-- MySQL dump 10.13 Distrib 5.7.42, for FreeBSD14.0 (amd64) -- -- Host: localhost Database: defcon31 -- ------------------------------------------------------ -- Server version 5.7.39-log /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; /*!40101 SET NAMES utf8 */; /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */; /*!40103 SET TIME_ZONE='+00:00' */; /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; SET @MYSQLDUMP_TEMP_LOG_BIN = @@SESSION.SQL_LOG_BIN; SET @@SESSION.SQL_LOG_BIN= 0; -- -- Table structure for table `contests` -- DROP TABLE IF EXISTS `contests`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `contests` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Name` varchar(65) COLLATE utf8_unicode_ci NOT NULL, `ForumPage` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `ForumArticle` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `Twitter` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `Webpage` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `Weblink` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `ImagePath` varchar(30) COLLATE utf8_unicode_ci NOT NULL, `Descript` text COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=1455 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `contests` -- LOCK TABLES `contests` WRITE; /*!40000 ALTER TABLE `contests` DISABLE KEYS */; INSERT INTO `contests` VALUES (1401,'\'Car Hacking Village CTF\'','\'https://forum.defcon.org/node/244786\'','\'https://forum.defcon.org/node/244787\'','','','','','\'\n. \n\n\n\"Car\n\n\n\n
\n
\n
\n
\n
\n
\nCar Hacking Village CTF
\nCaesers Forum, Contest Area, Car Hacking Village.
\n
\n\nWHEN:\n
\nFriday: 10am to 16:30pm
\nSaturday: 10am to 16:30pm
\nSunday: 10am to 12pm
\n
\nTwitter: \nhttps://twitter.com/CarHackVillage/\n
\nWebsite: \nhttps://www.carhackingvillage.com/\n
\nCommunity: \nhttps://discord.gg/DevtqBZ\n
\n​
\n
\nThe Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEM\'s and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.
\n
\nWith the largest collection of hackers in one area, there\'s no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 9 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. Our contest at the village, in combination with many automotive OEMs, Suppliers, etc., is used to give people first hand experience on cutting edge and at times expensive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.
\n\n\n\n\n\''),(1402,'\'DEF CON 31 Beard and Mustache Contest\'','\'https://forum.defcon.org/node/246752\'','\'https://forum.defcon.org/node/246753\'','','','','','\'\n
\nDEF CON 31 Beard and Mustache Contest
\n
\nWhen: Saturday 14:00 - 16:00
\nWhere: Contest Stage
\n
\nWebsite: \nhttp://dcbeard.net/\n (new domain this year – update your favorites)
\n
\nTwitter: @\nDCBeardContest\n
\n
\n
\nHeld every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.
\n
\nFor 2023 there will be three categories for the competition:
\n
\n\nFull beard\n: Self-explanatory, for the truly bearded.
\n
\n\nPartial Beard or Mustache only\n (combined this year)
\n
\nFor those sporting Van Dykes, Goatees, Mutton Chops, and other
\n
\npartial beard styles -or-
\n
\nMustache only: Judging on the mustache only, even if bearded.
\n
\nBring your Handlebars, Fu Manchus, or whatever adorns your upper lip.
\n
\n\nFreestyle\n: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.
\n​
\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 16:00\n\n\n\nLocation\n\nContest Stage\n\n\n\n\n\''),(1403,'\'Blue Team Village CTF\'','\'https://forum.defcon.org/node/244798\'','\'https://forum.defcon.org/node/244799\'','','','','','\'\n
\n\nBlue Team Village CTF\n
\n\nWhere: Flamingo, Scenic ballroom\n
\n\nWhen: \n
\nFriday: CTF begins: 10:30 - 18:00
\nSaturday: 10:30 - 18:00 (CTF ends)
\nSunday: N/A The winners will be announced during BTV closing ceremonies
\n
\nThis contest is online and in person.
\n
\n\n@BlueTeamVillage\n
\n\nhttps://www.blueteamvillage.org/ctf\n (not a live link yet)
\n
\nThe Blue Team Village CTF is a cyber defense CTF inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate the recent attacks against our fictitious company: Magnus Tempus Financial. Since Magnus Tempus Financial made a vital acquisition expanding its precious metals portfolio to oil and gas operational technology (OT), you will also investigate their OT environment.
\n
\nThe CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, Malware Analysis, Threat Intelligence, and Threat Hunting, to be the first team or individual to answer or solve the challenges presented.
\n
\nThe BTV crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate, aiming to sharpen their cyber defense skills. We believe in the idea of choosing your adventure. As a result, participants can download a copy of the required evidence (logs, packets, etc.) or log into any of the 3 SIEMs we provide to hunt on.
\n
\nIf you are new to cyber defense, we highly recommend participating in the Blue Team Village Obsidian stations. They will cover many of the topics on the CTF and will help you along the way!
\n
\n\nWe will provide game clues on the CTF Platform and use the CTF station at the Blue Team Village and the Defcon BTV CTF Discord channel to address any CTF technical or scoring issues. \n
\n​\n\n\''),(1404,'\'Blacks In Cyber Village CTF\'','\'https://forum.defcon.org/node/244802\'','\'https://forum.defcon.org/node/244803\'','','','','','\'\n.. \n\n\n\"BIC\n\n\n\n
\n
\n..
\n
\nBlacks In Cyber (BIC) Village CTF
\nForum, Alliance 301-303
\n
\n\nFriday:\n 12:00 PM - 11:59 PM ( in person village closes at 18:00)
\n\nSaturday:\n 12:00 AM - 5:00 PM
\nThis contest is both online and in person.
\n
\n\n@BlackInCyberCo1\n
\n\nhttps://www.blacksincyberconf.com/ctf\n​
\n
\nThe year is 2323. You find yourself in an abandoned city in the future that is home to a variety of advanced technology and systems. You will need to use your skills to solve challenges and discover information to use to uncover your flags. Along the way, you will learn about social justice, privacy, civil rights and surveillance and how these can relate to communities and individuals as our world explores emerging technologies. This is a jeopardy style game with multiple categories in Cryptography, Steganography, Exploitation, Forensics,
\nReverse Engineering and more!​ \n\n\n\"Click\n\n\n\n
\n\n\n\''),(1405,'\'Creative Writing Short Story Contest\'','\'https://forum.defcon.org/node/244807\'','\'https://forum.defcon.org/node/244808\'','','','','','\'\n
\nCreative Writing Short Story Contest
\nTwitter: \nhttps://twitter.com/dcshortstory\n
\n
\nReddit: There will be a new Reddit thread at /r/defcon
\n
\nThis contest is run pre-con. The proposed contest will run from May 1, 2023 to June 15, 2023. Judging will run from June 16, 2023 to June 30, 2023. Winners will be announced July 8, 2023.
\n
\nThe DEF CON Short Story contest is a pre-con contest that is run entirely online utilizing the DEF CON forums, Twitter, and reddit. This contest follows the theme of DEF CON for the year and encourages hackers to roll up their sleeves, don their proverbial thinking cap, and write the best creative story that they can. The Short Story Contest encourages skills that are invaluable in the hacker’s world, but are often overlooked. Creative writing in a contest setting helps celebrate creativity and originality in arenas other than hardware or software hacking and provides a creative outlet for individuals who may not have another place to tell their stories.
\n
\nSo many hacker skills depend on your ability to tell a story. Whether it\'s social engineering, intrusion, or even the dreaded customer pentest report, ALL of these require the ability to tell a story. Storytelling is one of mankind\'s oldest traditions. Presenters even engage in storytelling when they get up on stage. A contest that celebrates and focuses on the ability to wind a yarn that captures and engages an audience is highly appropriate.
\n
\nSo why not?
\n
\nAwards are In person:
\n1st place: 2 badges
\n2nd place: 1 badge
\nCommunity choice: 1 badge
\n
\nMore Info: \n@dcshortstory\n
\n
\nLast year\'s contest entries can be found here:
\n\nCreative Writing Short Story Contest Story Entries - DEF CON Forums\n
\n
\n\n\n\n\n\''),(1406,'\'AutoDriving CTF contest\'','\'https://forum.defcon.org/node/244813\'','\'https://forum.defcon.org/node/244814\'','','','','','\'\n. \n\n\n\"AutoDriving\n\n\n\n
\n
\n
\n
\n
\n
\n
\n.
\n
\nAutoDriving CTF contest
\n
\nFriday 10:00 - 18:00
\nDEF CON Contest Area, Forum Ballroom​
\nThis contest will be both online and in-person.
\nTwitter: \nhttps://twitter.com/autodrivingctf\n
\n​
\nAutoDriving CTF is a Jeopardy style of CTF game with a set of challenges specific to self-driving functions and components. The contest offers participants the ability to use a simulation-based autonomous driving environment (based on the open-source simulators; e.g., LGSVL and CARLA) and explore specific attacks (such as camouflage stickers, road graffiti, and sensor spoofing/hijacking) as well as defense strategies.
\nWe hope to continue the engagement with the hacking community to demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.​\n\n\''),(1407,'\'? Cube\'','\'https://forum.defcon.org/node/244817\'','\'https://forum.defcon.org/node/244818\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\n
\n? Cube
\n
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 14:00
\nDEF CON Contest Area, Forum Ballroom​
\n(This contest is held online and in person.)
\n
\nAre you ready to put your problem-solving skills to the test?
\nThis year, we are proud to introduce a brand new contest, designed to push your limits and awaken your curiosity.
\n
\nThe ? Cube Challenge is not for the faint-hearted. It is a multi-layered, complex puzzle that requires you to use all your hacking and analytical skills to solve it.
\nThe cube is loaded with riddles and puzzles that must be solved one by one to progress further towards the ultimate goal.
\n
\nThis challenge is not just about solving a puzzle, it\'s about exploring your curiosity and pushing the boundaries of your knowledge.It\'s about putting your hacker mindset to work and seeing how far you can go. With each step, you\'ll be one step closer to unlocking the secrets of the ? Cube Challenge. We know that Defcon attendees are always looking for the next big challenge, and we have created the ? Cube Challenge with that in mind.
\n
\nIt is a contest that will test your limits, engage your creativity, and push your curiosity to the next level. So come and join us at Defcon 31 and take on the ultimate challenge! Who knows, you might just walk away with the title of ? Cube Champion and the admiration of your fellow hackers. Are you ready to take the challenge?
\n
\nWebsite: \nhttp://0x3fcube.com/\n
\n
\n​\n\n\''),(1408,'\'Octopus Game\'','\'https://forum.defcon.org/node/245213\'','\'https://forum.defcon.org/node/245214\'','','','','','\'\n.. \n\n\"Click\n\n\n
\n
\n..
\nOctopus Game
\n
\nContest
\nFriday: 1000 PDT (GMT -7) - Sunday: 1200 PDT (GMT -7)
\n
\nOctopus Game is back for a second year with an ARG style competition where fun and friendship are the goals. This year players will meet, compete and work together in various locations in and around the con. You\'ll solve puzzles and interact with characters in a world hidden just below the surface of reality. 128 players will enter, but only ONE will be crowned the Octopus CHAMPION. Join us, make some new friends and discover the world of Octopus Game!
\n
\nMore Info: \nhttps://www.mirolabs.info/octopusgamedc31\n
\nTwitter: \n@OctopusGameDC\n
\nMastodon: \n@OctopusGame@defcon.social\n
\n
\n​\n\n\n\n\''),(1409,'\'Phish Stories\'','\'https://forum.defcon.org/node/245219\'','\'https://forum.defcon.org/node/245220\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\n
\nPhish Stories
\nTwitter: \n@phishstories​\n
\n
\n
\nIn today’s world, approximately 90% of all cyberattacks begin with a phish. In fact, it’s not only the most prevalent method, but also the most effective one for someone to get malware on a machine. The sophistication of the groups who employ these methods targeting end-users continues to rapidly evolve. Many organizations around the world have adopted training to help their workforce understand what is or isn’t a phish when it hits their inbox. Hopefully, you’ve seen through the deception and haven’t been taken for a ride on any phish you’ve personally received.
\n
\nAt DEF CON, you might see examples of just how talented some of the red teamers and social engineers are when it comes to creating scenarios that can fool even the most seasoned of professionals. Leveraging Open-Source Intelligence (OSINT), some good looking graphics sprinkled in with proper grammar can make it tough on the targets.
\n
\nIt’s a far cry from the early days of phishing, when the promise of inheriting millions from a Nigerian prince or the lure of winning a sweepstakes were the focus of many an e-mail. No, the original phishing e-mails were not finely tuned instruments and more times than not they found their way into the trash bin. And, while that was the safest thing to do with these e-mails, I found myself chuckling at the rather inane stories sometimes associated with the particularly bad ones. Some were so bad that I wondered if they were written with the thought of getting someone to click or if the goal all along was to get someone to laugh.
\n
\nIt got me to thinking, “\nWhy not form a contest to see who can craft a phishing e-mail that makes us do both? Click AND laugh?”\n
\n
\nAs an avid fisherman who goes after the fish that swim, I’m very familiar with the concept of a “fish story”. A fish I catch may somehow end up looking a little bigger than it really is. That 12-inch bass becomes a 2-foot monster when held close to the camera. Or, I might fib a little on what I used to catch a certain fish or where I caught it.
\n
\nI’m also a hacker, with a security day job, more than familiar with the other kind of “phishing”. It also can also be done through proclaiming incredible things to get you to click on a link. Perhaps you’ve inherited a large sum of money? Or maybe a mysterious government agent has some secret information that only you are privy to?
\n
\n
\n\nThe Rules\n
\n
\nFirst off, this is a contest about creativity, but you don’t \nHAVE\n to be funny to win.
\n
\nThere is more than one way to win, but there is only one entry per person. So, you must choose which way you’re going from one of the following three categories:
\n
\n\n1.\n \nThe Jester\n – This option is all about the laughter. Yes, you might know the technical ins and outs of SMTP or maybe you conduct penetration tests for a living and try to get your targets to click on those juicy links. But what we’re looking for in *this* option is more about just how good you are at giving us a chuckle. Write up a backstory, but no need to focus on too many of the technical details. Feel free to get really silly here. We still want you to focus on a target from the list, but the phish needs to do nothing more than make us laugh. These e-mails should be OBVIOUS phishes in this category.
\n
\n\n2.\n \nThe Wizard\n – You’re doing your best to ACTUALLY trick one of the targets. This would be more of your traditional phish. You’ll want to utilize the articles and create a backstory that includes any other potential sources of your OSINT. What caused you to take the path you did with the e-mail? Also, bonus points here for describing what happens AFTER your target clicks on a link. Again, though, you are limited to 3500 characters, so be concise. You want to trick them in this one, so the phish should not be overtly easy to spot.
\n
\n\n3.\n \nThe Ruler – \nThe last of the options is the toughest one. Can you combine the two? We’re looking for “targeted absurdity” in this option. Write a ridiculous backstory complete with technical chops and then back that up with a phishing e-mail that busts a collective gut. The best e-mails in this competition will find a way to balance humor with the basic bones of a targeted phishing attempt.
\n
\nRemember, this contest is more about creativity, writing, and finding a way to make us laugh. We’ll provide you with a LinkedIn profile of each member of the Management team, and three magazine articles, but it’s up to you to “fill in the blanks.” You get to make up what you want in the backstory. We’ve given you a start, but you’ll have to do the rest.
\n
\n
\n\nRules for entry:\n
\n
\nEach submission features two distinct documents:
\n
\n1. The backstory – you’ll need to fill out the assumptions you made about your target. The more creative you get, the more you’ll score. This needs to be limited to roughly 3500 characters.
\n2. The e-mail – again, this should be limited to no more than 3500 characters. (3500 is about the size of one page)
\n
\nYou will be supplied with some background newspaper and magazine articles about the potential targets along with LinkedIn profiles of each as well. \n\nIt is then up to you to pick your path to victory:\n\n
\n
\nSave the e-mail and Backstory to a text file. Attach that text file to an e-mail and send it to \nphishstories@protonmail.com\n.
\n
\nContest begins May 15th and participants will have until June 15th to submit their entry.
\n
\n
\n\nOne entry per participant\n
\n
\nYou will receive confirmation of your entry. If you submit more than one, we’re only counting and reading the first.
\n
\nIllustrations and graphics are not accepted.
\n
\nPlease include your e-mail address and handle for communication and recognition.
\n
\nYou will receive a confirmation within 48 hours of submission. Please contact us if you do not receive confirmation after 48 hours.
\n
\nJudging will be conducted by a panel and completed within 2 weeks.
\n
\n
\n\nScoring Criteria\n
\n
\nE-mail content – 50%
\nBackstory – 40%
\nFollowing the instructions – 10%
\n
\nAwards are In Person. Top 3 will receive prizes – A “Jester”, “Wizard”, and “Ruler”. The Jester and Wizard receive one human badge each, the Ruler will receive two human badges.
\n
\nYou can follow @phishstories on Twitter for updates and information.
\n
\nEnjoy!
\n
\nThe winners will get recognition in the online program and in social media. If on-site during the conference, they will also walk the stage to be recognized at the Contest Closing Ceremony.
\n
\n
\n\nWhat’s the point?\n
\n
\nHaving won the creative writing contest for DEF CON 30 and the People’s Choice award for DEF CON 29, I was looking for a way to expand pre-con participation in the creative writing process and incorporate a little (or a lot) humor along the way. Writing is a skill that has gotten me further in my information security career than most of my skills, save perhaps my sense of humor. Combining the two can be very helpful in gaining confidence for your own skills.
\n
\n
\n\nThe Scenario\n
\n
\n
\n
\nFor this year’s inaugural contest, our contestants will attempt to send a phishing email to someone on the leadership team of DEF CON Custard and Cream, a new custard shop opened in August of 2020 that has 31 distinct “Phlavors” of custard and ice cream. There are three individuals on the leadership team for you to choose from:
\n
\nJulia Culter, CEO
\n
\nPat Conline, CMO
\n
\nJohnny “Red” Packard, CIO
\n
\n\nProfiles of Defcon Custard and Cream management team:\n
\n​
\n... \n\n\n\"Click\n\n\n\n
\n
\n..
\n
\n
\nJulia Culter was always passionate about food and desserts. After working in various pastry shops and bakeries, she decided to start her own business and opened DEFCON Custard and Cream. Located in the heart of the city, the shop quickly became a local favorite for its delicious and unique flavors of custard.
\n
\nAs the owner and head chef of DEFCON Custard and Cream, Julia spends most of her days in the kitchen experimenting with new recipes and perfecting her craft. In her free time, she enjoys reading cookbooks in her cozy three-story condo. She is known for her strong work ethic and commitment to providing her customers with the best possible experience.
\n
\nJulia Culter Founder & Head Chef at DEFCON Custard and Cream
\n
\nSummary:
\n
\nPassionate and dedicated pastry chef with experience in creating unique and delicious desserts. Founded DEFCON Custard and Cream to provide customers with a one-of-a-kind custard experience.
\n
\nExperience:
\n
\nFounder & Head Chef DEFCON Custard and Cream (May 2020 - Present)\nPastry Chef Sweet Dreams Bakery (January 2018 - April 2020)\nEducation:
\n
\nBachelor of Science in Culinary Arts Le Cordon Bleu College of Culinary Arts (September 2014 - May 2018)
\n
\nSkills:\nCertifications:\n​... \n\n\n\"Click\n\n\n\n
\n
\n..
\n
\n
\nPat Conline is the Chief Marketing Officer at DEFCON Custard and Cream. With over 10 years of experience in the food and beverage industry, Pat brings a wealth of knowledge and expertise to the company.
\n
\nAs the CMO, Pat is responsible for overseeing the marketing and advertising efforts for DEFCON Custard and Cream. She has been working diligently on tapping new markets for the custard shop, with a focus on expanding the brand beyond its flagship store on the Las Vegas Strip. Pat is known for her creative and innovative approach to marketing, and is always looking for new ways to promote the company and its delicious custard. When not working, Pat enjoys spending time with her pet parakeet Linda.
\n
\nPat Conline Chief Marketing Officer at DEFCON Custard and Cream
\n
\nSummary:
\n
\nExperienced marketing professional with a background in the food and beverage industry. Currently serving as the Chief Marketing Officer at DEFCON Custard and Cream, overseeing all marketing and advertising efforts for the company.
\n
\nExperience:
\n
\nChief Marketing Officer DEFCON Custard and Cream (August 2020 - Present)\nMarketing Manager Cupcake Heaven (January 2018 - July 2020)\nEducation:
\n
\nBachelor of Science in Marketing University of Nevada, Las Vegas (September 2014 - May 2018)
\n
\nSkills:\n​... \n\n\n\"Click\n\n\n\n
\n
\n..
\n
\nJohnny "Red" Packard is the Chief Information Officer at DEFCON Custard and Cream. With a background in both culinary arts and web development, Johnny brings a unique skillset to the company.
\n
\nAs the CIO, Johnny is responsible for managing all of the company\'s information technology systems and ensuring that they are running smoothly. In addition to his technical expertise, Johnny is also known for his creative flavor creations and is always coming up with new and exciting custard flavors for the shop. In his free time, Johnny enjoys moonlighting as a web developer and was even responsible for creating the first DEFCON Custard and Cream website. He is known for his ability to bridge the gap between technology and culinary arts.
\n
