Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Michael%20Whiteley%20Katie%20Whiteley%20-%20Making%20the%20DEF%20CON%2029%20Badge.mp4\n

\'',NULL,219902),('2_Friday','09','09:00','09:59','N','DC','','\'Making the DEF CON 29 Badge\'','\'Katie Whiteley,Michael Whiteley\'','DC_7bac8cae8a3438a5a9c9d4bcaffeed65','\'Title: Making the DEF CON 29 Badge
\nWhen: Friday, Aug 6, 09:00 - 09:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Katie Whiteley,Michael Whiteley
\n
SpeakerBio:Katie Whiteley\n
\nKatie is a wife, mother, and graphic designer. She likes long walks on the beach because there\'s no internet connection.\n

Together with Michael, they are MK Factor, a husband/wife badgemaker team. They\'ve created badges for many conferences and groups like OpenWest, Saintcon, DC801, Car Hacking Village, and many unofficial DEF CON badges. Together they earned a black badge for Car Hacking at DEF CON 24.\n

\nTwitter: @ktjgeekmom
\n
SpeakerBio:Michael Whiteley\n
\nMichael is a husband, father, and electronics geek. He doesn\'t like long walks on the beach, but prefers to be indoors with a fast internet connection.\n

Together with Katie, they are MK Factor, a husband/wife badgemaker team. They\'ve created badges for many conferences and groups like OpenWest, Saintcon, DC801, Car Hacking Village, and many unofficial DEF CON badges. Together they earned a black badge for Car Hacking at DEF CON 24.\n

\nTwitter: @compukidmike
\n\n
\nDescription:
\nCome meet the new badge makers and hear the story of how this year\'s badge was created amidst a global pandemic. We\'ll share tales of chip shortages, delayed parts, and late nights, as well as discuss how the badge works and what you can do with it. Maybe even some hints about the challenges within...\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=H3kdq40PY3s\n

\n
This talk has been pre-recorded and will be released to the DEF CON Media Server, torrents, and YouTube. At the time of this event, it will also stream on DCTV3, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

\'',NULL,219903),('2_Friday','10','10:00','10:59','N','DC','','\'Welcome To DEF CON - Dark Tangent & Making the DEF CON 29 Badge\'','\'Dark Tangent,Katie Whiteley,Michael Whiteley\'','DC_e8e0b31547f43398a7aad7f0ebc783e2','\'Title: Welcome To DEF CON - Dark Tangent & Making the DEF CON 29 Badge
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Live
\nSpeakers:Dark Tangent,Katie Whiteley,Michael Whiteley
\n
SpeakerBio:Dark Tangent\n
\nNo BIO available
\n
SpeakerBio:Katie Whiteley\n
\nKatie is a wife, mother, and graphic designer. She likes long walks on the beach because there\'s no internet connection.\n

\nTwitter: @compukidmike
\n\n
\nDescription:No Description available
\n
This talk will be given live in Track 1, and will be streamed to DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Cedric%20Owens%20-%20Gone%20Apple%20Pickin%20-%20Red%20Teaming%20macOS%20Environments%20in%202021.mp4\n

\'',NULL,219904),('2_Friday','10','10:00','10:45','N','DC','','\'Gone Apple Pickin\': Red Teaming macOS Environments in 2021\'','\'Cedric Owens\'','DC_6b1bc2202c33ae5557454a5d3822cd0a','\'Title: Gone Apple Pickin\': Red Teaming macOS Environments in 2021
\nWhen: Friday, Aug 6, 10:00 - 10:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Cedric Owens\n
\nCedric is currently an offensive security engineer who came from a blue team background. His passion revolves around red teams and blue teams working closely together to improve each other\'s tradecraft. Cedric enjoys researching techniques and writing tools related to macOS post exploitation and infrastructure automation.\n

His blogs can be found here: https://medium.com/@cedowens\nHis tools can be found here: https://github.com/cedowens\n

\nTwitter: @cedowens
\n\n
\nDescription:
\nThough the vast majority of US companies are enterprise Windows shops, there is a growing percentage of companies that are shifting away from this model. Most of these types of companies tend to be based in the SF Bay Area and are often tech companies. This talk will provide a glimpse into what common attack paths in these environments look like in the absence of typical enterprise Active Directory implementations. Examples include techniques for targeting macOS endpoints, cloud and IdaaS, CI/CD pipeline, and other fun approaches. I will begin by discussing common tech stacks and macOS deployments and then move into macOS initial access (including the Gatekeeper bypass I found) and post exploitation options in these modern tech environments as well as detection opportunities.\n

--\n

This talk has been released to the DEF CON Media server.\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20James%20Kettle%20-%20HTTP2%20-%20The%20Sequel%20is%20Always%20Worse.mp4\n

\'',NULL,219905),('2_Friday','10','10:00','10:59','N','DC','','\'HTTP/2: The Sequel is Always Worse\'','\'James Kettle\'','DC_9d5c373fa5d3f6b7e5d911f10d6c1bb3','\'Title: HTTP/2: The Sequel is Always Worse
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:James Kettle\n
\nJames Kettle is Director of Research at PortSwigger Web Security, where he cultivates novel web attack techniques. Recent work has focused on HTTP Request Smuggling, and using web cache poisoning to turn caches into exploit delivery systems. Past research includes server-side RCE via Template Injection, client-side RCE via malicious formulas in CSV exports, and abusing the HTTP Host header to poison password reset emails and server-side caches. He is also the author of multiple popular Burp Suite extensions including HTTP Request Smuggler, Param Miner and Turbo Intruder. He has spoken at numerous prestigious venues including DEF CON, both BlackHat USA and EU, and OWASP AppSec USA and EU.
\nTwitter: @albinowax
\nhttps://skeletonscribe.net/
\n\n
\nDescription:
\nHTTP/2 is easily mistaken for a transport-layer protocol that can be swapped in with zero security implications for the website behind it. Two years ago, I presented HTTP Desync Attacks and kicked off a wave of request smuggling, but HTTP/2 escaped serious analysis. In this presentation, I\'ll take you beyond the frontiers of existing HTTP/2 research, to unearth horrifying implementation flaws and subtle RFC oversights.\n

I\'ll show you how these flaws enable HTTP/2-exclusive desync attacks, with case studies targeting high-profile websites powered by servers ranging from Amazon\'s Application Load Balancer to WAFs, CDNs, and bespoke stacks by big tech. I\'ll demonstrate critical impact by hijacking thick clients, poisoning caches, and stealing plaintext passwords to net multiple max-bounties.\n

After that, I\'ll unveil novel techniques and tooling to crack open a widespread but overlooked request smuggling variant affecting both HTTP/1 and HTTP/2 that is typically mistaken for a false positive.\n

Finally, I\'ll drop multiple exploit-primitives that resurrect a largely-forgotten class of vulnerability, and use HTTP/2 to expose fresh application-layer attack surface.\n

I\'ll leave you with an open-source scanner, a custom, open-source HTTP/2 stack, and free interactive labs so you can hone your new skills on live systems.\n

REFERENCES: The HTTP/2 RFC is essential reading: https://tools.ietf.org/html/rfc7540\nThis research is built on my previous work on this topic:\nhttps://portswigger.net/research/http-desync-attacks-request-smuggling-reborn\nThis presentation by defparam has good explanations of response queue poisoning and self-desync attacks:\nhttps://www.youtube.com/watch?v=3tpnuzFLU8g\nI had a partial research collision with Emil Lerner. His work provides an alternative perspective on certain techniques:\nhttps://github.com/neex/http2smugl

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=rHxVVeM9R-M\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Tomer%20Bar%20Eran%20Segal%20-%202021%20-%20Our%20Journey%20Back%20To%20The%20Future%20Of%20Windows%20Vulnerabilities%20and%20the%200-days%20we%20brought%20back%20with%20us.mp4\n

\'',NULL,219906),('2_Friday','11','11:00','11:45','N','DC','','\'2021 - Our Journey Back To The Future Of Windows Vulnerabilities and the 0-days we brought back with us\'','\'Eran Segal,Tomer Bar\'','DC_77058d156786c898ad8e4ef3341e13af','\'Title: 2021 - Our Journey Back To The Future Of Windows Vulnerabilities and the 0-days we brought back with us
\nWhen: Friday, Aug 6, 11:00 - 11:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\nSpeakers:Eran Segal,Tomer Bar
\n
SpeakerBio:Eran Segal\n
\nEran Segal is a security researcher, having 7+ years experience in cyber security research. He is working on security research projects in SafeBreach Labs in the last 2 years after serving in various sec positions at the IDF.\n

His experience involves research on Windows and embedded devices \n

\n
SpeakerBio:Tomer Bar\n
\nTomer Bar is hands-on security researcher and head of research manager with ~20 years of unique experience in the cyber security. In the Past, he ran research groups for the Israeli government and then lead the endpoint malware research for Palo Alto Networks. Currently, he leads the SafeBreach Labs research which is the research and development arm of SafeBreach.\n

His main interest is focused on Windows vulnerability research, reverse engineering and APT research.\n

His recent discoveries are vulnerabilities in the Windows Spooler mechansim and a research on the most persistent Iranian APT campaign. He is a contributor to Mitre Attack framework and a Speaker at BlackHat, Defcon and Sector conferences. \n

\n\n
\nDescription:
\nIn 2020, security researchers reported a record number of Windows vulnerabilities. We were curious what superpowers will we get from researching this huge number of vulnerabilities? Can we leverage our findings to discover 0-days?\n

We decided to go back in time to 2016 to search for patterns and automatically classify all the public vulnerabilities since then. We believed that only by connecting the dots to a bigger picture, we will be able to come back 2021 with the success of achieving our goal.\n

We adopted a new approach, in terms of both the goal and how to get there. Until now, the main goal of patch-diff was focused on the root cause of the vulnerability and building a 1-day to exploit it Usually patch-diff was done manually on a single patch.\n

We reached higher for the holy grail. We understood that in order to find 0-days we needed to build an automated process that would gather all the insights from all the patches in a single, searchable db.\n

It worked! We discovered the root causes of multiple classes of vulnerabilities. We used these discoveries on a fully patched Windows 10 host in order to highlight opportunities for exploitation. As a consequence, we found and reported (1) 6 information disclosure vulnerabilities to Microsoft, (2) 2 post exploitation techniques allowing covert exfiltration of private user data, and (3) an additional surprise.\n

In this presentation, we\'ll describe our research process, demonstrate a live exploitation of the vulnerabilities we found, share the tools we developed, and explain how other researchers can use it to discover 0-days.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=VxNi5pVDZU0\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Zhipeng%20Huo%20Yuebin%20Sun%20Chuanda%20Ding%20-%20Caught%20you%20-%20reveal%20and%20exploit%20IPC%20logic%20bugs%20inside%20Apple.mp4\n

\'',NULL,219907),('2_Friday','11','11:00','11:59','N','DC','','\'Caught you - reveal and exploit IPC logic bugs inside Apple\'','\'Chuanda Ding,Yuebin Sun,Zhipeng Huo\'','DC_b62bdb9f0e421c4d43a64932dd41c495','\'Title: Caught you - reveal and exploit IPC logic bugs inside Apple
\nWhen: Friday, Aug 6, 11:00 - 11:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Chuanda Ding,Yuebin Sun,Zhipeng Huo
\n
SpeakerBio:Chuanda Ding\n
\nChuanda Ding is a senior security researcher on Windows platform security. He leads EcoSec team at Tencent Security Xuanwu Lab. He was a speaker at Black Hat Europe 2018, DEF CON China 2018, CanSecWest 2017, CanSecWest 2016, and QCon Beijing 2016.
\nTwitter: @FlowerCode_
\n
SpeakerBio:Yuebin Sun\n
\nYuebin Sun is a senior security researcher at Tencent Security Xuanwu Lab.
\nTwitter: @yuebinsun2020
\n
SpeakerBio:Zhipeng Huo\n
\nZhipeng Huo is a senior security researcher on macOS and Windows platform security at Tencent Security Xuanwu Lab. He was a speaker at Black Hat Europe 2018 and DEF CON 28.
\nTwitter: @R3dF09
\n\n
\nDescription:
\nApple\'s iOS, macOS and other OS have existed for a long time. There are numerous interesting logic bugs hidden for many years. We demonstrated the world\'s first public 0day exploit running natively on Apple M1 on a MacBook Air (M1, 2020). Without any modification, we exploited an iPhone 12 Pro with the same bug.\n

In this talk, we will show you the advantage and beauty of the IPC logic bugs, how we rule all Apple platforms, Intel and Apple Silicon alike, even with all the latest hardware mitigations enabled, without changing one line of code. We would talk about the security features introduced by Apple M1, like Pointer Authentication Code (PAC), System Integrity, and Data Protection. How did they make exploiting much harder to provide better security and protect user\'s privacy. We will talk about different IPC mechanisms like Mach Message, XPC, and NSXPC. They are widely used on Apple platforms which could be abused to break the well designed security boundaries.\n

We will walk you through some incredibly fun logic bugs we have discovered, share the stories behind them and methods of finding them, and also talk about how to exploit these logic bugs to achieve privilege escalation.\n

REFERENCES: https://www.youtube.com/watch?v=Kh6sEcdGruU\nhttps://support.apple.com/en-us/HT211931\nhttps://support.apple.com/en-us/HT211850\nhttps://support.apple.com/en-us/HT212011\nhttps://support.apple.com/en-us/HT212317\nhttps://helpx.adobe.com/security/products/acrobat/apsb20-24.html\nhttps://helpx.adobe.com/security/products/acrobat/apsb20-48.html\nhttps://helpx.adobe.com/security/products/acrobat/apsb20-67.html

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=oAMZxKsZQp0\n

DCTV Channel Map: https://dctv.defcon.org/\n

\'',NULL,219908),('2_Friday','12','12:00','12:59','N','DC','','\'DHS REBOOTING CRITICAL INFRASTRUCTURE PROTECTION Panel with DEF CON Policy Panel\'','\'Lily Newman,Alexander Klimburg,Faye Francy,Eric Goldstein,Amelie Koran,Danny McPherson\'','DC_d5f3416c7f90ff12426241bb9dff1a86','\'Title: DHS REBOOTING CRITICAL INFRASTRUCTURE PROTECTION Panel with DEF CON Policy Panel
\nWhen: Friday, Aug 6, 12:00 - 12:59 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Live
\nSpeakers:Lily Newman,Alexander Klimburg,Faye Francy,Eric Goldstein,Amelie Koran,Danny McPherson
\n
SpeakerBio:Lily Newman\n, WIRED magazine
\nNo BIO available
\n
SpeakerBio:Alexander Klimburg\n, Director, Global Commission on the Stability of Cyberspace
\nNo BIO available
\n
SpeakerBio:Faye Francy\n, Executive Director, Automotive Information Sharing and Analysis Center
\nNo BIO available
\n
SpeakerBio:Eric Goldstein\n, Executive Assistant Director, DHS CISA
\nNo BIO available
\n
SpeakerBio:Amelie Koran\n, Senior Technology Advocate, Splunk
\nNo BIO available
\n
SpeakerBio:Danny McPherson\n, Executive Vice President & Chief Security Officer, Verisign
\nNo BIO available
\n\n
\nDescription:
\nIn 1998 the US government issued the first major policy document on Critical Infrastructure Protection (CIP). Since then, CIP has become one of the most fundamental tasks for governments everywhere, and has given birth to a plethora of institutions and processes seeking to manage what is called a â€œPublic Private Partnershipâ€ between government, industry, and civil society. But despite all the efforts put into information exchanges, incident management, but also supply chain protection and even national industrial policies, cyber-attacks have not decreased, both in the United States and elsewhere. What else needs to be done? What lessons learned are there from international experiences? And how can the community help best?
\n
This talk will be given live in Track 1, and will be streamed to DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Dimitry%20Op%20Nomad%20Snezhkov%20-%20Your%20House%20is%20My%20House%20-%20Use%20of%20Offensive%20Enclaves%20In%20Adversarial%20Operations.mp4\n

\'',NULL,219909),('2_Friday','12','12:00','12:20','N','DC','','\'Your House is My House: Use of Offensive Enclaves In Adversarial Operations\'','\'Dimitry \"Op_Nomad\" Snezhkov\'','DC_44dd35a60175e7df31cdd65c20aaa9be','\'Title: Your House is My House: Use of Offensive Enclaves In Adversarial Operations
\nWhen: Friday, Aug 6, 12:00 - 12:20 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Dimitry \"Op_Nomad\" Snezhkov\n
\nDimitry Snezhkov is an Associate Director at Protiviti. In this role he hacks code, tools, networks, apps and sometimes subverts human behavior too. Dimitry has spoken at DEF CON, BlackHat, THOTCON conferences, and presented tools at BlackHat Arsenal.
\nTwitter: @Op_Nomad
\n\n
\nDescription:
\nAs developers start to rely more on hardware-based memory encryption controls that isolate specific application code and data in memory - secure enclaves, adversaries can use enclaves to successfully coexist on the host and enjoy similar protections.\n

In this talk we venture into a practical implementation of such an offensive enclave, with the help of Intel SGX enclave technology, supported on a wide variety of processors present in enterprise data-centers and in the cloud.\n

We discuss how malware can avoid detection in defensively instrumented environments and protect their operational components from processes running at high privilege levels, including the Operating System. We dive deeper into using enclaves in implants and stagers, and discuss the design and implementation of an enclave that is capable of facilitating secure communication and storage of sensitive data in offensive operations. We cover how the enclaves can be built to help secure external communication while resisting system and network inspection efforts and to achieve deployment with minimal dependencies where possible.\n

Finally, we release the enclave code and a library of offensive enclave primitives as a useful reference for teams that leverage Intel SGX technology or have the hardware platform capable to support such adversarial efforts.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=WWGkaGBtn2Q\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

(Demo)
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Slava%20Makkaveev%20-%20Do%20you%20like%20to%20read-%20I%20know%20how%20to%20take%20over%20your%20Kindle%20with%20an%20e-book%20-%20Demo.mp4\n

\'',NULL,219910),('2_Friday','12','12:00','12:20','N','DC','','\'Do you like to read? I know how to take over your Kindle with an e-book\'','\'Slava Makkaveev\'','DC_51b5a3f0bdadb518b48928e39f32c695','\'Title: Do you like to read? I know how to take over your Kindle with an e-book
\nWhen: Friday, Aug 6, 12:00 - 12:20 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Slava Makkaveev\n
\nSlava Makkaveev is a Security Researcher at Check Point Software Technologies Ltd. Holds a PhD in Computer Science. Slava has found himself in the security field more than ten years ago and since that gained vast experience in reverse engineering and vulnerability research. Recently Slava has taken a particularly strong interest in mobile platforms and firmware security.
\n\n
\nDescription:
\nSince 2007, Amazon has sold tens of millions of Kindles, which is impressive. But this also means that tens of millions of people can be hacked through a software bug in those same Kindles. Their devices can be turned into bots, their private local networks can be compromised, and perhaps even information in their billing accounts can be stolen.\n

The easiest way to remotely reach a user\'s Kindle is through an e-book. A malicious book can be published and made available for free access in any virtual library, including the Kindle Store, or sent directly to the end-user device via Amazon services. While you might not be happy with the writing in a particular book, nobody expects to download one that is malicious. No such scenarios have been publicized. Antiviruses do not have signatures for e-books. But... we succeeded in making a malicious book for you. If you open this book on a Kindle device, it causes a hidden piece of code to be executed with root rights. From this moment on, you lost your e-reader, account and more.\n

Want to know the details?\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=1jM_r-pe8Ss\n

Media: (Main Talk)\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Slava%20Makkaveev%20-%20Do%20you%20like%20to%20read-%20I%20know%20how%20to%20take%20over%20your%20Kindle%20with%20an%20e-book.mp4

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Austin%20Allshouse%20-%20The%20Mechanics%20of%20Compromising%20Low%20Entropy%20RSA%20Keys.mp4\n

\'',NULL,219911),('2_Friday','12','12:30','12:50','N','DC','','\'The Mechanics of Compromising Low Entropy RSA Keys\'','\'Austin Allshouse\'','DC_6e1507dc276284c60610f85022180a88','\'Title: The Mechanics of Compromising Low Entropy RSA Keys
\nWhen: Friday, Aug 6, 12:30 - 12:50 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Austin Allshouse\n
\nAustin Allshouse is a Research Scientist at BitSight where he applies information security, statistical modeling, and distributed computing concepts to develop quantitative methods of assessing security risk. He has a decade of experience researching the technologies and methodologies underpinning digital network surveillance systems.
\nTwitter: @AustinAllshouse
\n\n
\nDescription:
\nOver the past decade, there have been a number of research efforts (and DEFCON talks!) investigating the phenomenon of RSA keys on the Internet that share prime factors with other keys. This can occur when devices have poorly initialized sources of â€œrandomnessâ€ when generating keys; making it trivial to factor the RSA modulus and recover the private key because, unlike large integer factorization, calculating the greatest common divisor (GCD) of two moduli can be fast and efficient. When describing their research, past hackers and researchers have attested that they â€œbuilt a custom distributed implementation of Batch-GCD;â€ which seems like one hell of a detail to gloss over, right? This talk will detail a hacker\'s journey from understanding and implementing distributed batch GCD to analyzing findings from compromising RSA keys from network devices en masse.\n

REFERENCES: Amiet, Nils and Romailler, Yolan. â€œReaping and breaking keys at scale: when crypto meets big data.â€ DEF CON 26, 2018.

Heninger, Nadia, et al. \"Mining your Ps and Qs: Detection of widespread weak keys in network devices.\" 21st {USENIX} Security Symposium ({USENIX} Security 12). 2012.\n

Hastings, Marcella, Joshua Fried, and Nadia Heninger. \"Weak keys remain widespread in network devices.\" Proceedings of the 2016 Internet Measurement Conference. 2016.\n

Kilgallin, JD. â€œSecuring RSA Keys & Certificates for IoT Devices.â€ https://info.keyfactor.com/factoring-rsa-keys-in-the-iot-era. 2019\n

Daniel J. Bernstein. Fast multiplication and its applications, 2008.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=BRsXsUEIU70\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20David%20Dworken%20-%20Worming%20through%20IDEs.mp4\n

\'',NULL,219912),('2_Friday','12','12:30','12:50','N','DC','','\'Worming through IDEs\'','\'David Dworken\'','DC_62d9370d5de5d883398c91b17bf5e75f','\'Title: Worming through IDEs
\nWhen: Friday, Aug 6, 12:30 - 12:50 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:David Dworken\n
\nDavid is a bug bounty hunter turned software engineer turned security engineer. He started in security in high school hacking on bug bounties and then spent four years learning how to be an effective software engineer. He\'s worked on five different product security teams ranging from startups to large corporations. He previously published a research paper on tracking malicious proxies in ACSAC. Currently, he works as a security engineer at Google working on deploying an alphabet soup of security headers across hundreds of services.
\nTwitter: @ddworken
\ndaviddworken.com
\n\n
\nDescription:
\nYou might think that as long as you never hit run, opening up that interesting new POC in your IDE and checking out the code is safe. But it isn\'t. IDEs and developer tools are complex pieces of software that have vulnerabilities, just like everything else. \n

We\'ll start by discussing what a reasonable threat model is for IDEs. How do companies threat model their IDEs? What do users expect of their IDEs? Is viewing a file equivalent to executing it? \n

Then we\'ll dive into the reality of it. Nearly every IDE examined was trivially vulnerable. But there were also a variety of subtle bugs lying underneath. We\'ll look at bugs in both local IDEs (like VSCode and IntelliJ) and cloud-based IDEs (like AWS Cloud9 and Github Codespaces).\n

Finally, we\'ll show how an attacker could make a worm that would spread through attacking IDEs. View a malicious project? Let\'s automatically backdoor every project on a computer and keep spreading. \n

REFERENCES: https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md \nhttps://nvd.nist.gov/vuln/detail/CVE-2012-3479 \nhttp://blog.saynotolinux.com/blog/2016/08/15/jetbrains-ide-remote-code-execution-and-local-file-disclosure-vulnerability-analysis/ \nhttps://www.cvedetails.com/vulnerability-list/vendor_id-15146/product_id-49160/year-2019/Jetbrains-Intellij-Idea.html

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=pzqu_qaoNuY\n

DCTV Channel Map: https://dctv.defcon.org/\n

\'',NULL,219913),('2_Friday','13','13:00','13:59','N','DC','','\'Ransomewareâ€™s Big Year â€“ from nuisance to â€œscourgeâ€?\'','\'DEF CON Policy Panel\'','DC_92dc89e72afe44731d42d245347e23a5','\'Title: Ransomewareâ€™s Big Year â€“ from nuisance to â€œscourgeâ€?
\nWhen: Friday, Aug 6, 13:00 - 13:59 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Live
\n
SpeakerBio:DEF CON Policy Panel\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This talk will be given live in Track 1, and will be streamed to DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Brian%20Hong%20-%20Sleight%20of%20ARM%20-%20Demystifying%20Intel%20Houdini.mp4\n

\'',NULL,219914),('2_Friday','13','13:00','13:45','N','DC','','\'Sleight of ARM: Demystifying Intel Houdini\'','\'Brian Hong\'','DC_cd88e33ebede2f81af56496f3faa21e6','\'Title: Sleight of ARM: Demystifying Intel Houdini
\nWhen: Friday, Aug 6, 13:00 - 13:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Brian Hong\n
\nBrian Hong is a security consultant at NCC Group, a global information assurance specialist providing organizations with expert security consulting services. He specializes in hardware penetration testing, reverse engineering, and has performed security research related to embedded systems, firmware analysis, web application penetration testing, and Android security and malware analysis. Brian has a B. Eng. in Electrical Engineering and Computer Science from The Cooper Union.
\n\n
\nDescription:
\nIn the recent years, we have seen some of the major players in the industry switch from x86-based processors to ARM processors. However, you might be surprised to know that Intel has long supported ARM to x86 transition with their binary translator, Houdini, which runs ARM binaries on x86.\n

In this talk, we will discuss Intel\'s proprietary Houdini translator, which is primarily used by Android on x86 platforms, such as higher-end Chromebooks and desktop Android emulators. We will start with a high-level discussion of how Houdini works and is loaded into processes. We will then dive into the low-level internals of the Houdini engine and memory model, including several security weaknesses it introduces into processes using it. Lastly, we will discuss methods to escape the Houdini environment, execute arbitrary ARM and x86, and write Houdini-targeted malware that bypasses existing platform analysis.\n

REFERENCES: * Ye, Roger. Android System Programming: Porting, Customizing, and Debugging Android HAL. Packt Publishing, 2017.\n* JNI Functions, Oracle, 12 Nov. 2002, https://docs.oracle.com/javase/7/docs/technotes/guides/jni/spec/functions.html\n* Chromium OS Docs. Linux System Call Table, https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md\n* The Development Environment : Android Developers. Android Developers, https://developer.android.com/topic/arc/development-environment\n* Nachoparker. Own Your Bits, 14 June 2018, https://ownyourbits.com/2018/06/13/transparently-running-binaries-from-any-architecture-in-linux-with-qemu-and-binfmt_misc/\n* Git at Google. Android container in Chrome OS, archived at https://web.archive.org/web/20200128052853/https://chromium.googlesource.com/chromiumos/platform2/+/master/arc/container-bundle/\n* Oberheide, J. & Miller, C. 2012, June. Dissecting the Android Bouncer [Presentation] @ SummerCON, Brooklyn, New York

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=9oQ5XjA1aq0\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Guillaume%20Fournier%20Sylvain%20Afchain%20Sylvain%20Baubeau%20-%20eBPF%2C%20I%20thought%20we%20were%20friends.mp4\n

\'',NULL,219915),('2_Friday','13','13:00','13:59','N','DC','','\'eBPF, I thought we were friends!\'','\'Guillaume Fournier,Sylvain Afchain,Sylvain Baubeau\'','DC_16251c77d98420e8bf249ba1fd726fcc','\'Title: eBPF, I thought we were friends!
\nWhen: Friday, Aug 6, 13:00 - 13:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Guillaume Fournier,Sylvain Afchain,Sylvain Baubeau
\n
SpeakerBio:Guillaume Fournier\n
\nGuillaume Fournier is a Security Engineer at Datadog where he focuses on developing a new generation of runtime security tools powered by eBPF. In his free time, he likes to build defensive and offensive security tools such as a chrome-like sandbox for VLC on Linux, or various projects to automate drones and wireless keyboards hacking.
\nTwitter: @gui774ume
\n
SpeakerBio:Sylvain Afchain\n
\nSylvain Afchain is a staff software engineer at Datadog. He\'s been working on linux for more than 15 years. He mostly worked on distributed systems, cloud infrastructure and SDN solutions. In his spare time, he enjoys cycling, playing tennis and badminton.
\n
SpeakerBio:Sylvain Baubeau\n
\nSylvain Baubeau is a staff software engineer, mostly working on Linux, cloud and infrastructure technologies. In his spare time, he likes to play drums, reverse engineer old games and build arcades.
\n\n
\nDescription:
\nSince its first appearance in Kernel 3.18, eBPF (Extended Berkley Packet Filter) has progressively become a key technology for observability in the Linux kernel. Initially dedicated to network monitoring, eBPF can now be used to monitor and trace any kind of kernel space activity.\n

Over the past few years, many vendors have started using eBPF to speed up their services or introduce innovative features. Cilium, Calico, Cloudflare, Netflix and Facebook are leading the charge, showing off new complex networking use cases on a monthly basis. On the security side of things, Google recently contributed the Kernel Runtime Security Instrumentation which opens the door to writing Linux Security Modules with eBPF.\n

In other words, eBPF is the new kid in town and a growing number of companies are running services with eBPF access in production. This leads us to a simple question: how bad can things get if one of those services were to be compromised ? This talk will cover how we leveraged eBPF to implement a full blown rootkit with all the features you would expect: various obfuscation techniques, command and control with remote and persistent access, data theft and exfiltration techniques, Runtime Application Self-Protection evasion techniques, and finally two original container breakout techniques.\n

Simply put, our goal is to demonstrate that rogue kernel modules might have finally found a worthy opponent. We will also detail how to detect such attacks and protect your infrastructure from them, while safely enjoying the exciting capabilities that eBPF has to offer.\n

REFERENCES

Bibliography and documentation links cited in the submission:

Russian GRU 85th GTsSS deploys previously undisclosed drovorub malware, NSA / FBI, August 2020 https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF\n
Kprobe-based Event Tracing, https://www.kernel.org/doc/html/latest/trace/kprobetrace.html\n
Linux Kernel tracepoints, https://www.kernel.org/doc/html/latest/trace/tracepoints.html\n
â€œbpf_probe_write_userâ€ bpf helper, https://elixir.bootlin.com/linux/v5.11.11/source/include/uapi/linux/bpf.h#L1472\n
Uprobe-based Event Tracing, https://www.kernel.org/doc/html/latest/trace/uprobetracer.html\n
Ciliumâ€™s XDP documentation, https://docs.cilium.io/en/latest/bpf/#xdp

Previous eBPF related talks & projects that helped us build the rootkit:\n

7. Evil eBPF In-Depth: Practical Abuses of an In-Kernel Bytecode Runtime, Jeff Dileo, DEF CON 27, https://www.defcon.org/html/defcon-27/dc-27-speakers.html#Dileo\n8. Process level network security monitoring and enforcement with eBPF, Guillaume Fournier, https://www.sstic.org/2020/presentation/process_level_network_security_monitoring_and_enforcement_with_ebpf/\n

9. Runtime Security with eBPF, Sylvain Afchain, Sylvain Baubeau, Guillaume Fournier, https://www.sstic.org/2021/presentation/runtime_security_with_ebpf/\n10. Monitoring and protecting SSH sessions with eBPF, Guillaume Fournier, https://www.sstic.org/2021/presentation/monitoring_and_protecting_ssh_sessions_with_ebpf/\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=5zixNDolLrg\n

DCTV Channel Map: https://dctv.defcon.org/\n

FAA vs RDQ:
\nhttps://www.racedayquads.com/pages/rdq-vs-faa\nhttps://www.gofundme.com/f/savefpv?utm_campaign=p_cp_url&utm_medium=os&utm_source=customer\nhttps://www.suasnews.com/2021/03/racedayquads-com-vs-faa-court-case-in-defense-of-all-drone-pilots-and-model-aviators/\n

\'',NULL,219916),('2_Friday','14','14:00','14:45','N','DC','','\'MAVSH> Attacking from Above\'','\'Sach\'','DC_c7968f9d6a3cf027c9e09c0d30731ce1','\'Title: MAVSH> Attacking from Above
\nWhen: Friday, Aug 6, 14:00 - 14:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Sach\n
\nSach is a self taught developer, an aspiring pentester, and a drone enthusiast. In his spare time he enjoys playing chess, reading Sci-Fi novels, learning about cryptocurrencies, and flying drones.
\nTwitter: @0xkayn
\n\n
\nDescription:
\nOver the course of 2020 and 2021, drone enthusiasts and the FAA have been locked in a series of legal battles over the future of unmanned aviation.\n

New regulations and restrictions, such as Remote Identification, aim to leave drone and model aviation hobbyists with a grim choice: incur countless financial costs, or lose the ability to fly freely.\n

Not only do these regulations impact hobbyists, they also restrict our ability to use drones as recon and payload delivery tools, but the FAA gave us a loophole.\n

In this talk, I\'ll share my knowledge of the MAVLink protocol and how it can be modified to take advantage of that loophole. I\'ll also show you how to build a drone capable of 20+ minute flights, potentially multiple miles of range, and hosting a Raspberry Pi 0 W onboard, enabling remote command execution without the use of onboard WiFi or cellular networks ALL while exploiting that loophole.\n

Come learn how and why the FAA \"Can\'t Stop the Signal\"!\n

REFERENCES\n

Ardupilot: https://ardupilot.org/\nhttps://github.com/ArduPilot/ardupilot
MAVLink: https://mavlink.io/en/

Danger Drone and Defense Measures:
\nhttps://resources.bishopfox.com/files/slides/2017/DEF_CON_25_(2017)-Game_of_Drones-Brown_Latimer-29July2017.pdf\nhttps://resources.bishopfox.com/resources/tools/drones-penetration-testers/attack-tools/\n

Watch Dogs Drone:
\nhttps://hackaday.com/2018/05/27/watch-dogs-inspired-hacking-drone-takes-flight/\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Eugene%20Lim%20Glenice%20Tan%20Tan%20Kee%20Hock%20-%20Hacking%20Humans%20with%20AI%20as%20a%20Service.mp4\n

\'',NULL,219917),('2_Friday','14','14:00','14:45','N','DC','','\'Hacking Humans with AI as a Service\'','\'Eugene Lim,Glenice Tan,Tan Kee Hock\'','DC_f271e0a696da015447be1c455dc60839','\'Title: Hacking Humans with AI as a Service
\nWhen: Friday, Aug 6, 14:00 - 14:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\nSpeakers:Eugene Lim,Glenice Tan,Tan Kee Hock
\n
SpeakerBio:Eugene Lim\n
\nEugene Lim, also known as spaceraccoon, is a security researcher and white hat hacker. He regularly participates in live-hacking events and was awarded the Most Valuable Hacker title in the h1-213 Live-Hacking Event by Hackerone. Besides white hat hacking, he enjoys building security tools, including a malicious npm package scanner and an open-source intelligence social engineering honeypot that were presented at Black Hat Asia Arsenal 2019 and Black Hat USA Arsenal 2020. His writeups on https://spaceraccoon.dev are regularly cited by other white hat hackers.
\nTwitter: @spaceraccoonsec
\nhttps://www.linkedin.com/in/limzhiweieugene/
\n
SpeakerBio:Glenice Tan\n
\nGlenice is a security researcher that enjoys exploring the quirks of different systems, applications, and processes. In the past year, she had the opportunity to conduct social engineering exercises, which includes phishing and vishing. Apart from applications and human hacking, she also experiments on ways to automate or improve red team operations.
\nhttps://www.linkedin.com/in/glenicetan/
\n
SpeakerBio:Tan Kee Hock\n
\nTan Kee Hock is a Cybersecurity Specialist who simply likes to \'hack\' things. He loves to play CTFs and is always keen to explore more!
\nhttps://www.linkedin.com/in/tankeehock/
\n\n
\nDescription:
\nAs the proliferation of Artificial Intelligence as a Service (AIaaS) products such as OpenAI\'s GPT-3 API places advanced synthetic media generation capabilities in the hands of a global audience at a fraction of the cost, what does the future hold for AI-assisted social engineering attacks? In our talk, we will present the nuts and bolts of an AIaaS phishing pipeline that was successfully deployed in multiple authorized phishing campaigns. Using both paid and free services, we emulated the techniques that even low-skilled, limited resource actors could adopt to execute effective AI-assisted phishing campaigns at scale. By repurposing easily-accessible personality analysis AIaaS products, we generated persuasive phishing emails that were automatically personalized based on a target\'s public social media information and created by state-of-the-art natural language generators. We will also discuss how an AI-assisted phishing workflow would impact traditional social engineering teams and operations. Finally, we look at how AIaaS suppliers can mitigate the misuse of their products.\n

REFERENCES\n

T. Karras, S. Laine, and T. Aila, â€œA Style-Based Generator Architecture for Generative Adversarial Networks,â€ arXiv:1812.04948 [cs.NE], 2019.\n
S. Gehrmann, H. Strobelt, and A. M. Rush, â€œGLTR: Statistical Detection and Visualization of Generated Text,â€ arXiv:1906.04043 [cs.CL], 2019.\n
G. Jawahar, M. Abdul-Mageed, and L. V. S. Lakshmanan, â€œAutomatic Detection of Machine Generated Text: A Critical Survey,â€ arXiv:2011.01314 [cs.CL], 2020.\n
J. Seymour and P. Tully, â€œWeaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter,â€ 2016.\n
P. Tully and F. Lee, â€œRepurposing Neural Networks to Generate Synthetic Media for Information Operations,â€ 2020.\n
OpenAI, â€œOpenAI Charter,â€ OpenAI, 09-Apr-2018. [Online]. Available: https://openai.com/charter/.\n
G. Brockman, M. Murati, and P. Welinder, â€œOpenAI API,â€ OpenAI, 11-Jun-2020. [Online]. Available: https://openai.com/blog/openai-api/.\n
A. Pilipiszyn, â€œGPT-3 Powers the Next Generation of Apps,â€ OpenAI, 25-Mar-2021. [Online]. Available: https://openai.com/blog/gpt-3-apps/.

Would like to thank contributing author Timothy Lee\nTimothy is a security researcher who likes to break things and tries to understand how the system works during the process. In the past year, he is researching with iOS security and is starting his journey on iOS vulnerability research. Additionally, he has contributed to red team social engineering operations and security tooling, with practical experience in vishing and in-person social engineering. https://www.linkedin.com/in/timothylee0/\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=tWWhRbzhkrg\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Additional
\n- https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918/\n- https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/\n- https://blog.dave.tf/post/ip-addr-parsing/\n- https://security-tracker.debian.org/tracker/CVE-2021-29424\n- https://security-tracker.debian.org/tracker/CVE-2021-29662\n- https://www.npmjs.com/package/netmask\n- https://github.com/rs/node-netmask
\n- https://bugs.python.org/issue36384#msg392423\n- https://github.com/rust-lang/rust/pull/83652\n- https://github.com/rust-lang/rust/issues/83648\n

\'',NULL,219918),('2_Friday','14','14:00','14:59','N','DC','','\'Rotten code, aging standards, & pwning IPv4 parsing across nearly every mainstream programming language\'','\'Kelly Kaoudis,Sick Codes\'','DC_d7e19edc608654c091e8826c2f514e8b','\'Title: Rotten code, aging standards, & pwning IPv4 parsing across nearly every mainstream programming language
\nWhen: Friday, Aug 6, 14:00 - 14:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Kelly Kaoudis,Sick Codes
\n
SpeakerBio:Kelly Kaoudis\n
\nKelly Kaoudis is a senior software engineer working in application security in Colorado. Following working with the group to validate and test the node-netmask bypass Viale discovered, Kaoudis wrote many of the proofs-of-concept which demonstrate the critical impact of this cascade of unique vulnerabilities.
\nTwitter: @kaoudis
\nhttps://github.com/kaoudis
\n
SpeakerBio:Sick Codes\n
\nSick Codes maintains popular open source projects, publishes high-profile security vulnerabilities in good faith, and administers his namesake https://sick.codes, a security research and tutorial resource for developers. Sick Codes\' work coordinating communication across many companies, foundations, and other open source organisations was invaluable in getting these vulnerabilities patched and responsibly disclosed.\n

Sick Codes: I am a Hacker, an Independent Security Researcher, an Australian, and an Open Source maintainer. I regularly publish nasty vulnerabilities in everyone\'s favorite products, from all the best vendors. I\'ve published CVEs in Smart TV\'s, Browsers, missile design software, and entire programming languages. Freelance automation specialist by day and hacker by trade. I publish weaponized code on GitHub, namely Docker-OSX, which was my first big \"thing,\" which now has 15k stars, and my biggest project, Docker-OSX has over 100,000 downloads on DockerHub.\n

@sickcodes
\nhttps://github.com/sickcodes
\nhttps://www.linkedin.com/in/sickcodes/
\nhttps://sick.codes\n

\nTwitter: @sickcodes
\nhttps://sick.codes
\n\n
\nDescription:
\nOpenness to responsibly disclosed external vulnerability research is crucial for modern software maintainers and security teams. Changes in upstream dependency code may have pulled the safety rug out from underneath widely trusted core libraries, leaving millions of services vulnerable to unsophisticated attacks. The impact of even a single reasonably well-distributed supply-chain security vulnerability will be felt by engineering teams across many applications, companies, and industries.\n

We\'d like to discuss an IP address parsing vulnerability first discovered in private-ip, a small and infrequently maintained yet critically important NodeJS package for determining if an IP address should be considered part of a private range or not. We\'ll talk about not only the implications of this CVE but taking the main idea and applying it across multiple programming languages in uniquely disturbing ways.\n

Sometimes, the effects of code rot are even more far-reaching than we could possibly expect, and if you pull on a thread, it just keeps going. Sometimes, you get lucky when you know exactly what you\'re looking for. Sometimes, it\'s hard to convince other technically-minded folks that a seemingly trivial implementation flaw is dangerous in capable hands.\n

This talk is beginner as well as advanced-friendly; we\'ll show you the basics a hacker or a programmer needs to know about IP address parsing and how to tell your octal from your decimal along the way.\n

REFERENCES

Researchers involved in this work:
\n- Victor Viale: https://github.com/koroeskohr, koroeskohr\n- Sick Codes: https://github.com/sickcodes, sickcodes\n- Kelly Kaoudis: https://github.com/kaoudis, kaoudis\n- John Jackson: https://www.johnjhacking\n- Nick Sahler: https://github.com/nicksahler, tensor_bodega\n- Cheng Xu: https://github.com/xu-cheng\n

Selected press coverage (as of May \'21)\n- https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/\n- https://www.theregister.com/2021/03/29/netmask_cve/\n- https://www.bleepingcomputer.com/news/security/python-also-impacted-by-critical-ip-address-validation-vulnerability/\n

Currently released advisories related to this work (as of May \'21)\n- https://sick.codes/sick-2021-011/
\n- https://vuln.ryotak.me/advisories/6
\n- https://sick.codes/sick-2021-018/
\n- https://sick.codes/sick-2020-022/\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=_o1RPJAe4kU\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Kelly%20Kaoudis%20Sick%20Codes%20-%20Rotten%20code%2C%20aging%20standards%2C%20%26%20pwning%20IPv4%20parsing%20across%20nearly%20every%20mainstream%20programming%20language.mp4\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Richard%20Thieme%20AKA%20neuralcowboy%20-%20UFOs%20-%20Misinformation%2C%20Disinformation%2C%20and%20the%20Basic%20Truth.mp4\n

\'',NULL,219919),('2_Friday','15','15:00','15:59','N','DC','','\'UFOs: Misinformation, Disinformation, and the Basic Truth\'','\'Richard Thieme AKA neuralcowboy\'','DC_382dbbe5480f930b9c7aa88065a22367','\'Title: UFOs: Misinformation, Disinformation, and the Basic Truth
\nWhen: Friday, Aug 6, 15:00 - 15:59 PDT
\nWhere: Track 1 CLOSED; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Richard Thieme AKA neuralcowboy\n
\nRichard Thieme, https://thiemeworks.com has addressed security and intelligence issues for 28 years. He has keynoted security conferences in 15 countries and given presentations for the NSA, FBI, Secret Service, Pentagon Security Forum, U.S. Department of the Treasury, and Los Alamos National Laboratory. He has been speaking at Def Con since Def Con 4. His sixth book, a novel, Mobius: A Memoir, about an intelligence professional looking back on his career and how it led down unexpected paths, is receiving rave reviews. He has explored UFO phenomena seriously for 43 years.
\nTwitter: @neuralcowboy
\n\n
\nDescription:
\nThe talk, \"UFOs and Government: A Historical Inquiry\" given at Def Con 21 has been viewed thousands of times. It was a serious well-documented exploration of the UFO subject based on Thieme\'s participation in research into the subject with colleagues. The book of that name is the gold standard for historical research into the subject and is in 100+ university libraries.\n

This update was necessitated by recent UFO incidents and the diverse conversations triggered by them. Contextual understanding is needed to evaluate current reports from pilots and naval personnel, statements from senators and Pentagon personnel, and indeed, all the input from journalists who are often unfamiliar with the field and the real history of documented UFOs over the past 70 years.\n

Thieme was privileged to participate with scholars and lifelong researchers into the massive trove of reports. We estimate that 95% can be explained by mundane phenomena but the remainder suggest prolonged interaction with our planetary society over a long period. Thieme also knows that when you know you don\'t know something, don\'t suggest that you do. Stay with the facts, stay with the data. Sensible conclusions, when we do that, are astonishing enough.\n

Reality, as Philip K. Dick said, will not go away just because we refuse to believe in it.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=mExktWB0qz4\n

\n
This talk has been pre-recorded and will be released to the DEF CON Media Server, torrents, and YouTube. At the time of this event, it will only be broadcast to DCTV1, in local hotels and on Twitch. This talk is not being presented in Track 1.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Rotem%20Bar%20-%20Abusing%20SAST%20tools%20When%20scanners%20do%20more%20than%20just%20scanning.mp4\n

\'',NULL,219920),('2_Friday','15','15:00','15:45','N','DC','','\'Abusing SAST tools! When scanners do more than just scanning\'','\'Rotem Bar\'','DC_b61dbac5b9132a3bf1f9e785c55fb374','\'Title: Abusing SAST tools! When scanners do more than just scanning
\nWhen: Friday, Aug 6, 15:00 - 15:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Rotem Bar\n
\nRotem Bar has over a decade of experience in the security field including penetration testing both application and network, design reviews, code reviews, architecture reviews, tech management, and of course development.\n

Over the years Rotem has gained experience in a diversity of industries from the financial services, to insurance, through high-tech & the automotive industry, along with other complex environments.\n

In the last couple of years Rotem has been working in concept design and development, pen testing and working with hardware in Cymotive, which is a company that focuses on end to end cyber security for the automotive industry, and after that he served as an application security expert at AppsFlyer.\n

Today Rotem is the Head of Marketplace Integrations at Cider Security, that is focusing on revolutionizing CI/CD security.\n

During his free time, Rotem plays with robotics, bug-bounty and and enjoys traveling with his family.\n

\nTwitter: @rotembar
\nwww.rotem-bar.com
\n\n
\nDescription:
\nWhen we write code, we often run many scanners for different purposes on our code - from linters, to testing, security scanning, secret scanning, and more.\n

Scanning the code occurs on developers\' machines and in CI/CD pipelines, which assumes the code is untrusted and unverified and based on this assumption scanners shouldn\'t have the ability to dynamically run code.\n

Our research focuses on the many static analyzers out there if this is really the case. Many of the scanners allow different ways of interaction - From requesting external resources, overriding the configuration and to remote code execution as part of the process.This talk will be technical and show examples of well-known scanning tools and how we created code that attacks them.\n

TLDR -
\nWhen integrating and using new tools in our CI systems and especially when running on unverified code, Which tools can we trust and how can we scan safe untrusted code in a secure way?\n

REFERENCES: https://github.com/jonase/kibit/issues/235 - Issue I raised in the past in one of the tools

Hiroki Suezawa in a thread in cloud security forum talked about exploiting terraform plan https://cloudsecurityforum.slack.com/archives/CNJKBFXMH/p1584035704035800\n

This reference was released after I\'ve started my research but nevertheless a good resource and has interesting perspectives and I will reference it: https://alex.kaskaso.li/post/terraform-plan-rce\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=Jl-CU6G4Ofc\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Orange%20Tsai%20-%20ProxyLogon%20is%20Just%20the%20Tip%20of%20the%20Iceberg%2C%20A%20New%20Attack%20Surface%20on%20Microsoft%20Exchange%20Server.mp4\n

\'',NULL,219921),('2_Friday','15','15:00','15:59','N','DC','','\'ProxyLogon is Just the Tip of the Iceberg, A New Attack Surface on Microsoft Exchange Server!\'','\'Orange Tsai\'','DC_19322c3318a8302b98653fb352f53423','\'Title: ProxyLogon is Just the Tip of the Iceberg, A New Attack Surface on Microsoft Exchange Server!
\nWhen: Friday, Aug 6, 15:00 - 15:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Orange Tsai\n
\nCheng-Da Tsai, aka Orange Tsai, is the principal security researcher of DEVCORE, CHROOT security group member, and captain of HITCON CTF team in Taiwan. He is the Pwn2Own 2021 \"Master of Pwn\" champion and also as the speaker in conferences such as Black Hat USA/ASIA, DEF CON, HITCON, HITB GSEC/AMS, CODE BLUE, and WooYun!\n

Orange participates in numerous CTF and won second place in DEF CON CTF 22/25/27 as team HITCON. Currently, Orange is a 0day researcher focusing on web/application security, his research is not only the Pwnie Awards 2019 winner for â€œBest Server-Side Bugâ€ but also the first place in \"Top 10 Web Hacking Techniques\" of 2017/2018. Orange also enjoys bug bounties in his free time. He is enthusiastic about the RCE bugs and uncovered RCEs in numerous vendors such as Twitter, Facebook, Uber, Apple, GitHub, Amazon, and so on.\n

\nTwitter: @orange_8361
\nhttps://blog.orange.tw/
\n\n
\nDescription:
\nMicrosoft Exchange Server is an email solution widely deployed within government and enterprises, and it is an integral part of both their daily operations and security. Needless to say, vulnerabilities in Exchange have long been the Holy Grail for attackers, hence our security research on Exchange. Surprisingly, weâ€™ve found not only critical vulnerabilities such as ProxyLogon, but a whole new attack surface of Exchange.\n

This new attack surface is based on a significant change in Exchange Server 2013, where the fundamental protocol handler, Client Access Service (CAS), splits into frontend and backend. In this fundamental change of architecture, quite an amount of design debt was incurred, and, even worse, it introduced inconsistencies between contexts, leading us to discover this new attack surface.\n

To unveil the beauty of this attack surface and our novel exploitation, weâ€™ll start by analyzing this architecture, followed by 7 vulnerabilities that consist of server-side bugs, client-side bugs, and crypto bugs found via this attack surface. In the end, these vulnerabilities are chained into 3 attack vectors that shine in different attack scenarios: ProxyLogon, ProxyShell, and ProxyOracle. These attack vectors enable any unauthenticated attacker to uncover plaintext passwords and even execute arbitrary code on Microsoft Exchange Servers through port 443, which is exposed to the Internet by ~400K Exchange Servers.\n

This attack surface has its unparalleled impact for a reason: security researchers tend to find vulnerabilities from a certain perspective, such as digging for memory bugs, injections, or logic flaws, but we took a different approach by looking at Exchange from a high-level architectural view and captured this architecture-level attack surface, which yielded multiple vulnerabilities. We hope this brings a new paradigm to vulnerability research and inspires more security researchers to look into Exchange Server. Last but not least, weâ€™ll provide hardening actions to mitigate such types of 0days in Exchange.\n

# REFERENCES:\n

\"Hunting for bugs, catching dragons\" by Nicolas Joly in Black Hat USA 2019\n
CVE-2020-0688 and CVE-2018-8302 from ZDI blog\n
CVE-2020-16875 from @steventseeley

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=5mqid-7zp8k\n

DCTV Channel Map: https://dctv.defcon.org/\n

\'',NULL,219922),('2_Friday','16','16:00','16:59','N','DC','','\'Defending against nation-state (legal) attack: how to build a privacy-protecting service in the era of ubiquitous surveillance\'','\'Bill \"Woody\" Woodcock\'','DC_babc61be5b0866de5094b182b1ab9107','\'Title: Defending against nation-state (legal) attack: how to build a privacy-protecting service in the era of ubiquitous surveillance
\nWhen: Friday, Aug 6, 16:00 - 16:59 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Live
\n
SpeakerBio:Bill \"Woody\" Woodcock\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This talk will be given live in Track 1, and will be streamed to DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Patrick%20Wardle%20-%20Bundles%20of%20Joy%20-%20Breaking%20macOS%20via%20Subverted%20Applications%20Bundles.mp4\n

\'',NULL,219923),('2_Friday','16','16:00','16:45','N','DC','','\'Bundles of Joy: Breaking macOS via Subverted Applications Bundles\'','\'Patrick Wardle\'','DC_387ae3d4c72005376fff873bc6c84eb9','\'Title: Bundles of Joy: Breaking macOS via Subverted Applications Bundles
\nWhen: Friday, Aug 6, 16:00 - 16:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Patrick Wardle\n
\nPatrick Wardle is the founder of Objective-See. Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users.
\nTwitter: @patrickwardle
\nhttps://objective-see.com/
\n\n
\nDescription:
\nA recent vulnerability, CVE-2021-30657, neatly bypassed a myriad of foundational macOS security features such as File Quarantine, Gatekeeper, and Notarization. Armed with this capability attackers could (and were!) hacking macOS systems with a simple user (double)-click. Yikes!\n

In this presentation weâ€™ll dig deep into the bowels of macOS to uncover the root cause of the bug: a subtle logic flaw in the complex and undocumented policy subsystem. Moreover, weâ€™ll highlight the discovery of malware exploiting this bug as an 0day, reversing Appleâ€™s patch, and discuss novel methods of both detection and prevention. \n

REFERENCES: â€œAll Your Macs Are Belong To Usâ€\nhttps://objective-see.com/blog/blog_0x64.html\nâ€œmacOS Gatekeeper Bypass (2021 Edition)â€\nhttps://cedowens.medium.com/macos-gatekeeper-bypass-2021-edition-5256a2955508\nâ€œShlayer Malware Abusing Gatekeeper Bypass On Macosâ€\nhttps://www.jamf.com/blog/shlayer-malware-abusing-gatekeeper-bypass-on-macos/

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=raSTgFqYaoc\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Sheila%20A.%20Berta%20-%20The%20Unbelievable%20Insecurity%20of%20the%20Big%20Data%20Stack.mp4\n

\'',NULL,219924),('2_Friday','16','16:00','16:59','N','DC','','\'The Unbelievable Insecurity of the Big Data Stack: An Offensive Approach to Analyzing Huge and Complex Big Data Infrastructures\'','\'Sheila A. Berta\'','DC_0a4349aff4c3ecd92230cf603afd6b1d','\'Title: The Unbelievable Insecurity of the Big Data Stack: An Offensive Approach to Analyzing Huge and Complex Big Data Infrastructures
\nWhen: Friday, Aug 6, 16:00 - 16:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Sheila A. Berta\n
\nSheila A. Berta is an offensive security specialist who started at 12 years-old by learning on her own. At the age of 15, she wrote her first book about Web Hacking, published in several countries. Over the years, Sheila has discovered vulnerabilities in popular web applications and software, as well as given courses at universities and private institutes in Argentina. She specializes in offensive techniques, reverse engineering, and exploit writing and is also a developer in ASM (MCU and MPU x86/x64), C/C++, Python and Go. The last years she focused on Cloud Native and Big Data security. As an international speaker, she has spoken at important security conferences such as Black Hat Briefings, DEF CON, HITB, Ekoparty, IEEE ArgenCon and others. Sheila currently works as Head of Research at Dreamlab Technologies.
\nTwitter: @UnaPibaGeek
\n\n
\nDescription:
\nHonoring the term, the variety of technologies in the Big Data stack is hugely BIG. Many complex components in charge of transport, storing, and processing millions of records make up Big Data infrastructures. The speed at which data needs to be processed and how quickly the implemented technologies need to communicate with each other make security lag behind. Once again, complexity is the worst enemy of security.\n

Today, when conducting a security assessment on Big Data infrastructures, there is currently no methodology for it and there are hardly any technical resources to analyze the attack vectors. On top of that, many things that are considered vulnerabilities in conventional infrastructures, or even in the Cloud, are not vulnerabilities in this stack. What is a security problem and what is not a security problem in Big Data infrastructures? That is one of the many questions that this research answers. Security professionals need to count on a methodology and acquire the necessary skills to competently analyze the security of such infrastructures.\n

This talk presents a methodology, and new and impactful attack vectors in the four layers of the Big Data stack: Data Ingestion, Data Storage, Data Processing and Data Access. Some of the techniques that will be exposed are the remote attack of the centralized cluster configuration managed by ZooKeeper; packet crafting for remote communication with the Hadoop RPC/IPC to compromise the HDFS; development of a malicious YARN application to achieve RCE; interfering data ingestion channels as well as abusing the drivers of HDFS-based storage technologies like Hive/HBase, and platforms to query multiple data lakes as Presto. In addition, security recommendations will be provided to prevent the attacks explained.\n

REFERENCES: I plan to release a white paper at the conference, in the white paper there will be all the references. Anyway, as the attacks are novel, the references are related to infrastructure stuff mostly, not so much about security.

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=vl9hk4fQdos\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Christian%20quaddi%20Dameff%20MD%20Jeff%20r3plicant%20Tully%20MD%20Jessica%20Wilkerson%20Josh%20Corman%20-%20Do%20No%20harm-%20Health%20Panel.mp4\n

\'',NULL,219925),('2_Friday','17','17:00','18:59','N','DC','','\'Do No harm; Health Panel : Live version - A DEF CON Policy Panel\'','\'DEF CON Policy Panel\'','DC_1c33a2ceaf5e0bfaacf40a2cb94c05dd','\'Title: Do No harm; Health Panel : Live version - A DEF CON Policy Panel
\nWhen: Friday, Aug 6, 17:00 - 18:59 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Live
\n
SpeakerBio:DEF CON Policy Panel\n
\nNo BIO available
\n\n
\nDescription:
\n--\n

This talk has been released to the DEF CON Media server.\n

\n
This talk will be given live in Track 1, and will be streamed to DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Rex%20Guo%20Junyuan%20Zeng%20-%20Phantom%20Attack%20-%20Evading%20System%20Call%20Monitoring.mp4\n

\'',NULL,219926),('2_Friday','18','17:00','18:59','Y','DC','','\'Do No harm; Health Panel : Live version - A DEF CON Policy Panel\'','\'DEF CON Policy Panel\'','DC_1c33a2ceaf5e0bfaacf40a2cb94c05dd','\'\'',NULL,219927),('2_Friday','17','17:00','17:45','N','DC','','\'Phantom Attack: Evading System Call Monitoring\'','\'Junyuan Zeng,Rex Guo\'','DC_2d502b472b290190997a0c65b21ce76b','\'Title: Phantom Attack: Evading System Call Monitoring
\nWhen: Friday, Aug 6, 17:00 - 17:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\nSpeakers:Junyuan Zeng,Rex Guo
\n
SpeakerBio:Junyuan Zeng\n
\nJunyuan Zeng is Senior Software Engineer at Linkedin. Before Linkedin, he was Staff Security Architect at JD.com where he designed and architected container security monitoring solutions. Before that he was Staff Software Engineer for mobile payment security at Samsung and a security researcher at FireEye where he worked on mobile malware analysis. He has published in ACM CCS, USENIX ATC, and other top academic conferences. He obtained his PhD in Computer Science from The University of Texas at Dallas.
\nhttps://www.linkedin.com/in/junyuanzeng/
\n
SpeakerBio:Rex Guo\n
\nRex Guo works as Head of Research at Confluera where he leads the security research and development of the cloud XDR product which includes the real-time threat storyboarding capabilities (a.k.a. attack narrative). Before joining Confluera, he was an engineering manager at Cisco Tetration where his team bootstrapped the server EDR product deployed on millions of cloud endpoints. Before that, Rex worked at both Intel Security and Qualcomm. In these positions, he has worked on application security, infrastructure security, malware analysis, and mobile/ IoT platform security. He has presented at Blackhat multiple times. He has 30+ patents and publications. He received a PhD from New York University.
\nTwitter: @Xiaofei_REX
\nhttps://www.linkedin.com/in/xiaofeiguo/
\n\n
\nDescription:
\nPhantom attack is a collection of attacks that evade Linux system call monitoring. A user mode program does not need any special privileges or capabilities to reliably evade system call monitoring using Phantom attack by exploiting insecure tracing implementations.\n

After adversaries gain an initial foothold on a Linux system, they typically perform post-exploitation activities such as reconnaissance, execution, privilege escalation, persistence, etc. It is extremely difficult if not impossible to perform any non-trivial adversarial activities without using Linux system calls.\n

Security monitoring solutions on Linux endpoints typically offer system call monitoring to effectively detect attacks. Modern solutions often use either ebpf-based programs or kernel modules to monitor system calls through tracepoint and/or kprobe. Any adversary operations including abnormal and/or suspicious system calls reveal additional information to the defenders and can trigger detection alerts.\n

We will explain the generic nature of the vulnerabilities exploited by Phantom attack. We will demonstrate Phantom attack on two popular open source Linux system call monitoring solutions Falco (Sysdig) and Tracee (Aquasecurity). We will also explain the differences between Phantom v1 and v2 attacks. Finally, we will discuss mitigations for Phantom attack and secure tracing in the broader context beyond system call tracing.\n

REFERENCES: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33505\nhttps://i.blackhat.com/USA-20/Thursday/us-20-Lee-Exploiting-Kernel-Races-Through-Taming-Thread-Interleaving.pdf\nhttps://www.youtube.com/watch?v=MIJL5wLUtKE\nhttps://dl.packetstormsecurity.net/1005-advisories/khobe-earthquake.pdf

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=yaAdM8pWKG8\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

(Demo)
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20PatH%20-%20Warping%20Reality%20-%20creating%20and%20countering%20the%20next%20generation%20of%20Linux%20rootkits%20using%20eBPF%20-%20Demo.mp4\n

\'',NULL,219928),('2_Friday','17','17:00','17:59','N','DC','','\'Warping Reality - creating and countering the next generation of Linux rootkits using eBPF\'','\'PatH\'','DC_c77cd00acc2be5911732b338f4004be8','\'Title: Warping Reality - creating and countering the next generation of Linux rootkits using eBPF
\nWhen: Friday, Aug 6, 17:00 - 17:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:PatH\n
\nPat is a loving partner, a comedian to his daughter, and a dedicated ball retriever to his dog.\n

When he\'s not spending time being those things, he\'s a senior security researcher at a public cybersecurity company. Having previously worked as a low-level software dev, he now helps threat hunters uncover and stop advanced actors across the globe.\n

\nTwitter: @pathtofile
\nhttps://path.tofile.dev/
\n\n
\nDescription:
\nWith complete access to a system, Linux kernel rootkits are perfectly placed to hide malicious access and activity. However, running code in the kernel comes with the massive risk that any change to a kernel version or configuration can mean the difference between running successfully and crashing the entire system. This talk will cover how to use extended Berkley Packet Filters (eBPF) to create kernel rootkits that are safe, stable, stealthy, and portable.\n

eBPF is one of the newest additions to the Linux kernel, designed to easily load safe, constrained, and portable programs into the kernel to observe and make decisions about network traffic, syscalls, and more. But thatâ€™s not itâ€™s only use: by creating eBPF programs that target specific processes we can warp reality, presenting a version of a file to one program and a different version to another, all without altering the real file on disk. This enables techniques such as presenting a backdoor user to ssh while hiding from sysadmins, or smuggling data inside connections from legitimate programs. This talk will also cover how to use these same techniques in malware analysis to fool anti-sanbox checks.\n

These ideas and more are explored in this talk alongside practical methods to detect and prevent this next generation of Linux rootkits.\n

REFERENCES

- DEFCON 27 - Evil eBPF Practical Abuses of In-kernel Bytecode Runtime\n- A talk about abusing eBPF for exploitation and privilege escalation

eBPF Website\n
https://ebpf.io\n
A website by the eBPF community with documentation and links to existing projects
eBPF Slack\n
https://ebpf.io/slack\n
A Slack channel run by the eBPF community
Libbpf Bootstrap\n
https://github.com/libbpf/libbpf-bootstrap\n
A sample project designed to provide a template to creating eBPF programs with Libbpf

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=g6SKWT7sROQ\n

Media: (Main Talk)\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20PatH%20-%20Warping%20Reality%20-%20creating%20and%20countering%20the%20next%20generation%20of%20Linux%20rootkits%20using%20eBPF.mp4

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Martin%20Doyhenard%20-%20Response%20Smuggling-%20Pwning%20HTTP-1.1%20Connections.mp4\n

\'',NULL,219929),('2_Friday','18','18:00','18:45','N','DC','','\'Response Smuggling: Pwning HTTP/1.1 Connections\'','\'Martin Doyhenard\'','DC_51516b388e9e684230348daf55115961','\'Title: Response Smuggling: Pwning HTTP/1.1 Connections
\nWhen: Friday, Aug 6, 18:00 - 18:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Martin Doyhenard\n
\nMartin is a security researcher at the Onapsis Research Labs. His work includes performing security assessment on SAP and Oracle products and detecting vulnerabilities in ERP systems. His research is focused on Web stack security, reverse engineering and binary analisis, and he is also an active CTF player. Martin has spoken at different conferences including RSA, Troopers, Hack In The Box and EkoParty and presented multiple critical vulnerabilities.
\nTwitter: @tincho_508
\n\n
\nDescription:
\nOver the past few years, we have seen some novel presentations re-introducing the concept of HTTP request smuggling, to reliably exploit complex landscapes and systems. With advanced techniques, researchers were able to bypass restrictions and breach the security of critical web applications.\n

This presentation will take a new approach, focusing on the response pipeline desynchronization, a rather unexplored attack vector in HTTP Smuggling.\n

First, I will introduce a Desync variant, using connection-tokens to hide arbitrary headers from the backend. This technique does not abuse discrepancy between HTTP parsers, but instead relies on a vulnerability in the protocol itself!\n

The issue was found and reported under Googleâ€™s Vulnerability Reward Program for a nice bounty!\n

Next, I will show how it is possible to inject multiple messages at the backend server, mixing the pipelineâ€™s connection order, and hijack users sessions from login requests.\n

Finally, using a novel technique known as Response Scripting, I will demonstrate how to create malicious outbound messages using static responses as the building blocks. This will be leveraged to write custom responses and take control of one of the most popular protocols in history!\n

REFERENCES: RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1\nhttps://tools.ietf.org/html/rfc2616

RFC 7231: Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content\nhttps://tools.ietf.org/html/rfc7231\n

CHAIM LINHART, AMIT KLEIN, RONEN HELED, STEVE ORRIN:\nHTTP Request Smuggling
\nhttps://www.cgisecurity.com/lib/HTTP-Request-Smuggling.pdf\n

James Kettle:
\nHTTP Desync Attacks: Request Smuggling Reborn\nhttps://portswigger.net/research/http-desync-attacks-request-smuggling-reborn\nhttps://portswigger.net/research/http-desync-attacks-what-happened-next\n

Emile Fugulin
\nHTTP Desync Attacks with Python and AWS\nhttps://medium.com/@emilefugulin/http-desync-attacks-with-python-and-aws-1ba07d2c860f\n

Amit Klein
\nHTTP Request Smuggling in 2020
\nhttps://i.blackhat.com/USA-20/Wednesday/us-20-Klein-HTTP-Request-Smuggling-In-2020-New-Variants-New-Defenses-And-New-Challenges.pdf\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=suxDcYViwao\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Hao%20Xing%20Zekai%20Wu%20-%20How%20I%20use%20a%20JSON%20Deserialization%200day%20to%20Steal%20Your%20Money%20On%20The%20Blockchain.mp4\n

\'',NULL,219930),('2_Friday','18','18:00','18:59','N','DC','','\'How I use a JSON Deserialization 0day to Steal Your Money On The Blockchain\'','\'Hao Xing,Zekai Wu\'','DC_c22940ee4ce297c133d5230e05bb4b8c','\'Title: How I use a JSON Deserialization 0day to Steal Your Money On The Blockchain
\nWhen: Friday, Aug 6, 18:00 - 18:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Hao Xing,Zekai Wu
\n
SpeakerBio:Hao Xing\n
\nHao Xing is a Security researcher from Tencent Security Xuanwu Lab. He made some presentations at Chaos Communication Congress and BlackHat Asia. His research foucs on Web security, Andoird security and Red Team. He reported lots of vulnerabilities for many internet giants such as Google, Microsoft, Alibaba etc.
\nTwitter: @RonnyX2017
\n
SpeakerBio:Zekai Wu\n
\nNo BIO available
\nTwitter: @hellowuzekai
\n\n
\nDescription:
\nFastjson is a widely used open source JSON parser with 23\'100 stars on GitHub. As a basic module of countless java web services, it serves hundreds of millions of users. We managed to find a way to bypass many security checks and mitigations by using the inheritance process of some basic classes, and achieve remote code execution successfully. We will disclose these high-risk and universal gadgets for the first time in this talk.\n

Now, we can control many important websites and affect millions of users. Let\'s make things more interesting. We found that this fastjson vulnerability affect a multi-billion-dollar blockchain. We designed multiple complex gadgets based on the features of the blockchain, and exquisitely achieved information leakage and pointer hijacking. Putting all these gadgets together, we achieved remote code execution on the blockchain nodes.\n

However, generally after remote code execution, we seem to have no better exploit method other than the 51% attack, which will lead to serious accounting confusion. After a detailed analysis of the architecture design of the public blockchain, we found a way from RCE to steal the public blockchain users\' assets almost without any notification.\n

To the best of our knowledge, this is the first published attack case on the realization of covertly stealing user assets after RCE on the public blockchain nodes. We will propose a more covert post penetration exploit method for public blockchain nodes in this talk.\n

Blockchain is not bulletproof to security vulnerability. We will show you how to use classical web vulnerabilities attack the blockchain and how to steal real money from the decentralized cyber world.\n

REFERENCES: 1. https://github.com/threedr3am/gadgetinspector\n2. https://github.com/JackOfMostTrades/gadgetinspector\n3. http://i.blackhat.com/us-18/Thu-August-9/us-18-Haken-Automated-Discovery-of-Deserialization-Gadget-Chains.pdf\n4. http://i.blackhat.com/eu-19/Thursday/eu-19-Zhang-New-Exploit-Technique-In-Java-Deserialization-Attack.pdf\n5. https://asm.ow2.io/asm4-guide.pdf

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=pUexrXOGCkE\n

DCTV Channel Map: https://dctv.defcon.org/\n

https://www.eff.org/wp/interoperability-and-privacy\n

\'',NULL,219931),('3_Saturday','10','10:00','10:59','N','DC','','\'Privacy Without Monopoly: Paternalism Works Well, But Fails Badly\'','\'Cory Doctorow\'','DC_3329093e8aad71edf58970b3e571c1e6','\'Title: Privacy Without Monopoly: Paternalism Works Well, But Fails Badly
\nWhen: Saturday, Aug 7, 10:00 - 10:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Cory Doctorow\n
\nCory Doctorow (craphound.com) is a science fiction novelist, journalist and technology activist. He is a contributor to many magazines, websites and newspapers. He is a special consultant to the Electronic Frontier Foundation (eff.org), a non-profit civil liberties group that defends freedom in technology law, policy, standards and treaties. He holds an honorary doctorate in computer science from the Open University (UK), where he is a Visiting Professor; he is also a MIT Media Lab Research Affiliate and a Visiting Professor of Practice at the University of North Carolinaâ€™s School of Library and Information Science. In 2007, he served as the Fulbright Chair at the Annenberg Center for Public Diplomacy at the University of Southern California.\n

His novels have been translated into dozens of languages and are published by Tor Books, Head of Zeus (UK), Titan Books (UK) and HarperCollins (UK). He has won the Locus, Prometheus, Copper Cylinder, White Pine and Sunburst Awards, and been nominated for the Hugo, Nebula and British Science Fiction Awards.\n

His recent books include ATTACK SURFACE (2020), a standalone sequel to LITTLE BROTHER intended for adults, POESY THE MONSTER SLAYER, a picture book for young children (2020), the nonfiction tech/politics book HOW TO DESTROY SURVEILLANCE CAPITALISM (2020), RADICALIZED (2019) and WALKAWAY (2017), science fiction for adults; and IN REAL LIFE, a young adult graphic novel created with Jen Wang (2014).\n

His latest young adult novel is HOMELAND, the bestselling sequel to 2008â€™s LITTLE BROTHER. His New York Times Bestseller LITTLE BROTHER was published in 2008. His latest short story collection is WITH A LITTLE HELP, available in paperback, ebook, audiobook and limited edition hardcover. In 2011, Tachyon Books published a collection of his essays, called CONTEXT: FURTHER SELECTED ESSAYS ON PRODUCTIVITY, CREATIVITY, PARENTING, AND POLITICS IN THE 21ST CENTURY (with an introduction by Tim Oâ€™Reilly) and IDW published a collection of comic books inspired by his short fiction called CORY DOCTOROWâ€™S FUTURISTIC TALES OF THE HERE AND NOW. THE GREAT BIG BEAUTIFUL TOMORROW, a PM Press Outspoken Authors chapbook, was also published in 2011.\n

LITTLE BROTHER was nominated for the 2008 Hugo, Nebula, Sunburst and Locus Awards. It won the Ontario Library White Pine Award, the Prometheus Award as well as the Indienet Award for bestselling young adult novel in Americaâ€™s top 1000 independent bookstores in 2008; it was the San Francisco Public Libraryâ€™s One City/One Book choice for 2013. It has also been adapted for stage by Josh Costello.\n

He co-founded the open source peer-to-peer software company OpenCola, and serves on the boards and advisory boards of the Participatory Culture Foundation, the Clarion Foundation, the Open Technology Fund and the Metabrainz Foundation. He maintains a daily blog at Pluralistic.net.\n

\nTwitter: @doctorow
\n\n
\nDescription:
\nGovernments around the world (US, UK, EU) are planning to force interoperability on the biggest tech platforms. Companies like Facebook say that this is a privacy disaster because it would hurt their ability to keep us safe from privacy invasions. Yeah, I know. But even if you DO think Facebook has our best interests at heart, monopoly is a deeply stupid way protect privacy. I will present \"Privacy Without Monopoly,\" a major EFF white paper I co-authored with Bennett Cyphers, which sets out a framework for understanding how privacy and interop aren\'t just compatible - they rely on one another!\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=deRRR5B1hwI\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Cory%20Doctorow%20-%20Privacy%20Without%20Monopoly.mp4\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Mickey%20Shkatov%20Jesse%20Michael%20-%20High-Stakes%20Updates%20-%20BIOS%20RCE%20OMG%20WTF%20BBQ.mp4\n

\'',NULL,219932),('3_Saturday','10','10:00','10:45','N','DC','','\'High-Stakes Updates | BIOS RCE OMG WTF BBQ\'','\'Jesse Michael,Mickey Shkatov\'','DC_75598be8306ab3bf77cfc5366d9eb269','\'Title: High-Stakes Updates | BIOS RCE OMG WTF BBQ
\nWhen: Saturday, Aug 7, 10:00 - 10:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\nSpeakers:Jesse Michael,Mickey Shkatov
\n
SpeakerBio:Jesse Michael\n
\nJesse Michael is an experienced security researcher focused on vulnerability detection and mitigation who has worked at all layers of modern computing environments from exploiting worldwide corporate network infrastructure down to hunting vulnerabilities inside processors at the hardware design level. His primary areas of expertise include reverse engineering embedded firmware and exploit development. He has also presented research at DEF CON, Black Hat, PacSec, Hackito Ergo Sum, Ekoparty, and BSides Portland.
\nTwitter: @JesseMichael
\n
SpeakerBio:Mickey Shkatov\n
\nMickey has been doing security research for almost a decade, one of specialties is simplifying complex concepts and finding security flaws in unlikely places. He has seen some crazy things and lived to tell about them at security conferences all over the world, his past talks range from web pentesting to black badges and from hacking cars to BIOS firmware.
\nTwitter: @HackingThings
\n\n
\nDescription:
\nWith attacks moving below the operating system and computer firmware vulnerability discovery on the rise, the need to keep current platforms updated becomes important and new technology is developed to help defend against such threats. Major computer manufacturers are adding capabilities to make it easier to update BIOS.\n

Our research has identified multiple vulnerabilities in Dell\'s BiosConnect feature used for remote update and recovery of the operating system. These vulnerabilities are easy to exploit by an adversary in the right position, and are not prevented by protective technologies such as Secured Core PCs, BitLocker, BootGuard, and BIOS Guard.\n

Join us and together we will explore the new attack surfaces introduced by these UEFI firmware update mechanisms -- including a full walk-through of multiple vulnerability findings and the methods we used to create fully working exploits that gain remote code execution within the laptop BIOS and their effects on the operating system.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=qxWfkSonK7M\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Ian%20Coldwater%20Chad%20Rikansrud%20%28Bigendian%20Smalls%29%20-%20The%20Real-Life%20Story%20of%20the%20First%20Mainframe%20Container%20Breakout.mp4\n

\'',NULL,219933),('3_Saturday','10','10:00','10:45','N','DC','','\'Crossover Episode: The Real-Life Story of the First Mainframe Container Breakout\'','\'Chad Rikansrud (Bigendian Smalls),Ian Coldwater\'','DC_763db95dad9c33543d98a6958dd8e78b','\'Title: Crossover Episode: The Real-Life Story of the First Mainframe Container Breakout
\nWhen: Saturday, Aug 7, 10:00 - 10:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\nSpeakers:Chad Rikansrud (Bigendian Smalls),Ian Coldwater
\n
SpeakerBio:Chad Rikansrud (Bigendian Smalls)\n
\nChad is the same, but for mainframes and mainframe security.
\nTwitter: @bigendiansmalls
\n
SpeakerBio:Ian Coldwater\n
\nIan is a leading expert on containers and container security.
\nTwitter: @IanColdwater
\n\n
\nDescription:
\nYou\'ve seen talks about container hacking. You\'ve seen talks about mainframe hacking. But how often do you see them together? IBM decided to put containers on a mainframe, so a container hacker and a mainframe hacker decided to join forces and hack it. We became the first people on the planet to escape a container on a mainframe, and weâ€™re going to show you how.\n

Containers on a mainframe? For real. IBM zCX is a Docker environment running on a custom Linux hypervisor built atop z/OS - IBMâ€™s mainframe operating system. Building this platform introduces mainframe environments to a new generation of cloud-native developers-and introduces new attack surfaces that werenâ€™t there before.\n

In this crossover episode, weâ€™re going to talk about how two people with two very particular sets of skills went about breaking zCX in both directions, escaping containers into the mainframe host and spilling the secrets of the container implementation from the mainframe side.\n

When two very different technologies get combined for the first time, the result is new shells nobodyâ€™s ever popped before.\n

REFERENCES: Getting started with z/OS Container Extensions and Docker: https://www.redbooks.ibm.com/abstracts/sg248457.html\nThe Path Less Traveled: Abusing Kubernetes Defaults: https://www.youtube.com/watch?v=HmoVSmTIOxM\nAttacking and Defending Kubernetes Clusters: A Guided Tour: https://securekubernetes.com\nEvil Mainframe penetration testing course :https://www.evilmainframe.com/\nz/OS Unix System Services (USS): https://www.ibm.com/docs/en/zos/2.1.0?topic=system-basics-zos-unix-file\nz/OS Concepts: https://www.ibm.com/docs/en/zos-basic-skills?topic=zc-zos-operating-system-providing-virtual-environments-since-1960s\nDocker overview: https://docs.docker.com/get-started/overview/\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=7DXF7YDBf-g\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Jiska%20Alexander%20Heinrich%20-%20Wibbly%20Wobbly%2C%20Timey%20Wimey%20-%20Whats%20Really%20Inside%20Apples%20U1%20Chip.mp4\n

\'',NULL,219934),('3_Saturday','11','11:00','11:59','N','DC','','\'Wibbly Wobbly, Timey Wimey â€“ What\'s Really Inside Apple\'s U1 Chip\'','\'Alexander Heinrich,jiska\'','DC_4419a1d2d585fbd6bde7e369b8b71a02','\'Title: Wibbly Wobbly, Timey Wimey â€“ What\'s Really Inside Apple\'s U1 Chip
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Alexander Heinrich,jiska
\n
SpeakerBio:Alexander Heinrich\n
\nAlexander is a security researcher at the Secure Mobile Networking Lab at the Technical University of Darmstadt. Before he joined the university as a researcher he gained a lot of experiences an an app developer on Apple operating systems starting with iOS 5. This deep understanding of the systems naturally resulted in a focus on those systems in his security research. He joined the Secure Mobile Networking Lab 2020 as a PhD student right after his Master Thesis on the security of Appleâ€™s Handoff and Universal Clipboard features. After working with a team of skilled researchers on AirDrop and Appleâ€™s Find My network his focus now shifted to the security and privacy of ultra-wideband and Apple U1 chip.
\nTwitter: @Sn0wfreeze
\n
SpeakerBio:jiska\n
\njiska breaks things.
\nTwitter: @naehrdine
\n\n
\nDescription:
\nApple introduced an Ultra Wideband (UWB) chip in the iPhone 11. Its cryptographically secured spatial measurement capabilities are accessible via the Nearby Interaction framework since iOS 14. As of now, it only supports interaction with other Apple devices including the latest Apple Watch and HomePod mini. These are the first steps to support UWB in a larger ecosystem, as measuring precise distance and direction can be an enabler for various future applications. The automotive industry already announced UWB support for mobile car keys on the iPhone.\n

But whatâ€™s really inside Appleâ€™s U1 chip, internally called Rose? In this talk, we will travel through time, space, firmware and kernel componentsâ€”and fight daemons to modify firmware interaction from user space. This will not only cover one or two, but three firmwares that process or forward each Rose time measurement: The Rose Digital Signal Processor (DSP), Rose Application Processor (AP), and the Always-On Processor (AOP).\n

REFERENCES: There\'s almost nothing known about UWB on the iPhones... So the only reference is this:\nhttps://support.apple.com/guide/security/ultra-wideband-security-sec1e6108efd/web

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=k1H7fiVlTPA\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Chad%20Seaman%20-%20UPnProxyPot%20-%20fake%20the%20funk%2C%20become%20a%20blackhat%20proxy%2C%20MITM%20their%20TLS%2C%20and%20scrape%20the%20wire.mp4\n

\'',NULL,219935),('3_Saturday','11','11:00','11:45','N','DC','','\'UPnProxyPot: fake the funk, become a blackhat proxy, MITM their TLS, and scrape the wire\'','\'Chad Seaman\'','DC_3afc850192b814f12064b5c1e8e261c3','\'Title: UPnProxyPot: fake the funk, become a blackhat proxy, MITM their TLS, and scrape the wire
\nWhen: Saturday, Aug 7, 11:00 - 11:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Chad Seaman\n
\nChad is the SIRT team lead @ Akamai Technologies. He spends his time being an internet dumpster diver and emerging threats researcher focusing on DDoS, malware, botnets, and digital hooliganism in general.
\nhttps://www.linkedin.com/in/that-chad-seaman/
\n\n
\nDescription:
\nUPnP sucks, everybody knows it, especially blackhat proxy operators. UPnProxyPot was developed to MITM these operators to see what they\'re doing with their IoT proxy networks and campaigns. We\'ll cover SSDP, UPnP, UPnProxy research/campaigns as well as cover a new Golang based honeypot, so we can all snoop on them together!\n

REFERENCES: http://www.upnp-hacks.org (OG disclosure)\nhttps://www.youtube.com/watch?v=FU6qX0-GHRU (DEF CON 19 talk I attended)\nhttps://www.akamai.com/us/en/multimedia/documents/white-paper/upnproxy-blackhat-proxies-via-nat-injections-white-paper.pdf (my initial UPnProxy research)\nhttps://blogs.akamai.com/sitr/2018/11/upnproxy-eternalsilence.html (additional UPnProxy campaign researcher, also mine)

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=mHCGNUsrTf0\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Jacob%20Baines%20-%20Bring%20Your%20Own%20Print%20Driver%20Vulnerability.mp4\n

\'',NULL,219936),('3_Saturday','12','12:00','12:59','N','DC','','\'Bring Your Own Print Driver Vulnerability\'','\'Jacob Baines\'','DC_bf573c06e6e832a7854fa8e7ef380cc1','\'Title: Bring Your Own Print Driver Vulnerability
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Jacob Baines\n
\nJacob is a vulnerability researcher at Dragos. He enjoys focusing much of his research time on routers and other embedded devices. Occasionally, he finds himself looking at Windows internals. Sometimes he even finds vulnerabilities.
\n\n
\nDescription:
\nWhat can you do, as an attacker, when you find yourself as a low privileged Windows user with no path to SYSTEM? Install a vulnerable print driver! In this talk, you\'ll learn how to introduce vulnerable print drivers to a fully patched system. Then, using three examples, you\'ll learn how to use the vulnerable drivers to escalate to SYSTEM.\n

REFERENCES: - Yarden Shafir and Alex Ionescu, PrintDemon: Print Spooler Privilege Escalation, Persistence & Stealth (CVE-2020-1048 & more) - https://windows-internals.com/printdemon-cve-2020-1048/\n- voidsec, CVE-2020-1337 â€“ PrintDemon is dead, long live PrintDemon! - https://voidsec.com/cve-2020-1337-printdemon-is-dead-long-live-printdemon/\n- Zhipeng Huo and Chuanda Ding, Evil Printer: How to Hack Windows Machines with Printing Protocol - https://media.defcon.org/DEF CON 28/DEF CON Safe Mode presentations/DEF CON Safe Mode - Zhipeng-Huo and Chuanda-Ding - Evil Printer How to Hack Windows Machines with Printing Protocol.pdf\n- Pentagrid AG, Local Privilege Escalation in many Ricoh Printer Drivers for Windows (CVE-2019-19363) - https://www.pentagrid.ch/en/blog/local-privilege-escalation-in-ricoh-printer-drivers-for-windows-cve-2019-19363/\n- space-r7, Add module for CVE-2019-19363 - https://github.com/rapid7/metasploit-framework/pull/12906\n- Microsoft, Point and Print with Packages - https://docs.microsoft.com/en-us/windows-hardware/drivers/print/point-and-print-with-packages\n- Microsoft, Driver Store - https://docs.microsoft.com/en-us/windows-hardware/drivers/install/driver-store\n- Microsoft, Printer INF Files - https://docs.microsoft.com/en-us/windows-hardware/drivers/print/printer-inf-files\n- Microsoft, Use Group Policy settings to control printers in Active Directory - https://docs.microsoft.com/en-us/troubleshoot/windows-server/printing/use-group-policy-to-control-ad-printer

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=vdesswZYz-8\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Dimitry%20Op%20Nomad%20Snezhkov%20-%20Racketeer%20Toolkit.%20Prototyping%20Controlled%20Ransomware%20Operations.mp4\n

\'',NULL,219937),('3_Saturday','12','12:00','12:20','N','DC','','\'Racketeer Toolkit. Prototyping Controlled Ransomware Operations\'','\'Dimitry \"Op_Nomad\" Snezhkov\'','DC_830893e9dfdbbfd940a8bca3d0e78cc0','\'Title: Racketeer Toolkit. Prototyping Controlled Ransomware Operations
\nWhen: Saturday, Aug 7, 12:00 - 12:20 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Dimitry \"Op_Nomad\" Snezhkov\n
\nDimitry Snezhkov is an Associate Director at Protiviti. In this role he hacks code, tools, networks, apps and sometimes subverts human behavior too. Dimitry has spoken at DEF CON, BlackHat, THOTCON conferences, and presented tools at BlackHat Arsenal.
\nTwitter: @Op_Nomad
\n\n
\nDescription:
\n*** SPECIAL NOTE: Technical difficulties prevented this talk from being shown at the correct time slot on DCTV/Twitch. Please look for another event on the schedule, by the same name; replay is estimated to begin at 19:00 on Track 2 DCTV/Twitch only. You may also watch this talk on-demand, by following the links at the bottom of this message. ***\n

Offensive testing in organizations has shown a tremendous value for simulating controlled attacks. While cyber extortion may be one of the main high ROI end goals for the attacker, surprisingly few tools exist to simulate ransomware operations.\n

Racketeer is one such tool. It is an offensive agent coupled with a C2 base, built to help teams to prototype and exercise a tightly controlled ransomware campaign.\n

We walk through the design considerations and implementation of a ransomware implant which emulates logical steps taken to manage connectivity and asset encryption and decryption capabilities. We showcase flexible and actionable ways to prototype components of fully remote ransomware operation including key and data management, as well as data communication that is used in ransomware campaigns.\n

Racketeer is equipped with practical safeguards for lights out operations, and can address the goals of keeping strict control of data and key management in its deployment, including target containment policy, safe credential management, and implementing operational security in simulated operations.\n

Racketeer can help gain better optics into IoCs, and is helpful in providing detailed logs that can be used to study the behavior and execution artifacts of a ransomware agent.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=VJ8aqReB118\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media Server (Demo 1):
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Vivek%20Nair%2C%20Ph.D.%20-%20Time%20Turner%20-%20Hacking%20RF%20Attendance%20Systems%20%28To%20Be%20in%20Two%20Places%20at%20Once%29-Demo%201.mp4\n

\'',NULL,219938),('3_Saturday','12','12:00','12:20','N','DC','','\'Time Turner - Hacking RF Attendance Systems (To Be in Two Places at Once)\'','\'Vivek Nair\'','DC_6338ea0181ee2c9eda862c242f509aef','\'Title: Time Turner - Hacking RF Attendance Systems (To Be in Two Places at Once)
\nWhen: Saturday, Aug 7, 12:00 - 12:20 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Vivek Nair\n
\nVivek Nair is a Ph.D. student studying applied cryptography in the EECS department at UC Berkeley. He was the youngest-ever recipient of Bachelorâ€™s and Masterâ€™s degrees in Computer Science at the University of Illinois at the ages of 18 and 19 respectively. He is also a National Science Foundation CyberCorps Scholar and a National Physical Science Consortium Fellow.
\nhttps://github.com/VCNinc/Time-Turner
\n\n
\nDescription:
\nIt\'s a tale as old as time: a graduating senior needs two more courses to graduate, but the lectures happen to be scheduled at the same time and the school\'s new high-tech wireless attendance tracking system makes it impossible to attend both courses... in theory. By reverse-engineering the attendance devices and emulating them using a hidden Arduino, the system can be tricked into giving attendance credit for both courses without being physically present. It\'s a real-life \"time turner,\" allowing him to be in two places at once.\n

REFERENCES: https://github.com/wizard97/iSkipper/releases/download/v1.0.0/iskipper.pdf\nhttps://courses.ece.ubc.ca/cpen442/termproject/reports/2010/iclicker.pdf\nhttps://people.ece.cornell.edu/land/courses/ece4760/FinalProjects/f2015/cs886_kdv8/cs886_kdv8/cs886_kdv8/index.html\nhttps://github.com/wizard97/iSkipper\nhttps://github.com/charlescao460/iSkipper-Software

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=wEslemikn48\n

Media Server (Main Talk):
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Vivek%20Nair%2C%20Ph.D.%20-%20Time%20Turner%20-%20Hacking%20RF%20Attendance%20Systems%20%28To%20Be%20in%20Two%20Places%20at%20Once%29.mp4\n

Media Server (Demo 2):
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Vivek%20Nair%2C%20Ph.D.%20-%20Time%20Turner%20-%20Hacking%20RF%20Attendance%20Systems%20%28To%20Be%20in%20Two%20Places%20at%20Once%29-Demo%202.mp4\n

Media Server (Demo 3):
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Vivek%20Nair%2C%20Ph.D.%20-%20Time%20Turner%20-%20Hacking%20RF%20Attendance%20Systems%20%28To%20Be%20in%20Two%20Places%20at%20Once%29-Demo%203.mp4\n

Media Server (Demo 4):
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Vivek%20Nair%2C%20Ph.D.%20-%20Time%20Turner%20-%20Hacking%20RF%20Attendance%20Systems%20%28To%20Be%20in%20Two%20Places%20at%20Once%29-Demo%204.mp4\n

Media Server (Demo 5):
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Vivek%20Nair%2C%20Ph.D.%20-%20Time%20Turner%20-%20Hacking%20RF%20Attendance%20Systems%20%28To%20Be%20in%20Two%20Places%20at%20Once%29-Demo%205.mp4\n

Media Server (Demo 6):
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Vivek%20Nair%2C%20Ph.D.%20-%20Time%20Turner%20-%20Hacking%20RF%20Attendance%20Systems%20%28To%20Be%20in%20Two%20Places%20at%20Once%29-Demo%206.mp4\n

Media Server (Demo 7):
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Vivek%20Nair%2C%20Ph.D.%20-%20Time%20Turner%20-%20Hacking%20RF%20Attendance%20Systems%20%28To%20Be%20in%20Two%20Places%20at%20Once%29-Demo%207.mp4\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Paz%20Hameiri%20-%20TEMPEST%20radio%20station.mp4\n

\'',NULL,219939),('3_Saturday','13','13:00','13:59','N','DC','','\'TEMPEST radio station\'','\'Paz Hameiri\'','DC_7d6edd410fc3719b048dc7eee96f747e','\'Title: TEMPEST radio station
\nWhen: Saturday, Aug 7, 13:00 - 13:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Paz Hameiri\n
\nPaz started his professional life 30 years ago, hacking games and developing tools in his teen years. Since then, he has worked in several companies, developing both hardware and software.\n

Paz has six years of experience with telecommunication systems design and circuits. He explored GPU hardware and software design in his Master\'s thesis. For 12 years, Paz led multidisciplinary systems development as a systems engineer in an international homeland security company.\n

At home, Paz explores ideas he finds interesting. In 2019 he published his work on a body-tracking device that records keystrokes on a safe\'s keypad.\n

\nhttps://il.linkedin.com/in/paz-hameiri-251b11143
\n\n
\nDescription:
\nTEMPEST is a cyber security term that refers to the use of electromagnetic energy emissions generated by electronic devices to leak data out of a target device. The attacks may be passive (where the attacker receives the emissions and recovers the data) or active (where the attacker uses dedicated malware to target and emit specific data).\n

In this talk I present a new side channel attack that uses GPU memory transfers to emit electromagnetic waves which are then received and processed by the attacker. Software developed for this work encodes audio on one computer and transmits it to the reception equipment positioned fifty feet away. The signals are received and processed and the audio is decoded and played. The maximum bit rate achieved was 33kbit/s and more than 99% of the packets were received.\n

Frequency selection not only enables maximization of signal quality over distance, but also enables the attacker to receive signals from a specific computer when several computers in the area are active. The software developed demonstrates audio packets transfers, but other types of digital data may be transmitted using the same technique.\n

REFERENCES: Eck W. â€œElectromagnetic radiation from video display units: an eavesdropping risk?â€ Computers and Security, 4, no. 4: 269-286, 1985.\nKuhn, M. G., and Anderson, R. J. Soft. â€œTempest: Hidden Data Transmission Using Electromagnetic Emanations.â€ In Information Hiding (1998), ed. D. Aucsmith, vol. 1525 of Lecture Notes in Computer Science, (Springer): 124â€“142.\nThiele, E., â€œTempest for Eliza.â€ 2001. http://www.erikyyy.de/tempest/.\nKania B., â€œVGASIG: FM radio transmitter using VGA graphics card.â€ 2009. http://bk.gnarf.org/creativity/vgasig/vgasig.pdf.\nGuri M., Kedma G., Kachlon A., Elovici Y. â€œAirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies.â€ In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on IEEE, 2014: 58-67.\n2pkaqwtuqm2q7djg,\"OVERCLOCKING TOOLS FOR NVIDIA GPUS SUCK, I MADE MY OWN\". 2015. https://1vwjbxf1wko0yhnr.wordpress.com/2015/08/10/overclocking-tools-for-nvidia-gpus-suck-i-made-my-own/\nnvapioc project: https://github.com/Demion/nvapioc\nSDRplay API Specification v3, https://www.sdrplay.com/docs/SDRplay_API_Specification_v3.pdf\nSimon Rockliff\'s Reed-Solomon encoding-decoding code at http://www.eccpage.com/rs.c

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=m9WkEwshNKc\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Ionut%20Cernica%20-%20Hack%20the%20hackers-%20Leaking%20data%20over%20SSL-TLS.mp4\n

\'',NULL,219940),('3_Saturday','12','12:30','12:50','N','DC','','\'Hack the hackers: Leaking data over SSL/TLS\'','\'Ionut Cernica\'','DC_168b4d2703fee85305c11c6a32cdebc6','\'Title: Hack the hackers: Leaking data over SSL/TLS
\nWhen: Saturday, Aug 7, 12:30 - 12:50 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Ionut Cernica\n
\nIonut Cernica started his security career with the bug bounty program from Facebook. His passion for security led him to get involved in dozens of such programs and he found problems in very large companies such as Google, Microsoft, Yahoo, AT&T, eBay, VMware. He has also been testing web application security for 9 years and has had a large number of projects on the penetration testing side.\n

Another stage of his career was to get involved in security contests and participated in more than 100 such contests. He also reached important finals such as Codegate, Trend Micro and Defcon with the PwnThyBytes team. He also won several individual competitions, including the mini CTF from the first edition of Appsec village - Defcon village.\n

Now he is doing research in the field of web application security, being also a PhD student at University Polytechnic of Bucharest. Through his research he wants to innovate in the field and to bring a new layer of security to web applications. He has also been working as a Security Researcher @Future Networks 5G Lab for a few months now and hopes to make an important contribution to the 5G security area through research.\n

\nTwitter: @CernicaIonut
\n\n
\nDescription:
\nHave you considered that in certain situations the way hackers exploit vulnerabilities over the network can be predictable? Anyone with access to encrypted traffic can reverse the logic behind the exploit and thus obtain the same data as the exploit.\n

Various automated tools have been analyzed and it has been found that these tools operate in an unsafe way. Various exploit databases were analyzed and we learned that some of these are written in an insecure (predictable) way.\n

This presentation will showcase the results of the research, including examples of exploits that once executed can be harmful. The data we obtain after exploitation can be accessible to other entities without the need of decrypting the traffic. The SSL/TLS specs will not change. There is a clear reason for that and in this presentation I will argue this, but what will change for sure is the way hackers will write some of the exploits.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=WNXEuFaRUkU\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Shir%20Tamari%20Ami%20Luttwak%20-%20A%20new%20class%20of%20DNS%20vulnerabilities%20affecting%20many%20DNS-as-Service%20platforms.mp4\n

\'',NULL,219941),('3_Saturday','12','12:30','12:50','N','DC','','\'A new class of DNS vulnerabilities affecting many DNS-as-Service platforms\'','\'Ami Luttwak,Shir Tamari\'','DC_1afef07409f8d27fa985747aa0072867','\'Title: A new class of DNS vulnerabilities affecting many DNS-as-Service platforms
\nWhen: Saturday, Aug 7, 12:30 - 12:50 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\nSpeakers:Ami Luttwak,Shir Tamari
\n
SpeakerBio:Ami Luttwak\n
\nAmi Luttwak is a serial entrepreneur, an experienced cyber security CTO and a hacker by heart. Mainly interested in cloud security and cloud exploits, understanding how the cloud is built to uncover its weaknesses. Currently CTO of Wiz, the fastest growing unicorn in cloud security, prior to that led research as CTO of Microsoft cloud security and prior to that founded Adallom, a pioneering cloud security startup acquired by Microsoft in 2015.
\nTwitter: @amiluttwak
\n
SpeakerBio:Shir Tamari\n
\nShir Tamari is a security and technology researcher, specializing in vulnerability research and practical hacking. Works as Head of Research at the cloud security company Wiz. In the past, he served in the Israeli intelligence unit, and in recent years has led a variety of research and security products in the industry. Shir\'s interests include Android, Linux Kernel, Web hacking and Blockchain.
\nTwitter: @shirtamari
\n\n
\nDescription:
\nWe present a novel class of DNS vulnerabilities that affects multiple DNS-as-a-Service (DNSaaS) providers. The vulnerabilities have been proven and successfully exploited on three major cloud providers including AWS Route 53 and may affect many others. Successful exploitation of the vulnerabilities may allow exfiltration of sensitive information from service customers\' corporate networks. The leaked information contains internal and external IP addresses, computer names, and sometimes NTLM hashes. The number of organizations vulnerable to this weakness is shocking. Over a few hours of DNS sniffing, we received sensitive information carried by DNS update queries from ~1M Windows endpoints from around 15,000 potentially vulnerable companies, including 15 Fortune 500 companies. In some organizations, there were more than 20,000 endpoints that actively leaked their information out of the organization. We will review possible mitigations to this problem and solutions for both DNSaaS providers and managed networks.\n

REFERENCES: I. Microsoft Windows DNS Update algorithm explained - https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-dns-dynamic-updates-windows-server-2003\nII. An excellent blog post by Matthew Bryant on hijacking DNS Updates abusing a dangling domain issue on Guatemala State\'s Top Level Domain - https://thehackerblog.com/hacking-guatemalas-dns-spying-on-active-directory-users-by-exploiting-a-tld-misconfiguration/

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=72uzIZPyVjI\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Salvador%20Mendoza%20-%20PINATA-%20PIN%20Automatic%20Try%20Attack.mp4\n

\'',NULL,219942),('3_Saturday','13','13:00','13:45','N','DC','','\'PINATA: PIN Automatic Try Attack\'','\'Salvador Mendoza\'','DC_5a7444aef7b9b515fc32f0168b129706','\'Title: PINATA: PIN Automatic Try Attack
\nWhen: Saturday, Aug 7, 13:00 - 13:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Salvador Mendoza\n
\nSalvador Mendoza is a Metabase Q security researcher and member of the Ocelot Offensive Security Team.\n

Salvador focuses on tokenization processes, payment systems, mag-stripe information and embedded prototypes. He has presented on tokenization flaws and payment methods in different conferences such as Black Hat USA, DEF CON, HITB, Troopers and many others. Also, Salvador designed different tools to pentest mag-stripe information and tokenization processes.\n

Author of â€œShow me the (e-) money Hacking a sistemas de pagos digitales: NFC. RFID, MST y Chips EMVâ€œ. A Spanish-written book with a collection of different attacks against payment systems.\n

\nTwitter: @Netxing
\nsalmg.net
\n\n
\nDescription:
\nA brute force attack is a trial-and-error method used to obtain information such as user passwords or personal identification numbers (PINs). This attack methodology should be impossible to apply to the actual secured EMV bank cards. In this talk, we will analyze how an inadequate implementation could rely on an extreme and sophisticated PIN brute force attack against 10,000 combinations from 4 digit PIN that could affect millions of contact EMV cards.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=VOIvEqjJNOY\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

https://www.youtube.com/channel/UCzZK3vjJL9rKNPXNoCPFO5g/videos\n

\'',NULL,219943),('3_Saturday','13','13:00','13:45','N','DC','','\'Defeating Physical Intrusion Detection Alarm Wires\'','\'Bill Graydon\'','DC_ec463ac0e23addec795a9eb7e10718e6','\'Title: Defeating Physical Intrusion Detection Alarm Wires
\nWhen: Saturday, Aug 7, 13:00 - 13:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Bill Graydon\n
\nBill Graydon is a principal researcher at GGR Security, where he hacks everything from locks and alarms to critical infrastructure; this has given him some very fine-tuned skills for breaking stuff. Heâ€™s passionate about advancing the security field through research, teaching numerous courses, giving talks, and running DEF CONâ€™s Lock Bypass Village. Heâ€™s received various degrees in computer engineering, security, and forensics and comes from a broad background of work experience in cyber security, software development, anti-money laundering, and infectious disease detection.\n

\nTwitter: @access_ctrl
\nhttps://github.com/bgraydon
\n\n
\nDescription:
\nAlarm systems are ubiquitous - no longer the realm of banks and vaults only, many people now have them in their homes or workplaces. But how do they work? And the logical follow-up question - how can they be hacked? \n

This talk focuses on the communication lines in physical intrusion detection systems: how they are secured, and what vulnerabilities exist. Weâ€™ll discuss the logic implemented in the controllers and protections on the communication lines including end of line resistors - and all the ways that this aspect of the system can be exploited.\n

In particular, weâ€™ll release schematics for a tool weâ€™ve developed that will enable measuring end-of-line resistor systems covertly, determining the necessary re-wiring to defeat the sensors, and deploy it without setting off the alarm. \n

After the talk, you can head over to the Lock Bypass Village to try these techniques out for yourself!\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=Liz9R_QxSgk\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Bill%20Graydon%20-%20Defeating%20Physical%20Intrusion%20Detection%20Alarm%20Wires.mp4\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Claire%20Vacherot%20-%20Sneak%20into%20buildings%20with%20KNXnetIP.mp4\n

\'',NULL,219944),('3_Saturday','14','14:00','14:59','N','DC','','\'Sneak into buildings with KNXnet/IP\'','\'Claire Vacherot\'','DC_cb97acd1c2dd0aaf77d4186d5933faa6','\'Title: Sneak into buildings with KNXnet/IP
\nWhen: Saturday, Aug 7, 14:00 - 14:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Claire Vacherot\n
\nClaire Vacherot is a pentester at Orange Cyberdefense. She likes to test systems and devices that interact with the real world and is particularly interested in industrial and embedded device cybersecurity. As a former software developer, she never misses a chance to write scripts and tools.
\n\n
\nDescription:
\nBuilding Management Systems control a myriad of devices such as lighting, shutters and HVAC. KNX (and by extension KNXnet/IP) is a common protocol used to interact with these BMS. However, the public\'s understanding and awareness is lacking, and effective tooling is scarce all while the BMS device market keeps on growing.\n

The ability to craft arbitrary KNXnet/IP frames to interact with these often-insecure BMS provides an excellent opportunity in uncovering vulnerabilities in both the implementation of KNX as well as the protocol itself. From unpacking KNX at a lower level, to using a Python-based protocol crafting framework we developed to interact with KNXnet/IP implementations, in this talk weâ€™ll go on a journey of discovering how BMS that implement KNXnet/IP work as well as how to interact with and fuzz them.\n

After this talk you could also claim that â€œthe pool on the roof has a leakâ€!\n

REFERENCES: KNX Standard v2.1\nhttps://my.knx.org/fr/shop/knx-specifications?product_type=knx-specifications\nScapy\nhttps://github.com/secdev/scapy\nKNXmap\nhttps://github.com/takeshixx/knxmap\nPapers & talks:\nin)security in building automation how to create dark buildings with light speed\nThomas Brandstetter and Kerstin Reisinger\nPresented at BlackHat USA 2017\nhttps://www.blackhat.com/docs/us-17/wednesday/us-17-Brandstetter-insecurity-In-Building-Automation-How-To-Create-Dark-Buildings-With-Light-Speed-wp.pdf\nHacking Intelligent Building - Pwning KNX & ZigBee Networks\nHuiYu Wu and YuXiang Li (Tencent)\nPresented at HITB Amsterdam 2018\nhttps://conference.hitb.org/hitbsecconf2018ams/materials/D1T2%20-%20YuXiang%20Li,%20HuiYu%20Wu%20&%20Yong%20Yang%20-%20Hacking%20Intelligent%20Buildings%20-%20Pwning%20KNX%20&%20ZigBee%20Networks.pdf\nSecurity in KNX or how to steal a skyscraper\nEgor Litvinov\nPresented at Zero Nights 2015\nhttp://2015.zeronights.org/assets/files/20-Litvinov.pdf\nHVACking: Understanding the Delta Between Security and Reality\nDouglas McKee and Mark Bereza\nPresented at Defcon 27, 2019\nhttps://www.mcafee.com/blogs/other-blogs/mcafee-labs/hvacking-understanding-the-delta-between-security-and-reality/\nAnomaly Detection in BACnet/IP managed Building Automation Systems\nMatthew Peacock â€“ 2019\nhttps://ro.ecu.edu.au/cgi/viewcontent.cgi?article=3180&context=theses

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=QofeTV39kQE\n

DCTV Channel Map: https://dctv.defcon.org/\n

(Demo)
\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Reza%20Soosahabi%20Chuck%20McAuley%20-%20SPARROW%20-%20A%20Novel%20Covert%20Communication%20Scheme%20Exploiting%20Broadcast%20Signals%20in%20LTE%2C%205G%20%26%20Beyond%20-%20Demo.mp4\n

\'',NULL,219945),('3_Saturday','14','14:00','14:45','N','DC','','\'SPARROW: A Novel Covert Communication Scheme Exploiting Broadcast Signals in LTE, 5G & Beyond\'','\'Chuck McAuley,Reza Soosahabi\'','DC_c3fc8d8a3c33d9066ae71a1d7d351207','\'Title: SPARROW: A Novel Covert Communication Scheme Exploiting Broadcast Signals in LTE, 5G & Beyond
\nWhen: Saturday, Aug 7, 14:00 - 14:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\nSpeakers:Chuck McAuley,Reza Soosahabi
\n
SpeakerBio:Chuck McAuley\n
\nChuck McAuley is a principal security researcher with the Application & Threat Intelligence Research Center (ATIRC) at Keysight Technologies. Chuck has a variety of interests that include 5G and LTE packet core vulnerabilities, reverse engineering botnets, finding novel forms of denial of service, and researching weird esoteric protocols for weaknesses and vulnerabilities
\nTwitter: @nobletrout
\n
SpeakerBio:Reza Soosahabi\n
\nReza Soosahabi is a lead R&D engineer with Application & Threat Intelligence Research Center (ATIRC) at Keysight Technologies. His current field of research includes RAN security, data exfiltration and ML / statistical algorithms. He has been a 5G system engineer prior to joining Keysight in 2018. He contributes in IEEE proceedings related to signal processing and information security. As a math-enthusiast, Reza often tries unconventional analytical approaches to discover and solve technically diverse problems. He also enjoys cutting boxes with Occamâ€™s Razor and encourages the others around him to do so.
\nTwitter: @darthsohos
\nhttps://scholar.google.com/citations?user=SNFxK60AAAAJ&hl=en
\n\n
\nDescription:
\nWhen researching methods for covert communications in the wireless space, we noticed most hackers are barely looking below the IP layer, and even the wireless guys are focused on creating their own radio (PHY layer) solutions rather than looking at whatâ€™s already available to them. We discovered a sweet spot that takes advantage of MAC layer protocols in LTE and 5G, enabling long range communication using other peopleâ€™s networks, GSMA CVD-2021-0045. We can use SPARROW devices almost everywhere in a variety of scenarios, such as data exfiltration and command and control. Despite limited data rates, the new scheme can defeat known covert communication schemes with dedicated PHY in the following ways:\n

Maximum Anonymity: SPARROW devices do not authenticate with the host network while operating. This eliminates their exposure to network security and lawful intercept systems as well as spectrum scanners. Utilizing limited resources, they cause very minimal impact on the host network services.\n
More Miles per Watt: SPARROW devices can be several miles apart exploiting broadcast power of base stations or non-terrestrial technologies. The range can be further extended by deploying several of them in a geographically sparse mesh network.\n
Low Power & Low Complexity: SPARROW devices can utilize existing protocol implementation libraries installed on commodity SDRs. They can operate on batteries or harvest energy from the environment for long durations, just like real sparrows!
\n
REFERENCES
\n
There are no direct references of prior study that I (Reza) have (aside from general knowledge of 5G standard and RF), however the following talks and items led me towards this discovery:\n
\n
DEF CON Safe Mode - James Pavur - Whispers Among the Stars - https://www.youtube.com/watch?v=ku0Q_Wey4K0\n
DNS Data Exfiltration techniques\n
My boss buying me a 5G base station emulator and saying \"find something wrong with this!\"

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=oaLIo9HwW-g\n

Media: (Main Talk)\nhttps://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Reza%20Soosahabi%20Chuck%20McAuley%20-%20SPARROW%20-%20A%20Novel%20Covert%20Communication%20Scheme%20Exploiting%20Broadcast%20Signals%20in%20LTE%2C%205G%20%26%20Beyond.mp4

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Seth%20Kintigh%20-%20Over-the-air%20remote%20code%20execution%20on%20the%20DEF%20CON%2027%20badge%20via%20Near%20Field%20Magnetic%20Inductance.mp4\n

\'',NULL,219946),('3_Saturday','14','14:00','14:45','N','DC','','\'Over-the-air remote code execution on the DEF CON 27 badge via Near Field Magnetic Inductance or Worldâ€™s first NFMI exploitation, sorta or OTARCEDC27NFMIOMGWTFBBQ\'','\'Seth Kintigh\'','DC_6a7965f93e3f483b74fe21a64d04cb8d','\'Title: Over-the-air remote code execution on the DEF CON 27 badge via Near Field Magnetic Inductance or Worldâ€™s first NFMI exploitation, sorta or OTARCEDC27NFMIOMGWTFBBQ
\nWhen: Saturday, Aug 7, 14:00 - 14:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Seth Kintigh\n
\nSeth Kintigh learned to program at age 12 on an IBM PC jr and his grandmother taught him how to crack ciphers. His first hack was to get infinite lives and beat the Atari 2600 game Solaris. He earned a BS EE with minors in CS and physics and a MS EE with concentration in cryptography and information security from WPI. He worked 6 years as a hardware engineer and 17 in security. Hobbies include cracking historical ciphers and restoring a Victorian home
\n\n
\nDescription:
\nThe DEF CON 27 badge employed an obscure form of wireless communication: Near Field Magnetic Inductance (NFMI). The badges were part of a contest and while poking through the firmware for hints I noticed a buffer overflow flaw. All it required to exploit it was an oversized packetâ€¦ via a chip with no datasheet and no documentation on the proprietary protocol. Thus started a 2 year odyssey.\n

I used Software Defined Radio tools to study the signalâ€™s modulations. I built a receiver in GNURadio and Python to convert signals into symbols, symbols obfuscated by a pattern that I had to deduce while only controlling a fraction of the bytes. Data was encoded in those symbols using proprietary convolution for even bits and Trellis Code Modulation for odd bits. I then reversed their bizarre CRC and wrote tools to craft and send packets. Using those tools I chained bugs in 2 chips and remotely crashed the badge. However, limitations in the NFMI protocol made more sophisticated attacks impossible.\n

But after a year and a half invested, I was not about to give up. I soldered leads to middle layer traces, extracted and reverse engineered the NFMI firmware, fixed their protocol, and patched a badge FW to patch the NFMI FW. At long last I achieved what may be the worldâ€™s first, over-the-air, remote code exploit via NFMI.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=sDCIjcUEFj0&\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Matthew%20Bryant%20-%20Hacking%20G%20Suite%20-%20The%20Power%20of%20Dark%20Apps%20Script%20Magic.mp4\n

\'',NULL,219947),('3_Saturday','15','15:00','15:45','N','DC','','\'Hacking G Suite: The Power of Dark Apps Script Magic\'','\'Matthew Bryant\'','DC_ced15ac0a93efc20dc93e3d8de46901b','\'Title: Hacking G Suite: The Power of Dark Apps Script Magic
\nWhen: Saturday, Aug 7, 15:00 - 15:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Matthew Bryant\n
\nmandatory (Mathew Bryant) is a passionate hacker currently leading the red team effort at Snapchat. In his personal time heâ€™s published a variety of tools such as XSS Hunter, CursedChrome, and tarnish. His security research has been recognized in publications such as Forbes, The Washington Post, CBS News, Techcrunch, and The Huffington Post. He has previously presented at Blackhat, RSA, Kiwicon, Derbycon, and Grrcon. Previous gigs include Google, Uber, and Bishop Fox.
\nTwitter: @IAmMandatory
\nhttps://thehackerblog.com
\n\n
\nDescription:
\nYouâ€™ve seen plenty of talks on exploiting, escalating, and exfiltrating the magical world of Google Cloud (GCP), but what about its buttoned-down sibling? This talk delves into the dark art of utilizing Apps Script to exploit G Suite (AKA Google Workspace).\n

As a studious sorcerer, youâ€™ll discover how to pierce even the most fortified G Suite enterprises. Youâ€™ll learn to conjure Apps Script payloads to bypass powerful protective enchantments such as U2F, OAuth app allowlisting, and locked-down enterprise Chromebooks.\n

Our incantations donâ€™t stop at the perimeter, we will also discover novel spells to escalate our internal privileges and bring more G Suite accounts under our control. Once weâ€™ve obtained the access we seek, weâ€™ll learn various curses to persist ourselves whilst keeping a low profile so as to not risk an unwelcome exorcism.\n

You donâ€™t need divination to see that this knowledge just might rival alchemy in value.\n

REFERENCES: No real academic references, this is all original research gleaned from real-world testing and reading documentation.

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=6AsVUS79gLw\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Ian%20Vitek%20-%20Central%20bank%20digital%20currency%2C%20threats%20and%20vulnerabilities.mp4\n

\'',NULL,219948),('3_Saturday','15','15:00','15:45','N','DC','','\'Central bank digital currency, threats and vulnerabilities\'','\'Ian Vitek\'','DC_05ed666ee4b1955e09f80d0e62a97554','\'Title: Central bank digital currency, threats and vulnerabilities
\nWhen: Saturday, Aug 7, 15:00 - 15:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Ian Vitek\n
\nIan Vitek has a background as a pentester but has worked with information security in the Swedish financial sector the last 10 years. Currently working with security of the Swedish retail central bank digital currency prototype at the Riksbank, the Swedish central bank. Interested in web application security, network layer 2 (the writer of macof), DMA attacks and local pin bypass attacks (found some on iPhone).
\n\n
\nDescription:
\nWhat are the threats and vulnerabilities of a retail central bank digital currency (CBDC)? The central bank of Sweden has built a prototype of a retail CBDC system and I will run through the procurement requirements and design and point out where a two-tier CBDC need protection against attacks. The prototype is built on Corda Token SDK and I have during tests found reliable ways to exploit weaknesses in the design. The presentation will focus on the vulnerabilities that can crash the service that handles the tokens and permanently lock tokens rendering tokens and digital wallets useless. The presentation will also go into detail how tokens are validated and how information from all earlier transactions is needed for this. With D3.js and HTML5 I will visualize the token history (backchain) and describe how this can be a problem with GDPR and the Swedish bank secrecy regulation.\n

The presentation will end with a summary of identified threats and weaknesses of a two-tier retail central bank digital currency prototype and how to handle them. The goal of the presentation is to give the attendees insight of the security implications, challenges depending on the design and where an attack can be carried out and everything that cannot be missed when designing a CBDC.\n

REFERENCES: https://www.ingwb.com/media/3024436/solutions-for-the-corda-security-and-privacy-trade-off_-whitepaper.pdf\nhttps://d3js.org/

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=-MK0bn3Ys_M\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Christopher%20Wade%20-%20Breaking%20Secure%20Bootloaders.mp4\n

\'',NULL,219949),('3_Saturday','15','15:00','15:59','N','DC','','\'Breaking Secure Bootloaders\'','\'Christopher Wade\'','DC_9916bcd22073e8fa81e5130165254d0b','\'Title: Breaking Secure Bootloaders
\nWhen: Saturday, Aug 7, 15:00 - 15:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Christopher Wade\n
\nChristopher is a seasoned security researcher and consultant. His main focuses are in reverse engineering hardware, fingerprinting USB vulnerabilities and playing with Software Defined Radios, with his key strength lying in firmware analysis, which he utilizes as part of the hardware testing team at Pen Test Partners.
\nTwitter: @Iskuri1
\nhttps://github.com/Iskuri
\n\n
\nDescription:
\nBootloaders often use signature verification mechanisms in order to protect a device from executing malicious software. This talk aims to outline actionable weaknesses in modern bootloaders which allow attackers to deploy unsigned code, despite these protection mechanisms.\n

In the first phase of this talk, we will discuss exploitation of the bootloaders in modern Android smartphones, demonstrating weaknesses which allow for bypassing bootloader unlocking restrictions, decryption of protected user data, and deployment of malicious software to devices using full disk encryption.\n

In the second phase, we will discuss bootloader weaknesses in the secondary hardware used by smartphones. Using an embedded RF chip as a target, we will demonstrate reverse engineering techniques which identified weaknesses in the signature verification mechanisms of the firmware update protocols used by the bootloader, allowing for deployment of custom firmware to the chip.\n

REFERENCES: Travis Goodspeed - Great Ideas in Reversing the Tytera MD380: https://nullcon.net/website/archives/ppt/goa-16/Great-Ideas-in-Reversing-the-Tytera-MD380-by-Travis-Goodspeed.pdf\nRoee Hay - fastboot oem vuln: Android Bootloader Vulnerabilities in Vendor Customizations: https://www.usenix.org/system/files/conference/woot17/woot17-paper-hay.pdf

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=z4gIxdFfJDg\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Jenko%20Hwong%20-%20New%20Phishing%20Attacks%20Exploiting%20OAuth%20Authentication%20Flows.mp4\n

\'',NULL,219950),('3_Saturday','16','16:00','16:45','N','DC','','\'New Phishing Attacks Exploiting OAuth Authentication Flows\'','\'Jenko Hwong\'','DC_121a964c3b1e19ad79399bbf31dc2d9c','\'Title: New Phishing Attacks Exploiting OAuth Authentication Flows
\nWhen: Saturday, Aug 7, 16:00 - 16:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Jenko Hwong\n
\nJenko Hwong is on the Netskope Threat Research team, focusing on cloud threats/vectors. He\'s spent time in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and windows security.
\nTwitter: @jenkohwong
\n\n
\nDescription:
\nOAuth 2.0 device authentication gives users on limited-input devices like TVs an easier way to authenticate against a cloud website/app by entering a code on a computer/phone. This authentication flow leads to new phishing attacks that:\n- do not need server infrastructure--the login page is served by the authorization provider using their domain and cert\n- do not require a client application--application identities can be reused/spoofed\n- do not require user consent of application permissions\n

Since the phish attacks hijack oauth session tokens, MFA will be ineffective as the attacker does not need to reauthenticate. The ability to defend against these attacks is hindered by limited info and functionality to detect, mitigate, and prevent session token compromise.\n

I\'ll demonstrate these new phishing attacks, access to sensitive user data, and lateral movement.\n

Defensive measures against these phishing attacks will be discussed, specifically the challenges in detection, mitigation, and prevention, and the overall lack of support for managing temporary credentials.\n

Open-source tools have been developed and will be used to demonstrate how users can:\n- self-phish their organizations using these techniques\n- audit security settings that help prevent/mitigate the attacks\n

REFERENCES: 1.0 Evolving Phishing Attacks\n1.1 A Big Catch: Cloud Phishing from Google App Engine and Azure App Service:\nhttps://www.netskope.com/blog/a-big-catch-cloud-phishing-from-google-app-engine-and-azure-app-service\n1.2 Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks:\nhttps://threatpost.com/microsoft-seizes-domains-office-365-phishing-scam/157261/\n1.3 Phishing Attack Hijacks Office 365 Accounts Using OAuth Apps:\nhttps://www.bleepingcomputer.com/news/security/phishing-attack-hijacks-office-365-accounts-using-oauth-apps/\n1.4 Office 365 Phishing Attack Leverages Real-Time Active Directory Validation:\nhttps://threatpost.com/office-365-phishing-attack-leverages-real-time-active-directory-validation/159188/\n1.5 Demonstration - Illicit Consent Grant Attack in Azure AD:\nhttps://www.nixu.com/blog/demonstration-illicit-consent-grant-attack-azure-ad-office-365\nhttps://securecloud.blog/2018/10/02/demonstration-illicit-consent-grant-attack-in-azure-ad-office-365/\n1.6 Detection and Mitigation of Illicit Consent Grant Attacks in Azure AD:\nhttps://www.cloud-architekt.net/detection-and-mitigation-consent-grant-attacks-azuread/\n1.7 HelSec Azure AD write-up: Phishing on Steroids with Azure AD Consent Extractor:\nhttps://securecloud.blog/2019/12/17/helsec-azure-ad-write-up-phishing-on-steroids-with-azure-ad-consent-extractor/ 1.8 Pawn Storm Abuses OAuth In Social Engineering Attack:\nhttps://www.trendmicro.com/en_us/research/17/d/pawn-storm-abuses-open-authentication-advanced-social-engineering-attacks.html

2.0 OAuth Device Code Flow
\n2.1 OAuth 2.0 RFC:
\nhttps://tools.ietf.org/html/rfc6749#page-24\n2.2 OAuth 2.0 for TV and Limited-Input Device Applications:\nhttps://developers.google.com/identity/protocols/oauth2/limited-input-device\n2.3 OAuth 2.0 Scopes for Google APIs:
\nhttps://developers.google.com/identity/protocols/oauth2/scopes\n2.2 Introducing a new phishing technique for compomising Office 365 accounts:\nhttps://o365blog.com/post/phishing/#oauth-consent\n2.3. Office Device Code Phishing:
\nhttps://gist.github.com/Mr-Un1k0d3r/afef5a80cb72dfeaa78d14465fb0d333\n

3.0 Additional OAuth Research Areas
\n3.1 Poor OAuth implementation leaves millions at risk of stolen data:\nhttps://searchsecurity.techtarget.com/news/450402565/Poor-OAuth-implementation-leaves-millions-at-risk-of-stolen-data\n3.2 How did a full access OAuth token get issued to the Pokémon GO app?:\nhttps://searchsecurity.techtarget.com/answer/How-did-a-full-access-OAuth-token-get-issued-to-the-Pokemon-GO-app\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=9slRYvpKHp4\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20hyp3ri0n%20aka%20Alejandro%20Caceres%20Jason%20Hopper%20-%20PunkSPIDER%20and%20IOStation-%20Making%20a%20Mess%20All%20Over%20the%20Internet.mp4\n

\'',NULL,219951),('3_Saturday','16','16:00','16:45','N','DC','','\'PunkSPIDER and IOStation: Making a Mess All Over the Internet\'','\'_hyp3ri0n aka Alejandro Caceres,Jason Hopper\'','DC_4165ef8c81bdb1974dd89c9ae6024f0a','\'Title: PunkSPIDER and IOStation: Making a Mess All Over the Internet
\nWhen: Saturday, Aug 7, 16:00 - 16:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\nSpeakers:_hyp3ri0n aka Alejandro Caceres,Jason Hopper
\n
SpeakerBio:_hyp3ri0n aka Alejandro Caceres\n
\nNo BIO available
\n
SpeakerBio:Jason Hopper\n
\nNo BIO available
\n\n
\nDescription:
\nWe\'ve been getting asked a lot for \"that tool that was like Shodan but for web app vulns.â€ In particular WTF happened to it? Punkspider (formerly known as PunkSPIDER but renamed because none of us could remember where tf the capital letters go) was taken down a couple of years ago due to multiple ToS issues and threats. It was originally funded by DARPA. We werenâ€™t sure in which direction to keep expanding, and it ended up being a nightmare to sustain. We got banned more than a 15 year old with a fake ID trying to get into a bar. It became a pain and hardly sustainable without a lot of investment in time and money. Each time we got banned it meant thousands of dollars and countless hours moving sh** around.\n

Now weâ€™ve solved our problems and completely re-engineered/expanded the system. It is not only far more efficient with real-time distributed computing and checks for way more vulns, we had to take some creative ways through the woods â€“ this presentation covers both the tool itself and the story of the path we had to take to get where it is, spoiler alert: it involves creating our own ISP and data center in Canada and integrating freely available data that anyone can get but most donâ€™t know is available. Come play with us and see what the wild west of the web looks like and listen to our story, itâ€™s fun and full of angry web developers. Weâ€™ll also be releasing at least 10s of thousands of vulnerabilities and will be taking suggestions from the audience on what to search. Fun vulns found get a t-shirt, super fun ones get a hoodie thrown at them.\n

REFERENCES: https://www.youtube.com/watch?v=AbS_EGzkNgI (Shmoo 2013 talk)\nhttps://hadoop.apache.org/\nhttps://aws.amazon.com/kubernetes/\nhttps://www.docker.com/\nhttps://www.python.org/\nhttps://www.apache.org/licenses/LICENSE-2.0\nhttps://kafka.apache.org/\nhttps://owasp.org/www-project-top-ten/

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=DlS_sl4hTWg\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Sagi%20Sheinfeld%20Eyal%20Karni%20Yaron%20Zinar%20-%20Using%20Machine-in-the-Middle%20to%20Attack%20Active%20Directory%20Authentication%20Schemes.mp4\n

\'',NULL,219952),('3_Saturday','16','16:00','16:59','N','DC','','\'Adventures in MitM-land: Using Machine-in-the-Middle to Attack Active Directory Authentication Schemes\'','\'Eyal Karni,Sagi Sheinfeld,Yaron Zinar\'','DC_033140ee46c05b1de2ab02f7941ced4b','\'Title: Adventures in MitM-land: Using Machine-in-the-Middle to Attack Active Directory Authentication Schemes
\nWhen: Saturday, Aug 7, 16:00 - 16:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Eyal Karni,Sagi Sheinfeld,Yaron Zinar
\n
SpeakerBio:Eyal Karni\n
\nEyal Karni is a Sr. Engineer at CrowdStrike working on Identity Protection products (previously Preempt). Eyal spent over 11 years researching cyber security projects. Previously, he served 5 years in an elite unit of the IDF in Cyber Security Research and Development. Eyal is an expert on Windows Internals and has previously found numerous vulnerabilities. Eyal holds a B.Sc in Mathematics and Physics.
\nTwitter: @eyal_karni
\n
SpeakerBio:Sagi Sheinfeld\n
\nSagi Sheinfeld is a Sr. Engineer at CrowdStrike working on Identity Protection products (previously Preempt). Sagi spent over 14 years researching cyber security projects. Previously, he served 8 years in an elite unit of the IDF in Cyber Security Research and Development and in IBM Security. Sagi is an expert on Windows internals. Sagi holds a B.Sc in Computer Science.
\nTwitter: @sagish1233
\n
SpeakerBio:Yaron Zinar\n
\nYaron Zinar is a Sr. Manager at CrowdStrike working on Identity Protection products (previously Preempt). Previously, Yaron spent over 16 years at leading companies such as Google where he held various positions researching and leading big data, machine learning and cyber security projects. Yaron is an expert on Windows Authentication protocols and has previously presented his research at top conferences such as Black Hat and DEFCON. Yaron holds an M.Sc. in Computer Science with focus on statistical analysis.
\nTwitter: @YaronZi
\n\n
\nDescription:
\nOver the years, researchers were able to break many secure protocols using MitM attacks. A common theme in this family of vulnerabilities is the lack of proper validation for any of the communicating parties. We will review previous MitM attacks found on AD authentication protocols and the mitigation strategies previously implemented. We will show that the relay attack technique is not limited to NTLM alone and can be used to attack the newer Kerberos authentication protocol. In addition, we will show several injection attacks compromising client systems. Weâ€™ll show how the lack of validation can lead to devastating issues ranging from authentication bypass to remote code execution on various critical infrastructure systems. However, the issues do not stop on Windows on-premises networks but span to other infrastructure such as domain-joined unix machines, virtualization infrastructure, open-source security audit tools and even cloud directories. The talk will deep-dive into multiple vulnerabilities we have discovered along with several demos. Demos include a MitM attack which allows an attacker to inject user passwords in a hybrid AD environment allowing the attacker to authenticate as any user in the network. We will also show how to use a similar technique to compromise many other IT infrastructure. \n

REFERENCES: https://www.crowdstrike.com/blog/cve-2021-1678-printer-spooler-relay-security-advisory/\nhttps://labs.f-secure.com/archive/practically-exploiting-ms15-014-and-ms15-011/\nhttps://www.securityfocus.com/bid/1616/info

--\n

This talk has been released to the DEF CON Media server.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Dan%20Petro%20-%20You%27re%20Doing%20IoT%20RNG%20-%20Demo.mp4\n

\'',NULL,219953),('3_Saturday','17','17:00','17:45','N','DC','','\'You\'re Doing IoT RNG\'','\'Allan Cecil - dwangoAC,Dan Petro - AltF4\'','DC_ebb0cb04a86ce81763c8098264496867','\'Title: You\'re Doing IoT RNG
\nWhen: Saturday, Aug 7, 17:00 - 17:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\nSpeakers:Allan Cecil - dwangoAC,Dan Petro - AltF4
\n
SpeakerBio:Allan Cecil - dwangoAC\n
\nAllan Cecil (dwangoAC) is a Security Consultant with Bishop Fox and the President of the North Bay Linux Userâ€™s Group. He acts as an ambassador for Tasvideos.org, a website devoted to using emulators to complete video games as quickly as the hardware allows. He participates in Games Done Quick charity speed running marathons using TASBot to entertain viewers with never-before-seen glitches in games.
\nTwitter: @mrtasbot
\n
SpeakerBio:Dan Petro - AltF4\n
\nDan \"AltF4\" Petro is Lead Researcher at Bishop Fox. Dan is widely known for the tools he creates: Eyeballer (a convolutional neural network pentest tool), the Rickmote Controller (a Chromecast-hacking device), Untwister (pseudorandom number generator cracker), and SmashBot (a merciless Smash Bros noob-pwning machine).
\nTwitter: @2600AltF4
\n\n
\nDescription:
\nThink of a random number between \'0\' and infinity. Was your number \'0\'? Seriously? Crap. Well unfortunately, the hardware random number generators (RNG) used by your favorite IoT devices to create encryption keys may not work much better than you when it comes to randomness. In this talk, we\'ll delve into murky design specs, opaque software libraries, and lots of empirical results. We wrote code for many popular IoT SoC platforms to extract gigabytes of data from their hardware RNGs and analyze them. What we found was a systemic minefield of vulnerabilities in almost every platform that could undermine IoT security. Something needs to change in how the Internet of Things does RNG. The vulnerabilities are widespread and the attacks are practical. RNG is bad out there - \"IoT Crypto-pocalypse\" bad.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=Zuqw0-jZh9Y\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Thomas%20Roth%20-%20Hacking%20the%20Apple%20AirTags.mp4\n

\'',NULL,219954),('3_Saturday','17','17:00','17:45','N','DC','','\'Hacking the Apple AirTags\'','\'Thomas Roth\'','DC_1b1f66c7e2b5d811865d07718f710111','\'Title: Hacking the Apple AirTags
\nWhen: Saturday, Aug 7, 17:00 - 17:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Thomas Roth\n
\nThomas Roth, also known as stacksmashing, is a security researcher from Germany with a focus on embedded devices: From hacking payment terminals, crypto wallets, secure processor, the Nintendo Game & Watch, up to Appleâ€™s AirTag he loves to explore embedded & IoT security. On how YouTube channel â€œstacksmashingâ€ he attempts to make reverse-engineering & hardware hacking more accessible.
\nTwitter: @ghidraninja
\nhttps://youtube.com/stacksmashing
\n\n
\nDescription:
\nAppleâ€™s AirTags enable tracking of personal belongings. They are the most recent and cheapest device interacting with the Apple ecosystem. In contrast to other tracking devices, they feature Ultrawide-band precise positioning and leverage almost every other Apple device within the Find My localization network.\n

Less than 10 days after the AirTag release, we bypassed firmware protections by glitching the nRF52 microcontroller. This opens the AirTags for firmware analysis and modification. In this talk, we will explain the initial nRF52 bypass as well as various hacks built on top of this. In particular, AirTags can now act as phishing device by providing malicious links via the NFC interface, be cloned and appear at a completely different location, used without privacy protections that should alert users as tracking protection, act as low-quality microphone by reutilizing the accelerometer, and send arbitrary data via the Find My network. Besides these malicious use cases, AirTags are now a research platform that even allows access to the new Ultrawide-band chip U1.\n

REFERENCES: LimitedResults nRF52 APPROTECT Bypass:\nhttps://limitedresults.com/2020/06/nrf52-debug-resurrection-approtect-bypass/

Positive Securityâ€™s Send My Research for sending arbitrary data via the find my network:\nhttps://positive.security/blog/send-my\n

Colin Oâ€™Flynnâ€™s notes on the AirTag Hardware:\nhttps://github.com/colinoflynn/airtag-re\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=paxErRRsrTU\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Yuhao%20Weng%20Steven%20Seeley%20Zhiniang%20Peng%20-%20don%27t%20Dare%20to%20Exploit%20-%20An%20Attack%20Surface%20Tour%20of%20SharePoint%20Server.mp4\n

\'',NULL,219955),('3_Saturday','17','17:00','17:59','N','DC','','\'Don\'t Dare to Exploit - An Attack Surface Tour of SharePoint Server\'','\'Steven Seeley,Yuhao Weng,Zhiniang Peng\'','DC_f4356549eccffd1d6d5af15d069ec67f','\'Title: Don\'t Dare to Exploit - An Attack Surface Tour of SharePoint Server
\nWhen: Saturday, Aug 7, 17:00 - 17:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Steven Seeley,Yuhao Weng,Zhiniang Peng
\n
SpeakerBio:Steven Seeley\n
\nSteven Seeley (@mr_me) is a member of the 360 Vulcan team and enjoys finding and exploiting bugs. Currently his focus is on web and cloud tech and has over 10 years experiance in offensive security. Steven won the Pwn2Own Miami competition with his team mate Chris Anastasio in early 2020 and has taught several classes in web security including his own, Full Stack Web Attack.
\nTwitter: @steventseeley
\n
SpeakerBio:Yuhao Weng\n
\nYuhao Weng(@cjm00nw) is an security researcher of Sangfor and a ctf player of Kap0k. He has been studying the web for three years and found a lot bugs in Sharepoint, Exchange and so on. Now he is focused on .NET security.
\nTwitter: @cjm00nw
\n
SpeakerBio:Zhiniang Peng\n
\nDr. Zhiniang Peng (@edwardzpeng) is the Principal Security Researcher at Sangfor. His current research areas include applied cryptography, software security and threat hunting. He has more than 10 years of experience in both offensive and defensive security and published much research in both academia and industry.
\nTwitter: @edwardzpeng
\n\n
\nDescription:
\nDue current global issues of 2020, organizations have been forced to make changes in how their business model operates and as such, have opened the doors to remote working. Microsoft SharePoint is one of the most popular and trusted Content Management System\'s (CMS) deployed today. The product is used to share and manage content, internal knowledge with embeded applications to empower teamwork and seamlessly collaborate across an organization for a truly remote experience.\n

After the efforts of countless talented engineers in Microsoft, SharePoint has been deployed in the Microsoft cloud as part of their office 365 offering. This presentation will analyze the security architecture of SharePoint server and how it differs from other popular CMS products. From an offensive point of view, we will also reveal several attack surfaces and mitigations implemented and how those mitigations can be bypassed. Finally we will disclose several high impact vulnerabilities detailing the discovery and exploitation.\n

REFERENCES: 1. http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/\n2. https://docs.microsoft.com/en-us/dotnet/api/system.web.ui.control\n3. https://docs.microsoft.com/en-us/previous-versions/iis/6.0-sdk/ms524602(v=vs.90)\n4. https://www.youtube.com/watch?v=Xfbu-pQ1tIc\n5. https://www.blackhat.com/us-20/briefings/schedule/#room-for-escape-scribbling-outside-the-lines-of-template-security-20292\n6. https://www.spguides.com/sharepoint-csom-tutorial/

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=mVXrl4W1jOU\n

DCTV Channel Map: https://dctv.defcon.org/\n

\'',NULL,219956),('3_Saturday','18','18:00','18:59','N','DC','','\'HACKERS INTO THE UN? Engaging in the cyber discussions on war & peace\'','\'DEF CON Policy Panel\'','DC_a4b952f85e4760693426cc8f93fd4f50','\'Title: HACKERS INTO THE UN? Engaging in the cyber discussions on war & peace
\nWhen: Saturday, Aug 7, 18:00 - 18:59 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Live
\n
SpeakerBio:DEF CON Policy Panel\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This talk will be given live in Track 1, and will be streamed to DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Ben%20Kurtz%20-%20Offensive%20Golang%20Bonanza%20-%20Writing%20Golang%20Malware.mp4\n

\'',NULL,219957),('3_Saturday','18','18:00','18:45','N','DC','','\'Offensive Golang Bonanza: Writing Golang Malware\'','\'Benjamin Kurtz\'','DC_e89025fcedc36734b265217b2f2ba4c6','\'Title: Offensive Golang Bonanza: Writing Golang Malware
\nWhen: Saturday, Aug 7, 18:00 - 18:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Benjamin Kurtz\n, Hacker
\nBen Kurtz is a hacker, a hardware enthusiast, and the host of the Hack the Planet podcast (https://symbolcrash.com/podcast). After his first talk, at DefCon 13, he ditched development and started a long career in security. He has been a pentester for IOActive, head of security for an MMO company, and on the internal pentest team for the Xbox One at Microsoft. Along the way, he volunteered on anti-censorship projects, which resulted in his conversion to Golang and the development of the ratnet project (https://github.com/awgh/ratnet). A few years ago, he co-founded the Binject group to develop core offensive components for Golang-based malware, and Symbol Crash, which focuses on sharing hacker knowledge through trainings for red teams, a free monthly Hardware Hacking workshop in Seattle, and podcasts. He is currently developing a ratnet-based handheld device for mobile encrypted mesh messenging, planned for release next year.
\nTwitter: @symbolcrash1
\nsymbolcrash.com
\n\n
\nDescription:
\nThe past two years have seen the rise of Golang-based malware from its beginnings as a way to win at CCDC and red team engagements to its current use by actual threat actors. This talk will break down why Golang is so useful for malware with a detailed tour through the available components used for exploitation, EDR and NIDS evasion, and post-exploitation, by one of the main authors of the core components. Although focused on the offensive perspective, there will be valuable insights into the challenges in detecting Golang malware. Interested in learning Golang? Interested in writing or detecting malware? This is your invitation into the weird and wonderful world of Golang malware.\n

REFERENCES

List of Golang Security Tools:
\nhttps://github.com/Binject/awesome-go-security\n

C-Sto:
\nhttps://github.com/c-sto/goWMIExec
\nhttps://github.com/C-Sto/BananaPhone
\nhttps://github.com/C-Sto/gosecretsdump\n

capnspacehook: https://github.com/capnspacehook/pandorasbox\nhttps://github.com/capnspacehook/taskmaster

Vyrus / gscript crew:
\nhttps://github.com/gen0cide/gscript
\nhttps://github.com/vyrus001/go-mimikatz\nhttps://github.com/vyrus001/msflib\n

secretsquirrel / Josh Pitts:
\nhttps://github.com/secretsquirrel/the-backdoor-factory\nhttps://github.com/Genetic-Malware/Ebowla\nhttps://github.com/secretsquirrel/SigThief\nhttps://github.com/golang/go/issues/16292\n

malwareunicorn on OSX loading:
\nhttps://malwareunicorn.org/workshops/macos_dylib_injection.html\n

Misc: https://github.com/sassoftware/relic\nhttps://github.com/EgeBalci/sgn\nhttps://github.com/moonD4rk/HackBrowserData\nhttps://github.com/emperorcow/go-netscan\nhttps://github.com/CUCyber/ja3transport\nhttps://github.com/swarley7/padoracle

Command and Control:
\nhttps://github.com/BishopFox/sliver
\nhttps://github.com/DeimosC2/DeimosC2
\nhttps://github.com/t94j0/satellite\n

Obfuscation/RE:
\nhttps://github.com/unixpickle/gobfuscate\nhttps://github.com/mvdan/garble
\nhttps://github.com/goretk/redress\n

Of interest for defense, but breaks Docker & Terraform:\nhttps://github.com/unsecureio/gokiller\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=3RQb05ITSyk\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Tianze%20Ding%20-%20Vulnerability%20Exchange%20-%20One%20Domain%20Account%20For%20More%20Than%20Exchange%20Server%20RCE.mp4\n

\'',NULL,219958),('3_Saturday','18','18:00','18:59','N','DC','','\'Vulnerability Exchange: One Domain Account For More Than Exchange Server RCE\'','\'Tianze Ding\'','DC_73a043a40f9d3959cf900ff9a6a59f23','\'Title: Vulnerability Exchange: One Domain Account For More Than Exchange Server RCE
\nWhen: Saturday, Aug 7, 18:00 - 18:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Tianze Ding\n
\nTianze Ding is a senior security researcher at Tencent Security Xuanwu Lab. His research focuses on web security, active directory security and red teaming. He reported some vulnerabilities to Microsoft, Apple, Google, etc. He has spoken at BlackHat Asia.
\nTwitter: @D1iv3
\n\n
\nDescription:
\nMicrosoft Exchange Server is one of the most famous mail servers in the world. It not only stores a large amount of sensitive corporate information, but also plays an important role in Microsoft Active Directory, so it has become a high-value target for both APT groups and red teams.\n

In the past few months, some high-risk vulnerabilities in Exchange Server have been exposed, which mainly target vulnerable ASP.NET code. But the architecture of Exchange Server is complicated, and its attack surface is not limited to ASP.NET, this talk will analyze and attack Exchange Server from a different perspective.\n

I will share the following two new vulnerabilities I found, as well as the new attack surfaces and how I chained several techniques to successfully exploit them in detail.\n

One of them can result in arbitrary mailbox takeover, attackers can read emails, download attachments, send emails, etc. as any Exchange user.
The other can lead to remote code execution on Exchange Server, attackers can gain local administrator privileges and execute arbitrary commands. Furthermore, there is an interesting point, even if you have applied the latest Exchange Server patches, your Exchange Server may still be compromised by this type of attack.

