf. This is DEF CON of course so start working on your SQL Injections - anything goes!


Forum: https://forum.defcon.org/node/233021

Discord: https://discord.com/channels/708208267699945503/711644182116040784

Twitter: https://twitter.com/schemaverse

Web: https://schemaverse.com


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Sunday - 13:15-13:45 PDT


Title: The Underestimated Threat Vector: Homogeneity
When: Sunday, Aug 9, 13:15 - 13:45 PDT
Where: BioHacking Vlg

SpeakerBio:Vidya Murthy , Vice President Operations, MedCrypt
Vidya is fascinated by the impact of cybersecurity on the healthcare space. Beginning her career in consulting, she realized a passion for healthcare and worked for global medical device manufacturer Becton Dickinson. She has since joined MedCrypt, a company focused on bringing cybersecurity leading practices to medical device manufacturers. Vidya holds an MBA from the Wharton School.

Description:
The number of times I've heard it's a pipeline issue and there just aren't enough candidates enrages me. And yet when I finally have the ability and breath to actually make change, I'm struggling to find candidates. What am I doing wrong? And if with all my intent I'm still struggling, what hope is there for the industry? This talk explores why the burden of dismantling systemic racism in cybersecurity requires practitioners of every race, sector, and discipline.

BioHacking Village activities will be streamed to Twitch and YouTube.

Twitch: https://m.twitch.tv/biohackingvillage/profile

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q/


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Sunday - 09:00-09:45 PDT


Title: Threagile - Agile Threat Modeling with Open-Source Tools from within Your IDE
When: Sunday, Aug 9, 09:00 - 09:45 PDT
Where: AppSec Vlg

SpeakerBio:Christian Schneider
No BIO available
Twitter: @cschneider4711

Description:
The open-source tool Threagile enables agile teams to create a threat model directly from within the IDE using a declarative approach: Given information about the data assets, technical assets, communication links, and trust boundaries as input in a simple to maintain YAML file, it executes a set of over 40 built-in risk rules, which can be extended with custom risk rules, against the processed model. The resulting artifacts are graphical diagrams, Excel, and PDF reports about the identified risks, their rating, and the mitigation steps as well as risk tracking state. DevSecOps pipelines can be enriched with Threagile as well to process the JSON output.

AppSec Village activities will be streamed to YouTube.

YouTube: https://www.youtube.com/channel/UCpT8Ll0b9ZLj1DeEQQz7f0A


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 10:00-10:30 PDT


Title: Trust And Truth In Space Situational Awareness
When: Sunday, Aug 9, 10:00 - 10:30 PDT
Where: Aerospace Vlg

SpeakerBio:James Pavur , DPhil Student, Oxford University
James Pavur is a Rhodes Scholar at Oxford University working on a DPhil in Cyber Security. His academic research is primarily on the threats to satellite systems with a focus on satellite communications and trustworthy spaceflight operations. Prior to Oxford, he majored in Science, Technology and International Affairs (STIA) at Georgetown University where he graduated with the School of Foreign Service Dean’s Medal (highest cumulative GPA) in 2017.

He has held numerous internships and professional positions related to information security. This included acting as Director of Information Security for Students of Georgetown Inc. (The Corp), a student run non-profit with more than 300 employees. He has also assisted with computer crimes investigations as an intern with the United States Postal Service Office of the Inspector General, worked on embedded systems reverse-engineering as an intern at Booz Allen Hamilton, and even pentested air-conditioners for the Public Buildings Services while working for Telos Corporation.

Outside of computers, James enjoys flying kites and collecting rare and interesting teas.

Twitter: @JamesPavur

Description:
Space Situational Awareness Data (SSA) is the lifeblood of responsible spaceflight. With tens of thousands of debris objects in orbit, knowing where and when collisions may occur is key to preventing lasting environmental harm. However, SSA data collection is inordinately complex, creating natural incentives for centralized information sharing. When actors lack the capability to independently monitor the state of orbit, they find themselves forced to trust third parties.

In this talk, we consider how a sufficiently motivated attacker might modify SSA repositories to deliberately conceal or falsify collision projections to influence the behaviors of satellite owners. In addition to a high-level discussion of the relevant threat model, we will present simulated implementations of these attacks. We will also briefly consider various mitigation techniques which can be employed by both SSA operators and data recipients against such attacks.

This talk will touch on basic principles of orbital dynamics and spaceflight operations but assumes no prior background in physics. It is intended to serve as starting point for those interested in how the physical dynamics of outer space can manifest as unique security challenges.

This event will be coordinated on the DEF CON Discord server, in channel #av-space-text.