\nJohnny "Red" Packard Chief Information Officer at DEFCON Custard and Cream
\n
\nSummary:
\n
\nExperienced IT professional with a background in web development and culinary arts. Currently serving as the Chief Information Officer at DEFCON Custard and Cream, overseeing all information technology systems and managing the company\'s website.
\n
\nExperience:
\n
\nChief Information Officer DEFCON Custard and Cream (August 2020 - Present)\nWeb Developer Freelance (January 2018 - July 2020)\nPastry Chef Sweet Dreams Bakery (September 2016 - December 2017)\nEducation:
\n
\nBachelor of Science in Computer Science University of Nevada, Las Vegas (September 2014 - May 2018)
\n
\nSkills:\nCertifications:\n
\n\nArticle 1:\n Def Cream Magazine
\n
\nDouble Dip on the Strip
\n
\nDEFCON Custard and Cream is not just the brainchild of one person, but a team effort led by Julia Culter, the founder and head chef, along with Pat Conline, the Chief Marketing Officer, and Johnny "Red" Packard, the Chief Information Officer.
\n
\nPat Conline, who has over 10 years of experience in the food and beverage industry, is responsible for overseeing the marketing and advertising efforts for DEFCON Custard and Cream. "Our goal is to expand the brand beyond its flagship store on the Las Vegas Strip and tap into new markets," says Pat. "I\'m always looking for new and innovative ways to promote the company and its delicious custard."
\n
\nJohnny "Red" Packard, who brings a unique skillset to the company with his background in both culinary arts and web development, is responsible for managing all of the company\'s information technology systems and ensuring they are running smoothly. "I really enjoy the opportunity to bridge the gap between technology and culinary arts," says Johnny. "I was even responsible for creating the first DEFCON Custard and Cream website and it\'s been amazing to see how technology has helped us to grow and improve our business."
\n
\nTogether, Julia, Pat, and Johnny have created a winning team that is dedicated to providing their customers with the best possible experience. "We have such a great team here at DEFCON Custard and Cream," says Julia. "We all bring different skills and perspectives to the table, and it\'s that diversity that makes us so successful."
\n
\nWith a passion for food and desserts, a commitment to customer service, and a team of experts working together, DEFCON Custard and Cream is sure to continue its sweet success for years to come.
\n
\n\nArticle 2: \nLinux Loves Bean Magazine
\n
\n"From Pastry Chef to CIO: How Johnny \'Red\' Packard is Revolutionizing the Dessert Industry"
\n
\nJohnny "Red" Packard is no stranger to the world of desserts. With a background in both culinary arts and web development, he brings a unique skillset to his role as the Chief Information Officer at DEFCON Custard and Cream. But it\'s not just his technical expertise that sets him apart - it\'s his passion for experimentation and innovation.
\n
\nAs a pastry chef, Johnny has always been drawn to the creative process of recipe development and flavor creation. "I\'ve always enjoyed experimenting with different ingredients and techniques to create new and exciting flavors," he says. "I think that mindset really helps me in my role as CIO, where I\'m constantly looking for new ways to improve and streamline our systems and processes."
\n
\nBut what really sets Johnny apart is his hobby of "penetration testing" and ethical hacking. Johnny has a passion for understanding how systems and networks can be compromised, and he uses that knowledge to ensure that DEFCON Custard and Cream\'s IT infrastructure is as secure as possible. "I think it\'s important to understand the potential threats and vulnerabilities that exist in any system," he says. "That way, you can proactively take steps to protect yourself and your customers."
\n
\nOne of the ways that Johnny has been able to apply this knowledge is by developing an online ordering system that is both user-friendly and secure. "Our online ordering system allows customers to place their orders from the comfort of their own home, but we also made sure to use secure methods of storing and transmitting their information," he explains. "It\'s a win-win for both our customers and for us as a business."
\n
\nWith his background in both culinary arts and web development, Johnny is able to bridge the gap between technology and culinary arts. His innovative approach and passion for experimentation and innovation has helped DEFCON Custard and Cream to stand out in the dessert industry.
\n
\n"I\'m so grateful for the opportunity to do something I love every day, and to have such amazing customers who support me," says Johnny. "I can\'t wait to see what the future holds for DEFCON Custard and Cream."
\n
\n\nArticle 3: \nBon Hacketit Magazine
\n
\n"Marketing the Sweet Life: Inside the Mind of DEFCON Custard and Cream\'s CMO"
\n
\nWhen it comes to marketing, Pat Conline is a force to be reckoned with. As the Chief Marketing Officer at DEFCON Custard and Cream, she\'s responsible for overseeing all of the company\'s advertising and promotion efforts. But behind the creative campaigns and clever slogans is a woman who\'s just as passionate about custard as she is about marketing.
\n
\n"I\'ve always had a sweet tooth, and when I saw the opportunity to work with DEFCON Custard and Cream, I knew it was the perfect fit," says Pat. "It\'s been amazing to see how our marketing efforts have helped the brand to grow and become a household name."
\n
\nBut despite her success in the marketing world, Pat admits that she\'s not always the most tech-savvy person. "I\'ll be the first to admit that I\'m not the most computer-literate person out there," she says. "I leave all of that stuff to Johnny, our CIO. He\'s the one who makes sure our website and online systems are running smoothly."
\n
\nWhen asked about the company\'s computer network, Pat is quick to deflect. "I don\'t know much about the technical side of things," she admits. "But I know that Johnny and his team have been hard at work, they’re the cream of the crop."
\n
\nBut despite her lack of technical expertise, Pat\'s passion and dedication to her job are undeniable. "I love being able to create campaigns and promotions that connect with people and make them excited about our custard," she says. "It\'s an amazing feeling to know that our marketing efforts are making a real difference."
\n
\nPat’s life outside of work is one that she’s hoping to have some time for now that DCC has gotten off the ground. "I have a pet Parakeet named Linda, and I love spending time with her, but I do think with our launch it might be time to enjoy this great city."
\n
\nWith her creative approach and passion for custard, Pat Conline is helping to make DEFCON Custard and Cream a household name in the dessert industry.
\n
\n"I\'m so grateful for the opportunity to do something I love every day and to have such amazing customers who support me," says Pat. "I can\'t wait to see what the future holds for DEFCON Custard and Cream."
\n​\n\n\''),(1410,'\'Radio Frequency Capture the Flag\'','\'https://forum.defcon.org/node/245222\'','\'https://forum.defcon.org/node/245223\'','','','','','\'\n.. \n\n\"Click\n\n\n
\n
\n..
\nRadio Frequency Capture the Flag
\n
\nOnline and In-person
\nWhere: Radio Frequency Village, Eldorado Ballroom, Flamingo
\nWhen: Village Operating Hours are Friday to Sat 10:00 - 18:00, Sunday 10:00 to
\n14:00
\n
\n
\nTwitter: \n@rf_ctf\n and \n@rfhackers\n
\n​DEFCON Discord: \nhttps://discord.com/channels/7082082...44270976696380\n
\nRF Discord: \nhttps://discordapp.com/invite/JjPQhKy\n
\nWebsite: \nhttp://rfhackers.com\n - play with us
\nGithub: \nhttps://github.com/rfhs\n
\nOfficial Support Ticketing System: \nhttps://github.com/rfhs/rfctf-support/issues\n
\n
\n
\nDo you have what it takes to hack WiFi, Bluetooth, and Software
\nDefined Radio (SDR)?
\n
\nRF Hackers Sanctuary (the group formerly known as Wireless Village) is
\nonce again holding the Radio Frequency Capture the Flag (RFCTF) at DEF
\nCON 31. RFHS runs this game to teach security concepts and to give
\npeople a safe and legal way to practice attacks against new and old
\nwireless technologies.
\n
\n
\nWe cater to both those who are new to radio communications as well as
\nto those who have been playing for a long time. We are looking for
\ninexperienced players on up to the SIGINT secret squirrels to play our
\ngames. The RFCTF can be played with a little knowledge, a pen tester’s
\ndetermination, and $0 to $$$$$ worth of special equipment. Our new
\nvirtual RFCTF can be played completely remotely without needing any
\nspecialized equipment at all, just using your web browser! The key is
\nto read the clues, determine the goal of each challenge, and have fun
\nlearning.
\n
\n
\nThere will be clues everywhere, and we will provide periodic updates
\nvia discord and twitter. Make sure you pay attention to what’s
\nhappening at the RFCTF desk, #rfctf on our discord, on Twitter
\n@rf_ctf, @rfhackers, and the interwebz, etc. If you have a question -
\nASK! We may or may not answer, at our discretion.
\n
\n
\nFOR THE NEW FOLKS
\n
\nOur virtual RFCTF environment is played remotely over ssh or through a
\nweb browser. It may help to have additional tools installed on your
\nlocal machine, but it is not required.
\n
\nRead the presentations at: \nhttps://rfhackers.com/resources\n
\n
\n
\nHybrid Fun
\n
\nFor DEF CON 31 we will be running in “Hybrid” mode. That means we
\nwill have both a physical presence AND the virtual game running
\nsimultaneously. All of the challenges we have perfected in the last 2
\nyears in our virtual game will be up and running, available to anyone
\nall over the world (including at the conference), entirely free. In
\naddition to the virtual challenges, we will also have a large number
\nof “in person” only challenges, which do require valid conference
\nadmission. These “in-person” only challenges will include our
\ntraditional fox hunts, hide and seeks, and king of the hill
\nchallenges. Additionally, we will have many challenges which we
\nsimply haven’t had time or ability to virtualize. Playing only the
\nvirtual game will severely limit the maximum available points which
\nyou can score, therefore don’t expect to place. If you play virtual
\nonly, consider the game an opportunity to learn, practice, hone your
\nskills, and still get on the scoreboard for bragging rights. The
\nvirtual challenges which are available will have the same flags as the
\nin-person challenges, allowing physical attendees the choice of
\nhacking those challenges using either (or both) methods of access.
\n
\n
\nTHE GAME
\n
\nTo score you will need to submit flags which will range from decoding
\ntransmissions in the spectrum, passphrases used to gain access to
\nwireless access points, or even files located on servers. Once you
\ncapture the flag, submit it to the scoreboard right away, if you are
\nconfident it is correct. Flags will be worth less points the more
\noften they are solved. Offense and defense are fully in play by the
\nparticipants, the RFCTF organizers, and the Conference itself. Play
\nnice, and we might also play nice.
\n
\n
\nGetting started guide: \nhttps://github.com/rfhs/rfhs-wiki/wiki\n
\n
\nHelpful files (in-brief, wordlist, resources) can be found at
\n\nhttps://github.com/rfhs/rfctf-files\n
\n
\nSupport tickets may be opened at \nhttps://github.com/rfhs/rfctf-support/issues\n
\n
\nOur whole game is also open source and available at:
\n\nhttps://github.com/rfhs/rfctf-container\n
\n
\n
\nTL;DR
\n
\nTwitter: \n@rf_ctf\n and \n@rfhackers\n
\nDiscord: \nhttps://discordapp.com/invite/JjPQhKy\n
\nWebsite: \nhttp://rfhackers.com\n - play with us
\nGithub: \nhttps://github.com/rfhs\n
\nOfficial Support Ticketing System: \nhttps://github.com/rfhs/rfctf-support/issues\n\n\n\n\n\''),(1411,'\'CMD+CTRL Cyber Range\'','\'https://forum.defcon.org/node/245229\'','\'https://forum.defcon.org/node/245230\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\n
\nCMD+CTRL Cyber Range Showdown
\n
\nFree Play: Starts Thursday at 10 AM and Ends Sunday at 12 PM
\nCompetition: Starts Friday at 10 AM and Ends Sunday at 12 PM
\nLocation: DEF CON Contest Area, Forum Ballroom, In-person
\n
\nCMD+CTRL Cyber Range is an interactive learning and hacking platform where development, security, IT, and other roles come together to build an appreciation for protecting the enterprise. Players learn security techniques in a real-world environment where they compete to find vulnerabilities. Real-time scoring keeps everyone engaged and creates friendly competition. Our Cloud and App Cyber Ranges incorporate authentic, fully functioning applications and vulnerabilities often found in commercial web platforms.
\n
\nAt DEF CON 31: We will be debuting our latest Cyber Range, ShadowHealth, which focuses on exploiting a modern medical records system. We will also be opening up our platform for free play to those who do not want to commit to the full competition or want to experience some of our previous Ranges. Information below.
\n
\nFind out more and register at:
\n\nhttp://defcon31.cmdnctrl.net/\n​\n\n\''),(1412,'\'Darknet-NG\'','\'https://forum.defcon.org/node/245234\'','\'https://forum.defcon.org/node/245235\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n..
\nDarknet-NG
\nFriday: 10 am - 4:30 pm (Contest shut down overnight)
\nSaturday: 10 am - 4:30 pm (Contest shut down overnight)
\nSunday: 10 am - 12 pm (Contest ends at noon, and contest results to contests by 1 pm)
\nDEF CON Contest Area, Forum Ballroom, in-person
\n
\n\nhttps://twitter.com/DarknetNg\n
\n\nhttps://defcon.social/@DarknetNG\n
\n\nhttps://darknet-ng.network\n
\n
\nDarknet-NG is an In-Person Massively Multiplayer Online Role Playing Game (MMO-RPG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The "Learning Quests" help the agent gather knowledge from all across the other villages at the conference, while the "Challenge Quests" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year\'s challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site \nhttps://darknet-ng.network\n and join our growing Discord Community!​\n\n\''),(1413,'\'DC Kubernetes Capture the Flag (CTF)\'','\'https://forum.defcon.org/node/245244\'','\'https://forum.defcon.org/node/245245\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n..
\nDC Kubernetes Capture the Flag (CTF)
\nFriday: 10:00-18:00
\nSaturday: 10:00-17:00
\nOnline: \nhttps://containersecurityctf.com/\n
\n
\nTwitter @ctfsecurity
\n\nhttps://containersecurityctf.com/\n
\n
\nThe DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.
\n
\nA scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.​\n\n\''),(1414,'\'DC Sticker Design Contest\'','\'https://forum.defcon.org/node/245249\'','\'https://forum.defcon.org/node/245250\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n..
\nDC Sticker Design Contest
\nOnlline Pre-Con
\n\n@InfosecStickers(@twitter)\n, @\nstickers@defcon.social\n
\n
\n
\nAncient warriors used tattoos as a means of indicating rank in battle; it was the sort of mark that told the tales of their various conquests - their struggles and triumphs. Similarly, traversing the halls of DEF CON, one can see more modern versions manifesting as stickers - especially on laptops and other electronic equipment.
\n
\nWe use stickers to break the ice with strangers, as a barter currency, to tell the tales of our struggles and triumphs. After all, is a hacker really a hacker without a laptop adorned with these markings?
\n
\nHere\'s your chance to be part of hacker culture, by creating something that people around the world will treasure and proudly display. Submit original artwork in the theme of the con, that you believe best exemplifies hacker culture, that will be used as printed stickers.
\n
\n
\nOn your marks... Make your mark.​\n\n\''),(1415,'\'Pub Quiz at DEF CON\'','\'https://forum.defcon.org/node/245252\'','\'https://forum.defcon.org/node/245253\'','','','','','\'\n..
\n..
\nPub Quiz at DEF CON
\nFriday: 18:00-21:30
\nLocation: Caesars Forum - Forum - 121-123, 129, 137 - Chillout​
\n
\nDo you like Pub Quiz please join us in participating in the first ever Pub Quiz at DEF CON. Quiz will consist of 7 rounds from Question from 90s TV shows, Movies, and DEF CON questions. The quiz will be theme will be all things DEF CON. There will be visual and audio rounds so not just boring questions. People will group into teams of 5 and a cash prize will be provided for 1st, 2nd, and 3rd high scoring groups. Ties will be broken by a dance off from a person of the tied teams.
\n
\n1st Prize $1,000
\n2nd Prize $300
\n3rd Prize $200​
\n
\nAuthoritative answers about this can be provided by \nfrost69\n\n\n\''),(1416,'\'DEF CON Scavenger Hunt\'','\'https://forum.defcon.org/node/245255\'','\'https://forum.defcon.org/node/245256\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n..
\nDEF CON Scavenger Hunt
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\nSunday: 10:00 to 12:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...49278163779605\n
\nTwitter: \n@defconscavhunt\n
\n
\nAre you tired of being an NPC, mindlessly standing in line at a hacker con? Do you want to be involved and improve the hacker community? The DEF CON Scavenger Hunt is here to encourage you to interact with goons and attendees alike; to be an active participant of DEF CON itself.
\n
\nCome visit the DEF CON Scavenger Hunt table in the contest area and get a list, register your team of 1 to 5 players, and gather or accomplish as many items from the list as you can. Items are submitted at the table, better than average submissions shall be awarded bonus points. The team who turns in the most points by Sunday at noon will win the admiration of your like-minded peers.
\n
\nThe DEF CON Scavenger Hunt is one of the longest running contests at DEF CON, visit \nhttps://defconscavhunt.com\n for a history lesson.
\n
\nIf you capture pictures or video of items from our list, or have in the past, please send them to us via email \nscavlist@gmail.com\n.​
\n..\n\n\''),(1417,'\'DC’s Next Top Threat Model (DCNTTM)\'','\'https://forum.defcon.org/node/245261\'','\'https://forum.defcon.org/node/245262\'','','','','','\'\n..
\n..
\nDC’s Next Top Threat Model (DCNTTM)
\nFriday: 10:00-18:00
\nSaturday: 10:00-18:00
\nDEF CON Contest Area, Forum Ballroom | Hybrid |
\n
\nTwitter: \n@ThreatModelUs\n
\n
\nThreat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.
\n
\nAs part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).​\n\n\n\n\''),(1418,'\'Ham Radio Fox Hunting Contest\'','\'https://forum.defcon.org/node/245265\'','\'https://forum.defcon.org/node/245266\'','','','','','\'\n..
\n..
\nHam Radio Fox Hunting Contest
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\ndefcon31foxhunt.com
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...45275902574633\n
\nTwitter \n@Evil_mog\n (yolo)
\n
\nIn the world of amateur radio, groups of hams will often put
\ntogether a transmitter hunt (also called "fox hunting") in order to
\nhone their radio direction finding skills to locate one or more hidden
\nradio transmitters broadcasting. The Defcon Fox Hunt will require
\nparticipants to locate a number of hidden radio transmitters
\nbroadcasting at very low power which are hidden throughout the
\nconference. Each transmitter will provide a clue or code which
\nwill prove the player found the fox transmitter. A map
\nwith rough search areas will be given to participants to guide them on
\ntheir hunt. Additional hints and tips will be provided throughout
\nDefcon at the contest table to help people who find themselves stuck.
\nA small prize to be determined will be given to each participant who
\nlocates all of the foxes each day.
\n
\nExpanded this year with increased difficulty each day.
\nFriday: Foxes in a small area, non moving
\nSaturday: Foxes in a larger area, with one moving.
\nSunday: Foxes are on the move. The hunt is on!
\n
\nThere will also be a beginner friendly, no radio required, Infrared
\nLED Fox Hunt running everyday which participants can use their cameras
\non their phones to find!​\n\n\''),(1419,'\'DEFCON MUD DUMB TERMINAL EDITION\'','\'https://forum.defcon.org/node/245270\'','\'https://forum.defcon.org/node/245271\'','','','','','\'\n..
\n..
\nDEFCON MUD DUMB TERMINAL EDITION
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...07998796480590\n
\n
\nThe DEFCON MUD is back, this time you can only access it over dumb terminals or serial terminals hosted by the DEFCON SCAV Hunt. Flags will be hosted inside the mud, good luck, have fun, and oh yes the game has exploits, can you find them all?​\n\n\''),(1420,'\'Dungeons@Defcon\'','\'https://forum.defcon.org/node/245277\'','\'https://forum.defcon.org/node/245278\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n..
\nDungeons@Defcon
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\n\nhttp://www.dungeonsatdefcon.com/\n
\n
\nD@D is a table-top/RPG themed puzzling campaign for teams of 1-4 players. As part of the campaign, teams will unravel crypto challenges, solve physical puzzles, and do other side-quests that will have them interacting with different components of the Defcon community (villages, goons, NPCs, local wildlife, trolls, etc.) to earn points and progress through a narrative. The theme changes each year, but typically is based loosely on a popular table-top game that fits the theme for Defcon. Teams learn how to work cooperatively to solve large puzzles, and learn how to solve puzzles that they may have seen in CTFs, escape rooms, or other puzzle venues. The contest is designed to be accessible to all technical levels and all ages.
\n
\nPre-registration will occur online the week before con (announced via Twitter) as well as Friday morning at 10 in person, first come first served until we have enough teams filled. Contest will start at 12:00 on Friday​\n\n\''),(1421,'\'Battle of the Bots\'','\'https://forum.defcon.org/node/245282\'','\'https://forum.defcon.org/node/245283\'','','','','','\'\n..
\n..
\nBattle of the Bots
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\nBattle of The Bots presents a new twist on traditional “King-of-The-Hill” style Capture the Flag events by incorporating exploit development, vulnerability analysis, reverse engineering and software development in the form of developing computer worms aka “bots”. BOTBs requires competitors to develop proof-of-concept exploits against varying misconfigured or vulnerable network services. To maximize points scored, the competitor’s bot must automatically scan and compromise network services in the competition environment autonomously. Services that are harder to exploit (ex: requiring memory corruption exploits opposed to misconfigured databases) will result in a higher point score for the competitor.