For red teams, Exchange Server RCE is only the beginning. Usually, there are some high-privileged domain users and groups on Exchange Server, I will also introduce a new method in depth to help you perform lateral movement and even privilege escalation to Domain Admin after achieving Exchange Server RCE.\n

These vulnerabilities have been reported to MSRC and the exploit tools will be released after the talk.\n

References: [1] https://www.zerodayinitiative.com/blog/2018/12/19/an-insincere-form-of-flattery-impersonating-users-on-microsoft-exchange\n[2] https://www.slideshare.net/harmj0y/derbycon-the-unintended-risks-of-trusting-active-directory\n[3] https://docs.microsoft.com/en-us/exchange/client-developer/web-service-reference/ews-operations-in-exchange\n[4] https://github.com/quickbreach/ExchangeRelayX\n[5] https://blog.compass-security.com/2020/05/relaying-ntlm-authentication-over-rpc/\n[6] https://www.crowdstrike.com/blog/cve-2021-1678-printer-spooler-relay-security-advisory/\n[7] https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/425a7c53-c33a-4868-8e5b-2a850d40dc73\n[8] https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/\n[9] https://github.com/SecureAuthCorp/impacket\n[10] https://github.com/gdedrouas/Exchange-AD-Privesc\n[11] https://labs.f-secure.com/tools/sharpgpoabuse/

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=7h38rI8KT30\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Agent%20X%20-%20A%20look%20inside%20security%20at%20the%20New%20York%20Times.mp4\n

\'',NULL,219959),('4_Sunday','10','10:00','10:45','N','DC','','\'A Discussion with Agent X\'','\'Agent X\'','DC_247472077041191db21cf7d76a24f353','\'Title: A Discussion with Agent X
\nWhen: Sunday, Aug 8, 10:00 - 10:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Agent X\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=U2-8MNx8nsg\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

REFERENCES
\nhttps://www.coalfire.com/the-coalfire-blog/august-2018/the-dangers-client-probing-on-palo-alto-firewalls\nhttps://isc.sans.edu/forums/diary/The+Risk+of+Authenticated+Vulnerability+Scans/24942/\nhttps://github.com/SecureAuthCorp/impacket\nhttps://www.rapid7.com/blog/post/2014/10/14/palo-alto-networks-userid-credential-exposure/\nhttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClXHCA0\n

\'',NULL,219960),('4_Sunday','10','10:00','10:59','N','DC','','\'Hi! I\'m DOMAIN\\Steve, please let me access VLAN2\'','\'Justin Perdok\'','DC_e67bd774cfc1c110a81552ebb00ca014','\'Title: Hi! I\'m DOMAIN\\Steve, please let me access VLAN2
\nWhen: Sunday, Aug 8, 10:00 - 10:59 PDT
\nWhere: Track 2 CLOSED; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Justin Perdok\n
\nJustin is a Security Specialist at Orange Cyberdefense. Prior to working in \'The Cybers\' he has worked at multiple MSPs as a jack of all trades with a focus on security and automation. Stuck in his old ways he\'s always trying to learn new things; Followed up by him spending 6 hours automating the \'new thing\' instead of relying on 5 minutes of manual labor.
\nTwitter: @justinperdok
\n\n
\nDescription:
\nBy responding to probing requests made by Palo Alto and SonicWALL firewalls, it\'s possible to apply security policies to arbitrary IPs on the network, allowing access to segmented resources.\n

Segmentation using firewalls is a critical security component for an organization. To scale, many firewall vendors have features that make rule implementation simpler, such as basing effective access on a user identity or workstation posture. Security products that probe client computers often have their credentials abused by either cracking a password hash, or by relaying an authentication attempt elsewhere. Prior work by Esteban Rodriguez and by Xavier Mertens cover this. In this talk I will show a new practical attack on identity-based firewalls to coerce them into applying chosen security policies to arbitrary IPs on a network by spoofing logged in users instead of cracking passwords.\n

Logged on user information is often gathered using the WKST (Workstation Service Remote Protocol) named pipe. By extending Impacket with the ability to respond to these requests, logged on users on a device can be spoofed, and arbitrary firewall rules applied.\n

We will dive into the details of how client probing has historically been a feature that should be avoided while introducing a new practical attack to emphasize that fact.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=lDCoyxIhTN8\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Justin%20Perdok%20-%20Hi%20Im%20DOMAIN%20Steve%2C%20please%20let%20me%20access%20VLAN2.mp4\n

\n
This talk has been pre-recorded and will be released to the DEF CON Media Server, torrents, and YouTube. At the time of this event, it will only be broadcast to DCTV2, in local hotels and on Twitch. This talk is not being presented in Track 2.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Mars%20Cheng%20Selmon%20Yang%20-%20Taking%20Apart%20and%20Taking%20Over%20ICS%20%26%20SCADA%20Ecosystems%20-%20A%20Case%20Study%20of%20Mitsubishi%20Electric.mp4\n

\'',NULL,219961),('4_Sunday','10','10:00','10:59','N','DC','','\'Taking Apart and Taking Over ICS & SCADA Ecosystems: A Case Study of Mitsubishi Electric\'','\'Mars Cheng,Selmon Yang\'','DC_d86645efa7770ed1715f2512db3850dd','\'Title: Taking Apart and Taking Over ICS & SCADA Ecosystems: A Case Study of Mitsubishi Electric
\nWhen: Sunday, Aug 8, 10:00 - 10:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Mars Cheng,Selmon Yang
\n
SpeakerBio:Mars Cheng\n
\nMars Cheng (@marscheng_) is a threat researcher for TXOne Networks, blending a background and experience in both ICS/SCADA and enterprise cybersecurity systems. Mars has directly contributed to more than 10 CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography journals. Before joining TXOne, Mars was a security engineer at the Taiwan National Center for Cyber Security Technology (NCCST). Mars is a frequent speaker and trainer at several international cyber security conferences such as Black Hat Europe, SecTor, FIRST, HITB, ICS Cyber Security Conference Asia and USA, HITCON, SINCON, CYBERSEC, CLOUDSEC and InfoSec Taiwan as well as other conferences and seminars related to the topics of ICS and IoT security. Mars is general coordinator of HITCON (Hacks in Taiwan Conference) 2021 and was vice general coordinator of HITCON 2020.
\nTwitter: @marscheng_
\n
SpeakerBio:Selmon Yang\n
\nSelmon Yang is a Staff Engineer at TXOne Networks. He is responsible for parsing IT/OT Protocol, linux kernel programming, and honeypot development and adjustment. Selmon also spoke at ICS Cyber Security Conference Asia, HITCON, SecTor and HITB.
\n\n
\nDescription:
\nDiversified Industrial Control System (ICS) providers create a variety of ecosystems, which have come to operate silently in the background of our lives. Among these organizations, Mitsubishi Electric ranks among the most prolific. Because the operation of this ecosystem is so widely used in key manufacturing, natural gas supply, oil, water, aviation, railways, chemicals, food and beverages, and construction, it is closely-related to people\'s lives. For this reason, the security of this ecosystem is extraordinarily important.\n

This research will enter the Mitsubishi ecosystemâ€™s communication protocol, using it as a lens with which to deeply explore the differences between itself and other ecosystems. We will show how we successfully uncovered flaws in its identity authentication function, including how to take it over and show that such an attack can cause physical damage in different critical sectors. Weâ€™ll explain how we accomplished this by applying reverse engineering and communication analysis. This flaw allows attackers to take over any asset within the entire series of Mitsubishi PLCs, allowing command of the ecosystem and full control of the relevant sensors. A further complication is that making a fix to the various communication protocols in the ICS/SCADA is extremely difficult. We will also share the various problems we encountered while researching these findings and provide the most workable detection and mitigation strategies for those protocols.\n

REFERENCES
\n[1] https://ladderlogicworld.com/plc-manufacturers/\n[2] https://www.mitsubishielectric.com/fa/products/cnt/plc/pmerit/case.html\n[3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5594\n[4] https://www.mitsubishielectric.com/fa/products/cnt/plc/pmerit/index.html\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=L0w_aE4jRFw\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Babak%20Javadi%20Nick%20Draffen%20Eric%20Bettse%20Anze%20Jensterle%20-%20The%20PACS-man%20Comes%20For%20Us%20All.mp4\n

\'',NULL,219962),('4_Sunday','11','11:00','11:45','N','DC','','\'The PACS-man Comes For Us All: We May Be Vaccinated, but Physical Access Control Still Sucks\'','\'Anze Jensterle,Babak Javadi,Eric Betts,Nick Draffen\'','DC_d70e83cbe218972d652be2a2d39f0f9d','\'Title: The PACS-man Comes For Us All: We May Be Vaccinated, but Physical Access Control Still Sucks
\nWhen: Sunday, Aug 8, 11:00 - 11:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\nSpeakers:Anze Jensterle,Babak Javadi,Eric Betts,Nick Draffen
\n
SpeakerBio:Anze Jensterle\n
\nAnze Jensterle is a Computer Science student by day, professional door opener by night that comes from Slovenia (not Slovakia). Having been involved with InfoSec since he was 17, when he made his first bug bounty, he has continuously been developing his skills in different areas including Web, RFID and Embedded System Security.
\nTwitter: @applejacksec
\n
SpeakerBio:Babak Javadi\n
\nBabak Javadi is the Founder of The CORE Group and Co-Founder of the Red Team Alliance. In 2006 he co-founded of The Open Organisation of Lockpickers, serving as Director for 13 years. As a professional red teamer with over a decade of field experience, Babakâ€™s expertise includes disciplines from high-security mechanical cylinders to alarms and physical access controls.
\nTwitter: @babakjavadi
\n
SpeakerBio:Eric Betts\n
\nEric Betts is an exuberant, passionate, pragmatic software engineer. He is an avid open-source contributor. He likes to buy all the latest gadgets, and then take them apart. His claim to fame is making $10k from Snapchat (without taking his clothes off) for an RCE bug bounty. He responds to \"Bettse\" both online and in-person.
\nTwitter: @aguynamedbettse
\n
SpeakerBio:Nick Draffen\n
\nNick Draffen sometimes gives off a mad scientist vibe, an engineer who dives deep into technology, namely in the area where the physical and digital world meet. By day a security engineer/architect working to secure lab instruments and everything around them, and by night building/breaking things in his lab.
\nTwitter: @tcprst
\n\n
\nDescription:
\nIt\'s 2021. Youâ€™re still here! Youâ€™re vaccinated! You should be happy and carefree! And yetâ€¦the PACS-man still haunts us all. Why should this be? Donâ€™t we have newer, better tech with more bits of encryption and fewer wires? Havenâ€™t the professional sentinels weâ€™ve entrusted with our physical security software-defined ALL THE THINGS and made them better? \n

Nay, these are but fruits of the poisonous physical security tree! Come, fellow hackers and weary travelers, visit with the ghosts of access control and learn of the lies theyâ€™ve laid before us! \n

Come see how false guardians have used BLE slight-of-hand to increase complexity and cost while reducing security and ask that they be paid a tithing for the privilege! Witness young software-defined gladiators do battle in an arena they did not prepare for and falter! \n

Behold as our friendly ghosts of access control forge never-before seen tools to help slay false security prophets!\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=NARJrwX_KFY\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Adam%20Zabrocki%20Alexander%20Matrosov%20-%20Glitching%20RISC-V%20chips%20-%20MTVEC%20corruption%20for%20hardening%20ISA.mp4\n

\'',NULL,219963),('4_Sunday','11','11:00','11:45','N','DC','','\'Glitching RISC-V chips: MTVEC corruption for hardening ISA\'','\'Adam \'pi3\' Zabrocki,Alex Matrosov\'','DC_28e4b97cc49e201c916b3cb82b781935','\'Title: Glitching RISC-V chips: MTVEC corruption for hardening ISA
\nWhen: Sunday, Aug 8, 11:00 - 11:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\nSpeakers:Adam \'pi3\' Zabrocki,Alex Matrosov
\n
SpeakerBio:Adam \'pi3\' Zabrocki\n
\nAdam \'pi3\' Zabrocki is a computer security researcher, pentester and bughunter, currently working as a Principal Offensive Security Researcher at NVIDIA. He is a creator and a developer of Linux Kernel Runtime Guard (LKRG) - his moonlight project defended by Openwall. Among others, he used to work in Microsoft, European Organization for Nuclear Research (CERN), HISPASEC Sistemas (known from the virustotal.com project), Wroclaw Center for Networking and Supercomputing, Cigital. The main area of his research interest is a low-level security (CPU architecture, uCode, FW, hypervisor, kernel, OS).\n

As a hobby, he was a developer in The ERESI Reverse Engineering Software Interface project, a bughunter (discovered vulnerabilities in Hyper-V hypervisor, Intel/NVIDIA vGPU, Linux kernel, OpenSSH, gcc SSP/ProPolice, Apache, Adobe Acrobat Reader, Xpdf, Torque GRID server, FreeBSD, and more) and studied exploitation and mitigation techniques, publishing results of his research in Phrack Magazine.\n

\nTwitter: @Adam_pi3
\nhttp://pi3.com.pl
\n
SpeakerBio:Alex Matrosov\n
\nAlex Matrosov is a well-recognized offensive security researcher. He has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. Alex served as Chief Offensive Security Researcher at Nvidia, Intel Security Center of Excellence (SeCoE), spent more than six years in the Intel Advanced Threat Research team, and was Senior Security Researcher at ESET. Alex has authored and co-authored numerous research papers, and is a frequent speaker at security conferences, including REcon, Zeronigths, Black Hat, DEF CON, and others. Additionally, he is awarded by Hex-Rays for open-source plugin efiXplorer and HexRaysCodeXplorer which has been developed and supported since 2013 by REhint\'s team.
\nTwitter: @matrosov
\nhttps://medium.com/firmware-threat-hunting
\n\n
\nDescription:
\nRISC-V is an open standard instruction set architecture (ISA) provided under open-source licenses that do not require fees to use. ISA is based on established reduced instruction set computer (RISC) principles. RISC-V has features to increase computer speed, while reducing cost and power use.\n

Many industry players like Google, IBM, NVIDIA, Qualcomm, and Samsung are members of the RISC-V Foundation and have long supported RISC-V development. In 2016, NVIDIA unveiled plans to replace the internal microcontrollers of their graphic cards with next-gen RISC-V-based controllers built for upcoming NVIDIA GPUs.\n

NVIDIA\'s Product Security undertook a detailed architectural analysis and research of the RISC-V IP, discovering a potential risk with the ambiguous specification of the Machine Trap Base Address (MTVEC) register. This ambiguity leads to potential fault injection vulnerabilities under physical attack models.\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=iz_Y1lOtX08\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Tamas%20K%20Lengyel%20-%20Fuzzing%20Linux%20with%20Xen.mp4\n

\'',NULL,219964),('4_Sunday','11','11:00','11:59','N','DC','','\'Fuzzing Linux with Xen\'','\'Tamas K Lengyel\'','DC_72816de6722bb88374e08a0903fc5b5f','\'Title: Fuzzing Linux with Xen
\nWhen: Sunday, Aug 8, 11:00 - 11:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Tamas K Lengyel\n
\nTamas works as Senior Security Researcher at Intel. He received his PhD in Computer Science from the University of Connecticut where he built hypervisor-based malware-analysis and collection tools. In his free time he is maintainer of the Xen Project Hypervisor\'s VMI subsystem, LibVMI & the DRAKVUF binary analysis project. He currently serves as the Chief Research Officer at The Honeynet Project, a leading international non-profit organization that coordinates the development of open-source tools to fight against malware. Tamas gave prior talks at conferences such as BlackHat, CCC and Hacktivity.
\nTwitter: @tklengyel
\n\n
\nDescription:
\nLast year we\'ve successfully upstreamed a new feature to Xen that allows high-speed fuzzing of virtual machines (VMs) using VM-forking. Recently through collaboration with the Xen community external monitoring of VMs via Intel(r) Processor Trace has also been upstreamed. Combined with the native Virtual Machine Introspection (VMI) capability Xen now provides a unique platform for fuzzing and binary analysis.\n

To illustrate the power of the platform we\'ll present the details of a real-world fuzzing operation that targeted Linux kernel-modules from an attack-vector that has previously been hard to reach: memory exposed to devices via Direct Memory Access (DMA) for fast I/O. If the input the kernel reads from DMA-exposed memory is malformed or malicious - what could happen?\n

So far we discovered: 9 NULL-pointer dereferences; 3 array index out-of-bound accesses; 2 infinite-loops in IRQ context and 2 instances of tricking the kernel into accessing user-memory but thinking it is kernel memory. The bugs have been in Linux for many years and were found in kernel modules used by millions of devices. All bugs are now fixed upstream.\n

This talk will walk you through how the bugs were found: what process we went through to identify the right code-locations; how we analyzed the kernel source and how we analyzed the runtime of the kernel with Xen to pinpoint the input points that read from DMA. The talk will explain the steps required to attach a debugger through the hypervisor to collect kernel crash logs and how to perform triaging of bugs via VM-fork execution-replay, a novel technique akin to time-travel debugging. Finally, we\'ll close with the release of a new open-source tool to perform full-VM taint analysis using Xen and Intel(r) Processor Trace.\n

REFERENCES: https://github.com/intel/kernel-fuzzer-for-xen-project\nhttps://www.youtube.com/watch?v=3MYo8ctD_aU

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=_dXC_I2ybr4\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Joseph%20Gabay%20-%20DoS-%20Denial%20of%20Shopping%20-%20Analyzing%20and%20Exploiting%20%28Physical%29%20Shopping%20Cart%20Immobilization%20Systems.mp4\n

\'',NULL,219965),('4_Sunday','12','12:00','12:45','N','DC','','\'DoS: Denial of Shopping â€“ Analyzing and Exploiting (Physical) Shopping Cart Immobilization Systems\'','\'Joseph Gabay\'','DC_20d7f1ca59bb5b682cf7aa02e9ac0e3b','\'Title: DoS: Denial of Shopping â€“ Analyzing and Exploiting (Physical) Shopping Cart Immobilization Systems
\nWhen: Sunday, Aug 8, 12:00 - 12:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Joseph Gabay\n
\nJoseph is a robotics engineer in Boston, Massachusetts where he works on a variety of projects ranging from electromechanical designs to embedded systems.\n

His passion lies in further understanding the way the world works and uncovering the small secrets that we encounter in our day to day lives. This project started as an idle curiosity and grew into an opportunity to further explore the complex and deep world of RF communications and embedded systems.\n

Joseph is an avid part of the local maker community, with extensive experience in 3D printing, rapid-fabricobbling, and breaking stuff for fun and profit. Outside of his day job, he enjoys woodworking and metalworking and is constantly collecting new hobbies and interests.\n

\n\n
\nDescription:
\nMany supermarkets and shopping centers have implemented devices that â€œlockâ€ their shopping carts if theyâ€™re taken outside of an approved boundary (e.g, a parking lot). This talk examines some of the technology thatâ€™s used to do this, as well as ways to capture and spoof the control signals to defeat these devices.\n

We will go over the anatomy of remotely lockable shopping cart wheels, their basic theory, and get into how theyâ€™re controlled. Weâ€™ll deconstruct some samples of the lock and unlock signals captured using a homemade antenna and a HackRF, and briefly discuss methods of rebroadcasting them â€“ as well as the challenges inherent to this process.\n

DISCLAIMER
\nThis talk is the result of a personal project.\n

Any views, opinions, or research presented in this talk are personal and belong solely to the presenter. They do not represent or reflect those of any person, institution, or organization that the presenter may or may not be associated with in a professional or personal capacity unless explicitly stated otherwise.\n

REFERENCES\n

The ARRL handbook for radio communications, 2007. Newington, CT: American Radio Relay League, 2006. Print.\n
https://www.tmplab.org/2008/06/18/consumer-b-gone/\n
http://www.woodmann.com/fravia/nola_wheel.htm\n-The wonderful people over at /r/rfelectronics\n-FCC.gov

--\n

This talk has been released to the DEF CON Media server.\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

https://www.linkedin.com/in/roy-davis/\n

\'',NULL,219966),('4_Sunday','12','12:00','12:45','N','DC','','\'No Key? No PIN? No Combo? No Problem! P0wning ATMs For Fun and Profit\'','\'Roy Davis\'','DC_1a985e85ae0d99e9e5adb81f808c59e9','\'Title: No Key? No PIN? No Combo? No Problem! P0wning ATMs For Fun and Profit
\nWhen: Sunday, Aug 8, 12:00 - 12:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Roy Davis\n
\nRoy Davis is a security researcher and engineer with 15 years of pentesting, security research and programming experience. He has worked on security teams at Zoom, Salesforce, Apple, Barclays Bank, and Thomson Reuters. He holds a B.S. degree in Computer Science from Purdue University and an M.S. in Cybersecurity and Digital Forensics from WGU. Roy has presented at several security conferences from 2008 to his most recent talk at the â€œHackerOne Security@â€ conference in San Francisco.\n

\nTwitter: @hack_all_things
\nhttps://www.davisinfosec.com
\n\n
\nDescription:
\nSince the late great Barnaby Jack gave us â€œJack Pottingâ€ in the late 2000s, there have been several talks on ATM network attacks, USB port attacks, and digital locks attacks which apply to several brands of ATM safes. In this session, Iâ€™ll discuss and demonstrate how most of these known attack vectors have been remediated, while several fairly simple attacks against the machine and the safe still remain. Weâ€™ll dive into how ATMs work, the steps I went through to become a â€œlicenced ATM operatorâ€ which enabled my research, and how I identified the vulnerabilities. Iâ€™ll show how, with very little technical expertise and 20 minutes, these attacks lead directly past â€œsecureâ€ and allow attackers to collect a lot more than $200.\n

REFERENCES
\nBarnaby Jack - â€œJackpotting Automated Teller Machinesâ€ - (2010) from DEFCON - https://www.youtube.com/watch?v=FkteGFfvwJ0 \nWeston Hecker - â€œHacking Next-Gen ATM\'s From Capture to Cashoutâ€ - (2016) from DEFCON - https://www.youtube.com/watch?v=1iPAzBcMmqA \nTrey Keown and Brenda So - â€œApplied Cash Eviction through ATM Exploitationâ€ (2020) from DEFCON - https://www.youtube.com/watch?v=dJNLBfPo2V8 \nTriton - â€œTerminal Communications Protocol And Message Format Specificationâ€ (2004) from Complete ATM Services - tinyurl.com/7nf2fdy5\nRocket ATM - â€œHyosung ATM Setup Part 1 - Step by Stepâ€ (2018) from Rocket ATM - https://www.youtube.com/watch?v=abylmrBkOGM&t=3s \nRocket ATM - â€œHyosung ATM Setup Part 2 - Step by Stepâ€ (2018) from Rocket ATM - https://www.youtube.com/watch?v=IM9ZG46fwL8 \nHyosung - â€œNH2600 Service Manual v1.0â€ (2013) From Prineta - https://tinyurl.com/c6jd4hd9 \nHyosung - â€œNH2700 Operator Manual v1.2â€ (2010) From AtmEquipment.com - https://tinyurl.com/rp2cad8 \n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=9cG-JL0LHYw\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Roy%20Davis%20-%20No%20Key-No%20PIN-No%20Combo%20-%20No%20Problem%20P0wning%20ATMs%20For%20Fun%20and%20Profit.mp4\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Laura%20Abbott%20Rick%20Altherr%20-%20Breaking%20TrustZone-M%20-%20Privilege%20Escalation%20on%20LPC55S69.mp4\n

\'',NULL,219967),('4_Sunday','12','12:00','12:59','N','DC','','\'Breaking TrustZone-M: Privilege Escalation on LPC55S69\'','\'Laura Abbott,Rick Altherr\'','DC_9573ec31dbc5938743e4a4542c343a66','\'Title: Breaking TrustZone-M: Privilege Escalation on LPC55S69
\nWhen: Sunday, Aug 8, 12:00 - 12:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Laura Abbott,Rick Altherr
\n
SpeakerBio:Laura Abbott\n
\nLaura Abbott is a software engineer who focuses on low level software. Her background includes Linux kernel development with work in the memory management and security areas as well as ARM enablement.
\nTwitter: @openlabbott
\n
SpeakerBio:Rick Altherr\n
\nRick Altherr has a career ranging from ASICs to UX with a focus on the intersection of hardware and software, especially in server systems. His past work includes USBAnywhere, leading the unification of OpenBMC as a project under Linux Foundation, co-authoring a whitepaper on Googleâ€™s Titan, and reverse engineering Xilinx 7 Series FPGA bitstreams as part of prjxray.
\nTwitter: @kc8apf
\n\n
\nDescription:
\nThe concept of Trusted Execution Environments has been broadly introduced to microcontrollers with ARMâ€™s TrustZone-M. While much experience with TrustZone-A can be applied, architectural differences with ARMv8-M lead to a very different approach to configuration and transitions between secure and non-secure worlds. This talk will deep dive into how TrustZone-M works, where to look for weaknesses in implementations, and a detailed look into NXP LPC55S69â€™s implementation including discovering an undocumented peripheral that leads to a priviledge escalation vulnerability exploitable with TrustedFirmware-M. Finally, NXP PSIRT will be used as a case study in how not to respond to a vulnerability report.\n

REFERENCES: TrustZone technology for the ARMv8-M architecture Version 2.0; ARM; https://developer.arm.com/documentation/100690/0200

Your Peripheral Has Planted Malware -- An Exploit of NXP SOCs Vulnerability; Yuwei Zheng, Shaokun Cao, Yunding Jian, Mingchuang Qin; DEFCON 26; https://media.defcon.org/DEF CON 26/DEF CON 26 presentations/DEFCON-26-Yuwei-Zheng-Shaokun-Cao-Bypass-the-SecureBoot-and-etc-on-NXP-SOCs-Updated.pdf\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=eKKgaGbcq4o\n

DCTV Channel Map: https://dctv.defcon.org/\n

https://livingbeef.blogspot.com/
\nhttps://www.linkedin.com/in/barakolo/
\nhttps://www.barakolo.me\n

\'',NULL,219968),('4_Sunday','13','13:00','13:45','N','DC','','\'Extension-Land: exploits and rootkits in your browser extensions\'','\'Barak Sternberg\'','DC_060aebabef287076b16fe1c285591c4b','\'Title: Extension-Land: exploits and rootkits in your browser extensions
\nWhen: Sunday, Aug 8, 13:00 - 13:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Barak Sternberg\n
\nBarak Sternberg is an Experienced Security Researcher who specializes in Offensive Security. Founder of \"WildPointer\", and previously an author at SentinelLabs (\"Hacking smart devices for fun and profit\", Defcon 2020 IoT Village) and leading innovative cybersecurity research.\n

Barak spent more than six-years at Unit 8200, IDF, as a team leader of 5-10 security researchers. He is highly skilled in offensive cyber-security, from vulnerabilities research in various areas: Linux, IoT, embedded and web-apps to analyzing malware in the wild. Barak is also a CTF\'s addict, posting write-ups and technical vulnerabilty analysis in its blog (livingbeef.blogspot.com). Barak also acquires BSc, MSC (in CS) focused on algorithms from Tel-Aviv University and a DJ certificate from BPM college.\n

\nTwitter: @livingbeef
\n\n
\nDescription:
\nBrowser extensions are installed anywhere, they serve as an integral part of our day-to-day web routine, from AdBlockers to Auto-Translators. But - do we know what is running inside of them? Do we know what goes deep-down inside their communication routines? How do they use their internal APIâ€™s? And how do their different JS execution contexts work?\n

In this session, I will explore these unique internal extension APIâ€™s, hidden attack-surfaces and show how these concepts can be broken & exploited using new ways! I start showing how an attacker can \"jump\" from one low-permissions chrome-app/extension to another, hence elevating its permissions. Then, I will show how to gain full \"browser-persistency\" inside extensions\' background-scripts context.\n

Chaining it all together, I show how attacker, starting from low permissions chrome-app, gains a fully-armed \"extension-rootkit\", a persistent JS-malware running inside of a â€œgoodâ€ extension, along with C&C features, JS injection techniques to any tab/origin, obfuscation-techniques and more. Eventually, I will present a generic technique, targeting all chrome-users, for taking over any previously installed chrome extension and implant an \"extension-rootkit\" in it.\n

REFERENCES: [1] Chrome Developers: Chrome extensions API Reference, https://developer.chrome.com/docs/extensions/reference/\n[2] Chrome Developers: Chrome extensions Manfiest v2/v3 Security References, https://developer.chrome.com/docs/extensions/mv2/getstarted/ & https://developer.chrome.com/docs/extensions/mv3/security/\n[3] \"Websites Can Exploit Browser Extensions to Steal User Data\", 2019 - https://www.securityweek.com/websites-can-exploit-browser-extensions-steal-user-data / https://www-sop.inria.fr/members/Doliere.Some/papers/empoweb.pdf\n[4] \"Web Browser Extension User-Script XSS Vulnerabilities\", 2020 - https://ieeexplore.ieee.org/document/9251185\n[5] \"Detecting DOM-Sourced Cross-Site Scripting in Browser Extensions\", 2017 - https://ieeexplore.ieee.org/document/8094406\n[6] \"Attacking browser extensions\", Nicolas Golubovic, 2016 - https://golubovic.net/thesis/master.pdf\n[7] \"A Combined Static and Dynamic Analysis Approach to Detect Malicious Browser Extensions\", 2018 - https://www.hindawi.com/journals/scn/2018/7087239/\n[8] \"Chrome Extensions: Threat Analysis and Countermeasures\", 2012 - https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.374.8978&rep=rep1&type=pdf\n[9] \"Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies\", Usenix Security 2017 - https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-sanchez-rola.pdf\n[10] \"Protecting Browsers from Extension Vulnerabilities\", 2010 - https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/38394.pdf

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=PpSftQuCEDw\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Barak%20Sternberg%20-%20Extension-Land%20-%20exploits%20and%20rootkits%20in%20your%20browser%20extensions.mp4\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Rion%20Carter%20-%20Why%20does%20my%20security%20camera%20scream%20like%20a%20Banshee-%20Signal%20analysis%20and%20RE%20of%20a%20proprietary%20audio-data%20encoding%20protocol.mp4\n

\'',NULL,219969),('4_Sunday','13','13:00','13:45','N','DC','','\'Why does my security camera scream like a Banshee? Signal analysis and RE of a proprietary audio-data encoding protocol\'','\'Rion Carter\'','DC_90a692eaf1ca0af378801357f127f3f1','\'Title: Why does my security camera scream like a Banshee? Signal analysis and RE of a proprietary audio-data encoding protocol
\nWhen: Sunday, Aug 8, 13:00 - 13:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Rion Carter\n
\nRion likes to solve interesting problems- the more esoteric and niche the better! He has varied interests ranging from software development and reverse-engineering to baking and recipe hacking. Rion currently works in DevSecOps where he and his colleagues wonder how they\'ll be rebranded next (DevSecBizFinOps?). Rumor has it that he bakes a mean batch of fudge brownies.
\n\n
\nDescription:
\nAll I wanted was a camera to monitor my pumpkin patch for pests, what I found was a wireless security camera that spoke with an accent and asked to speak with my fax machine. Join me as I engage in a signals analysis of the Amiccom 1080p Outdoor Security Camera and hack the signal to reverse engineer the audio tones used to communicate and configure this inexpensive outdoor camera. This journey takes us through spectrum-analysis, APK decompiling, tone generation in Android and the use of Ghidra for when things REALLY get hairy.\n

REFERENCES: - JADX: Dex to Java Decompiler - https://github.com/skylot/jadx\n- Efficiency: Reverse Engineering with ghidra - http://wapiflapi.github.io/2019/10/10/efficiency-reverse-engineering-with-ghidra.html\n- Guide to JNI (Java Native Interface) - https://www.baeldung.com/jni\n- JDSP - Digital Signal Processing in Java - https://psambit9791.github.io/jDSP/transforms.html\n- Understanding FFT output - https://stackoverflow.com/questions/6740545/understanding-fft-output\n- Spectral Selection and Editing - Audacity Manual - https://manual.audacityteam.org/man/spectral_selection.html\n- Edit>Labelled Audio>everything greyed out - https://forum.audacityteam.org/viewtopic.php?t=100856\n- Get a spectrum of frequencies from WAV/RIFF using linux command line - https://stackoverflow.com/questions/21756237/get-a-spectrum-of-frequencies-from-wav-riff-using-linux-command-line\n- How to interpret output of FFT and extract frequency information - https://stackoverflow.com/questions/21977748/how-to-interpret-output-of-fft-and-extract-frequency-information?rq=1\n- Calculate Frequency from sound input using FFT - https://stackoverflow.com/questions/16060134/calculate-frequency-from-sound-input-using-fft?rq=1\n- Intorduction - Window Size - https://support.ircam.fr/docs/AudioSculpt/3.0/co/Window%20Size.html\n- Android: Sine Wave Generation - https://stackoverflow.com/questions/11436472/android-sine-wave-generation\n- Android Generate tone of a specific frequency - https://riptutorial.com/android/example/28432/generate-tone-of-a-specific-frequency\n- Android Tone Generator - https://gist.github.com/slightfoot/6330866\n- Android: Audiotrack to play sine wave generates buzzing noise - https://stackoverflow.com/questions/23174228/android-audiotrack-to-play-sine-wave-generates-buzzing-noise

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=JpL3lySZNeM\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Tom%20Van%20Goethem%20Mathy%20Vanhoef%20-%20Timeless%20Timing%20Attacks.mp4\n

\'',NULL,219970),('4_Sunday','13','13:00','13:59','N','DC','','\'Timeless Timing Attacks\'','\'Mathy Vanhoef,Tom Van Goethem\'','DC_e96e608aea46771ff7fd5d0b6eb0f811','\'Title: Timeless Timing Attacks
\nWhen: Sunday, Aug 8, 13:00 - 13:59 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\nSpeakers:Mathy Vanhoef,Tom Van Goethem
\n
SpeakerBio:Mathy Vanhoef\n
\nMathy Vanhoef is a postdoctoral researcher at New York University Abu Dhabi. His research interest lies in computer security with a focus on network and wireless security (e.g. Wi-Fi), software security, and applied cryptography. In these areas Mathy tries to bridge the gap between real-world code and (protocol) standards. He previously discovered the KRACK attack against WPA2, the RC4 NOMORE attack against RC4, and the Dragonblood attack against WPA3.
\nTwitter: @vanhoefm
\n
SpeakerBio:Tom Van Goethem\n
\nTom Van Goethem is a researcher with the DistriNet group at KU Leuven in Belgium, mainly focusing on practical side-channel attacks against web applications and browsers. By exposing flaws that result from the unintended interplay of different components or network layers, Tom aims to bring us closer to a more secure web that we all deserve. He has spoken at various venues such as Black Hat USA and Asia, OWASP Global, and USENIX Security. In his spare time, Tom provides animal sculptures with pink tutus.
\nTwitter: @tomvangoethem
\n\n
\nDescription:
\n25 years ago, the first timing attacks against well-known cryptosystems such as RSA and Diffie-Hellman were introduced. By carefully measuring the execution time of crypto operations, an attacker could infer the bits of the secret. Ever since, timing attacks have frequently resurfaced, leading to many vulnerabilities in various applications and cryptosystems that do not have constant-time execution. As networks became more stable and low-latency, it soon became possible to perform these timing attacks over an Internet connection, potentially putting millions of devices at risk. However, attackers still face the challenge of overcoming the jitter that is incurred on the network path, as it obfuscates the real timing values. Up until now, an adversary would have to collect thousands or millions of measurements to infer a single bit of information.\n

In this presentation, we introduce a conceptually novel way of performing timing attacks that is completely resilient to network jitter. This means that remote timing attacks can now be executed with a performance and accuracy that is similar as if the attack was performed on the local system. With this technique, which leverages coalescing of network packets and request multiplexing, it is possible to detect timing differences as small as 100ns over any Internet connection. We will elaborate on how this technique can be launched against HTTP/2 webservers, Tor onion services, and EAP-pwd, a popular Wi-Fi authentication method.\n

REFERENCES: See page 15 to 17 in our paper for a list of references: https://www.usenix.org/system/files/sec20-van_goethem.pdf

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=s5w4RG7-Y6g\n

DCTV Channel Map: https://dctv.defcon.org/\n

https://linux-sunxi.org/Main_Page\n

\'',NULL,219971),('4_Sunday','14','14:00','14:45','N','DC','','\'Robots with lasers and cameras (but no security): Liberating your vacuum from the cloud\'','\'Dennis Giese\'','DC_ed46b5f5f4fa9bf418f5ee219dab34aa','\'Title: Robots with lasers and cameras (but no security): Liberating your vacuum from the cloud
\nWhen: Sunday, Aug 8, 14:00 - 14:45 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Dennis Giese\n
\nDennis is a PhD student and a cybersecurity researcher at Northeastern University. He was a member of one european ISP\'s CERT for several years.\n

While being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kinds of devices.\n

His most known projects are the rooting and hacking of various vacuum robots\n

\nTwitter: @dgi_DE
\nhttps://dontvacuum.me
\n\n
\nDescription:
\nVacuum robots are becoming increasingly popular and affordable as their technology grows ever more advanced, including sensors like lasers and cameras. It is easy to imagine interesting new projects to exploit these capabilities. However, all of them rely on sending data to the cloud. Do you trust the companies promise that no video streams are uploaded to the cloud and that your personal data is safe? Why not collect the dust with open-source software?\n

I previously showed ways to root robots such as Roborock and Xiaomi, which enabled owners to use their devices safely with open-source home automation. In response, vendors began locking down their devices with technologies like Secure Boot, SELinux, LUKS encrypted partitions and custom crypto that prevents gaining control over our own devices. This talk will update my newest methods for rooting these devices.\n

The market of vacuum robots expanded in the past 2 years. In particular, the Dreame company has recently released many models with interesting hardware, like ToF cameras and line lasers. This can be a nice alternative for rooting. I will show easy ways to get root access on these devices and bypass all security. I will also discuss backdoors and security issues I discovered from analysis. You will be surprised what the developers left in the firmware.\n

REFERENCES: Unleash your smart-home devices: Vacuum Cleaning Robot Hacking (34C3)\nhttps://dontvacuum.me/talks/34c3-2017/34c3.html

Having fun with IoT: Reverse Engineering and Hacking of Xiaomi IoT Devices\nhttps://dontvacuum.me/talks/DEFCON26/DEFCON26-Having_fun_with_IoT-Xiaomi.html\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=EWqFxQpRbv8\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Dennis%20Giese%20-%20Robots%20with%20lasers%20and%20cameras%20but%20no%20security%20-%20Liberating%20your%20vacuum%20from%20the%20cloud.mp4\n

\n
This talk will be given live in Track 1.\n

This talk has also been pre-recorded and will be broadcast on DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Richard%20Henderson%20-%20Old%20MacDonald%20Had%20a%20Barcode%2C%20E-I-E-I%20CAR.mp4\n

\'',NULL,219972),('4_Sunday','14','14:00','14:45','N','DC','','\'Old MacDonald Had a Barcode, E-I-E-I CAR\'','\'Richard Henderson\'','DC_a9c9c7b4518ad20eda735424957008b5','\'Title: Old MacDonald Had a Barcode, E-I-E-I CAR
\nWhen: Sunday, Aug 8, 14:00 - 14:45 PDT
\nWhere: Track 2 Live; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Richard Henderson\n
\nRichard Henderson is a writer, researcher, and ham radio/electronics nerd who has worked in infosec and technology for almost two decades. Richard has taught multiple times at DEF CON and leads the annual DEF CON Ham Radio Fox Hunt Contest. Richard is currently co-authoring a book on cybersecurity for ICS/Scada systems.
\nTwitter: @richsentme
\n\n
\nDescription:
\nFor decades, the EICAR test string has been used by antivirus and security vendors to safely test their detection engines without having to use live virulent samples which could cause harm. What would happen if you took that string, encoded it into a machine readable format like a QR code and started scanning various devices with the QR code? This talk shows how there are a lot of systems out there that aren\'t expecting an input string like EICAR and how many of them just collapse when shown the code. We will also discuss the types of systems you can target and how you may be able to extend this to more than a nuisance attack.\n

REFERENCES: EICAR test string: https://www.eicar.org/?page_id=3950\nEICAR wikipedia entry: https://en.wikipedia.org/wiki/EICAR_test_file\nQR codes: https://en.wikipedia.org/wiki/QR_code\nRisks surrounding QR codes: https://en.wikipedia.org/wiki/QR_code#Risks

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=cIcbAMO6sxo\n

\n
This talk will be given live in Track 2.\n

This talk has also been pre-recorded and will be broadcast on DCTV2, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Jeff%20Dileo%20-%20Instrument%20and%20Find%20Out%20-%20Writing%20Parasitic%20Tracers%20for%20High%20Level%20Languages.mp4\n

\'',NULL,219973),('4_Sunday','14','14:00','14:20','N','DC','','\'Instrument and Find Out: Writing Parasitic Tracers for High(-Level) Languages\'','\'Jeff Dileo\'','DC_0691ab4168e865ac17dcf85ed843d4ee','\'Title: Instrument and Find Out: Writing Parasitic Tracers for High(-Level) Languages
\nWhen: Sunday, Aug 8, 14:00 - 14:20 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Jeff Dileo\n
\nJeff Dileo (chaosdata) is a security consultant by day, and sometimes by night. He hacks on embedded systems, mobile apps and devices, web apps, and complicated things that don\'t have names. He likes candy and arguing about text editors and window managers he doesn\'t actually use.
\nTwitter: @chaosdatumz
\n\n
\nDescription:
\nModern programming languages are, more and more, being designed not just around performance, ease-of-use, and (sometimes) security, but also performance monitoring and introspectability. But what about the languages that never adopted such concepts from their peers? Or worse, what about the languages that tacked on half-hearted implementations as an afterthought? The answer is simple, you write your own and instrument them into the language dynamically.\n

In this talk, we will discuss the process for developing generalized parasitic tracers targeting specific programming languages and runtimes using Ruby as our case study. We will show how feasible it is to write external tracers targeting a language and its runtime, and discuss best practices for supporting different versions over time.\n

REFERENCES: * https://github.com/ruby/ruby\n* https://frida.re/docs/javascript-api/

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=Iy1BNywebpY\n

DCTV Channel Map: https://dctv.defcon.org/\n

Media: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20video%20and%20slides/DEF%20CON%2029%20-%20Sick%20Codes%20-%20The%20Agricultural%20Data%20Arms%20Race%20-%20Exploiting%20a%20Tractor%20Load%20of%20Vulnerabilities%20In%20The%20Global%20Food%20Supply%20Chain.mp4\n

\'',NULL,219974),('4_Sunday','14','14:30','14:50','N','DC','','\'The Agricultural Data Arms Race: Exploiting a Tractor Load of Vulnerabilities In The Global Food Supply Chain\'','\'Sick Codes\'','DC_fbc2ff51a617688acb8b43d585350a22','\'Title: The Agricultural Data Arms Race: Exploiting a Tractor Load of Vulnerabilities In The Global Food Supply Chain
\nWhen: Sunday, Aug 8, 14:30 - 14:50 PDT
\nWhere: DCTV/Twitch #3 Pre-Recorded
\n
SpeakerBio:Sick Codes\n
\nSick Codes maintains popular open source projects, publishes high-profile security vulnerabilities in good faith, and administers his namesake https://sick.codes, a security research and tutorial resource for developers. Sick Codes\' work coordinating communication across many companies, foundations, and other open source organisations was invaluable in getting these vulnerabilities patched and responsibly disclosed.\n

@sickcodes
\nhttps://github.com/sickcodes
\nhttps://www.linkedin.com/in/sickcodes/
\nhttps://sick.codes\n

\nTwitter: @sickcodes
\nhttps://sick.codes
\n\n
\nDescription:
\nHow I hacked the entire American Food Supply Chain over the course of 3 months, assembled a team of hacker strangers, and how we used a \"full house\" of exploits on almost every aspect of the agriculture industry. See the process in which it happened, the private exploits we used, the vectors we attacked from, and how it could happen again, or be happening right now.\n

How the ongoing analytics arms race affects everyone, and how Tractor companies have metastasized into Tech companies, with little to no cyber defenses in place. Learn how farms are not like they used to be; telemetry, crop & yield analytics, and more telemetry.\n

REFERENCES: https://github.com/sickcodes/Docker-OSX\nhttps://github.com/sickcodes/osx-serial-generator\nhttps://www.vice.com/en/article/akdmb8/open-source-app-lets-anyone-create-a-virtual-army-of-hackintoshes\nhttps://www.bleepingcomputer.com/news/security/python-also-impacted-by-critical-ip-address-validation-vulnerability/\nhttps://sick.codes/sick-2021-012/\nhttps://sick.codes/sick-2021-031/\nhttps://sick.codes/leaky-john-deere-apis-serious-food-supply-chain-vulnerabilities-discovered-by-sick-codes-kevin-kenney-willie-cade/\nhttps://www.vice.com/en/article/4avy8j/bugs-allowed-hackers-to-dox-all-john-deere-owners\nhttps://www.youtube.com/watch?v=rB_SleNKBus\nwabaf3t https://twitter.com/wabafet1\nD0rkerDevil https://twitter.com/D0rkerDevil\nChiefCoolArrow https://twitter.com/ChiefCoolArrow\njohnjhacking https://twitter.com/johnjhacking\nrej_ex https://twitter.com/rej_ex\nw0rmer https://twitter.com/0x686967\nhttps://climate.com/press-releases/transform-data-into-value-with-climate-fieldview/14\nhttps://www.agriculture.com/news/business/john-deere-to-acquire-precision-plting_5-ar50937\nhttps://www.reuters.com/article/us-monsanto-m-a-deere-idUSKBN17X2FZ\nhttps://twitter.com/sickcodes/status/1385218039734423565?s=20

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=zpouLO-GXLo\n

DCTV Channel Map: https://dctv.defcon.org/\n

\'',NULL,219975),('4_Sunday','15','15:00','15:59','N','DC','','\'(CANCELED) Discord Closing Ceremonies\'','\'Dark Tangent\'','DC_4b7a1474da23c5000a2144f9159eb14a','\'Title: (CANCELED) Discord Closing Ceremonies
\nWhen: Sunday, Aug 8, 15:00 - 15:59 PDT
\nWhere: See Description
\n
SpeakerBio:Dark Tangent\n
\nNo BIO available
\n\n
\nDescription:
\nThere will be no Discord Closing Ceremony. Please view the live closing ceremony at 16:00 PDT instead.
\n\'',NULL,219976),('4_Sunday','16','16:00','16:59','N','DC','','\'DEF CON Closing Ceremonies, Black Badge Ceremonies\'','\'Dark Tangent\'','DC_12b579af2875de87a50da8664a97c0fa','\'Title: DEF CON Closing Ceremonies, Black Badge Ceremonies
\nWhen: Sunday, Aug 8, 16:00 - 16:59 PDT
\nWhere: Track 1 Live; DCTV/Twitch #1 Live
\n
SpeakerBio:Dark Tangent\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This talk will be given live in Track 1, and will be streamed to DCTV1, both in local hotels and on Twitch.\n

DCTV Channel Map: https://dctv.defcon.org/\n

https://cointelegraph.com/authors/kadan-stadelmann \nhttps://www.forbes.com/sites/justinoconnell/2020/02/10/in-the-future-you-can-create-your-own-stablecoin-with-just-a-few-clicks-or-commands/ \nhttps://www.nasdaq.com/articles/can-we-build-a-post-feudal-web-3-2020-03-12\nhttps://www.nasdaq.com/articles/heres-why-blockchain-hasnt-taken-over-the-world-yet-2019-05-09 \nhttps://finance.yahoo.com/finance/news/decentralized-exchange-launches-dogecoin-swaps-132541367.html\n

\'',NULL,219977),('2_Friday','11','11:30','11:55','N','ASV','','\'Steal This Drone: High-Assurance Cyber Military Systems\'','\'Darren Cofer\'','ASV_04e6a36eeb1d6cdb630ae554137b6d9d','\'Title: Steal This Drone: High-Assurance Cyber Military Systems
\nWhen: Friday, Aug 6, 11:30 - 11:55 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Darren Cofer\n
\nDarren Cofer is a Fellow at Collins Aerospace. He earned his PhD in Electrical and Computer Engineering from The University of Texas at Austin. He has worked in the aerospace industry for 26 years, applying formal methods for verification and certification of high-integrity systems.\n
\n\n
\nDescription:
\nAs part of DARPAâ€™s High Assurance Cyber Military Systems program, Collins Aerospace led a team of researchers developing new tools for building aircraft software that is provably secure against many classes of cyber attack. We developed system architecture models, software components, and operating system software which have been mathematically analyzed to ensure key security properties. This talk describes the research results and demonstration in-flight on a military helicopter.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=gjYNu-2IEnc\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219978),('2_Friday','09','09:30','10:20','N','ASV','','\'The Antenny Board Design and Fabrication Saga: Sweat and Tears Along the Supply Chain\'','\'Ang Cui\'','ASV_0c8b7f0700b7391fbfed35b13538021b','\'Title: The Antenny Board Design and Fabrication Saga: Sweat and Tears Along the Supply Chain
\nWhen: Friday, Aug 6, 09:30 - 10:20 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Ang Cui\n
\nDr. Ang Cui is the Founder and Chief Scientist of Red Balloon Security. Dr. Cui received his PhD from Columbia University in 2015. Ang has focused on developing technologies to defend embedded systems. He has also uncovered vulnerabilities within embedded devices like Cisco routers and HP printers.
\n\n
\nDescription:
\nOver the past few months, Red Balloon Security has been developing and manufacturing the Antenny v5 board, and like anyone else who is putting together hardware, we ran headlong into the famous chip shortage. Listen to our story of how we overcame the shortage, found the most treasured of surprises in the most unlikely of places, and distilled all the drama into the little purple boards over in the Aerospace Village area.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=5trlb5hEXAw\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219979),('2_Friday','10','09:30','10:20','Y','ASV','','\'The Antenny Board Design and Fabrication Saga: Sweat and Tears Along the Supply Chain\'','\'Ang Cui\'','ASV_0c8b7f0700b7391fbfed35b13538021b','\'\'',NULL,219980),('2_Friday','10','10:30','11:20','N','ASV','','\'Hack-A-Sat 2: The Good, The Bad and the Cyber-Secure\'','\'Bryce Kerley,Capt Aaron Bolen,Frank Pound,Steve Wood\'','ASV_272256ab000d40e9ad28826859752c55','\'Title: Hack-A-Sat 2: The Good, The Bad and the Cyber-Secure
\nWhen: Friday, Aug 6, 10:30 - 11:20 PDT
\nWhere: Aerospace Village (Virtual Talk)
\nSpeakers:Bryce Kerley,Capt Aaron Bolen,Frank Pound,Steve Wood
\n
SpeakerBio:Bryce Kerley\n
\nNo BIO available
\n
SpeakerBio:Capt Aaron Bolen\n
\nNo BIO available
\n
SpeakerBio:Frank Pound\n
\nNo BIO available
\n
SpeakerBio:Steve Wood\n
\nNo BIO available
\n\n
\nDescription:
\nTake a deep dive into the last frontier of cybersecurity: Space. We take an inside look at the Hack-A-Sat prize competition, a joint effort of the Air Force and Space Force, in collaboration with the Aerospace Village, aimed at educating and inspiring a new generation of hackers to tackle this ever-important domain. In this talk, we will discuss: Satellite hacking 101, recap HAS1 insights, provide HAS2 Quals challenge explainers, and preview the HAS2 Finalsâ€¦and beyond\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=G3YA5Sa5Wbs\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219981),('2_Friday','11','10:30','11:20','Y','ASV','','\'Hack-A-Sat 2: The Good, The Bad and the Cyber-Secure\'','\'Bryce Kerley,Capt Aaron Bolen,Frank Pound,Steve Wood\'','ASV_272256ab000d40e9ad28826859752c55','\'\'',NULL,219982),('2_Friday','12','12:00','12:25','N','ASV','','\'Threat Modeling for Space Hitchhikers\'','\'James Pavur\'','ASV_790b1fc268a255d50f927c0479993511','\'Title: Threat Modeling for Space Hitchhikers
\nWhen: Friday, Aug 6, 12:00 - 12:25 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:James Pavur\n
\nJames Pavur is a Rhodes Scholar and DPhil Student at Oxford University where he researches satellite cyber-security in the Department of Computer Scienceâ€™s System Security Lab.
\n\n
\nDescription:
\nWhen you strap someone elseâ€™s satellite to your rocket, how much should you trust them? In this talk, weâ€™ll explore threats relating to launch integration and the role of secondary payloads, such as CubeSats, in modern missions. The briefing combines strategic and policy perspectives with dynamic simulations exploring space-to-space radio attacks from compromise or malicious payloads. While it includes technical components, it assumes no prior experience with radio communications or aerospace.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=W91uGzCWHXI\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219983),('2_Friday','12','12:30','12:55','N','ASV','','\'Evaluating Wireless Attacks on Real-World Avionics Hardware\'','\'Leeloo Granger\'','ASV_1b3450dec808de2007f49f6744c0c07d','\'Title: Evaluating Wireless Attacks on Real-World Avionics Hardware
\nWhen: Friday, Aug 6, 12:30 - 12:55 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Leeloo Granger\n
\nLeeloo is a Swiss-French undergraduate student in Communication Systems at EPFL, currently in exchange at ETH Zürich. She is currently learning to become a private pilot and has an interest in avionics security avionics. Besides her studies, she is an athlete in archery currently training for the 2024 Olympics.
\n\n
\nDescription:
\nIn a nutshell, in this project we prove the critical vulnerabilities of GPS and ADS-B technologies which only had been theoretically discussed in the literature. To do so, we investigated the feasibility and accessibility of GPS and Mode S spoofing on an avionics lab â€“ the Garminâ€™s Navigator GTN750 â€“ and using two types of transmitters: the USRP B210 and Raceologicâ€™s LabSat Wideband 3. We successfully spoofed the GPS position of the GTN750, as well as intruders on the Traffic detection system. Unfortunately, we were not able to attack the TCAS II. Our work shows the vulnerabilities of communication technologies that have a major role in the safety of an aircraft, hence attacks are a severe threat and all the more so if they are conducted using as few resources as we did.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=QtM47OmprfQ\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219984),('2_Friday','13','13:00','13:50','N','ASV','','\'Unboxing the Spacecraft Software BlackBox â€“ Hunting for Vulnerabilities\'','\'Brandon Bailey\'','ASV_2446c38d774ae161b9b2ddd2c2d6828f','\'Title: Unboxing the Spacecraft Software BlackBox â€“ Hunting for Vulnerabilities
\nWhen: Friday, Aug 6, 13:00 - 13:50 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Brandon Bailey\n
\nBrandon Bailey has more than 15 years of experience supporting intelligence and civil space customers. Brandonâ€™s specialties include vulnerability assessments and penetration testing for space systems. Brandon was awarded NASAâ€™s Exceptional Service Medal for his landmark cybersecurity work in 2019.
\n\n
\nDescription:
\nAs the commercialization of space increases or access to source code is not feasible, it is getting more common that spacecraft/embedded binaries are a black box. There needs to be a way automate code inspection in a cost effective, fast, repeatable manner which can be constantly enhanced to have the latest capability to build secure spacecraft SW. Synthetic vulnerabilities were created and analyzed with varying results.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=WvKtdXSRvhM\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219985),('2_Friday','14','14:00','14:25','N','ASV','','\'Donâ€™t fear the BUS, it wonâ€™t run you over.\'','\'Nicholas Childs\'','ASV_1eafe627d3eda1b47dbd2a3d16a7606d','\'Title: Donâ€™t fear the BUS, it wonâ€™t run you over.
\nWhen: Friday, Aug 6, 14:00 - 14:25 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Nicholas Childs\n
\nNicholas Childs Is a USAF aircraft maintainer with experience with mechanical, electronic, hydraulic, and avionics systems with both military and civilian aerospace platforms. He has worked on C-5, C-17, KC-135, B-1, 737, 747, and L10-11 platforms. With a focus on security he scrutinizes them.\n
\n\n
\nDescription:
\nThis talk is a basic introduction to aircraft avionics comm/nav bus systems and the expansion of the network to more vulnerable areas than have seen before. It is more of a primer and 101 for stepping into a the larger world of aerospace networks.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=eiO7F5isPE8\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219986),('2_Friday','14','14:30','14:55','N','ASV','','\'CPDLC: Man-in-the-middle attacks and how to defend against them\'','\'Joshua Smailes\'','ASV_f589ec0fc295dfe8daa899974924dfa0','\'Title: CPDLC: Man-in-the-middle attacks and how to defend against them
\nWhen: Friday, Aug 6, 14:30 - 14:55 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Joshua Smailes\n
\nNo BIO available
\n\n
\nDescription:
\nThe Controller Pilot Data Link Communications (CPDLC) protocol replaces voice-based air traffic control with a text-based protocol. With no real security protections, this system is open to a wide range of message injection attacks. It has long been assumed that air traffic controllers and flight crew should be able to detect such attacks, but this is not always the case.\n

We construct a realistic threat model for CPDLC and introduce attacks on the underlying protocol, taking advantage of automated components of the system to make attacks which are difficult for human operators to detect. We also propose a number of improvements to CPDLC to mitigate these threats.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=cl_56FUk8ps\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219987),('2_Friday','15','15:00','15:25','N','ASV','','\'Developing Aerospace Security Training 3D Models\'','\'Kevin Hood\'','ASV_af60b802b00b958c9c9ef2ffd27eabf7','\'Title: Developing Aerospace Security Training 3D Models
\nWhen: Friday, Aug 6, 15:00 - 15:25 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Kevin Hood\n
\nKevin Hood is a Software Security Engineering Intern at Collins Aerospace, Project Manager for the Aviation ISAC Cyber Competition, and student at Embry-Riddle Aeronautical university. Kevin has focused his career in aerospace cybersecurity and develops events to bring more people into the industry.
\n\n
\nDescription:
\nThe challenge for students interested in aerospace cybersecurity is how to jump-start their learning and prepare themselves for this career path. Developing models and simulated aerospace infrastructure can enhance critical skills needed in aerospace cybersecurity. From a studentâ€™s perspective, learn how to get started in aerospace cybersecurity and the future developments of a hackable, large-scale model airport at the Aerospace Village.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=WXuT-e-Zs80\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219988),('2_Friday','15','15:30','15:55','N','ASV','','\'Collecting CANs: a Bridge Less Traveled\'','\'Peace Barry\'','ASV_7045061996fae2753c6745d24c1aa7a7','\'Title: Collecting CANs: a Bridge Less Traveled
\nWhen: Friday, Aug 6, 15:30 - 15:55 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Peace Barry\n
\nHaving worked as a Metasploit developer and later as a manager of Metasploit development at Rapid7, Pearce currently keeps busy doing security research at Rumble, Inc. and following advances in space technologies.
\n\n
\nDescription:
\nWeâ€™ll step back a few years to early 2017, when @zombieCraig released the Metasploit Hardware Bridge as a mechanism to allow Metasploit Framework to reach into networks beyond Ethernet. While the now-defunct HWBridge initially focused on automotive targets, some of that tech, including CAN buses and RF transceivers, has commonality in aviation targets. In this talk, weâ€™ll cover basic design and use of the HWBridge, how one can use it with CAN and RF transceivers, and what it takes to set it up.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=6nxlqh-m3Jc\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219989),('3_Saturday','09','09:30','10:50','N','ASV','','\'VDP in aviation: Experiences and lessons learnt as a researcher\'','\'Matt Gaffney\'','ASV_2a1e930324dc1536ecb88fdf808eed11','\'Title: VDP in aviation: Experiences and lessons learnt as a researcher
\nWhen: Saturday, Aug 7, 09:30 - 10:50 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Matt Gaffney\n
\nFollowing his career in the British Army, Matt has been working with clients in various industries. However, his best years were spent working in aviation, specifically systems found in the Aircraft Information Systems Domain. More recently he has turned his attention to security in UAS.
\n\n
\nDescription:
\nFollowing a Vulnerability Disclosure to an aircraft manufacturer in 2019 little did Gaffers know that he was about to start on a journey in to a world where vulnerabilities are considered features and unless you can argue a safety impact you are not taken seriously. Without divulging the details, this talk will discuss the steps taken, what worked, what failed and some advice for anyone else who finds themselves in a similar situation.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=q5E_y8jLTv8\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219990),('3_Saturday','10','09:30','10:50','Y','ASV','','\'VDP in aviation: Experiences and lessons learnt as a researcher\'','\'Matt Gaffney\'','ASV_2a1e930324dc1536ecb88fdf808eed11','\'\'',NULL,219991),('3_Saturday','11','11:30','11:55','N','ASV','','\'Defending the Unmanned Aerial Vehicle: Advancements in UAV Intrusion Detection\'','\'Jason Whelan\'','ASV_29e9035096749e333f7e7409ca340431','\'Title: Defending the Unmanned Aerial Vehicle: Advancements in UAV Intrusion Detection
\nWhen: Saturday, Aug 7, 11:30 - 11:55 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Jason Whelan\n
\nJason (OSCP, OSCE, CCNP) holds a Bachelor of IT and is currently working towards a MSc in Computer Science from Ontario Tech University. He has presented at international conferences on UAV security, and has experience in both practical security research and penetration testing of operational UAS.\n
\n\n
\nDescription:
\nMany attacks against the UAV are becoming commonplace as they are simple to conduct with inexpensive hardware, such as spoofing and jamming. Unfortunately, many of the vulnerabilities UAVs suffer from are based on security flaws in the underlying technologies, including GPS and ADS-B. An intrusion detection system (IDS) for UAVs can increase security rapidly without the need to re-engineer underlying technologies. UAVs are cyber-physical systems which introduce a number of challenges for IDS development as they utilize a wide variety of sensors, communication protocols, platforms, and control configurations. Commercial off-the-shelf IDS solutions can be strategically implemented within the Unmanned aerial system (UAS) to detect threats to the underlying traditional IT infrastructure, however, the UAV itself requires specialized detection techniques. This talk discusses advancements in UAV intrusion detection, including proposed solutions in academics, pitfalls of these solutions, and how a practical technique using machine learning can be used to detect attacks across UAV platforms. A fully developed IDS is presented which makes use of flight logs and an onboard agent for autonomous detection and mitigation. The topics covered come from lessons learned in UAS penetration testing, live experiments, and academic research in the UAV security space.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=XEN9LTOUFFQ\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219992),('3_Saturday','12','12:00','12:25','N','ASV','','\'Federal Perspective on Aerospace Cybersecurity\'','\'Larry Grossman,Steve Luczynski\'','ASV_cf0220eed7c6a61e056379f54ce44403','\'Title: Federal Perspective on Aerospace Cybersecurity
\nWhen: Saturday, Aug 7, 12:00 - 12:25 PDT
\nWhere: Aerospace Village (Virtual Talk)
\nSpeakers:Larry Grossman,Steve Luczynski
\n
SpeakerBio:Larry Grossman\n
\nLarry Grossman is the Federal Aviation Administrationâ€™s Director of the Office of Information Security and Privacy and Chief Information Security Officer. In this role, he provides strategic leadership of FAAâ€™s information security and privacy programs. He chairs FAAâ€™s Executive Cybersecurity Steering Committee which provides oversight to cybersecurity activities across the FAA enterprise. Larry leads the FAAâ€™s security operations, compliance, governance, and risk management functions. Looking externally, he oversees the FAAâ€™s Aviation Ecosystem and Stakeholder Engagement Office whose role is to promote awareness and improve cyber resiliency across the aviation ecosystem. He also leads the evolution of FAAâ€™s cybersecurity strategy, Security Operations Center modernization, new program deployments, and cyber incident response activities. Additionally, he represents FAAâ€™s cybersecurity and programs at the Department of Transportation and other agencies; he participates in government-wide and international cybersecurity initiatives and exercises; and regularly briefs Congress on FAA and aviation cybersecurity. Larry has been with the FAA for over 25 years and prior to his current role, led the deployment of Air Traffic Control and Aviation Safety systems, as well as data modernization and external data distribution efforts.\n

An avid aviation enthusiast, Larry holds commercial pilot and flight instructor certificates in both land and sea, and travels in his own aircraft whenever possible.\n

\n
SpeakerBio:Steve Luczynski\n
\nNo BIO available
\n\n
\nDescription:
\nAs the Federal Aviation Administrationâ€™s Chief Information Security Officer, Larry Grossman has a unique perspective on the challenges associated with building and sustaining adequate security for IT systems within a government agency and across the aerospace sector. Join us to learn more about his experiences and gain insight into the FAAâ€™s current efforts to sustain the publicâ€™s trust in safe air travel.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=jcyL0zPNEuA\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219993),('3_Saturday','12','12:30','13:20','N','ASV','','\'Lost In Space: No-one Can Hear Your Breach (Choose Wisely)\'','\'Elizabeth Wharton\'','ASV_363c1252457d6fd932e869833ed6b7d7','\'Title: Lost In Space: No-one Can Hear Your Breach (Choose Wisely)
\nWhen: Saturday, Aug 7, 12:30 - 13:20 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Elizabeth Wharton\n
\nLiz, a cybersecurity-focused business and public policy attorney, has advised researchers, startups, and policymakers at the federal, state, and local level. Currently SCYTHEâ€™s Chief of Staff, she was the Worldâ€™s (second) Busiest Airportâ€™s technology attorney and hosts the CISO Stressed podcast.
\n\n
\nDescription:
\nNavigating the space race is difficult enough with privately sponsored flights, internationally owned stations, and interplanetary destinations. Supply-chain vulnerabilities, ransomware threats, and other cybersecurity challenges are magnified when the galactic rules are still being written. Join an interactive adventure dodging malicious attackers, signal and software glitches, and potential liabilities trekking to Mars, highlighting cybersecurity pitfalls and pending policy issues.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=TEUgTF5zDHA\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219994),('3_Saturday','13','12:30','13:20','Y','ASV','','\'Lost In Space: No-one Can Hear Your Breach (Choose Wisely)\'','\'Elizabeth Wharton\'','ASV_363c1252457d6fd932e869833ed6b7d7','\'\'',NULL,219995),('3_Saturday','14','14:30','14:55','N','ASV','','\'True Story: Hackers in the Aerospace Sector\'','\'Declyn S.,Ginny Spicer,Olivia Stella,Steve Luczynski,Thomas Bristow\'','ASV_28b29c71ddf95f104d6d0aaed51ccfd4','\'Title: True Story: Hackers in the Aerospace Sector
\nWhen: Saturday, Aug 7, 14:30 - 14:55 PDT
\nWhere: Aerospace Village (Virtual Talk)
\nSpeakers:Declyn S.,Ginny Spicer,Olivia Stella,Steve Luczynski,Thomas Bristow
\n
SpeakerBio:Declyn S.\n
\nDeclyn is a cybersecurity specialist for the Aviation ISAC. He taught himself basic security principles and after finding aviation related vulnerabilities and reported them to the A-ISAC. He now works in the intel team at the A-ISAC specialising in threat intelligence and vulnerability disclosure management.
\n
SpeakerBio:Ginny Spicer\n
\nGinny Spicer is a masterâ€™s student studying information security at Royal Holloway University of London. She is a packet nerd and likes to focus on network analysis, Wireshark, new protocols, and interplanetary communications. Ginny is a member of the technical documentation working group in the Interplanetary Networking SIG and an advisor for the California Cyber Innovation Challenge. Her particular areas of interest are DTN and encrypted DNS. This is her second year helping out with the DEF CON Aerospace Village.
\n
SpeakerBio:Olivia Stella\n
\nOlivia Stella is a cybersecurity engineer for Los Alamos National Laboratory. In her current role, she focuses on agile space cybersecurity. With over twelve years of experience, sheâ€™s worked for multiple companies in the aerospace industry including an in-flight entertainment company, major US airline, and government contractors. Olivia has supported incident response, vulnerability management, pen testing, bug bounty & coordinated disclosure, risk & compliance activities. Her academic background includes degrees in computer science and software engineering, along with an alphabet soup of security certifications. When sheâ€™s not wearing her security hat, she loves to curl and is an avid toastmaster. (Thatâ€™s right, ice curling.)
\n
SpeakerBio:Steve Luczynski\n
\nNo BIO available
\n
SpeakerBio:Thomas Bristow\n
\nThomas Bristow is a Cyber Security Certification Specialist for the UK Civil Aviation Authority where he works on a whole range of things, from cyber threat modeling to running the CyberFirst summer placement scheme. Heâ€™s a recent graduate from Royal Holloway with a degree in computer science and two back to back wins of society of the year. While his role is in cyber security he always tries to help others: whether this is educating colleagues on the LGBTQIA+ flags (and their meanings), performing careers talks at schools or just helping to make their team wiki easy to use.
\n\n
\nDescription:
\nWhatâ€™s it like to be a hacker working in government, for an airline, or pursuing a degree?\nWhen you read that question did you think, ew, why would I ever do that?! Or did you think, wow, that sounds great tell me more!\n

This isnâ€™t your typical workforce talk!\n

Join a diverse panel of folks working in the aerospace sector who are just like you! Learn how they got into their roles, why they chose to work there, what motivates them, and how they gained their skills and experience.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=ngoYRudoJqA\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219996),('3_Saturday','15','15:00','15:50','N','ASV','','\'Drone Security Research Series â€“ Ep6 Hacking with drones\'','\'Matt Gaffney\'','ASV_48e74027c009e80674344ad09056c5d3','\'Title: Drone Security Research Series â€“ Ep6 Hacking with drones
\nWhen: Saturday, Aug 7, 15:00 - 15:50 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Matt Gaffney\n
\nFollowing his career in the British Army, Matt has been working with clients in various industries. However, his best years were spent working in aviation, specifically systems found in the Aircraft Information Systems Domain. More recently he has turned his attention to security in UAS.
\n\n
\nDescription:
\nIn this series we have uncovered weaknesses in the MAVLink protocol, now we attempt to overcome physical security controls by getting within range of WiFi networks with a drone. In this episode we use a drone to get close to our target by taking the tools airborne and flying over our target. Letâ€™s rewrite the physical security model!\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=M0BDHT43Ucc\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219997),('3_Saturday','16','16:00','16:25','N','ASV','','\'Fuzzing NASA Core Flight System Software\'','\'Ronald Broberg\'','ASV_14bbe431765a5b57da4e98cab7cb7176','\'Title: Fuzzing NASA Core Flight System Software
\nWhen: Saturday, Aug 7, 16:00 - 16:25 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Ronald Broberg\n
\nNo BIO available
\n\n
\nDescription:
\nNASA Core Flight System (cFS) provides an open source software framework used in multiple NASA missions including the Lunar Reconnaissance Orbiter, the Parker Solar Probe, and the protoype Mighty Eagle robotic lunar lander. The cFS suite includes Command Ingest (CI_Lab) and Telemetry Output (TO_Lab) applications which are only representative of similar applications in actual mission software. Fuzzing techniques applied to cFS reveal issues in the Command Ingest application (CI_Lab).\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=D5yiIlMy2Lg\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,219998),('2_Friday','10','10:00','11:30','N','ASV','','\'AIAA CubeSat Hacking Workshop - World Premier of the videos\'','\' \'','ASV_58bee181257f3861d7980326a602c40b','\'Title: AIAA CubeSat Hacking Workshop - World Premier of the videos
\nWhen: Friday, Aug 6, 10:00 - 11:30 PDT
\nWhere: See Description
\n
\nDescription:
\nDEF CON participants will be able to interact with CubeSat hardware and ground equipment in cybersecurity sandbox environment.\n

For more information, please see https://aerospacevillage.org/events/upcoming-events/def-con-29/aiaa-cubesat-hacking-workshop/\n

\n\'',NULL,219999),('2_Friday','11','10:00','11:30','Y','ASV','','\'AIAA CubeSat Hacking Workshop - World Premier of the videos\'','\' \'','ASV_58bee181257f3861d7980326a602c40b','\'\'',NULL,220000),('2_Friday','10','10:00','15:59','N','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_5118d4dda2d226c8edc3a6305d1fe9b5','\'Title: ARINC 429 Lab
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Virtual + Paris Rivoli B)
\n
\nDescription:
\nSessions will be held for small audience 15-20 users to demonstrate the structure and use of avionic-specific communication protocol (ARINC 429). This is an opportunity for hands-on experience in a controlled setting.
\n\'',NULL,220001),('2_Friday','11','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_5118d4dda2d226c8edc3a6305d1fe9b5','\'\'',NULL,220002),('2_Friday','12','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_5118d4dda2d226c8edc3a6305d1fe9b5','\'\'',NULL,220003),('2_Friday','13','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_5118d4dda2d226c8edc3a6305d1fe9b5','\'\'',NULL,220004),('2_Friday','14','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_5118d4dda2d226c8edc3a6305d1fe9b5','\'\'',NULL,220005),('2_Friday','15','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_5118d4dda2d226c8edc3a6305d1fe9b5','\'\'',NULL,220006),('2_Friday','10','10:00','15:59','N','ASV','','\'Deep Space Networking\'','\' \'','ASV_f740c90180c248181ba9d2cc2ba9a170','\'Title: Deep Space Networking
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Virtual Workshop)
\n
\nDescription:
\nDeep space communications utilize TCP/IP protocols with some added assistance from a TCP Convergence Layer and the Bundle Protocol. In this workshop, participants will contrast data transmission on the Earth terrestrial Internet to the Deep Space Network and then delve into the latest version of the Bundle protocol and the TCP Convergence Layer. We will examine key fields in the headers, locate the first packet of a bundle and the first and second legs of the relay process, as reassembled by Wireshark. Participants will learn to build a custom Wireshark profile to quickly identify key fields of the Bundle Protocol, including fields that define priority, destination type, endpoint IDs, and reporting of bundle delivery.
\n\'',NULL,220007),('2_Friday','11','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_f740c90180c248181ba9d2cc2ba9a170','\'\'',NULL,220008),('2_Friday','12','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_f740c90180c248181ba9d2cc2ba9a170','\'\'',NULL,220009),('2_Friday','13','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_f740c90180c248181ba9d2cc2ba9a170','\'\'',NULL,220010),('2_Friday','14','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_f740c90180c248181ba9d2cc2ba9a170','\'\'',NULL,220011),('2_Friday','15','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_f740c90180c248181ba9d2cc2ba9a170','\'\'',NULL,220012),('2_Friday','10','10:00','15:59','N','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_91e5ce0d479208210347968067012720','\'Title: Hack-A-Sat2 Satellite Platform
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Virtual + Paris Rivoli B)
\n
\nDescription:
\nCome and gets hands on with Hack-a-Sat 2 hardware and learn about the unique problems presented by cybersecurity in the space realm. The Air Force and Space Force will be presenting the HAS2 flatsat â€“ the primary platform hosting the hacking challenges for HAS2, comprised of a variety of software and processor architectures commonly used in space vehicles. Visitors can command various settings changes in the flatsat and see the resulting changes in the telemetry from the device as well as visual attitude changes in the NASA 42 simulation. Visitors will also be introduced to the HAS2 Digital Twin, an emulated version of all the flight software running on the flatsat, and will have a chance to capture and analyze an exploit being thrown against the flight software. Lastly, the Aerospace Corporation will demonstrate cyber defense onboard a satellite by using machine learning and signatures to detect anomalous command sequences and onboard cyber events.\n

For virtual attendees, the Digital twin demonstration will also be accessible via VNC to an instance running inside Docker containers in Amazon AWS (remote viewers will need to have a VNC client on their own computer).\n

\n\'',NULL,220013),('2_Friday','11','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_91e5ce0d479208210347968067012720','\'\'',NULL,220014),('2_Friday','12','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_91e5ce0d479208210347968067012720','\'\'',NULL,220015),('2_Friday','13','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_91e5ce0d479208210347968067012720','\'\'',NULL,220016),('2_Friday','14','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_91e5ce0d479208210347968067012720','\'\'',NULL,220017),('2_Friday','15','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_91e5ce0d479208210347968067012720','\'\'',NULL,220018),('2_Friday','10','10:00','15:59','N','ASV','','\'HACMS Live Demo\'','\' \'','ASV_f9979678925cd863b3f50835af503365','\'Title: HACMS Live Demo
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\nAs part of DARPA-s High-Assurance Cyber Military Systems program, Collins Aerospace led a team of researchers using formal methods tools to construct aircraft software that was provably secure against many classes of cyber attack. We will have an operational (but non-flying) version of our secure quadcopter present whose mission and telemetry software runs on the formally verified seL4 kernel. We will provide wifi access to an isolated virtual machine running on its mission computer. DEF CON participants will be challenged to break out of the VM environment to read or write the encryption keys used for vehicle telemetry.
\n\'',NULL,220019),('2_Friday','11','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_f9979678925cd863b3f50835af503365','\'\'',NULL,220020),('2_Friday','12','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_f9979678925cd863b3f50835af503365','\'\'',NULL,220021),('2_Friday','13','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_f9979678925cd863b3f50835af503365','\'\'',NULL,220022),('2_Friday','14','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_f9979678925cd863b3f50835af503365','\'\'',NULL,220023),('2_Friday','15','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_f9979678925cd863b3f50835af503365','\'\'',NULL,220024),('2_Friday','10','10:00','15:59','N','ASV','','\'Lego Spike Hub\'','\' \'','ASV_82ba322ef7539f6ea8267bdf459eb33c','\'Title: Lego Spike Hub
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\nParticipants will be given the opportunity to program a Lego Spike Hub to perform a space mission of transporting and sorting valuable minerals. The workshop is intended to be an introductory workshop to give participants an appreciation for the operation of autonomous space vehicles and an understanding of finite state machines and hardware limitations. There will be 4 prebuilt Lego robots, 2 will be for tracing a line while the other 2 will be for color sorting. The scenario presented to the participant is that they are on a foreign planet and need to transport minerals along a predefined path to safely arrive at the sorting facility and as such will program in Scratch code code for the transport shuttle to execute. Participants will also have a chance to program in Scratch the code to execute on the color sorting robot, thus demonstrating the ability to correctly sort the minerals in appropriate colors.
\n\'',NULL,220025),('2_Friday','11','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_82ba322ef7539f6ea8267bdf459eb33c','\'\'',NULL,220026),('2_Friday','12','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_82ba322ef7539f6ea8267bdf459eb33c','\'\'',NULL,220027),('2_Friday','13','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_82ba322ef7539f6ea8267bdf459eb33c','\'\'',NULL,220028),('2_Friday','14','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_82ba322ef7539f6ea8267bdf459eb33c','\'\'',NULL,220029),('2_Friday','15','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_82ba322ef7539f6ea8267bdf459eb33c','\'\'',NULL,220030),('2_Friday','13','13:00','15:59','N','ASV','','\'Understanding Space in the Cyber Domain\'','\' \'','ASV_aaea325b3611d2444e57c371fb86cd55','\'Title: Understanding Space in the Cyber Domain
\nWhen: Friday, Aug 6, 13:00 - 15:59 PDT
\nWhere: Aerospace Village (Virtual Workshop)
\n
\nDescription:
\nThis half-day course examines the practical issues of developing and sustaining a secure cyber environment through all phases of the space mission lifecycle. The course is organized around the SPAce Domain Cybersecurity (SpaDoCs) Framework. The SpaDoCs Framework provides a comprehensive and systematic model for understanding and tackling all critical issues of cybersecurity in the space domain. An examination of the Key objectivesâ€” confidentiality, integrity, availabilityâ€”provides the foundation for the course. From there, the space domain is examined layer by layer starting from the enterprise layer, then drilling down through mission, system and DevSecOps layers. Threats and vulnerabilities at each layer are highlighted. Finally, first principles of cybersecurity are discussed (domain separation, process isolation, etc.) as well as key enablers (vision, strategy, etc.) to help frame plans for action to address the cybersecurity issues exposed by this course. Course exercises center around practical application of the material to real-world space mission scenarios.
\n\'',NULL,220031),('2_Friday','14','13:00','15:59','Y','ASV','','\'Understanding Space in the Cyber Domain\'','\' \'','ASV_aaea325b3611d2444e57c371fb86cd55','\'\'',NULL,220032),('2_Friday','15','13:00','15:59','Y','ASV','','\'Understanding Space in the Cyber Domain\'','\' \'','ASV_aaea325b3611d2444e57c371fb86cd55','\'\'',NULL,220033),('2_Friday','10','10:00','15:59','N','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_8e731735c1264178f280741de6b3fc82','\'Title: ADSB Demo and Paper Airplanes
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\nInteractive ADS-B demonstration and paper airplane activity. Educational and fun
\n\'',NULL,220034),('2_Friday','11','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_8e731735c1264178f280741de6b3fc82','\'\'',NULL,220035),('2_Friday','12','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_8e731735c1264178f280741de6b3fc82','\'\'',NULL,220036),('2_Friday','13','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_8e731735c1264178f280741de6b3fc82','\'\'',NULL,220037),('2_Friday','14','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_8e731735c1264178f280741de6b3fc82','\'\'',NULL,220038),('2_Friday','15','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_8e731735c1264178f280741de6b3fc82','\'\'',NULL,220039),('2_Friday','09','09:00','17:59','N','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'Title: A-ISAC CTF -- Pre-registration Required
\nWhen: Friday, Aug 6, 09:00 - 17:59 PDT
\nWhere: Aerospace Village (Virtual CTF)
\n
\nDescription:
\nA-ISAC, ERAU with support from IntelliGenesis (CybatiWorks)\n

Day 1: Aug. 6th, 2021 9:00AM â€“ 6:00PM PDT (UTC-7)\nDay 2: Aug. 7th, 2021 9:00AM â€“ 6:00PM PDT (UTC-7)\n

Registration available at https://aisac.cyberskyline.com/defcon\n

Aviation ISAC is hosting a competition at DC29 Aerospace Village! This competition represents a simulated airport hosted on the Cyber Skyline platform and is developed by the Department of Cyber Intelligence and Security at Embry-Riddle Aeronautical University (Prescott) and Matthew E. Luallen, Chief Executive Inventor at CybatiWorks powered by IntelliGenesis. The ethical design of the competition is achieved through investigative themes that provides a focus in blue team while still offering red team aspects.\n

Storyline for CTF: On 8/6, an employee from ERAU Airline noticed a USB stick inside one of their kiosks. After further investigation, airport security suspects someone is carrying out an attack against the airport. You have been brought in to retrace the steps of the attackers, determine where security needs to be hardened, regain control of compromised systems, and prevent a successful attack at the airport. Identify the criminals by retracing their steps and utilizing OSINT to identify which suspects need to be arrested. Investigators have not ruled out insider threats which means you must remain undetected by airport staff while you attempt to regain control of the airportâ€™s infrastructure. Good Luck and remember to register ahead of time!\n

CybatiWorks part of the CTF Stage 7: Runway Lighting System: The Runway Lighting System (RLS) was taken over by the attackers and the lights are operating erratically. Identify what the attackers have changed causing the RLS HMI systems to work improperly and regain access to the remote logic controller operating the runway lights. Update the logic on the HMI system, regain control of the remote logic controller and successfully operate the RLS. \n

Architecture Design: The competitors are provided with a CybatiWorks custom docker image that they use to gain access to the operator and maintenance HMI logic. The competitors will review and update the logic to match the documentation provided in stage 4. Once the local components are successfully completed the competitors will request access to the remote RLS logic controller (i.e. a Raspberry PI with a 3d printed/LED runway lighting system accessible via a VPN). The competitors will complete additional challenges to confirm the logic program and then remotely control the RLS. All remote RLS stations will be visible \n

\n\'',NULL,220040),('2_Friday','10','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'\'',NULL,220041),('2_Friday','11','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'\'',NULL,220042),('2_Friday','12','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'\'',NULL,220043),('2_Friday','13','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'\'',NULL,220044),('2_Friday','14','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'\'',NULL,220045),('2_Friday','15','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'\'',NULL,220046),('2_Friday','16','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'\'',NULL,220047),('2_Friday','17','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_49676ea795716e4eac78b8471f86ed7e','\'\'',NULL,220048),('3_Saturday','09','09:00','17:59','N','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'Title: A-ISAC CTF -- Pre-registration Required
\nWhen: Saturday, Aug 7, 09:00 - 17:59 PDT
\nWhere: Aerospace Village (Virtual CTF)
\n
\nDescription:
\nA-ISAC, ERAU with support from IntelliGenesis (CybatiWorks)\n

Day 1: Aug. 6th, 2021 9:00AM â€“ 6:00PM PDT (UTC-7)\nDay 2: Aug. 7th, 2021 9:00AM â€“ 6:00PM PDT (UTC-7)\n

Registration available at https://aisac.cyberskyline.com/defcon\n

\n\'',NULL,220049),('3_Saturday','10','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'\'',NULL,220050),('3_Saturday','11','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'\'',NULL,220051),('3_Saturday','12','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'\'',NULL,220052),('3_Saturday','13','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'\'',NULL,220053),('3_Saturday','14','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'\'',NULL,220054),('3_Saturday','15','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'\'',NULL,220055),('3_Saturday','16','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'\'',NULL,220056),('3_Saturday','17','09:00','17:59','Y','ASV','','\'A-ISAC CTF -- Pre-registration Required\'','\' \'','ASV_5ca75823c3701a2215d17bc01f7b536a','\'\'',NULL,220057),('3_Saturday','09','09:00','16:59','N','ASV','','\'California Cyber Innovation Challenge CTF -- Pre-registration Required\'','\' \'','ASV_584da6addd2048339bd157c22a1f0b3d','\'Title: California Cyber Innovation Challenge CTF -- Pre-registration Required
\nWhen: Saturday, Aug 7, 09:00 - 16:59 PDT
\nWhere: Aerospace Village (Virtual CTF)
\n
\nDescription:
\nCal Poly\n

Starts August 7, 2021@ 9 AM PST,
\nEnds Aug 8, 2021 5 PM PST\n

Registration available at https://www.cognitoforms.com/CCI17/CaliforniaCyberInnovationChallengeAEROSPACEVILLAGEDEFCON2021\n

The CCIC promotes Gamification & Esports for Space and Cybersecurity Skills Development. This is an electronic game of clue that has characters and threat actors or the person(s) who committed the Space and Cyber crime. Find the person(s) of interest that you think committed the crime. You are Cybernauts and Cyber Sleuth Analysts. Remember, throughout the challenge, record and take notes of all information, findings, evidence, and clues regarding characters you encounter. Take note of technical skills you executed to create a digital forensics analysis report of who committed the crime and their motives.\n

About the Crime:\n

A multi-billion dollar company led by CEO, William Gecko, Moonshot Satelliteâ€™s constellation of 5000 CubeSatâ€™s, located in Low Earth Orbit (LEO), provides a mesh-network of internet access to over 20 million commercial and governmental customers around the globe. Moonshot Satellite, a small cube satellite company whose constellation satellite infrastructure provides communication services that deliver Internet access to over 200 million individual commercial customers and real-time communications support for numerous government agencies.\n

\n\'',NULL,220058),('3_Saturday','10','09:00','16:59','Y','ASV','','\'California Cyber Innovation Challenge CTF -- Pre-registration Required\'','\' \'','ASV_584da6addd2048339bd157c22a1f0b3d','\'\'',NULL,220059),('3_Saturday','11','09:00','16:59','Y','ASV','','\'California Cyber Innovation Challenge CTF -- Pre-registration Required\'','\' \'','ASV_584da6addd2048339bd157c22a1f0b3d','\'\'',NULL,220060),('3_Saturday','12','09:00','16:59','Y','ASV','','\'California Cyber Innovation Challenge CTF -- Pre-registration Required\'','\' \'','ASV_584da6addd2048339bd157c22a1f0b3d','\'\'',NULL,220061),('3_Saturday','13','09:00','16:59','Y','ASV','','\'California Cyber Innovation Challenge CTF -- Pre-registration Required\'','\' \'','ASV_584da6addd2048339bd157c22a1f0b3d','\'\'',NULL,220062),('3_Saturday','14','09:00','16:59','Y','ASV','','\'California Cyber Innovation Challenge CTF -- Pre-registration Required\'','\' \'','ASV_584da6addd2048339bd157c22a1f0b3d','\'\'',NULL,220063),('3_Saturday','15','09:00','16:59','Y','ASV','','\'California Cyber Innovation Challenge CTF -- Pre-registration Required\'','\' \'','ASV_584da6addd2048339bd157c22a1f0b3d','\'\'',NULL,220064),('3_Saturday','16','09:00','16:59','Y','ASV','','\'California Cyber Innovation Challenge CTF -- Pre-registration Required\'','\' \'','ASV_584da6addd2048339bd157c22a1f0b3d','\'\'',NULL,220065),('2_Friday','11','11:30','12:59','N','ASV','','\'AIAA CubeSat Hacking Workshop - Virtual Lab #1\'','\' \'','ASV_728560b9d2f562e4382a2f11c5894a0c','\'Title: AIAA CubeSat Hacking Workshop - Virtual Lab #1
\nWhen: Friday, Aug 6, 11:30 - 12:59 PDT
\nWhere: See Description
\n
\nDescription:
\nDEF CON participants will be able to interact with CubeSat hardware and ground equipment in cybersecurity sandbox environment.\n

For more information, please see https://aerospacevillage.org/events/upcoming-events/def-con-29/aiaa-cubesat-hacking-workshop/\n

\n\'',NULL,220066),('2_Friday','12','11:30','12:59','Y','ASV','','\'AIAA CubeSat Hacking Workshop - Virtual Lab #1\'','\' \'','ASV_728560b9d2f562e4382a2f11c5894a0c','\'\'',NULL,220067),('3_Saturday','10','10:00','15:59','N','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_450778ea04183f1c254ab3d987b02092','\'Title: ARINC 429 Lab
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Virtual + Paris Rivoli B)
\n
\nDescription:
\nSessions will be held for small audience 15-20 users to demonstrate the structure and use of avionic-specific communication protocol (ARINC 429). This is an opportunity for hands-on experience in a controlled setting.
\n\'',NULL,220068),('3_Saturday','11','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_450778ea04183f1c254ab3d987b02092','\'\'',NULL,220069),('3_Saturday','12','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_450778ea04183f1c254ab3d987b02092','\'\'',NULL,220070),('3_Saturday','13','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_450778ea04183f1c254ab3d987b02092','\'\'',NULL,220071),('3_Saturday','14','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_450778ea04183f1c254ab3d987b02092','\'\'',NULL,220072),('3_Saturday','15','10:00','15:59','Y','ASV','','\'ARINC 429 Lab\'','\' \'','ASV_450778ea04183f1c254ab3d987b02092','\'\'',NULL,220073),('3_Saturday','11','11:00','11:59','N','ASV','','\'Decoding NOAA Weather Sat Signals\'','\' \'','ASV_e48f51f72bfcbd37d2516eead55562d0','\'Title: Decoding NOAA Weather Sat Signals
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\n

Youâ€™ll need a laptop with internet connection for this workshop

\nMy goal for this workshop is to introduce receiving and decoding NOAA weather satellite signals. Iâ€™ll demonstrate this first with a commercially available radio, and then Iâ€™ll demonstrate how to listen to to NOAA satellites for free using publicly accessible and internet connected radios scattered across the globe.\n
\n\'',NULL,220074),('3_Saturday','10','10:00','15:59','N','ASV','','\'Deep Space Networking\'','\' \'','ASV_190b04c5a0f0bf36c46b71adad33c3a4','\'Title: Deep Space Networking
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Virtual Workshop)
\n
\nDescription:
\nDeep space communications utilize TCP/IP protocols with some added assistance from a TCP Convergence Layer and the Bundle Protocol. In this workshop, participants will contrast data transmission on the Earth terrestrial Internet to the Deep Space Network and then delve into the latest version of the Bundle protocol and the TCP Convergence Layer. We will examine key fields in the headers, locate the first packet of a bundle and the first and second legs of the relay process, as reassembled by Wireshark. Participants will learn to build a custom Wireshark profile to quickly identify key fields of the Bundle Protocol, including fields that define priority, destination type, endpoint IDs, and reporting of bundle delivery.
\n\'',NULL,220075),('3_Saturday','11','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_190b04c5a0f0bf36c46b71adad33c3a4','\'\'',NULL,220076),('3_Saturday','12','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_190b04c5a0f0bf36c46b71adad33c3a4','\'\'',NULL,220077),('3_Saturday','13','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_190b04c5a0f0bf36c46b71adad33c3a4','\'\'',NULL,220078),('3_Saturday','14','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_190b04c5a0f0bf36c46b71adad33c3a4','\'\'',NULL,220079),('3_Saturday','15','10:00','15:59','Y','ASV','','\'Deep Space Networking\'','\' \'','ASV_190b04c5a0f0bf36c46b71adad33c3a4','\'\'',NULL,220080),('3_Saturday','10','10:00','15:59','N','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_6cb875201fed6aea7c689dfc04519506','\'Title: Hack-A-Sat2 Satellite Platform
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Virtual + Paris Rivoli B)
\n
\nDescription:
\nCome and gets hands on with Hack-a-Sat 2 hardware and learn about the unique problems presented by cybersecurity in the space realm. The Air Force and Space Force will be presenting the HAS2 flatsat â€“ the primary platform hosting the hacking challenges for HAS2, comprised of a variety of software and processor architectures commonly used in space vehicles. Visitors can command various settings changes in the flatsat and see the resulting changes in the telemetry from the device as well as visual attitude changes in the NASA 42 simulation. Visitors will also be introduced to the HAS2 Digital Twin, an emulated version of all the flight software running on the flatsat, and will have a chance to capture and analyze an exploit being thrown against the flight software. Lastly, the Aerospace Corporation will demonstrate cyber defense onboard a satellite by using machine learning and signatures to detect anomalous command sequences and onboard cyber events.\n

\n\'',NULL,220081),('3_Saturday','11','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_6cb875201fed6aea7c689dfc04519506','\'\'',NULL,220082),('3_Saturday','12','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_6cb875201fed6aea7c689dfc04519506','\'\'',NULL,220083),('3_Saturday','13','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_6cb875201fed6aea7c689dfc04519506','\'\'',NULL,220084),('3_Saturday','14','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_6cb875201fed6aea7c689dfc04519506','\'\'',NULL,220085),('3_Saturday','15','10:00','15:59','Y','ASV','','\'Hack-A-Sat2 Satellite Platform\'','\' \'','ASV_6cb875201fed6aea7c689dfc04519506','\'\'',NULL,220086),('3_Saturday','10','10:00','15:59','N','ASV','','\'HACMS Live Demo\'','\' \'','ASV_24091b4817763c0d9222dd8bcff0aa05','\'Title: HACMS Live Demo
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\nAs part of DARPA-s High-Assurance Cyber Military Systems program, Collins Aerospace led a team of researchers using formal methods tools to construct aircraft software that was provably secure against many classes of cyber attack. We will have an operational (but non-flying) version of our secure quadcopter present whose mission and telemetry software runs on the formally verified seL4 kernel. We will provide wifi access to an isolated virtual machine running on its mission computer. DEF CON participants will be challenged to break out of the VM environment to read or write the encryption keys used for vehicle telemetry.
\n\'',NULL,220087),('3_Saturday','11','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_24091b4817763c0d9222dd8bcff0aa05','\'\'',NULL,220088),('3_Saturday','12','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_24091b4817763c0d9222dd8bcff0aa05','\'\'',NULL,220089),('3_Saturday','13','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_24091b4817763c0d9222dd8bcff0aa05','\'\'',NULL,220090),('3_Saturday','14','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_24091b4817763c0d9222dd8bcff0aa05','\'\'',NULL,220091),('3_Saturday','15','10:00','15:59','Y','ASV','','\'HACMS Live Demo\'','\' \'','ASV_24091b4817763c0d9222dd8bcff0aa05','\'\'',NULL,220092),('3_Saturday','12','12:00','15:59','N','ASV','','\'In Space, No One Can Hear You Hack\'','\' \'','ASV_d314c39b4a561bf3b465507375fda52e','\'Title: In Space, No One Can Hear You Hack
\nWhen: Saturday, Aug 7, 12:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\nIn Space, No One Can Hear You Hack: DEF CON participants will learn the basics of space hacking and space vehicle security. This is the perfect point of entry for those interested in space hacking.
\n\'',NULL,220093),('3_Saturday','13','12:00','15:59','Y','ASV','','\'In Space, No One Can Hear You Hack\'','\' \'','ASV_d314c39b4a561bf3b465507375fda52e','\'\'',NULL,220094),('3_Saturday','14','12:00','15:59','Y','ASV','','\'In Space, No One Can Hear You Hack\'','\' \'','ASV_d314c39b4a561bf3b465507375fda52e','\'\'',NULL,220095),('3_Saturday','15','12:00','15:59','Y','ASV','','\'In Space, No One Can Hear You Hack\'','\' \'','ASV_d314c39b4a561bf3b465507375fda52e','\'\'',NULL,220096),('3_Saturday','10','10:00','15:59','N','ASV','','\'Lego Spike Hub\'','\' \'','ASV_257498350a6ec30ec6c0a5f81b3e47ba','\'Title: Lego Spike Hub
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\nParticipants will be given the opportunity to program a Lego Spike Hub to perform a space mission of transporting and sorting valuable minerals. The workshop is intended to be an introductory workshop to give participants an appreciation for the operation of autonomous space vehicles and an understanding of finite state machines and hardware limitations. There will be 4 prebuilt Lego robots, 2 will be for tracing a line while the other 2 will be for color sorting. The scenario presented to the participant is that they are on a foreign planet and need to transport minerals along a predefined path to safely arrive at the sorting facility and as such will program in Scratch code code for the transport shuttle to execute. Participants will also have a chance to program in Scratch the code to execute on the color sorting robot, thus demonstrating the ability to correctly sort the minerals in appropriate colors.
\n\'',NULL,220097),('3_Saturday','11','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_257498350a6ec30ec6c0a5f81b3e47ba','\'\'',NULL,220098),('3_Saturday','12','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_257498350a6ec30ec6c0a5f81b3e47ba','\'\'',NULL,220099),('3_Saturday','13','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_257498350a6ec30ec6c0a5f81b3e47ba','\'\'',NULL,220100),('3_Saturday','14','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_257498350a6ec30ec6c0a5f81b3e47ba','\'\'',NULL,220101),('3_Saturday','15','10:00','15:59','Y','ASV','','\'Lego Spike Hub\'','\' \'','ASV_257498350a6ec30ec6c0a5f81b3e47ba','\'\'',NULL,220102),('3_Saturday','10','10:00','12:59','N','ASV','','\'Understanding Space in the Cyber Domain\'','\' \'','ASV_b1eee6ce65836b8755a3c09d88052636','\'Title: Understanding Space in the Cyber Domain
\nWhen: Saturday, Aug 7, 10:00 - 12:59 PDT
\nWhere: Aerospace Village (Virtual Workshop)
\n
\nDescription:
\nThis half-day course examines the practical issues of developing and sustaining a secure cyber environment through all phases of the space mission lifecycle. The course is organized around the SPAce Domain Cybersecurity (SpaDoCs) Framework. The SpaDoCs Framework provides a comprehensive and systematic model for understanding and tackling all critical issues of cybersecurity in the space domain. An examination of the Key objectivesâ€” confidentiality, integrity, availabilityâ€”provides the foundation for the course. From there, the space domain is examined layer by layer starting from the enterprise layer, then drilling down through mission, system and DevSecOps layers. Threats and vulnerabilities at each layer are highlighted. Finally, first principles of cybersecurity are discussed (domain separation, process isolation, etc.) as well as key enablers (vision, strategy, etc.) to help frame plans for action to address the cybersecurity issues exposed by this course. Course exercises center around practical application of the material to real-world space mission scenarios.
\n\'',NULL,220103),('3_Saturday','11','10:00','12:59','Y','ASV','','\'Understanding Space in the Cyber Domain\'','\' \'','ASV_b1eee6ce65836b8755a3c09d88052636','\'\'',NULL,220104),('3_Saturday','12','10:00','12:59','Y','ASV','','\'Understanding Space in the Cyber Domain\'','\' \'','ASV_b1eee6ce65836b8755a3c09d88052636','\'\'',NULL,220105),('3_Saturday','10','10:00','15:59','N','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_bc9ed722c1f892f5494a62c4711329d1','\'Title: ADSB Demo and Paper Airplanes
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\nInteractive ADS-B demonstration and paper airplane activity. Educational and fun
\n\'',NULL,220106),('3_Saturday','11','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_bc9ed722c1f892f5494a62c4711329d1','\'\'',NULL,220107),('3_Saturday','12','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_bc9ed722c1f892f5494a62c4711329d1','\'\'',NULL,220108),('3_Saturday','13','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_bc9ed722c1f892f5494a62c4711329d1','\'\'',NULL,220109),('3_Saturday','14','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_bc9ed722c1f892f5494a62c4711329d1','\'\'',NULL,220110),('3_Saturday','15','10:00','15:59','Y','ASV','','\'ADSB Demo and Paper Airplanes\'','\' \'','ASV_bc9ed722c1f892f5494a62c4711329d1','\'\'',NULL,220111),('3_Saturday','22','22:30','23:30','N','ASV','','\'The Hangar â€“ Cocktail Making Event\'','\' \'','ASV_4d177f8f87c6d5657ef2f75fc2a77967','\'Title: The Hangar â€“ Cocktail Making Event
\nWhen: Saturday, Aug 7, 22:30 - 23:30 PDT
\nWhere: Aerospace Village (Workshop - Paris Rivoli B)
\n
\nDescription:
\nThereâ€™s nothing like a nice cocktail after a long day of travel and/or hacking! Come join us Saturday afternoon for a cocktail building session. Weâ€™ll be making and tasting the most appropriate cocktail, the Aviation, which evokes beautiful clouds and sunsets. Itâ€™s sophisticated and full of gin (just like our UK friends). Weâ€™re working on a virtual version where we will publish a CBOM â€“ Cocktail Bill of Materials, so you know what to collect/purchase to build your own while we share one with you, no matter your location.
\n\'',NULL,220112),('3_Saturday','23','22:30','23:30','Y','ASV','','\'The Hangar â€“ Cocktail Making Event\'','\' \'','ASV_4d177f8f87c6d5657ef2f75fc2a77967','\'\'',NULL,220113),('2_Friday','10','10:00','10:15','N','BCV','','\'Welcome Note\'','\'\'','BCV_c6286449c51c18a44687e9dbab2cfbdd','\'Title: Welcome Note
\nWhen: Friday, Aug 6, 10:00 - 10:15 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,220114),('2_Friday','10','10:15','11:30','N','BCV','','\'Key Note\'','\'\'','BCV_1ebcd8a0cc221a82015ab0d48adcfdfc','\'Title: Key Note
\nWhen: Friday, Aug 6, 10:15 - 11:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,220115),('2_Friday','11','10:15','11:30','Y','BCV','','\'Key Note\'','\'\'','BCV_1ebcd8a0cc221a82015ab0d48adcfdfc','\'\'',NULL,220116),('1_Thursday','21','21:00','20:59','N','BCV','','\'Flash Loans Demystified\'','\'Anto Joseph\'','BCV_10ebd0b2fe453d728de516b8a1d872a6','\'Title: Flash Loans Demystified
\nWhen: Thursday, Aug 5, 21:00 - 20:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Anto Joseph\n, Blockchain Security Engineer Coinbase
\nAnto Joseph works as a Blockchain Security Engineer @Coinbase. He enjoys researching distributed systems,DeFi protocols,Android and ML systems.He is involved in developing and advocating security in blockchains & DeFi. Previously, he has worked at Tinder, Intel, Citrix and E&Y in multiple information security roles.He has been a presenter and trainer at various security conferences including BH USA, Defcon, BruCon, HackInParis, HITB Amsterdam, HackLu, Hacktivity, PHdays, X33fCon, NullCon, c0c0n and more. He is an active contributor to many open-source projects and some of his work is available at https://github.com/antojoseph
\n\n
\nDescription:
\nFlash Loans are the first unsecured loan option in DeFi! They have been used for arbitrage, flash liquidation, collateral swaps and infamously Flash loan attacks. We explore the concepts behind flash loans, how they are used today and root cause of these attacks with plenty of demos throughout the talk. We also discuss strategies to protect against pump and arbitrage and oracle manipulation attacks.\n

This talk is now available on YouTube: https://www.youtube.com/watch?v=qSoKGINt7vw\n

\n\'',NULL,220117),('1_Thursday','21','21:00','20:59','N','BCV','','\'Blockchain as a Threat Modeling Thinking Tool\'','\'Shinchul Park, Graduate Student\'','BCV_f65191c14029f7ba7dfa39368ab470b8','\'Title: Blockchain as a Threat Modeling Thinking Tool
\nWhen: Thursday, Aug 5, 21:00 - 20:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Shinchul Park, Graduate Student\n
\nShinchul Park is graduate student at the School of Cybersecurity, Korea University from 2021 and his research areas focus on security engineering, blockchain.
\n\n
\nDescription:
\nThreat modelling is a risk-based approach to designing secure systems. It is based on identifying threats in order to develop mitigations to them.Â Threat modeling is a â€œteam sport,â€ because it requires the knowledge and skill set of a diverse team where all inputs can be viewed as equal in value.Â As the enabler of mass collaboration, blockchain is the framework that pieces everything together at a larger scale. \n

In this talk, we propose the first platform that combines blockchain with threat modeling. To this end, we first present a system model that combines a blockchain-based collective intelligence system with threat modeling, and then explain the role of the model, the scheme of the tool, and the operation procedure.\n

This talk is now available on YouTube: https://www.youtube.com/watch?v=vBGhW9gnCtU\n

\n\'',NULL,220118),('2_Friday','16','16:00','16:30','N','BCV','','\'Surviving 51% Attacks on Blockchains\'','\'Yaz Khoury\'','BCV_f885e16f3c0e690aff80d95b1df44780','\'Title: Surviving 51% Attacks on Blockchains
\nWhen: Friday, Aug 6, 16:00 - 16:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Yaz Khoury\n, Developer Realtions Engineer at Celo
\nYaz Khoury is currently a developer relations engineer at Celo, mobile-first smart contract blockchain. Previously he was the Director of Developer Relations at Ethereum Classic. He has worked on many new toolings to help the blockchain ecosystem in infrastructure and security, including building Ethercluster, an open-source alternative to Infura with infra-as-code design specifications for cloud blockchain deployments. He has also built ForkWatch, a simple anomaly detection tool for NiceHash rentable-mining market to track if it\'s being used for 51% attacks. He has done lots of volunteer work in the blockchain space as a judge and mentor at hackathons like ETHDenver and ETHBerlin and Celo Camp, a speaker at Consensus and TABConf and EDCON. He also has done Ethereum webinars and education for Hyperledger Foundation and was the co-chair of the Testnet Working Group of the Enterprise Ethereum Alliance. His favorite industry topics are on-chain attacks and Miner-Extractable Value (MEV).
\n\n
\nDescription:
\nThe talk highlights the speakers experience managing four 51% attacks on the Ethereum Classic network and how the attacks were each different and unfolded. Yaz goes over each event and how it impacted the network, how to minimize such events, and he goes over ways to monitor and respond to such attacks using existing and new tools in the space.
\n
This content will be presented live and in-person.
\'',NULL,220119),('3_Saturday','12','12:00','12:59','N','BCV','','\'Ethereum Hacks & How to Stop Them\'','\'Michael Lewellen\'','BCV_61a6dd9d2d23dcb12eccddf0468eb656','\'Title: Ethereum Hacks & How to Stop Them
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Michael Lewellen\n, Project Manager - Security Services, OpenZeppelin
\nMichael works as the Technical Project Manager for the Security Research team managing audit projects. Michael has 9 years of experience as a software consultant and architect working on blockchain technologies. Outside of OpenZeppelin, Michael educates on blockchain technology as a lecturer at UT Dallas and a public policy advisor as part of the Texas Blockchain Council.
\n\n
\nDescription:
\nLearn about some of the recent smart contract security incidents and how to stop them using OpenZeppelin security tools like Defender.
\n
This content will be presented live and in-person.
\'',NULL,220120),('1_Thursday','21','21:00','20:59','N','BCV','','\'Subtle and Not So Subtle Ways to Lose Your Cryptocurrency\'','\'Josh McIntyre\'','BCV_c6003b08cb96e7c4db3a436a92a1f34c','\'Title: Subtle and Not So Subtle Ways to Lose Your Cryptocurrency
\nWhen: Thursday, Aug 5, 21:00 - 20:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Josh McIntyre\n, Software Engineer, Founder of Chaintuts
\nJosh McIntyre is a software engineer and tech educator with a passion for learning and teaching others. His project chaintuts hopes to educate people on the fascinating world of cryptocurrency and security with free and open-license content.
\n\n
\nDescription:
\nAs the cryptocurrency ecosystem grows, thieves and scammers are evolving their tactics to get their piece of someone else\'s crypto pie. This talk will examine common ways that users lose cryptocurrency, and how to prevent these types of attacks. We will cover attack vectors such as malware, social engineering, user error, and more.\n

This talk is now available on YouTube: https://www.youtube.com/watch?v=npvSnOiqh10\n

\n\'',NULL,220121),('1_Thursday','21','21:00','20:59','N','BCV','','\'Will Secure Element Really Help Strengthen the Security of Cryptocurrency Wallets?\'','\'Byeongcheol Yoo\'','BCV_f657ba46ec5aacc9e909562b2d31c089','\'Title: Will Secure Element Really Help Strengthen the Security of Cryptocurrency Wallets?
\nWhen: Thursday, Aug 5, 21:00 - 20:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Byeongcheol Yoo\n, Graduate Student
\nByeongcheol Yoo is a master\'s student at the School of Cybersecurity in Korea University and his research areas focus on security engineering, blockchain, and IoT security.\n

In addition to being a master\'s student, he has been working as a senior researcher at Keypair Inc. which is a Korean company that specializes in blockchain and IoT security. He is a lead developer of an NFC-enabled card-type cryptocurrency wallet called \'KeyWallet Touch\' in the company.\n

\n\n
\nDescription:
\nCryptocurrency wallets are used to store the public and private keys of your account, keep track of the balance, conduct transactions in sending and receiving the currencies, as well as other functions with the blockchain. Wallets are divided into two types: software (a.k.a. hot) wallets and hardware (a.k.a. cold) wallets. Software wallets are accounts on cryptocurrency exchanges or accounts based on online websites. Hardware wallets are accounts stored on an offline means.\n

In this talk, we deal with a comparative analysis of all categories of these wallets. For this, first, we present a systematic method to evaluate the risk of cryptocurrency wallets, and then we review two hardware wallets (\'Ledger Nano S\' and \'Trezor One\', both of which are the world\'s best-selling wallet) and four software wallets (\'Bread\', \'Trust Wallet\' for mobile, and \'Copay\', \'Electrum\' for PC).\n

This talk is now available on YouTube: https://www.youtube.com/watch?v=bim4q1G3_c0\n

\n\'',NULL,220122),('3_Saturday','10','10:00','10:15','N','BCV','','\'Welcome Note\'','\'Nathan,Ron Stoner\'','BCV_f641e968945aa17cc95db0158c65511f','\'Title: Welcome Note
\nWhen: Saturday, Aug 7, 10:00 - 10:15 PDT
\nWhere: Blockchain Village / Paris Vendome B
\nSpeakers:Nathan,Ron Stoner
\n
SpeakerBio:Nathan\n
\nNo BIO available
\n
SpeakerBio:Ron Stoner\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,220123),('3_Saturday','10','10:15','11:30','N','BCV','','\'Key Note â€“ The Three Amigos: Money Laundering, Cryptocurrencies, and Smart Contracts\'','\'Daniel Garrie,David Cass\'','BCV_cecf434598cc1b93909c69d2499bf91d','\'Title: Key Note â€“ The Three Amigos: Money Laundering, Cryptocurrencies, and Smart Contracts
\nWhen: Saturday, Aug 7, 10:15 - 11:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\nSpeakers:Daniel Garrie,David Cass
\n
SpeakerBio:Daniel Garrie\n, Esq. (Law & Forensics)
\nNo BIO available
\n
SpeakerBio:David Cass\n, Federal Reserve
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,220124),('3_Saturday','11','10:15','11:30','Y','BCV','','\'Key Note â€“ The Three Amigos: Money Laundering, Cryptocurrencies, and Smart Contracts\'','\'Daniel Garrie,David Cass\'','BCV_cecf434598cc1b93909c69d2499bf91d','\'\'',NULL,220125),('2_Friday','13','13:00','13:59','N','BCV','','\'Catching (and Fixing) an Unlimited Burn Vulnerability\'','\'Nadir Akhtar\'','BCV_b4086820962890b068b5a05f0a45f34b','\'Title: Catching (and Fixing) an Unlimited Burn Vulnerability
\nWhen: Friday, Aug 6, 13:00 - 13:59 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Nadir Akhtar\n, Blockchain Security Engineer, Coinbase
\nBlockchain security engineer @ Coinbase with deep expertise in digital asset security vulnerabilities https://blog.coinbase.com/securing-an-erc-20-token-for-launch-on-coinbase-68313652768f\nFormer President, Blockchain @ Berkeley\nedX Blockchain Fundamentals curriculum developer and lecturer\n

Nadir Akhtar is a Blockchain Security engineer at Coinbase, where he leads security reviews of assets under consideration for Coinbase listing. Previously at Quantstamp, he audited smart contracts and contributed to a book on smart contract security fundamentals. He graduated from UC Berkeley in 2019 with a degree in Computer Science. During his time in Blockchain at Berkeley, he was President and an instructor for the UC Berkeley-endorsed blockchain fundamentals edX course series, reaching over 225,000 enrolled students to date.\n

\n\n
\nDescription:
\nBitcoin, Ethereum, and more blockchains come with an infamous storage problem: taking up too much space on minersâ€™ hard drives. In response, protocols are implementing novel methods for reducing the size of the blockchain, often deleting accounts beneath a certain balance. DOT provides a case study of the financial consequences to exchanges of pruning account data.\n

In this talk, youâ€™ll learn about Polkadotâ€™s reaping mechanism and its implications for exchanges and other organizations managing DOT at scale. Weâ€™ll dive into the â€œExistential Deposit,â€ understanding its motivation for existing in the network as well as the implications of pruning account data below a certain threshold, namely replay attacks.\n

Weâ€™ll discover how replay attacks can be performed, as well as their consequences through a demonstration along with some protocol-level mitigations. Weâ€™ll discuss how naively reaping accounts can still expose exchanges to attacks, investigate potential but infeasible mitigations, then finally reveal the solution which Coinbase discovered for protection against replay attacks.\n

Finally, weâ€™ll examine some final edge cases which arose from the final solution, demonstrating that protecting against attacks may not be perfect but significantly improves our defenses.\n

\n
This content will be presented live and in-person.
\'',NULL,220126),('1_Thursday','21','21:00','20:59','N','BCV','','\'Towards Understanding the Unlimited Approval in Ethereum\'','\'Dabao Wang\'','BCV_baf53bce67a8e9ae5131b2b86a6c603d','\'Title: Towards Understanding the Unlimited Approval in Ethereum
\nWhen: Thursday, Aug 5, 21:00 - 20:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Dabao Wang\n, Research Assistant at Zhejiang University
\nDABAO WANG is currently a research assistant at Zhejiang University, Hangzhou, China. His current research interests include Blockchain and DeFi security. Wang received a bachelor degree with honours in computer science from Monash University. Contact him at dabao.wang@monash.edu
\n\n
\nDescription:
\nWith the prosperous development of the DeFi ecosystem, trading tokens in decentralized applications (DApps) has become more and more frequent. ERC20 tokens, as one of the most popular token types, vastly circulate in the crypto market and obtain great value. Ideally, to trade ERC20 tokens in DApps, users first invoke the method approve() to permit DApps or other users to transfer the expected amount of tokens based on the ERC20 standard. In reality, many DApps request unlimited approvals from users to improve user experience. Unfortunately, this design caused a considerable loss on both users or even DApps themself. For example, the design flaw of smart contracts might cause the permission leak of approved tokens (Bancor). Moreover, some malicious platforms even trick users into approving tokens so that they can easily steal usersâ€™ approved asserts (Unicat). In this paper, we carefully elaborate on the unlimited approval problem with five real-world incidents. We then conduct two types of measurements. As a result, 21 platforms require unlimited approval in their service. However, only 3 (out of 15) wallets and no (out of 27) platforms reveal sufficient information and provide the modification feature for users. Moreover, we discover that over half of the approval transactions belong to unlimited approval.\n

This talk is now available on YouTube: https://www.youtube.com/watch?v=ijgYfdOADVI\n

\n\'',NULL,220127),('3_Saturday','16','16:00','16:30','N','BCV','','\'The Wild West of DeFi Exploits\'','\'Anna Szeto\'','BCV_cb09fcd21cb7b5eef6026bd8936ec5ef','\'Title: The Wild West of DeFi Exploits
\nWhen: Saturday, Aug 7, 16:00 - 16:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Anna Szeto\n, Intern Blockchain Security Coinbase
\nAnna Szeto is a Software Engineering Intern on the Blockchain Security team at Coinbase. She is a rising third-year student at Columbia University, with a major in computer science and interests in blockchain, decentralized finance, and artificial intelligence.
\n\n
\nDescription:
\nDecentralized finance (DeFi) has become increasingly popular, and DeFi-related hacks and scams have become more frequent as the market expands. This talk reviews how and why these hacks and scams occur, both from a technical, code-oriented perspective and a psychological perspective. Recent examples of DeFi scams, as well as tips for avoiding them, are also covered. DeFi can seem like a lawless land, but investors can navigate safely if they know what to look out for.
\n
This content will be presented live and in-person.
\'',NULL,220128),('1_Thursday','17','17:00','16:59','N','BCV','','\'DeFi Must Change or Hacks Will Accelerate\'','\'Kadan Stadelmann\'','BCV_25f0fe57f6d0a8425b9cd4406c5fb9e3','\'Title: DeFi Must Change or Hacks Will Accelerate
\nWhen: Thursday, Aug 5, 17:00 - 16:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Kadan Stadelmann\n, CTO Komodo Platform
\nKadan Stadelmann is a blockchain developer, operations security expert and Komodo Platformâ€™s chief technology officer. His experience ranges from working in operations security in the government sector and launching technology startups to application development and cryptography. Kadan started his journey into blockchain technology in 2011 and joined the Komodo team in 2016.\n

Kadan has published numerous articles on Forbes, Cointelegraph, NASDAQ and Yahoo Finance.\n

\n\n
\nDescription:
\nDecentralized Finance (DeFi) is here to stay, with over $118 Billion in total locked value highlighting evidence of faith in these new financial tools. This investment will continue increasing, but appears that with each new record in total value locked, there is another network attack being reported with astronomical losses.\n

Crypto crime cost companies and investors more than $10.5 Billion in 2020. In February 2021 alone, $200 Million was stolen in DeFi within just a 5 day period.\n

It is clear that there are far too many loopholes and hacks in current blockchain security protocols. From rug pulls to phishing scams, the security and technology is not as mature as the numbers make it out to be in this space. But there are critical practices both developers and users can implement to close this gap.\n

\n\'',NULL,220129),('2_Friday','14','14:00','14:30','N','BCV','','\'Blockchain Security Tools\'','\'Mila Paul\'','BCV_f8297103b632bae66438ae5ff6d68711','\'Title: Blockchain Security Tools
\nWhen: Friday, Aug 6, 14:00 - 14:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Mila Paul\n, Blockchain Security Researcher
\nMila Paul is a researcher in cybersecurity and blockchain startup technology. Her background includes systems, network and storage in a secure and virtual infrastructure. She recently earned a Ph.D in Cyber Operations and enjoys teaching.
\n\n
\nDescription:
\nBlockchain was originally created by cypherpunks to integrate privacy and integrity in cash transactions. Since the inception of Bitcoin and its blockhain back-end, research and development in blockchain has revealed its strength in providing security through cryptology. This lecture inspires an exploration into finding blockchain based solution for common cybersecurity issues.
\n
This content will be presented live and in-person.
\'',NULL,220130),('4_Sunday','10','10:00','10:15','N','BCV','','\'Welcome Note\'','\'Nathan,Ron Stoner\'','BCV_98018d5152b357daeda9c06c8a4d5855','\'Title: Welcome Note
\nWhen: Sunday, Aug 8, 10:00 - 10:15 PDT
\nWhere: Blockchain Village / Paris Vendome B
\nSpeakers:Nathan,Ron Stoner
\n
SpeakerBio:Nathan\n
\nNo BIO available
\n
SpeakerBio:Ron Stoner\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,220131),('2_Friday','16','16:30','17:30','N','BCV','','\'Do You Really Own Your NFTs?\'','\'Francesco Piccoli,Steven Yang\'','BCV_11532c944447fa86f014afc27fa66d7f','\'Title: Do You Really Own Your NFTs?
\nWhen: Friday, Aug 6, 16:30 - 17:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\nSpeakers:Francesco Piccoli,Steven Yang
\n
SpeakerBio:Francesco Piccoli\n
\nNo BIO available
\n
SpeakerBio:Steven Yang\n, ANCHAIN
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,220132),('2_Friday','17','16:30','17:30','Y','BCV','','\'Do You Really Own Your NFTs?\'','\'Francesco Piccoli,Steven Yang\'','BCV_11532c944447fa86f014afc27fa66d7f','\'\'',NULL,220133),('3_Saturday','13','13:30','13:59','N','BCV','','\'Sla(sh*t)ing happens when you stake\'','\'Nadir Akhtar,Y L\'','BCV_b799bb2e7dcc0a7671672b456a43f59c','\'Title: Sla(sh*t)ing happens when you stake
\nWhen: Saturday, Aug 7, 13:30 - 13:59 PDT
\nWhere: Blockchain Village / Paris Vendome B
\nSpeakers:Nadir Akhtar,Y L
\n
SpeakerBio:Nadir Akhtar\n, Blockchain Security Engineer, Coinbase
\nBlockchain security engineer @ Coinbase with deep expertise in digital asset security vulnerabilities https://blog.coinbase.com/securing-an-erc-20-token-for-launch-on-coinbase-68313652768f\nFormer President, Blockchain @ Berkeley\nedX Blockchain Fundamentals curriculum developer and lecturer\n

\n
SpeakerBio:Y L\n, System Security Architect, Coinbase
\nSystem security Architect @ Coinbase. Leads team that designed, built, and operates Coinbaseâ€™s current cold storage system. https://www.wired.com/story/coinbase-physical-vault-to-secure-a-virtual-currency/
\n\n
\nDescription:
\nProof of Stake protocols come with their own programmed reward/penalty incentives that impact principal token balance staked as well as staking rewards earning potential. Our talk first reviews our threat model for staking operations and then presents threat countermeasure recommendations to minimize risk of staking losses. This knowledge can be used to help you assess the risk posture of staking service providers and can be used as a best practices guide if you want to build out your own staking infrastructure.
\n
This content will be presented live and in-person.
\'',NULL,220134),('1_Thursday','21','21:00','20:59','N','BCV','','\'Preventing Sandwich Attacks on DeFi Protocols using Recurrent and Recursive Zero Knowledge Proofs\'','\'Gokul Alex\'','BCV_ff33f9db43011c49b7f8e95d041f1848','\'Title: Preventing Sandwich Attacks on DeFi Protocols using Recurrent and Recursive Zero Knowledge Proofs
\nWhen: Thursday, Aug 5, 21:00 - 20:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Gokul Alex\n
\n\"Gokul Alex is an Engineer, Economist and Educator experimenting with emerging and exponential technologies. He loves the creative convergence of programming, philosophy, poetry, psychology, physics with passion and perspectives. He is one of the global 100 Blockchain Experts selected by LATTICE80 Network. He is a top 20 Global thought leader on AI, Analytics, Big Data, Blockchain, Cloud, Cybersecurity, Cryptography, Data Science, Design Thinking, Enterprise Architecture, Quantum Computing and EduTech, FinTech, GovTech, HealthTech as ranked by Thinkers360 Platform.\n

Smart Contract Auditor | QuillAudits
\n- Penetration Tester
\n- Blockchain Security Researcher
\n- Founder | CipherShastra
\n- Founder | RazzorSec
\n- Malware Analyst
\n- Adversarial ML Researcher\"\n

\n\n
\nDescription:
\nWe would like to present a session on the most recent attack vector in the DeFi space - Sandwich Attack. Essentially Sandwich attacks creates an imbroglio in the information space of a blockchain by concurrent execution of front running and back running attacks. We have come up with a solution for this problem by leveraging hash time locks implemented as verifiable delay functions coupled with recursive and recurrent combination of zkSNARKS and zkSTARKS. We will also use Polynomial Rings to obfuscate the accounts, transactions and receipts with addition of Identity Mixers.\n

This talk is now available on YouTube: https://www.youtube.com/watch?v=nEkEsZ0zjkY\n

\n\'',NULL,220135),('3_Saturday','15','15:00','15:59','N','BCV','','\'Evils in the DeFi world\'','\'Minzhi He,Peiyu Wang\'','BCV_5d4130be6ec8b71c1c029e11ec7ba666','\'Title: Evils in the DeFi world
\nWhen: Saturday, Aug 7, 15:00 - 15:59 PDT
\nWhere: Blockchain Village / Paris Vendome B
\nSpeakers:Minzhi He,Peiyu Wang
\n
SpeakerBio:Minzhi He\n
\nNo BIO available
\n
SpeakerBio:Peiyu Wang\n, Sr. Security Engineer CertIK
\nPeiyu Wang is a Senior Security Engineer at CertiK with years of professional experience in security assessments and blockchain technology, specializing in application penetration testing and smart contract audit. Prior to joining the CertiK, Peiyu was a security consultant at Harbor Labs and NCC group, where he focused on medical device security, software development and security assessments. Peiyu holds a Master\'s degree in information security from Johns Hopkins University, as well as professional industry certifications, which include Offensive Security Certified Professional(OSCP) and Offensive Security Web Expert (OSWE)
\n\n
\nDescription:
\nThe growth of DeFi for the past year is astonishing, the TVL, users count and different types of projects prove the concept of DeFi can work. The space has good DeFi projects that bring users and investors. It also has projects that are complete scams; they come up with different ways to scam people and run away with user\'s money. Scammers have stolen millions of dollars worth of tokens from users for the past years. \n

How can regular users identify bad projects? What can a security company do to help DeFi users and investors? We can\'t stop scammers from deploying contracts on the blockchain and setting up fake websites, but we can warn users to stay away from them. CertiK set up a submission form on our website for community members to report risky projects, and we will investigate them. If we find the project is risky, we will publish an alert on our website and Twitter account.\n

We reviewed more than 50 submissions from community members and identified around 15 risky projects in the past. At the Defcon blockchain village, we want to share our work for the past couple of months. In this talk, we will do a case study to demonstrate different types of scams; we will also talk about how scammers earn trust from users and how we investigate user submitted projects.\n

\n
This content will be presented live and in-person.
\'',NULL,220136),('2_Friday','10','10:00','10:30','N','HHV','','\'Hardware Hacking 101: Rogue Keyboards and Eavesdropping Cables\'','\'Federico Lucifredi\'','HHV_ae5dba8a7e0707410b7a058e68db169c','\'Title: Hardware Hacking 101: Rogue Keyboards and Eavesdropping Cables
\nWhen: Friday, Aug 6, 10:00 - 10:30 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Federico Lucifredi\n
\nFederico Lucifredi is the Product Management Director for Ceph Storage at Red Hat and a co-author of Oâ€™Reillyâ€™s â€œâ€œPeccary Bookâ€â€ on AWS System Administration. Previously, he was the Ubuntu Server product manager at Canonical, where he oversaw a broad portfolio and the rise of Ubuntu Server to the rank of most popular OS on Amazon AWS. A software engineer-turned-manager at the Novell corporation, he was part of the SUSE Linux team, overseeing the update lifecycle and delivery stack of a $150 million maintenance business. A CIO and a network software architect at advanced technology and embedded Linux startups, Federico was also a lecturer for over 200 students in Boston Universityâ€™s graduate and undergraduate programs, and simultaneously a consultant for MIT implementing fluid-dynamics simulations in Java.
\nTwitter: @0xF2
\nf2.svbtle.com
\n\n
\nDescription:
\nThis is a live tutorial of hacking with keystroke injection attacks. We take advantage of the inherent trust that computers place on what is believed to be a regular keyboard to unleash pre-programmed keystroke payloads at well over 1000 words a minute. We access the host system and bypass traditional security countermeasures for payloads that can include reverse shells, binary injection, brute force password attacks, and just about any attack that can be fully automated.\n

We misuse the trust the operating system places on USB human-interaction devices to demonstrate once again the old adage that if you can physically access a computing device, there is no real security to be had. I will review hardware, its capabilities, how to breach OS security, and how attackers can enable it to perform a variety of tasks with its own tools. I will then show how to build and install additional software and customize the device with binary or scripted payloads.\n

We take the discussion to the next level by removing the need for a device and exploring attacks that can be delivered directly by a plain USB cable. We dissect easily-sourced, low-cost hardware implants embedded in standard, innocent-looking USB cables providing an attacker with further capabilities, including among them the ability to track its own geolocation.\n

#hhv-talk-qa-hw-hacking-101-text https://discord.com/channels/708208267699945503/709255105479704636\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220137),('2_Friday','11','11:00','11:59','N','HHV','','\'Use a PortaProg to flash, dump, and test ISP and UPDI chips\'','\'BradÃ¡n Lane,Sara Cladlow\'','HHV_edb42c06e814b20f43e831bbcdd97a95','\'Title: Use a PortaProg to flash, dump, and test ISP and UPDI chips
\nWhen: Friday, Aug 6, 11:00 - 11:59 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\nSpeakers:BradÃ¡n Lane,Sara Cladlow
\n
SpeakerBio:BradÃ¡n Lane\n
\nBradán Lane is a UX Design and User Researcher who had his own â€œâ€œAliceâ€™s Adventures in Wonderlandâ€â€ experience when he discovered badge making. While he has made a number of fun blinky beepy ornaments and badges, his found his passion with the 2020 eChallengeCoin - an interactive and text story challenge puzzle. To help with his development, he created the PortableISP. The 2021 eChallengeCoin required a new chip which precipitated the creation of the PortaProg which serves as both his development tool an his production and test device.\n

Website: https://aosc.cc
\nhttps://gitlab.com/bradanlane
\nhttps://aosc.cc/blinks\n

\nTwitter: @bradanlane
\n
SpeakerBio:Sara Cladlow\n
\nNo BIO available
\n\n
\nDescription:
\nWhat is a PortaProg and why would I use it? You can use the PortaProg for flashing firmware to a wide range of Atmel chips using the ISP or UPDI interfaces. It can also read/write FUSES, and access EEPROM. It can flash a chip interactively during development or from its on-board SPIFFS storage at the bench or in the field. The talk will demonstrate it being used for rapid programming of ATTiny badges, performing an update to an ATMega device in the field, and dumping the firmware from an Ardiuno based device without a computer. You will also see how the PortProg has spawned a 3D printed plug-and-play test jig design â€¦. or just attend to see if the demos crash and burn.\n

#hhv-talk-qa-use-a-portaprog-text https://discord.com/channels/708208267699945503/739571364821729310\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220138),('2_Friday','12','12:00','12:30','N','HHV','','\'The Black Box and the Brain Box: When Electronics and Deception Collide\'','\'Gigs\'','HHV_4231332f319a9e52dd0f3e7e7c6934c1','\'Title: The Black Box and the Brain Box: When Electronics and Deception Collide
\nWhen: Friday, Aug 6, 12:00 - 12:30 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Gigs\n
\nGigs is the founder of ##electronics on Freenode (may it rest in peace), and a long time electronics enthusiast and DEF CON HHV volunteer. He, working with see_ess, did the PCB and hardware design for this yearâ€™s TorBadge, a mini-polygraph device.
\nTwitter: @gigstaggart
\ngigsatdc.org
\n\n
\nDescription:
\nElectricity has, from the earliest history of man, been seen as an almost mystical force. From Thorâ€™s lightning onward, various individuals and groups have used electricity and electrical devices to baffle, mystify, mislead, and control people. In the modern day, this practice continues in the form of polygraph, questionable uses of fMRI and EEG, and other high-tech props intended to dazzle the victim or lend a technological veneer of credibility to the user. This talk will focus on the history and current applications of deception by and with electrical and electronic devices.\n

#hhv-talk-qa-blackbox-brainbox-text https://discord.com/channels/708208267699945503/709254868329693214\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220139),('2_Friday','12','12:30','13:30','N','HHV','','\'Walkthrough of DC 28 HHV Challenges\'','\'rehr\'','HHV_b40af50cd32eb4e8fa884909eeb34ec3','\'Title: Walkthrough of DC 28 HHV Challenges
\nWhen: Friday, Aug 6, 12:30 - 13:30 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:rehr\n
\nRehr is an electrical engineering, and long-time Hardware Hacking Village volunteer. He enjoys teaching and creating challenges that help grow and challenge the hardware hacking community.
\nTwitter: @mediumrehr
\n\n
\nDescription:
\nLast year we (the HHV) released a series of hardware hacking challenges for DEF CON attendees to solve during the conference (and after). Many attempted the challenges, but only a few (3) solved all 5! Join us as we will walk through how to solve all 5 of the DC 28 HHV challenges, and attempt to demystify the world of hardware hacking. We may even drop a hint or two for this yearsâ€™ challenges.\n

#hhv-challenge-text https://discord.com/channels/708208267699945503/739567199647301702\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220140),('2_Friday','13','12:30','13:30','Y','HHV','','\'Walkthrough of DC 28 HHV Challenges\'','\'rehr\'','HHV_b40af50cd32eb4e8fa884909eeb34ec3','\'\'',NULL,220141),('2_Friday','13','13:30','14:30','N','HHV','','\'A Lazy r2 Solve of @mediumrehr Challenge 6\'','\'Ben Gardiner\'','HHV_14270c56cbbb381a07e738e6ca8e60be','\'Title: A Lazy r2 Solve of @mediumrehr Challenge 6
\nWhen: Friday, Aug 6, 13:30 - 14:30 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Ben Gardiner\n
\nMr. Gardiner is an independent consultant at Yellow Flag Security, Inc. presently working to secure heavy vehicles at the NMFTA. With more than ten years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. Prior YFS Inc. and joining the NMFTA team in 2019, Mr. Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He holds a M.Sc. Eng. in Applied Math & Stats from Queenâ€™s University. He is a DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV) volunteer.
\nTwitter: @BenLGardiner
\n\n
\nDescription:
\nJoin Ben for an informal letâ€™s play of @mediumrehrâ€™s Hardware Hacking Village challenge 6. Some topics we will cover include: radare2 , AVR assembly, 7 segment displays, and sigrok. It should be fun and relaxed with plenty of time to stop and re-do some steps if something needs more deliberation. See you there.\n

#hhv-challenge-text https://discord.com/channels/708208267699945503/739567199647301702\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220142),('2_Friday','14','13:30','14:30','Y','HHV','','\'A Lazy r2 Solve of @mediumrehr Challenge 6\'','\'Ben Gardiner\'','HHV_14270c56cbbb381a07e738e6ca8e60be','\'\'',NULL,220143),('3_Saturday','08','08:30','08:59','N','HHV','','\'Hardware Hacking 101: Rogue Keyboards and Eavesdropping Cables\'','\'Federico Lucifredi\'','HHV_8822441d0947b9b65f88b396c86a7dee','\'Title: Hardware Hacking 101: Rogue Keyboards and Eavesdropping Cables
\nWhen: Saturday, Aug 7, 08:30 - 08:59 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Federico Lucifredi\n
\nFederico Lucifredi is the Product Management Director for Ceph Storage at Red Hat and a co-author of Oâ€™Reillyâ€™s â€œâ€œPeccary Bookâ€â€ on AWS System Administration. Previously, he was the Ubuntu Server product manager at Canonical, where he oversaw a broad portfolio and the rise of Ubuntu Server to the rank of most popular OS on Amazon AWS. A software engineer-turned-manager at the Novell corporation, he was part of the SUSE Linux team, overseeing the update lifecycle and delivery stack of a $150 million maintenance business. A CIO and a network software architect at advanced technology and embedded Linux startups, Federico was also a lecturer for over 200 students in Boston Universityâ€™s graduate and undergraduate programs, and simultaneously a consultant for MIT implementing fluid-dynamics simulations in Java.
\nTwitter: @0xF2
\nf2.svbtle.com
\n\n
\nDescription:
\nThis is a live tutorial of hacking with keystroke injection attacks. We take advantage of the inherent trust that computers place on what is believed to be a regular keyboard to unleash pre-programmed keystroke payloads at well over 1000 words a minute. We access the host system and bypass traditional security countermeasures for payloads that can include reverse shells, binary injection, brute force password attacks, and just about any attack that can be fully automated.\n

#hhv-talk-qa-hw-hacking-101-text https://discord.com/channels/708208267699945503/709255105479704636\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220144),('3_Saturday','09','09:30','10:30','N','HHV','','\'Use a PortaProg to flash, dump, and test ISP and UPDI chips\'','\'BradÃ¡n Lane,Sara Cladlow\'','HHV_2af62f0b3bece04fe5f73b8e1dbb34e2','\'Title: Use a PortaProg to flash, dump, and test ISP and UPDI chips
\nWhen: Saturday, Aug 7, 09:30 - 10:30 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\nSpeakers:BradÃ¡n Lane,Sara Cladlow
\n
SpeakerBio:BradÃ¡n Lane\n
\nBradán Lane is a UX Design and User Researcher who had his own â€œâ€œAliceâ€™s Adventures in Wonderlandâ€â€ experience when he discovered badge making. While he has made a number of fun blinky beepy ornaments and badges, his found his passion with the 2020 eChallengeCoin - an interactive and text story challenge puzzle. To help with his development, he created the PortableISP. The 2021 eChallengeCoin required a new chip which precipitated the creation of the PortaProg which serves as both his development tool an his production and test device.\n

Website: https://aosc.cc
\nhttps://gitlab.com/bradanlane
\nhttps://aosc.cc/blinks\n

#hhv-talk-qa-use-a-portaprog-text https://discord.com/channels/708208267699945503/739571364821729310\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220145),('3_Saturday','10','09:30','10:30','Y','HHV','','\'Use a PortaProg to flash, dump, and test ISP and UPDI chips\'','\'BradÃ¡n Lane,Sara Cladlow\'','HHV_2af62f0b3bece04fe5f73b8e1dbb34e2','\'\'',NULL,220146),('3_Saturday','10','10:30','10:59','N','HHV','','\'The Black Box and the Brain Box: When Electronics and Deception Collide\'','\'Gigs\'','HHV_b089197d3fe87a3928c28f05ec29c4f6','\'Title: The Black Box and the Brain Box: When Electronics and Deception Collide
\nWhen: Saturday, Aug 7, 10:30 - 10:59 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Gigs\n
\nGigs is the founder of ##electronics on Freenode (may it rest in peace), and a long time electronics enthusiast and DEF CON HHV volunteer. He, working with see_ess, did the PCB and hardware design for this yearâ€™s TorBadge, a mini-polygraph device.
\nTwitter: @gigstaggart
\ngigsatdc.org
\n\n
\nDescription:
\nElectricity has, from the earliest history of man, been seen as an almost mystical force. From Thorâ€™s lightning onward, various individuals and groups have used electricity and electrical devices to baffle, mystify, mislead, and control people. In the modern day, this practice continues in the form of polygraph, questionable uses of fMRI and EEG, and other high-tech props intended to dazzle the victim or lend a technological veneer of credibility to the user. This talk will focus on the history and current applications of deception by and with electrical and electronic devices.\n

#hhv-talk-qa-blackbox-brainbox-text https://discord.com/channels/708208267699945503/709254868329693214\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220147),('3_Saturday','11','11:00','11:59','N','HHV','','\'Walkthrough of DC 28 HHV Challenges\'','\'rehr\'','HHV_73f3aeb65c2410127538f6edb711419d','\'Title: Walkthrough of DC 28 HHV Challenges
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:rehr\n
\nRehr is an electrical engineering, and long-time Hardware Hacking Village volunteer. He enjoys teaching and creating challenges that help grow and challenge the hardware hacking community.
\nTwitter: @mediumrehr
\n\n
\nDescription:
\nLast year we (the HHV) released a series of hardware hacking challenges for DEF CON attendees to solve during the conference (and after). Many attempted the challenges, but only a few (3) solved all 5! Join us as we will walk through how to solve all 5 of the DC 28 HHV challenges, and attempt to demystify the world of hardware hacking. We may even drop a hint or two for this yearsâ€™ challenges.\n

#hhv-challenge-text https://discord.com/channels/708208267699945503/739567199647301702\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220148),('3_Saturday','12','12:00','12:59','N','HHV','','\'A Lazy r2 Solve of @mediumrehr Challenge 6\'','\'Ben Gardiner\'','HHV_1d426ff6510842d2fc568546f064609a','\'Title: A Lazy r2 Solve of @mediumrehr Challenge 6
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Ben Gardiner\n
\nMr. Gardiner is an independent consultant at Yellow Flag Security, Inc. presently working to secure heavy vehicles at the NMFTA. With more than ten years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. Prior YFS Inc. and joining the NMFTA team in 2019, Mr. Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He holds a M.Sc. Eng. in Applied Math & Stats from Queenâ€™s University. He is a DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV) volunteer.
\nTwitter: @BenLGardiner
\n\n
\nDescription:
\nJoin Ben for an informal letâ€™s play of @mediumrehrâ€™s Hardware Hacking Village challenge 6. Some topics we will cover include: radare2 , AVR assembly, 7 segment displays, and sigrok. It should be fun and relaxed with plenty of time to stop and re-do some steps if something needs more deliberation. See you there.\n

#hhv-challenge-text https://discord.com/channels/708208267699945503/739567199647301702\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220149),('4_Sunday','09','09:00','09:59','N','HHV','','\'Walkthrough of DC 28 HHV Challenges\'','\'rehr\'','HHV_b3ce748024a64b064380a223e497d8aa','\'Title: Walkthrough of DC 28 HHV Challenges
\nWhen: Sunday, Aug 8, 09:00 - 09:59 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:rehr\n
\nRehr is an electrical engineering, and long-time Hardware Hacking Village volunteer. He enjoys teaching and creating challenges that help grow and challenge the hardware hacking community.
\nTwitter: @mediumrehr
\n\n
\nDescription:
\nLast year we (the HHV) released a series of hardware hacking challenges for DEF CON attendees to solve during the conference (and after). Many attempted the challenges, but only a few (3) solved all 5! Join us as we will walk through how to solve all 5 of the DC 28 HHV challenges, and attempt to demystify the world of hardware hacking. We may even drop a hint or two for this yearsâ€™ challenges.\n

#hhv-challenge-text https://discord.com/channels/708208267699945503/739567199647301702\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220150),('4_Sunday','10','10:00','10:59','N','HHV','','\'A Lazy r2 Solve of @mediumrehr Challenge 6\'','\'Ben Gardiner\'','HHV_6bb8e5960e3415abeba6a0e632379bfe','\'Title: A Lazy r2 Solve of @mediumrehr Challenge 6
\nWhen: Sunday, Aug 8, 10:00 - 10:59 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Ben Gardiner\n
\nMr. Gardiner is an independent consultant at Yellow Flag Security, Inc. presently working to secure heavy vehicles at the NMFTA. With more than ten years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. Prior YFS Inc. and joining the NMFTA team in 2019, Mr. Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He holds a M.Sc. Eng. in Applied Math & Stats from Queenâ€™s University. He is a DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV) volunteer.
\nTwitter: @BenLGardiner
\n\n
\nDescription:
\nJoin Ben for an informal letâ€™s play of @mediumrehrâ€™s Hardware Hacking Village challenge 6. Some topics we will cover include: radare2 , AVR assembly, 7 segment displays, and sigrok. It should be fun and relaxed with plenty of time to stop and re-do some steps if something needs more deliberation. See you there.\n

#hhv-challenge-text https://discord.com/channels/708208267699945503/739567199647301702\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220151),('4_Sunday','11','11:30','12:30','N','HHV','','\'Use a PortaProg to flash, dump, and test ISP and UPDI chips\'','\'BradÃ¡n Lane,Sara Cladlow\'','HHV_c5b8ffacfb00769c9e2f39a00e583ce8','\'Title: Use a PortaProg to flash, dump, and test ISP and UPDI chips
\nWhen: Sunday, Aug 8, 11:30 - 12:30 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\nSpeakers:BradÃ¡n Lane,Sara Cladlow
\n
SpeakerBio:BradÃ¡n Lane\n
\nBradán Lane is a UX Design and User Researcher who had his own â€œâ€œAliceâ€™s Adventures in Wonderlandâ€â€ experience when he discovered badge making. While he has made a number of fun blinky beepy ornaments and badges, his found his passion with the 2020 eChallengeCoin - an interactive and text story challenge puzzle. To help with his development, he created the PortableISP. The 2021 eChallengeCoin required a new chip which precipitated the creation of the PortaProg which serves as both his development tool an his production and test device.\n

Website: https://aosc.cc
\nhttps://gitlab.com/bradanlane
\nhttps://aosc.cc/blinks\n

#hhv-talk-qa-use-a-portaprog-text https://discord.com/channels/708208267699945503/739571364821729310\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220152),('4_Sunday','12','11:30','12:30','Y','HHV','','\'Use a PortaProg to flash, dump, and test ISP and UPDI chips\'','\'BradÃ¡n Lane,Sara Cladlow\'','HHV_c5b8ffacfb00769c9e2f39a00e583ce8','\'\'',NULL,220153),('4_Sunday','14','14:00','14:30','N','HHV','','\'Hardware Hacking 101: Rogue Keyboards and Eavesdropping Cables\'','\'Federico Lucifredi\'','HHV_03638a717c96aa72a4355f970b0f6c6a','\'Title: Hardware Hacking 101: Rogue Keyboards and Eavesdropping Cables
\nWhen: Sunday, Aug 8, 14:00 - 14:30 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Federico Lucifredi\n
\nFederico Lucifredi is the Product Management Director for Ceph Storage at Red Hat and a co-author of Oâ€™Reillyâ€™s â€œâ€œPeccary Bookâ€â€ on AWS System Administration. Previously, he was the Ubuntu Server product manager at Canonical, where he oversaw a broad portfolio and the rise of Ubuntu Server to the rank of most popular OS on Amazon AWS. A software engineer-turned-manager at the Novell corporation, he was part of the SUSE Linux team, overseeing the update lifecycle and delivery stack of a $150 million maintenance business. A CIO and a network software architect at advanced technology and embedded Linux startups, Federico was also a lecturer for over 200 students in Boston Universityâ€™s graduate and undergraduate programs, and simultaneously a consultant for MIT implementing fluid-dynamics simulations in Java.
\nTwitter: @0xF2
\nf2.svbtle.com
\n\n
\nDescription:
\nThis is a live tutorial of hacking with keystroke injection attacks. We take advantage of the inherent trust that computers place on what is believed to be a regular keyboard to unleash pre-programmed keystroke payloads at well over 1000 words a minute. We access the host system and bypass traditional security countermeasures for payloads that can include reverse shells, binary injection, brute force password attacks, and just about any attack that can be fully automated.\n

#hhv-talk-qa-hw-hacking-101-text https://discord.com/channels/708208267699945503/709255105479704636\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220154),('4_Sunday','15','15:00','15:30','N','HHV','','\'The Black Box and the Brain Box: When Electronics and Deception Collide\'','\'Gigs\'','HHV_dca83261ff9731020354dffdb703c74d','\'Title: The Black Box and the Brain Box: When Electronics and Deception Collide
\nWhen: Sunday, Aug 8, 15:00 - 15:30 PDT
\nWhere: Hardware Hacking Village (Virtual Talk)
\n
SpeakerBio:Gigs\n
\nGigs is the founder of ##electronics on Freenode (may it rest in peace), and a long time electronics enthusiast and DEF CON HHV volunteer. He, working with see_ess, did the PCB and hardware design for this yearâ€™s TorBadge, a mini-polygraph device.
\nTwitter: @gigstaggart
\ngigsatdc.org
\n\n
\nDescription:
\nElectricity has, from the earliest history of man, been seen as an almost mystical force. From Thorâ€™s lightning onward, various individuals and groups have used electricity and electrical devices to baffle, mystify, mislead, and control people. In the modern day, this practice continues in the form of polygraph, questionable uses of fMRI and EEG, and other high-tech props intended to dazzle the victim or lend a technological veneer of credibility to the user. This talk will focus on the history and current applications of deception by and with electrical and electronic devices.\n

#hhv-talk-qa-blackbox-brainbox-text https://discord.com/channels/708208267699945503/709254868329693214\n

Twitch: https://twitch.tv/dchhv\n

\n
Hardware Hacking Village talks will be streamed to Twitch.\n

\'',NULL,220155),('2_Friday','09','09:30','09:59','N','HHV','','\'Meetup: Some HHV challenges\'','\'rehr\'','HHV_6aa9b3ba479565eaa881dc51e7139c63','\'Title: Meetup: Some HHV challenges
\nWhen: Friday, Aug 6, 09:30 - 09:59 PDT
\nWhere: Hardware Hacking Village (Virtual Meetup)
\n
SpeakerBio:rehr\n
\nRehr is an electrical engineering, and long-time Hardware Hacking Village volunteer. He enjoys teaching and creating challenges that help grow and challenge the hardware hacking community.
\nTwitter: @mediumrehr
\n\n
\nDescription:
\nHHV members have created a few challenges for this yearâ€™s DEF CON. Come learn and chat about those challenges, or bring new challenges to share with the community. This time will start with an introduction to this yearâ€™s HHV challenges, but the remaining time will be open to community questions and conversations\n

#hhv-challenge: https://discord.com/channels/708208267699945503/739567199647301702\n

#hhv-meetups-A-voice: https://discord.com/channels/708208267699945503/739571117756383333\n

\n\'',NULL,220156),('2_Friday','14','14:30','14:59','N','HHV','','\'Meetup: PCB Proto and Rework\'','\'K\'','HHV_e5c0a6767d0bc98237c46d2345ba80cb','\'Title: Meetup: PCB Proto and Rework
\nWhen: Friday, Aug 6, 14:30 - 14:59 PDT
\nWhere: Hardware Hacking Village (Virtual Meetup)
\n
SpeakerBio:K\n
\nNo BIO available
\n\n
\nDescription:
\nA place to meet people with the same interests or challenges and discuss. The meetup is a nexus for finding and starting the conversation. Bring your expertise and your questions.\n

#hhv-meetups-A: https://discord.com/channels/708208267699945503/739567085004521533\n

#hhv-meetups-A-voice: https://discord.com/channels/708208267699945503/739571117756383333\n

\n\'',NULL,220157),('2_Friday','15','15:00','15:30','N','HHV','','\'Robo Sumo On site\'','\'ShortTie\'','HHV_d9eab0ca6d297f3b90a52d90fc1049fd','\'Title: Robo Sumo On site
\nWhen: Friday, Aug 6, 15:00 - 15:30 PDT
\nWhere: Hardware Hacking Village (Onsite - Bally\'s Bronze 4)
\n
SpeakerBio:ShortTie\n
\nNo BIO available
\n\n
\nDescription:
\nCome out for Robo Sumo meetup at the HHV IRL
\n\'',NULL,220158),('2_Friday','15','15:30','15:59','N','HHV','','\'Meetup: Legacy Hardware\'','\'K\'','HHV_213a560767ae17b9b121a2db245d2b4a','\'Title: Meetup: Legacy Hardware
\nWhen: Friday, Aug 6, 15:30 - 15:59 PDT
\nWhere: Hardware Hacking Village (Virtual Meetup)
\n
SpeakerBio:K\n
\nNo BIO available
\n\n
\nDescription:
\nA place to meet people with the same interests or challenges and discuss. The meetup is a nexus for finding and starting the conversation. Bring your expertise and your questions.\n

#hhv-meetups-A: https://discord.com/channels/708208267699945503/739567085004521533\n

#hhv-meetups-A-voice: https://discord.com/channels/708208267699945503/739571117756383333\n

\n\'',NULL,220159),('2_Friday','17','17:30','17:59','N','HHV','','\'Meetup: Some HHV challenges\'','\'rehr\'','HHV_40589e4a0df1f7b7beefe4b898086ad9','\'Title: Meetup: Some HHV challenges
\nWhen: Friday, Aug 6, 17:30 - 17:59 PDT
\nWhere: Hardware Hacking Village (Virtual Meetup)
\n
SpeakerBio:rehr\n
\nRehr is an electrical engineering, and long-time Hardware Hacking Village volunteer. He enjoys teaching and creating challenges that help grow and challenge the hardware hacking community.
\nTwitter: @mediumrehr
\n\n
\nDescription:
\nHHV members have created a few challenges for this yearâ€™s DEF CON. Come learn and chat about those challenges, or bring new challenges to share with the community. This time will start with an introduction to this yearâ€™s HHV challenges, but the remaining time will be open to community questions and conversations\n

#hhv-challenge: https://discord.com/channels/708208267699945503/739567199647301702\n

#hhv-meetups-A-voice: https://discord.com/channels/708208267699945503/739571117756383333\n

\n\'',NULL,220160),('3_Saturday','13','13:00','13:30','N','HHV','','\'Meetup: Some HHV challenges\'','\'rehr\'','HHV_1a9eddb8d63b64e732146f5f87c41334','\'Title: Meetup: Some HHV challenges
\nWhen: Saturday, Aug 7, 13:00 - 13:30 PDT
\nWhere: Hardware Hacking Village (Virtual Meetup)
\n
SpeakerBio:rehr\n
\nRehr is an electrical engineering, and long-time Hardware Hacking Village volunteer. He enjoys teaching and creating challenges that help grow and challenge the hardware hacking community.
\nTwitter: @mediumrehr
\n\n
\nDescription:
\nHHV members have created a few challenges for this yearâ€™s DEF CON. Come learn and chat about those challenges, or bring new challenges to share with the community. This time will start with an introduction to this yearâ€™s HHV challenges, but the remaining time will be open to community questions and conversations\n

#hhv-challenge: https://discord.com/channels/708208267699945503/739567199647301702\n

#hhv-meetups-A-voice: https://discord.com/channels/708208267699945503/739571117756383333\n

\n\'',NULL,220161),('3_Saturday','14','14:00','14:30','N','HHV','','\'Meetup: Sourcing Parts & The Global Parts Shortage\'','\'bombnav\'','HHV_78b5de9880b558c3c90ec41583640bc8','\'Title: Meetup: Sourcing Parts & The Global Parts Shortage
\nWhen: Saturday, Aug 7, 14:00 - 14:30 PDT
\nWhere: Hardware Hacking Village (Virtual Meetup)
\n
SpeakerBio:bombnav\n
\nNo BIO available
\n\n
\nDescription:
\nSourcing parts in the COVID involves new challenges due to supply chain issues. Counterfeiting continues to be an problem with out of production parts. This meetup is designed to share ideas and sources for acquiring parts for electronic hobbyists.\n

#hhv-meetups-A: https://discord.com/channels/708208267699945503/739567085004521533\n

#hhv-meetups-A-voice: https://discord.com/channels/708208267699945503/739571117756383333\n

\n\'',NULL,220162),('3_Saturday','15','15:00','15:30','N','HHV','','\'Meetup: OSS ASIC\'','\'Josh Marks\'','HHV_01adad0a892e8937ad907d78691e2fbc','\'Title: Meetup: OSS ASIC
\nWhen: Saturday, Aug 7, 15:00 - 15:30 PDT
\nWhere: Hardware Hacking Village (Virtual Meetup)
\n
SpeakerBio:Josh Marks\n
\nNo BIO available
\n\n
\nDescription:
\nCome geek out about ASICs! No ASIC knowledge? No problem â€” casual conversation about transistor structures, and basic circuit architectures included.\n

#hhv-meetups-A: https://discord.com/channels/708208267699945503/739567085004521533\n

#hhv-meetups-A-voice: https://discord.com/channels/708208267699945503/739571117756383333\n

\n\'',NULL,220163),('3_Saturday','16','16:00','16:30','N','HHV','','\'Meetup: Certification Processes (UL, FCC, etc.)\'','\'ShortTie\'','HHV_e5c1a8952efb9a5585d275947364b9d3','\'Title: Meetup: Certification Processes (UL, FCC, etc.)
\nWhen: Saturday, Aug 7, 16:00 - 16:30 PDT
\nWhere: Hardware Hacking Village (Virtual Meetup)
\n
SpeakerBio:ShortTie\n
\nNo BIO available
\n\n
\nDescription:
\nA place to meet people with the same interests or challenges and discuss. The meetup is a nexus for finding and starting the conversation. Bring your expertise and your questions.\n

#hhv-meetups-A: https://discord.com/channels/708208267699945503/739567085004521533\n

#hhv-meetups-A-voice: https://discord.com/channels/708208267699945503/739571117756383333\n

\n\'',NULL,220164),('2_Friday','10','10:30','10:30','N','BICV','','\'Why donâ€™t we have IoT, daddy?\'','\'Jessica Hoffman\'','BICV_ed55522091afa75ae1f45387fa146c46','\'Title: Why donâ€™t we have IoT, daddy?
\nWhen: Friday, Aug 6, 10:30 - 10:30 PDT
\nWhere: Blacks in Cyber
\n
SpeakerBio:Jessica Hoffman\n
\nJessica Hoffman is an IT Audit manger and partner of her Black owned audit and compliance firm. She provides Readiness assessments and audits mainly to the federal healthcare sector but also service various public/private sector fields. She has been in Cybersecurity for 10 years and IT for over 15 years. Prior to starting her small business, she was a federal and state employee; Public service and giving back to the community are two areas that she is dedicated to and she excels in as a dedicated volunteer, mentor, professor and advocate.
\nTwitter: @JHoBootyFat
\n\n
\nDescription:No Description available
\n
Blacks in Cyber talks will be streamed on YouTube.\n

YouTube: https://www.youtube.com/c/BlacksInCybersecurity\n

\'',NULL,220165),('2_Friday','12','12:30','12:30','N','BICV','','\'The Action Plan for Cyber Diversity!\'','\'Keith Chapman\'','BICV_b7908349ef360b7aacc39203e7d4951c','\'Title: The Action Plan for Cyber Diversity!
\nWhen: Friday, Aug 6, 12:30 - 12:30 PDT
\nWhere: Blacks in Cyber
\n
SpeakerBio:Keith Chapman\n
\nKeith Chapman is an information security professional, cyber education chair and conference presenter. His background includes incident response, threat intelligence and governance, risk and compliance. He also invests in the information security community by attending and speaking at and conferences. Keith serves as the Cincinnati, OH ambassador for Blacks in Cyber. He is committed to increasing diversity, equity, and inclusion in our field and mentors students in the Ohio Public School System, specifically the Cyber Academy.
\nTwitter: @S1lv3rL10n
\n\n
\nDescription:
\nWhat does it take to increase diversity, equity, and inclusion in information security? An inside perspective with actionable steps. These actions will build a stronger defense and future for us all.
\n
Blacks in Cyber talks will be streamed on YouTube.\n

YouTube: https://www.youtube.com/c/BlacksInCybersecurity\n

\'',NULL,220166),('2_Friday','14','14:30','14:30','N','BICV','','\'The Big Cleanup: Tackling The Remnants of Systematic Discrimination in the Tech Industry\'','\'Maurice Turner\'','BICV_9bfdd67985db41dd3aac1a5f75a0eb81','\'Title: The Big Cleanup: Tackling The Remnants of Systematic Discrimination in the Tech Industry
\nWhen: Friday, Aug 6, 14:30 - 14:30 PDT
\nWhere: Blacks in Cyber
\n
SpeakerBio:Maurice Turner\n
\nMaurice Turner is the Cybersecurity Fellow at the Alliance for Securing Democracy at the German Marshall Fund of the United States. He is a recognized public interest technologist and cybersecurity expert focused on developing strategies to secure critical infrastructure and deter cyber operation escalation. He has also provided testimony before the United States Congress, shared his insights with the European Union, and spoken at numerous security conferences. He most recently served as Senior Advisor to the Executive Director at the United States Election Assistance Commission, where he provided subject matter expertise in support of local, state, and federal partners to administer elections fairly and securely. Prior to that he was Deputy Director of the Internet Architecture project at the Center for Democracy & Technology, where he led the Election Security and Privacy Project, identifying and updating election cybersecurity practices and infrastructure through multi-sector partnerships. He also served as a TechCongress Congressional Innovation Fellow assigned to the U.S. Senate Homeland Security and Governmental Affairs Committee, where he shaped policy and oversaw the preparation of memos, briefings, and hearings on federal Information Technology systems, cybersecurity threats, and cybersecurity regulations. He holds an MA in Public Administration from the University of Southern California, an BA in Political Science from California State University Fullerton, and a Certificate in Cybersecurity Strategy from Georgetown University.
\nTwitter: @TypeMRT
\n\n
\nDescription:
\nItâ€™s easy to just accept the status quo even when itâ€™s harmful because thatâ€™s just how itâ€™s always been done. Discrimination in the tech industry is no different. The reuse and amplification of discriminatory language can have damaging effects on those within the industry, as well as in other physical spaces. It adds to the barriers that prevent folks from even trying to participate because they think that they donâ€™t belong.\nâ€‹
\nUsing technology to challenge how concepts are labeled can help break down those barriers and drive inclusivity. Changing how practitioners label concepts like Whitelist/Blacklist and Master/Slave makes the tech industry more inclusive internally. We can also use technology to uncover remnants of discrimination in the analog world. Thousands of geographic places across the country have official names that are racist like Negro Run and Squaw Creek. They are now easy to find using services like Google Maps. When those names are changed, everyone can see the update immediately.\nâ€‹
\nOld baggage has a way of sticking around when new systems are built using legacy data. Regardless of my role in organizations, I look for ways to turn that around and cleanup some of those remnants of systematic discrimination. I will highlight two of those experiences where I have been able to make small changes with big impact by ensuring inclusive language in voting securing standards and changing the racist name of a river using a mapping service. I hope you see that you too can make small changes that make a difference at scale.
\n
Blacks in Cyber talks will be streamed on YouTube.\n

YouTube: https://www.youtube.com/c/BlacksInCybersecurity\n

\'',NULL,220167),('3_Saturday','10','10:30','10:30','N','BICV','','\'Black Cyber Exodus: The Mis-Education (Certification) of Black Cyber\'','\'Stephen Pullum\'','BICV_aa3c089f523ff837203b98338aec2b53','\'Title: Black Cyber Exodus: The Mis-Education (Certification) of Black Cyber
\nWhen: Saturday, Aug 7, 10:30 - 10:30 PDT
\nWhere: Blacks in Cyber
\n
SpeakerBio:Stephen Pullum\n
\nStephen Pullum is a Cyber Security Evangelist and Pioneer. Stephen is an entrepreneur in Accra, Ghana to his company AFRICURITY. This company brings best practices in multiple lanes of Cybersecurity, Cyber Education, Cyber Resiliency and Cyber Scalability both corporate and individual. Stephen has over 40 years in the Cybersecurity field, having began in the early \'80\'s with the handle \'The Madhatter\'. Stephen is also recognized as an Alumni of the Cult of the Dead Cow (cDc). Stephen served in the United States Air Force from 1984 to 2012, and has a unique perspective of the Cybersecurity field as he has been participating in both the culture and the proffession since it\'s infancy.
\nTwitter: @The Madhatter
\n\n
\nDescription:
\nIn this talk I will analyze the pipeline between many Black Cyber Practitioners that were never credited or brought to the forefront and the certification plans/materials being developed for the progression of the holistic industry, as well as discuss the premise; \"How much of their non-profit revenue is being invested into the Black Community which they cleverly so snared into the premise of being qualified to do a job.\"\n \n

In1982, CompTIA was started under another name, yet still CompTIA. In 1989, SANS/GIAC was started and in 1992, ISC2 released the CBK that would 2 years later become the CISSP. In 2001, the EC Council formed in response to the attacks on the World Trade Center. Before these so-called cybersecurity certifications, how did the founders and instructors get certified to even instruct or create these organizations? Materials such as the Rainbow Books Series were the mainstay in the Trust Computing Model environment that are still being implemented today, just rebranded. These institutions implemented disproportionate programs when they gained traction and Cyber specific programs became profitable without giving up their \"non-profit\" status.