Discord: https://discord.com/channels/708208267699945503/732394328105943180


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 00:00-15:59 PDT


Title: ULTIMATE Secure Coding Throwdown (Secure Code Warrior)
When: Sunday, Aug 9, 00:00 - 15:59 PDT
Where: See Description or Village

Description:
Are. You. Ready? Head to the AppSec battlefield and prove that you are the ultimate secure coding champion. Go head-to-head with your peers as you test your web application security knowledge of the OWASP Top 10. Strut your skills. Crush the competition. Score excellent prizes and take home the title of Secure Code Warrior!

Players will be presented with a series of vulnerable code challenges that will ask them to identify the problem, locate the insecure code, and fix the vulnerability. Select from a range of software languages to complete the tournament, including Java EE, Java Spring, C MVC, C WebForms, Ruby on Rails, Python Django, Scala Play & Node.JS. It’s gamified, it’s relevant, but most of all - it’s fun.

Watch as you earn points and climb to the top of the real-time leaderboard during the event. Prizes will be awarded to the top 3 point scorers, with one security superhero being crowned the ultimate Secure Code Warrior. Will it be you?

Psst: Want to test your secure coding skills at your own pace, without the competition? You’re welcome to come along and join the fun


Web: https://discover.securecodewarrior.com/DEFCON28-tournament.html

Forum: https://forum.defcon.org/node/232898

Discord: https://discord.com/channels/708208267699945503/741327638815309984


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 09:00-12:30 PDT


Title: Understanding Space Through a CyberSecurity Lens
When: Sunday, Aug 9, 09:00 - 12:30 PDT
Where: Aerospace Vlg Workshop

Description:
This exciting, fast-paced course delivers the "big picture" of space missions from cradle to grave. Understanding Space is the ideal course for technical or non-technical professionals new to the space industry or who need a refresher on the fundamentals.

Learning outcomes will be:
- Gain Core Space Knowledge
- Comprehend space mission Capabilities, Trade-offs and Limitations - Apply Space Concepts to real-world problems - Analyze Typical Space Problems
- Synthesize concepts to Design a Space Mission - Evaluate basic technical and programmatic space issues

This will be a half-day course instead of the normal 2-day course.


Return to Index    -    Add to    -    ics Calendar file

 

HRV - Sunday - 14:30-14:45 PDT


Title: Village Closing Commentary
When: Sunday, Aug 9, 14:30 - 14:45 PDT
Where: Ham Radio Vlg

Description:
As our village wraps up for this year, a huge thank you to everyone for participating!

This Ham Radio Village event will be held on Twitch. Related conversation will be held in the DEF CON Discord, channel #ham-presentation-text (Q&A).

Twitch: https://www.twitch.tv/hamradiovillage

#ham-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991


Return to Index    -    Add to    -    ics Calendar file

 

AEV - Sunday - 16:00-16:59 PDT


Title: What I Learned Trying To Hack A 737
When: Sunday, Aug 9, 16:00 - 16:59 PDT
Where: Aerospace Vlg

SpeakerBio:Karl Koscher
Karl Koscher is a research scientist working at the University of Washington Security and Privacy Research Lab where he specializes in wireless and embedded systems security. He led the first team to demonstrate a complete remote compromise of a car over cellular, Bluetooth, and other channels.

Description:
As part of work looking at avionics security, we reverse-engineered two Communication Management Units used on 737s, and they are engineered unlike any other embedded system I’ve seen. CMUs must be certified to a high Design Assurance Level, but airlines typically want to add custom airline operations applications. This talk explores how these seemingly incompatible requirements are met in two very different ways, and takes a deep dive into how the CMUs work.

This event will be coordinated on the DEF CON Discord server, in channel #av-aviation-text.


Discord: https://discord.com/channels/708208267699945503/732394164209057793


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Sunday - 11:30-11:59 PDT


Title: What if we had TLS for phone numbers? An introduction to SHAKEN/STIR
When: Sunday, Aug 9, 11:30 - 11:59 PDT
Where: Crypto & Privacy Vlg

SpeakerBio:Kelley Robinson
Kelley works on the Account Security team at Twilio. Previously she worked in a variety of API platform and data engineering roles at startups. Her research focuses on authentication user experience and design trade-offs for different risk profiles and 2FA channels. Kelley lives in Brooklyn, is an avid home cook, and spends too much time on Twitter (@kelleyrobinson).
Twitter: @kelleyrobinson

Description:
If you've noticed a surge in unwanted robocalls from your own area code in the last few years, you're not alone. The way telephony systems are set up today, anyone can spoof a call or a text from any number. With an estimated 85 billion spam calls globally, it's time to address the problem. This talk will discuss the latest advancements with STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted information using toKENs), new tech standards that use well accepted public key cryptography methods to validate caller identification. We'll discuss the path and challenges to getting this implemented industry wide, where this tech will fall short, and what we can do to limit exposure to call spam and fraud in the meantime.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

CNE - Sunday - 09:00-17:59 PDT


Title: Wireless Capture the Flag
When: Sunday, Aug 9, 09:00 - 17:59 PDT
Where: See Description or Village

Description:
Do you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Wireless Capture the Flag (WCTF) at DEF CON.