\n
\nThe vulnerable network services will include real world vulnerable services where a competitor can adopt off the shelf proof-of-concepts vulnerabilities from an offensive security resource (ex: Metasploit Framework, exploit-db, packetstorm, etc…) into their bot to achieve access to said vulnerable services. Additionally, custom built vulnerable services informed by OWASP Top 10 security bugs as well as CVEs will influence challenge development resulting in a competitor to have the experience of reverse engineering new applications to identify vulnerabilities based on historically significant pain points in Software Engineering as well as infamous historical CVEs. Battle of The Bots will give competitors of all skill levels an opportunity to develop proof-of-concept exploits. Network services will be developed in a variety of compiled and interpreted languages with varying associated vulnerabilities and points. The variety of languages will provide opportunities for those less experienced with reverse engineering to analyze vulnerable Python code to find hidden API endpoints that lead to shell execution for example, rather than reverse engineer compiled binaries.
\n
\nFinally, the BOTBs team will be capturing network traffic from the competition environment to later be shared with the wider community. The BOTBs team believes that this unique dataset of network service attacks can act as a unique resource for academic researchers, SOC analysts assessing their defenses and training events where having attack data for SIEM analysis. The data will be released under the Apache 2.0 License and hosted publicly on a yet to be determined platform.​\n\n\''),(1422,'\'Capture the Packet\'','\'https://forum.defcon.org/node/245287\'','\'https://forum.defcon.org/node/245288\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nCapture the Packet
\nFriday: 09:00-14:00
\nSaturday: 09:00-14:00
\nSunday: 09:00 - 13:00
\nForum, Packet Hacking Village, Academy 413
\n
\nWebsites:
\n\nhttps://www.capturethepacket.com\n
\n\nhttps://www.ariessecurity.com\n
\n
\nDEFCON Discord: \nhttps://discord.com/channels/7082082...43512625430529\n
\nTwitter: \n@capturetp\n \n@wallofsheep\n
\n
\nThe time for those of hardened mettle is drawing near; are you prepared to battle? Compete in the world’s most challenging cyber defense competition, based on the Aries Security Cyber Range. In order to triumph over your competitors, contestants must be well rounded like the samurai. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth.
\n
\nThis year those brave enough to enter the labyrinth will witness never before seen terrors, and only the best prepared and battle hardened will manage to escape the crucible. Follow us on Twitter or Facebook to get notifications for dates and times when your team will compete, as well as what prizes will be awarded.​\n\n\''),(1423,'\'HardWired\'','\'https://forum.defcon.org/node/245293\'','\'https://forum.defcon.org/node/245294\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nHardWired
\n
\nFriday: 09:00-14:00
\nSaturday: 09:00-14:00
\nSunday: 09:00 - 13:00
\nForum, Packet Hacking Village, Academy 413, in-person
\n
\nWebsites:
\n\nhttps://www.capturethepacket.com\n
\n\nhttps://www.ariessecurity.com\n
\n
\nDEFCON Discord: \nhttps://discord.com/channels/708208267699945503/\n
\nTwitter: \n@capturetp\n \n@wallofsheep\n
\n
\nHave you ever built a hardwired network? It sounds simple. Follow the cabling diagram, use the crimpers, and voila. But we’ve added a twist: this is cable construction on the clock. Whether you’re a seasoned pro or a complete newbie, we provide all the tools necessary for you to hone your skills and race against time to create and test a working cable. Come play HardWired and show us what you’ve got!​\n\n\''),(1424,'\'CrackMeIfYouCan\'','\'https://forum.defcon.org/node/245299\'','\'https://forum.defcon.org/node/245300\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n..
\nCrackMeIfYouCan
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\n
\n\nhttps://contest.korelogic.com/\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...44827053457478\n
\n
\n
\nThe premiere password cracking contest "CrackMeIfYouCan" is back again.
\nPasswords so two-thousand and late. Remember, remember, the cracks of
\nNovember.
\n
\nWe\'re preparing hashes from easy to hard, so there\'ll be something for
\nyou if you want to compete casually as a Street team, or go all out in
\nPro.
\n
\nWhere we\'re going, we don\'t need roads. Purely a penchant for puzzles,
\nperhaps a plethora of processors.
\n
\nCheck out past years\' contests at \nhttps://contest.korelogic.com/\n , and
\nthe Password Village at \nhttps://passwordvillage.org/\n​\n\n\''),(1425,'\'Embedded CTF\'','\'https://forum.defcon.org/node/245307\'','\'https://forum.defcon.org/node/245308\'','','','','','\'\n..
\n..
\nEmbedded CTF
\nFriday: 0900 - 1800
\nSaturday: 0900 -1800
\nSunday: 0900 -1400
\nEmbedded Systems Village, Reno 2, Flamingo | in-person
\n
\nTwitter: \n@EmbeddedVillage\n
\n
\nEmbedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular use case and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective.
\n
\nThe Embedded CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices\' inner workings and understand their design\'s security implications.
\nNew devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants\' knowledge and experience.
\n
\nBy participating in the contest, teams of up to 6 contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills.
\nWith the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous. Whether you\'re a seasoned security professional or just starting in the field, this contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.​\n\n\n\n\''),(1426,'\'Hac-Man\'','\'https://forum.defcon.org/node/245312\'','\'https://forum.defcon.org/node/245313\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n..
\nHac-Man
\nBegins: Thursday Aug 10th at 08:00
\nEnds: Sunday Aug 13th at 12:00
\n
\nDEF CON Contest Area, Forum Ballroom |Hybrid
\nContest area does not open until Friday at 10:00.
\n
\n\nhttps://hacman.roguesignal.io/\n
\nTwitter: \n@Hac__Man\n
\n
\nHac-Man is a hacker skills challenge, themed after the classic arcade game "Pac-Man". Navigate your avatar through the maze, completing skills challenges in many different skills categories such as Ciphers and Codes, Reverse Engineering, Packet Analysis, Scavenger Hunt, Trivia, and Lock-picking. Can you make it to the end of the maze, or better yet, top the Leaderboard?​\n\n\n\n\''),(1427,'\'Hack-A-Sat 4 (HAS4)\'','\'https://forum.defcon.org/node/245316\'','\'https://forum.defcon.org/node/245317\'','','','','','\'\n..
\n..
\nHack-A-Sat 4 (HAS4)
\nFriday: 10:00 – 18:00 (active game hours)
\nSaturday: 10:00 – 18:00 (active game hours)
\nSunday: 12:00 – 1:30 (HAS4 closing ceremony in Aerospace Village)
\nDEF CON Contest Area, Forum Ballroom​
\n
\nThe Department of the Air Force, in collaboration with the security research community, is hosting Hack-A-Sat 4 – the world’s first CTF in space. Hack-A-Sat 4 aims to enable security researchers of all levels to focus their skills and creativity on solving cyber security challenges on space systems and incentivize innovation in securing these systems. Hack-A-Sat 4 will be the first CTF hosted on an on-orbit satellite, called Moonlighter. The satellite has been designed and built to advance the security research community’s skills and knowledge of on-orbit space systems. Note: HAS4 is no longer open to new contestants as the qualifying event took place in April. Attendees stopping by the HAS4 contest area will be able to learn about the history of Hack-A-Sat, Moonlighter and this year’s challenges. The area will have live scoreboards, dashboards and visualizations relaying game status, and live commentary will be provided from the adjacent Aerospace Village throughout the weekend.
\n
\nHAS4 Qualifications were held April 1-2, 2023.
\nResults here: \nhttps://quals.2023.hackasat.com/scoreboard/complete\n​\n\n\''),(1428,'\'Hacker Jeopardy\'','\'https://forum.defcon.org/node/245321\'','\'https://forum.defcon.org/node/245322\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nHacker Jeopardy
\nFriday: 20:00-22:00
\nSaturday: 20:00-22:00​
\nDEF CON Contest Area, Forum Room 232
\n
\nLintile:
\nHiya, ChatGPT, are you aware of the annual contest called Hacker Jeopardy at DEF CON? When is it?
\n
\nChatGPT:
\nYes, Hacker Jeopardy is a popular event at DEF CON. It\'s a parody of the television game show "Jeopardy!" but with a twist. Instead of general knowledge, the questions (or "answers," in Jeopardy style) are focused on hacker culture, computer security, technology, and similar topics. The game consists of two preliminary rounds on Friday, and a final round on Saturday. Both shows start at 2000 Las Vegas time. Just like in the original game show, there are DFIU Doubles and a Final Hacker Jeopardy round.
\n
\nOne unique aspect of Hacker Jeopardy that distinguishes it from the TV show is the incorporation of ADULT HUMOR, vulgarity, innuendo, and beer into the game. Please remember, my knowledge is current only up to September 2021, and if there have been any significant changes to Hacker Jeopardy after that, I would not be aware of them.
\n
\nLintile:
\nWhat\'s the catch phrase of Hacker Jeopardy?
\n
\nChatGPT:
\nThe catch phrase of Hacker Jeopardy is "Drink while you think". This refers to the unique element of the game where contestants are encouraged to drink beer while they are attempting to come up with the correct response to the clues.
\n
\nLintile:
\nThat\'s not correct. The acronym of the catch phrase is DFIU.
\n
\nChatGPT:
\nI apologize for the oversight. The catchphrase for Hacker Jeopardy at DEF CON is "Don\'t Forget It\'s UNIX" (DFIU), which is used humorously due to the historically significant role of Unix-based systems in hacking and network security. This phrase is often used to remind participants of the roots of many computer systems and infrastructures. I appreciate your patience and your correct information.
\n
\nNote:
\nthat this is an ADULT show with vulgarities and alcohol consumption, but if that doesn’t bother you, come enjoy one of the largest contests at DEF CON that you really need to see to believe! And as always, DFIU!
\n.. \n\n\"Click\n\n\n
\n
\n..
\n\n\n\''),(1429,'\'HackFortress\'','\'https://forum.defcon.org/node/245332\'','\'https://forum.defcon.org/node/245333\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n..
\nHackFortress
\nFriday: 10:00 - 18:00 open play
\nSaturday: 10:00 - 18:00 contest hours
\nDEF CON Contest Area, Forum Ballroom​
\n
\n\nhackfortress.net\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...43831275225125\n
\nTwitter: \n@tf2shmoo\n
\n
\nHackfortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers, TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.​\n\n\''),(1430,'\'Hardware Hacking Village CTF\'','\'https://forum.defcon.org/node/245343\'','\'https://forum.defcon.org/node/245344\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n..
\nHardware Hacking Village CTF
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\nHardware Hacking Village, Forum, 318 | in-person
\nTwitter: \n@dc_hhv\n
\n
\nHeat up your soldering iron and freshen the batteries in your multimeter! The Hardware Hacking Village (HHV) is hosting their first official DEF CON Capture the Flag (CTF). This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you\'re new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.​\n\n\n\n\''),(1431,'\'IoT Village CTF\'','\'https://forum.defcon.org/node/245348\'','\'https://forum.defcon.org/node/245349\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n..
\nIoT Village CTF
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\nSunday : 10:00 - 14:00
\n
\nIOT Village, Forum | \nhttps://scoreboard.iotvillage.org/\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...44307597164665\n
\n
\nHosted in IoT Village, teams of 1-6 players compete against one another by exploiting off-the-shelf IoT devices. This has been completely redesigned from previous contests, and features real-world devices that all have real-world vulnerabilities with real-world impacts.
\n
\nThis CTF is open to anyone! It is approachable for entry level people to experience getting their first root shell on IoT, but to really advance in this CTF teams will need to perform detailed vulnerability research, hardware hacking, firmware analysis, reverse engineering, and limited exploit development.
\n
\nCTFs are a great experience to learn more about security and test your skills, and the IoT CTF provides the most realistic hacking experience around! So, join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can during the con and the top three teams will be rewarded.​\n\n\n\n\''),(1432,'\'It\'s In That Place Where I Put That Thing That Time\'','\'https://forum.defcon.org/node/245355\'','\'https://forum.defcon.org/node/245356\'','','','','','\'\n..
\n..
\nIt\'s in That Place Where I Put That Thing That Time
\n
\nFriday: 1000 PDT (GMT -7) - Saturday: 1800 PDT (GMT -7)
\n
\nYour friend called. They had their place raided. They swear it\'s a setup. But now they\'re in jail and you\'re the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was "It\'s in that place where I put that thing that time." Good luck.
\n
\nTwitter: @\niitpwiptttt\n
\n..\n\n\''),(1433,'\'Maps of the digital lands\'','\'https://forum.defcon.org/node/245357\'','\'https://forum.defcon.org/node/245358\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n..
\nMaps of the digital lands
\n
\nFriday: 10:00 -18:00
\nSaturday: 10:00 -18:00
\nSunday: 10:00-12:00
\nDEF CON Contest Area, Forum Ballroom | In-Person
\n
\n\nhttps://alienvualt.com/\n
\nBooking CTF slots at \nhttps://alienvualt.com/ctf\n
\n
\nMaps of the Digital Lands is an all-ages contest that challenges participants to merge their artistic talents with their technical expertise. Contestants will be provided with a diverse array of written business designs and must hand-draw a network diagram illustrating the structure and interconnectivity of each business\'s infrastructure. Judging will be based on accuracy, adherence to best practices, and artistic prowess. In addition, a captivating Capture the Flag scenario will be available for extra points, employing a digital tool to elevate the challenge. Participants of all skill levels are encouraged to join this immersive experience, compete for assorted prizes, and showcase their unique ability to blend artistry with network engineering excellence. Network engineering is a crucial yet frequently overlooked aspect of hacking, forming the backbone of a secure and efficient cyber ecosystem. By honing their network engineering skills, participants can elevate their abilities beyond mere script kiddie status, gaining a comprehensive understanding of system vulnerabilities and strengthening their overall hacking prowess.​
\n
\nA forum user that is an organizer for this that is known is \nthetoolman\n : anyone else claiming to be an organizer with "answers" may not be affiliated with this.\n\n\''),(1434,'\'pTFS Presents: Mayhem Industries – Starphish\'','\'https://forum.defcon.org/node/245367\'','\'https://forum.defcon.org/node/245368\'','','','','','\'\n..
\n..
\npTFS Presents: Mayhem Industries – Starphish
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom​
\nDEF CON Contest Area, Forum Ballroom
\n
\n\nhttps://ptfs.team/dc31\n
\n.. \n\n\n\"Click\n\n\n\n
\n
\n..​
\n
\nDo you have what it takes to go up against Mayhem Industries\' latest maleficent project? Starphish Ltd. is up to no good in that way that only corporations can be. They\'ve got five Divisions, which means you\'ve got five opportunities to shut them down!
\n
\nIt won\'t be easy. You\'ll be directing a team of infiltrators through increasingly difficult challenges. What sort of challenges? Depends on the Division. Engineering is full of crunchy hacking challenges. HR\'s got the goods on social engineering. Finance\'ll be data processing the whole way.
\n
\nAnd the C-suite? Most dangerous of all… We\'ve never been able to get an operative inside, so they could be anything. We\'re counting on you.
\n
\n.. \n\"\"\n\n
\n..
\n
\nStarphish is a fun and interactive jeopardy style CTF contest. Don\'t worry if you don\'t know what that means. Winning will require demonstrating a wide range of hacking skills, but participating is encouraged for all ability levels. Challenges range from simple puzzles, to challenging crypto problems, to truly phishy hijinks.
\n
\npTFS is a hacker collective that has been competing in various DEF CON contests for almost 15 years.​\n\n\''),(1435,'\'Red Alert ICS CTF\'','\'https://forum.defcon.org/node/245372\'','\'https://forum.defcon.org/node/245373\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n..
\nRed Alert ICS CTF
\nFriday: 12:00 - 17:00
\nSaturday: 10:00 - 17:00
\nSunday: 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom |in-person
\n
\n\nhttps://twitter.com/icsctf\n
\n
\nRed Alert ICS CTF is a competition for Hackers by Hackers. The event exclusively focuses on having the participants break through several layers of security in our virtual SCADA environment and eventually take over complete control of the SCADA system.
\n
\nThe contest would house actual ICS (Industrial Control System) devices from various vendors on a testbed showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.
\n
\nRed Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF at DEF CON 30, DEF CON 29, DEF CON 27 and DEF CON 26 (Black Badge).
\n
\nHighlights of the previous Red Alert ICS CTF is available at: \nhttps://www.youtube.com/watch?v=dz7hNnavHaY\n and \nhttps://youtu.be/AanKdrrQ0u0\n |
\n\n\n\n\n\''),(1436,'\'Red Team CTF\'','\'https://forum.defcon.org/node/245378\'','\'https://forum.defcon.org/node/245379\'','','','','','\'\n..
\n..
\nRed Team CTF
\nFriday: 10:00 - 17:00
\nSaturday: 10:00 - 17:00
\nSunday: 10:00 - 12:00
\n
\nDEF CON Contest Area, Forum Ballroom | Hybrid
\n
\n\nhttps://threatsims.com/redteam-2023.html.\n
\n
\nThe Red Team Capture the Flag (CTF) competition at DEF CON is a challenging and exciting event that tests the skills of participants in offensive security. The objective of the Red Team CTF is for teams to successfully breach the security of a simulated target network.
\n
\nThe Red Team CTF is designed to simulate real-world scenarios in which attackers attempt to penetrate the security of a network or system. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities in the target network.
\n
\nTeams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities in the target network, while also evading detection and countermeasures put in place by the Blue Team.
\n
\nThe Red Team CTF at DEF CON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants\' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.​\n\n\n\n\''),(1437,'\'Social Engineering Community (SEC) Vishing Competition\'','\'https://forum.defcon.org/node/245383\'','\'https://forum.defcon.org/node/245384\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nSocial Engineering Community Vishing Competition (SECVC)
\n
\nHours:
\nFriday 0830 - 1800
\n
\nLocation:
\nSocial Engineering Community Village (LINQ Hotel, 3rd floor, room Social A)
\n
\nDescription:
\nIn this competition (#SECVC), teams go toe to toe by placing live vishing (voice phishing) phone calls in front of the Social Engineering Community audience at DEF CON. These calls showcase the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies. Teams can consist of 1-3 individuals, which we hope allows for teams to utilize novel techniques to implement different Social Engineering tactics. Each team has limited time to place as many calls as possible from a soundproof booth. During that time, their goal is to elicit from the receiver as many objectives as possible. Whether you’re an attacker, defender, business executive, or brand new to this community, you can learn by witnessing firsthand how easy it is for some competitors to schmooze their way to their goals and how well prepared some companies are to shut down those competitors!
\n
\n2023 judges: Corgi, FC aka freakyclown, and Snow
\n2023 coaches: Ibetika, JC, C_3PJoe, and Split Beans (last year\'s SECVC winners: Jenn, Matt, and Sean)
\n
\nThis competition takes place on Friday in the Social Engineering Community village, be sure to get there early to get a seat; they fill up fast! Additionally, at the end of Friday, join Snow as she covers the behind the scenes of creating the SECVC, this year\'s lessons learned, team highlights, and tips for future competitors!
\n
\nWebsite: \nhttps://www.se.community/vishing-competition/\n​
\nTwitter: @\nsec_defcon​\n\n\n\''),(1438,'\'Social Engineering Community (SEC) Youth Challenge\'','\'https://forum.defcon.org/node/245387\'','\'https://forum.defcon.org/node/245388\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n
\n..
\nSocial Engineering Community (SEC) Youth Challenge
\n
\nHours:
\nFriday 0830 - 1730
\nSaturday 0830 - 1730
\nSunday 1000 - 1100
\n
\nLocation:
\nIn the Social Engineering Community Village (LINQ Hotel - room Social A)
\n
\nDescription:
\nGreat Scott! The Social Engineering Community needs your help to fix a disrupted timeline! We need brave and creative minds for our Youth Challenge to help us solve a series of challenges that will lead to the grand solution.
\n
\nAre you up for the challenge? As my trusty assistant, you\'ll be tasked with using your problem-solving skills and ingenuity to tackle each challenge, which may range from decoding messages to hacking systems. With each successful challenge, we\'ll be one step closer to restoring the timeline and preventing disastrous consequences!
\n
\nThis is no ordinary journey! Along the way, you\'ll have the opportunity to learn valuable skills in cryptography, social engineering, network security, and more. You\'ll need to stay sharp and think on your feet to overcome unexpected obstacles.
\n
\nSo, grab your flux capacitor and join me on this thrilling adventure! Together, we can fix the disrupted timeline and save the future. Are you ready to take on this challenge, my friend? Let\'s go back to the future!
\n
\nWebsite: \nhttps://www.se.community/youth-challenge/\n
\nTwitter: @\n​sec_defcon​\n
\n
\n..
\n
\n​
\n​\n\n\''),(1439,'\'TeleChallenge\'','\'https://forum.defcon.org/node/245391\'','\'https://forum.defcon.org/node/245392\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n..
\nTeleChallenge
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\n\nhttps://www.telechallenge.org\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...44470063399012\n