\n
Blacks in Cyber talks will be streamed on YouTube.\n

YouTube: https://www.youtube.com/c/BlacksInCybersecurity\n

\'',NULL,220168),('3_Saturday','12','12:30','12:30','N','BICV','','\'The OPSEC of Protesting\'','\'Ochaun Marshall\'','BICV_40eb3aaabc5f6b49f45c8928322daf67','\'Title: The OPSEC of Protesting
\nWhen: Saturday, Aug 7, 12:30 - 12:30 PDT
\nWhere: Blacks in Cyber
\n
SpeakerBio:Ochaun Marshall\n
\nOchaun (pronounced O-shawn) Marshall is an application security consultant. In his roles at Secure Ideas, he works on ongoing development projects utilizing Amazon Web Services and breaks other people\'s web applications. When he is not swallowing gallons of the DevOps Kool-Aid, he can be found blasting J Cole while hacking, blogging, and coding. He covers everything he does with the signature phrase: I code; I teach; I hack.
\nTwitter: @OchaunM
\n\n
\nDescription:
\nTechnology both facilitates and complicates the human condition in many ways, especially in the tradition of protesting. Activists and those supporting social movements need to be aware of the risks of social demonstrations. In this talk, we dive into communication strategies for activists, as well as the basics of OPSEC. Weâ€™ll do threat modeling against both nation-state & opposition movements and discuss the utility of basic security hygiene in this context. We will also examine these principles against case studies of the Civil rights movement, BLM, Hong Kong Separation movement, Election protests, and recent â€œhacktivistâ€ attacks against Parler and Gab.
\n
Blacks in Cyber talks will be streamed on YouTube.\n

YouTube: https://www.youtube.com/c/BlacksInCybersecurity\n

\'',NULL,220169),('3_Saturday','14','14:30','14:30','N','BICV','','\'40 cores and a CPU\'','\'Nico \"Socks\" Smith\'','BICV_d00fd80bd6d76d136538988da78cddb4','\'Title: 40 cores and a CPU
\nWhen: Saturday, Aug 7, 14:30 - 14:30 PDT
\nWhere: Blacks in Cyber
\n
SpeakerBio:Nico \"Socks\" Smith\n
\nNico Smith is a technology hobbyist with over 15 years in Information Technology and 10years focused on developing defensive and offensive teams, privately and collegiately. He also is Captain in the US Army National Guard and previously a Cyber Network Defense Manager for a US Army National Guard Cyber Protection Team. In his spare time Nico Smith volunteers 30hrs a month to mentor and support college and high school students interested in entering the cyber career field. He also created the only functioning cyber challenge coin in the DOD. He also created the BIC Village Badge for DEFCON29. He has committed to improving cybersecurity and changing the way cyber is understood, leveraged, and cultivated.
\nTwitter: @nicolaismith1
\n\n
\nDescription:
\nThe talk 40 Cores and a CPU will speak to the importance of participating in the cybersecurity field at every level for Black Technologists. I will demonstrate the benefits and struggles that can be both met and overcome through owning physical infrastructure and providing services to the community, with this question in mind: â€œIf the goal is to own and secure your data, wouldnâ€™t be easier if you owned the IPâ€™s and the Bare Metal Infrastructure that supports it?â€ While the scale will always be dwarfed by larger companies that are Cloud Service Providers, the capabilities to grow and develop at a grassroots level, future engineers, and cybersecurity professionals of color is much easier, which in turn prepares better candidates for larger enterprises. This talk should start the discussion, is it possible for the black community to own spaces of the internet from the BareMetal to the code on the front-end server? And what economic impact would that have, or would it become a security issue, a new cyber target ?
\n
Blacks in Cyber talks will be streamed on YouTube.\n

YouTube: https://www.youtube.com/c/BlacksInCybersecurity\n

\'',NULL,220170),('3_Saturday','16','16:30','16:30','N','BICV','','\'How Bias and Discrimination in Cybersecurity will have us locked up or dead\'','\'Tennisha Martin\'','BICV_f6f3c1679307f121b823b04f1930a022','\'Title: How Bias and Discrimination in Cybersecurity will have us locked up or dead
\nWhen: Saturday, Aug 7, 16:30 - 16:30 PDT
\nWhere: Blacks in Cyber
\n
SpeakerBio:Tennisha Martin\n
\nTennisha Martin is the founder and Executive Director of a National Cybersecurity non-profit organization dedicated to providing education and resources to underserved communities and increasing the diversity in cyber. She has worked in a government consulting capacity for over 15 years and in her spare time is a Cyber Instructor, mentor, and red-team leaning ethical hacking advocate for diversity in Cyber and the executive suites.
\nTwitter: @misstennisha
\n\n
\nDescription:
\nThis talk focuses on algorithmic analysis and machine learning in the healthcare and criminal justice settings. Algorithms make a lot of important decisions including selecting candidates for a particular residency in medical school, tests that identify skin cancer in patients or determining the sentencing recommendations for people convicted of a crime. The outcome of these decisions includes impacting the number of people (or people of color) in certain specialties, failing to identify skin cancer in people of color and recommending longer sentences for black people and in particular black men. Studies have been shown that bias in algorithms have a wide-ranging impact, especially in the areas of clinical decision support and in criminal justice. Clinical decision support is integrated into electronic health records around the world and are used to establish things like best practices, medication guidelines, and prioritization of patients. The idea behind clinical decision support is that the algorithms are used based on aggregated data to help health care providers provide a standard of care. The reality, however, is that there is a thin line between the algorithms acting as the basis for recommendations and them acting autonomously. The aggregation of data and the formulation of algorithms by a largely homogeneous population results in bias and discrimination against people of color. In criminal justice, the racial impact of predictive policing is that black people serve longer times in jail. In healthcare, the impact of algorithmic bias results in poorer health outcomes, and failure to diagnose and treat patients of color. The result is that bias and discrimination in artificial intelligence will have members of the Black community incarcerated or dead.
\n
Blacks in Cyber talks will be streamed on YouTube.\n

YouTube: https://www.youtube.com/c/BlacksInCybersecurity\n

\'',NULL,220171),('2_Friday','10','10:00','10:30','N','IOTV','','\'When Penetration Testing Isnâ€™t Penetration Testing At All\'','\'Ted Harrington\'','IOTV_ed908ea0f494307567d352a5a7299a15','\'Title: When Penetration Testing Isnâ€™t Penetration Testing At All
\nWhen: Friday, Aug 6, 10:00 - 10:30 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Ted Harrington\n
\nTed Harrington is the #1 best selling author of HACKABLE: How to Do Application Security Right, and the Executive Partner at Independent Security Evaluators (ISE), the company of ethical hackers famous for hacking cars, medical devices, web applications, and password managers. Heâ€™s helped hundreds of companies fix tens of thousands of security vulnerabilities, including Google, Amazon, and Netflix. Ted has been featured in more than 100 media outlets, including The Wall Street Journal, Financial Times, and Forbes. His team founded and organizes IoT Village, an event whose hacking contest is a three-time DEF CON Black Badge winner. He hosts the Tech Done Different podcast.
\n\n
\nDescription:
\nWhen companies want to build secure IoT systems, they know they need to test their system for security flaws, which typically leads them to seek out â€œpenetration testing.â€ However, this term has become so misused across the security community that itâ€™s hard to decipher what is really happening.\n

So where does that leave you? What is your security testing program actually doing (and not doing)?\n

In this keynote, youâ€™ll learn the often widely misunderstood difference about what penetration testing is (and is not). Drawing insights from the #1 bestselling book Hackable, youâ€™ll learn why the distinction matters, and youâ€™ll get an insight into the more advanced tactics used by ethical hackers, such as functionality abuse and exploit chaining. By design, this keynote is more strategic rather than technical, and will equip you with insights to think differently about your security testing program. As a result, youâ€™ll leave with new ideas about how to build better, more secure systems. \n

\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220172),('2_Friday','10','10:45','11:30','N','IOTV','','\'Representation Matters\'','\'Camille Eddy,Chloe Messdaghi\'','IOTV_4897d5bbb491b5ea76c7841e6c15b71b','\'Title: Representation Matters
\nWhen: Friday, Aug 6, 10:45 - 11:30 PDT
\nWhere: IoT Village (Talk - Virtual)
\nSpeakers:Camille Eddy,Chloe Messdaghi
\n
SpeakerBio:Camille Eddy\n
\nNo BIO available
\n
SpeakerBio:Chloe Messdaghi\n
\n Chloé Messdaghi is a tech changemaker who is innovating tech and information security sectors to meet todayâ€™s and futureâ€™s demands by accelerating startups and providing solutions that empower. She is an international keynote speaker at major information security and tech conferences and events, and serves as a trusted source to reporters and editors, such as Forbes and Business Insider. Additionally, she is one of the Business Insiderâ€™s 50 Power Players. Camille Eddy is a Product Engineer and International Public Speaker. She earned her Bachelor of Science degree in Mechanical Engineering from the University of Idaho. Camille has given her talk â€œRecognizing Cultural Bias in AIâ€ across the world, including San Francisco, Washington DC and Budapest; Helping Technical and Non-Technical Project Managers, Founders and Engineering Leads build better products. Finally, she coaches women building online platforms, helping them make a profitable business working on their passion.
\n\n
\nDescription:
\nWe often hear about the importance of Diversity, Equity, and Inclusion (DEI) and how companies are striving to do better. However, there are plenty of examples where DEI that is being promoted is not actually happening behind scenes. Stories of those who are marginalized in tech showcasing we still have a large problem with companies practicing lip service and no actual actions to show for it. One way to see if a company is trying to be better on DEI is reflected on the board and C-suite. Yet, still to this day less than 20% of company boards represent marginalized identities.\nIt\'s time to increase representation of marginalized identities from less than 20% to 50%+ for all levels in tech. When we shift to incorporating DEI practices by making sure representation is present on the leadership team, board and c-suite, it recognizes the voices of marginalized identities: ethnicities, genders, generations, sexuality, and abilities.\nResearch has repeatedly shown that when we have diverse boards and c-level positions held by marginalized persons, it produces a trickle down effect. Where the company takes actions and voices are finally heard because thereâ€™s representation, and it\'s reflected in the vision, company policies, and hiring practices.\nThis talk discusses why we need representation on the leadership team, and how to get involved to actually bring a change to an industry that has run out of time to become more inclusive.
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220173),('2_Friday','11','10:45','11:30','Y','IOTV','','\'Representation Matters\'','\'Camille Eddy,Chloe Messdaghi\'','IOTV_4897d5bbb491b5ea76c7841e6c15b71b','\'\'',NULL,220174),('2_Friday','11','11:45','12:30','N','IOTV','','\'1.21 Gigawatts! Vulnerabilities in Solar Panel Controllers\'','\'Waylon Grange\'','IOTV_551ac1dce26c16c4dc244d1b87255bfe','\'Title: 1.21 Gigawatts! Vulnerabilities in Solar Panel Controllers
\nWhen: Friday, Aug 6, 11:45 - 12:30 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Waylon Grange\n
\nWaylon Grange is an experienced vulnerability researcher, reverse engineer, and developer. Prior to Stage 2, he worked for Symantec and the NSA. Waylon has been a speaker at Black Hat, DefCon, RSA, CanSecWest, and DerbyCon and is credited with a US patient, multiple CVEs, and exposing APT groups. His in-depth knowledge of embedded systems is utilized to evaluate the security of IoT systems and develop electronic badges for conferences.
\n\n
\nDescription:
\n Embedded device security has come a long way since the days of telnet and default passwords. Product vendors are now doing more to secure their devices but how effective are they? This presentation will outline many of the software and hardware-based attacks used to compromise embedded systems. It also discusses some of the mitigations used to prevent these attacks. Many previous IoT talks show the simplicity of hacking devices that have weak security or no hardening. In contrast, this presentation shows how even secured devices have attack surfaces that still need to be addressed. It demonstrates the need for embedded devices to incorporate a security lifecycle plan and hardware designs must be audited for security weakness before production. Topics to be covered include firmware image encryption, disabling UART console access, hardening JTAG development access, securing e.MMC storage, NOR Flash protection, processor glitching, update lifecycle attacks, avoiding custom crypto, dealing with reverse engineers, and initial device setup vs authentication. None of these topics will be a deep dive. The intent is to show how they are attacked or utilized to mitigate specific attacks. To illustrate these topics the presentation will use a recent security audit of a US solar equipment manufacturer as a case study. The vendor incorporated many best practices for securing embedded devices but made some architecture decisions in the guise of security that ended up weakening their security posture rather than helping it. Finally, we\'ll show the ramifications of an attack against solar systems and how it could be used for racketeering. Attacks in this talk are beneficial to system designers, hobbyists, and researchers.
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220175),('2_Friday','12','11:45','12:30','Y','IOTV','','\'1.21 Gigawatts! Vulnerabilities in Solar Panel Controllers\'','\'Waylon Grange\'','IOTV_551ac1dce26c16c4dc244d1b87255bfe','\'\'',NULL,220176),('2_Friday','12','12:45','13:15','N','IOTV','','\'LED Light Lunacy!\'','\'Victor Hanna\'','IOTV_552ab39c6d2568eaf3e354310df76b5a','\'Title: LED Light Lunacy!
\nWhen: Friday, Aug 6, 12:45 - 13:15 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Victor Hanna\n
\nSecurity Researcher at SpiderLabs
\n\n
\nDescription:
\n All your LEDs are mine ... How a case of lockdown boredom turned into led lights for everyone !
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220177),('2_Friday','13','12:45','13:15','Y','IOTV','','\'LED Light Lunacy!\'','\'Victor Hanna\'','IOTV_552ab39c6d2568eaf3e354310df76b5a','\'\'',NULL,220178),('2_Friday','13','13:30','14:15','N','IOTV','','\'5 years of IoT vulnerability research and countless 0days - A retrospective\'','\'Alex \"Jay\" Balan\'','IOTV_54d0ec2045d46f8212e10de791ca003d','\'Title: 5 years of IoT vulnerability research and countless 0days - A retrospective
\nWhen: Friday, Aug 6, 13:30 - 14:15 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Alex \"Jay\" Balan\n
\nAlex \"Jay\" Balan is the Security Research Director and Spokesperson for Bitdefender. His career is focused on Information Security and Innovation, fields in which he has so far accumulated over 20 years of experience. He is now furthering security and privacy research and has been actively involved in creating awareness by speaking at a number of conferences including DEFCON , Derbycon, RSA, BSides, ISC China, and many others
\n\n
\nDescription:
\nHow many 0days can a research team discover in 4 years of vulnerability research in IoT? How many of them are relevant and can be used even today? How to get started (or advance further) with IoT vulnerability research? This talk will answer all these questions and show you some hands-on shell-popping and authentication bypasses as well as some new 0days published this year
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

https://cybir.com/2021/cyber-security/bluemonday-series-part-1-exploitation-mapping-of-vulnerable-devices-at-scale-through-self-registration-services/ \n

\'',NULL,220179),('2_Friday','14','13:30','14:15','Y','IOTV','','\'5 years of IoT vulnerability research and countless 0days - A retrospective\'','\'Alex \"Jay\" Balan\'','IOTV_54d0ec2045d46f8212e10de791ca003d','\'\'',NULL,220180),('2_Friday','14','14:30','15:15','N','IOTV','','\'BLUEMONDAY Series â€“ Exploitation & Mapping of vulnerable devices at scale through self-registration services (DATTO/ EGNYTE/ SYNOLOGY/ MERAKI/ GEOVISION)\'','\'Ken Pyle\'','IOTV_873c71e9d63269d77fecbbb484c42662','\'Title: BLUEMONDAY Series â€“ Exploitation & Mapping of vulnerable devices at scale through self-registration services (DATTO/ EGNYTE/ SYNOLOGY/ MERAKI/ GEOVISION)
\nWhen: Friday, Aug 6, 14:30 - 15:15 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Ken Pyle\n
\nKen Pyle is a partner of CYBIR, specializing in Information Security, exploit development, penetration testing and enterprise risk management. Ken is a graduate professor of CyberSecurity at Chestnut Hill College. He has published academic works on a wide range of topics and has presented at industry events such as ShmooCon, Secureworld, HTCIA International.
\n\n
\nDescription:
\nVendors like DATTO, MERAKI, GEOVISION, SYNOLOGY, EGNYTE and others are which leverage or depend on these services are imperiling data, networks, and businesses through insecure design, intentional design decisions, and web application flaws.\n

These devices frequently self-provision services which leak critical data or through insecure network design and installation practices which are easily mapped, attacked, and discovered via insecure vendor, software, and integrator practices (ex. PKI, Dynamic DNS, â€œFinderâ€ service registrations, DNS leakage, Layer 2 Attacks / DHCP network attacks, DNS passive hijacking through domain purchases & active record injection)\n

Some concepts and new attacks may be obliquely referenced or held private by the researcher. Essential PoC is contained in this document and is easily reproduced using supplied narrative and screenshots.\n

The affected devices are easily discoverable either through insecure practices (ex. insecure Zones, algorithmic FQDN generation, lack of local network controls, public metadata leakage) or vendor provided interfaces and access methods. (DATTOWEB, DATTOLOCAL, SYNOLOGY.ME, DYNAMIC-M, GVDIP.COM, EGNYTE-APPLIANCE.COM)\n

Many issues develop due to these problems. For example, nearly all of these devices and appliances provide easily discoverable portals / content / metadata with which to craft extremely convincing social engineering campaigns, even in the absence of technical exploit vectors.\n

Host Header Attacks & 302 redirects used in concert with malicious DNS records / spoofed or squatted domains can be abused in this manner. An attacker can identify the MERAKI device a victim uses through registration, abuse the API to obtain sensitive metadata, and send the victim to a spoofed site or malicious content purported to be a Meraki Dashboard alert. An attacker can change the dynamic DNS record through a number of vectors (ex. Third party service attacks, local vectors) and effectively â€œhijackâ€ the user or content being accessed.\n

Through our DNS harvesting and our undisclosed 0-days, we can establish a complex exploit network and botnet via poor vendor controls (ex. MIRAI) We can also hide exploit code in APIs, persist across multiple appliance types, and abuse multiple dynamic DNS networks.\n

The DNS zones we have provided are intentionally designed, demonstrably insecure, provide detailed information, and can be abused easily. Registrations can be abused for data exfiltration or beaconing over the vendorâ€™s DNS network. These DYNAMIC DNS services allow for efficient, mass exploitation and recon. The poor controls and â€œspoofabilityâ€ of these networks (will demonstrate at another time) allow an attacker to not only FIND vulnerable devices.. but automate mass exploitation via attacks such as those we provided or other common attacks.\n

The author wishes for this to be noted as responsible disclosure and ethical considerations for the attacks / exploits seriously impacted disclosure dates and continues to.\n

Some initial work can be found here:\n

\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220181),('2_Friday','15','14:30','15:15','Y','IOTV','','\'BLUEMONDAY Series â€“ Exploitation & Mapping of vulnerable devices at scale through self-registration services (DATTO/ EGNYTE/ SYNOLOGY/ MERAKI/ GEOVISION)\'','\'Ken Pyle\'','IOTV_873c71e9d63269d77fecbbb484c42662','\'\'',NULL,220182),('2_Friday','15','15:30','16:15','N','IOTV','','\'â€œAlexa, have you been compromised?â€ â€” Exploitation of Voice Assistants in Healthcare (and other business contexts)\'','\'Hutch (Justin Hutchens)\'','IOTV_7a3a4d8436104842e4ca4d7506ef879f','\'Title: â€œAlexa, have you been compromised?â€ â€” Exploitation of Voice Assistants in Healthcare (and other business contexts)
\nWhen: Friday, Aug 6, 15:30 - 16:15 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Hutch (Justin Hutchens)\n
\nJustin Hutchens (â€œHutchâ€) is the Assessments Services Practice Lead at Set Solutions and manages TVM, IR, and GRC services. He is the co-host of the \"Ready, Set, Secure\" InfoSec podcast. He is also the creator of Sociosploit, a research blog which examines exploitation opportunities on the social web â€“ a confluence of his interests in both hacking and social psychology. Hutch has spoken at multiple conferences to include HouSecCon, ToorCon, and DEF CON.
\n\n
\nDescription:
\nAs voice assistant technologies (such as Amazon Alexa and Google Assistant) become increasingly sophisticated, we are beginning to see adoption of these technologies in the workplace. Whether supporting conference room communications, or even supporting interactions between an organization and its customers â€” these technologies are becoming increasingly integrated into the ways that we do business. While implementations of these solutions can streamline operations, they are not always without risk. During this talk, the speaker will discuss lessons learned during a recent penetration test of a large-scale â€œAlexa for Businessâ€ implementation in a hospital environment where voice assistants were implemented to assist with patient interactions during the peak of the COVID-19 pandemic. The speaker will provide a live demonstration of how a cyber-criminal could potentially use pre-staged AWS Lambda functions to compromise an â€œAlexa for Businessâ€ device with less than one-minute of physical access. Multiple attack scenarios will be discussed to include making Alexa verbally abuse her users (resulting in possible reputation damage), remote eavesdropping on user interactions, and even active â€œvishingâ€ (voice phishing) attacks to obtain sensitive information. Finally, the talk will conclude with a discussion of best-practice hardening measures that can be taken to prevent your â€œAlexa for Businessâ€ devices from being transformed into foul-mouthed miscreants with malicious intent.
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220183),('2_Friday','16','15:30','16:15','Y','IOTV','','\'â€œAlexa, have you been compromised?â€ â€” Exploitation of Voice Assistants in Healthcare (and other business contexts)\'','\'Hutch (Justin Hutchens)\'','IOTV_7a3a4d8436104842e4ca4d7506ef879f','\'\'',NULL,220184),('2_Friday','16','16:30','17:15','N','IOTV','','\'IoT Testing Crash Course\'','\'Tim Jensen (EapolSniper)\'','IOTV_0a8ef7b8e8bb8ef71e7521cb03cc70eb','\'Title: IoT Testing Crash Course
\nWhen: Friday, Aug 6, 16:30 - 17:15 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Tim Jensen (EapolSniper)\n
\nTim has 9 years of professional security experience, largely in network, IoT, and web application penetration testing. He ran a hack lab in Fargo, ND for 4 years where he taught hardware hacking and penetration testing on evenings and weekends. When not hacking, Tim enjoys cycling, walking, and live music.
\n\n
\nDescription:
\nIn this IoT 101 level talk I provide practical instruction to security focused individuals who want to test IoT devices for critical vulnerabilities. Included will be basic network pentesting of the device, web app or other UI testing, extracting/downloading firmware, and using binwalk. This will also include reviewing binaries for potential backdoors, looking for hardcoded credentials, and whitebox code review of the UI interface to look for backdoors or other vulnerabilities. All testing will be done against publicly downloadable binaries.
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220185),('2_Friday','17','16:30','17:15','Y','IOTV','','\'IoT Testing Crash Course\'','\'Tim Jensen (EapolSniper)\'','IOTV_0a8ef7b8e8bb8ef71e7521cb03cc70eb','\'\'',NULL,220186),('2_Friday','17','17:30','18:15','N','IOTV','','\'Defending IoT in the Future of High-Tech Warfare\'','\'Harshit Agrawal\'','IOTV_714c161bd5b3de01d0860245a945fc19','\'Title: Defending IoT in the Future of High-Tech Warfare
\nWhen: Friday, Aug 6, 17:30 - 18:15 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Harshit Agrawal\n
\nHarshit Agrawal is currently working as a Radio Security Researcher. He is enthusiastic about Sigint, Drone Pentesting, and IoT Security. He presented his research at Security conferences like RSAC USA, HITB Cyberweek, HITB Amsterdam, etc. Previously, he was President at CSI Chapter and Vice President for Entrepreneurship cell at MIT, where he also headed the team of security enthusiasts, giving him a good insight into cybersecurity and increased his thirst to explore more in this field.
\n\n
\nDescription:
\nThe increase of cyberattacks using IoT devices has exposed the vulnerabilities in the infrastructures that make up the IoT and have shown how small devices can affect networks and services functioning. This talk presents a review of the vulnerabilities that bear the IoT and assessing the experiences in implementing RF attacks targeting the Internet of Things and analyses various facets of the IoT centricity of future military operations based on the IoT concept, IoT-led future shaping of the things, challenges, and developmental trajectories of major powers.
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220187),('2_Friday','18','17:30','18:15','Y','IOTV','','\'Defending IoT in the Future of High-Tech Warfare\'','\'Harshit Agrawal\'','IOTV_714c161bd5b3de01d0860245a945fc19','\'\'',NULL,220188),('3_Saturday','10','10:00','10:45','N','IOTV','','\'I used AppSec skills to hack IoT, and so can you\'','\'Alexei Kojenov\'','IOTV_5399fb2bfbb6f49c2bcf5c7cf6dc1990','\'Title: I used AppSec skills to hack IoT, and so can you
\nWhen: Saturday, Aug 7, 10:00 - 10:45 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Alexei Kojenov\n
\n Alexei began his career as a software developer. A decade later, he realized that breaking code was way more fun than writing code, and decided to switch direction. He is now a full-time application security professional, with several years of assisting various development teams in delivering secure code, as well as security consulting. Outside of his day job, Alexei enjoys doing security research and learning new hacking techniques.
\n\n
\nDescription:
\nWe tend to think of AppSec and IoT as two separate infosec disciplines. Sure, the domain knowledge, attack vectors, and threat mitigation are not exactly the same in those two worlds. At the same time, as the hardware continues to evolve, we see more and more tiny general purpose computers around us. Many of these tiny computers nowadays run software that is written in a conventional programming language, listen on network ports, process data inputs, and communicate with the outside world. These devices can be attacked just like any other application running on a desktop, on a server, or in the cloud.\n

In this talk, I am going to tell you a story about my hacking journey that unexpectedly took me from device configuration settings to software reverse engineering, vulnerability discovery, and six new CVEs. Together, weâ€™ll go step by step through reconnaissance, firmware analysis, decompiling, code review, and remote debugging. Iâ€™ll also share my experience with the responsible disclosure process. I hope this talk inspires you to apply your general hacking skills to new areas such as IoT, even if youâ€™ve never done that before. \n

\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220189),('3_Saturday','11','11:00','11:45','N','IOTV','','\'You\'re Doing IoT RNG\'','\'Allan Cecil - dwangoAC,Dan Petro - AltF4\'','IOTV_8b36c21244faac7abd47e02c7f223142','\'Title: You\'re Doing IoT RNG
\nWhen: Saturday, Aug 7, 11:00 - 11:45 PDT
\nWhere: IoT Village (Talk - Virtual)
\nSpeakers:Allan Cecil - dwangoAC,Dan Petro - AltF4
\n
SpeakerBio:Allan Cecil - dwangoAC\n
\nAllan Cecil (dwangoAC) is a Security Consultant with Bishop Fox and the President of the North Bay Linux Userâ€™s Group. He acts as an ambassador for Tasvideos.org, a website devoted to using emulators to complete video games as quickly as the hardware allows. He participates in Games Done Quick charity speed running marathons using TASBot to entertain viewers with never-before-seen glitches in games.
\nTwitter: @mrtasbot
\n
SpeakerBio:Dan Petro - AltF4\n
\nDan \"AltF4\" Petro is Lead Researcher at Bishop Fox. Dan is widely known for the tools he creates: Eyeballer (a convolutional neural network pentest tool), the Rickmote Controller (a Chromecast-hacking device), Untwister (pseudorandom number generator cracker), and SmashBot (a merciless Smash Bros noob-pwning machine).
\nTwitter: @2600AltF4
\n\n
\nDescription:
\nThink of a random number between \'0\' and infinity. Was your number \'0\'? Seriously? Crap. Well unfortunately, the hardware random number generators (RNG) used by your favorite IoT devices to create encryption keys may not work much better than you when it comes to randomness.\n

In this talk, we\'ll delve into murky design specs, opaque software libraries, and lots of empirical results. We wrote code for many popular IoT SoC platforms to extract gigabytes of data from their hardware RNGs and analyze them. What we found was a systemic minefield of vulnerabilities in almost every platform that could undermine IoT security. Something needs to change in how the Internet of Things does RNG.\n

The vulnerabilities are widespread and the attacks are practical. RNG is bad out there - \"IoT Crypto-pocalypse\" bad. \n

\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220190),('3_Saturday','12','12:00','12:30','N','IOTV','','\'Strategic Trust and Deception in the Internet of Things\'','\'Juneau Jones\'','IOTV_a79e1d380ab4a237768775704889fa48','\'Title: Strategic Trust and Deception in the Internet of Things
\nWhen: Saturday, Aug 7, 12:00 - 12:30 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Juneau Jones\n
\nRaised in the woods of Alaska, Juneau attributes her love of hacking to a childhood spentbuilding and breaking things outside. After studying computer science and economics, she moved to Dallas, Texas, where she found a home in the local hacker community. Juneau began research on applying behavioral economics to adversarial tactics. After her successful first talk at Dallas Hacker\'s Association on the prisonerâ€™s dilemma, she began presenting her research at cons across the country. Currently, she works as an adversarial analyst doing consultant red teaming. She is also continuing her research and education as a cybersecurity fellow at NYU. When she is not hacking or asking strangers to act out the prisoner\'s dilemma, Juneau breathes fire, plays the bass, and runs DC214; Dallas\'s DefCon group.
\n\n
\nDescription:
\nGame Theory is the study of choices and strategies made by rational actors, called \"\"players,\"\" during times of conflict or competition. It has been used throughout history to map human conflict. Statisticians use game theory to model war, biology, and even football. In this talk, we will model interactions between IoT devices based on strategic trust; how agents decide to trust each other.\nThe talk will provide an overview of game-theoretic modeling and its application to the IoT landscape. The landscape facilitates deception; players must decide whether or not to trust other agents in the network, and agents may have misaligned incentives. There is a trade-off between information gained and short-term security. This talk will build a framework for predictive and strategic trust where players make decisions based on the incentives of their \"\"opponents.\"\" This talk will not look at network topology or protocols but will instead look at information exchange and strategy.
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220191),('3_Saturday','12','12:45','13:30','N','IOTV','','\'MIPS-X - The next IoT Frontier\'','\'Patrick Ross,ZoltÃ¡n BalÃ¡zs\'','IOTV_afdf0573fda727f42eae14fc3dc173bc','\'Title: MIPS-X - The next IoT Frontier
\nWhen: Saturday, Aug 7, 12:45 - 13:30 PDT
\nWhere: IoT Village (Talk - Virtual)
\nSpeakers:Patrick Ross,ZoltÃ¡n BalÃ¡zs
\n
SpeakerBio:Patrick Ross\n
\nPatrick (0xn00b), a DEF CON 26 Black Badge holder, is the co-founder of Village Idiot Labs which helps run IoT Village across the globe. Patrick has created a fully immersible/virtual web-based lab environment that people can learn how to hack IoT without the need for their own tools, equipment or even prior knowledge.
\n
SpeakerBio:ZoltÃ¡n BalÃ¡zs\n
\nZoltan (@zh4ck) is the Head of Vulnerability Research Lab at CUJO AI, a company focusing on smart home security. Before joining CUJO AI he worked as a CTO for an AV Tester company, as an IT Security expert in the financial industry, and as a senior IT security consultant. He is also the developer of the Hardware Firewall Bypass Kernel Driver (HWFWBypass), the Encrypted Browser Exploit Delivery tool (#IRONSQUIRREL) and the Sandbox tester tool to test Malware Analysis Sandboxes.\nHe found and disclosed a vulnerability in IP cameras, and this vulnerability was exploited by the Persirai botnet, running on Ëœ600 000 cameras.
\nTwitter: @zh4ck
\n\n
\nDescription:
\nIoT vulnerability research usually involves both static and dynamic analysis of the target device. To aid in this task, researchers typically perform some sort of emulation to enumerate the filesystem as well as run the respective binaries. Luckily, there are tools like QEMU and/or Buildroot to guide our path on the way, but this does not mean the way is smooth.\n

Our main goal was to create a framework and documentation suitable for MIPS (LE/BE) device research, which can be used in a Dockerized environment to set up as many emulated IoT devices as desired. The goal was to create the least amount of pain and effort to set up the emulation infrastructure. This means, you will have a target MIPS architecture virtual machine running natively with all the binaries, full network stack, debugging tools, and other useful tools. Let the pwning begin! \n

\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220192),('3_Saturday','13','12:45','13:30','Y','IOTV','','\'MIPS-X - The next IoT Frontier\'','\'Patrick Ross,ZoltÃ¡n BalÃ¡zs\'','IOTV_afdf0573fda727f42eae14fc3dc173bc','\'\'',NULL,220193),('3_Saturday','13','13:45','14:30','N','IOTV','','\'Mind the Gap - Managing Insecurity in Enterprise IoT\'','\'Cheryl Biswas\'','IOTV_c104680f580462ce4dd90f74db692ed5','\'Title: Mind the Gap - Managing Insecurity in Enterprise IoT
\nWhen: Saturday, Aug 7, 13:45 - 14:30 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Cheryl Biswas\n, Threat Intel Specialist, TD
\nCheryl Biswas is a Threat Intelligence Specialist with TD Bank in Toronto, Canada, where she produces and delivers annual cyber threat forecasts, and has experience in security audits and assessments, privacy, disaster recovery and change management. She holds an ITIL certification and a specialized honours degree in Political Science. Cheryl is actively engaged in the security community as a conference speaker and volunteer, mentors those entering the field, and champions women and diversity in cyber security as a founding member of â€œThe Diana Initiativeâ€.
\nTwitter: @3ncr1pt3d
\n\n
\nDescription:
\nIoT is an ever-expanding attack surface about which we have many misconceptions and assumptions but for which we have very few policies, regulations or security. These are devices built for one purpose, not meant to be upgraded and rarely if ever patched. As more devices are enabled to connect and communicate online, in the relentless pursuit of innovation, weâ€™ve put the cart before the horse and failed to construct a framework to effectively control and secure the capability created.\nConsider this: over 90% of the data in the world was created over the past two years, and current output is roughly 2.5 quintillion bytes per day. As IoT moves into a range of enterprise environments, driven by consumer demand and BYOD desire, Shadow IT becomes Shadow ET, bringing new challenges and risks that our existing compliance and security donâ€™t address or regulate.\nMisconfiguration usurps any benefits of eroding segregation as online exposure of both sensitive data and critical systems increases. Adversaries at all levels have been watching, waiting and are making their moves because ignorance isnâ€™t an excuse â€“ itâ€™s an invitation to exploitation.\n

Introduction: (2 min)
\nâ€¢ A deluge of data
\nâ€¢ So many devices and growing\n

I have a dream: (5 min)
\nâ€¢ Perceived benefits of IoT
\nâ€¢ Improved efficiency, innovation, collaboration\nâ€¢ We donâ€™t know what weâ€™re doing
\nâ€¢ The dangers of upholding a Utopian ideal as reality\nâ€¢ â€œThe cost of breaches will be viewed like the toll taken by car crashes, which have not persuaded very many people not to drive.â€\n

Defining IoT: (10 min)
\nâ€¢ Our assumptions: what we think IoT is\nâ€¢ What is and isn\'t IoT. Adding intelligence to devices that are normally â€œdumbâ€, enabling them to communicate without human involvement\nâ€¢ Failure to inventory IoT devices because no centralized control over what IoT devices and applications are in the workplace\nâ€¢ Me and My Shadow IoT
\no An open invitation to Shadow IoT through increasing unmonitored, unsanctioned BYOD\nâ€¢ Recent statistics on IoT cyberattacks on organizations\no â€œ82% of organizations that manufacture IoT devices are concerned that the devices they develop are not adequately secured from a cyberattack.â€ (Irdeto Global Connected Industries Cybersecurity Survey 2019)\nâ€¢ Insecure third parties and Shadow IoT risks - what the party of your third party allows without your knowledge or consent\nâ€¢ Different flavors â€“ ET, IIoT, IoHT, OT\nTakeaways:
\nAttendees will understand what makes IoT/ET different from standard equipment we connect, and why we cannot secure them the same way.\nAttendees will be alerted to the ongoing and increasing risk of Shadow IT within their networks so they can take action on it\n

Understanding IoT Architecture: (5 min)\nâ€¢ Sensors working overtime - Sensors and actuators connecting the digital and physical realms\nâ€¢ Internet gateway
\nâ€¢ The Edge
\nâ€¢ Managing, securing and storing all the data\nâ€¢ Communication architectures
\nâ€¢ What is Enterprise Architecture
\nâ€¢ Understanding IoT in the Enterprise
\nâ€¢ Enterprise Architecture and IoT: How to build IoT into Enterprise Architecture\n

How IoT Attacks are Different: (5 min)
\nâ€¢ A lack of awareness around the motivation, perpetrators, attacks\nâ€¢ Different threat dynamic: industrial espionage, damage, destruction.\nâ€¢ Geopolitics and the games nationstates play. After Stuxnet - Iran and Shamoon wiper malware.\nâ€¢ Threat actors seek something more than just monetary gain. Triton destructive malware.\nâ€¢ How sanctions drive retaliation. What could we expect in the current climate?\nTakeaway: Attendees will understand IoT/ET as a potential threat, who attackers are and how to evaluate what they have in place to improve their security\nIt Only Takes One: Analysis of Attacks (15 min)\nâ€¢ It only takes ONE exposed, misconfigured system to spread the infection.\nâ€¢ Think ransomware: an increase in targeted ransomware attacks on industry in 2019 using LockerGoga and MegaCortex. Norsk Hydro\nâ€¢ Think NotPetya. Targeted attack that spread from one laptop globally bringing Maersk down.\nâ€¢ How cryptominers are increasingly leveraging exploits on critical vulnerabilities in enterprise realms and spreading via EternalBlue. Targets include Docker containers, and container escapes.\nâ€¢ Compromised conference equipment. Examine the attack on Polycom HDX video conferencing systems. Thousands exposed externally, many more deployed internally. Polycom systems are linked to each other across different corporate offices globally.\nTakeaway: Attendees will be able to understand how an attack could be leveraged against IoT/ET in their enterprise environments\n

Making it Better: (5 min)
\nâ€¢ IoT policy and compliance
\nâ€¢ Strong authentication: what do we do better when we know that passwords and certs have failed us\nâ€¢ Automating the identification of IoT â€“ no more hide and seek\nâ€¢ Network segmentation - it only works if we do it\nâ€¢ Automatically securing IoT devices before something happens, not after\nâ€¢ The need for Unified Endpoint Management over Enterprise Mobility Management.\n

Takeaways: Attendees will have recommendations to bring back they they can action within their environments for increased security posture\n

\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220194),('3_Saturday','14','13:45','14:30','Y','IOTV','','\'Mind the Gap - Managing Insecurity in Enterprise IoT\'','\'Cheryl Biswas\'','IOTV_c104680f580462ce4dd90f74db692ed5','\'\'',NULL,220195),('3_Saturday','14','14:45','15:30','N','IOTV','','\'Reverse Supply Chain Attack - A Dangerous Pathway To Medical Facilitiesâ€™ Networks\'','\'Barak Hadad,Gal Kaufman\'','IOTV_371e2c501a5e8d5900e020adc850e794','\'Title: Reverse Supply Chain Attack - A Dangerous Pathway To Medical Facilitiesâ€™ Networks
\nWhen: Saturday, Aug 7, 14:45 - 15:30 PDT
\nWhere: IoT Village (Talk - Virtual)
\nSpeakers:Barak Hadad,Gal Kaufman
\n
SpeakerBio:Barak Hadad\n
\nBarak Hadad is a security researcher at Armis, responsible for hunting zero days and reverse engineering. Formerly an R&D team lead in the Israeli Defense Forces Intelligence, his current focus is unraveling the mysteries of various embedded devices, found in hospitals, factories and anything in-between.
\n
SpeakerBio:Gal Kaufman\n
\nNo BIO available
\n\n
\nDescription:
\nThe supply-chain attack vector has gained a lot of attention in the passing year. Our talk, however, will present a different type of a supply-chain attack vector -- the reverse supply-chain attack.\n

The process of a supply chain attack involves an attacker altering code of software, or the hardware of a device, en route to a potential victim. The reverse supply chain attack starts from the other end of the chain -- when a device is removed from a secure network. While IT departments are aware of the importance of wiping the harddrives of PCs, before they are being thrown away, or sold off, they are not fully aware that certain medical devices also withhold sensitive data, and the process to wipe these devices is also non-trivial.\n

In this talk, we will demonstrate the type of data that can be recovered from the most popular infusion pump -- the BD Alaris Infusion Pump. The recovered data can allow an attacker to infiltrate internal networks of medical facilities and exfiltrate or alter personal patient data. In the process of analyzing this attack vector, we purchased a handful of these used infusion pumps from eBay, which led us to the credentials of internal networks of large hospital facilities all over the US. \n

\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220196),('3_Saturday','15','14:45','15:30','Y','IOTV','','\'Reverse Supply Chain Attack - A Dangerous Pathway To Medical Facilitiesâ€™ Networks\'','\'Barak Hadad,Gal Kaufman\'','IOTV_371e2c501a5e8d5900e020adc850e794','\'\'',NULL,220197),('3_Saturday','15','15:45','16:15','N','IOTV','','\'Ethics at the Edge: IoT as the Embodiment of AI for Rampant Intelligence Actuation\'','\'Ria Cheruvu\'','IOTV_e0b622cc21f9a35517490055abd8fd8a','\'Title: Ethics at the Edge: IoT as the Embodiment of AI for Rampant Intelligence Actuation
\nWhen: Saturday, Aug 7, 15:45 - 16:15 PDT
\nWhere: IoT Village (Talk - Virtual)
\n
SpeakerBio:Ria Cheruvu\n
\nRia Cheruvu is an AI Ethics Lead Architect at the Intel Network and Edge engineering group working on developing trustworthy AI products. She is 17 years old, and graduated with her bachelorâ€™s degree in computer science at Harvard University at 11 and her masterâ€™s degree in data science from her alma mater at 16. Her pathfinding domains include solutions for security and privacy for machine learning, fairness, explainable and responsible AI systems, uncertain AI, reinforcement learning, and computational models of intelligence. She enjoys composing piano music, ocean-gazing with her family, and contributing to open-source communities in her free time.
\n\n
\nDescription:
\nIn the eyes of a smart device and their human controllers, the world is an immense source of data and power. The expanding Internet of Things ecosystem only adds fuel to this, empowering real-time automatic sensing + actuation posing regulatory dilemmas, easily exploitable definitions of trusted entities (e.g., see the 2021 Verkada hack), and measurements of security, robustness, and ethics that change apropos data in the blink of an eye.\n

Governance and policing of Internet of Things devices is growing to cover the upcoming trail of destruction by flailing technical solutions, but some intriguing key unanswered questions are starting to reveal themselves.\n

In this talk, weâ€™ll dive into what the sociotechnical problem of ethics means at the edge in the context of machine learning/artificial intelligence and address these questions:\n

Individual vectors of ethics (â€œSustainability is an ethical principle?â€ â€œEdge devices have their own definition of fairness and bias different from human concepts?â€)\n
Evolving principles and governance for IoT devices, and the importance of accountable anonymity\n
Definitions of trusted entities (â€œWhen are users a threat?â€ â€œShould humans be out of the loop?â€), and how key ethical principles, such as privacy and transparency, can be a double-edged sword in the context of IoT security.\n
Incorporating morality into machines is now a reality (â€œHow do we define a calculus and value alignment for IoT ethics?â€) - what are key unconventional ethical concerns for human-centered design?

\n\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220198),('3_Saturday','16','15:45','16:15','Y','IOTV','','\'Ethics at the Edge: IoT as the Embodiment of AI for Rampant Intelligence Actuation\'','\'Ria Cheruvu\'','IOTV_e0b622cc21f9a35517490055abd8fd8a','\'\'',NULL,220199),('3_Saturday','16','16:30','16:59','N','IOTV','','\'IoT devices as government witnesses: Can IoT devices ever be secure if law enforcement has unlimited access to their data?\'','\'Anthony Hendricks,Jordan Sessler\'','IOTV_1a6b3242bb7a9102c1c0c0a225aa1bd7','\'Title: IoT devices as government witnesses: Can IoT devices ever be secure if law enforcement has unlimited access to their data?
\nWhen: Saturday, Aug 7, 16:30 - 16:59 PDT
\nWhere: IoT Village (Talk - Virtual)
\nSpeakers:Anthony Hendricks,Jordan Sessler
\n
SpeakerBio:Anthony Hendricks\n
\nAnthony Hendricks is an attorney who advises clients as the chair of Crowe & Dunlevyâ€™s Cybersecurity & Data Privacy Practice Group. In that role, he frequently analyzes and litigates legal issues related to IoT devices. Prior to beginning his practice, he studied as Howard University\'s first Marshall Scholar and later graduated from Harvard Law School. He now teaches cybersecurity law as an adjunct professor at Oklahoma City University School of Law.
\n
SpeakerBio:Jordan Sessler\n
\nJordan Sessler is an attorney who advises clients on data security as a member of Crowe & Dunlevyâ€™s Cybersecurity & Data Privacy Practice Group. In that role, he regularly engages with legal issues related to IoT devices and has represented companies in disputes with law enforcement regarding the discoverability of user- and device-generated data. Prior to beginning his practice, he graduated from Harvard Law School and clerked for U.S. District Court Judge D.P. Marshall Jr.
\n\n
\nDescription:
\nA man in Connecticut was arrested after his wifeâ€™s Fitbit implicated him in her murder. Prosecutors in Arkansas sought to use data from an Amazon Echo as evidence against a murder suspect. Local police sought access to car, TV, and even refrigerator data to monitor Black Lives Matter protestorsâ€”and the FBI did the same thing to help track down suspects in the aftermath of the January 6th, 2021 riot at the U.S. Capitol.\n

These examples are hardly isolated instancesâ€”there are thousands of other cases just like them. And they all speak to an important truth: IoT devices are increasingly being used by law enforcement for investigational purposes and, in some cases, even being made into star witnesses at trial. But law enforcementâ€™s use of IoT devices raises two important questions. First, does allowing the government to use IoT data violate consumer expectations of privacy, particularly at a time when IoT products are being made and marketed with an eye toward information security? Second, are criminal suspects being provided with the same near-limitless access to IoT data for purposes of mounting their legal defense?\n

The answers to both of these questions are troubling, in large part because the law is inherently back-ward looking and is thus not equipped to grapple with the raw amount of information is now generated. Just as many consumers did not realize several years that their watch or car audio system would be used by law enforcement to track their location 24/7, so lawmakers and judges did not either. For example, the Federal Privacy Act of 1974 never contemplated that, rather than maintaining records, the government would simply buy access to private recordsâ€”as ICE recently did by purchasing access to CLEARâ€”or create its own iOS app to ensnare criminals, as the FBI recently did. Likewise, although the Supreme Court noted the private nature of cell phone location data in Carpenter v. United States, this was a 5-4 decision (while RBG was still on the bench) that only applied the Fourth Amendment to historical cell phone GPS data, effectively leaving the law unsettled on many other types of IoT data. This has led courts, including a New York federal court in a case involving Apple, to express concerns that, even where warrants are involved, allowing the government to force companies to produce IoT device data could â€œresult in a virtually limitless expansion of the governmentâ€™s legal authority to surreptitiously intrude on personal privacy.â€\n

These concerns are heightened by the fact that, although the Federal Rules of Criminal Procedure are supposed provide defendants with equal discovery rights, the Stored Communications Act often prevents defendants from accessing the IoT data of others, such as witnesses, accusers, or potential other defendants. In practice, this means that IoT data can effectively be used against criminal suspects but is not available for them to use in arguing their legal defense. This results in an incredible inequality in the criminal justice system. And it may also lead to erroneous outcomes: as with DNA evidence, IoT data may help exonerate criminals just as often as it implicates them. Indeed, in the Arkansas v. Bates murder case, the prosecution dismissed the charges against the defendant shortly after it obtained the Amazon Echo data, which apparently validated the defendantâ€™s alibi. Similarly, allegations of cheating against low-income students at Dartmouth Medical School were dismissed after IoT data brought into question potentially erroneous remote test monitoring that may have been skewed by poor internet.\n

So what can we do to reform or limit government use of IoT data? This talk aims to talk through ways in which both the infosec and legal communities can increase their mutual understanding and help drive reform. In the short term, the infosec community can increase security by minimizing, encrypting, or de-identifying data. This can reduce the amount of information that IoT devices collect and, thus, are required to turn over to law enforcement. Over the long-term, the best solution may be to pass new laws or drive new judicial precedent that incorporates an understanding as to what IoT data is, how it is changing expectations of privacy, and how it is being used by law enforcement. Such laws could either limit access to IoT dataâ€”enshrining a greater degree of privacyâ€”or set forth procedures delineating when authorities may use it and guaranteeing defendants equal access. Of course, there are other potential solutions and we hope this talk will help launch a broader discussion on how to help the law interact with IoT technology.\n

\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220200),('3_Saturday','17','17:15','17:59','N','IOTV','','\'The Journey of Establishing IoT Trustworthiness and IoT Security Foundation\'','\'Amit Elazari,Anahit Tarkhanyan,Ria Cheruvu\'','IOTV_32c62239337c2cb727df51cad5de8a4f','\'Title: The Journey of Establishing IoT Trustworthiness and IoT Security Foundation
\nWhen: Saturday, Aug 7, 17:15 - 17:59 PDT
\nWhere: IoT Village (Talk - Virtual)
\nSpeakers:Amit Elazari,Anahit Tarkhanyan,Ria Cheruvu
\n
SpeakerBio:Amit Elazari\n
\nDr. Amit Elazari is Director, Global Cybersecurity Policy, Government Affairs at Intel Corp. and a Lecturer at UC Berkeley School of Information Master in Cybersecurity program. She graduated her Doctor of Science of the Law (J.S.D.) from UC Berkeley School of Law. Her work on security and technology law has been published in leading academic journals and popular press, including The New York Times, The Washington Post and Wall Street Journal and presented in top conferences including RSA, BlackHat, USENIX Enigma, USENIX Security and more. Elazari holds three prior degrees, summa cum laude (LL.B., LL.M. in the Law and a B.A. in Business) from IDC, Israel. Her work was awarded among others a USENIX Security Distinguished Paper Award, Annual Privacy Papers for Policymakers (PPPM) Award Academic Paper Honorable Mention, Casper Bowden PET award for Outstanding Research in Privacy Enhancing Technologies, University of California, Berkeley School of Information Distinguished Faculty Award. She is currently one of the co-editors of ISO/IEC 27402 at JTC1, SC27 (in draft, IoT Security Baseline Requirements).
\n
SpeakerBio:Anahit Tarkhanyan\n, Principal Engineer, Intel Corp., Network and Edge Group, IoT CTO Office
\nAnahit leads the security architecture of Intel edge portfolio. Her area of expertise covers security of Edge to Cloud systems and AI/ML, security standards and regulation. Anahit is IEEE Senior Member and has PhD in Distributed Computer Systems and Networks. She holds several patents, and has publications in diverse security technology. \"Dr. Amit Elazari, Intel Corp., Director, Global Cybersecurity Policy, Government Affairs
\n
SpeakerBio:Ria Cheruvu\n
\nRia Cheruvu is an AI Ethics Lead Architect at the Intel Network and Edge engineering group working on developing trustworthy AI products. She is 17 years old, and graduated with her bachelorâ€™s degree in computer science at Harvard University at 11 and her masterâ€™s degree in data science from her alma mater at 16. Her pathfinding domains include solutions for security and privacy for machine learning, fairness, explainable and responsible AI systems, uncertain AI, reinforcement learning, and computational models of intelligence. She enjoys composing piano music, ocean-gazing with her family, and contributing to open-source communities in her free time.
\n\n
\nDescription:
\nThe Internet of Things (IoT) ecosystem holds tremendous promise to promote innovation and productivity, and societal benefits. Yet, with increased connectivity, concerns remain with the growing attack surface. While the DFECON community often focuses on the security aspects of these issues, the multidimensional nature of IoT devices and the combination of AI/ML solutions, sparked standardization activities focusing more generally on the concept of â€œIoT trustworthinessâ€. This talk will introduce the audience to the latest developments in the IoT Security Policy landscape, proposals for confidence/certifications mechanisms emerging globally, and key IoT Security baseline standards developments, while exploring the connection to the IoT trustworthiness concept across the IoT Supply Chain. We will describe a case study of IoT robustness and trustworthiness applied in context of AI and smart analytics, including the importance of characterizing the behavior of data.
\n
IoT Village talks will be streamed to Twitch. Select speakers may be available in the IoT Village on-site to answer questions.\n

\'',NULL,220201),('2_Friday','12','12:00','12:15','N','AVV','','\'Adversary Village Kick-off \'','\'Abhijith B R\'','AVV_740b14dde872af906155b638910b647a','\'Title: Adversary Village Kick-off
\nWhen: Friday, Aug 6, 12:00 - 12:15 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Abhijith B R\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220202),('2_Friday','12','12:15','12:59','N','AVV','','\'Adversary Village Keynote\'','\'David Kennedy\'','AVV_015a21306364c41de5945d19c1de5bae','\'Title: Adversary Village Keynote
\nWhen: Friday, Aug 6, 12:15 - 12:59 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:David Kennedy\n, CEO, TrustedSec
\nDavid is a cybersecurity authority whose mission is to drive the industry forward and make the world a more secure place. In addition to creating two large-scale cybersecurity firms, David has testified before Congress on issues of national security and has appeared as a subject matter expert on hundreds of national news and TV shows.\n

Prior to creating TrustedSec, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company. As a forward thinker in the security field, David has had the privilege of speaking at some of the nationâ€™s largest conferences, including Microsoftâ€™s BlueHat, DEF CON, Black Hat, and DerbyCon, which he co-created in 2011 and expanded into DerbyCon Communities.\n

\nTwitter: @HackingDave
\nhttps://www.linkedin.com/in/davidkennedy4
\n\n
\nDescription:No Description available
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220203),('2_Friday','13','13:00','13:45','N','AVV','','\'Look at me, I\'m the Adversary now: Introduction to Adversary Emulation and its place in Security Operations\'','\'Samuel Kimmons\'','AVV_02f3d824fa83c20b597cc407eb72e61f','\'Title: Look at me, I\'m the Adversary now: Introduction to Adversary Emulation and its place in Security Operations
\nWhen: Friday, Aug 6, 13:00 - 13:45 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Samuel Kimmons\n
\nSamuel Kimmons is Red Teamer at Cognizant. He is responsible for researching, planning, and developing full scope Red Team engagements. Samuel got is start in Information Security during his time in the United States Air Force (USAF). While in the USAF he stood up the first interal red team at the United States Air Force Computer Emergency Response Team (AFCERT). His team\'s primary purpose was to emulate threat actors in order to increase the accuracy of detection capabilities.
\nhttps://www.linkedin.com/in/kimmons
\n\n
\nDescription:
\nAdversary Emulation is quickly becoming a hot topic in information security, and there is a good reason for it. Security analysts, threat hunters, and incident responders are constantly facing an onslaught of old and new threats. How can defenders properly prepare for the ever-changing threat landscape, improve their skill set, and improve the security posture of their organization? In this presentation I\'ll answer those questions by covering: The various forms of Adversary Emulation, where/how it fits into Security Operations, Threat Intelligence, the benefits of using it as a Blue Team training tool, and how to get started!
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220204),('2_Friday','13','13:45','14:45','N','AVV','','\'From On-Prem to the Cloud - Hybrid AD attack path\'','\'Sergey Chubarov\'','AVV_5202a43ff638794c46a0e3ebbf985853','\'Title: From On-Prem to the Cloud - Hybrid AD attack path
\nWhen: Friday, Aug 6, 13:45 - 14:45 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Sergey Chubarov\n
\nSergey Chubarov is a Security and Cloud Expert, Instructor with 15+ years experience on Microsoft technologies. His day-to-day job is to help companies securely embrace cloud technologies. He has certifications and recognitions such as Microsoft MVP: Microsoft Azure, Offensive Security Certified Professional (OSCP), Offensive Security Experienced Penetration Tester (OSEP), Microsoft Certified Trainer, MCT Regional Lead, EC Council CEH, CPENT, CEI, CREST CPSA, CRT and more. Frequent speaker on local and international conferences. Prefers live demos and cyberattacks simulations.
\nhttps://ru.linkedin.com/in/schubarov
\n\n
\nDescription:
\nMost businesses today use hybrid cloud and many of us will retire before companies fully migrate to the cloud. Cloud identity service Azure AD provides protection from advanced cybersecurity attacks, but what additional challenges appear when integrating with on-prem AD? \nLet\'s check that out in advanced scenario-based session, Live demos only.\n

THE SESSION CONTAINS:\n

Getting Domain Admin through Azure AD Connect\nGetting Domain Admin through Azure AD Connect Cloud Sync (new offering)\nBypass Azure AD authentication & MFA
\nAzure reconnaissance with AzureHound\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220205),('2_Friday','14','13:45','14:45','Y','AVV','','\'From On-Prem to the Cloud - Hybrid AD attack path\'','\'Sergey Chubarov\'','AVV_5202a43ff638794c46a0e3ebbf985853','\'\'',NULL,220206),('2_Friday','14','14:45','15:45','N','AVV','','\'Exploiting Blue Team OPSEC failures with RedELK\'','\'Marc Smeets\'','AVV_d9080f9e3392d92f02ff102ff1d6ddc6','\'Title: Exploiting Blue Team OPSEC failures with RedELK
\nWhen: Friday, Aug 6, 14:45 - 15:45 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Marc Smeets\n, Red Teamer, Outflank
\nMarc is from Infosec class 1999 (hobby) and 2006 (professionally). With a strong background in system and network engineering, he switched to pentesting in 2006. In 2016 he co-founded Outflank, a boutique red teaming and adversary simulation company in Amsterdam. He helps international customers on a daily base. Besides working for his clients, Marc spends his time making tools to optimise the red teamer\'s workflow, a.o. RedELK. Besides infosec, Marc is a great fan of fast cars and champagne.
\n\n
\nDescription:
\nBlue teams and CERTs are increasingly better equipped and better trained. At the same time offensive infrastructures are increasingly diverse in components and growing in size. This makes it a lot harder for red teams to keep oversight but also a lot easier for blue teams to react on the traces that red teams leave behind. However, do blue teams really know what traces they leave behind when doing their investigation and analyses? RedELK was created and open sourced to help red teams with these two goals: 1) make it easy to have operational oversight, 2) abuse blue team OPSEC failures. Come to this talk to learn about blue team detection and how RedELK can help you.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220207),('2_Friday','15','14:45','15:45','Y','AVV','','\'Exploiting Blue Team OPSEC failures with RedELK\'','\'Marc Smeets\'','AVV_d9080f9e3392d92f02ff102ff1d6ddc6','\'\'',NULL,220208),('2_Friday','15','15:45','16:45','N','AVV','','\'Everything is a C2 if you\'re brave enough\'','\'Luis Ãngel RamÃrez Mendoza,Mauro CÃ¡seres Rozanowski\'','AVV_e899d373ba9ca4b3046d7f421823a0ec','\'Title: Everything is a C2 if you\'re brave enough
\nWhen: Friday, Aug 6, 15:45 - 16:45 PDT
\nWhere: Adversary Village (Virtual)
\nSpeakers:Luis Ãngel RamÃrez Mendoza,Mauro CÃ¡seres Rozanowski
\n
SpeakerBio:Luis Ãngel RamÃrez Mendoza\n
\nNo BIO available
\n
SpeakerBio:Mauro CÃ¡seres Rozanowski\n
\nMauro Eldritch is an Argentine Hacker & Speaker, Founder of BCA and DC5411. He was a Speaker at DEF CON (six times!), ROADSEC (LATAMâ€™s biggest security conference), DEVFEST Siberia, DragonJAR Colombia (biggest spanish-speaking conference in LATAM), P0SCON Iran, Texas Cyber Summit and EC-Council Hacker Halted among other conferences (25+).\n

In the past, he worked for many government organisms such as Ministry of Security, Federal Revenue Administration, Ministry of Health, Ministry of Economy, Ministry of Production and both SecBSD & FreeBSD Projects.\n

\nTwitter: @mauroeldritch
\n\n
\nDescription:
\nIt is truly amazing how many and diverse methods an attacker has to \"call home\", exfiltrate information, or coordinate the next steps in his chain of attack. In this talk we will demonstrate (and automate) the most wacky, unexpected, and interesting methods for setting up a C2 server: Messaging apps? social media profiles? video games or gaming platforms? Yes, and there\'s more. The more sacred and innocent an app appears to be, the higher the score for us when weaponizing it. We will explain from scratch the function, the construction and even the automation with Ruby and Python of C2 servers based on a wide range of applications of common and daily use. For this we will use a fake toy ransomware, which will try to call home, exfiltrate information and coordinate an attack in the most crazy,bizarre and above all ... unexpected ways. Lots of short demos make this talk suitable to both newcomers and experienced people.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220209),('2_Friday','16','15:45','16:45','Y','AVV','','\'Everything is a C2 if you\'re brave enough\'','\'Luis Ãngel RamÃrez Mendoza,Mauro CÃ¡seres Rozanowski\'','AVV_e899d373ba9ca4b3046d7f421823a0ec','\'\'',NULL,220210),('2_Friday','16','16:45','17:45','N','AVV','','\'Designing a C2 Framework\'','\'Daniel \"Rasta\" Duggan\'','AVV_3f0aba4f14e2b11e5beca63e67bc7212','\'Title: Designing a C2 Framework
\nWhen: Friday, Aug 6, 16:45 - 17:45 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Daniel \"Rasta\" Duggan\n
\nDaniel Duggan, aka Rasta Mouse, is the Director of Zero-Point Security and creator of the Red Team Ops training course. Daniel has authored and contributed to multiple open source projects including TikiTorch, SharpC2, Covenant and SharpSploit.
\nTwitter: @_RastaMouse
\n\n
\nDescription:
\nOver recent years, there has been a huge boom in open-source C2 frameworks hitting the information security space. So much so they made a website and a logo - thatâ€™s how you know things are serious! Such a trend naturally drives more people towards taking on the gauntlet but all too often it becomes an insurmountable challenge and another dashed dream of the aspiring red teamer, or veteran alike. Believe me when I say - Iâ€™ve been there. Iâ€™ve felt the pain, the frustration, the imposter syndrome. Heck, I still do. However, Iâ€™ve (mostly) come out the other side with some hard learned lessons. Those lessons are the subject of this talk. The goal is not to write or provide code. We shall discuss how to approach initial design ideas; decide what is important and what is not; anticipate and deal with potential problem areas; consider different use cases and perspectives; and more.\n

If you are interested in building your own C2 framework, contributing to existing frameworks, or even software development in general, thereâ€™s something in this talk for you.\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220211),('2_Friday','17','16:45','17:45','Y','AVV','','\'Designing a C2 Framework\'','\'Daniel \"Rasta\" Duggan\'','AVV_3f0aba4f14e2b11e5beca63e67bc7212','\'\'',NULL,220212),('2_Friday','17','17:45','19:59','N','AVV','','\'(Workshop) Tradecraft Development in Adversary Simulations\'','\'Fatih Ozavci\'','AVV_98a8c0c28fc473750db4c381a98979f6','\'Title: (Workshop) Tradecraft Development in Adversary Simulations
\nWhen: Friday, Aug 6, 17:45 - 19:59 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Fatih Ozavci\n, Managing Security Consultant, The Missing Link (Australia)
\nFatih Ozavci is a multidisciplinary security manager, engineer and researcher with two decades of experience on offensive and defensive security technologies. He has managed several international security assessment and research projects focused on various technologies including service provider networks, unified communications, application security and embedded systems. He shared his researches, tools, advisories and vulnerabilities in major security conferences such as Black Hat USA, DEF CON and HITB. Nowadays, he combines his skillsets to perform realistic adversary simulations and defence exercises for larger organisations. Fatih is also studying Master of Cyber Security (Advanced Tradecraft) at University of New South Wales at Australian Defence Force Academy.
\nhttps://au.linkedin.com/in/fozavci
\n\n
\nDescription:
\nThreat actors build their tradecraft for each campaign, they need to select the right tactics, techniques. Most of the time they use open source or commercial, but publicly available tools. They even re-purpose or pack existing malware acquired from other threat actors. The reason behind of this decision is tool development takes time, and if the known/current tools already work well, they donâ€™t need upgrades either. However, the adversary simulation specialists need to operate in safer environments, therefore, theyâ€™re not allowed to use malicious tradecraft or unknown tools in general. Tradecraft development is an essential skills for an adversary simulation specialist as it needs custom C2 protocols, implants, safer but realistic Mitre Att&ck TTPs, and finally cutting-edge evasions for the modern security controls including EDRs and Cyber Analytics. In this workshop, weâ€™ll walk through reasons and ways of Tradecraft development, talk about where to start, and to go, finding example source codes, walking through the source code of existing C2s, implants, and draft tools. Weâ€™ll also discuss about weaponization techniques such as offensive pipelines, modern evasions techniques and tool integrations. Duringthe exercises, weâ€™ll prefer C# for programming, but you can replicate what you learn in various languages after this workshop (e.g. Python, Go, Rust). During the workshop, the participants will be able to develop their own implants, C2s, evasions and more using examples and active tools such as Petaq Purple Team C2 and Malware, TA505+ Adversary Simulation Pack and Tehsat Malware Traffic Generator
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220213),('2_Friday','18','17:45','19:59','Y','AVV','','\'(Workshop) Tradecraft Development in Adversary Simulations\'','\'Fatih Ozavci\'','AVV_98a8c0c28fc473750db4c381a98979f6','\'\'',NULL,220214),('2_Friday','19','17:45','19:59','Y','AVV','','\'(Workshop) Tradecraft Development in Adversary Simulations\'','\'Fatih Ozavci\'','AVV_98a8c0c28fc473750db4c381a98979f6','\'\'',NULL,220215),('2_Friday','20','20:00','20:59','N','AVV','','\'Panel discussion: Adversary simulation, emulation or purple teaming - How would you define it?\'','\'Tomer Bar,Samuel Kimmons,Anant Shrivastava,Vincent Yiu,Martin Ingesen,Joe Vest\'','AVV_3cb8c116b84bb530da021af643949617','\'Title: Panel discussion: Adversary simulation, emulation or purple teaming - How would you define it?
\nWhen: Friday, Aug 6, 20:00 - 20:59 PDT
\nWhere: Adversary Village (Virtual)
\nSpeakers:Tomer Bar,Samuel Kimmons,Anant Shrivastava,Vincent Yiu,Martin Ingesen,Joe Vest
\n
SpeakerBio:Tomer Bar\n
\nTomer Bar is hands-on security researcher and head of research manager with ~20 years of unique experience in the cyber security. In the Past, he ran research groups for the Israeli government and then lead the endpoint malware research for Palo Alto Networks. Currently, he leads the SafeBreach Labs research which is the research and development arm of SafeBreach.\n

His main interest is focused on Windows vulnerability research, reverse engineering and APT research.\n

\n
SpeakerBio:Samuel Kimmons\n
\nSamuel Kimmons is Red Teamer at Cognizant. He is responsible for researching, planning, and developing full scope Red Team engagements. Samuel got is start in Information Security during his time in the United States Air Force (USAF). While in the USAF he stood up the first interal red team at the United States Air Force Computer Emergency Response Team (AFCERT). His team\'s primary purpose was to emulate threat actors in order to increase the accuracy of detection capabilities.
\nhttps://www.linkedin.com/in/kimmons
\n
SpeakerBio:Anant Shrivastava\n
\nNo BIO available
\n
SpeakerBio:Vincent Yiu\n
\nNo BIO available
\n
SpeakerBio:Martin Ingesen\n
\nNo BIO available
\n
SpeakerBio:Joe Vest\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220216),('3_Saturday','10','10:00','10:59','N','AVV','','\'The Way of The Adversary\'','\'Phillip Wylie\'','AVV_8b4e99f7b88227ea3bad2b75e4d3bfcf','\'Title: The Way of The Adversary
\nWhen: Saturday, Aug 7, 10:00 - 10:59 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Phillip Wylie\n, Offensive Cybersecurity Practitioner & Educator, The PWN School Project
\nPhillip has over two decades of information technology and cybersecurity experience. His specialties include penetration testing, red teaming, and application security. When Phillip is not hacking, he is educating others. Phillip is the founder of The Pwn School Project, an education-focused cybersecurity organization. He co-authored the book, â€œThe Pentester Blueprint: Starting a Career as an Ethical Hackerâ€ based on his popular talk presented at numerous conferences. He is an Innocent Lives Foundation Ambassador and a â€˜Hacking is NOT a Crimeâ€™ Advocate.
\nTwitter: @PhillipWylie
\nhttps://www.linkedin.com/in/phillipwylie
\n\n
\nDescription:
\nThe adversary philosophy and mindset are important when trying to emulate a threat actor during a red team operation or offensive cybersecurity assessment or trying to understand them as a defender. In this talk we will take a look at the philosophy and mindset of an adversary as well as what motivates them.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220217),('3_Saturday','13','13:15','13:59','N','AVV','','\'(Tool Demo) Red Team Credentials Reconnaissance (OLD with a TWIST)\'','\'Shantanu Khandelwal\'','AVV_de293bfa30fc14780eed0761117b738e','\'Title: (Tool Demo) Red Team Credentials Reconnaissance (OLD with a TWIST)
\nWhen: Saturday, Aug 7, 13:15 - 13:59 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Shantanu Khandelwal\n, Manager, KPMG Singapore
\nShantanu is a Manager in the Cybersecurity Consulting practice in KPMG. He has experience in leading and performing Adversary Simulation exercises, Security Testing, and IT Security consultancy. He has worked in the Banking and Financial sectors, the Power and Utility sector, and the FMCG sector. He has led and performed various technical assessments, including Red/Purple Teaming, Security Architecture reviews, Application penetration tests, Network penetration tests, and source code reviews for many global multi-national companies. He has experience working in various world regions, including the Middle East, India, Hong Kong, and Singapore.
\nhttps://sg.linkedin.com/in/khandelwalshantanu
\n\n
\nDescription:
\nThis talk covers the basics of credentials reconnaissance performed for a red team. Mostly covers the reconnaissance performed on GitHub to search for leaked passwords by developers. The current toolset and the Shiny new GitHub Credentials Stroller which dives into each repository and performs a deep scan.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220218),('3_Saturday','14','14:00','14:59','N','AVV','','\'Operation Bypass: Catch My Payload If You Can\'','\'Matthew Eidelberg\'','AVV_5e3f0015af8d2b81fa7ecda2f7ee0d8d','\'Title: Operation Bypass: Catch My Payload If You Can
\nWhen: Saturday, Aug 7, 14:00 - 14:59 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Matthew Eidelberg\n, Technical Manager, Optiv
\nMatthew Eidelberg is a Technical Manager in Optivâ€™s Threat Management Team (Attack and Penetration specialization). Matthew has over 8 yearsâ€™ experience in both consulting and information security. Matthewâ€™s primary role is focused on leading Threat Managementâ€™s Adversary Simulation Services which focus on physical, red/purple team, and other advanced assessments.\n

Matthewâ€™s expertise also involves research development, focusing on developing new techniques and tooling for endpoint security bypass and evasion. Matthewâ€™s experience working in enterprise networks has also given him a deep understanding of the business operations.\n

\nhttps://ca.linkedin.com/in/matthew-eidelberg-b0422997/
\n\n
\nDescription:
\nEndpoint Detection and Response (EDR) have become the punching bags of the security world. Attackers employ sophisticated techniques to circumvent these controls and as a result, there has been a driving need for defenders to detect and prevent these attacks... but are they sufficient? This talk will go over all the operational considerations and tradecraft theory I\'ve developed over the past few years when evading EDRs and other endpoint controls. This will primarily focus on techniques to ensure command and controls servers are not easily detected and contain virtually no Indicators of Compromise. This talk will then deep dive into the inner workings of the EDR bypassing framework ScareCrow,highlighting some of the lesser-known techniques and new features that are available to red teamers and pentesters. By the end of this talk, the audience should walk away with a detailed understanding of how to use ScareCrow and other opsec considerations to avoid being detected by endpoint controls and blue teams.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220219),('3_Saturday','15','15:00','15:45','N','AVV','','\'(Tool Demo) PurpleSharp: Automated Adversary Simulation\'','\'Mauricio Velazco\'','AVV_9fbf08e656d82d21d54752919adcc2cc','\'Title: (Tool Demo) PurpleSharp: Automated Adversary Simulation
\nWhen: Saturday, Aug 7, 15:00 - 15:45 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Mauricio Velazco\n, Principal Threat Research Engineer, Splunk
\nMauricio Velazco (@mvelazco) is a Peruvian, information security professionalwith more than a decade of work experience across different roles on both offensive and defensive security. In his current role as a Principal Threat Researcher on Splunkâ€™s Threat Research Team, Mauricio focuses on adversary simulation and threat detection. Prior to Splunk, he led the Threat Management team at a Fortune 500 organization. Mauricio has presented/hosted workshops at conferences like Defcon, BlackHat, Derbycon, BSides, SANS, etc.
\nTwitter: @mvelazco
\nhttps://www.linkedin.com/in/mauricio-velazco-4314b51a/
\n\n
\nDescription:
\nDefending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven to be a step in the right direction. However, without the telemetry produced by adversary behavior, building new and testing existing detection capabilities will be constrained. PurpleSharp is an open source adversary simulation tool written in C# that executes adversary techniques within Windows Active Directory environments. The resulting telemetry can be leveraged to measure and improve the efficacy of a detection engineering program. PurpleSharp leverages the MITRE ATT&CK Framework and executes different techniques across the attack life cycle: execution, persistence, privilege escalation, credential access, lateral movement, etc
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220220),('3_Saturday','15','15:45','16:30','N','AVV','','\'Phish Like An APT\'','\'Sanne Maasakkers\'','AVV_522086529e21cee7db3b84652915c905','\'Title: Phish Like An APT
\nWhen: Saturday, Aug 7, 15:45 - 16:30 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Sanne Maasakkers\n, Security Expert, Fox-IT
\nSanne Maasakkers works as a security expert in the Red Team and Strategic Threat Intelligence team at Fox-IT in the Netherlands. Next to her focus on pentesting and threat analysis (which was recently demonstrated by â€˜beingâ€™ the attacking APT during the biggest Dutch cyber crisis exercise), she loves to perform social engineering attacks and has a strong expertise on getting initial access by using this technique. In addition to her work, she contributes to \"a more secure society\" by providing awareness training, guest lectures and hack demos in both professional and educational environments and as team captain of the European team during the International Cyber Security Challenge (ICSC).
\nhttps://nl.linkedin.com/in/sannemaasakkers/
\n\n
\nDescription:
\nHave you ever wondered what phishing strategy real world APTs use? And how these compare with the scenarios that you use during your Red Team / social engineering activities? If you did, you probably found out that there\'s a lot of research about APT techniques, tactics and procedures, like the use of specific malware or attack vectors, but there are not many public resources on which techniques those attackers actually use to convince a non-suspecting person to aid them in their operation. In this talk an analysis is presented of hundreds of phishing emails that were used in real campaigns. All characteristics of an email, like the method of influence, tone of speech and used technologies are classified and measures how well a phishing campaign is designed, scoring from â€œobvious spamâ€ to â€œnear-realistic original mailâ€. By comparing and measuring the state of these phishing emails,we can learn more about how certain groups operate and how much â€œeffortâ€ they put into their scenarios. This is important knowledge for both attackers and defenders. If you want to know how to phish like youâ€™re an APT, then this talk is for you. Spoiler alert: you might already be a better phisher than these groups.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220221),('3_Saturday','16','15:45','16:30','Y','AVV','','\'Phish Like An APT\'','\'Sanne Maasakkers\'','AVV_522086529e21cee7db3b84652915c905','\'\'',NULL,220222),('3_Saturday','16','16:30','17:15','N','AVV','','\'(Tool Demo) Tenacity: An Adversary Emulation Tool for Persistence\'','\'Atul Nair,Harshal Tupsamudre\'','AVV_4db52db974983140f56b08b86ce57e31','\'Title: (Tool Demo) Tenacity: An Adversary Emulation Tool for Persistence
\nWhen: Saturday, Aug 7, 16:30 - 17:15 PDT
\nWhere: Adversary Village (Virtual)
\nSpeakers:Atul Nair,Harshal Tupsamudre
\n
SpeakerBio:Atul Nair\n, Malware Researcher, Qualys
\nAtul is a Malware Researcher at Qualys. His name has been listed in Google, Microsoft,Olx, Twitter Hall of fame for finding critical security vulnerabilities. Before joining Qualys he worked as a Cybersecurity consultant at Ernst & Young. Atul has extensive experience in MITRE ATT&CK framework and Adversary emulation. He is currently researching on Android adversary emulation techniques.
\nhttps://in.linkedin.com/in/atul-nair-3932a2141/
\n
SpeakerBio:Harshal Tupsamudre\n, Senior Threat Research Engineer, Qualys
\nHarshal Tupsamudre is a senior threat researcher at Qualys. He has 8 years of research experience in the areas of cryptanalysis and usable security. He has published 15+ research articles in top-tier international conferences. He has contributed techniques, threat groups and tools to MITRE ATT&CK framework. Currently, he is researching on detection methodologies for MITRE ATT&CK techniques.
\nhttps://in.linkedin.com/in/harshal-tupsamudre-28a58735
\n\n
\nDescription:
\nPersistence consists of techniques that adversaries use to maintain their foothold on systems across restarts. Techniques used for persistence include any access, action, or configuration changes that allow attackers retain access on systems. Persistence is one of the more sought-after techniques of an attacker. Every 3 techniques out of top 10 usedby Adversaries belong to Persistence. We leveraged data from MITRE ATT&CK and open source cyber threat intelligence to understand how adversary achieves persistence. We created Tenacity, a light-weight adversary emulation tool that emulates over 30+ persistence techniques using 100+ procedures employed by attackers in the wild. Using this tool the organizations and individuals can quickly validate the risk posture and exposure of their business as well as the performance of the existing security solutions.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220223),('3_Saturday','17','16:30','17:15','Y','AVV','','\'(Tool Demo) Tenacity: An Adversary Emulation Tool for Persistence\'','\'Atul Nair,Harshal Tupsamudre\'','AVV_4db52db974983140f56b08b86ce57e31','\'\'',NULL,220224),('3_Saturday','17','17:15','18:15','N','AVV','','\'C2Centipede: APT level C2 communications for common reverse HTTP shell tools\'','\'Jose Garduno\'','AVV_4b829689d98026e46dcd2896f3521356','\'Title: C2Centipede: APT level C2 communications for common reverse HTTP shell tools
\nWhen: Saturday, Aug 7, 17:15 - 18:15 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Jose Garduno\n, Senior Security Consultant, Dreamlab Technologies AG
\nJosé Garduño is a senior security consultant at Dreamlab Technologies since 2014, where he usually takes part in security audits, pentesting and red teaming engagements. He has participated as a speaker in several technical conferences like: Hackito Ergo Sum (France), Swiss Cybersecurity days (Switzerland), DSS ITSEC (Latvia), 8.8 Security Conference (Chile, Bolivia), OWASP Patagonia (Argentina), Congreso Seguridad en Computo UNAM (Mexico), DragonJar Security Conference (Colombia), where he has presented his work on privacy attacks on Latin-America (The government as your hacking partner), Hacking with open hardware platforms (revisiting hardware keyloggers, say hi to mikey: an offensive hardware keylogger) and C2 detection (RATSPOTTING: Analysis of popular Remote Administration Tools & discovery of C2 servers on the wild)
\n\n
\nDescription:
\nAdversaries have been continuously improving their malware to be stealthier and more resilient on both the victimâ€™s host as well as on the network.Examples of these innovations on the latter include Fast Flux networks, Domain Generation Algorithms and Domain Fronting among other techniques.\n

Unfortunately, open source tools for threat emulation currently have limited support for such advanced features, leaving redteams with easy to detect C2 communications. We present C2Centipede, a proxy tool that provides these features to HTTP reverse shell tools (like Metasploit or Empire) to be stealthier on the network by dynamically and transparently modifying the trojanâ€™s C2 communication routing and beaconing strategies, with the aim of evading some of the blueteamâ€™s detection strategies.\n

BEACONING EVASION\n

Detection of HTTP reverse shell beaconing activity is possible because most of the patterns on which malware sends the beacons through the network can be identified as they occur in static time intervals or are adjusted in specific increments, attributes which are possible to detect using statistical analysis.[1]\n

For instance, Metasploitâ€™s reverse_http meterpreter sends a message to the C2 server every 100 milliseconds and increases the interval by this same measure each time the C2 server gives no new jobs to the trojan, up to a maximum of 10 seconds.[2]\n

It is easy then for tools like RITA to perform statistical analysis on the number, timing and size of connections between pairs of hosts (source, destination)[3]. This IP-pair evaluation works in the most typical approach of having only one IP per C2 server. We implement a beaconing detection evasion method that works by 1) Altering the trojanâ€™s C2 communication message interval and 2) Splitting and routing the C2 communication among many C2 server addresses to hide beaconing and exfiltration.\n

JITTER MODIFICATION\n

The Achilleâ€™s heel of most RAT (Remote Access Trojan) and TES (Threat Emulation Software) tools network stealthiness is fixed beaconing intervals. The time interval between each message that goes to the C2 server is usually hardcoded and just too short, making manyrequests across the network, so we have incorporated in the tool, better control of the beaconing, with the possibility of modifying the jitter on the fly or having preset configurations, like allowing C2 communication just on certain time window.\n

Some RAT/TES tools will fail after a specific amount of unsuccessful C2 communication attempts, so the C2Centipede proxy client cannot just drop the HTTP calls that donâ€™t fit the operatorâ€™s beaconing strategy, therefore fake C2 response messages are generated in order to keep the trojan alive.\n

FAUX FLUX\n

The concept of Fast Flux networks as a technique to improve a botnetâ€™s C2 availability has been in use since 2007-2008.[4] Using this technique, an attacker can hide the real C2 server behind proxies (which are usually compromised edge servers in a botnet), and distributing said proxies IPs through DNS records with a very low TTL[5], allowing them to rapidly (and thus the name fast flux) change the resolved IP for a given domain name. This results in making the shutdown of each C2 IP so difficult as to be usually compared to a whack a mole game.[4] The weakness of this approach is the reliance on a domain name[5], which can be sinkholed by the domain name registrar, as in the case of the shutdown of the Conficker botnet.[4] Some of the common detection methods for Fast Flux networks is the low TTL (time to live) of the record and a high number of IPs resolved for that record.[3]\n

We have incorporated the C2 proxying technique without the DNS and botnet requirements by utilizing open reverse tcp/http tunnels found on the internet, which provide plenty of IP addresses on which we can spread our C2 comms and provide anonymity as the real C2 server is hidden behind the reverse proxy. In our most recent internet-wide survey we found more than 1.5K servers that could be abused for this purpose\n

MULTIFRONTING\n

Domain fronting (ATT&CK T1090.004) is a widely used technique for evading network detection. This technique hides the trojanâ€™s HTTP requests to the C2 as if it was directed to another domain hosted on the same Content Delivery Network (CDN) as the attackerâ€™s. Without TLS inspection, where a mismatch between TLSâ€™s SNI and the HTTP header could be detected, it becomes very hard for the defenders to detect malicious traffic using this technique, having as a last resource the detection via statistical analysis like beaconing detection.\n

C2Centipede has the ability to utilize multiple domain fronting configurations, which are not necessarily on the same CDN, this provides additional resilience in case one of the CDN providers blocks the redteamerâ€™s account.\n

DOMAIN GENERATION ALGORITHMS\n

We have incorporated Flubotâ€™s algorithm for Domain Generation Algorithm (ATT&CK: T1568.002). The seed, and maximum number of domains generated are easily configurable.\n

DYNAMIC PROXY CONFIGURATION\n

C2Centipedeâ€™s configuration on the server and client can be modified on the fly by the operator. The original trojanâ€™s and C2 messages are wrapped in the toolâ€™s own HTTP messages along with the configuration changes of the routing, jitter and encryption settings for the c2centipede client and server. These are piggybacked on the original HTTP requests, requiring no additional â€œnoiseâ€ in the network.\n

LIMITATIONS\n

The tool currently works with reverse HTTP shells that close the TCP connections (eg. Metasploit, Empire) and currently does not support those with long connections (eg. PoshC2, Koadic)\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220225),('3_Saturday','18','17:15','18:15','Y','AVV','','\'C2Centipede: APT level C2 communications for common reverse HTTP shell tools\'','\'Jose Garduno\'','AVV_4b829689d98026e46dcd2896f3521356','\'\'',NULL,220226),('3_Saturday','18','18:15','18:45','N','AVV','','\'Lightning talk: Autonomous lateral movement\'','\'Stephan Wampouille\'','AVV_86e2dee7647dd11cd7926ff95873e13e','\'Title: Lightning talk: Autonomous lateral movement
\nWhen: Saturday, Aug 7, 18:15 - 18:45 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Stephan Wampouille\n, Cyber Security Engineer (Intern), Prelude Research
\nStephan is a Cyber Security Engineering intern at Prelude Research, where he uses his mechanical engineering background to construct realistic adversary profiles which are runnable within the Prelude Operator application or on their own. Stephan works on attacks which are designed to bypass detection through creative measures.
\nhttps://www.linkedin.com/in/stephan-wampouille
\n\n
\nDescription:
\nSee autonomous lateral movement in a live environment. In this Linux-based attack, multiple benign behaviors - each designed not to be detected - are chained together to complete a lateral movement action. Using a creative approach to parsing indicators of compromise out of RAT responses and injecting them automatically into commands later down the kill chain, this lateral movement demonstration will be fully hands-off. The techniques and TTPs in this demonstration will be made open-source following the talk.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220227),('3_Saturday','18','18:45','19:45','N','AVV','','\'Game Theory: Understanding and Strategy and Deception\'','\'Juneau Jones\'','AVV_dc30d78d117d74cea1f22be34cd66870','\'Title: Game Theory: Understanding and Strategy and Deception
\nWhen: Saturday, Aug 7, 18:45 - 19:45 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Juneau Jones\n
\nRaised in the woods of Alaska, Juneau attributes her love of hacking to a childhood spentbuilding and breaking things outside. After studying computer science and economics, she moved to Dallas, Texas, where she found a home in the local hacker community. Juneau began research on applying behavioral economics to adversarial tactics. After her successful first talk at Dallas Hacker\'s Association on the prisonerâ€™s dilemma, she began presenting her research at cons across the country. Currently, she works as an adversarial analyst doing consultant red teaming. She is also continuing her research and education as a cybersecurity fellow at NYU. When she is not hacking or asking strangers to act out the prisoner\'s dilemma, Juneau breathes fire, plays the bass, and runs DC214; Dallas\'s DefCon group.
\n\n
\nDescription:
\nGame Theory is the study of choices and strategies made by rational actors, called \"players,\" in competitive situations, and it offers us a way to study and map human conflict. Statisticians use game theory to model war, biology, and even football. We will model the choices and behavior demonstrated by real-world adversarial conflict. Usingthese models, we will discuss how players form strategies and how other actors can influence those strategies. The talk will begin with an overview of game-theoretic modeling and its application to adversary behavior. Using the Prisoner\'s Dilemma as an example, we will look at how to model and analyze a single game. We can then model repeated interactions and demonstrate how \"players\" can influence each other\'s choices. These models will lay the foundations we need to look at more realistic adversary conflict. Next, we are going to look at how players can exploit information asymmetry. Emerging techniques such as dynamic honeynets and virtual attack surfaces both investigate attackers while manipulating their beliefs. We will build a Signaling Game model to show how defenders can credibly deceive adversaries. Using this model, we will look at a scenario where a defender observes multiple attacker movements within a network. While sustained engagement can help the defender learn more about the attacker and provide them false information, it comes at the risk of added exposure. In this scenario, there is a trade-off between information gained and short-term security. This talk will not look at network topology or protocols but will instead look at information exchange and strategy. We will then apply the same models to an adversarial perspective. Sustained engagement with a defender can provide an attacker with information and the opportunity to deceive defenders. However, that comes with a risk. How does an attacker\'s strategy change when a defender can eject them from the network at any time? By analyzing conflict where strategy and choices determine the outcome, we learn more about how to understand others\' tactics and influence them with our own decisions.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220228),('3_Saturday','19','18:45','19:45','Y','AVV','','\'Game Theory: Understanding and Strategy and Deception\'','\'Juneau Jones\'','AVV_dc30d78d117d74cea1f22be34cd66870','\'\'',NULL,220229),('3_Saturday','19','19:45','20:30','N','AVV','','\'(Tool Demo) New generation of PEAS\'','\'Carlos Polop\'','AVV_10beb9ae123385a955ba573849ba8045','\'Title: (Tool Demo) New generation of PEAS
\nWhen: Saturday, Aug 7, 19:45 - 20:30 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Carlos Polop\n, Senior Security Engineer, Mettle
\nCarlos is a Spanish Telecommunications Engineer with a Master in Cybersecurity.He had worked hard to pass some important certifications like OSCP, OSWE, CRTP, eMAPT, and eWPTXv2. He has worked mainly as penetration tester/red teamer but also as programmer and system administrator. Since he started learning cybersecurity he has been trying to share his knowledge and help improving the infosec world with his tools (the most remarkable ones are https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite and https://github.com/carlospolop/legion) and with his free hacking tricks online book: https://book.hacktricks.xyz
\nTwitter: @carlospolopm
\nhttps://es.linkedin.com/in/carlos-polop-martin
\n\n
\nDescription:
\nLocal privilege escalation techniques are far beyond checking the Windows/Kernel version, looking for unquoted service paths or checking SUID binaries. Moreover, a local privilege escalation could make a huge difference when trying to comprise a domain. Several tools have been created to find possible privilege escalation paths, but most of the tools for Red Team and Pentesting just check for a few possible ways, so pentesters need to use several tools and do some manual recon to check for everything.\n

PEASS is a compilation of a bash script for Linux/MacOS/*nix and a .Net project and a batch script for Windows that I have created some time ago which aims to check and highlight every possible privescpath so professionals donâ€™t need to execute several different tools for this purpose and can very easily find vulnerabilities.\n

During this talk I would like to present PEASS-ng. The architecture of these scripts has evolved and improved so much that I would like to present how they work at the moment and how the difficulty to collaborate with the project has been reduced significantly. Moreover, I would also like to present the 2 new PEAS that haven\'t been present anywhere yet: BotPEAS and WebPEAS (the latest one will be released the day of the talk). During the talk I will also present my local privilege escalation resources (https://book.hacktricks.xyz/linux-unix/privilege-escalation , https://book.hacktricks.xyz/windows/windows-local-privilege-escalation) so the attended will be able to continue learning about the topic after the talk.\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220230),('3_Saturday','20','19:45','20:30','Y','AVV','','\'(Tool Demo) New generation of PEAS\'','\'Carlos Polop\'','AVV_10beb9ae123385a955ba573849ba8045','\'\'',NULL,220231),('3_Saturday','11','11:00','13:15','N','AVV','','\'(Workshop) From zero to hero: creating a reflective loader in C#\'','\'Jean Francois Maes\'','AVV_c14ae21531733d341e9cd06711686603','\'Title: (Workshop) From zero to hero: creating a reflective loader in C#
\nWhen: Saturday, Aug 7, 11:00 - 13:15 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Jean Francois Maes\n, Senior Red Teamer, NVISO
\nJean-François Maes is the technical red team lead at NVISO security and a SANS instructor for the SEC699:Adversary Emulation for Breach Prevention & Detection course. Jean-François wants to help people level up in their careers and make people want to join the infosec community. This is why he\'s the host of the voices of infosec podcast and the creator of redteamer.tips. Both tailored to inspire people to join in on the fun. Next to his job at NVISO and SANS, he is also very engaged with the infosec community on social media and is a strong believer of open source tooling. He has authored several C# tools such as SharpNukeEventLog, SharpZipRunner and Trustjack.
\nTwitter: @Jean_Maes_1994
\n\n
\nDescription:
\nHave you ever heard of reflective loading before? Ever worked with tools like donut and sRDI? Ever wanted to execute an assembly over Cobalt-Strike but it was bigger than a megabyte? Reflection is awesome, adversaries use it frequently, and in C# it is easier than ever. In this workshop, we will explorer how to create our own reflective loader starting from scratch, adding functionality as we go, in total we will create 6 to 7 loaders. In the end, you will have a better understanding of how reflection works, what appdomains are and do, and how you can leverage reflection in red team operations. In order to attend this workshop, you will need a Windows computer (or VM) and visual studio 2019.
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220232),('3_Saturday','12','11:00','13:15','Y','AVV','','\'(Workshop) From zero to hero: creating a reflective loader in C#\'','\'Jean Francois Maes\'','AVV_c14ae21531733d341e9cd06711686603','\'\'',NULL,220233),('3_Saturday','13','11:00','13:15','Y','AVV','','\'(Workshop) From zero to hero: creating a reflective loader in C#\'','\'Jean Francois Maes\'','AVV_c14ae21531733d341e9cd06711686603','\'\'',NULL,220234),('4_Sunday','11','11:00','11:45','N','AVV','','\'(Tool Demo) Prelude Operator\'','\'David Hunt,Alex Manners\'','AVV_9de72313d5d06e8627d69c2390dfc0bd','\'Title: (Tool Demo) Prelude Operator
\nWhen: Sunday, Aug 8, 11:00 - 11:45 PDT
\nWhere: Adversary Village (Virtual)
\nSpeakers:David Hunt,Alex Manners
\n
SpeakerBio:David Hunt\n, CTO, Prelude Research
\nDavid Hunt is the CTO of Prelude. David specializes in building teams which bridge cybersecurity with best-practice technology. Before coming to Prelude, David spent two years at MITRE Corporation in a dual-role as head developer and project lead for the CALDERA adversary emulation framework. David designed CALDERA v2 from the ground up and instrumented a plan which made it the industry leader in open-source breach and simulation. Prior to this work, David spent 15 years in offensive security and management roles, ranging organizations like Rockwell Collins, John Deere, Kenna Security and FireEye. \n

While at FireEye, David personally oversaw the storage and access of Mandiant\'s threat intelligence data, as the leader of the (then secretive) Nucleus team. Over the years, David has also worked as a contractor for several U.S. intelligence agencies, working domestically and internationally, as a principal security specialist.\n

\nTwitter: @privateducky
\nhttps://www.linkedin.com/in/david-hunt-b72864200
\n
SpeakerBio:Alex Manners\n, Principal Cyber Security Engineer, Prelude Research
\nAlex Manners is a Principal Cyber Security Engineer at Prelude. Alex blends military cyber operations with a deep infrastructure and software engineering background. Prior to joining Prelude, Alex spent almost two years at The MITRE Corporation as a lead Adversary Emulation engineer and software development manager for the CALDERA adversary emulation framework. He led R&D for the CALDERA framework, designing multiple plugins and the current planning engine, as well as pushing the latest in offensive security tooling into the project. Earlier in Alex\'s career, he served as a Cyber Warfare Operations officer in the United State Air Force (USAF) where he led large operational support teams and integrated all aspects of offensive and defensive cyber operations into USAF Air Operations Center (AOC) operations. His cybersecurity experience spans the intelligence community, the U.S. military, non-military government, federal contracting, and the private sector.
\nTwitter: @khyberspache
\nhttps://linkedin.com/in/alexander-manners-87281a30
\n\n
\nDescription:
\nPrelude Operator is the new kid to the adversary emulation block party. Built by the same people who designed and built the MITRE Caldera framework, Operator is a free and largely open-source desktop platform that aims to make adversary emulation accessible to smaller organizations.\n

The app includes a library of RATs (agents) which can deploy into the field and supports a modular architecture of plugins and network protocols, including hundreds of TTPs mapped to ATT&CK. In this tool demonstration, we will highlight the key features of Operator and empower people to walk away with a developer-first adversary emulation desktop platform that is end-to-end free & open-source.\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220235),('4_Sunday','11','11:45','12:30','N','AVV','','\'APT: A Short History and An Example Attack\'','\'Mark Loveless\'','AVV_a4a4ae087eaf8ed360b1b8c592f87e7e','\'Title: APT: A Short History and An Example Attack
\nWhen: Sunday, Aug 8, 11:45 - 12:30 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Mark Loveless\n, Researcher, Gitlab
\nMark Loveless - aka Simple Nomad - is a security researcher, hacker, and explorer.He has worked in startups, large companies, hardware and software vendors. He\'s spoken at numerous security and hacker conferences worldwide on security and privacy topics, including Blackhat, DEF CON, ShmooCon, RSA, AusCERT, among others. He has been quoted in television, online, and print media outlets as a security expert, including CNN, Washington Post, and the New York Times. He\'s paranoid (justified), has done ghost hunting, been mugged four times, storm chased, and seen UFOs. He is currently a Sr Security Researcher at GitLab.
\nTwitter: @simplenomad
\nhttps://linkedin.com/in/markloveless
\n\n
\nDescription:
\nAdvanced Persistent Threat. Where did this term come from? What does it really mean? Exactly how can you determine that it is a \"nation state\" as opposed to a run-of-the-mill attack? All of this will be explained in detail. As an example, I will use an actual attempt against my home system, with a review of collected data to illustrate the whole APT thing.\n

There are differences in how APT actors approach things, and this will be discussed from the perspective of someone who attacked plenty of systems in their youth - me. We\'ll talk about how APT differs from Red Teaming and Penetration Testing, and if you are trying to simulate it you need to throw the rulebook out of the window to do it right.\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220236),('4_Sunday','12','11:45','12:30','Y','AVV','','\'APT: A Short History and An Example Attack\'','\'Mark Loveless\'','AVV_a4a4ae087eaf8ed360b1b8c592f87e7e','\'\'',NULL,220237),('4_Sunday','12','12:30','13:15','N','AVV','','\'(Tool Demo) ImproHound - Identify AD tiering violations\'','\'Jonas BÃ¼low Knudsen\'','AVV_bc566b1cc197e8dc92fe5f188bbb9dbe','\'Title: (Tool Demo) ImproHound - Identify AD tiering violations
\nWhen: Sunday, Aug 8, 12:30 - 13:15 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Jonas BÃ¼low Knudsen\n, Security Advisor, Improsec A/S
\nJonas Bülow Knudsen is an Active Directory (AD) security advisor. Jonas have spent the past two years helping organizations implement technical countermeasures and remediate vulnerabilities in and around AD, including implementation of the AD tier model. Working closely together with penetration testers and having a strong interest in offensive security enable Jonas to focus on security measures that matters and not just best practice.\n

Jonas has recently developed a FOSS tool called ImproHound to identify the attack paths in BloodHound breaking AD tiering: https://github.com/improsec/ImproHound. \n

At least _wald0 (co-creator of BloodHound) thinks it is cool: https://twitter.com/_wald0/status/1403441218495807495\n

\nTwitter: @Jonas_B_K
\nhttps://www.linkedin.com/in/jonas-bÃ¼low-knudsen-950957b7/
\n\n
\nDescription:
\nIt is not viable for system administrators and defenders in a large Active Directory (AD) environment to ensure all AD objects have only the exact permissions they need. Microsoft also realised that, why they recommended organizations to implement the AD tier model: Split the AD into three tiers and focus on preventing attack paths leading from one tier to a more business critical tier.\n

The concept is great, as it in theory prevents adversaries from gaining access to the server tiers (Tier 1 and 0) when they have obtained a shell on a workstation (Tier 2) i.e. through phishing, and it prevents adversaries from gaining access to the Domain Admins, Domain Controllers, etc. in Tier 0 when they have got a shell on a web server i.e. through an RCE vulnerability. But it turns out to be rather difficult to implement the tiering concept in AD, why most organizations fail it and end up leaving security gaps.\n

It doesnâ€™t help on the organizationâ€™s motivation to make sure their tiering is sound, when Microsoft now call it the AD tier model â€œlegacyâ€ and have replaced it with the more cloud-focused enterprise access model: https://docs.microsoft.com/en-us/security/compass/privileged-access-access-model#evolution-from-the-legacy-ad-tier-model\n

As a person hired to help identify the vulnerabilities in an organization, you want to find and report the attack paths of their AD. BloodHound is well-known and great tool for revealing some of the hidden and often unintended relationships within an AD environment and can be used to identify highly complex chained attack paths that would otherwise be almost impossible to identify. It is great for finding the shortest attack path from a compromised user or computer to a desired target, but it is not built to find and report attack paths between tiers..\n

I will in my presentation explain and demonstrate a tool I have created called ImproHound, which take advantage of BloodHoundâ€™s graph database to identify and report the misconfigurations and security flaws that breaks the tiering of an AD environment.\n

ImproHound is a FOSS tool and available on GitHub: https://github.com/improsec/ImproHound\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220238),('4_Sunday','13','12:30','13:15','Y','AVV','','\'(Tool Demo) ImproHound - Identify AD tiering violations\'','\'Jonas BÃ¼low Knudsen\'','AVV_bc566b1cc197e8dc92fe5f188bbb9dbe','\'\'',NULL,220239),('4_Sunday','13','13:15','14:15','N','AVV','','\'Scaling Up Offensive Pipelines\'','\'Gil Biton\'','AVV_e7455583effa2f5d503b04be0565cee1','\'Title: Scaling Up Offensive Pipelines
\nWhen: Sunday, Aug 8, 13:15 - 14:15 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Gil Biton\n, Adversarial Tactics Expert, Sygnia
\nGil has over 5 years of experience in the Cyber Security industry, specializing in Red Team operations, phishing campaigns, and network infrastructure assessments. Gil has been involved in numerous security engagements with Fortune 100-500 client where he brought his extensive experience in the development and research domains to implement complex techniques and automate offensive security processes. Gil is a member of the Adversarial Tactics team, the offensive security team within Sygnia\'s Enterprise Security division.
\nhttps://www.linkedin.com/in/gil-biton-a3a385101
\n\n
\nDescription:
\nEvolving endpoint protection software with enhanced detection capabilities and greater visibility coverage have been taking red team and purple team operationâ€™s complexity to a higher level. The current situation forces adversaries to take precautions and invest much more time in the weaponization phase to overcome prevention and detection mechanisms. The community has adapted CI/CD pipelines to automate tasks related to offensive tools weaponization. Offensive CI/CD pipelines have been around for a couple of years, with the goal of helping red teams to automate offensive tools creation and evasion techniques implementation. As part of this evolution, we designed and built our own offensive CI/CD pipeline framework that is simple to use, modular, self-managed, automated, collaborative, and fast. Our framework leverages Infrastructure as Code (IaC) to fully automate the deployment of our offensive CI/CD pipeline framework with built in recipes for evading host and network detections. Each recipe is modular and can be customized to fit red team or purple team requirements, such as proprietary techniques or imitation of specific threat actor TTPs.The framework leverages Gitlab CI/CD in conjunction with Kubernetes cluster to automate and manage the process of building and deploying offensive tools at scale.\n

In this talk, we will discuss the essentials of offensive pipeline and present our innovative approach, while referring to the challenges we solved, and demonstrate how you can leverage our offensive CI/CD framework to empower red team and purple team operations.\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220240),('4_Sunday','14','13:15','14:15','Y','AVV','','\'Scaling Up Offensive Pipelines\'','\'Gil Biton\'','AVV_e7455583effa2f5d503b04be0565cee1','\'\'',NULL,220241),('4_Sunday','14','14:15','15:15','N','AVV','','\'Signed, Sealed, Delivered: Comparing Chinese APTs behind Software Supply Chain Attacks\'','\'Cheryl Biswas\'','AVV_98008bcb00a2c5300e4a2936ecafe4fa','\'Title: Signed, Sealed, Delivered: Comparing Chinese APTs behind Software Supply Chain Attacks
\nWhen: Sunday, Aug 8, 14:15 - 15:15 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Cheryl Biswas\n, Threat Intel Specialist, TD
\nCheryl Biswas is a Threat Intelligence Specialist with TD Bank in Toronto, Canada, where she produces and delivers annual cyber threat forecasts, and has experience in security audits and assessments, privacy, disaster recovery and change management. She holds an ITIL certification and a specialized honours degree in Political Science. Cheryl is actively engaged in the security community as a conference speaker and volunteer, mentors those entering the field, and champions women and diversity in cyber security as a founding member of â€œThe Diana Initiativeâ€.
\nTwitter: @3ncr1pt3d
\n\n
\nDescription:
\nState-sponsored threat actors have engaged in software supply chain attacks for longer than most people realize, as governments seek out access to information and potential control. Of Russia, North Korea and Iran, China has been behind the most attacks, targeting the technology sector for economic espionage and intellectual property theft. In their current drive for innovation and cloud migration, organizations increasingly rely on software development and all its dependencies: third-party code, open - libraries andshared repositories. Recent attacks have shown how easy it is to create confusion and send malicious code undetected through automated channels to waiting recipients.\n

This talk will walk attendees through the stages of past attacks by Chinese APTs - notably APT10, APT17 and APT41- to show how capabilities have evolved and what lessons could be applied to recent attacks, comparing tactics, techniques and procedures.\n

TOPICS COVERED:\n

What constitutes software supply chain attacks.\nThe abuse of trust and compromise at the source.\nTrust third parties with third parties.\nHow cloud migration and innovation fuel increased code dependency.\nUnderstanding CI/CD continuous integration and continuous delivery. \nThe increased use and targeting of online code repositories and automated software distribution.\nWhere mistakes and misconfigurations occur, creating adversarial opportunity \nA brief history of software supply chain attacks on repositories.\n

LEARNING FROM THE PAST\n

A walk through of several major attack including Operation Aurora, CCleaner, NetSarang. \nContrast these to a walk through of recent attacks including SolarWinds, Dependency Confusion, Codecov and XCodeSpy.\n

The value of historical context is that it helps illuminate TTPs that should be monitored for and secured against, especially those which aid in deception and evasion.\nRecommendations for mitigations and best practices to secure code, dependencies.\n

TAKEAWAYS

Attendees will learn what software supply chain attacks are and why they are increasing\nThey will understand the opportunity for adversaries because of the vulnerability created by multiple dependencies. \nA breakdown of key attacks will be mapped to the Lockheed Martin Kill Chain steps and Mitre ATT&CK. \nAttendees will be familiarized with major Chinese APT group TTPs which they can bring back to their organizations to implement in their monitoring.\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220242),('4_Sunday','15','14:15','15:15','Y','AVV','','\'Signed, Sealed, Delivered: Comparing Chinese APTs behind Software Supply Chain Attacks\'','\'Cheryl Biswas\'','AVV_98008bcb00a2c5300e4a2936ecafe4fa','\'\'',NULL,220243),('4_Sunday','15','15:15','15:59','N','AVV','','\'How I got COVID in a RedTeam: Social engineering and physical intrusion for realistic attack simulations.\'','\'Daniel Isler\'','AVV_75966c607316fe0408fdd7b455331b59','\'Title: How I got COVID in a RedTeam: Social engineering and physical intrusion for realistic attack simulations.
\nWhen: Sunday, Aug 8, 15:15 - 15:59 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Daniel Isler\n, Senior Social Engineer Pentester, Dreamlab Technologies
\nSenior Social Engineer Pentester, Bachelor in Arts of Representation, Actor and Scenic Communicator. With more than 10 years of experience as an academic in Acting classes in several Universities.\n

Since 2015 leads Fr1endly RATs, the Social Engineering unit at Dreamlab Technologies Chile. Specializing and developing techniques and methodologies for simulations of Phishing attacks, Vishing, Pretexting, Physical Intrusions and Red Team.\n

\nTwitter: @Fr1endlyRATs
\nhttps://www.linkedin.com/in/daniel-isler
\n\n
\nDescription:
\nIs it correct to define as Red Team a service that only exploits vulnerabilities from a single vector without including elements typical of highly complex attacks such as social engineering and physical intrusion? By leaving out the starting point of actual attacks to create simulations of these, are we really focusing on potential threats or just particular vulnerabilities? Isn\'t layer eight the first layer we should consider for threats and consequently recognize vulnerabilities? Through four extremely particular and highly probable scenarios. Under a storytelling format we will immerse ourselves in a test narrated in first person, under the context of a Red Team exercise. We will understand the importance of including social engineering and physical intrusion actions for highly complex attack simulations.\n

Even having the best preparation, state-of-the-art devices and overwhelming information gathering. Reality will always have variants and surprises that attackers know how to take advantage of. Exposure to these variants is critical for simulation practitioners to emulate and recognize potential threats.\n

\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220244),('4_Sunday','16','16:00','16:59','N','AVV','','\'Adversary Village Closing Ceremony\'','\'Adversary Village Team\'','AVV_34d26135066dfd62c99593b62d8c11d7','\'Title: Adversary Village Closing Ceremony
\nWhen: Sunday, Aug 8, 16:00 - 16:59 PDT
\nWhere: Adversary Village (Virtual)
\n
SpeakerBio:Adversary Village Team\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220245),('2_Friday','10','10:00','10:15','N','CLV','','\'Cloud Village Opening Keynote\'','\'\'','CLV_8edbc68e2615b4f997dedbcd7870b7fb','\'Title: Cloud Village Opening Keynote
\nWhen: Friday, Aug 6, 10:00 - 10:15 PDT
\nWhere: Cloud Village (Virtual)
\n
\nDescription:No Description available
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220246),('2_Friday','10','10:15','10:59','N','CLV','','\'Detection Challenges in Cloud Connected Credential Abuse Attacks\'','\'Rod Soto\'','CLV_b7b662b332b1acaafbf0f5b441454f9c','\'Title: Detection Challenges in Cloud Connected Credential Abuse Attacks
\nWhen: Friday, Aug 6, 10:15 - 10:59 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Rod Soto\n
\nOver 15 years of experience in information technology and security. He has spoken at ISSA, ISC2, OWASP, DEFCON, RSA Conference,Hackmiami, DerbyCon, Splunk .CONF, Black Hat,BSides, Underground Economy and also been featured in Rolling Stone Magazine, Pentest Magazine, Univision, BBC, Forbes, VICE, Fox News and CNN. Co-founder of Hackmiami, Pacific Hackers Meetups and Conferences. Co-founder of Pacific Hackers Association.
\n\n
\nDescription:
\nWith the widespread adoption of cloud technologies, many companies are now managing environments where the line between the perimeter and the internet is blurred. This presentation outlines the challenges defenders face in the light of the implementation of new technologies that enable users to operate seamlessly between the cloud and the perimeter. A â€œconvergedâ€ perimeter brings new attacks such as Golden SAML, Pass The SAML, Oauth Token Hijacking which are some of the manifestations of current and future challenges in these types of environments. Presenters will propose a new approach based on current attack research and new defense posture, with specific detections developed to address these new threats.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220247),('2_Friday','11','11:00','11:45','N','CLV','','\'The Fault in Our Stars - Attack vectors for APIs using AWS API Gateway Lambda Authorizers\'','\'Alexandre Sieira,Leonardo Viveiros\'','CLV_62aca04606fb644691db2da878c4eb15','\'Title: The Fault in Our Stars - Attack vectors for APIs using AWS API Gateway Lambda Authorizers
\nWhen: Friday, Aug 6, 11:00 - 11:45 PDT
\nWhere: Cloud Village (Virtual)
\nSpeakers:Alexandre Sieira,Leonardo Viveiros
\n
SpeakerBio:Alexandre Sieira\n
\nAlexandre Sieira is a successful information security entrepreneur with a global footprint since 2003. He began his security career as a Co-Founder and CTO of CIPHER, an international security consulting and MSSP from Brazil acquired in 2018 by Prosegur. In 2015, became Co-Founder and CTO of Niddel, a bootstrapped security analytics SaaS startup running entirely on the cloud, which won a Gartner Cool Vendor award in 2016. After the acquisition of Niddel by Verizon in January 2018, he became the Senior manager and global leader of the Managed Security Services - analytics products management team in the Detect & Respond portfolio tower at Verizon. In late 2019 founded Tenchi Security, a company that focuses on cloud security solutions and services. Experienced speaker featured at Black Hat, DEF CON Cloud Village, BSides San Francisco, FIRST Conference and others.
\nTwitter: @AlexandreSieira
\n
SpeakerBio:Leonardo Viveiros\n
\nA Software Engineer at heart, Leonardo has been working in tech in different roles, from interacting with clients to building robust, scalable solutions. Experienced in building Cloud Native solutions as well as Front-end applications. Led the product roadmap of a smart mobility startup from Rio de Janeiro. Current DevSecOps Specialist at Tenchi Security enabling our clients to achieve a safer software development life cycle.
\nTwitter: @LeonardoViveiro
\n\n
\nDescription:
\nServerless applications are a really interesting new trend that promises benefits such as increased scalability and reduced cost. Frameworks like Serverless Application Model (SAM) and Serverless Framework are increasingly used to build them. APIs are a natural part of serverless applications, and in AWS that typically is implemented using the AWS API Gateway backed by Lambdas that implement the actual API endpoint logic. Our research focused on API Gateway Lambda Authorizers. This is a feature that allows developers to use a custom authentication and authorization scheme that uses a bearer token authentication strategy (like JWTs, OAuth or SAML), or that uses request parameters to determine the caller\'s identity and enforce which API endpoints they are allowed to access. We will present (AFAIK novel) techniques to attack the authentication and authorization of APIs that use Lambda Authorizers. We show how IAM policy injection is possible in theory but highly unlikely in practice due to some good decisions by AWS. We also show a class of problems based on incorrect security assumptions baked into AWS\' own documentation and Lambda Authorizer open source code templates. Sample source code will be provided to demonstrate all techniques.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220248),('2_Friday','11','11:45','12:05','N','CLV','','\'Exploiting the O365 Duo 2FA Misconfiguration (Lightning Talk)\'','\'Cassandra Young\'','CLV_43651c46164e1d4ffeab540d320d0ba0','\'Title: Exploiting the O365 Duo 2FA Misconfiguration (Lightning Talk)
\nWhen: Friday, Aug 6, 11:45 - 12:05 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Cassandra Young\n
\nCassandra is a Senior Scientist at Security Risk Advisors, focusing on Cloud Security architecture and engineering. She is concurrently pursuing a Masters degree in Computer Science, with notable work including academic research on serverless/microservices security, cloud-based app development, and privacy & anonymity technologies. She is also one of the directors of Blue Team Village, a not-for-profit organization bringing free Blue Team talks, workshops and more to the broader InfoSec community.
\nTwitter: @muteki_rtw
\n\n
\nDescription:
\nA common methodology used by companies to implement Duo 2-factor authentication for O365 can, if not configured properly, result in a loophole that allows mobile clients to authenticate without being prompted. This short talk will provide background on the authentication types involved, show the incomplete configuration, and demonstrate how to exploit using mobile devices.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220249),('2_Friday','12','11:45','12:05','Y','CLV','','\'Exploiting the O365 Duo 2FA Misconfiguration (Lightning Talk)\'','\'Cassandra Young\'','CLV_43651c46164e1d4ffeab540d320d0ba0','\'\'',NULL,220250),('2_Friday','12','12:05','12:50','N','CLV','','\'Attacking Modern Environments Series: Attack Vectors on Terraform Environments\'','\'Mazin Ahmed\'','CLV_14b220934f25a2b8a296def5ef66a45b','\'Title: Attacking Modern Environments Series: Attack Vectors on Terraform Environments
\nWhen: Friday, Aug 6, 12:05 - 12:50 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Mazin Ahmed\n
\nMazin Ahmed is a security engineer that specializes in AppSec and offensive security. He is passionate about information security and has previously found vulnerabilities in Facebook, Twitter, Linkedin, and Oracle to name a few. Mazin is the developer of several popular open-source security tools that have been integrated into security testing frameworks and distributions. Mazin also built FullHunt.io, the next-generation continuous attack surface security platform. He is also passionate about cloud security where he has been running dozens of experiments in the cloud security world.
\nTwitter: @mazen160
\n\n
\nDescription:
\nEver come across an environment in an engagement that uses Terraform for IAC (infrastructure-as-code) management? Almost every modern company does now.\n

In this talk, I will be sharing techniques and attack vectors to exploit and compromise Terraform environments in engagements, as well as patterns that I have seen that achieve successful infrastructure takeover against companies. I will be also covering prevention methods for the discussed attack vectors in my talk. This is part of my work-in-progress research in cloud security and attacking modern environments.\n

\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220251),('2_Friday','12','12:50','13:20','N','CLV','','\'Kubernetes Goat - Kubernetes Security Learning (Tool Demo)\'','\'Madhu Akula\'','CLV_5fc47acb116fe9001655530c1d6b9792','\'Title: Kubernetes Goat - Kubernetes Security Learning (Tool Demo)
\nWhen: Friday, Aug 6, 12:50 - 13:20 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Madhu Akula\n
\nMadhu Akula is the creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and Cloud Native security researcher with extensive experience. Also, he is an active member of the international security, DevOps, and Cloud Native communities (null, DevSecOps, AllDayDevOps, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26 & 27), BlackHat USA (2018 & 19), USENIX LISA (2018 & 19), O\'Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018 & 19), All Day DevOps (2016, 17, 18, 19 & 20), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18), Nullcon (2018, 19), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organizations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc, and credited with multiple CVE\'s, Acknowledgements, and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Also, technical reviewer of Learn Kubernetes Security book published by Packt. Also won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.
\nTwitter: @madhuakula
\n\n
\nDescription:
\nKubernetes Goat is \"vulnerable by design\" Kubernetes Cluster environment to practice and learn about Kubernetes Security. In this session, Madhu Akula will present how to get started with Kubernetes Goat by exploring different vulnerabilities in Kubernetes Cluster and Containerized environments. Also, he demonstrates the real-world vulnerabilities and maps the Kubernetes Goat scenarios with them. We will see the complete documentation and instruction to practice Kubernetes Security for performing security assessments. As a defender you will see how we can learn these attacks, misconfigurations to understand and improve your cloud native infrastructure security posture.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220252),('2_Friday','13','12:50','13:20','Y','CLV','','\'Kubernetes Goat - Kubernetes Security Learning (Tool Demo)\'','\'Madhu Akula\'','CLV_5fc47acb116fe9001655530c1d6b9792','\'\'',NULL,220253),('2_Friday','13','13:20','14:05','N','CLV','','\'Hunting for AWS Exposed Resources\'','\'Felipe Pr0teus EspÃ³sito\'','CLV_a737e2ed9bc3c669b7e6dadc9b21bcbd','\'Title: Hunting for AWS Exposed Resources
\nWhen: Friday, Aug 6, 13:20 - 14:05 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Felipe Pr0teus EspÃ³sito\n
\nFelipe Espósito graduated in Information Technology at UNICAMP and has a master\'s degree in Systems and Computing Engineering by COPPE-UFRJ, both among the top technology universities in Brazil. He has over ten years of experience in information security and IT, with an emphasis on security monitoring, networking, data visualization, and threat hunting. He is a founder of the HackerMakerSpace in Rio de Janeiro and presented at respected conferences such as Hackers 2 Hackers Conference, BHACK, BSides (Las Vegas and São Paulo), FISL, Latinoware, SecTor and SANS SIEM Summit.
\nTwitter: @pr0teusbr
\n\n
\nDescription:
\nLike all major public cloud providers, AWS allows users to expose managed resources like S3 buckets, SQS queues, RDS databases, and others publicly on the Internet. There are legitimate uses for making resources public, such as publishing non-sensitive data. However, we often find that this functionality is mistakenly used, often due to a lack of cloud security expertise, to erroneously expose sensitive data. News of exposed S3 buckets are sadly very frequent in the specialized media. It is important to note, however, that there are many other relevant kinds of AWS resources that can be equally dangerous when publicly exposed but that doesn\'t get nearly as much scrutiny as S3 buckets. In this talk we are going to describe some of the methods that researchers and attackers use to discover and exploit these publicly exposed resources, and how cloud providers and defenders can have taken action to monitor, prevent and respond to these activities.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220254),('2_Friday','14','13:20','14:05','Y','CLV','','\'Hunting for AWS Exposed Resources\'','\'Felipe Pr0teus EspÃ³sito\'','CLV_a737e2ed9bc3c669b7e6dadc9b21bcbd','\'\'',NULL,220255),('2_Friday','14','14:05','14:35','N','CLV','','\'WhoC - Peeking under the hood of CaaS offerings\'','\'Yuval Avrahami\'','CLV_046bc54f776d163c08e54162453a87c9','\'Title: WhoC - Peeking under the hood of CaaS offerings
\nWhen: Friday, Aug 6, 14:05 - 14:35 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Yuval Avrahami\n
\nYuval Avrahami is a Principal Security Researcher at Palo Alto Networks, dealing with hacking and securing anything related to containers and cloud. Yuval is a veteran of the Israeli Air Force, where he served in the role of a researcher.\n
\nTwitter: @yuval_avrahami
\n\n
\nDescription:
\nRunning your business-critical applications on the public cloud involves trust. You trust your cloud provider to separate your workloads from other customers\' workloads. You trust your cloud provider to patch and update their software and hardware stack. For those of us with trust issues, blindly running our applications in the public cloud can be tough. Fortunately, trust can be earned through visibility, and that\'s where WhoC can help. WhoC provides a bit of visibility into how Container-as-a-Service (CaaS) offerings run our containers. WhoC (Who Contains) is a container image that upon execution extracts the underlying container runtime. It doesn\'t try to identify the underlying runtime based on the container\'s cgroup configuration, the existence of a \'.dockerenv\' file or any other known trick. WhoC exfiltrates the actual container runtime binary from the underlying host. In this talk Yuval will walk you through how WhoC works and show a demo running WhoC in a popular CaaS offering. You\'ll learn a surprising truth: Linux containers can actually access one host file - the container runtime.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220256),('2_Friday','14','14:35','16:59','N','CLV','','\'Kubernetes Security 101: Best Practices to Secure your Cluster (Workshop)\'','\'Magno Logan\'','CLV_7fd26a77e7da6d349ee09ef8e32d1ca5','\'Title: Kubernetes Security 101: Best Practices to Secure your Cluster (Workshop)
\nWhen: Friday, Aug 6, 14:35 - 16:59 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Magno Logan\n
\nMagno Logan works as an Information Security Specialist for Trend Micro. He specializes in Cloud, Container and Application Security Research, Threat Modelling and Red Teaming. He has been tapped as a resource speaker for numerous security conferences around the globe. He is the founder of the JampaSec Security Conference and the OWASP Paraiba Chapter and also an active member of the CNCF TAG-Security team.
\nTwitter: @magnologan
\n\n
\nDescription:
\nThis workshop aims to give an overview about how Kubernetes works and provide some best practices to secure your cluster whenever you are deploying a new cluster on your own or via managed services such as GKE, EKS or AKS. We are going to cover everything from the Control Plane or the Master Node, starting with the API server, including etcd, RBAC and network policies. Then, weâ€™ll cover the worker nodes, kubelet, audit logs and pods best practices. We\'ll talk about the CIS Benchmarks for Kubernetes and the default configurations you need to worry about when deploying a new cluster. We\'ll show how to use RBAC and assign roles and permissions to your cluster users. We\'ll demonstrate how to enable audit logs for better visibility and later we\'ll set up some network policies to avoid communication between pods and prevent any lateral movement from attackers. Are you starting to use Kubernetes for container orchestration? Do you need guidelines on how to start securing Kubernetes in your organization? Do you want to find a way to increase the protection of your Kubernetes clusters without increasing the complexity of the infrastructure? Do you need to use Kubernetes clusters in a safe, efficient and affordable way? Everything in a practical way with a focus on security best practices? Then this is the workshop for you! Outline:\n

Kubernetes\n
- What is Kubernetes?\n
- Why should I use it?\n
- What is the CNCF?\n
- What are cloud native applications?\n
\n
K8s Architecture\n
- Control Plane (API Server, etcd, scheduler, controller-manager)\n
- Worker Nodes (kubelet, kube-proxy and CRE)\n
\n
Cluster, Nodes, Pods and Namespaces\n
K8s API Objects\n
kubectl\n
Setting up your first cluster\n
Deploying your web app as a pod\n
Using services and load balancers\n
Hardening K8s\n
- API Server\n
- Image Scanning\n
- Runtime Protection\n
- Network Policy\n
- Pod Security Policy (PSP) - Deprecated\n
- PSP Alternatives\n
- Audit Logs
\n

\n\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220257),('2_Friday','15','14:35','16:59','Y','CLV','','\'Kubernetes Security 101: Best Practices to Secure your Cluster (Workshop)\'','\'Magno Logan\'','CLV_7fd26a77e7da6d349ee09ef8e32d1ca5','\'\'',NULL,220258),('2_Friday','16','14:35','16:59','Y','CLV','','\'Kubernetes Security 101: Best Practices to Secure your Cluster (Workshop)\'','\'Magno Logan\'','CLV_7fd26a77e7da6d349ee09ef8e32d1ca5','\'\'',NULL,220259),('3_Saturday','10','10:00','10:45','N','CLV','','\'Extracting all the Azure Passwords\'','\'Karl Fosaaen\'','CLV_2da37e6ed0123f2fe67cca6e683496ec','\'Title: Extracting all the Azure Passwords
\nWhen: Saturday, Aug 7, 10:00 - 10:45 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Karl Fosaaen\n
\nAs a Practice Director at NetSPI, Karl leads the Cloud Penetration Testing service line and oversees NetSPIâ€™s Portland, OR office. Karl holds a BS in Computer Science from the University of Minnesota and has over a decade of consulting experience in the computer security industry. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit (https://github.com/Netspi/Microburst) to house many of the PowerShell tools that he uses for testing Azure. Over the last year, Karl has co-authored the book â€œPenetration Testing Azure for Ethical Hackersâ€ with David Okeyode. Over the years, Karl has held the Security+, CISSP, and GXPN certifications.
\nTwitter: @kfosaaen
\n\n
\nDescription:
\nWhether it\'s the migration of legacy systems or creation of brand-new applications, many organizations are turning to Microsoftâ€™s Azure cloud as their platform of choice. This brings new challenges for penetration testers who are less familiar with the platform, and now have more attack surfaces to exploit. In an attempt to automate some of the common Azure escalation tasks, the MicroBurst toolkit was created to contain tools for attacking different layers of an Azure tenant. In this talk, we will be focusing on the password extraction functionality included in MicroBurst. We will review many of the places that passwords can hide in Azure, and the ways to manually extract them. For convenience, we will also show how the Get-AzPasswords function can be used to automate the extraction of credentials from an Azure tenant. Finally, we will review a case study on how this tool was recently used to find a critical issue in the Azure permissions model that resulted in a fix from Microsoft.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220260),('3_Saturday','10','10:45','11:30','N','CLV','','\'Windows Server Containers are Broken - Here\'s How You Can Break Out\'','\'Daniel Prizmant\'','CLV_cd05034dd36319869e5297802738a1f4','\'Title: Windows Server Containers are Broken - Here\'s How You Can Break Out
\nWhen: Saturday, Aug 7, 10:45 - 11:30 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Daniel Prizmant\n
\nDaniel started out his career developing hacks for video games and soon became a professional in the information security field. He is an expert in anything related to reverse engineering, vulnerability research and the development of fuzzers and other research tools. To this day Daniel is passionate about reverse engineering video games at his leisure. Before joining Palo Alto Networks Daniel was employed at CheckPoint, KayHut and Nyotron. Daniel holds a Bachelor of Computer Science from Ben Gurion University.
\nTwitter: @pushrsp
\n\n
\nDescription:
\nA container packages up code and its dependencies, creating a minimal computing environment that can be cloned quickly and reliably across the ever-changing variety of operating system distributions. Originally available for Linux alone, containerized software will always run the same, regardless of the infrastructure. Microsoft teamed up with Docker to offer a container solution for Windows. Support for containers was added in 2016, but little documentation on the internal implementation was released. It was necessary to reverse engineer some of the components of Windows in order to better understand the kernel implementation. How does Windows prevent containers from running system calls that may allow attackers to escape containers? How does Windows prevent containers from accessing sensitive files outside the container, on the host? Why go through all this trouble? A vulnerability in the low level implementation of containers could impact hundreds of thousands of affected instances. Not to mention a full escape from the container to its host machine. How would such an escape vulnerability affect Kuberenetes and Azure services? In this presentation I will show you how to fully escape a Windows container and gain full access to the hostâ€™s file system. I will discuss why Microsoft originally didnâ€™t consider this a vulnerability, but do now. I will also show the use of this vulnerability in the wild by a malware.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220261),('3_Saturday','11','10:45','11:30','Y','CLV','','\'Windows Server Containers are Broken - Here\'s How You Can Break Out\'','\'Daniel Prizmant\'','CLV_cd05034dd36319869e5297802738a1f4','\'\'',NULL,220262),('3_Saturday','11','11:30','12:15','N','CLV','','\'AWS cloud attack vectors and security controls\'','\'Kavisha Sheth\'','CLV_702f1d9f313290b194b62a4df4393131','\'Title: AWS cloud attack vectors and security controls
\nWhen: Saturday, Aug 7, 11:30 - 12:15 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Kavisha Sheth\n
\nKavisha is a Security Analyst at Appsecco. She is a cloud security and machine learning enthusiast who dabbles in application and API security and is passionate about helping customers in securing their IT assets. Kavisha is a member of a number of security communities including null community, InfoSecGirls, and WiCys India group. She believes in giving back to the community and frequently finds audiences to talk about Attacking GraphQL, different techniques to bypass authentication and Attacking AWS. When not breaking apps for Appsecco, Kavisha spends time learning and researching on different areas of security . She has also been listed as one of the top security researchers of the nation by NCIIPC RVDP.
\nTwitter: @sheth_kavisha
\n\n
\nDescription:
\nIn the last decade, cloud computing has been incorporated in various industries, from Health to Military, which has been meticulously guided by exploring related technologies in the industry and academia alike. The enterprise computing model have shifted from on-site infrastructure to remote data centers which is accessible via internet and managed by cloud service providers.However, Many companies breached on AWS moved sensitive data to AWS without following best practices or implementing cloud security controls correctly. Main objective of the session is to bring awareness about some of the AWS cloud attack vectors and as well as security controls that can help. You get to know discovery, identification and exploitation of security weaknesses, misconfigurations lead to complete compromise of the cloud infrastructure. As,Cloud attack vectors and security controls are different as security professional you need to be aware about attack vector and controls. So, you will also learn about what can be possible best practices, detective controls to avoid some of the misconfigurations. In this session: - Learn about how an attacker can perform reconnaissance, leverage network, AWS Lambda functions, S3 misconfiguration and implementation in weaknesses to steal credentials and data. - Learn how misconfigurations and other leading cloud vulnerabilities put you at risk to exploitation with some real world example - Learn about Security controls, possible best practices, detective controls to avoid these misconfigurations
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220263),('3_Saturday','12','11:30','12:15','Y','CLV','','\'AWS cloud attack vectors and security controls\'','\'Kavisha Sheth\'','CLV_702f1d9f313290b194b62a4df4393131','\'\'',NULL,220264),('3_Saturday','12','12:15','12:45','N','CLV','','\'Using Barq to perform AWS Post-Exploitation Actions\'','\'Mohammed Aldoub\'','CLV_cdca64917cd2b573542f92f7d7ad71a7','\'Title: Using Barq to perform AWS Post-Exploitation Actions
\nWhen: Saturday, Aug 7, 12:15 - 12:45 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Mohammed Aldoub\n
\nMohammed Aldoub is an independent security consultant and Blackhat Trainer from Kuwait, who, in his 11 years of experience, worked on creating Kuwait\'s national infrastructure for PKI, cryptography, smartcards and authentication. Mohammed delivers security trainings, workshops and talks in the Netherlands, USA, Sweden, London, Czech Republic, Singapore, Dubai, Lebanon, Riyadh, Kuwait, in events like Blackhat (USA,EU) Infosec in the City, OPCDE, SEC-T and others. Mohammed is focusing now on APIs, secure devops, modern appsec, cloud-native security, applied cryptography, security architecture and microservices. He is the author of \"barq\", the AWS post exploitation attack framework, which you can find at: https://github.com/Voulnet/barq and he\'s also the author of Desharialize, which you can find at: https://github.com/Voulnet/desharialize Mohammed is deeply interested in malware, especially those used by state actors in the Middle East zone, where he volunteered as OWASP Kuwait\'s chapter leader.
\nTwitter: @Voulnet
\nhttps://github.com/voulnet
\n\n
\nDescription:
\nbarq is a post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure. It allows you to attack running EC2 instances without having the original instance SSH keypairs. It also allows you to perform enumeration and extraction of stored Secrets and Parameters in AWS.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220265),('3_Saturday','12','12:45','13:30','N','CLV','','\'Shift Left Using Cloud: Implementing baseline security into your deployment lifecycle\'','\'Avinash Jain\'','CLV_97ad86522693d97e89cc24c70c82cdbc','\'Title: Shift Left Using Cloud: Implementing baseline security into your deployment lifecycle
\nWhen: Saturday, Aug 7, 12:45 - 13:30 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Avinash Jain\n
\nI am an information security researcher working as a Lead Security Engineer managing complete end-to-end information security. I love to break application logic and find vulnerabilities in them, have been - acknowledged by various MNCs like Google, Yahoo, NASA, Vmware, MongoDB, and other top companies. I am also an active blogger, some of my articles and interviews have been published in various newspapers like Forbes, BBC, Techcrunch, Economic times, Huffingtonpost, Hindustan times, ZDNet, Hakin9, Hackerone, etc. I am also a cybersecurity speaker, love to share my views on various infosec threads.
\nTwitter: @logicbomb_1
\n\n
\nDescription:
\nIn the agile world, where continuous iteration of development and testing happens throughout the software development lifecycle involving constant collaboration with stakeholders and continuous improvement and iteration at every stage, where engineers release their changes very frequently. All this makes the chances of potential security loopholes become more and more real. A fast-moving lean and agile culture makes it necessary to bring the testing of software support earlier in the development and release process. This brings us to the quote - â€œSecurity shouldnâ€™t be treated as an after-thoughtâ€, it should be brought as close to engineers and as early in SDLC. When we bring something close to the source, and in this context, if we bring Security closer to the source, we call it Shift Left Security. It not only gives a much better opportunity to see improved security outcomes in products sooner, and include the requirements, suggestions, advice at an earlier stage, but also saves time, effort, and overall cost of product delivery. Shift Left approach takes this a step further, integrating security into CICD. With security requirements represented earlier in the software development process, it also makes enforcement part of the Continuous Delivery pipeline with improved testing, monitoring, and response to support security drift detection. By integrating security in CICD, one can deliver secure and compliant application changes rapidly while running operations consistently with automation. In order to do this well, the most logical place security can be checked are code reviews. But now the series of questions raised - How can it be achieved? How can we make sure every release that goes to production has proper security sign-off? How can we scan and test every piece of code that is changed from not just DAST or SAST point of view but also including wide custom and flexible security test cases? Here we will talk about building such a solution and framework to integrate security in CICD and automating the complete process for continuous scanning of different kinds of potential security issues on every code change in AWS Codepipeline. Some of the improvement it brings - Wide Variety of Security checks â€” Integration of standard and custom checks Early Checks â€” Now security checks are performed as soon as any PR is raised or code is modified Highly Flexible â€”The security checks are very modular. We can add more checks as we want and configure them to perform response-based action Completely Automated â€” Automation is the key/let the machines do the work Alerting - Integration of SNS alert for check success or failure Reporting - Scan reports are shared across different communication channels Framework as code - Any company having their CICD over AWS can use this framework by just running my in-house built cloud formation template Vulnerability Management - All the vulnerabilities and findings are logged in a single place - AWS Security Hub
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220266),('3_Saturday','13','12:45','13:30','Y','CLV','','\'Shift Left Using Cloud: Implementing baseline security into your deployment lifecycle\'','\'Avinash Jain\'','CLV_97ad86522693d97e89cc24c70c82cdbc','\'\'',NULL,220267),('3_Saturday','13','13:30','13:50','N','CLV','','\'CSPM2CloudTrail - Extending CSPM Tools with (Near) Real-Time Detection Signatures (Lightning Talk)\'','\'Rodrigo \"Sp0oKeR\" Montoro\'','CLV_3fb0c525d46eb2795d4c788bd5b5825a','\'Title: CSPM2CloudTrail - Extending CSPM Tools with (Near) Real-Time Detection Signatures (Lightning Talk)
\nWhen: Saturday, Aug 7, 13:30 - 13:50 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Rodrigo \"Sp0oKeR\" Montoro\n
\nRodrigo \"Sp0oKeR\'\' Montoro has 20 years of experience deploying open source security software (firewalls, IDS, IPS, HIDS, log management) and hardening systems. Currently, he is a Senior Researcher at Tempest Security. Before it, he worked as Cloud Researcher at Tenchi Security, Head of Research and Development at Apura Cyber Intelligence, SOC/Researcher at Clavis, Senior Security Administrator at Sucuri, Spiderlabs Researcher, where he focuses on IDS/IPS Signatures, Modsecurity rules, and new detection researches. Author of 2 patented technologies involving the discovery of malicious digital documents and analyzing malicious HTTP traffic. He is currently coordinator and Snort evangelist for the Brazilian Snort Community. Rodrigo has spoken at several open-source and security conferences (OWASP AppSec, SANS DFIR & SIEM Summit, Toorcon (USA), H2HC (São Paulo and Mexico), SecTor (Canada), CNASI, SOURCE Boston & Seattle, ZonCon (Amazon Internal Conference), Blackhat Brazil, BSides (Las Vegas e São Paulo)).
\nTwitter: @spookerlabs
\n\n
\nDescription:
\nThe AWS service APIs provide around 9,400 different actions (and growing!) that, when logged, give a lot of extra info that can be correlated and used to find malicious activities. However, as with most data sources, it is very noisy. Plus, it fails to include in its events critical contextual information that threat hunters need. Working with our Threat Detection Engineering Team to create very actionable use cases that donâ€™t need much additional context and exceptions. We developed an idea to detect the creation time of events discovered by most CSPMs check when evaluating a cloud provider, particularly AWS in this case. Cloud Security Posture Management (CSPM), which works by detecting cloud service misconfigurations, is one of the most common technologies used to improve cloud security and is used heavily worldwide by thousands of companies. Despite this, CSPM tools cannot detect most of the real-time findings, need privileges to be executed and scheduled to run and analyze preferably daily to decrease windows exposure. Cloud misconfigurations typically result in second-stage attacks. Aside from some risks that make information public, attackers likely need some credentials with privileges to perform actions that could impact privilege escalation, resource exposure, crypto mining, infrastructure modification, and access to sensitive data. Starting with some CloudSploit checks, we named this research CSPM2CloudTrail, so we create misconfigured services based on their findings and analyze how these changes are logged to CloudTrail. We made many use cases that we mainly transform in cards (with CloudSploit information) and sigma rules, having information such as severity, recommendations, AWS Documentation, and more importantly, for our SOC, Splunk searches. Besides this great use of trying to detect this almost in real-time (since CloudTrail delays around 15 minutes), these queries could enrich CSPM findings, making incident responses on misconfigurations caught faster. All information and detections created will be shared in our Github repository.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220268),('3_Saturday','13','13:50','14:35','N','CLV','','\'Azure Active Directory Hacking Wars\'','\'Batuhan Sancak\'','CLV_8e815a66a358c00f2d5cc3947b767f3b','\'Title: Azure Active Directory Hacking Wars
\nWhen: Saturday, Aug 7, 13:50 - 14:35 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Batuhan Sancak\n
\nHello Cloud Village. I\'m Batuhan (@nullx3d). He is a cyber security researcher. He\'s living Turkey and studying Management Information Systems at university. He\'s 21 age years old. He feel like he belong in cyberspace. Web Application Security, Linux structure is very attractive for he. He work on virtual machines, live web systems and on new technology(cloud security). Batuhan gave trainings and presentations in many universities in his country. He shares his experiences and works on his personal blog (docs.rka0x.com). If you accept he for defcon cloud village, he will very happy. This is he dream. he hopes you like the CFP.
\nTwitter: @nullx3d
\n\n
\nDescription:
\nAbstract Azure is one of the most popular cloud services today. It has 15.4 million customers worldwide. 95% of Fortune 500 companies use Azure. If you look at it from the hacker point of view, that\'s perfect. Is Azure completely secure? No! No system is completely secure. It would be good to talk about Azure and talk about attack techniques. Check out the attack vectors. The results obtained by comparing attack vectors and defense vectors will be beneficial for everyone. In this presentation, I would like to talk about Azure Active Directory technology and attack vectors. I wrote the titles for you to review. Outline\n

Azure Ad Overview Roles, terminology\n
Understand Active directory with azure\n
Azure AD security features Attacking\n
Azure Ad (Techniques)\n
- Unauth Recon\n
- Password Sniper\n
- MsOnline Powershell Module\n
- PHS\n
- Backdoor Azure\n
- SSO\n
- Spn scanning\n
- DcShadow Attack\n
- Group Policy, etc.\n
\n
Defense Azure Ad Suggestions

\n\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220269),('3_Saturday','14','13:50','14:35','Y','CLV','','\'Azure Active Directory Hacking Wars\'','\'Batuhan Sancak\'','CLV_8e815a66a358c00f2d5cc3947b767f3b','\'\'',NULL,220270),('3_Saturday','14','14:35','16:59','N','CLV','','\'Onions In the Cloud Make the CISO Proud (Workshop)\'','\'Wes Lambert\'','CLV_7e33281983a6845b63b7ae5b88987966','\'Title: Onions In the Cloud Make the CISO Proud (Workshop)
\nWhen: Saturday, Aug 7, 14:35 - 16:59 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Wes Lambert\n
\nWes Lambert is the Director of Support and Professional Services at Security Onion Solutions, where he helps customers to implement enterprise security monitoring solutions and understand their computer networks. A huge fan of OSS projects, Wes loves to solve problems and enhance security using completely free and easily deployable tools.
\nTwitter: @therealwlambert
\n\n
\nDescription:
\nIt\'s been said that 94% of enterprises already use a cloud service, and that 30% of all IT budgets are allocated to cloud computing. What does this mean for network defenders? It means that many organizations are invested in the cloud, and unfortunately, many organizations still have little visibility into inter-instance, instance-to-internet, and control plane activity, as well as management functions and bucket access within the cloud. While some of this activity may be logged, it may not be analyzed or aggregated for quick review. In this workshop, we\'ll cover how Security Onion, a completely free and open platform for intrusion detection, enterprise security monitoring, and log management can be leveraged to increase visibility in the cloud. By using Security Onion, defenders can facilitate effective threat detection and ease compliance efforts. Attendees should walk away with an understanding of how they can utilize Security Onion to find evil in their cloud environments and make their adversaries cry. Outline:\n

Introduction to the Cloud\n
- Asset/Threats\n
- Monitoring Challenges\n
\n
Introduction to Security Onion\n
- Components and Data Collected\n
\n
Security Onion in the Cloud\n
- Traffic Mirroring\n
- Cloud Telemetry\n
- Deployment
\n

\n\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220271),('3_Saturday','15','14:35','16:59','Y','CLV','','\'Onions In the Cloud Make the CISO Proud (Workshop)\'','\'Wes Lambert\'','CLV_7e33281983a6845b63b7ae5b88987966','\'\'',NULL,220272),('3_Saturday','16','14:35','16:59','Y','CLV','','\'Onions In the Cloud Make the CISO Proud (Workshop)\'','\'Wes Lambert\'','CLV_7e33281983a6845b63b7ae5b88987966','\'\'',NULL,220273),('4_Sunday','10','10:00','10:45','N','CLV','','\'Identifying toxic combinations of permissions in your cloud infrastructure\'','\'Michael Raggo\'','CLV_218cdd678a07ef3579ef9814cff9a8a7','\'Title: Identifying toxic combinations of permissions in your cloud infrastructure
\nWhen: Sunday, Aug 8, 10:00 - 10:45 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Michael Raggo\n
\nMichael Raggo has over 20 years of security research experience. His current research focuses on Cloud security. His research has been highlighted on televisionâ€™s CNN Tech, and numerous media publications including TIME, Forbes, Bloomberg, Dark Reading, TechCrunch, TechTarget, The Register, and countless others. Michael is the author of â€œMobile Data Loss: Threats & Countermeasuresâ€ and â€œData Hidingâ€ for Syngress Books, and is a contributing author for â€œInformation Security the Complete Reference 2nd Editionâ€. His Data Hiding book is also included at the NSAâ€™s National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI and Pentagon; and is a former participating member of the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, RSA, OWASP, HackCon, and SANS. He was also awarded the Pentagonâ€™s Certificate of Appreciation.\n
\nTwitter: @datahiding
\n\n
\nDescription:
\nWith more than 24,000 permissions across AWS, Azure, and GCP, how does one determine who gets what permissions? Half of the 10,000 permissions in AWS are admin-like permissions. This is even more complicated when new permissions and services are being added almost daily. Mapping these out and understanding their implications is a difficult task, yet attackers understand them well enough to leverage toxic combinations of these permissions for privilege escalation and exploiting your cloud infrastructure. In this presentation, we\'ll share our experiences in doing > 150 risk assessments across AWS, Azure, and GCP. We\'ll review common admin permissions that we commonly find accidentally assigned to developers and users. We\'ll reveal some extremely powerful permissions that can be mapped to a Cyber Kill Chain specific to cloud infrastructure. This will uncover toxic combinations of permissions that can lead to lateral movement, privilege escalation, exfiltration, and more. We\'ll provide real world examples of findings from audit logs, activity monitoring, and ML-based anomaly analysis. We\'ll then outline a strategy to tracking this moving forward actively within your environment and how to mitigate this over-permissioned access to build a permissions management lifecycle.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220274),('4_Sunday','10','10:45','11:15','N','CLV','','\'I know who has access to my cloud, do you?\'','\'Igal Flegmann\'','CLV_0a99d6cbaff7023db8fc111dd9c1449b','\'Title: I know who has access to my cloud, do you?
\nWhen: Sunday, Aug 8, 10:45 - 11:15 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Igal Flegmann\n
\nIgal started his career in Microsoftâ€™s Azure Security team creating and managing identity services for Azureâ€™s secure production tenants. During his time at Azure Security, Igal had the opportunity to create and manage PKI services, Identity Management products, tools for migrating running services across Azure tenants, and created products for password-less bootstrap to new domains. After a successful career in Azure Security, Igal transferred teams to work in Azureâ€™s ASCII (Azure Special Capabilities, Infrastructure, and Innovation) team, where he used his identity and security expertise to design and create security services to protect the critical infrastructure devices of the world.\n

To follow his passion for identity and security, Igal decided to leave Microsoft and Co-found, Keytos a security company with the mission of eliminating passwords by creating easy to use PKI offerings. Earlier this year they launch their first product â€œEZSSHâ€ which takes aim at stopping SSH Key theft by making it easy to use short lived SSH Certificates.\n

\nTwitter: @igal_fs
\n\n
\nDescription:
\nWorking in security over the last few years I have learned that it is nearly impossible to stop a breach from happening. While having great security practices such as: Isolated password-less identities, isolated devices, and condition access; will help you stop 99% of the attacks we need to ask ourselves the following questions: Are we monitoring our infrastructure for changes that might open an attack vector? Are we ready to detect and remediate our next breach before the attacker can do any damage? Azure Security Center provides us with some great tools to check some of these errors. For example, it will alert on the SSH port being left open but it would not alert on a very large IP address range being added to your networking rules. The Solution? CloudWatcher our open-source tool that monitors your Azure Subscription ACLs and will alert you if they changed based on the baseline you have created.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220275),('4_Sunday','11','10:45','11:15','Y','CLV','','\'I know who has access to my cloud, do you?\'','\'Igal Flegmann\'','CLV_0a99d6cbaff7023db8fc111dd9c1449b','\'\'',NULL,220276),('4_Sunday','11','11:15','11:59','N','CLV','','\'Understanding common Google Cloud misconfiguration using GCP Goat\'','\'Joshua Jebaraj\'','CLV_9bfc9f462a0e552ffaef632a180d0734','\'Title: Understanding common Google Cloud misconfiguration using GCP Goat
\nWhen: Sunday, Aug 8, 11:15 - 11:59 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Joshua Jebaraj\n
\nJoshua Jebaraj is Security Researcher at we45. He is an active member of many open-source communities like Null, Ansible and Hashicorp. He frequently speaks at null Chennai chapter and OWASP Vit Chennai. He has previously spoken at conferences like Owasp-Seasides,Bsides-Delhi and Open-Security-Summit.
\nTwitter: @joshva_jebaraj
\n\n
\nDescription:
\nAs organisations workflows move into the cloud we see a wider adoption of cloud based platforms like Google Cloud (GCP). While cloud based platforms offer a higher level of scalability critical aspects into security can fall to the sidelines. With cybersecurity attacks on the rise in the cloud space (Gitlab-blog, Rhino-security-blog) we have to make sure all our applications hosted on cloud infrastructure like GCP are kept safe. The talk starts with the common service misconfiguration like open buckets and moves to advanced and GCP specific services like, gcloud container registry. This talk not only covers the offensive side but also covers the defensive side where the audience will see demonstration of how those vulnerabilities can be mitigated. GCP Goat is an intentionally vulnerable project which consists of common misconfiguration in the Google Cloud that is open source for the audience to test their newly learned information after the talk. By the end of the talk the audience will have a better understanding of the common threat surface on GCP and How they can mitigate it. The talk starts with Introduction about the GCP goat and how we can deploy it(5 mins) -\n

Attacking Compute Engine (5 mins)\n
Attacking the App engine (5 mins)\n
Attacking SQL Instance (5 mins)\n
Attacking GCP buckets (5 mins)\n
Attacking GCP GKE clusters (5 mins)\n
Privilege Escalation (5 mins)\n
Conclusion and QA (5 mins)

\n\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220277),('4_Sunday','12','12:00','12:20','N','CLV','','\'PK-WHY\'','\'Kevin Chen\'','CLV_f9910de60320c1ca186e740baf0060f2','\'Title: PK-WHY
\nWhen: Sunday, Aug 8, 12:00 - 12:20 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Kevin Chen\n
\nKevin Chen was the first Developer Advocate at the now-unicorn open source company Kong and currently works at smallstep, an early stage open source startup. When not developing tech and demos for the PKI space, he likes to bake, travel, and tend to his motorcycle.
\nTwitter: @devadvocado
\n\n
\nDescription:
\nCertificates and public key infrastructure (PKI) are hard. No shit, right? I know a lot of smart people whoâ€™ve avoided this particular rabbit hole. Personally, I avoided it for a long time and felt some shame for not knowing more. The obvious result was a vicious cycle: I was too embarrassed to ask questions so I never learned. Well, now everything needs a certificate so let\'s be embarrassed together and learn they why.
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220278),('4_Sunday','12','12:20','13:05','N','CLV','','\'Cloud Security Orienteering\'','\'Rami McCarthy\'','CLV_72cef333c2fe66b0f7a731860f43aa4b','\'Title: Cloud Security Orienteering
\nWhen: Sunday, Aug 8, 12:20 - 13:05 PDT
\nWhere: Cloud Village (Virtual)
\n
SpeakerBio:Rami McCarthy\n
\nRami McCarthy is a Staff Security Engineer at Cedar (a healthtech unicorn), and a recovering Security Consultant. He spent 3 years at NCC Group where he executed dozens of security assessments and sat on the Cloud Security working group. He was a core contributor to ScoutSuite - a multi-cloud auditing tool (and SaaS offering), and released sadcloud - a tool for Terraforming insecure AWS environments. Rami holds the CCSK, the AWS Certified Security â€“ Specialty, and is completing an MS in information security leadership.
\nTwitter: @ramimacisabird
\n\n
\nDescription:
\nMost of us are not lucky enough to have architected the perfect cloud environment, according to this month\'s best practices, and without any legacy elements or \"\"surprise\"\" assets. Over the course of a career in cloud security, you\'ll likely find yourself walking into a new environment and needing to rapidly orient yourself to both mitigate the biggest risks and also develop a roadmap towards a sustainable, secure future. As a security consultant, I had the challenge and opportunity to enter blind into a variety of cloud environments. They were across Azure, GCP, and AWS, some well-architected and others organically sprawling, containing a single account/project and hundreds. This gave me a rapid education in how to find the information necessary to familiarize myself with the environment, dig in to identify the risks that matter, and put together remediation plans that address short, medium, and long term goals. This talk will present a cloud and environment agnostic methodology for getting your bearings if tasked with securing a novel cloud environment. We\'ll learn by applying this to a sample AWS environment in order to cover:\n

An archeological guide for where and how to find organizational context\n
How to quickly find and kill the most common attack vectors at the perimeter (both network and identity)\n
Common architectural and deployment patterns, how to spot them, and their security implications\n
What you need to know, what you need to prioritize, and what \"\"best practices\"\" aren\'t worth the squeeze when you\'re in a crunch.