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The WCTF can be completely done with a little knowledge, a pen tester’s determination, and $40 or $4000 worth of equipment; the key is to read the clues and determine the goal of each challenge.

Each WCTF event begins with a presentation: How to WCTF. There will be clues everywhere, and we will provide periodic updates. Make sure you pay attention to what’s happening at the WCTF desk, on Twitter https://twitter.com/wctf_us, https://twitter.com/rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer at our discretion.

Forum: https://forum.defcon.org/node/233017

Discord: https://discord.com/channels/708208267699945503/711644270976696380

Twitter: https://twitter.com/wctf_us

Web: https://wctf.us/


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Sunday - 12:00-12:59 PDT


Title: Workshop: Let's Talk About Abusability Testing
When: Sunday, Aug 9, 12:00 - 12:59 PDT
Where: Crypto & Privacy Vlg
Speakers:Avi Zajac,Franchesca Spektor,Ji Su Yoo,Nicole Chi

SpeakerBio:Avi Zajac
Avi (@_llzes, Avi/they/he) is a privacy-focused hacker and engineer. They love rabbits, cheesecake, and cute things like privacy and security, locksport, cryptography.
Twitter: @_llzes

SpeakerBio:Franchesca Spektor
Franky’s (@3llsaria, she/her) expertise is in ethical design practices around bioethics, disability & sexuality, and she previously served as a Lab Manager for the Disability Design Lab at UC Berkeley.

SpeakerBio:Ji Su Yoo
Ji Su (she/her) is a PhD at UC Berkeley’s School of Information and former researcher at the Harvard Data Privacy Lab, where she worked on security protocol and data privacy.

SpeakerBio:Nicole Chi
Nicole’s (@tinween, she/her) focus is on the “tech for good” space in its many forms, having worked in civic tech, nonprofit digital capacity building, tech policy, and ML ethics. Her strength is bridging connections and expertise across disciplines.
Twitter: @tinween

Description:
Are you concerned about how your products may be used for harm: intentionally or unintentionally? We will be covering the concept of abusability testing for platform abuse in this hybrid panel and workshop, with a clicker style method of interacting to foster deep understanding and participate in discussions on abusability testing. You’ll walk away with an understanding of abusability testing, join a community passionate about fighting platform abuse, and maybe walk away with actionable steps you can take to alleviate harm in your own products.

Crypto & Privacy Village activities will be streamed to YouTube and Twitch.

Twitch: https://twitch.tv/cryptovillage

YouTube: https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Sunday - 13:30-14:30 PDT


Title: You're Adversary Within - The Golden Age of Insider Threats
When: Sunday, Aug 9, 13:30 - 14:30 PDT
Where: Red Team Vlg

SpeakerBio:Adam Mashinchi
Adam Mashinchi is SCYTHE's VP of Product Management where he leads the project management, design, and quality assurance departments for SCYTHE's product portfolio. Before SCYTHE, Adam defined and managed the development of enterprise security and privacy solutions with an emphasis on usable encryption at a global scale and led numerous technical integration projects with a variety of partners and services.
Twitter: @adam_mashinchi

Description:
Intentional read as both “Your Adversary Within” and “You Are (The) Adversary Within” attendees of this talk will walk away with practical information on how to execute advanced insider threat scenarios with free and easily implemented solutions.

With the increased enterprise dependence on cloud-based solutions, paired with turn-key end-to-end encryption products for consumers; insider threat actors have a litany of tools at their disposal. In this talk we will walk-through a number of the (free!) tools one can utilize when performing adversarial simulations, provide insights on how to “sell” an assumed-compromise engagement as a Red/Blue/Purple Team, and some helpful places to start with MITRE ATT&CK technique alignment for offense & defense.


Red Team Village events will be streamed to YouTube and Twitch.

Twitch: https://www.twitch.tv/redteamvillage


Return to Index    -    Add to    -    ics Calendar file

 

MOV - Sunday - 12:00-12:30 PDT


Title: You're not the money printer, or why we need to separate coinbase rings
When: Sunday, Aug 9, 12:00 - 12:30 PDT
Where: Monero Vlg

SpeakerBio:sgp
No BIO available

Description:No Description available

Monero Village activities will be streamed to Twitch and YouTube.

Twitch: https://www.twitch.tv/monerovillage/

YouTube: https://www.youtube.com/c/monerocommunityworkgroup/

#mv-general-text: https://discord.com/channels/708208267699945503/732733510288408676


Return to Index    -    Add to    -    ics Calendar file