\nTwitter: \n@telechallenge\n (we also expect to use @\ntelechallenge@defcon.social\n)
\n
\nThe TeleChallenge is a fast-paced, fully immersive, and epic battle of wits and skill. The highest level of commitment is required, and this is one of the hardest contests in the world to win, but you don\'t need any special technical skills to play: just a touch-tone phone. And remember: the best way to ascend into the Phoniverse is to get others involved in the TeleChallenge opportunity, so bring a team!​\n\n\''),(1440,'\'The Beverage Cooling Contraption Contest\'','\'https://forum.defcon.org/node/245397\'','\'https://forum.defcon.org/node/245398\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n..
\nThe Beverage Cooling Contraption Contest
\nFriday: 11:00 - 14:00
\nDEF CON Contest Area, Forum Ballroom | in-person
\n
\nI don\'t know my gender non-specific guys. It\'s not funny anymore. We can\'t stop talking about a cheeto for paying hush money to a busty tortilla chip. Winny Pooh is presatator for life with a hunger for those sweet sweet chips. Off brand doctor evil is threatening to nuke the world on the weekly. And in the plot twist of the year BiBi is going fascist. I keep expecting ol\'e Joe to bust out the force lightning and tell me to "give in to my hate". WELL TOO LATE! This year we are going to have a change of pace. I\'m going to drink all the beverage! Lord knows I could use it. I\'m kidding of course, I\'m terribly allergic to hops. It\'s the greatest irony of all, I can\'t drink any of the beverage. But our spectators can! And they want that beverage to be COLD! So I need you to help me satisfy their thirst. Their thirst for escape from this mad world.
\n​\n\n\n\n\''),(1441,'\'The Dark Tangent Look-Alike Contest\'','\'https://forum.defcon.org/node/245402\'','\'https://forum.defcon.org/node/245403\'','','','','','\'\n..
\n..
\nThe Dark Tangent Look-Alike Contest
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\nThe Dark Tangent Look A-like Contest is a creative opportunity for DEF CON attendees to put their non-technical hacking skills to the test. As a contestant in The Dark Tangent Look A-like Contest, you will be judged based on your appearance, mannerisms, efforts, and overall persuasiveness. Can you assume another identity? Can you look, walk, talk, and act like Dark Tangent? Can you become THE DARK TANGENT?​\n\n\''),(1442,'\'The Gold Bug Challenge\'','\'https://forum.defcon.org/node/245407\'','\'https://forum.defcon.org/node/245408\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nThe Gold Bug Challenge
\nFriday: 10:00 – 18:00
\nSaturday: 10:00 – 18:00
\nSunday: 10:00 – 12:00
\nContest Area, Forum Ballroom | Hybrid
\n​
\n
\n\nhttps://goldbug.cryptovillage.org/\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...44108837486602\n
\nTwitter: \n@CryptoVillage\n
\n
\nLove puzzles? Need a place to exercise your classical and modern
\ncryptography skills? This puzzle will keep you intrigued and busy
\nthroughout Defcon - and questioning how deep the layers of
\ncryptography go.
\n
\nThe Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too!
\n
\n:‡?( 8*;(: .‡6*; 6) 5; 3‡0†2?3 †‡; -(:.;‡¶600538 †‡; ‡(3​\n\n\''),(1443,'\'The Lonely Hard Drive\'','\'https://forum.defcon.org/node/245413\'','\'https://forum.defcon.org/node/245414\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n..
\nThe Lonely Hard Drive
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00​
\nDEF CON Contest Area, Forum Ballroom
\n
\nAre you looking for a good time? Are you trying to get lucky? Did you already get lucky by finding a Lonely Hard Drive in Vegas? Satisfy your curiosity by visiting the contest hall to get started or encounter one of the Lonely Hard Drives hidden around the conference! Contained within is a maze of puzzles and challenges that increase in difficulty the further you progress. There are flags to find and points to earn towards the leaderboard to win prizes at DEF CON 31! Act now! Limited time offer! The Lonely Hard Drive is waiting for you!
\n
\nWeb: \nhttps://www.dc207.org/the-lonely-hard-drive\n​
\nTwitter: \n@LonelyHardDrive\n
\nForum users that can comment on details: \nburninator\n and \nKrawr\n and \nFragileduck\n .\n\n\''),(1444,'\'Tinfoil Hat Contest\'','\'https://forum.defcon.org/node/245419\'','\'https://forum.defcon.org/node/245420\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nTinfoil Hat Contest
\nFriday: 10:00-18:00
\nSaturday: 10:00-18:00
\nDEF CON Contest Area, Forum Ballroom​
\nDEF CON Contest Area, Forum Ballroom
\n
\nTwitter: \n@DC_Tin_Foil_Hat\n
\n
\nWant to block those pesky 5G microchips coursing through your vaccinated body? Did you anger our new AI overlords, and need to hide? Or do those alien mind control rays just have you down lately? Fear not, for we here at the Tin Foil Hat contest have your back for all of these! Come find us in the contest area, and we\'ll have you build a tin foil hat which is guaranteed to provide top quality protection for your noggin. How you ask? SCIENCE!
\n
\nShow us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.
\n
\nThere are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the "Substance" award for that category. We all know that hacker culture is all about looking good, though, so a single winner will be selected from each category for "Style".​\n\n\''),(1445,'\'TOOOL Dozier Drill Lockpicking Challenge\'','\'https://forum.defcon.org/node/245424\'','\'https://forum.defcon.org/node/245425\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n..
\nTOOOL Dozier Drill Lockpicking Challenge
\nSaturday: 12:00-15:00
\nLock Picking Village, The Bloq, Linq, in-person
\n
\nTwitter: \n@toool\n
\n
\nHave you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that\'s why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us Friday for qualifier games, and on Saturday for an official bracket tournament.
\n\n\n\''),(1446,'\'venator aurum - A Treasure Hunt\'','\'https://forum.defcon.org/node/245428\'','\'https://forum.defcon.org/node/245429\'','','','','','\'\n.. \n\n\"Click\n\n\n
\n
\n..
\nvenator aurum - A Treasure Hunt
\nFriday 10:00 - 18:00
\nSaturday 10:00 - 18:00
\nSunday 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom​
\nWebsite: \nhttps://venatoraurum.org/\n
\n
\nThrough interfacing with reality you are defining that reality. Rethink your senses and test your limits. Solve the five layers and discover a hidden treasure. Each layer yields its own reward, but few will make it to the end of the hunt. For each of your senses, you will need to set aside preconceptions and look to the underlying patterns within the data.​\n\n\''),(1447,'\'Whose Slide Is It Anyway?\'','\'https://forum.defcon.org/node/245434\'','\'https://forum.defcon.org/node/245435\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nWhose Slide Is It Anyway?
\nFriday: 2200 – 2359
\nDEF CON Contest Area, Forum room 232, in-person
\n
\n\nhttps://www.improvhacker.com/\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...44337942822925\n
\n
\n“Whose Slide Is It Anyway?”” is an unholy union of improv comedy, hacking and slide deck sado-masochism.
\n
\nOur team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.
\n
\nBut....why?
\nWhether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.​​\n\n\''),(1448,'\'Hack3r Runw@y\'','\'https://forum.defcon.org/node/245437\'','\'https://forum.defcon.org/node/245438\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n..
\nHack3r Runw@y
\nFriday: 14:00 - 16:00
\nSaturday: Signup to walk the Contest Stage/Runway. Hours to be announced.
\nSaturday: Contestants take the stage - Time to be announced.
\nDEF CON Contest Area, Forum Ballroom | in-person​
\n
\n\nhttps://hack3rrunway.github.io\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...44666239647824\n
\nTwitter: \n@hack3rrunway\n
\nForum user(s) with details about this contest: \ns0ciabl3ng_dc\n .
\n
\nReturning to the stage for Defcon 30 was surreal and we’d be honored to return for the 5th year. Hack3r Runw@y brings out all the sheik geeks out there. It encourages rethinking fashion in the eyes of hackers. Be it smartwear, LED additions, obfuscation, cosplay or just everyday wear using fabrics and textures that are familiar to the community. Contestants can enter clothing, shoes, jewelry, hats or accessories. If it can be worn, it is perfect for the runway. For convenience, contestants can enter the contest with designs made ahead of the conference, however it needs to be made by them and not just store bought. Hack3r Runway is perfect for everyone whether technologically savvy or just crafty.
\n
\nAwards will be handed out in 4 categories and one trophy for the People’s Choice category where the winner is anyone’s guess:
\n
\nDigital wearable - LED, electronic, passive
\nSmart wear - interactive, temperature sensing, mood changing, card skimmers, etc
\nAesthetics (non-electronic)- 3d printed, geeky/nerdy wear, obfuscation, cosplay
\nFunctional wear - did you bling out your mask and/or shield, have a hazmat suit, lock pick earrings, cufflinks shims
\n
\nWinners will be selected based on, but not limited to:
\nUniqueness
\nTrendy
\nPractical
\nCouture
\nCreativity
\nRelevance
\nOriginality
\nPresentation
\nMastery​\n\n\''),(1449,'\'IntelOps - Operation Spacewatch\'','\'https://forum.defcon.org/node/245441\'','\'https://forum.defcon.org/node/245442\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nIntelOps - Operation Spacewatch
\nFriday: 10:00 – 18:00
\nDEF CON Contest Area, Forum Ballroom​
\n
\n
\nWelcome to IntelOps - Operation Spacewatch! This is a game that pits you against threat actors in the near future, who are trying to trigger nuclear war! Using cyber threat intelligence, it is up to you to support cyber protection teams to defend a vital satellite constellation and prevent a hacker network from undermining your collective defense in a race against time.
\n
\n\nDescription of the game\n
\n
\nCyber Threat Intelligence (CTI) deals with information from past attacks, malware analysis and evolving threats in cyberspace. CTI enables enhanced decisions and getting ahead of the cyber-attack. But how can I apply CTI and use it? The game "IntelOps - Operation Spacewatch" aims to improve players\' understanding of CTI. Participants learn about different frameworks, sources and types of CTI and how they can use CTI data in a fun way. The game is built to teach terms and theory and apply CTI in a real-world context.
\n
\nThe game is based on four major CTI and cyber security models. These are the NIST Cyber Security Framework (CSF), MITRE ATT&CK Matrix, the Cyber Kill Chain and the Pyramid of Pain.
\n
\nAs a player, you are part of the United Nations (UN) CTI team and assigned to the mission to stop the attack on the satellite constellation. Your task is to use the available CTI your team has collected and assist the other members of the UN Cyber Protection Team (CPT).
\n
\nThe players find themselves in a near future scenario where every nation has access to ballistic-launched nuclear weapons. The United Nations has established a global satellite defense system to detect ballistic and hypersonic missile launches for monitoring and control purposes. The defense system allows the UN to be able to react immediately when suspicious activities on the weapons are detected. A global hacker network is threatening to disable the satellite constellation to use nuclear weapons for their purposes.
\n
\nYour team has to protect 32 satellites in the global defense system. If 4 or more satellites are compromised and deactivated, the hacker network successfully disenabled the defense system and can take control of the nuclear weapons. It is your mission to protect the satellite network and ensure the availability of the global defense system.
\n
\nThe event will host three simultaneous instances of a team game. Teams consist of three players each. Nine players can play at a time. Every game last 20 minutes in total. Each turn, the players have 5 minutes to decide on their CTI strategy, apply the information to the NIST CSF board and stop the attack. There are a maximum of four turns to a game.
\n​\n\n\''),(1450,'\'5n4ck3y\'','\'https://forum.defcon.org/node/245450\'','\'https://forum.defcon.org/node/245451\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n..
\n5n4ck3y
\n
\nFriday: 10:00-18:00
\nSaturday: 10:00-18:00
\nSunday: 10:00-12:00​
\nDEF CON Contest Area, Forum Ballroom | in-person |
\n
\nTwitter: \nhttps://twitter.com/ANDnXOR\n
\n
\nAND!XOR creates electronic badges that are filled with challenges. We love doing this, especially coming up with unique ways for hackers to earn them. We are excited to re-introduce the newest member of our hacker-fam... 5n4ck3y (Snackey). 5n4ck3y is a vending machine hardware hacking project, retrofitted into an IoT CTF based badge dispensing machine, complete with bling. To earn a badge, you must find a flag on our web hosted CTF platform. Once you have found a flag, you will be given a 5n4ck3y dispense code. Enter the code into the vending machine and a badge will be dispensed to you! There are a variety of challenges to earn a badge, as well as challenges to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, OS & network security to name a few. Hardware hacking is our passion and we want people to learn on badges. But more importantly, there is a lot to learn at DEF CON, so our challenge will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further. We hope you enjoy 5n4ck3y and all that it has to offer!
\n​\n\n\''),(1451,'\'Adversary Wars CTF\'','\'https://forum.defcon.org/node/245457\'','\'https://forum.defcon.org/node/245458\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n..
\nAdversary Wars: Adversary Village CTF
\n
\nFriday: 10:00 - 17:00
\nSaturday: 10:00 - 17:00
\nSunday: 10:00 - 12:00
\nDEF CON Contest Area, Forum Ballroom
\n
\nTwitter: \nhttps://twitter.com/AdversaryVillag\n
\nWebsite: \nhttps://adversaryvillage.org/adversa...nts/DEFCON-31/\n
\n
\nAdversary Village proudly presents "Adversary Wars CTF," a cutting-edge capture the flag competition that revolves around adversary attack simulation, adversary-threat actor emulation, purple team tactics and adversary tradecraft. This unique competition is designed to replicate enterprise infrastructure and present participants with challenges that encourage the adoption of various techniques, tactics, and procedures (TTPs) employed by real adversaries and threat actors, all within a defined time frame.
\n
\nAdversary Village is a community-driven initiative that prioritizes adversary simulation, emulation, breach and attack simulation, adversary tactics, offensive/adversary tradecraft, philosophy, and purple teaming.
\n
\nOur objective is to establish a Capture the Flag competition dedicated to adversary simulation, purple teaming and knowledge sharing. Adversary Wars offers unique opportunities for “adversaries” aka participants to simulate attacks, explore new attack vectors, gain insights into threat actor profiles, master TTPs, and refine offensive tradecraft. With a range of adversary simulation exercises at different difficulty levels, this CTF promises real-world attack simulation scenarios and challenges.
\n
\nPrevious versions of the Adversary Wars CTF were hosted as part of Adversary Village, during DEF CON 29 and DEF CON 30.
\nWe are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 31.​
\n
\nA forum user who is an organizer for this which can provide authoritative answers is : \nabx\n (any other person claiming to be an organizer for this with "answers" may not actually be an organizer for this.)\n\n\''),(1452,'\'Cloud Village CTF\'','\'https://forum.defcon.org/node/245467\'','\'https://forum.defcon.org/node/245468\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n..
\n
\nCloud Village CTF
\n​
\nWhen: Starts at 10AM on Friday and ends at 12PM on Sunday (runs continuously).
\n
\nWhere: Online.
\nTwitter: \n@cloudvillage_dc\n
\nWebsite: \nhttps://cloud-village.org\n
\n
\nIf you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!
\n
\nOur CTF is a three days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.
\n
\nYou can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D
\n​\n\n\n\n\''),(1453,'\'DEF CON Chess Tournament\'','\'https://forum.defcon.org/node/245485\'','\'https://forum.defcon.org/node/245486\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nDEF CON Chess Tournament
\nSaturday: 15:00 - 18:00
\nDEF CON Contest Area, Forum Ballroom | in-person |
\n
\nTwitter: @\ndefconchess\n , For early registration, please send your name and rating to: \ndefconchess@gmail.com\n​
\n
\nChess, computers, and hacking go way back. In the 18th century, the Mechanical Turk appeared to play a good game, but there was a human ghost hiding in the shell. Some of the first computer software was written to play chess. In 1997, world champion Garry Kasparov lost to the program Deep Blue, but after the match he accused IBM of cheating, alleging that only a rival grandmaster could have made certain moves.
\n
\nAt DEF CON 31, we will run a human chess tournament. The games will have a “blitz” time control of 5 minutes on each player’s clock, for a maximum total game time of 10 minutes. The tournament will have a Swiss-system format, with a fixed number of rounds. The match pairing for each round is done after the previous round has ended, and depends on its results. Each player is paired with another player who has a similar running score.
\n
\nTo determine the winner, the Swiss system is considered highly effective, even when there is a large number of competitors and a small number of rounds. Every player gets to play the full tournament, and the winner has the highest aggregate score when all rounds are over.
\n
\nThere will be trophies and prizes for the top three players.
\n
\nThe tournament mechanics will be managed by the Las Vegas Chess Center (LVCC), which has many years of experience in organizing royal game tournaments for all strength levels and ages. LVCC has professional coaches, and grandmasters are frequent visitors.​
\n
\nMax players: 100. In order to crown the best chess player at DEF CON, we will register the highest-rated players first.\n\n\''),(1454,'\'Trace Labs OSINT Search Party CTF\'','\'https://forum.defcon.org/node/245519\'','\'https://forum.defcon.org/node/245520\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nTrace Labs OSINT Search Party CTF
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 – 17:00
\nDEF CON Contest Area, Forum Ballroom | Hybrid
\n
\n\nhttps://www.tracelabs.org/initiatives/search-party\n
\nTwitter: @\ntracelabs​\n
\nForum users that can provide authoritative comments or answer questions: \nBelouve\n
\n
\nThe Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons
\n
\nYou can have teams of 1-4 people, 4 person teams provide many benefits which include the coaching of more junior members. Often a great learning opportunity if you are able to pair up with OSINT veterans. Get your team together, stop by our booth for a registration code, and join us at searchparty.tracelabs.org/register .​.
\n..\n\n\''); /*!40000 ALTER TABLE `contests` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `demolabs` -- DROP TABLE IF EXISTS `demolabs`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `demolabs` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Name` varchar(200) COLLATE utf8_unicode_ci NOT NULL, `ForumPage` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `ForumArticle` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `Webpage` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `Weblink` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `ImagePath` varchar(30) COLLATE utf8_unicode_ci NOT NULL, `Descript` varchar(15000) COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=469 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `demolabs` -- LOCK TABLES `demolabs` WRITE; /*!40000 ALTER TABLE `demolabs` DISABLE KEYS */; INSERT INTO `demolabs` VALUES (433,'\'Abusing Microsoft SQL Server with SQLRecon - Sanjiv Kawa\'','\'https://forum.defcon.org/node/246336\'','\'https://forum.defcon.org/node/246337\'','','','','\'\nAbusing Microsoft SQL Server with SQLRecon
\n
\nSaturday August 12, 12:00 – 13:55, Caucus Boardroom, Forum
\n
\nSanjiv Kawa
\n
\nSQLRecon helps address the post-exploitation tooling gap by modernizing the approach red team operators can take when attacking SQL Servers. The tool was designed to be modular, allowing for ease of extensibility and contributions from the hacker community. SQLRecon is written in C# and is compatible stand-alone or within a diverse set of command and control (C2) frameworks (Cobalt Strike, Nighthawk, Mythic, PoshC2, Sliver, etc). When using the latter, SQLRecon can be executed either in-process, or through traditional fork and run. SQLRecon has over 50 modules which can help facilitate with enumeration, collection, code execution, privilege escalation and lateral movement. It has been designed with operational security and defense evasion in mind.
\n
\nSanjiv Kawa (@sanjivkawa) is a Senior Managing Security Consultant on the IBM X-Force Red Adversarial Simulation team with over ten years of experience performing offensive security assessments. As part of the IBM X-Force Red Adversarial Simulation team, Sanjiv spends his days breaking into the largest organizations in the world by emulating adversary tactics, techniques and procedures to reach target objectives. He then advises these organizations on ways they can improve their security posture by implementing or tuning controls. Sanjiv is an active member in the security community. He has developed a variety of tooling and presented at large conferences, such as BSides and Wild West Hackin’ Fest and frequently contributes to projects on GitHub.
\n
\nAudience - Offense and Defense​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 12:00\n\n\n\nEnds\n\nAugust 12, 2023 13:55\n\n\n\nLocation\n\nCaucus Boardroom, Forum\n\n\n\n\n\''),(434,'\'Am I Exploitable? (MI-X) - Ofri Ouzan & Yotam Perkal\'','\'https://forum.defcon.org/node/246340\'','\'https://forum.defcon.org/node/246341\'','','','','\'\nAm I Exploitable? (MI-X)
\n
\nSaturday August 12, 12:00 – 13:55, Council Boardroom, Forum
\n
\nOfri Ouzan & Yotam Perkal
\n