\n\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220279),('4_Sunday','13','12:20','13:05','Y','CLV','','\'Cloud Security Orienteering\'','\'Rami McCarthy\'','CLV_72cef333c2fe66b0f7a731860f43aa4b','\'\'',NULL,220280),('4_Sunday','13','13:05','13:20','N','CLV','','\'Cloud Village Closing Keynote\'','\'\'','CLV_2ccaa592cb0eb2e080b379071bd6f091','\'Title: Cloud Village Closing Keynote
\nWhen: Sunday, Aug 8, 13:05 - 13:20 PDT
\nWhere: Cloud Village (Virtual)
\n
\nDescription:No Description available
\n
Cloud Village activities will be streamed to YouTube. \n

\'',NULL,220281),('2_Friday','09','09:00','09:30','N','AIV','','\'Welcome. A Short Tour of Good and Bad AI in 2021\'','\'AI Village Organizers\'','AIV_8994d3add1383abff112970e4870a6cb','\'Title: Welcome. A Short Tour of Good and Bad AI in 2021
\nWhen: Friday, Aug 6, 09:00 - 09:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:AI Village Organizers\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220282),('2_Friday','09','09:30','10:59','N','AIV','','\'Intro to ML Workshop\'','\'Gavin Klondike\'','AIV_94e0595fee35b0fad204c6b42b3e237f','\'Title: Intro to ML Workshop
\nWhen: Friday, Aug 6, 09:30 - 10:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Gavin Klondike\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220283),('2_Friday','10','09:30','10:59','Y','AIV','','\'Intro to ML Workshop\'','\'Gavin Klondike\'','AIV_94e0595fee35b0fad204c6b42b3e237f','\'\'',NULL,220284),('2_Friday','11','11:00','11:59','N','AIV','','\'The Coming AI Hackers\'','\'Bruce Schneier\'','AIV_e2e04e2f48cbb48bbd9ede941d90ec29','\'Title: The Coming AI Hackers
\nWhen: Friday, Aug 6, 11:00 - 11:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Bruce Schneier\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220285),('2_Friday','13','13:00','13:30','N','AIV','','\'Shell Language Processing (SLP)\'','\'Dmitrijs Trizna\'','AIV_6363547e5ac7183430fe570a4834fe89','\'Title: Shell Language Processing (SLP)
\nWhen: Friday, Aug 6, 13:00 - 13:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Dmitrijs Trizna\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220286),('2_Friday','14','14:30','14:59','N','AIV','','\'AI Policy Talk: \"An AI Security ISAC\" and \"An AI Playbook\"\'','\'Sagar Samtani\'','AIV_ec3b2b4368dba7c6139d0d315965a0e6','\'Title: AI Policy Talk: \"An AI Security ISAC\" and \"An AI Playbook\"
\nWhen: Friday, Aug 6, 14:30 - 14:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Sagar Samtani\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220287),('2_Friday','13','13:30','14:30','N','AIV','','\'Trailblazing the AI for Cybersecurity Discipline: Overview of the Field and Promising Future Directions\'','\'Sagar Samtani\'','AIV_2377a7912279a06373474df605f35191','\'Title: Trailblazing the AI for Cybersecurity Discipline: Overview of the Field and Promising Future Directions
\nWhen: Friday, Aug 6, 13:30 - 14:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Sagar Samtani\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220288),('2_Friday','14','13:30','14:30','Y','AIV','','\'Trailblazing the AI for Cybersecurity Discipline: Overview of the Field and Promising Future Directions\'','\'Sagar Samtani\'','AIV_2377a7912279a06373474df605f35191','\'\'',NULL,220289),('2_Friday','15','15:00','15:30','N','AIV','','\'Identifying Excel 4.0 Macro strains using Anomaly Detection\'','\'Elad Ciuraru,Tal Leibovich\'','AIV_6c1e807bacb4ee506d21bcaf65ac4268','\'Title: Identifying Excel 4.0 Macro strains using Anomaly Detection
\nWhen: Friday, Aug 6, 15:00 - 15:30 PDT
\nWhere: AI Village (Virtual)
\nSpeakers:Elad Ciuraru,Tal Leibovich
\n
SpeakerBio:Elad Ciuraru\n
\nNo BIO available
\n
SpeakerBio:Tal Leibovich\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220290),('2_Friday','15','15:30','16:30','N','AIV','','\'Workshop on Microsoft Counterfit\'','\'Will Pearce\'','AIV_1bc304f0fa2fb2f2c21fc90212830b12','\'Title: Workshop on Microsoft Counterfit
\nWhen: Friday, Aug 6, 15:30 - 16:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Will Pearce\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220291),('2_Friday','16','15:30','16:30','Y','AIV','','\'Workshop on Microsoft Counterfit\'','\'Will Pearce\'','AIV_1bc304f0fa2fb2f2c21fc90212830b12','\'\'',NULL,220292),('2_Friday','16','16:30','16:59','N','AIV','','\'AI Discord Happy Hour - Open Discussion on AIV Discord about the State of AI Security\'','\'\'','AIV_8000fdd74609f234e3d1c593fe177578','\'Title: AI Discord Happy Hour - Open Discussion on AIV Discord about the State of AI Security
\nWhen: Friday, Aug 6, 16:30 - 16:59 PDT
\nWhere: AI Village (Virtual)
\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220293),('3_Saturday','09','09:00','09:30','N','AIV','','\'Welcome to AI Village\'','\'AI Village Organizers\'','AIV_af985cd982bc917908998cb9bb718543','\'Title: Welcome to AI Village
\nWhen: Saturday, Aug 7, 09:00 - 09:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:AI Village Organizers\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220294),('3_Saturday','09','09:30','10:59','N','AIV','','\'Intro to ML Workshop\'','\'Gavin Klondike\'','AIV_76c6eb1b8b363a10e3936808bd04d750','\'Title: Intro to ML Workshop
\nWhen: Saturday, Aug 7, 09:30 - 10:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Gavin Klondike\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220295),('3_Saturday','10','09:30','10:59','Y','AIV','','\'Intro to ML Workshop\'','\'Gavin Klondike\'','AIV_76c6eb1b8b363a10e3936808bd04d750','\'\'',NULL,220296),('3_Saturday','11','11:00','11:59','N','AIV','','\'The Coming AI Hackers\'','\'Bruce Schneier\'','AIV_3db94c758c7079ada9b0b8f7ed31790d','\'Title: The Coming AI Hackers
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Bruce Schneier\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220297),('3_Saturday','12','12:00','12:30','N','AIV','','\'Never a dill moment: Exploiting machine learning pickle files\'','\'Suha Sabi Hussain\'','AIV_ed6b3132ebb6146914ead238a1599b43','\'Title: Never a dill moment: Exploiting machine learning pickle files
\nWhen: Saturday, Aug 7, 12:00 - 12:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Suha Sabi Hussain\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220298),('3_Saturday','12','12:30','12:59','N','AIV','','\'Replication as a Security Threat: How to Save Millions By Recreating Someone Elseâ€™s Model\'','\'Stella Biderman\'','AIV_fbcef76f66d5391005cadd7cfafe99fa','\'Title: Replication as a Security Threat: How to Save Millions By Recreating Someone Elseâ€™s Model
\nWhen: Saturday, Aug 7, 12:30 - 12:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Stella Biderman\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220299),('3_Saturday','13','13:00','13:30','N','AIV','','\'Who\'s Afraid of Thomas Bayes?\'','\'Erick Galinkin\'','AIV_9186a46ea5eadcd921002bfba8ab2aa2','\'Title: Who\'s Afraid of Thomas Bayes?
\nWhen: Saturday, Aug 7, 13:00 - 13:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Erick Galinkin\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220300),('3_Saturday','13','13:30','13:59','N','AIV','','\'Risks of ML Systems in Health Care: The Real Story\'','\'Barton Rhodes\'','AIV_1fd7a650c9bb9ec15b0d31efcd85f918','\'Title: Risks of ML Systems in Health Care: The Real Story
\nWhen: Saturday, Aug 7, 13:30 - 13:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Barton Rhodes\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220301),('3_Saturday','14','14:00','14:59','N','AIV','','\'The Real History of Adversarial Machine Learning\'','\'Eugene Neelou\'','AIV_52b1f3b8fdbed7ca8b3da9c33572e8f5','\'Title: The Real History of Adversarial Machine Learning
\nWhen: Saturday, Aug 7, 14:00 - 14:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Eugene Neelou\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220302),('3_Saturday','15','15:00','15:59','N','AIV','','\'RTV/AIV Red Teaming AI Roundtable\'','\'Rich Harang,Anita Nikolich\'','AIV_f9a3a87b6138c39cb88b94e2db3e664e','\'Title: RTV/AIV Red Teaming AI Roundtable
\nWhen: Saturday, Aug 7, 15:00 - 15:59 PDT
\nWhere: AI Village (Virtual)
\nSpeakers:Rich Harang,Anita Nikolich
\n
SpeakerBio:Rich Harang\n
\nNo BIO available
\n
SpeakerBio:Anita Nikolich\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220303),('3_Saturday','16','16:00','16:30','N','AIV','','\'Where Weâ€™re Going We Donâ€™t Need Labels: Anomaly Detection for 2FA\'','\'Rebecca Lynch,Stefano Meschiari\'','AIV_16c43987fd279bfb3b5a8527a73dfb2c','\'Title: Where Weâ€™re Going We Donâ€™t Need Labels: Anomaly Detection for 2FA
\nWhen: Saturday, Aug 7, 16:00 - 16:30 PDT
\nWhere: AI Village (Virtual)
\nSpeakers:Rebecca Lynch,Stefano Meschiari
\n
SpeakerBio:Rebecca Lynch\n
\nNo BIO available
\n
SpeakerBio:Stefano Meschiari\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220304),('3_Saturday','16','16:30','16:59','N','AIV','','\'AI Discord Happy Hour - Open Discussion on AIV Discord about the State of AI Security\'','\'\'','AIV_17b1864570af4c433f53086b62f27b7a','\'Title: AI Discord Happy Hour - Open Discussion on AIV Discord about the State of AI Security
\nWhen: Saturday, Aug 7, 16:30 - 16:59 PDT
\nWhere: AI Village (Virtual)
\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220305),('4_Sunday','09','09:00','09:30','N','AIV','','\'The State of AI Ethics\'','\'Abishek Gupta\'','AIV_a4ab6df4c6ee0d9ad9edf1b689338a09','\'Title: The State of AI Ethics
\nWhen: Sunday, Aug 8, 09:00 - 09:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Abishek Gupta\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220306),('4_Sunday','09','09:30','10:59','N','AIV','','\'Intro to ML Workshop\'','\'Gavin Klondike\'','AIV_e55666b56498ad883d44069b9d058bd5','\'Title: Intro to ML Workshop
\nWhen: Sunday, Aug 8, 09:30 - 10:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Gavin Klondike\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220307),('4_Sunday','10','09:30','10:59','Y','AIV','','\'Intro to ML Workshop\'','\'Gavin Klondike\'','AIV_e55666b56498ad883d44069b9d058bd5','\'\'',NULL,220308),('4_Sunday','13','13:00','13:59','N','AIV','','\'Wrap Up\'','\'AI Village Organizers\'','AIV_d69a810a2fa0efdc6b77b78a35502465','\'Title: Wrap Up
\nWhen: Sunday, Aug 8, 13:00 - 13:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:AI Village Organizers\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

https://www.instagram.com/ctrlrsm
\nhttps://www.facebook.com/ctrlrsm
\nhttps://www.twitch.tv/ctrlrsm\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220309),('2_Friday','16','16:00','16:25','N','ASV','','\'Holistic View of a Flight with Crowd Sourced Data\'','\'Allan Tart\'','ASV_9f995d567bb015c5333a0dddbae19081','\'Title: Holistic View of a Flight with Crowd Sourced Data
\nWhen: Friday, Aug 6, 16:00 - 16:25 PDT
\nWhere: Aerospace Village (Virtual Talk)
\n
SpeakerBio:Allan Tart\n
\nAllan Tart has worked in the field of Air Traffic Management over a decade, where he has had several roles. His latest position in OpenSky Network, has included air-ground VHF communications to his list of interests, which previously mainly concentrated only on surveillance systems.
\n\n
\nDescription:
\nDuring the talk an overview will be given about how one can use crowd sourced data for creating a holistic view of flight. The data used for the purpose will include both ADS-B and VHF voice communications.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=2FTSGCAG3EE\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,220310),('2_Friday','15','15:00','18:59','N','WS','','\'Windows Internals\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_d8a7e68f2443e865661ac86ceecdcbcf','\'Title: Windows Internals
\nWhen: Friday, Aug 6, 15:00 - 18:59 PDT
\nWhere: Workshops - Jubilee 1 (Onsite Only)
\nSpeakers:Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman
\n
SpeakerBio:Sam Bowne\n, Proprietor, Bowne Consulting
\nSam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, HOPE, BSidesSF, BSidesLV, RSA, and many conferences and colleges.
\n
SpeakerBio:Elizabeth Biddlecome\n, Consultant and Part-Time Instructor
\nElizabeth Biddlecome is a consultant and a part-time instructor at City College San Francisco, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
\n
SpeakerBio:Irvin Lemus\n, Cybersecurity Professor
\nIrvin Lemus has been in the industry for 10+ years as an MSP technician, consultant, instructor and coordinator. He is currently the cybersecurity professor at Cabrillo College in Santa Cruz, CA. He also is the Bay Area Cyber Competitions Regional Coordinator as well as the contest creator for SkillsUSA CA and FL. Irvin has spoken at various cybersecurity and educational conferences. Irvin holds a CISSP and a Bachelor\'s Degree in Information Security.\n

Irvin Lemus is an instructor at Cabrillo College, teaching cyber security courses for 3 years. Irvin runs the cybersecurity competition program for the Bay Area Community Colleges. He also creates the SkillsUSA Cybersecurity contests for California and Florida. He has Security+, CySA+, WCNA, CISSP.\n

\n
SpeakerBio:Kaitlyn Handelman\n, Hacker
\nI like to hack stuff, and Iâ€™m like really good at computers.
\n\n
\nDescription:
\nExplore the structure of Windows executable files and the operating system itself, to better understand programs, services, malware, and defenses. Projects include: cheating at games, building malicious DLL libraries, stealing passwords from the API, building a keylogger, and debugging a driver. Tools used include FLARE-VM, pestudio, API Monitor, Visual Studio, OllyDbg, IDA Pro, Ghidra, and WinDbg. No previous experience with programming is required.\n

To prepare for this workshop, please prepare a FLARE-VM in advance, as explained here: https://samsclass.info/126/proj/PMA40.htm\n

Registration Link: https://www.eventbrite.com/e/windows-internals-jubilee-1-tickets-162217227093\n

Prerequisites: Previous experience troubleshooting Windows is helpful but not required

Materials needed:
\nA computer that can run virtual machines locally, or a few dollars to rent cloud servers\n

\n\'',NULL,220311),('2_Friday','16','15:00','18:59','Y','WS','','\'Windows Internals\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_d8a7e68f2443e865661ac86ceecdcbcf','\'\'',NULL,220312),('2_Friday','17','15:00','18:59','Y','WS','','\'Windows Internals\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_d8a7e68f2443e865661ac86ceecdcbcf','\'\'',NULL,220313),('2_Friday','18','15:00','18:59','Y','WS','','\'Windows Internals\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_d8a7e68f2443e865661ac86ceecdcbcf','\'\'',NULL,220314),('4_Sunday','10','10:00','13:59','N','WS','','\'Windows Internals\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_fb512056c80c1cdb250138409bf915d1','\'Title: Windows Internals
\nWhen: Sunday, Aug 8, 10:00 - 13:59 PDT
\nWhere: Workshops - Jubilee 1 (Onsite Only)
\nSpeakers:Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman
\n
SpeakerBio:Sam Bowne\n, Proprietor, Bowne Consulting
\nSam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, HOPE, BSidesSF, BSidesLV, RSA, and many conferences and colleges.
\n
SpeakerBio:Elizabeth Biddlecome\n, Consultant and Part-Time Instructor
\nElizabeth Biddlecome is a consultant and a part-time instructor at City College San Francisco, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
\n
SpeakerBio:Irvin Lemus\n, Cybersecurity Professor
\nIrvin Lemus has been in the industry for 10+ years as an MSP technician, consultant, instructor and coordinator. He is currently the cybersecurity professor at Cabrillo College in Santa Cruz, CA. He also is the Bay Area Cyber Competitions Regional Coordinator as well as the contest creator for SkillsUSA CA and FL. Irvin has spoken at various cybersecurity and educational conferences. Irvin holds a CISSP and a Bachelor\'s Degree in Information Security.\n

To prepare for this workshop, please prepare a FLARE-VM in advance, as explained here: https://samsclass.info/126/proj/PMA40.htm\n

Registration Link: https://www.eventbrite.com/e/windows-internals-jubilee-1-tickets-162218647341\n

Prerequisites: Previous experience troubleshooting Windows is helpful but not required

Materials needed:
\nA computer that can run virtual machines locally, or a few dollars to rent cloud servers\n

\n\'',NULL,220315),('4_Sunday','11','10:00','13:59','Y','WS','','\'Windows Internals\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_fb512056c80c1cdb250138409bf915d1','\'\'',NULL,220316),('4_Sunday','12','10:00','13:59','Y','WS','','\'Windows Internals\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_fb512056c80c1cdb250138409bf915d1','\'\'',NULL,220317),('4_Sunday','13','10:00','13:59','Y','WS','','\'Windows Internals\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_fb512056c80c1cdb250138409bf915d1','\'\'',NULL,220318),('2_Friday','10','10:00','13:59','N','WS','','\'The Joy of Reverse Engineering: Learning With Ghidra and WinDbg\'','\'Wesley McGrew\'','WS_e98512fd561d247b6be0f4e278ef102f','\'Title: The Joy of Reverse Engineering: Learning With Ghidra and WinDbg
\nWhen: Friday, Aug 6, 10:00 - 13:59 PDT
\nWhere: Workshops - Jubilee 2 (Onsite Only)
\n
SpeakerBio:Wesley McGrew\n, Senior Cybersecurity Fellow
\nDr. Wesley McGrew directs research, development, and offensive cyber operations as Senior Cybersecurity Fellow for MartinFederal. He has presented on topics of penetration testing and and malware analysis at DEF CON and Black Hat USA and taught a self-designed course on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. Wesley has a Ph.D. in Computer Science from Mississippi State University for his research in vulnerability analysis of SCADA HMI systems.
\n\n
\nDescription:
\nWhile it can be intimidating to \"get into\" software reverse engineering (RE), it can be very rewarding. Reverse engineering skills will serve you well in malicious software analysis, vulnerability discovery, exploit development, bypassing host-based protection, and in approaching many other interesting and useful problems in hacking. Being able to study how software works, without source code or documentation, will give you the confidence that there is nothing about a computer system you can\'t understand, if you simply apply enough time and effort. Beyond all of this: it\'s fun. Every malicious program becomes a new and interesting puzzle to \"solve\".\n

The purpose of this workshop is to introduce software reverse engineering to the attendees, using static and dynamic techniques with the Ghidra disassembler and WinDbg debugger. No prior experience in reverse engineering is necessary. There will be few slides--concepts and techniques will be illustrated within the Ghidra and WinDbg environments, and attendees can follow along with their own laptops and virtual environments. We will cover the following topics:\n

Software Reverse Engineering concepts and terminology\n Setting up WinDbg and Ghidra (and building the latter from source)\n The execution environment (CPU, Virtual Memory, Linking and Loading)\n C constructs, as seen in disassembled code\n Combining static and dynamic analysis to understand and document compiled binary code\n Methodology and approaches for reverse engineering large programs\n Hands-on malware analysis
\n How to approach a \"new-to-you\" architecture\n

Registration Link: https://www.eventbrite.com/e/the-joy-of-reverse-engineering-learning-with-ghidra-and-windbg-jubilee-2-tickets-162215935229\n

Prerequisites: No previous reverse engineering experience required. Basic familiarity with programming in a high-level language is necessary (C preferred).

Materials needed:\n

A laptop with a fresh Windows 10 Virtual Machine.\n
Being able to dedicate 8GB RAM to the VM (meaning, you probably have 16GB in your laptop) will make the experience smoother, but you can get by with 4GB\n
10 GB storage free in the VM (after installing Windows)\n
Administrative privileges\n
Ability to copy exercise files from USB

We will be working with live malware samples. Depending on your comfort level with this, bring a \"burner\" laptop, use a clean drive, or plan on doing a clean install before and after the workshop.\n

\n\'',NULL,220319),('2_Friday','11','10:00','13:59','Y','WS','','\'The Joy of Reverse Engineering: Learning With Ghidra and WinDbg\'','\'Wesley McGrew\'','WS_e98512fd561d247b6be0f4e278ef102f','\'\'',NULL,220320),('2_Friday','12','10:00','13:59','Y','WS','','\'The Joy of Reverse Engineering: Learning With Ghidra and WinDbg\'','\'Wesley McGrew\'','WS_e98512fd561d247b6be0f4e278ef102f','\'\'',NULL,220321),('2_Friday','13','10:00','13:59','Y','WS','','\'The Joy of Reverse Engineering: Learning With Ghidra and WinDbg\'','\'Wesley McGrew\'','WS_e98512fd561d247b6be0f4e278ef102f','\'\'',NULL,220322),('3_Saturday','10','10:00','13:59','N','WS','','\'From Zero to Hero in Web Security Research\'','\'Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki\'','WS_eaac80fd5b210c1362304cecb5b097c3','\'Title: From Zero to Hero in Web Security Research
\nWhen: Saturday, Aug 7, 10:00 - 13:59 PDT
\nWhere: Workshops - Jubilee 2 (Onsite Only)
\nSpeakers:Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki
\n
SpeakerBio:Dikla Barda\n
\nDikla Barda is a Security Expert at Check Point Software Technologies. Her research has revealed significant flaws in popular services, and major vendors like: Facebook, WhatsApp, Telegram, eBay, AliExpress, LG, DJI, Microsoft, TikTok and more. She has over 15 years of experience in the field of cyber security research. She spoke at various leading conferences worldwide.
\n
SpeakerBio:Oded Vanunu\n
\nOded Vanunu has more than 15 years of InfoSec experience. He is a Security Leader and Offensive Security Expert who leads a security research domain from product design stages until post release. Vanunu leads security ideas into products. His expertise is in building a security research team, vulnerability research, security best practice and security design. He has been issued five patents on cybersecurity defense methods and has published dozens of research papers and product CVEs.
\n
SpeakerBio:Roman Zaikin\n
\nRoman Zaikin is a Security Expert at Check Point Software Technologies. His research has revealed significant flaws in popular services, and major vendors (Facebook, WhatsApp, Telegram, eBay, AliExpress, LG, DJI, Microsoft and more). He has over 10 years of experience in the field of cyber security research. He spoke at various leading conferences worldwide and taught more than 1000 students, he is also responsible for the design and the material of various cyber courses worldwide. He holds more than 15 Certifications and extensive experience with system administration, network architecture, software development, penetration testing and reverse engineering. He has outstanding self-taught skills, having the ability to develop and thinking outside the box. Love technology and want to know exactly how things work behind the scenes at lowest level of the bit and the bytes. He has an innate curiosity of how software can be broken down or bypassed so you can do things with it that weren\'t intended to be done.
\n
SpeakerBio:Yaara Shriki\n
\nYaara Shriki is an experienced security researcher at Check Point. She is an IDF technological unit graduate with experience in penetration testing, vulnerability research and forensics. Outside of work, Yaara volunteers to promote women and girls in tech.
\n\n
\nDescription:
\nWeb applications play a vital role in every modern organization. If your organization does not properly test and secure its web apps, adversaries can compromise these applications, damage business functionality, and steal data. Unfortunately, many organizations operate under the mistaken impression that a web application security scanner will reliably discover flaws in their systems.\n

Customers expect web applications to provide significant functionality and data access. Even beyond the importance of customer-facing web applications, internal web applications increasingly represent the most commonly used business tools within any organization. Unfortunately, there is no \"patch Tuesday\" for custom web applications, so major industry studies find that web application flaws play a major role in significant breaches and intrusions.\n

In this workshop we will teach you how to find vulnerabilities in web security according to the latest methods and techniques. We will demonstrate every vulnerability by giving an example from vulnerability we have found in major tech companies like: Facebook, WhatsApp, Amazon, AliExpress, Snapchat, LG and more!\n

Registration Link: https://www.eventbrite.com/e/from-zero-to-hero-in-web-security-research-jubilee-2-tickets-162214757707\n

Prerequisites: Basic Web Concepts, Basic Web Development Skills, Ability to Understand JavaScript.

Materials needed:
\nPersonal Laptop\n

\n\'',NULL,220323),('3_Saturday','11','10:00','13:59','Y','WS','','\'From Zero to Hero in Web Security Research\'','\'Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki\'','WS_eaac80fd5b210c1362304cecb5b097c3','\'\'',NULL,220324),('3_Saturday','12','10:00','13:59','Y','WS','','\'From Zero to Hero in Web Security Research\'','\'Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki\'','WS_eaac80fd5b210c1362304cecb5b097c3','\'\'',NULL,220325),('3_Saturday','13','10:00','13:59','Y','WS','','\'From Zero to Hero in Web Security Research\'','\'Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki\'','WS_eaac80fd5b210c1362304cecb5b097c3','\'\'',NULL,220326),('3_Saturday','15','15:00','18:59','N','WS','','\'Network Analysis with Wireshark\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_fc9089637a43f686342316b2673c46c0','\'Title: Network Analysis with Wireshark
\nWhen: Saturday, Aug 7, 15:00 - 18:59 PDT
\nWhere: Workshops - Jubilee 2 (Onsite Only)
\nSpeakers:Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman
\n
SpeakerBio:Sam Bowne\n, Proprietor, Bowne Consulting
\nSam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, HOPE, BSidesSF, BSidesLV, RSA, and many conferences and colleges.
\n
SpeakerBio:Elizabeth Biddlecome\n, Consultant and Part-Time Instructor
\nElizabeth Biddlecome is a consultant and a part-time instructor at City College San Francisco, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
\n
SpeakerBio:Irvin Lemus\n, Cybersecurity Professor
\nIrvin Lemus has been in the industry for 10+ years as an MSP technician, consultant, instructor and coordinator. He is currently the cybersecurity professor at Cabrillo College in Santa Cruz, CA. He also is the Bay Area Cyber Competitions Regional Coordinator as well as the contest creator for SkillsUSA CA and FL. Irvin has spoken at various cybersecurity and educational conferences. Irvin holds a CISSP and a Bachelor\'s Degree in Information Security.\n

\n
SpeakerBio:Kaitlyn Handelman\n, Hacker
\nI like to hack stuff, and Iâ€™m like really good at computers.
\n\n
\nDescription:
\nSummarize what your training will cover, attendees will read this to get an idea of what they should know before training, and what they will learn after. Use this to section to broadly describe how technical your class is, what tools will be used, and what materials to read in advance to get the most out of your training. This abstract is the primary way people will be drawn to your session.\n

This workshop will introduce participants to Network Analysis by understanding Wireshark. Participants will learn to understand packet activity, abnormalities and anomalies to detect attacks, troubleshoot network problems, and perform network forensics. This workshop is structured as a CTF.\n

Registration Link: https://www.eventbrite.com/e/network-analysis-with-wireshark-tickets-162219979325\n

Prerequisites: Basic networking knowledge

Materials needed:
\nAny laptop with Wireshark installed.\n

\n\'',NULL,220327),('3_Saturday','16','15:00','18:59','Y','WS','','\'Network Analysis with Wireshark\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_fc9089637a43f686342316b2673c46c0','\'\'',NULL,220328),('3_Saturday','17','15:00','18:59','Y','WS','','\'Network Analysis with Wireshark\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_fc9089637a43f686342316b2673c46c0','\'\'',NULL,220329),('3_Saturday','18','15:00','18:59','Y','WS','','\'Network Analysis with Wireshark\'','\'Sam Bowne,Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman\'','WS_fc9089637a43f686342316b2673c46c0','\'\'',NULL,220330),('4_Sunday','10','10:00','13:59','N','WS','','\'From Zero to Hero in Web Security Research\'','\'Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki\'','WS_ca1a1fa300f8230b6e2300b163a0ca85','\'Title: From Zero to Hero in Web Security Research
\nWhen: Sunday, Aug 8, 10:00 - 13:59 PDT
\nWhere: Workshops - Jubilee 2 (Onsite Only)
\nSpeakers:Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki
\n
SpeakerBio:Dikla Barda\n
\nDikla Barda is a Security Expert at Check Point Software Technologies. Her research has revealed significant flaws in popular services, and major vendors like: Facebook, WhatsApp, Telegram, eBay, AliExpress, LG, DJI, Microsoft, TikTok and more. She has over 15 years of experience in the field of cyber security research. She spoke at various leading conferences worldwide.
\n
SpeakerBio:Oded Vanunu\n
\nOded Vanunu has more than 15 years of InfoSec experience. He is a Security Leader and Offensive Security Expert who leads a security research domain from product design stages until post release. Vanunu leads security ideas into products. His expertise is in building a security research team, vulnerability research, security best practice and security design. He has been issued five patents on cybersecurity defense methods and has published dozens of research papers and product CVEs.
\n
SpeakerBio:Roman Zaikin\n
\nRoman Zaikin is a Security Expert at Check Point Software Technologies. His research has revealed significant flaws in popular services, and major vendors (Facebook, WhatsApp, Telegram, eBay, AliExpress, LG, DJI, Microsoft and more). He has over 10 years of experience in the field of cyber security research. He spoke at various leading conferences worldwide and taught more than 1000 students, he is also responsible for the design and the material of various cyber courses worldwide. He holds more than 15 Certifications and extensive experience with system administration, network architecture, software development, penetration testing and reverse engineering. He has outstanding self-taught skills, having the ability to develop and thinking outside the box. Love technology and want to know exactly how things work behind the scenes at lowest level of the bit and the bytes. He has an innate curiosity of how software can be broken down or bypassed so you can do things with it that weren\'t intended to be done.
\n
SpeakerBio:Yaara Shriki\n
\nYaara Shriki is an experienced security researcher at Check Point. She is an IDF technological unit graduate with experience in penetration testing, vulnerability research and forensics. Outside of work, Yaara volunteers to promote women and girls in tech.
\n\n
\nDescription:
\nWeb applications play a vital role in every modern organization. If your organization does not properly test and secure its web apps, adversaries can compromise these applications, damage business functionality, and steal data. Unfortunately, many organizations operate under the mistaken impression that a web application security scanner will reliably discover flaws in their systems.\n

Registration Link: https://www.eventbrite.com/e/from-zero-to-hero-in-web-security-research-jubilee-2-tickets-162219662377\n

Prerequisites: Basic Web Concepts, Basic Web Development Skills, Ability to Understand JavaScript.

Materials needed:
\nPersonal Laptop\n

\n\'',NULL,220331),('4_Sunday','11','10:00','13:59','Y','WS','','\'From Zero to Hero in Web Security Research\'','\'Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki\'','WS_ca1a1fa300f8230b6e2300b163a0ca85','\'\'',NULL,220332),('4_Sunday','12','10:00','13:59','Y','WS','','\'From Zero to Hero in Web Security Research\'','\'Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki\'','WS_ca1a1fa300f8230b6e2300b163a0ca85','\'\'',NULL,220333),('4_Sunday','13','10:00','13:59','Y','WS','','\'From Zero to Hero in Web Security Research\'','\'Dikla Barda,Oded Vanunu,Roman Zaikin,Yaara Shriki\'','WS_ca1a1fa300f8230b6e2300b163a0ca85','\'\'',NULL,220334),('2_Friday','10','10:00','13:59','N','WS','','\'Inspecting Signals from Satellites to Shock Collars\'','\'Eric Escobar,Trenton Ivey\'','WS_901e44403eb5cbfb47710978104a3b02','\'Title: Inspecting Signals from Satellites to Shock Collars
\nWhen: Friday, Aug 6, 10:00 - 13:59 PDT
\nWhere: Workshops - Las Vegas 1+2 (Onsite Only)
\nSpeakers:Eric Escobar,Trenton Ivey
\n
SpeakerBio:Eric Escobar\n, Principal Security Consultant
\nEric is a seasoned pentester and a Principal Security Consultant at Secureworks. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. His team consecutively won first place at DEF CON 23, 24, and 25\'s Wireless CTF, snagging a black badge along the way. Forcibly retired from competing in the Wireless CTF, heâ€™s now a member of the DEF CON Wireless Village team. Before entering the cyber security arena, Eric attained both a BS and MS in Civil Engineering along with his Professional Engineering license.
\n
SpeakerBio:Trenton Ivey\n, Senior Security Researcher
\nTrenton is a Senior Security Researcher for Secureworksâ€™ Counter Threat Unit and is a Technical Lead for Secureworks Adversary Group. He currently builds tools to assist with offensive testing, and helps defenders find creative ways to respond. Prior to joining Secureworks, Trenton helped build the network penetration team for a Fortune 500 company, performed web-application and device testing for a PA-QSA company, and provided IT support for one of the largest health systems in the US. Trenton received his Bachelors of Science in Biology and Chemistry and now regularly tries to find ways to apply lessons learned from the physical world to the digital one. Trenton has his Expert Class Amateur Radio license and is a lifelong member of AMSAT (Amateur Radio in Space).
\n\n
\nDescription:
\nInvisible signals control everything from satellites to shock collars. Wireless security can be intimidating, especially when research requires a low-level understanding of the many ways radio waves can carry data. The concept of using light to send messages is not hard to grasp, but the several abstraction layers between physical radio waves and decoded data packets obscure what is really happening when wireless devices communicate. By examining several topics that are rarely presented together, this workshop provides the introduction to wireless hacking that we both wish we had when starting out. If you want the ability to see and manipulate the unseen, this workshop is for you.\n

Registration Link: https://www.eventbrite.com/e/inspecting-signals-from-satellites-to-shock-collars-tickets-162215666425\n

Prerequisites: Students are expected to have basic familiarity with the Linux command line.

Materials needed:
\nStudents will need to bring a wifi-enabled laptop with a modern browser.\n

\n\'',NULL,220335),('2_Friday','11','10:00','13:59','Y','WS','','\'Inspecting Signals from Satellites to Shock Collars\'','\'Eric Escobar,Trenton Ivey\'','WS_901e44403eb5cbfb47710978104a3b02','\'\'',NULL,220336),('2_Friday','12','10:00','13:59','Y','WS','','\'Inspecting Signals from Satellites to Shock Collars\'','\'Eric Escobar,Trenton Ivey\'','WS_901e44403eb5cbfb47710978104a3b02','\'\'',NULL,220337),('2_Friday','13','10:00','13:59','Y','WS','','\'Inspecting Signals from Satellites to Shock Collars\'','\'Eric Escobar,Trenton Ivey\'','WS_901e44403eb5cbfb47710978104a3b02','\'\'',NULL,220338),('2_Friday','15','15:00','18:59','N','WS','','\'Secure messaging over unsecured transports\'','\'Ash\'','WS_a230d188fad4d558b662e7a7d9d38b21','\'Title: Secure messaging over unsecured transports
\nWhen: Friday, Aug 6, 15:00 - 18:59 PDT
\nWhere: Workshops - Las Vegas 1+2 (Onsite Only)
\n
SpeakerBio:Ash\n, Hacker
\nAsh is just some dude. In the past he\'s been a network engineer, created a variety of security tools, and is currently working in R&D and protocol development in spaces adjacent to email security. He has spoken at DEFCON, Black Hat, and Bsides San Diego. He has recently developed a weird fascination with hacking vintage electromechanical tech.
\n\n
\nDescription:
\nYou need to send a message, avoiding traditional channels like email and SMS, to someone who\'s on a different network, somewhere else in the world. The tools at your disposal are Python, DNS, and an unauthenticated MQTT broker. This message must be end-to-end encrypted, and the recipient must be able to confirm that it was undeniably you who sent it. Now add another constraint: you can\'t communicate directly with this other party to perform a public key exchange before signing, encrypting, and transmitting the message. This can be a difficult problem to solve, and many specialized secure messaging apps have sprung up to address the challenge of end-to-end secured messaging. We will build our own. While our application won\'t be as sophisticated as Signal, you\'ll leave the workshop with an understanding of how DNS can be used to enable end-to-end authenticated and encrypted communication across nearly any public system that can be made to support the publisher/subscriber communication pattern.\n

Registration Link: https://www.eventbrite.com/e/secure-messaging-over-unsecured-transports-las-vegas-1-2-tickets-162214713575\n

Prerequisites: Students should have a good understanding of DNS, Docker, and the Python programming language. An understanding of how to configure DNSSEC with their DNS server/provider of choice is necessary, and a basic understanding of how PKI works (roots of trust and the use of public keys to secure the conveyance of public keys) will be beneficial.

Materials needed:\n

Hardware: Laptop with 4GB of RAM, 20GB hard drive space free after installing software prerequisites\n
Software: Please arrive with git, Docker engine, and docker-compose already installed
\n
Other
\n

\n
Attendees must have administrative access to a public DNS zone on a server which supports the TLSA record type. Many SaaS DNS services support this, and PowerDNS supports the record type as well. Configure this zone for DNSSEC before class.\n
If for some reason you cannot configure DNSSEC for your zone, you must be able to host static content over HTTPS under your domain. For example: if you\'re bringing mydomain.example to the workshop, you must be able to host static content on a server at https://device.mydomain.example/. If you can\'t do DNSSEC, bring a web server.

\n\n\'',NULL,220339),('2_Friday','16','15:00','18:59','Y','WS','','\'Secure messaging over unsecured transports\'','\'Ash\'','WS_a230d188fad4d558b662e7a7d9d38b21','\'\'',NULL,220340),('2_Friday','17','15:00','18:59','Y','WS','','\'Secure messaging over unsecured transports\'','\'Ash\'','WS_a230d188fad4d558b662e7a7d9d38b21','\'\'',NULL,220341),('2_Friday','18','15:00','18:59','Y','WS','','\'Secure messaging over unsecured transports\'','\'Ash\'','WS_a230d188fad4d558b662e7a7d9d38b21','\'\'',NULL,220342),('3_Saturday','10','10:00','13:59','N','WS','','\'Bug bounty Hunting Workshop\'','\'David Patten,Philippe Delteil\'','WS_59e0cd6bb691684ef0a933d8b2823b08','\'Title: Bug bounty Hunting Workshop
\nWhen: Saturday, Aug 7, 10:00 - 13:59 PDT
\nWhere: Workshops - Las Vegas 1+2 (Onsite Only)
\nSpeakers:David Patten,Philippe Delteil
\n
SpeakerBio:David Patten\n
\nNo BIO available
\n
SpeakerBio:Philippe Delteil\n, Computer Science Engineer
\nPhilippe Delteil is Computer Science Engineer from the University of Chile, he gave his first talk at Defcon 26 Skytalks, called \"Macabre stories of a hacker in the public health sector\", his country\'s government sent 3 officials to record the talk, they did. He\'s been reporting bugs for a year. He\'s an annoying github issue opener of some opensource tools like axiom, nuclei, dalfox and bbrf; also makes small contributions to \'Can I take Over XYZ?\'
\n\n
\nDescription:
\nBug bounty hunting is (probably) the most hype topic in the hacking subworld, some people read amazing stories of how a 18 years old won 1 million dollars only doing legal hacking. Many hit a wall when they realize that after two months they only won points, thanks or cheap swag. Where\'s the money?, they ask. What should I learn and how? How many books should I read? How many minutes of Youtube tutorials? What if I lose some weight? [always recommended] How can I be the next bug bounty millionare? In this workshop I will show you a path to be a bug bounty hunter, from my experience starting by chance and from scratch. I will teach you how to use the tools I use everyday to find bugs, but most importantly how to see bug bounty hunting as a complex business process .\n

What to know before
\n- Basic idea of bugs (and bounty hunting)\n- Basic Linux commands (sed, awk, grep)\n- Shell scripting basics
\n- Have some practice doing recon\n

What you will learn
\n- How bug bounty programs/platforms work\n- What tools hunters use and how do they work\n- How to hunt for bugs (hopefully for profit)\n- Automatization of your hunting process\n

How technical is the class
\n- 30% theory and concepts
\n- 70% Installing, configuring and using tools to find bugs. Send some reports if we are lucky.\n

What tools are we going to use
\n- Scanners/automated tools: nuclei, axiom, bbrf, dalfox, Burp.\n- Recon tools (subfinder, amass, assetfinder, waybackurls, httpx and more)\n

What to read/watch in advance
\n- Books\n

The Web Application Hacker\'s Handbook, 2nd Edition\n
Hands-On Bug Hunting for Penetration Testers (Joseph E. Marshall)\n
Web Hacking 101 (Peter Yaworski)\n- Videos\n
Live Recon and Distributed Recon Automation Using Axiom with @pry0cc (https://bit.ly/3gPsonz) The Bug Hunter\'s Methodology Full 2-hour Training by Jason Haddix (https://bit.ly/2PzHUsr)\n
Finding Your First Bug: Choosing Your Target by InsiderPhD (https://bit.ly/3uiF3n7)\n
HOW TO GET STARTED IN BUG BOUNTY (9x PRO TIPS) by STÖK (https://bit.ly/3u81U4m)

Registration Link: https://www.eventbrite.com/e/bug-bounty-hunting-workshop-tickets-162219297285\n

Prerequisites: Basic knowledge about Bug bounty programs Basic Linux Commands

Materials needed:
\nLaptop with Kali Linux (native or virtual machine).\n

\n\'',NULL,220343),('3_Saturday','11','10:00','13:59','Y','WS','','\'Bug bounty Hunting Workshop\'','\'David Patten,Philippe Delteil\'','WS_59e0cd6bb691684ef0a933d8b2823b08','\'\'',NULL,220344),('3_Saturday','12','10:00','13:59','Y','WS','','\'Bug bounty Hunting Workshop\'','\'David Patten,Philippe Delteil\'','WS_59e0cd6bb691684ef0a933d8b2823b08','\'\'',NULL,220345),('3_Saturday','13','10:00','13:59','Y','WS','','\'Bug bounty Hunting Workshop\'','\'David Patten,Philippe Delteil\'','WS_59e0cd6bb691684ef0a933d8b2823b08','\'\'',NULL,220346),('3_Saturday','15','15:00','18:59','N','WS','','\'Analysis 101 and 102 for the Incident Responder\'','\'Kristy Westphal\'','WS_108454bfe23fbe0db9fd922fe980c164','\'Title: Analysis 101 and 102 for the Incident Responder
\nWhen: Saturday, Aug 7, 15:00 - 18:59 PDT
\nWhere: Workshops - Las Vegas 1+2 (Onsite Only)
\n
SpeakerBio:Kristy Westphal\n, Vice President, Security Operations
\nKristy Westphal is a versatile information technology professional with specific experience in providing advisory and management services in the area of information security and risk is currently employed as the Vice President, Security Operations at a financial services company. Specializing in leadership and program development, specific expertise in security areas includes: process analysis, risk assessments, security awareness programs, operating system security, network security, incident handling, vulnerability analysis and policy development.
\n\n
\nDescription:
\nYou have a theory about something you have found while roaming the network or conducting your own hackfest, but how do you go about proving it? This workshop will be a hands-on journey deep into the world of analysis. While analysis is a bit of an art form, there are methods that can be applied to make it less of a gut feeling and more of a scientific approach to support your hypothesis. From network forensics to log analysis to endpoint forensics and cloud log analysis, we will review numerous quick methods to gain context over the data you have gathered and apply critical thinking in an attempt to find the answers. Sometimes, the answers werenâ€™t meant to be found, but weâ€™ll also discuss how to make the best of any conclusion that you reach.\n

Registration Link: https://www.eventbrite.com/e/analysis-101-and-102-for-the-incident-responder-las-vegas-1-2-tickets-162220226063\n

Prerequisites: None

Materials needed:
\nLaptop with Wireshark installed\n

\n\'',NULL,220347),('3_Saturday','16','15:00','18:59','Y','WS','','\'Analysis 101 and 102 for the Incident Responder\'','\'Kristy Westphal\'','WS_108454bfe23fbe0db9fd922fe980c164','\'\'',NULL,220348),('3_Saturday','17','15:00','18:59','Y','WS','','\'Analysis 101 and 102 for the Incident Responder\'','\'Kristy Westphal\'','WS_108454bfe23fbe0db9fd922fe980c164','\'\'',NULL,220349),('3_Saturday','18','15:00','18:59','Y','WS','','\'Analysis 101 and 102 for the Incident Responder\'','\'Kristy Westphal\'','WS_108454bfe23fbe0db9fd922fe980c164','\'\'',NULL,220350),('4_Sunday','10','10:00','13:59','N','WS','','\'Modern Malware Analysis for Threat Hunters\'','\'Aaron Rosenmund,Ryan Chapman\'','WS_e5e4e1f795ebc360b8ec32b8ee1f526b','\'Title: Modern Malware Analysis for Threat Hunters
\nWhen: Sunday, Aug 8, 10:00 - 13:59 PDT
\nWhere: Workshops - Las Vegas 1+2 (Onsite Only)
\nSpeakers:Aaron Rosenmund,Ryan Chapman
\n
SpeakerBio:Aaron Rosenmund\n, Security Researcher
\nAaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber security workforce and technologies for business and national enterprises alike. In support of the Air National Guard, he contributes those skills part time in various initiatives to defend the nation in cyberspace. Certifications: GIAC GCIA, GIAC GCED, CCNA Cyber Operations, Pentest+, CySa+ www.AaronRosenmund.com @arosenmund \"ironcat\"
\nTwitter: @arosenmund
\n
SpeakerBio:Ryan Chapman\n, Principal IR Consultant
\nRyan is an experienced incident response practitioner, malware analyst, and trainer. He is a Principal IR Consultant for BlackBerry, the lead organizer of CactusCon, a SANS trainer for FOR610: Reverse Engineering Malware, and a Pluralsight author. Ryan strives to imbue comedy into his trainings and loves being able to teach others while learning from them at the same time. He is a veteran speaker having presented talks and/or workshops at conferences including DefCon, SANS Summits, BSides events, CactusCon, and more. Prior to working in IR, Ryan worked as a technical trainer for over five years. \"We must not teach people how to press buttons to get results. We must teach people what happens when these buttons are clicked, such that they fully understand the processes occurring in the background,\" says Ryan.
\n\n
\nDescription:
\nMalware authors go to great lengths to bypass enterprise security to deliver malware, avoid detection after the initial intrusion and maintain persistence to compromise an organization. To achieve this, malware authors employ a wide variety of obfuscation and anti-analysis techniques at each phase of an attack. In this workshop, you will get hands-on with real-world malware and learn how to identify key indicators of compromise (IOCs)/indicators of attack (IOAs), apply analysis to enhance security products to protect users and infrastructure and gain a deeper understanding of malware behavior through reverse engineering.\n

This workshop will utilize open-source and limited use tools such as Ghidra, IDA Pro Free/Demo, Oledump/OleVBA, PE Studio, and Suricata to perform deep technical analysis of malware, focusing on developing effective strategies to maximize your time spent. By the end of this workshop, you will be able to analyze malicious office documents, identify signs of packing, defeat obfuscation and other anti-analysis techniques and use traffic analysis to aid in detection and identifying of prevalent malware families. These skills ultimately allow you to generate valuable threat intelligence to aid in your efforts to defend your organization or respond to an incident.\n

This is a fast-paced course designed to take you deep into malware operations â€“ from delivery methods to payloads! Numerous labs will reinforce key learning objectives throughout the workshop and each lab comes with a detailed lab guide. Comprehensive analysis activities and exercises are used to to test and reaffirm key learning objectives and ensure attendees have a start-to-finish understanding of the material.\n

Attendees will be provided with all the lab material used throughout the course in a digital format. This includes all lab material, lab guides and virtual machines used for training. This workshop will also utilize several live classroom sharing resources, such as chat and notes to ensure that attendees have access to all material discussed throughout the training. All the material provided will help to ensure that students have the ability to continue learning well after the course ends and maximize the knowledge gained from this course.\n

Registration Link: https://www.eventbrite.com/e/modern-malware-analysis-for-threat-hunters-las-vegas-1-2-tickets-162214781779\n

Prerequisites

The primary requirement for this course is a desire to learn and the determination to tackle challenging problems. In addition, having some familiarization with the following topics will help students maximize their time in this course:

Basic familiarity with Linux and the terminal\n
An understanding of programming languages such as control structures (IF statements, loops and functions), data structures (objects, structures, arrays) and variable usage will be helpful

Materials needed:\n

Linux/Windows/Mac desktop environment\n
A laptop with the ability to run virtualization software such as VMWare or VirtualBox\n
Access to the system BIOS to enable virtualization, if disabled via the chipset\n
Ability to temporarily disable anti-virus or white-list folders/files associated with lab material\n
A laptop that the attendee is comfortable handling live malware on\n
Enough disk space to store at least a single 40 GB VM, although multiple VMs may be used

\n\n\'',NULL,220351),('4_Sunday','11','10:00','13:59','Y','WS','','\'Modern Malware Analysis for Threat Hunters\'','\'Aaron Rosenmund,Ryan Chapman\'','WS_e5e4e1f795ebc360b8ec32b8ee1f526b','\'\'',NULL,220352),('4_Sunday','12','10:00','13:59','Y','WS','','\'Modern Malware Analysis for Threat Hunters\'','\'Aaron Rosenmund,Ryan Chapman\'','WS_e5e4e1f795ebc360b8ec32b8ee1f526b','\'\'',NULL,220353),('4_Sunday','13','10:00','13:59','Y','WS','','\'Modern Malware Analysis for Threat Hunters\'','\'Aaron Rosenmund,Ryan Chapman\'','WS_e5e4e1f795ebc360b8ec32b8ee1f526b','\'\'',NULL,220354),('2_Friday','10','10:00','13:59','N','WS','','\'Analysis 101 and 102 for the Incident Responder\'','\'Kristy Westphal\'','WS_e75053c6797c606273b26bcef490e722','\'Title: Analysis 101 and 102 for the Incident Responder
\nWhen: Friday, Aug 6, 10:00 - 13:59 PDT
\nWhere: Workshops - Las Vegas 3+4 (Onsite Only)
\n
SpeakerBio:Kristy Westphal\n, Vice President, Security Operations
\nKristy Westphal is a versatile information technology professional with specific experience in providing advisory and management services in the area of information security and risk is currently employed as the Vice President, Security Operations at a financial services company. Specializing in leadership and program development, specific expertise in security areas includes: process analysis, risk assessments, security awareness programs, operating system security, network security, incident handling, vulnerability analysis and policy development.
\n\n
\nDescription:
\nYou have a theory about something you have found while roaming the network or conducting your own hackfest, but how do you go about proving it? This workshop will be a hands-on journey deep into the world of analysis. While analysis is a bit of an art form, there are methods that can be applied to make it less of a gut feeling and more of a scientific approach to support your hypothesis. From network forensics to log analysis to endpoint forensics and cloud log analysis, we will review numerous quick methods to gain context over the data you have gathered and apply critical thinking in an attempt to find the answers. Sometimes, the answers werenâ€™t meant to be found, but weâ€™ll also discuss how to make the best of any conclusion that you reach.\n

Registration Link: https://www.eventbrite.com/e/analysis-101-and-102-for-the-incident-responder-las-vegas-3-4-tickets-162216976343\n

Prerequisites: None

Materials needed:
\nLaptop with Wireshark installed\n

\n\'',NULL,220355),('2_Friday','11','10:00','13:59','Y','WS','','\'Analysis 101 and 102 for the Incident Responder\'','\'Kristy Westphal\'','WS_e75053c6797c606273b26bcef490e722','\'\'',NULL,220356),('2_Friday','12','10:00','13:59','Y','WS','','\'Analysis 101 and 102 for the Incident Responder\'','\'Kristy Westphal\'','WS_e75053c6797c606273b26bcef490e722','\'\'',NULL,220357),('2_Friday','13','10:00','13:59','Y','WS','','\'Analysis 101 and 102 for the Incident Responder\'','\'Kristy Westphal\'','WS_e75053c6797c606273b26bcef490e722','\'\'',NULL,220358),('2_Friday','15','15:00','18:59','N','WS','','\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'Ryan Holeman\'','WS_ed8d5006654dbb424d7367a98c614b97','\'Title: Learning to Hack Bluetooth Low Energy with BLE CTF
\nWhen: Friday, Aug 6, 15:00 - 18:59 PDT
\nWhere: Workshops - Las Vegas 3+4 (Onsite Only)
\n
SpeakerBio:Ryan Holeman\n, Global Security Overlord
\nRyan Holeman resides in Austin Texas where he works as the Global Security Overlord on Atlassian\'s Security team. He is also an advisor for the endpoint security software company Ziften Technologies. He received a Masters of Science in Software Engineering from Kent State University. His graduate research and masters thesis focused on C++ template metaprograming. He has spoken at many respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon. He has also published papers though venues such as ICSM and ICPC . You can keep up with his current activity, open source contributions and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, and shredding local skateparks.
\n\n
\nDescription:
\nBLE CTF is a series of Bluetooth low energy challenges in a capture the flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively teach a new concept to the user. For this workshop, we will step through a series of exercises to teach beginner students new concepts and allow more seasoned users to try new tools and techniques. After completing this workshop, you should have a good solid understanding of how to interact with and hack on BLE devices in the wild.\n

If you have done BLE CTF in the past, this class is still valuable. For advanced users we offer BLE CTF Infinity which is a sequel to BLE CTF. BLE CTF Infinity offers new exercises where each flag challenge is hosted in a completely separate GATT service. The new version allows for more advanced challenges which were not possible in the past.\n

To prepare for the workshop, please follow the setup documentation located at https://github.com/hackgnar/ble_ctf/blob/master/docs/workshop_setup.md\n

Registration Link: https://www.eventbrite.com/e/learning-to-hack-bluetooth-low-energy-with-ble-ctf-las-vegas-3-4-tickets-162217343441\n

Prerequisites: To prepare for the workshop, please follow the setup documentation located at https://github.com/hackgnar/ble_ctf/blob/master/docs/workshop_setup.md

Materials needed:
\nPreferably a Linux box with a bluetooth controller or a bluetooth usb dongle. An OSX or Windows machine with a Linux VM and usb passthough works as well but should be setup and tested before the workshop.\n

\n\'',NULL,220359),('2_Friday','16','15:00','18:59','Y','WS','','\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'Ryan Holeman\'','WS_ed8d5006654dbb424d7367a98c614b97','\'\'',NULL,220360),('2_Friday','17','15:00','18:59','Y','WS','','\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'Ryan Holeman\'','WS_ed8d5006654dbb424d7367a98c614b97','\'\'',NULL,220361),('2_Friday','18','15:00','18:59','Y','WS','','\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'Ryan Holeman\'','WS_ed8d5006654dbb424d7367a98c614b97','\'\'',NULL,220362),('3_Saturday','10','10:00','13:59','N','WS','','\'Hacking the Metal: An Introduction to Assembly Language Programming\'','\'eigentourist\'','WS_4e20845acc744ca73da8445b89de22fd','\'Title: Hacking the Metal: An Introduction to Assembly Language Programming
\nWhen: Saturday, Aug 7, 10:00 - 13:59 PDT
\nWhere: Workshops - Las Vegas 3+4 (Onsite Only)
\n
SpeakerBio:eigentourist\n, Programmer
\nEigentourist is a programmer who learned the craft in the early 1980s. He began formal education in computer science when the height of software engineering discipline meant avoiding the use of GOTO statements. Over the course of his career, he has created code of beautiful simplicity and elegance, and of horrific complexity and unpredictability. Sometimes it\'s hard to tell which was which. Today, he works on systems integration and engineering in the healthcare industry.
\n\n
\nDescription:
\nDeep below the surface of the web, the visible desktop, and your favorite mobile apps, lies a labyrinth where the rules of most programming languages cease to exist. This is the world of the reverse engineer, the malware analyst, and the veteran systems programmer. Here, we write code in assembly language, the lowest level at which a computing machine can be programmed. This workshop will introduce you to the world of assembly language programming, give you the opportunity to write some real-world code, and finally, to play the role of reverse engineer and try your hand at some guided malware analysis.\n

Registration Link: https://www.eventbrite.com/e/hacking-the-metal-an-introduction-to-assembly-language-programming-lv-34-tickets-162218563089\n

Prerequisites: Some previous programming experience is helpful but not vital.

Materials needed:
\nLaptop\n

\n\'',NULL,220363),('3_Saturday','11','10:00','13:59','Y','WS','','\'Hacking the Metal: An Introduction to Assembly Language Programming\'','\'eigentourist\'','WS_4e20845acc744ca73da8445b89de22fd','\'\'',NULL,220364),('3_Saturday','12','10:00','13:59','Y','WS','','\'Hacking the Metal: An Introduction to Assembly Language Programming\'','\'eigentourist\'','WS_4e20845acc744ca73da8445b89de22fd','\'\'',NULL,220365),('3_Saturday','13','10:00','13:59','Y','WS','','\'Hacking the Metal: An Introduction to Assembly Language Programming\'','\'eigentourist\'','WS_4e20845acc744ca73da8445b89de22fd','\'\'',NULL,220366),('3_Saturday','15','15:00','18:59','N','WS','','\'Evading Detection a Beginner\'s Guide to Obfuscation\'','\'Anthony \"Cx01N\" Rose,Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose\'','WS_a1601387cea5845b04b948d7522bf1a1','\'Title: Evading Detection a Beginner\'s Guide to Obfuscation
\nWhen: Saturday, Aug 7, 15:00 - 18:59 PDT
\nWhere: Workshops - Las Vegas 3+4 (Onsite Only)
\nSpeakers:Anthony \"Cx01N\" Rose,Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose
\n
SpeakerBio:Anthony \"Cx01N\" Rose\n, Lead Security Researcher
\nAnthony \"Cx01N\" Rose, CISSP, is the Lead Security Researcher at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, and RSA conferences. Cx01N is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing wide-spread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
\n
SpeakerBio:Jake \"Hubbl3\" Krasnov\n, Red Team Operations Lead
\nJake \"Hubbl3\" Krasnov is the Red Team Operations Lead at BC Security. He has spent the first half of his career as an Astronautical Engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. Hubbl3 has presented at DEF CON, where he taught courses on offensive PowerShell and has been recognized by Microsoft for his discovery of a vulnerability in AMSI. Jake has authored numerous tools, including Invoke-PrintDemon and Invoke-ZeroLogon, and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
\n
SpeakerBio:Vincent \"Vinnybod\" Rose\n, Lead Tool Developer
\nVincent \"Vinnybod\" Rose is the Lead Tool Developer for Empire and Starkiller. He is a software engineer with expertise in cloud service and has over a decade of software development and networking experience. Recently, his focus has been on building ad-serving technologies, web and ad-tracking applications. Vinnybod has presented at Black Hat has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://www.bc-security.org/blog/.
\n\n
\nDescription:
\nDefenders are constantly adapting their security to counter new threats. Our mission is to identify how they plan on securing their systems and avoid being identified as a threat. This is a hands-on class to learn the methodology behind malware delivery and avoiding detection. This workshop explores the inner workings of Microsoft\'s Antimalware Scan Interface (AMSI), Windows Defender, and Event Tracing for Windows (ETW). We will learn how to employ obfuscated malware using Visual Basic (VB), PowerShell, and C# to avoid Microsoft\'s defenses. Students will learn to build AMSI bypass techniques, obfuscate payloads from dynamic and static signature detection methods, and learn about alternative network evasion methods.\n

In this workshop, we will:\n

i. Understand the use and employment of obfuscation in red teaming.\nii. Demonstrate the concept of least obfuscation.\niii. Introduce Microsoft\'s Antimalware Scan Interface (AMSI) and explain its importance.\niv. Demonstrate obfuscation methodology for .NET payloads.\n

Registration Link: https://www.eventbrite.com/e/evading-detection-a-beginners-guide-to-obfuscation-las-vegas-3-4-tickets-162219734593\n

Prerequisites: Basic level of PowerShell or C# experience.

Materials needed:
\n- Laptop
\n- VMWare or Virtual Box
\n- Windows Dev machine or other Windows VM\n- Kali Linux VM\n

\n\'',NULL,220367),('3_Saturday','16','15:00','18:59','Y','WS','','\'Evading Detection a Beginner\'s Guide to Obfuscation\'','\'Anthony \"Cx01N\" Rose,Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose\'','WS_a1601387cea5845b04b948d7522bf1a1','\'\'',NULL,220368),('3_Saturday','17','15:00','18:59','Y','WS','','\'Evading Detection a Beginner\'s Guide to Obfuscation\'','\'Anthony \"Cx01N\" Rose,Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose\'','WS_a1601387cea5845b04b948d7522bf1a1','\'\'',NULL,220369),('3_Saturday','18','15:00','18:59','Y','WS','','\'Evading Detection a Beginner\'s Guide to Obfuscation\'','\'Anthony \"Cx01N\" Rose,Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose\'','WS_a1601387cea5845b04b948d7522bf1a1','\'\'',NULL,220370),('4_Sunday','10','10:00','13:59','N','WS','','\'Hacking the Metal: An Introduction to Assembly Language Programming\'','\'eigentourist\'','WS_576d81cc72e66accb45d9aa05a1e1f90','\'Title: Hacking the Metal: An Introduction to Assembly Language Programming
\nWhen: Sunday, Aug 8, 10:00 - 13:59 PDT
\nWhere: Workshops - Las Vegas 3+4 (Onsite Only)
\n
SpeakerBio:eigentourist\n, Programmer
\nEigentourist is a programmer who learned the craft in the early 1980s. He began formal education in computer science when the height of software engineering discipline meant avoiding the use of GOTO statements. Over the course of his career, he has created code of beautiful simplicity and elegance, and of horrific complexity and unpredictability. Sometimes it\'s hard to tell which was which. Today, he works on systems integration and engineering in the healthcare industry.
\n\n
\nDescription:
\nDeep below the surface of the web, the visible desktop, and your favorite mobile apps, lies a labyrinth where the rules of most programming languages cease to exist. This is the world of the reverse engineer, the malware analyst, and the veteran systems programmer. Here, we write code in assembly language, the lowest level at which a computing machine can be programmed. This workshop will introduce you to the world of assembly language programming, give you the opportunity to write some real-world code, and finally, to play the role of reverse engineer and try your hand at some guided malware analysis.\n

Registration Link: https://www.eventbrite.com/e/hacking-the-metal-an-introduction-to-assembly-language-programming-lv-34-tickets-162218597191\n

Prerequisites: Some previous programming experience is helpful but not vital.

Materials needed:
\nLaptop\n

\n\'',NULL,220371),('4_Sunday','11','10:00','13:59','Y','WS','','\'Hacking the Metal: An Introduction to Assembly Language Programming\'','\'eigentourist\'','WS_576d81cc72e66accb45d9aa05a1e1f90','\'\'',NULL,220372),('4_Sunday','12','10:00','13:59','Y','WS','','\'Hacking the Metal: An Introduction to Assembly Language Programming\'','\'eigentourist\'','WS_576d81cc72e66accb45d9aa05a1e1f90','\'\'',NULL,220373),('4_Sunday','13','10:00','13:59','Y','WS','','\'Hacking the Metal: An Introduction to Assembly Language Programming\'','\'eigentourist\'','WS_576d81cc72e66accb45d9aa05a1e1f90','\'\'',NULL,220374),('2_Friday','10','10:00','13:59','N','WS','','\'House of Heap Exploitation\'','\'James Dolan,Maxwell Dulin,Nathan Kirkland,Zachary Minneker\'','WS_44f56718a0ca3b574360d7719b3966f0','\'Title: House of Heap Exploitation
\nWhen: Friday, Aug 6, 10:00 - 13:59 PDT
\nWhere: Workshops - Las Vegas 5+6 (Onsite Only)
\nSpeakers:James Dolan,Maxwell Dulin,Nathan Kirkland,Zachary Minneker
\n
SpeakerBio:James Dolan\n, Security Engineer
\nJames Dolan works for Security Innovation as a Security Engineer focusing on engagements ranging from IoT hacking to kiosk exploitation. His current research interests include emerging threats against Mobile and IoT devices. He has a degree in Computer and Information Science from University of Oregon. In his free time, James enjoys composing music, playing video games or hiking in the greater Seattle area.
\n
SpeakerBio:Maxwell Dulin\n, Security Consultant
\nMaxwell Dulin (Strikeout) is a security consultant at Security Innovation hacking all things under the sun, from robots to web applications. Additionally, he started the Spokane Mayors Cyber Cup and has written pwnables for SSD. Maxwell has published many articles for a plethora of heap exploitation techniques, assorted web application hacking exploits and IoT device vulnerability hunting. He has previously spoken at DEFCON 27 IoT Village. In his free time, he plays with RF toys, hikes to fire lookouts and catches everything at dodgeball.
\n
SpeakerBio:Nathan Kirkland\n, Security Researcher & Engineer
\nRaised on a steady diet of video game modding, when Nathan found programming as a teenager, he fit right into it. Legend says he still keeps his coffee (and tear) stained 1980s edition of The C Programming Language by K&R stored in a box somewhere. A few borrowed Kevin Mitnick books later, he had a new interest, and began spending more and more time searching for buffer overflows and SQL injections. Many coffee fueled sleepless nights later, he had earned OSCP, and graduated highschool a few months later. After a few more years of working towards a math degree and trying fervently to teach himself cryptanalysis, he decided to head back to the types of fun hacking problems that were his real first love, and has worked at Security Innovation ever since.
\n
SpeakerBio:Zachary Minneker\n, Security Researcher & Engineer
\nZachary Minneker is a security researcher and security engineer at Security Innovation. His first computer was a PowerPC Macintosh, an ISA which he continues to defend to this day. At Security Innovation, he has performed security assessments on a variety of systems, including robots for kids, audio transcription codecs, and electronic medical systems. He has previous experience administrating electronic medical systems, and deep experience in fuzzing, reverse engineering, and protocol analysis. His research has focused on techniques for in-memory fuzzing, macOS sandbox security, and IPC methods.
\n\n
\nDescription:
\nHeap exploitation is an incredibly powerful tool for a hacker. As exploit mitigations have made exploitation more difficult, modern exploit development has moved to the heap. However, heap exploitation is a subject that has evaded many people for years for one reason: they focus on the techniques instead of the allocator. By learning with an allocator first style, the techniques are easily understood and practical to use.\n

This workshop is for learning heap exploit development in GLibC Malloc. GLibC Malloc is the default allocator on most Linux distros. With this hands-on introduction into GLibC Malloc heap exploitation you will learn how the allocator functions, heap specific vulnerability classes and to pwn with a variety of techniques. Whether you\'re an avid CTFer or just trying to get into heap exploitation on your pwnables site, this course is good for adding another tool to the tools arsenal. After taking this course you will understand the GLibC Malloc allocator, be able to discover heap specific vulnerability classes and pwn the heap with a variety of techniques, with the capability to easily learn more.\n

Registration Link: https://www.eventbrite.com/e/house-of-heap-exploitation-las-vegas-5-6-tickets-162214679473\n

Prerequisites: Basic computer science background (x86_64 assembly, stack, programming skills in C & Python) Basic binary exploitation skills (buffer overflow exploitation, ROP, ASLR, etc.) Familiar with Linux developer tools such as the command line, Python scripting and GDB. Previous usage of pwntools is a plus

Materials needed:
\nLaptop with enough power for a moderately sized Linux VM Administrative access to the laptop 8GB RAM minimum 50GB harddrive space Virtualbox or another virtualization platform installed\n

\n\'',NULL,220375),('2_Friday','11','10:00','13:59','Y','WS','','\'House of Heap Exploitation\'','\'James Dolan,Maxwell Dulin,Nathan Kirkland,Zachary Minneker\'','WS_44f56718a0ca3b574360d7719b3966f0','\'\'',NULL,220376),('2_Friday','12','10:00','13:59','Y','WS','','\'House of Heap Exploitation\'','\'James Dolan,Maxwell Dulin,Nathan Kirkland,Zachary Minneker\'','WS_44f56718a0ca3b574360d7719b3966f0','\'\'',NULL,220377),('2_Friday','13','10:00','13:59','Y','WS','','\'House of Heap Exploitation\'','\'James Dolan,Maxwell Dulin,Nathan Kirkland,Zachary Minneker\'','WS_44f56718a0ca3b574360d7719b3966f0','\'\'',NULL,220378),('2_Friday','15','15:00','18:59','N','WS','','\'Writing Golang Malware\'','\'Benjamin Kurtz\'','WS_3491ac6c7321b19a338938d402013e63','\'Title: Writing Golang Malware
\nWhen: Friday, Aug 6, 15:00 - 18:59 PDT
\nWhere: Workshops - Las Vegas 5+6 (Onsite Only)
\n
SpeakerBio:Benjamin Kurtz\n, Hacker
\nBen Kurtz is a hacker, a hardware enthusiast, and the host of the Hack the Planet podcast (https://symbolcrash.com/podcast). After his first talk, at DefCon 13, he ditched development and started a long career in security. He has been a pentester for IOActive, head of security for an MMO company, and on the internal pentest team for the Xbox One at Microsoft. Along the way, he volunteered on anti-censorship projects, which resulted in his conversion to Golang and the development of the ratnet project (https://github.com/awgh/ratnet). A few years ago, he co-founded the Binject group to develop core offensive components for Golang-based malware, and Symbol Crash, which focuses on sharing hacker knowledge through trainings for red teams, a free monthly Hardware Hacking workshop in Seattle, and podcasts. He is currently developing a ratnet-based handheld device for mobile encrypted mesh messenging, planned for release next year.
\nTwitter: @symbolcrash1
\nsymbolcrash.com
\n\n
\nDescription:
\nParticipants will learn how to design and build their own multi-platform Golang-based implants and c2 frameworks by building on samples provided.\n

Topics will include:\n

Communication between the implant and the command and control system including encrypted darknets with pluggable transports, covert exfiltration methods, detection evasion, and fault tolerant infrastructure design.\n
Binary transformation techniques designed to allow offensive practitioners the freedom of writing conventional binaries, yet maintaining the mobility of shellcode-like operating conditions.\n
Parsing and rewriting all binary formats to inject shellcode using a variety of reconfigurable methods.\n
On-the-wire modification of binaries and archives from a man-in-the-middle or malicious server perspective.\n
Methods of avoiding EDR with your implant, including loading modules direct from the c2 to memory without touching disk (on all platforms), customizable encrypting packers, and direct system calls/DLL unhooking (on Windows).

Registration Link: https://www.eventbrite.com/e/writing-golang-malware-las-vegas-5-6-tickets-162217403621\n

Prerequisites: Programming experience required, some experience with Golang would be helpful.

Materials needed:
\nLaptop (any operating system)\n

\n\'',NULL,220379),('2_Friday','16','15:00','18:59','Y','WS','','\'Writing Golang Malware\'','\'Benjamin Kurtz\'','WS_3491ac6c7321b19a338938d402013e63','\'\'',NULL,220380),('2_Friday','17','15:00','18:59','Y','WS','','\'Writing Golang Malware\'','\'Benjamin Kurtz\'','WS_3491ac6c7321b19a338938d402013e63','\'\'',NULL,220381),('2_Friday','18','15:00','18:59','Y','WS','','\'Writing Golang Malware\'','\'Benjamin Kurtz\'','WS_3491ac6c7321b19a338938d402013e63','\'\'',NULL,220382),('3_Saturday','10','10:00','13:59','N','WS','','\'Digital Forensics and Incident Response Against the Dark Arts: The Battle of Malicious Email and Downloaders\'','\'Michael Register,Michael Solomon\'','WS_523776ba31da806bd451b97324bde137','\'Title: Digital Forensics and Incident Response Against the Dark Arts: The Battle of Malicious Email and Downloaders
\nWhen: Saturday, Aug 7, 10:00 - 13:59 PDT
\nWhere: Workshops - Las Vegas 5+6 (Onsite Only)
\nSpeakers:Michael Register,Michael Solomon
\n
SpeakerBio:Michael Register\n
\nMichael Register (S3curityN3rd) has 5 years of combined experience across IT, Networking, and Cybersecurity. He currently holds multiple certifications, including the GCIH. S3curityN3rd spent the last 3 years working in Incident Response before a recent transition into a Threat Hunting role. His areas of focus have been on forensics, malware analysis, and scripting.
\n
SpeakerBio:Michael Solomon\n
\nMichael Solomon (mR_F0r3n51c5) is currently a Threat Hunter for a large managed security service provider. He has ten years of experience conducting Cyber Operations, Digital Forensics & Incident Response (DFIR), and Threat Hunting. He is very passionate about helping grow and inspire cybersecurity analysts for a better tomorrow.
\n\n
\nDescription:
\nEver wondered what it is like being a cybersecurity or incident response analyst? Here is your chance to experience an exciting 4-hour class taught by mR_F0r3n51c5 and S3curityN3rd. Phishing and malicious spam attacks continue to pose a significant risk in todayâ€™s cyber threat landscape. Using forensic and malware analysis fundamentals, this class will teach students how to analyze malicious downloaders, phishing emails, and malicious spam.\n

Upon successful class completion, students will be able to:\n

Build analysis skills that leverage complex scenarios and improve comprehension.\n Demonstrate an understanding of forensic fundamentals used to analyze an email.\n Use open-source information to collect and analyze threat actor data; identify indicators of compromise, and demonstrate how to pivot on that information.\n Demonstrate how to analyze a malicious downloader; to include but not limited to debugging and deobfuscation.\n Participate in a hand to keyboard combat capstone. Students will be given a malicious file sample and demonstrate how to analyze it. \n

Registration Link: https://www.eventbrite.com/e/digital-forensics-and-ir-against-the-dark-arts-las-vegas-5-6-tickets-162218185961\n

Prerequisites: None

Materials needed:
\nStudents will be required to download two virtual machines (OVA files). Students will be given a URL for download access. In regards to the downloaded virtual machines, these should be imported into your virtual machine software and ready before the start of class. If any additional technical support is needed, the instructors will make themselves available online.\n

Students must have a laptop that meets the following requirements:\n

A 64 bit CPU running at 2GHz or more. The students will be running two virtual machines on their host laptop.\n
Have the ability to update BIOS settings. Specifically, enable virtualization technology such as \"Intel-VT.\"\n
The student must be able to access their system\'s BIOS if it is password protected. This is in case of changes being necessary.\n
8 GB (Gigabytes) of RAM or higher\n
At least one open and working USB Type-A port\n
50 Gigabytes of free hard drive space, allowing you the ability to host the VMs we distribute\n
Students must have Local Administrator Access on their system.\n
Wireless 802.11 Capability\n
A host operating system that is running Windows 10, Linux, or macOS 10.4 or later.\n
Virtualization software is required. The supplied VMs have been built for out of the box comparability with VMWare Workstation or Player. Students may use other software if they choose, but they may have to troubleshoot unpredictable issues.

At a minimum, the following VM features will be needed:\n

NATted networking from VM to Internet\n
Copy Paste of text and files between the Host machine and VM

\n\n\'',NULL,220383),('3_Saturday','11','10:00','13:59','Y','WS','','\'Digital Forensics and Incident Response Against the Dark Arts: The Battle of Malicious Email and Downloaders\'','\'Michael Register,Michael Solomon\'','WS_523776ba31da806bd451b97324bde137','\'\'',NULL,220384),('3_Saturday','12','10:00','13:59','Y','WS','','\'Digital Forensics and Incident Response Against the Dark Arts: The Battle of Malicious Email and Downloaders\'','\'Michael Register,Michael Solomon\'','WS_523776ba31da806bd451b97324bde137','\'\'',NULL,220385),('3_Saturday','13','10:00','13:59','Y','WS','','\'Digital Forensics and Incident Response Against the Dark Arts: The Battle of Malicious Email and Downloaders\'','\'Michael Register,Michael Solomon\'','WS_523776ba31da806bd451b97324bde137','\'\'',NULL,220386),('3_Saturday','15','15:00','18:59','N','WS','','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Solstice\'','WS_55369ab9fbc93df7f620e668aec4a6bd','\'Title: Advanced Wireless Attacks Against Enterprise Networks
\nWhen: Saturday, Aug 7, 15:00 - 18:59 PDT
\nWhere: Workshops - Las Vegas 5+6 (Onsite Only)
\n
SpeakerBio:Solstice\n, Offensive Security Engineer
\nSolstice is an offensive security engineer at a major cloud provider. He currently specializes in kinetic threats, identifying attack vectors against \"edge\" devices deployed in hostile environments. Previously, he worked as a red team operator at companies such as SpecterOps, specializing in SIGINT and Windows-focused adversarial tradecraft. He is the author of EAPHammer, SilentBridge, DropEngine, and has contributed to high-profile projects such as hostapd-wpe and Empire.
\n\n
\nDescription:
\nThis workshop will instruct attendees on how to carry out sophisticated wireless attacks against corporate infrastructure. Attendees will learn how to attack and gain access to WPA2-Enterprise networks using relay attacks, how to abuse MSCHAPv2 and GTC to efficiently capture network credentials, perform effective target selection with zero prior knowledge, leverage rogue access point attacks to deliver malware and harvest keystrokes, and abuse Opportunistic Wireless Encryption (OWE) to perform PITM attacks. All material discussed in the lectures will be practiced within a realistic lab environment.\n

Registration Link: https://www.eventbrite.com/e/advanced-wireless-attacks-against-enterprise-networks-las-vegas-5-6-tickets-162214769743\n

Prerequisites: A previous wireless security background is helpful but certainly not required.

Materials needed:
\n- Students will be required to provide their own laptops, which must meet the following requirements:\n

must be capable of running virtualization software such as VMWare or VirtualBox\n
must have at least 100gb of free disk space OR have a free USB port and supplementary external hard drive with at least 100gb of free disk space available\n
must be provisioned with a 64-bit operating system

Corporate / managed laptops are not recommended due to software restrictions.\n

\n\'',NULL,220387),('3_Saturday','16','15:00','18:59','Y','WS','','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Solstice\'','WS_55369ab9fbc93df7f620e668aec4a6bd','\'\'',NULL,220388),('3_Saturday','17','15:00','18:59','Y','WS','','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Solstice\'','WS_55369ab9fbc93df7f620e668aec4a6bd','\'\'',NULL,220389),('3_Saturday','18','15:00','18:59','Y','WS','','\'Advanced Wireless Attacks Against Enterprise Networks\'','\'Solstice\'','WS_55369ab9fbc93df7f620e668aec4a6bd','\'\'',NULL,220390),('1_Thursday','21','21:00','21:59','N','MUS','','\'Music - CTRL/RSM\'','\'CTRL/rsm\'','MUS_3eca3cc54fd7f84d5b13f1ba2e091bbb','\'Title: Music - CTRL/RSM
\nWhen: Thursday, Aug 5, 21:00 - 21:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:CTRL/rsm\n
\nan audio / visual bombardment of your cerebral cortex\n

\n\n
\nDescription:No Description available
\n\'',NULL,220391),('1_Thursday','22','22:00','22:59','N','MUS','','\'Music - Abstrct\'','\'Abstrct\'','MUS_e5fe284116dd88276d9be869cb279f37','\'Title: Music - Abstrct
\nWhen: Thursday, Aug 5, 22:00 - 22:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Abstrct\n
\nAbstrct has spent his quarantine bringing dirty progressive and dancey funk to your living rooms, kitchens, patios, and pools each weekend, but holy heck is he ready to bring the party back to DEF CON proper.\n

https://soundcloud.com/abstrct/saturday-morning-quarantoons-ep46\nhttps://imgur.com/m5Jcql2
\nhttps://twitter.com/Abstr_ct
\nhttps://www.twitch.tv/abstr_ct\n

\nTwitter: @Abstr_ct
\n\n
\nDescription:No Description available
\n\'',NULL,220392),('1_Thursday','23','23:00','23:59','N','MUS','','\'Music - Dr. McGrew\'','\'Dr. McGrew\'','MUS_f2a850db02e4e5e0e260e3aba031effd','\'Title: Music - Dr. McGrew
\nWhen: Thursday, Aug 5, 23:00 - 23:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Dr. McGrew\n
\nBy day, Dr. McGrew serves as Senior Cyber Fellow for MartinFederal. By night he spins a curated collection of house and more.\n

https://pbs.twimg.com/profile_images/1319660847069802497/g9z15y61_400x400.jpg\nhttps://twitter.com/McGrewSecurity\n

\nTwitter: @McGrewSecurity
\n\n
\nDescription:No Description available
\n\'',NULL,220393),('2_Friday','00','00:00','00:59','N','MUS','','\'Music - DJ St3rling\'','\'DJ St3rling\'','MUS_27055b92b6784f94114f40fcaf0c2446','\'Title: Music - DJ St3rling
\nWhen: Friday, Aug 6, 00:00 - 00:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:DJ St3rling\n
\nL33t Hacker by day, DJ by night- DJ St3rling brings those dirty ass bass wobbles and loads of remixed electronic house music. Together, let\'s Drink all the booze and Hack all the things! Let\'s Rock <3\n
\n

https://www.facebook.com/photo?fbid=1277406085958716&set=a.116333305399339\nhttps://www.youtube.com/c/DJSt3rling
\nhttps://www.facebook.com/OfficialDjSt3rling\nhttps://www.instagram.com/theycallmest3r\nhttps://soundcloud.com/theycallmest3r
\nhttps://www.twitch.tv/theycallmest3r\n

\n\n
\nDescription:No Description available
\n\'',NULL,220394),('2_Friday','01','01:00','01:59','N','MUS','','\'Music - Acid T\'','\'Acid T\'','MUS_4473b7bb28aa7299a18923a57de9bdfc','\'Title: Music - Acid T
\nWhen: Friday, Aug 6, 01:00 - 01:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Acid T\n
\nPrepare for some Post Pandemic Pandemonium!\n

https://www.facebook.com/dj.sm0ke
\nhttps://www.twitch.tv/studio_sm0ke
\nhttps://www.youtube.com/channel/UC55xsENb9PKz-IKB5zodYGA\nhttps://soundcloud.com/acid_t
\nhttps://twitter.com/DJ_Sm0ke
\nhttps://youtu.be/3lIhyGU4uB4
\nhttps://soundcloud.com/acid_t/liquid-feeling\n

\nTwitter: @DJ_Sm0ke
\n\n
\nDescription:No Description available
\n\'',NULL,220395),('2_Friday','21','21:00','21:59','N','MUS','','\'Music - Thaad\'','\'Thaad\'','MUS_7f2843a1e1ed51f424c54b8e699962c6','\'Title: Music - Thaad
\nWhen: Friday, Aug 6, 21:00 - 21:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Thaad\n
\nLead DJ and Promoter at Malevolent-Las Vegas.\nFounder of Anti-Klub.
\nPower Noise Movement Original.
\nKlub Terminal Resident DJ.\n

https://facebook.com/djTotalHarmonDistortion\nhttps://www.twitch.tv/djthaad
\nhttps://www.mixcloud.com/DJ_ThAAd
\nhttps://soundcloud.com/d-j-th-d\n

\n\n
\nDescription:No Description available
\n\'',NULL,220396),('2_Friday','22','22:00','22:59','N','MUS','','\'Music - FuzzyNop\'','\'FuzzyNop\'','MUS_ad18f788201be5d6ae33813ada95e72a','\'Title: Music - FuzzyNop
\nWhen: Friday, Aug 6, 22:00 - 22:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:FuzzyNop\n
\nFuzzyNop is a computer, raised by computers that told him to computer, now he knows how to computer.\n

https://www.youtube.com/watch?v=dqtTPco4_v8\nhttps://drive.google.com/drive/folders/1DJDbugX8FfhyeZ8AZhemEYrb86qbmGJ2?usp=sharing\nhttps://twitter.com/fuzzynop
\nhttps://www.vjdj.io\n

\n\n
\nDescription:No Description available
\n\'',NULL,220397),('2_Friday','23','23:00','23:59','N','MUS','','\'Music - n0x08\'','\'n0x08\'','MUS_748f35a301e6f7619bc0d724a493daf7','\'Title: Music - n0x08
\nWhen: Friday, Aug 6, 23:00 - 23:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:n0x08\n
\nn0x08 has been obliterating eardrums with filthy drum&bass since he first played the Seattle club scene in the early 2000\'s. A staunch advocate against laptop DJ\'s and for getting TF off his lawn, the pandemic finally made him break down & switch to digital. He rides to Valhalla, shiny & chrome!\n

https://media.wired.com/photos/5f726156dc40abe2b60138b1/master/w_1600%2Cc_limit/backchannel_cti_seattle.jpg\nhttps://twitter.com/n0x08
\nhttps://soundcloud.com/n0x08\n

\n\n
\nDescription:No Description available
\n\'',NULL,220398),('3_Saturday','00','00:00','00:59','N','MUS','','\'Music - Scotch & Bubbles\'','\'Scotch & Bubbles\'','MUS_3544bb9c27ad807fa17e85dc0f4aa572','\'Title: Music - Scotch & Bubbles
\nWhen: Saturday, Aug 7, 00:00 - 00:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Scotch & Bubbles\n
\nScotch and Bubbles have a long history of brining the untz, unce, and wub to nursing homes, children\'s hospitals, and employee sexual harassment training (giggity). When not running her NFT side hustle with Ken in her dreamhouse, the Barbie has kept playing on during COVID at â€œitâ€™s not you itâ€™s the virusâ€ break-ups, awkward coworker Zoom game nights, background music for Floyd Mayweatherâ€™s Cameo videos, and private pool cocktail deliveries for the at-home cabana experience. Previous tik-tock and YouTube vloggers have said about Zack \" itâ€™s better than still being stuck at home\", \"definitely some value as a free show\", and \"heâ€™s better off backstage\".\n

Fan [girls|boys] can find Erin on-the-line as @secbarbie on Twitter and Erin\'s Secret Society of Stalkers at secbarbie.com. Interested peeps, stalkers, and midget strippers can join Zack\'s A++ #1 Fan club @ zfasel.com on Twitter or unliking/unsubscribing/refusing to comment as zfasel here.\n

http://scotchandbubbles.club/wp-content/uploads/2021/05/profile_zack-barbie.png\nhttps://www.twitch.tv/secbarbie
\nhttps://soundcloud.com/secbarbie
\nhttps://twitter.com/secbarbie
\nhttps://twitter.com/zfasel\n

\n\n
\nDescription:No Description available
\n\'',NULL,220399),('3_Saturday','01','01:00','01:59','N','MUS','','\'Music - Magik Plan\'','\'Magik Plan\'','MUS_232dfb3d9c2d9b4d5186eb43e17dc1c8','\'Title: Music - Magik Plan
\nWhen: Saturday, Aug 7, 01:00 - 01:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Magik Plan\n
\nMagik Plan was founded in 2008 by Garrett Jones.\nOriginally getting his start in electronic music by setting up projections for underground parties, he carved his way through the early days of the dance music scene while making a name for himself as Magik Plan.\nHis obsession with guitars and live instrumentals lead him into diving into the world of sound design. After graduating college in 2009, Garrett began releasing music on online platforms such as SoundCloud.\n

Fast forward 10 years later, Magik Plan has become a growing name in PsyTrance, Progressive House, Drum n Bass, Chillout and more flavors of electronica.\n

https://drive.google.com/file/d/1Mj2TAyZdj5tZljcK3oTzg-5lSNpZh5pg/view?usp=sharing\nhttps://soundcloud.com/magikplan
\nhttps://instagram.com/magikplan
\nhttps://facebook.com/magikplan
\nhttps://spoti.fi/3jBy8ko\n

\n\n
\nDescription:No Description available
\n\'',NULL,220400),('3_Saturday','21','21:00','21:59','N','MUS','','\'Music - Ohm-i\'','\'Ohm-i\'','MUS_a89b6bf7f985a59f70a9ca0902fa73eb','\'Title: Music - Ohm-i
\nWhen: Saturday, Aug 7, 21:00 - 21:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Ohm-i\n
\nOhm-I is known for his music that primarily focuses on storytelling and comedy from a nerdy perspective. He is a Navy veteran and currently a red teamer with a strong penchant for causing you to involuntarily dance and sing along. He has performed at several major anime/gaming conventions and heavily supports spreading awareness of information security careers to kids in underrepresented communities. Ohm-I has performed at DEF CON NYE, Sony Online Entertainment Live, Otakon, SXSW, various PAX venues, and various other cons and venues all over the country as part of the Nerdy People of Color Collective.\n

https://mcohmi.com/photos
\nhttps://twitter.com/mcohmi
\nhttps://www.instagram.com/mcohmi/
\nhttps://twitter.com/NPCCollective
\nhttps://www.twitch.tv/mcohmi\n

\nTwitter: @mcohmi
\n\n
\nDescription:No Description available
\n\'',NULL,220401),('3_Saturday','22','22:00','22:59','N','MUS','','\'Music - Krisz Klink\'','\'Krisz Klink\'','MUS_73444acea3ab2303eab58cf92631aee1','\'Title: Music - Krisz Klink
\nWhen: Saturday, Aug 7, 22:00 - 22:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Krisz Klink\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,220402),('3_Saturday','23','23:00','23:59','N','MUS','','\'Music - Miss Jackalope\'','\'Miss Jackalope\'','MUS_3f13cc3c50e4c56d791431bbb2d2ba7b','\'Title: Music - Miss Jackalope
\nWhen: Saturday, Aug 7, 23:00 - 23:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Miss Jackalope\n
\nMiss Jackalope is DEF CON\'s resident community DJ who has a Threat Intel $day job, makes a ton of awesome Jackalope Army swag (see the DC Vendor area), hosts a goofy DJ steam on Twitch, herds Ingress cats, and says silly things on Twitter. She plays drum and bass and techno and is known for playing so hard the ceiling caves in. Long live the Jackalope Army!\n

http://www.dj-jackalope.com/appearence.html\nhttps://Twitch.tv/missjackalope
\nhttps://twitter.com/djjackalope
\nhttps://instgram.com/djjackalope
\nhttps://missjackalope.com
\nhttps://mixcloud.com/djjackalope
\nhttps://missjackalope.square.site\n

\nTwitter: @djjackalope
\n\n
\nDescription:No Description available
\n\'',NULL,220403),('4_Sunday','00','00:00','00:59','N','MUS','','\'Music - Zebbler Encanti Experience\'','\'Zebbler Encanti Experience\'','MUS_582d8c1f25a391f7ad9f0f4cbf270a59','\'Title: Music - Zebbler Encanti Experience
\nWhen: Sunday, Aug 8, 00:00 - 00:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:Zebbler Encanti Experience\n
\nZebbler Encanti Experience (aka â€œZEEâ€) is an audio/visual collaboration between video artist Zebbler and electronic music producer Encanti, based out of Boston, Massachusetts and Valencia, Spain. The Experience is an immersive performance of mapped visuals on three custom winged projection screens, synchronized with heavy peak-hour psychedelic bass music, resulting in the creation of a fantasy world for audiences to lose themselves in.\n

Zebbler Encanti Experience released a critically-acclaimed EP, End Trance, on standout bass label Wakaan, coupled with a performance at the inaugural Wakaan Festival. Coming out of the pandemic, ZEE released Syncorswim on longtime label Gravitas Recordings, which is a full audio-visual album exploring the ambient, glitchy, and IDM side of the project. Beautiful natural visuals accompany gorgeous, synth-heavy grooves. This different perspective gives fans a whole new look at what an A/V project can be.\n

ZEE have seen a considerable amount of road time in the last few years, serving as integral members of multiple tour teams. The architect behind the projection mapped projects for Shpongle and EOTO, and assisting with Infected Mushroomâ€™s stage construction, Zebbler has toured the United States nonstop producing visual shows and performing as a VJ at hundreds of high profile events. In addition to ZEE performing as direct touring support for EOTO in venues throughout the country, and performing in the Shpongle Live band during their first few shows in the United States and final appearance at Red Rocks, Encanti has carved out some time to teach electronic music production to graduate students in the Valencia, Spain wing of Berklee College of Music.\n

https://zebblerencantiexperience.com/
\nhttps://facebook.com/zebblerencantiexperience\nhttps://instagram.com/zebblerencantiexperience\nhttps://soundcloud.com/zebblerencantiexperience\n

\n\n
\nDescription:No Description available
\n\'',NULL,220404),('4_Sunday','01','01:00','01:59','N','MUS','','\'Music - CTRL/rsm\'','\'CTRL/rsm\'','MUS_f8cfd9c9be5ed5efd49f515c101bd870','\'Title: Music - CTRL/rsm
\nWhen: Sunday, Aug 8, 01:00 - 01:59 PDT
\nWhere: Bally\'s Silver Ballroom
\n
SpeakerBio:CTRL/rsm\n
\nan audio / visual bombardment of your cerebral cortex\n

https://www.instagram.com/ctrlrsm
\nhttps://www.facebook.com/ctrlrsm
\nhttps://www.twitch.tv/ctrlrsm\n

\n\n
\nDescription:No Description available
\n\'',NULL,220405),('1_Thursday','21','21:00','21:59','N','MUS','','\'Music - Deep Therapy\'','\'Deep Therapy\'','MUS_cfa9a01bde295ba346f971983e544dcf','\'Title: Music - Deep Therapy
\nWhen: Thursday, Aug 5, 21:00 - 21:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:Deep Therapy\n
\nDeep Therapy, the duo based out of South Florida began by hosting and DJ\'n their own college radio shows. Constantly achieving new heights of dancefloor energy and pushing the boundaries of convention, Deep Therapy is recognized as one of South Floridaâ€™s essential DJâ€™s. Deep Therapy has been featured on Sirius XM radio in Ultra Music Festival Radio, opening up for Infected Mushroom as well as performing at Ultra Music Festival Miami three years, featured across Miami Music Week events, and has performed / held residencies at Space Miami and Treehouse Miami.\n

https://www.mixcloud.com/SoundboxMiami/deep-therapy-defcon-conference-2020-wall-of-sheep/\nhttps://imgur.com/ylG9jDo
\nhttps://www.facebook.com/deeptherapy\n

\n\n
\nDescription:No Description available
\n\'',NULL,220406),('1_Thursday','22','22:00','22:59','N','MUS','','\'Music - Tense Future\'','\'Tense Future\'','MUS_248ceea60bad74e4687aa3f2418a54d4','\'Title: Music - Tense Future
\nWhen: Thursday, Aug 5, 22:00 - 22:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:Tense Future\n
\nLos Angeles, CA. Trapped in an autonomous car during a solar flare. Anxiety attack over spying home appliances that tip their hand. General AI caretaker grappling over competing logical fallacies. Dark techno sounds from the tense future that was once distant.\n

https://soundcloud.com/tensefuture/d...years-eve-2020\nhttps://soundcloud.com/tensefuture/live-def-con-27-phv\nhttps://www.dropbox.com/s/nhwpfpule1...pdate.jpg?dl=0\nhttps://soundcloud.com/tensefuture
\nhttps://twitter.com/tensefutur3\n

\n\n
\nDescription:No Description available
\n\'',NULL,220407),('1_Thursday','23','23:00','23:59','N','MUS','','\'Music - FuzzyNop\'','\'FuzzyNop\'','MUS_43843429324e80c33fb870b2d2be20fc','\'Title: Music - FuzzyNop
\nWhen: Thursday, Aug 5, 23:00 - 23:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:FuzzyNop\n
\nFuzzyNop is a computer, raised by computers that told him to computer, now he knows how to computer.\n

https://www.youtube.com/watch?v=dqtTPco4_v8\nhttps://drive.google.com/drive/folders/1DJDbugX8FfhyeZ8AZhemEYrb86qbmGJ2?usp=sharing\nhttps://twitter.com/fuzzynop
\nhttps://www.vjdj.io\n

\n\n
\nDescription:No Description available
\n\'',NULL,220408),('2_Friday','21','21:00','21:59','N','MUS','','\'Music - Yesterday & Tomorrow\'','\'Yesterday & Tomorrow\'','MUS_17c660667fc4c0f33740e83c8daf49c1','\'Title: Music - Yesterday & Tomorrow
\nWhen: Friday, Aug 6, 21:00 - 21:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:Yesterday & Tomorrow\n
\nYesterday & Tomorrow believes in DJing as an art form, seeking to establish a deep connection with listeners through rhythm and sound.\n

Influenced heavily by legendary DJs such as John Digweed and Hernan Cattaneo, his musical selections showcase the latest in underground dance music from all corners of the globe, from Argentina to Berlin and beyond.\n

Y&T has performed at various DEF CON venues and events for several years running and showcases the latest releases weekly on select streaming platforms.\n

https://www.mixcloud.com/yesterdayan...-showcase-mix/\nhttps://imgur.com/sHtxfyv
\nMixcloud: https://www.mixcloud.com/yesterdayandtomorrow\nTwitch: https://twitch.tv/yesterdayandtomorrow\nAdditional: https://linktr.ee/yesterdayandtomorrow\n

\n\n
\nDescription:No Description available
\n\'',NULL,220409),('2_Friday','22','22:00','22:59','N','MUS','','\'Music - Terrestrial Access Network\'','\'Terrestrial Access Network\'','MUS_28351cb0c5388c3ec118b508986db139','\'Title: Music - Terrestrial Access Network
\nWhen: Friday, Aug 6, 22:00 - 22:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:Terrestrial Access Network\n
\nIf packets were to dance, they would surely dance to this.\n
\n

https://soundcloud.com/collinsulliva...mix-07-06-2019\nhttps://www.mediafire.com/view/g31mc...PRESS.png/file\nhttps://soundcloud.com/collinsullivan
\nhttps://www.instagram.com/terrestrialaccessnetwork/\n

\n\n
\nDescription:No Description available
\n\'',NULL,220410),('2_Friday','23','23:00','23:59','N','MUS','','\'Music - Z3NPI\'','\'Z3NPI\'','MUS_5b345adf3232f2c155ba9b031de64580','\'Title: Music - Z3NPI
\nWhen: Friday, Aug 6, 23:00 - 23:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:Z3NPI\n
\nZ3Npi is the culmination of over 2 decades of writing, recording, and performing electronic music from many genres. Originally known as dj:devoid, Chris Schmidt has spent over half his life creating music and is bringing to bear the experience heâ€™s gained to a new project. With Z3Npi, the concept is clear:\n

â€œMusic is the glue that holds us togethers, it can heal our hearts and minds in ways that nothing else canâ€.\n

Collaboration is an important aspect of the Z3Npi sound, so you can expect a wide variety of featured artists in his catalog. More than anything music is best when itâ€™s combined with performances that accentuate the sounds â€“ Z3Npi delivers not just a unique recorded sound but performances that take the music to the next level.\n

https://www.youtube.com/watch?v=NeDqEGUrRcg\nhttps://i0.wp.com/z3npi.com/wp-conte...74961283_n.jpg\nhttps://i0.wp.com/z3npi.com/wp-conte...1/02/image.png\nhttps://i2.wp.com/z3npi.com/wp-conte.../12/Church.jpg\n

\n\n
\nDescription:No Description available
\n\'',NULL,220411),('3_Saturday','21','21:00','21:59','N','MUS','','\'Music - mattrix\'','\'mattrix\'','MUS_918f965148f38181f01af13c614fa82a','\'Title: Music - mattrix
\nWhen: Saturday, Aug 7, 21:00 - 21:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:mattrix\n
\nhttps://1drv.ms/v/s!AKEhFmBpC9cHimI
\nhttps://twitter.com/mattrix_
\nInsta @mattrixla
\nTwitter: @mattrix_
\n\n
\nDescription:No Description available
\n\'',NULL,220412),('3_Saturday','22','22:00','22:59','N','MUS','','\'Music - Icetre Normal\'','\'Icetre Normal\'','MUS_7992f3f1092fe2cd5f55ba540afbea88','\'Title: Music - Icetre Normal
\nWhen: Saturday, Aug 7, 22:00 - 22:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:Icetre Normal\n
\nSometime in 1975, a fissure in the time-space continuum, allowed for only briefest of moments the possibility of time travel. A young iconoclast first born in 2275 took advantage of this brief opportunity.\n

He traveled with only his knowledge of the art of party creation, ability to bend space and time, and supreme skill of serving the masses with only the smallest pool of available alcohol.\n

First appearing at Defcon X, since then Icetre can always be found somehow making the impossible possible, and bringing the funk while doing so.\n

https://photos.app.goo.gl/tUi8xmRuKpLCuVC16\nhttps://www.facebook.com/icetre.normal
\nhttps://www.twitter.com/aniabeenz
\nhttps://www.youtube.com/channel/UCVY8zEm23QFbO-7LfWLR6xg\n

\n\n
\nDescription:No Description available
\n\'',NULL,220413),('3_Saturday','23','23:00','23:59','N','MUS','','\'Music - Nina Lowe\'','\'Nina Lowe\'','MUS_56977e39368968b024e76309f36b8358','\'Title: Music - Nina Lowe
\nWhen: Saturday, Aug 7, 23:00 - 23:59 PDT
\nWhere: Bally\'s Pool
\n
SpeakerBio:Nina Lowe\n
\nNina fights crime as a cyber threat analyst, defending global, diverse environments. She\'s most passionate about food, science fiction, music, and kicking all the @ss.\n

Genres: DnB, Tech House, Techno, Psytrance\n

https://imgur.com/a/bSyxPzE
\nhttps://twitter.com/PacketTorta
\nhttps://soundcloud.com/ninalowe
\nhttps://www.twitch.tv/packettorta\n

\nTwitter: @PacketTorta
\n\n
\nDescription:No Description available
\n\'',NULL,220414),('3_Saturday','20','20:30','21:30','N','AVV','','\'Panel discussion: Is Adversary Emulation Too ___ For You?\'','\'Jamie Williams,Cat Self,Tim Schulz,Michael Long,Frank Duff,Jose Barajas\'','AVV_317363c48de357028b29fff5ec775412','\'Title: Panel discussion: Is Adversary Emulation Too ___ For You?
\nWhen: Saturday, Aug 7, 20:30 - 21:30 PDT
\nWhere: Adversary Village (Virtual)
\nSpeakers:Jamie Williams,Cat Self,Tim Schulz,Michael Long,Frank Duff,Jose Barajas
\n
SpeakerBio:Jamie Williams\n, Principal Adversary Emulation Engineer â€“ The MITRE Corporation
\nJamie Williams is an engineer at MITRE where he works on various exciting efforts involving security operations and research, specializing in adversary emulation and behavior-based detections. He also leads teams that help shape and deliver the â€œadversary-touchâ€ within MITRE ATT&CK® and ATT&CK Evaluations.
\n
SpeakerBio:Cat Self\n, Lead Cyber Adversarial Engineer â€“ The MITRE Corporation
\nCat Self is a Lead Cyber Adversarial Engineer working on MITRE ATT&CK® and ATT&CK Evaluations teams at MITRE. Cat previously worked at Target as a red team operator, threat hunter, and developer. Cat is an Army Military Intelligence veteran with a passion for mentorship, hiking in foreign lands, and finding opportunities to give back.
\n
SpeakerBio:Tim Schulz\n, Adversary Emulation Lead - SCYTHE
\nTim Schulz is SCYTHEâ€™s Adversary Emulation Lead. He has been helping organizations build and train teams to understand and emulate cyber threats for the last seven years while working at multiple FFRDCs. He is the author of the Purple Maturity Model, and has given talks on purple teaming, adversary emulation, security testing, and technical leadership.
\n
SpeakerBio:Michael Long\n, Capability Area Lead for Cyber Adversary Emulation â€“ The MITRE Corporation
\nMichael Long is a Principal Adversary Emulation Engineer at the MITRE Corporation and a former U.S. Army Cyber Operations Specialist. Michael has over 10 yearsâ€™ experience in offensive and defensive cyber operations. With MITRE, Michael leads adversary emulation activities for ATT&CK Evaluations. Michael is also an instructor for MITRE ATT&CK Defenderâ€™s upcoming ATT&CK Adversary Emulation course.
\n
SpeakerBio:Frank Duff\n, Director of ATT&CK Evaluations - MITRE Engenuity
\nFrank Duff is the General Manager for MITRE Engenuity\'s ATT&CK Evaluations. Frank has spent over 15 years at the MITRE Corporation, starting in radar signal analysis and then transitioning to cyber security. He was on the forefront of early endpoint detection and response research, before leading a team responsible for developing and executing test methodologies. He now leverages this experience to foster public-private partnerships to drive organizational security and product improvement.
\n
SpeakerBio:Jose Barajas\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220415),('3_Saturday','21','20:30','21:30','Y','AVV','','\'Panel discussion: Is Adversary Emulation Too ___ For You?\'','\'Jamie Williams,Cat Self,Tim Schulz,Michael Long,Frank Duff,Jose Barajas\'','AVV_317363c48de357028b29fff5ec775412','\'\'',NULL,220416),('2_Friday','12','12:00','12:30','N','AIV','','\'Algorithmic Ethics Bug Bounty Contest Announcement\'','\'Rumman Chowdhury\'','AIV_3cd4f29d16928afd746ee03c913e57e6','\'Title: Algorithmic Ethics Bug Bounty Contest Announcement
\nWhen: Friday, Aug 6, 12:00 - 12:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Rumman Chowdhury\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,220417),('1_Thursday','07','07:00','06:59','N','BHV','','\'Table Top Exercise - Deus Ex Machina (Pre-registration Required)\'','\' \'','BHV_303fa44eda567f93feb5b6fa81aa8972','\'Title: Table Top Exercise - Deus Ex Machina (Pre-registration Required)
\nWhen: Thursday, Aug 5, 07:00 - 06:59 PDT
\nWhere: Biohacking Village (TTX)
\n
\nDescription:
\nhttps://www.villageb.io/ttx
\n\'',NULL,220418),('1_Thursday','10','10:00','13:59','N','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-Qual) (Pre-registration required)\'','\' \'','BHV_5b24b96d3c779eb850166e1dee5c1c01','\'Title: Biohacking Village CTF: Hospital Under Siege (Pre-Qual) (Pre-registration required)
\nWhen: Thursday, Aug 5, 10:00 - 13:59 PDT
\nWhere: Biohacking Village (CTF)
\n
\nDescription:
\nhttps://www.villageb.io/ctf2021
\n\'',NULL,220419),('1_Thursday','11','10:00','13:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-Qual) (Pre-registration required)\'','\' \'','BHV_5b24b96d3c779eb850166e1dee5c1c01','\'\'',NULL,220420),('1_Thursday','12','10:00','13:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-Qual) (Pre-registration required)\'','\' \'','BHV_5b24b96d3c779eb850166e1dee5c1c01','\'\'',NULL,220421),('1_Thursday','13','10:00','13:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-Qual) (Pre-registration required)\'','\' \'','BHV_5b24b96d3c779eb850166e1dee5c1c01','\'\'',NULL,220422),('2_Friday','10','10:00','10:45','N','BHV','','\'Biohacking Village Welcome Keynote\'','\'Nina Alli\'','BHV_c3bc3a72b1f7fa92c2a29c04c2dc4e61','\'Title: Biohacking Village Welcome Keynote
\nWhen: Friday, Aug 6, 10:00 - 10:45 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Nina Alli\n, Executive Director, Biohacking Village
\nNo BIO available
\n\n
\nDescription:
\nWillkommen, Bienvenue, Bienvenido, Bem-vindo, Ð”Ð¾Ð±Ñ€Ð¾ Ð¿Ð¾Ð¶Ð°Ð»Ð¾Ð²Ð°Ñ‚ÑŒ, Ø£Ù‡Ù„Ø§ Ø¨Ùƒ , ×‘×¨×•×š ×”×‘×, kaabo.\n

Lets talk about the strides we, as a village and a community, have made in one year.\n

\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220423),('2_Friday','10','10:00','17:59','N','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_fcfb08cac789cc071fa8ed75829c197c','\'Title: Biohacking Village CTF: Hospital Under Siege (Pre-registration required)
\nWhen: Friday, Aug 6, 10:00 - 17:59 PDT
\nWhere: Biohacking Village (CTF)
\n
\nDescription:No Description available
\n\'',NULL,220424),('2_Friday','11','10:00','17:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_fcfb08cac789cc071fa8ed75829c197c','\'\'',NULL,220425),('2_Friday','12','10:00','17:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_fcfb08cac789cc071fa8ed75829c197c','\'\'',NULL,220426),('2_Friday','13','10:00','17:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_fcfb08cac789cc071fa8ed75829c197c','\'\'',NULL,220427),('2_Friday','14','10:00','17:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_fcfb08cac789cc071fa8ed75829c197c','\'\'',NULL,220428),('2_Friday','15','10:00','17:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_fcfb08cac789cc071fa8ed75829c197c','\'\'',NULL,220429),('2_Friday','16','10:00','17:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_fcfb08cac789cc071fa8ed75829c197c','\'\'',NULL,220430),('2_Friday','17','10:00','17:59','Y','BHV','','\'Biohacking Village CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_fcfb08cac789cc071fa8ed75829c197c','\'\'',NULL,220431),('2_Friday','11','11:00','11:45','N','BHV','','\'The Digital Physiome - How wearables can (and are) transforming healthcare\'','\'Jennifer Goldsack,Jessilyn Dunn\'','BHV_ee8a11f4d35e66f1432b34eaf42a7aa1','\'Title: The Digital Physiome - How wearables can (and are) transforming healthcare
\nWhen: Friday, Aug 6, 11:00 - 11:45 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\nSpeakers:Jennifer Goldsack,Jessilyn Dunn
\n
SpeakerBio:Jennifer Goldsack\n, CEO at the Digital Medicine Society (DiMe)
\nNo BIO available
\n
SpeakerBio:Jessilyn Dunn\n, â€‹Assistant Professor of Biomedical Engineering, Duke University
\nNo BIO available
\n\n
\nDescription:
\nOnly in the recent past have accurate and scalable methods for biometric monitoring and edge computing become possible, providing a unique opportunity to collect and analyze continuous physiologic measurements and enabling a new mechanistic understanding of acute and chronic diseases. We are focused on using digital health tools such as wearables and smart phones to uncover physiologic signatures of disease, which we refer to as digital biomarkers and that can serve as sentinels of disease onset. Overall, we aim to develop tools and infrastructure using digital health data for disease detection, monitoring, and intervention.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220432),('2_Friday','16','16:00','16:59','N','BHV','','\'No Aggregation Without Representation\'','\'Andrea Downing\'','BHV_ba20f1425b3612192e8696f2fb493bef','\'Title: No Aggregation Without Representation
\nWhen: Friday, Aug 6, 16:00 - 16:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Andrea Downing\n, Light Collective, Co-Founder
\nAndrea Downing is a BRCA Community Data Organizer and an ePatient security researcher. In 2018, Andrea discovered a security vulnerability (SICGRL) which affected the privacy and safety of all closed groups on Facebook and launched a congressional inquiry.
\nTwitter: @BraveBosom
\n\n
\nDescription:
\nAs we emerge from a pandemic and a year where we all became at risk of developing COVID, many of us have become patients and caregivers navigating a healthcare system under siege. With the rise in ransomware attacks on hospitals, disinformation campaigns from state actors on social media, and new biosecurity threats there has never been a greater need to develop capacity for a new kind of immune response to emerging threats in digital health. Representation matters. During this talk, BRCA mutant turned Security Researcher share how patient communities - namely \"the ePatient movement\" - holds potential to bring a new type of representation to the field of cybersecurity. ePatients with disabilities have superpowers to co-design and co-production of new technologies with fresh eyes - and to help us protect the emerging technologies that have the power to cure or kill.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220433),('2_Friday','13','13:30','14:30','N','BHV','','\'At least ten questions for â€œBad HIPPA Takesâ€ (@BadHIPPA), 2021â€™s best tweeter on privacy, pandemic, and snark.\'','\'Lucia Savage\'','BHV_cfb846a2e9b91980a9f9794b8164179a','\'Title: At least ten questions for â€œBad HIPPA Takesâ€ (@BadHIPPA), 2021â€™s best tweeter on privacy, pandemic, and snark.
\nWhen: Friday, Aug 6, 13:30 - 14:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Lucia Savage\n, 21st Century health care strategic expert
\nLucia is a nationally recognized expert on health information privacy. She was an architect of the foundational aspects of ONC\'s new interoperability rules. She believes in vaccine records.
\nTwitter: @savagelucia
\n\n
\nDescription:
\nFrom the start of the pandemic, through the election and the insurrection on the Capitol and on into the vaccine roll-out, the nationwide health privacy law, HIPAA, has gotten more famous and more misunderstood than ever. Out of this morass of politicization and polemic emerged â€œBad HIPPA Takesâ€ (@BadHIPPA), shining a light on the absurd, funny, sad and even accurate in a must-follow for anyone interested in privacy. In this session, weâ€™ll ask Bad HIPPA Takes some questions, check out their views based on the past year, and even see if they have any inkling about the future of privacy law in the U. S.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220434),('2_Friday','14','13:30','14:30','Y','BHV','','\'At least ten questions for â€œBad HIPPA Takesâ€ (@BadHIPPA), 2021â€™s best tweeter on privacy, pandemic, and snark.\'','\'Lucia Savage\'','BHV_cfb846a2e9b91980a9f9794b8164179a','\'\'',NULL,220435),('2_Friday','12','12:00','12:59','N','BHV','','\'The Next Critical Infrastructure: Understanding the Bioeconomy \'','\'Charles Fracchia,Nathan Case\'','BHV_53ea3c892fd70c04be6e135703741d2e','\'Title: The Next Critical Infrastructure: Understanding the Bioeconomy
\nWhen: Friday, Aug 6, 12:00 - 12:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\nSpeakers:Charles Fracchia,Nathan Case
\n
SpeakerBio:Charles Fracchia\n, Biomedical researcher for the digital age
\nNo BIO available
\n
SpeakerBio:Nathan Case\n
\nNo BIO available
\n\n
\nDescription:
\nWe will use a fictional -but highly realistic- biomanufacturing scenario and company to share with the audience how cybersecurity has become a critical component of biosecurity and public health. We will review the importance of biomanufacturing to the world\'s public health posture, in particular in light of the COVID19 pandemic and share how vulnerable digital technologies have become exploited vectors for global geopolitical moves.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220436),('4_Sunday','10','10:30','10:59','N','BHV','','\'Internet-of-Ingestible-Things Security by Design\'','\'Mariam Elgabry\'','BHV_4f0a762fa4c1f5d902ac2d6714c36998','\'Title: Internet-of-Ingestible-Things Security by Design
\nWhen: Sunday, Aug 8, 10:30 - 10:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Mariam Elgabry\n, Co-founder & Director of Enteromics
\nCo-founder and Director of Enteromics, a MedTech startup that builds smart pills for smart health. She has led award winning projects at AstraZeneca and Microsoft and her bio-crime research has been recognised by the UK Parliament Joint Committee on National Security.
\nTwitter: @MariamElgabry11
\n\n
\nDescription:
\nIn this talk I will share the outcomes of the very first Internet-of-Ingestible-Things workshop that brings cybersecurity experts and medical device regulatory bodies together to think about cyber-biosecurity at design stage of medical devices and to inform policy by delivering a set of principles for Security by Design.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220437),('3_Saturday','13','13:30','13:59','N','BHV','','\'Securing the Internet of Biological Things\'','\'Thom Dixon\'','BHV_673532ae53c07eabad533447435e1fe1','\'Title: Securing the Internet of Biological Things
\nWhen: Saturday, Aug 7, 13:30 - 13:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Thom Dixon\n, National Security & Defence, PhD student at Macquarie University
\nThom Dixon is Vice President for the Australian Institute of International Affairs NSW and the Manager, National Security and Defence at Macquarie University, Sydney, Australia.
\n\n
\nDescription:
\nThe coming age of robust two-way communication between living and non-living systems can simply be described as the Internet of Biological Things (IoBT). Interfacing optoelectronic systems with optogenetic-, bioelectrochemical- and biosensor-based information substrates will challenge key assumptions underpinning information security. A cyberbiosecurity mindset is needed to maximise the benefits and minimise the downsides of the pervasive, persistent and immersive information environment that arises from an IoBT world.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220438),('3_Saturday','10','10:00','10:59','N','BHV','','\'How to Not Miss The Point: Reflections on Race, Health, and Equity\'','\'Nia Johnson\'','BHV_7f8da2217d9db2c5f8c5dc5daf077494','\'Title: How to Not Miss The Point: Reflections on Race, Health, and Equity
\nWhen: Saturday, Aug 7, 10:00 - 10:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Nia Johnson\n, Bioethicist, Lawyer, and Harvard Health Policy Ph.D. student
\nNia Johnson is a bioethicist, a lawyer, and a Health Policy Ph.D. student at Harvard University, with a concentration in Political Analysis. She is originally from the Washington, D.C. Metropolitan area. Nia received her Bachelor of Arts in International Studies at Oakwood University, her Masters of Bioethics from the University of Pennsylvania, and her law degree from Boston University School of Law. Her research interests are at the intersection of health policy, race, bioethics, and the law. She is a writer for Crash Courseâ€™s forthcoming African-American History series, has lectured at multiple institutions such as Yale University and the International Bioethics Retreat. She ran and founded The Neighborhood Bioethicist - a bioethics blog geared towards millennials and Black Americans - and served as the Editor-in-Chief of the American Journal of Law and Medicine from 2018-2019. Her work has been featured in Hastings Law Journal, JAMA Health Forum, and the Journal of Urban Health. She loves mentoring young women, bouldering, and entertaining in her spare time. Her favorite quote is from Beyoncéâ€™s Diva â€“ â€œWhereâ€™s my ladies up in here that like to talk back?â€
\n\n
\nDescription:No Description available
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220439),('3_Saturday','10','10:00','17:59','N','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_4c29e163fb1dec800a87de624d00817c','\'Title: CTF: Hospital Under Siege (Pre-registration required)
\nWhen: Saturday, Aug 7, 10:00 - 17:59 PDT
\nWhere: Biohacking Village (CTF)
\n
\nDescription:No Description available
\n\'',NULL,220440),('3_Saturday','11','10:00','17:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_4c29e163fb1dec800a87de624d00817c','\'\'',NULL,220441),('3_Saturday','12','10:00','17:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_4c29e163fb1dec800a87de624d00817c','\'\'',NULL,220442),('3_Saturday','13','10:00','17:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_4c29e163fb1dec800a87de624d00817c','\'\'',NULL,220443),('3_Saturday','14','10:00','17:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_4c29e163fb1dec800a87de624d00817c','\'\'',NULL,220444),('3_Saturday','15','10:00','17:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_4c29e163fb1dec800a87de624d00817c','\'\'',NULL,220445),('3_Saturday','16','10:00','17:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_4c29e163fb1dec800a87de624d00817c','\'\'',NULL,220446),('3_Saturday','17','10:00','17:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_4c29e163fb1dec800a87de624d00817c','\'\'',NULL,220447),('2_Friday','15','15:00','15:30','N','BHV','','\'Truth, Trust, and Biodefense\'','\'Eric Perakslis\'','BHV_7e5e67756a59fbf0280d13903a68c93c','\'Title: Truth, Trust, and Biodefense
\nWhen: Friday, Aug 6, 15:00 - 15:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Eric Perakslis\n, Chief Science and Digital Officer, Duke Clinical Research Institute
\nEric Perakslis, PhD is the Chief Science and Digital Officer at the Duke Clinical Research Institute. He leads the strategic vision of digital research initiatives and technology affairs of the DCRI, provides oversight for the DCRIâ€™s Technology and Data Solutions, and serves as faculty lead for the DCRIâ€™s Health Services Research group. Dr. Perakslis transitioned to the DCRI from his role as a Rubenstein Fellow at Duke University, where his work focused on collaborative efforts in data science that spanned medicine, policy, engineering, computer science, information technology, and security. Immediately prior to his arrival at Duke, Dr. Perakslis served as Chief Scientific Advisor at Datavant, Lecturer in the Department of Biomedical Informatics at Harvard Medical School, and Strategic Innovation Advisor to Médecins Sans Frontières. Previously, Dr. Perakslis had senior leadership roles, including Senior Vice President and Head of the Takeda R&D Data Science Institute, Chief Information Officer and Chief Scientist (Informatics) at the U.S. Food and Drug Administration, and Senior Vice President of Research & Development Information Technology at Johnson & Johnson Pharmaceuticals. Throughout these roles, Dr. Perakslis created and led major transformations, bringing data, science, and technology together to advance the strategies of each of these organizations.
\n\n
\nDescription:
\nWe all hope for a truly â€œpost-COVIDâ€ world sooner rather than later, but that can only happen if we learn from the past and apply those lessons to our future. Our institutions and our people were unprepared for the harsh realities of the medical, scientific, economic and social demands that an emergency such as the COVID pandemic entails. Our national biodefense program had been steadily diminished while at the same time its focus was increasingly dedicated to human/terrorist threats over two decades. Our decentralized â€œpublic healthâ€ infrastructure was quickly shown to be simultaneously redundant and ineffective, and our national response was critically hampered by political agendas and rampant propaganda at the greatest scale ever witnessed in US history. Despite the tragic loss of more than 600,000 lives in the United States and millions worldwide, infectious disease experts know that it could have been much worseâ€”and would have been, if the pathogen had been even slightly more deadly than the SARS-CoV-2 virus proved to be. Can we imagine the outcome if the COVID mortality rate was far greater than the 1.8% seen in the United States? What if coronavirus infections carried the same mortality rate as infectious encephalitis (100%), Ebola Zaire (25%-90%), or even smallpox in unvaccinated populations (>65%)? In this talk, we will discuss the history and future of biodefense with a specific focus on data, technology, communications, and the rapidly deteriorating concept of â€œtruth.â€ Radicalization, misinformation, technology, the surveillance economy, information security, and personal privacy will all be discussed with an eye toward building back better, smarter, and more engaged institutions that are driven by better-prepared humans.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220448),('3_Saturday','11','11:00','11:59','N','BHV','','\'Chinese Military Bioweapons and Intimidation Operations: Part III\'','\'RedDragon\'','BHV_d59f69f30a46c767364add7aa3b4b49e','\'Title: Chinese Military Bioweapons and Intimidation Operations: Part III
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:RedDragon\n
\nNo BIO available
\n\n
\nDescription:
\nChinese Military Bio Weapons Future State is third in a three part series examining the Chinese military use of biological reagents in a kinetic capacity. The unrestricted warfare strategy outlined in the early 1990\'s clearly defines this Chinese military initiative. The supply chain, Program 863 and other supporting components of his strategy will be revealed.\nIt is TLP : RED\n
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220449),('4_Sunday','07','07:00','06:59','N','BHV','','\'Table Top Exercise - Biologia et Machina (Pre-registration Required)\'','\'\'','BHV_beb1e0575d6319a147ba82ad3b1d0547','\'Title: Table Top Exercise - Biologia et Machina (Pre-registration Required)
\nWhen: Sunday, Aug 8, 07:00 - 06:59 PDT
\nWhere: Biohacking Village (TTX)
\n
\nDescription:No Description available
\n\'',NULL,220450),('4_Sunday','10','10:00','10:30','N','BHV','','\'Cyber Defense Matrix in Healthcare \'','\'Sounil Yu\'','BHV_d7b4027bf15ad194f8de6c2bfe980c49','\'Title: Cyber Defense Matrix in Healthcare
\nWhen: Sunday, Aug 8, 10:00 - 10:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Sounil Yu\n, Cyber Strategist
\nSounil Yu is a security innovator with over 30 years of hands-on experience creating, breaking, and fixing computer and network systems. He is currently the CISO & Head of Research for the startup JupiterOne. Sounil created the Cyber Defense Matrix and the DIE Triad, which are reshaping approaches to cybersecurity. He\'s a Board Member of the FAIR Institute and SCVX; co-chairs Art into Science: A Conference on Defense; is a visiting fellow at GMU Scalia Law School\'s National Security Institute; teaches at Yeshiva University; and advises many startups. Sounil previously served as the CISO-in-Residence at YL Ventures and Chief Security Scientist at Bank of America, driving innovation to meet emerging security needs and develop alternative approaches to hard problems in security. Before Bank of America, he helped improve information security at several institutions spanning from Fortune 100 companies with three letters on the stock exchange to secretive three letter agencies that are not.
\n\n
\nDescription:
\nThe Cyber Defense Matrix helps us understand what we need organized through a logical construct so that when we go into the security vendor marketplace, we can quickly discern what products solve what problems and be informed on what is the core function of a given product. In addition, the Cyber Defense Matrix provides a mechanism to ensure that we have capabilities across the entire spectrum of options to help secure our environments.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220451),('4_Sunday','10','10:00','12:59','N','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_62264a13a62a5bde5f3a300ae1eb1487','\'Title: CTF: Hospital Under Siege (Pre-registration required)
\nWhen: Sunday, Aug 8, 10:00 - 12:59 PDT
\nWhere: Biohacking Village (CTF)
\n
\nDescription:No Description available
\n\'',NULL,220452),('4_Sunday','11','10:00','12:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_62264a13a62a5bde5f3a300ae1eb1487','\'\'',NULL,220453),('4_Sunday','12','10:00','12:59','Y','BHV','','\'CTF: Hospital Under Siege (Pre-registration required)\'','\'\'','BHV_62264a13a62a5bde5f3a300ae1eb1487','\'\'',NULL,220454),('2_Friday','15','15:30','15:59','N','BHV','','\'Healthcare Innovation With People of All Abilities\'','\'Joel Isaac,Pia Zaragoza\'','BHV_022e7daf9681de2388416d357fae144a','\'Title: Healthcare Innovation With People of All Abilities
\nWhen: Friday, Aug 6, 15:30 - 15:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\nSpeakers:Joel Isaac,Pia Zaragoza
\n
SpeakerBio:Joel Isaac\n
\nNo BIO available
\n
SpeakerBio:Pia Zaragoza\n, Presidential Innovation Fellow, #uxdesign, #civictech, #uxresearch, #accessibility
\nNo BIO available
\n\n
\nDescription:
\nThe World Bank reported in their 2020 Disability Inclusion report that there are one billion people or 15% of the worldâ€™s population that experience some form of disability. During this presentation, Joel Isaac and Pia Zaragoza will go over key concepts around disability inclusion, universal design and accessibility to spark ideas around healthcare innovation amongst the disability, medical manufacturers, regulators, cyber research, citizen science, and biohacker communities.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220455),('3_Saturday','12','12:30','13:30','N','BHV','','\'Cloud security for healthcare and life sciences\'','\'MIchelle Holko\'','BHV_1dd42e53ee8e7b45786e42a4bd0ef090','\'Title: Cloud security for healthcare and life sciences
\nWhen: Saturday, Aug 7, 12:30 - 13:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:MIchelle Holko\n, Innovating at the intersection of biology technology and security at Google
\nMichelle Holko is a PhD scientist in genomics and bioinformatics, working at the intersection of biology, technology, and security. She currently works with at Google with the healthcare and life sciences cloud team. Prior to joining Google, she was a White House Presidential Innovation Fellow.
\n\n
\nDescription:
\nCloud computing is increasingly used, across sectors, to scale data storage, compute, and services on demand. There are many recent examples of healthcare and life sciences cloud-based projects, including AnVIL for genomics data and the All of Us Research Program for precision medicine research. These cloud implementations include data and analytic workflows that pose added security concerns due to the sensitive nature of the information. This panel will discuss recent use cases highlighting best security practices for cloud computing in healthcare and life sciences.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220456),('3_Saturday','13','12:30','13:30','Y','BHV','','\'Cloud security for healthcare and life sciences\'','\'MIchelle Holko\'','BHV_1dd42e53ee8e7b45786e42a4bd0ef090','\'\'',NULL,220457),('3_Saturday','14','14:00','14:59','N','BHV','','\'The Real Story on Patching Medical Devices\'','\'Michael Murray\'','BHV_fbedf481b3eaa84139dd8f25d37618dd','\'Title: The Real Story on Patching Medical Devices
\nWhen: Saturday, Aug 7, 14:00 - 14:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Michael Murray\n, Founder / CEO Â· Chief Security Officer, Scope Security
\nMike Murray is the CEO of Scope Security where he builds on his nearly two decades of experience to solve critical security problems in healthcare. Prior to Scope, Murray served as the CSO at Lookout, lead pre-market security at GE Healthcare and co-founded The Hacker Academy & MAD Security.
\nTwitter: @mmurray
\n\n
\nDescription:
\nOne of the constant debates in the medical device sector is around patching of medical devices. While the FDA issues clear guidance that devices can and should be patched, some device manufacturers often claim that the FDA is the reason that they can\'t issue patches, and the hospitals and healthcare organizations using the devices are left confused and accepting risk that they can\'t manage. With this panel, we will have the conversation out in front of the Defcon audience. Panelists will include representation from the FDA, a product security leader from a device manufacturer and a healthcare CISO with the goal being for the entire Defcon Biohacking Village audience to come away understanding what the truth really is about whether they can patch their devices, and how the sector can continue to move this conversation forward.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220458),('2_Friday','09','09:30','10:30','N','BTV','','\'Yeet the leet with Osquery (Effective Threathunting Without Breaking Bank )\'','\'Sebastiaan Provost\'','BTV_c8c35fe98352fbef9eabaa5eb6793438','\'Title: Yeet the leet with Osquery (Effective Threathunting Without Breaking Bank )
\nWhen: Friday, Aug 6, 09:30 - 10:30 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Sebastiaan Provost\n
\nSebastiaan is the Lead Security Engineer at Beacon and has worked in information security for across both offensive and defensive domains. He specializes in protecting business critical assets by applying technology in creative ways and is particularly interested in Threat Hunting in Zero Trust Environments. In his free time, he enjoys the gym, he tries to hone his infosec knives, and tries to visit as many countries as possible. He has previously given talks at SHA2017 and BsidesNCL 2019.
\nTwitter: @Stekkz
\n\n
\nDescription:
\nEDR/MDR/XDR is touted as the panacea, a one-stop-shop of security. However, there is no certainty on how well those solutions protect us. Companies throw money at them because they get promised complete protection. EDR solutions, no matter how expensive, still miss common techniques and payloads. This talk will show the audience how they can use the power of OSQuery to add additional monitoring to their systems in addition to keeping their EDR solutions honest. The talk will focus on detections of common command & control (C2) frameworks using OSQuery in addition to EDR.\n

What will be learned throughout the talk:\n- What is Osquery
\n- How to detect potential IOCs with Osquery\n- How to detect C2 payloads with Osquery\n- How to detect reverse shells with Osquery\n- How to combine this with a good alerting setup for the chance of a quick intervention\n- Potential automation past the alerting\n

Description/Flow
\n1. Intro
\nI will introduce myself, talk about my background, what I do and what my motivation is for this talk. I will also explain what can be expected and give a quick overview of the journey that we will follow.\n2. Osquery & Why it was chosen
\nOsquery has been around for a few years now. It is a piece of software that allows you to describe anything related to a device with simple SQL commands that leverage a relational data-model. A short intro will be given about what it actually does, what its capabilities are, who is behind it, and what it can be used for. This will be followed up by a list of examples to show the power of osquery, to give the audience an initial view on how far you can go with it. Lastly, I will use a few examples that will show how you can use the power of osquery to detect potential IOCs.\n