\nAddressing security vulnerabilities begins with verifying the impact on an environment. Merely having a vulnerable package installed does not guarantee exploitability, as several conditions must align for the vulnerability to be applicable and exploitable. For example: is the operating system in question susceptible to the vulnerability? is the vulnerable component loaded to memory? is the required configuration in place? is there a patch installed? And more... Standard vulnerability scanners simply do not take these factors into account and thus require manual triage in order to answer “Can a vulnerability be exploited in a given environment?”. ‘Am I Exploitable?’ (MI-X), is an open-source tool aimed at effectively determining whether a local host or running container is truly affected by a specific vulnerability by accounting for all factors which affect *actual* exploitability. MI-X also prints out the logical steps it takes in order to reach a decision and can also provide a graphical representation of the validation flow. The tool can therefore help practitioners understand what are the factors that affect exploitability for each of the supported vulnerabilities.
\n
\nOfri Ouzan is an experienced Security Researcher who has been working in the cybersecurity field for over four years. She specializes in conducting security research on Windows, Linux, Cloud Platforms, and containerized applications with an emphasis on vulnerabilities. Her expertise lies in finding and solving complex problems in the cyber field, developing automation and open-source tools.
\n
\nYotam leads the vulnerability research team at Rezilion, focusing on research around vulnerability validation, mitigation, and remediation. Prior to Rezilion, Yotam filled several roles at PayPal Security organization, dealing with vulnerability management, threat intelligence, and Insider threat. Additionally, Yotam takes part in several OpenSSF working groups around open-source security as well as several CISA work streams around SBOM and VEX and is also a member of the PyCon Israel organization committee. He is passionate about Cyber Security and Machine Learning and is especially intrigued by the intersection between the domains, whether it be using ML in order to help solve Cyber Security challenges or exploring the challenges in securing ML applications.
\n
\nAudience - Defense and Offense​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 12:00\n\n\n\nEnds\n\nAugust 12, 2023 13:55\n\n\n\nLocation\n\nCouncil Boardroom, Forum\n\n\n\n\n\''),(435,'\'Attack Surface Framework - Prajwal Panchmahalkar & Mike Henkelman\'','\'https://forum.defcon.org/node/246316\'','\'https://forum.defcon.org/node/246317\'','','','','\'\nAttack Surface Framework
\n
\nFriday August 11, 14:00 – 15:55, Council Boardroom, Forum
\n
\nPrajwal Panchmahalkar & Mike Henkelman
\n
\nAttack Surface Framework(ASF) aims to protect organizations acting as an attack surface watchdog. The Attack Surface Framework (ASF) was developed with motivation to automate and address vulnerabilities through continuous scanning and tracking risks at scale, in a comprehensive and adaptable approach, particularly against 0-day vulnerabilities with publicly available POCs. The Attack Surface Framework (ASF) is a modular, extensible, and customizable framework designed to help organizations manage their public attack surface risks. ASF will auto-discover assets such as network subnets, domains including subdomains, enumerate their ports and services, track deltas and serve as a continuous and flexible, attacking and alerting framework, leveraging another layer of support. ASF provides modules for attack surface management including asset discovery and management, asset enumeration, vulnerability scanning, and vulnerability testing. ASF is equipped with a set of CLI tools and an API, enabling users to interact with the framework and integrate it with other tools and processes. Additionally, ASF includes a web-based user interface for visualizing an organization\'s attack surface and managing vulnerabilities.
\n
\nPrajwal Panchmahalkar is a Technical Director, Red Team at VMware Inc., He has contributed to public security research and has been the Development Lead for Matriux since 2009. In the past he was a Research Assistant at Texas Tech University working on Security of Critical Infrastructure and Smart Grid Energy Systems, with a journal published on Elsevier. A Finalist for America\'s Information Security Leadership Award 2012 (AISLA) by (ISC)2. Previously Prajwal was a speaker at BlackHat Arsenal, c0c0n, BSidesLV and GrrCon. Currently on review board for c0c0n, India. He was a chapter lead for n|u, Hyderabad an open security community. Prajwal holds a Masters degree in Computer Science from the Texas Tech University, Lubbock.
\n
\nMike Henkelman is a Sr Manager, Vulnerability Management Global at VMWare Inc. He began his career as a MCSE certified systems administrator in the mid 90’s before joining Cisco Systems and working in the IPABU on the edge development team for the 2600 series router and 3500 series switch and authoring white papers on CEF. Going on to manage several enterprise data centers, he later began focusing on information security and managed Vulnerability Management programs for companies that include Pivotal Software before joining VMWare where his team mitigates risk for one of corporate America’s largest asset libraries with audit attestations that include FedRAMP IL5 High, CE+. I24, IRAP, PCI-DSS among nearly two dozen others.
\n
\nAudience - Defense and Offense
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 15:55\n\n\n\nLocation\n\nCouncil Boardroom, Forum\n\n\n\n\n\''),(436,'\'BBOT (Bighuge BLS OSINT Tool) - TheTechromancer (Joel Moore) & Paul Mueller\'','\'https://forum.defcon.org/node/246338\'','\'https://forum.defcon.org/node/246339\'','','','','\'\nBBOT (Bighuge BLS OSINT Tool)
\n
\nSaturday August 12, 12:00 – 13:55, Accord Boardroom, Forum
\n
\nTheTechromancer (Joel Moore) & Paul Mueller
\n
\nBBOT (Bighuge BLS OSINT Tool) is a new recursive OSINT scanner inspired by Spiderfoot, but designed and optimized for bigger targets and faster scan times. BBOT is open-source and written in Python. Its 80+ modules range in function from subdomain enumeration to cryptographic exploitation. BBOT can map the attack surface of an organization (and sometimes get you RCE) in a single command.
\nFeatures include:
\n- multiple targets
\n- automatic dependencies w/ ansible
\n- python API
\n- subdomain enumeration
\n- email enumeration
\n- cloud bucket enumeration
\n- port scanning
\n- web service enumeration
\n- web screenshots
\n- web spidering
\n- vulnerability scanning (with nuclei and more)
\n
\nTheTechromancer is a hacker at Black Lantern Security (BLS). He loves coding in Python, and is the creator of several security tools including ManSpider, TrevorSpray, and BBOT (Bighuge BLS OSINT Tool). He has also made contributions to other open-source projects such as Spiderfoot.
\n
\nPaul Mueller is a Principal Operator at Black Lantern Security (BLS). He specializes in web application testing and application security. He loves finding complex hard-to-find web bugs, especially when they involve cryptography. He is also one of the developers for the BLS tools Writehat and BBOT (Bighuge BLS OSINT Tool). Prior to working with BLS, he spent over a decade as a DoD contractor providing both penetration testing and security analysis/incident handling. He got his start in the field as a systems administrator and later as a Signals Intelligence Analyst with the US Marine Corps.
\n
\nAudience - BBOT is useful to both Offensive (for automating recon / bug bounties) and Defensive (for attack surface mapping).
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 12:00\n\n\n\nEnds\n\nAugust 12, 2023 13:55\n\n\n\nLocation\n\nAccord Boardroom, Forum\n\n\n\n\n\''),(437,'\'BLE CTF - Ryan Holeman & Alek Amrani\'','\'https://forum.defcon.org/node/246344\'','\'https://forum.defcon.org/node/246345\'','','','','\'\nBLE CTF
\n
\nSaturday August 12, 14:00 – 15:55, Unity Boardroom, Forum
\n
\nRyan Holeman & Alek Amrani
\n
\nBLE CTF is a series of Bluetooth Low Energy challenges in a capture the flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. Over the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, trainings, and conferences have utilized it as an educational platform and CTF. As an open source, low cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.
\n
\nRyan Holeman resides in Austin, Texas, where he works as the CISO for the peer-to-peer payment platform Strike. He is currently pursuing a Ph.D. in cyber defense from Dakota State University. He has spoken at respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon. You can keep up with his current activity, open source contributions, and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, and shredding local skateparks.
\n
\nAlek Amrani - bad at expense reports
\n
\nAudience - Offensive & Hardware
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 15:55\n\n\n\nLocation\n\nUnity Boardroom, Forum\n\n\n\n\n\''),(438,'\'Build Inspector - A modern Javert on the trail of CI/CD Anomalies and Intruders - Jeremy Banker\'','\'https://forum.defcon.org/node/246230\'','\'https://forum.defcon.org/node/246231\'','','','','\'\nBuild Inspector - A modern Javert on the trail of CI/CD Anomalies and Intruders
\n
\nFriday August 11, 12:00 – 13:55, Caucus Boardroom, Forum
\n
\nJeremy Banker
\n
\nIn the ever evolving landscape of software development, maintaining the integrity and security of your build, test and deployment pipelines is paramount. Build Inspector is an always-watching guard dog, looking for information about the dependencies being consumed and produced, while also calling out instances of risky practices or potential signs of compromise during pipeline runs. Watch as the inspector turns piles of plaintext logs into structured data, perfect for automated analysis, correlation and alerting. With simple containerized deployment and self-documenting REST API, it has never been easier to ensure your build logs are always being watched.
\n
\nA lifelong learner and broad technology enthusiast, Jeremy Banker holds a Masters degree in Information Security and is a founding member of the Security Product Engineering, Automation and Research (SPEAR) team at VMware. He has designed, built and implemented solutions to ensure that VMware\'s software supply chain remains secure. When not looking for new ways to keep software safe, he can usually be found tinkering with all manner of gadgets, working to bring amateur radio software into the modern era, or enjoying the peace of nature in his native Colorado.
\n
\nAudience - DevSecOps, Compliance, Threat Management, Vulnerability Management
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 12:00\n\n\n\nEnds\n\nAugust 11, 2023 13:55\n\n\n\nLocation\n\nCaucus Boardroom, Forum\n\n\n\n\n\''),(439,'\'CNAPPGoat - Noam Dahan, Igal Gofman\'','\'https://forum.defcon.org/node/246226\'','\'https://forum.defcon.org/node/246227\'','','','','\'\nCNAPPGoat
\n
\nFriday August 11, 12:00 – 13:55, Accord Boardroom, Forum
\n
\nNoam Dahan & Igal Gofman
\n
\nCNAPPGoat is a multi-cloud vulnerable-by-design environment deployment tool – it deploys vulnerable environments to various cloud service providers, so that offensive professionals and pentesters can practice exploiting them and defenders can practice detection and prevention. CNAPPGoat is an extensible modular tool that deploys environments with more complex scenarios - vulnerable VMs, multi-stage lateral movement attacks, IaC misconfigurations, and vulnerable IAM misconfigurations.
\n
\nNoam Dahan is a Senior Security Researcher at Ermetic with several years of experience in embedded security. He is a graduate of the Talpiot program at the Israel Defense Forces and spent several years in the 8200 Intelligence Corps. Noam was a competitive debater and is a former World Debating Champion.
\n
\nIgal Gofman is a Head of Security Research at Ermetic. Igal has a proven track record in cloud security, network security, research-oriented development, and threat intelligence. His research interests include cloud security, operating systems, and active directory. Prior to Ermetic Igal worked at Microsoft, XM-Cyber, and Check Point Software Technologies. Igal has spoken at various leading security conferences including Black Hat and DEF-CON. |
\nAudience - Primary audience: Defense, Cloud Security, Secondary audience - Offense​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 12:00\n\n\n\nEnds\n\nAugust 11, 2023 13:55\n\n\n\nLocation\n\nAccord Boardroom, Forum\n\n\n\n\n\''),(440,'\'Dracon - Spyros Gasteratos\'','\'https://forum.defcon.org/node/246222\'','\'https://forum.defcon.org/node/246223\'','','','','\'\nDracon
\n
\nFriday August 11, 12:00 – 13:55, Council Boardroom, Forum
\n
\nSpyros Gasteratos
\n
\nDracon is an open-source Application and Cloud security automation framework that helps organizations create security workflows and improve their security posture. Dracon can run a wide range of security tools against any target, and it can deduplicate and enrich the results of those tools with contextual or regulatory information. Dracon can then send the enriched results to any visualization or data processing tool. Here are some of its key features: Automated security workflows: Dracon can automate the execution of security tools and the aggregation of results, which saves both time and effort. Scalable and flexible: Dracon is both scalable and flexible with a wide array of existing integrations and more on the way, Dracon integrates seamlessly with any exisitng toolset. Open source: Dracon is open-source platform, which means that it is free to use and modify.
\n
\nSpyros is a Security Engineer with over a decade of experience in various organisations. Currently, he is helping Fintechs mature their AppSec programmes through automation. He maintains several Open Source projects including Dracon, opencre.org and others. Also, he is heavily involved with the OWASP foundation helping with outreach and diversity efforts.
\n
\nAudience - Offense, Defense, AppSec, CloudSec​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 12:00\n\n\n\nEnds\n\nAugust 11, 2023 13:55\n\n\n\nLocation\n\nCouncil Boardroom, Forum\n\n\n\n\n\''),(441,'\'Ek47 – Payload Encryption with Environmental Keys - Kevin Clark, Skyler Knecht\'','\'https://forum.defcon.org/node/246228\'','\'https://forum.defcon.org/node/246229\'','','','','\'\nEk47 – Payload Encryption with Environmental Keys
\n
\nFriday August 11, 12:00 – 13:55, Committee Boardroom, Forum
\n
\nKevin Clark & Skyler Knecht
\n
\nEk47 is a payload encryptor that leverages user-selected environmental keys associated with a target execution context. In the absence of these environmental keys, Ek47 payloads will not decrypt and execute. This creates a strong resistance to automated/manual analysis and reverse engineering of payloads. Ek47 supports many different environmental keys such as current user, domain, computer name, installed programs, and more. Additionally, Ek47 supports packing payloads of .NET assemblies, unmanaged DLLs, and raw shellcode. Ek47 payloads are themselves .NET assemblies and can be uploaded to disk or executed reflectively via any execute-assembly method. By default, a standard AMSI/ETW bypass is executed before the main payload is executed, but Ek47 makes it easy to add custom bypasses for more advanced evasion functionality. Additional miscellaneous features are provided such as entropy management, PE header stomping, and generation of service executables.
\n
\nKevin Clark is a Software Developer turned Penetration Tester at TrustedSec. He focuses on initial access and Active Directory exploitation. He contributes to open-source tools such as PowerShell Empire and Metasploit. He also writes his own custom security tools such as Badrats and Ek47. Kevin has a passion for education and volunteers on the Midwest Collegiate Cyber Defense Competition (CCDC) red team. He teaches courses with BC-SECURITY at BlackHat and other venues about Evasion, Red Teaming, Empire Operations, and Active Directory. Kevin authors a cybersecurity blog at \nhttps://henpeebin.com/kevin/blog\n.
\n
\nSkyler Knecht is a Information Security Specialist who performs a variety of security assessments including, phishing, internal/external penetration tests and red teaming. Skyler Knecht worked as a consultant for three years and has recently pivoted to an internal team at Navy Federal Credit Union. Skyler Knecht is continually researching all fields of study but is primarily focused developing offensive tooling such as command and control frameworks and implants.
\n
\nAudience - Offense, Red Team
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 12:00\n\n\n\nEnds\n\nAugust 11, 2023 13:55\n\n\n\nLocation\n\nCommittee Boardroom, Forum\n\n\n\n\n\''),(442,'\'EvilnoVNC: Next-Gen Spear Phishing Attacks - Joel Gámez Molina\'','\'https://forum.defcon.org/node/246314\'','\'https://forum.defcon.org/node/246315\'','','','','\'\nEvilnoVNC: Next-Gen Spear Phishing Attacks
\n
\nFriday August 11, 14:00 – 15:55, Committee Boardroom, Forum
\n
\nJoel Gámez Molina
\n
\nEvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection. In addition, this tool allows us to see in real time all of the victim\'s actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords, browsing history and much more.
\n
\nSystems administrator with more than ten years of experience, he currently works as a security consultant at Deloitte Touche Tohmatsu, where he develops adversarial simulation exercises (Red Team Operations). Previously, he was Chief Technology Officer (CTO) of the startup Cyberguard. He also teaches courses and masters in ethical hacking, pentesting and PowerShell for high-level organizations and universities. Creator of the blog darkbyte.net and speaker at renowned national and international conferences, such as Black Hat USA (2020/2021) and Black Hat Europe (2022). Programmer of hacking tools in his spare time, he has developed tools of all kinds, such as: AutoRDPwn, Cloudtopolis, EvilnoVNC, Invoke-DNSteal, PyShell or PSRansom among others.
\n
\nAudience - Offense & Social Engineering.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 15:55\n\n\n\nLocation\n\nCommittee Boardroom, Forum\n\n\n\n\n\''),(443,'\'FlowMate - Florian Haag, Nicolas Schickert\'','\'https://forum.defcon.org/node/246220\'','\'https://forum.defcon.org/node/246221\'','','','','\'\nFlowMate
\n
\nFriday August 11, 12:00 – 13:55, Society Boardroom, Forum
\nFlorian Haag & Nicolas Schickert
\n
\nImagine pentesting a large web application with hundreds of pages and forms, as well as user roles and tenants. You discover that your chosen username is reflected in many locations inside the application, but you don\'t have a detailed overview. You want to test whether the chosen username is handled properly or allows for injection attacks, such as Cross-Site Scripting or Server-Site Template Injection. Now you face the challenge of finding all locations where your payloads appear when injecting into the username. In large applications, you\'ll likely miss some, potentially leaving vulnerabilities undetected. This is where FlowMate comes into play, our novel tool to detect data flows in applications for enhanced vulnerability assessments. FlowMate consists of two components: A BurpSuite plugin and a data flow graph based on Neo4j. It records inputs to the application as you go through the pages exploring the application and searches for occurrences of the captured inputs in the responses. This results in a graph that can be visualized and searched for parameters of interest and where they\'re occurring on the site. Understanding the data flows of an application helps to significantly improve the test coverage and bring your pentesting to the next level.
\n
\nFlorian Haag is a senior security consultant at usd AG with experience in penetration testing, software security assessments as well as code reviews. He is specialized in penetration tests of thick client applications, leveraging his background in software development to reverse engineer proprietary client applications and network protocols. In previous scientific work, he worked on novel approaches to application-level data flow analysis to improve penetration testing coverage. In addition, he analyzed website clones used in phishing campaigns and the frameworks that are used by fraudsters to create and operate cloned websites.
\n
\nNicolas Schickert is security researcher and penetration tester at usd AG, an information security company based in Germany. He is in charge of SAP specific penetration tests at the usd HeroLab. In this role, Nicolas is responsible for the collection of SAP related knowledge and the development of new analysis tools. He is interested in reverse engineering and vulnerability research and has published several zero-day vulnerabilities, not only in the context of SAP.
\n
\nAudience: Offense, AppSec​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 12:00\n\n\n\nEnds\n\nAugust 11, 2023 13:55\n\n\n\nLocation\n\nSociety Boardroom, Forum\n\n\n\n\n\''),(444,'\'Glyph - Corey Hartman\'','\'https://forum.defcon.org/node/246312\'','\'https://forum.defcon.org/node/246313\'','','','','\'\nGlyph
\n
\nFriday August 11, 14:00 – 15:55, Society Boardroom, Forum
\n
\nCorey Hartman
\n
\nReverse engineering is an important task performed by security researchers to identify vulnerable functions and malicious functions in IoT (Internet of Things) devices that are often shared across multiple devices of many system architectures. Common techniques to currently identify the reuse of these functions do not perform cross-architecture identification unless specific data such as unique strings are identified that may be of use in identifying a piece of code. Utilizing natural language processing techniques, Glyph allows you to upload an ELF binary (32 & 64 bit) for cross-architecture function fingerprinting, upon analysis, a web-based function symbol table will be created and presented to the user to aid in their analysis of binary executables/shared objects.
\n
\nCorey Hartman served 6 years active duty in the United States Air Force, later obtaining a Bachelor of Science degree in Software Development, and a Master of Science degree in Computer Science. Corey is now a student at Dakota State University pursuing a PhD in Cyber Operations with his dissertation focused on behavioral analysis of malware through machine learning, and works as a software developer and reverse engineer out of San Antonio, Texas.
\n
\nAudience - Reverse engineers​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 15:55\n\n\n\nLocation\n\nSociety Boardroom, Forum\n\n\n\n\n\''),(445,'\'HardHat Command & Control Framework - Jonathan Owens\'','\'https://forum.defcon.org/node/246352\'','\'https://forum.defcon.org/node/246353\'','','','','\'\nHardHat Command & Control Framework
\n
\nSaturday August 12, 14:00 – 15:55, Committee Boardroom, Forum
\n
\nJonathan Owens
\n
\nHardHat is a multi-platform, multi-user, .NET command and control framework written in C# designed to aid in red team operations and penetration testing. HardHat aims to improve the quality-of-life of operators by providing an easy-to-use but formidable C2 framework by incorporating robust features, ease of data access, and modern UI upgrades to a high-level language that is easily extensible.
\n
\nJonathan Owens is a red team operator on the Adversary Simulation team at SpecterOps, where he conducts advanced offensive engagements, such as red teaming exercises, penetration tests, and tool creation. He enjoys C# development and learning new programming languages with a specific focus on command & control framework and agent development. He maintains a tool repo at \nhttps://github.com/dragoqcc\n.
\n
\nAudience - Offensive​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 15:55\n\n\n\nLocation\n\nCommittee Boardroom, Forum\n\n\n\n\n\''),(446,'\'ICS Forensics tool - Maayan Shaul & Ori Perez\'','\'https://forum.defcon.org/node/246354\'','\'https://forum.defcon.org/node/246355\'','','','','\'\nICS Forensics tool
\n
\nSaturday August 12, 14:00 – 15:55, Society Boardroom, Forum
\n
\nMaayan Shaul & Ori Perez
\n
\nMicrosoft ICS Forensics Tools is an open source forensic toolkit for analyzing Industrial PLC metadata and project files. Microsoft ICS Forensics Tools enables investigators to identify suspicious artifacts on ICS environment for detection of compromised devices during incident response or manual check. Microsoft ICS Forensics Tools is open source, which allows investigators to verify the actions of the tool or customize it to specific needs, currently support Siemens S7 via Snap7.
\n
\nMaayan Shaul is a Malware Analyst and Security Researcher in Section52 at Microsoft Defender for IoT (formerly CyberX). Experienced in the fields of malware analysis, reverse engineering and the IoT/OT landscape.
\n
\nOri Perez is a Malware Analyst and Reverse Engineer with vast experience in dealing with Nation-sponsored cyber attacks as an ex-officer at the IDF\'s CERT. Ori is manager at Microsoft Defender for IoT research team (formerly CyberX) and research IoT/OT protocol research for IoT/OT tools .
\n
\nAudience - Defense, forensics folks, ICS/OT enthusiastic​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 15:55\n\n\n\nLocation\n\nSociety Boardroom, Forum\n\n\n\n\n\''),(447,'\'Katalina - Gabi Cirlig\'','\'https://forum.defcon.org/node/246240\'','\'https://forum.defcon.org/node/246642\'','','','','\'\nHello!
\n
\nI\'m Gabi and I\'ll slowly be releasing bits and pieces of what Katalina can do while we get closer to the conference. Since I\'ll be launching the tool live when the conference starts, it\'s gonna be a bit more until y\'all can play with the tool :D For now, please find attached some funny strings that I\'ve deobfuscated from a Xenomorph sample!
\n
\n\"Click\n​
\n
\nThis is how the original function for the string "hq.json" looked like:
\n
\n\"Click\n​
\n
\nKatalina automatically found an entrypoint that called this string obfuscating function, executed it and spit out the generated string! As you can see, the tool is like Unicorn but for Dalvik bytecode. It provides an environment that can execute Android bytecode automatically or one function at a time, but more on that in a later post. For more questions feel free to post here or DM me on Twitter (@hookgab) or Mastodon (hookgab@mas.to).\n\n\n\n\''),(448,'\'Kraken, a modular multi-language webshell for defense evasion - Raul Caro\'','\'https://forum.defcon.org/node/246334\'','\'https://forum.defcon.org/node/246335\'','','','','\'\nKraken, a modular multi-language webshell for defense evasion
\n
\nSaturday August 12, 12:00 – 13:55, Society Boardroom, Forum
\n
\nRaul Caro
\n
\nKraken is a modular multi-language webshell focused on web post-exploitation and defense evasion. It supports three technologies (PHP, JSP and ASPX) and its core is developed in Python. Kraken follows the principle of "avoiding command execution" by re-implementing it through the functionalities of the programming language in use. Kraken seeks to provide usability, scalability and improve the OPSEC of ongoing operations.
\n
\nRaul Caro Teixido (OSCP, CRTE) is an Offensive Security Engineer at Telefonica Tech. He is the co-author of Mistica (your friendly data smuggler) presented in BlackHat Arsenal USA 2020, and the creator of Kraken (a modular multi-language webshell).
\n
\nAudience - offensive (red team) and defensive (blue team and threat hunting) profiles
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 12:00\n\n\n\nEnds\n\nAugust 12, 2023 13:55\n\n\n\nLocation\n\nSociety Boardroom, Forum\n\n\n\n\n\''),(449,'\'Lambda Looter - Doug Kent & Rob Ditmer\'','\'https://forum.defcon.org/node/246322\'','\'https://forum.defcon.org/node/246323\'','','','','\'\nLambda Looter
\n
\nSaturday August 12, 10:00 – 11:55, Accord Boardroom, Forum
\n
\nDoug Kent & Rob Ditmer
\n
\nOrganizations can have thousands of lines of code that are stored in Lambda on AWS. This application was built to help reduce the amount of time it takes to review that code. On our last Pen Test, we had so much Lambda code to review it was impossible to parse through all of it in the short amount of time assigned to our test. This lack of time created a necessity to automate the review of that lambda code for secrets. Lambda Looter will take a list of profiles and scan through them and download the code you have access to and then process that code for secrets, outputting any potential secrets to a loot directory. Even though this tool can generate a number of false positives it makes looking for secrets much faster than scanning the code manually.
\n
\nDoug has worked at State Farm for about 20 years. Working on mostly security technologies ranging from Active Directory, PKI, Endpoint protection and finally landing recently on the Pen Testing team. Doug has a passion for identifying vulnerabilities and partnering with control solution teams to protect State Farm data and fulfill our promise to customers. He strives to help others with offensive security skills by providing training, guidance, and kill chain demonstrations.
\n
\nRob has been on the State Farm PenTesting Team for 2 years. Prior to his time at State Farm, he has worked with various other companies as a penetration testing consultant – enabling him to experience a wide range of technologies and their differing implementations. Rob enjoys the challenge of developing tools and infrastructure to better the skills and abilities of the PenTesting team, ultimately to better the protections around State Farm data.
\n
\nAudience - Penetration Testers, Red Teamers, AWS Admins, AWS Developers, Threat Hunters​
\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 10:00\n\n\n\nEnds\n\nAugust 12, 2023 11:55\n\n\n\nLocation\n\nAccord Boardroom, Forum\n\n\n\n\n\''),(450,'\'Lupo: Malware IOC Extractor - Vishal Thakur\'','\'https://forum.defcon.org/node/246330\'','\'https://forum.defcon.org/node/246331\'','','','','\'\nLupo: Malware IOC Extractor
\n
\nSaturday August 12, 10:00 – 11:55, Caucus Boardroom, Forum
\n
\nVishal Thakur
\n
\nLupo is a dynamic analysis tool that can be used as a module with the debugger.
\n
\nVishal Thakur has worked in the information security industry for many years in hands-on technical roles, specializing in Incident Response with a heavy focus on Emerging Threats, Malware Analysis and Research. He has presented his research at international conferences (BlackHat, FIRST, SANS DFIR Summit) and has also run training/workshops at BlackHat and FIRST Conference. Vishal is currently working as Manager, Threat Operations Center at Huntress. In past roles, Vishal worked as a Senior Researcher at Salesforce, helping their Incident Response Centre with advanced threat analysis and developing DFIR tools and has been a part of the Incident Response team at the Commonwealth Bank of Australia.
\n
\nAudience - Defense, Malware Analysis, Reverse Engineering
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 10:00\n\n\n\nEnds\n\nAugust 12, 2023 11:55\n\n\n\nLocation\n\nCaucus Boardroom, Forum\n\n\n\n\n\''),(451,'\'OpenSSF Scorecard - Naveen Srinivasan & Neil Naveen\'','\'https://forum.defcon.org/node/246318\'','\'https://forum.defcon.org/node/246319\'','','','','\'\nOpenSSF Scorecard
\n
\nFriday August 11, 14:00 – 15:55, Caucus Boardroom, Forum
\n
\nNaveen Srinivasan & Neil Naveen
\n
\nIntroducing Scorecard, an innovative open-source tool designed to secure the software supply chain by scanning over 1.2 million GitHub repositories for potential security risks. Scorecard automates the process of evaluating a project\'s adherence to security best practices, assigning a score based on the results. The scores and detailed analysis are readily accessible via a comprehensive API (\nhttps://api.securityscorecards.dev\n), empowering developers to easily integrate security checks into their workflows. Additionally, Scorecard provides a CLI for individual use and a GitHub action that allows repository owners to continuously monitor and improve their project\'s security posture. Whether you\'re a seasoned developer or an open-source enthusiast, Scorecard gives you the power to make the software supply chain safer for everyone.
\n
\nNaveen Srinivasan is a contributor and maintainer of multiple \nhttp://github.com/ossf/\n projects, a member and contributor to the \nhttp://github.com/sigstore\n organization. His contributions have earned him recognition with Google Peer Bonus awards in 2021 \nhttps://twitter.com/snaveen/status/1422921438764453897\n and 2022 \nhttps://twitter.com/snaveen/status/1563194155333222400\n. He has consistently contributed to the open-source community for an extended period, with no gaps in activity for the past two years.In addition to his technical contributions, He is a sought-after speaker at conferences, discussing topics related to supply chain security and mitigating risks in open-source software. He can be found on Twitter (@Naveen_Srini) at \nhttps://twitter.com/Naveen_Srini_\n
\n
\nNeil Naveen is an 8th grader in the US who is passionate about jiu-jitsu, solving Leetcode puzzles, and book author. OSS contributor.
\n
\nAudience - AppSec, DevSecOps​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 15:55\n\n\n\nLocation\n\nCaucus Boardroom, Forum\n\n\n\n\n\''),(452,'\'OWASP crAPI: Completely Ridiculous API - Jayesh Ahire and Roshan Piyush\'','\'https://forum.defcon.org/node/246161\'','\'https://forum.defcon.org/node/246163\'','','','','\'\nOWASP crAPI: Completely Ridiculous API
\n
\nFriday August 11, 14:00 – 15:55, Accord Boardroom, Forum
\n
\nJayesh Ahire, Roshan Piyush
\n
\nOWASP crAPI is an intentionally vulnerable API designed to teach and demonstrate common API security flaws. It serves as a playground for security enthusiasts, developers, and penetration testers to learn about API vulnerabilities and practice exploiting them in a safe environment. This Demo Lab will showcase the use of crAPI for educational purposes, including how to set it up, identify vulnerabilities, and apply secure API development best practices.
\n
\nJayesh Ahire is a passionate security professional and open-source contributor with a strong background in application and API security. They have experience working with numerous organizations to design and implement secure API architectures and integrate security practices into their development processes. Jayesh has been actively involved in the OWASP community and enjoys sharing their knowledge through presentations, workshops, and mentorship.
\n
\nRoshan Piyush is Security Research Engineer, solving API Security using the powers of Machine Learning and Distributed Tracing. He has 8+ years of research experience mainly focusing on API Security for the last 5+ years. He loves building security stacks, tools, and solutions. He is also a core member of the Owasp Coraza WAF team and a leader of the Owasp crAPI project.
\n
\nAudience - Offense, Defense, AppSec, and Mobile
\n​
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 15:55\n\n\n\nLocation\n\nAccord Boardroom, Forum\n\n\n\n\n\''),(453,'\'Pcapinator: Rise of the PCAP Machines - Mike Spicer & Henry Hill\'','\'https://forum.defcon.org/node/246342\'','\'https://forum.defcon.org/node/246343\'','','','','\'\nPcapinator: Rise of the PCAP Machines
\n
\nSaturday August 12, 12:00 – 13:55, Unity Boardroom, Forum
\n
\nMike Spicer & Henry Hill
\n
\nPcapinator is a powerful and versatile network analysis tool that combines the strengths of TShark and Python to provide comprehensive and efficient packet deconstruction into a format usable for further analysis. Inspired by the Terminator, Pcapinator is designed to relentlessly analyze, decode, and filter network packets using all of the resources a system makes available to it, making it a formidable asset for diving deep into PCAPs. Leveraging the robust capabilities of Wireshark’s TShark tool, Pcapinator parses and extracts vital information from pcap files, while Python\'s extensive libraries and scripts offer advanced processing and automation options. Pcapinator is built to handle extremely large PCAP files, search for anomalies in those files, and uncover the hard-to-find information in network traffic, making it an essential tool for PCAP analysis.
\n
\nMike Spicer, known as d4rkm4tter, is a cybersecurity expert and innovative hacker with an affinity for pushing the boundaries of both hardware and software. With an unquenchable curiosity for all things wireless, Mike\'s passions have propelled him to build and explore much of the wireless spectrum. Armed with a degree in computer science, Mike has harnessed his skills to build and break a diverse range of systems. His expertise covers web application penetration testing, wireless monitoring and tracking, and reverse engineering. As the designer of the renowned #WiFiCactus, Mike has brought his projects from idea to reality in the cybersecurity world. His unique take on wireless has garnered significant attention, where he has presented and demonstrated his work at conferences such as BlackHat, DEF CON and others around the world.
\n
\nHenry Hill is an expert with computer hardware and is able to design and build the most bleeding edge systems that are the fastest in the world. His internal knowledge of architecture and system bottlenecks help him build systems capable of extreme processing and even faster storage. Henry is also an expert with mechanical engineering and fabrication. When his modifications aren’t appearing in d4rkm4tter’s projects, they can be seen in his race car at the track.
\n
\nAudience - Offense for Recon, Defense for threat identification and forensics.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 12:00\n\n\n\nEnds\n\nAugust 12, 2023 13:55\n\n\n\nLocation\n\nUnity Boardroom, Forum\n\n\n\n\n\''),(454,'\'ProjectDiscovery Nuclei - Brendan O\'Leary & Pj Metz\'','\'https://forum.defcon.org/node/246350\'','\'https://forum.defcon.org/node/246779\'','','','','\'\nUse this Thread to put any questions you might have for us about Nuclei or our other tools. We will try to use these while planning our demo to make sure we\'re being helpful.\n\n\n\n\''),(455,'\'Red Wizard: user-friendly Red Teaming infrastructure - Ben Brücker\'','\'https://forum.defcon.org/node/246332\'','\'https://forum.defcon.org/node/246333\'','','','','\'\nRed Wizard: user-friendly Red Teaming infrastructure
\n
\nSaturday August 12, 12:00 – 13:55, Committee Boardroom, Forum
\n
\nBen Brücker
\n
\nIn this demo I will introduce our new open-source tool called Red Wizard. Red Wizard is the result of years of spinning up repeatable infrastructures for Red Teaming operations. It automates a comprehensive infrastructure deployment with redirectors, backend systems, phishing relays, OSINT machines etcetera. But made easy by providing wizards that walk you through the deployments. Additionally, the infrastructure is self-documenting, making the sharing of all relevant details to your team of operators a breeze. The tool is build to make sure to provide you with a resilient setup that is OPSEC-safe. By retrieving all critical key material from the deployed servers, you will be able to rebuild and keep receiving your shells even if one of your servers crashes and burns. The technology used for Red Wizard is mainly based on Ansible and Docker.
\n
\nBen, Secura\'s Red Teaming lead, has more than 9 years of experience in the field. With a strong passion for Social Engineering, he enjoys employing initial access techniques and has played a pivotal role in creating Secura\'s user friendly and OPSEC-safe Red Teaming infrastructure. In addition to his Red Teaming responsibilities, Ben also serves as a trainer for various courses and frequently shares his expertise as a public speaker at conferences. Having gained invaluable knowledge from the infosec community, he now aims to contribute back by open sourcing a number of tools and delivering presentations at conferences.
\n
\nAudience - Offense, Red Teamers, Penetration testers, Social Engineers​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 12:00\n\n\n\nEnds\n\nAugust 12, 2023 13:55\n\n\n\nLocation\n\nCommittee Boardroom, Forum\n\n\n\n\n\''),(456,'\'RuleProcessorY & Gramify - Rule Optimization & Password Analysis tools - Niels Loozekoot\'','\'https://forum.defcon.org/node/246346\'','\'https://forum.defcon.org/node/246347\'','','','','\'\nRuleProcessorY & Gramify - Rule Optimization & Password Analysis tools
\n
\nSaturday August 12, 14:00 – 15:55, Caucus Boardroom, Forum
\n
\nNiels Loozekoot
\n
\nThe RuleProcessorY and Gramify tools are new tools that support password-cracking efforts. RuleProcessorY offers a method of optimizing hashcat rule-files so that you can prevent duplicates across multiple attacks better, leading to a shorter runtime. Additionally it can process rules as hashcat would with an additional support for multi-byte/multi-character rules (inserts & replace primarily). Gramify offers an easy method to create base words and candidates to utilize with wordlist and combination attacks by splitting data by words, characters, or character-set. This can help with password phrases, quotes, sentences, combinator attacks, and extracting base-words from passwordlists.
\n
\nWorking as Pentester Niels has an extensive background in the security field. Niels has a background in web-development and knows his way around C, C++, C#, and Python and is active in the password cracking/research communities of Hashcat, Hashkiller, and HashMob. Winning in the CrackTheCon password cracking contest, and achieving 3rd place in both the CrackMeIfYouCan 2021 & 2022.
\n
\nAudience - Offense​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 15:55\n\n\n\nLocation\n\nCaucus Boardroom, Forum\n\n\n\n\n\''),(457,'\'Saturday - Joshua Herman\'','\'https://forum.defcon.org/node/246320\'','\'https://forum.defcon.org/node/246321\'','','','','\'\nSaturday
\n
\nSaturday August 12, 10:00 – 11:55, Council Boardroom, Forum
\n
\nJoshua Herman
\n
\nThis tool is a digital assistant that helps you hack. Under the hood it uses langchain (a way to augment LLMss) that currently uses an SMS / MMS / Phone interface that will allow for basic information retrieval tasks (google search, searching shodan, google places) and has the goal of doing complex offensive and defensive security tasks using anything from a dumb phone to a smartphone. It is preprogramed with tools that it can intelligently use to accomplish certain tasks such as performing a search on shodan given an IP address.
\n
\nI am a release engineer specializing in compliance of information security vendors for post trade currencies. Previously I was a software engineer with experience with distributed computing and UI / UX using Python and Javascript in the same department . I have a decade of professional experience in software engineering in various industries such as insurance, CRM, Trade Show applications, recommender systems and cryptocurrency . I also have contributions to open source projects such as CPython documentation, triaging and features.
\n
\nAudience - Offensive / Defensive / AppSec​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 10:00\n\n\n\nEnds\n\nAugust 12, 2023 11:55\n\n\n\nLocation\n\nCouncil Boardroom, Forum\n\n\n\n\n\''),(458,'\'Shufflecake, AKA Truecrypt on Steroids for Linux - Tommaso Gagliardoni & Elia Anzuoni\'','\'https://forum.defcon.org/node/246224\'','\'https://forum.defcon.org/node/246772\'','','','','\'\nBecause we do not want to let you down at DEF CON, we just released a major upgrade of Shufflecake!
\n
\n
\n## [0.4.0] - 2023-07-24
\n
\n### Added
\n- Benchmark suite with testing tools for Shufflecake, LUKS, and VeraCrypt.
\n- `changepwd` action to change an existing password.
\n- `checkpwd` action to check if a given password is correct.
\n- Improved documentation in `README.md` on using `init` non-interactively.
\n- `doc` section which for now includes figure of Shufflecake header structure.
\n
\n### Refactored
\n
\n- Implemented reference slice allocation algorithm with much faster performance.
\n
\n### Fixed
\n
\n- Fixed a bug that made `--skip-randfill` option not work.
\n- Fixed a bug that made action `close` not work.
\n
\n### Changed
\n
\n- BREAKING CHANGE: slightly modified header field format, removing redundant MAC field and making it adherent to documentation.
\n- Action `init` now reads password from secure interface (not echoing characters, etc).
\n- Updated instructions in `SECURITY.md`.
\n
\n​\n\n\n\n\''),(459,'\'Strix Interceptor - Lexie Thach\'','\'https://forum.defcon.org/node/246232\'','\'https://forum.defcon.org/node/246233\'','','','','\'\nStrix Interceptor
\n
\nFriday August 11, 10:00 – 11:55, Unity Boardroom, Forum
\n
\nLexie Thach
\n
\nThe development of unmanned aerial vehicles (UAVs) has revolutionized data collection, but security challenges have emerged. In response, Strix is a security testing UAV designed to intercept other UAVs in flight while adhering to legal limitations. It utilizes software analysis to detect and track unauthorized UAVs, predicting their flight path without compromising itself. Strix also encompasses ground-based support systems for enhanced mission effectiveness. The ground-based robots and drones can perform tasks such as reconnaissance, target identification, and data analysis to enhance the effectiveness of Strix\'s mission.The drone can detect RF anti-drone systems and, if identified, utilize multi-RF spoofing technology to disrupt or block their signals. This allows Strix to enter protected airspace undetected, while staying within legal bounds when required. Strix was designed to identify other UAVs and attempt to jam or possibly control their signals to their flight operators. Its hardware includes sensors, a robust communication system, and the Pixhawk autonomous flight module, which provides open-source flexibility and customization options.Strix\'s small and agile design enables high-speed flight and maneuverability in confined spaces. Advanced encryption ensures data security during collection and transmission. As an open-source project, Strix encourages customization and collaboration, making it an invaluable tool for securing airspace and mitigating UAV threats. Its interception capabilities and defensive measures, including multi-RF spoofing, contribute to UAV-driven security systems while respecting legal considerations. This makes it a powerful tool for securing airspace and preventing unauthorized UAVs from posing a threat. Its ability to detect and intercept UAVs in flight, coupled with its defensive capabilities against anti-drone systems, including the ability to employ multi-RF spoofing technology, makes Strix an essential component of any security system that relies on UAVs for data collection and analysis. Strix aims to showcase the potential of UAVs in a lawful and responsible manner, promoting safety, innovation, and ethical practices within the drone industry.