Payloads and Reverse Shells
\nC2 Payloads
\nIn this part I will take the audience on a journey of hunting for C2 payloads & processes. I will go over a few off-the-shelf C2 frameworks that can be found on Github, what kind of payloads they provide and how easy/difficult it is to set them up. From there I will show the audience how we can catch the payloads/processes of these C2 frameworks with a few SQL queries in Osquery.\nReverse Shells
\nIn this part I will guide the audience through a series of examples on how reverse shells can be launched and how their connections can be detected. From there I will show the audience how we can catch those connections and reverse shells with a few simple SQL queries.\nAlerting
\nAfter Iâ€™ve shown the audience what the capabilities are of Osquery, how you can use it to hunt for C2 payloads/processes and for reverse shells, I will guide them on how this can be combined with alerting so analysts can react quickly if something has been found by Osquery. I will use both Splunk and Elasticsearch as an example on how this alerting can look like and will speak a little bit on how we can automate this even more with SOAR platforms.\nSitrep
\nDuring the sitrep, I will talk briefly about the technologies weâ€™ve encountered. I will also give a brief overview of the things weâ€™ve learned looking back and how this can be extended even more looking forward.\nThe end
\nThis is the part where I would like to thank everyone for listening in and I will happily answer any question that comes my way!\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220459),('2_Friday','10','09:30','10:30','Y','BTV','','\'Yeet the leet with Osquery (Effective Threathunting Without Breaking Bank )\'','\'Sebastiaan Provost\'','BTV_c8c35fe98352fbef9eabaa5eb6793438','\'\'',NULL,220460),('2_Friday','10','10:45','11:45','N','BTV','','\'Velociraptor - Dig Deeper\'','\'Mike Cohen\'','BTV_4627930ba9128e5884b8db50fba5be0a','\'Title: Velociraptor - Dig Deeper
\nWhen: Friday, Aug 6, 10:45 - 11:45 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Mike Cohen\n
\nDr. Mike Cohen has over 20 years of experience in applying and developing novel incident response and digital forensics tools and techniques. He has previously worked in the Australian Department of Defence as an information security specialist, at the Australian Federal Police specialising in digital forensics, network and memory forensics, and spent 8 years in Google developing tools such as GRR and Rekall. In 2018, Mike founded the Velociraptor project, an advanced open source DFIR framework. Mike has recently joined Rapid7 to promote and further develop Velociraptor into a fully featured enterprise DFIR toolkit.\n
\nTwitter: @velocidex
\n\n
\nDescription:
\nThe recent increase in network compromises and sophistication of attackers has underscored the need to rapidly identify and remediate attacks at a large scale across the enterprise. Having the ability to rapidly collect, detect and remediate across a network is a game changer for any Digital Forensics and Incident Response (DFIR) team. It provides unprecedented visibility into the state of the endpoint and the ability to tailor responses as the investigation evolves. Having this capability in an open-source tool that allows for truly surgical collection â€“ at speed, at scale and free â€“ is a triple bonus.\n

Velociraptor is fast becoming the standard DFIR tool for hunting at scale. Featuring a powerful query language called VQL, allowing for rapidly adapting to fluid DFIR introsions, Velociraptor places unprecedented reach, flexibility and power in the hands of responders.\n

Unlike more traditional remote forensic tools which collect large amounts of raw data for offline processing, VQL allows defenders to perform analysis directly on the endpoint. This new approach allows defenders to collect only high value, tactical information to affect their response, and leverage current state of the art digital forensic analysis techniques into detection.\n

This talk will provide some examples of Velociraptor\'s use in typical DFIR scenarios, such as compromise assessment, wide spread remediation and rapid response. Specifically, we examine the process of going from a detection idea, writing the VQL to detect it and then hunting a large network (10k+ hosts) to identify the compromised hosts in minutes. Finally we illustrate how these custom detections can be elevated to real time monitoring rules (also implemented by VQL) to allow the endpoint to autonomously detect future compromises even while being offline!\n

Velociraptor is the open source DFIR tool the industry has been crying out for - making large scale DFIR fast, efficient and surgical!\n

Presentation outline\n

Problem statement
\nHave you ever tried to hunt a large network to quickly identify and remediate an ongoing attack on your network? You probably found that traditional DFIR techniques, such as parsing the ntfs filesystem for evidence of deleted files, parsing prefetch files for evidence of past program execution or yara scanning large numbers of files simply do not scale to many thousands of endpoints.\n

Introducing Velociraptor - deployment architecture and overview\nThis talk introduces the new standard in opensource DFIR investigations - Velociraptor. This tool simplifies and streamlines many of the common tasks in traditional DFIR investigation - dealing efficiently with scale.\n

Example of simple - pre packaged detections - 1 -2 slides\nWould you like to hunt executions of lolbins (living off the land binaries) within a certain time window and in short succession? No problem - Velociraptor can query all your endpoints and will answer within minutes.\n

What makes this work? VQL introduction
\nVelociraptor is driven by a unique query language called VQL. This language underpins all Velociraptor\'s features and allows users to customize their investigations by applying VQL to both control Velociraptor and to adapt to detecting new adversary tools and techniques.\n

The real game changer with Velociraptor is enabling defenders to go from a blog post, or some research about a new vulnerability or attack technique to a high quality detection, and then proceed to hunt across a vast network in minutes.\n

Case studies walk through (each case about 10 min)\nThis talk will walk though some of these examples (specific examples may change/revise before the talk):\n

Scan the NTFS USN journal for webshell install activity within the past days\nBuild a dynamic file parser in VQL for a new file format just presented by a blog post (e.g. powershell readline history file https://0xdf.gitlab.io/2018/11/08/powershell-history-file.html or a similar example)\n

The talk will go through the process of building a query from scratch - reading public information about a detection technique, writing some VQL to identify the IOC on a compromised system, then running a hunt on 10k+ machines to identify the compromised hosts. All this will be done using open source tools and freely available resources!\n

Post hunt analysis - post processing with VQL\nWe then tour the Velociraptor GUI and see how to quickly examine the compromised endpoints for further triage and remediation. We can interactively collect files, registry keys and raw NTFS artifacts directly through a familiar GUI.\n

VQL event monitoring - unique on host detection (2-3 slides)\nFinally we discuss VQL\'s unique real time monitoring capabilities. Unlike other query languages in endpoint tools, the VQL query does not need to have a finite run time. Instead it is possible to write a query which monitors for new events permanently. These \"Event Monitoring Queries\" can be used to build real time detections for future events.\n

This novel approach really changes the current state of the art in detection and response. Currently, EDR tools forward events from the endpoint to a central SIEM with backend automated detections raising escalations for operators to manually go back and try to collect additional information from the endpoint or remediate it. This leads to long OODA loop times and increases the time between compromise and response.\n

VQL event monitoring queries are powerful queries that bring the response to the end point. Once installed, the query codes a \"response plan\" whereby the endpoint already knows what to do if a certain condition is met, even if the endpoint is offline! We term this an autonomous response plan.\n

Follow through to implement the above examples as monitoring queries (2 slides per example)\nIn the talk, we will follow through some of these examples into the next logical step, which is to deploy event monitoring queries on all endpoints to prevent future compromise. That is, we go from a detection query that tells us when run if the EP is compromised to an event query that will automatically respond in the future when the EP becomes compromised with the same vector! This is unprecedented!\n

Conclusion and call to action
\nVelociraptor is an open source DFIR tool bursting on the scene in 2019 (we initially presented it at the SANS 2019 DFIR summit) but since then, there have been many features added and the tool is now quickly becoming the standard DFIR tool to use for triage, detection and remediation.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220461),('2_Friday','11','10:45','11:45','Y','BTV','','\'Velociraptor - Dig Deeper\'','\'Mike Cohen\'','BTV_4627930ba9128e5884b8db50fba5be0a','\'\'',NULL,220462),('2_Friday','12','12:00','12:30','N','BTV','','\'This is what we thought would happen in 2021\'','\'Gert-Jan Bruggink\'','BTV_84d8fe64d22c74c0e6a450f31466931a','\'Title: This is what we thought would happen in 2021
\nWhen: Friday, Aug 6, 12:00 - 12:30 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Gert-Jan Bruggink\n
\nGert-Jan (GJ) Bruggink is a cyber threat intelligence leader, specialized in understanding adversary tradecraft and thereby helping leaders make more informed decisions. GJ has extensive experience at the crossing of offense, defence & strategic risk management and spend the last 10+ years specializing on providing leaders actionable threat intelligence products and building secure organizations. GJ previously co-founded and delivered defensive services at FalconForce, led the Dutch cyber threat intelligence team at a Big Four accounting firm and delived security services at a security integrator.\n
\nTwitter: @gertjanbruggink
\n\n
\nDescription:
\nAt the beginning of each year, companies share lessons learned and forecasts on what (cyber) threats are expected in the next 12 months. The reality is that a lot of teams and companies publish about this and you probably did not read all these articles or reports.\n

This talk explores the results of a meta-analysis on threat forecasting, based on open-source reports and articles. As a defender you constantly balance between pushing Jira tickets and looking ahead. By giving you a TLDR, defenders have context into what needs to be prioritised next to the daily operations.\n

This talk explores the concept of forecasting to help your cyber security program. Following concepts introduced in the book â€˜Superforecasting: the art and science of predictionâ€™ (Tetlock, Gardner), the average of multiple forecasts is usually the most accurate.\n

In preparation to this talk, all publicly available research released in Jan-April 2021 from companies on their expectations for 2021â€™ threat landscape has been analysed. This exercise resulted into a prioritised list of topics expected for 2021. This list is also actively tracked, to monitor if events already occurred and topics are more/less relevant. By giving you the TLDR, defenders have more context into what needs to be prioritised - next to the daily operations.\n

As a defender, there is always the constant balance where to focus your precious time. There is great value in looking ahead, yet this is hard when constantly pivoting between Jira tickets. Forecasting is just one way to look ahead and prepare yourself and your teams.\n

The objective of this talk is to provide defenders access to a larger narrative around cyber threats to support both business and senior stakeholderâ€™s decision making. Providing more situational awareness. As a defender you constantly balance between pushing Jira tickets and looking ahead. This session supports keeping that balance.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220463),('2_Friday','13','13:30','13:59','N','BTV','','\'Forensicating Endpoint Artifacts in the World of Cloud Storage Services\'','\'Renzon Cruz\'','BTV_0b3fc5dbc2ba8fab4b845b7e20922440','\'Title: Forensicating Endpoint Artifacts in the World of Cloud Storage Services
\nWhen: Friday, Aug 6, 13:30 - 13:59 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Renzon Cruz\n
\nRenzon Cruz, a Filipino security professional living in Dubai who works as Digital Forensics & Incident Response in a company based in UK. He previously worked as Sr. Security Consultant as part of a National Cyber Security Agency in Qatar. He was also accepted to various international conferences as a speaker such as BSides Vancouver (2019), BSides London (2019), BSides Doha (2020), and ROOTCON Hacking Conference (2020). He is also co-founder and instructor of GuideM, a real-world cybersecurity training center based in the Philippines. He\'s mainly interested in defensive strategy, threat hunting, DFIR, malware analysis, & adversary simulation.
\nTwitter: @r3nzsec
\n\n
\nDescription:
\nIn this presentation, I will discuss the key forensic artifacts that can be used whenever DFIR professionals encounter cloud storage services into the host such as OneDrive, GoogleDrive, Box and Dropbox. These are all essentials especially when the attacker or insider threat leverage these services to exfiltrate data. I will also show how to perform data acquisition to get these artifacts in forensically sound manner.\n

Today we are embracing the benefits and advantages of having cloud storage in most environments especially now when everyone is working work from home and data transmits from one place to another by the use of cloud storage services such as one drive, box, dropbox & google drive. There are a couple of artifacts on the endpoint side that gives us the ability to see the bigger picture when these cloud services are being used to perform data exfiltration and any malicious actions. In short, cloud storage data can be more accessible on the local device and can contain files and metadata distinctly different than the current cloud repository. I\'m going to show how to perform data acquisition on these cloud storage applications installed in endpoint and what are those metadata and evidence that we can extract from the forensics standpoint.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220464),('2_Friday','14','14:15','15:15','N','BTV','','\'Adventures in Pro Bono Digital Forensics Work\'','\'John Bambenek\'','BTV_ae2484cfc647d9291a075d23d4ea75df','\'Title: Adventures in Pro Bono Digital Forensics Work
\nWhen: Friday, Aug 6, 14:15 - 15:15 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:John Bambenek\n
\nJohn Bambenek is President of Bambenek Labs, a threat intelligence firm, and a PhD student studying cyber security machine learning at the University of Illinois at Urbana-Champaign. He has 20 years experience investigating cyber crime and has participated in large investigations in ransomware, the 2016 election-related hacking, and extremist fundraising in cryptocurrency.\n
\nTwitter: @bambenek
\n\n
\nDescription:
\nMost of DFIR work never makes it to a courtroom and even when it does it is often unchallenged. This talk will cover cases of doing pro bono digital forensics for public defenders and journalists and the shoddy work that often passes for science.\n

One of the major problems with our justice system is how the power dynamics work when one side of a legal dispute has resources and the other does not. This plays out in digital forensics too. Most of our work never ends up in court and is rarely challenged. While most of us are honest, there is far more work that needs to be done and not enough qualified people doing it. In short, not every analyst is qualified or experienced but their testimony is accepted unquestioned.\n

This talk will cover cases that were performed pro bono for clients who would not normally have access to an expert to challenge the governmentâ€™s experts. Cautionary tales of bad analysis will be shown to emphasize the importance of sound forensic techniques and the risks of sloppy work.\n

The talk will end with a call to action for more professionals to contribute their time on similar pro bono efforts.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220465),('2_Friday','15','14:15','15:15','Y','BTV','','\'Adventures in Pro Bono Digital Forensics Work\'','\'John Bambenek\'','BTV_ae2484cfc647d9291a075d23d4ea75df','\'\'',NULL,220466),('2_Friday','15','15:30','16:30','N','BTV','','\'Uncovering covert network behaviors within critical infrastructure environments\'','\'Michael Raggo,Chester Hosmer\'','BTV_04f77ee2d27e4f11d0f1f6a596e8d907','\'Title: Uncovering covert network behaviors within critical infrastructure environments
\nWhen: Friday, Aug 6, 15:30 - 16:30 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\nSpeakers:Michael Raggo,Chester Hosmer
\n
SpeakerBio:Michael Raggo\n
\nMichael Raggo has over 20 years of security research experience. His current research focuses on Cloud security. His research has been highlighted on televisionâ€™s CNN Tech, and numerous media publications including TIME, Forbes, Bloomberg, Dark Reading, TechCrunch, TechTarget, The Register, and countless others. Michael is the author of â€œMobile Data Loss: Threats & Countermeasuresâ€ and â€œData Hidingâ€ for Syngress Books, and is a contributing author for â€œInformation Security the Complete Reference 2nd Editionâ€. His Data Hiding book is also included at the NSAâ€™s National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI and Pentagon; and is a former participating member of the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, RSA, OWASP, HackCon, and SANS. He was also awarded the Pentagonâ€™s Certificate of Appreciation.\n
\nTwitter: @datahiding
\n
SpeakerBio:Chester Hosmer\n
\nNo BIO available
\n\n
\nDescription:
\nWeâ€™ll explore vulnerabilities weâ€™ve discovered in our IoT, IIoT, and ICS research to reveal the systemic problems that exist as a result of the fragmented supply chain, inconsistent configurations, and overall poor security standards found across the critical networks and devices. We\'ll then show how we have applied discoveries of these aberrant behaviors to ML algorithms to uncover the risky and potentially very damaging covert channels communicating with the outside world and the types of data being harvested along with the new attack surfaces that they offer.\n

Through the evolution of IoT, IIoT, and ICS networks weâ€™ve been uncovering new risks and vulnerabilities. Most of these risks and vulnerabilities are so unpredictable when considering the fragmented supply chain of hardware, operating systems, and software; making signature-based and operating system-centric security solutions inadequate.\n

Leveraging the Active Cyber Defense framework and combining that with our homegrown ML, weâ€™ve created our own approach to detecting aberrant network behavior through passive network monitoring to discover covert communications, rogue devices, emerging threats, and more. The analysis of protocols, device behavior, and network activity within these environments is critical and can aid investigators when responding to incidents that have national impacts. (For example, the recent Colonial Pipeline Ransomware Attack, and the Oldsmar Florida water poisoning attempt).\n

Weâ€™ll explore many vulnerabilities weâ€™ve discovered in our IoT, IIoT, and ICS research to reveal the systemic problems that exist as a result of the fragmented supply chain, inconsistent configurations, and overall poor security standards found across the critical networks and devices. We will build upon our previous real-world examples and current threat research within this presentation and show how we have applied the discoveries of these aberrant behaviors to machine learning algorithms to uncover the risky and potentially very damaging covert channels communicating with the outside world and the types of data that is being harvested along with the new attack surfaces that they offer.\n

The combined lecture and demonstration will take a deep dive into the early identification of network activities that map to each stage of the cyber kill chain. Weâ€™ll also demo our open source and free Modbus TCP pcap analysis tool to identify malicious behaviors within ICS environments.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220467),('2_Friday','16','15:30','16:30','Y','BTV','','\'Uncovering covert network behaviors within critical infrastructure environments\'','\'Michael Raggo,Chester Hosmer\'','BTV_04f77ee2d27e4f11d0f1f6a596e8d907','\'\'',NULL,220468),('2_Friday','16','16:45','17:15','N','BTV','','\'A SERVERLESS SIEM: DETECTING ALL BADDIES ON A BUDGET\'','\'Chen Cao\'','BTV_d815ef3ee2ed00a9d46a2ccee1661d21','\'Title: A SERVERLESS SIEM: DETECTING ALL BADDIES ON A BUDGET
\nWhen: Friday, Aug 6, 16:45 - 17:15 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Chen Cao\n
\nA security engineer at Cloudflare focuses on Detection and Response. Chen holds a Master of Science degree in Security Informatics from Johns Hopkins University and has been in the security industry for about 4 years now. He enjoys sharing & learning good practices in the industry and currently working on finding a reliable, scalable and cheap way for log collection and alerting.\n
\nTwitter: @chencao_cc
\n\n
\nDescription:
\nCommercial SIEMs are expensive, inflexible and risk a vendor lock-in. At Cloudflare, we built a SIEM using a Serverless architecture that provides scalability and flexibility to perform various Detection and Response functions. We will discuss this architecture and how it can be built upon to solve many Security problems, in a true pay-as-you-use model after 2 years of use handling Cloudflareâ€™s data.\n

A SIEM is pivotal to a Threat Detection and Incident Response function. But, commercial SIEMs are expensive both in terms of cost of usage and maintenance, and risk a vendor lock-in. At Cloudflare, we build a SIEM to manage logs from 200+ data centers, 2000s endpoints and our corporate networks. The SIEM is built using a Serverless architecture in GCP that scales up and down based on usage, for a true pay-as-you-go model. It provides multiple data processing and analyzing paradigms that enable various D&R workflows. In this talk, we will discuss the motivation, constraints and the SIEM architecture. Weâ€™ll also dive into our logging pipeline, detection, automation and notification workflows using this SIEM.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220469),('2_Friday','17','16:45','17:15','Y','BTV','','\'A SERVERLESS SIEM: DETECTING ALL BADDIES ON A BUDGET\'','\'Chen Cao\'','BTV_d815ef3ee2ed00a9d46a2ccee1661d21','\'\'',NULL,220470),('2_Friday','17','17:30','17:59','N','BTV','','\'Scope X: Hunt in the Ocean!\'','\'Meisam Eslahi\'','BTV_b02944883099501f8518a2800fffc4f3','\'Title: Scope X: Hunt in the Ocean!
\nWhen: Friday, Aug 6, 17:30 - 17:59 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Meisam Eslahi\n
\nMeisam is a technical cybersecurity practitioner with solid expertise in providing strategies and technical directions, building new service/business lines, diverse teams, and capabilities. He has over 19 years of experience in information technology, with 15 years dedicated to cybersecurity in leadership and technical roles leading, managing, and delivering a wide range of cybersecurity services to multi-national clients - mainly in the banking, financial, healthcare, and telecom sectors.\n
\nTwitter: @drmeisam_
\n\n
\nDescription:
\nAlmost every cybersecurity services begin with defining a scope to be assessed. There is nothing wrong with scoping unless it is all about what we know. Attackers walk into our network from the entry points that we may not even know about them. This is not an \"out of the scope\" concept as these entry points are entirely unknown; Let\'s call it \"Scope X.\" One of the mysterious examples of Scope X is subdomains; this presentation will not talk about techniques to enumerate them as uncle Google provides tons of tutorials. Instead, we discuss threat hunting on discovered subdomains.\n

This talk defines scope x and its importance in threat hunting by using subdomains as a perfect example. Exploring subdomains may help red teamers look for more sensitive information, forgotten vulnerabilities, and obsolete technologies that could provide additional attack surfaces.\n

On the other hand, the blue teamers should proactively discover the subdomains, identify the different types of risks and address them. Assume we retrieved a large number of subdomains; what would be the next step?\n

â€¢ Data Validation: When we have a bulk number of subdomains in hands, the first step is to determine which one is really UP to reduce false findings.\n

â€¢ Data classification and reduction: We may face tons of subdomains containing sensitive information, precisely like hunting fishes in an ocean! Before we jump into the analysis phase, we could separate and organize collected data into different groups based on desired parameters or filter out unwanted data to narrow down the hunting scope.\n

â€¢ Say cheese and Take a Picture! Without a doubt navigating the subdomains one by one is not an option! One of the common practices is taking the screenshots in bulk, checking and shortlisting them if we found something interesting. But how do that?\n

â€¢ Keyword Style! Each subdomain page source may contain information that helps us to look for a different type of risk. How fast can we search for specific data in a large volume of subdomains? By the way, what to look for?\n

â€¢ Threats lucky draw: There may be different types of technical and business security risks. How to analyze our data, identify risks, and categorize them?\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220471),('3_Saturday','09','09:00','09:15','N','BTV','','\'I know who has access to my cloud, do you?\'','\'Igal Flegmann\'','BTV_b9de6e0c350b52c0f550218a8bd86fbc','\'Title: I know who has access to my cloud, do you?
\nWhen: Saturday, Aug 7, 09:00 - 09:15 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Igal Flegmann\n
\nIgal started his career in Microsoftâ€™s Azure Security team creating and managing identity services for Azureâ€™s secure production tenants. During his time at Azure Security, Igal had the opportunity to create and manage PKI services, Identity Management products, tools for migrating running services across Azure tenants, and created products for password-less bootstrap to new domains. After a successful career in Azure Security, Igal transferred teams to work in Azureâ€™s ASCII (Azure Special Capabilities, Infrastructure, and Innovation) team, where he used his identity and security expertise to design and create security services to protect the critical infrastructure devices of the world.\n

\nTwitter: @igal_fs
\n\n
\nDescription:
\nIn this talk, we will talk about the importance of monitoring your Azure RBAC and we will introduce SubWatcher our newly released open-source tool that we use internally to compliment Azure security tools and scan our subscriptions to make sure our systems are not being accessed by bad actors. Canâ€™t wait to see where the community takes this amazing tool!\n

When comparing security reviews with red team findings, I always found that security reviews are based on what they think their system looks like and not how it actually is. Is the SSH port really closed? Or did I forget to close it the last time I was debugging something? Wait who added this identity as owner of the resources and when?!\n

Azure Security Center provides us with some great tools to check some of these errors. For example, from the two examples above it will alert on the SSH port being left open but it would not alert on some new person being added to your production subscription.\n

The Solution? SubWatcher our internal tool that it was too good to keep in-house and not share it with the world. SubWatches is an open-source tool that monitors your Azure Subscription ACLs and will alert you if they changed based on the baseline you have created.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220472),('3_Saturday','10','10:15','11:15','N','BTV','','\'Use DNS to detect your domains are abused for phishing\'','\'Karl Lovink a.k.a. Cyb0rg42,Arnold Holzel\'','BTV_3ddb7371ac87df6dfcba6297ba6cba12','\'Title: Use DNS to detect your domains are abused for phishing
\nWhen: Saturday, Aug 7, 10:15 - 11:15 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\nSpeakers:Karl Lovink a.k.a. Cyb0rg42,Arnold Holzel
\n
SpeakerBio:Karl Lovink a.k.a. Cyb0rg42\n
\nJarl is the Technical Lead of the Security Operations Center of the Dutch Tax and Customs Administration. He must ensure that the security analysts of the SOC can do their job well in the technical field. Besides, he is responsible, among other things, for strengthening the network of governments and companies, so that the right information is quickly available in the event of threats and incidents. Karl obtained the title Master of Security in Information Technology (MSIT) at Eindhoven University of Technology. He loves biohacking technology and has seven RFID / NFC chips implanted in his body, including a credit card.
\nTwitter: @cyb0rg42
\n
SpeakerBio:Arnold Holzel\n
\nNo BIO available
\n\n
\nDescription:
\nAs a high-profile public-sector organization, the Dutch Tax and Customs Administration deals with criminals claiming to be representatives of the organization and contacting the public with phishing e-mails every day. By using Splunk and RFCâ€™s like, RFC7208 â€“ Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, we have developed a technique to identify phishing attacks that are carried out under the disguise of the Dutch Tax and Customs Administration.\n

We start with a short introduction to protocols available to secure e-mail. Securing e-mail means making it more difficult to intercept e-mails in transport and perform phishing attacks. After that, we present some real-life phishing examples pointing to how finding the phishers would have been much easier. The same applies to the Notice and Take Downs for the phishing sites. We continue by introducing the secure e-mail standards like STARTTLS, Sender Policy Framework (SPF), Domain Identified Keys (DKIM), Domain-based Message Authentication, Reporting and Conformance (DMARC), SMTP Security via Opportunistic DNS-Based Authentication of Named Entities (DANE), SMTP Mail Transfer Agent Strict Transport Security (MTA-STS) on which the technique detecting phishing attacks is based on. Here we present how all secure e-mail protocols work together to be able to monitor e-mail traffic for potential phishing attacks. You can get information about the senders\' e-mail address, senderâ€™s MTA and the recipientâ€™s MTA. Both the receiving and the sending MTAs are not located within your infrastructure. Passive DNS intelligence and Shodan are used for the enrichment of the IP addresses. We have implemented these techniques in Splunk, including various dashboards, searches, and lookups. But the implementation can be done in either which log management system, for instance, ElasticSearch. Also, a wizard has been created to facilitate the generation of the TXT records for your DNS zone file. The implementation we have created in Splunk is downloadable from GitHub for free. The Splunk App contains all necessary dashboards, searches, lookups to get a quick start. Also, a wizard is included to create the DNS TXT records, which can be complicated. In principle, an e-mail track-and-trace system has been built using Splunk and DNS logs.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220473),('3_Saturday','11','10:15','11:15','Y','BTV','','\'Use DNS to detect your domains are abused for phishing\'','\'Karl Lovink a.k.a. Cyb0rg42,Arnold Holzel\'','BTV_3ddb7371ac87df6dfcba6297ba6cba12','\'\'',NULL,220474),('3_Saturday','11','11:30','11:59','N','BTV','','\'What Machine Learning Can and Can\'t Do for Security\'','\'Wendy Edwards\'','BTV_b0f876951f8ce219b4328ba90f239271','\'Title: What Machine Learning Can and Can\'t Do for Security
\nWhen: Saturday, Aug 7, 11:30 - 11:59 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Wendy Edwards\n
\nWendy is a software developer interested in the intersection of cybersecurity and data science. Sheâ€™s involved in the NASA Datanauts program and participated in the SANS Womenâ€™s Academy, earning GIAC GSEC, GCIH, and GCIA certifications. She has masters degrees in computer science and library and information science from the University of Illinois. She has spoken at Summercon, BSides Chicago, The Diana Initiative, Hackfest Canada, Circle City Con, and DEFCON Ethics Village. In her spare time, she enjoys Scrabble and swimming and has a lively flat-coated retriever named Ciaran.
\nTwitter: @wayward710
\n\n
\nDescription:
\nWhat can machine learning do for security? A number of things. One major challenge is determining whatâ€™s normal and whatâ€™s malicious. Machine learning can help with this. For example, ML techniques are used in spam filtering scan email. Machine learning is also being applied to other areas like network traffic monitoring and malware analysis and has potential to detect zero days exploits.\nHowever, machine learning isn\'t magic. We discuss some of the limitations of machine learning, and how problems like false positives can be mitigated.\n

Most of us have heard vendors promoting products that use \"machine learning.\" But what does that mean? This is a general introduction to machine learning concepts and a discussion of applications to security. We begin by talking about commonly used terminology â€“ what are artificial intelligence, neural networks, machine learning, and deep learning? How do they work?\n

What can machine learning do for security? A number of things. One major challenge is determining whatâ€™s normal and whatâ€™s malicious. Machine learning can help with this. For example, ML techniques are used in spam filtering scan email. Large email providers, e.g., Google and Yahoo, have intelligent systems that can create new spam filtering rules based on automated learning.\n

Machine learning is also being applied to other areas like network traffic monitoring and malware analysis. Traditional network intrusion detection (NIDS) and malware identification involve rules and signatures, where behavior associated with known threats is identified. But what about new threats, such as zero-day exploits? Anomaly-based detection compares traffic to normal behavior, and has the potential to detect previously unknown attacks with no established signature. We present some examples of freely available machine learning software and walk through some simple use cases.\n

However, machine learning isn\'t magic, and it has its limitations. The quality of the training data significantly affects the quality of the results, and training data needs to be updated to reflect changes in relationships and new data points. False positives can consume a lot of analysts\' time and lead to alert fatigue. We discuss some techniques, e.g. cross-domain correlation, to reduce the number of false positives.\n

What is \"machine learning?\" * Definition * How does it work? * What is a neural network? * Common machine learning terminology explained\n* Supervised vs unsupervised learning * Different kinds of machine learning * Examples of machine learning and security\nClassification problem * Whatâ€™s normal? Whatâ€™s malicious?\n* Example: spam filtering
\n* Example: network traffic analysis * Traditional NIDS involves rules/signatures * Anomaly detection NIDS (ADNIDS) compares traffic to normal patterns\n* Example: Behavior-based Malware Analysis * Common AV malware detection involves signatures (patterns related to known behavior) * What about zero-day exploits or malware that can morph?\nAttack behaviors are different from normal behaviors * Unusual system calls * Writing stolen data to files, registry manipulation, etc * Unusual network traffic (e.g. command and control) * Destinations (lots of unexplained traffic to a particular destination) * Payloads (C&C traffic likely has similar structure) * Software currently using machine learning for security * Examples: spam filters, Splunk\nLimitations of machine learning * Training data * False positives / alert fatigue * Mitigating false positives\nFuture directions in machine learning and security\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220475),('3_Saturday','12','12:15','12:45','N','BTV','','\'How do you ALL THE CLOUDS?\'','\'henry\'','BTV_ba87141e044c45ac22021d6a124fb445','\'Title: How do you ALL THE CLOUDS?
\nWhen: Saturday, Aug 7, 12:15 - 12:45 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:henry\n
\nAs a security {engineer | data scientist}, Henry operates as an information/data security architect, previously as a security consultant and developer in the industry. In his current role, he interfaces with internal business partners in providing architectural guidance and aligning the business with best practices and building countless tools and automation for the benefit of IT and security personnel alike. He has learned the hard and fun way that learning itself shouldnâ€™t be considered a chore or a negative, but an opportunity to be able to be more effective and adaptive with the ever-changing needs of the business.
\nTwitter: @Bazinga73
\n\n
\nDescription:
\nIf you think I\'m shouting something about security strategy for a multi-cloud environment...it\'s because I AM. Secure your dangling DNS records. Your object storage is showing. I can see your compute workload from here. Get your security groups straight. Have you seen the laundry list of accounts no one has performed nary an IAM credential analysis? Are your analytic processes hamstrung and kludgey from, you know, being cloudy? Don\'t know to even assess your options? Let\'s talk about how to evaluate cloud security tools and the considerations you need to make for your enterprise.\n

By now, every company should not only be aware of the cloud but actively using it to some degreeâ€”whether run by your IT department or, unofficially, by your engineering teams and sales organizations itching to invite a script kiddie to pluck your precious intellectual propertyâ€”I mean, POC and strut their stuff that they can take their security and IT matters into their own hands.\n

Either way, you need a strategy or a clue. One is good. Both are better. Tying them together is best.\n

In this talk, I\'ll cover a number of random things. The generic reasons why many teams want to use cloud accounts. The common gotchas that may improve or disrupt your obviously super awesome demo for your customer, boss, team. Or just to actually do real work and expand your organization\'s compute demand en masse.\n

The focus will be addressing the technical gotchas in managing, monitoring, and assessing the security needs against the \"business\" needs for your organization: engineering, IT, and compliance. Operationally, you\'ll hit a breaking point. Too many users, too many accounts, too many workloads hammering your cloud interface. I\'ll focus primarily on AWS but also generically cover the other major Cloud Service Provider flavors, as, in the end, it\'s all the same: your org may have gotten wind that there are other cloud accounts and they just wanted to play with ALL OF THEM. How do you corral these little beasts? Tools. Technology. Processes.\n

I\'ll focus on open source tools like Prowler and ScoutSuite, touch some for closed source, but you\'ll still need to understand how to operationally point, aim, and fire to make it scale for you. In my experience, there\'s a certain level of \"je ne sais quoi\" element to getting to a comfortable level in overseeing the management of all these cloud accounts. I\'ll probably spend the balance of the time critiquing each tool in the end and present pros/cons and likely scenarios for you/your team/your org\'s maturity here to help you to drive your choice. Who knows, maybe I\'ll talk about my own open-source spin on things!\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220476),('3_Saturday','13','13:45','14:15','N','BTV','','\'Leveraging NGFWs for Threat Hunting\'','\'Drimacus\'','BTV_6008d51aafd22a94b821fc28e3ecd5b3','\'Title: Leveraging NGFWs for Threat Hunting
\nWhen: Saturday, Aug 7, 13:45 - 14:15 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Drimacus\n
\nDrimacus is a veteran in the security focusing around Network Security, Emerging Threats, and Innovation.
\n\n
\nDescription:
\nSharing research and details around running passive NGFWs to complement threat hunting tools. This talk will walk through sharing why, how, and what I learned about these to share with the community and the value that can be gained by leveraging NGFWs for threat hunting.\n

With the introduction of NGFWs came new operational risk in the form of application ID. After taking a path down to mitigate this risk by implementing passive NGFWs, it also become an opportunity to leverage them for threat hunting.\n

This talk will review research over the past 5 years of running such passive NGFWs.\nThe pros/cons of the environment over exiting threat hunting tools, review of architecture, and a deep dive into the various functionality will be discussed.\n

Talk presented by - Shawn Wallis (Drimacus) - Cyber Security Research Strategiest\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220477),('3_Saturday','14','13:45','14:15','Y','BTV','','\'Leveraging NGFWs for Threat Hunting\'','\'Drimacus\'','BTV_6008d51aafd22a94b821fc28e3ecd5b3','\'\'',NULL,220478),('3_Saturday','14','14:30','15:30','N','BTV','','\'Modern Authentication for the Security Admin\'','\'Bailey Bercik,Mark Morowczynski\'','BTV_f4bcaa41aa897c75b4dee05da92080e7','\'Title: Modern Authentication for the Security Admin
\nWhen: Saturday, Aug 7, 14:30 - 15:30 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\nSpeakers:Bailey Bercik,Mark Morowczynski
\n
SpeakerBio:Bailey Bercik\n
\nBailey Bercik (@baileybercik on Twitter) is a Program Manager in the customer facing arm of the Identity Engineering division at Microsoft. As part of the â€œGet-To-Productionâ€ team, she acts as a trusted advisor to Fortune 500 enterprises deploying Azure Active Directory. She\'s previously spoken about Azure AD customer stories and security recommendations at Microsoft Ready & Ignite, Blue Team Con, The Diana Initiative, and BSides Portland. Prior to this role, Bailey worked on Microsoft\'s incubation team for Decentralized Identity and volunteered as a computer science teacher at Warden High School.
\nTwitter: @BaileyBercik
\n
SpeakerBio:Mark Morowczynski\n
\nMark Morowczynski (@markmorow) is a Principal Program Manager on the customer success team in the Microsoft Identity division. He spends most of his time working with customers on their deployments of Azure Active Directory. He\'s spoken at various industry events such as Black Hat 2019, Defcon Blue Team Village, GrayHat, several BSides, Microsoft Ignite, Microsoft Inspire, Microsoft MVP Summits, The Experts Conference (TEC), The Cloud Identity Summit, SANs Security Summits and TechMentor. He can be frequently found on Twitter as @markmorow arguing about baseball and making sometimes funny gifs.
\nTwitter: @markmorow
\n\n
\nDescription:
\nModern authentication protocols such as SAML, OAuth and OpenID Connect. Claims, bearer tokens and JWT tokens are traversing various authentication flow paths in your environment today. In this session we will break down these authentication concepts and common flows for the non-identity admin. We will also discuss some common attacks and defenses the security team should be monitoring for and implementing in their environment.\n

Many organization\'s applications are moving to modern authentication protocols such as SAML, OAuth and OpenID Connect. Claims, bearer tokens and JWT tokens are traversing various authentication flow paths in your environment today. Security teams need to be just as familiar with how these work, the risks and the benefits they provide, as they are with Kerberos tickets and NTLM hashes (please stop btw). In this session we will break down these authentication concepts and common flows for the non-identity admin. We will also discuss some common attacks and defenses the security team should be monitoring for and implementing in their environment.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220479),('3_Saturday','15','14:30','15:30','Y','BTV','','\'Modern Authentication for the Security Admin\'','\'Bailey Bercik,Mark Morowczynski\'','BTV_f4bcaa41aa897c75b4dee05da92080e7','\'\'',NULL,220480),('3_Saturday','15','15:45','16:45','N','BTV','','\'Uncomfortable Networking\'','\'Charles Rumford\'','BTV_89a2bfc86d413e62781dc604abdd3226','\'Title: Uncomfortable Networking
\nWhen: Saturday, Aug 7, 15:45 - 16:45 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Charles Rumford\n
\nCharles is currently a network engineer with Deft. He has a background in network engineering, programming, information security, usability, and linux systems administration. He likes to ensure things are secure, usable, and users are informed.
\nTwitter: @TallWireless
\n\n
\nDescription:
\nThere is so much networking architecture we do in the name of security which ultimately just gets in the way of so many thing. Learn about things to simplify your network design and reduce your management overhead while maintaining or increasing your security posture.\n

When it comes to security, networking can be your first line of defense, but it shouldn\'t be your only, and it shouldn\'t add complexity and management overhead to your system. There are ways to keep the network design simple while also keeping resources secure.\n

Come and hear from a security and usability focused network engineer about the things we do to our network architectures and design in the name of security but ultimately create large amounts of complexity, management overhead, and the need to redesign constantly.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220481),('3_Saturday','16','15:45','16:45','Y','BTV','','\'Uncomfortable Networking\'','\'Charles Rumford\'','BTV_89a2bfc86d413e62781dc604abdd3226','\'\'',NULL,220482),('3_Saturday','17','17:00','17:30','N','BTV','','\'Structured Analytical Techniques for Improving Information Security Analyses\'','\'Rabbit\'','BTV_8b941d874e8f4fc99613cfbe4e1a53eb','\'Title: Structured Analytical Techniques for Improving Information Security Analyses
\nWhen: Saturday, Aug 7, 17:00 - 17:30 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:Rabbit\n
\nRabbit is an information security engineer and lagomorph enthusiast with a background in medical device security and biometric access system assessment who now manages the secure development and testing of IoT smart home and smart lock devices.\n
\nTwitter: @ra6bit
\n\n
\nDescription:
\nBased on tradecraft documents openly published by the CIA, this talk takes structured analytical techniques intended for intelligence analysis and refactors them for use in improving typical Information Security investigations and analyses as well as OSINT investigations.\n

In 2009, the Central Intelligence Agency published a document titled \"A Tradecraft Primer: Structured Analytic Techniques for Improving Intelligence Analysis \" which lays out a number of techniques for improving the accuracy and reliability of intelligence analyses. I found the document fascinating and set out to reapply the techniques for use in my day to day Information Security work. The techniques are a fantastic tool set for improving the quality of analysis products by bringing alternative narratives and solutions to light, highlighting contradictory evidence, and developing confidence in analysis conclusions. Additionally there are techniques for imaginatively creating and evaluating new scenarios which may fit a given set of evidence.\n

The techniques can be divided into three categories. \"Diagnostic Techniques\", which are intended to assess and improve the quality of source material used in an analysis. \"Contrarian Techniques\", which are intended to surface potential alternate hypotheses that fit the information available, and \"Imaginative Thinking\" techniques which are used to generate new starting points for hypotheses that can then be developed further by applying the previous techniques.\n

An example of a Diagnostic technique is a \"Key assumptions check\". This exercise is simply to list all of the assumptions that have been made within an analysis, which can then be analyzed to identify unsupported assumptions or assumptions with excessive uncertainty. In an information security context, such as during incident response, this type of analysis can illuminate where assumptions have been made that can\'t be verified, such as confusing correlation with causation, or when errors have been made due to trusting timing information sources without verifying other reference events are properly synchronized in the source material. In an OSINT investigation, this technique can help weed out correlations that have been made based on dubious evidence.\n

An example of a Contrarian technique most people are probably familiar with already is the \"Devils advocate\" technique, where narratives are created which intentionally directly refute the hypothesis of the analysis to be improved. These opposite narratives are then evaluated to determine if they could be valid primary hypotheses. A lesser known technique, however, would be a \"High Impact/Low probability\" analysis, where an incident is analyzed in reverse. If the event is assumed to be a foregone conclusion, analyzing what conditions would necessarily have to have occurred for that condition to be possible can lead to the identification of additional places where supporting evidence may be available, or it may lead to a hypothesis being rejected as not fitting the available evidence.\n

An example of an Imaginative analysis is the \"Red Team analysis\". While a lot of people in Information Security will be familiar with what a red team is, particularly in the BTV, in this technique, the focus is on analyzing the red team itself, rather than applying red team techniques. What this means is to analyze the driving motivations of the adversary and factors which may influence their behavior as attackers. It\'s more like \"red teaming the red team\" to develop an idea of how and why they may act in a certain way in a given situation. In the information security realm, an example of applying this sort of technique is to develop a potential model of a threat based on their TTPs, then use that to determine if there are other investigations that should occur. For instance, if a breach was caused by a hacktivist, the ultimate goal of their attack may be completely different than that of a corporate rival, or a nation state, and identifying those motivations can help you further understand the motives and meanings behind the actions they take and their ultimate goals within your systems.\n

The final portion of this talk would be to apply some of the techniques to sample sets of evidence to illustrate how each technique can be applied, and how each can improve, support, or refute the initial hypothesis.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,220483),('2_Friday','09','09:30','10:59','N','BTV','','\'Attack and Detect with Prelude Operator and Security Onion\'','\'Wes Lambert\'','BTV_3c5e92abeae0ab2873b1cefb4dac120e','\'Title: Attack and Detect with Prelude Operator and Security Onion
\nWhen: Friday, Aug 6, 09:30 - 10:59 PDT
\nWhere: Blue Team Village - Workshop Track 1 (Virtual)
\n
SpeakerBio:Wes Lambert\n
\nWes Lambert is the Director of Support and Professional Services at Security Onion Solutions, where he helps customers to implement enterprise security monitoring solutions and understand their computer networks. A huge fan of OSS projects, Wes loves to solve problems and enhance security using completely free and easily deployable tools.
\nTwitter: @therealwlambert
\n\n
\nDescription:
\nIn this workshop, weâ€™ll leverage Prelude Operator, an easy-to-use desktop platform for autonomous red teaming. With Operator, we can generate adversary profiles, complete with TTPs and goals, then deploy an â€œadversaryâ€, evaluating our detection coverage against the MITRE ATT&CK framework using Security Onion, a free and open platform for intrusion detection, enterprise security monitoring, and log management. By providing network, host, and other types of data, Security Onion can provide a leg up to defenders, allowing them to track down their adversaries and make them cry.\n

This talk will go over the introduction of red/purple teaming, along with how individuals can emulate adversary actions, as well as track those actions across their enterprise, evaluating their detection coverage.\n

We\'ll first go over how a tool like Prelude Operator can be used to emulate these adversary actions, then learn how Security Onion can be leveraged to detect these actions and track our coverage across the MITRE attack framework.\n

Throughout the discussion the following tools will be introduced:\n

Prelude Operator - autonomous red-teaming platform, creating adversaries to test detection\nZeek - Policy-neutral NIDS
\nSuricata - Signature-based NIDS
\nStenographer â€“ Full Packet capture
\nPlaybook - Detection development
\nATT&CK Navigator - Track detection coverage\nStrelka - File analysis
\nOsquery - Host-based monitoring
\nWazuh - HIDS\n

\n\'',NULL,220484),('2_Friday','10','09:30','10:59','Y','BTV','','\'Attack and Detect with Prelude Operator and Security Onion\'','\'Wes Lambert\'','BTV_3c5e92abeae0ab2873b1cefb4dac120e','\'\'',NULL,220485),('3_Saturday','09','09:00','10:30','N','BTV','','\'Wireshark for Incident Response & Threat Hunting\'','\'Michael Wylie\'','BTV_67d77e87ff5528f1dc949387517e329d','\'Title: Wireshark for Incident Response & Threat Hunting
\nWhen: Saturday, Aug 7, 09:00 - 10:30 PDT
\nWhere: Blue Team Village - Workshop Track 1 (Virtual)
\n
SpeakerBio:Michael Wylie\n
\nMichael Wylie, MBA, CISSP is the Sr. Manager of a 24/7/365 global managed threat hunting team. Prior to his current role, he was the Director of Cybersecurity at a top 100 CPA firm where he built out the offensive/defensive security service practice. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Colleges, and for clients around the world. Michael is the winner of numerous SANS challenge coin and holds the following credentials: CISSP, CCNA R&S, GPEN, GMON, GCFE, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, CNVP, Microsoft Azure, and more.\n
\nTwitter: @themikewylie
\n\n
\nDescription:
\nThis workshop will take studentâ€™s Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and malicious network traffic analysis. We will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Placement, techniques, and collection of network traffic will be discussed in detail.\n

This workshop will take studentâ€™s Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and malicious network traffic analysis. We will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Placement, techniques, and collection of network traffic will be discussed in detail. Throughout the workshop, weâ€™ll examine what different attacks and malware look like in Wireshark. Students will then have hands-on time in the lab to search for Indicators of Compromise (IOCs) and a potential breach to the network. There will be plenty of take home labs for additional practice.\n

Attendees will learn:
\n- How to build traffic specific Wireshark profiles\n- How to setup Wireshark for threat hunting\n- How to enrich packets with threat intel\n- How to identify IOCs in a sea of packets\n- How to tap networks and where to setup sensors\n- NSM techniques
\n- Techniques to quickly identify evil on a network\n

Students are provided with PCAPs of incidents starting with 8 packets and growing to 10,000+ packet captures where students need to build a timeline of a breach.\n

\n\'',NULL,220486),('3_Saturday','10','09:00','10:30','Y','BTV','','\'Wireshark for Incident Response & Threat Hunting\'','\'Michael Wylie\'','BTV_67d77e87ff5528f1dc949387517e329d','\'\'',NULL,220487),('3_Saturday','11','11:00','12:30','N','BTV','','\'Tricks for the Triage of Adversarial Software\'','\'Dylan Barker,Quinten Bowen\'','BTV_1629041bd50cd02452619b73a1189e61','\'Title: Tricks for the Triage of Adversarial Software
\nWhen: Saturday, Aug 7, 11:00 - 12:30 PDT
\nWhere: Blue Team Village - Workshop Track 1 (Virtual)
\nSpeakers:Dylan Barker,Quinten Bowen
\n
SpeakerBio:Dylan Barker\n
\nDylan Barker is a technology professional with 10 years\' experience in the information security space, in industries ranging from K12 and telecom to financial services. He has held many distinct roles, from security infrastructure engineering to vulnerability management. In the past, he has spoken at BSides events and has written articles for CrowdStrike, where he is currently employed as a senior analyst.
\nTwitter: @HBRH_314
\n
SpeakerBio:Quinten Bowen\n
\nQuinten Bowen is an Information Security Professional who works as a Senior Analyst at CrowdStrike. Additionally, Quinten has expertise in malware analysis, penetration testing, threat hunting, and incident response in enterprise environments, holding relevant certifications such as GREM, OSCP, eCPPT, and eCMAP. Quinten spends his off-time volunteering for the Collegiate Cyber Defense Competition (CCDC), mentoring, and can be found around a table playing D&D.
\n\n
\nDescription:
\nA malware analysis and triage workshop covering quick static and dynamic analysis techniques along with common adversarial obfuscation techniques. Followed by a short malware analysis tournament challenge with gift-card prizes.\n

The workshop will cover techniques outlined in Malware Analysis Techniques (Published by Packt), written and delivered by myself, Dylan Barker, and the Technical Reviewer Quinten Bowen.\n

We\'ll examine ways to de-obfuscate common malicious scripts and droppers utilized in real-world attacks by threat actors such as those responsible for DarkSide ransomware and Emotet Banking Trojan threats.\n

Also covered will be ascertaining the capabilities and instruction flow of malware within NSA\'s Ghidra framework, crafting IOCs based on PE characteristics, and advanced dynamic analysis techniques including utilizing tools such as Inetsim, ProcDot, and manually unpacking malicious samples using debuggers to closely examine them without obfuscation.\n

The second half of the workshop will revolve around utilizing these techniques to answer questions, which will be scored on time and accuracy utilizing a CTF framework.\n

\n\'',NULL,220488),('3_Saturday','12','11:00','12:30','Y','BTV','','\'Tricks for the Triage of Adversarial Software\'','\'Dylan Barker,Quinten Bowen\'','BTV_1629041bd50cd02452619b73a1189e61','\'\'',NULL,220489),('2_Friday','10','10:45','12:15','N','BTV','','\'Windows Forensics 101 (Beginner)\'','\'Surya Teja Masanam\'','BTV_11d322d1687ab6ea975d2c99c0434a4e','\'Title: Windows Forensics 101 (Beginner)
\nWhen: Friday, Aug 6, 10:45 - 12:15 PDT
\nWhere: Blue Team Village - Workshop Track 2 (Virtual)
\n
SpeakerBio:Surya Teja Masanam\n
\nSurya found his passion for cybersecurity during his college days where out of curiosity he figured out how a malware was spreading actively in the college computers and found a remediation technique. From then onwards his cybersecurity journey started. Digital Forensics and Malware Analysis are his all-time favorites. Surya is a Security Engineer with 5+ years of experience in performing both offensive and defensive activities. Engaging, understanding, and knowledgeable technical trainer, having expertise in training small and large groups across diverse industries. LinkedIn: https://www.linkedin.com/in/suryatejam/
\nTwitter: @surya4n6
\nhttps://www.linkedin.com/in/suryatejam/
\n\n
\nDescription:
\nAre you fascinated with Sherlock Holmes stories?\n

In your lifetime, have you ever come across the word Forensics?\nMost of us might have seen in the movies like, After a crime, Police visits the crime scene and says â€œCall the Forensics Teamâ€\n

Did you ever feel CURIOUS about that?\n

Technology is evolving, so are the attacks and investigation techniques.\n

If you are interested in Digital Forensics and have questions like:\n

How to start?
\nWhat skills are required?
\nWhat tools to use?
\nThen this workshop is the right place for you.\n

This intro-level workshop covers topics present in Digital Forensics LifeCycle like Evidence Collection and Investigation on a Windows machine, of a Windows machine. Attendees will be provided with the necessary lab instructions and evidence files to perform forensic analysis practically and be confident and clear on how to apply the knowledge gained here to investigate some real-world scenarios.\n

Attendees will learn:\n

Skills required for a Forensic Examiner\nBuild their own forensics toolkit with free and open-source tools\nEvidence Collection --> On Live and Dead Machines, Doâ€™s and Dontâ€™s\nInvestigation --> Windows Artifact analysis, Internet History & Application Analysis, Data Carving, Memory Analysis\nOpportunities and challenges in this field\nAttendees will be provided with:\n

Evidence Files
\nLab instructions to perform forensic analysis\nAccess to the Windows Forensics Artifact Library of the Speaker\nUseful resources for further practice and exploration after this workshop\nLab Requirements:\n

OS: Windows 7 and above [Win10 recommended]\nIf you are on Linux or Mac, Install Windows using VirtualBox\nRAM: Min. 4GB [8GB recommended]
\nDisk Space: 50 GB
\nNote: Download links for the labs will be shared before the workshop\n

Pre-requisites
\n- Familiarity with Windows Operating System.\n- Curiosity, Willingness, and of course, the Lab requirements too ;-)\n

\n\'',NULL,220490),('2_Friday','11','10:45','12:15','Y','BTV','','\'Windows Forensics 101 (Beginner)\'','\'Surya Teja Masanam\'','BTV_11d322d1687ab6ea975d2c99c0434a4e','\'\'',NULL,220491),('2_Friday','12','10:45','12:15','Y','BTV','','\'Windows Forensics 101 (Beginner)\'','\'Surya Teja Masanam\'','BTV_11d322d1687ab6ea975d2c99c0434a4e','\'\'',NULL,220492),('2_Friday','16','16:30','17:59','N','BTV','','\'Watch Out! And just skip the packer\'','\'Felipe Duarte\'','BTV_7cab9bc2f2f6bc04877843b2005af450','\'Title: Watch Out! And just skip the packer
\nWhen: Friday, Aug 6, 16:30 - 17:59 PDT
\nWhere: Blue Team Village - Workshop Track 2 (Virtual)
\n
SpeakerBio:Felipe Duarte\n
\nMalware researcher, CEH, GREM, electronics geek, IoT enthusiast, programmer, drone lover and machine learning fan. Just hunting malware for fun!\n
\nTwitter: @dark0pcodes
\n\n
\nDescription:
\nAnalyzing malware is not an easy task. It is a slow process that becomes even more challenging with all the different protections added by threat actors to hide their secrets.\n

Several techniques could be used to obscure malicious code, however one of the first and most commonly used are the packers. Nowadays, almost every malicious piece of code uses a packer; so, if you really want to understand its inner workings you must first defeat its packer. But do you know how to get rid of this defense without losing your mind? Well, join me and we will find out.\n

Malware remains as one of the most effective tools used by cyber criminals to commit fraud. Far from now are the days in which viruses were just jokes. And, it is not me being dramatic, just look at the news and you will see that this situation is getting worse every day.\n

There are several reasons that make these threats successful, including but not limited to:\n

Launching a malware attack is NOT rocket science, you can find open source or leaked code on Github and even tutorials on Youtube.\nThey come in different flavors according to your needs, from very simple keyloggers to highly modular botnets that can be updated on the fly.\nIf you donâ€™t want to deal with technical stuff, you can even buy malware-as-a-service (and you could get 24/7 support).\nFor us as defenders, understanding the technical details of these type of threats is not an easy task, it requires specialized tools and skills and even with those, be aware that bad guys will always try to obscure their creations to slow down the analysis. This sounds scary, and especially intimidating if it is your first time dealing with these \"creatures\"; but it is not the end of the world, we just need to adapt and overcome these challenges.\n

Join me in this workshop if you want to learn several techniques that will help you to get rid of the first and most common type of defense implemented by malware to hide its secrets (packers/crypters). Let\'s remove their armors and see what is hidden behind!\n

\n\'',NULL,220493),('2_Friday','17','16:30','17:59','Y','BTV','','\'Watch Out! And just skip the packer\'','\'Felipe Duarte\'','BTV_7cab9bc2f2f6bc04877843b2005af450','\'\'',NULL,220494),('3_Saturday','11','11:00','12:30','N','BTV','','\'BTV Presents: Malware Station - Maldoc Workshop\'','\'Clay (ttheveii0x)\'','BTV_2b5e95f612798ff2f9b55091980eacea','\'Title: BTV Presents: Malware Station - Maldoc Workshop
\nWhen: Saturday, Aug 7, 11:00 - 12:30 PDT
\nWhere: Blue Team Village - Workshop Track 2 (Virtual)
\n
SpeakerBio:Clay (ttheveii0x)\n
\nClay is a cyber threat intelligence and malware analysis manager at a consulting company.
\nTwitter: @ttheveii0x
\n\n
\nDescription:
\n\nThis workshop covers an overview of maldoc analysis, a demo, and a hands-on section that takes a deep dive into a malicious Excel document. VM, artifact, and guide will be available for attendees to download and follow along. Breaks will be taken after each section to give attendees time to work through the section and ask questions.\n

Attendees will be exposed to a number of different tools including...\n

REMnux
\n DnSpy
\n oletools
\n CyberChef
\n xlmdeobfuscator
\n shell2exe
\n EXCELntDonut
\n Invoke-Obfuscation\n

Target audience\n

SOC analysts
\n Forensic investigators and junior malware analysts\n Red team/pen testers
\n Anyone interested in the topic\n

\n\'',NULL,220495),('3_Saturday','12','11:00','12:30','Y','BTV','','\'BTV Presents: Malware Station - Maldoc Workshop\'','\'Clay (ttheveii0x)\'','BTV_2b5e95f612798ff2f9b55091980eacea','\'\'',NULL,220496),('3_Saturday','16','16:30','17:59','N','BTV','','\'Ransomware ATT&CK and Defense with the Elastic Stack\'','\'Ben Hughes,Daniel Chen,Fred Mastrippolito\'','BTV_4d2cd45b6e316e6c7b7701ece33f3448','\'Title: Ransomware ATT&CK and Defense with the Elastic Stack
\nWhen: Saturday, Aug 7, 16:30 - 17:59 PDT
\nWhere: Blue Team Village - Workshop Track 2 (Virtual)
\nSpeakers:Ben Hughes,Daniel Chen,Fred Mastrippolito
\n
SpeakerBio:Ben Hughes\n
\nBen Hughes (@CyberPraesidium) brings over 15 years of diverse experience in cyber security, IT, and law. He leads Polito\'s commercial services including Digital Forensics & Incident Response (DFIR), threat hunting, pen testing, and risk assessment. Prior to joining Polito, Ben worked on APT hunt teams at federal and commercial clients. He holds CISSP, GCFA, and GWAPT certifications.
\nTwitter: @CyberPraesidium
\n
SpeakerBio:Daniel Chen\n
\nNo BIO available
\n
SpeakerBio:Fred Mastrippolito\n
\nPentester, and incdent response engineer with a passion for technology. Founded @politoinc and focuses on assisting customers operate securely.
\nTwitter: @politoinc
\n\n
\nDescription:
\nThis hands-on training will walk attendees through leveraging the open source Elastic (ELK) Stack to proactively identify common ransomware tactics, techniques, and procedures (TTPs) within diverse log data sets. The blue team tools and techniques taught during this workshop can be used to investigate isolated ransomware incidents or implemented at scale for continuous monitoring and threat hunting.\n

This hands-on training will walk attendees through leveraging the open source Elastic (ELK) Stack to proactively identify common ransomware tactics, techniques, and procedures (TTPs) within diverse log data sets. The blue team tools and techniques taught during this workshop can be used to investigate isolated ransomware incidents or implemented at scale for continuous monitoring and threat hunting. Attendees will be provided with access to a preconfigured Elastic cluster and extensive sample logs containing malicious endpoint and network events waiting to be discovered on a simulated enterprise network. Ransomware attack artifacts will be mapped to the MITRE ATT&CK Framework and tagged accordingly in the provided logs to help demonstrate the value of log enrichment, showcase real-world attacker TTPs, and leverage a methodological approach to incident response and anomaly detection. Emphasis will be placed on live demos and practical training exercises throughout.\n

Workshop Outline: * Introduction to Ransomware Digital Forensics and Incident Response (DFIR), Threat Hunting, and Threat Intelligence Principles * Introduction to the ATT&CK Framework and Mapping Ransomware TTPs to Relevant Log Data (live demos and labs) * Introduction to the Elastic Stack and Log Data-Driven Analysis (live demos and labs) * Hallmarks of the Ransomware Attack Lifecycle (live demos and labs) * Identifying Ransomware Adversaries and TTPs from Reconnaissance to Exfiltration (live demos and labs)\n

\n\'',NULL,220497),('3_Saturday','17','16:30','17:59','Y','BTV','','\'Ransomware ATT&CK and Defense with the Elastic Stack\'','\'Ben Hughes,Daniel Chen,Fred Mastrippolito\'','BTV_4d2cd45b6e316e6c7b7701ece33f3448','\'\'',NULL,220498),('2_Friday','11','11:00','11:59','N','CHV','','\'Remotely Rooting Charging Station for fun and maybe profit\'','\'Huajiang \"Kevin2600\" Chen,Wu Ming\'','CHV_bf995285c4e1041cd24c3dfd6a3aaccb','\'Title: Remotely Rooting Charging Station for fun and maybe profit
\nWhen: Friday, Aug 6, 11:00 - 11:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\nSpeakers:Huajiang \"Kevin2600\" Chen,Wu Ming
\n
SpeakerBio:Huajiang \"Kevin2600\" Chen\n
\nHuajiang \"Kevin2600\" Chen (Twitter: @kevin2600) is a senior security researcher. He mainly focuses on vulnerability research in wireless and embedded systems. Kevin2600 has spoken at various conferences including KCON; DEFCON and CANSECWEST.
\nTwitter: @kevin2600
\n
SpeakerBio:Wu Ming\n
\nWu Ming (Twitter: @rapiddns) is a senior security engineer. He specializes in Web Security and a Bug Bounty Hunter.
\nTwitter: @rapiddns
\n\n
\nDescription:
\nIn recent years the emergence of a new security threat to the electric vehicle charging ecosystem. How safely and easily charge electric vehicles, is deeply impacting the way people travel. Therefore we conducted an in-depth security analysis for the EV charging stations from Schneider Electric.\n

In this talk, we\'ll present 3 vulnerabilities (CVE-2021-22706; CVE-2021-22707, and CVE-2021-22708) which we found in Schneider Electric\'s EVLink Charging System. We\'ll start by explaining the architecture; components, and protocols involved in such a system. Then we\'ll walk through step by step how do we found an RCE Vulnerability from it.\n

We will be diving into the journey of reverse engineering EVLink Charging station. Start from firmware acquisition, and the various challenges of exploiting EVLink. We\'ll explain the details of how do we overcome these limits, and show how our payloads manipulate the system in order to get a reverse shell with Root privilege. Finally, we\'ll present a video demo of exploiting the vulnerability.\n

This talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=PW60NXN0qZE\n

\n\'',NULL,220499),('2_Friday','12','12:00','12:59','N','CHV','','\'Commercial Transportation: Trucking Hacking\'','\'Ben Gardiner\'','CHV_6d7646192e254ad157b7b9b0cbbba90f','\'Title: Commercial Transportation: Trucking Hacking
\nWhen: Friday, Aug 6, 12:00 - 12:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Ben Gardiner\n
\nMr. Gardiner is an independent consultant at Yellow Flag Security, Inc. presently working to secure heavy vehicles at the NMFTA. With more than ten years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. Prior YFS Inc. and joining the NMFTA team in 2019, Mr. Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He holds a M.Sc. Eng. in Applied Math & Stats from Queenâ€™s University. He is a DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV) volunteer.
\nTwitter: @BenLGardiner
\n\n
\nDescription:
\nJoin us for a technical review of the how-to of hacking big rig trucks. Included is an overview and introduction to commercial transportation, specifically trucking (tractors and trailers), and its technologies. It will cover the vehicle networks J1939, J1708/J1587 and J2497, how they operate and what they can be used for both intentionally and unintentionally. Several tools for truck hacking are presented and a survey of the public truck attacks are covered. Many tools are introduced and discussed, some are covered with examples. Attendees should leave with a good sense of what are the potentially fruitful areas of technical research into commercial transport cybersecurity and how they can equip themselves to successfully explore those areas. Some exposure to the CAN bus is assumed but no specific experience with commercial transport is needed.\n

This talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=RzcpZODAJE0\n

\n\'',NULL,220500),('2_Friday','13','13:00','13:59','N','CHV','','\'From CTF to CVE\'','\'Bill Hatzer\'','CHV_27094b62cd635b0ebca064910ec14cfd','\'Title: From CTF to CVE
\nWhen: Friday, Aug 6, 13:00 - 13:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Bill Hatzer\n
\nNo BIO available
\n\n
\nDescription:
\nA brief overview of my approach to hacking things and how preparing for a CTF discovered my first CVE on Hyundai Bluelink. I was practicing some burpsuite stuff and decided to tap and trap my Phone... and caught something strange.\n

This talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=8LI19B5lmk8\n

\n\'',NULL,220501),('2_Friday','14','14:00','14:59','N','CHV','','\'Bug Hunter\'s Guide to Bashing for a Car Hacking Bug Bash or Contest\'','\'Jay Turla\'','CHV_eba7b1d1d18157140581bf2e50c8546b','\'Title: Bug Hunter\'s Guide to Bashing for a Car Hacking Bug Bash or Contest
\nWhen: Friday, Aug 6, 14:00 - 14:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Jay Turla\n, Manager, Security Operations at Bugcrowd
\nJay Turla is a Manager, Security operations at Bugcrowd Inc., and one of the goons of ROOTCON. He has been acknowledged and rewarded by Facebook, Adobe, Yahoo, Microsoft, Mozilla, etc. for his responsible disclosures. He has also contributed auxiliary and exploit modules to the Metasploit Framework: Host Header Injection Detection, BisonWare BisonFTP Server Buffer Overflow, Zemra Botnet CnC Web Panel Remote Code Execution, Simple Backdoor Shell Remote Code Execution, w3tw0rk / Pitbul IRC Bot Remote Code Execution, etc. He used to work for HP Fortify where he performs Vulnerability Assessment, Remediation and Advance Testing.
\n\n
\nDescription:
\nBug Bounty Programs and Bug Bashes geared towards vehicles or automobiles are getting attention now. A lot of our brethren have also been wining some of these competitions. What is their secret to their success? How do you prepare for one? This talk will summarize some techniques and methodologies the speaker observed during his stint as a triager for automotive security bugs and a common car hacker. This talk will also be an eye opener for other bug hunters who wants to dive into car hacking so that they may be able to participate car hacking bug bashes soon.\n

This talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=5-JM1QRGUYc\n

\n\'',NULL,220502),('2_Friday','15','15:00','15:59','N','CHV','','\'Remote Adversarial Phantom Attacks against Tesla and Mobileye\'','\'Ben Nassi\'','CHV_6126c5db4060b9c9832c27f1c4f3b0b8','\'Title: Remote Adversarial Phantom Attacks against Tesla and Mobileye
\nWhen: Friday, Aug 6, 15:00 - 15:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Ben Nassi\n
\nBen Nassi (Twitter: @ben_nassi) is a security researcher. He specializes in security of autonomous vehicles and IoT devices.
\nTwitter: @ben_nassi
\n\n
\nDescription:
\nIn this talk, we present \"split-second phantom attacks,\" a scientific gap that causes two commercial advanced driver-assistance systems (ADASs), Telsa Model X (HW 2.5 and HW 3) and Mobileye 630, to treat a depthless object that appears for a few milliseconds as a real obstacle/object. \n

We discuss the challenge that split-second phantom attacks create for ADASs. \nWe demonstrate how attackers can apply split-second phantom attacks remotely by embedding phantom road signs into an advertisement presented on a digital billboard which causes Teslaâ€™s autopilot to suddenly stop the car in the middle of a road and Mobileye 630 to issue false notifications. We also demonstrate how attackers can use a projector in order to cause Teslaâ€™s autopilot to apply the brakes in response to a phantom of a pedestrian that was projected on the road and Mobileye 630 to issue false notifications in response to a projected road sign.\nThis talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=6aYPhi16FjA\n

\n\'',NULL,220503),('3_Saturday','11','11:00','11:59','N','CHV','','\'My other car is your car: compromising the Tesla Model X keyless entry system\'','\'Lennert Wouters\'','CHV_6384da34bfa6cec112ad7befe5002e36','\'Title: My other car is your car: compromising the Tesla Model X keyless entry system
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Lennert Wouters\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk covers a practical security evaluation of the Tesla Model X keyless entry system. We will cover the internal workings of the system, including the key fob, the body control module and the pairing protocol. Additionally, we detail our reverse engineering techniques and document several security issues. The identified issues in the key fob firmware update mechanism and the key fob pairing protocol allow us to bypass all of the cryptographic security measures put in place. Our proof-of-concept attack allows to unlock and start a Model X in a matter of minutes. The vulnerability in the key fob firmware update mechanism was fixed by Tesla using an OTA update.\n

This talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=36AvYW48JtQ\n

\n\'',NULL,220504),('3_Saturday','12','12:00','12:59','N','CHV','','\'Not so Passive: Vehicle Identification and Tracking via Passive Keyless Entry\'','\'Nick Ashworth\'','CHV_0be90586c7af9f9bfb9680b438ecfcf0','\'Title: Not so Passive: Vehicle Identification and Tracking via Passive Keyless Entry
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Nick Ashworth\n
\nNo BIO available
\nTwitter: @zeetw11
\n\n
\nDescription:
\nAttacks on the passive keyless entry system have been around for a while, with most focused on gaining physical access to the vehicle. We have developed a new attack, Marco, that instead focuses on identifying and tracking vehicles by exploiting weaknesses in passive keyless entry systems. This attack works similar to a cooperative radar system, where the attacker transmits an interrogation message, and any nearby key fob will automatically respond. The attacker can then use these responses to identify and track key fobs either generically, such as all fobs of the same make and model of vehicle, or specifically, such as a key fob with a specific identifier.\n

This talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=aiSA4QdF4m8\n

\n\'',NULL,220505),('3_Saturday','13','13:00','13:59','N','CHV','','\'Fuzzing CAN / CAN FD ECU\'s and Network\'','\'Samir Bhagwat\'','CHV_494cc74219222e04be55ac403a057339','\'Title: Fuzzing CAN / CAN FD ECU\'s and Network
\nWhen: Saturday, Aug 7, 13:00 - 13:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Samir Bhagwat\n
\nNo BIO available
\n\n
\nDescription:
\nGet an overview of fuzzing, various techniques used in vulnerability testing, and how to automate your Fuzzing.\n

This talk will stream on YouTube.\n

YouTube: agQ&feature=youtu.be\">https://www.youtube.com/watch?v=L7RCalagQ&feature=youtu.be\n

\n\'',NULL,220506),('3_Saturday','14','14:00','14:59','N','CHV','','\'Build Automotive Gateways with Ease\'','\'Don Hatfield\'','CHV_dd56648b937500457155177b2ee52f93','\'Title: Build Automotive Gateways with Ease
\nWhen: Saturday, Aug 7, 14:00 - 14:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Don Hatfield\n
\nNo BIO available
\n\n
\nDescription:
\nVehicle network architectures within modern vehicles have been transformed by the introduction of automotive gateways. These gateways enable seamless communication between different vehicle networks and are central to the success of modern architectures. In this presentation, we are going to cover some of the challenges that automotive engineers face when tasked with converting data between old and new network protocols. Weâ€™ll also detail how this process is made much easier.\n

This talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=3elYcORppls\n

\n\'',NULL,220507),('3_Saturday','15','15:00','15:59','N','CHV','','\'Safety Third: Defeating Chevy StabiliTrak for Track Time Fun\'','\'Eric Gershman\'','CHV_3e73edc413564997ad93b5d9312b019c','\'Title: Safety Third: Defeating Chevy StabiliTrak for Track Time Fun
\nWhen: Saturday, Aug 7, 15:00 - 15:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Eric Gershman\n
\nNo BIO available
\n\n
\nDescription:
\nElectronic Stability Control (ESC) system saves thousands of lives every year by preventing accidents before a driver starts to lose control but it can be a real drag when trying to race a modern electric vehicle. Both the Chevy Spark EV and Bolt electric car communities have been unable to defeat the ESC to get full control of their cars on the track. Join me on my journey as I attempt to defeat Chevyâ€™s Stabilitrak to turn an EV econobox into an autocross speed racer.\n

This talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=OS6rSHZq2N8\n

\n\'',NULL,220508),('1_Thursday','15','15:00','18:59','N','DDV','','\'Data Duplication Village - Open for dropoff only\'','\' \'','DDV_0142774982e2ead306c32b6ec02b051e','\'Title: Data Duplication Village - Open for dropoff only
\nWhen: Thursday, Aug 5, 15:00 - 18:59 PDT
\nWhere: Data Duplication Village
\n
\nDescription:
\nSpace permitting, last drop off is Saturday at 3:00pm.\n

Pick your drives full of data anytime 14-24 hours after drop off.\n

Last chance pickup is Sunday from 10:00 to 11:00.\n

Yes, 6TB and larger drives are accepted.\n

Any drives not picked up by Sunday at 11:00am are considered donated to the DDV.\n

See https://dcddv.org/dc29-schedule for more information.\n

\n\'',NULL,220509),('1_Thursday','16','15:00','18:59','Y','DDV','','\'Data Duplication Village - Open for dropoff only\'','\' \'','DDV_0142774982e2ead306c32b6ec02b051e','\'\'',NULL,220510),('1_Thursday','17','15:00','18:59','Y','DDV','','\'Data Duplication Village - Open for dropoff only\'','\' \'','DDV_0142774982e2ead306c32b6ec02b051e','\'\'',NULL,220511),('1_Thursday','18','15:00','18:59','Y','DDV','','\'Data Duplication Village - Open for dropoff only\'','\' \'','DDV_0142774982e2ead306c32b6ec02b051e','\'\'',NULL,220512),('2_Friday','10','10:00','16:59','N','DDV','','\'Data Duplication Village - Open\'','\' \'','DDV_3ee3ef1bfeb09160649b9028fb62daba','\'Title: Data Duplication Village - Open
\nWhen: Friday, Aug 6, 10:00 - 16:59 PDT
\nWhere: Data Duplication Village
\n
\nDescription:
\nSpace permitting, last drop off is Saturday at 3:00pm.\n

Pick your drives full of data anytime 14-24 hours after drop off.\n

Last chance pickup is Sunday from 10:00 to 11:00.\n

Yes, 6TB and larger drives are accepted.\n

Any drives not picked up by Sunday at 11:00am are considered donated to the DDV.\n

See https://dcddv.org/dc29-schedule for more information.\n

\n\'',NULL,220513),('2_Friday','11','10:00','16:59','Y','DDV','','\'Data Duplication Village - Open\'','\' \'','DDV_3ee3ef1bfeb09160649b9028fb62daba','\'\'',NULL,220514),('2_Friday','12','10:00','16:59','Y','DDV','','\'Data Duplication Village - Open\'','\' \'','DDV_3ee3ef1bfeb09160649b9028fb62daba','\'\'',NULL,220515),('2_Friday','13','10:00','16:59','Y','DDV','','\'Data Duplication Village - Open\'','\' \'','DDV_3ee3ef1bfeb09160649b9028fb62daba','\'\'',NULL,220516),('2_Friday','14','10:00','16:59','Y','DDV','','\'Data Duplication Village - Open\'','\' \'','DDV_3ee3ef1bfeb09160649b9028fb62daba','\'\'',NULL,220517),('2_Friday','15','10:00','16:59','Y','DDV','','\'Data Duplication Village - Open\'','\' \'','DDV_3ee3ef1bfeb09160649b9028fb62daba','\'\'',NULL,220518),('2_Friday','16','10:00','16:59','Y','DDV','','\'Data Duplication Village - Open\'','\' \'','DDV_3ee3ef1bfeb09160649b9028fb62daba','\'\'',NULL,220519),('3_Saturday','10','10:00','09:59','N','DDV','','\'Data Duplication Village - Open\'','\' \'','DDV_da840a998f18db9cc2daa7908fb7ca9b','\'Title: Data Duplication Village - Open
\nWhen: Saturday, Aug 7, 10:00 - 09:59 PDT
\nWhere: Data Duplication Village
\n
\nDescription:
\nSpace permitting, last drop off is Saturday at 3:00pm.\n

Pick your drives full of data anytime 14-24 hours after drop off.\n

Last chance pickup is Sunday from 10:00 to 11:00.\n

Yes, 6TB and larger drives are accepted.\n

Any drives not picked up by Sunday at 11:00am are considered donated to the DDV.\n

See https://dcddv.org/dc29-schedule for more information.\n

\n\'',NULL,220520),('4_Sunday','10','10:00','10:59','N','DDV','','\'Data Duplication Village - Last Chance Pickup Only\'','\' \'','DDV_bd4ab0427e104c5295aef54f8e4ebfba','\'Title: Data Duplication Village - Last Chance Pickup Only
\nWhen: Sunday, Aug 8, 10:00 - 10:59 PDT
\nWhere: Data Duplication Village
\n
\nDescription:
\nSpace permitting, last drop off is Saturday at 3:00pm.\n

Pick your drives full of data anytime 14-24 hours after drop off.\n

Last chance pickup is Sunday from 10:00 to 11:00.\n

Yes, 6TB and larger drives are accepted.\n

Any drives not picked up by Sunday at 11:00am are considered donated to the DDV.\n

See https://dcddv.org/dc29-schedule for more information.\n

\n\'',NULL,220521),('2_Friday','10','10:00','10:15','N','HRV','','\'Ham Radio Village Opening Remarks\'','\'\'','HRV_1755354f0045b7d9230d31cea3d5a4f9','\'Title: Ham Radio Village Opening Remarks
\nWhen: Friday, Aug 6, 10:00 - 10:15 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
\nDescription:No Description available
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,220522),('2_Friday','11','11:00','11:30','N','HRV','','\'\"Ask a Ham\" Q&A\'','\' \'','HRV_9f98b061d12c8faf477da48ee19e6b74','\'Title: \"Ask a Ham\" Q&A
\nWhen: Friday, Aug 6, 11:00 - 11:30 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
\nDescription:
\n Got a question about anything ham radio? Come ask us in this open forum of all things ham radio!
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,220523),('2_Friday','14','14:00','14:30','N','HRV','','\'Discord Practice Net\'','\' \'','HRV_7c645ab6d406ac801dd5b8e73e6c8436','\'Title: Discord Practice Net
\nWhen: Friday, Aug 6, 14:00 - 14:30 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
\nDescription:
\nIn this \"demo\", we\'ll be hosting a practice \"net\" (ham-speak for on-air meeting) on the #hrv-get-on-the-air-voice channel in the village. All persons, even non-hams, are invited to join us in this practice so you can become familiar with expected etiquette.
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,220524),('3_Saturday','11','11:00','11:59','N','HRV','','\'Amateur Radio Mesh Networking: Enabling Higher Data-rate Communications\'','\'Tyler Gardner\'','HRV_89da1d891cc2306c479afe8bda181169','\'Title: Amateur Radio Mesh Networking: Enabling Higher Data-rate Communications
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
SpeakerBio:Tyler Gardner\n
\nTyler Gardner holds a General class U.S. amateur radio license. He received his first license in 2017 and enjoys participating in ARES, contesting, public service events, and digital modes. While attending college in Logan, Utah, Tyler was a member of the Bridgerland Amateur Radio Club. He now participates in amateur radio organizations in Dayton, Ohio, including the Miami Valley Mesh Alliance. Professionally, Tyler holds a master\'s degree in Aerospace Engineering and works as a research engineer.
\n\n
\nDescription:
\nAmateur radio encompasses a broad range of activities and applications. From contests and events to emergency communications and public service, hams have many different interests they can explore. One area that is being enabled by modern wireless technologies is mesh networking. Typical digital radio modes, such as those based on AX.25, offer low data rates. While fairly robust and widely used, the low data rates of these modes limits their capabilities. Mesh networking, such as AREDN, can supplement and empower many aspects of your amateur radio operations - and the entry cost is quite low! This presentation will talk about what mesh networking is, how it is being used by amateur radio operators, and how you can get started with mesh networking yourself!
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,220525),('3_Saturday','13','13:30','14:30','N','HRV','','\'Amateur Radio Digital Modes Primer\'','\'Jon Marler\'','HRV_2e534d7bfa1a65f766932b7f0464c442','\'Title: Amateur Radio Digital Modes Primer
\nWhen: Saturday, Aug 7, 13:30 - 14:30 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
SpeakerBio:Jon Marler\n
\nJon is a product manager at SecureTrust with a true passion for information security. Jon is an amateur radio operator, lockpicker, phreaker, repairer of all things, and maker. As a result of his long-standing commitment to open source software, Jon has offered his expertise as a package manager for the Debian GNU/Linux OS distribution since 1998.
\n\n
\nDescription:
\nAmateur radio operator Jon Marler, callsign K4CHN, presents an introduction to many of the digital modes available to amateur radio operators. Jon will be discussing the modes available for voice and data, as well as many of the hardware options available. Jon will also be presenting a very simple design for a way to connect a Raspberry Pi to your radio safely. A demonstration of slow scan television (SSTV) will be made to end the presentation before Q&A.
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,220526),('3_Saturday','14','13:30','14:30','Y','HRV','','\'Amateur Radio Digital Modes Primer\'','\'Jon Marler\'','HRV_2e534d7bfa1a65f766932b7f0464c442','\'\'',NULL,220527),('3_Saturday','16','16:00','16:30','N','HRV','','\'Getting started with low power & long distance communications - QRP\'','\'Eric Escobar\'','HRV_00e78a3fc6b4900671652f0788f3b44a','\'Title: Getting started with low power & long distance communications - QRP
\nWhen: Saturday, Aug 7, 16:00 - 16:30 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
SpeakerBio:Eric Escobar\n, Principal Security Consultant
\nEric is a seasoned pentester and a Principal Security Consultant at Secureworks. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. His team consecutively won first place at DEF CON 23, 24, and 25\'s Wireless CTF, snagging a black badge along the way. Forcibly retired from competing in the Wireless CTF, heâ€™s now a member of the DEF CON Wireless Village team. Before entering the cyber security arena, Eric attained both a BS and MS in Civil Engineering along with his Professional Engineering license.
\n\n
\nDescription:
\nSolar minimums have you down? Anxious to get out of the shack? This talk is for the ham who wants to take their gear on the go and still have reliable and long distance communications. Be prepared to be amazed at just how far 5 watts will truly go. I\'ll be covering the hardware, software, and configuration for the shack that will fit in a backpack.
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,220528),('4_Sunday','11','11:00','12:30','N','HRV','','\'An Introduction to RF Test Equipment\'','\'Kurits Kopf\'','HRV_ad588544248d2c8f5ceb805ed9abc314','\'Title: An Introduction to RF Test Equipment
\nWhen: Sunday, Aug 8, 11:00 - 12:30 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
SpeakerBio:Kurits Kopf\n
\nKurits Kopf is a software engineer, technology enthusiast, and perpetual hobby collector. He is a video game industry veteran, working in Los Angeles. When he\'s not building games or playing them with his kids, he\'s in the garage tinkering. He has been taking interesting things apart to see how they work since childhood, and sometimes has even managed to put them back together.
\n\n
\nDescription:
\nAn overview covering several common pieces of equipment used in RF and Ham Radio testing, focusing on oscilloscopes, spectrum analyzers, and vector network analyzers. I cover the basics of each and demonstrate common uses of the equipment for RF testing on both homebrew and commercial equipment. I also introduce other testing tools, including temperature controlled oscillators, dummy loads, and attenuators.
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,220529),('4_Sunday','12','11:00','12:30','Y','HRV','','\'An Introduction to RF Test Equipment\'','\'Kurits Kopf\'','HRV_ad588544248d2c8f5ceb805ed9abc314','\'\'',NULL,220530),('4_Sunday','14','14:00','14:15','N','HRV','','\'Ham Radio Village Closing Commentary\'','\' \'','HRV_eb4e715fc919b199e6328b4cf8840ae2','\'Title: Ham Radio Village Closing Commentary
\nWhen: Sunday, Aug 8, 14:00 - 14:15 PDT
\nWhere: Ham Radio Village (Onsite - Bally\'s Bronze 1-2)
\n
\nDescription:
\nAs our village wraps up for this year, a huge thank you to everyone for participating!
\n\'',NULL,220531),('2_Friday','09','09:00','15:59','N','HRV','','\'Ham Radio Exams\'','\' \'','HRV_8fc9e96133326cdbb36fb1124eac7011','\'Title: Ham Radio Exams
\nWhen: Friday, Aug 6, 09:00 - 15:59 PDT
\nWhere: Ham Radio Village (Onsite - Bally\'s Bronze 1-2)
\n
\nDescription:
\nCome stop by the Ham Radio Village to get your amateur radio license during our free license exams! More info on the DEF CON fourms\n

\n\'',NULL,220532),('2_Friday','10','09:00','15:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_8fc9e96133326cdbb36fb1124eac7011','\'\'',NULL,220533),('2_Friday','11','09:00','15:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_8fc9e96133326cdbb36fb1124eac7011','\'\'',NULL,220534),('2_Friday','12','09:00','15:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_8fc9e96133326cdbb36fb1124eac7011','\'\'',NULL,220535),('2_Friday','13','09:00','15:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_8fc9e96133326cdbb36fb1124eac7011','\'\'',NULL,220536),('2_Friday','14','09:00','15:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_8fc9e96133326cdbb36fb1124eac7011','\'\'',NULL,220537),('2_Friday','15','09:00','15:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_8fc9e96133326cdbb36fb1124eac7011','\'\'',NULL,220538),('3_Saturday','12','12:00','17:59','N','HRV','','\'Ham Radio Exams\'','\' \'','HRV_4e1d4125cb6ab5de97aa38ab731084b7','\'Title: Ham Radio Exams
\nWhen: Saturday, Aug 7, 12:00 - 17:59 PDT
\nWhere: Ham Radio Village (Onsite - Bally\'s Bronze 1-2)
\n
\nDescription:
\nCome stop by the Ham Radio Village to get your amateur radio license during our free license exams! More info on the DEF CON fourms\n

\n\'',NULL,220539),('3_Saturday','13','12:00','17:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_4e1d4125cb6ab5de97aa38ab731084b7','\'\'',NULL,220540),('3_Saturday','14','12:00','17:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_4e1d4125cb6ab5de97aa38ab731084b7','\'\'',NULL,220541),('3_Saturday','15','12:00','17:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_4e1d4125cb6ab5de97aa38ab731084b7','\'\'',NULL,220542),('3_Saturday','16','12:00','17:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_4e1d4125cb6ab5de97aa38ab731084b7','\'\'',NULL,220543),('3_Saturday','17','12:00','17:59','Y','HRV','','\'Ham Radio Exams\'','\' \'','HRV_4e1d4125cb6ab5de97aa38ab731084b7','\'\'',NULL,220544),('2_Friday','09','09:00','10:59','N','PHV','','\'Web App Penetration Testing Workshop\'','\'Sunny Wear\'','PHV_6213f6bb37651be6c8cec264abc52fa1','\'Title: Web App Penetration Testing Workshop
\nWhen: Friday, Aug 6, 09:00 - 10:59 PDT
\nWhere: Packet Hacking Village - Workshops (Virtual)
\n
SpeakerBio:Sunny Wear\n, WEB SECURITY ARCHITECT AND PENETRATION TESTER
\nDr. Sunny Wear (Twitter: @SunnyWear) is a Web Security Architect and Penetration Tester. She provides secure coding classes, creates software, and performs penetration testing against web/API and mobile applications. Sunny has more than 25 years of hands-on software programming, architecture and security experience and holds a Doctor of Science in Cybersecurity. She is a published author, \"Burp Suite Cookbook\", a developer of mobile apps, such as the â€œBurp Tool Buddy,â€ and is a Pluralsight content creator, \"Burp Suite for Beginners/Advanced/Writing Plugins\". She regularly speaks and holds classes at security conferences such as Defcon, Hackfest, and BSides.\n
\nTwitter: @SunnyWear
\n\n
\nDescription:
\nGain hands-on experience learning how to perform web application penetration testing in this two-hour workshop with the author of the Burp Suite Cookbook, Dr. Sunny Wear. Students will learn Injections attacks such as Cross-site Scripting and SQL Injection attacks, brute-forcing tactics, and optimization techniques for Burp Suite including configurations and macros.\n
\n\'',NULL,220545),('2_Friday','10','09:00','10:59','Y','PHV','','\'Web App Penetration Testing Workshop\'','\'Sunny Wear\'','PHV_6213f6bb37651be6c8cec264abc52fa1','\'\'',NULL,220546),('2_Friday','12','12:00','13:59','N','PHV','','\'Hunting Evil with Wireshark\'','\'Michael Wylie\'','PHV_2e37881e2e8e32ed67a9580abc2ad728','\'Title: Hunting Evil with Wireshark
\nWhen: Friday, Aug 6, 12:00 - 13:59 PDT
\nWhere: Packet Hacking Village - Workshops (Virtual)
\n
SpeakerBio:Michael Wylie\n
\nMichael Wylie, MBA, CISSP is the Sr. Manager of a 24/7/365 global managed threat hunting team. Prior to his current role, he was the Director of Cybersecurity at a top 100 CPA firm where he built out the offensive/defensive security service practice. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Colleges, and for clients around the world. Michael is the winner of numerous SANS challenge coin and holds the following credentials: CISSP, CCNA R&S, GPEN, GMON, GCFE, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, CNVP, Microsoft Azure, and more.\n
\nTwitter: @themikewylie
\n\n
\nDescription:
\nThis workshop will take attendeesâ€™ Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and identifying anomalous network traffic. This workshop will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Throughout the workshop, weâ€™ll examine what different attacks and malware look like while using Wireshark. Attendees will then have hands-on time in the lab to search for Indicators of Compromise (IOCs) and TTPs utilizing staged packet capture files. Labs start out easy and quickly progress in difficulty. There will be plenty of take-home labs for additional practice.\n
\n\'',NULL,220547),('2_Friday','13','12:00','13:59','Y','PHV','','\'Hunting Evil with Wireshark\'','\'Michael Wylie\'','PHV_2e37881e2e8e32ed67a9580abc2ad728','\'\'',NULL,220548),('3_Saturday','09','09:00','10:59','N','PHV','','\'APT Hunting with Splunk\'','\'John Stoner\'','PHV_87d3eb3867d8e655c68ae9a9c73e5faf','\'Title: APT Hunting with Splunk
\nWhen: Saturday, Aug 7, 09:00 - 10:59 PDT
\nWhere: Packet Hacking Village - Workshops (Virtual)
\n
SpeakerBio:John Stoner\n, PRINCIPAL SECURITY STRATEGIST AT SPLUNK
\nJohn Stoner (Twitter: @stonerpsu) is a Principal Security Strategist at Splunk where he enjoys writing, problem solving and building stuff, including APT Scenarios. When not doing cyber things, you can find him watching his boys play hockey, reading or binge-watching TV series that everyone else has already seen.\n
\nTwitter: @stonerpsu
\n\n
\nDescription:
\nInterested in practicing your hunting skills? If so, this is the workshop for you. Using a real-worldish dataset, this workshop will teach you how to hunt the â€œfictionalâ€ APT group Violent Memmes. We discuss the Diamond model, building hypotheses, LM Kill Chain, and MITRE ATT&CK and how these concepts can frame your hunting. Using Splunk, we will hunt for APT activity riddling a small startup\'s environment. During the event, we will be presented with a \"notable event\" and pull on that string to conduct our own hunts based on indicators that we uncover or are identified. Depending on the hunt, we will uncover persistence, exfiltration, c2 and other adversary tactics. We may even find some PowerShell scripts. We will regroup and review the specific hunt conducted and discuss the timeline of events, a narrative that could be shared with others on your team, the artifacts that were uncovered to better identify potential future hunts, ATT&CK techniques referenced as well as what could be operationalized. At the end, we will highlight some additional datasets and content that you can take with you and try newly learned techniques yourself.
\n\'',NULL,220549),('3_Saturday','10','09:00','10:59','Y','PHV','','\'APT Hunting with Splunk\'','\'John Stoner\'','PHV_87d3eb3867d8e655c68ae9a9c73e5faf','\'\'',NULL,220550),('3_Saturday','12','12:00','13:59','N','PHV','','\'Security Investigations with Splunk\'','\'Robert Wagner\'','PHV_4f8cad5b5baad2e6cef48cf8922128a1','\'Title: Security Investigations with Splunk
\nWhen: Saturday, Aug 7, 12:00 - 13:59 PDT
\nWhere: Packet Hacking Village - Workshops (Virtual)
\n
SpeakerBio:Robert Wagner\n, SPLUNK AND CO-FOUNDER OF HAK4KIDZ
\nRobert Wagner (Twitter: @mr_minion) is a security professional with 15+ years of InfoSec experience. He is a co-founder of the â€œHak4Kidzâ€ charity, a co-organizer of BurbSec and BurbSecCon in Chicago, and is on the Board of Directors of the ISSA Chicago Chapter.\n
\nTwitter: @mr_minion
\n\n
\nDescription:
\nInvestigating with Splunk is a hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk and open source. This workshop provides users a way to gain experience searching in Splunk to answer specific questions related to an investigation. These questions are similar to what would be asked in their own organizations. The workshop leverages the popular Boss of the SOC (BOTS) dataset in a question-and-answer format. Users will leave with a better understanding of how Splunk can be used to investigate in their enterprise. The class includes access to download the free â€œInvestigating with Splunkâ€ app that can be used to review the exercises after the class.\n
\n\'',NULL,220551),('3_Saturday','13','12:00','13:59','Y','PHV','','\'Security Investigations with Splunk\'','\'Robert Wagner\'','PHV_4f8cad5b5baad2e6cef48cf8922128a1','\'\'',NULL,220552),('4_Sunday','09','09:00','10:59','N','PHV','','\'Intrusion Analysis and Threat Hunting with Suricata\'','\'Peter Manev,Josh Stroschein\'','PHV_38366b2d45138761e18739c0042ce890','\'Title: Intrusion Analysis and Threat Hunting with Suricata
\nWhen: Sunday, Aug 8, 09:00 - 10:59 PDT
\nWhere: Packet Hacking Village - Workshops (Virtual)
\nSpeakers:Peter Manev,Josh Stroschein
\n
SpeakerBio:Peter Manev\n, CSO OF STAMUS NETWORKS
\nPeter Manev (Twitter: @pevma) is a co-founder of Stamus Networks, where he acts as CSO. He has been an active OISF member for a decade and has a 15 year-long record of activity in the field of IT security. An adamant admirer and explorer of innovative open-source security software, Peter is also the lead developer of SELKS.\n
\nTwitter: @pevma
\n
SpeakerBio:Josh Stroschein\n, DIRECTOR OF IT TRAINING AT OPEN INFORMATION SECURITY FOUNDATION (OISF)
\nJosh Stroschein (Twitter: @jstrosch) is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is the Director of Training for OISF, where he leads all training activity for the foundation and is also responsible for academic outreach and developing research initiatives. Josh is also an Associate Professor of Cyber Security at Dakota State University where he teaches malware analysis and reverse engineering, an author on Pluralsight, and a threat researcher for Bromium.\n
\nTwitter: @jstrosch
\n\n
\nDescription:
\nIn todayâ€™s threat landscape, sophisticated adversaries have routinely demonstrated the ability to compromise enterprise networks and remain hidden for extended periods of time. In Intrusion Analysis and Threat Hunting with open-source Tools, you will learn how to dig deep into network traffic to identify key evidence that a compromise has occurred, learn how to deal with new forms of attack, and develop the skills necessary to proactively search for evidence of new breaches. We will explore key phases of adversary tactics and techniques - from delivery mechanisms to post-infection traffic to get hands-on analysis experience. Open-source tools such as Suricata and Moloch will be utilized to generate data, perform exhaustive traffic analysis, and develop comprehensive threat hunting strategies. By the end of this workshop, you will have the knowledge and skills necessary to discover new threats in your network.\n
\n\'',NULL,220553),('4_Sunday','10','09:00','10:59','Y','PHV','','\'Intrusion Analysis and Threat Hunting with Suricata\'','\'Peter Manev,Josh Stroschein\'','PHV_38366b2d45138761e18739c0042ce890','\'\'',NULL,220554),('4_Sunday','12','12:00','13:59','N','PHV','','\'Hands-On TCP Deep Dive with Wireshark\'','\'Chris Greer\'','PHV_a47130ce1944e76adeed9ae91b693ec6','\'Title: Hands-On TCP Deep Dive with Wireshark
\nWhen: Sunday, Aug 8, 12:00 - 13:59 PDT
\nWhere: Packet Hacking Village - Workshops (Virtual)
\n
SpeakerBio:Chris Greer\n, NETWORK ANALYST AND WIRESHARK INSTRUCTOR AT PACKET PIONEER
\nChris Greer is a network analyst and Wireshark instructor for Packet Pioneer, a Wireshark University partner. He has focused much of his career at the transport layer, specifically TCP, specializing in how this core protocol works to deliver applications, services, and attacks between systems. Chris is a regular speaker at Sharkfest - the Wireshark Developer and User Conference, as well as an author for Pluralsight.\n
\n\n
\nDescription:
\nA solid understanding of how TCP works is critical for anyone interested in cybersecurity. Almost all enumeration, incident response, and traffic forensics require the analyst to dig into and interpret TCP flows. In this video we will take a look at how TCP is used to investigate and establish connections, how data is transmitted and acknowledged, how connections are torn down, and what problem indicators should catch our eye in Wireshark. This video welcomes all cybersecurity and Wireshark experience levels.\n
\n\'',NULL,220555),('4_Sunday','13','12:00','13:59','Y','PHV','','\'Hands-On TCP Deep Dive with Wireshark\'','\'Chris Greer\'','PHV_a47130ce1944e76adeed9ae91b693ec6','\'\'',NULL,220556),('3_Saturday','10','10:00','10:59','N','PHV','','\'*nix Processes. Starting, Stopping, and Everything In Between\'','\'Nick Roy\'','PHV_7b8b8ab526968e4bd124b32805ffdc97','\'Title: *nix Processes. Starting, Stopping, and Everything In Between
\nWhen: Saturday, Aug 7, 10:00 - 10:59 PDT
\nWhere: Packet Hacking Village - Talks (Virtual)
\n
SpeakerBio:Nick Roy\n
\nNick Roy (Twitter: @superducktoes) currently works for a global security vendor creating training content and researching new attacker patterns and techniques. Previously he worked at an automation platform startup teaching people about the joys and benefits of automation. While not working he lives in Boston with his wife and two cats hunting out the best dive bars in Boston and solving math problems on college chalkboards overnight.\n
\nTwitter: @superducktoes
\n\n
\nDescription:
\nRecording discusses Linux and Unix processes, starting with a high level overview of what a process is and what the key components are. We then take a look at how the operating system manages multiple processes, what are the main components of a running process, and finally some common syscalls used in Linux when creating processes. Finally, we look at a few code samples to show how these calls are used with a simple shell. All code can be found here to compliment the video: https://github.com/superducktoes/syscall_processes
\n
All Packet Hacking Village talks will stream on YouTube, Twitch, Facebook, and Periscope.\n

\'',NULL,220557),('2_Friday','10','10:00','10:59','N','PHV','','\'Internet Protocol (IP)\'','\'Roy Feng\'','PHV_129a7d3e0ef2ea215ba4871a5fa4fc3d','\'Title: Internet Protocol (IP)
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: Packet Hacking Village - Talks (Virtual)
\n
SpeakerBio:Roy Feng\n
\nRoy Feng (Twitter: @LPF613) is a networking and cybersecurity enthusiast. He has six years of experience working as a network engineer and one year working in threat intelligence. His latest role is at a managed security service provider, where he leads a team of incident responders and threat hunters to help investigate and respond to incidents as well as hunt for threats in customer environments. In his spare time, Roy can be seen building and maintaining his home lab, and learning about and tinkering with the latest and greatest technologies.\n
\nTwitter: @LPF613
\n\n
\nDescription:
\nThe Internet Protocol is one of the foundational protocols of the Internet, and is what keeps devices connected. This video talks about the fundamentals of the Internet Protocol.\n
\n
All Packet Hacking Village talks will stream on YouTube, Twitch, Facebook, and Periscope.\n

\'',NULL,220558),('3_Saturday','11','11:00','11:59','N','PHV','','\'Linux Binary Analysis w/ Strace\'','\'Jared Stroud\'','PHV_cc35ac09ee4a2fa0450e29d9d006fa90','\'Title: Linux Binary Analysis w/ Strace
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: Packet Hacking Village - Talks (Virtual)
\n
SpeakerBio:Jared Stroud\n, LACEWORK
\nJared Stroud (Twitter: @DLL_Cool_J) is a Cloud Security Researcher at Lacework where he focuses on emerging Linux and Cloud platform threats. Previously, he worked at The MITRE Corporation where he contributed Unix and Windows tooling for the ATT&CK Fin7/CARBANAK Evaluation and the Open Source adversary emulation utility CALDERA.\n
\nTwitter: @DLL_Cool_J
\n\n
\nDescription:
\nThe strace utility allows for deep insight into what an application is doing on a nix host. While the amount of data produced can be overwhelming, in this video I\'ll demonstrate how to filter, log and obtain relevant information for a wide variety of use cases around file analysis. From diagnosing a bisheaving application, to revealing a malware\'s secrets. This video will give a practical introduction in using strace to spy on *nix applications at the syscall level. All resources can be found here: https://www.github.com/lacework-dev/strace_lab_PUBLIC
\n
All Packet Hacking Village talks will stream on YouTube, Twitch, Facebook, and Periscope.\n

\'',NULL,220559),('2_Friday','11','11:00','11:59','N','PHV','','\'MITRE Engage: A Framework for Adversary Engagement Operations\'','\'Stan Bar,Gabby Raymond,Maretta Morovitz\'','PHV_9348b9a580653a6e102b11b082d642e7','\'Title: MITRE Engage: A Framework for Adversary Engagement Operations
\nWhen: Friday, Aug 6, 11:00 - 11:59 PDT
\nWhere: Packet Hacking Village - Talks (Virtual)
\nSpeakers:Stan Bar,Gabby Raymond,Maretta Morovitz
\n
SpeakerBio:Stan Bar\n
\nDr. Stanley Barr is a three-time graduate of University of Massachusetts Lowell. He has a BS in Information Sciences, an MS in Mathematics, and a PhD in Computer Science. He has coauthored papers in malware analysis, barrier coverage problems, expert systems for network security, and robotic manufacturing. He has spoken at MILCOM and been a panelist for several conferences. Additionally, he has appeared on several podcasts on adversary engagement and presented at TEDx. Currently, he is a Principal Scientist at The MITRE Corporation. He currently is the Capability Area Leader for Cyber Denial, Deception, and Adversary Engagement. Stan lives with his wife, 5 rescue dogs, and 15 chickens.\n
\n
SpeakerBio:Gabby Raymond\n, CO-CAPABILITY AREA LEAD, CYBER DENIAL, DECEPTION, AND ADVERSARY ENGAGEMENT, THE MITRE CORPORATION
\nGabby Raymond is a two-time graduate from Tufts University. She holds a B.S. in Mathematics and Computer Science and a M.S. in Computer Science. Her research has spanned topics in intrusion detection, cyber-physical systems, and machine learning applications for security. Gabby recently co-authored a Choose Your Own Adventure style book called \"The Toolbox of Innovation\" with members of MITRE\'s Innovation Toolkit team. Outside of work, Gabby enjoys knitting and judging science fairs. Gabby is the Co-Capability Area Lead for Cyber Deception and Adversary Engagement at The MITRE Corporation.\n
\n
SpeakerBio:Maretta Morovitz\n, SENIOR CYBER SECURITY ENGINEER, THE MITRE CORPORATION
\nMaretta Morovitz is a graduate of Tufts University School of Engineering, where she graduated with a degree in Computer Science. She is a Senior Cyber Security Engineer at the MITRE Corporation where she works in the areas of adversary engagement, malware analysis, and reverse engineering. She is a founding member of MITRE\'s Cyber Deterrence and Adversary Management (CDAM) team and has helped shape MITRE\'s adversary engagement work for the last two years. She was recently named as one fo the AFCEA 40 Under 40 Awardees for 2021. Outside of work you can find her nerding out about the latest Brandon Sanderson novel, still anxiously awaiting her letter from Hogwarts, or snuggling with her dog and hedgehog.\n
\n\n
\nDescription:
\nFor 10+ years MITRE has been engaged in denial, deception, and adversary engagement operations for internal defense and research purposes. We have created MITRE Engage as a framework for planning and communicating about adversary engagement operations. In our talk we include:\n

A brief overview of what we mean when we say denial, deception, and adversary engagement\n
Our vision for the future and why we think this technology matters\n
A brief history of our past experiences (and failures) in this space and how that shaped where we are today\n
The official release of MITRE Engage 0.9 Beta and ask for community feedback\n
A fictional walkthrough of how you can use Engage to get started in adversary engagement operations

\n\n
All Packet Hacking Village talks will stream on YouTube, Twitch, Facebook, and Periscope.\n

\'',NULL,220560); INSERT INTO `events` VALUES ('3_Saturday','12','12:00','12:59','N','PHV','','\'RCE via Meow Variant along with an Example 0day\'','\'Ã–zkan Mustafa AKKUÅž\'','PHV_2e091e7dd5b07ebebebf60ca29d452a4','\'Title: RCE via Meow Variant along with an Example 0day
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: Packet Hacking Village - Talks (Virtual)
\n
SpeakerBio:Ã–zkan Mustafa AKKUÅž\n, SENIOR CYBER SECURITY CONSULTANT AND VULNERABILITY RESEARCHER AT TURK TELEKOM
\nOzkan (Twitter: @ehakkus) is a vulnerability researcher and senior cyber security consultant in Turkey. Ozkan publishes security vulnerabilities on international platforms that he has discovered. He shares his experiences and works on his personal blog (https://www.pentest.com.tr). He gave training and presentations in many universities and institutions in his country. In addition to these studies, He gave the presentation of \"The Vulnerability That Gmail Overlooked and Enabling Threat Hunting\" in Packet Hacking Village at DEF CON 28 and \"0day Hunting and RCE Exploitation in Web Applications\" in AppSec Village at DEF CON 27.\n
\nTwitter: @ehakkus
\n\n
\nDescription:
\nI will touch Some Alternative Bypass Restriction Techniques. Then I will present a vulnerability of Ericsson Network Location that provides the infrastructure of the research and we are going to touch on the meow variant with details through this vulnerability Towards the end we are going to prepare a Metasploit module and exploit the vulnerability.\n
\n
All Packet Hacking Village talks will stream on YouTube, Twitch, Facebook, and Periscope.\n

\'',NULL,220561),('3_Saturday','09','09:00','09:59','N','PHV','','\'Seeing the Forest Through the Trees â€“ Foundations of Event Log Analysis\'','\'Jake Williams\'','PHV_6d8277e2794d0666b885d56d0ffe1691','\'Title: Seeing the Forest Through the Trees â€“ Foundations of Event Log Analysis
\nWhen: Saturday, Aug 7, 09:00 - 09:59 PDT
\nWhere: Packet Hacking Village - Talks (Virtual)
\n
SpeakerBio:Jake Williams\n, CTO OF BREACHQUEST
\nJake Williams (Twitter: @malwarejake) is an incident responder, red teamer, occasional vCISO, and prolific infosec shitposter. He has traveled the world, but isn\'t welcome in China or Russia (and avoids most countries they have extradition treaties with). When not speaking at a conference like this one, it\'s a good bet that Jake is engaged in hand to hand combat with an adversary rooted deep in a network or engineering ways to keep them out. Jake\'s career in infosec started in the intelligence community, but has taken around the world securing networks of all shapes and sizes, from utilities to hospitals to manufacturing plants.\n
\nTwitter: @malwarejake
\n\n
\nDescription:
\nDuring an incident, everyone knows you need to review the logs â€“ but what are they actually telling you? There\'s a wealth of information to be had in your logs event logs, but most analysts miss the forest because they don\'t understand the trees. In this talk, Jake will walk you through some of the most impactful event logs to focus on in your analysis. We\'ll target some old favorites covering login events, service creation, and process execution. We\'ll also examine task scheduler logs, useful in uncovering lateral movement and privilege escalation. Finally, we\'ll discuss some of the new event logs available in Windows 10 (if only you enable them first). If you don\'t want to be barking up the wrong tree during your next insider investigation or getting axed because you failed to identify the lateral movement attempts, make sure to watch this video.\n
\n
All Packet Hacking Village talks will stream on YouTube, Twitch, Facebook, and Periscope.\n

\'',NULL,220562),('2_Friday','12','12:00','12:59','N','PHV','','\'Seeing Through The Windows: Centralizing Windows Logs For Greater Visibility\'','\'Matthew Gracie\'','PHV_43143af9afb7ea9578174854341e4e4d','\'Title: Seeing Through The Windows: Centralizing Windows Logs For Greater Visibility
\nWhen: Friday, Aug 6, 12:00 - 12:59 PDT
\nWhere: Packet Hacking Village - Talks (Virtual)
\n
SpeakerBio:Matthew Gracie\n, SENIOR ENGINEER AT SECURITY ONION SOLUTIONS
\nMatthew Gracie (Twitter: @InfosecGoon) has over a decade of experience in information security, working to defend networks in higher education, manufacturing, and financial services. He is currently a Senior Engineer at Security Onion Solutions and the founder of the Infosec 716 monthly meetup. Matt enjoys good beer, mountain bikes, Debian-based Linux distributions, and college hockey.\n
\nTwitter: @InfosecGoon
\n\n
\nDescription:
\nThis talk is a brief summary of how to collect and centralize Windows Event Logs for analysis and free tools that can be used to do so. There is also a demonstration of how to use Elastic Stack to investigate an incident using these collected logs.\n
\n
All Packet Hacking Village talks will stream on YouTube, Twitch, Facebook, and Periscope.\n

\'',NULL,220563),('2_Friday','09','09:00','09:59','N','PHV','','\'The War for Control of DNS Encryption\'','\'Paul Vixie\'','PHV_fff8f7e5878775478ebc2c34f3414fd7','\'Title: The War for Control of DNS Encryption
\nWhen: Friday, Aug 6, 09:00 - 09:59 PDT
\nWhere: Packet Hacking Village - Talks (Virtual)
\n
SpeakerBio:Paul Vixie\n, CHAIRMAN AND CEO AND COFOUNDER OF FARSIGHT SECURITY, INC
\nDr. Paul Vixie (Twitter: @PaulVixie) is an Internet pioneer. Currently, he is the Chairman, Chief Executive Officer and Cofounder of Farsight Security, Inc. He was inducted into the Internet Hall of Fame in 2014 for work related to DNS and DNSSEC. Dr. Vixie is a prolific author of open-source Internet software including BIND, and of many Internet standards documents concerning DNS and DNSSEC. In addition, he founded the first anti-spam company (MAPS, 1996), the first non-profit Internet infrastructure software company (ISC, 1994), and the first neutral and commercial Internet exchange (PAIX, 1991). He earned his Ph.D. from Keio University.
\nTwitter: @PaulVixie
\n\n
\nDescription:
\nPervasive monitoring of the Internet by both government, corporate, and criminal actors has triggered an encryption wavefront as wide as the Internet itself. DNS, as the map of the Internet\'s territory, is seen as especially sensitive and there are now several competing encryption standards waiting to be deployed. In this short talk, Dr. Vixie will explain the original problem, describe the protocol-level solutions, and then show how vendors like Google, Mozilla Corporation, Microsoft, and Apple are deploying these technologies across their product lines. Opinions may also be offered.\n
\n
All Packet Hacking Village talks will stream on YouTube, Twitch, Facebook, and Periscope.\n

\'',NULL,220564),('2_Friday','10','10:00','11:50','N','HTSV','','\'AIS Tools Demo (DEF CON)\'','\'Gary Kessler\'','HTSV_bce52a9b3eddf28d1b7b3bf7abcef465','\'Title: AIS Tools Demo (DEF CON)
\nWhen: Friday, Aug 6, 10:00 - 11:50 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:Gary Kessler\n
\nGary Kessler, Ph.D., CISSP is a principal consultant at Fathom5, a retired professor of cybersecurity, and co-author of \"Maritime Cybersecurity: A Guide for Leaders and Managers.\" He is a past speaker at DEFCON, where he has presented on AIS cybersecurity vulnerabilities and an encryption-based demonstration-of-capability method to mitigate some of those vulnerabilities. Gary\'s background is in mathematics and computer science, and he has spent several decades teaching about network protocols, data communications, digital forensics, and information security. He holds a leadership position in USCG Auxiliary cybersecurity efforts, is a Master SCUBA Diver Trainer, and holds a 50GT captain license.
\n\n
\nDescription:
\nThis is a placeholder event.
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220565),('2_Friday','11','10:00','11:50','Y','HTSV','','\'AIS Tools Demo (DEF CON)\'','\'Gary Kessler\'','HTSV_bce52a9b3eddf28d1b7b3bf7abcef465','\'\'',NULL,220566),('2_Friday','12','12:00','12:55','N','HTSV','','\'Intro to SeaTF, Salty Sensor, and Tin Foil Competitions\'','\'\'','HTSV_0abe0d84f801ea015eb4120cf0a92778','\'Title: Intro to SeaTF, Salty Sensor, and Tin Foil Competitions
\nWhen: Friday, Aug 6, 12:00 - 12:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220567),('2_Friday','13','13:00','13:55','N','HTSV','','\'AIS Protocol Internals (Abridged)\'','\'Gary Kessler\'','HTSV_f6aed37cac48435d3f5f6bb88718b51f','\'Title: AIS Protocol Internals (Abridged)
\nWhen: Friday, Aug 6, 13:00 - 13:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:Gary Kessler\n
\nGary Kessler, Ph.D., CISSP is a principal consultant at Fathom5, a retired professor of cybersecurity, and co-author of \"Maritime Cybersecurity: A Guide for Leaders and Managers.\" He is a past speaker at DEFCON, where he has presented on AIS cybersecurity vulnerabilities and an encryption-based demonstration-of-capability method to mitigate some of those vulnerabilities. Gary\'s background is in mathematics and computer science, and he has spent several decades teaching about network protocols, data communications, digital forensics, and information security. He holds a leadership position in USCG Auxiliary cybersecurity efforts, is a Master SCUBA Diver Trainer, and holds a 50GT captain license.
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220568),('2_Friday','14','14:00','15:50','N','HTSV','','\'In-person broadcast via demolabs\'','\'Constantine Macris\'','HTSV_9d97fb548c246f85b956d1619175d2e8','\'Title: In-person broadcast via demolabs
\nWhen: Friday, Aug 6, 14:00 - 15:50 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:Constantine Macris\n
\nNo BIO available
\n\n
\nDescription:
\nThis is a placeholder event.
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220569),('2_Friday','15','14:00','15:50','Y','HTSV','','\'In-person broadcast via demolabs\'','\'Constantine Macris\'','HTSV_9d97fb548c246f85b956d1619175d2e8','\'\'',NULL,220570),('3_Saturday','10','10:00','10:55','N','HTSV','','\'OSINT Tales: What the Public Knows About Russiaâ€™s New Mega-Submarine\'','\'H I Sutton\'','HTSV_122248b28c94ab8bb6d30029a735ae4f','\'Title: OSINT Tales: What the Public Knows About Russiaâ€™s New Mega-Submarine
\nWhen: Saturday, Aug 7, 10:00 - 10:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:H I Sutton\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220571),('3_Saturday','11','11:00','11:55','N','HTSV','','\'Cyber-SHIP Lab Talk and Demo\'','\'Kevin Jones,Kimberley Tam\'','HTSV_eb3fdf696ef24bfb5789581626665080','\'Title: Cyber-SHIP Lab Talk and Demo
\nWhen: Saturday, Aug 7, 11:00 - 11:55 PDT
\nWhere: Hack the Sea (Virtual)
\nSpeakers:Kevin Jones,Kimberley Tam
\n
SpeakerBio:Kevin Jones\n
\nNo BIO available
\n
SpeakerBio:Kimberley Tam\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220572),('3_Saturday','12','12:00','12:55','N','HTSV','','\'Cyber in the Under Sea\'','\'David Strachan\'','HTSV_456ebd764e41b23c04d00b12697da32c','\'Title: Cyber in the Under Sea
\nWhen: Saturday, Aug 7, 12:00 - 12:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:David Strachan\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220573),('4_Sunday','10','10:00','10:55','N','HTSV','','\'Less Jaw Work, More Paw Work: Why We Need to Start â€œDoingâ€ Cyber\'','\'Cliff Neve\'','HTSV_67d43926792680b00b6b5d37a7bcd04d','\'Title: Less Jaw Work, More Paw Work: Why We Need to Start â€œDoingâ€ Cyber
\nWhen: Sunday, Aug 8, 10:00 - 10:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:Cliff Neve\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220574),('3_Saturday','15','15:00','15:55','N','HTSV','','\'US Coast Guard 2021 Cyber Strategic Outlook\'','\'Michael Chien\'','HTSV_83c5eceb72d67b7b824fe404025e92a4','\'Title: US Coast Guard 2021 Cyber Strategic Outlook
\nWhen: Saturday, Aug 7, 15:00 - 15:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:Michael Chien\n, CDR, USCG Cyber
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220575),('3_Saturday','13','13:00','13:55','N','HTSV','','\'Sea Pods\'','\'Grant Romundt\'','HTSV_c1786d0301c39e8a0ad03a6ece0ddb35','\'Title: Sea Pods
\nWhen: Saturday, Aug 7, 13:00 - 13:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:Grant Romundt\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220576),('4_Sunday','11','11:00','11:55','N','HTSV','','\'Hack the Wind\'','\'Mary Ann Hoppa\'','HTSV_061cefef4265466e80fffb88a40ead82','\'Title: Hack the Wind
\nWhen: Sunday, Aug 8, 11:00 - 11:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:Mary Ann Hoppa\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220577),('4_Sunday','12','12:00','12:55','N','HTSV','','\'Cyber Risk Management in the MTS\'','\'Josie Long,Kelley Edwards\'','HTSV_b4ff60d5c335fdd316e15bb847b40690','\'Title: Cyber Risk Management in the MTS
\nWhen: Sunday, Aug 8, 12:00 - 12:55 PDT
\nWhere: Hack the Sea (Virtual)
\nSpeakers:Josie Long,Kelley Edwards
\n
SpeakerBio:Josie Long\n, USCG Cyber
\nNo BIO available
\n
SpeakerBio:Kelley Edwards\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220578),('4_Sunday','13','13:00','13:55','N','HTSV','','\'SeaTF, Pirate Hat, and Salty Sensor Results, Closing Statements\'','\'Brian Satira\'','HTSV_74c8bf370c3eed589ca0ef0ae56dd43d','\'Title: SeaTF, Pirate Hat, and Salty Sensor Results, Closing Statements
\nWhen: Sunday, Aug 8, 13:00 - 13:55 PDT
\nWhere: Hack the Sea (Virtual)
\n
SpeakerBio:Brian Satira\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,220579),('2_Friday','07','07:00','07:59','N','ICSV','','\'Tabletop Exercise - GRIMM\'','\'\'','ICSV_4295cdfd537fc9b4d7f5d6d8cf397d1d','\'Title: Tabletop Exercise - GRIMM
\nWhen: Friday, Aug 6, 07:00 - 07:59 PDT
\nWhere: ICS Village (Virtual)
\n
\nDescription:No Description available
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220580),('2_Friday','10','10:00','10:59','N','ICSV','','\'Keynote - PW Singer\'','\'PW Singer\'','ICSV_7c6cb17c740b017eb4ca840a24c0cf97','\'Title: Keynote - PW Singer
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:PW Singer\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220581),('2_Friday','10','10:30','11:30','N','ICSV','','\'Tabletop Exercise - GRIMM\'','\'\'','ICSV_bdab0f55a566c5186b2896ba3d6f6836','\'Title: Tabletop Exercise - GRIMM
\nWhen: Friday, Aug 6, 10:30 - 11:30 PDT
\nWhere: ICS Village (Virtual)
\n
\nDescription:No Description available
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220582),('2_Friday','11','10:30','11:30','Y','ICSV','','\'Tabletop Exercise - GRIMM\'','\'\'','ICSV_bdab0f55a566c5186b2896ba3d6f6836','\'\'',NULL,220583),('2_Friday','11','11:30','12:30','N','ICSV','','\'Your Infrastructure is Encrypted: Protecting Critical Infrastructure from Ransomware\'','\'David Etue,Ernie Bio,Jamil Jaffer,Jennifer DeTrani\'','ICSV_d8de1b282d0c178062e92fe533e7a3f6','\'Title: Your Infrastructure is Encrypted: Protecting Critical Infrastructure from Ransomware
\nWhen: Friday, Aug 6, 11:30 - 12:30 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:David Etue,Ernie Bio,Jamil Jaffer,Jennifer DeTrani
\n
SpeakerBio:David Etue\n
\nNo BIO available
\n
SpeakerBio:Ernie Bio\n
\nNo BIO available
\n
SpeakerBio:Jamil Jaffer\n, National Security Institute
\nJamil currently serves as Founder and Executive Director of the National Security Institute and as an Assistant Professor of Law and Director of the National Security Law & Policy Program at the Antonin Scalia Law School at George Mason University. He also currently serves as Vice President for Strategy, Partnerships & Corporate Development at IronNet Cybersecurity, a startup technology firm founded by former NSA Director Gen. (ret.) Keith B. Alexander. Jamil also serves on the Board of Directors for the Greater Washington Board of Trade, is a member of the Boardâ€™s Smart Region Movement Strategic Advisory Counsel, and is a co-chair of the SRMâ€™s Cyber, Data Management, and Privacy Solution Group. Jamil is also an advisor to Beacon Global Strategies, a strategic advisory firm specializing in international policy, defense, cyber, intelligence, and homeland security; 4iQ, a technology startup focused on deep and dark web intelligence and identity theft protection; Duco, a technology platform startup that connects corporations with geopolitical and international business experts; and Amber, a digital authentication and verification startup.
\nTwitter: @Jamil_n_jaffer
\n
SpeakerBio:Jennifer DeTrani\n
\nNo BIO available
\n\n
\nDescription:
\nThe recent attacks against Colonial Pipeline, JBS, and others have made it clear just how vulnerable U.S. Critical Infrastructure is to ransomware. While these attacks have been grabbing headlines, the path forward has not. A variety of tools and approaches will need to be tested by both the government and private sector to push back against the threat of ransomware and protect critical infrastructure from future attacks.\n

This panel brings together a variety of perspectives from the government, technology, and venture capital sectors to chart the path forward and detail what steps government and the private sector can take individually and together to protect critical infrastructure across the country.\n

\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220584),('2_Friday','12','11:30','12:30','Y','ICSV','','\'Your Infrastructure is Encrypted: Protecting Critical Infrastructure from Ransomware\'','\'David Etue,Ernie Bio,Jamil Jaffer,Jennifer DeTrani\'','ICSV_d8de1b282d0c178062e92fe533e7a3f6','\'\'',NULL,220585),('2_Friday','12','12:30','12:59','N','ICSV','','\'Do We Really Want to Live in the Cyberpunk World?\'','\'Mert Can Kilic\'','ICSV_29908370b673e52dcf855f17a3130dec','\'Title: Do We Really Want to Live in the Cyberpunk World?
\nWhen: Friday, Aug 6, 12:30 - 12:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Mert Can Kilic\n, Barikat Cyber Security
\nMsC. Comp. Engineer, Tinker, Maker, Love Legos
\n\n
\nDescription:
\nWhat are the possible future threats when it comes to cyber physical systems? Human augmentations, insulin pumps, and brain computer interfaces are inevitable, but how will their security and possible incidents affect our world?
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220586),('2_Friday','13','13:00','13:59','N','ICSV','','\'Tabletop Exercise - GRIMM\'','\'\'','ICSV_d7313732d9348e7ea0b665614b905c50','\'Title: Tabletop Exercise - GRIMM
\nWhen: Friday, Aug 6, 13:00 - 13:59 PDT
\nWhere: ICS Village (Virtual)
\n
\nDescription:No Description available
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220587),('2_Friday','13','13:00','13:30','N','ICSV','','\'Beetlejuice: The Lessons We Should Have Learned For ICS Cybersecurity\'','\'Tim Yardley\'','ICSV_3109852ca9329aa4d615741946029d3f','\'Title: Beetlejuice: The Lessons We Should Have Learned For ICS Cybersecurity
\nWhen: Friday, Aug 6, 13:00 - 13:30 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Tim Yardley\n, University of Illinois Urbana-Champaign
\nTim Yardley is a Principal Research Scientist and Associate Director at the Information Trust Institute (ITI) in the University of Illinois Urbana-Champaign. He works on trustworthiness and resiliency in critical infrastructure. Much of his work has focused on experimentation frameworks, device analytics, assessments, verification and validation, intrusion detection and data fusion approaches. Enough of the boring bioâ€™s though, letâ€™s have some fun.
\nTwitter: @timyardley
\n\n
\nDescription:
\nIn this talk I will present the top 15 quotes from redacted and how we can transform them to operational advice to improve ICS cyber security. Hold tight, this is going to be a wild ride.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220588),('2_Friday','13','13:30','13:59','N','ICSV','','\'Scripts and Tools to Help Your ICS InfoSec Journey\'','\'Don C. Weber\'','ICSV_a68f391b56c18522bda8ccec836ee3d9','\'Title: Scripts and Tools to Help Your ICS InfoSec Journey
\nWhen: Friday, Aug 6, 13:30 - 13:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Don C. Weber\n, Founder, Cutaway Security
\nDon C. Weber is a Principal Consultant at and Founder of Cutaway Security, LLC and a Certified SANS Instructor. He specializes in providing information security consulting services to organizations with control environments. In his free time he assists with the ICS Village and provides mentoring and teaching for other information security professionals.\"
\nTwitter: @cutaway
\n\n
\nDescription:
\nConducting security assessments and gathering information from control environments are obviously different than doing the same tasks in a corporate environment. But, where do you start? Don will outline some of the tools to conduct research, perform assessments, and gather information. He will review some of the scripts the Cutaway Security team has developed to make this easier for administrators, information security professionals, and operational technology teams teams.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220589),('2_Friday','14','14:00','14:59','N','ICSV','','\'Consider the (Data) Source\'','\'Dan Gunter\'','ICSV_0d090ca42a96688419eb36d8c73716b6','\'Title: Consider the (Data) Source
\nWhen: Friday, Aug 6, 14:00 - 14:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Dan Gunter\n, Founder and CEO of Insane Forensics
\nDan Gunter is the Founder and CEO of Insane Forensics; a cybersecurity company focused on the scaled analysis of memory, disk, and network data in mission-critical networks. Before Insane Forensics, Dan was Director of R&D at Dragos and served in the US Air Force.\"
\nTwitter: @dan_gunter
\n\n
\nDescription:
\nProtecting industrial control systems involves a variety of challenges, from low tolerance of downtime to requiring a very deliberate combination of approaches and tools to ensure the integrity and availability of the environment. These environmental challenges can often stovepipe our thoughts around how we can respond to threats to control systems in making us think that one source of data is the only option. In this talk, we will consider the strengths and weaknesses of different data sources to include network and host sources. Using data from MITRE Engenuity\'s recent ICS ATT&CK evaluation, we will talk about known attacker TTPs, how to detect TTPs, and how to improve the chance of adversary detection by diversifying data sources. As collecting and processing more data is both a technical and staffing challenge, we will discuss how analysis can scale without requiring a significant resource increase.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220590),('2_Friday','15','15:00','15:30','N','ICSV','','\'Approaches to Attract, Develop, and Retain an Industrial Cybersecurity Workforce\'','\'John Ellis,Julia Atkinson\'','ICSV_e7d6eeda7388f70fedd9d4b6c6e5e12e','\'Title: Approaches to Attract, Develop, and Retain an Industrial Cybersecurity Workforce
\nWhen: Friday, Aug 6, 15:00 - 15:30 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:John Ellis,Julia Atkinson
\n
SpeakerBio:John Ellis\n, Siemens Energy
\nJohn Ellis has 10 years of experience in global customer-centric strategic and business roles with a focus on relationship building, commercial intelligence, strategic advisory, and transforming technological innovation into business success. In his current role as the Global Head of Industrial Cyber Alliances at Siemens Energy, he works to develop partnerships between industry, academia, and government to solve some of the most challenging critical infrastructure cybersecurity challenges. John holds a BS in Mechanical Engineering and an MS in Engineering Management from the University of Maryland Baltimore County, an MBA from Johns Hopkins Carey Business School, and an MPS in Cybersecurity and Information Assurance from Penn State.
\n
SpeakerBio:Julia Atkinson\n, Siemens Energy
\nJulia Atkinson has 10 years of relationship building experience across multiple sectors including business, government, NGO, and journalism. As a Global Cyber Program Alliance Manager at Siemens Energy, Julia believes in the power of diverse partnerships in solving todayâ€™s cybersecurity challenges. Julia graduated with her Masterâ€™s Degree in International Economics and Strategic Studies from The Johns Hopkins School of Advanced International Studies and holds a Bachelorâ€™s in Political Science from Yale University.
\n\n
\nDescription:
\nGaps in the industrial cybersecurity workforce leave critical infrastructure assets vulnerable to attack. In a 2020 ICS2 report, 64% of companies reported a significant or slight shortage of cybersecurity professionals. At the same time, 56% of companies reported that their organization is extremely or moderately at risk due to the cyber workforce shortage. A National Initiative for Cybersecurity Education (NICE) report found that industry-wide there was only one qualified worker to fill every 10 cybersecurity jobs in 2020. To protect the cyber-physical systems that form the lifeblood of the economy, something needs to be done to develop the ICS/OT cybersecurity workforce pipeline. This session will present models to attract, develop, and retain talent in industrial cybersecurity.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220591),('2_Friday','15','15:30','15:59','N','ICSV','','\'It Takes a Village (and a generous grant): Students Performing ICS Security Assessments\'','\'Alexander Vigovskiy,Christopher Von Reybyton,Dennis Skarr\'','ICSV_e6023beded95b9b1b1b24cb0cf43cd93','\'Title: It Takes a Village (and a generous grant): Students Performing ICS Security Assessments
\nWhen: Friday, Aug 6, 15:30 - 15:59 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:Alexander Vigovskiy,Christopher Von Reybyton,Dennis Skarr
\n
SpeakerBio:Alexander Vigovskiy\n
\nNo BIO available
\n
SpeakerBio:Christopher Von Reybyton\n
\nNo BIO available
\n
SpeakerBio:Dennis Skarr\n, Everett Community College
\nDennis Skarr is tenured faculty at Everett Community College (EvCC) where he teaches Information Technology. His teaching endeavors resulted in receiving the 2019 Exceptional Faculty Award from EvCC. Dennis is currently building an Industrial Security Program for EvCC that includes classes, workshops, and Capture the Flag competitions.\n

Dennis has an extensive background in performing security assessments on a variety of industrial control systems. While Dennis was with the National Guard he created a two-week training program for cyber operators to receive special qualifications for missions involving cyber-physical systems. Dennis spent over 10 years performing assessments for the National Guard on critical systems that included building automation systems, electrical utilities, and voting systems. In 2016, Dennisâ€™ work at the Guard contributed to US Secretary of Defense Ash Carter visiting his unit for a briefing on their capabilities and achievements.\n

\nTwitter: @DennisSkarr
\n\n
\nDescription:
\nEverett Community College (EvCC) recently launched a 5 credit class titled â€œAssessing and Securing Control Systemsâ€ utilizing custom-developed ICS trainers by GRIMM. Performing a mock assessment on the nationâ€™s first 10 foot ICS wall at a community college, students completed their capstone exercise for the EvCCâ€™s first class dedicated to ICS security. This presentation has multiple students sharing their experiences related to why they chose this class, what they gained, and their career goals after the competition.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220592),('3_Saturday','10','10:00','11:59','N','ICSV','','\'CybatiWorks Mission Station Workshop\'','\'Matthew Luallen\'','ICSV_8927f3151492077d0c4dc383af52148c','\'Title: CybatiWorks Mission Station Workshop
\nWhen: Saturday, Aug 7, 10:00 - 11:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Matthew Luallen\n, Chief Executive Inventor, IntelliGenesis
\nMatthew E. Luallen is the Chief Executive Inventor of IntelliGenesis, LLC. He leads the company in further developing and expanding training services to enhance the understanding of, and provide protection from, cyber-physical threats. IntelliGenesis acquired CybatiWorksâ„¢ where Luallen served as a Co-Founder of CYBATI. He also served as a Co-Founder of Dragos Security co-developing CyberLensâ„¢ for Operational Technology device and communications discovery and analysis. He was a Co-Founder of Encari, a NERC CIP cybersecurity consulting firm helping the US and Canadian power grid defend strategic assets from cyber-physical attacks. He was an Information Security Network Engineer and Architect at Argonne National Laboratory. He is a 22-year CCIE and an 18-year Certified Instructor for the SANS Institute.
\nTwitter: @cybati
\n\n
\nDescription:
\nIntroduce, demonstrate and provide an interactive overview of the CybatiWorks exploratory cyber-physical mission station workshop. Participants mission station exercises cover an introduction to cyber-physical topics of logic, sensors and actuators, OT system architecture, communication protocols and data analysis. Participant mission station access is provided on a first-serve (FIFO) basis.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220593),('3_Saturday','11','10:00','11:59','Y','ICSV','','\'CybatiWorks Mission Station Workshop\'','\'Matthew Luallen\'','ICSV_8927f3151492077d0c4dc383af52148c','\'\'',NULL,220594),('3_Saturday','12','12:00','12:59','N','ICSV','','\'Fireside Chat - August Cole\'','\'August Cole\'','ICSV_d0080519c696eae38b7e5442d544c420','\'Title: Fireside Chat - August Cole
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:August Cole\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220595),('3_Saturday','13','13:00','13:30','N','ICSV','','\'Toward a Collaborative Cyber Defense and Enhanced Threat Intelligence Structure\'','\'Lauren Zabierek\'','ICSV_1f6fdf0e88fe3400da05fc0f06e8ceb6','\'Title: Toward a Collaborative Cyber Defense and Enhanced Threat Intelligence Structure
\nWhen: Saturday, Aug 7, 13:00 - 13:30 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Lauren Zabierek\n, Harvard Kennedy School\'s Belfer Center for Science and International Affairs
\nLauren Zabierek is the Executive Director of the Cyber Project at Harvard Kennedy Schoolâ€™s Belfer Center. She comes to this role as a 2019 graduate of the Kennedy School\'s mid-career MPA program.\n

Lauren served as an intelligence officer in the United States Air Force at the beginning of her career. Later, as a civilian intelligence analyst with the National Geospatial Intelligence Agency (NGA) assigned to the Office of Counterterrorism, she completed three war zone deployments. Throughout her six years at NGA, she became a subject matter expert on Activity Based Intelligence (ABI) and served as an adjunct professor in ABI at the NGA college.\n

After leaving NGA, she joined the cybersecurity threat intelligence startup Recorded Future, and was instrumental in building its Public Sector business practice. In her role as a Senior Intelligence Analyst, she fused intelligence methodologies with cybersecurity and machine learning technologies to help public and private sector customers improve their cyber posture. She also managed a team of analysts and worked alongside the Product Management and Training teams to improve her customers\' experience with the software.\n

A Gold Star Sister, Lauren is committed to supporting families of the fallen and has volunteered several times as a mentor with the Tragedy Assistance Program for Survivors (TAPS). She also co-founded the Recorded Future Women\'s Mentorship Initiative, helped to start a women\'s initiative at NGA, is a member of the NatSecGirlSquad, and is the co-founder of the online social media movement called #ShareTheMicInCyber, which aims to dismantle racism and sexism in cybersecurity and privacy. \n

\nTwitter: @lzxdc
\n\n
\nDescription:
\nThe recent ransomware and cyber espionage campaigns prove that a fundamental redesign of our domestic cyber defensive posture is both necessary and urgent to protect against future cyber threats. As such, we believe the time is now to develop an integrated, networked approach to collaborative defense and intelligence analysis and sharing between the federal government, state and local governments, and the private sector. My team of student researchers and I conducted several interviews with stakeholders in both the state and federal governments and the private sector and poured over existing literature. We\'ve created a roadmap toward this vision, answering how a 21st century threat can be tackled by the tools available in its own time. We don\'t purport to have all the answers, but we would be interested in feedback from the community on the feasiblity and desirability of these ideas.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220596),('3_Saturday','13','13:30','13:59','N','ICSV','','\'Fortifying ICS - Hardening and Testing\'','\'Dieter Sarrazyn\'','ICSV_6b6ebb3199ddbfd21d680963a3424d5f','\'Title: Fortifying ICS - Hardening and Testing
\nWhen: Saturday, Aug 7, 13:30 - 13:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Dieter Sarrazyn\n, Secudea
\nDieter is a freelance SCADA/ICS/OT security consultant whoâ€™s working extensively on industrial control system security since 2008. He performs different kinds of security assessments within industrial environments including intrusion testing, physical penetration testing, technical system assessments, risk assessments and provides assistance in securing these environments. He also helps customers to manage security of solutions deployed by their industrial suppliers and integrators through doing security requirements management and security FAT and SAT tests. Next to assessing environments, he is also providing training and awareness sessions on scada/ics/ot security and coaches young graduates within this field.
\nTwitter: @dietersar
\n\n
\nDescription:
\nEvery ICS environment will sooner or later have to deal with updates, upgrades or additions to the control system environment. Nowadays it is important to include cybersecurity within such projects, although that is still sometimes forgotten (sad but true). One of the ways to include security is to set security requirements but also perform hardening and cybersecurity testing within FAT and SAT cycles. \n

This talk will explain important elements of hardening as well as things to keep in mind when performing cybersecurity testing during FAT/SAT phases after performing said hardening.\n

\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220597),('3_Saturday','14','14:00','14:30','N','ICSV','','\'Crippling the Grid: Examination of Dependencies and Cyber Vulnerabilities\'','\'Joe Slowik\'','ICSV_2ae9b08fb0baea131ddadefca8793e7d','\'Title: Crippling the Grid: Examination of Dependencies and Cyber Vulnerabilities
\nWhen: Saturday, Aug 7, 14:00 - 14:30 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Joe Slowik\n, Gigamon
\nJoe Slowik currently leads threat intelligence and network detection work at Gigamon. Previously, Joe performed security research for DomainTools and hunted ICS-focused adversaries for Dragos. Joe remains fascinated by the ICS landscape and critical infrastructure intrusions, and continues to pursue such topics personally and professionally.
\nTwitter: @jfslowik
\n\n
\nDescription:
\nTypical views of cyber-focused attacks on electric utilities emphasize direct impacts to generation, transmission, or distribution assets. While some examples of this activity exist, most notably in Ukraine, such actions are relatively difficult given technical and access requirements to properly execute. Less explored, but far more dangerous, are critical dependencies in electric utility operations which are often more exposed to IT networks and require less specialized knowledge to subvert. This presentation will examine some of these dependencies and their implications to show how ICS-centric defense must include relevant IT links and functional requirements.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220598),('3_Saturday','14','14:30','14:59','N','ICSV','','\'Leveraging SBOMs to Enhance ICS Security\'','\'Thomas Pace\'','ICSV_830b5f655c7daa984709bee48d860bb0','\'Title: Leveraging SBOMs to Enhance ICS Security
\nWhen: Saturday, Aug 7, 14:30 - 14:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Thomas Pace\n, NetRise
\nThomas is currently the co-founder and CEO of NetRise, a cybersecurity company focusing on securing firmware across a heterogenous device set. Prior to NetRise, Thomas served as the Global Vice President of Enterprise Solutions at Cylance where his responsibilities ranged from conducting incident response investigations, product marketing, public speaking and analyst relations. Thomas was also responsible for ICS security at the DOE for 3 years and served in the United States Marine Corps serving in both Iraq and Afghanistan. Thomas has spoken at Black Hat, RSA, and was interviewed on 60 Minutes for his efforts related to ransomware.\"
\nTwitter: @tommypastry
\n\n
\nDescription:
\nIn this talk Tom Pace will discuss how SBOMs (Software Bill of Materials) can be leveraged to enhance ICS security. The recent executive order and guidance from the NTIA have reignited the SBOM discussion and its importance, especially to critical assets such as ICS devices. Tom will explain what an SBOM is, how they can be generated and consumed as well as the vale of the data once an SBOM has been generated. This will include but not be limited to use cases such as known vulnerabilities, integrity verification, provenance and license compliance. Tom will further explain the value an SBOM can have to various stakeholders, from ICS device manufacturers to end-users of the devices themselves. Tom will highlight how significant time savings can be realized once SBOMs are in place, while at the same time provide commentary on the challenges of generating an SBOM especially for devices deemed \"legacy\" or out of support.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220599),('3_Saturday','15','15:00','15:30','N','ICSV','','\'Smart Meters: I\'m Hacking Infrastructure and So Should You\'','\'Hash Salehi\'','ICSV_eaff17ce572d943276ffe7d96b5a2d04','\'Title: Smart Meters: I\'m Hacking Infrastructure and So Should You
\nWhen: Saturday, Aug 7, 15:00 - 15:30 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Hash Salehi\n
\nHash grew up on IRC freely sharing information and benefitting from those more knowledgeable who were willing to reciprocate. He is the founder of RECESSIM, a reverse engineering community where information is freely shared. Over the last few years he has focused on reverse engineering smart meter technology analyzing both the RF communications and hardware design, openly publishing all his findings.
\nTwitter: @BitBangingBytes
\n\n
\nDescription:
\nWhy Smart Meters? This is a question Hash is often asked. There\'s no bitcoin or credit card numbers hiding inside, so he must want to steal power, right? Openly analyzing the technology running our critical infrastructure and publishing the findings is something Hash is passionate about. In the wake of the great Texas freeze of 2021, we can no longer \"hope\" those in power will make decisions that are in the people\'s best interest. This talk will present research on the Landis+Gyr GridStream series of smart meters used by Oncor, the largest energy provider in Texas.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220600),('4_Sunday','10','10:00','10:30','N','ICSV','','\'Bottom-Up and Top-Down: Exploiting Vulnerabilities In the OT Cloud Era\'','\'Sharon Brizinov,Uri Katz\'','ICSV_e992173dec22a441223cc765ffe9037f','\'Title: Bottom-Up and Top-Down: Exploiting Vulnerabilities In the OT Cloud Era
\nWhen: Sunday, Aug 8, 10:00 - 10:30 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:Sharon Brizinov,Uri Katz
\n
SpeakerBio:Sharon Brizinov\n, Claroty
\nSharon Brizinov is the vulnerability research team lead at Claroty. He specializes in vulnerability research, malware analysis, network forensics, and ICS/SCADA security. In addition, Brizinov participated in well-known hacking competitions such as Pwn2Own, and he holds a DEFCON black-badge for winning the ICS CTF.
\n
SpeakerBio:Uri Katz\n, Claroty
\nUri is a security researcher at Claroty specializes in reverse engineering and vulnerability research across both embedded and Windows systems.
\n\n
\nDescription:
\nWe researched the exploitability of cloud-based management platforms responsible for monitoring industrial control systems (ICS), and developed techniques to exploit vulnerabilities in automation vendor CODESYSâ€™ Automation Server and vulnerabilities in the WAGO PLC platform. Our research mimics the top-down and bottom-up paths an attacker would take to either control a Level 1 device in order to eventually compromise the cloud-based management console, or the reverse, commandeer the cloud in order to manipulate all networked field devices.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220601),('4_Sunday','10','10:30','10:59','N','ICSV','','\'Detecting Attackers Using Your Own Sensors with State Estimation\'','\'Stefan Stephenson-Moe\'','ICSV_7131200fc3502d55ca7cb3bcb36b5320','\'Title: Detecting Attackers Using Your Own Sensors with State Estimation
\nWhen: Sunday, Aug 8, 10:30 - 10:59 PDT
\nWhere: ICS Village (Virtual)
\n
SpeakerBio:Stefan Stephenson-Moe\n, Coalfire
\nI have eight years infosec experience working in critical infrastructure, three years working in the power industry, four years working in the finance sector. My experience is mostly on the operations and implementation side, designing, implementing and operating Security Operations Centers. I have an education in Mechanical Engineering and am a mostly self-taught infosec professional. I currently work as a network and application penetration tester in the government sector.
\n\n
\nDescription:
\nAs OT technologies like PLCs and RTU become smarter and more capable of running standard operating systems, the concern of malware infecting OT technologies has become more of a realistic threat. In cases like Stuxnet where the attacker wishes to cause damage to a system while keeping the user unaware it must do so by modifying sensor data that would alert the user to a change in the system. State estimation is a technique used in the Power Industry to detect when sensors are providing garbage data. In this talk I plan to explain how state estimation works and how it can be applied as a technique for detecting an attacker attempting to manipulate sensor data for nefarious purposes.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220602),('4_Sunday','11','11:00','11:59','N','ICSV','','\'Top 20 Secure PLC Coding Practices\'','\'Sarah Fluchs,Vivek Ponnada\'','ICSV_77117d84e9f1f85f2023b730717067fa','\'Title: Top 20 Secure PLC Coding Practices
\nWhen: Sunday, Aug 8, 11:00 - 11:59 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:Sarah Fluchs,Vivek Ponnada
\n
SpeakerBio:Sarah Fluchs\n, CTO, admeritia
\nSarah Fluchs is the CTO of admeritia, which specializes in security consulting for the process industry, manufacturing, and critical infrastructures. A process and automation engineer herself, Sarah is convinced that creating solid engineering methods that speak the language of automation engineers is key for OT Security. Her main research interests include security and systems engineering, security for safety, and security engineering information models. Sarah is an active contributor to ISA/IEC standards and a board member at the ISA Standards & Practices board and the German water industry organization KDW. She writes a monthly \"\"security briefing for hard hats\"\" (admeritia.de/hardhats) and a blog (fluchsfriction.medium.com). She\'s one of the founders and leaders of the Top 20 Secure PLC Coding Project (plc-security.com).
\nTwitter: @SarahFluchs
\n
SpeakerBio:Vivek Ponnada\n, GE
\nVivek Ponnada works for GE as a Service Manager and is responsible for GE\'s Gas Power transactional customers (Utilities and Co-generation) across Canada. Prior to this role, he was in Sales & Business development (Control system upgrades and Cybersecurity solutions), and started his career as a Field Engineer, commissioning turbine controls systems in Europe, Africa, Middle-East and South East Asia. Vivek is passionate about industrial controls cybersecurity and enjoys learning & contributing to the security community.
\nTwitter: @ControlsCyber
\n\n
\nDescription:
\nThis presentation is the outcome of a community driven project called \"Top 20 Secure PLC Coding Practices\", with document version 1.0 to be released on plc-security.com on June 15th, 2021, for downloading free or charge, and will have no restrictions on distribution and use.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220603),('4_Sunday','12','12:00','12:59','N','ICSV','','\'ICS Cyber Threat Intelligence (CTI) Information Sharing Between Brazil and the United States\'','\'Helio Sant\'ana,John Felker,Max Campos,Paul de Souza,Tom VanNorman\'','ICSV_6aed58de3d0e6af4811e5621fc774b5a','\'Title: ICS Cyber Threat Intelligence (CTI) Information Sharing Between Brazil and the United States
\nWhen: Sunday, Aug 8, 12:00 - 12:59 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:Helio Sant\'ana,John Felker,Max Campos,Paul de Souza,Tom VanNorman
\n
SpeakerBio:Helio Sant\'ana\n
\nMaster\'s student in Cyber Security, Post-Graduate in IT Management, Digital Forensic and graduated in Information Systems. Held many management positions in Information Technology units, working last decades within Private, Civil, and Military Public agencies. Experienced in the development of Public Policies, Data Protection, Information, and Cyber Security, currently holds the position of Director of Information Technology at the Presidency of Brazil.
\nhttps://www.linkedin.com/in/hcsantana/
\n
SpeakerBio:John Felker\n
\nBuilding upon a long career in government and the private sector, John Felker works with senior leaders to see and understand the big cybersecurity picture, the risk, and the business impact of cyber threats. He brings wide-ranging leadership, organizational, and business experiences that can help you prepare for the worst, understand, and address the issues, and ultimately, succeed. A sought-after cybersecurity and leadership expert, he is a frequent speaker at national and international cybersecurity conferences. \n

Felker is the former Assistant Director for Integrated Operations, Cybersecurity, and Infrastructure Security Agency (CISA) where he brought focus to integrated operations across the Agency that extended to Regional CISA elements, intelligence, operational planning, and mission execution with emphasis on risk mitigation and response efforts. \n

He previously served as the Director of the National Cybersecurity and Communications Integration Center from 2015 to 2019. Prior to joining CISA, Felker worked as Director of Cyber and Intelligence Strategy for HP Enterprise Services and in a 30-year career, served as Deputy Commander, Coast Guard Cyber Command; Commander, Coast Guard Cryptologic Group, as Executive Assistant to the Director of Coast Guard Intelligence and commanded the cutters CAPE UPRIGHT and RED CEDAR. \n

Felker is President of Morse Alpha Associates, Inc., a cyber leadership consultancy, serves as a member of the Parsons Corporation Senior Advisory Board, a Senior Advisor to the Chertoff Group, as a Senior Advisor to the Maritime Transportation System ISAC, a Senior Advisor to S-RM, an international cyber intelligence, response, and resilience company and a Senior Fellow at the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University. He is a member of the National Technology Security Coalitionâ€™s Advisory Council and is currently on the Board of Directors of the Operation Renewed Hope Foundation and the Boards of Advisors for the Military Cyber Professionals Association, and the Cyber Security Forum Initiative. \n

He is the recipient of the Department of Homeland Security Outstanding Public Service Medal, and his military awards include the Defense Superior Service Medal, the Legion of Merit, and the Meritorious Service Medal. \n

Felker graduated from Ithaca College with a Bachelor of Science and earned his Master of Arts in Public Administration from the Maxwell School of Citizenship and Public Affairs at Syracuse University and has co-authored several papers on cyber intelligence under the auspices of the Intelligence and National Security Alliance.\n