\n
\nLexie Thach is a dedicated cybersecurity professional who has spent nearly a decade honing her skills in various roles within the industry. Throughout her journey, she has had the privilege of gaining invaluable experience in diverse cybersecurity domains, including ICS/SCADA and avionics security. Driven by an insatiable thirst for knowledge, Lexie has developed a genuine passion for electrical engineering, programming, and robotics engineering, despite not having a conventional academic background. She is currently working towards completing her studies, constantly striving to expand her knowledge and capabilities.Lexie\'s journey began at a young age when she made the decision to serve her country in the US Airforce. For a period of eight years, she had the opportunity to contribute her expertise in cyber security and tactical networks for aircraft missions and operations. It was during this time that she was exposed to the complexities of intercepting aircraft, particularly drones, and learned valuable lessons from observing the tactics and techniques employed by state actors, hacker groups, and organizations. Drawing from her diverse experiences and the challenges she faced, Lexie has embarked on projects centered around securing and assessing the security of autonomous systems. Her passion is rooted in the desire to share the techniques she has learned and to contribute to the advancement of secure autonomous systems.
\n
\nAudience - I hope to attract other drone enthusiasts, drone researchers, aerospace industry professionals, and other open-source community driven developers to my demo.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 10:00\n\n\n\nEnds\n\nAugust 11, 2023 11:55\n\n\n\nLocation\n\nUnity Boardroom, Forum\n\n\n\n\n\''),(460,'\'SucoshScanny - Mustafa Bilgici, Tibet Öğünç\'','\'https://forum.defcon.org/node/246242\'','\'https://forum.defcon.org/node/246243\'','','','','\'\nSucoshScanny
\n
\nFriday August 11, 10:00 – 11:55, Caucus Boardroom, Forum
\n
\nMustafa Bilgici & Tibet Öğünç
\n
\nSucoshScan is a automated open source SAST(Static Application Security Testing) framework. It’s can detect a lot of vulnerability(RCE,SSTI,Insecure Deserilisation,SSRF,SQLI,CSRF etc.) in given source code.For now, only the detection modules of python(flask,django) and nodejs(express js.) languages are finished. In the future, specific detection functions will be written for php (Laravel, Codeigniter), .NET, Go languages.
\n
\nMustafa Bilgici has been doing cyber security and application security research for 4 years. It conducted vulnerabilities in many applications and reported these vulnerabilities to companies. He also works as a cyber security researcher and developer in various cyber security companies.
\n
\nTibet Öğünç has been doing cyber security and application security research for 4 years and has discovered vulnerabilities in many web applications and helped organizations to protect themselves from attackers. As a developer in web coding languages such as Node Js., Python, Php Javascript, he works as a software developer and team leader for the development of many products.
\n
\nAudience - Offense, Defense and AppSec​
\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 10:00\n\n\n\nEnds\n\nAugust 11, 2023 11:55\n\n\n\nLocation\n\nCaucus Boardroom, Forum\n\n\n\n\n\''),(461,'\'T3SF (Technical TableTop Exercises Simulation Framework) - Federico Pacheco, Joaquin Lanfranconi\'','\'https://forum.defcon.org/node/246234\'','\'https://forum.defcon.org/node/246236\'','','','','\'\nT3SF (Technical TableTop Exercises Simulation Framework)
\n
\nFriday August 11, 10:00 – 11:55, Council Boardroom, Forum
\n
\nFederico Pacheco & Joaquin Lanfranconi
\n
\nT3SF is a framework that offers a modular structure for the orchestration of injects from a master scenario events list (MSEL) together with a set of rules defined for each exercise and a configuration that allows defining the parameters of the correspondent platform. The main module performs the communication with the specific module (Discord, Slack, Telegram, WhatsApp, Teams, etc.) which allows the events to be presented in the input channels as messages in the platform. It supports different use cases for single or multiple organizations.
\n
\nFederico - Cybersecurity professional with background in electronics engineering and several industry renowned certifications. 20+ years of teaching experience at the most prestigious universities in Argentina. Published 4 books and several research whitepapers. Has worked for the public and private sector, including regional roles in global companies.
\n
\nJoaquin - Offensive cybersecurity professional with extensive programming skills, currently working as Cybersecurity Researcher. He is among the first positions of the Argentinean ranking in the main CTFs platforms, and stands out in the global rankings, besides contributing to the security community by writing posts and write-ups.
\n
\nAudience - Defense & Incident Response.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 10:00\n\n\n\nEnds\n\nAugust 11, 2023 11:55\n\n\n\nLocation\n\nCouncil Boardroom, Forum\n\n\n\n\n\''),(462,'\'The Metasploit Framework - Spencer McIntyre\'','\'https://forum.defcon.org/node/246238\'','\'https://forum.defcon.org/node/246239\'','','','','\'\nThe Metasploit Framework
\n
\nFriday August 11, 10:00 – 11:55, Committee Boardroom, Forum
\n
\nSpencer McIntyre
\n
\nActive Directory is the foundation of the infrastructure for many organizations. As of 2023, Metasploit has added a wide range of new capabilities and attack workflows to support Active Directory exploitation. This DEF CON demonstration will cover new ways to enumerate information from LDAP, attacking Active Directory Certificate Services (AD CS), leveraging Role Based Constrained Delegation, and using Kerberos authentication. The Kerberos features added in Metasploit 6.3 will be a focal point. The audience will learn how to execute multiple attack techniques, including Pass-The-Ticket (PTT), forging Golden/Silver Tickets, and authenticating with AD CS certificates. Finally, users will see how these attack primitives can be combined within Metasploit to streamline attack workflows with integrated ticket management. The demonstration will also highlight inspection capabilities that are useful for decrypting traffic and tickets for debugging and research purposes.
\n
\nSpencer McIntyre is a Security Research Manager at Rapid7, where he works on the Metasploit Framework. He has been contributing to Metasploit since 2010, a committer since 2014, and a core team member at Rapid7 since 2019. Previously, Spencer worked at a consulting firm working with clients from various industries, including healthcare, energy, and manufacturing. He is an avid open source contributor and Python enthusiast.
\n
\nAudience: Offense
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 10:00\n\n\n\nEnds\n\nAugust 11, 2023 11:55\n\n\n\nLocation\n\nCommittee Boardroom, Forum\n\n\n\n\n\''),(463,'\'The Wifydra: Multiheaded RF Panopticon - Lozaning\'','\'https://forum.defcon.org/node/246324\'','\'https://forum.defcon.org/node/246325\'','','','','\'\nThe Wifydra: Multiheaded RF Panopticon
\n
\nSaturday August 12, 10:00 – 11:55, Society Boardroom, Forum
\n
\nLozaning
\n
\nThe Wifydra is open source hardware and software used to locate wireless access points for wardriving. The project is a continuation of the work done previously by Mike Spicer (@d4rkm4tter) and his WiFi Cactus and Kraken. It\'s designed to be a low power and low cost modular way of simultaneously monitoring all 2.4Ghz WiFi channels for AP beacons. By utilizing strictly off the shelf embedded components, the Wifydra is able to keep costs extremely low (~$90) and its footprint extremely small (250 square cm). More importantly, minimal power consumption is maintained, requiring only a USB C battery capable of putting out 10 watts. The Wifydra is modular in nature and supports a multitude of GNSS (Global Navigation Satellite System) options for location tagging. The ESP32-C5 for 5Ghz channel monitoring will also be supported once the hardware becomes available. The version of The Wifydra demoed consists of 14 ESP8266 called sub nodes, an additional ESP32 called the dom node, SD card holder, GNSS module, OLED screen, as well as the Wifydra carrier board that connects all these components. The firmware, BOM, and gerbers are all available in The Wifydra\'s Github repo: \nhttps://github.com/lozaning/The_Wifydra\n
\n
\nLozaning (they/them) has been wardriving for over 10 years and enjoys designing, building, and assembling unorthodox network observation platforms such as: The Wifydra (presented here), The International Wigle Space Balloon, and turning an Amtrak roomette into a mobile radio observation lab. Currently ranked as the 84th best wardriver in the world on Wigle.net, Lozaning loves all things wifi and high precision GNSS related.
\n
\nAudience - The target audience is anyone interested in WarDriving or RF site surveys, as well as those looking to get started designing their first custom PCB​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 10:00\n\n\n\nEnds\n\nAugust 12, 2023 11:55\n\n\n\nLocation\n\nSociety Boardroom, Forum\n\n\n\n\n\''),(464,'\'ThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal - Aaron Morath & Dr. Scott Graham\'','\'https://forum.defcon.org/node/246348\'','\'https://forum.defcon.org/node/246349\'','','','','\'\nThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal
\n
\nSaturday August 12, 14:00 – 15:55, Accord Boardroom, Forum
\n
\nAaron Morath & Dr. Scott Graham
\n
\nVirusTotal serves as a popular platform for aggregating malware information submitted by Anti-Virus (AV) software providers, which can be searched using parameters such as hashes (SHA-1, SHA-256, MD5), file names, and malicious web links. In order to enhance and automate the process of malware intelligence gathering, we introduce ThreatScraper, a Python-based tool that automates free API queries and rescanning tasks on VirusTotal. ThreatScraper is designed to periodically request reports on specified files and save the results in a local database or Excel file. It allows users to pull and aggregate malicious file reports from multiple AV vendors over time, providing insights into the adoption of malware detection across providers. Easily implemented from any Windows command line, ThreatScraper can rescan a file, pull a report, and then sleep until the next designated time identified by the user.
\n
\nCaptain Aaron "AJ" Morath, CEH/CompTIA Pentest+, is a graduate student at the Air Force Institute of Technology, where he is involved in researching malware identification and propagation. His thesis work concentrates on developing innovative strategies to combat evolving cybersecurity threats and enhance security measures. AJ has served as the Defensive Cyber Operator (DCO) Officer in Charge (OIC) of the NASIC DCO team for three years. He oversaw the security and defense of an enterprise network comprising over 6,000 connected devices.
\n
\nDr. Scott Graham is a Professor of Computer Engineering at the Air Force Institute of Technology. His research interests center on cyber physical systems, looking at the intersection between real physical systems and the computers that control them. Specific areas of interest include cyber physical systems security, computer architecture, embedded computing, critical infrastructure protection, and vehicular cyber security.
\n
\nAudience - Offensive and Defensive Cyber​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 15:55\n\n\n\nLocation\n\nAccord Boardroom, Forum\n\n\n\n\n\''),(465,'\'USBvalve - Expose USB activity on the fly - Cesare Pizzi\'','\'https://forum.defcon.org/node/246326\'','\'https://forum.defcon.org/node/246327\'','','','','\'\nUSBvalve - Expose USB activity on the fly
\n
\nSaturday August 12, 10:00 – 11:55, Unity Boardroom, Forum
\n
\nCesare Pizzi
\n
\nUSB spreading malware is still a concern today. Over the past few months, we have witnessed an increase in malicious software exploiting USB drives to bypass security measures, even in air-gapped systems. Whenever we connect our USB drive to an "untrusted" system, numerous doubts arise: what happens behind the scenes? Is something accessing, modifying, or encrypting our files? This is where USBvalve comes in. It is an affordable dongle, built using readily available hardware, designed to reveal the true activities occurring when a USB drive is connected to a system. It can also be used to check for "BADUSB" (HID) on USB keys before inserting them into our own systems. The best part is that it\'s as compact as a keychain, making it convenient to carry with us at all times!
\n
\nCesare Pizzi is a Security Researcher, Analyst, and Technology Enthusiast at Sorint.lab. He develops software and hardware, and tries to share this with the community. Mainly focused on low level programming, he developed a lot of OpenSource software, sometimes hardware related and sometimes not. Doing a lot of reverse engineering too. He likes to share his job when possible (at Defcon, Insomni\'hack, Nullcon. etc). Contributor of several OS Security project (Volatility, OpenCanary, PersistenceSniper, Speakeasy, CETUS, etc) and CTF player.
\n
\nAudience - Malware analysts, Digital Forensic investigator, Security Practitioners​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 10:00\n\n\n\nEnds\n\nAugust 12, 2023 11:55\n\n\n\nLocation\n\nUnity Boardroom, Forum\n\n\n\n\n\''),(466,'\'Vacuum Robot Hacking - Dennis Giese\'','\'https://forum.defcon.org/node/246218\'','\'https://forum.defcon.org/node/246219\'','','','','\'\nVacuum Robot Hacking
\n
\nFriday August 11, 14:00 – 15:55, Unity Boardroom, Forum
\nDennis Giese
\n
\nIn this demo I will show you can root various models of vacuum robots and disconnect them from the cloud. You have the chance to play around yourself with the tools and the rooted robots yourself. Learn why you should not trust your robots cameras and microphones. Pick up a free PCB that allows you to root your vacuum robot easily.
\n
\nDennis Giese is currently a PhD student at Northeastern University and focuses on the security and privacy of IoT devices. While being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kinds of devices. His most known projects are the documentation and hacking of various vacuum robots. His current vacuum robot army consists of over 45 different models from various vendors.
\n
\nAudience - hardware tinkerers and users of vacuum robots
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 15:55\n\n\n\nLocation\n\nUnity Boardroom, Forum\n\n\n\n\n\''),(467,'\'Veilid - TC Johnson & Deth Veggie\'','\'https://forum.defcon.org/node/246328\'','\'https://forum.defcon.org/node/246329\'','','','','\'\nVeilid
\n
\nSaturday August 12, 10:00 – 11:55, Committee Boardroom, Forum
\n
\nTC Johnson & Deth Veggie
\n
\nVeilid is a new, distributed communication protocol developed by Cult of the Dead Cow\'s Dildog (of BO2K fame). This p2p, E2EE, distributed protocol is being released at Defcon 31, fully open source, and with an example app called Veilid Chat. These demos will cover setting up an identity, connecting to others, deploying heavy nodes to support the network, and contributing to the project.
\n
\nTC: Rubber Duck to the actual developer of Veilid. Here to get you started on the future we were promised -- communication free of a profit motive, free of corporate overlords, and free of other intrusive eyeballs.
\n
\nThe Deth Vegetable: cDc member since December 1990. Minister of Propaganda If everything is to be believed, he has alternately been a Special Forces Commando, Mexican wrestler, comicbook villain, bodyguard to Mr. T, designer drug manufacturer, electronics wizard, and used tire recycler.
\n
\nAudience: Everyone, we\'re changing the world, cDc style​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 10:00\n\n\n\nEnds\n\nAugust 12, 2023 11:55\n\n\n\nLocation\n\nCommittee Boardroom, Forum\n\n\n\n\n\''),(468,'\'Vulnerable by Design: Unguard, The Insecure Cloud-Native Twitter Clone - Simon Ammer, Christoph Wedenig\'','\'https://forum.defcon.org/node/246244\'','\'https://forum.defcon.org/node/246245\'','','','','\'\nVulnerable by Design: Unguard, The Insecure Cloud-Native Twitter Clone
\n
\nFriday August 11, 10:00 – 11:55, Accord Boardroom, Forum
\n
\nSimon Ammer, Christoph Wedenig
\n
\nUnguard is an intentionally insecure, cloud-native microservices demo application that serves as a playground for cybersecurity enthusiasts to sharpen their skills and for cybersecurity companies to test their software. Designed to mimic a web-based Twitter clone, the platform offers user registration, login, content posting, and social interactions, all with a wide variety of exploitable vulnerabilities. Featuring a wide range of security flaws, including SSRF, Command/SQL Injection, Log4Shell, and Spring4Shell, Unguard challenges security professionals, developers, and students to identify, exploit, and understand these weaknesses. Simultaneously, the platform showcases deceptive elements, such as phony ads and profile management options, which further enhance the real-world experience offered by the demo.
\n
\nSimon\'s interest in cybersecurity was sparked after listening to the Darknet Diaries podcast, which led him to pursue a career in this fascinating field. He studied Software Engineering and Mobile Computing in Austria, focusing on enhancing web vulnerability scanner reports for his Master\'s thesis. Driven by his passion for cybersecurity, Simon decided to further expand his knowledge by enrolling in another Master\'s program specializing in Artificial Intelligence. Currently, he holds the position of Research Software Engineer in the cloud-native security team at Dynatrace. There, he leverages his knowledge to employ AI to improve security measures and safeguard digital infrastructures.
\n
\nChristoph always loved to interact with software systems, even more so in unintended ways. He studied Applied Computer Science in the south of Austria, focusing on the detection of server-side request forgery in his Master’s thesis. As a demo environment for this thesis, he created a small distributed application called “Vogelgrippe” which was then later extended for various other use cases until being renamed to Unguard and finally gifted to the community as an Open-Source playground. Currently, he is working in the Application security team at Dynatrace, where he helps build a wide suite of security-related software.
\n
\nAudience - Offense, Defense
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 10:00\n\n\n\nEnds\n\nAugust 11, 2023 11:55\n\n\n\nLocation\n\nAccord Boardroom, Forum\n\n\n\n\n\''); /*!40000 ALTER TABLE `demolabs` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `events` -- DROP TABLE IF EXISTS `events`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `events` ( `day` varchar(16) COLLATE utf8_unicode_ci NOT NULL, `hour` varchar(2) COLLATE utf8_unicode_ci NOT NULL, `starttime` varchar(6) COLLATE utf8_unicode_ci NOT NULL, `endtime` varchar(6) COLLATE utf8_unicode_ci NOT NULL, `continuation` char(1) COLLATE utf8_unicode_ci NOT NULL, `village` varchar(64) COLLATE utf8_unicode_ci NOT NULL, `track` varchar(90) COLLATE utf8_unicode_ci NOT NULL, `title` varchar(512) COLLATE utf8_unicode_ci NOT NULL, `speaker` varchar(256) COLLATE utf8_unicode_ci NOT NULL, `hash` varchar(64) COLLATE utf8_unicode_ci NOT NULL, `desc` text COLLATE utf8_unicode_ci NOT NULL, `modflag` tinyint(4) DEFAULT NULL, `autoincre` int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY (`autoincre`), KEY `title` (`title`(255)), KEY `hash` (`hash`) ) ENGINE=InnoDB AUTO_INCREMENT=368348 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `events` -- LOCK TABLES `events` WRITE; /*!40000 ALTER TABLE `events` DISABLE KEYS */; INSERT INTO `events` VALUES ('2_Friday','10','10:00','10:45','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'The RingHopper Journey or How We Almost Zero-day’d the World\'','\'Benny Zeltser,Jonathan Lusky\'','DC_1188b8d93ca80913355dafcc84d699b2','\'Title: The RingHopper Journey or How We Almost Zero-day’d the World
\nWhen: Friday, Aug 11, 10:00 - 10:45 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Benny Zeltser,Jonathan Lusky
\n
SpeakerBio:Benny Zeltser\n, Security Research Team Lead at Intel
\nBenny (@benny_zeltser) is a security research team lead @ iSTARE, Intel. He focuses on breaking and exploiting anything on the border between HW and SW. Previously, Benny worked at IBM on development of malware analysis techniques, and spent four years in the IDF Intelligence as a security and research engineer. When Benny is not breaking things, he usually hikes with his 1 yo or cultivating his coffee brewing (and drinking) hobby.
\nTwitter: @benny_zeltser
\n
SpeakerBio:Jonathan Lusky\n, Security Research Team Lead at Cellebrite
\nJonathan (@LuskyYehonatan) is a security research team lead @ Cellebrite. In the past, he was a security research team lead @ Intel. He is curious about anything related with low-level security research, reversing binaries, poking CPUs and breaking stuff up. Currently, he is about to complete his master’s degree at the Technion focusing on neural network extraction attacks. In his spare time, Jonathan loves to participate in CTFs, play tennis and hike.
\nTwitter: @LuskyYehonatan
\n\n
\nDescription:
\nLast year we almost zero-day’d the world with the publication of RingHopper. Now we can finally share some juicy details and invite you for an illuminating journey as we delve into the realm of RingHopper, a method to hop from user-land to SMM.\n