\nhttps://www.linkedin.com/in/jofelker/
\n
SpeakerBio:Max Campos\n
\nBrazilian Army Major Max Campos is Head of the Knowledge Management Section of the Department of Strategic Management of the Cyber Defense Command and serves as Coordinator of the Cyber Guardian Exercise Study Group. He has a masterâ€™s degree in Computer Systems from the University of Salvador (Brazil) and has earned his CISSP, GISCP, CISO and Cyber Ops certifications. With over a decade of cyber experience, Major Campos has supported various major international events such as Rio + 20, Confederations Cup, World Cup, and in many strategic projects of the Brazilian Ministry of Defense. Starting with the first iteration of the Cyber Guardian Exercise in 2018, he has acted as Coordinator of the Study Group and the leading representative of national critical infrastructure for the development of scenarios for sectors of interest in the formulation of themes and matters of interest to the sector.
\nhttps://www.linkedin.com/in/maxcampos/
\n
SpeakerBio:Paul de Souza\n, Founder and President for the Cyber Security Forum Initiative (CSFI)
\nMr. Paul de Souza is the Founder of the Cyber Security Forum Initiative (CSFI), a nonprofit organization specializing in cyberspace operations awareness and training. As a former Federal Director of Training and Education for Norman Data Defense Systems, Chief Security Engineer for AT&T, and security engineer for Computer Sciences Corporation (CSC) and US Robotics, Mr. de Souza has over 20 years of cybersecurity experience. He has consulted for several governments, military organizations, and private institutions around the globe. He is a recipient of the Order of Thor Medal.\n

Mr. de Souza holds various cybersecurity, cyber intelligence, and counter-terrorism Advisory Board positions for organizations such as the Military Cyber Professionals Association (MCPA), the Ben-Gurion University of the Negev in Israel, and IntellCorp in Portugal. Past board positions include the Institute of World Politics (IWP) and Visiting Research Fellow at the National Security Studies (INSS), Tel Aviv, Israel. \n

Paul serves as a visiting researcher, guest lecturer, ambassador, and faculty member for several higher educational institutions, such as Sheffield Hallam University (UK), Tel Aviv University, the Swedish Defence University (Försvarshögskolanand), American Public University, and George Washington University.\n

In addition to earning a masterâ€™s degree in National Security Studies with a concentration in Terrorism from American Military University, Mr. de Souza has completed the Executive Certificate Program in Counter-Terrorism Studies from the Interdisciplinary Center (IDC) Herzliya in Israel, is an alumnus from the Harvard Kennedy Schoolâ€™s Cybersecurity Executive Education program with a Higher Education Teaching certification from Harvard University, and is currently pursuing his Ph.D. in Critical Infrastructure from Capitol Technology University.\n

\nhttps://www.linkedin.com/in/paulcsfi/
\n
SpeakerBio:Tom VanNorman\n
\nTom co-founded the ICS Village, a non-profit organization focused on Control System security and awareness. He is also retired from the Air National Guard, where he worked in Cyber Warfare Operations. Tom leads the CyPhy Product group at GRIMM, where his primary focus is securing Industrial Control Systems and the networking of such systems. Tom brings an unparalleled level of operational knowledge and experience, as he has been working in the Operational Technology (OT) field for almost three decades. He also has considerable knowledge in constructing Cyber-Physical testing environments for OT systems.
\nhttps://www.linkedin.com/in/thomasvannorman/
\n\n
\nDescription:
\nThe panelists will touch on topics such as the annual critical infrastructure themed exercise Cyber Guardian run by the Brazilian Cyber Command and the opportunities for industrial control systems (ICS) professionals in the US to become more involved. Topics such as national Malware Information Sharing Platform (MISP) implementation in Brazil focusing on information sharing, particularly in the ICS world, will be discussed. The ICS Village and the Cyber Security Forum Initiative will engage in conversation with the Brazilian government during this session.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220604),('4_Sunday','13','13:00','13:30','N','ICSV','','\'ICS Intrusion KillChain explained with real simulation\'','\'Javier Perez,Juan Escobar\'','ICSV_515b889e018bc7d186b4fad52643cdf1','\'Title: ICS Intrusion KillChain explained with real simulation
\nWhen: Sunday, Aug 8, 13:00 - 13:30 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:Javier Perez,Juan Escobar
\n
SpeakerBio:Javier Perez\n, Dreamlab Technologies
\nDirector of R&D at Dreamlab Technologies. Fan of tech and cybersecurity, more than 10 years in the cybersecurity world. ISECOM OSSTMM and MILE2 instructor, trainer for private cybersecurity courses, speaker, researcher, cybersecurity consultant, penetration tester. During recent years, I have specialized in payment systems (EMV, NFC, POS, ATM) and industrial environment (ICS/SCADA).
\nTwitter: @the_s41nt
\n
SpeakerBio:Juan Escobar\n
\nProfessional with solid skills and knowledge in pentesting methodologies such as OWASP and OSSTMM, with extensive expertise in projects of Ethical hacking web applications, mobile applications and infrastructure, ATM Pentesting and Code analysis, combined with a good attitude to work. He has extensive experience in the development of exploits for the Metasploit Framework, with excellent command of Python, PHP, Java, C#, C and Ruby programming languages. He developed a translation extension for Mozilla Firefox that currently has more than half a million active users: https://addons.mozilla.org/firefox/addon/to-google-translate/He has participated in international computer security competitions, together with the Latin American team NULL Life, as well as internationally recognized talks and conference.
\nTwitter: @itsecurityco
\n\n
\nDescription:
\nCyber attacks on Industrial Control Systems (ICS) differ in scope and impact based on a number of factors, including the adversary\'s intent, sophistication and capabilities, and familiarity with ICS and automated indutrial processes. In order to understand, identify and address the specific points that can prevent or stop an attack, a systematic model known as \"Cyber Kill Chain\" is detailed, a term that comes from the military environment and registered by the Lockheed Martin company. While most are familiar with terms and theoretical diagrams of how security should be implemented, in this talk we want to present live how an attack chain occurs from scratch to compromise industrial devices, the full kill chain, based in our experiences. The goal is to land these threats into the real world without the need to carry out these attacks with a nation-state budget.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220605),('4_Sunday','13','13:30','13:59','N','ICSV','','\'Building an ICS Firing Range (in our kitchen): Sharing Our Journey & Lessons Learned (so you donâ€™t have to)\'','\'Moritz Thomas,Nico Leidecker\'','ICSV_511fb6a62cd2e15cc3243012fa4f05bc','\'Title: Building an ICS Firing Range (in our kitchen): Sharing Our Journey & Lessons Learned (so you donâ€™t have to)
\nWhen: Sunday, Aug 8, 13:30 - 13:59 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:Moritz Thomas,Nico Leidecker
\n
SpeakerBio:Moritz Thomas\n, NVISO
\nMoritz is a security consultant working in the NVISO Software and Security assessment team. He is an ICS and IoT enthusiast, getting into the latest technologies in both fields. He loves to program and reverse engineer stuff.
\n
SpeakerBio:Nico Leidecker\n, NVISO
\nNico has worked in IT security for over 15 years as security consultant and penetration tester. For the past two years, his focus has been on all several aspects of OT security. At NVISO Germany, he leads the security assessment team.
\n\n
\nDescription:
\nAiming to improve our own expertise in ICS security, we went to build our own ICS firing range for internal and external trainings, and hacking demos. It covers multiple technical aspects about IT infrastructure, PLC configuration and programming, ICS protocols and specific methodologies for red and blue teaming. Beginning with a bridge operation scenario we planned our approach on implementing the ICS Firing Range addressing all levels of the Purdue Model, from enterprise to physical processes. We were faced with a variety of practical challenges and challenges specific to the ICS context and prototyping: we learned how to implement ladder logic, how CAD modelling works, how to print 3D models with a 3D printer and how to combine all ICS and bridge components into a single, confined and mobile lab environment. Lastly, we designed a series of kill chains for our firing range that we use for trainings on a variety of professions such as digital forensics and incident response.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220606),('4_Sunday','14','14:00','14:59','N','ICSV','','\'ICS Jeopardy\'','\'Chris Sistrunk,Maggie Morganti,Mary Brooks,Tatyana Bolton\'','ICSV_39827208e16ee3a27f42e9da33cd4722','\'Title: ICS Jeopardy
\nWhen: Sunday, Aug 8, 14:00 - 14:59 PDT
\nWhere: ICS Village (Virtual)
\nSpeakers:Chris Sistrunk,Maggie Morganti,Mary Brooks,Tatyana Bolton
\n
SpeakerBio:Chris Sistrunk\n, Mandiant
\nChris Sistrunk is Technical Manager on the Mandiant ICS/OT Security Consulting team at FireEye focusing on protecting critical infrastructure. Before FireEye, Sistrunk was a Senior Engineer at Entergy where he was a subject matter expert for Transmission & Distribution SCADA systems. Sistrunk was awarded Energy Sector Security Professional of the Year in 2014. He is a Senior Member of the IEEE and is a registered Professional Engineer in Louisiana. He founded BSidesJackson, co-founded the BEER-ISAC, and helped organize the ICS Village at DEFCON 22. He holds BS Electrical Engineering and MS Engineering & Technology Management degrees from Louisiana Tech University.
\nTwitter: @chrissistrunk
\n
SpeakerBio:Maggie Morganti\n, Schneider Electric
\nMaggie Morganti is a Product Security Researcher at Schneider Electric where she works on vulnerability handling, supply chain security, and secure product development for power systems. She also serves as the Director-Elect of the ISA Communications Division (COMDIV). She previously held roles as a Cyber Technical Staff member for Oak Ridge National Laboratoryâ€™s Power & Energy Systems team and as a Threat Intelligence Analyst for FireEye Mandiantâ€™s Cyber-Physical team. She holds a M.S. in Intelligence Studies with a focus on cybersecurity from Mercyhurst University.
\nTwitter: @magg_py
\n
SpeakerBio:Mary Brooks\n, R Street Institute
\nMary Brooks is a senior research associate for Cybersecurity and Emerging Threats at R Street Institute. Before joining R Street, she was lead researcher and associate producer for The Perfect Weapon (2020). Prior to this, she served as the special assistant for the international human rights law firm Perseus Strategies, LLC, based in Washington, D.C. She graduated cum laude from Harvard University with a bachelorâ€™s degree in government and a language certificate in Arabic.
\nTwitter: @Mary_K_Brooks
\n
SpeakerBio:Tatyana Bolton\n, R Street Institute
\nTatyana Bolton is the Policy Director for R Streetâ€™s Cybersecurity & Emerging Threats team. She crafts and oversees the public policy strategy for the department with a focus on secure and competitive markets, data security and data privacy, and diversity in cybersecurity. Most recently, Tatyana worked as the senior policy director for the U.S. Cyberspace Solarium Commission focusing on U.S. government reorganization and resilience portfolios. From 2017-2020, Tatyana also served at the Cybersecurity and Infrastructure Security Agency as the cyber policy lead in the Office of Strategy, Policy and Plans where she developed strategies for strengthening the cybersecurity of our nationâ€™s critical infrastructure.
\nTwitter: @TechnoTats
\n\n
\nDescription:
\nThis. Is. Jeopardy. ICS-style. Join our intrepid contestants in a full round of the iconic game show Jeopardy as they test their knowledge of the various categories every good cybersecurity expert should knowâ€”including historical ICS incidents, nerdy fiction and random triviaâ€”all the while performing on-the-spot asset identification (aka: figuring out the remote buzzer system because we\'re still in a pandemic.) Tune in to watch Maggie Morganti of Schneider Electric, Chris Sistrunk of Mandiant, and Tatyana Bolton of the R Street Institute battle it out to win one of three, appropriately mediocre, prizes.
\n
ICS Village will be releasing their events to YouTube at each event\'s scheduled time. Discussion will be available on Discord in #ics-speaker-questions-and-answers-text.\n

YouTube: https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw\n

#ics-speaker-questions-and-answers-text: https://discord.com/channels/708208267699945503/735937961908109485\n

\'',NULL,220607),('1_Thursday','16','16:00','17:59','N','SOC','','\'QueerCon Party\'','\' \'','SOC_5bc99d79223a408625edd4e88de0f472','\'Title: QueerCon Party
\nWhen: Thursday, Aug 5, 16:00 - 17:59 PDT
\nWhere: Bally\'s Pool
\n
\nDescription:
\nCome hang out with the queer hacker community
\n\'',NULL,220608),('1_Thursday','17','16:00','17:59','Y','SOC','','\'QueerCon Party\'','\' \'','SOC_5bc99d79223a408625edd4e88de0f472','\'\'',NULL,220609),('2_Friday','16','16:00','17:59','N','SOC','','\'QueerCon Party\'','\' \'','SOC_0e7ab14dfaf49d59436ec174c40b4b7a','\'Title: QueerCon Party
\nWhen: Friday, Aug 6, 16:00 - 17:59 PDT
\nWhere: Bally\'s Pool
\n
\nDescription:
\nCome hang out with the queer hacker community
\n\'',NULL,220610),('2_Friday','17','16:00','17:59','Y','SOC','','\'QueerCon Party\'','\' \'','SOC_0e7ab14dfaf49d59436ec174c40b4b7a','\'\'',NULL,220611),('3_Saturday','16','16:00','17:59','N','SOC','','\'QueerCon Party\'','\' \'','SOC_d3b9df327c242d6a2fe60ebd8417578c','\'Title: QueerCon Party
\nWhen: Saturday, Aug 7, 16:00 - 17:59 PDT
\nWhere: Bally\'s Pool
\n
\nDescription:
\nCome hang out with the queer hacker community
\n\'',NULL,220612),('3_Saturday','17','16:00','17:59','Y','SOC','','\'QueerCon Party\'','\' \'','SOC_d3b9df327c242d6a2fe60ebd8417578c','\'\'',NULL,220613),('1_Thursday','13','13:00','23:59','N','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'Title: A&E Pool Party!
\nWhen: Thursday, Aug 5, 13:00 - 23:59 PDT
\nWhere: Bally\'s Pool
\n
\nDescription:
\nPool Party Schedule is listed here: https://forum.defcon.org/node/238025
\n\'',NULL,220614),('1_Thursday','14','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220615),('1_Thursday','15','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220616),('1_Thursday','16','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220617),('1_Thursday','17','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220618),('1_Thursday','18','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220619),('1_Thursday','19','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220620),('1_Thursday','20','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220621),('1_Thursday','21','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220622),('1_Thursday','22','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220623),('1_Thursday','23','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_fe46f2377c8f95a2207ebea97026aae3','\'\'',NULL,220624),('2_Friday','13','13:00','23:59','N','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'Title: A&E Pool Party!
\nWhen: Friday, Aug 6, 13:00 - 23:59 PDT
\nWhere: Bally\'s Pool
\n
\nDescription:
\nPool Party Schedule is listed here: https://forum.defcon.org/node/238025
\n\'',NULL,220625),('2_Friday','14','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220626),('2_Friday','15','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220627),('2_Friday','16','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220628),('2_Friday','17','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220629),('2_Friday','18','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220630),('2_Friday','19','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220631),('2_Friday','20','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220632),('2_Friday','21','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220633),('2_Friday','22','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220634),('2_Friday','23','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_0d698549a5312a35df9995004cc0361f','\'\'',NULL,220635),('3_Saturday','13','13:00','23:59','N','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'Title: A&E Pool Party!
\nWhen: Saturday, Aug 7, 13:00 - 23:59 PDT
\nWhere: Bally\'s Pool
\n
\nDescription:
\nPool Party Schedule is listed here: https://forum.defcon.org/node/238025
\n\'',NULL,220636),('3_Saturday','14','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220637),('3_Saturday','15','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220638),('3_Saturday','16','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220639),('3_Saturday','17','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220640),('3_Saturday','18','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220641),('3_Saturday','19','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220642),('3_Saturday','20','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220643),('3_Saturday','21','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220644),('3_Saturday','22','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220645),('3_Saturday','23','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_9a13de545fb5c0b074f4fb4ba0d42854','\'\'',NULL,220646),('4_Sunday','13','13:00','23:59','N','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'Title: A&E Pool Party!
\nWhen: Sunday, Aug 8, 13:00 - 23:59 PDT
\nWhere: Bally\'s Pool
\n
\nDescription:
\nPool Party Schedule is listed here: https://forum.defcon.org/node/238025
\n\'',NULL,220647),('4_Sunday','14','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220648),('4_Sunday','15','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220649),('4_Sunday','16','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220650),('4_Sunday','17','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220651),('4_Sunday','18','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220652),('4_Sunday','19','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220653),('4_Sunday','20','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220654),('4_Sunday','21','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220655),('4_Sunday','22','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220656),('4_Sunday','23','13:00','23:59','Y','SOC','','\'A&E Pool Party!\'','\' \'','SOC_69aa32c419353621ccadceaac2c88e4d','\'\'',NULL,220657),('2_Friday','20','20:00','01:59','N','SOC','','\'Vampire the Masquerade (Party)\'','\' \'','SOC_11e595698a7e0d632b00ccc2a8e38fdb','\'Title: Vampire the Masquerade (Party)
\nWhen: Friday, Aug 6, 20:00 - 01:59 PDT
\nWhere: Bally\'s Skyview 2
\n
\nDescription:
\nIts... Vampire the masquerade for the Las vegas setting, in las vegas... Because I heard people like Vegas and it might be fun to do.
\n\'',NULL,220658),('2_Friday','18','18:00','23:59','N','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_612a06d5ce7bfa33d5035fc48c1dd050','\'Title: Hacker Karaoke (Virtual)
\nWhen: Friday, Aug 6, 18:00 - 23:59 PDT
\nWhere: See Description
\n
\nDescription:
\nEven though we cannot be there in person to run the event, we will be event on the Discord Defcon Channel in the Hacker Karaoke room. We will be running from 6PM pacific to Midnight Pacific on Friday and Saturday night. Additional information on joining the event will be available online. Follow us at @hackerkaraoke for more information.
\n\'',NULL,220659),('2_Friday','19','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_612a06d5ce7bfa33d5035fc48c1dd050','\'\'',NULL,220660),('2_Friday','20','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_612a06d5ce7bfa33d5035fc48c1dd050','\'\'',NULL,220661),('2_Friday','21','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_612a06d5ce7bfa33d5035fc48c1dd050','\'\'',NULL,220662),('2_Friday','22','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_612a06d5ce7bfa33d5035fc48c1dd050','\'\'',NULL,220663),('2_Friday','23','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_612a06d5ce7bfa33d5035fc48c1dd050','\'\'',NULL,220664),('3_Saturday','18','18:00','23:59','N','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_752b898514549d3cd4a9d929e4737f6a','\'Title: Hacker Karaoke (Virtual)
\nWhen: Saturday, Aug 7, 18:00 - 23:59 PDT
\nWhere: See Description
\n
\nDescription:
\nEven though we cannot be there in person to run the event, we will be event on the Discord Defcon Channel in the Hacker Karaoke room. We will be running from 6PM pacific to Midnight Pacific on Friday and Saturday night. Additional information on joining the event will be available online. Follow us at @hackerkaraoke for more information.
\n\'',NULL,220665),('3_Saturday','19','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_752b898514549d3cd4a9d929e4737f6a','\'\'',NULL,220666),('3_Saturday','20','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_752b898514549d3cd4a9d929e4737f6a','\'\'',NULL,220667),('3_Saturday','21','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_752b898514549d3cd4a9d929e4737f6a','\'\'',NULL,220668),('3_Saturday','22','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_752b898514549d3cd4a9d929e4737f6a','\'\'',NULL,220669),('3_Saturday','23','18:00','23:59','Y','SOC','','\'Hacker Karaoke (Virtual)\'','\' \'','SOC_752b898514549d3cd4a9d929e4737f6a','\'\'',NULL,220670),('2_Friday','20','20:00','21:59','N','SOC','','\'War Story Bunker\'','\' \'','SOC_adf38a48c8f393102fe94491e8fb69e9','\'Title: War Story Bunker
\nWhen: Friday, Aug 6, 20:00 - 21:59 PDT
\nWhere: Bally\'s Skyview 3
\n
\nDescription:
\nOne of our favorite parts of DEF CON every year is hearing about what other hackers have been up to with harrowing tales of red team exercises gone wrong, or so very right. Weâ€™ve also heard of valiant efforts of defense, from our blue team folks while waiting in Linecon. Do you have a cool â€œwar storyâ€ to share? Would you like to listen to some fun stories from your fellow hackers? This is the place to be. Join the DEF CON CFP Review Board, Goons, and fellow hackers as we hunker in the (War Story) bunker.
\n\'',NULL,220671),('2_Friday','21','20:00','21:59','Y','SOC','','\'War Story Bunker\'','\' \'','SOC_adf38a48c8f393102fe94491e8fb69e9','\'\'',NULL,220672),('2_Friday','14','14:00','15:59','N','SOC','','\'BADASS Meetup (Virtual)\'','\' \'','SOC_e66c4604cfa7dde43744986201b21972','\'Title: BADASS Meetup (Virtual)
\nWhen: Friday, Aug 6, 14:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nWe represent the BADASS army, an organization that empowers and assists victims of revenge-porn and non-consensual images through education in privacy, operational security, and evidence collection. Thisâ€™d be an event where we discuss how we fight NCI/RP, how that battlespace has changed, what weâ€™ve learned and more.\n

BADASS is going to be from 2 PM PDT til 4 PM PDT on Discord in Fireside Lounge for a video discussion.\n

Fireside Lounge: https://discord.com/channels/708208267699945503/738141986476916826\n

\n\'',NULL,220673),('2_Friday','15','14:00','15:59','Y','SOC','','\'BADASS Meetup (Virtual)\'','\' \'','SOC_e66c4604cfa7dde43744986201b21972','\'\'',NULL,220674),('2_Friday','21','21:00','01:59','N','SOC','','\'Gothcon 2021 (Virtual)\'','\' \'','SOC_fa9c223ba66d1f7f1889a942d2516faa','\'Title: Gothcon 2021 (Virtual)
\nWhen: Friday, Aug 6, 21:00 - 01:59 PDT
\nWhere: See Description
\n
\nDescription:
\nJoin us, hybrid style, as we continue yet another year of #DCGOTHCON. Digital hangs will be found at https://www.twitch.tv/dcgothcon. Watch our twitter @dcgothcon for updates about some renegade IRL meet-ups. We will be streaming our fav goth DJ\'s Friday evening, 10p-2a Pacific. DM on twitter to join our discord.
\n\'',NULL,220675),('3_Saturday','20','20:00','22:59','N','SOC','','\'Hacker Flairgrounds\'','\' \'','SOC_cb112059faeb94a011c55dd047ffb75f','\'Title: Hacker Flairgrounds
\nWhen: Saturday, Aug 7, 20:00 - 22:59 PDT
\nWhere: Paris Chillout 2
\n
\nDescription:
\nThe destination for badge collectors, designers, and hardware hacks to celebrate the flashier side of DEF CON. It is a melding of the 1337 and the un1eet interested in hardware and IoT. We see #badgelife, #badgelove, SAOs and badge hacking as a great potential for securing IoT and keeping the power in the hands of the consumer by spreading knowledge about the craft/ trade. Those involved should be celebrated for sharing their knowledge. Many of them do not like the limelight, so this gives us a chance to personally say thank you.
\n\'',NULL,220676),('3_Saturday','21','20:00','22:59','Y','SOC','','\'Hacker Flairgrounds\'','\' \'','SOC_cb112059faeb94a011c55dd047ffb75f','\'\'',NULL,220677),('3_Saturday','22','20:00','22:59','Y','SOC','','\'Hacker Flairgrounds\'','\' \'','SOC_cb112059faeb94a011c55dd047ffb75f','\'\'',NULL,220678),('3_Saturday','17','17:00','18:59','N','SOC','','\'DC404/DC678/DC770/DC470 (Atlanta Metro) Meetup\'','\' \'','SOC_713461a8c36277e505b05a72b1fef3ca','\'Title: DC404/DC678/DC770/DC470 (Atlanta Metro) Meetup
\nWhen: Saturday, Aug 7, 17:00 - 18:59 PDT
\nWhere: Bally\'s Skyview 2
\n
\nDescription:
\nThey say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead we\'re meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404\'s 20+ year legacy can catch up and share stories. We typically meet up for an hour or two then will go get dinner afterwards before evening events.
\n\'',NULL,220679),('3_Saturday','18','17:00','18:59','Y','SOC','','\'DC404/DC678/DC770/DC470 (Atlanta Metro) Meetup\'','\' \'','SOC_713461a8c36277e505b05a72b1fef3ca','\'\'',NULL,220680),('3_Saturday','21','21:00','01:59','N','SOC','','\'Vetcon Meetup (Hybrid)\'','\' \'','SOC_28dc90acc5092df386da3ab88b7f8b5e','\'Title: Vetcon Meetup (Hybrid)
\nWhen: Saturday, Aug 7, 21:00 - 01:59 PDT
\nWhere: Bally\'s Skyview 5
\n
\nDescription:
\nA large friendly gathering of Veterans AND Non-Veterans, to help those who are recent Veterans integrate within our INFOSEC community, to make them feel welcome, and that there are other Veterans and Veteran supporters who are here to help them further their infosec career. Both online and in-person.
\n\'',NULL,220681),('1_Thursday','12','12:00','12:59','N','SOC','','\'Friends of Bill W.\'','\' \'','SOC_768213b6839909420ce906eadbd71b4f','\'Title: Friends of Bill W.
\nWhen: Thursday, Aug 5, 12:00 - 12:59 PDT
\nWhere: Bally\'s Pool Cabana
\n
\nDescription:
\nFor all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun. The location is in a Bally\'s poolside cabana, look for the sign.
\n\'',NULL,220682),('2_Friday','12','12:00','12:59','N','SOC','','\'Friends of Bill W.\'','\' \'','SOC_38fb17bf0f9c646a01857e8c3f286c2f','\'Title: Friends of Bill W.
\nWhen: Friday, Aug 6, 12:00 - 12:59 PDT
\nWhere: Bally\'s Pool Cabana
\n
\nDescription:
\nFor all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun. The location is in a Bally\'s poolside cabana, look for the sign.
\n\'',NULL,220683),('3_Saturday','12','12:00','12:59','N','SOC','','\'Friends of Bill W.\'','\' \'','SOC_62629779fb1f5f0721260061ef71acbc','\'Title: Friends of Bill W.
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: Bally\'s Pool Cabana
\n
\nDescription:
\nFor all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun. The location is in a Bally\'s poolside cabana, look for the sign.
\n\'',NULL,220684),('4_Sunday','12','12:00','12:59','N','SOC','','\'Friends of Bill W.\'','\' \'','SOC_0d2e4ca8f089b7caaa7c7d38882f62f3','\'Title: Friends of Bill W.
\nWhen: Sunday, Aug 8, 12:00 - 12:59 PDT
\nWhere: Bally\'s Pool Cabana
\n
\nDescription:
\nFor all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun. The location is in a Bally\'s poolside cabana, look for the sign.
\n\'',NULL,220685),('1_Thursday','17','17:00','17:59','N','SOC','','\'Friends of Bill W.\'','\' \'','SOC_b8e6bc24bb74d0e9384c4024e267b89d','\'Title: Friends of Bill W.
\nWhen: Thursday, Aug 5, 17:00 - 17:59 PDT
\nWhere: Bally\'s Pool Cabana
\n
\nDescription:
\nFor all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun. The location is in a Bally\'s poolside cabana, look for the sign.
\n\'',NULL,220686),('2_Friday','17','17:00','17:59','N','SOC','','\'Friends of Bill W.\'','\' \'','SOC_3bef864c7924380cc74f42dc778f8a06','\'Title: Friends of Bill W.
\nWhen: Friday, Aug 6, 17:00 - 17:59 PDT
\nWhere: Bally\'s Pool Cabana
\n
\nDescription:
\nFor all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun. The location is in a Bally\'s poolside cabana, look for the sign.
\n\'',NULL,220687),('3_Saturday','17','17:00','17:59','N','SOC','','\'Friends of Bill W.\'','\' \'','SOC_0f2ec0157744f08434bb4d466ca35ada','\'Title: Friends of Bill W.
\nWhen: Saturday, Aug 7, 17:00 - 17:59 PDT
\nWhere: Bally\'s Pool Cabana
\n
\nDescription:
\nFor all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun. The location is in a Bally\'s poolside cabana, look for the sign.
\n\'',NULL,220688),('2_Friday','18','18:00','19:59','N','SOC','','\'Lawyers Meet\'','\' \'','SOC_ac875e14cdb3a524e5caf6ace2d797cf','\'Title: Lawyers Meet
\nWhen: Friday, Aug 6, 18:00 - 19:59 PDT
\nWhere: Bally\'s Pool Cabana
\n
\nDescription:
\nIf you\'re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join Jeff McNamara at 18:00 on Friday in a poolside cabana, look for the sign, for a friendly get-together, drinks, and conversation.
\n\'',NULL,220689),('2_Friday','19','18:00','19:59','Y','SOC','','\'Lawyers Meet\'','\' \'','SOC_ac875e14cdb3a524e5caf6ace2d797cf','\'\'',NULL,220690),('2_Friday','10','10:00','11:50','N','DL','','\'AIS Tools\'','\'Gary Kessler\'','DL_f0f1bcfc46542df187e397d7c0ac2967','\'Title: AIS Tools
\nWhen: Friday, Aug 6, 10:00 - 11:50 PDT
\nWhere: DemoLab Video Channel 1
\n
SpeakerBio:Gary Kessler\n
\nGary Kessler, Ph.D., CISSP is a principal consultant at Fathom5, a retired professor of cybersecurity, and co-author of \"Maritime Cybersecurity: A Guide for Leaders and Managers.\" He is a past speaker at DEFCON, where he has presented on AIS cybersecurity vulnerabilities and an encryption-based demonstration-of-capability method to mitigate some of those vulnerabilities. Gary\'s background is in mathematics and computer science, and he has spent several decades teaching about network protocols, data communications, digital forensics, and information security. He holds a leadership position in USCG Auxiliary cybersecurity efforts, is a Master SCUBA Diver Trainer, and holds a 50GT captain license.
\n\n
\nDescription:
\nTool or Project Name: AIS Tools\n

Short Abstract: AIS Tools is a suite of Perl-based scripts to create, capture, interpret, and play NMEA 0183 Automatic Identification System (AIS) messages.\n

Short Developer Bio: Gary Kessler, Ph.D., CISSP is a principal consultant at Fathom5, a retired professor of cybersecurity, and co-author of \"Maritime Cybersecurity: A Guide for Leaders and Managers.\" He is a past speaker at DEFCON, where he has presented on AIS cybersecurity vulnerabilities and an encryption-based demonstration-of-capability method to mitigate some of those vulnerabilities. Gary\'s background is in mathematics and computer science, and he has spent several decades teaching about network protocols, data communications, digital forensics, and information security. He holds a leadership position in USCG Auxiliary cybersecurity efforts, is a Master SCUBA Diver Trainer, and holds a 50GT captain license.\n

URL to any additional information:
\nhttps://www.garykessler.net/library/ais_pi.html\nhttps://www.garykessler.net/software/AIS_README.TXT\nhttps://gpsd.gitlab.io/gpsd/AIVDM.html
\nhttps://github.com/trendmicro/ais/\n

Detailed Explanation of Tool:
\nAIS Tools is a suite of Perl scripts that allow a user to customize and parse National Marine Electronics Association (NMEA) 0183 standard AIS messages (seen in over-the-air broadcasts per ITU Recommendation M.1371). It is conceptually based upon the TrendMicro AIS Blacktoolkit, but is an extension intended for research and development purposes by incorporating more message types and standard default values.\n

The suite includes the following programs and functions:\nAIS_menu: Allows the user to create a custom NMEA 0183 AIS message by entering parameters specific to a requested message type. (At this time, the tools supports 22 of the 27 message types.) The output of the program is a properly formatted command line with all appropriate switches for the AIS_ping program.\nAIS_ping: AIS_ping allows a user to define an AIS message that will be properly formatted but could, in fact, contain invalid parameter values (a la hping3). The output is a binary string representing the AIS message. The binary string could be directed to a radio transmission (using Blacktoolkit software for GNU Radio) or formatted into one or more AIS sentences using AIS_NMEA.\nAIS_NMEA: This program accepts an AIS message binary string and produces a set of one or more AIS sentences.\nAIS_parser: Decodes an NMEA binary string or AIS sentence, displaying the contents field by field.\nparser2html: Produces HTML formatting of parsed messages.\ntimestamp_data: Capture live AIS data from over-the-air transmissions and store the sentences in a file with a timestamp.\nplay_ais: Replay timestamped AIS data from a file.\nThis is code that was used for research and development purposes, gathering input from, and directing output to, OpenCPN. Data can also be received and broadcast via software-defined radio.\n

More detail can be found in https://www.garykessler.net/software/AIS_README.TXT\n

Supporting Files, Code, etc: https://www.garykessler.net/software/index.html#ais\n

Target Audience:
\nDefense, students, researchers, product developers (but, like any good tool, can be used for offense)\n

This tool is specifically directed at those interested in maritime cybersecurity, particularly with respect to navigation systems, but applies to anyone interested in a deep understanding of the AIS protocol as observed in over-the-air transmissions. It will aid researchers in capturing and analyzing AIS data, and designing scenarios with which to prepare exercises and test products.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505\n

\'',NULL,220691),('2_Friday','11','10:00','11:50','Y','DL','','\'AIS Tools\'','\'Gary Kessler\'','DL_f0f1bcfc46542df187e397d7c0ac2967','\'\'',NULL,220692),('2_Friday','12','12:00','13:50','N','DL','','\'Solitude\'','\'Dan Hastings\'','DL_147336dcc3fe69027769629191639b3d','\'Title: Solitude
\nWhen: Friday, Aug 6, 12:00 - 13:50 PDT
\nWhere: DemoLab Video Channel 1
\n
SpeakerBio:Dan Hastings\n
\nDan Hastings is a senior security consultant at NCC Group. He spends his time performing mobile and web application penetration tests for fortune 500 companies. Dan has spoken at the Defcon Crypto and Privacy village on his research on discrepancies in iOS Robocall blocking apps privacy policies and their actual data collection practices.\n
\n\n
\nDescription:
\nTool or Project Name: Solitude: A privacy analysis tool\n

Short Abstract:
\nSolitude is an open-source privacy analysis tool that aims to help people inspect where their private data goes once it leaves their favorite mobile or web applications. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating an appâ€™s privacy accessible for everyone without the need for time-consuming app instrumentation and analysis, which weâ€™ve abstracted away from the user.\n

Privacy policies are often difficult to understand when trying to identify how your private data is being shared and with whom it\'s being shared. My previous research1 has even shown that privacy policies don\'t always tell the truth of what an appâ€™s actual data collection practices actually are. Whatâ€™s more, prior to Solitude, tooling to find this out efficiently didnâ€™t exist for security researchers, let alone nontechnical users. Solitude was built to help give users more transparency to understand where their private data goes by the process of proxying HTTP traffic and inspecting HTTP traffic more straightforward, and can be configured to look for arbitrary datatypes captured by a mobile or web application. In its early release, this tool has already been used by journalists to help investigate privacy abuses by mobile app vendors.\n

Short Developer Bio:
\nDan Hastings is a senior security consultant at NCC Group. He spends his time performing mobile and web application penetration tests for fortune 500 companies. Dan has spoken at the Defcon Crypto and Privacy village on his research on discrepancies in iOS Robocall blocking apps privacy policies and their actual data collection practices.\n

URL to any additional information:
\nhttps://github.com/nccgroup/Solitude\n

Detailed Explanation of Tool:
\nSolitude can be run in two different ways; either as a stand-alone web application/HTTP intercept proxy, or in a more mobile-friendly docker container that runs an Open VPN server along with the Solitude web application and intercepting HTTP proxy.\n

Users of Solitude can configure what data they want Solitude to search for in the Solitude web application. Solitude automatically searches through all websockets and HTTP requests using yara rules based upon what users have configured to search for. Solitude recursively decodes base64 and URL encoded data, searches for sha1,sha256 and md5 hashes of all configured data and supports protobuf and gzip. Several built-in searches are pre-configured to search for GPS coordinates and internal IP addresses. Once a configured piece of data is found the data and domain that the data is being sent to is displayed in the Solitude web application.\n

Supporting Files, Code, etc:
\nhttps://github.com/nccgroup/Solitude\n

Target Audience:
\nMobile, Offense, Privacy enthusiasts.\n

Solitude makes the process of gaining transparency into where your private data goes when you use your favorite apps easier than reading and trusting a privacy policy. App users deserve more insight the data collection practices of the apps they use. Solitude is unique in that it aims to make an otherwise technical process easy and empower people to make informed decisions about the applications they choose to use.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505\n

\'',NULL,220693),('2_Friday','13','12:00','13:50','Y','DL','','\'Solitude\'','\'Dan Hastings\'','DL_147336dcc3fe69027769629191639b3d','\'\'',NULL,220694),('2_Friday','14','14:00','15:50','N','DL','','\'Kubestriker\'','\'Vasant Chinnipilli\'','DL_2f29d0710d5fe65c7e1ec1afab82b500','\'Title: Kubestriker
\nWhen: Friday, Aug 6, 14:00 - 15:50 PDT
\nWhere: DemoLab Video Channel 1
\n
SpeakerBio:Vasant Chinnipilli\n
\nVasant is a security enthusiast and speaker, currently working as a Security Architect and DevSecOps Practitioner. \n

His technical abilities span a wide range of technologies across various domains of information security including cloud and container security and penetration testing. He is passionate about cloud and cloud native security, devsecops and security automation.\n

\n\n
\nDescription:
\nTool Name: Kubestriker - a blazing fast security auditing tool for kubernetes\n

Short Abstract:
\nKubestriker is a platform-agnostic tool designed to tackle Kuberenetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. \n

It performs numerous in depth checks on a range of services and open ports on Kubernetes platform to identify any misconfigurations which make organisations an easy target for attackers. In addition, it helps safeguard against potential attacks on Kubernetes clusters by continuously scanning, monitoring and alerting of any anomalies.\n

Furthermore, it comprises the ability to see some components of kubernetes infrastructure and provides visualised attack paths of how hackers can advance their attacks.\n

Short Developer Bio:
\nVasant is a security enthusiast and speaker, currently working as a Security Architect and DevSecOps Practitioner. \nHis technical abilities span a wide range of technologies across various domains of information security including cloud and container security and penetration testing. He is passionate about cloud and cloud native security, devsecops and security automation.\n

URL to any additional information:
\nhttps://github.com/vchinnipilli/kubestriker\n

Detailed Explanation of Tool:
\nThe tool is open source and platform-agnostic making it compatible with various platforms such as self-hosted kubernetes, Amazon EKS, Azure AKS and Google GKE.\n

Current capabilities include performing in-depth reconnaissance and automated enumeration for a range of services and open ports. It also scans for a wide range of IAM misconfigurations, misconfigured containers and misconfigured pod security and network policies. It can also assess the excessive privileges of subjects in the cluster and generate an elaborative report with detailed explanation of the findings.\n

It also incorporates security for containers running in the cluster by continuously discovering, tracking, scanning, and reporting them, along with the ability to see some of the components of kubernetes infrastructure and provide visualised attack paths of how hackers can advance their attacks by chaining different misconfigured components in the kubernetes cluster.\n

Target Audience:
\nOffensive and Defensive Security Professionals\nSecurity Auditors
\nDevelopers, Devops, Sysadmins, Devsecops and SRE professionals\nThe aim of the presentation is to demonstrate the kind of attacks that are possible due to misconfigurations. In particular, through the use of Kubestriker, I will demonstrate how misconfigured cluster privileges can compromise the kubernetes platform and its underlying infrastructure, along with showing backdooring cloud environments, avoid detection by manipulating logging controls and access sensitive information and trade secrets due to IAM, pod security policy and webhook misconfigurations.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505\n

\'',NULL,220695),('2_Friday','15','14:00','15:50','Y','DL','','\'Kubestriker\'','\'Vasant Chinnipilli\'','DL_2f29d0710d5fe65c7e1ec1afab82b500','\'\'',NULL,220696),('3_Saturday','10','10:00','11:50','N','DL','','\'Kubernetes Goat\'','\'Madhu Akula\'','DL_c8ab4640dd0d5bbf684d31cecb7f9aac','\'Title: Kubernetes Goat
\nWhen: Saturday, Aug 7, 10:00 - 11:50 PDT
\nWhere: DemoLab Video Channel 1
\n
SpeakerBio:Madhu Akula\n
\nMadhu Akula is the creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and Cloud Native security researcher with extensive experience. Also, he is an active member of the international security, DevOps, and Cloud Native communities (null, DevSecOps, AllDayDevOps, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26 & 27), BlackHat USA (2018 & 19), USENIX LISA (2018 & 19), O\'Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018 & 19), All Day DevOps (2016, 17, 18, 19 & 20), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18), Nullcon (2018, 19), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organizations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc, and credited with multiple CVE\'s, Acknowledgements, and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Also, technical reviewer of Learn Kubernetes Security book published by Packt. Also won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.
\nTwitter: @madhuakula
\n\n
\nDescription:
\nTool or Project Name: Kubernetes Goat\n

Short Abstract:
\nKubernetes Goat is â€œvulnerable by designâ€ Kubernetes Cluster environment to practice and learn about Kubernetes Security. It has step by step detailed guide and digital book on how to get started with Kubernetes Goat by exploring different vulnerabilities in Kubernetes Cluster and Containerized environments. Also, it has scenarios taken from the real-world vulnerabilities and maps the Kubernetes Goat scenarios. The complete documentation and instruction to practice Kubernetes Security for performing security assessments, pentesting, and in general Kubernetes Security. As a defender you will see how we can learn these attacks, misconfigurations to understand and improve your cloud native infrastructure security posture.\n

Short Developer Bio:
\nMadhu Akula is the creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and Cloud Native security architect with extensive experience. Also, he is an active member of the international security, DevOps, and Cloud Native communities (null, DevSecOps, AllDayDevOps, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), etc.\n

Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEF CON (24, 26, 27, 28), Black Hat USA (2018, 19, 21), USENIX LISA (2018, 19, 21), Oâ€™Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018 & 19), All Day DevOps (2016, 17, 18, 19 & 20), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18, 20), Nullcon (2018, 19, 21), SACON 2019, Serverless Summit, null and multiple others.\n

His research has identified vulnerabilities in over 200+ companies and organizations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc, and credited with multiple CVEâ€™s, Acknowledgements, and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Also, technical reviewer of Learn Kubernetes Security book published by Packt. Won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams\n

URL to any additional information:
\nhttps://github.com/madhuakula/kubernetes-goat\nhttps://madhuakula.com/kubernetes-goat
\nDetailed Explanation of Tool:
\nKubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.\nSome of the high-level scenarios include, but not limited to below:\nSensitive keys in code bases
\nDIND (docker-in-docker) exploitation
\nSSRF in K8S world
\nContainer escape to access host system
\nDocker CIS Benchmarks analysis
\nKubernetes CIS Benchmarks analysis
\nAttacking private registry
\nNodePort exposed services
\nHelm v2 tiller to PwN the cluster
\nAnalysing crypto miner container
\nKubernetes Namespaces bypass
\nGaining environment information
\nDoS the memory/cpu resources
\nHacker Container preview
\nHidden in layers
\nSupporting Files, Code, etc:
\nhttps://github.com/madhuakula/kubernetes-goat\nhttps://madhuakula.com/kubernetes-goat/\n

Target Audience:
\nOffense, Defense\n

The adoption of Kubernetes use in production has increased to 83% from a survey by CNCF. Still, most of the security teams struggle to understand these modern technologies. So this project helps and brings a completely new area of research to share with the community to learn and practice from years of experience.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505\n

\'',NULL,220697),('3_Saturday','11','10:00','11:50','Y','DL','','\'Kubernetes Goat\'','\'Madhu Akula\'','DL_c8ab4640dd0d5bbf684d31cecb7f9aac','\'\'',NULL,220698),('3_Saturday','12','12:00','13:50','N','DL','','\'Tracee\'','\'Yaniv Agman\'','DL_75e3baba7eefe3dd93b8a92e041e0f25','\'Title: Tracee
\nWhen: Saturday, Aug 7, 12:00 - 13:50 PDT
\nWhere: DemoLab Video Channel 1
\n
SpeakerBio:Yaniv Agman\n
\nYaniv Agman is a Security Researcher at Aqua Security. He specializes in low-level Linux instrumentation technologies to perform dynamic analysis on Linux containers and systems. He is currently completing his Master\'s thesis in cyber security at BGU on detecting Android malware with eBPF technology. While not in front of a computer screen, he likes watching Sci-Fi movies and playing with his kids.\n
\n\n
\nDescription:
\nTool or Project Name: Tracee\n

Short Abstract:
\nLinux Runtime Security and Forensics using eBPF\n

Short Developer Bio:
\nYaniv Agman is a Security Researcher at Aqua Security. He specializes in low-level Linux instrumentation technologies to perform dynamic analysis on Linux containers and systems. He is currently completing his Master\'s thesis in cyber security at BGU on detecting Android malware with eBPF technology. While not in front of a computer screen, he likes watching Sci-Fi movies and playing with his kids.\n

Roi is a Security Researcher at Aqua Security. His work focuses on researching threats in the cloud native world. When not at work, Roi is a B.A. student in Computer Science at the Open University. He also enjoys going out into nature and spending time with family and friends.\n

URL to any additional information:
\nhttps://aquasecurity.github.io/tracee/dev\n

Detailed Explanation of Tool:
\nTracee is a Runtime Security and forensics tool for Linux.\nIt is using Linux eBPF technology to trace your system and applications at runtime, analyze collected events to detect suspicious behavioral patterns, and capture forensics artifacts.\nIt is delivered as a Docker image that monitors the OS and detects suspicious behavior based on a predefined set of behavioral patterns.\n

Here is a more detailed information about the tool:\nTracee is a runtime security and forensics tool for Linux. It is composed of tracee-ebpf, which collects OS events based on some given filters, and tracee-rules, which is the runtime security detection engine.\n

Tracee-ebpf is capable of tracing all processes in the system or a group of processes according to some given filters (these are: newly created processes, processes in a container, uid, command name, pid, tid, mount namespace id, process namespace id, uts name).\n

The user can select the set of events to trace, and also filter by their arguments.\n

The events which can be traced include the following:\nSystem calls and their arguments
\nLSM hooks (e.g. security_file_open, security_bprm_check, cap_capable)\nInternal kernel functions: (e.g. vfs_write and commit_creds)\nSpecial events and alerts (magic_write and mem_prot_alert)\nOther than tracing, Tracee-ebpf is also capable of capturing files written to disk or memory (e.g. \"fileless\" malwares), and extracting binaries that are dynamically loaded to an application\'s memory (e.g. when a malware uses a packer). Using these capabilities, it is possible to automatically collect forensic artifacts for later investigation. For more detailed information about these capabilities, see: https://blog.aquasec.com/ebpf-contai...ware-detection\n

Tracee-Rules, is a rule engine that helps you detect suspicious behavioral patterns in streams of events. It is primarily made to leverage events collected with Tracee-eBPF into a Runtime Security solution. Tracee supports authoring rules in Golang or in Rego.\n

Following are some of the currently available rules:\nCode injection - Possible code injection into another process\nDynamic Code Loading - Writing to executable allocated memory region\nFileless Execution - Executing a process from memory, without a file in the disk\nSupporting Files, Code, etc:
\nhttps://github.com/aquasecurity/tracee\n

Target Audience: Defense
\nWe believe Tracee is a valuable tool for anyone who want to perform runtime protection on Linux systems.\nIn the demo we will introduce the tool, and see how it helped us to find real threats and other possible uses.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505\n

\'',NULL,220699),('3_Saturday','13','12:00','13:50','Y','DL','','\'Tracee\'','\'Yaniv Agman\'','DL_75e3baba7eefe3dd93b8a92e041e0f25','\'\'',NULL,220700),('3_Saturday','14','14:00','15:50','N','DL','','\'ParseAndC\'','\'Parbati Kumar Manna\'','DL_ca2893c1d838d94c60df664525d68d3d','\'Title: ParseAndC
\nWhen: Saturday, Aug 7, 14:00 - 15:50 PDT
\nWhere: DemoLab Video Channel 1
\n
SpeakerBio:Parbati Kumar Manna\n
\nParbati Kumar Manna got his Bachelor of Technology from Indian Institute of Technology, Kharagpur in 1997. After spending a bit of time in the software industry, he went back to school to earn his MS and PhD in Computer Science from University of Florida in 2008. His dissertation involved the creation and detection of some of the smartest malware (particularly internet worms) that leave minimal footprint during their spread yet propagate at the maximal speed. After his PhD he joined the premier security group within Intel, working with other like-minded security researchers looking over the security of various Intel products, including hardware, firmware and software. He has published and reviewed in eminent conferences and journals.\n
\n\n
\nDescription:
\nParseAndC - A Universal Parser and Data Visualization Tool for Security Testing\n

Short Abstract:
\nParsing is the process of extracting the data values of various fields by mapping the data format (known) onto the datastream (known) from a certain offset (known). Parsing is often an integral part of hacking - even when we do not know the exact format of the data, we still have some vague idea, and we want to parse the data based on our assumed data format to see if our hunch is true. While it is trivial to write a parser that will output the values corresponding to the fields of a single C structure, that parser becomes useless if now we have to deal with a different C structure. A parser that can handle any and all C structures as its input is essentially a compiler, since even C header files contain enough complexity (#define constants, macros calling macros, variadic macros, conditional code via if-else etc., included files, packed/aligned attributes, pragmas, bitfield, complex variable declarations, nested and anonymous structure declaration etc.). This tool is capable of mapping any C structure(s) to any datastream from any offset, and then visually displaying the 1:1 correspondence between the variables and the data in a very colorful, intuitive display so that it becomes very easy to understand which field has what value.\n

This tool is extremely portable - it is a single 800KB Python text file, supports all versions of Python, is cross-platform (Windows/Mac/Unix), and also works in the terminal /batch mode without GUI. For multi-byte datatypes (e.g. integer or float) it supports both endianness (little/big) and displays value in both decimal and Hex formats. The tool needs no internet connection and works fully offline. It is self-contained - it doesn\'t import almost anything, to the extent that it implements its own C compiler (front-end) from scratch!!\n

This tool is useful for both security- and non-security testing alike (reverse engineering, network traffic analyzing, packet processing etc.). It is currently being widely used at Intel, and in the users\' own words, this tool has reduced their days\' work into minutes. The author of this tool led many security hackathons at Intel and there this tool was found to be very useful.\n

Short Developer Bio:
\nParbati Kumar Manna got his Bachelor of Technology from Indian Institute of Technology, Kharagpur in 1997. After spending a bit of time in the software industry, he went back to school to earn his MS and PhD in Computer Science from University of Florida in 2008. His dissertation involved the creation and detection of some of the smartest malware (particularly internet worms) that leave minimal footprint during their spread yet propagate at the maximal speed. After his PhD he joined the premier security group within Intel, working with other like-minded security researchers looking over the security of various Intel products, including hardware, firmware and software. He has published and reviewed in eminent conferences and journals.\n

URL to any additional information:
\nThe tool has just been open-sourced, but no public announcement has been made (don\'t want to steal the thunder from DEFCON)\nhttps://github.com/intel/ParseAndC\n

Detailed Explanation of Tool:
\nIf one knows the data format of any datastream (basically, if you have access to the source code), parsing is easy since it takes <5 minutes to write a parser for a C structure. However, if one\'s job involves looking at many different datastreams, each with a different data format (basically, a different C structure), then this process becomes very tedious as you have to write a fresh parser for every new structure. As part of the Intel\'s in-house core hacking team, this author faced this very problem where he had to parse many different datastreams based on their individual data formats. So, to rid himself of the trouble of writing a new parser every time, he chose to write a tool that can parse any datastream with any data format (a C structure) with just two clicks.\n

The other big problem that this tool handles is the data visualization. The problem is, not every time we have a 1:1 mapping between code and data - we can have one-to-many relationship (for arrays), and can have many-to-one relationship (many union members pointing to same chunk of data). For example, if we have a single line of code like int a[30][40][50];, suddenly for a single line of code we have sixty thousand chucks of 4-byte data. This tool handles these many-to-one and one-to-many relationships between code and data very gracefully (just try hovering your cursor over the variables in the Interpreted code window or the data windows, and you will see). Also, if you double-click on any variable, it will re-display the datastream centered around the place where the variable maps to. Similarly, if you double-click on any data byte, it will scroll the Interpreted code window to pinpoint to the variable(s) that map to that data.\n

You can see all that just by clicking the \"Run Demo\" button on the tool. :-)\n

Supporting Files, Code, etc:
\nThe tools needs no supporting file to run. To show its capability, just run the Demo (see below how). There is a huge README explaining everything right at the top of the script itself (the same README is also available in the Open Source repo https://github.com/intel/ParseAndC), but in case you don\'t have time to read that, below is a TL;DR version.\n

Just download the tool source (a single Python file) anywhere (Windows/Linux/Mac), run it using Python 2 or 3, and click on the \"Run Demo\" button on top right corner. It will load a datafile (the tool script itself), choose a builtin data format (expressed via C structures and variable declarations), compile/Interpret that code and finally map the variables in the data format onto the data file. Once this happens, the Interpreted code window and the Data window will contain colorful items. Just hover your cursor over those colorful items (or double-click) and see the magic happen!\n

There is also a bottom window which lays out a Tree-like view of the data format. You can expand/collapse all the structures and arrays in the data format here using left/right arrows (or mouse click).\n

It also creates a snapshot.csv file with all the data format variables with their values. It also prints the same in the background (console).\n

The tool is currently in Beta stage (a lot of new features have been added lately), but it will absolutely be mature during the actual conference time.\n

Target Audience:
\nThe target audience for this tool is pretty broad - it involves both White Hat and Black Hat researchers alike. Basically, anybody who tests C programs, or reverse engineers any datastream produced from a C program will find this tool extremely useful. Examples of actual usage of this tool are noted below.\n

White Hat Testing (has access to source code):\nAt Intel, of course we have access to our own source code, so we do not need to speculate about the data format of Intel products. In Intel, this tool has found its wide usage in driver testing, network packet analyzing, firmware reversing etc. where the testers use this tool to confirm that we are indeed observing the intended value in the datastream.\n

Black Hat Testing (no access to source code):\nAn example of how this tool is useful for even Black Hat hackers is as follows. Suppose you believe that a certain executable or datastream should begin with a certain magic number, followed by version number, followed by a header, followed by data etc. So, you can just write a C structure corresponding to your \"hunch\", and then use this tool to map that hypothetical structure onto the datastream to see if the values corresponding to the fields \"make sense\" visually. This is where the visualization part of this tool comes as immensely useful - you can hover your cursor on top of any variable and see its corresponding data value, or hover your cursor over any data byte and see its corresponding variable(s). If some of the supposed fields in the structure make sense but others do not, you know for which fields you have hit the jackpot, and for which you didn\'t. So, you modify your structure accordingly and just two more clicks will give you the new visualization of the mapped data with the new structure. This way, you can use this tool iteratively to figure out the format of the datastream.\n

To summarize, this is a tool that has been widely used at Intel for both security testing and regular non-security testing for the last two years.\n

This tool, per se, is not targeted ONLY for security, but it has been proven to be extremely useful for security research (just like the case of a binary disassembler).\n

For the past couple of years, it has been used at Intel for both kinds of testers: Security researchers and regular non-security folks. Both groups of people found the tool to be extremely useful.\n

To the best of the author\'s knowledge, no such hacking tool currently exists. Thus, this tool can definitely contribute to a new perspective to DEF CON.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505\n

\'',NULL,220701),('3_Saturday','15','14:00','15:50','Y','DL','','\'ParseAndC\'','\'Parbati Kumar Manna\'','DL_ca2893c1d838d94c60df664525d68d3d','\'\'',NULL,220702),('4_Sunday','10','10:00','11:50','N','DL','','\'reNgine\'','\'Yogesh Ojha\'','DL_e231fa895796f9a989d20bfda9596d89','\'Title: reNgine
\nWhen: Sunday, Aug 8, 10:00 - 11:50 PDT
\nWhere: DemoLab Video Channel 1
\n
SpeakerBio:Yogesh Ojha\n
\nYogesh Ojha is a Research Software Engineer in TRG Research and Development, Cyprus where his research focuses on building solutions for Crime and Terror.As a Passionate Developer and a Hacker, Yogesh builds and maintains reNgine, an automated reconnaissance framework.He has delivered talks on IoT Security and Car Hacking at several conferences like BlackHat Europe, HITB Cyber Week Abu Dhabi, Open Source Summit, IoT Innovatech LATM, GreHack, NoConName, KazHackStan, FOSS Asia Summit, etc. When not building or breaking technologies, he spends his time with his dog Jasper.
\n\n
\nDescription:
\nShort Developer Bio: Yogesh Ojha is a Research Software Engineer in TRG Research and Development, Cyprus where his research focuses on building solutions for Crime and Terror.As a Passionate Developer and a Hacker, Yogesh builds and maintains reNgine, an automated reconnaissance framework.He has delivered talks on IoT Security and Car Hacking at several conferences like BlackHat Europe, HITB Cyber Week Abu Dhabi, Open Source Summit, IoT Innovatech LATM, GreHack, NoConName, KazHackStan, FOSS Asia Summit, etc. When not building or breaking technologies, he spends his time with his dog Jasper.\n

Tool or Project Name reNgine: An automated reconnaissance engine(framework)\n

Short Abstract: reNgine is an automated reconnaissance engine(framework) that is capable of performing end-to-end reconnaissance with the help of highly configurable scan engines on web application targets. reNgine makes use of various open-source tools and makes a highly configurable pipeline of reconnaissance to gather the recon result.reNgine also makes it possible for users to choose the tools they desire while following the same reconnaissance pipeline, example - with reNgine you aren\'t limited to using sublist3r for subdomains discovery, rather reNgine allows you to combine multiple tools like sublist3r, subfinder, assetfinder, and easily integrate them into your reconnaissance pipeline. The reconnaissance results are then displayed in a beautiful and structured UI after performing the co-relation in the results produced by these various tools. The developers behind reNgine understand that recon result most often is overwhelming due to the humongous data, so thatâ€™s why reNgine also comes with advanced query lookup using natural language operators like and, or and not. Imagine, doing recon on facebook.com and filtering the results like http_status!404&page_title=admin|page_title=dashbo ard&content_length>0&tech=phporseverity=critical|severity=high&vulnerability_titl e=xss|vulerability_title=cve-1234-xxxxreNgineâ€™s flexibility to easily incorporate any existing open-source tools and with advanced features like configurable scan engines, parallel scans, advanced query lookup on recon results, instant notification about the scan, scheduled scans, etc, separates reNgine from any other recon frameworks. reNgine can be used for both reconnaissance and actively monitoring the targets.URL to any additional information: Official Documentation: https://rengine.wiki reNgine v0.5 Major Update with Vulnerability Scan and Advanced recon Lookup Trailer and Demo: https://www.youtube.com/watch?v=DSOS_dkorBMreNgine release Trailer: https://www.youtube.com/watch?v=u8_Z2-3-o2MreNgine Development Timeline Video Trailer: https://www.facebook.com/10000176436...1638639238246/reNgine featured on Portswiggerâ€™s The daily Swig: https://portswigger.net/daily-swig/r...or-pen-testers reNgine community review: https://twitter.com/Jhaddix/status/1286547230078275585 https://twitter.com/ITSecurityguard/...58400926543879 https://twitter.com/ojhayogesh11/sta...21166811471872 https://twitter.com/search?q=https%3...rc=typed_query \n

Detailed Explanation of Tool: reNgine is an advanced reconnaissance framework for web application targets that uses various existing open-source tools to achieve this. The idea for reNgine came when I was bored during the lockdown and had nothing better to do. Back then I was working as a Security Analyst and my day job was to perform penetration testing on web applications. While I enjoyed my job, I hated performing recon on these targets because in almost all the cases the recon steps were pretty similar.\nExcept for certain cases, the recon steps I read, I performed, I saw others doing, were very similar. Same usage of tools, same usage of options/parameters/tuning. But I was bored with this recon methodology because, at times I needed the recon results to be saved in a structured way, come back the next day, and still do the analysis without wasting my yet another day on recon.\n

Also, since I had a day job, I used to do bug bounty during the night, and obviously, my office would fire me right away if I performed recon on bug bounty targets during my office hours, so also was looking for something that could help me schedule the scans on those targets, something like performing a scan every midnight, or lineup 100 scans on the pipeline and scan these targets one step at a time.\n

The recon results are very humongous on larger targets, and very difficult to search or find the specific results quickly. This was due to the reason that existing frameworks (open-source) had no ability to store the results on DB, almost all used text as output, and obviously, this wasnâ€™t going to be helpful unless you write extremely complex greps.\nSo, I went on to create one for myself and named it reNgine, abbreviated for reconnaissance engine. Why Engine? It is because reNgine has the ability to customize the scan engines. These engines are Yaml based configurations, you can add, remove or customize them.\n

So what is reNgine and how it solved the problems that no other recon frameworks were providing?\n

One of the most impressive features of reNgine is that it makes use of something called Scan Engines, these engines are highly configurable and allow you to choose the tools you like, configurations you like, example so you are not limited to using subfinder for subdomain gathering, you can use multiple of them, as many as you want. How difficult is it to choose tools? Very simple, just add the tool name in YAML configuration and youâ€™re good to go, reNgine will take care of the rest.This scan engine allows you to fine-tune the tools and perform scans in a much-advanced way. These scan engines have one to many relationships with the targets, meaning, you can define one scan engine, letâ€™s say â€˜Defcon Scanâ€™ that does Subdomain Discovery at 100 threads, grab screenshots at 50 threads, and also performs vulnerability scan. Now, once this scan engine is defined, you can use it against n number of targets without the need to modify and fine-tune the parameters every once in a while.\n

Sample Scan Engine Configuration:\n

subdomain_discovery: uses_tool: [ subfinder, sublist3r, assetfinder, oneforall ] thread: 10 wordlist: default amass_config: config_short_name subfinder_config: config_short_name\nport_scan: ports: [ top-100 ] exclude_ports: null thread: 10\nvisual_identification: port: xlarge thread: 2 http_timeout: 3000 screenshot_timeout: 30000 scan_timeout: 100\ndir_file_search: extensions: [ php,asp,aspx,txt,conf,db,sql,json ] recursive: false recursive_level: 1 thread: 100 wordlist: default\nfetch_url: uses_tool: [ gau, hakrawler ] intensity: aggressive\nvulnerability_scan: concurrent: 10 template: all severity: all\nexcluded_subdomains: - test.rengine.wiki - hello.test.com\n

This configuration and finetuning can be used against n targets.\nThe result of this recon is then stored in DB for co-relation.\n

Technology Stack:
\nreNgine uses the following technology stack:Web Framework: DjangoDatabase: PostgresDistributed Message Broker: RedisAsync Tasks and Scheduling Scans: Celery and Celery-beat\nRedis acts as a message broker between Django and Celery.Containerized everything by Docker\nreNgine has a dashboard-like UI, which makes it easy to co-relate the recon results.Example: https://user-images.githubuserconten...087b2b48d3.pnghttps://user-images.githubuserconten...d626127d88.png The purpose of creating the dashboard-like UI was so that one can easily filter the recon results like, â€œHey, I quickly want to filter a subdomain that has admin or dashboard in page title, and also has HTTP status as 200â€. With the existing recon frameworks, this was quite impossible. reNgineâ€™s dashboard makes it very easy to filter such use cases. Example: https://camo.githubusercontent.com/2...795f322e706e67\n

Key Features of reNgine:\n

Perform Recon:
\nSubdomain Discovery
\nPorts Discovery
\nEndpoints Discovery
\nDirectory Bruteforce
\nVisual Reconnaissance (Screenshot the targets)\nIP Discovery
\nCNAME discovery
\nSubdomain Takeover Scan
\nHighly configurable scan engines, use tools of your choice, open-source or integrate your own tool, use one configuration, fine-tuning against multiple targets\nRun multiple scans in parallel, running multiple scans is very simple, select n targets, choose the scan engine, and initiate the scan. reNgine and celery will take care of the rest.\nRun Clocked Scans (Run reconnaissance exactly at X Hours and Y minutes)\nRun Periodic Scans (Runs reconnaissance every X minutes/hours/days/week)\nPerform Vulnerability Scan using Nuclei and get notified when a vulnerability is discovered\nSend scan related notifications to Slack or Discord\nPerform Advanced Query lookup using natural language alike and, or, not operations\nExample: Assume that, you are looking for open redirection, you can quickly search for =http and look for HTTP status 30X, this will give high accuracy of open redirection with bare minimum effort.Out-of-Scope options available, if recon need not be performed on specific targets, define them on the scan engine and youâ€™re good to go. reNgine wonâ€™t perform anything on the out-of-scope subdomains.Redefined Dashboard that allows you to quickly find out the most vulnerable target and most commonly occurred vulnerability\nExample: https://user-images.githubuserconten...7e087c1a26.png\n

Upcoming Features:
\nScan Comparision
\nComparision of the scans performed on the target, to find out how many new vulnerabilities have been discovered since the last scan, how many new subdomains have been discovered since the last scan, etc. (Under Development)Interesting Subdomains Discovery\n

reNgine will discover the interesting subdomains based on the HTTP status, content length, and page title. For example, imagine the time saved by reNgine if reNgine tells you that, Hey admin.facebook.com is an interesting subdomain you might want to look up, now this is depended upon, HTTP status, content length, and many more factors (Under Development)\n

Source Code: https://github.com/yogeshojha/rengine\n

Target Audience:
\nThe targeted audience is both Offence and Defence on Web application Security.\n

The audience on the offense can use reNgine to perform active reconnaissance and gather more information about their next penetration testing target. This information includes but not limited to subdomains, ip address associated with it, endpoints, visual reconnaissance screenshot gathering, ports scan, and vulnerability scan as well.\n

And, the audience on defense can learn how to use reNgine to perform periodic scans on their (Intra/Extra)net web services, run the periodic open-source-powered vulnerability scanner, and get notified instantly when a vulnerability is identified.The beauty of reNgine is that, with minimal penetration testing and security experience, one can run the entire reconnaissance and gather the result so that it is well suited for both offense and defense.\n

As the purpose of this demo lab would be to demonstrate the capabilities of reNgine, the demo would be outlined in such a way that it can be well received by the audience of both the offense and defense sides.\n

reNgine is something I have worked really hard, spent countless nights working on it. Within a very short period of time, reNgine became one of the popular reconnaissance tools. Presenting this to fellow hackers will certainly gather new ideas on making reNgine a more advanced reconnaissance tool, which is one of the major reasons why I wish to present this to Defcon.\nOn the other hand, presenting this to Defcon will foster the open-source and hacker culture as I will explain about the in and out of reNgine and hopefully bring in many developers to contribute to reNgine as well.\n

Also, I plan to announce a major update in reNgine during Defcon, which I believe will bring innovation and excitement among the attendees as well. And of course, Defcon is the right platform to make everyone aware of the updates, advancements, and new features of reNgine.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505\n

\'',NULL,220703),('4_Sunday','11','10:00','11:50','Y','DL','','\'reNgine\'','\'Yogesh Ojha\'','DL_e231fa895796f9a989d20bfda9596d89','\'\'',NULL,220704),('2_Friday','10','10:00','11:50','N','DL','','\'Mooltipass\'','\'Mathieu Stephan\'','DL_577e2e1ace39e9c69772221751580f50','\'Title: Mooltipass
\nWhen: Friday, Aug 6, 10:00 - 11:50 PDT
\nWhere: DemoLab Video Channel 2
\n
SpeakerBio:Mathieu Stephan\n
\nMathieu Stephan is an electronics engineer who is actively involved in the open source movement. He specializes in designing devices from the ground up and alternates between full-time positions in the security and communication industries and contracting jobs in other sectors â€“ from quantum physics to Formula E cars. He has been a writer for Hackaday and has a personal website filled with electronics projects.\n
\n\n
\nDescription:
\nTool or Project Name: Mooltipass\n

Short Abstract: The Mooltipass project is a completely open-source ecosystem aimed at providing hardware-based authentication solutions. Its latest family member, the Mooltipass Mini BLE, features a dual microcontroller architecture aimed at separating the communications and security domains, together with an OLED screen and dedicated flash memories for credentials and graphics storage. The Mooltipass project is an ongoing 7-year adventure with contributors from around the globe. It has produced 3 hardware devices, multiple browser extensions, a cross-platform user interface and software daemon, an SSH agent and a python library.\n

Short Developer Bio: Mathieu Stephan is an electronics engineer who is actively involved in the open source movement. He specializes in designing devices from the ground up and alternates between full-time positions in the security and communication industries and contracting jobs in other sectors â€“ from quantum physics to Formula E cars. He has been a writer for Hackaday and has a personal website filled with electronics projects.\n

URL to any additional information: https://github.com/mooltipass/minible\n

Detailed Explanation of Tool: The Mooltipass project is an authentication ecosystem centered around several open source devices, the Mooltipass Standard, Mini and BLE.\n

Among its many features, it offers:
\nFiles, notes and credentials storage
\nFIDO2 (WebAuthn), TOTP and SSH support
\nNative credentials recall into browser login fields\nOn-device language and security parameter customization\nStandalone credential typing using the device\'s standard USB or Bluetooth Keyboard HID channels\nCross-platform tools allowing device database management and synchronization\nIts latest family addition, the Mini BLE, includes the following hardware features:\nA dual microcontroller architecture: the \'auxiliary\' ATSAMD21E18 takes care of USB (HID, FIDO2, custom HID) and Bluetooth Low Energy (HID and custom HID) communications while the \'main\' ATSAMD21G18 takes care of the rest.\nA dedicate hardware line for the main MCU to hard-disable BLE communications\nA 256x64x4bpp 2.08\" OLED screen
\nA clickable scroll wheel for fast user interaction\nA smartcard connector to interface with secure elements storing the encryption keys\nA dedicated flash memory for graphics, strings and signed firmware updates\nA dedicated flash memory for users\' encrypted databases\nPurpose-built charging electronics for the NiMH battery\nThe firmware running on the ATSAMD21E18 and on ATSAMD21G18 was built from scratch, except the crypto routines which are from the open source BearSSL library, and the BLE features which are from the Atmel-proprietary library. The firmware provides the following features:\nA fully-fledged graphical library that handles compressed bitmaps and font rendering, using an internal frame buffer as needed\nA custom-made database model allowing storage of credentials, files, notes and WebAuthn secrets while still allowing ease-of-use features such as favorites\nA read-only file system library allowing fetching of graphical data, user-selected language strings, firmware updates and keyboard HID lookup tables\nA dedicated abstraction layer allowing the device to send unicode text using simulated key presses through BLE & USB HID, with support for dozens of keyboard layouts\nGraphical and database storage support of the Unicode Basic Multilingual Plane\nTime based One Time Password (TOTP) and FIDO2 (WebAuthn) support\nOn-device password generation and credential display\nTo facilitate our development process and to allow device testing by everyone, we developed device emulators for Windows and Linux. These emulators also enable testing most of the Mooltipass ecosystem open-source software components:\n

Moolticute, a Qt-based cross-platform software tool composed of a daemon & user interface allowing the user to:\ncustomize device behavior (more than 30 settings, requested by our beta testers and users of previous generations of the Mooltipass)\nmanage, modify, import and export a user\'s database\ndirectly view and edit notes stored on the device\nupload and download files to and from the device\nmanage FIDO2 credentials\n
mc-agent, an SSH agent running on the OS side allowing password-less SSH authentication, written in Go\n
mooltipy, a python library to recall credentials stored on the Mooltipass\n
mc-cli, a command line tool written in Go to interact with the device

Supporting Files, Code, etc: https://github.com/mooltipass\n

Target Audience:
\nHardware, Defense\n

How will you or your Demo Lab contribute a new perspective to the content at DEF CON? The Mooltipass project takes a fundamentally different approach from the commonly used software-based security solutions that require non-compromised systems to run on. We want to show that there are open source hardware solutions out there that do not sacrifice security for ease-of-use and while reducing the attack surface to a very strict minimum.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988\n

\'',NULL,220705),('2_Friday','11','10:00','11:50','Y','DL','','\'Mooltipass\'','\'Mathieu Stephan\'','DL_577e2e1ace39e9c69772221751580f50','\'\'',NULL,220706),('2_Friday','12','12:00','13:50','N','DL','','\'Siembol\'','\'Marian Novotny\'','DL_f310cd5dd7cb869b92678ca942487a0c','\'Title: Siembol
\nWhen: Friday, Aug 6, 12:00 - 13:50 PDT
\nWhere: DemoLab Video Channel 2
\n
SpeakerBio:Marian Novotny\n
\nMarian Novotny received his PhD in Computer Science from the Faculty of Sciences at Pavol Jozef Safarik University in Kosice, Slovakia. In his PhD thesis he focused on the design and analysis of security protocols. He is currently working as a software engineer at G-Research, where he is responsible for the design, analysis and implementation of security data processing applications used for security monitoring and intrusion detection. In the past he worked as a specialized software engineer at ESET, where he designed and implemented network intrusion detection systems which were integrated into various ESET products.\n
\n\n
\nDescription:
\nTool or Project Name: Siembol\n

Short Abstract:
\nSiembol is Anti-Malware for the Cloud: an open-source real-time SIEM (Security Information & Event Management) tool based on big data technologies.\n

Short Developer Bio:
\nMarian Novotny received his PhD in Computer Science from the Faculty of Sciences at Pavol Jozef Safarik University in Kosice, Slovakia. In his PhD thesis he focused on the design and analysis of security protocols. He is currently working as a software engineer at G-Research, where he is responsible for the design, analysis and implementation of security data processing applications used for security monitoring and intrusion detection. In the past he worked as a specialized software engineer at ESET, where he designed and implemented network intrusion detection systems which were integrated into various ESET products.\n

URL to any additional information:
\nhttps://siembol.io\n

Detailed Explanation of Tool:
\nSiembol is an in-house developed security data processing application, forming the core of an internal Security Data Platform.\nFollowing the experience of using Splunk, and as early adopters of Apache Metron, the team needed a highly efficient, real-time event processing engine with fewer limitations and more enhanced features. With Metron now retired, Siembol hopes to give the community an evolved alternative.\nSiembol improvements over Metron:
\nComponents for real-time alert escalation: CSIRT teams can easily create a rule-based alert from a single data source, or they can create advanced correlation rules that combine various data sources. Pending: tool for translating a Sigma rule specification into siembol\nAbility to integrate with other systems using dedicated components and plugin architecture for easy integration with incident response tools\nAdvanced parsing framework for building fault tolerant parsers\nEnhanced enrichment component allowing for defining rules and joining enrichment tables\nConfigurations and rules are defined by a modern Angular web application, with a git-based approval process\nSupports OAUTH2/OIDC for authentication and authorization in the siembol UI\nEasy installation for use with prepared docker images and helm charts\nSiembol Use Cases:
\nSIEM log collection using open-source technologies\nDetection tool for discovery of leaks and attacks on infrastructure\n

Supporting Files, Code, etc:
\nhttps://github.com/G-Research/siembol\n

Target Audience:
\nDefense\n

Siembol is trying to provide SIEM functionality using open-source technologies, and is enthusiastic about building community around the project. We believe that this approach can help build a better open-source anti-malware cloud product.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988\n

\'',NULL,220707),('2_Friday','13','12:00','13:50','Y','DL','','\'Siembol\'','\'Marian Novotny\'','DL_f310cd5dd7cb869b92678ca942487a0c','\'\'',NULL,220708),('2_Friday','14','14:00','15:50','N','DL','','\'Zuthaka\'','\'Lucas Bonastre\'','DL_2665211018df9da2cf39e4cbb87a1289','\'Title: Zuthaka
\nWhen: Friday, Aug 6, 14:00 - 15:50 PDT
\nWhere: DemoLab Video Channel 2
\n
SpeakerBio:Lucas Bonastre\n
\nLucas started his career studying Mathematics at the University of Buenos Aires, however when his uncle gave him a C++ book, he realized his true passion for programming and his outstanding ability for problem-solving. He worked across cybersecurity and technology firms and is a vetted developer in many languages such as C/C++, Python, Java, and PHP. Now he is a full time developer and security researcher at Pucara Information Security. In his spare time, he is an expert chess player and he is studying AI to analyze foosball strategies.\n
\n\n
\nDescription:
\nTool or Project Name: Zuthaka\n

Short Abstract:
\nA collaborative free open-source Command & Control development framework that allows developers to concentrate on the core function and goal of their C2.\nZuthaka presents a simplified API for fast and clear integration of C2s and provides a centralized management for multiple C2 instances through a unified interface for Red Team operations.\n

Short Developer Bio:
\nLucas started his career studying Mathematics at the University of Buenos Aires, however when his uncle gave him a C++ book, he realized his true passion for programming and his outstanding ability for problem-solving. He worked across cybersecurity and technology firms and is a vetted developer in many languages such as C/C++, Python, Java, and PHP. Now he is a full time developer and security researcher at Pucara Information Security. In his spare time, he is an expert chess player and he is studying AI to analyze foosball strategies.\n

URL to any additional information:
\nhttps://docs.zuthaka.com/-MYVExFNbaf2ARSR5z2e/\n

Detailed Explanation of Tool:\n

Problem Statement: The current C2s ecosystem has rapidly grown in order to adapt to modern red team operations and diverse needs (further information on C2 selection can be found here). This comes with a lot of overhead work for Offensive Security professionals everywhere. Creating a C2 is already a demanding task, and most C2s available lack an intuitive and easy to use web interface. Most Red Teams must independently administer and understand each C2 in their infrastructure.\n

Solution: With the belief that community efforts surpass that of any individual, Zuthaka presents a simplified API for fast and clear integration of C2s and provides a centralized management for multiple C2 instances through a unified interface for Red Team operations.\n

â€ŒZuthaka is more than just a collection of C2s, it is also a solid foundation that can be built upon and easily customized to meet the needs of the exercise that needs to be accomplish. This integration and development framework for C2 allows developers to concentrate on a unique target environment and not have to reinvent the wheel.\n

Please reefer to the supporting files for more detailed information about Zuthaka.\n

Supporting Files, Code, etc:
\nDocs : https://docs.zuthaka.com/-MYVExFNbaf2ARSR5z2e/\nGithub : https://github.com/pucarasec/zuthaka\nDemo Video: https://youtu.be/pcW9Hj5Jzu0\nTarget Audience:
\nOffensive developers, Red Teamers Operators, C2 Developers\n

Problem Statement:
\nThe current C2s ecosystem has rapidly grown in order to adapt to modern red team operations and diverse needs (further information on C2 selection can be found here). This comes with a lot of overhead work for Offensive Security professionals everywhere. Creating a C2 is already a demanding task, and most C2s available lack an intuitive and easy to use web interface. Most Red Teams must independently administer and understand each C2 in their infrastructure.\n

Solutions: With the belief that community efforts surpass that of any individual, Zuthaka presents a simplified API for fast and clear integration of C2s and provides a centralized management for multiple C2 instances through a unified interface for Red Team operations.\n

Additional information:
\nThe github repository is private ,until the release of the tool, but we can provide an early access to the repository for the reviewers.\nAll the information is available on: https://docs.zuthaka.com/-MYVExFNbaf2ARSR5z2e/\n

\n
This content will be presented on a Discord video channel.\n

#dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988\n

\'',NULL,220709),('2_Friday','15','14:00','15:50','Y','DL','','\'Zuthaka\'','\'Lucas Bonastre\'','DL_2665211018df9da2cf39e4cbb87a1289','\'\'',NULL,220710),('3_Saturday','10','10:00','11:50','N','DL','','\'Ruse\'','\'Mike Kiser\'','DL_fd13ca6319f7b06ae66bd92f36c58e58','\'Title: Ruse
\nWhen: Saturday, Aug 7, 10:00 - 11:50 PDT
\nWhere: DemoLab Video Channel 2
\n
SpeakerBio:Mike Kiser\n
\nMike Kiser is insecure. He has been this way since birth, despite holding a panoply of industry positions over the past 20 yearsâ€”from the Office of the CTO to Security Strategist to Security Analyst to Security Architectâ€”that might imply otherwise. In spite of this, he has designed, directed, and advised on large-scale security deployments for a global clientele. He is currently in a long-term relationship with fine haberdashery, is a chronic chronoptimist (look it up), and delights in needlessly convoluted verbiage. He speaks regularly at events such as the European Identity Conference and the RSA Conference, is a member of several standards groups, and has presented identity-related research at Black Hat and Def Con. He is currently a Senior Identity Strategist for SailPoint Technologies.\n
\n\n
\nDescription:
\nTool or Project Name: Ruse\n

Short Abstract:
\nFacial recognition is eroding privacy and other human rights. Industry and government have ethical responsibilities to prevent this, but what if there were a way to enhance privacy for individuals without waiting for the cavalry? Adversarial technology gives people a way to protect this biometric. Ruse is an open-source mobile app that uses some of the research from the past year to enable â€œnormalâ€ people to protect the photos that they put online from being processed by commercial facial recognition products.\n

Short Developer Bio:
\nMike Kiser is insecure. He has been this way since birth, despite holding a panoply of industry positions over the past 20 yearsâ€”from the Office of the CTO to Security Strategist to Security Analyst to Security Architectâ€”that might imply otherwise. In spite of this, he has designed, directed, and advised on large-scale security deployments for a global clientele. He is currently in a long-term relationship with fine haberdashery, is a chronic chronoptimist (look it up), and delights in needlessly convoluted verbiage. He speaks regularly at events such as the European Identity Conference and the RSA Conference, is a member of several standards groups, and has presented identity-related research at Black Hat and Def Con. He is currently a Senior Identity Strategist for SailPoint Technologies.\n

URL to any additional information:
\nhttps://github.com/derrumbe/Ruse\n

Detailed Explanation of Tool:\n

In an ideal world, this tool would utilize two of the latest techniques (Fawkes (http://sandlab.cs.uchicago.edu/fawkes/) / Lowkey) that have been pioneered at various academic institutions over the past year. However, for an app such as this one to truly work, ease-of-use is essential. This means that it must be delivered in a mobile format, which restricts the app to using TensorFlow Lite - which in turn means no on-board learning, and that whatever techniques it uses must be as quick and as easy to use as FaceID on a localized device is. (ironic, no?)\n

However, decent results can be had with a cheaper, faster combination of techniques â€” injecting perlin noise into the photos, a la Camera Adversaria: https://github.com/kieranbrowne/camera-adversaria, and modifying the photo by applying an arbitrary style through the relatively well known â€œarbitrary style transferâ€ technique. The combination of these two is powerful enough to warrant further development because it impacts two different processes involved in facial recognition: facial detection and facial classification.\n

This currently comes at a slight cost to the end user in terms of human intelligibility, but the app also allows for in-flow modification of the impact of these changes (and their protection.) There are some onboard facilities to check for the impact of these changes: Google MLKit to check for facial recognition, for example, so that the end user can dial down the modifications to a limit that is effective but not as disruptive.\n

This is a camera-centric mobile app, so the flow looks like this: photo from camera or roll -> apply perlin noise -> apply style filter -> check for impact against facial recognition -> save to roll or upload to social media\n

The app is on github here: https://github.com/derrumbe/Ruse and will be released onto the android and apple app stores in its first release (hopefully for DefCon): as noted before, ease-of-use is the goal.\n

Operating system:
\nSwift (iOS) / Java (android â€“ lagging behind ios currently, but it will be transposed later this summer, hopefully)\nTensorflow Version: TensorFlowLiteSwift , nightly build (with GPU accel on)\nGoogleMLKit
\nGPUImage: https://github.com/BradLarson/GPUImage (open source)\nSimplexNoise : https://weber.itn.liu.se/~stegu/simp...plexNoise.java (open source)\n

Supporting Files, Code, etc:
\nhttps://github.com/derrumbe/Ruse\n

Target Audience:
\nConsumer Mobile Offense?\n

\n
This content will be presented on a Discord video channel.\n

#dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988\n

\'',NULL,220711),('3_Saturday','11','10:00','11:50','Y','DL','','\'Ruse\'','\'Mike Kiser\'','DL_fd13ca6319f7b06ae66bd92f36c58e58','\'\'',NULL,220712),('3_Saturday','12','12:00','13:50','N','DL','','\'USBSamurai\'','\'Luca Bongiorni\'','DL_0581a48cd551703e9c5ef43ca15cbf0a','\'Title: USBSamurai
\nWhen: Saturday, Aug 7, 12:00 - 13:50 PDT
\nWhere: DemoLab Video Channel 2
\n
SpeakerBio:Luca Bongiorni\n
\nLuca Bongiorni is working as Head of Offensive Security. He is also actively involved in InfoSec where his main fields of research are: Radio Networks, Reverse Engineering, Hardware Hacking, Internet of Things, and Physical Security. He also loves to share his knowledge and present some cool projects at security conferences around the globe.\n
\n\n
\nDescription:
\nTool or Project Name: USBsamurai\n

Short Abstract:
\nDuring this talk, after a bit of history of hardware implants, will be presented a new hacking device: USBsamurai. A remotely-controlled USB HID injecting cable that costs less than 10 EUR to produce from off-the-shelf components (a cable and a USB radio transceiver) that can be used to compromise targets remotely (i.e. over a 2.4GHz undetectable protocol) in the stealthiest way ever seen & also bypass Air-Gapped Environments like a boss!\n

Extended Version:
\nDuring the last years, hardware implants have become a popular attack vector in air-gapped environments such as industrial networks: Stuxnet (2010), Operation Copperfield (2017), and the recent ransomware attack that has led to a shutdown in a US natural gas facility are only some notable cases. In parallel, in an effort to raise the bar of red-teaming operations, security researchers have been designing and releasing powerful open-source devices with the intent to make Red-Teaming operations even more interesting and disruptive. Smoothing the path to new TTPs and improving old ones. As a result, hardware implants should always be included in the threat modeling of an industrial facility.\nDuring this talk, after a bit of history of hardware implants, will be presented a new hacking device: USBsamurai. A remotely-controlled USB HID injecting cable that costs less than 10 EUR to produce from off-the-shelf components (a cable and a USB radio transceiver) that can be used to compromise targets remotely (i.e. over a 2.4GHz undetectable protocol) in the stealthiest way ever seen & also bypass Air-Gapped Environments like a boss!\n

This presentation will be quite technical, tailored for an ICS security audience. Come to this talk to start preparing for the next wave of attacks that can pass undetected by most of the existing security solutions available on the market.\n

Finally, I\'ll conclude the talk with practical, actionable countermeasures to prevent and detect HID attacks, and conclude by explaining how to approach a forensics analysis in presence of USB implants.\n

Short Developer Bio:
\nLuca Bongiorni is working as Head of Offensive Security. He is also actively involved in InfoSec where his main fields of research are: Radio Networks, Reverse Engineering, Hardware Hacking, Internet of Things, and Physical Security. He also loves to share his knowledge and present some cool projects at security conferences around the globe.\n

URL to any additional information:
\nhttps://medium.com/@LucaBongiorni/us...0-ebf4b81e1d0b\n

Detailed Explanation of Tool:
\nUSBsamurai is a DIY hardware implant disguised as USB cable that allows to remotely inject over an undetectable RF channel an agent in memory that allows a remote threat actor to get a realtime shell over a target that can also be air-gapped. In practice a nightmare for any BlueTeam out there. Have you ever seen an USB cable that can bypass an air-gapped system and return a live remote-shell over an undetectable RF channel?\nhttps://www.youtube.com/watch?v=2BAzD27k_Gk (Please keep it confidential because the link is unlisted)\n

Supporting Files, Code, etc:
\nhttps://medium.com/@LucaBongiorni/us...s-4bd47abf8f87\n

Target Audience:
\nOffense, Hardware, ICS\n

Create awareness on Hardware Implants. The real ones. Not the grain of rice from Bloomberg\'s article. ;]\n

During the years I have tested multiple DLP solutions out there claiming to sanitize and protect assets from USB-related threats. Surprisingly, most of the time vendors kinda lie (or... saying in a more polite way... they forget about HID class of devices).\n

Security Officers MUST understand that hardware implants exist and they don\'t cost anymore like 10,000 $USD like NSA\'s TAO FIREWALK implant!\n

Finally, in pure DEF CON style, sharing how to create an offensive hardware implant out of a 10$ USB dongle from a commercial mouse, it is always a good way to spread knowledge among fellow hackers. :)\n

\n
This content will be presented on a Discord video channel.\n

#dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988\n

\'',NULL,220713),('3_Saturday','13','12:00','13:50','Y','DL','','\'USBSamurai\'','\'Luca Bongiorni\'','DL_0581a48cd551703e9c5ef43ca15cbf0a','\'\'',NULL,220714),('4_Sunday','10','10:00','11:50','N','DL','','\'Frack\'','\'William Vermaak\'','DL_662edb1d0588aaf14d21ca01070b7e1d','\'Title: Frack
\nWhen: Sunday, Aug 8, 10:00 - 11:50 PDT
\nWhere: DemoLab Video Channel 2
\n
SpeakerBio:William Vermaak\n
\nWilliam is a Security Analyst at Orange Cyberdefense\'s SensePost team, specialising in penetration testing. He has been an ethical hacker since 2012 working on many different types of projects for many major banks and insurance houses in South Africa and abroad. Mobile platforms are his focus as he thoroughly enjoys breaking mobile applications and figuring out how they work. He has done several radio interviews (https://iono.fm/e/892386 and https://iono.fm/e/893010) and has also presented several training courses such as the SensePost SecDevOps training. William is currently focussing on designing a Mobile Hacking course.\n
\n\n
\nDescription:
\nTool or Project Name: Frack\n

Short Abstract:
\nFrack is a tool created to be an end-to-end solution to store, manage and query collected breach data. The tool has a basic workflow making it easy to use. Using a very minimal cloud footprint, Frack makes it possible to store vast amounts of data in the cloud while retaining an extremely fast query speed. Query results end up in a neat Excel sheet where all of the breaches the domain was found in, including user passwords or hashes (depending on what was leaked in the breach). The Excel sheet also gives information regarding the breach it was found in and the date the breach first appeared. Having this data at your fingertips makes it easy to show a client their exposure and to use the data as a starting point when doing external or infrastructure assessments. The tool also includes the ability to use custom parse plugins which will parse raw dumps into usable data and convert it so you can use it directly in the database.\n

Short Developer Bio:
\nWilliam is a Security Analyst at Orange Cyberdefense\'s SensePost team, specialising in penetration testing. He has been an ethical hacker since 2012 working on many different types of projects for many major banks and insurance houses in South Africa and abroad. Mobile platforms are his focus as he thoroughly enjoys breaking mobile applications and figuring out how they work. He has done several radio interviews (https://iono.fm/e/892386 and https://iono.fm/e/893010) and has also presented several training courses such as the SensePost SecDevOps training. William is currently focussing on designing a Mobile Hacking course.\n

URL to any additional information:
\nThe tool leverages Apache ORC as a destination file format for parsed breaches. These are uploaded to Google\'s Big Query for processing. See:\nhttps://orc.apache.org/
\nhttps://github.com/noirello/pyorc
\nDetailed Explanation of Tool:
\nThe tool was written in Python and will be distributed under the GNU General Public v3 License. The tool consists of three modulesmain features; generic parsing, plugin-based parsing and database maintenance.\n

The parse module is used to parse a semi clean .CSV file consisting of any of the following formats:\n<email>,<password>
\n<email>,<hash>
\n<email>,<hash>,<salt>
\nFor known data breaches, a plugin system lets you consume raw data dumps without any need for modification.The parser will then convert the data to the .ORC file format (https://orc.apache.org/) resulting in small uploads to the cloud and very fast query times. These .ORC files are then ingested into a Google BigQuery table. The query module can then be used to query the data that you have uploaded into the BigQuery table.\n

The tool also includes a DB module where you can perform basic DB maintenance, start ingestion jobs, and see stats of the database. \n

Supporting Files, Code, etc:
\nIf needed, an invitation to look at the source code beforehand can be arranged. It currently lives in a private GitHub repository.\n

Target Audience:
\nOffense, Defense, OSINT\n

Nothing can stop the data flow! Every day we are bombarded with news reports of another data breach that has been published on the internet. Frack provides an easy way to manage this data on Google cloud infrastructure.\n

\n
This content will be presented on a Discord video channel.\n

#dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988\n

\'',NULL,220715),('4_Sunday','11','10:00','11:50','Y','DL','','\'Frack\'','\'William Vermaak\'','DL_662edb1d0588aaf14d21ca01070b7e1d','\'\'',NULL,220716),('4_Sunday','12','12:00','13:50','N','DL','','\'Cotopaxi\'','\'Jakub Botwicz\'','DL_638484107bd308f87073fc272741e847','\'Title: Cotopaxi
\nWhen: Sunday, Aug 8, 12:00 - 13:50 PDT
\nWhere: DemoLab Video Channel 1
\n
SpeakerBio:Jakub Botwicz\n
\nJakub Botwicz, Ph.D. works as a security researcher in one of global investment banks. He has more than 17 years of experience in information security and previously worked in: one of the world\'s leading payment card service providers, Big4 consulting company and vendor of network encryption devices. Jakub holds a Ph.D. degree from Warsaw University of Technology. During the last 3 years he has reported more than 50 CVEs (security vulnerabilities) in publiccomponents - mainly IoT libraries.\n
\n\n
\nDescription:
\nTool or Project Name: Cotopaxi\n

Short Abstract:
\nCotopaxi is a set of tools for security testing of Internet of Things devices using specific network IoT/IIoT/M2M protocols (AMQP, CoAP, DTLS, gRPC, HTTP/2, HTCPCP, KNX, mDNS, MQTT, MQTT-SN, QUIC, RTSP, SSDP).\n

Short Developer Bio:
\nJakub Botwicz, Ph.D. works as a security researcher in one of global investment banks. He has more than 17 years of experience in information security and previously worked in: one of the world\'s leading payment card service providers, Big4 consulting company and vendor of network encryption devices. Jakub holds a Ph.D. degree from Warsaw University of Technology. During the last 3 years he has reported more than 50 CVEs (security vulnerabilities) in publiccomponents - mainly IoT libraries.\n

URL to any additional information:
\nhttps://github.com/Samsung/cotopaxi/...aster/cotopaxi\n

Detailed Explanation of Tool:
\nCurrently available tools used for security testing, like nmap or OpenVAS, do not support all new IoT protocols (e.g. CoAP, DTLS, HTCPCP, QUIC). So possibilities to test IoT products and discover such devices in tested networks are limited. We are working to fill this gap with the Cotopaxi toolkit.\n

New features in the release for DEF CON 2021 are:\nIntegration with Metasploit
\nExtended set of corpuses for fuzzing and traffic classification\nMutation-based features for server and client fuzzing\nNew vulnerabilities in the database
\nMain features of our toolkit are:
\nChecking availability of network services for supported IoT protocols at given IPs and port ranges (\"service ping\")\nRecognizing the software used by remote network server (\"software fingerprinting\") based on responses for given messages using machine learning classifier,\nAnalysis of network traffic to identify network protocols used.\nClassification of IoT devices based on captured traffic samples.\nDiscovering resources identified by given URLs (\"dirbusting\" of URLs or services)\nPerforming black-box fuzzing of IoT protocols based on corpus of packets prepared using coverage-based fuzzer.\nIdentifying known vulnerabilities.
\nDetecting network traffic amplification (cases where network servers are responding with larger network messages than received requests).\n

Supporting Files, Code, etc:
\nhttps://pypi.org/project/cotopaxi/\n

Target Audience:
\nOffense, Defense, AppSec, IoT\n

\n
This content will be presented on a Discord video channel.\n

#dl-video1-voice: https://discord.com/channels/708208267699945503/734027693250576505\n

\'',NULL,220717),('4_Sunday','13','12:00','13:50','Y','DL','','\'Cotopaxi\'','\'Jakub Botwicz\'','DL_638484107bd308f87073fc272741e847','\'\'',NULL,220718),('2_Friday','14','14:00','15:50','N','DL','','\'Open Bridge\'','\'Constantine Macris\'','DL_0e17c1f7fc04dbb56440fa9b46092552','\'Title: Open Bridge
\nWhen: Friday, Aug 6, 14:00 - 15:50 PDT
\nWhere: Palace 1+2
\n
SpeakerBio:Constantine Macris\n
\nNo BIO available
\n\n
\nDescription:
\nTool or Project Name: Open Bridge Simulator\n

Short Abstract:
\nOpen Bridge Simulator provides a platform to explore the NMEA 2000 protocol, maritime electronics and CAN interfaces in a cost effective (under $50) software/hardware suite.\n

Short Developer Bio:
\nConstantine is an instructor at the US Coast Guard Academy where he teaches Cyber Systems. On the side he breaks things...\n

URL to any additional information: https://github.com/thedini/openBridge\n

Detailed Explanation of Tool:
\nOver the years I have built various tools that pull data from and put data on the NMEA 2000 maritime electronics bus. From talking boats (Twitter @CES_bigAl) to a network of connected recreational vessels. It was always a struggle because of the somewhat obscure nature of the application (boats/yachts/ships) and the difficulty and cost in obtaining hardware and tools to learn about the systems. Open Bridge Simulator is an open source project (software and eventually hardware) that aims to make this process more cost effective and obtainable to individuals without $10,000 laying around to purchase expensive maritime electronics. \n

The demo lab will involve:
\nReviewing the NMEA 2000 protocol
\nSeeing the simulator and estimated cost of the system produced by the US Coast Guard Academy Capstone team ( an example of an expensive solution)\nReviewing the architecture of a standard NMEA 2000 network (with live devices)\nThe traditional means of interacting with the NEMA 2000 network\nAn introduction and demo of the Open Bridge Simulator software and hardware\nI also intend to cover some of the challenges we faced in developing this project as well as ways we can work together to make learning about NMEA 2000 more inclusive.\n

The general project will be using off the shelf hardware (Teensy 4.1, WCMCU-230 Can Transceiver) to interface with Docker containers that simulate different marine electronics so a user with less than $50 in hardware can simulate an entire bridge system on almost any computer. The project is designed to be a framework to allow individuals to share the devices they build and create a library of bridge systems that can be connected to simulate industry accurate systems.\n

This project can stand alone or interface with an existing system and can act as an educational tool, defense and simulation tool or prove out attacks.\n

The overall goal of Open Bridge Simulator is to make playing with NMEA 2000 easier!\n

Target Audience: Hardware, Education, Defense\n

The purpose of this project is to make learning and playing with NMEA2000 more reasonable and affordable for beginners and those without access to expensive hardware (like GPS head units). I think that reducing the cost and barrier to entry will bring more people into the space and shine a light onto a somewhat obscure and difficult area to get started.\n

\n\'',NULL,220719),('2_Friday','15','14:00','15:50','Y','DL','','\'Open Bridge\'','\'Constantine Macris\'','DL_0e17c1f7fc04dbb56440fa9b46092552','\'\'',NULL,220720),('3_Saturday','10','10:00','11:50','N','DL','','\'PMapper\'','\'Erik Steringer\'','DL_1d15f458a05034e5599ec94de1d597ec','\'Title: PMapper
\nWhen: Saturday, Aug 7, 10:00 - 11:50 PDT
\nWhere: Palace 1+2
\n
SpeakerBio:Erik Steringer\n
\nErik Steringer is a Senior Security Consultant with NCC Group.\n
\n\n
\nDescription:
\nTool or Project Name: Principal Mapper (PMapper) - Mapping Privilege Escalation and More in AWS IAM\n

Short Abstract:
\nPrincipal Mapper (PMapper) is an open-source tool and library for assessing AWS IAM and AWS Organizations for security concerns, such as privilege escalation and resource isolation. It tracks and identifies the different ways that one given IAM User/Role (Principal) could pivot to other IAM Users or Roles by reviewing all applicable IAM Policies. After gathering this data, PMapper can perform additional analysis, querying, and visualization.\n

The querying and analysis systems of PMapper goes beyond checking if a principal is authorized to make a specific AWS API call. It will check if the principal can go through other principals to make a specified AWS API call. In a real-world example: if a user is not authorized to get an S3 object, PMapper also checks if the user can run an EC2 instance with a role as a means of bypassing that restriction. This means that PMapper tells you the effective permissions of each IAM User and Role, and the impact of the extra access you may inadvertently grant to those principals.\n

Short Developer Bio:
\nErik Steringer is a Senior Security Consultant with NCC Group.\n

URL to any additional information:
\nhttps://github.com/nccgroup/PMapper/wiki\n

Detailed Explanation of Tool:
\nPMapper is a free and open source project written in Python 3. The v1.1.X release added support for resource policies, SCPs, permission boundaries, and session policies, which means it now works for cross-account scenarios. Additionally, it can now map and handle AWS Organizations.\n

At a high level, the different operations of PMapper include gathering data (account or organization), querying, analysis, and visualization. All work typically starts with gathering data. When gathering an account\'s data, PMapper composes a graph to represent the account. The graph includes different IAM Users/Roles, represented as nodes. The graph also tracks how nodes can access each other, as edges. One example of an edge is when a principal can call sts:AssumeRole to access an IAM Role.\n

The account graph is used by the query component. During all queries, PMapper checks the specified principal and then other principals that can be pivoted to by the specified principal. This catches risks where a given user or role can bypass their own limited permissions with other users or roles. This is also the root of the privilege escalation detection. The different users and roles are marked as administrators if they can effectively call any API operation with any resource, and the privilege escalation detection finds non admins that can pivot to admins through an edge.\n

The authorization simulator of PMapper runs completely locally, with no calls to the AWS IAM Policy Simulation APIs. It can handle the most complex types of IAM Policies, and other types of policies that even the simulation APIs donâ€™t include (SCPs, Session Policies).\n

The graph data, query component, and underlying authorization simulator enable PMapper to catch risks that other tools (ScoutSuite, awspx, Cartography, Aaia, CloudMapper, AWS IAM Access Analyzer) cannot. A lot of those risks are covered with the analysis component of PMapper. It can also be extended through the `principalmapper` package to check for even more specific needs.\n

Supporting Files, Code, etc:
\nhttps://github.com/nccgroup/PMapper\n

Target Audience:
\nDefense, Cloud\n

As a consultant, Iâ€™ve had the opportunity to work in a variety of AWS environments across a range of clients and requirements. I think PMapper reflects a lot of the lessons learned during these last few years. Some of the recent work Iâ€™ve put into PMapper helps show where I think the future is (infrastructure as code analysis) for tools in this space.\n

\n\'',NULL,220721),('3_Saturday','11','10:00','11:50','Y','DL','','\'PMapper\'','\'Erik Steringer\'','DL_1d15f458a05034e5599ec94de1d597ec','\'\'',NULL,220722),('3_Saturday','14','14:00','15:50','N','DL','','\'Shutter\'','\'Dimitry \"Op_Nomad\" Snezhkov\'','DL_a570740882f0cc1abfff0e2e2ec87d8c','\'Title: Shutter
\nWhen: Saturday, Aug 7, 14:00 - 15:50 PDT
\nWhere: Palace 1+2
\n
SpeakerBio:Dimitry \"Op_Nomad\" Snezhkov\n
\nDimitry Snezhkov is an Associate Director at Protiviti. In this role he hacks code, tools, networks, apps and sometimes subverts human behavior too. Dimitry has spoken at DEF CON, BlackHat, THOTCON conferences, and presented tools at BlackHat Arsenal.
\nTwitter: @Op_Nomad
\n\n
\nDescription:
\nTool or Project Name: Shutter\n

Short Abstract:
\nThe goal of Shutter is to manage windows network stack communication via Windows Filtering Platform. Management can include blocking or permitting traffic based on IP or an executable that initiates or receives the traffic.\n

This is useful to blackhole event logging, defensive agent communication, or explicitly permit specific executables to communicate if they have been previously restricted by policy.\n

Shutter installs rules in a memory running session without touching the windows firewall itself or invocation of `netsh` command, thereby minimizing detection during long haul RT operations.\n

As a generic mechanism for managing network traffic it can help operators in:\npunching through firewalls without shutting them down\nnot creating persistent rules
\nevading reporting on `netsh` invocation\nblackholing EDRs and activity supervising agents.\nstudying existing security providers, active filters and network endpoints involved in network communication\nShort Developer Bio:
\nI support initiatives in offensive testing for my team by writing code where needed.\n

Interests include network-based command and controls, data exfiltration mechanisms, evasion.\n

URL to any additional information: https://github.com/dsnezhkov/shutter \n

Detailed Explanation of Tool: Please see https://github.com/dsnezhkov/shutter...main/README.md \n

Supporting Files, Code, etc: https://github.com/dsnezhkov/shutter \n

Target Audience: Offense\n

Offensive teams can use the tool to better simulate attacks that involve WFP. \n

\n\'',NULL,220723),('3_Saturday','15','14:00','15:50','Y','DL','','\'Shutter\'','\'Dimitry \"Op_Nomad\" Snezhkov\'','DL_a570740882f0cc1abfff0e2e2ec87d8c','\'\'',NULL,220724),('2_Friday','10','10:00','11:50','N','DL','','\'WiFi Kraken Lite\'','\'Mike Spicer,Henry Hill\'','DL_b5cb1746c9274d45c015d4b24118bb7f','\'Title: WiFi Kraken Lite
\nWhen: Friday, Aug 6, 10:00 - 11:50 PDT
\nWhere: Palace 3+4+5
\nSpeakers:Mike Spicer,Henry Hill
\n
SpeakerBio:Mike Spicer\n
\nMike Spicer (d4rkm4tter) is a mad scientist hacker who likes to meddle with hardware and software. He is particularly obsessed with wireless. He has a degree in computer science which he has put to use building and breaking a wide array of systems. These include web application pentesting, wireless monitoring and tracking as well as reverse engineering. He is the creator of the #WiFiCactus and has been seen presenting and demoing at a number of conferences including DEF CON. He is a Kismet cultist and active in the wireless and wardriving communities.\n
\n
SpeakerBio:Henry Hill\n
\nHenry Hill is an expert with computer hardware and is able to design and build the most bleeding edge systems that are the fastest in the world. His internal knowledge of architecture and system bottlenecks help him build systems capable of extreme processing and even faster storage. Henry is also an expert with mechanical engineering and fabrication. When his modifications arenâ€™t appearing in d4rkm4tterâ€™s projects, they can be seen in his race car at the track.\n
\n\n
\nDescription:
\nTool or Project Name: The WiFi Kraken Lite\n

Short Abstract:
\nD4rkm4tter and Henry have been obsessed with monitoring wireless networks and have built hardware to meet the challenges of scanning and testing in the most busy and client dense environments. The WiFi-Kraken Lite contends with these issues in a smaller package without sacrificing any monitoring performance. This project is the results of years of research into the most effective way to scan and audit wireless in a single box that can be easily deployed or used as a hardened terminal in the most rugged conditions.\n

The WiFi-Kraken Lite consists of a single-board computer which connects 12 wireless radios that enables scanning and auditing WiFi, Bluetooth, LoRaWAN and other commonly used wireless protocols. The number of wireless devices is growing as well as the way those devices are being connected. Having an all-in-one wireless monitoring solution will give you the ability to track this data across these bands and give you the best picture of whatâ€™s happening in the air around you.\n

This demonstration will provide you the information so that you can build your own all-in-one monitoring device. You will also gain an overview of capture technologies including Kismet that will help you perform this type of analysis in your own environments. Finally once the data is capture, you will get an understanding of efficient data processing using tools like Wireshark and d4rkm4tterâ€™s own PCAPinator tool.\n

Short Developer Bio:
\nMike Spicer (d4rkm4tter) is a mad scientist hacker who likes to meddle with hardware and software. He is particularly obsessed with wireless. He has a degree in computer science which he has put to use building and breaking a wide array of systems. These include web application pentesting, wireless monitoring and tracking as well as reverse engineering. He is the creator of the #WiFiCactus and has been seen presenting and demoing at a number of conferences including DEF CON. He is a Kismet cultist and active in the wireless and wardriving communities.\n

Henry Hill is an expert with computer hardware and is able to design and build the most bleeding edge systems that are the fastest in the world. His internal knowledge of architecture and system bottlenecks help him build systems capable of extreme processing and even faster storage. Henry is also an expert with mechanical engineering and fabrication. When his modifications arenâ€™t appearing in d4rkm4tterâ€™s projects, they can be seen in his race car at the track.\n

URL to any additional information:
\nPalshack.org/wifi-kraken-lite (Site will be online for DEF CON)\n

Detailed Explanation of Tool:
\nThe WiFi-Kraken Lite is a wireless monitoring system that is a rugged box with a single board computer and 12 wireless devices that are capable of simultaneously monitoring a large number of frequencies and protocols while storing that data in real time. The primary motivation for this project was to be able to gain visibility into as much of the wireless spectrum as possible in very congested networks in a small rugged form factor. Networks with a large number of clients that have a large number of access points can be difficult to perform analysis on. These networks typically have clients who switch between networks and can switch frequencies lending to more confusion when tracking with only a single radio. By increasing the number of radios as well\nas adding support for other protocols beyond just WiFi, a more complete understanding of the wireless environment can be documented. This information can then be used for defenders or penetration testers to identify vulnerable networks, vulnerable clients, or verify security that can be easily documented and audited.\n

The hardware is set up so that it minimizes the number of bottlenecks between the actual frames in the air and when it writes the data to disk. It does this by taking advantage of the high-bandwidth PCI-express bus to connect wireless devices. From there the data transfers to a high-speed NVMe storage device. The operating system is Linux which allows us to take advantage of a number of open source tools and projects that help us capture the data. These projects include Kismet, BlueZ, btscanner, and Feather TFT LoRa Sniffer. Custom scripts help us manage and easily configure The WiFi-Kraken Lite for the desired mode.\n

The buildout of the project uses a hardened Pelican like case which provides the ruggedness and physical security so that the system can be left in harsh environments. Inside the case is a mounted LCD screen that gives the user easy access to make changes in the field if necessary. The electronic components including the single board computer wireless cards are all mounted inside to protect them. The project also features battery packs so that it can run for up to 24 hours or longer depending on the monitoring task.\n

Data captured with the system can be stored on disk or be analyzed in real time thanks to the internally mounted LCD. Data can also be analyzed remotely by using one of the radios to connect to a nearby laptop. This can be useful in scenarios where the WiFi-Kraken Lite needs to be concealed. The form factor was chosen for not only its strength but also for being inconspicuous especially at conferences where lots of large polycarbonate cases can be seen.\n

Further data analysis can be performed in real time thanks to Kismetâ€™s fully featured web dashboard. Additionally post monitoring analysis can be performed using Wireshark or d4rkm4tterâ€™s PCAPinator tool which is a multithreaded wrapper around tshark to optimize queries on large datasets. The wireless data captured in this type of analysis can help to determine vulnerabilities which then you can use The WiFi-Kraken Lite to attack what you found.\n

This tool can be used entirely passively as a silent listener to validate bring your own device (BYOD) policies, monitor if wireless attacks are happening against your infrastructure, see if there are strange behaviors happening in your wireless network due to misconfiguration or maliciousness, or track devices as they moved throughout the networks so that you can have a better understanding of client flow. It can be used to perform a number of active attacks including impersonation, evil twin and other common wireless attacks.\n

It has never been more important to perform wireless assessments and continual monitoring of your infrastructure considering the number of wireless enabled devices increases daily. Rolling out new wireless infrastructure is costly and implementing the most secure system is daunting for even the most seasoned network integrators. This leads to misconfiguration and sub optimal security settings which are still connected to important infrastructure. For the defender this project brings clarity to the risks and also provides information into the most important mitigations that should be implemented. For the attacker this tool provides valuable recon that will allow them to focus solely on the vulnerable target making as little noise as possible all from it a single box.\n

Target Audience:
\nOffense, Defense and Hardware\n

By bringing equipment that can monitor the latest in wireless technologies, including WiFi 6, this project will shed light on a new and up and coming standard of technology that is slowly being rolled out across the world. With new technology, new tools are required so that research can be conducted to find flaws and validate the real world applications. The WiFi Kraken Lite will bring an enhanced perspective to the wireless monitoring in a box with new tools, new wireless bands captured, and new data processing.\n

\n\'',NULL,220725),('2_Friday','11','10:00','11:50','Y','DL','','\'WiFi Kraken Lite\'','\'Mike Spicer,Henry Hill\'','DL_b5cb1746c9274d45c015d4b24118bb7f','\'\'',NULL,220726),('2_Friday','14','14:00','15:50','N','DL','','\'Empire\'','\'Anthony \"Cx01N\" Rose,Vincent \"Vinnybod\" Rose\'','DL_5234c6c01c6e4a108c5f515fedf06a94','\'Title: Empire
\nWhen: Friday, Aug 6, 14:00 - 15:50 PDT
\nWhere: Palace 3+4+5
\nSpeakers:Anthony \"Cx01N\" Rose,Vincent \"Vinnybod\" Rose
\n
SpeakerBio:Anthony \"Cx01N\" Rose\n, Lead Security Researcher
\nAnthony \"Cx01N\" Rose, CISSP, is the Lead Security Researcher at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, and RSA conferences. Cx01N is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing wide-spread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
\n
SpeakerBio:Vincent \"Vinnybod\" Rose\n, Lead Tool Developer
\nVincent \"Vinnybod\" Rose is the Lead Tool Developer for Empire and Starkiller. He is a software engineer with expertise in cloud service and has over a decade of software development and networking experience. Recently, his focus has been on building ad-serving technologies, web and ad-tracking applications. Vinnybod has presented at Black Hat has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://www.bc-security.org/blog/.
\n\n
\nDescription:
\nTool or Project Name: Empire\n

Short Abstract (What is your tool, what does it do?):\nEmpire is a Command and Control (C2) framework powered by Python 3 that supports Windows, Linux, and macOS exploitation. It leverages many widely used offensive security tools through PowerShell, Python 3, and C# agents. At the same time, it offers cryptologically-secure communications and flexible modular architecture that links Advanced Persistent Threats (APTs) Tactics, Techniques, and Procedures (TTPs) through the MITRE ATT&CK database.\n

Empire has evolved significantly since its introduction in 2015 and has become one of the most widely used open-source C2 platforms. Through this time, Empire has advanced from a single user experience to allowing multiple user operations through an API with Empire acting as a teamserver. Currently, 2 different applications are available to connect to the Empire teamserver: Empire Command Line Interface (CLI) and Starkiller.\n

The Empire CLI is built from the ground up as a replacement to the embedded legacy CLI and gives users a familiar feel of the legacy CLI, but is portable and connects through the Empire API. While Starkiller is a cross-platform UI available in Linux, Windows, and macOS powered by ElectronJS.\n

The framework\'s flexibility to easily incorporate new modules allows for a single solution for red team operations with the aim for Empire to provide an easy-to-use platform for emulating APTs. Customization is essential to any successful red team operation, which has driven the expansion of user plugins. These plugins allow any custom program to run side-by-side with the Empire teamserver. In addition, the commonality between other C2 platforms allows profiles and modules to be easily dropped in without the need for additional development. These features allow both red and blue teams to easily emulate and defend against the APT attack vectors.\n

Short Developer Bio:
\nVincent \"Vinnybod\" Rose is the Lead Tool Developer for Empire and Starkiller. He is a software engineer with expertise in cloud service and has over a decade of software development and networking experience. Recently, his focus has been on building ad-serving technologies, web and ad-tracking applications. Vinnybod has presented at Black Hat has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://www.bc-security.org/blog/.\n

Anthony \"Cx01N\" Rose, CISSP, is the Lead Security Researcher at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, and RSA conferences. Cx01N is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing wide-spread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.\n

URL to any additional information:
\nBlogs about new Empire and Starkiller features:\nhttps://www.bc-security.org/post/emp...tarkiller-1-6/\nhttps://www.bc-security.org/post/return-of-the-cli/\nhttps://www.bc-security.org/post/emp...e-c2-profiles/\nhttps://www.bc-security.org/post/an-...to-starkiller/\nVideo walk through of new features:
\nhttps://www.youtube.com/watch?v=v4nzXCHGzUA\nhttps://www.youtube.com/watch?v=CzZmzBIVJHA\nDetailed Explanation of Tool:
\nEmpire has been a well-established versatile Command and Control (C2) framework for many years. Our work has allowed better adoption by red teams and shifts the focus of the platform to threat emulation. Threat emulation has been enhanced by leveraging a MITRE ATT&CK framework-based database. Every module is tagged with the MITRE ATT&CK techniques that most closely relate to the objectives of that tool and allows operators to search through the database to find and use tools that meet their specific threat emulation plan. This is combined with the new Empire server/client architecture, which has 2 different applications to connect through Starkiller and Empire Command Line Interface (CLI), allowing for multi-user distributed operations.\nStarkiller is a cross-platform UI available in Linux, Windows, and macOS for interacting with the Empire post-exploitation framework. This application allows red teams to share any instance of Empire and support remote, multi-operator engagements for instant collaboration and efficient event tracking. Each user is tracked in a database, which can be queried to evaluate team progression and generate post-engagement reports. Within a few minutes, a red-teamer can set up a listener (call back server) on Empire, get a target (agent) calling back to that server, and send payloads to it. Not only that, but multiple users can be working with those same agents, 3rd party modules, and listeners. There is no need to duplicate effort in establishing independent red team infrastructures when a common interface can now be used with the enhanced Empire API. When viewing an agent in the interface, we can get live updates of tasks queued to it, which users set that task, and the results.\n

The Empire CLI is built from the ground up as a replacement to the embedded legacy CLI that was packaged with Empire. This adaption allows users to continue to run an interface that gives the look and feel of the legacy CLI, but is portable and connects through the Empire API. While building this, we looked for areas to improve and constructed it using Python Prompt Toolkit, which gives users a streamlined look with drop-down menus, interactive shell, and multiple user support.\nWhile many of these new improvements are still in their early stages, we believe that the new construct for Empire will drive a significant change in how teams use the tool in the future.\n

Supporting Files, Code, etc:
\nhttps://github.com/BC-SECURITY/Empire
\nhttps://github.com/BC-SECURITY/Empire-Cli\nhttps://github.com/BC-SECURITY/Starkiller\n

Target Audience:
\nOffense\n

These updates bring Empire into parity with some of the top paid Offense tool kits allowing students to gain exposure to how advanced TTPs and teaming workflows are utilized in offensive engagements.\n

We picked up the project back in August 2019. We actually were teaching a workshop using Empire and were contacted by Kali if we would be interested in publishing our Python 3 copy around November that year. They were wanting to drop Python 2 support but didnâ€™t want to lose older tools. And we have been pushing updates ever since.\n

What we have done so far?
\nWe designed an API that supports multiple users at once and collaboration within the c2. Added over 30 new tools within the framework, including socks proxy, Rubeus, and seatbelt. Added a graphical user interface, Starkiller. Threat emulation is a big thing that we are pushing for, so we went through at tagged every tool with a MITRE ATT&CK technique which links back to the source material and descriptions of the attack. We also added a cross-compatibility ability that uses Cobalt Strikes malleable C2 profiles to create malleable listeners in Empire.\n

Where are we going?
\nEmpire 4.0, which is our current version in development. This is nearly a complete rewrite of the project and almost a new C2. The project now uses a server/client architecture that aligns itself with modern C2s, such as Cobalt Strike, PoshC2, and Silent Trinity.\n

We added C implants with on-the-fly compilation using Roslyn Compiler. This ability is something that everyone has been asking about for a while since most advanced frameworks support some flavor of C implants. We wanted to implement this in a way that allows us to have cross-compatibility with Covenantâ€™s tools but still maintain Empireâ€™s agent capabilities and formatting. What we ended up with is the capability to run C implants that can compile their modules and use all the PowerShell tools as well. Another advantage of this is that PowerShell agents can compile c tools on the fly as well.\n

Visually, we completely redid the CLI to be streamlined and includes new features like dropdown menus, server chatrooms, and suggested values.\n

We redesigned the plugin functionality within Empire and significantly expanded its capabilities. Plugins are a lesser-known ability which allows user to specially craft tools that can enhance the framework\'s capabilities. This is similar to how cobalt strike uses aggressor scripts to expand its capabilities.\n

\n\'',NULL,220727),('2_Friday','15','14:00','15:50','Y','DL','','\'Empire\'','\'Anthony \"Cx01N\" Rose,Vincent \"Vinnybod\" Rose\'','DL_5234c6c01c6e4a108c5f515fedf06a94','\'\'',NULL,220728),('3_Saturday','10','10:00','11:50','N','DL','','\'Depthcharge\'','\'Jon Szymaniak\'','DL_7b961ae4f8e5acf7859b71601a4360de','\'Title: Depthcharge
\nWhen: Saturday, Aug 7, 10:00 - 11:50 PDT
\nWhere: Palace 3+4+5
\n
SpeakerBio:Jon Szymaniak\n
\nJon Szymaniak is Principle Security Consultant in NCC Groupâ€™s Hardware & Embedded Systems Services team and a former embedded systems engineer. His areas of interest include U-Boot, Linux, Yocto, and firmware reverse engineering. Through both his day job and hobby hacking adventures, heâ€™s enjoyed exploring and exploiting boot ROMs, automotive ECUs, Android-based platforms, and a myriad of Internet-connected things that shouldn\'t be.\n
\n\n
\nDescription:
\nDepthcharge: A Framework for U-Boot Hacking\n

Short Abstract:
\nIn modern embedded systems that implement a â€œsecure bootâ€ flow, the boot loader plays a critical role in establishing the integrity and authenticity of software and data required to boot an operating system. Given the role and vantage point of boot loaders, they are a particularly interesting target for hardware hackers seeking to root a device and instrument it for further vulnerability hunting and reverse engineering. Although the vast majority of devices leveraging the ubiquitous and open source U-Boot boot loader leave it unprotected and trivially exploited, more product vendors are finally implementing secure boot and (attempting to) lock down their U-Boot builds. These less common specimen offer exciting opportunities to pursue creative bypasses and explore underappreciated U-Boot functionality.\n

The Depthcharge framework was developed to help hardware hackers methodically (ab)use some of that underappreciated U-Boot functionality in novel ways to circumvent boot-time protections, as well as expedite the identification and exploitation of â€œthe usual suspectsâ€ within exposed U-Boot device consoles. The project includes a Python 3 library for interfacing with devices, reading and writing memory via available primitives, deploying executable payloads, and analyzing various data structures. A collection of scripts built atop of library make this functionality readily available via the command line, and â€œDepthcharge Companionâ€ firmware allows the tooling to extend its vantage point by presenting itself as a peripheral device connected to the target. This Demo Lab will introduce the basics of Depthcharge and explore how attendees can leverage and expand upon it when seeking to circumvent boot-time protections or just to further explore a system from within the U-Boot environment. For those wishing to protect their (employerâ€™s) products from fellow DEF CON attendees, weâ€™ll also cover the configuration checker functionality that can be used to avoid common U-Boot pitfalls.\n

Developer Bio:
\nJon Szymaniak is Principle Security Consultant in NCC Groupâ€™s Hardware & Embedded Systems Services team and a former embedded systems engineer. His areas of interest include U-Boot, Linux, Yocto, and firmware reverse engineering. Through both his day job and hobby hacking adventures, heâ€™s enjoyed exploring and exploiting boot ROMs, automotive ECUs, Android-based platforms, and a myriad of Internet-connected things that shouldn\'t be.\n

URLs: GitHub: https://github.com/nccgroup/depthcharge\nDocumentation: https://depthcharge.readthedocs.io

Blog Posts and Prior Presentations:
\nBlog: https://research.nccgroup.com/2020/07/22/depthcharge/\nHardwear.io Webinar: https://www.youtube.com/watch?v=fTKMi3Is5x8\nBlog: https://research.nccgroup.com/2020/1...hcharge-v0-2-0\nOSFC Presentation: https://vimeo.com/488134063\nDetailed Explanation:
\nAdditional detail can be found here in the project documentation:\nhttps://depthcharge.readthedocs.io/e...is-depthcharge\n

The Depthcharge project aims to allow hackers, security practitioners, and engineering teams a way to â€œwork smarterâ€ when attempting to root a device or evaluate its security posture. This not only includes gaining control of a targetâ€™s U-Boot execution, but also leveraging the bootloader as a vantage point to further explore the target system.\n

The Python 3 Depthcharge API can be leveraged to enumerate functionality exposed by a U-Boot console and identify memory read/write primitives. Memory access abstractions built atop of these primitives seek to make dumping device firmware quicker and more robust, and custom payload deployment easier. With its colorized serial monitor, Depthcharge provides a more pleasant environment for hacking around and scripting while within a deviceâ€™s U-Boot console. The â€œCompanionâ€ firmware extends Depthcharge reach into a target platform, allowing it to act as a â€œmaliciousâ€ peripheral device (e.g. on an I2C bus). While much of the project focuses on console exposure, it also include some data structure identification (e.g. stored environments) functionality aimed at situations where such functionality is not available. For engineers and those on the â€œblue teamâ€ â€” build configuration checker functionality can help raise red flags and detect U-Boot pitfalls much earlier in the product development lifecycle.\n

Target Audience:
\nHardware / Embedded Systems - Both â€œoffenseâ€ and â€œdefenseâ€ within this audience\n

I believe the Depthcharge Demo Lab can show that thereâ€™s more interesting hackery to be had within the U-Boot boot loader, and that we can work much smarter when we encounter it. Given that I tend to see discussions of U-Boot limited to unprotected IoT junkware, Iâ€™ve always been bummed that folks donâ€™t seem to get to appreciate the joy of circumventing secure boot mechanisms, or otherwise leveraging their U-Boot environment to start exploring a hardware platform and its SoC from a lower level vantage point.\n

Whether it be folks enjoying the abuse of a CRC32 feature as an arbitrary memory primitive, or just gaining an appreciation for how U-Boot exports functionality for use by â€œstand alone applicationsâ€ â€” I hope to share some new tricks and get people excited about hacking deeper on their devices. Demos will be based upon my earlier work bypassing a (now patched) 2019 Sonos vulnerability, as well as some â€œpreviously seen on client workâ€ vulnerabilities modeled on development kits to protect the (not so?) innocent. \n

Warranty voiding and custom firmware development shall be strongly encouraged.\n

\n\'',NULL,220729),('3_Saturday','11','10:00','11:50','Y','DL','','\'Depthcharge\'','\'Jon Szymaniak\'','DL_7b961ae4f8e5acf7859b71601a4360de','\'\'',NULL,220730),('3_Saturday','12','12:00','13:50','N','DL','','\'Git Wild Hunt\'','\'Rod Soto,JosÃ© Hernandez\'','DL_cc695d43a93857ddf89c278f7ce6c3ed','\'Title: Git Wild Hunt
\nWhen: Saturday, Aug 7, 12:00 - 13:50 PDT
\nWhere: Palace 3+4+5
\nSpeakers:Rod Soto,JosÃ© Hernandez
\n
SpeakerBio:Rod Soto\n
\nOver 15 years of experience in information technology and security. He has spoken at ISSA, ISC2, OWASP, DEFCON, RSA Conference,Hackmiami, DerbyCon, Splunk .CONF, Black Hat,BSides, Underground Economy and also been featured in Rolling Stone Magazine, Pentest Magazine, Univision, BBC, Forbes, VICE, Fox News and CNN. Co-founder of Hackmiami, Pacific Hackers Meetups and Conferences. Co-founder of Pacific Hackers Association.
\n
SpeakerBio:JosÃ© Hernandez\n
\nPrincipal Security Researcher at Splunk. He started his professional career at Prolexic Technologies (now Akamai), fighting DDOS attacks against Fortune 100 companies perpetrated by â€œanonymousâ€ and â€œlulzsec.â€ As an engineering co-founder of Zenedge Inc. (acquired by Oracle Inc.), José helped build technologies to fight bots and web-application attacks. He has also built security operation centers and run a public threat-intelligence service.\n
\nTwitter: @d1vious
\n\n
\nDescription:
\nTool or Project Name: Git Wild Hunt A tool for hunting leaked credentials\n

Short Abstract:
\nGit Wild Hunt is a tool designed to search and identify leaked credentials at public repositories such as Github. Git Wild Hunt searches for footprints and patterns of over 30 of the most used secrets/credentials on the internet, especially those used in Devops and IT Operations. This tool helps developers and security operation departments discover leaked credentials in public repositories. This tool is also a recon tool for red teamers and pentesters, as it also provides metadata from leaks such as usernames, company names, secret types and dates. \n

License: Apache-2.0 License\n

Short Developer Bio:
\nJosé Hernandez @d1vious
\nPrincipal Security Researcher at Splunk. He started his professional career at Prolexic Technologies (now Akamai), fighting DDOS attacks against Fortune 100 companies perpetrated by â€œanonymousâ€ and â€œlulzsec.â€ As an engineering co-founder of Zenedge Inc. (acquired by Oracle Inc.), José helped build technologies to fight bots and web-application attacks. He has also built security operation centers and run a public threat-intelligence service. \n

Rod Soto @rodsoto
\nPrincipal Security Research Engineer at Splunk. Worked at Prolexic Technologies (now Akamai), and Caspida. Cofounder of Hackmiami and Pacific Hackers meetups and conferences. Creator of Kommand && KonTroll / NoQrtr-CTF. \n

URL to any additional information: https://github.com/d1vious/git-wild-hunt \n

Detailed Explanation of Tool:
\nThis tool is very effective in finding leaked credentials here is a list of the credentials that are detected:\nAWS API Key
\nAmazon AWS Access Key ID
\nAmazon MWS Auth Token
\nFacebook Access Token
\nFacebook OAuth
\nGeneric API Key
\nGeneric Secret
\nGitHub
\nGoogle (GCP) Service-account
\nGoogle API Key
\nGoogle Cloud Platform API Key
\nGoogle Cloud Platform OAuth
\nGoogle Drive API Key
\nGoogle Drive OAuth
\nGoogle Gmail API Key
\nGoogle Gmail OAuth
\nGoogle OAuth Access Token
\nGoogle YouTube API Key
\nGoogle YouTube OAuth
\nHeroku API Key
\nMailChimp API Key
\nMailgun API Key
\nPGP private key block
\nPassword in URL
\nPayPal Braintree Access Token
\nPicatic API Key
\nRSA private key
\nSSH (DSA) private key
\nSSH (EC) private key
\nSlack Token
\nSlack Webhook
\nSquare Access Token
\nSquare OAuth Secret
\nStripe API Key
\nStripe Restricted API Key
\nTwilio API Key
\nTwitter Access Token
\nTwitter OAuth
\nTarget Audience:
\nOffense, Vulnerability Assessment\n

This tool is very effective in bringing awareness of the danger of leaked credentials in public repositories.\n

\n\'',NULL,220731),('3_Saturday','13','12:00','13:50','Y','DL','','\'Git Wild Hunt\'','\'Rod Soto,JosÃ© Hernandez\'','DL_cc695d43a93857ddf89c278f7ce6c3ed','\'\'',NULL,220732),('2_Friday','09','09:00','09:05','N','APV','','\'AppSec Village Welcome and Introductions\'','\'\'','APV_0edcf1eb1603b401fd70dcbd6d03d57d','\'Title: AppSec Village Welcome and Introductions
\nWhen: Friday, Aug 6, 09:00 - 09:05 PDT
\nWhere: AppSec Village (Virtual)
\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220733),('2_Friday','09','09:05','09:59','N','APV','','\'Colorful AppSec\'','\'Luis Gomes,Erez Yalon,Pedro Umbelino,Tanya Janca\'','APV_14bbb0d3450946fa8c2d2edba57e58ec','\'Title: Colorful AppSec
\nWhen: Friday, Aug 6, 09:05 - 09:59 PDT
\nWhere: AppSec Village (Virtual)
\nSpeakers:Luis Gomes,Erez Yalon,Pedro Umbelino,Tanya Janca
\n
SpeakerBio:Luis Gomes\n
\nNo BIO available
\n
SpeakerBio:Erez Yalon\n
\nNo BIO available
\n
SpeakerBio:Pedro Umbelino\n
\nNo BIO available
\n
SpeakerBio:Tanya Janca\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220734),('2_Friday','10','10:00','10:45','N','APV','','\'Summer of Fuzz: MacOS\'','\'Jeremy Brown\'','APV_f1bef817de3211a7459d68a250842530','\'Title: Summer of Fuzz: MacOS
\nWhen: Friday, Aug 6, 10:00 - 10:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Jeremy Brown\n
\nJeremy is a security professional largely focused on offensive and application security along with vulnerability research and automation. He has gained extensive software security experience working at software and service companies, large and small, for over a decade as well as publishing research in the security community. He has taken the opportunity to gain expertise in many different areas including bug hunting, app/prod/infra security, fuzzing, as well as breaking cloud and web services and enjoys all things interesting in the realm of computer security.
\n\n
\nDescription:
\nThinking of fuzzing applications on OS X can quickly lead to a passing conversation of \"ooh exotic Mac stuff\", \"lets fuzz the kernel\" or it can otherwise not be thought of as an exciting target, at least for looking for crashes in stuff other than Safari or the iPhone. While there are some intricacies and nuance involved, workaround for security protections to enable debugging and finding tools that work and work well, this research will detail how it can be done in a reliable way and make the topic more tangible and easier to digest, kind of like how people think about using AFL on Linux: it \"just works\". We\'ll explore some of the overlooked attack surfaces of file parsers and some network services on Mac, how to fuzz userland binaries and introduce a new fuzzer that makes setup and crash triage straightforward while poking at some Apple core apps and clients. Have you ever thought \"This thing has got to have some bugs\" but think twice because it\'s only available on Mac and not worth the effort? If so, you may now find yourself both more motivated and better equipped to do some bug hunting on the sleek and eventually accommodating Mac OS.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220735),('2_Friday','11','11:00','11:45','N','APV','','\'Vulnerability Inheritance - Attacking companies and scoring bounties through 3rd party integrations\'','\'Gal Nagli\'','APV_dff413f5bdc4473efae65b1bd5efd4e3','\'Title: Vulnerability Inheritance - Attacking companies and scoring bounties through 3rd party integrations
\nWhen: Friday, Aug 6, 11:00 - 11:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Gal Nagli\n
\nGal Nagli is an Application Security researcher at enso.security and a B.Sc computer science student. Most of his time is spent doing Bug bounties on Hackerone, Synack and BugCrowd - where he recently won \"Best Collaboration\" award during Okta 2021 Bug Bash. He is mainly focused on automation and enjoys the community by publishing writeups on his blogs, helpful tips in twitter and running a Slack community where bounty hunters collab and hang out.
\n\n
\nDescription:
\nTime to Sharpen your Bug Bounty Game! In this session the attendees will learn about vulnerabilities around 3rd party integrations, how to improve their reconnaissance flow and how to scan the entire internet for specific vulnerabilities utilizing Nuclei, by observing Proof of Concepts from the presenter journey and practical examples.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220736),('2_Friday','12','12:00','12:45','N','APV','','\'Cross-document messaging technology, how to hack it, and how to use it safely.\'','\'Chen Gour-Arie\'','APV_d7a4abf7dc34357caae397fb2209ef25','\'Title: Cross-document messaging technology, how to hack it, and how to use it safely.
\nWhen: Friday, Aug 6, 12:00 - 12:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Chen Gour-Arie\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220737),('2_Friday','13','13:00','13:45','N','APV','','\'Signed, Sealed, Delivered: Abusing Trust in Software Supply Chain Attacks\'','\'Cheryl Biswas\'','APV_429ffb00c1586187b2342d5e51a031ef','\'Title: Signed, Sealed, Delivered: Abusing Trust in Software Supply Chain Attacks
\nWhen: Friday, Aug 6, 13:00 - 13:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Cheryl Biswas\n, Threat Intel Specialist, TD
\nCheryl Biswas is a Threat Intelligence Specialist with TD Bank in Toronto, Canada, where she produces and delivers annual cyber threat forecasts, and has experience in security audits and assessments, privacy, disaster recovery and change management. She holds an ITIL certification and a specialized honours degree in Political Science. Cheryl is actively engaged in the security community as a conference speaker and volunteer, mentors those entering the field, and champions women and diversity in cyber security as a founding member of â€œThe Diana Initiativeâ€.
\nTwitter: @3ncr1pt3d
\n\n
\nDescription:
\nOur technology-driven world increasingly relies on software dependencies: third party code, open source libraries and shared repositories. A history of software supply chain attacks shows how easy it is to create confusion and send malicious code undetected through automated channels to trusting recipients. SolarWinds delivered a hard truth to defenders: everyone is vulnerable when trust can be abused. Are we ready for what will be sent down the pipeline next?
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220738),('2_Friday','14','14:00','14:30','N','APV','','\'Poking bots for fun and profit in the age of asynchronous stuff\'','\'Emanuel Rodrigues\'','APV_f09fc9aaac49cd2ecc214d7b9a26515b','\'Title: Poking bots for fun and profit in the age of asynchronous stuff
\nWhen: Friday, Aug 6, 14:00 - 14:30 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Emanuel Rodrigues\n
\nNo BIO available
\n\n
\nDescription:
\nWhat Slack, Telegram, Discord, and a ton of other messaging platforms have in common ? Messaging of course ! : ) ... but also Bots/apps which are used to enrich the experience of messaging and collaboration environments. Bots are extremely popular now and are very easy to create. The App markets are full of Bots/Apps both free and paid. Let\'s take a look at these technologies, how it works and how to approach them from a security testing perspective.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220739),('2_Friday','15','15:00','15:45','N','APV','','\'Scaling static analysis for free: add additional codebases with a single line of code and no money\'','\'Erin Browning,Tim FaraciÂ \'','APV_282f004a648604211af88fd3487b2dbc','\'Title: Scaling static analysis for free: add additional codebases with a single line of code and no money
\nWhen: Friday, Aug 6, 15:00 - 15:45 PDT
\nWhere: AppSec Village (Virtual)
\nSpeakers:Erin Browning,Tim FaraciÂ
\n
SpeakerBio:Erin Browning\n
\nNo BIO available
\n
SpeakerBio:Tim FaraciÂ \n
\nNo BIO available
\n\n
\nDescription:
\nScaling static analysis across languages and multiple codebases is a difficult process at best. Here we walk through our setup, which we\'ve architectured to be easy to maintain, provide few false positives, and trivial to add additional codebases. Plus, the primary tool we use is free, as in beer.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220740),('2_Friday','16','16:00','16:59','N','APV','','\'DFDs Ain\'t That Bad\'','\'Izar Tarandach,Matthew Coles\'','APV_5ba232c04749d92d41919098de148798','\'Title: DFDs Ain\'t That Bad
\nWhen: Friday, Aug 6, 16:00 - 16:59 PDT
\nWhere: AppSec Village (Virtual)
\nSpeakers:Izar Tarandach,Matthew Coles
\n
SpeakerBio:Izar Tarandach\n
\nNo BIO available
\n
SpeakerBio:Matthew Coles\n
\nNo BIO available
\n\n
\nDescription:
\nThreat Modeling is, at its root, a combination of two separate disciplines: system modeling and threat elicitation (and then a bit of risk management, but thatâ€™s another talk). In the last few years the industry has focused mostly on the second part, threat elicitation, and rare was the analysis of the successes and failures of system modeling. Co-authors and members of the Threat Modeling Manifesto Group, Matt & Izar offer a view from the threat modeling pit of why sometimes developers wonâ€™t model for threats, what can be done differently, and a view of their pytm tool as a collaborative (remote) system modeler tool with a threat elicitation cherry on top.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220741),('2_Friday','17','17:30','17:35','N','APV','','\'AppSec Quiz Time!\'','\'Eden Stroet\'','APV_59127a59d5990ab90250519ccea5dd3a','\'Title: AppSec Quiz Time!
\nWhen: Friday, Aug 6, 17:30 - 17:35 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Eden Stroet\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220742),('3_Saturday','09','09:00','09:05','N','APV','','\'AppSec Village Welcome and Introductions\'','\'\'','APV_8a85e9b9621e2eb55605f45145bc15b5','\'Title: AppSec Village Welcome and Introductions
\nWhen: Saturday, Aug 7, 09:00 - 09:05 PDT
\nWhere: AppSec Village (Virtual)
\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220743),('3_Saturday','09','09:05','09:59','N','APV','','\'Borrow a mentor\'','\'\'','APV_96d55bef0897f228d7db90265f06ce19','\'Title: Borrow a mentor
\nWhen: Saturday, Aug 7, 09:05 - 09:59 PDT
\nWhere: AppSec Village (Virtual)
\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220744),('3_Saturday','09','09:05','09:59','N','APV','','\'Scaling AppSec through Education\'','\'Grant Ongers (rewtd)\'','APV_18a49b3efa9734531939c898bc77eb2e','\'Title: Scaling AppSec through Education
\nWhen: Saturday, Aug 7, 09:05 - 09:59 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Grant Ongers (rewtd)\n
\nNo BIO available
\n\n
\nDescription:
\nGiven that:\n

Security teams are outnumbered by developers 100:1\n50 - 80% more bugs are found in code review than in testing\nMore than 70% of CVEs are caused by implementations in code\nIt must follow that AppSec should be the biggest part of your concern as a security person, and that you either need to seriously invest in more AppSec people to keep up with the developer population or you need to get developers looking for AppSec issues during code review.\n

So, how does one do that?\n

We\'ll lay out the problem space in a bit more detail, covering some of the issues described in our BlackHat EU talk (https://www.blackhat.com/eu-20/features/schedule/index.html#are-you-big-friendly-giant---red-unless-blue-finds-green-ru-bfg-22029) and then we\'ll move onto how we solve this.\n

We\'ll talk about the OWASP Application Security Curriculum project, it\'s goals, ambitions, and milestones - as well as talking about the current artefacts.\n

We\'ll then talk about how you get developers engaged in the education program and how we leverage other OWASP projects (like Cornucopia and the ASVS) to make it all fit together.\n

\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220745),('3_Saturday','10','10:00','10:45','N','APV','','\'I used AppSec skills to hack IoT, and so can you\'','\'Alexei Kojenov\'','APV_762b6de2582698cb734338604457eac5','\'Title: I used AppSec skills to hack IoT, and so can you
\nWhen: Saturday, Aug 7, 10:00 - 10:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Alexei Kojenov\n
\n Alexei began his career as a software developer. A decade later, he realized that breaking code was way more fun than writing code, and decided to switch direction. He is now a full-time application security professional, with several years of assisting various development teams in delivering secure code, as well as security consulting. Outside of his day job, Alexei enjoys doing security research and learning new hacking techniques.
\n\n
\nDescription:
\nWe tend to think of AppSec and IoT as two separate infosec disciplines. Sure, the domain knowledge, attack vectors, and threat mitigation are not exactly the same in those two worlds. At the same time, as the hardware continues to evolve, we see more and more tiny general purpose computers around us. Many of these tiny computers nowadays run software that is written in a conventional programming language, listen on network ports, process data inputs, and communicate with the outside world. These devices can be attacked just like any other application running on a desktop, on a server, or in the cloud.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220746),('3_Saturday','11','11:00','11:45','N','APV','','\'The Curious case of knowing the unknown\'','\'Vandana Verma Sehgal\'','APV_88dea87e63fb8343fba7443502f3a3de','\'Title: The Curious case of knowing the unknown
\nWhen: Saturday, Aug 7, 11:00 - 11:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Vandana Verma Sehgal\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220747),('3_Saturday','12','12:00','12:45','N','APV','','\'CSP is broken, letâ€™s fix it\'','\'Amir Shaked\'','APV_0c833bfea3b303940f4eb27bb88fa553','\'Title: CSP is broken, letâ€™s fix it
\nWhen: Saturday, Aug 7, 12:00 - 12:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Amir Shaked\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220748),('3_Saturday','12','12:00','14:30','N','APV','','\'(Workshop) - Integrating DAST tools into developers\' test process\'','\'Joe SchottmanÂ \'','APV_3fa44ea96de3bf845f4d839a6db8dcc4','\'Title: (Workshop) - Integrating DAST tools into developers\' test process
\nWhen: Saturday, Aug 7, 12:00 - 14:30 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Joe SchottmanÂ \n
\nNo BIO available
\n\n
\nDescription:
\nAPI testing is now vital to AppSec but presents some challenges that conventional DAST testing did not face. This session will show how running developersâ€™ non-security tests for the APIs they develop through an interception proxy such as OWASP ZAP can enable easier, faster, and more accurate DAST testing.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220749),('3_Saturday','13','12:00','14:30','Y','APV','','\'(Workshop) - Integrating DAST tools into developers\' test process\'','\'Joe SchottmanÂ \'','APV_3fa44ea96de3bf845f4d839a6db8dcc4','\'\'',NULL,220750),('3_Saturday','14','12:00','14:30','Y','APV','','\'(Workshop) - Integrating DAST tools into developers\' test process\'','\'Joe SchottmanÂ \'','APV_3fa44ea96de3bf845f4d839a6db8dcc4','\'\'',NULL,220751),('3_Saturday','13','13:00','13:45','N','APV','','\'When nothing goes right, push left. Designing logs for future breach investigations\'','\'Vee\'','APV_d6553f1826471f9c36195b887f0b5f61','\'Title: When nothing goes right, push left. Designing logs for future breach investigations
\nWhen: Saturday, Aug 7, 13:00 - 13:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Vee\n
\nNo BIO available
\n\n
\nDescription:
\nIf we do not have it we should build it.- If nothing goes right, push left.\n

TL;DR: Your logs should be simple, and structured, they should also contain enough information without disclosing sensitive data. Often accidental information disclosure within the logs can lead to future breaches. This talk focuses on the process of building logs taking into consideration the attack, the defense, and the investigation of breaches. Using the ideals from The Unicorn and The Phoenix project to develop the \"Five Philosophies of Logging\". This talk explores different aspects of logging pulling from years of experience of breach investigations and magic-wielding.\n

\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220752),('3_Saturday','14','14:00','14:45','N','APV','','\'How I broke into Mexico City\'s justice system application and database\'','\'Alfonso Ruiz Cruz\'','APV_93bc4c4124c76c96a0695fc2512d4f6f','\'Title: How I broke into Mexico City\'s justice system application and database
\nWhen: Saturday, Aug 7, 14:00 - 14:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Alfonso Ruiz Cruz\n
\nNo BIO available
\n\n
\nDescription:
\nBrief talk about how a chain of simple vulnerabilities gained me admin access to the whole database and application of Mexico City\'s justice system. Leaving exposed every file from criminal, civil and familiar trials since 2008.\n
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220753),('3_Saturday','15','15:00','15:45','N','APV','','\'A Deep Dive Into Supply Chain Vulnerabilities: And How SecDevOps Can Save the Day\'','\'Adam Schaal\'','APV_fac978526117802eb55ecaa31345ef7e','\'Title: A Deep Dive Into Supply Chain Vulnerabilities: And How SecDevOps Can Save the Day
\nWhen: Saturday, Aug 7, 15:00 - 15:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Adam Schaal\n
\nNo BIO available
\n\n
\nDescription:
\nThese are dangerous times. From left-pad to event-stream to the Node Security Platform shutdown - nowhere are supply chain vulnerabilities more prevalent than modern-day javascript applications. Join us as we discuss how investing in the DevOps cycle now can help save your assets in the long run.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220754),('3_Saturday','16','16:00','16:45','N','APV','','\'DevSecOps: Merging Security and Software Engineering\'','\'Magno Logan DELETE ME\'','APV_61412443b06826558af5b10f4bca2265','\'Title: DevSecOps: Merging Security and Software Engineering
\nWhen: Saturday, Aug 7, 16:00 - 16:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Magno Logan DELETE ME\n
\nNo BIO available
\n\n
\nDescription:
\nLately, weâ€™ve been hearing a lot about Dev Ops and DevSecOps, and why theyâ€™re so important. While integrating these are considered very good practices, organizations may be unintentionally unaware of how to maximize DevOps to ensure security and compliance are being met without delays. This could be because many researchers and authors believe DevOps already includes security at its core, since software security and quality are closely related. However, in todayâ€™s cloud environment, one cannot assume that DevOps can do it all. Thatâ€™s where a strong DevSecOps strategy and mindset comes into play.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220755),('3_Saturday','17','17:00','17:45','N','APV','','\'Canâ€™t Stop the Code: Embrace the Code\'','\'Alton Crossley\'','APV_a077ea1d1894b490a1b7c036fde8fba3','\'Title: Canâ€™t Stop the Code: Embrace the Code
\nWhen: Saturday, Aug 7, 17:00 - 17:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Alton Crossley\n
\nNo BIO available
\n\n
\nDescription:
\nYou can\'t stop the code. So how do you make it all secure? The answer is: you don\'t. Let\'s discuss securing your software while using proprietary third parties and Open Source without disrupting ecosystems or innovation.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220756),('3_Saturday','17','17:45','17:50','N','APV','','\'AppSec Quiz Time!\'','\'Eden Stroet\'','APV_5c699d7aad059e9f5624913417ca98d4','\'Title: AppSec Quiz Time!
\nWhen: Saturday, Aug 7, 17:45 - 17:50 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Eden Stroet\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220757),('4_Sunday','09','09:00','09:05','N','APV','','\'AppSec Village Welcome and Introductions\'','\'\'','APV_ab2e6e028180696de70dcec2d78a3c43','\'Title: AppSec Village Welcome and Introductions
\nWhen: Sunday, Aug 8, 09:00 - 09:05 PDT
\nWhere: AppSec Village (Virtual)
\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220758),('4_Sunday','09','09:05','09:45','N','APV','','\'\"The Poisoned Diary\": Supply Chain Attacks on Install scripts\'','\'Yakov Shafranovich\'','APV_f0268c8bfed7ac665db562e0a2f0ada8','\'Title: \"The Poisoned Diary\": Supply Chain Attacks on Install scripts
\nWhen: Sunday, Aug 8, 09:05 - 09:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Yakov Shafranovich\n
\nNo BIO available
\n\n
\nDescription:
\nThe \"curl | bash\" pattern is in use everywhere but is it safe? How common is it and how can we make it safer? Join this talk to a discussion on install script security, Harry Potter and more!
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220759),('4_Sunday','09','09:05','09:45','N','APV','','\'Borrow a mentor\'','\'\'','APV_20eab3e9bdecd13dd54b0dc8ae6386c4','\'Title: Borrow a mentor
\nWhen: Sunday, Aug 8, 09:05 - 09:45 PDT
\nWhere: AppSec Village (Virtual)
\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220760),('4_Sunday','10','10:00','10:45','N','APV','','\'Encryption for Developers\'','\'James McKee (punkcoder)\'','APV_cb7c7c13015fd58cd6a1c20992f039f8','\'Title: Encryption for Developers
\nWhen: Sunday, Aug 8, 10:00 - 10:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:James McKee (punkcoder)\n
\nNo BIO available
\n\n
\nDescription:
\nEncryption has become a major part of the implementation of many products, but how many of us really understand what is going on behind the scenes. During your implementation, do you really know what an initialization vector does? What is the difference between AES-CBC and AES-CFB, and when should you use one over the other? How do you store the decryption key to prevent the same code leaking both the data and the key?
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220761),('4_Sunday','11','11:00','11:45','N','APV','','\'AppSec 101: A Journey from Engineer to Hacker\'','\'Arjun Gopalakrishna\'','APV_c553246e02ff0d556a7f3d257fbc5972','\'Title: AppSec 101: A Journey from Engineer to Hacker
\nWhen: Sunday, Aug 8, 11:00 - 11:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Arjun Gopalakrishna\n
\nNo BIO available
\n\n
\nDescription:
\nJoin this session to appreciate the role of Application Security in the context of software development, by examining them side by side. We will walk through an insecure application to find (and exploit) a few security issues, and examine - from an AppSec lens - the issue classes and ways to unearth them. This is an introductory level talk, especially for hackers new to AppSec.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220762),('4_Sunday','12','12:00','12:45','N','APV','','\'Car Hacking + Bug Hunting Field Guide for Appsec Hackers\'','\'Jay Turla DELETE ME\'','APV_8c6b503fc1a994a4a16b62df17b99b84','\'Title: Car Hacking + Bug Hunting Field Guide for Appsec Hackers
\nWhen: Sunday, Aug 8, 12:00 - 12:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Jay Turla DELETE ME\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220763),('4_Sunday','13','13:00','13:45','N','APV','','\'0-Days & Nat 20\'s - CVSSv3 Through the Lens of Dungeons & Dragons\'','\'Alex \"RedWedgeX\" Hoffman\'','APV_aa74381ddee5f2abe6ad8e1bc879d898','\'Title: 0-Days & Nat 20\'s - CVSSv3 Through the Lens of Dungeons & Dragons
\nWhen: Sunday, Aug 8, 13:00 - 13:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Alex \"RedWedgeX\" Hoffman\n
\nNo BIO available
\n\n
\nDescription:
\nWhat do the Critical Vulnerability Scoring System and Dungeons & Dragons have in common? As a pentester, security professional, network defender, developer, or an RPG gamer, it\'s vital to know how to read your character sheet in order figure out how much the BBEG (big bad evil guy) is going to mess you up and what you can do to prevent it. We\'ll take a brief glance at the CVSSv3 Calculator and walk through a dungeon encounter in order to better understand how to translate the ancient, often-misunderstood language of vulnerability scoring metrics.
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220764),('4_Sunday','14','14:00','14:45','N','APV','','\'Attacking Modern Environments Series: Attack Vectors on Terraform Environments\'','\'Mazin Ahmed\'','APV_417342d6edfd6630ba2c199ef147b074','\'Title: Attacking Modern Environments Series: Attack Vectors on Terraform Environments
\nWhen: Sunday, Aug 8, 14:00 - 14:45 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Mazin Ahmed\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220765),('4_Sunday','15','15:00','15:15','N','APV','','\'AppSec Quiz Time!\'','\'Eden Stroet\'','APV_1e1512e3dbbd582b0703daf66f7cb55d','\'Title: AppSec Quiz Time!
\nWhen: Sunday, Aug 8, 15:00 - 15:15 PDT
\nWhere: AppSec Village (Virtual)
\n
SpeakerBio:Eden Stroet\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,220766),('2_Friday','10','10:00','11:59','N','SEV','','\'SECTF4Kids (Pre-Registration Required)\'','\'Ryan M,Colin H\'','SEV_c08321e0b9f79407cd67453e47d9704c','\'Title: SECTF4Kids (Pre-Registration Required)
\nWhen: Friday, Aug 6, 10:00 - 11:59 PDT
\nWhere: Social Engineer Village (Virtual)
\nSpeakers:Ryan M,Colin H
\n
SpeakerBio:Ryan M\n
\nNo BIO available
\n
SpeakerBio:Colin H\n
\nNo BIO available
\n\n
\nDescription:
\nFor more information, please see https://www.social-engineer.org/events/sevillage-def-con/the-sectf4kids/
\n
Social Engineer Village will stream content to Twitch.\n

\'',NULL,220767),('2_Friday','11','10:00','11:59','Y','SEV','','\'SECTF4Kids (Pre-Registration Required)\'','\'Ryan M,Colin H\'','SEV_c08321e0b9f79407cd67453e47d9704c','\'\'',NULL,220768),('2_Friday','12','12:30','13:30','N','SEV','','\'Judging by the Cover: Profiling & Targeting Through Social Media\'','\'Christina Lekati\'','SEV_8e9e721cfbb485e9f8c340d849357da0','\'Title: Judging by the Cover: Profiling & Targeting Through Social Media
\nWhen: Friday, Aug 6, 12:30 - 13:30 PDT
\nWhere: Social Engineer Village (Virtual)
\n
SpeakerBio:Christina Lekati\n
\nChristina Lekati is a psychologist, a social engineer and an open-source intelligence analyst.\n

She specializes in behavioral analysis and in intelligence collection and analysis through open source and human intelligence.\n

Christina has participated among other things in penetration tests, in trainings to companies and organizations, in vulnerability assessments, and in profiling and analysis of the modus operandi, and in the process of identifying personality traits, behavioral tendencies, and other variables of victims and offenders.\n

Christina is working with Cyber Risk GmbH as a social engineering specialist and an open source intelligence investigator for the vulnerability assessments conducted on corporations and high-value targets. She is the main developer of the social engineering training programs provided by Cyber Risk GmbH. Those programs are intertwining the lessons learned from real life cases and previous experiences with the fields of cybersecurity, psychology, and counterintelligence.\n

She is also an active Advisory Board Member at the OSINT Curious project.\n

\n\n
\nDescription:
\nWhile to the rest of the world social media are friendly platforms of communication and sharing, for the fellow social engineers and OSINT analysts, they are targeting and information harvesting platforms. Even though social media do not always demonstrate our true personalities, they do demonstrate the way we want to be viewed and treated by others â€“ which can be a lot more useful for social engineers. They also â€œleakâ€ behavioral tendencies and characteristics that provide significant intelligence for any type of operation targeting humans.\n

The talk covers the topic of information gathering through social media intelligence (SOCMINT), and explains how even seemingly innocent information can be used to manipulate or influence targets. Case studies will be provided.\n

It will also discuss the art & science of profiling, along with its limitations for social engineering engagements. A two-part demonstration is included on how a profilerâ€™s mind works when harvesting information on social media:\n

The first part includes real examples of posts that expose vulnerabilities, attract attackers and ultimately can be exploited and lead to security breaches.\nThe second part dives deeper and demonstrates how the information found on a social media profile (from their pictures to the words used by the individual) are gathered, categorized into a profiling matrix and then analyzed, bringing into the surface a personality profile. The targetâ€™s profile can then provide actionable intelligence that increases the success of attacks, or attack simulations.\n

\n
Social Engineer Village will stream content to Twitch.\n

\'',NULL,220769),('2_Friday','13','12:30','13:30','Y','SEV','','\'Judging by the Cover: Profiling & Targeting Through Social Media\'','\'Christina Lekati\'','SEV_8e9e721cfbb485e9f8c340d849357da0','\'\'',NULL,220770),('2_Friday','13','13:30','14:30','N','SEV','','\'SE Team vs. Red Team\'','\'Ryan MacDougall\'','SEV_a7b66df3e7fed4d2bff306503ef38313','\'Title: SE Team vs. Red Team
\nWhen: Friday, Aug 6, 13:30 - 14:30 PDT
\nWhere: Social Engineer Village (Virtual)
\n
SpeakerBio:Ryan MacDougall\n
\nRyan MacDougall is presently the Chief Operating Officer and Open Source Intelligence trainer for Social-Engineer, LLC. In addition, he runs operations during penetration tests and exercises with clients, as well as managing client relationships. Additionally, Ryan is also a multiyear Black Hat conference trainer and DEFCON SEVillage speaker, regarding social engineering as well as, open source intelligence gathering.\n
\n\n
\nDescription:
\nWhat is the difference? Is there a difference? Find out by riding along during a real story of a true SE Team.
\n
Social Engineer Village will stream content to Twitch.\n

\'',NULL,220771),('2_Friday','14','13:30','14:30','Y','SEV','','\'SE Team vs. Red Team\'','\'Ryan MacDougall\'','SEV_a7b66df3e7fed4d2bff306503ef38313','\'\'',NULL,220772),('3_Saturday','10','10:00','11:59','N','SEV','','\'SECTF4Teens\'','\'Chris Silvers,Kris Silvers\'','SEV_70fb1e0f71a58df9508a4512c316b781','\'Title: SECTF4Teens
\nWhen: Saturday, Aug 7, 10:00 - 11:59 PDT
\nWhere: Social Engineer Village (Virtual)
\nSpeakers:Chris Silvers,Kris Silvers
\n
SpeakerBio:Chris Silvers\n
\nNo BIO available
\n
SpeakerBio:Kris Silvers\n
\nNo BIO available
\n\n
\nDescription:
\nFor more information, please see https://www.social-engineer.org/events/sevillage-def-con/the-sectf4teens/
\n
Social Engineer Village will stream content to Twitch.\n

\'',NULL,220773),('3_Saturday','11','10:00','11:59','Y','SEV','','\'SECTF4Teens\'','\'Chris Silvers,Kris Silvers\'','SEV_70fb1e0f71a58df9508a4512c316b781','\'\'',NULL,220774),('3_Saturday','12','12:30','13:30','N','SEV','','\'Using SE to create insider threats and win all the things\'','\'Lisa Forte\'','SEV_d5e0e70151d692eaa742fccb098c77dd','\'Title: Using SE to create insider threats and win all the things
\nWhen: Saturday, Aug 7, 12:30 - 13:30 PDT
\nWhere: Social Engineer Village (Virtual)
\n
SpeakerBio:Lisa Forte\n
\nLisa Forte is a European social engineering and insider threat expert. She runs cyber crisis simulations for large companies to help them prepare for attacks of all types. She actually started her security career stopping pirates off the coast of Somalia.\n

Lisa a passionate about two things: tech for good and that pineapple on pizza should be banned by the United Nations.\n

She is a proud Italian/ Brit and has won numerous awards for her contributions in tech. Little known fact she actually once auditioned for Cirque Du Soleil.\n

When she is not working you can usually find her exploring abandoned mines or hanging off the side of a cliff somewhere.\n

\n\n
\nDescription:
\nWe talk a lot about that â€œquick and dirtyâ€ social engineering but there is a much scarier, longer term attack that yields far more damage. Instead of that persuasive email or that one hugely urgent phone call these attacks are aimed at turning your key staff from loyal employees into insider threats- Without your knowledge and even without theirs.\n

How can loyal, hard working staff be convinced to acquire and exfiltrate sensitive commercial data? It all starts with a friend request.\n

\n
Social Engineer Village will stream content to Twitch.\n

\'',NULL,220775),('3_Saturday','13','12:30','13:30','Y','SEV','','\'Using SE to create insider threats and win all the things\'','\'Lisa Forte\'','SEV_d5e0e70151d692eaa742fccb098c77dd','\'\'',NULL,220776),('3_Saturday','13','13:30','14:30','N','SEV','','\'The Innocent Lives Foundation: A Beacon of Light in a Dark World\'','\'John McCombs\'','SEV_9b27f12407c816702669333ca3ea485e','\'Title: The Innocent Lives Foundation: A Beacon of Light in a Dark World
\nWhen: Saturday, Aug 7, 13:30 - 14:30 PDT
\nWhere: Social Engineer Village (Virtual)
\n
SpeakerBio:John McCombs\n
\nJohn McCombs serves as the Executive Assistant to the ILF, where he assists in administrative duties, fundraising, project management and public speaking. At age 12, John began his first job in the industry as a web developer, and shortly thereafter, as a help-desk operator at an international health supplement company.\n

In addition to having over a decade of experience in the technology industry, John also holds a bachelorâ€™s degree in Teaching English to Speakers of Other Languages (TESOL) and has had extensive training in public speaking.\n

\n\n
\nDescription:
\nThe Innocent Lives Foundation: A Beacon of Light in a Dark World, is a talk to bring awareness to the ILF and the mission of identifying and bringing child predators to justice. Topics will include an introduction to the ILF, our mission, our vision, why we are needed now more than ever, our stance on vigilantism, and neutrality. We wish to introduce the ILF to a broad audience and encourage involvement through financial support and ambassadorship.
\n
Social Engineer Village will stream content to Twitch.\n

\'',NULL,220777),('3_Saturday','14','13:30','14:30','Y','SEV','','\'The Innocent Lives Foundation: A Beacon of Light in a Dark World\'','\'John McCombs\'','SEV_9b27f12407c816702669333ca3ea485e','\'\'',NULL,220778),('3_Saturday','14','14:30','15:30','N','SEV','','\'Make Them Want To Tell You: The Science of Elicitation\'','\'Christopher Hadnagy\'','SEV_e4c21587a505f3407d67a80c81461d92','\'Title: Make Them Want To Tell You: The Science of Elicitation
\nWhen: Saturday, Aug 7, 14:30 - 15:30 PDT
\nWhere: Social Engineer Village (Virtual)
\n
SpeakerBio:Christopher Hadnagy\n
\nChristopher Hadnagy is the founder and CEO of Social-Engineer, LLC. During Chrisâ€™ 18 years in the information security industry, he created the worldâ€™s first social engineering framework and newsletter, as well as hosted the first social engineering based podcast.\n

Chris is also a well-known author, having written five books on social engineering. Chrisâ€™ new book, â€œHuman Hacking: Win Friends, Influence People and Leave Them Better Off for Having Met Youâ€, released January 5, 2021.\n

Learn more about the book: https://humanhackingbook.com/\n

Chris is an Adjunct Professor of Social Engineering for the University of Arizonaâ€™s NSA designated Center of Academic Excellence in Cyber Operations (CAE-CO). He also lectures and teaches about social engineering around the globe. Moreover, heâ€™s been invited to speak at the Pentagon, as well as other high secure facilities. Additionally, as the creator of the worldâ€™s first Social Engineering Capture the Flag (SECTF), Chris leads the way in educating people on this serious threat.\n

Chris works with some of the worldâ€™s leaders in scientific research for the purpose of acquiring a deeper understanding of social engineering. Notably, Chris authored a book with Dr. Paul Ekman regarding the use of nonverbal communication by social engineers.\n

\n\n
\nDescription:
\nWhat is elicitation? Can it be brought to a science and taught? This talk dives deep into the principles of elicitation and how to use them as an SE, also in every day life.
\n
Social Engineer Village will stream content to Twitch.\n

\'',NULL,220779),('3_Saturday','15','14:30','15:30','Y','SEV','','\'Make Them Want To Tell You: The Science of Elicitation\'','\'Christopher Hadnagy\'','SEV_e4c21587a505f3407d67a80c81461d92','\'\'',NULL,220780),('4_Sunday','10','10:00','10:59','N','AVV','','\'Panel discussion: Resilient cyber space: The role of hacker and security communities\'','\'Abhijith B R,Jay Turla,Manu Zacharia,Aseem Jakhar,Omar Santos,Dave Lewis,Dhillon â€˜L33tdawgâ€™ Kannabhiran\'','AVV_691aadd0b84d9a4299288b59dcbf9973','\'Title: Panel discussion: Resilient cyber space: The role of hacker and security communities
\nWhen: Sunday, Aug 8, 10:00 - 10:59 PDT
\nWhere: Adversary Village (Virtual)
\nSpeakers:Abhijith B R,Jay Turla,Manu Zacharia,Aseem Jakhar,Omar Santos,Dave Lewis,Dhillon â€˜L33tdawgâ€™ Kannabhiran
\n
SpeakerBio:Abhijith B R\n
\nNo BIO available
\n
SpeakerBio:Jay Turla\n, Manager, Security Operations at Bugcrowd
\nJay Turla is a Manager, Security operations at Bugcrowd Inc., and one of the goons of ROOTCON. He has been acknowledged and rewarded by Facebook, Adobe, Yahoo, Microsoft, Mozilla, etc. for his responsible disclosures. He has also contributed auxiliary and exploit modules to the Metasploit Framework: Host Header Injection Detection, BisonWare BisonFTP Server Buffer Overflow, Zemra Botnet CnC Web Panel Remote Code Execution, Simple Backdoor Shell Remote Code Execution, w3tw0rk / Pitbul IRC Bot Remote Code Execution, etc. He used to work for HP Fortify where he performs Vulnerability Assessment, Remediation and Advance Testing.
\n
SpeakerBio:Manu Zacharia\n, President at ISRA, Founder of c0c0n International Hacking & Information Security Conference
\nInformation Security evangelist with more than 23 years of professional experience. CEO â€“ HackIT Technology and Advisory Services (Singapore, India, UAE) - www.hackit.co. External Consultant to Kerala State IT Mission / Computer Emergency Response Team (Kerala) â€“ CERT-K from Feb 2016 to Jul 2016. Awarded the prestigious Microsoft Most Valuable Professional - MVP award consecutively for four years (2009, 2010, 2011 and 2012) in Enterprise Security stream. Also honored with the prestigious Asia Pacific Information Security Leadership Achievements Award for 2010 from (ISC)² under Senior Information Security Professional Category. Awarded the Nullcon Black Shield Awards for 2014 under the Community Star category for contribution to community in terms of knowledge sharing, administration, communication, proliferation. Founder of c0c0n International Hacking & Information Security Conference and also Information Security Day Initiatives.
\n
SpeakerBio:Aseem Jakhar\n, Co-founder/Director R&D - Payatu, Nullcon, Hardwear.io, EXPLIoT
\nAseem Jakhar is the Director, research at Payatu Software Labs http://payatu.com a boutique security testing company specializing in IoT, Embedded, cloud, mobile security testing. He is the founder of null-The open security community, registered not-for-profit organization http://null.co.in and also the founder of nullcon security conference http://nullcon.net and hardwear.io security conference. He has worked on various security software including UTM appliances, messaging/security appliances, anti-spam engine, anti-virus software, bayesian engine to name a few. He currently spends his time researching on IoT security and hacking things. He is an active speaker and trainer at security conferences like AusCERT, Black Hat, Brucon, Defcon, Hack.lu, Hack in Paris, Hack In The Box, PHDays and many more. He has authored various open source security software including - ExplIoT - IoT Exploitation Framework - DIVA (Damn Insecure and Vulnerable App) for Android - Jugaad/Indroid - Linux Thread injection kit for x86 and ARM - Dexfuzzer - Dex file format fuzzer
\n
SpeakerBio:Omar Santos\n, Principal Engineer, Cisco PSIRT, DEF CON Red Team Village
\nOmar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar is the author of over 20 books and video courses; numerous white papers, articles, and security configuration guidelines and best practices. Omar is a Principal Engineer of Ciscoâ€™s Product Security Incident Response Team (PSIRT) where he mentors and lead engineers and incident managers during the investigation and resolution of security vulnerabilities.\n

Omar has been quoted by numerous media outlets, such as TheRegister, Wired, ZDNet, ThreatPost, CyberScoop, TechCrunch, Fortune Magazine, Ars Technica, and more. \n

\n
SpeakerBio:Dave Lewis\n, Global Advisory CISO for CISCO
\nDave Lewis has twenty five years+ of industry experience. He has extensive experience in IT security operations and management including a decade dealing with critical infrastructure security. Lewis is a Global Advisory CISO for Cisco. He is the founder of the security site Liquidmatrix Security Digest and cohost of the Liquidmatrix podcast as well as the host of the Plaintext and Murder Board podcasts. Lewis serves on the advisory boards for several firms. He is currently enrolled in a graduate program at Harvard University. Lewis has written columns for Daily Swig, Forbes and several other publications
\n
SpeakerBio:Dhillon â€˜L33tdawgâ€™ Kannabhiran\n, Founder, CEO at Hack In The Box
\nDhillon Andrew Kannabhiran (@l33tdawg on Twitter) is the Founder and Chief Executive Officer of Hack in The Box, organiser of the HITBSecConf series of network security conferences which has been held annually for over a decade in various countries including Malaysia, The Netherlands, The UAE and now China!
\n\n
\nDescription:
\nHow do security communities help the information security industry and professionals? Why does the security industry need open security communities and forums? The relevance of such communities in standardizing Vulnerability disclosures Building frameworks and tools etc
\n
Adversary Village talks and workshops will be streamed on YouTube and Twitch.\n

Q&A sessions will happen in DEF CON Official Discord server after each talk.\n

YouTube: https://www.youtube.com/channel/UCOhn9WALnpb5YAbW18R1Hzg\n

Discord: https://discord.gg/defcon\n

\'',NULL,220781),('2_Friday','12','12:30','13:30','N','HRV','','\'Spectrum Coordination for Amateur Radio\'','\'Bryan Fields\'','HRV_8f3ce751b550a9d24183c00027be22ec','\'Title: Spectrum Coordination for Amateur Radio
\nWhen: Friday, Aug 6, 12:30 - 13:30 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
SpeakerBio:Bryan Fields\n
\nBryan Fields, W9CR, is one of the founding members of the Florida Amateur Spectrum Management Association (\"FASMA\") and operates a number of wide coverage repeaters in the Tampa Bay region. Bryan holds several FCC licenses, he was first licensed in 1995 at age 10, and holds a GROL+RADAR license as well. He\'s served as a technical committee member to ARDC, the holder of 44/8 (\"AMPRNET\"), and is a founding member of AllStarLink. Professionally Bryan has worked in the carrier networking space, focusing on IP/MPLS networks and wireless communications. Currently he is a senior consulting engineer with a major router vendor.
\n\n
\nDescription:
\nIn this presentation we\'ll cover the basis for coordination of repeater and other other stations in the amateur radio service. The theory will focus on the practices used in Florida, but generally are applicable to other coordination bodies.
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,220782),('2_Friday','13','12:30','13:30','Y','HRV','','\'Spectrum Coordination for Amateur Radio\'','\'Bryan Fields\'','HRV_8f3ce751b550a9d24183c00027be22ec','\'\'',NULL,220783),('2_Friday','10','10:00','15:59','N','ASV','','\'Antenny\'','\' \'','ASV_fe9d2ce138dc01e8b1c271480a6eb192','\'Title: Antenny
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Virtual Workshop)
\n
\nDescription:
\nCome together to build on Antenny boards. Make things that can talk to the sky with very very very affordable hardware. What becomes possible when we have 1000 ground stations? I have a few ideas, Iâ€™m sure participants will have many others. Letâ€™s build it and find out together!
\n\'',NULL,220784),('2_Friday','11','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_fe9d2ce138dc01e8b1c271480a6eb192','\'\'',NULL,220785),('2_Friday','12','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_fe9d2ce138dc01e8b1c271480a6eb192','\'\'',NULL,220786),('2_Friday','13','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_fe9d2ce138dc01e8b1c271480a6eb192','\'\'',NULL,220787),('2_Friday','14','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_fe9d2ce138dc01e8b1c271480a6eb192','\'\'',NULL,220788),('2_Friday','15','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_fe9d2ce138dc01e8b1c271480a6eb192','\'\'',NULL,220789),('3_Saturday','10','10:00','15:59','N','ASV','','\'Antenny\'','\' \'','ASV_40edea064e3ac76ba42df440a56767a0','\'Title: Antenny
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: Aerospace Village (Virtual Workshop)
\n
\nDescription:
\nCome together to build on Antenny boards. Make things that can talk to the sky with very very very affordable hardware. What becomes possible when we have 1000 ground stations? I have a few ideas, Iâ€™m sure participants will have many others. Letâ€™s build it and find out together!
\n\'',NULL,220790),('3_Saturday','11','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_40edea064e3ac76ba42df440a56767a0','\'\'',NULL,220791),('3_Saturday','12','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_40edea064e3ac76ba42df440a56767a0','\'\'',NULL,220792),('3_Saturday','13','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_40edea064e3ac76ba42df440a56767a0','\'\'',NULL,220793),('3_Saturday','14','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_40edea064e3ac76ba42df440a56767a0','\'\'',NULL,220794),('3_Saturday','15','10:00','15:59','Y','ASV','','\'Antenny\'','\' \'','ASV_40edea064e3ac76ba42df440a56767a0','\'\'',NULL,220795),('2_Friday','17','17:00','17:30','N','BHV','','\'Lets Get Real About The Future State of Healthcare\'','\'Christian Dameff,Jeff \'R3plicant\' Tully\'','BHV_b012a122d568ea83d4d9fe4ea9a8f367','\'Title: Lets Get Real About The Future State of Healthcare
\nWhen: Friday, Aug 6, 17:00 - 17:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\nSpeakers:Christian Dameff,Jeff \'R3plicant\' Tully
\n
SpeakerBio:Christian Dameff\n, Medical Director of Cybersecurity at UCSD
\nNo BIO available
\n
SpeakerBio:Jeff \'R3plicant\' Tully\n
\nNo BIO available
\n\n
\nDescription:
\nTaking the lessons of COVID-19 and the healthcare response, how can we create an improved state of resilience in healthcare?
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220796),('3_Saturday','15','15:00','16:45','N','BHV','','\'OWASP & CSA IoT: Impacting Medical Security\'','\'Aaron Guzman\'','BHV_d687f4ecf983773920839fd8afc6e637','\'Title: OWASP & CSA IoT: Impacting Medical Security
\nWhen: Saturday, Aug 7, 15:00 - 16:45 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Aaron Guzman\n, OWASP Project Leader
\nAaron Guzman is co-author of IoT Penetration Testing Cookbook and Product Security Lead with Cisco Meraki. He spends his days building security into IoT products and crafting designs that keep users safe from compromise. A co-chair of Cloud Security Allianceâ€™s IoT Working Group and a technical reviewer for several published security books, he also spearheads many open-source initiatives, raising awareness about IoT hacking and proactive defensive strategies under OWASPâ€™s IoT and Embedded Application Security projects. He has extensive public speaking experience, delivering conference presentations, training, and workshops globally. Follow Aaron on Twitter @scriptingxss.
\nTwitter: @scriptingxss
\n\n
\nDescription:
\nThe Open Web Application Security Project (OWASP) IoT Project is designed to help manufacturers, developers, and consumers better understand the security issues associated with the Internet of Things as well as enable users in any context to make better security decisions when building, deploying, or assessing IoT technologies. Similarly, CSA\'s IoT Working group is dedicated to understanding IoT deployments and defining actionable guidance to secure ecosystems. Their efforts are often used to develop medical security guidelines for developers and manufacturers alike but also to influence IoT security assessment methodologies for later use on commercial IoT certification schemes. This session will provide insights into current project initiatives, including those that directly impact medical devices and how you can save lives by getting involved.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220797),('3_Saturday','16','15:00','16:45','Y','BHV','','\'OWASP & CSA IoT: Impacting Medical Security\'','\'Aaron Guzman\'','BHV_d687f4ecf983773920839fd8afc6e637','\'\'',NULL,220798),('3_Saturday','16','16:45','16:59','N','BHV','','\'A Cohort of Pirate Ships\'','\'Alex Pearlman\'','BHV_ca93bc838705db2e939e04cdbb53f75f','\'Title: A Cohort of Pirate Ships
\nWhen: Saturday, Aug 7, 16:45 - 16:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Alex Pearlman\n, Science and Health Policy + Emerging Issues in Bioethics
\nNo BIO available
\n\n
\nDescription:
\nA presentation on our newly published research on ethics attitudes and preferences in biomedical citizen science, biohacker, and community bio groups. As biomedical citizen science initiatives become more prevalent, the unique ethical issues that they raise are attracting policy attention. One issue identified as a significant concern is the ethical oversight of bottom-up biomedical citizen science projects that are designed and executed primarily or solely by members of the public. That is because the federal rules that require ethical oversight of research by institutional review boards generally do not apply to such projects, creating what has been called an ethics gap. Working to close this gap, practitioners and scholars have considered new mechanisms of ethical oversight for biomedical citizen science. To date, however, participantsâ€™ attitudes about ethics and oversight preferences have not been systematically examined. This information is useful to efforts to develop ethical oversight mechanisms because it provides a basis for evaluating the likely effectiveness of specific features of such mechanisms and their acceptability from the perspective of biomedical citizen scientists. Here, we report data from qualitative interviews with 35 stakeholders (some from BHV!) in bottom-up biomedical citizen science about their general ethics attitudes and preferences regarding ethical oversight. Interviewees described ten ethical priorities and endorsed oversight mechanisms that are voluntary, community-driven, and offer guidance. Conversely, interviewees rejected mechanisms that are mandatory, hierarchical, and inflexible. Applying these findings, we conclude that expert consultation and community review models appear to align well with ethical priorities and oversight preferences of many biomedical citizen scientists, although local conditions should guide the development and use of mechanisms in specific communities.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220799),('3_Saturday','17','17:00','17:30','N','BHV','','\'The Little Things\'','\'MixÃ¦l Laufer\'','BHV_04e90e1acb22774d9e6f6e7360d675c0','\'Title: The Little Things
\nWhen: Saturday, Aug 7, 17:00 - 17:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:MixÃ¦l Laufer\n, Director of the Institute for Autonomous Medicine. Four Thieves Vinegar Collective.
\nNo BIO available
\n\n
\nDescription:
\nWas 2020 not the best year for you? Has 2021 not been a huge improvement? Are you sick of being dependent on infrastructure which fails? Do you wish there was something to look forward to? The Four Thieves Vinegar Collective has been quiet, because we\'ve been busy this last year. We have a lot of things to share.\n

But that\'s not what this talk is about. Instead of the new tools to eradicate diseases, tools to make medicines, ways to administer them, and DIY medical machinery, we\'re talking about just making it through the day.\n

There are tools which are not well known, but are easily accessible and can help you sleep better, not be hungover, clear brain fog, and take the edge off depression. These tools are not as well known as they should be, so we\'re talking about them.\n

Because as fun as the big things are, daily life is about the little things.\n

\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220800),('4_Sunday','11','11:00','11:59','N','BHV','','\'Fishing or Hunting\'','\'Ohad Zaidenberg\'','BHV_43ead6b15b05676b89bf17afddc27193','\'Title: Fishing or Hunting
\nWhen: Sunday, Aug 8, 11:00 - 11:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Ohad Zaidenberg\n, Founder and Executive at CTI League
\nNo BIO available
\n\n
\nDescription:
\nCreate a safer cyber space for the medical sector and the life-saving organizations.\n

The CTI League aspires to protect the medical sector and the life-saving organizations (MS-LSO) worldwide from cyber-attacks, supplying reliable information, reducing the level of threat, supporting security departments, and neutralizing cyber threats.\n

\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220801),('4_Sunday','13','13:00','13:30','N','BHV','','\'The Security of Your Digital DNA, from Inception to Death\'','\'Garrett Schumacher\'','BHV_1fc5e8b7e02e351202ceb1802c5479ed','\'Title: The Security of Your Digital DNA, from Inception to Death
\nWhen: Sunday, Aug 8, 13:00 - 13:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Garrett Schumacher\n, Cybersecurity Engineer at Velentium | Co-Founder & CTO at GeneInfoSec
\nGarrett Schumacher both hacks biology and defends it. He began his career in genetics and biotech, but he now focuses on infosec within these fields. He is a medical device cybersecurity engineer at Velentium, the co-founder and CTO of GeneInfoSec, and an instructor at the University of Colorado.
\nTwitter: @GJSchumacher
\n\n
\nDescription:
\nGenetic data is some of your most sensitive and personal info, and it is being used to advance society. However, it is also identifiable, immutable and weaponizable. For these and other reasons, our genetic data deserves the highest security. But how secure is its point of origin? This talk will cover the current genetic threat landscape and the potential risks from the misuse of genetic data. A focus will be applied to DNA sequencers and their operational environments, where both digital genetic data and insecurity are introduced into the system.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220802),('2_Friday','11','11:00','11:30','N','CCV','','\'Getting Started with Decentralized Object Storage\'','\'Storj Team\'','CCV_ca6ec469ec3f38af5546f9b13ff4de49','\'Title: Getting Started with Decentralized Object Storage
\nWhen: Friday, Aug 6, 11:00 - 11:30 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Storj Team\n
\nNo BIO available
\n\n
\nDescription:
\nJoin Storj for this brief demo. The team will be available most other times in the village to answer questions.
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220803),('2_Friday','12','12:30','12:59','N','CCV','','\'Privacy on Public Blockchains with SGX\'','\'Secret Network Team\'','CCV_ef38b14d435412cfa69e9b7dccd6935b','\'Title: Privacy on Public Blockchains with SGX
\nWhen: Friday, Aug 6, 12:30 - 12:59 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Secret Network Team\n
\nNo BIO available
\n\n
\nDescription:
\nBringing privacy to smart contracts by leveraging intel SGX to compute over data without node operators seeing the underlying information.
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220804),('2_Friday','14','14:00','14:59','N','CCV','','\'Hardware Wallet Show and Tell\'','\'Michael Schloh von Bennewitz\'','CCV_48099a42e59126f21ad7717b21b72a0c','\'Title: Hardware Wallet Show and Tell
\nWhen: Friday, Aug 6, 14:00 - 14:59 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Michael Schloh von Bennewitz\n
\nNo BIO available
\n\n
\nDescription:
\nMichael will show off a variety of village badges and hardware. Michael will also be available at other times in the village for various other hardware activities.
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220805),('2_Friday','16','16:00','16:30','N','CCV','','\'State of Cryptocurrency Ransomware AMA\'','\'Guillermo Christensen\'','CCV_7eaba0ab85bbfe17ad0cd2fe59de94fc','\'Title: State of Cryptocurrency Ransomware AMA
\nWhen: Friday, Aug 6, 16:00 - 16:30 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Guillermo Christensen\n
\nNo BIO available
\n\n
\nDescription:
\nGuillermo will give an overview of the state of cryptocurrencies and ransomware, focusing on what he hears in the national security/law Enforcment sector plus incident response and then work on what options are there for addressing the proliferation of ransomware tied to cryptocurrencies but avoiding some of the global solutions like banning.
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220806),('3_Saturday','10','10:00','10:15','N','CCV','','\'What Is Zero Knowledge\'','\'Sarang Noether, Ph.D.\'','CCV_e5ac42ea12275126a1e1df96336f3c7f','\'Title: What Is Zero Knowledge
\nWhen: Saturday, Aug 7, 10:00 - 10:15 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Sarang Noether, Ph.D.\n
\nSarang Noether is a researcher who focuses on privacy-preserving cryptographic constructions and protocols.
\n\n
\nDescription:
\nLightning overview of the basics of zero knowledge proofs and transaction protocols, and how they relate (or don\'t) to each other. A Q&A session will follow.
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220807),('3_Saturday','13','13:00','13:15','N','CCV','','\'Monero Scaling Opportunities and Challenges\'','\'Francisco CabaÃ±as\'','CCV_3465033cc0c4611f93e376cee1607bc4','\'Title: Monero Scaling Opportunities and Challenges
\nWhen: Saturday, Aug 7, 13:00 - 13:15 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Francisco CabaÃ±as\n
\nNo BIO available
\n\n
\nDescription:
\nThis is a short 15 minute talk followed by an open Q&A session. We will cover the impact of technology, business models and protocols on payment ledgers starting with the advent of general purpose payment, credit and debit cards since the 1940â€™s followed by the advent of de centralized blockchain based ledgers such as Bitcoin (2009) and Monero (2014). The critical distinction between technological limitations and protocol / business model limitations and the impact of technological limitations at a given point in time on the development of protocols and business models. We will consider how various protocols and business models can compete with each other and in particular what the Monero scaling protocol has to tell us about the limitations of scaling in Bitcoin and similar cryptocurrencies.
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220808),('3_Saturday','15','15:00','15:15','N','CCV','','\'Triptych\'','\'Sarang Noether, Ph.D.\'','CCV_2f5c1041713f48497bf5b689354bc0b4','\'Title: Triptych
\nWhen: Saturday, Aug 7, 15:00 - 15:15 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Sarang Noether, Ph.D.\n
\nSarang Noether is a researcher who focuses on privacy-preserving cryptographic constructions and protocols.
\n\n
\nDescription:
\nTriptych is a zero-knowledge proving system that can be used as part of a privacy-preserving transaction model. In this talk, we\'ll walk through the research and development process that led to an ongoing implementation of Triptych compatible with the Monero protocol, and provide insight into some of the tradeoffs and complexities that come with protocol updates. No particular background is required to understand this talk!
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220809),('3_Saturday','16','16:30','16:59','N','CCV','','\'Cryptocurrency Trivia!\'','\'Justin Ehrenhofer\'','CCV_2843bc68a94924d596f19b4c4d08e60d','\'Title: Cryptocurrency Trivia!
\nWhen: Saturday, Aug 7, 16:30 - 16:59 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Justin Ehrenhofer\n
\nNo BIO available
\n\n
\nDescription:
\nJoin us for cryptocurrency-themed trivia! Each player competes using their phone or computer on topics relating cryptocurrency news, lore, history, research, and development. This will be a super fun time!
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220810),('3_Saturday','17','17:00','17:15','N','CCV','','\'Monero After Party\'','\'Monero Sound\'','CCV_1a03c361d052f071fe306fdcec30b1c8','\'Title: Monero After Party
\nWhen: Saturday, Aug 7, 17:00 - 17:15 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Monero Sound\n
\nNo BIO available
\n\n
\nDescription:
\nQuick reminder for the Monero Party that will begin later that evening. Previous Monero parties have been so excellent that they made the news. Tickets available at monerosound.com
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220811),('4_Sunday','11','11:00','11:59','N','CCV','','\'DEX trading without leaking your identity: RAILGUN\'','\'Railgun Team\'','CCV_cfacc852fee157ab4e21f04747c03df0','\'Title: DEX trading without leaking your identity: RAILGUN
\nWhen: Sunday, Aug 8, 11:00 - 11:59 PDT
\nWhere: Cryptocurrency Village (Onsite - Paris Champagne Ballroom 1)
\n
SpeakerBio:Railgun Team\n
\nNo BIO available
\n\n
\nDescription:
\n Railgun is a tool that offers additional privacy on Ethereum.
\n
The Cryptocurrency Village is built around conversations and events, not formal talks. Stop by any time to speak with knowledgeable individuals! This village focuses on the security and privacy side of cryptocurrencies, not the investment side.\n

The Cryptocurrency Village is conveniently located in Paris Champagne Ballroom 1.\n

\'',NULL,220812),('2_Friday','11','11:00','11:30','N','CPV','','\'Welcome to Gold Bug\'','\' \'','CPV_5f526507106f0d781b8b9984490ca9a6','\'Title: Welcome to Gold Bug
\nWhen: Friday, Aug 6, 11:00 - 11:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:
\nDescription:Join puzzlemasters Maya & Kevin to kick off this year\'s Gold Bug puzzle challenge!
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220813),('2_Friday','11','11:30','12:30','N','CPV','','\'How expensive is quantum factoring, really?\'','\'Craig Gidney\'','CPV_2a329f2d7115037ea76e6b32acdf22f9','\'Title: How expensive is quantum factoring, really?
\nWhen: Friday, Aug 6, 11:30 - 12:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
SpeakerBio:Craig Gidney\n
\nSoftware engineer turned research scientist on Google\'s quantum team. Cut the cost of quantum factoring by 100x. Unofficial record holder for largest number not-actually-factored on a quantum computer.
\n\n
\nDescription:
\nQuantum computers are expected to eventually break RSA and ECC. But how big would the machine have to be, and how long would it need to run? This talk will discuss the hype, the reality, and the difficulties around quantum attacks on public key cryptography.
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220814),('2_Friday','12','11:30','12:30','Y','CPV','','\'How expensive is quantum factoring, really?\'','\'Craig Gidney\'','CPV_2a329f2d7115037ea76e6b32acdf22f9','\'\'',NULL,220815),('2_Friday','14','14:00','14:45','N','CPV','','\'Playing God: How ambiguities in state and federal breach notification laws give lawyers too much discretion in deciding whether or not to disclose potential data breaches\'','\'Anthony Hendricks,Jordan Sessler\'','CPV_74b5ffde3292c2020f3853b14a2773fd','\'Title: Playing God: How ambiguities in state and federal breach notification laws give lawyers too much discretion in deciding whether or not to disclose potential data breaches
\nWhen: Friday, Aug 6, 14:00 - 14:45 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\nSpeakers:Anthony Hendricks,Jordan Sessler
\n
SpeakerBio:Anthony Hendricks\n
\nAnthony Hendricks is an attorney who advises clients as the chair of Crowe & Dunlevyâ€™s Cybersecurity & Data Privacy Practice Group. In that role, he frequently analyzes and litigates legal issues related to IoT devices. Prior to beginning his practice, he studied as Howard University\'s first Marshall Scholar and later graduated from Harvard Law School. He now teaches cybersecurity law as an adjunct professor at Oklahoma City University School of Law.
\n
SpeakerBio:Jordan Sessler\n
\nJordan Sessler is an attorney who advises clients on data security as a member of Crowe & Dunlevyâ€™s Cybersecurity & Data Privacy Practice Group. In that role, he regularly engages with legal issues related to IoT devices and has represented companies in disputes with law enforcement regarding the discoverability of user- and device-generated data. Prior to beginning his practice, he graduated from Harvard Law School and clerked for U.S. District Court Judge D.P. Marshall Jr.
\n\n
\nDescription:
\nThere is often ambiguity as to whether a security incident qualifies as a data breach and, thus, needs to be reported to authorities or disclosed to affected individuals. This means that, despite efforts to pass breach notification laws in all fifty states, there is little consistency in what actually gets reported and disclosed. Some companies disclose data breaches where there is no evidence of data access, while others decline to do so even when there is a substantial possibility of access. Under current law, both courses of action are generally acceptable given latent ambiguity in what triggers a â€œreasonable beliefâ€ that data has been accessed or acquired by an unauthorized party. However, this legal grey area often leaves individual lawyers to make a massive ethical decision: does our client need to tell you that your data may have been stolen, even when the law does not necessarily require that they do so?
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220816),('2_Friday','14','14:45','14:59','N','CPV','','\'Lightning Talk: Differential Privacy and Census Data\'','\'Wendy Edwards\'','CPV_d605a2f73b2ce776553f3aaeef58948c','\'Title: Lightning Talk: Differential Privacy and Census Data
\nWhen: Friday, Aug 6, 14:45 - 14:59 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
SpeakerBio:Wendy Edwards\n
\nWendy is a software developer interested in the intersection of cybersecurity and data science. Sheâ€™s involved in the NASA Datanauts program and participated in the SANS Womenâ€™s Academy, earning GIAC GSEC, GCIH, and GCIA certifications. She has masters degrees in computer science and library and information science from the University of Illinois. She has spoken at Summercon, BSides Chicago, The Diana Initiative, Hackfest Canada, Circle City Con, and DEFCON Ethics Village. In her spare time, she enjoys Scrabble and swimming and has a lively flat-coated retriever named Ciaran.
\nTwitter: @wayward710
\n\n
\nDescription:
\nThe U.S. Constitution requires that a Census be conducted every 10 years. In addition to counting populations, the Census also collects personal data that\'s legally required to be kept private. This presents a growing challenge: how can the Census provide accurate statistical data without revealing information that would allow others to piece together someone\'s data? For example, what if you had a very small census block with only one member of a particular ethnicity? Without any privacy measures, it might be possible to figure out who the person was. Big data also increases privacy risks. What if it was possible to deidentify Census data and then combine it with social media big data?\n

The Census Bureau has developed a Disclosure Avoidance System that uses differential privacy to introduce noise into results. Essentially, the goal of differential privacy is to give each person the same amount of privacy they would have if their data was removed. Differential privacy has a number of implications for redistricting; for example, it may make gerrymandering more difficult since fine-grained data is obscured. \n

This talk will discuss Census privacy challenges, and provide an overview of differential privacy.\n

\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220817),('2_Friday','15','15:00','15:30','N','CPV','','\'So What? The CFAA after Van Buren\'','\'Kendra Albert\'','CPV_abdf82b8726245b3222555005483d1ac','\'Title: So What? The CFAA after Van Buren
\nWhen: Friday, Aug 6, 15:00 - 15:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
SpeakerBio:Kendra Albert\n
\nKendra Albert is a public interest technology lawyer with a special interest in computer security law and in protecting marginalized speakers and users. They serve as a clinical instructor at the Cyberlaw Clinic at Harvard Law School, where they teach students to practice law by working with pro bono clients. Kendra is also the founder and director of the Initiative for a Representative First Amendment. Before they joined the Clinic, Kendra worked with Marcia Hofmann at Zeitgeist Law. They serve on the board of the ACLU of Massachusetts and the Tor Project, and provide support as a legal advisor for Hacking // Hustling.
\n\n
\nDescription:
\nOn June 3, 2021, the Supreme Court of the United States decided Van Buren v. United States, its first case that meaningfully took up the scope of the Computer Fraud and Abuse Act, the federal anti-hacking statute. Originally passed in the aftermath of Wargames (no, really), the CFAA\'s broad language has been used to criminalize all kinds of activities that might not be traditionally considered hacking, from employees accessing databases for non-job purposes to companies that aimed to aggregate social network data. Post Van Buren, it\'s clear that the Computer Fraud and Abuse Act is narrower - but what is covered and what isn\'t is still up in the air. This talk will provide a brief overview of the CFAA, particularly focused on computer security work and research, and then discuss what the consequences of Van Buren might be, including competing theories about the infamous (for lawyers at least) footnote that suggests that non-technical restrictions on access may create CFAA liability.
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220818),('2_Friday','16','16:30','17:30','N','CPV','','\'Piecing Together Your Personal Privacy Profile\'','\'Margaret Fero\'','CPV_05948dda553122102b6ab58b21f2a1e3','\'Title: Piecing Together Your Personal Privacy Profile
\nWhen: Friday, Aug 6, 16:30 - 17:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
SpeakerBio:Margaret Fero\n
\nMargaret leads security at a small startup, and loves information security, learning and education, and interdisciplinary connections. Before transitioning to a career in security, Margaret was a Technical Writer and independent security researcher. Margaret has spoken at conferences including ToorCon, Write The Docs Day: Australia, the O\'Reilly Open Source Convention (OSCON), and Abstractions II.
\n\n
\nDescription:
\nIn finance, analysts combine seemingly-insignificant information to constitute useful information that a company didnâ€™t intend to reveal. This is called mosaic theory. This talk applies the concepts of mosaic theory to a personal privacy audit. \n

Many details, like those you might post to social media or include on a public resume, can be combined to deduce significant aspects of your private data. Small divergences from your usual patterns can, when combined together, also reveal information that you may not intend to disclose. Often, this information includes your physical location, vacation dates, or current employer. \n

After this talk, you should be able to apply the concepts of mosaic theory to evaluate the data that is publicly available about you, including combinations of small details that you may have considered insignificant on their own.\n

\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220819),('2_Friday','17','16:30','17:30','Y','CPV','','\'Piecing Together Your Personal Privacy Profile\'','\'Margaret Fero\'','CPV_05948dda553122102b6ab58b21f2a1e3','\'\'',NULL,220820),('3_Saturday','10','10:00','17:30','N','CPV','','\'Workshop & CTF: Practical Cryptographic Attacks\'','\'Daniel Crowley\'','CPV_76eedf77b601f3f423cc31766129729b','\'Title: Workshop & CTF: Practical Cryptographic Attacks
\nWhen: Saturday, Aug 7, 10:00 - 17:30 PDT
\nWhere: See Description
\n
SpeakerBio:Daniel Crowley\n
\nDaniel Crowley is the head of research and a penetration tester for X-Force Red. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel is the primary author of both the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool. Daniel enjoys climbing large rocks and is TIME magazine\'s 2006 person of the year. Daniel has been working in the information security industry since 2004 and is a frequent speaker at conferences including Black Hat, DEF CON, Shmoocon, and SOURCE. Daniel does his own charcuterie and brews his own beer. Daniel\'s work has been included in books and college courses. Daniel also holds the noble title of Baron in the micronation of Sealand.
\n\n
\nDescription:
\nWhile new cryptographic attacks are regularly published, there are a series of common, practically exploitable mistakes that have been made by application developers at both large and small companies for years when using cryptography. For example, using a hard-coded IV (a common mistake) led to the flaw known as Zerologon, exploiting Microsoft\'s Netlogon protocol to allow pre-auth domain compromise in 2020. This workshop will provide a working knowledge of cryptography for those unfamiliar, and explain a series of practical attacks against cryptographic mistakes that are common in production systems today, accompanied by practical challenges in the form of a CTF.\n

CTF URL: https://crypto.iscool.af/
\nPython3 module for crypto exploit writing: https://github.com/unicornsasfuel/cryptanalib3.\n

Recommended for rapid exploit writing: pwntools -- install docs at: \nhttps://docs.pwntools.com/en/stable/install.html\n

This talk will be streamed at https://www.twitch.tv/DrSensualPotatoPhD\n

\n\'',NULL,220821),('3_Saturday','11','10:00','17:30','Y','CPV','','\'Workshop & CTF: Practical Cryptographic Attacks\'','\'Daniel Crowley\'','CPV_76eedf77b601f3f423cc31766129729b','\'\'',NULL,220822),('3_Saturday','12','10:00','17:30','Y','CPV','','\'Workshop & CTF: Practical Cryptographic Attacks\'','\'Daniel Crowley\'','CPV_76eedf77b601f3f423cc31766129729b','\'\'',NULL,220823),('3_Saturday','13','10:00','17:30','Y','CPV','','\'Workshop & CTF: Practical Cryptographic Attacks\'','\'Daniel Crowley\'','CPV_76eedf77b601f3f423cc31766129729b','\'\'',NULL,220824),('3_Saturday','14','10:00','17:30','Y','CPV','','\'Workshop & CTF: Practical Cryptographic Attacks\'','\'Daniel Crowley\'','CPV_76eedf77b601f3f423cc31766129729b','\'\'',NULL,220825),('3_Saturday','15','10:00','17:30','Y','CPV','','\'Workshop & CTF: Practical Cryptographic Attacks\'','\'Daniel Crowley\'','CPV_76eedf77b601f3f423cc31766129729b','\'\'',NULL,220826),('3_Saturday','16','10:00','17:30','Y','CPV','','\'Workshop & CTF: Practical Cryptographic Attacks\'','\'Daniel Crowley\'','CPV_76eedf77b601f3f423cc31766129729b','\'\'',NULL,220827),('3_Saturday','17','10:00','17:30','Y','CPV','','\'Workshop & CTF: Practical Cryptographic Attacks\'','\'Daniel Crowley\'','CPV_76eedf77b601f3f423cc31766129729b','\'\'',NULL,220828),('2_Friday','10','10:00','10:59','N','CPV','','\'New Face, Who Dis? Protecting Privacy in an Era of Surveillance\'','\'Mike Kiser\'','CPV_faadd1f378b56676b676ef7b9117f7a8','\'Title: New Face, Who Dis? Protecting Privacy in an Era of Surveillance
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
SpeakerBio:Mike Kiser\n
\nMike Kiser is insecure. He has been this way since birth, despite holding a panoply of industry positions over the past 20 yearsâ€”from the Office of the CTO to Security Strategist to Security Analyst to Security Architectâ€”that might imply otherwise. In spite of this, he has designed, directed, and advised on large-scale security deployments for a global clientele. He is currently in a long-term relationship with fine haberdashery, is a chronic chronoptimist (look it up), and delights in needlessly convoluted verbiage. He speaks regularly at events such as the European Identity Conference and the RSA Conference, is a member of several standards groups, and has presented identity-related research at Black Hat and Def Con. He is currently a Senior Identity Strategist for SailPoint Technologies.\n
\n\n
\nDescription:
\nWhile it has its potential benefits, facial recognition is eroding privacy and other human rights. Over the past year, several organizations have acknowledged that they have â€œscrapedâ€ social media and similar sites for photos to build their biometric databases, and photos intended for personal use only have now been potentially weaponized.\n

Industry and government have ethical responsibilities to prevent this, but what if there were a way to enhance privacy for individuals without waiting for the cavalry? Adversarial technology can provide a way to protect this biometric, but it must be as easy to use as picking up their mobile device and taking a photo.\n

Weâ€™ll cover the last year in adversarial research, examining the pros and cons of each and working towards the introduction of a new open-source mobile app, â€œRuse,\" that seeks to use adversarial strategies to make personal photos less useful for commercial facial recognition systems while retaining a (relatively) low impact on human usefulness.\n

\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220829),('3_Saturday','11','11:30','12:30','N','CPV','','\'Breaking Historical Ciphers with Modern Algorithms\'','\'Elonka Dunin,Klaus Schmeh\'','CPV_2a594f87098367dac4b29e8701245c4d','\'Title: Breaking Historical Ciphers with Modern Algorithms
\nWhen: Saturday, Aug 7, 11:30 - 12:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\nSpeakers:Elonka Dunin,Klaus Schmeh
\n
SpeakerBio:Elonka Dunin\n
\nElonka Dunin is co-founder of a group working to crack the Kryptos sculpture at CIA Headquarters, and a member of the National Cryptologic Foundationâ€™s Board of Directors. Bestselling author Dan Brown named a character after her in one of his novels. She maintains popular websites about the world\'s most famous unsolved codes, and her publications include the book with Klaus Schmeh, \"Codebreaking: A Practical Guideâ€, as well as a Cryptologia paper on Playfair cipher world records. She has also developed award-winning games at companies such as Simutronics.
\n
SpeakerBio:Klaus Schmeh\n
\nKlaus Schmeh is the most-published cryptology author in the world. He has written 15 books about the subject, as well as over 200 articles, 25 scientific papers, and 1,400 blog posts. His blog \"Cipherbrain\" covers codebreaking and crypto history, and he is a member of the editorial board of the scientific magazine Cryptologia. He co-published his latest book \"Codebreaking: A Practical Guide\" with Elonka Dunin. He is known for his entertaining presentation style involving self-drawn cartoons and Lego models, and he has lectured at hundreds of conferences, including the NSA Cryptologic History Symposium and the RSA Conference. In his day job, Klaus works for a German cryptology company.
\n\n
\nDescription:
\nMany old encryption methods are still hard to break today. For instance, cryptanalyzing a short 19th century Playfair cipher is far from trivial. WW2 Enigma messages, spy ciphers from the Cold War, and manual methods used by criminals such as the Zodiac Killer can also be challenging, especially when the ciphertexts are short. On the other hand, techniques for breaking historical ciphers have recently made considerable progress. Computer-based cryptanalysis methods such as hill climbing and simulated annealing have been successfully applied to break original WWII Enigma messages, as well as one of the world\'s most famous unsolved codes, a 1970 ciphertext sent by the Zodiac Killer. The record in solving short Playfair messages has improved: whereas many years ago the shortest Playfair ciphertext that could be cracked required a minimum of 60 letters, now messages as short as 26 letters have been solved. However, many other historical ciphertexts are still unbroken to date. This presentation will introduce the most important historical ciphers, and modern techniques to break them - based on the 2020 book \"Codebreaking: A Practical Guide\" authored by the presenters. Many real-world examples will be provided, with slides that use an entertaining style including Lego brick models, self-drawn cartoons, and animations.
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220830),('3_Saturday','12','11:30','12:30','Y','CPV','','\'Breaking Historical Ciphers with Modern Algorithms\'','\'Elonka Dunin,Klaus Schmeh\'','CPV_2a594f87098367dac4b29e8701245c4d','\'\'',NULL,220831),('3_Saturday','14','14:00','14:59','N','CPV','','\'Staying Fresh While the Feds Watch: Changes in Government Surveillance and Why it Matters\'','\'Anthony Hendricks\'','CPV_eaaee6e823fae3abb9ad1929152027ad','\'Title: Staying Fresh While the Feds Watch: Changes in Government Surveillance and Why it Matters
\nWhen: Saturday, Aug 7, 14:00 - 14:59 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
SpeakerBio:Anthony Hendricks\n
\nAnthony Hendricks is an attorney who advises clients as the chair of Crowe & Dunlevyâ€™s Cybersecurity & Data Privacy Practice Group. In that role, he frequently analyzes and litigates legal issues related to IoT devices. Prior to beginning his practice, he studied as Howard University\'s first Marshall Scholar and later graduated from Harvard Law School. He now teaches cybersecurity law as an adjunct professor at Oklahoma City University School of Law.
\n\n
\nDescription:
\nTechnology is constantly changing and evolving. While our laws are slow to keep up, this hasnâ€™t stopped the government from adapting. Whether itâ€™s using IoT devices as informants, paying for access to databases of information that the government could not collect without a warrant, or the increased use of facial recognition software, government surveillance is changing. This presentation will explore the current trends in government surveillance and investigations, the gaps in the law, the impact on all of us, and what we should be asking the law to do.
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220832),('3_Saturday','15','15:30','16:30','N','CPV','','\'Gold Bug Q&A\'','\' \'','CPV_55c8708a4b5c36b0f2e5d0d9d26067b9','\'Title: Gold Bug Q&A
\nWhen: Saturday, Aug 7, 15:30 - 16:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:
\nJoin puzzlemasters Kevin & Maya to discuss this year\'s puzzle!\n

goldbug.cryptovillage.org\n

\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,220833),('3_Saturday','16','15:30','16:30','Y','CPV','','\'Gold Bug Q&A\'','\' \'','CPV_55c8708a4b5c36b0f2e5d0d9d26067b9','\'\'',NULL,220834),('3_Saturday','16','16:30','17:30','N','CPV','','\'The threat hiding in daylight: Police Monitoring legislation and individual privacy in chat\'','\'Vic Huang,Joy Ho\'','CPV_e0d399505d07304b0b391f5b35e8323b','\'Title: The threat hiding in daylight: Police Monitoring legislation and individual privacy in chat
\nWhen: Saturday, Aug 7, 16:30 - 17:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\nSpeakers:Vic Huang,Joy Ho
\n
SpeakerBio:Vic Huang\n, Member, UCCU Hacker
\nVic Huang is member of UCCU Hacker, a hacker community in Taiwan. He is interested in Web/Mobile/Blockchain Security and penetration testing. He has been focusing on Blockchain for over 4 years. Vic shared his research on CYBERSEC 2021, CODE BLUE 2020, HITB+cyberweek 2019, HITCON Pacific 2018, AIS3, ISIP (Information Security Incubation Program), and so on.\n
\n
SpeakerBio:Joy Ho\n, Ph. D. Candidate, Soochow University
\nJoy Ho is a privacy counsel now working in a technical company in handling personal data infringement events and in legal compliance of Personal Information Protection Act. Joy is certified Internal Management Specialist, Internal Auditor & Certified Verification Professional â€“ Lead Auditor of Taiwan Personal Information Protection & Administration System (TPIPAS), also Lead Auditor of ISO 27001.
\n\n
\nDescription:
\nSince all the messenger services emphasize the trust relationship between the service provider and users, technology companies have been actively strengthening user data protection and providing better encryption measures in recent years. However, focusing on criminal investigation, national security and Anti-terrorism, law enforcement agencies in many countries have begun to formulate rules requiring technology companies to cooperate with the government to provide user data decryption to protect national security. This presentation try to introduce relevant issues about the police monitoring legislation and individual privacy in chat from technical and legal perspectives and the special case study from Taiwan.\n

First , we would share some police investigation in TW. The methods and targets have been changed due to the evolution of times. Then we would dive into a new critical target - messengers apps. Discuss about the technical part of messengers apps and Police Monitoring possibility. There are some messengers which is popular in different regions. In these apps, not only personal information are stored in the data collector side - service provider, but also our private chat messages with our family and friends. The messenger app companies say they use point-to-point encryption (end-to-end encryption, E2EE) to technically protect user privacy, but actually each what is E2EE? What is the difference between messenger apps E2EE? And howâ€™s it possible that there are some monitor(spying) apps clarify that they could reach to the data under E2EE scope? It makes the Police monitoring possible because many spying apps are existed. In this part we will also discuss about the technical part of privacy protection and spying. The discussion would then point out â€œwhat and how the police could really get in real worldâ€ from the technical perspective.\n

Secondly, we would start from Technology Investigation Act draft in Taiwan. On September 8, 2020, the Taiwan Ministry of Justice announced the draft Technology Investigation Act, which introduced different high-tech investigation approaches, including the â€œsource telecommunications surveillance.â€ We will introduce the draft Technology Investigation Act and the source telecommunications surveillance ruled. The issues related to the access of individual communication content would be raised: (1) If public interest is the reason to get individual communication, what is the line between privacy protection and public interest?What is the legal basis to get individual communication? (2) Could Government request or compel technology companies to provide my communication content? (3) How about the encrypted one? Through the discussion of 3 questions above, this presentation would provide an example to see the accessible information of messengers by criminal investigation, hoping to find the balance between privacy protection and police investigation. The last but not the least, we would share a case study about the police in Taiwan use the personal information collected for COVID-19 measurements to investigate the case.\n

\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

https://github.com/matthewnash/building-phone-privacy\n

\'',NULL,220835),('3_Saturday','17','16:30','17:30','Y','CPV','','\'The threat hiding in daylight: Police Monitoring legislation and individual privacy in chat\'','\'Vic Huang,Joy Ho\'','CPV_e0d399505d07304b0b391f5b35e8323b','\'\'',NULL,220836),('4_Sunday','10','10:00','13:59','N','CPV','','\'Workshop: Practically Protecting Phone Privacy (Pre-registration required)\'','\'Mauricio Tavares,Matt Nash\'','CPV_75067695b33c9b370a1cd170b36bbd28','\'Title: Workshop: Practically Protecting Phone Privacy (Pre-registration required)
\nWhen: Sunday, Aug 8, 10:00 - 13:59 PDT
\nWhere: See Description
\nSpeakers:Mauricio Tavares,Matt Nash
\n
SpeakerBio:Mauricio Tavares\n
\nMauricio has worked in the credit card and medical industry, which led to an interest in the behavioral aspect of data security and privacy. He has published in topics ranging from aerospace engineering to computer automation and data privacy. Currently, he is the senior security engineer of some multinational research project or another, helping craft the policies and procedures and advise IT staff to effectively protect it, shiny thingies, and laser pointers. And maybe user and data privacy in the process.\n

He only knows two facts about geese, both of which are wrong.\n

\n
SpeakerBio:Matt Nash\n
\nMatt Nash breaks things (sometimes intentionally)\n

As a security consultant, Matt works in a variety of realms, including: internal/external network infrastructure, cloud environments, web applications, automated teller machines (ATMs), physical security, social engineering, digital forensics and incident response, mobile, and wireless. As well, these assessments span a number of sectors: energy, utility, manufacturing, software development, financial, retail, municipal, and medical.\n

Matt holds a B.S. in Food and Resource Economics, and is therefore totally qualified to speak on the tasty topics of security and privacy.\n

\n\n
\nDescription:
\nThis workshop will be held on Zoom. Join here:\nhttps://unc.zoom.us/j/9853325800?pwd=WTlDYlRPM1ZTUEtkOG5uelc5Rk5Ddz09\nMeeting ID: 985 332 5800
\nPasscode: 800855\n

Your phone is a little snitch. For as long as it is turned on, it is monitoring your activities (physical and digital). It knows where you go, who else may be around, and likely what you are doing. Further, it shares (at least some of) the information with different organizations - which then sell or directly aggregate the data to profile you for fun and profit. The modern phone compromises your privacy by design.\n

To add insult to injury, you do not have a say on it. Or do you?\n

If you\'re willing to put in some effort, you can do something about it. But, it will require more than just installing some app with a big Easy Button. If we can do it, so can you!\n

Takeaways

Attendees will come out of this workshop with a privacy mindset:\n

Appreciating the privacy and security implications of using a smart phone in general -- specifically consumer Android devices.
Knowing how to achieve two different levels privacy in their phones and understanding the costs and benefits of each approach.
Understanding what \"attribution of traffic\" tying IP to a person through a VPN is.
Finding out which apps are privacy-respecting, and how to contain those untrusted apps you need to have

Who should take this workshop:\n

Privacy-conscious smartphone users who would like to understand and control what their mobile devices share about them.

Audience Skill Level:\n

Beginner/Intermediate\n

Attendees\' requirements:\n

An understanding of basic Linux commands
Comfortable with the idea of installing an aftermarket firmware/OS (\"ROM\") on a mobile device. Soft/hard \"bricking\" is a possibility, so having a spare phone may be a good investment.

What student should bring:\n

A phone that has support for the latest version of LineageOS - as of this writing, 18.1 (Android 11). It does not need to be the \"latest and greatest\", most expensive flagship device. In fact, we will compare and contrast the effectiveness and viability of higher-end and inexpensive models. We will not cover iPhones or other Apple products here.

INSTRUCTIONS\n

\n\'',NULL,220837),('4_Sunday','11','10:00','13:59','Y','CPV','','\'Workshop: Practically Protecting Phone Privacy (Pre-registration required)\'','\'Mauricio Tavares,Matt Nash\'','CPV_75067695b33c9b370a1cd170b36bbd28','\'\'',NULL,220838),('4_Sunday','12','10:00','13:59','Y','CPV','','\'Workshop: Practically Protecting Phone Privacy (Pre-registration required)\'','\'Mauricio Tavares,Matt Nash\'','CPV_75067695b33c9b370a1cd170b36bbd28','\'\'',NULL,220839),('4_Sunday','13','10:00','13:59','Y','CPV','','\'Workshop: Practically Protecting Phone Privacy (Pre-registration required)\'','\'Mauricio Tavares,Matt Nash\'','CPV_75067695b33c9b370a1cd170b36bbd28','\'\'',NULL,220840),('2_Friday','14','14:30','14:59','N','BHV','','\'Open-Source Vaccine Developer Kits (VDKs) with RaDVaC\'','\'Alex Hoekstra\'','BHV_348db0664ad3f48086cec3d640696378','\'Title: Open-Source Vaccine Developer Kits (VDKs) with RaDVaC
\nWhen: Friday, Aug 6, 14:30 - 14:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Alex Hoekstra\n
\nNo BIO available
\n\n
\nDescription:
\nVaccine development has traditionally been an expensive and thus primarily proprietary endeavor. Tools to decrease costs, increase adaptability, speed of production, speed of testing, and expand access to could help increase participation, collaboration, innovation, infectious disease biosecurity, and equity in vaccine development and ultimately vaccine deployment globally. Open-Source VDKs could fill a vital and underserved niche in the ecosystem or vaccine development.\n

RaDVaC is building tools to increase participation in vaccine development. Key features of a useful vaccine developer kit (VDK) include technical specs for vaccine candidate design, production, testing, adaptation, and collaboration. The ecosystem of vaccine development is weaker for a lack of open-source toolkits (open-source infrastructure is an investment in anti-fragility).\n

\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220841),('2_Friday','13','13:00','13:30','N','BHV','','\'\"Who Bears the Risk?\" Why a Market Incentives Perspective is Critical to Protecting Patients from Cyber Threats\'','\'Matt McMahon,Shannon Lantzky\'','BHV_9421562ba4ab3316ad5ac3d02b936eec','\'Title: \"Who Bears the Risk?\" Why a Market Incentives Perspective is Critical to Protecting Patients from Cyber Threats
\nWhen: Friday, Aug 6, 13:00 - 13:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\nSpeakers:Matt McMahon,Shannon Lantzky
\n
SpeakerBio:Matt McMahon\n, Senior Product Manager - Cybersecurity at Philips
\nMatt is currently a Program Manager for IoMT with Booz Allen, Grad Adj Professor, teaching coursework in Cyber and Healthcare at Salve Regina University and a Cyber & IOT SME with MIT
\n
SpeakerBio:Shannon Lantzky\n, Chief Scientist, Secure Connected Health, Strategic Innovation Group at Booz Allen Hamilton
\nDr. Shannon Lantzy is a leader in Booz Allenâ€™s regulatory science practice, focused on efficient regulatory decisions to promote public health. Based out of our Bethesda, Maryland office, Shannon oversees innovation projects in the areas of secure connected health, medical device premarket review program assessment, digital health, simulation modeling, and decision science support services. Her team includes biologists, economists, operations researchers, engineers, chemists, epidemiologists, technologists, and data scientists.\n

Shannon has a background in data science, strategy, and mission integration. Prior to joining Booz Allen, she supported NASAâ€™s science and human space flight mission directorates for close to a decade. After NASA, she took a 5-year academic hiatus to conduct research in consumer decision making using econometrics, predictive modeling, and experimental methods. \n

Shannon has three degrees from the University of Maryland, College Park, including a Ph.D. in business information systems from the Robert H. Smith School of Business; a masterâ€™s degree in information management from the College of Information Studies; and a bachelorâ€™s degree in mathematics and philosophy.\n

\n\n
\nDescription:
\nCyberattacks in healthcare abound. Sensitive health data is stolen, and patientsâ€™ lives are put at risk by the fleet of outdated, legacy medical devices in our hospitals that are vulnerable to attackers. As the market for internet of medical things (IoMT) rapidly expands, these trends will only increase. While we have the technology to fix this problem, traditional market incentives have not been able to induce a more secure healthcare environment. This talk will discuss those market failures from an economics perspective and suggest new strategies for properly incentivizing medical device manufacturers to make more cyber secure and resilient devices.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220842),('3_Saturday','17','17:30','17:59','N','BHV','','\'Playing with FHIR: hacking and securing healthcare APIs\'','\'Alissa Knight,Mitch Parker\'','BHV_9c46fde8cb2e9c94fb6e1deeb94b6aee','\'Title: Playing with FHIR: hacking and securing healthcare APIs
\nWhen: Saturday, Aug 7, 17:30 - 17:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\nSpeakers:Alissa Knight,Mitch Parker
\n
SpeakerBio:Alissa Knight\n, Content Creator | Hacker
\nAlissa Knight is a recovering hacker of 20 years, blending hacking with a unique style of written and visual content creation for challenger brands and market leaders in cybersecurity. Alissa is a cybersecurity influencer, content creator, and community manager as a partner at Knight Ink (http://www.knightinkmedia.com/) that provides vendors go-to market and content strategy for telling brand stories at scale in cybersecurity. Alissa is also the principal analyst in cybersecurity at Alissa Knight & Associates.\n

Alissa is a published author through her publisher at Wiley, having published the first book on hacking connected cars (https://www.amazon.com/Hacking-Connected-Cars-Techniques-Procedures/dp/1119491800/ref=sr_1_1?crid=X8OQ88MUEP4T&dchild=1&keywords=hacking+connected+cars&qid=1592558581&sprefix=hacking+connected+cars%2Caps%2C300&sr=8-1) and recently received two new book contracts to publish her autobiography and a new book on hacking APIs.\n

As a serial entrepreneur, Alissa has started and sold two cybersecurity companies to public companies in international markets and also sits as the group CEO of Brier & Thorn, a managed security service provider (MSSP).\n

https://www.alissaknight.com/ \n

\nhttps://www.alissaknight.com/
\n
SpeakerBio:Mitch Parker\n, CISO, Indiana University Health
\nNo BIO available
\n\n
\nDescription:
\nHear from renowned bank, automotive, and healthcare API Hacker Alissa Knight on her tactics and techniques in hacking mHealth and FHIR APIs. Alissa walks through the tactics and techniques she uses in her API kill chain. Mitch, IU Health CISO, follows up with tactical and strategic maneuvers to maintain the integrity of the data.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,220843),('2_Friday','10','10:00','10:30','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_105bef046f0b0352afd3c0bb54d6ad36','\'Title: Intro To Lockpicking
\nWhen: Friday, Aug 6, 10:00 - 10:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220844),('2_Friday','12','12:00','12:30','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_f73271959f4e97da991b46dede0271bf','\'Title: Intro To Lockpicking
\nWhen: Friday, Aug 6, 12:00 - 12:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220845),('2_Friday','14','14:15','14:45','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_a77ea450480538e3a29160bb8a5d4ed6','\'Title: Intro To Lockpicking
\nWhen: Friday, Aug 6, 14:15 - 14:45 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220846),('2_Friday','16','16:15','16:45','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_5b12f4d58e7526e64ad2fdb28a9b818d','\'Title: Intro To Lockpicking
\nWhen: Friday, Aug 6, 16:15 - 16:45 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220847),('3_Saturday','10','10:00','10:30','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_57951f12b56c789f8edb633eaecfc058','\'Title: Intro To Lockpicking
\nWhen: Saturday, Aug 7, 10:00 - 10:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220848),('3_Saturday','12','12:00','12:30','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_cbdcd05234236e5e8a6e2599dbb10188','\'Title: Intro To Lockpicking
\nWhen: Saturday, Aug 7, 12:00 - 12:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220849),('3_Saturday','14','14:15','14:45','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_6ee8e061276b7a13befb1f8bceace1e2','\'Title: Intro To Lockpicking
\nWhen: Saturday, Aug 7, 14:15 - 14:45 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220850),('3_Saturday','16','16:15','16:45','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_d2bcfc99a920740ac8ed258995f8dc1a','\'Title: Intro To Lockpicking
\nWhen: Saturday, Aug 7, 16:15 - 16:45 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220851),('4_Sunday','10','10:00','10:30','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_2de12a724f118b9246800a815b849eb7','\'Title: Intro To Lockpicking
\nWhen: Sunday, Aug 8, 10:00 - 10:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220852),('4_Sunday','12','12:00','12:30','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_60b4e038331b471766da1265f0f39a3b','\'Title: Intro To Lockpicking
\nWhen: Sunday, Aug 8, 12:00 - 12:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220853),('4_Sunday','14','14:15','14:45','N','LPV','','\'Intro To Lockpicking\'','\'TOOOL\'','LPV_7ce4e5a0fdb2f53fc1fd18af2fa3dd81','\'Title: Intro To Lockpicking
\nWhen: Sunday, Aug 8, 14:15 - 14:45 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220854),('2_Friday','11','11:00','11:50','N','LPV','','\'Key Duplication - It\'s not just for the movies!\'','\'Tony Virelli\'','LPV_c7b9e04a8f18d1dacd673a8ee4f0352b','\'Title: Key Duplication - It\'s not just for the movies!
\nWhen: Friday, Aug 6, 11:00 - 11:50 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:Tony Virelli\n
\nNo BIO available
\n\n
\nDescription:
\nHave you ever seen someone just walking around with a key hanging on their belt? How about a wall of keys behind a security desk? Better yet, has anyone you know every posted a picture of the keys to the new home they just bought? Well, what if you could take a picture and easily duplicate that key with a 3D Printer? Sound like something from a James Bond film? Well it\'s not! Better yet, if you can just get a moment alone with a key, you can get an imprint of it in less than 2 minutes, return the key to the owner and then cast a duplicate of that key for later use.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220855),('2_Friday','17','17:00','17:45','N','LPV','','\'Law School for Lockpickers\'','\'Preston Thomas\'','LPV_93a1f2dff646671eee04fb14e9771d94','\'Title: Law School for Lockpickers
\nWhen: Friday, Aug 6, 17:00 - 17:45 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:Preston Thomas\n
\nNo BIO available
\n\n
\nDescription:
\nNo, Virginia, lockpicks aren\'t \"illegal\". Like lockpicking itself, the law of lockpicking is esoteric, widely misunderstood, and occasionally a source of hilarity when interpreted by outsiders. Class is in session as practicing attorney and former TOOOL Board member Preston Thomas hosts a lighthearted law school for locksporters, laying out the legal logic, busting myths, and telling stories. Expect raucous Q&A, real talk, and absolutely zero legal advice.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220856),('2_Friday','15','15:00','15:30','N','LPV','','\'Doors, Cameras, and Mantraps OH MY!\'','\'Dylan The Magician\'','LPV_fd68f15d1712230a6e887ba118c84eca','\'Title: Doors, Cameras, and Mantraps OH MY!
\nWhen: Friday, Aug 6, 15:00 - 15:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:Dylan The Magician\n
\nNo BIO available
\n\n
\nDescription:
\nLockpicking, door bypassing, and physical security are among the more eye catching components of an on premises risk assessment. It always draws the most questions and gets the most staff popping over to see what\'s going on. I suppose it\'s because the physical space is personal, it isn\'t digital and hence it draws more focus. I do on premises risk assessment and I want to tell you a bit about how the process goes with my company and share my personal philosophies on how I do my engagements. What I hope to gain is a stronger focus on Physical Security, or PhysSec, in the Cybersecurity domain.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220857),('3_Saturday','11','11:00','11:30','N','LPV','','\'Hybrid PhySec tools - best of both worlds or just weird?\'','\'d1dymu5\'','LPV_f92b43a1fe0ab60ae1c9c81a9b3830b4','\'Title: Hybrid PhySec tools - best of both worlds or just weird?
\nWhen: Saturday, Aug 7, 11:00 - 11:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:d1dymu5\n
\nNo BIO available
\n\n
\nDescription:
\nA few years ago, I invented lock pick collar stays (#GentlemansLockPicks). Since then, I\'ve had some other ideas of practical, small-form factored lockpicking and bypass tools that I can easily carry. I came up with a few ideas. I\'ll talk about inspiration, designing, manufacturing, and possible collab projects.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220858),('3_Saturday','13','13:00','13:59','N','LPV','','\'How I defeated the Western Electric 30c\'','\'Nâˆ…thing\'','LPV_9db1bdd236f5c1f462f853572123b596','\'Title: How I defeated the Western Electric 30c
\nWhen: Saturday, Aug 7, 13:00 - 13:59 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:Nâˆ…thing\n
\nNo BIO available
\n\n
\nDescription:
\nI will take you through my thoughts, motivation and techniques on how I defeated the infamous Western Electric 30c.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220859),('3_Saturday','15','15:00','15:30','N','LPV','','\'The Coat Hanger Talk: A Noob\'s Look Into the Thieves World\'','\'De\'','LPV_25f53a4686612b7a3b49267d83756b9f','\'Title: The Coat Hanger Talk: A Noob\'s Look Into the Thieves World
\nWhen: Saturday, Aug 7, 15:00 - 15:30 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:De\n
\nNo BIO available
\n\n
\nDescription:
\nThe talk starts with me describing a typical work environment, and explaining how creativity is a fundamental for the LPV. I, As a noob, steps into the shoes of a broad audience and explains how creativity is a huge issue when it comes to basic security, both physical, with locks, and a bit with software.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220860),('4_Sunday','11','11:00','11:50','N','LPV','','\'Safecracking for Everyone!\'','\'Jared Dygert\'','LPV_d9a24fd76dcf3e6d03db0732a2ada147','\'Title: Safecracking for Everyone!
\nWhen: Sunday, Aug 8, 11:00 - 11:50 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:Jared Dygert\n
\nNo BIO available
\n\n
\nDescription:
\nSafecracking is one of the more obscure type of lock in locksport. However, in most cases they can be manipulated without the need for any tools and opened in 5 minutes. This talk will get you an understanding of how that\'s done and started on your path to cracking your first safe!
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220861),('4_Sunday','13','13:00','13:59','N','LPV','','\'Bobby Pins, More Effective Than Lockpicks?\'','\'John the Greek\'','LPV_b231867cfe90f36eb23d0e50f9dc67e6','\'Title: Bobby Pins, More Effective Than Lockpicks?
\nWhen: Sunday, Aug 8, 13:00 - 13:59 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:John the Greek\n
\nNo BIO available
\n\n
\nDescription:
\nWhen should you not have picks in your pocket? Answer, never... but \nThis course will present to the novice and the less prepared suggestions for improvising lockpicks when the proper tools are not on hand as well as techniques of bypass that are more effective than trying to pick a lock especially when you don\'t have the proper tools on hand. This class is ideal for our current situation! Those interested should look around their locations for the following:\n

Bobby pins
\nPaper clips (big ones)
\nPocket clips from ink pens (Pilot rollerball)\nOld Wind Shield Wipers
\nSpark Plug Gappers
\nBra Underwire\n

... and my favorite
\nStreet cleaner bristles\n

\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220862),('4_Sunday','15','15:00','15:59','N','LPV','','\'Intro to high security locks and lockpicking\'','\'Nâˆ…thing\'','LPV_49ad4335bcb4af767f1ab2f21e836eee','\'Title: Intro to high security locks and lockpicking
\nWhen: Sunday, Aug 8, 15:00 - 15:59 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:Nâˆ…thing\n
\nNo BIO available
\n\n
\nDescription:
\nThis is a quick introduction to high security locks, what they are, what they look like and how to get started defeating them.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220863),('2_Friday','10','10:00','10:45','N','RCV','','\'Recon Village Keynote\'','\'Ben S\'','RCV_c171d6dc6f0ab15bc03f9ca7c58d0f2a','\'Title: Recon Village Keynote
\nWhen: Friday, Aug 6, 10:00 - 10:45 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Ben S\n
\nNo BIO available
\nTwitter: @nahamsec
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220864),('2_Friday','10','10:55','11:25','N','RCV','','\'Using Passive DNS for gathering Business Intelligence\'','\'Andy Dennis\'','RCV_2301744dd6ad860466ee4a59ae877427','\'Title: Using Passive DNS for gathering Business Intelligence
\nWhen: Friday, Aug 6, 10:55 - 11:25 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Andy Dennis\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220865),('2_Friday','11','10:55','11:25','Y','RCV','','\'Using Passive DNS for gathering Business Intelligence\'','\'Andy Dennis\'','RCV_2301744dd6ad860466ee4a59ae877427','\'\'',NULL,220866),('2_Friday','11','11:35','12:05','N','RCV','','\'So You Want to OPSEC, Eh?\'','\'Ritu Gill\'','RCV_8340b83f4f76b82eda3f7fc418c6a717','\'Title: So You Want to OPSEC, Eh?
\nWhen: Friday, Aug 6, 11:35 - 12:05 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Ritu Gill\n
\nNo BIO available
\nTwitter: @OSINTtechniques
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220867),('2_Friday','12','11:35','12:05','Y','RCV','','\'So You Want to OPSEC, Eh?\'','\'Ritu Gill\'','RCV_8340b83f4f76b82eda3f7fc418c6a717','\'\'',NULL,220868),('2_Friday','12','12:15','12:59','N','RCV','','\'OSINT and the Hermit Kingdom. Leveraging online sources to learn more about the worlds most secret nation\'','\'Nick Roy\'','RCV_b7a3f5badf0b70ea90c12dca21b79bab','\'Title: OSINT and the Hermit Kingdom. Leveraging online sources to learn more about the worlds most secret nation
\nWhen: Friday, Aug 6, 12:15 - 12:59 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Nick Roy\n
\nNick Roy (Twitter: @superducktoes) currently works for a global security vendor creating training content and researching new attacker patterns and techniques. Previously he worked at an automation platform startup teaching people about the joys and benefits of automation. While not working he lives in Boston with his wife and two cats hunting out the best dive bars in Boston and solving math problems on college chalkboards overnight.\n
\nTwitter: @superducktoes
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220869),('2_Friday','14','14:00','14:30','N','RCV','','\'Finding Hidden Gems via URL Shortener Services\'','\'Utku Sen\'','RCV_b418e5100e422dc07d6058e1eec39665','\'Title: Finding Hidden Gems via URL Shortener Services
\nWhen: Friday, Aug 6, 14:00 - 14:30 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Utku Sen\n
\nNo BIO available
\nTwitter: @utkusen
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220870),('2_Friday','14','14:40','15:10','N','RCV','','\'Using OSINT to Aid in Human Trafficking and Smuggling Cases\'','\'Rae\'','RCV_43c264b53a2602a5edf9361319978c24','\'Title: Using OSINT to Aid in Human Trafficking and Smuggling Cases
\nWhen: Friday, Aug 6, 14:40 - 15:10 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Rae\n
\nNo BIO available
\nTwitter: @wondersmith_rae
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220871),('2_Friday','15','14:40','15:10','Y','RCV','','\'Using OSINT to Aid in Human Trafficking and Smuggling Cases\'','\'Rae\'','RCV_43c264b53a2602a5edf9361319978c24','\'\'',NULL,220872),('2_Friday','15','15:20','16:05','N','RCV','','\'Venator: Hunting & Smashing Trolls on Twitter\'','\'Mauro CÃ¡seres Rozanowski\'','RCV_23b344360a7796e13dd279c3aee15d6e','\'Title: Venator: Hunting & Smashing Trolls on Twitter
\nWhen: Friday, Aug 6, 15:20 - 16:05 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Mauro CÃ¡seres Rozanowski\n
\nMauro Eldritch is an Argentine Hacker & Speaker, Founder of BCA and DC5411. He was a Speaker at DEF CON (six times!), ROADSEC (LATAMâ€™s biggest security conference), DEVFEST Siberia, DragonJAR Colombia (biggest spanish-speaking conference in LATAM), P0SCON Iran, Texas Cyber Summit and EC-Council Hacker Halted among other conferences (25+).\n

\nTwitter: @mauroeldritch
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220873),('2_Friday','16','15:20','16:05','Y','RCV','','\'Venator: Hunting & Smashing Trolls on Twitter\'','\'Mauro CÃ¡seres Rozanowski\'','RCV_23b344360a7796e13dd279c3aee15d6e','\'\'',NULL,220874),('2_Friday','16','16:15','16:45','N','RCV','','\'People Hunting: A Pentesters Perspective\'','\'Mishaal Khan\'','RCV_0b5ae9ebabfe34a8bb97a4c242d0f75b','\'Title: People Hunting: A Pentesters Perspective
\nWhen: Friday, Aug 6, 16:15 - 16:45 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Mishaal Khan\n
\nNo BIO available
\nTwitter: @mish3alkhan
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220875),('3_Saturday','10','10:00','10:30','N','RCV','','\'Adversary Infrastructure Tracking with Mihari\'','\'Manabu Niseki\'','RCV_ca53502d886be36311eb129288c5f3cf','\'Title: Adversary Infrastructure Tracking with Mihari
\nWhen: Saturday, Aug 7, 10:00 - 10:30 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Manabu Niseki\n
\nNo BIO available
\nTwitter: @ninoseki
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220876),('3_Saturday','10','10:40','11:10','N','RCV','','\'The Bug Hunterâ€™s Recon MethodologyÂ \'','\'Tushar Verma\'','RCV_dadb87d819683922f30b0b4f3d891ea7','\'Title: The Bug Hunterâ€™s Recon MethodologyÂ
\nWhen: Saturday, Aug 7, 10:40 - 11:10 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Tushar Verma\n
\nNo BIO available
\nTwitter: @e11i0t_4lders0n
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220877),('3_Saturday','11','10:40','11:10','Y','RCV','','\'The Bug Hunterâ€™s Recon MethodologyÂ \'','\'Tushar Verma\'','RCV_dadb87d819683922f30b0b4f3d891ea7','\'\'',NULL,220878),('3_Saturday','11','11:20','11:50','N','RCV','','\'Can I Make My Own Social Threat Score?\'','\'MasterChen\'','RCV_dcaccee2d288c9dc1e5995430975dddc','\'Title: Can I Make My Own Social Threat Score?
\nWhen: Saturday, Aug 7, 11:20 - 11:50 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:MasterChen\n
\nNo BIO available
\nTwitter: @chenb0x
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220879),('3_Saturday','12','12:00','12:45','N','RCV','','\'Let the bugs come to me - how to build cloud-based recon automation at scale\'','\'Ryan Elkins\'','RCV_8d97ffa094ad5722a31296695d26870c','\'Title: Let the bugs come to me - how to build cloud-based recon automation at scale
\nWhen: Saturday, Aug 7, 12:00 - 12:45 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Ryan Elkins\n
\nNo BIO available
\nTwitter: @ryanelkins
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220880),('3_Saturday','14','14:00','14:30','N','RCV','','\'How vigilant researchers can uncover APT attacks for fun and non profit\'','\'Ladislav Baco\'','RCV_d78863aa9b4eefbb8a997c3f368ce767','\'Title: How vigilant researchers can uncover APT attacks for fun and non profit
\nWhen: Saturday, Aug 7, 14:00 - 14:30 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Ladislav Baco\n
\nNo BIO available
\nTwitter: @ladislav_b
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220881),('3_Saturday','14','14:40','15:10','N','RCV','','\'.GOV DoppelgÃ¤nger: Your HÃ¤x Dollars at Work\'','\'Anthony Kava\'','RCV_8b86c9a81c3bdc198319e47685cb5bcc','\'Title: .GOV DoppelgÃ¤nger: Your HÃ¤x Dollars at Work
\nWhen: Saturday, Aug 7, 14:40 - 15:10 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Anthony Kava\n
\nNo BIO available
\nTwitter: @anthonykava
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220882),('3_Saturday','15','14:40','15:10','Y','RCV','','\'.GOV DoppelgÃ¤nger: Your HÃ¤x Dollars at Work\'','\'Anthony Kava\'','RCV_8b86c9a81c3bdc198319e47685cb5bcc','\'\'',NULL,220883),('3_Saturday','15','15:20','16:05','N','RCV','','\'OSINT for Sex Workers\'','\'Kala Kinyon\'','RCV_dcf6126f86541e653eb22aa09b66fb50','\'Title: OSINT for Sex Workers
\nWhen: Saturday, Aug 7, 15:20 - 16:05 PDT
\nWhere: Recon Village (Virtual)
\n
SpeakerBio:Kala Kinyon\n
\nNo BIO available
\nTwitter: @TankKala
\n\n
\nDescription:No Description available
\n
Recon Village talks will stream to YouTube.\n

\'',NULL,220884),('3_Saturday','16','15:20','16:05','Y','RCV','','\'OSINT for Sex Workers\'','\'Kala Kinyon\'','RCV_dcf6126f86541e653eb22aa09b66fb50','\'\'',NULL,220885),('1_Thursday','17','17:00','16:59','N','BCV','','\'COSTA (Coinbase Secure Trait Analyzer)\'','\'Peter Kacherginsky\'','BCV_4e8e616befd5f4b4f0e7c1a0467214de','\'Title: COSTA (Coinbase Secure Trait Analyzer)
\nWhen: Thursday, Aug 5, 17:00 - 16:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Peter Kacherginsky\n, Founder OpenBlockSec project
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,220886),('2_Friday','13','13:00','13:20','N','LPV','','\'Are We Still Doing it? 10 Locksport Hobbies that go Beyond Lock Picking\'','\'Lock Noob\'','LPV_02fde4f4644541a2c223292aaa396997','\'Title: Are We Still Doing it? 10 Locksport Hobbies that go Beyond Lock Picking
\nWhen: Friday, Aug 6, 13:00 - 13:20 PDT
\nWhere: Lock Pick Village (Virtual)
\n
SpeakerBio:Lock Noob\n
\nNo BIO available
\n\n
\nDescription:
\nThere is so much more to locksport than just lock picking. In this presentation I look at 10 inspiring locksport hobbies that every lock picker should try! From key casting to tool making, from impressioning to making jewellery and many more, you will be surprised by the range and depth of the skills you can choose from.
\n
Lock Pick Village will be streaming their activities to Twitch and YouTube.\n

\'',NULL,220887),('1_Thursday','10','10:00','10:59','N','PYV','','\'Welcome to the Payment Village\'','\'\'','PYV_b2c81f264e6d2c3c06b739116e1d118c','\'Title: Welcome to the Payment Village
\nWhen: Thursday, Aug 5, 10:00 - 10:59 PDT
\nWhere: Payment Village (Virtual)
\n
\nDescription:No Description available
\n
Payment Village events will stream to Twitch and YouTube.\n

--\n

YouTube: https://www.youtube.com/c/PaymentVillage\n

\'',NULL,220888),('2_Friday','10','10:00','10:59','N','PYV','','\'ATM Transaction Reversal Frauds (And how to fight them)\'','\'Hector Cuevas Cruz\'','PYV_d5c2f4fcd8fbfc6e49de5c38ef1daa86','\'Title: ATM Transaction Reversal Frauds (And how to fight them)
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: Payment Village (Virtual)
\n
SpeakerBio:Hector Cuevas Cruz\n
\nNo BIO available
\n\n
\nDescription:
\nTransaction Reversal Frauds (TRF) are a type of attack that doesn\'t require a malware, complex physical attacks or even opening an ATM, instead they abuse some business and operational rules defined by the financial institutions to cash-out an ATM. This presentation describe what Transaction Reversal Frauds are, why this type of attacks are on rise and more important, how to detect them through an integral analysis of journaling and some other logs
\n
Payment Village events will stream to Twitch and YouTube.\n

--\n

YouTube: https://www.youtube.com/c/PaymentVillage\n

\'',NULL,220889),('2_Friday','11','11:00','11:59','N','PYV','','\'Racing cryptoexchanges or how I manipulated the balances\'','\'Vahagan Vardanyan\'','PYV_d25663139254f1dfdad2ea4cfd797074','\'Title: Racing cryptoexchanges or how I manipulated the balances
\nWhen: Friday, Aug 6, 11:00 - 11:59 PDT
\nWhere: Payment Village (Virtual)
\n
SpeakerBio:Vahagan Vardanyan\n
\nNo BIO available
\n\n
\nDescription:
\nA talk on race condition vulnerabilities detected on large cryptocurrency exchanges and made it possible to manipulate the balance.
\n
Payment Village events will stream to Twitch and YouTube.\n

--\n

YouTube: https://www.youtube.com/c/PaymentVillage\n

\'',NULL,220890),('2_Friday','12','12:00','12:59','N','PYV','','\'Automated Tear Machines\'','\'Meadow Ellis\'','PYV_7880eeb7ec618976a82c154b35d38e8a','\'Title: Automated Tear Machines
\nWhen: Friday, Aug 6, 12:00 - 12:59 PDT
\nWhere: Payment Village (Virtual)
\n
SpeakerBio:Meadow Ellis\n
\nNo BIO available
\n\n
\nDescription:
\nShort, yet packed with information talk about why ATMs are bad, why they are a literal magnet for criminals, what types of attacks do actually happen and why it is so bloody hard to do any kind of research on them, unless you are a criminal. I won\'t bore you with stuff you can read on Wikipedia but rather give you an overview of terms, parts and crazy things people do to either get the money out of you or out of an ATM itself. And, what can you do to try and protect yourself and what to do when you see something \'that doesn\'t look right\'. Don\'t tear off the magstripe from your card, though.
\n
Payment Village events will stream to Twitch and YouTube.\n

--\n

YouTube: https://www.youtube.com/c/PaymentVillage\n

\'',NULL,220891),('2_Friday','13','13:00','13:59','N','PYV','','\'What happens when businesses decide to enroll cryptocurrency cards\'','\'Timur Yunusov\'','PYV_88b0fd3778547dac960e3b73bd48ca06','\'Title: What happens when businesses decide to enroll cryptocurrency cards
\nWhen: Friday, Aug 6, 13:00 - 13:59 PDT
\nWhere: Payment Village (Virtual)
\n
SpeakerBio:Timur Yunusov\n
\nNo BIO available
\n\n
\nDescription:
\nCryptocurrencies are the new black. They are everywhere, and even your grandparents may now be gossiping about them. In this talk we will make an overview of risks that your brand new cryptocurrency card may carry with it.
\n
Payment Village events will stream to Twitch and YouTube.\n

--\n

YouTube: https://www.youtube.com/c/PaymentVillage\n

\'',NULL,220892),('2_Friday','10','10:00','10:30','N','VMV','','\'Voting Village Logistical Information Broadcast (Discord, Youtube, Twitch)\'','\' \'','VMV_e0b19620ead777126d0b11097dd164bc','\'Title: Voting Village Logistical Information Broadcast (Discord, Youtube, Twitch)
\nWhen: Friday, Aug 6, 10:00 - 10:30 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
\nDescription:
\nInformation on how to follow the live conversation on our discord channel
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220893),('2_Friday','10','10:30','10:59','N','VMV','','\'Hacking to Save Democracy: What Technologists Need to Know About Election Administration\'','\'Eddie Perez\'','VMV_c43381943ace1e54af5a2533cbdee014','\'Title: Hacking to Save Democracy: What Technologists Need to Know About Election Administration
\nWhen: Friday, Aug 6, 10:30 - 10:59 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Eddie Perez\n
\nEddie Perez is the Global Director of Technology Development & Open Standards for the Open Source Election Technology Institute. He is a principal liaison to the TrustTheVote Project\'s election officials\' stakeholder community.\n

Eddie has a wealth of expertise in election systems design, implementation, security, usability, and standards. A veteran of the commercial election technology industry, he formerly served as director of product management for one of the three major voting systems vendors in the U.S. Now, Eddie utilizes his skills to drive open source voting technology design, as well as federal and state certification for open source technologies, and voter education initiatives.\n

Eddie is a regular contributor to media outlets from MSNBC news to Fox News, including The Washington Post, Associated Press, and POLITICO, to name a few. He is also an NBC News contributing elections analyst on topics of technology, practices, security, and public policy. \n

Eddie speaks to policy leaders on election technology and administration, and has given testimony to several agencies and government bodies including the U.S. Election Assistance Commission and The National Conference of State Legislatures.\n

Eddie is co-inventor of two U.S. patents in voting technology.\n

Edward is on Twitter at @eddieperezTX with contributions via @OSET and @TrustTheVote\n

\nTwitter: @eddieperezTX
\n\n
\nDescription:
\nNo technology is more consequential to democracy than election technology. When it\'s done well, election technology undergirds democracy and ensures that even the losers of elections respect the result. When it\'s done poorly, trust in democracy erodes and even the most powerful countries are shaken to their cores. \n

Time to panic? No, itâ€™s time to roll up our sleeves!\n

Where others might despair, we see a golden opportunity! At no other time in our history have so many Americans of all political stripes been so focused on election integrity. We want security-minded, tech-savvy people of all genders, races, creeds, and political stripes to step up. And if weâ€™re going to lower the temperature and bolster public confidence in election integrity, itâ€™s critical to understand how elections are actually run, and how election technology is used. Election administration is a complex profession limited by law, policy, and specific practices.\n

Whether youâ€™re new to election security, or an experienced practitioner, this presentation is a snapshot of the operating environment for election technology. Our goal is to help you learn what to anticipate, and how best to apply your technology skills in defense of democracy. Together, we can enhance election integrity and help to ensure that accurate information gets widely shared, and misinformation does not.\n

\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220894),('2_Friday','11','11:00','11:30','N','VMV','','\'A Deep Dive on Vulnerability Disclosure for Election Systems\'','\'Tod Beardsley\'','VMV_e55b0b9463c18bc7ffa3e84a9749ed77','\'Title: A Deep Dive on Vulnerability Disclosure for Election Systems
\nWhen: Friday, Aug 6, 11:00 - 11:30 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Tod Beardsley\n
\nTod Beardsley is the Director of Research at Rapid7. He has over 30 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Today, Tod directs the security research program at Rapid7, is a zealous advocate for coordinated vulnerability disclosure, is a CVE Board member, is a contributing author to a number of research papers produced by Rapid7, and is often a Travis County Election Judge in Texas. Because of this last qualifier, it is permissible to address him as â€œYour Honor.â€
\n\n
\nDescription:
\nThe norms and practices of vulnerability disclosure among voting machine manufacturers and election infrastructure providers have radically changed since the first Voting Machine Hacking Village of DEFCON 25. In just a few short years, private companies in the election services sector have matured from recalcitrant, close-lipped antagonists to active and willing participants in coordinated vulnerability disclosure (CVD) with published vulnerability disclosure programs (VDPs). And yet, truly unbelievable claims about voting security have risen to the fore, and as a result, the public imagination around how cybersecurity works and what are realistic threats to election integrity seems more fanciful than ever. In this short presentation, we will explore how CVD works for voting machines and other election systems, provide guidance on how well-meaning, virtuous hackers can best interface with this niche but crucial industry, and how we can all do our part to bring some reason and rigor to the practice of information security when it comes to one of our most important institutions.
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220895),('3_Saturday','10','10:30','10:59','N','VMV','','\'Secrets of Social Media PsyOps\'','\'BiaSciLab\'','VMV_d28a70a0ee7b2094adf174f8e51988b8','\'Title: Secrets of Social Media PsyOps
\nWhen: Saturday, Aug 7, 10:30 - 10:59 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:BiaSciLab\n
\nBiaSciLab is a 14 year old hacker and maker. She was the youngest speaker at H.O.P.E. and has spoken at DEF CON in the Voting Village, Bio Hacking Village and the r00tz Asylum kids con. She has spoken internationally on election security at DefCamp in Romania. She also received national attention when she hacked the election reporting system at DEF CON 26, this work was recently highlighted at the Congressional Hearing on Election Security. This inspired her to build her own election system, Secure Open Vote.\n

BiaSciLab is also the Founder and CEO of Girls Who Hack, an organization focused on teaching girls the skills of hacking so that they can change the future. She enjoys inventing things, giving talks and teaching classes on making, programming and hacking. Follow her on twitter @BiaSciLab @GirlsWhoHack @SecureOpenVote or check out her websites www.BiaSciLab.com www.GirlsWhoHack.com www.SecureOpenVote.com\n

\nTwitter: @BiaSciLab
\n\n
\nDescription:
\nPsychological Warfare through social media is one of the most powerful weapons in today\'s political battlefield. PsyOps groups have figured out how to sharpen the blade through algorithms and targeted advertising. Nation states are using PsyOps to influence the citizens of their enemies, fighting battles from behind the keyboard. In this talk, BiaSciLab with cover a brief history of PsyOps and how it has been used both on the battlefield and the political stage. Followed by a dive deep into how it works on the mind and how PsyOps groups are using social media to influence the political climate and elections worldwide.
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220896),('2_Friday','12','12:00','12:10','N','VMV','','\'A Journalistâ€™s Perspective on Fake News\'','\'Bob Sullivan\'','VMV_caf10b18ff8d80841e7243cdbfd47843','\'Title: A Journalistâ€™s Perspective on Fake News
\nWhen: Friday, Aug 6, 12:00 - 12:10 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Bob Sullivan\n
\nBob Sullivan is a veteran journalist and the author of five books, including New York Times Best-Sellers, Gotcha Capitalism and Stop Getting Ripped Off! He has won the Society of Professional Journalists Public Service Award, a Peabody award, a Carnegie Mellon University CyLab Cybersecurity Journalism Award, and the Consumer Federation of America Betty Furness Consumer Media Service Award. He spent nearly two decades working at MSNBC.com and NBC News, and he still appears on TODAY, NBC Nightly News, and CNBC. Heâ€™s now a syndicated columnist and frequent TV guest. He is also host of AARPâ€™s The Perfect Scam podcast, co-host of the podcast / audio documentary â€œBreachâ€œ, which examines historyâ€™s biggest hacking stories, and co-host of the podcast â€œSo, Bob,â€ which tackles stories about the unintended consequences of technology. His latest podcast is called Debugger, exploring issues at the intersection of technology and democracy, produced in cooperation with Duke Universityâ€™s Sanford School of Public Policy and the Kenan Institute for Ethics.\n

He holds a masterâ€™s degree in journalism from the University of Missouri and degrees in history and mathematics from Fairfield University. He is on the advisory board of the University of Georgia journalism schoolâ€™s Cox Institute for Media Innovation and is a mentor/editor at the Op-Ed Project.\n

\n\n
\nDescription:
\nWhy pseudo-events led to fake news.
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220897),('2_Friday','12','12:30','12:59','N','VMV','','\'Are Barcodes on Ballots Bad?Â \'','\'Kevin Skoglund\'','VMV_3d1ff96cae99fb0c0c380e2a1eaf3ef9','\'Title: Are Barcodes on Ballots Bad?Â
\nWhen: Friday, Aug 6, 12:30 - 12:59 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Kevin Skoglund\n
\nKeâ€‹â€‹vin Skoglund is a digital security and election technology expert, and the President and Chief Technologist for Citizens for Better Elections, a non-profit, non-partisan group advocating for evidence-based elections. Kevin serves on the Board of Advisors for Verified Voting, participates in the NIST Voting System Cybersecurity Working Group which develops national guidelines for U.S. voting systems, and is a designated speaker on election security for the U.S. Department of State. His past work includes advising nonprofits, counties, cities, and members of the U.S. Congress on voting system technology and election legislation, researching security vulnerabilities, and identifying voting systems connected to the internet. Kevin is also a Judge of Election (chief poll worker) in Pennsylvania. Outside of his election work, Kevin has been a programmer, consultant, and teacher for over 20 years.
\n\n
\nDescription:
\nThis presentation focuses on the use of barcodes on ballots, specifically barcodes on ballots that store vote selections. Skoglund teaches us how voting systems store votes and barcodes, explains how to decode them, and explores their attack surface from a security perspective. Through close examination of three examples (ES&S ExpressVote, Dominion ImageCast X, Unisyn Freedom Vote Tablet), the presentation explains potential attacks, and highlights detection and mitigation strategies.
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220898),('2_Friday','13','13:00','13:30','N','VMV','','\'Hack the Conspiracies\'','\'Barb Byrum\'','VMV_efd7a1bd9c4740e6fe67bb096809e3cc','\'Title: Hack the Conspiracies
\nWhen: Friday, Aug 6, 13:00 - 13:30 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Barb Byrum\n
\nBarb Byrum is currently in her third term as Ingham County Clerk, serving as the countyâ€™s chief elections official. As Clerk of one of the most populous counties in the State of Michigan, Byrum has successfully conducted 27 elections, 4 union elections, and the 2016 Presidential Recount. Since 2016, Byrum has been credentialed as a Certified Elections/Registration Administrator by Election Center, the only national program of continuing professional education that specializes in elections administration and voter registration. In 2017, she served on Election Centerâ€™s Security Task Force. \n

Byrum has previously served on Michiganâ€™s Election Security Commission, the Secretary of Stateâ€™s team of advisors tasked with strengthening and better securing elections in the state. Byrum has been a consistent advocate for the voting rights of qualified registered voters, with a focus on voting rights of military and overseas voters. Byrum serves on the Overseas Voting Initiative, which is a joint effort by the Federal Voting Assistance Program and Council of State Governments. As a member of the Initiative, Byrum met with military service members in San Diego, California in March 2019, Puerto Rico in December of 2019 and continues to have military and overseas votersâ€™ interests in mind, when advocating for increased access to the ballot.\n

Byrum graduated from Michigan State University with a Bachelor of Science degree in agribusiness management. She also holds a law degree from the MSU College of Law.\n

Byrum previously served three terms as a Michigan State Representative. During her time in the Legislature, Byrum served as the ranking Democrat on the House Committee on Redistricting and Elections.\n

\n\n
\nDescription:
\nThe conspiracy theories surrounding the November 2020 General Election have had a profound and significant impact on the American people but the devastating damage done to the integrity of our elections will take years to repair. This has resulted in death threats, attacks, and shows of force against our election workers, armed protests that turned violent and legislation that would take states backward to a time when America more blatantly disenfranchised certain groups and demographics of voters. The result is that many qualified election administrators are leaving the profession for positions where their lives are not in danger.\n

We must fight back against disinformation and the misinformation relating to our elections and those that would seek to speak fear and lies. We must pledge to push back on those lies and that disinformation in the media and online at every opportunity. We must work together on our elections to make sure that they are safe and secure as they can possibly be. Together, we can hack the conspiracies and take back our democracy.\n

\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220899),('2_Friday','13','13:30','13:59','N','VMV','','\'Kickoff Remarks (recorded in-person in Las Vegas)\'','\'Harri Hursti\'','VMV_eb8bc041b5eed0991b971ba28118c0d3','\'Title: Kickoff Remarks (recorded in-person in Las Vegas)
\nWhen: Friday, Aug 6, 13:30 - 13:59 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Harri Hursti\n
\nCo-Founder, DEF CON Voting Village; Founding Partner, Nordic Innovation Labs\n

Harri Hursti is considered one of the worldâ€™s foremost experts on the topic of electronic voting security, having served in all aspects of the industry sector. He is considered an authority on uncovering critical problems in electronic voting systems worldwide.\n

As a consultant, he has conducted and co-authored many studies, both academic and commercial, on various election systemsâ€™ data security and vulnerability. These studies have come at the request of officials, legislators and policy makers in 5 countries; including the U.S. government, at both the state and federal level.\n

\n\n
\nDescription:
\nRecorded live in Las Vegas this morning and rebroadcast.
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220900),('3_Saturday','10','10:00','10:30','N','VMV','','\'Voting Village Keynote Remarks\'','\'Thomas Hicks\'','VMV_cfbb51e4506e8093913564499c55c72c','\'Title: Voting Village Keynote Remarks
\nWhen: Saturday, Aug 7, 10:00 - 10:30 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Thomas Hicks\n
\nThomas Hicks was nominated by President Barack H. Obama and confirmed by unanimous consent of the United States Senate on December 16, 2014 to serve on the U.S. Election Assistance Commission (EAC). He has served as chairman of the commission for two terms.\nCommissioner Hicks has focused his efforts on voter access. Under his leadership, the EAC developed a pocket-sized voter card that serves as a guide on voting rights for voters with disabilities. The card is provided in both Braille and large print. The EAC has worked with advocacy groups and election officials to distribute the card.\n

In addition, Mr. Hicks has addressed the difficulties overseas voters have when requesting and returning their ballots, such as dealing with foreign IP addresses and issues with timely ballot delivery. He worked with key states to set up a help desk. Now, overseas voters receive an email response directing them to the help desk to obtain their ballots.\n

He serves as the designated federal officer for the Board of Advisors.\n

Mr. Hicks is a frequent speaker at conferences in the United States and overseas on issues such as voter access and cybersecurity.\n

Prior to his appointment with EAC, Commissioner Hicks served as a senior elections counsel and minority elections counsel on the U.S. House of Representatives Committee on House Administration, a position he held from 2003 to 2014. In this role, Mr. Hicks was responsible for issues relating to campaign finance, election reform, contested elections and oversight of both the U.S. Election Assistance Commission and the Federal Election Commission. His primary responsibility was advising and providing guidance to the committee members and caucus on election issues. Mr. Hicks has talked with Americans in every state about their voting experiences. In addition, he has worked with state and local election officials across America to address critical election concerns.\n

Prior to joining the U.S. House of Representatives, Mr. Hicks served as a senior lobbyist and policy analyst from 2001 to 2003 for Common Cause, a nonpartisan, nonprofit organization that empowers citizens to make their voices heard in the political process and to hold their elected leaders accountable to the public interest. Mr. Hicks has enjoyed working with state and local election officials, civil rights organizations and all other stakeholders to improve the voting process.\n

Mr. Hicks served from 1993 to 2001 in the Clinton administration as a special assistant and legislative assistant in the Office of Congressional Relations for the Office of Personnel Management. He served as agency liaison to the United State Congress and the presidentâ€™s administration on matters regarding federal personnel policies and regulations.\n

Mr. Hicks received his J.D. from the Catholic University of America, Columbus School of Law and his B.A. in Government from Clark University (Worcester, MA). He also studied at the University of London (London, England) and law at the University of Adelaide (Adelaide, Australia).\n

\n\n
\nDescription:No Description available
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220901),('2_Friday','11','11:30','11:59','N','VMV','','\'Wireless Odyssey or why is the federal government permitting devices with wireless networking capability in federally certified voting machines?\'','\'Susan Greenhalgh\'','VMV_9648ba70717e57b8ddb46bc2f0ed3f42','\'Title: Wireless Odyssey or why is the federal government permitting devices with wireless networking capability in federally certified voting machines?
\nWhen: Friday, Aug 6, 11:30 - 11:59 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Susan Greenhalgh\n
\nSusan Greenhalgh is the Senior Advisor on Election Security for Free Speech For People. Ms. Greenhalgh has previously served as vice president of programs at Verified Voting and at the National Election Defense Coalition, advocating for secure election protocols, paper ballot voting systems and post-election audits. Recognized as an expert on election security, she has been invited to testify before the U.S. Commission on Civil Rights and has been an invited speaker at meetings of the MITRE Corporation, the National Conference of State Legislatures, the Mid-West Election Officials Conference, the International Association of Government Officials, the Election Verification Network and the E-Vote-ID conference in Bregenz, Austria. She is a frequent source for reporters from The New York Times, The Washington Post, The Wall Street Journal, Politico, USA Today, Associated Press, National Public Radio and other leading news outlets. She has appeared on CNN and MSNBCâ€™s The Rachel Maddow Show, and various other television news shows. She has a BA in Chemistry from the University of Vermont.
\n\n
\nDescription:
\nIn February, the U.S. Election Assistance Commission (EAC) passed new voting system standards, the federal voluntary voting system guidelines or VVSG 2.0. The new guidelines that were presented to the EAC, voted on, and adopted, had a significant change in them from the guidelines that had gone through the federally mandated public hearing and comment period. The new standards, that had not been vetted publicly, suddenly allowed the\ninclusion of wireless networking devices like modems, chips or radios.\n

This presentation aims to tell the story of how the computer security community successfully advocated for the federal voting system standards to ban all wireless networking capability in federally certified voting systems, only to have the EAC change the publicly vetted version of the standards, in secret, behind closed doors, at the eleventh hour, at the request of the voting system vendors, to allow wireless devices. \n

\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220902),('3_Saturday','11','11:00','11:30','N','VMV','','\'How to Weaponize RLAs to Discredit an Election\'','\'Carsten SchÃ¼rmann\'','VMV_2629b41bdb995754e74d43600ac1f683','\'Title: How to Weaponize RLAs to Discredit an Election
\nWhen: Saturday, Aug 7, 11:00 - 11:30 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Carsten SchÃ¼rmann\n
\nCarsten is a professor in computer science at the IT University of Copenhagen and heads the Center for Information Security and Trust. His research focuses on cyber- and information security, with particular emphasis on election security. He consults with EMBs, governmental, and non-governmental organizations on requirements and quality assurance for election technologies. Carsten is an expert in voting machine security and demonstrated at DefCon 2017 vulnerabilities of the WinVote voting machine. He has conducted experiments with risk-limiting audits in Denmark in 2014. Carsten has participated as core team member (IT expert) in the Carter Center Mission to Kenya 2017 and was part of the IFES Cyber Assessment Week in Ukraine 2018.He has also served as New Voting Technology Analyst for the OSCE Limited Election Observation Mission to the United States in 2018 and the Expert Election Mission to Estonia in 2019. Prior to moving to Denmark, Carsten was a member of the computer science faculty at Yale University. He holds a PhD degree from Carnegie-Mellon University.
\n\n
\nDescription:
\nRisk-limiting audits (RLAs) are widely considered to be the gold standard of election auditing, and there is an implicit assumption that a successful audit will also create confidence among the voters and hence public trust. If this were true, there would be little reason to fear that RLAs could ever be misused in a disinformation campaign. It turns out, however, that this assumption is not necessarily true: In a recent user study to appear this year\'s E-Vote-ID, we show that a significant number of survey participants change their opinion whether to trust an election after they learn the size of the sample needed to complete the RLA. In this talk we argue that even a well-intended correctly conducted RLA can be weaponized in a disinformation campaign.
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220903),('3_Saturday','11','11:30','11:59','N','VMV','','\'High Turnout, Wide Margins\'','\'Brianna Lennon,Eric Fey\'','VMV_2dea6c157de15cc0b25470f43d4bf62c','\'Title: High Turnout, Wide Margins
\nWhen: Saturday, Aug 7, 11:30 - 11:59 PDT
\nWhere: Voting Village (Talks - Virtual)
\nSpeakers:Brianna Lennon,Eric Fey
\n
SpeakerBio:Brianna Lennon\n
\nBrianna Lennon is the County Clerk and local election official for Boone County, Missouri. She holds a Master\'s in Public Policy and a law degree, both from the University of Missouri. Prior to her election as Boone County Clerk, Brianna served as an Assistant Attorney General in the Consumer Protection Division of the Missouri Attorney General\'s Office before joining the Missouri Secretary of State\'s Office under former Secretary Jason Kander. As the Deputy Director of Elections and first coordinator of the Election Integrity Unit in the Secretary of State\'s Office, she worked closely with local election authorities across the state to ensure that elections were simple, secure, and accessible for voters.
\n
SpeakerBio:Eric Fey\n
\nEric Fey is the Director of the St. Louis County Board of Elections in St. Louis, Missouri. Along with a bachelor\'s degree from Webster University in political science, Fey holds a Masterâ€™s in public administration from the University of Missouri-St. Louis with a specialty in election management and has served as a foreign election observer in a range of countries, from the now Russian-occupied territory in Ukraine to Belarus to Kazakhstan to Macedonia.
\n\n
\nDescription:
\nLocal election officials faced unprecedented challenges while administering elections in 2020, from widespread disinformation to COVID-19 safety precautions. Unlike in previous election cycles, though, the global pandemic prevented officials from connecting in person to commiserate, share best practices, and support each other. \n

In December of 2020, the High Turnout Wide Margins podcast launched to fill the void and give administrators an outlet for discussing the nuts and bolts of elections. Co-hosts Brianna Lennon, an elected county clerk in Boone County, Missouri and Eric Fey, an appointed director of elections in St. Louis County, Missouri, talk to subject-matter experts on topics like cybersecurity, disinformation, and elections integrity. In this presentation, Lennon and Fey share key takeaways from these discussions. \n

High Turnout Wide Margins is not a commercial podcast. \n

\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220904),('3_Saturday','12','12:00','12:30','N','VMV','','\'Keeping Your Information Security Policy Up to Date\'','\'Sang-Oun Lee\'','VMV_26437f5ef5e1f0ddc0d4467ee7b145ed','\'Title: Keeping Your Information Security Policy Up to Date
\nWhen: Saturday, Aug 7, 12:00 - 12:30 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Sang-Oun Lee\n
\nSang-Oun Lee is an IT Security Specialist-Compliance at the City of Chicago. Prior to his current position at the City, Mr. Lee served as a cybersecurity policy expert in both public and private sectors. In the public sector, Mr. Lee served two government agencies in the Republic of Korea, Korea Internet & Security Agency and National Security Research Institute respectively. In the private sector, Mr. Lee was a Chief Information & Financial Officer at EPIKAR Inc., a mobility start-up company based in Seoul, Korea. Mr. Lee holds Master of Public Policy from the University of Chicago, Master of Science in Engineering from Seoul National University, Seoul, Korea, and Bachelorâ€™s degree from Waseda University, Tokyo, Japan.
\n\n
\nDescription:
\nInformation security policy (ISP) is the highest directive of the cybersecurity posture of an organization. ISPs play a role by providing a subset of administrative, operational, and technical controls to mitigate omnidirectional cyber risks. Local government, which provides a wide range of public services with various functions, is a double-edged sword. \n

On the one hand, its public impact on every activity is wide enough to influence a far broader audience with multiple interests. On the other hand, this wider audience than private organizations allows salient cyberattacks such as influence operations with social media, conveyance of wrongful policy information, a breach in personal health information (PHI) and privacy, and so forth - protecting a local government is both protection of an organization and its residents. \n

This presentation suggests a method to revise existing ISP to make contributions for ISP staying up-to-date, align to the latest industry standards and regulations to be compliant, and narrowing down newly identified gaps from the local government perspective. \n

\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220905),('3_Saturday','12','12:30','12:59','N','VMV','','\'Social Media Security = Election Security\'','\'Sebastian Bay\'','VMV_e39f7492c2959cce875c186ca89375e6','\'Title: Social Media Security = Election Security
\nWhen: Saturday, Aug 7, 12:30 - 12:59 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Sebastian Bay\n
\nSebastian Bay is a researcher with the Swedish Defense Research Agency specialising in election security and digital harms.
\n\n
\nDescription:
\nDigital disinformation is a significant threat to trusted elections and poses a cybersecurity challenge for social media companies. Fake accounts spread content to authentic users, mislead users, and trick users into believing content is more popular. The global market for media manipulation is extensive and growing - many providers openly market their fake engagement services. \n

Sebastian Bay and his fellow researchers bought fake engagement on Facebook, Instagram, Twitter, Youtube, and Tik Tok to assess the social media companiesâ€™ ability to combat disinformation. This presentation explores their findings, highlights the differences between social media platforms, and provides recommendations for companies and policy makers.\n

\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220906),('3_Saturday','13','13:00','13:30','N','VMV','','\'New Hampshire SB43 Forensic Audit\'','\'Harri Hursti\'','VMV_7f5679e2dc734ab856cbf28fe69139ba','\'Title: New Hampshire SB43 Forensic Audit
\nWhen: Saturday, Aug 7, 13:00 - 13:30 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Harri Hursti\n
\nCo-Founder, DEF CON Voting Village; Founding Partner, Nordic Innovation Labs\n

\n\n
\nDescription:
\nElection security expert Harri Hursti will explain the process and findings from the 2020 post-election audit conducted in Windham, NH.
\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220907),('3_Saturday','13','13:30','13:59','N','VMV','','\'Why Hacking Voters Is Easier Than Hacking Ballots\'','\'Maurice Turner\'','VMV_4e8b7b88c5bad9912099dec5ace10b18','\'Title: Why Hacking Voters Is Easier Than Hacking Ballots
\nWhen: Saturday, Aug 7, 13:30 - 13:59 PDT
\nWhere: Voting Village (Talks - Virtual)
\n
SpeakerBio:Maurice Turner\n
\nMaurice Turner is the Cybersecurity Fellow at the Alliance for Securing Democracy (ASD) at the German Marshall Fund of the United States (GMF). Turner is a recognized public interest technologist and cybersecurity expert focused on developing strategies to secure critical infrastructure and deter cyber operation escalation. He has been regularly featured in national and international media including the Washington Post, Wall Street Journal, Bloomberg, Fox News, and Reuters. He has also provided testimony before the United States Congress, shared his insights with the European Union, and spoken at numerous security conferences. Turner most recently served as Senior Advisor to the Executive Director at the United States Election Assistance Commission (EAC) providing subject matter expertise in support of local, state, and federal partners to administer elections fairly and securely. Prior to that Turner was Deputy Director of the Internet Architecture project at the Center for Democracy & Technology (CDT) where he led the Election Security and Privacy Project, identifying and updating election cybersecurity practices and infrastructure through multi-sector partnerships. Turner also served as a TechCongress Congressional Innovation Fellow assigned to the U.S. Senate Homeland Security and Governmental Affairs Committee, where he shaped policy and oversaw the preparation of memos, briefings, and hearings on federal IT systems, cybersecurity threats, and cybersecurity regulations. \n

He holds an MA in Public Administration from the University of Southern California, an BA in Political Science from California State University Fullerton, and a Certificate in Cybersecurity Strategy from Georgetown University.\n

\n\n
\nDescription:
\nVulnerabilities in US election infrastructure not only expose the nationâ€™s elections to hybrid physical and network attacks, but its voters to influence campaigns designed to cast doubt in the process itself. Authoritarian regimes such as Russia, Iran, and China are capable of conducting both sophisticated disinformation operations and cyber campaigns, and using both methods can be a particularly effective strategy for disrupting an election. Despite significant attention and more (but insufficient) funding in recent years, the overall defensive posture of election infrastructure operators lags behind the offensive cyber capabilities of sophisticated adversaries and criminals. \n

Elections are not alone. Other critical infrastructure sectors have sustained major disruptions because of cyber attacks like ransomware. However, elections are unique in that a sizable segment of the American public views the electoral process suspiciously and is primed to believe any errors or inconsistencies presented that supports that belief. As a result, adversaries now have at least three distinct attack strategies at their disposal: quietly change enough actual ballots to alter the outcome of a contest, loudly manipulate a small number of ballots to provide â€œevidenceâ€ of a systemic failure to suspicious voters, or launch a pure perception hack through the dissemination of false information to convince voters of widespread fraud absent any evidence. \n

By analyzing state-backed government messaging across various information mediums using a tool called Hamilton, researchers can track narratives and topics promoted by Russian, Chinese, and Iranian government officials and state-funded media. These trends can help provide context and insights into publicly-available information of breaches, ransomware, or other related attacks against election infrastructure. Election officials and network defenders can work together to improve the resilience of the most important component of the electoral system: voters.\n

\n
Voting Village talks will be streamed to YouTube and Twitch.\n

YouTube: https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg\n

\'',NULL,220908),('2_Friday','16','16:00','17:59','N','HRV','','\'Remote Ham Radio Exams\'','\' \'','HRV_4e3cf5d2921dd238eb0e45738b22efc2','\'Title: Remote Ham Radio Exams
\nWhen: Friday, Aug 6, 16:00 - 17:59 PDT
\nWhere: Ham Radio Village (Virtual Exams)
\n
\nDescription:
\nFor those participating in DEF CON remotely, the HRV is offering remote ham radio exams as well as in-person exams! Register, as well as study for the exam online though ham.study. Registration can be completed at https://ham.study/sessions/610602949f7bd0fb99cbdf95/1\n
\n\'',NULL,220909),('2_Friday','17','16:00','17:59','Y','HRV','','\'Remote Ham Radio Exams\'','\' \'','HRV_4e3cf5d2921dd238eb0e45738b22efc2','\'\'',NULL,220910),('3_Saturday','17','17:00','18:59','N','HRV','','\'Remote Ham Radio Exams\'','\' \'','HRV_309ad60a426f9ad723c13a5c3596489e','\'Title: Remote Ham Radio Exams
\nWhen: Saturday, Aug 7, 17:00 - 18:59 PDT
\nWhere: Ham Radio Village (Virtual Exams)
\n
\nDescription:
\nFor those participating in DEF CON remotely, the HRV is offering remote ham radio exams as well as in-person exams! Register, as well as study for the exam online though ham.study. Registration can be completed at https://ham.study/sessions/6106030b38fc691617d940f8/1
\n\'',NULL,220911),('3_Saturday','18','17:00','18:59','Y','HRV','','\'Remote Ham Radio Exams\'','\' \'','HRV_309ad60a426f9ad723c13a5c3596489e','\'\'',NULL,220912),('3_Saturday','10','10:00','18:30','N','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'Title: Black Box Challenges
\nWhen: Saturday, Aug 7, 10:00 - 18:30 PDT
\nWhere: IoT Village (Onsite)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n\'',NULL,220913),('3_Saturday','11','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'\'',NULL,220914),('3_Saturday','12','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'\'',NULL,220915),('3_Saturday','13','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'\'',NULL,220916),('3_Saturday','14','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'\'',NULL,220917),('3_Saturday','15','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'\'',NULL,220918),('3_Saturday','16','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'\'',NULL,220919),('3_Saturday','17','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'\'',NULL,220920),('3_Saturday','18','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_605c9824a42b6c1fd2ea3143a0c4ad6f','\'\'',NULL,220921),('2_Friday','10','10:00','18:30','N','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'Title: Black Box Challenges
\nWhen: Friday, Aug 6, 10:00 - 18:30 PDT
\nWhere: IoT Village (Onsite)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n\'',NULL,220922),('2_Friday','11','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'\'',NULL,220923),('2_Friday','12','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'\'',NULL,220924),('2_Friday','13','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'\'',NULL,220925),('2_Friday','14','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'\'',NULL,220926),('2_Friday','15','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'\'',NULL,220927),('2_Friday','16','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'\'',NULL,220928),('2_Friday','17','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'\'',NULL,220929),('2_Friday','18','10:00','18:30','Y','IOTV','','\'Black Box Challenges\'','\' \'','IOTV_45307b5a220a0d129f9b5bd7b2069c59','\'\'',NULL,220930),('2_Friday','10','10:00','18:30','N','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'Title: Pentesting 101
\nWhen: Friday, Aug 6, 10:00 - 18:30 PDT
\nWhere: IoT Village (Onsite)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n\'',NULL,220931),('2_Friday','11','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'\'',NULL,220932),('2_Friday','12','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'\'',NULL,220933),('2_Friday','13','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'\'',NULL,220934),('2_Friday','14','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'\'',NULL,220935),('2_Friday','15','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'\'',NULL,220936),('2_Friday','16','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'\'',NULL,220937),('2_Friday','17','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'\'',NULL,220938),('2_Friday','18','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_7b49b01b58d35a4c480a7f583e078076','\'\'',NULL,220939),('3_Saturday','10','10:00','18:30','N','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'Title: Pentesting 101
\nWhen: Saturday, Aug 7, 10:00 - 18:30 PDT
\nWhere: IoT Village (Onsite)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n\'',NULL,220940),('3_Saturday','11','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'\'',NULL,220941),('3_Saturday','12','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'\'',NULL,220942),('3_Saturday','13','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'\'',NULL,220943),('3_Saturday','14','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'\'',NULL,220944),('3_Saturday','15','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'\'',NULL,220945),('3_Saturday','16','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'\'',NULL,220946),('3_Saturday','17','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'\'',NULL,220947),('3_Saturday','18','10:00','18:30','Y','IOTV','','\'Pentesting 101\'','\' \'','IOTV_d8b16db05c6d2c0a6bebeff2138eb47a','\'\'',NULL,220948),('2_Friday','10','10:00','18:30','N','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'Title: UART to UBOOT to ROOT
\nWhen: Friday, Aug 6, 10:00 - 18:30 PDT
\nWhere: IoT Village (Onsite)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n\'',NULL,220949),('2_Friday','11','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'\'',NULL,220950),('2_Friday','12','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'\'',NULL,220951),('2_Friday','13','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'\'',NULL,220952),('2_Friday','14','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'\'',NULL,220953),('2_Friday','15','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'\'',NULL,220954),('2_Friday','16','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'\'',NULL,220955),('2_Friday','17','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'\'',NULL,220956),('2_Friday','18','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_d26e24ffecf67ab1c01939927d416461','\'\'',NULL,220957),('3_Saturday','10','10:00','18:30','N','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'Title: UART to UBOOT to ROOT
\nWhen: Saturday, Aug 7, 10:00 - 18:30 PDT
\nWhere: IoT Village (Onsite)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n\'',NULL,220958),('3_Saturday','11','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'\'',NULL,220959),('3_Saturday','12','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'\'',NULL,220960),('3_Saturday','13','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'\'',NULL,220961),('3_Saturday','14','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'\'',NULL,220962),('3_Saturday','15','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'\'',NULL,220963),('3_Saturday','16','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'\'',NULL,220964),('3_Saturday','17','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'\'',NULL,220965),('3_Saturday','18','10:00','18:30','Y','IOTV','','\'UART to UBOOT to ROOT\'','\' \'','IOTV_76436ff4d03f1af1185e74da1e49b52b','\'\'',NULL,220966),('2_Friday','10','10:00','18:30','N','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'Title: IoT Village Capture the Flag (CTF)
\nWhen: Friday, Aug 6, 10:00 - 18:30 PDT
\nWhere: IoT Village (Virtual + Paris Vendome A)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n
IoT Village virtual events will be streamed to Twitch.\n

\'',NULL,220967),('2_Friday','11','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'\'',NULL,220968),('2_Friday','12','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'\'',NULL,220969),('2_Friday','13','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'\'',NULL,220970),('2_Friday','14','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'\'',NULL,220971),('2_Friday','15','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'\'',NULL,220972),('2_Friday','16','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'\'',NULL,220973),('2_Friday','17','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'\'',NULL,220974),('2_Friday','18','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_7f27bf9a2b6ad1641eb56512ef459d30','\'\'',NULL,220975),('3_Saturday','10','10:00','18:30','N','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'Title: IoT Village Capture the Flag (CTF)
\nWhen: Saturday, Aug 7, 10:00 - 18:30 PDT
\nWhere: IoT Village (Virtual + Paris Vendome A)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n
IoT Village virtual events will be streamed to Twitch.\n

\'',NULL,220976),('3_Saturday','11','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'\'',NULL,220977),('3_Saturday','12','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'\'',NULL,220978),('3_Saturday','13','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'\'',NULL,220979),('3_Saturday','14','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'\'',NULL,220980),('3_Saturday','15','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'\'',NULL,220981),('3_Saturday','16','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'\'',NULL,220982),('3_Saturday','17','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'\'',NULL,220983),('3_Saturday','18','10:00','18:30','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_850c2c713cd50a538f56360d89124f51','\'\'',NULL,220984),('4_Sunday','10','10:00','11:59','N','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_c5cf5191a08c295e6ad733783201addc','\'Title: IoT Village Capture the Flag (CTF)
\nWhen: Sunday, Aug 8, 10:00 - 11:59 PDT
\nWhere: IoT Village (Virtual + Paris Vendome A)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n
IoT Village virtual events will be streamed to Twitch.\n

\'',NULL,220985),('4_Sunday','11','10:00','11:59','Y','IOTV','','\'IoT Village Capture the Flag (CTF)\'','\' \'','IOTV_c5cf5191a08c295e6ad733783201addc','\'\'',NULL,220986),('2_Friday','10','10:00','18:30','N','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'Title: IoT Village Labs
\nWhen: Friday, Aug 6, 10:00 - 18:30 PDT
\nWhere: IoT Village (Virtual + Paris Vendome A)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n
IoT Village virtual events will be streamed to Twitch.\n

\'',NULL,220987),('2_Friday','11','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'\'',NULL,220988),('2_Friday','12','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'\'',NULL,220989),('2_Friday','13','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'\'',NULL,220990),('2_Friday','14','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'\'',NULL,220991),('2_Friday','15','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'\'',NULL,220992),('2_Friday','16','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'\'',NULL,220993),('2_Friday','17','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'\'',NULL,220994),('2_Friday','18','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_0243185c7310db41bb39b0d23b82d7d8','\'\'',NULL,220995),('3_Saturday','10','10:00','18:30','N','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'Title: IoT Village Labs
\nWhen: Saturday, Aug 7, 10:00 - 18:30 PDT
\nWhere: IoT Village (Virtual + Paris Vendome A)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n
IoT Village virtual events will be streamed to Twitch.\n

\'',NULL,220996),('3_Saturday','11','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'\'',NULL,220997),('3_Saturday','12','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'\'',NULL,220998),('3_Saturday','13','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'\'',NULL,220999),('3_Saturday','14','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'\'',NULL,221000),('3_Saturday','15','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'\'',NULL,221001),('3_Saturday','16','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'\'',NULL,221002),('3_Saturday','17','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'\'',NULL,221003),('3_Saturday','18','10:00','18:30','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_41b7d02b13cad1dcb2952b7ba9f1fb13','\'\'',NULL,221004),('4_Sunday','06','06:00','10:59','N','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_2e4e98b3adfe34677f46bd83ef87947b','\'Title: IoT Village Labs
\nWhen: Sunday, Aug 8, 06:00 - 10:59 PDT
\nWhere: IoT Village (Virtual + Paris Vendome A)
\n
\nDescription:
\nFor more information, see https://www.iotvillage.org/defcon.html
\n
IoT Village virtual events will be streamed to Twitch.\n

\'',NULL,221005),('4_Sunday','07','06:00','10:59','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_2e4e98b3adfe34677f46bd83ef87947b','\'\'',NULL,221006),('4_Sunday','08','06:00','10:59','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_2e4e98b3adfe34677f46bd83ef87947b','\'\'',NULL,221007),('4_Sunday','09','06:00','10:59','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_2e4e98b3adfe34677f46bd83ef87947b','\'\'',NULL,221008),('4_Sunday','10','06:00','10:59','Y','IOTV','','\'IoT Village Labs\'','\' \'','IOTV_2e4e98b3adfe34677f46bd83ef87947b','\'\'',NULL,221009),('4_Sunday','12','12:00','12:59','N','BHV','','\'Red vs Blue vs Green : The ultimate battle of opinions (or is it)\'','\'Ken Kato,Vee Schmitt\'','BHV_9c1dad30fb69f4c0b505fd8cfd5af16c','\'Title: Red vs Blue vs Green : The ultimate battle of opinions (or is it)
\nWhen: Sunday, Aug 8, 12:00 - 12:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\nSpeakers:Ken Kato,Vee Schmitt
\n
SpeakerBio:Ken Kato\n, Entrepreneur In Residence @ US Navy, White House Presidential Innovation Fellows
\nThought leader. Technology disruptor. Innovator. Experienced in solving problems from bare metal to cloud. Steeped deeply in agile methods and development. Track record of success as a change agent in highly regulated industries.\n

Ken Kato is an entrepreneur, platform/cloud architect, change agent, and innovator; with a wide range of experience across highly regulated industries from finance, to healthcare, to defense. Most recently as a founding member of Kessel Run, Ken disrupted USAFâ€™s technology. Working alongside industry innovators Pivotal to provide a cloud platform and help begin their cloud native journey.\n

Spending a career working at the bleeding edge; Ken continues to iterate on concepts with a focus lately on IoT sensor data aggregation and predictive analysis, security across software and platform lifecycle, edge computing at the extremes of information availability. Evincing a passion to keep pursuing ideas from when the ideas are theory before technology is available until they are matured as an innovation.\n

Technology alone canâ€™t solve complex problems and with that in mind, Ken thinks of what the future landscape may look like. Between experience and data, Ken predicts how decisions made today will be survivable for years ahead and strives to develop a sustainable strategy for organizational growth.\n

\nTwitter: @askKenKato
\n
SpeakerBio:Vee Schmitt\n, Assistant Professor at Noroff/ Independent Security Researcher at Medtronic/ Partner DFIRLABS
\nNo BIO available
\n\n
\nDescription:
\nOften when it comes Medical Devices and Healthcare everyone has an opinion. Ever wonder why there is such a difference of opinion. Deep diving into the context and perspective of the various teams involved in the manufacturing, attacking, and defending of medical devices. We explore and discuss why these opinions are different and how we can better communicate our perspective to one another. This talk explores the complexity and constraints that each team faces and how if the silos are broken down it makes for a more collaborative understanding and coming full circle. Often you will that it is Red versus Blue then versus Green. We work against each other rather than coming full circle logically and openly discussing problems in this space. The main theme of this talk is that differences in opinions are often needed to solve complex problems. Letâ€™s face it the secure manufacturing and implementation of these devices is a complex problem. Lifting the veil of problems that each of these teamâ€™s face.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,221010),('4_Sunday','13','13:30','13:59','N','BHV','','\'It takes a village: Why you should join the Biohacking Village\'','\'Rob SuÃ¡rez\'','BHV_de4399529f939c4525dfda7bfd699a8f','\'Title: It takes a village: Why you should join the Biohacking Village
\nWhen: Sunday, Aug 8, 13:30 - 13:59 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
SpeakerBio:Rob SuÃ¡rez\n, CISO, BD
\nRob Suárez is a cybersecurity and privacy professional in the medical device and healthcare IT industry. At BD, Rob serves as Chief Information Security Officer and oversees cybersecurity across the companyâ€™s enterprise, IT and manufacturing systems. Rob currently chairs the Cybersecurity Steering Committee for the Medical Device Innovation Consortium and the Cybersecurity Working Group for AdvaMed. He was also one of three leaders to co-chair the public-private Healthcare and Public Health Sector Coordinating Council (HSCC) Med Tech Cybersecurity Risk Management Task Group, which issued the seminal Medical Device and Healthcare Information Technology Joint Security Plan (JSP) in 2019.
\n\n
\nDescription:
\nThe Biohacking Village at DEF CON brings medical device manufacturers and security researchers together for one purpose: to strengthen medical device cybersecurity. In this presentation, BD CISO Rob Suárez will share his perspective on crowdsourcing cybersecurity and how creating a community of practice strengthens cybersecurity, promotes ethical coordinated vulnerability disclosure processes, and accelerates the application of emerging best practices across industries. Participants will also hear from Scott Shindledecker, Chief Product Security Officer for BD and Nastassia Tamari, Director of Information Security - Operations for BD, on practical tips for participating in events like the Biohacking Village Medical Device Lab and fostering collaborative relationships with security researchers and fellow medical device manufacturers.
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,221011),('4_Sunday','14','14:00','14:30','N','BHV','','\'Biohacking Village Wrap-Up\'','\' \'','BHV_74354b0f8cc7da3bf9ea83e912174542','\'Title: Biohacking Village Wrap-Up
\nWhen: Sunday, Aug 8, 14:00 - 14:30 PDT
\nWhere: Biohacking Village (Talk - Virtual)
\n
\nDescription:
\nWhere do we go from here?
\n
All Biohacking Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/channel/UCm1Kas76P64rs2s1LUA6s2Q\n

\'',NULL,221012),('3_Saturday','20','20:00','01:59','N','SOC','','\'Gothcon 2021\'','\' \'','SOC_971c6f73910de812b7751bcbc79d8bbb','\'Title: Gothcon 2021
\nWhen: Saturday, Aug 7, 20:00 - 01:59 PDT
\nWhere: Bally\'s Skyview 4
\n
\nDescription:
\nJoin us, hybrid style, as we continue yet another year of #DCGOTHCON. Digital hangs will be found at https://www.twitch.tv/dcgothcon. Watch our twitter @dcgothcon for updates about some renegade IRL meet-ups. We will be streaming our fav goth DJ\'s Friday evening, 10p-2a Paciï¬c. DM on twitter to join our discord.
\n\'',NULL,221013),('2_Friday','11','11:00','10:59','N','APV','','\'AppSec Village Capture the Flag Starts\'','\' \'','APV_234197fd49fb301ebd80f1b0bfda0660','\'Title: AppSec Village Capture the Flag Starts
\nWhen: Friday, Aug 6, 11:00 - 10:59 PDT
\nWhere: AppSec Village (Virtual)
\n
\nDescription:
\nFor more information, see https://www.appsecvillage.com/ctf
\n
AppSec Village events will be streamed to YouTube.\n

\'',NULL,221014),('4_Sunday','13','13:00','12:59','N','APV','','\'AppSec Village Capture the Flag Ends\'','\' \'','APV_36622ebfed743a8264a91384b88ac791','\'Title: AppSec Village Capture the Flag Ends
\nWhen: Sunday, Aug 8, 13:00 - 12:59 PDT
\nWhere: AppSec Village (Virtual)
\n
\nDescription:
\nFor more information, see https://www.appsecvillage.com/ctf
\n
AppSec Village events will be streamed to YouTube.\n

https://www.alissaknight.com/ \n

\'',NULL,221015),('2_Friday','10','10:00','10:59','N','CHV','','\'Ready, fire aim: Hacking State and Federal Law Enforcement Vehicles\'','\'Alissa Knight\'','CHV_43562cad5d15c05369b660e87d198762','\'Title: Ready, fire aim: Hacking State and Federal Law Enforcement Vehicles
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: Car Hacking Village - Talks (Virtual)
\n
SpeakerBio:Alissa Knight\n, Content Creator | Hacker
\nAlissa Knight is a recovering hacker of 20 years, blending hacking with a unique style of written and visual content creation for challenger brands and market leaders in cybersecurity. Alissa is a cybersecurity influencer, content creator, and community manager as a partner at Knight Ink (http://www.knightinkmedia.com/) that provides vendors go-to market and content strategy for telling brand stories at scale in cybersecurity. Alissa is also the principal analyst in cybersecurity at Alissa Knight & Associates.\n

\nhttps://www.alissaknight.com/
\n\n
\nDescription:
\nThis talk will stream on YouTube.\n

YouTube: https://www.youtube.com/watch?v=X0ZNEyzloY8\n

\n\'',NULL,221016),('2_Friday','22','22:00','23:59','N','CON','','\'Whose Slide Is It Anyway\'','\' \'','CON_bdb33ad662664bffae3d525eb78abd32','\'Title: Whose Slide Is It Anyway
\nWhen: Friday, Aug 6, 22:00 - 23:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/237295 or https://twitter.com/whoseslide\n

This event will be held in Track 1, Bally\'s\n

\n\'',NULL,221017),('2_Friday','23','22:00','23:59','Y','CON','','\'Whose Slide Is It Anyway\'','\' \'','CON_bdb33ad662664bffae3d525eb78abd32','\'\'',NULL,221018),('3_Saturday','20','20:00','21:59','N','CON','','\'Hacker Jeopardy\'','\' \'','CON_837ce11bb98fe0e5cd4f4337b9247032','\'Title: Hacker Jeopardy
\nWhen: Saturday, Aug 7, 20:00 - 21:59 PDT
\nWhere: Bally\'s Gold Ballroom (and Virtual)
\n
\nDescription:
\nHacker Jeopardy is being held in Bally\'s Gold Ballroom at 20:00 Saturday. \n

For more information, see https://forum.defcon.org/node/236486\n

Twitch: https://www.twitch.tv/DFIUtv\n

Twitter: https://twitter.com/HackerJeopardy\n

#ce-hacker-jeopardy-text: https://discord.com/channels/708208267699945503/732439600391389184/\n

\n\'',NULL,221019),('3_Saturday','21','20:00','21:59','Y','CON','','\'Hacker Jeopardy\'','\' \'','CON_837ce11bb98fe0e5cd4f4337b9247032','\'\'',NULL,221020),('2_Friday','20','20:00','21:59','N','CON','','\'Hacker Jeopardy\'','\' \'','CON_b801d986a71e1d5e535bb7be9c16760a','\'Title: Hacker Jeopardy
\nWhen: Friday, Aug 6, 20:00 - 21:59 PDT
\nWhere: See Description
\n
\nDescription:
\n\nFor more information, see https://forum.defcon.org/node/236486\n

This event will be held VIRTUALLY ONLY, on Twitch. Discussion will be held in #ce-hacker-jeopardy-text.\n

Twitch: https://www.twitch.tv/DFIUtv\n

Twitter: https://twitter.com/HackerJeopardy\n

#ce-hacker-jeopardy-text: https://discord.com/channels/708208267699945503/732439600391389184/\n

\n\'',NULL,221021),('2_Friday','21','20:00','21:59','Y','CON','','\'Hacker Jeopardy\'','\' \'','CON_b801d986a71e1d5e535bb7be9c16760a','\'\'',NULL,221022),('2_Friday','10','10:00','19:59','N','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'Title: DEF CON 29 CTF by OOO
\nWhen: Friday, Aug 6, 10:00 - 19:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236417
\n\'',NULL,221023),('2_Friday','11','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221024),('2_Friday','12','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221025),('2_Friday','13','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221026),('2_Friday','14','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221027),('2_Friday','15','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221028),('2_Friday','16','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221029),('2_Friday','17','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221030),('2_Friday','18','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221031),('2_Friday','19','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_5bd6cf1fe56d3c3bc2f51cd3821bfad8','\'\'',NULL,221032),('3_Saturday','10','10:00','19:59','N','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'Title: DEF CON 29 CTF by OOO
\nWhen: Saturday, Aug 7, 10:00 - 19:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236417
\n\'',NULL,221033),('3_Saturday','11','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221034),('3_Saturday','12','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221035),('3_Saturday','13','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221036),('3_Saturday','14','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221037),('3_Saturday','15','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221038),('3_Saturday','16','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221039),('3_Saturday','17','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221040),('3_Saturday','18','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221041),('3_Saturday','19','10:00','19:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_6e8c6bb7f00084b68f31911b17bc79c8','\'\'',NULL,221042),('4_Sunday','10','10:00','13:59','N','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_e9946796e03c06df352dc24361b6da99','\'Title: DEF CON 29 CTF by OOO
\nWhen: Sunday, Aug 8, 10:00 - 13:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236417
\n\'',NULL,221043),('4_Sunday','11','10:00','13:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_e9946796e03c06df352dc24361b6da99','\'\'',NULL,221044),('4_Sunday','12','10:00','13:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_e9946796e03c06df352dc24361b6da99','\'\'',NULL,221045),('4_Sunday','13','10:00','13:59','Y','CON','','\'DEF CON 29 CTF by OOO\'','\' \'','CON_e9946796e03c06df352dc24361b6da99','\'\'',NULL,221046),('2_Friday','10','10:00','17:30','N','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_5db03f92299a0c6aa0c90a737e248ec0','\'Title: OpenSOC Blue Team CTF
\nWhen: Friday, Aug 6, 10:00 - 17:30 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/238017
\n\'',NULL,221047),('2_Friday','11','10:00','17:30','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_5db03f92299a0c6aa0c90a737e248ec0','\'\'',NULL,221048),('2_Friday','12','10:00','17:30','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_5db03f92299a0c6aa0c90a737e248ec0','\'\'',NULL,221049),('2_Friday','13','10:00','17:30','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_5db03f92299a0c6aa0c90a737e248ec0','\'\'',NULL,221050),('2_Friday','14','10:00','17:30','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_5db03f92299a0c6aa0c90a737e248ec0','\'\'',NULL,221051),('2_Friday','15','10:00','17:30','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_5db03f92299a0c6aa0c90a737e248ec0','\'\'',NULL,221052),('2_Friday','16','10:00','17:30','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_5db03f92299a0c6aa0c90a737e248ec0','\'\'',NULL,221053),('2_Friday','17','10:00','17:30','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_5db03f92299a0c6aa0c90a737e248ec0','\'\'',NULL,221054),('3_Saturday','09','09:00','15:59','N','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_7e73c6246fa4042d5d11ac610f08d4b6','\'Title: OpenSOC Blue Team CTF
\nWhen: Saturday, Aug 7, 09:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/238017
\n\'',NULL,221055),('3_Saturday','10','09:00','15:59','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_7e73c6246fa4042d5d11ac610f08d4b6','\'\'',NULL,221056),('3_Saturday','11','09:00','15:59','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_7e73c6246fa4042d5d11ac610f08d4b6','\'\'',NULL,221057),('3_Saturday','12','09:00','15:59','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_7e73c6246fa4042d5d11ac610f08d4b6','\'\'',NULL,221058),('3_Saturday','13','09:00','15:59','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_7e73c6246fa4042d5d11ac610f08d4b6','\'\'',NULL,221059),('3_Saturday','14','09:00','15:59','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_7e73c6246fa4042d5d11ac610f08d4b6','\'\'',NULL,221060),('3_Saturday','15','09:00','15:59','Y','CON','','\'OpenSOC Blue Team CTF\'','\' \'','CON_7e73c6246fa4042d5d11ac610f08d4b6','\'\'',NULL,221061),('2_Friday','10','10:00','14:59','N','CON','','\'Secure Coding Tournament CTF\'','\' \'','CON_76d4553bcd8be3e739ef80f4bf18ab4c','\'Title: Secure Coding Tournament CTF
\nWhen: Friday, Aug 6, 10:00 - 14:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236774
\n\'',NULL,221062),('2_Friday','11','10:00','14:59','Y','CON','','\'Secure Coding Tournament CTF\'','\' \'','CON_76d4553bcd8be3e739ef80f4bf18ab4c','\'\'',NULL,221063),('2_Friday','12','10:00','14:59','Y','CON','','\'Secure Coding Tournament CTF\'','\' \'','CON_76d4553bcd8be3e739ef80f4bf18ab4c','\'\'',NULL,221064),('2_Friday','13','10:00','14:59','Y','CON','','\'Secure Coding Tournament CTF\'','\' \'','CON_76d4553bcd8be3e739ef80f4bf18ab4c','\'\'',NULL,221065),('2_Friday','14','10:00','14:59','Y','CON','','\'Secure Coding Tournament CTF\'','\' \'','CON_76d4553bcd8be3e739ef80f4bf18ab4c','\'\'',NULL,221066),('2_Friday','10','10:00','16:59','N','CON','','\'Red Team Village CTF - Qualifiers Part 1\'','\' \'','CON_d3181eed5bec4a7073fb3f96b9d8e7b6','\'Title: Red Team Village CTF - Qualifiers Part 1
\nWhen: Friday, Aug 6, 10:00 - 16:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236421
\n\'',NULL,221067),('2_Friday','11','10:00','16:59','Y','CON','','\'Red Team Village CTF - Qualifiers Part 1\'','\' \'','CON_d3181eed5bec4a7073fb3f96b9d8e7b6','\'\'',NULL,221068),('2_Friday','12','10:00','16:59','Y','CON','','\'Red Team Village CTF - Qualifiers Part 1\'','\' \'','CON_d3181eed5bec4a7073fb3f96b9d8e7b6','\'\'',NULL,221069),('2_Friday','13','10:00','16:59','Y','CON','','\'Red Team Village CTF - Qualifiers Part 1\'','\' \'','CON_d3181eed5bec4a7073fb3f96b9d8e7b6','\'\'',NULL,221070),('2_Friday','14','10:00','16:59','Y','CON','','\'Red Team Village CTF - Qualifiers Part 1\'','\' \'','CON_d3181eed5bec4a7073fb3f96b9d8e7b6','\'\'',NULL,221071),('2_Friday','15','10:00','16:59','Y','CON','','\'Red Team Village CTF - Qualifiers Part 1\'','\' \'','CON_d3181eed5bec4a7073fb3f96b9d8e7b6','\'\'',NULL,221072),('2_Friday','16','10:00','16:59','Y','CON','','\'Red Team Village CTF - Qualifiers Part 1\'','\' \'','CON_d3181eed5bec4a7073fb3f96b9d8e7b6','\'\'',NULL,221073),('3_Saturday','10','10:00','11:59','N','CON','','\'Red Team Village CTF - Qualifiers Part 2\'','\' \'','CON_ab37ecab635c4ccf16cd169cfeee785d','\'Title: Red Team Village CTF - Qualifiers Part 2
\nWhen: Saturday, Aug 7, 10:00 - 11:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236421
\n\'',NULL,221074),('3_Saturday','11','10:00','11:59','Y','CON','','\'Red Team Village CTF - Qualifiers Part 2\'','\' \'','CON_ab37ecab635c4ccf16cd169cfeee785d','\'\'',NULL,221075),('3_Saturday','12','12:00','12:59','N','CON','','\'Red Team Village CTF - Qualifier Prizes and Announcements\'','\' \'','CON_20c22ef4f494a108d2ad443e8438f8e9','\'Title: Red Team Village CTF - Qualifier Prizes and Announcements
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236421
\n\'',NULL,221076),('3_Saturday','13','13:00','16:59','N','CON','','\'Red Team Village CTF - Finals Part 1\'','\' \'','CON_c101bea72ffbd6b648897cd94b0254e1','\'Title: Red Team Village CTF - Finals Part 1
\nWhen: Saturday, Aug 7, 13:00 - 16:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236421
\n\'',NULL,221077),('3_Saturday','14','13:00','16:59','Y','CON','','\'Red Team Village CTF - Finals Part 1\'','\' \'','CON_c101bea72ffbd6b648897cd94b0254e1','\'\'',NULL,221078),('3_Saturday','15','13:00','16:59','Y','CON','','\'Red Team Village CTF - Finals Part 1\'','\' \'','CON_c101bea72ffbd6b648897cd94b0254e1','\'\'',NULL,221079),('3_Saturday','16','13:00','16:59','Y','CON','','\'Red Team Village CTF - Finals Part 1\'','\' \'','CON_c101bea72ffbd6b648897cd94b0254e1','\'\'',NULL,221080),('4_Sunday','10','10:00','11:59','N','CON','','\'Red Team Village CTF - Finals Part 2\'','\' \'','CON_0abde7a1b037f94adb933cda894e54a1','\'Title: Red Team Village CTF - Finals Part 2
\nWhen: Sunday, Aug 8, 10:00 - 11:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236421
\n\'',NULL,221081),('4_Sunday','11','10:00','11:59','Y','CON','','\'Red Team Village CTF - Finals Part 2\'','\' \'','CON_0abde7a1b037f94adb933cda894e54a1','\'\'',NULL,221082),('4_Sunday','12','12:00','12:59','N','CON','','\'Red Team Village CTF - Closing Ceremony\'','\' \'','CON_a0da15bf2bef767b69d1c7a5905343a4','\'Title: Red Team Village CTF - Closing Ceremony
\nWhen: Sunday, Aug 8, 12:00 - 12:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236421
\n\'',NULL,221083),('2_Friday','10','10:00','17:59','N','CON','','\'Red Alert ICS CTF\'','\' \'','CON_8e859393a4e867f4253671fc8465f4c7','\'Title: Red Alert ICS CTF
\nWhen: Friday, Aug 6, 10:00 - 17:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236432
\n\'',NULL,221084),('2_Friday','11','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_8e859393a4e867f4253671fc8465f4c7','\'\'',NULL,221085),('2_Friday','12','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_8e859393a4e867f4253671fc8465f4c7','\'\'',NULL,221086),('2_Friday','13','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_8e859393a4e867f4253671fc8465f4c7','\'\'',NULL,221087),('2_Friday','14','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_8e859393a4e867f4253671fc8465f4c7','\'\'',NULL,221088),('2_Friday','15','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_8e859393a4e867f4253671fc8465f4c7','\'\'',NULL,221089),('2_Friday','16','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_8e859393a4e867f4253671fc8465f4c7','\'\'',NULL,221090),('2_Friday','17','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_8e859393a4e867f4253671fc8465f4c7','\'\'',NULL,221091),('3_Saturday','10','10:00','17:59','N','CON','','\'Red Alert ICS CTF\'','\' \'','CON_6c88eadb0fd7e7b71453b50fcdf3fe33','\'Title: Red Alert ICS CTF
\nWhen: Saturday, Aug 7, 10:00 - 17:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236432
\n\'',NULL,221092),('3_Saturday','11','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_6c88eadb0fd7e7b71453b50fcdf3fe33','\'\'',NULL,221093),('3_Saturday','12','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_6c88eadb0fd7e7b71453b50fcdf3fe33','\'\'',NULL,221094),('3_Saturday','13','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_6c88eadb0fd7e7b71453b50fcdf3fe33','\'\'',NULL,221095),('3_Saturday','14','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_6c88eadb0fd7e7b71453b50fcdf3fe33','\'\'',NULL,221096),('3_Saturday','15','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_6c88eadb0fd7e7b71453b50fcdf3fe33','\'\'',NULL,221097),('3_Saturday','16','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_6c88eadb0fd7e7b71453b50fcdf3fe33','\'\'',NULL,221098),('3_Saturday','17','10:00','17:59','Y','CON','','\'Red Alert ICS CTF\'','\' \'','CON_6c88eadb0fd7e7b71453b50fcdf3fe33','\'\'',NULL,221099),('1_Thursday','10','10:00','16:59','N','CON','','\'Tin Foil Hat Contest\'','\' \'','CON_19b1fb9caf459d88915c8dde075b3354','\'Title: Tin Foil Hat Contest
\nWhen: Thursday, Aug 5, 10:00 - 16:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236423
\n\'',NULL,221100),('1_Thursday','11','10:00','16:59','Y','CON','','\'Tin Foil Hat Contest\'','\' \'','CON_19b1fb9caf459d88915c8dde075b3354','\'\'',NULL,221101),('1_Thursday','12','10:00','16:59','Y','CON','','\'Tin Foil Hat Contest\'','\' \'','CON_19b1fb9caf459d88915c8dde075b3354','\'\'',NULL,221102),('1_Thursday','13','10:00','16:59','Y','CON','','\'Tin Foil Hat Contest\'','\' \'','CON_19b1fb9caf459d88915c8dde075b3354','\'\'',NULL,221103),('1_Thursday','14','10:00','16:59','Y','CON','','\'Tin Foil Hat Contest\'','\' \'','CON_19b1fb9caf459d88915c8dde075b3354','\'\'',NULL,221104),('1_Thursday','15','10:00','16:59','Y','CON','','\'Tin Foil Hat Contest\'','\' \'','CON_19b1fb9caf459d88915c8dde075b3354','\'\'',NULL,221105),('1_Thursday','16','10:00','16:59','Y','CON','','\'Tin Foil Hat Contest\'','\' \'','CON_19b1fb9caf459d88915c8dde075b3354','\'\'',NULL,221106),('3_Saturday','09','09:00','09:59','N','CON','','\'Trace Labs OSINT Search Party CTF - Briefing\'','\' \'','CON_d70231ee2ea8cfec97da97474ca6d688','\'Title: Trace Labs OSINT Search Party CTF - Briefing
\nWhen: Saturday, Aug 7, 09:00 - 09:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236424
\n\'',NULL,221107),('3_Saturday','10','10:00','15:59','N','CON','','\'Trace Labs OSINT Search Party CTF\'','\' \'','CON_4e3175d939c33799119d4057787027fb','\'Title: Trace Labs OSINT Search Party CTF
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236424
\n\'',NULL,221108),('3_Saturday','11','10:00','15:59','Y','CON','','\'Trace Labs OSINT Search Party CTF\'','\' \'','CON_4e3175d939c33799119d4057787027fb','\'\'',NULL,221109),('3_Saturday','12','10:00','15:59','Y','CON','','\'Trace Labs OSINT Search Party CTF\'','\' \'','CON_4e3175d939c33799119d4057787027fb','\'\'',NULL,221110),('3_Saturday','13','10:00','15:59','Y','CON','','\'Trace Labs OSINT Search Party CTF\'','\' \'','CON_4e3175d939c33799119d4057787027fb','\'\'',NULL,221111),('3_Saturday','14','10:00','15:59','Y','CON','','\'Trace Labs OSINT Search Party CTF\'','\' \'','CON_4e3175d939c33799119d4057787027fb','\'\'',NULL,221112),('3_Saturday','15','10:00','15:59','Y','CON','','\'Trace Labs OSINT Search Party CTF\'','\' \'','CON_4e3175d939c33799119d4057787027fb','\'\'',NULL,221113),('3_Saturday','17','17:00','17:59','N','CON','','\'Trace Labs OSINT Search Party CTF - Award Ceremony\'','\' \'','CON_64f39ba787cfca87555f766a83fa68c6','\'Title: Trace Labs OSINT Search Party CTF - Award Ceremony
\nWhen: Saturday, Aug 7, 17:00 - 17:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236424
\n\'',NULL,221114),('1_Thursday','18','18:00','17:59','N','CON','','\'AutoDriving CTF\'','\' \'','CON_2aba77261fd2632be606b4a5ca968056','\'Title: AutoDriving CTF
\nWhen: Thursday, Aug 5, 18:00 - 17:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/238185 and https://autodrivingctf.org/
\n\'',NULL,221115),('2_Friday','10','10:00','13:59','N','CON','','\'Beverage Cooling Contraption Contest\'','\' \'','CON_d7fdad4ea82d2e984606abebbb5e3c08','\'Title: Beverage Cooling Contraption Contest
\nWhen: Friday, Aug 6, 10:00 - 13:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236475
\n\'',NULL,221116),('2_Friday','11','10:00','13:59','Y','CON','','\'Beverage Cooling Contraption Contest\'','\' \'','CON_d7fdad4ea82d2e984606abebbb5e3c08','\'\'',NULL,221117),('2_Friday','12','10:00','13:59','Y','CON','','\'Beverage Cooling Contraption Contest\'','\' \'','CON_d7fdad4ea82d2e984606abebbb5e3c08','\'\'',NULL,221118),('2_Friday','13','10:00','13:59','Y','CON','','\'Beverage Cooling Contraption Contest\'','\' \'','CON_d7fdad4ea82d2e984606abebbb5e3c08','\'\'',NULL,221119),('2_Friday','12','12:00','17:59','N','CON','','\'Blacks in Cybersecurity CTF\'','\' \'','CON_2ab3a13856304efbd88ff7588cbb49f5','\'Title: Blacks in Cybersecurity CTF
\nWhen: Friday, Aug 6, 12:00 - 17:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236493 or https://www.blacksincyberconf.com/ctf
\n\'',NULL,221120),('2_Friday','13','12:00','17:59','Y','CON','','\'Blacks in Cybersecurity CTF\'','\' \'','CON_2ab3a13856304efbd88ff7588cbb49f5','\'\'',NULL,221121),('2_Friday','14','12:00','17:59','Y','CON','','\'Blacks in Cybersecurity CTF\'','\' \'','CON_2ab3a13856304efbd88ff7588cbb49f5','\'\'',NULL,221122),('2_Friday','15','12:00','17:59','Y','CON','','\'Blacks in Cybersecurity CTF\'','\' \'','CON_2ab3a13856304efbd88ff7588cbb49f5','\'\'',NULL,221123),('2_Friday','16','12:00','17:59','Y','CON','','\'Blacks in Cybersecurity CTF\'','\' \'','CON_2ab3a13856304efbd88ff7588cbb49f5','\'\'',NULL,221124),('2_Friday','17','12:00','17:59','Y','CON','','\'Blacks in Cybersecurity CTF\'','\' \'','CON_2ab3a13856304efbd88ff7588cbb49f5','\'\'',NULL,221125),('2_Friday','10','10:00','23:55','N','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'Title: Car Hacking CTF
\nWhen: Friday, Aug 6, 10:00 - 23:55 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236495
\n\'',NULL,221126),('2_Friday','11','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221127),('2_Friday','12','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221128),('2_Friday','13','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221129),('2_Friday','14','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221130),('2_Friday','15','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221131),('2_Friday','16','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221132),('2_Friday','17','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221133),('2_Friday','18','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221134),('2_Friday','19','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221135),('2_Friday','20','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221136),('2_Friday','21','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221137),('2_Friday','22','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221138),('2_Friday','23','10:00','23:55','Y','CON','','\'Car Hacking CTF\'','\' \'','CON_6c00a16c9070c5521741386735807c0a','\'\'',NULL,221139),('2_Friday','10','10:00','15:59','N','CON','','\'CMD+CTRL\'','\' \'','CON_53f3c217bbdf53a6e59b27e5c6afd961','\'Title: CMD+CTRL
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236481
\n\'',NULL,221140),('2_Friday','11','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_53f3c217bbdf53a6e59b27e5c6afd961','\'\'',NULL,221141),('2_Friday','12','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_53f3c217bbdf53a6e59b27e5c6afd961','\'\'',NULL,221142),('2_Friday','13','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_53f3c217bbdf53a6e59b27e5c6afd961','\'\'',NULL,221143),('2_Friday','14','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_53f3c217bbdf53a6e59b27e5c6afd961','\'\'',NULL,221144),('2_Friday','15','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_53f3c217bbdf53a6e59b27e5c6afd961','\'\'',NULL,221145),('3_Saturday','10','10:00','15:59','N','CON','','\'CMD+CTRL\'','\' \'','CON_1f4662c25a233dea76a21930b940ac7c','\'Title: CMD+CTRL
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236481
\n\'',NULL,221146),('3_Saturday','11','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_1f4662c25a233dea76a21930b940ac7c','\'\'',NULL,221147),('3_Saturday','12','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_1f4662c25a233dea76a21930b940ac7c','\'\'',NULL,221148),('3_Saturday','13','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_1f4662c25a233dea76a21930b940ac7c','\'\'',NULL,221149),('3_Saturday','14','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_1f4662c25a233dea76a21930b940ac7c','\'\'',NULL,221150),('3_Saturday','15','10:00','15:59','Y','CON','','\'CMD+CTRL\'','\' \'','CON_1f4662c25a233dea76a21930b940ac7c','\'\'',NULL,221151),('2_Friday','00','00:00','23:59','N','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'Title: Coindroids
\nWhen: Friday, Aug 6, 00:00 - 23:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236482
\n\'',NULL,221152),('2_Friday','01','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221153),('2_Friday','02','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221154),('2_Friday','03','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221155),('2_Friday','04','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221156),('2_Friday','05','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221157),('2_Friday','06','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221158),('2_Friday','07','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221159),('2_Friday','08','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221160),('2_Friday','09','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221161),('2_Friday','10','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221162),('2_Friday','11','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221163),('2_Friday','12','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221164),('2_Friday','13','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221165),('2_Friday','14','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221166),('2_Friday','15','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221167),('2_Friday','16','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221168),('2_Friday','17','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221169),('2_Friday','18','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221170),('2_Friday','19','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221171),('2_Friday','20','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221172),('2_Friday','21','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221173),('2_Friday','22','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221174),('2_Friday','23','00:00','23:59','Y','CON','','\'Coindroids\'','\' \'','CON_fa7b427ec566b191a74520e4e72af731','\'\'',NULL,221175),('2_Friday','09','09:00','15:59','N','CON','','\'Darknet-NG\'','\' \'','CON_26b16e36ec7e3a3901857e608556d9fd','\'Title: Darknet-NG
\nWhen: Friday, Aug 6, 09:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/238249
\n\'',NULL,221176),('2_Friday','10','09:00','15:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_26b16e36ec7e3a3901857e608556d9fd','\'\'',NULL,221177),('2_Friday','11','09:00','15:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_26b16e36ec7e3a3901857e608556d9fd','\'\'',NULL,221178),('2_Friday','12','09:00','15:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_26b16e36ec7e3a3901857e608556d9fd','\'\'',NULL,221179),('2_Friday','13','09:00','15:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_26b16e36ec7e3a3901857e608556d9fd','\'\'',NULL,221180),('2_Friday','14','09:00','15:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_26b16e36ec7e3a3901857e608556d9fd','\'\'',NULL,221181),('2_Friday','15','09:00','15:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_26b16e36ec7e3a3901857e608556d9fd','\'\'',NULL,221182),('3_Saturday','09','09:00','16:59','N','CON','','\'Darknet-NG\'','\' \'','CON_65036694101369bf599bb346d27d9248','\'Title: Darknet-NG
\nWhen: Saturday, Aug 7, 09:00 - 16:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/238249
\n\'',NULL,221183),('3_Saturday','10','09:00','16:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_65036694101369bf599bb346d27d9248','\'\'',NULL,221184),('3_Saturday','11','09:00','16:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_65036694101369bf599bb346d27d9248','\'\'',NULL,221185),('3_Saturday','12','09:00','16:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_65036694101369bf599bb346d27d9248','\'\'',NULL,221186),('3_Saturday','13','09:00','16:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_65036694101369bf599bb346d27d9248','\'\'',NULL,221187),('3_Saturday','14','09:00','16:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_65036694101369bf599bb346d27d9248','\'\'',NULL,221188),('3_Saturday','15','09:00','16:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_65036694101369bf599bb346d27d9248','\'\'',NULL,221189),('3_Saturday','16','09:00','16:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_65036694101369bf599bb346d27d9248','\'\'',NULL,221190),('4_Sunday','09','09:00','23:59','N','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'Title: Darknet-NG
\nWhen: Sunday, Aug 8, 09:00 - 23:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/238249\n

warning, end time is suspect, must confirm *

\n\n\'',NULL,221191),('4_Sunday','10','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221192),('4_Sunday','11','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221193),('4_Sunday','12','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221194),('4_Sunday','13','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221195),('4_Sunday','14','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221196),('4_Sunday','15','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221197),('4_Sunday','16','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221198),('4_Sunday','17','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221199),('4_Sunday','18','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221200),('4_Sunday','19','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221201),('4_Sunday','20','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221202),('4_Sunday','21','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221203),('4_Sunday','22','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221204),('4_Sunday','23','09:00','23:59','Y','CON','','\'Darknet-NG\'','\' \'','CON_7638286176b78e280a6de77355711ed2','\'\'',NULL,221205),('2_Friday','06','06:00','11:59','N','CON','','\'DEF CON Bike Ride \'','\' \'','CON_f8aa93b6dd03ea750bcc797d57cabee2','\'Title: DEF CON Bike Ride
\nWhen: Friday, Aug 6, 06:00 - 11:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236418
\n\'',NULL,221206),('2_Friday','07','06:00','11:59','Y','CON','','\'DEF CON Bike Ride \'','\' \'','CON_f8aa93b6dd03ea750bcc797d57cabee2','\'\'',NULL,221207),('2_Friday','08','06:00','11:59','Y','CON','','\'DEF CON Bike Ride \'','\' \'','CON_f8aa93b6dd03ea750bcc797d57cabee2','\'\'',NULL,221208),('2_Friday','09','06:00','11:59','Y','CON','','\'DEF CON Bike Ride \'','\' \'','CON_f8aa93b6dd03ea750bcc797d57cabee2','\'\'',NULL,221209),('2_Friday','10','06:00','11:59','Y','CON','','\'DEF CON Bike Ride \'','\' \'','CON_f8aa93b6dd03ea750bcc797d57cabee2','\'\'',NULL,221210),('2_Friday','11','06:00','11:59','Y','CON','','\'DEF CON Bike Ride \'','\' \'','CON_f8aa93b6dd03ea750bcc797d57cabee2','\'\'',NULL,221211),('2_Friday','17','17:00','19:59','N','CON','','\'EFF Tech Trivia\'','\' \'','CON_99aab44a3ee8c07cd4818b155eeefb50','\'Title: EFF Tech Trivia
\nWhen: Friday, Aug 6, 17:00 - 19:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236425\n

This event will be streamed to Twitch with chat in Discord. \n

Twitch: https://www.twitch.tv/efflive\n

#ce-eff-tech-trivia-text: https://discord.com/channels/708208267699945503/711644552573747350/\n

\n\'',NULL,221212),('2_Friday','18','17:00','19:59','Y','CON','','\'EFF Tech Trivia\'','\' \'','CON_99aab44a3ee8c07cd4818b155eeefb50','\'\'',NULL,221213),('2_Friday','19','17:00','19:59','Y','CON','','\'EFF Tech Trivia\'','\' \'','CON_99aab44a3ee8c07cd4818b155eeefb50','\'\'',NULL,221214),('2_Friday','11','11:00','12:15','N','CLV','','\'Cloud Village CTF\'','\' \'','CLV_3f4585e24a241761ed45d1ea0bbc934b','\'Title: Cloud Village CTF
\nWhen: Friday, Aug 6, 11:00 - 12:15 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://cloud-village.org/
\n\'',NULL,221215),('2_Friday','12','11:00','12:15','Y','CLV','','\'Cloud Village CTF\'','\' \'','CLV_3f4585e24a241761ed45d1ea0bbc934b','\'\'',NULL,221216),('2_Friday','07','07:00','12:15','N','CLV','','\'Cloud Village CTF - Registration\'','\' \'','CLV_00cd8b29e62ac5fa81ee542c64a5aecb','\'Title: Cloud Village CTF - Registration
\nWhen: Friday, Aug 6, 07:00 - 12:15 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://cloud-village.org/
\n\'',NULL,221217),('2_Friday','08','07:00','12:15','Y','CLV','','\'Cloud Village CTF - Registration\'','\' \'','CLV_00cd8b29e62ac5fa81ee542c64a5aecb','\'\'',NULL,221218),('2_Friday','09','07:00','12:15','Y','CLV','','\'Cloud Village CTF - Registration\'','\' \'','CLV_00cd8b29e62ac5fa81ee542c64a5aecb','\'\'',NULL,221219),('2_Friday','10','07:00','12:15','Y','CLV','','\'Cloud Village CTF - Registration\'','\' \'','CLV_00cd8b29e62ac5fa81ee542c64a5aecb','\'\'',NULL,221220),('2_Friday','11','07:00','12:15','Y','CLV','','\'Cloud Village CTF - Registration\'','\' \'','CLV_00cd8b29e62ac5fa81ee542c64a5aecb','\'\'',NULL,221221),('2_Friday','12','07:00','12:15','Y','CLV','','\'Cloud Village CTF - Registration\'','\' \'','CLV_00cd8b29e62ac5fa81ee542c64a5aecb','\'\'',NULL,221222),('2_Friday','14','14:00','15:59','N','ASV','','\'AIAA CubeSat Hacking Workshop - Virtual Lab #2\'','\' \'','ASV_926687255e08f89fdd7ce6a7a77e2fc1','\'Title: AIAA CubeSat Hacking Workshop - Virtual Lab #2
\nWhen: Friday, Aug 6, 14:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nDEF CON participants will be able to interact with CubeSat hardware and ground equipment in cybersecurity sandbox environment.\n

For more information, please see https://aerospacevillage.org/events/upcoming-events/def-con-29/aiaa-cubesat-hacking-workshop/\n

\n\'',NULL,221223),('2_Friday','15','14:00','15:59','Y','ASV','','\'AIAA CubeSat Hacking Workshop - Virtual Lab #2\'','\' \'','ASV_926687255e08f89fdd7ce6a7a77e2fc1','\'\'',NULL,221224),('3_Saturday','11','11:30','12:59','N','ASV','','\'AIAA CubeSat Hacking Workshop - Virtual Lab #3\'','\' \'','ASV_c53bf459154c1caff6b86c01e53ecc35','\'Title: AIAA CubeSat Hacking Workshop - Virtual Lab #3
\nWhen: Saturday, Aug 7, 11:30 - 12:59 PDT
\nWhere: See Description
\n
\nDescription:
\nDEF CON participants will be able to interact with CubeSat hardware and ground equipment in cybersecurity sandbox environment.\n

For more information, please see https://aerospacevillage.org/events/upcoming-events/def-con-29/aiaa-cubesat-hacking-workshop/\n

\n\'',NULL,221225),('3_Saturday','12','11:30','12:59','Y','ASV','','\'AIAA CubeSat Hacking Workshop - Virtual Lab #3\'','\' \'','ASV_c53bf459154c1caff6b86c01e53ecc35','\'\'',NULL,221226),('3_Saturday','14','14:00','15:59','N','ASV','','\'AIAA CubeSat Hacking Workshop - Virtual Lab #4\'','\' \'','ASV_fae42fb2a51a2806142241cd0f0e3a08','\'Title: AIAA CubeSat Hacking Workshop - Virtual Lab #4
\nWhen: Saturday, Aug 7, 14:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nDEF CON participants will be able to interact with CubeSat hardware and ground equipment in cybersecurity sandbox environment.\n

For more information, please see https://aerospacevillage.org/events/upcoming-events/def-con-29/aiaa-cubesat-hacking-workshop/\n

\n\'',NULL,221227),('3_Saturday','15','14:00','15:59','Y','ASV','','\'AIAA CubeSat Hacking Workshop - Virtual Lab #4\'','\' \'','ASV_fae42fb2a51a2806142241cd0f0e3a08','\'\'',NULL,221228),('2_Friday','09','09:30','10:30','N','LBV','','\'Bypass 101\'','\'\'','LBV_4d6e86d1bb14cb4706c8837c97e75408','\'Title: Bypass 101
\nWhen: Friday, Aug 6, 09:30 - 10:30 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221229),('2_Friday','10','09:30','10:30','Y','LBV','','\'Bypass 101\'','\'\'','LBV_4d6e86d1bb14cb4706c8837c97e75408','\'\'',NULL,221230),('2_Friday','10','10:30','11:30','N','LBV','','\'Tools 101\'','\'\'','LBV_2191585ef8c3b62f6b0a2916352516a9','\'Title: Tools 101
\nWhen: Friday, Aug 6, 10:30 - 11:30 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221231),('2_Friday','11','10:30','11:30','Y','LBV','','\'Tools 101\'','\'\'','LBV_2191585ef8c3b62f6b0a2916352516a9','\'\'',NULL,221232),('2_Friday','11','11:30','12:30','N','LBV','','\'Intro to RFID Hacking\'','\'\'','LBV_ad952b4a9c04d58120bc77bc98d4a23b','\'Title: Intro to RFID Hacking
\nWhen: Friday, Aug 6, 11:30 - 12:30 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221233),('2_Friday','12','11:30','12:30','Y','LBV','','\'Intro to RFID Hacking\'','\'\'','LBV_ad952b4a9c04d58120bc77bc98d4a23b','\'\'',NULL,221234),('2_Friday','13','13:30','14:30','N','LBV','','\'Alarm Bypass\'','\'\'','LBV_36560055fe39348cb382a271e8a00e16','\'Title: Alarm Bypass
\nWhen: Friday, Aug 6, 13:30 - 14:30 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221235),('2_Friday','14','13:30','14:30','Y','LBV','','\'Alarm Bypass\'','\'\'','LBV_36560055fe39348cb382a271e8a00e16','\'\'',NULL,221236),('2_Friday','16','16:00','17:59','N','LBV','','\'Expoiting Retail Security with Tiktok\'s Hacker Community\'','\'\'','LBV_2f4e9aed3ea5dc1df633866ff734f5e2','\'Title: Expoiting Retail Security with Tiktok\'s Hacker Community
\nWhen: Friday, Aug 6, 16:00 - 17:59 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221237),('2_Friday','17','16:00','17:59','Y','LBV','','\'Expoiting Retail Security with Tiktok\'s Hacker Community\'','\'\'','LBV_2f4e9aed3ea5dc1df633866ff734f5e2','\'\'',NULL,221238),('3_Saturday','10','10:00','10:30','N','LBV','','\'Bypass 101\'','\'\'','LBV_dbdc38fa481baeca1c42c14866cd7e0a','\'Title: Bypass 101
\nWhen: Saturday, Aug 7, 10:00 - 10:30 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221239),('3_Saturday','11','11:00','11:59','N','LBV','','\'Bypassing Retail Security Tags\'','\'\'','LBV_fa17d4e213a2863d047184de631f9544','\'Title: Bypassing Retail Security Tags
\nWhen: Saturday, Aug 7, 11:00 - 11:59 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221240),('3_Saturday','12','12:00','12:59','N','LBV','','\'Tools 101 & Q&A\'','\'\'','LBV_8e9a876115994dafe03e9caf03158e4c','\'Title: Tools 101 & Q&A
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221241),('3_Saturday','13','13:00','14:30','N','LBV','','\'Electronic Warfare & Q&A\'','\'\'','LBV_93feff50144bd20ec43337c7e42747a6','\'Title: Electronic Warfare & Q&A
\nWhen: Saturday, Aug 7, 13:00 - 14:30 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221242),('3_Saturday','14','13:00','14:30','Y','LBV','','\'Electronic Warfare & Q&A\'','\'\'','LBV_93feff50144bd20ec43337c7e42747a6','\'\'',NULL,221243),('3_Saturday','14','14:30','15:59','N','LBV','','\'Alarm Bypass & Q&A\'','\'\'','LBV_95b7caf574c9de542123ab0ffbc0dd4b','\'Title: Alarm Bypass & Q&A
\nWhen: Saturday, Aug 7, 14:30 - 15:59 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221244),('3_Saturday','15','14:30','15:59','Y','LBV','','\'Alarm Bypass & Q&A\'','\'\'','LBV_95b7caf574c9de542123ab0ffbc0dd4b','\'\'',NULL,221245),('3_Saturday','16','16:30','16:59','N','LBV','','\'Bypass 101\'','\'\'','LBV_215bbf9cca7688f2d9ed63991bde38ca','\'Title: Bypass 101
\nWhen: Saturday, Aug 7, 16:30 - 16:59 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221246),('4_Sunday','14','14:00','14:30','N','LBV','','\'Bypass 101\'','\'\'','LBV_fb7b6cbcb72f9605b3b9f1ec7ac296f8','\'Title: Bypass 101
\nWhen: Sunday, Aug 8, 14:00 - 14:30 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221247),('4_Sunday','14','14:30','15:59','N','LBV','','\'Bypass Village Panel\'','\'\'','LBV_62b3c249cb5845b244087b5ad832c889','\'Title: Bypass Village Panel
\nWhen: Sunday, Aug 8, 14:30 - 15:59 PDT
\nWhere: Lock Bypass (Virtual)
\n
\nDescription:No Description available
\n
Lock Bypass Village will be streamed to Twitch.\n

\'',NULL,221248),('4_Sunday','15','14:30','15:59','Y','LBV','','\'Bypass Village Panel\'','\'\'','LBV_62b3c249cb5845b244087b5ad832c889','\'\'',NULL,221249),('1_Thursday','16','16:00','21:59','N','SOC','','\'Toxic BBQ\'','\' \'','SOC_e301db41524887c2271cbed64900f7b2','\'Title: Toxic BBQ
\nWhen: Thursday, Aug 5, 16:00 - 21:59 PDT
\nWhere: See Description
\n
\nDescription:
\nOff-site at Sunset Park, Pavilion F, (36.0636, -115.1178)\n

Communal Supply Run leaves at 1300 from Paris Info Booth near Reg\n

OR \n

Drop by the park and see how you can help. Here are things we always need: \n

More meat!\n
Ice\n
Chips and Sides\n
Drinks (soft and hard, no glass)\n
Grill volunteers\n
Clean-up volunteers

See #ToxicBBQ on Twitter\n

For more information, see https://forum.defcon.org/node/236426\n

Forums: https://forum.defcon.org/node/236426\n

History: https://media.defcon.org/DEF%20CON%2029/DEF%20CON%2029%20events/ToxicBBQ-History-Continuous.pdf\n

\n\'',NULL,221250),('1_Thursday','17','16:00','21:59','Y','SOC','','\'Toxic BBQ\'','\' \'','SOC_e301db41524887c2271cbed64900f7b2','\'\'',NULL,221251),('1_Thursday','18','16:00','21:59','Y','SOC','','\'Toxic BBQ\'','\' \'','SOC_e301db41524887c2271cbed64900f7b2','\'\'',NULL,221252),('1_Thursday','19','16:00','21:59','Y','SOC','','\'Toxic BBQ\'','\' \'','SOC_e301db41524887c2271cbed64900f7b2','\'\'',NULL,221253),('1_Thursday','20','16:00','21:59','Y','SOC','','\'Toxic BBQ\'','\' \'','SOC_e301db41524887c2271cbed64900f7b2','\'\'',NULL,221254),('1_Thursday','21','16:00','21:59','Y','SOC','','\'Toxic BBQ\'','\' \'','SOC_e301db41524887c2271cbed64900f7b2','\'\'',NULL,221255),('2_Friday','12','12:30','12:59','N','AIV','','\'Microsoft ML Security Evasion Competition Details\'','\'Hyrum Anderson\'','AIV_65d24110c821dc93bd63f1ec03eb3c14','\'Title: Microsoft ML Security Evasion Competition Details
\nWhen: Friday, Aug 6, 12:30 - 12:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Hyrum Anderson\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,221256),('4_Sunday','11','11:30','11:59','N','AIV','','\'Robustness of client-side scanning for illegal content detection on E2EE platforms\'','\'Shubham Jain\'','AIV_f0791ae1181b491994cea4e03a49e2f6','\'Title: Robustness of client-side scanning for illegal content detection on E2EE platforms
\nWhen: Sunday, Aug 8, 11:30 - 11:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Shubham Jain\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,221257),('4_Sunday','12','12:00','12:59','N','AIV','','\'Twitter Ethics Bug Bounty: Winners and Wrap-up\'','\'Rumman Chowdhury\'','AIV_6d65bcc84f1e64fbab9bfe4ab8244d6f','\'Title: Twitter Ethics Bug Bounty: Winners and Wrap-up
\nWhen: Sunday, Aug 8, 12:00 - 12:59 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Rumman Chowdhury\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

https://docs.google.com/forms/d/e/1FAIpQLSf06PkmQ1s_pAJ_L971Vm2nPXFtPUr1nut09GFZl3IuWxsfXQ/viewform\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,221258),('1_Thursday','07','07:00','19:59','N','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'Title: DEF CON Human Registration (Badge Pickup) Open
\nWhen: Thursday, Aug 5, 07:00 - 19:59 PDT
\nWhere: Paris DEF CON Registration Desk
\n
\nDescription:
\nStarting Thursday at 07:00 badge pickup will open and you can start the 2-step process. There is no need to rush, if you have purchased on-line your badge is reserved and there is no concern about them running out:\n

1st you will pass through the vaccination check line, providing whatever original documentation your health care provider or vaccination center gave you. It will be checked against your State issued ID to make sure the names match, the dates are good, and that enough time has passed for you to be fully vaccinated, etc. We will not record your ID or records. If all is good you will get a WRISTBAND you must wear during the con.\n

2nd Next you head to the badge pickup desks. There you will show your wristband and your in-person badge bar code and get it scanned. If the scan passes you get your Human reg pack.\n

Where to register / pick up badges: Paris, near the InfoBooth. Please find \"REGISTRATION\" on the provided DC29 floorplan (available in HackerTracker and online).\n

\n\'',NULL,221259),('1_Thursday','08','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221260),('1_Thursday','09','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221261),('1_Thursday','10','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221262),('1_Thursday','11','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221263),('1_Thursday','12','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221264),('1_Thursday','13','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221265),('1_Thursday','14','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221266),('1_Thursday','15','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221267),('1_Thursday','16','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221268),('1_Thursday','17','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221269),('1_Thursday','18','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221270),('1_Thursday','19','07:00','19:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) Open\'','\' \'','DC_a23a21237fb814efce74d1e8586e422c','\'\'',NULL,221271),('1_Thursday','18','18:00','18:59','N','SOC','','\'QueerCon Virtual Mixer\'','\'\'','SOC_4010ea4dd8c835cb74bd2a2f2b379c1b','\'Title: QueerCon Virtual Mixer
\nWhen: Thursday, Aug 5, 18:00 - 18:59 PDT
\nWhere: QueerCon (Discord)
\n
\nDescription:No Description available
\n
QueerCon activities will be conducted on Discord.\n

#queercon-text: https://discord.com/channels/708208267699945503/790382636979585094/\n

#queercon-voice: https://discord.com/channels/708208267699945503/790385381769609226\n

\'',NULL,221272),('2_Friday','16','16:00','17:59','N','SOC','','\'QueerCon Virtual Pool Party\'','\'\'','SOC_4593b28db395055ac6d3f5a436bc1981','\'Title: QueerCon Virtual Pool Party
\nWhen: Friday, Aug 6, 16:00 - 17:59 PDT
\nWhere: QueerCon (Discord)
\n
\nDescription:No Description available
\n
QueerCon activities will be conducted on Discord.\n

#queercon-text: https://discord.com/channels/708208267699945503/790382636979585094/\n

#queercon-voice: https://discord.com/channels/708208267699945503/790385381769609226\n

\'',NULL,221273),('2_Friday','17','16:00','17:59','Y','SOC','','\'QueerCon Virtual Pool Party\'','\'\'','SOC_4593b28db395055ac6d3f5a436bc1981','\'\'',NULL,221274),('3_Saturday','18','18:00','18:59','N','SOC','','\'QueerCon Virtual Chat Mixer\'','\'\'','SOC_03920bf222f0e4cbf1dda69d3fbdf249','\'Title: QueerCon Virtual Chat Mixer
\nWhen: Saturday, Aug 7, 18:00 - 18:59 PDT
\nWhere: QueerCon (Discord)
\n
\nDescription:No Description available
\n
QueerCon activities will be conducted on Discord.\n

#queercon-text: https://discord.com/channels/708208267699945503/790382636979585094/\n

#queercon-voice: https://discord.com/channels/708208267699945503/790385381769609226\n

\'',NULL,221275),('4_Sunday','11','11:30','12:30','N','SOC','','\'QueerCon End-of-Con Chat\'','\'\'','SOC_959cf23649acd87d4e412d0df51d6cab','\'Title: QueerCon End-of-Con Chat
\nWhen: Sunday, Aug 8, 11:30 - 12:30 PDT
\nWhere: QueerCon (Discord)
\n
\nDescription:No Description available
\n
QueerCon activities will be conducted on Discord.\n

#queercon-text: https://discord.com/channels/708208267699945503/790382636979585094/\n

#queercon-voice: https://discord.com/channels/708208267699945503/790385381769609226\n

\'',NULL,221276),('4_Sunday','12','11:30','12:30','Y','SOC','','\'QueerCon End-of-Con Chat\'','\'\'','SOC_959cf23649acd87d4e412d0df51d6cab','\'\'',NULL,221277),('2_Friday','10','10:00','10:59','N','RGV','','\'Top 10 BOGUS Biometrics!\'','\'Vic Harkness\'','RGV_c17c446922f21b391b7e434c5ad3e177','\'Title: Top 10 BOGUS Biometrics!
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: Rogues Village (Virtual)
\n
SpeakerBio:Vic Harkness\n
\nVic is a Security Consultant at F-Secure Consulting who can commonly be found talking about something weird. She has previously spoken at conferences about defeating facial recognition systems, ATM malware, and future attacks on connected/autonomous vehicles. She holds a Bachelor\'s degree in Robotics & Artificial Intelligence and a Master\'s degree in Cyber Security, which she believes qualifies her to talk about a range of completely unrelated topics.
\nTwitter: @VicHarkness
\nhttps://vicharkness.co.uk/
\n\n
\nDescription:
\nEvery now and then, you come across an article. Top 10 WILDEST biometrics! Number 5 will SHOCK YOU. Iâ€™ve seen them too. But, these articles never go beyond the surface. Theyâ€™ll tell you that buttholes are a viable biometric modality, but rarely provide a source to these claims. This talk describes the results of me delving into the dark hole of weird biometrics. Come learn about how legit clickbait modalities actually are, or where the disinformation may have come from. Or maybe you\'ll learn about the hot new biometrics that you\'ll be seeing in the future- You\'ll have to watch to find out!\n

This talk will go live on Twitch: https://www.twitch.tv/roguesvillage\n

\n\'',NULL,221278),('2_Friday','14','14:00','14:30','N','RGV','','\'The Neuroscience of Magic (Registration required)\'','\'Daniel Roy\'','RGV_b9e573d6ab87f7fed8f297eb20536813','\'Title: The Neuroscience of Magic (Registration required)
\nWhen: Friday, Aug 6, 14:00 - 14:30 PDT
\nWhere: Rogues Village (Virtual)
\n
SpeakerBio:Daniel Roy\n
\nBorn and raised in San Francisco, Daniel was firmly bitten by the magic bug at the age of 10. Since then, he has appeared at the world-famous Hollywood Magic Castle and the prestigious Chicago Magic Lounge. His audiences have included Fortune 500 Companies, Hollywood actors, and members of the U.S. Congress. In 2019, he became one of the youngest magicians ever to receive the Milbourne Christopher award for Close-Up Magician of the Year.
\n\n
\nDescription:
\nPresented via Zoom. Space is limited so please register here:\n

\n\'',NULL,221279),('3_Saturday','12','12:00','12:59','N','RGV','','\'Twitter Q&A regarding Top 10 BOGUS Biometrics!\'','\'Vic Harkness\'','RGV_59769d71d5b1a227fd272fa9b64461be','\'Title: Twitter Q&A regarding Top 10 BOGUS Biometrics!
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: Rogues Village (Virtual)
\n
SpeakerBio:Vic Harkness\n
\nVic is a Security Consultant at F-Secure Consulting who can commonly be found talking about something weird. She has previously spoken at conferences about defeating facial recognition systems, ATM malware, and future attacks on connected/autonomous vehicles. She holds a Bachelor\'s degree in Robotics & Artificial Intelligence and a Master\'s degree in Cyber Security, which she believes qualifies her to talk about a range of completely unrelated topics.
\nTwitter: @VicHarkness
\nhttps://vicharkness.co.uk/
\n\n
\nDescription:
\nThe talk can be found on our our Twitch channel (https://www.twitch.tv/roguesvillage) after 10am, Friday August 6. Post questions you have for her about her talk on Twitter with the hashtag #BogusBio and tag her (@VicHarkness) or us (@RoguesVillage). Starting at 12pm PDT she will post replies and answers to your questions, as well as additional fun facts and details that didnâ€™t make it into the talk.
\n\'',NULL,221280),('2_Friday','12','12:30','13:10','N','CPV','','\'CPV Through the Looking-Glass: How to Backdoor Diffie-Hellman (DC 24)\'','\'\'','CPV_3b586c3c2ac2d9225e8c18ca0efac5b1','\'Title: CPV Through the Looking-Glass: How to Backdoor Diffie-Hellman (DC 24)
\nWhen: Friday, Aug 6, 12:30 - 13:10 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:No Description available
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,221281),('2_Friday','13','12:30','13:10','Y','CPV','','\'CPV Through the Looking-Glass: How to Backdoor Diffie-Hellman (DC 24)\'','\'\'','CPV_3b586c3c2ac2d9225e8c18ca0efac5b1','\'\'',NULL,221282),('2_Friday','15','15:30','16:30','N','CPV','','\'CPV Through the Looking-Glass: Adversarial Fashion (DC 27)\'','\'\'','CPV_a2bff295a486fdf374470783f5c164e5','\'Title: CPV Through the Looking-Glass: Adversarial Fashion (DC 27)
\nWhen: Friday, Aug 6, 15:30 - 16:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:No Description available
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,221283),('2_Friday','16','15:30','16:30','Y','CPV','','\'CPV Through the Looking-Glass: Adversarial Fashion (DC 27)\'','\'\'','CPV_a2bff295a486fdf374470783f5c164e5','\'\'',NULL,221284),('3_Saturday','10','10:00','11:30','N','CPV','','\'CPV Through the Looking-Glass: Cryptography Codes and Secret Writing (DC 26)\'','\'\'','CPV_c76b0dd872b27a1566c47cb63feca7d8','\'Title: CPV Through the Looking-Glass: Cryptography Codes and Secret Writing (DC 26)
\nWhen: Saturday, Aug 7, 10:00 - 11:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:No Description available
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,221285),('3_Saturday','11','10:00','11:30','Y','CPV','','\'CPV Through the Looking-Glass: Cryptography Codes and Secret Writing (DC 26)\'','\'\'','CPV_c76b0dd872b27a1566c47cb63feca7d8','\'\'',NULL,221286),('3_Saturday','12','12:30','13:15','N','CPV','','\'CPV Through the Looking-Glass: Cryptanalysis in the Time of Ransomware (DC 25)\'','\'\'','CPV_c4ce86bd3b38367104203eed8439eab0','\'Title: CPV Through the Looking-Glass: Cryptanalysis in the Time of Ransomware (DC 25)
\nWhen: Saturday, Aug 7, 12:30 - 13:15 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:No Description available
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,221287),('3_Saturday','13','12:30','13:15','Y','CPV','','\'CPV Through the Looking-Glass: Cryptanalysis in the Time of Ransomware (DC 25)\'','\'\'','CPV_c4ce86bd3b38367104203eed8439eab0','\'\'',NULL,221288),('3_Saturday','15','15:00','15:30','N','CPV','','\'CPV Through the Looking-Glass: Hacking on Multi-Party Computation (DC 25)\'','\'\'','CPV_4a59a2a460ec37c96a4c18fb8f623307','\'Title: CPV Through the Looking-Glass: Hacking on Multi-Party Computation (DC 25)
\nWhen: Saturday, Aug 7, 15:00 - 15:30 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:No Description available
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,221289),('4_Sunday','10','10:00','10:35','N','CPV','','\'CPV Through the Looking-Glass: Cicada (DC 26)\'','\'\'','CPV_076c856e0d9686d8455b5d07fcea3099','\'Title: CPV Through the Looking-Glass: Cicada (DC 26)
\nWhen: Sunday, Aug 8, 10:00 - 10:35 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:No Description available
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

\'',NULL,221290),('4_Sunday','10','10:35','13:59','N','CPV','','\'CPV Through the Looking-Glass: CPV Day 3 (DC 28)\'','\'\'','CPV_df78295961d0fab04e389fba6c9dfa8d','\'Title: CPV Through the Looking-Glass: CPV Day 3 (DC 28)
\nWhen: Sunday, Aug 8, 10:35 - 13:59 PDT
\nWhere: Crypto & Privacy Village (Virtual)
\n
\nDescription:No Description available
\n
Crypto & Privacy Village will be streaming their events to YouTube and Twitch.\n

https://soundcloud.com/abstrct/saturday-morning-quarantoons-ep46\nhttps://imgur.com/m5Jcql2
\nhttps://twitter.com/Abstr_ct
\nhttps://www.twitch.tv/abstr_ct\n

\'',NULL,221291),('4_Sunday','11','10:35','13:59','Y','CPV','','\'CPV Through the Looking-Glass: CPV Day 3 (DC 28)\'','\'\'','CPV_df78295961d0fab04e389fba6c9dfa8d','\'\'',NULL,221292),('4_Sunday','12','10:35','13:59','Y','CPV','','\'CPV Through the Looking-Glass: CPV Day 3 (DC 28)\'','\'\'','CPV_df78295961d0fab04e389fba6c9dfa8d','\'\'',NULL,221293),('4_Sunday','13','10:35','13:59','Y','CPV','','\'CPV Through the Looking-Glass: CPV Day 3 (DC 28)\'','\'\'','CPV_df78295961d0fab04e389fba6c9dfa8d','\'\'',NULL,221294),('2_Friday','11','11:30','11:59','N','BCV','','\'BCOS Village Contest Overview\'','\'Reddcoin\'','BCV_b3a05439430a05ca8537596f79d7b109','\'Title: BCOS Village Contest Overview
\nWhen: Friday, Aug 6, 11:30 - 11:59 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Reddcoin\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,221295),('2_Friday','12','12:00','12:30','N','BCV','','\'Polyswarm Talk\'','\'Kevin Leffew\'','BCV_d6bde3a7c8d92400fbe16ce280d43624','\'Title: Polyswarm Talk
\nWhen: Friday, Aug 6, 12:00 - 12:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Kevin Leffew\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,221296),('2_Friday','14','14:30','15:59','N','BCV','','\'Workshop - Decentralized Cloud\'','\'\'','BCV_09cd5d966354ed51dbb728f02276a1bc','\'Title: Workshop - Decentralized Cloud
\nWhen: Friday, Aug 6, 14:30 - 15:59 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,221297),('2_Friday','15','14:30','15:59','Y','BCV','','\'Workshop - Decentralized Cloud\'','\'\'','BCV_09cd5d966354ed51dbb728f02276a1bc','\'\'',NULL,221298),('3_Saturday','11','11:30','11:59','N','BCV','','\'Tryptich Talk\'','\'Sarang Noether, Ph.D.\'','BCV_c2a8e1080077ef59ff395c9fad490e05','\'Title: Tryptich Talk
\nWhen: Saturday, Aug 7, 11:30 - 11:59 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Sarang Noether, Ph.D.\n
\nSarang Noether is a researcher who focuses on privacy-preserving cryptographic constructions and protocols.
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,221299),('3_Saturday','13','13:00','13:30','N','BCV','','\'Certified Ethereum Professional (CEP) Overview\'','\'Abstrct\'','BCV_26777964f80862ea9dd77bbaa9ab072c','\'Title: Certified Ethereum Professional (CEP) Overview
\nWhen: Saturday, Aug 7, 13:00 - 13:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Abstrct\n
\nAbstrct has spent his quarantine bringing dirty progressive and dancey funk to your living rooms, kitchens, patios, and pools each weekend, but holy heck is he ready to bring the party back to DEF CON proper.\n

\nTwitter: @Abstr_ct
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,221300),('3_Saturday','14','14:00','14:59','N','BCV','','\'EIP-1559 Panel\'','\'\'','BCV_4a41cf35acff7f710d9e1f32a411e037','\'Title: EIP-1559 Panel
\nWhen: Saturday, Aug 7, 14:00 - 14:59 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,221301),('4_Sunday','10','10:15','11:30','N','BCV','','\'Surviving DeFi: How to Prevent Economic Attacks\'','\'Jan Gorzny\'','BCV_a12d3ad00e99dad48db08616d0480af2','\'Title: Surviving DeFi: How to Prevent Economic Attacks
\nWhen: Sunday, Aug 8, 10:15 - 11:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\n
SpeakerBio:Jan Gorzny\n, Senior Blockchain Researcher at QuantStamp
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,221302),('4_Sunday','11','10:15','11:30','Y','BCV','','\'Surviving DeFi: How to Prevent Economic Attacks\'','\'Jan Gorzny\'','BCV_a12d3ad00e99dad48db08616d0480af2','\'\'',NULL,221303),('4_Sunday','11','11:30','12:30','N','BCV','','\'Breaking Future Crypto Custody\'','\'Mehow Powers,Chris Odom\'','BCV_14cfc8556a1a7b200844c020e876155b','\'Title: Breaking Future Crypto Custody
\nWhen: Sunday, Aug 8, 11:30 - 12:30 PDT
\nWhere: Blockchain Village / Paris Vendome B
\nSpeakers:Mehow Powers,Chris Odom
\n
SpeakerBio:Mehow Powers\n
\nNo BIO available
\n
SpeakerBio:Chris Odom\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
This content will be presented live and in-person.
\'',NULL,221304),('4_Sunday','12','11:30','12:30','Y','BCV','','\'Breaking Future Crypto Custody\'','\'Mehow Powers,Chris Odom\'','BCV_14cfc8556a1a7b200844c020e876155b','\'\'',NULL,221305),('4_Sunday','09','09:00','20:59','N','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'Title: Chillout Lounges
\nWhen: Sunday, Aug 8, 09:00 - 20:59 PDT
\nWhere: See Description
\nSpeakers:DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris
\n
SpeakerBio:DJ Pie & Darren\n
\nNo BIO available
\n
SpeakerBio:Louigi Verona\n
\nNo BIO available
\n
SpeakerBio:Merin MC\n
\nNo BIO available
\n
SpeakerBio:s1gns of l1fe\n
\nNo BIO available
\n
SpeakerBio:Mixmaster Morris\n
\nNo BIO available
\n\n
\nDescription:
\nThere are two onsite chillout lounges available: Bally\'s Silver Ballroom, and Paris Concorde A.\n

There will be chill music playing:\n

09:00-12:00 DJ Pie & Darren
\n12:00-12:40 s1gns of l1fe
\n12:40-13:30 Louigi Verona
\n14:30-16:10 Mixmaster Morris
\n16:10-Close Merin MC\n

You can also watch the chill room stream on Twitch.\n

\n\'',NULL,221306),('4_Sunday','10','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221307),('4_Sunday','11','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221308),('4_Sunday','12','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221309),('4_Sunday','13','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221310),('4_Sunday','14','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221311),('4_Sunday','15','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221312),('4_Sunday','16','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221313),('4_Sunday','17','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221314),('4_Sunday','18','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221315),('4_Sunday','19','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221316),('4_Sunday','20','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'DJ Pie & Darren,Louigi Verona,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_8c5a16eb8a25c7da6ee2d6ab22567adf','\'\'',NULL,221317),('3_Saturday','09','09:00','20:59','N','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'Title: Chillout Lounges
\nWhen: Saturday, Aug 7, 09:00 - 20:59 PDT
\nWhere: See Description
\nSpeakers:djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf
\n
SpeakerBio:djdead\n
\nNo BIO available
\n
SpeakerBio:DJ Pie & Darren\n
\nNo BIO available
\n
SpeakerBio:kampf\n
\nNo BIO available
\n
SpeakerBio:Rusty Hodge\n
\nNo BIO available
\n
SpeakerBio:Merin MC\n
\nNo BIO available
\n
SpeakerBio:Brian Behlendorf\n
\nNo BIO available
\n\n
\nDescription:
\nThere are two onsite chillout lounges available: Bally\'s Silver Ballroom, and Paris Concorde A.\n

There will be chill music playing:\n

09:00-12:00 DJ Pie & Darren
\n12:00-13:30 kampf
\n13:30-15:00 Merin MC & Rusty
\n15:00-18:00 Brian Behlendorf
\n19:00-21:00 djdead\n

You can also watch the chill room stream on Twitch.\n

\n\'',NULL,221318),('3_Saturday','10','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221319),('3_Saturday','11','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221320),('3_Saturday','12','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221321),('3_Saturday','13','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221322),('3_Saturday','14','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221323),('3_Saturday','15','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221324),('3_Saturday','16','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221325),('3_Saturday','17','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221326),('3_Saturday','18','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221327),('3_Saturday','19','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221328),('3_Saturday','20','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Merin MC,Brian Behlendorf\'','DC_4cdca960d9b31763df5e4d6e1fc044bd','\'\'',NULL,221329),('2_Friday','09','09:00','20:59','N','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'Title: Chillout Lounges
\nWhen: Friday, Aug 6, 09:00 - 20:59 PDT
\nWhere: See Description
\nSpeakers:djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris
\n
SpeakerBio:djdead\n
\nNo BIO available
\n
SpeakerBio:DJ Pie & Darren\n
\nNo BIO available
\n
SpeakerBio:kampf\n
\nNo BIO available
\n
SpeakerBio:Merin MC\n
\nNo BIO available
\n
SpeakerBio:s1gns of l1fe\n
\nNo BIO available
\n
SpeakerBio:Mixmaster Morris\n
\nNo BIO available
\n\n
\nDescription:
\nThere are two onsite chillout lounges available: Bally\'s Silver Ballroom, and Paris Concorde A.\n

There will be chill music playing:\n

09:00-12:00 DJ Pi & Darren
\n12:00-12:40 s1gns of l1fe
\n12:40-14:20 Mixmaster Morris
\n14:30-17:00 kampf
\n17:00-18:30 Merin MC
\n18:30-21:00 djdead\n

You can also watch the chill room stream on Twitch.\n

[4] https://web.archive.org/web/20160120152007/http://cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/\"\n

\n\'',NULL,221330),('2_Friday','10','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221331),('2_Friday','11','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221332),('2_Friday','12','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221333),('2_Friday','13','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221334),('2_Friday','14','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221335),('2_Friday','15','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221336),('2_Friday','16','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221337),('2_Friday','17','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221338),('2_Friday','18','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221339),('2_Friday','19','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221340),('2_Friday','20','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Merin MC,s1gns of l1fe,Mixmaster Morris\'','DC_e512d164bd05563c9bc86b79825a9cef','\'\'',NULL,221341),('1_Thursday','12','12:00','11:59','N','RFV','','\'Using UAV in Military Zone Areas by GPS Spoofing with RF Devices\'','\'Mehmet Onder Key\'','RFV_49f21f1478719dfdef66e417149bfad8','\'Title: Using UAV in Military Zone Areas by GPS Spoofing with RF Devices
\nWhen: Thursday, Aug 5, 12:00 - 11:59 PDT
\nWhere: Radio Frequency Village (Virtual)
\n
SpeakerBio:Mehmet Onder Key\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk has been released on YouTube.\n

YouTube: https://www.youtube.com/watch?v=yQ2lrUJ5a04\n

\n
Radio Frequency Village will not be streaming any talks, but they will be making talks available on their YouTube channel.\n

YouTube: https://youtube.com/c/RFHackersSanctuary\n

\'',NULL,221342),('1_Thursday','12','12:00','11:59','N','RFV','','\'Assless Chaps: a novel combination of prior work to crack MSCHAPv2, fast (or why MSCHAPv2 is so broken, itâ€™s showing itâ€™s whole ass)\'','\'singe,cablethief\'','RFV_44662d612bf7c6e927ca2111c74c0415','\'Title: Assless Chaps: a novel combination of prior work to crack MSCHAPv2, fast (or why MSCHAPv2 is so broken, itâ€™s showing itâ€™s whole ass)
\nWhen: Thursday, Aug 5, 12:00 - 11:59 PDT
\nWhere: Radio Frequency Village (Virtual)
\nSpeakers:singe,cablethief
\n
SpeakerBio:singe\n
\nNo BIO available
\n
SpeakerBio:cablethief\n
\nNo BIO available
\n\n
\nDescription:
\n\"Cracking intercepted MSCHAPv2 challenge/response pairs from Wi-Fi or VPN attacks has long been known to be possible. However, unless the underlying cleartext password was common, this can take frustratingly long. Especially, for at-the-same-time attacks like the auto-crack-and-add we proposed in 2014 [1]. Weâ€™ll combine some prior work and release tooling to show how even extremely large hashlists can be run through in seconds.\n

MSCHAPv2 has several weaknesses, the first is that one doesnâ€™t need the clear-text password, as merely having the MD4 hash (aka NT hash) of the password is good enough to prove to either a client or authenticator you know the password. This means we can use a technique proposed in 2020 by Sam Croley called hash shucking [2] to use large NT hash lists such as the Have I Been Pwned set [3] to determine the NT hash used in the exchange. We\'ll go through the theory of MSCHAPv2, why the NT hash is useful and how to use it, as well as how hashcat modes for cracking it were developed.\n

The second weakness relates to the work done by Moxie Marlinspike and David Hulton in 2012 [4] where they found that because MSCHAPv2 breaks the NT hash into three parts, and pads the last two bytes with NULLs, its trivially easy to brute force this part (the ass). Then a brute force of the first two parts is performed using only a single DES round by iterating the entire DES keyspace with an FPGA. However, most of us still donâ€™t have our own MSCHAPv2 cracking FPGA rigs, and this attack isnâ€™t widely available or practical. Instead, if we limit our input hashlist to only those with the matching last two bytes, we can perform a far more efficient hash shucking attack against the exchange. We\'ll go through the theory of MSCHAPv2 in use here and the optimisations devised with an associated tool.\n

Finally, weâ€™ll end on why we think MSCHAPv2 needs to finally die the death it has so deserved for so long.\n

[1] https://sensepost.com/blog/2015/improvements-in-rogue-ap-attacks-mana-1%2F2/ and DEF CON 22 - Dominic White and Ian de Villiers - Manna from Heaven https://youtu.be/i2-jReLBSVk?t=1380\n

[2] DEF CON Safe Mode: Password Village - Sam Croley: What the Shuck? Layered Hash Shucking https://www.youtube.com/watch?v=OQD3qDYMyYQ\n

[3] https://haveibeenpwned.com/Passwords\n

This talk has been released on YouTube.\n

YouTube: https://www.youtube.com/watch?v=lm7Cuktpnb4\n

\n
Radio Frequency Village will not be streaming any talks, but they will be making talks available on their YouTube channel.\n

YouTube: https://youtube.com/c/RFHackersSanctuary\n

\'',NULL,221343),('1_Thursday','12','12:00','11:59','N','RFV','','\'RF Propagation and Visualization with DragonOS\'','\'cemaxecuter\'','RFV_032bc3a8dd2e47ffb59724aa006d51fc','\'Title: RF Propagation and Visualization with DragonOS
\nWhen: Thursday, Aug 5, 12:00 - 11:59 PDT
\nWhere: Radio Frequency Village (Virtual)
\n
SpeakerBio:cemaxecuter\n
\nNo BIO available
\n\n
\nDescription:
\n\"Today\'s presentation will start with a brief history of DragonOS, where it started and where it\'s at today. After a short introduction, I\'ll dive into the subject of visualizing RF propagation with DragonOS. I\'ll be showing a fresh OS install and the necessary steps to generate a rough estimate of a transmitter based on SRTM-3 elevation data, as well as a new feature enabling visualization/calculations of the path between transmitter and receiver . \n

Topics and hands on (pre-recorded) demonstrations will include the following,\n

SPLAT! is an RF Signal Propagation, Loss, And Terrain analysis tool for the electromagnetic spectrum between 20 MHz and 20 GHz.
Signal Server Multi-threaded RF coverage calculator
Dr. Bill Walker\'s role
Signal Server and DragonOS integration
DF-Aggregator Developer / Modifications for visualization

Iâ€™ll conclude talking about future improvements to RF propagation and visualization tools.\"\n

This talk has been released on YouTube.\n

YouTube: https://www.youtube.com/watch?v=49RVycafF54\n

\n
Radio Frequency Village will not be streaming any talks, but they will be making talks available on their YouTube channel.\n

YouTube: https://youtube.com/c/RFHackersSanctuary\n

\'',NULL,221344),('2_Friday','14','14:00','17:59','N','BTV','','\'MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part1\'','\'Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges\'','BTV_d8e43b01cac190e6d5bb04735053c159','\'Title: MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part1
\nWhen: Friday, Aug 6, 14:00 - 17:59 PDT
\nWhere: Blue Team Village - Workshop Track 1 (Virtual)
\nSpeakers:Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges
\n
SpeakerBio:Cat Self\n, Lead Cyber Adversarial Engineer â€“ The MITRE Corporation
\nCat Self is a Lead Cyber Adversarial Engineer working on MITRE ATT&CK® and ATT&CK Evaluations teams at MITRE. Cat previously worked at Target as a red team operator, threat hunter, and developer. Cat is an Army Military Intelligence veteran with a passion for mentorship, hiking in foreign lands, and finding opportunities to give back.
\n
SpeakerBio:plug\n
\nPlug started his journey in computer security back in 1996 when he discovered a 2600 magazine that eventually lead him to his first LA2600 meeting in 1998. From that point forward, he has been involved in computer security. Plug currently leads the Threat Hunting Program for a Fortune 20 organization. In his free time he enjoys building Legos, playing with synthesizers, and when possible, he volunteers his time to computer security events.
\n
SpeakerBio:Ben Bornholm\n
\nBen (@CptOfEvilMinion) is not new to creating workshops as this is his second time creating a DEFCON workshop, yet he has never actually been to DEFCON in person! Ben crafted his whimsical presenting style from being President of RITâ€™s security club previously known as RC3.\n

During the day Ben fights off cyber criminals as a DART engineer at Dropbox.com. At night Ben is the author of his blog HoldMyBeerSecurity.com where he discusses topics in security that interest him such as incident response, threat hunting, Osquery, and DevSecOps.\n

\nTwitter: @CptOfEvilMinion
\n
SpeakerBio:Tilottama Sanyal\n
\nTilottama Sanyal (wildphish) has a degree in Information technology from India and has almost 8 years of combined experience across DevOps and Cybersecurity. She holds certifications like the GCIH and currently works as an Incident Response Team member at Verizon Media (Yahoo!). Her areas of expertise include risk assessments, vulnerability analysis, and incident response. Her current interests include threat hunting and this is her first-ever workshop.
\nTwitter: @wildphish
\n
SpeakerBio:Dan Borges\n
\nA core member of the National CCDC red team and a director for the Global CPTC. Recently wrote a book on deception applied to infosec and attack-defense competitions: https://ahhh.github.io/Cybersecurity-Tradecraft/
\n\n
\nDescription:
\n\nThe Hunt for Red Apples workshop guides participants through emulation walkthroughs, hunting playbooks, & hunting exercises around an Ocean Lotus intrusion, an established threat actor targeting macOS. The workshop is broken into sections using both the attack lifecycle & Mitre ATT&CK knowledge base.\n

For each phase in the attack live cycle participants learn about one particular tactic, relevant macOS data sources, how to build a hunting plan, practice hunting, & how the red team emulated the tactic using open source intelligence.\n

This workshop is a resource on how to threat hunt, emulate, & use open source threat intelligence on a specific threat actor.\n

The Hunt for Red Apples workshop guides participants through emulation walkthroughs, hunting playbooks, and hunting exercises around an Ocean Lotus intrusion, an established threat actor targeting macOS. The workshop is broken into sections using both the attack lifecycle and Mitre ATT&CK knowledge base. For each phase in the attack live cycle participants learn about one particular tactic, relevant macOS data sources, how to build a hunting plan, practice hunting, and how the red team emulated the tactic using open source intelligence.\n

The objective of this workshop is to provide a balanced approach that showcases both hunting and adversary actions. This workshop is a resource on how to threat hunt, emulate, and use open source threat intelligence on a specific threat actor.\n

The Hunt for Red Apples workshop is broken into two four hour sessions over two days. As a bonus, we are releasing a second data set for a different scenario on day two for more advanced hunters with no playbooks or walkthroughs. Participants will get to test their macOS Threat Hunting skills! And it\'s all FREE!\n

\n\'',NULL,221345),('2_Friday','15','14:00','17:59','Y','BTV','','\'MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part1\'','\'Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges\'','BTV_d8e43b01cac190e6d5bb04735053c159','\'\'',NULL,221346),('2_Friday','16','14:00','17:59','Y','BTV','','\'MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part1\'','\'Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges\'','BTV_d8e43b01cac190e6d5bb04735053c159','\'\'',NULL,221347),('2_Friday','17','14:00','17:59','Y','BTV','','\'MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part1\'','\'Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges\'','BTV_d8e43b01cac190e6d5bb04735053c159','\'\'',NULL,221348),('3_Saturday','14','14:00','15:30','N','BTV','','\'BTV Presents: Forensics Station - Workshop 1\'','\'Omenscan\'','BTV_dd3c08a6bbc08f9eb4f037cec3652fbc','\'Title: BTV Presents: Forensics Station - Workshop 1
\nWhen: Saturday, Aug 7, 14:00 - 15:30 PDT
\nWhere: Blue Team Village - Workshop Track 2 (Virtual)
\n
SpeakerBio:Omenscan\n
\nI do stuff. Sometimes it works.
\n\n
\nDescription:
\n\nForensics Station - Workshop 1
\nA walkthrough of triaging \"compromised\" Capstone servers.\n

In this workshop we will walk through a quick forensic triage of the \"compromised\" BTV Capstone servers.\n

Capstone is a Blue Team Village initiative to build and attack servers (and workstations) in a controlled environment, using common attacker techniques and tools in a safe way. We then use common Blue Team defender tools to gather information and review those machines, in order to train defenders on detecting, handling, and understanding common attacks.\n

This is the forensics workshop, and it will cover forensic triage. It\'s goal is to quickly answer some basic questions like:\n

Did Something Happen?
\n If So, When Did it Happen?
\n What Artifacts Can Help Us?
\n What Forensic Tools Can Help Us?
\n What Should We Look at Next?\n

The Capstone Project will provide the Telemetry and Artifacts to the community so they can use their own tools to explore the data and share findings. We encourage everyone at every level to participate and share findings - so everyone can learn and collaborate.\n

\n\'',NULL,221349),('3_Saturday','15','14:00','15:30','Y','BTV','','\'BTV Presents: Forensics Station - Workshop 1\'','\'Omenscan\'','BTV_dd3c08a6bbc08f9eb4f037cec3652fbc','\'\'',NULL,221350),('3_Saturday','14','14:00','17:59','N','BTV','','\'MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part 2\'','\'Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges\'','BTV_bf41a73a2666bf651a0bea894f316723','\'Title: MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part 2
\nWhen: Saturday, Aug 7, 14:00 - 17:59 PDT
\nWhere: Blue Team Village - Workshop Track 1 (Virtual)
\nSpeakers:Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges
\n
SpeakerBio:Cat Self\n, Lead Cyber Adversarial Engineer â€“ The MITRE Corporation
\nCat Self is a Lead Cyber Adversarial Engineer working on MITRE ATT&CK® and ATT&CK Evaluations teams at MITRE. Cat previously worked at Target as a red team operator, threat hunter, and developer. Cat is an Army Military Intelligence veteran with a passion for mentorship, hiking in foreign lands, and finding opportunities to give back.
\n
SpeakerBio:plug\n
\nPlug started his journey in computer security back in 1996 when he discovered a 2600 magazine that eventually lead him to his first LA2600 meeting in 1998. From that point forward, he has been involved in computer security. Plug currently leads the Threat Hunting Program for a Fortune 20 organization. In his free time he enjoys building Legos, playing with synthesizers, and when possible, he volunteers his time to computer security events.
\n
SpeakerBio:Ben Bornholm\n
\nBen (@CptOfEvilMinion) is not new to creating workshops as this is his second time creating a DEFCON workshop, yet he has never actually been to DEFCON in person! Ben crafted his whimsical presenting style from being President of RITâ€™s security club previously known as RC3.\n

This workshop is a resource on how to threat hunt, emulate, & use open source threat intelligence on a specific threat actor.\n

\n\'',NULL,221351),('3_Saturday','15','14:00','17:59','Y','BTV','','\'MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part 2\'','\'Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges\'','BTV_bf41a73a2666bf651a0bea894f316723','\'\'',NULL,221352),('3_Saturday','16','14:00','17:59','Y','BTV','','\'MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part 2\'','\'Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges\'','BTV_bf41a73a2666bf651a0bea894f316723','\'\'',NULL,221353),('3_Saturday','17','14:00','17:59','Y','BTV','','\'MacOs Workshop - Hunt for Red Apples: Ocean Lotus Edition Part 2\'','\'Cat Self,plug,Ben Bornholm,Tilottama Sanyal,Dan Borges\'','BTV_bf41a73a2666bf651a0bea894f316723','\'\'',NULL,221354),('4_Sunday','13','13:30','13:59','N','BTV','','\'BTV Closing Ceremony\'','\'\'','BTV_6c8fa68141c8c03bc67ded4ee82a8384','\'Title: BTV Closing Ceremony
\nWhen: Sunday, Aug 8, 13:30 - 13:59 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
\nDescription:No Description available
\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,221355),('4_Sunday','12','12:30','12:59','N','BTV','','\'Year of Mentoring: BTVâ€™s Meet-a-Mentor Turns One\'','\'muteki\'','BTV_d8571466e08f608f2eca2809f3833a44','\'Title: Year of Mentoring: BTVâ€™s Meet-a-Mentor Turns One
\nWhen: Sunday, Aug 8, 12:30 - 12:59 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\n
SpeakerBio:muteki\n
\nmuteki is the Meet-a-Mentor Lead as well as a director of Blue Team Village, a not-for-profit organization bringing free Blue Team talks, workshops and more to the broader InfoSec community.
\n\n
\nDescription:
\nBlue Team Village\'s Meet-a-Mentor program turns 1 year old at DEF CON 29! Join us as we share all the work we\'ve done and what we\'ve learned in the past year, and also listen to three mentor-mentee matches share their experiences with us.\n

Visit https://www.blueteamvillage.org/meet-a-mentor/ for more info on the program.\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,221356),('4_Sunday','10','10:00','10:59','N','BTV','','\'BTV Presents: Threat Report Roulette\'','\'Blind Hacker JoeB,Will Thomas,Ricky Banda,Karan Aditya Ghoshal,Danny D. Henderson Jr,Christopher Russell,Jorge Orchilles,Ch33r10\'','BTV_88ac6935942526ff40b9b7f807b479a3','\'Title: BTV Presents: Threat Report Roulette
\nWhen: Sunday, Aug 8, 10:00 - 10:59 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\nSpeakers:Blind Hacker JoeB,Will Thomas,Ricky Banda,Karan Aditya Ghoshal,Danny D. Henderson Jr,Christopher Russell,Jorge Orchilles,Ch33r10
\n
SpeakerBio:Blind Hacker JoeB\n
\nThe Blind Hacker is an InfoSec enthusiast, mentor, coach, pentester, hacker, and more. He regularly mentors online through streams and online communities. He frequently volunteers time on workplace development for others, gives resume reviews, job advice, and coaches people into the roles they want with mock interviews. As a person with a disability, or who is differently-abled, he has never let it slow him down.
\nTwitter: @TheBlindHacker
\n
SpeakerBio:Will Thomas\n
\nWill Thomas is a security researcher at Cyjax, a UK-based Cyber Threat Intelligence vendor. In his spare time, he offers his OSINT skills to work missing persons cases with the NCPTF and is a board member of the Curated Intelligence trust group. Will graduated with a BSc (Hons) in Computer and Information Security from the University of Plymouth.
\nTwitter: @BushidoToken
\n
SpeakerBio:Ricky Banda\n
\nRicky Banda is a Incident Commander for the Amazon Security Incident Response Team. He is a SANS MSISE Graduate Student, with over a dozen industry certifications and featured author in Tribe of Hackers: Blue Team Edition. He has over a decade of experience in Security Operations and Incident Response working in both Public and Private sectors.
\nTwitter: @teck923
\n
SpeakerBio:Karan Aditya Ghoshal\n
\nKaran Aditya Ghoshal is a CTI Analyst at a Big Four cybersecurity firm. He is currently pursuing his Bachelors in Computer Science Engineering at Manav Rachna University.
\nTwitter: @0xDISREL
\n
SpeakerBio:Danny D. Henderson Jr\n
\nDanny Henderson Jr. is a USAF veteran who is now an expat working as a Senior Cybersecurity Analyst at SecureWorks in Romania. He is a graduate of Capitol Technology University with MSc in Cyber and Information Security, six GIAC certifications in DFIR and Offensive Security.
\nTwitter: @B4nd1t0_
\n
SpeakerBio:Christopher Russell\n
\nChristopher Russell is the Head of Information Security for tZERO Group Inc. He has a Masters Degree in Cybersecurity and numerous certifications and experience in cloud security, endpoint detection and response, SIEM and blockchain. He is a combat Veteran of the US Army, where he was a human intelligence (HUMINT) collector who graduated from the Defense Language Institute, for Arabic.\n
\nTwitter: @cr00ster
\n
SpeakerBio:Jorge Orchilles\n
\nJorge Orchilles is the Chief Technology Officer of SCYTHE, co-creator of the C2 Matrix project, and author of the Purple Team Exercise Framework. He is a SANS Certified Instructor and the author of Security 564: Red Team Exercises and Adversary Emulation.
\nTwitter: @jorgeorchilles
\n
SpeakerBio:Ch33r10\n
\nXena Olsen, @ch33r10, is a Senior Cybersecurity Analyst at a Fortune 500 Company. She is a graduate of SANS Womenâ€™s Academy with eight GIAC certifications, an MBA in IT management, and a doctoral student in cybersecurity at Marymount University.
\nTwitter: @ch33r10
\n\n
\nDescription:
\n\nFollow along as we spin the Threat Report Roulette Wheel and provide rapid fire responses to how we would create actionable takeaways from the publicly available, TLP: White Threat Reports. Pick up some tips and tricks to up your game!\nCheck out our Github with links to the reports: https://github.com/ch33r10/DEFCON29-BTV-ThreatReportRoulette\nhttps://bit.ly/DC29Roulette\n

Threat Report Roulette will not discuss normal (BAU) CTI actions, such as searching the logs for hits on the IOCs or entering the IOCs into a Threat Intelligence Platform (TIP) or other alerting platform. Instead, the participants will focus on pivoting, TTPs, and how they would take the contents in the Threat Report to the NEXT LEVEL! When the Panelists respond to the threat reports, they are operating under the assumption that they performed the preliminary analysis and deemed the threat report relevant to their environment. The purpose of this assumption is to decrease the amount of debate on whether or not something is relevant to get to the part of the analysis that involves extracting actionable takeaways.\n

Spin the Threat Report Roulette Wheel - Link\n Moderator calls on Participant.
\n Participant is in the Hot Seat:\n

\n        15 seconds to organize their thoughts.\n        1-5 minutes to share their thoughts on how they would get value out of the report.\n    Panelists\' input:\n        3-5 minutes to share their insights as a group. Quick commentary that is short, sweet, rapid-fire, direct, and to the point!\n

Rinse & Repeat!
\n Check out our Github with links to the reports: https://github.com/ch33r10/DEFCON29-BTV-ThreatReportRoulette\n https://bit.ly/DC29Roulette\n

\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,221357),('4_Sunday','11','11:15','12:15','N','BTV','','\'BTV Presents: Welcome to #IRLIFE. A live IR TableTop Panel\'','\'Clay (ttheveii0x),plug,Ch33r10,Bassem Helmy,Wayland,O\'Shea (sirmudbl00d),Ben (Innismir),Tino aka Paladin316,Neumann (aka scsideath)\'','BTV_1c2c28071acfc45cdbcd8f78164b0b3a','\'Title: BTV Presents: Welcome to #IRLIFE. A live IR TableTop Panel
\nWhen: Sunday, Aug 8, 11:15 - 12:15 PDT
\nWhere: Blue Team Village - Main Track (Virtual)
\nSpeakers:Clay (ttheveii0x),plug,Ch33r10,Bassem Helmy,Wayland,O\'Shea (sirmudbl00d),Ben (Innismir),Tino aka Paladin316,Neumann (aka scsideath)
\n
SpeakerBio:Clay (ttheveii0x)\n
\nClay is a cyber threat intelligence and malware analysis manager at a consulting company.
\nTwitter: @ttheveii0x
\n
SpeakerBio:plug\n
\nPlug started his journey in computer security back in 1996 when he discovered a 2600 magazine that eventually lead him to his first LA2600 meeting in 1998. From that point forward, he has been involved in computer security. Plug currently leads the Threat Hunting Program for a Fortune 20 organization. In his free time he enjoys building Legos, playing with synthesizers, and when possible, he volunteers his time to computer security events.
\n
SpeakerBio:Ch33r10\n
\nXena Olsen, @ch33r10, is a Senior Cybersecurity Analyst at a Fortune 500 Company. She is a graduate of SANS Womenâ€™s Academy with eight GIAC certifications, an MBA in IT management, and a doctoral student in cybersecurity at Marymount University.
\nTwitter: @ch33r10
\n
SpeakerBio:Bassem Helmy\n
\nCyber Security Professional with over eleven (11) years of experience with corporates and multinational organizations throughout the Middle East.\nAwarded Penetration Tester of the Year 2016 from EC-Council Foundation InfoSec Tech & Exec.\nArea of Expertise:\n

â€¢ Penetration Testing, Red Teaming, and Covert Operations\nâ€¢ ICS / SCADA Security Assessment
\nâ€¢ Threat Hunting Operations
\nâ€¢ Incident Response
\nâ€¢ Vulnerability Management and Security Assessment\n

\nTwitter: @bh3lmy
\n
SpeakerBio:Wayland\n
\nWayland is a cyber security practitioner with more than a decade of experience performing incident response in a variety of organizational environments. He has contributed to response efforts for multiple significant matters over the years and of late is focused on mentoring and leading the next wave of incident response professionals.
\nTwitter: @notx11
\n
SpeakerBio:O\'Shea (sirmudbl00d)\n
\nO\'Shea Bowens is a cyber security enthusiast with 12years of experience. He is the founder and CEO of Null Hat Security which offers consulting services and addresses the cyber workforce shortage with skills and gap assessments in a custom built cyber arena. He is knowledgeable in the areas of digital forensics & incident response, threat hunting, cloud security, security analytics, security program management and architecture.
\nTwitter: @SirMuDbl00d
\n
SpeakerBio:Ben (Innismir)\n
\nBen is a security practitioner with over 15 years of hands on cyber security experience. Since 2011, Ben has been a CSIRT lead for a Fortune 500 company. In his spare time, he enjoys being a husband and dad, messing around with computers, VoIP, analog telephones, amateur radio, and generally pressing anything with a button on it. Ben was the lead author for Asterisk Hacking from Syngress Publishing, has spoken at various industry conferences, and has been featured on the BBC, New York Times, and CNET. Ben also strongly dislikes writing about himself in the third person.
\nTwitter: @innismir
\n
SpeakerBio:Tino aka Paladin316\n
\nTino has over 25 years experience in Cyber Security. His work experience spans diverse industries, a world-renowned children\'s hospital, a world leading Energy Company, an enterprise application service provider, a fortune 100 global manufacturing company, and a Global Financial Services Institution. His primary experience involves developing and implementing processes for Cyber Threat Hunting, Malware Analysis/Reverse Engineering, Digital Forensics/Incident Response (DFIR), and Purple Teaming. In addition, his favorite hobby is doing Cyber Security Research. He says he would do this job for free, but don\'t tell anyone.
\nTwitter: @Paladin3161
\n
SpeakerBio:Neumann (aka scsideath)\n
\nNeumann Lim is a senior manager at Deloitte where he leads the development of the services, strategies and methodologies on cyber detection and incident response. With more than 14 years of infosec experience, he has coordinated national incident responses across multiple industries. Prior to this role, Neumann spent several years working with large enterprises and governments specializing in incident response.
\nTwitter: @cybersyrupblog
\n\n
\nDescription:
\nIn this live table top, a group of panelist will be asked for their opinion on how to deal with a fictitious security incident as it unfolds. Live audience will be encourage to submit questions. Regardless of your skill level, this fun panel will take you in a day in IRLIFE!
\n
Blue Team Village talks will be streamed to Twitch.\n

--\n

\'',NULL,221358),('4_Sunday','12','11:15','12:15','Y','BTV','','\'BTV Presents: Welcome to #IRLIFE. A live IR TableTop Panel\'','\'Clay (ttheveii0x),plug,Ch33r10,Bassem Helmy,Wayland,O\'Shea (sirmudbl00d),Ben (Innismir),Tino aka Paladin316,Neumann (aka scsideath)\'','BTV_1c2c28071acfc45cdbcd8f78164b0b3a','\'\'',NULL,221359),('3_Saturday','20','20:00','21:59','N','CON','','\'Drunk Hacker History\'','\' \'','CON_6806d538bb65ed5e9b7afcebac163c32','\'Title: Drunk Hacker History
\nWhen: Saturday, Aug 7, 20:00 - 21:59 PDT
\nWhere: See Description
\n
\nDescription:
\nThis event will be held in Track 1 / Bally\'s Platinum Ballroom. This event was rescheduled from 22:00 to 20:00.\n

Twitter: https://twitter.com/drunkhackerhist?lang=en\n

\n\'',NULL,221360),('3_Saturday','21','20:00','21:59','Y','CON','','\'Drunk Hacker History\'','\' \'','CON_6806d538bb65ed5e9b7afcebac163c32','\'\'',NULL,221361),('1_Thursday','09','09:00','20:59','N','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'Title: Chillout Lounges
\nWhen: Thursday, Aug 5, 09:00 - 20:59 PDT
\nWhere: See Description
\nSpeakers:djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC
\n
SpeakerBio:djdead\n
\nNo BIO available
\n
SpeakerBio:DJ Pie & Darren\n
\nNo BIO available
\n
SpeakerBio:kampf\n
\nNo BIO available
\n
SpeakerBio:Rusty Hodge\n
\nNo BIO available
\n
SpeakerBio:Louigi Verona\n
\nNo BIO available
\n
SpeakerBio:Merin MC\n
\nNo BIO available
\n\n
\nDescription:
\nThere are two onsite chillout lounges available: Bally\'s Silver Ballroom, and Paris Concorde A.\n

There will be chill music playing:\n

09:00-12:00 DJ Pi & Darren
\n12:00-13:30 kampf
\n13:30-16:00 Rusty Hodge
\n16:00-16:51ish Louigi Verona
\n17:30 Merin MC
\n19:00-21:00 djdead\n

You can also watch the chill room stream on Twitch.\n

\n\'',NULL,221362),('1_Thursday','10','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221363),('1_Thursday','11','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221364),('1_Thursday','12','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221365),('1_Thursday','13','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221366),('1_Thursday','14','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221367),('1_Thursday','15','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221368),('1_Thursday','16','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221369),('1_Thursday','17','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221370),('1_Thursday','18','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221371),('1_Thursday','19','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221372),('1_Thursday','20','09:00','20:59','Y','DC','','\'Chillout Lounges\'','\'djdead,DJ Pie & Darren,kampf,Rusty Hodge,Louigi Verona,Merin MC\'','DC_bc6cb75e3c5bc063e4ef3bd34f0c806e','\'\'',NULL,221373),('2_Friday','12','12:00','12:59','N','CAHV','','\'F**k You, Pay Me - Knowing your worth and getting paid\'','\'Alyssa Miller,Liana McCrea\'','CAHV_b6a75f842b2a3b3c3c041f75e2c8212f','\'Title: F**k You, Pay Me - Knowing your worth and getting paid
\nWhen: Friday, Aug 6, 12:00 - 12:59 PDT
\nWhere: Career Hacking Village (Talk)
\nSpeakers:Alyssa Miller,Liana McCrea
\n
SpeakerBio:Alyssa Miller\n
\nNo BIO available
\n
SpeakerBio:Liana McCrea\n
\nNo BIO available
\n\n
\nDescription:
\nIn any job search, youâ€™ll no doubt be asked some variation of the inevitable question, â€œWhat are your salary expectations?â€ For many this question induces anxiety. What should I get paid? Whatâ€™s a fair salary? It can be a hard question of how to maximize earnings without pricing ourselves out of a potential role. Then the offer comes and itâ€™s less than you asked for. Can you negotiate, should you negotiate, how should you negotiate for better compensation? What other things like bonuses, time off, benefits, etc. are on the table? Letâ€™s talk about real-world strategies for knowing your worth in each job you apply for, how to position yourself for getting the pay you deserve, and considerations to account for in the negotiation process. Youâ€™ll hear about lessons learned that every job seeker should be aware of before submitting that first application or sending in a resume. The discussion will even cover how to know when what your prospective employer is saying is a legitimate constraint versus posturing for negotiating purposes. Ultimately, youâ€™ll walk away ready to go into your next job search with the same bravado as Paulie from Goodfellas and be ready to tell them â€œF**k you, pay meâ€. \n

This talk will be available on YouTube: https://www.youtube.com/watch?v=F6I6O-3LCUc\n

\n
Career Hacking Village content will be available on YouTube.\n

YouTube: https://youtube.com/careerhackingvillage\n

\'',NULL,221374),('2_Friday','13','13:00','13:59','N','CAHV','','\'Hacking Your Career: The Options\'','\'Chris Sperry,Deb Herrity,Jennifer Haverman\'','CAHV_89fccc4aeadce252f9f1bc40c0554f61','\'Title: Hacking Your Career: The Options
\nWhen: Friday, Aug 6, 13:00 - 13:59 PDT
\nWhere: Career Hacking Village (Talk)
\nSpeakers:Chris Sperry,Deb Herrity,Jennifer Haverman
\n
SpeakerBio:Chris Sperry\n
\nNo BIO available
\n
SpeakerBio:Deb Herrity\n
\nNo BIO available
\n
SpeakerBio:Jennifer Haverman\n
\nNo BIO available
\n\n
\nDescription:
\nOne common theme in the community: a lack of understanding over what jobs exist in the career field that encompasses Infosec, Information Assurance, Cyber Security, and related fields; and what itâ€™s like to work and live in them. Whatâ€™s right for you; what career path you create: there is no â€œrightâ€ answer or limits: knowing the options and leveraging your â€œwhyâ€ will help guide your way. This presentation abstract proposes a small panel of sages, diverse on purpose, with those that have a combination of career experience in government, military, industry sharing their career path experiences; their â€œwhysâ€ of where they worked and why they are where they are now; but with the focus on giving attendees ideas and options they might not have considered before. \n

This talk will be available on YouTube: https://www.youtube.com/watch?v=T4r2ZpEUjJs\n

\n
Career Hacking Village content will be available on YouTube.\n

YouTube: https://youtube.com/careerhackingvillage\n

\'',NULL,221375),('2_Friday','14','14:00','14:59','N','CAHV','','\'Making the Leap - Changing Careers\'','\'Danyelle Davis\'','CAHV_2a4a78a5a5490b0dab19f6c0aadce62e','\'Title: Making the Leap - Changing Careers
\nWhen: Friday, Aug 6, 14:00 - 14:59 PDT
\nWhere: Career Hacking Village (Talk)
\n
SpeakerBio:Danyelle Davis\n
\nNo BIO available
\n\n
\nDescription:
\nCyber Security, Research, H4x0r, or that stuff in the place with the thing. Regardless of what you call it, many people end up here after starting down a different career path. I was one of those people. I found myself, a 26 year old, black, female, manual software tester with learning disabilities, in an automated world. I refused to be stuck in a dead end job for the rest of my life. I decided it was time for a switch. Like any transition - some things worked well and some needed improvement. My challenges in maintaining one career while transitioning to another can provide insights as you plan your own. \n

This talk will be available on YouTube: https://www.youtube.com/watch?v=0mFw0fXia58\n

\n
Career Hacking Village content will be available on YouTube.\n

YouTube: https://youtube.com/careerhackingvillage\n

\'',NULL,221376),('2_Friday','15','15:00','15:59','N','CAHV','','\'This Job Ad Sucks\'','\'Kirsten Renner\'','CAHV_aa07b948108cc557ef87f7aa1d258345','\'Title: This Job Ad Sucks
\nWhen: Friday, Aug 6, 15:00 - 15:59 PDT
\nWhere: Career Hacking Village (Talk)
\n
SpeakerBio:Kirsten Renner\n
\nNo BIO available
\n\n
\nDescription:
\nI\'m mostly kidding, but not really. I have taught managers for years how to write better descriptions and candidates how to write better resumes, and I will continue to do that. I even spoke at multiple conferences over the last few years for that purpose. But the key is to have a way of getting around and through bad descriptions (and other road blocks), because I don\'t think we can ever really fix that problem completely. In other words, even though those obstacles exist and likely always will, there are ways to get through it, and that is what I will be presenting. In the same way that a poorly written resume is not a fair depiction of the potential a candidate has to offer, it just take a bit of coaching and, well, hacking, to get around road blocks in the system to make good matches between the opportunities and talent. This presentation isnâ€™t going to offer a solution to making employers do a better job advertising for and determining the best fits for their openings - there\'s plenty of content out there for them to do that. It will however tell [the candidates] how to make it through bad descriptions, as well as less than effective interviewers and maybe it will even help them see the light! Looking for a job is an engineering problem. Gather the requirements, do some QA, launch (get out there) and keep updating! \n

This talk will be available on YouTube: https://www.youtube.com/watch?v=6GvuhfzvQGE\n

\n
Career Hacking Village content will be available on YouTube.\n

YouTube: https://youtube.com/careerhackingvillage\n

\'',NULL,221377),('3_Saturday','12','12:00','12:59','N','CAHV','','\'National Service Panel\'','\'Amelie Koran,Elizabeth Schweinsberg,Joe Billingsley,Teri Williams\'','CAHV_b9d0ff872405056304fddb74378f7a95','\'Title: National Service Panel
\nWhen: Saturday, Aug 7, 12:00 - 12:59 PDT
\nWhere: Career Hacking Village (Talk)
\nSpeakers:Amelie Koran,Elizabeth Schweinsberg,Joe Billingsley,Teri Williams
\n
SpeakerBio:Amelie Koran\n, Senior Technology Advocate, Splunk
\nNo BIO available
\n
SpeakerBio:Elizabeth Schweinsberg\n
\nNo BIO available
\n
SpeakerBio:Joe Billingsley\n
\nNo BIO available
\n
SpeakerBio:Teri Williams\n
\nNo BIO available
\n\n
\nDescription:
\nWhat background do you need to work with different federal agencies? Which ones have authorities for enforcing regulations, protecting different areas, or engaging adversaries? How do you get hired into the organization? Whether someone is just entering the workforce or wants to consider the options as part of career planning, our panel helps provide the insights and answer the questions you have. We draw from the US Digital Service, DHS CISA, NASA, Marine Corps Cyber Auxiliary, NSA, and other federal agencies. Join us on the Defcon Forums and let us know what questions you have for our panel. \n

This talk will be available on YouTube: https://www.youtube.com/watch?v=PqLEFsaFWes\n

\n
Career Hacking Village content will be available on YouTube.\n

YouTube: https://youtube.com/careerhackingvillage\n

\'',NULL,221378),('3_Saturday','13','13:00','13:59','N','CAHV','','\'Selling Yourself as a Security Professional\'','\'Preston Pierce\'','CAHV_07adf8ed2697564b76f60d93e88417f4','\'Title: Selling Yourself as a Security Professional
\nWhen: Saturday, Aug 7, 13:00 - 13:59 PDT
\nWhere: Career Hacking Village (Talk)
\n
SpeakerBio:Preston Pierce\n
\nNo BIO available
\n\n
\nDescription:
\nWhat is the key to advancing your career in cybersecurity? The answer is SALES. No, you don\'t have to go make cold calls worry about CAN-SPAM laws, but you need to learn how to sell yourself. Many security professionals treat the industry like a chess tournament, expecting the most skilled player to come out on top and relying on skills alone to make the difference. This is not the reality of the world we live in. Most estimates say over half of jobs are filled through networking. Sometimes, who you know will matter as much as what you know in seeking a job. Leave the job boards and online postings and learn from one who has spent a decade in cybersecurity in recruiting (including running a cybersecurity recruiting agency) and sales how best to sell yourself for your next career move. This is going to be a tactical, practical discussion. How do you approach finding a new role from an outbound vs. inbound approach? What are the best places to put yourself out there in the market? What does it really mean to network to find your next job? How can you create a pipeline of job opportunities? Join to learn how to create more demand for YOU in the marketplace, find more job opportunities, and become a sought after person in our industry. \n

This talk will be available on YouTube: https://www.youtube.com/watch?v=9EA1DtgTrbU\n

\n
Career Hacking Village content will be available on YouTube.\n

YouTube: https://youtube.com/careerhackingvillage\n

\'',NULL,221379),('3_Saturday','14','14:00','14:59','N','CAHV','','\'Career Hacking: Tips and Tricks to Making the Most of your Career\'','\'Andy Piazza\'','CAHV_b34e9af24682c741cc06a08e278aaf81','\'Title: Career Hacking: Tips and Tricks to Making the Most of your Career
\nWhen: Saturday, Aug 7, 14:00 - 14:59 PDT
\nWhere: Career Hacking Village (Talk)
\n
SpeakerBio:Andy Piazza\n
\nNo BIO available
\n\n
\nDescription:
\nAt some point in your infosec career, youâ€™ll hit a point of â€œnow what?â€. You may experience this as soon as you land your first role, or youâ€™ll experience it as a seasoned veteran of the field. There are plenty of talks out there now for â€œgetting into infosecâ€, but where is the advice for managing and maintaining a career? This is my attempt to fill that gap. This talk will discuss several key areas for building an awesome career, including actionable takeaways for becoming a better analyst, teammate, and leader. Most importantly, Iâ€™ll break down the How and Why behind each concept presented and include specific examples based on real experiences. \n

This talk will be available on YouTube: https://www.youtube.com/watch?v=oozqj7axNYM\n

\n
Career Hacking Village content will be available on YouTube.\n

YouTube: https://youtube.com/careerhackingvillage\n

\'',NULL,221380),('3_Saturday','12','12:00','15:59','N','CAHV','','\'Resume Reviewing\'','\'\'','CAHV_0be212a682e95fee39e1a21831f40973','\'Title: Resume Reviewing
\nWhen: Saturday, Aug 7, 12:00 - 15:59 PDT
\nWhere: Career Hacking Village (Virtual)
\n
\nDescription:No Description available
\n
This item requires that attendee sign up for an available time slot. Please see this link for more information: https://www.careerhackingvillage.net/signup.php\n
\'',NULL,221381),('3_Saturday','13','12:00','15:59','Y','CAHV','','\'Resume Reviewing\'','\'\'','CAHV_0be212a682e95fee39e1a21831f40973','\'\'',NULL,221382),('3_Saturday','14','12:00','15:59','Y','CAHV','','\'Resume Reviewing\'','\'\'','CAHV_0be212a682e95fee39e1a21831f40973','\'\'',NULL,221383),('3_Saturday','15','12:00','15:59','Y','CAHV','','\'Resume Reviewing\'','\'\'','CAHV_0be212a682e95fee39e1a21831f40973','\'\'',NULL,221384),('3_Saturday','12','12:00','15:59','N','CAHV','','\'Career Coaching\'','\'\'','CAHV_1aac564758c74dbd803d87cd31e633c3','\'Title: Career Coaching
\nWhen: Saturday, Aug 7, 12:00 - 15:59 PDT
\nWhere: Career Hacking Village (Virtual)
\n
\nDescription:No Description available
\n
This item requires that attendee sign up for an available time slot. Please see this link for more information: https://www.careerhackingvillage.net/signup.php\n
\'',NULL,221385),('3_Saturday','13','12:00','15:59','Y','CAHV','','\'Career Coaching\'','\'\'','CAHV_1aac564758c74dbd803d87cd31e633c3','\'\'',NULL,221386),('3_Saturday','14','12:00','15:59','Y','CAHV','','\'Career Coaching\'','\'\'','CAHV_1aac564758c74dbd803d87cd31e633c3','\'\'',NULL,221387),('3_Saturday','15','12:00','15:59','Y','CAHV','','\'Career Coaching\'','\'\'','CAHV_1aac564758c74dbd803d87cd31e633c3','\'\'',NULL,221388),('2_Friday','12','12:00','15:59','N','CAHV','','\'Resume Reviewing\'','\'\'','CAHV_30192b2a4fc06d01e83d8e522ced56e1','\'Title: Resume Reviewing
\nWhen: Friday, Aug 6, 12:00 - 15:59 PDT
\nWhere: Career Hacking Village (Virtual)
\n
\nDescription:No Description available
\n
This item requires that attendee sign up for an available time slot. Please see this link for more information: https://www.careerhackingvillage.net/signup.php\n
\'',NULL,221389),('2_Friday','13','12:00','15:59','Y','CAHV','','\'Resume Reviewing\'','\'\'','CAHV_30192b2a4fc06d01e83d8e522ced56e1','\'\'',NULL,221390),('2_Friday','14','12:00','15:59','Y','CAHV','','\'Resume Reviewing\'','\'\'','CAHV_30192b2a4fc06d01e83d8e522ced56e1','\'\'',NULL,221391),('2_Friday','15','12:00','15:59','Y','CAHV','','\'Resume Reviewing\'','\'\'','CAHV_30192b2a4fc06d01e83d8e522ced56e1','\'\'',NULL,221392),('2_Friday','12','12:00','15:59','N','CAHV','','\'Career Coaching\'','\'\'','CAHV_2bf854217473ad2242cf2983bf7064d5','\'Title: Career Coaching
\nWhen: Friday, Aug 6, 12:00 - 15:59 PDT
\nWhere: Career Hacking Village (Virtual)
\n
\nDescription:No Description available
\n
This item requires that attendee sign up for an available time slot. Please see this link for more information: https://www.careerhackingvillage.net/signup.php\n
\'',NULL,221393),('2_Friday','13','12:00','15:59','Y','CAHV','','\'Career Coaching\'','\'\'','CAHV_2bf854217473ad2242cf2983bf7064d5','\'\'',NULL,221394),('2_Friday','14','12:00','15:59','Y','CAHV','','\'Career Coaching\'','\'\'','CAHV_2bf854217473ad2242cf2983bf7064d5','\'\'',NULL,221395),('2_Friday','15','12:00','15:59','Y','CAHV','','\'Career Coaching\'','\'\'','CAHV_2bf854217473ad2242cf2983bf7064d5','\'\'',NULL,221396),('2_Friday','08','08:00','16:59','N','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'Title: DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open
\nWhen: Friday, Aug 6, 08:00 - 16:59 PDT
\nWhere: Paris DEF CON Registration Desk
\n
\nDescription:
\nYou can start the 2-step process. There is no need to rush, if you have purchased on-line your badge is reserved and there is no concern about them running out:\n

2nd Next you head to the badge pickup desks. There you will show your wristband and your in-person badge bar code and get it scanned. If the scan passes you get your Human reg pack.\n

Where to register / pick up badges: Paris, near the InfoBooth. Please find \"REGISTRATION\" on the provided DC29 floorplan (available in HackerTracker and online).\n

Both registration and the vaccine check processing functions are planning to be available from 8am/08:00 to 5pm/17:00. If those times change, this schedule entry will be updated in HackerTracker and info.defcon.org as soon as possible.\n

\n\'',NULL,221397),('2_Friday','09','08:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'\'',NULL,221398),('2_Friday','10','08:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'\'',NULL,221399),('2_Friday','11','08:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'\'',NULL,221400),('2_Friday','12','08:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'\'',NULL,221401),('2_Friday','13','08:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'\'',NULL,221402),('2_Friday','14','08:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'\'',NULL,221403),('2_Friday','15','08:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'\'',NULL,221404),('2_Friday','16','08:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_9a74d04172ffa06cb8f03ff4cf077fa6','\'\'',NULL,221405),('1_Thursday','21','21:00','20:59','N','BCV','','\'Scaling Blockchains: A Novel Approach\'','\'Colin Cantrell\'','BCV_1af28c7d4396926a68416c670cd31839','\'Title: Scaling Blockchains: A Novel Approach
\nWhen: Thursday, Aug 5, 21:00 - 20:59 PDT
\nWhere: Blockchain Village (YouTube)
\n
SpeakerBio:Colin Cantrell\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk is now available on YouTube: https://www.youtube.com/watch?v=xJ_I4quSTfI\n
\n\'',NULL,221406),('2_Friday','20','20:00','21:59','N','DC','','\'DEF CON Movie Night - Tron\'','\' \'','DC_5c2883d9d101a88e65dae01b523abe9c','\'Title: DEF CON Movie Night - Tron
\nWhen: Friday, Aug 6, 20:00 - 21:59 PDT
\nWhere: See Description
\n
\nDescription:
\nTron will be shown in Track 2.
\n\'',NULL,221407),('2_Friday','21','20:00','21:59','Y','DC','','\'DEF CON Movie Night - Tron\'','\' \'','DC_5c2883d9d101a88e65dae01b523abe9c','\'\'',NULL,221408),('3_Saturday','20','20:00','21:59','N','DC','','\'DEF CON Movie Night - Upgrade\'','\' \'','DC_850c46403778829502aa33bdd366b758','\'Title: DEF CON Movie Night - Upgrade
\nWhen: Saturday, Aug 7, 20:00 - 21:59 PDT
\nWhere: See Description
\n
\nDescription:
\nUpgrade will be shown in Track 2.
\n\'',NULL,221409),('3_Saturday','21','20:00','21:59','Y','DC','','\'DEF CON Movie Night - Upgrade\'','\' \'','DC_850c46403778829502aa33bdd366b758','\'\'',NULL,221410),('4_Sunday','11','11:00','11:30','N','AIV','','\'Potential Pitfalls Protecting Patient Privacy\'','\'Brian Martin\'','AIV_6c2e95acf091017c6aba56ad70629d54','\'Title: Potential Pitfalls Protecting Patient Privacy
\nWhen: Sunday, Aug 8, 11:00 - 11:30 PDT
\nWhere: AI Village (Virtual)
\n
SpeakerBio:Brian Martin\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
AI Village events will be streamed to Twitch, and later be made available as videos on YouTube.\n

Speakers will be made available on DEF CON\'s Discord, in #aiv-general-text.\n

https://twitter.com/hack3rrunway\n

#aiv-general-text: https://discord.com/channels/708208267699945503/732733090568339536\n

\'',NULL,221411),('2_Friday','11','11:30','12:30','N','DC','','\'Community Roundtable - We can build it. We have the technology. So why aren\'t we?\'','\' \'','DC_4f73f0944b94e4b151550f0cc396b8cf','\'Title: Community Roundtable - We can build it. We have the technology. So why aren\'t we?
\nWhen: Friday, Aug 6, 11:30 - 12:30 PDT
\nWhere: Policy (Virtual)
\n
\nDescription:
\nClean energy. Vaccines. We are an incredible species with an incredible capacity to innovate solutions to our biggest problems. So why are we so terrible at implementing them? Have some thoughts on this? Then come share them!\n

\n\'',NULL,221412),('2_Friday','12','11:30','12:30','Y','DC','','\'Community Roundtable - We can build it. We have the technology. So why aren\'t we?\'','\' \'','DC_4f73f0944b94e4b151550f0cc396b8cf','\'\'',NULL,221413),('2_Friday','15','15:30','16:30','N','DC','','\'Community Roundtable - 10 years after SOPA: where are we now?\'','\' \'','DC_62345adf7ef6e31ed0a0425848d10eb1','\'Title: Community Roundtable - 10 years after SOPA: where are we now?
\nWhen: Friday, Aug 6, 15:30 - 16:30 PDT
\nWhere: Policy (Virtual)
\n
\nDescription:
\nTen years ago the Internet nearly changed forever, with the passage of the SOPA/PIPA bills. Driven by copyright interests, it would have unleashed new powers for individuals and governments to censor speech online. Thanks to the public outrage by enough users, those bills didn\'t make it into law. But whether it comes cloaked in copyright, privacy, antitrust, or some other initiative, the appetite to control speech still continues to inform Internet policymaking discussions. Will they succeed this time in shaping new law? What happens to the Internet if they do? Come discuss these and other questions with Internet policy practitioners who interact with them daily.\n

\n\'',NULL,221414),('2_Friday','16','15:30','16:30','Y','DC','','\'Community Roundtable - 10 years after SOPA: where are we now?\'','\' \'','DC_62345adf7ef6e31ed0a0425848d10eb1','\'\'',NULL,221415),('3_Saturday','11','11:30','12:30','N','DC','','\'Community Roundtable - If only you knew\'','\' \'','DC_2ccdb6650c8d16327eaaa4dfeb1d8801','\'Title: Community Roundtable - If only you knew
\nWhen: Saturday, Aug 7, 11:30 - 12:30 PDT
\nWhere: Policy (Virtual)
\n
\nDescription:
\nRegardless of the hat you wear â€“ whether you are a policy person dealing with technology, a tech person reacting to policy, a legal advisor struggling to bridge the two, or a business person looking to keep the lights on in the meantime â€“ you all confront your own challenges and issues. What are the top one or two things you know well about those challenges that you wish everyone else did? Come to this session to meet people wearing different hats than you and share those insights. \n

\n\'',NULL,221416),('3_Saturday','12','11:30','12:30','Y','DC','','\'Community Roundtable - If only you knew\'','\' \'','DC_2ccdb6650c8d16327eaaa4dfeb1d8801','\'\'',NULL,221417),('3_Saturday','16','16:00','16:59','N','DC','','\'Community Roundtable - Thinking About Election Security\'','\' \'','DC_d0cd6a848db849d54753b4cb6df15e5f','\'Title: Community Roundtable - Thinking About Election Security
\nWhen: Saturday, Aug 7, 16:00 - 16:59 PDT
\nWhere: Policy (Virtual)
\n
\nDescription:
\nElection security has left the realm of election professionals and is now top of mind for anyone. But what does it mean? Is it just about the security of voting equipment? Or the security of the entire system of running elections? If you haven\'t been able to catch the Voting Village\'s content, or would like the opportunity for a deeper dive on some of the issues policymakers are wrestling with, this session is for you. \n

\n\'',NULL,221418),('3_Saturday','16','16:00','16:59','N','DC','','\'Community Roundtable - Implementing Cyber Solarium Commission Policy\'','\' \'','DC_8029ec0f1379b4ae10f44f2cd03d172e','\'Title: Community Roundtable - Implementing Cyber Solarium Commission Policy
\nWhen: Saturday, Aug 7, 16:00 - 16:59 PDT
\nWhere: Policy (Virtual & SkyView 1)
\n
\nDescription:
\nWithin a year of publication of the Cyberspace Solarium Commission report, at least 25 of its recommendations were passed into law by Congress. Solarium Commission leadership wants to know how to improve their next set of recommendations - such as the Bureau of Cyber Statistics - before they become law, and wants DEF CON\'s help to do so. Commission staff will present their topics and elicit feedback from you and your fellow hackers to avoid unintended consequences and to strengthen their implementation plans.\n

For virtual access, register here: https://us02web.zoom.us/meeting/register/tZItdOCsqDouHd3-on_4mXNeaIsDQhq7HEz1\n

\n\'',NULL,221419),('3_Saturday','13','13:00','14:59','N','DC','','\'Community Roundtable - RANSOMWARE: Combatting Ransomware on a Global Stage / The realities of responding to ransomware\'','\' \'','DC_f4d40b9b1ab68d28d1526c6d96665334','\'Title: Community Roundtable - RANSOMWARE: Combatting Ransomware on a Global Stage / The realities of responding to ransomware
\nWhen: Saturday, Aug 7, 13:00 - 14:59 PDT
\nWhere: Policy (Virtual & SkyView 1)
\n
\nDescription:
\nPart 1:
\nRansomware has made front page headlines and taken top stage in policy conversations, with even the US President issuing a letter to CEOs, Congress grilling Colonial Pipelineâ€™s CEO, and the president of France committing 1 Billion Euro to fight ransomware in hospitals. While drafting and spreading technical â€œbest practicesâ€ have failed to protect critical infrastructure around the world, which public policy levers are best suited to do so?\n

Part 2:
\nIf it\'s Tuesday, it must be another ransomware attack. So what is a law-abiding company to do? If they pay, it just encourages the attacks. If they don\'t, then their business may suffer, or worse. Meanwhile, breach-notification regulation may have started a ticking clock forcing their hand â€“ potentially in ways that are counter-productive to other policy efforts to stem the tide of these attacks. In this session we\'ll confront the practical realities and policy dilemmas these attacks provoke.\n

For virtual access, register here: https://us02web.zoom.us/meeting/register/tZYvduuorzgtG9MAPy9QjVRAaaC4JKIu89aq\n

\n\'',NULL,221420),('3_Saturday','14','13:00','14:59','Y','DC','','\'Community Roundtable - RANSOMWARE: Combatting Ransomware on a Global Stage / The realities of responding to ransomware\'','\' \'','DC_f4d40b9b1ab68d28d1526c6d96665334','\'\'',NULL,221421),('3_Saturday','10','10:00','10:59','N','DC','','\'Community Roundtable - Supply Chain in the COVID Era\'','\' \'','DC_2c8672a272ec978bfafba90d4cf9bfaa','\'Title: Community Roundtable - Supply Chain in the COVID Era
\nWhen: Saturday, Aug 7, 10:00 - 10:59 PDT
\nWhere: Policy (Virtual & SkyView 1)
\n
\nDescription:
\nDuring the global COVID pandemic, accidents and adversaries revealed opaque and ignored supply chain security issues in near-catastrophic ways. With global markets, global suppliers, global networks, and global adversaries, is there space for a globally-cohesive approach to shoring up supply chain security?\n

For virtual access, register here: https://us02web.zoom.us/meeting/register/tZcud-Gprj8qE92RoBYuXTWhhHsakUjGvoLc\n

\n\'',NULL,221422),('2_Friday','16','16:00','16:59','N','DC','','\'Community Roundtable - Volunteer Hacker Fire Department\'','\' \'','DC_fd4fbba32efcc205845a4e2765fcf7c7','\'Title: Community Roundtable - Volunteer Hacker Fire Department
\nWhen: Friday, Aug 6, 16:00 - 16:59 PDT
\nWhere: Policy (Virtual & SkyView 1)
\n
\nDescription:
\nThe volunteer fire department model has saved countless lives and countless economic damage across the US and around the world. Several initiatives over the past several years - and continuing today - have given us a glimpse of what a volunteer-based hacker Fire Department might look like, addressing Internet-scale incidents. What are they and how do we scale them?\n

For virtual access, register here: https://us02web.zoom.us/meeting/register/tZUvduytqTwsGN2k75CDTSCl23o0QDiqbkDn\n

\n\'',NULL,221423),('2_Friday','14','14:30','15:30','N','DC','','\'Community Roundtable - Zero Trust, Critical Software, and a Cyber Safety Review Board\'','\' \'','DC_b8700dc911d94e036e3761cd68f57215','\'Title: Community Roundtable - Zero Trust, Critical Software, and a Cyber Safety Review Board
\nWhen: Friday, Aug 6, 14:30 - 15:30 PDT
\nWhere: Policy (Virtual & SkyView 1)
\n
\nDescription:
\nThe recent cybersecurity Executive Order called for several new protections for US Federal networks and the nation\'s critical infrastructure, though some of these are undefined. While Zero Trust Architectures neatly fit into vendor buzzword bingo, what are they really? And how can you define critical software when any software on a critical system could cause harm? How would a Cyber Safety Review Board weigh in on issues where bits and bytes meet flesh and blood? Join this session to talk through some of the implications.\n

For virtual access, register here: https://us02web.zoom.us/meeting/register/tZAtfuqsrDgiH9y3ifQhU0Pg3bewc--OFyJ3\n

\n\'',NULL,221424),('2_Friday','15','14:30','15:30','Y','DC','','\'Community Roundtable - Zero Trust, Critical Software, and a Cyber Safety Review Board\'','\' \'','DC_b8700dc911d94e036e3761cd68f57215','\'\'',NULL,221425),('2_Friday','11','11:30','12:30','N','DC','','\'Community Roundtable - Toward a Global IoT Code of Practice\'','\' \'','DC_0ef8e2205a97a2d5fb863f9f4fddc523','\'Title: Community Roundtable - Toward a Global IoT Code of Practice
\nWhen: Friday, Aug 6, 11:30 - 12:30 PDT
\nWhere: Policy (Virtual & SkyView 1)
\n
\nDescription:
\nThe UKâ€™s Code of Practice for IoT Security, developed by the UK government, has become a European standard, and countries around the world are adopting it as defacto minimum threshold for devices. This session will elicit responses to proposed Parliamentary legislation which would apply the Code to consumer IoT sold and imported in the UK. Peter Stephens, who leads the initiative, will be on hand to frame the discussion, answer questions, and take feedback.\n

For virtual access, register here: https://us02web.zoom.us/meeting/register/tZEqf-igrDIrG92o-NpocyyBPIMNfVEONXn7\n

\n\'',NULL,221426),('2_Friday','12','11:30','12:30','Y','DC','','\'Community Roundtable - Toward a Global IoT Code of Practice\'','\' \'','DC_0ef8e2205a97a2d5fb863f9f4fddc523','\'\'',NULL,221427),('2_Friday','10','10:00','10:59','N','DC','','\'Community Roundtable - (De)Criminalizing Hacking Around the Globe\'','\' \'','DC_bde2489ce95273d86b88c0558d7a3143','\'Title: Community Roundtable - (De)Criminalizing Hacking Around the Globe
\nWhen: Friday, Aug 6, 10:00 - 10:59 PDT
\nWhere: Policy (Virtual & SkyView 1)
\n
\nDescription:
\nIn the last 12 months, the Supreme Court has weighed in on the Computer Fraud and Abuse Act, a groundswell of support has arisen in the UK to reform the Computer Misuse Act, and a proposed law in Mexico would have criminalized hacking. In all cases, members of the hacker community had a voice. And with several more upcoming in the next 12 months, our community needs to continue engaging with policymakers so they understand our value to the global security ecosystem.\n

For virtual access, register here: https://us02web.zoom.us/meeting/register/tZcvd-yqpzkqE9bzjZeppc0bGmvkYjHnwQZN\n

\n\'',NULL,221428),('3_Saturday','10','10:00','10:59','N','DC','','\'Community Roundtable - We need to talk about Norm â€“ Discussions on International cyber norms in diplomacy\'','\' \'','DC_df35732e0ba768107c67dc418af82af9','\'Title: Community Roundtable - We need to talk about Norm â€“ Discussions on International cyber norms in diplomacy
\nWhen: Saturday, Aug 7, 10:00 - 10:59 PDT
\nWhere: Policy (Onsite - SkyView 3)
\n
\nDescription:
\nThis session will dive into the wide and wonderful world of â€œcyber normsâ€ â€“ the long-running international discussions seeking to establish rules of the road of behavior in cyberspace. After years of prolonged discussions in the United Nations but also informal groups like the Global Commission on the Stability of Cyberspace, we seem to be at an impasse â€“ do we want to simply reinforce the already agreed upon 11 norms (like â€œnon-interference in critical infrastructureâ€), do we want to expand the list of norms to include new behavior (like protecting the basic infrastructure of the Internet), or do we want to do both? And who is this â€œweâ€ anyway? We\'ll kick off with a deeper look at the state of norm discussions and then open for a wider Q/A and discussion on what norms can and could do.
\n\'',NULL,221429),('2_Friday','14','14:30','15:30','N','DC','','\'Policy Debrief - Global Cyber Capacity Building - triple challenge or triple opportunity?\'','\' \'','DC_adcd02819d731194c7a6ab785fc4a0fe','\'Title: Policy Debrief - Global Cyber Capacity Building - triple challenge or triple opportunity?
\nWhen: Friday, Aug 6, 14:30 - 15:30 PDT
\nWhere: Policy (Onsite - SkyView 5/6)
\n
\nDescription:
\nOne thing government worldwide agree upon is that raising defenses helps us all, but also that poorer countries need a lot of help to do so. In recent years the term â€œcyber capacity buildingâ€ (CCB) has been used to describe large-scale development assistance programs that help build CERTs, train infosec professionals, but also educate on global cybersecurity issues. Often hackers from DEF CON can find themselves offered lucrative engagements in e.g. the Balkans or Sub-Saharan Africa towards this end. But are programs really global, or more a new type of big power competition? How much can they really deliver both for those societies, but also the rest of the world? And what is the best way to get involved?
\n\'',NULL,221430),('2_Friday','15','14:30','15:30','Y','DC','','\'Policy Debrief - Global Cyber Capacity Building - triple challenge or triple opportunity?\'','\' \'','DC_adcd02819d731194c7a6ab785fc4a0fe','\'\'',NULL,221431),('2_Friday','13','13:00','13:59','N','DC','','\'Policy Debrief - Myths and Legends of Section 230\'','\' \'','DC_51257c87f5be07beaa53d637a41d8b77','\'Title: Policy Debrief - Myths and Legends of Section 230
\nWhen: Friday, Aug 6, 13:00 - 13:59 PDT
\nWhere: See Description
\n
\nDescription:
\nLOCATION TBD\n

It seems like everyone\'s talking about Section 230 these days, and keen to change it, without really knowing what it says and does. Don\'t let this happen to you! Come to this crash course in Section 230 given by Cathy Gellis, a lawyer who regularly litigates (and pontificates) about the statute to learn the truth about this crucial law that enables our online world. We\'ll talk about why we have Section 230, what it does, why it works, its relationship with the First Amendment, and some of the common misperceptions about it, including why getting rid of it might not make the Internet any better (and will probably make it worse). \n

\n\'',NULL,221432),('2_Friday','10','10:00','15:59','N','CON','','\'Hack3r Runw@y\'','\' \'','CON_89b02e1554225c8181fb2876d2b761e6','\'Title: Hack3r Runw@y
\nWhen: Friday, Aug 6, 10:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nMore info: https://forum.defcon.org/node/236429\n

More info: https://hack3rrunway.github.io/\n

Also see #ce-hack3r-runway.\n

Register here: https://docs.google.com/forms/d/e/1FAIpQLSdua561gCbWEbGk7_ZuS7cg3w7_IFbtrahibeKsU0iR%20ENiIiw/viewform?usp=sf_link\n

#ce-hack3r-runway: https://discord.com/channels/708208267699945503/711644666239647824\n

\n\'',NULL,221433),('2_Friday','11','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_89b02e1554225c8181fb2876d2b761e6','\'\'',NULL,221434),('2_Friday','12','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_89b02e1554225c8181fb2876d2b761e6','\'\'',NULL,221435),('2_Friday','13','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_89b02e1554225c8181fb2876d2b761e6','\'\'',NULL,221436),('2_Friday','14','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_89b02e1554225c8181fb2876d2b761e6','\'\'',NULL,221437),('2_Friday','15','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_89b02e1554225c8181fb2876d2b761e6','\'\'',NULL,221438),('3_Saturday','10','10:00','15:59','N','CON','','\'Hack3r Runw@y\'','\' \'','CON_88e02440aca7eb63a13e1e14350837af','\'Title: Hack3r Runw@y
\nWhen: Saturday, Aug 7, 10:00 - 15:59 PDT
\nWhere: See Description
\n
\nDescription:
\nMore info: https://forum.defcon.org/node/236429\n

More info: https://hack3rrunway.github.io/\n

https://twitter.com/hack3rrunway\n

Also see #ce-hack3r-runway.\n

Register here: https://docs.google.com/forms/d/e/1FAIpQLSdua561gCbWEbGk7_ZuS7cg3w7_IFbtrahibeKsU0iR%20ENiIiw/viewform?usp=sf_link\n

#ce-hack3r-runway: https://discord.com/channels/708208267699945503/711644666239647824\n

\n\'',NULL,221439),('3_Saturday','11','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_88e02440aca7eb63a13e1e14350837af','\'\'',NULL,221440),('3_Saturday','12','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_88e02440aca7eb63a13e1e14350837af','\'\'',NULL,221441),('3_Saturday','13','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_88e02440aca7eb63a13e1e14350837af','\'\'',NULL,221442),('3_Saturday','14','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_88e02440aca7eb63a13e1e14350837af','\'\'',NULL,221443),('3_Saturday','15','10:00','15:59','Y','CON','','\'Hack3r Runw@y\'','\' \'','CON_88e02440aca7eb63a13e1e14350837af','\'\'',NULL,221444),('2_Friday','09','09:00','09:25','N','ASV','','\'Retired but not forgotten â€“ A look at IFEs\'','\'Alex Lomas,Phil Eveleigh\'','ASV_332e9d00157e766c3877f64d24a75afc','\'Title: Retired but not forgotten â€“ A look at IFEs
\nWhen: Friday, Aug 6, 09:00 - 09:25 PDT
\nWhere: Aerospace Village (Virtual Talk)
\nSpeakers:Alex Lomas,Phil Eveleigh
\n
SpeakerBio:Alex Lomas\n
\nAlex is Pen Test Partnerâ€™s aerospace specialist. Alex undertakes penetration testing of traditional IT, such as networks, web applications, and APIs, as well as more aviation-specific areas including airport operational technology and avionics embedded systems such as inflight entertainment and e-enabled aircraft.
\n
SpeakerBio:Phil Eveleigh\n
\nPhil has undertaken testing of all kinds of embedded systems with Pen Test Partnersâ€™ Hardware Team, from consumer routers through to operational technology and household electronic devices. He has now brought his skills to the aviation sector. This is Philâ€™s first talk at DEFCON!
\n\n
\nDescription:
\nAlex Lomas and Phil Eveleigh from Pen Test Partners reminisce about research on two interesting in flight entertainment systems from the past 12 months, including great interactions with vendors, attempts remembering how to pwn NT4, and a reminder that just because an aircraft is going to scrap, it still means that disclosures have to be handled sensitively.\n

This talk will be streamed on YouTube: https://www.youtube.com/watch?v=p0A03vVHXnw\n

\n
Aerospace Village talks will be streamed to YouTube.\n

YouTube: https://www.youtube.com/c/AerospaceVillage\n

\'',NULL,221445),('3_Saturday','12','12:00','14:59','N','HTSV','','\'Hack the Sea Cabana Party\'','\' \'','HTSV_320264b3deaed36c3b3535242e52f4d7','\'Title: Hack the Sea Cabana Party
\nWhen: Saturday, Aug 7, 12:00 - 14:59 PDT
\nWhere: Hack the Sea (Virtual)
\n
\nDescription:
\nFor more information see https://hackthesea.org/cabana-party/\n

Come visit our Cabana Saturday from 12:00-3:00pm PST pool-side at Ballyâ€™s!\n

\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,221446),('3_Saturday','13','12:00','14:59','Y','HTSV','','\'Hack the Sea Cabana Party\'','\' \'','HTSV_320264b3deaed36c3b3535242e52f4d7','\'\'',NULL,221447),('3_Saturday','14','12:00','14:59','Y','HTSV','','\'Hack the Sea Cabana Party\'','\' \'','HTSV_320264b3deaed36c3b3535242e52f4d7','\'\'',NULL,221448),('3_Saturday','15','15:00','15:30','N','HRV','','\'How to Contact the ISS with a $30 Radio\'','\'Gregg Horton\'','HRV_5bd92a36bb9704d3493a966c4727010d','\'Title: How to Contact the ISS with a $30 Radio
\nWhen: Saturday, Aug 7, 15:00 - 15:30 PDT
\nWhere: Ham Radio Village (Virtual Talks)
\n
SpeakerBio:Gregg Horton\n
\nGregg Horton K6XSS is a security professional by day and by night explores the airwaves with ham radio. He got his general license in January 2021 and is very interested in digital modes like JS8CALL. When not playing with antennas, He enjoys gardening and getting beat at pokemon cards by his 5 year old son.
\n\n
\nDescription:
\nThis presentation will go over the basics of how to listen to the international space station using a handheld ham radio. We will also cover how to utilize the repeater on the ISS, Capturing SSTV images from the ISS, and what equipment you can use to maximize your contacts.
\n
All Ham Radio Village talks will be streamed to Twitch, with discussion in Discord.\n

For more information, see https://hamvillage.org/dc29.html\n

#hrv-presentation-text: https://discord.com/channels/708208267699945503/736674835413073991\n

\'',NULL,221449),('3_Saturday','14','14:00','14:55','N','HTSV','','\'Cyber Operations and Operational Wargames on Port Infrastructure\'','\'Tom Mouatt,Ed McGrady,John Curry\'','HTSV_2840c9d322fdbf70c97f58fefcabe9d8','\'Title: Cyber Operations and Operational Wargames on Port Infrastructure
\nWhen: Saturday, Aug 7, 14:00 - 14:55 PDT
\nWhere: Hack the Sea (Virtual)
\nSpeakers:Tom Mouatt,Ed McGrady,John Curry
\n
SpeakerBio:Tom Mouatt\n
\nNo BIO available
\n
SpeakerBio:Ed McGrady\n
\nNo BIO available
\n
SpeakerBio:John Curry\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n
Hack the Sea Village will stream their events to YouTube and Twitch. \n

YouTube: https://www.youtube.com/channel/UC5htD_rPiP8N7v8VQKyJkOQ\n

\'',NULL,221450),('1_Thursday','12','12:00','11:59','N','RFV','','\'Frag, Youâ€™re it - Hacking Laser Tag\'','\'Eric Escobar\'','RFV_1feb764ac788f91fc3ca8ad68e40440c','\'Title: Frag, Youâ€™re it - Hacking Laser Tag
\nWhen: Thursday, Aug 5, 12:00 - 11:59 PDT
\nWhere: Radio Frequency Village (Virtual)
\n
SpeakerBio:Eric Escobar\n, Principal Security Consultant
\nEric is a seasoned pentester and a Principal Security Consultant at Secureworks. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. His team consecutively won first place at DEF CON 23, 24, and 25\'s Wireless CTF, snagging a black badge along the way. Forcibly retired from competing in the Wireless CTF, heâ€™s now a member of the DEF CON Wireless Village team. Before entering the cyber security arena, Eric attained both a BS and MS in Civil Engineering along with his Professional Engineering license.
\n\n
\nDescription:
\nWhat do inexpensive hardware purchased from Amazon and a little git magic have in common? They are the ingredients to become a laser tag juggernaut armed with unlimited respawns and Contraesqe widespread rapid-fire. Hacking doesn\'t always have to be so serious; relegated to newsworthy 0days, Nation State actors, and vulnerable supply chains. Sometimes hacks are just to wreck your friends.\nThis talk will dive into how laser tag actually uses focused beams of infrared light (similar to your TV remote) to \"\"tag\"\" your opponent. We\'ll look under the hood to see what qualifies as \"\"lasers\"\", and how they are interpreted by the game server. I\'ll discuss how these infrared signals can be replayed stealthily. Then we\'ll get to the carnage of warehouse Halo godmode.\n

This talk has been released to YouTube.\n

YouTube: https://www.youtube.com/watch?v=tNLddWViPl0\n

\n
Radio Frequency Village will not be streaming any talks, but they will be making talks available on their YouTube channel.\n

YouTube: https://youtube.com/c/RFHackersSanctuary\n

\'',NULL,221451),('1_Thursday','12','12:00','11:59','N','RFV','','\'ESP8266, do you know what\'s inside your IoT?\'','\'JoshInGeneral\'','RFV_1e7cbf7bd9964cb4e6a963d41ad1deeb','\'Title: ESP8266, do you know what\'s inside your IoT?
\nWhen: Thursday, Aug 5, 12:00 - 11:59 PDT
\nWhere: Radio Frequency Village (Virtual)
\n
SpeakerBio:JoshInGeneral\n
\nJoshua Schroeder would describe himself as a security researcher that enjoys learning and advocating for people to get involved in RF and Cyber Security. His professional work includes working as a Unix Administrator, Incident Responder and Red Teamer.\n

As a long time Wireless CTF competitor, he led the Team JackTenna to a win in 2017. \nAttempting to share his knowledge with others, he previously spoke at the Defcon Wireless Village (Now RF Village) on 802.11 and 802.15 technologies (WiFi and Bluetooth) and later wrote and published the book \"\"Meeting People via Wifi and Bluetooth\"\". Prior speaking engagements also include ShmooCon, SkyDogCon, and Carolina Con. \n

In his free time he enjoys spending time with his wife and their dog, remodeling their house and tinkering with smart home technologies.\n

\n\n
\nDescription:
\nIn this presentation we will look through together the inner workings of the ESP8266 chip. A common technology that is at the heart many IoT devices. I will demonstrate where I found this in a IoT switch and how you can identify and find them as well. Lastly I will show how the ESP8266 chip can be purchased for under $20 and deployed with a small as a decoy AP to capture credentials. Similar to what our team built and during the Wireless CTF in 2019.\n

This talk has been released to YouTube.\n

YouTube: https://www.youtube.com/watch?v=DIh-y5n_lDg\n

\n
Radio Frequency Village will not be streaming any talks, but they will be making talks available on their YouTube channel.\n

YouTube: https://youtube.com/c/RFHackersSanctuary\n

\'',NULL,221452),('2_Friday','10','10:00','19:59','N','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'Title: DEF CON Vendor Area Open
\nWhen: Friday, Aug 6, 10:00 - 19:59 PDT
\nWhere: Bally\'s Event Center (Vendors)
\n
\nDescription:No Description available
\n\'',NULL,221453),('2_Friday','11','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221454),('2_Friday','12','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221455),('2_Friday','13','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221456),('2_Friday','14','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221457),('2_Friday','15','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221458),('2_Friday','16','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221459),('2_Friday','17','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221460),('2_Friday','18','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221461),('2_Friday','19','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b92c2f38aa53a0b3d329bf79071e6b48','\'\'',NULL,221462),('3_Saturday','10','10:00','19:59','N','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'Title: DEF CON Vendor Area Open
\nWhen: Saturday, Aug 7, 10:00 - 19:59 PDT
\nWhere: Bally\'s Event Center (Vendors)
\n
\nDescription:No Description available
\n\'',NULL,221463),('3_Saturday','11','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221464),('3_Saturday','12','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221465),('3_Saturday','13','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221466),('3_Saturday','14','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221467),('3_Saturday','15','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221468),('3_Saturday','16','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221469),('3_Saturday','17','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221470),('3_Saturday','18','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221471),('3_Saturday','19','10:00','19:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_b8266c0a23a6fccde45051acf74766e9','\'\'',NULL,221472),('4_Sunday','10','10:00','15:59','N','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_11feb5e9dd16bbcc32e781574f11401c','\'Title: DEF CON Vendor Area Open
\nWhen: Sunday, Aug 8, 10:00 - 15:59 PDT
\nWhere: Bally\'s Event Center (Vendors)
\n
\nDescription:No Description available
\n\'',NULL,221473),('4_Sunday','11','10:00','15:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_11feb5e9dd16bbcc32e781574f11401c','\'\'',NULL,221474),('4_Sunday','12','10:00','15:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_11feb5e9dd16bbcc32e781574f11401c','\'\'',NULL,221475),('4_Sunday','13','10:00','15:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_11feb5e9dd16bbcc32e781574f11401c','\'\'',NULL,221476),('4_Sunday','14','10:00','15:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_11feb5e9dd16bbcc32e781574f11401c','\'\'',NULL,221477),('4_Sunday','15','10:00','15:59','Y','DC','','\'DEF CON Vendor Area Open\'','\'\'','DC_11feb5e9dd16bbcc32e781574f11401c','\'\'',NULL,221478),('2_Friday','10','10:00','11:59','N','CON','E','\'DEF CON Scavenger Hunt\'','\' \'','CON_639b9f1c3c2bb71e105880d013b651d7','\'Title: DEF CON Scavenger Hunt
\nWhen: Friday, Aug 6, 10:00 - 11:59 PDT
\nWhere: See Description
\n
\nDescription:
\nFor more information, see https://forum.defcon.org/node/236484\n

Also see #ce-defcon-scavenger-hunt-text\n

#ce-defcon-scavenger-hunt-text: https://discord.com/channels/708208267699945503/711049278163779605/872883588461367366\n

\n\'',NULL,221479),('3_Saturday','14','14:00','15:50','N','DL','','\'WiFi Kraken Lite\'','\'Henry Hill\'','DL_a7652bbd339fe5af1b8f002982275e58','\'Title: WiFi Kraken Lite
\nWhen: Saturday, Aug 7, 14:00 - 15:50 PDT
\nWhere: DemoLab Video Channel 2
\n
SpeakerBio:Henry Hill\n
\nHenry Hill is an expert with computer hardware and is able to design and build the most bleeding edge systems that are the fastest in the world. His internal knowledge of architecture and system bottlenecks help him build systems capable of extreme processing and even faster storage. Henry is also an expert with mechanical engineering and fabrication. When his modifications arenâ€™t appearing in d4rkm4tterâ€™s projects, they can be seen in his race car at the track.\n
\n\n
\nDescription:
\nTool or Project Name: The WiFi Kraken Lite\n

URL to any additional information:
\nPalshack.org/wifi-kraken-lite (Site will be online for DEF CON)\n

Target Audience:
\nOffense, Defense and Hardware\n

\n
This content will be presented on a Discord video channel.\n

#dl-video2-voice: https://discord.com/channels/708208267699945503/734027778646867988\n

\'',NULL,221480),('3_Saturday','15','14:00','15:50','Y','DL','','\'WiFi Kraken Lite\'','\'Henry Hill\'','DL_a7652bbd339fe5af1b8f002982275e58','\'\'',NULL,221481),('3_Saturday','14','14:00','15:50','N','DL','','\'WiFi Kraken Lite\'','\'Henry Hill\'','DL_a7652bbd339fe5af1b8f002982275e58','\'Title: WiFi Kraken Lite
\nWhen: Saturday, Aug 7, 14:00 - 15:50 PDT
\nWhere: Palace 3+4+5
\n
SpeakerBio:Henry Hill\n
\nHenry Hill is an expert with computer hardware and is able to design and build the most bleeding edge systems that are the fastest in the world. His internal knowledge of architecture and system bottlenecks help him build systems capable of extreme processing and even faster storage. Henry is also an expert with mechanical engineering and fabrication. When his modifications arenâ€™t appearing in d4rkm4tterâ€™s projects, they can be seen in his race car at the track.\n
\n\n
\nDescription:
\nTool or Project Name: The WiFi Kraken Lite\n

URL to any additional information:
\nPalshack.org/wifi-kraken-lite (Site will be online for DEF CON)\n

Target Audience:
\nOffense, Defense and Hardware\n

\n\'',NULL,221482),('3_Saturday','15','14:00','15:50','Y','DL','','\'WiFi Kraken Lite\'','\'Henry Hill\'','DL_a7652bbd339fe5af1b8f002982275e58','\'\'',NULL,221483),('3_Saturday','09','09:00','16:59','N','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_3dfaebabd200f17e850c608980d3c51e','\'Title: DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open
\nWhen: Saturday, Aug 7, 09:00 - 16:59 PDT
\nWhere: Paris DEF CON Registration Desk
\n
\nDescription:
\nYou can start the 2-step process. There is no need to rush, if you have purchased on-line your badge is reserved and there is no concern about them running out:\n

2nd Next you head to the badge pickup desks. There you will show your wristband and your in-person badge bar code and get it scanned. If the scan passes you get your Human reg pack.\n

Where to register / pick up badges: Paris, near the InfoBooth. Please find \"REGISTRATION\" on the provided DC29 floorplan (available in HackerTracker and online).\n

\n\'',NULL,221484),('3_Saturday','10','09:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_3dfaebabd200f17e850c608980d3c51e','\'\'',NULL,221485),('3_Saturday','11','09:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_3dfaebabd200f17e850c608980d3c51e','\'\'',NULL,221486),('3_Saturday','12','09:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_3dfaebabd200f17e850c608980d3c51e','\'\'',NULL,221487),('3_Saturday','13','09:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_3dfaebabd200f17e850c608980d3c51e','\'\'',NULL,221488),('3_Saturday','14','09:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_3dfaebabd200f17e850c608980d3c51e','\'\'',NULL,221489),('3_Saturday','15','09:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_3dfaebabd200f17e850c608980d3c51e','\'\'',NULL,221490),('3_Saturday','16','09:00','16:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_3dfaebabd200f17e850c608980d3c51e','\'\'',NULL,221491),('4_Sunday','09','09:00','13:59','N','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_b2cf20141202f17d02bd5de20af58751','\'Title: DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open
\nWhen: Sunday, Aug 8, 09:00 - 13:59 PDT
\nWhere: Paris DEF CON Registration Desk
\n
\nDescription:
\nYou can start the 2-step process. There is no need to rush, if you have purchased on-line your badge is reserved and there is no concern about them running out:\n

2nd Next you head to the badge pickup desks. There you will show your wristband and your in-person badge bar code and get it scanned. If the scan passes you get your Human reg pack.\n

Where to register / pick up badges: Paris, near the InfoBooth. Please find \"REGISTRATION\" on the provided DC29 floorplan (available in HackerTracker and online).\n

\n\'',NULL,221492),('4_Sunday','10','09:00','13:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_b2cf20141202f17d02bd5de20af58751','\'\'',NULL,221493),('4_Sunday','11','09:00','13:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_b2cf20141202f17d02bd5de20af58751','\'\'',NULL,221494),('4_Sunday','12','09:00','13:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_b2cf20141202f17d02bd5de20af58751','\'\'',NULL,221495),('4_Sunday','13','09:00','13:59','Y','DC','','\'DEF CON Human Registration (Badge Pickup) and Vaccine Check Processing Open\'','\' \'','DC_b2cf20141202f17d02bd5de20af58751','\'\'',NULL,221496),('3_Saturday','08','08:00','07:59','N','RFV','','\'The Basics of Breaking BLE - Part 2: Doing More With Less\'','\'freqy\'','RFV_647ed1978cddb7bbf0d4c000ec16ac02','\'Title: The Basics of Breaking BLE - Part 2: Doing More With Less
\nWhen: Saturday, Aug 7, 08:00 - 07:59 PDT
\nWhere: Radio Frequency Village (Virtual)
\n
SpeakerBio:freqy\n
\nFreqy is a security consultant and researcher with a particular interest in wireless technologies like BLE, ZigBee, Wi-Fi, etc. She has spent the past two year working with companies to help improve the wireless security of devices found in millions of homes and businesses.
\nTwitter: @freqyXin
\n\n
\nDescription:
\nPart 2 of this series continues our discussion on BLE security with an introduction to some additional testing methods using affordable devices and open-source software. From there, weâ€™ll talk about scripting simple BLE attacks, dealing with BlueZ, and exploring BLE devices in the wild. Attendees will also have the opportunity to field questions about BLE security during a live Q/A session following the video.
\n
Radio Frequency Village will not be streaming any talks, but they will be making talks available on their YouTube channel.\n

YouTube: https://youtube.com/c/RFHackersSanctuary\n

\'',NULL,221497),('3_Saturday','19','19:00','19:59','N','DC','','\'(Replay) UFOs: Misinformation, Disinformation, and the Basic Truth\'','\'Richard Thieme AKA neuralcowboy\'','DC_012e17d801b8e7b2655fb43e311e9911','\'Title: (Replay) UFOs: Misinformation, Disinformation, and the Basic Truth
\nWhen: Saturday, Aug 7, 19:00 - 19:59 PDT
\nWhere: Track 1 CLOSED; DCTV/Twitch #1 Pre-Recorded
\n
SpeakerBio:Richard Thieme AKA neuralcowboy\n
\nRichard Thieme, https://thiemeworks.com has addressed security and intelligence issues for 28 years. He has keynoted security conferences in 15 countries and given presentations for the NSA, FBI, Secret Service, Pentagon Security Forum, U.S. Department of the Treasury, and Los Alamos National Laboratory. He has been speaking at Def Con since Def Con 4. His sixth book, a novel, Mobius: A Memoir, about an intelligence professional looking back on his career and how it led down unexpected paths, is receiving rave reviews. He has explored UFO phenomena seriously for 43 years.
\nTwitter: @neuralcowboy
\n\n
\nDescription:
\n** SPECIAL NOTE: This is a replay on DCTV/Twitch only, because a technical issue prevented part of the talk from airing during its previously scheduled slot. **\n

The talk, \"UFOs and Government: A Historical Inquiry\" given at Def Con 21 has been viewed thousands of times. It was a serious well-documented exploration of the UFO subject based on Thieme\'s participation in research into the subject with colleagues. The book of that name is the gold standard for historical research into the subject and is in 100+ university libraries.\n

Reality, as Philip K. Dick said, will not go away just because we refuse to believe in it.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=mExktWB0qz4\n

DCTV Channel Map: https://dctv.defcon.org/\n

\'',NULL,221498),('3_Saturday','19','19:00','19:30','N','DC','','\'(Replay) Racketeer Toolkit. Prototyping Controlled Ransomware Operations\'','\'Dimitry \"Op_Nomad\" Snezhkov\'','DC_f8b72788bbd967b2f169166c2154136a','\'Title: (Replay) Racketeer Toolkit. Prototyping Controlled Ransomware Operations
\nWhen: Saturday, Aug 7, 19:00 - 19:30 PDT
\nWhere: Track 2 CLOSED; DCTV/Twitch #2 Pre-Recorded
\n
SpeakerBio:Dimitry \"Op_Nomad\" Snezhkov\n
\nDimitry Snezhkov is an Associate Director at Protiviti. In this role he hacks code, tools, networks, apps and sometimes subverts human behavior too. Dimitry has spoken at DEF CON, BlackHat, THOTCON conferences, and presented tools at BlackHat Arsenal.
\nTwitter: @Op_Nomad
\n\n
\nDescription:
\n*** SPECIAL NOTE: Technical difficulties prevented this talk from being shown at the correct time slot on DCTV/Twitch. This entry is for the replay. You may also watch this talk on-demand, by following the links at the bottom of this message. ***\n

Racketeer is one such tool. It is an offensive agent coupled with a C2 base, built to help teams to prototype and exercise a tightly controlled ransomware campaign.\n

Racketeer can help gain better optics into IoCs, and is helpful in providing detailed logs that can be used to study the behavior and execution artifacts of a ransomware agent.\n

--\n

This talk has been released to YouTube and the DEF CON Media server.\n

YouTube: https://www.youtube.com/watch?v=VJ8aqReB118\n

DCTV Channel Map: https://dctv.defcon.org/\n