We will survey the discovery and disclosure of a family of industry-wide vulnerabilities in various UEFI implementations, affecting more than eight major vendors, making billions of devices vulnerable to our attack. Then, we will deep-dive into the innards of SMM exploitation and discuss methods to use and abuse various functionalities and properties of edk2 to gain code execution. We will unveil both our futile and fruitful quests of crafting our way to SMM, and detail both the paths that lead to dead-ends, and the route to success.\n

We will give a detailed overview of different ways to elevate this kind of attack to user-land both on Windows and Linux by chaining multiple vulnerabilities together.\n

Finally, we will show RingHopper hopping from user-space to… SMM.\n

\n
REFERENCES
\n
1. DEF CON 29 - Mickey Shkatov, Jesse Michael - High Stakes Updates: BIOS RCE OMG WTF BBQ\n2. DEF CON 26 - Shkatov and Michael - UEFI Exploitation for the Masses\n3. DEF CON 23 - Yuriy Bulygin - Attacking Hypervisors Using Firmware and Hardware\n4. DEF CON 22 - Panel - Summary of Attacks Against BIOS and Secure Boot\n5. OffensiveCon22 - Alex Ermolov, Alex Matrosov and Yegor Vasilenko UEFI Firmware Vulnerabilities
\n\n\'',NULL,365217),('2_Friday','12','12:00','12:20','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'GhostToken: Exploiting Google Cloud Platform App Infrastructure to Create Unremovable Trojan Apps\'','\'Tal Skverer\'','DC_7b8d9a067c1ab4e2b61888a87fd2d3bb','\'Title: GhostToken: Exploiting Google Cloud Platform App Infrastructure to Create Unremovable Trojan Apps
\nWhen: Friday, Aug 11, 12:00 - 12:20 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Tal Skverer\n, Security Research Team Lead at Astrix Security
\nTal holds an M.Sc. in Computer Science from the Weizmann Institute and has a decade of experience in reverse engineering, malware analysis, embedded security, web hacking, cryptography and pentesting. Biannually, Tal teaches workshops on assembly language, reverse engineering and blackbox research.\n \n

Tal Skverer is a Senior Researcher at Astrix Security, where he challenges cloud platforms\' defenses and mitigations. At his previous job, he hacked vehicle computers on a daily basis, and is also known for being one of the researchers that broke PokemonGo\'s anti-cheating system in 2016.

\n\n
\nDescription:
\nIn this talk, we will present a 0-day vulnerability found in the Google Cloud Platform (GCP) affecting all Google users, which allowed a malicious app to become invisible and unremovable, effectively leaving a Google user’s account infected with a backdoor app forever.\n \n

The talk will start by reviewing the world of 3rd-party apps in Cloud platforms: the OAuth 2.0 standard, consent, scoped authorization, the types of tokens, and how data is accessed.\n \n

Shifting the focus on Google, as one of the biggest cloud service providers supporting OAuth 2.0, we will show how 3rd-party apps are created, developed, and managed in Google (you will even get to manage yours in real time). We will discuss how Google relatively recently moved from the standard registration model, to forcibly linking the creation apps to Google Cloud Platform (GCP), hoping to push developers into using one of the GCP services for app development.\n \n

We will then give a complete technical overview of a 0-day vulnerability found in GCP, dubbed \'GhostToken\': The research of the aforementioned connection between apps in Google and GCP, which culminated in finding the ability to force an app to go into a limbo-like, “pending deletion” state, during which the app’s tokens are mishandled. We will show an exploitation of the vulnerability which enables an attacker to hide their authorized app from the user’s management page, causing it to become invisible and unremovable, while still having access to the user’s data.\n \n

Finally, we will share how Google Workspace’s administrators could detect apps that potentially exploited the GhostToken vulnerability, as well as actions organization implementing 3rd-party access to their users\' data can take to avoid making such mistakes, The talk will close with a discussion about the common abuse of and deviation from the OAuth standard by large providers, and propose a possible solution for supporting and implementing apps for large cloud providers.\n \n

Familiarity with GCP and different OAuth 2.0 flows will help understand the concepts, but it is not required as the talk is self-contained.\n

\n
REFERENCES
\n
\n
\n\n\'',NULL,365218),('3_Saturday','16','16:00','16:20','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'A Broken Marriage: Abusing Mixed Vendor Kerberos Stacks\'','\'Ceri Coburn\'','DC_4011e28ce4610aa97051c0932c916530','\'Title: A Broken Marriage: Abusing Mixed Vendor Kerberos Stacks
\nWhen: Saturday, Aug 12, 16:00 - 16:20 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Ceri Coburn\n, Red Team Operator & Offensive Security Dev at Pen Test Partners
\nAfter a 20 career within the software development space, Ceri was looking for a new challenge and moved into pen testing back in 2019. During that time he has created and contributed to several open source offensive tools such as Rubeus, BOFNET and SweetPotato and on the odd occasion contributed to projects on the defensive side too. He current works as a red team operator and offensive security dev at Pen Test Partners.
\nTwitter: @_EthicalChaos_
\n\n
\nDescription:
\nThe Windows Active Directory authority and the MIT/Heimdal Kerberos stacks found on Linux/Unix based hosts often coexist in harmony within the same Kerberos realm. This talk and tool demonstration will show how this marriage is a match made in hell. Microsoft\'s Kerberos stack relies on non standard data to identify it\'s users. MIT/Heimdal Kerberos stacks do not support this non standard way of identifying users. We will look at how Active Directory configuration weaknesses can be abused to escalate privileges on *inux based hosts joined to the same Active Directory authority. This will also introduce an updated version of Rubeus to take advantage of some of these weaknesses.\n
\n
\n
REFERENCES
\n
* https://techcommunity.microsoft.com/t5/security-compliance-and-identity/sam-name-impersonation/ba-p/3042699\n* https://www.catalyst.net.nz/blog/stay-curious-dollar-ticket-security-issue\n* https://exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html\n* https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/6435d3fb-8cf6-4df5-a156-1277690ed59c
\n\n\'',NULL,365219),('3_Saturday','10','10:30','11:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Calling it a 0-Day - Hacking at PBX/UC Systems\'','\'good_pseudonym\'','DC_330e065a408ebfd9fdf92e2a9bb6a3c9','\'Title: Calling it a 0-Day - Hacking at PBX/UC Systems
\nWhen: Saturday, Aug 12, 10:30 - 11:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:good_pseudonym\n
\nNo BIO available
\n\n
\nDescription:
\nPBX (Private Branch Exchange) and UC (Unified Communications) servers are the big communication brokers in enterprise environments where they love on-prem. They do everything to enable internal and external communications including voice, video, conferencing and messaging. But a broader scope also means a broader attack surface.\n

In this talk, we\'ll give an overview PBX/UC systems, what kind of attack surface they have, as well as several bugs that we recently found in two popular PBX/UC products. The journey includes deep-diving Java\'s Runtime.exec(), decrypting encrypted PHP, bypassing license restrictions, pretending to be a phone, and (of course) getting some shells.\n

\n
REFERENCES
\n
* VoIP Wars: Attack of the Cisco Phones (DEF CON 22, Fatih Ozavci)\n* Hacking VoIP Exposed (Black Hat USA 2006, David Endler, Mark Collier)
\n\n\'',NULL,365220),('3_Saturday','11','10:30','11:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Calling it a 0-Day - Hacking at PBX/UC Systems\'','\'good_pseudonym\'','DC_330e065a408ebfd9fdf92e2a9bb6a3c9','\'\'',NULL,365221),('2_Friday','12','12:30','13:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'A Pain in the NAS: Exploiting Cloud Connectivity to PWN your NAS\'','\'Noam Moshe,Sharon Brizinov\'','DC_9db046897f3ebb53bdbeef90e6ecdf3d','\'Title: A Pain in the NAS: Exploiting Cloud Connectivity to PWN your NAS
\nWhen: Friday, Aug 11, 12:30 - 13:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Noam Moshe,Sharon Brizinov
\n
SpeakerBio:Noam Moshe\n, Vulnerability Researcher at Claroty Team82
\nNoam Moshe is a vulnerability researcher at Claroty Team82. Noam specializes in vulnerability research, web applications pentesting, malware analysis, network forensics and ICS/SCADA security. In addition, Noam presented in well-known Hacking conferences like Blackhat Europe, as well as won Master of Pwn at Pwn2Own Miami 2023.
\n
SpeakerBio:Sharon Brizinov\n, Director of Security Research at Claroty Team82
\nSharon Brizinov leads the Vulnerability Research at Team82, The Claroty Research. He specializes in OT/IoT vulnerability research, has participated in multiple Pwn2Own competitions, won Pwn2Own Miami 2023, and holds a DEFCON black badge.
\n\n
\nDescription:
\nHave you ever wondered how you can access your family pictures on your home network-attached storage (NAS) device remotely from your mobile? Do you know how this magic works? At Pwn2Own Toronto 2022, we chained multiple bugs to exploit both Synology and Western Digital NAS devices by abusing vulnerabilities in the device, cloud and the mutual trust between them.\n

In our research, we reviewed the pairing mechanism of NAS devices with the WD and Synology cloud platforms. To our surprise we discovered that devices authenticate to the cloud using a hardware identifier which is later used by users to remotely access their devices. Using this, we were able to impersonate any given NAS device and perform phishing attacks that yielded us admin rights on any targeted WD or Synology device.\n

In this talk, we will explain the pairing process of WD and Synology NAS. We will elaborate on the overall architecture of their cloud offering and focus on the vulnerabilities we found including ways to enumerate and impersonate all edge devices using certificate transparency log (CTL), and steal cloud proxy auth tokens. This enabled us to download every file saved on the NAS devices, alter or encrypt them, and bypass NAT/Firewall protection to achieve full remote code execution on all cloud-connected NAS (and to gain $$$ from Pwn2Own).\n

\n\n\'',NULL,365222),('2_Friday','13','12:30','13:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'A Pain in the NAS: Exploiting Cloud Connectivity to PWN your NAS\'','\'Noam Moshe,Sharon Brizinov\'','DC_9db046897f3ebb53bdbeef90e6ecdf3d','\'\'',NULL,365223),('2_Friday','13','13:30','14:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Private Keys in Public Places\'','\'Tom Pohl\'','DC_b039c270f8bb24d75d2aa264af8ae327','\'Title: Private Keys in Public Places
\nWhen: Friday, Aug 11, 13:30 - 14:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:Tom Pohl\n, Principal Consultant and the Penetration Testing Team Manager at LMG Security
\nTom Pohl is a Principal Consultant and Penetration Testing Team Manager at LMG Security. Prior to LMG, he has spent most of his career on the blue team building and securing systems used by millions of people. And by night, he is a competitive CTF player and has won several black/gold badges including THOTCON, Circle City Con, Wild West Hackin’ Fest and DEF CON. He is good at what he does because he’s already made many of the mistakes that he encounters in client environments on a daily basis.
\n\n
\nDescription:
\nFirmware and software binaries are littered with private keys, legitimate CA-blessed certificates, and encryption keys—but hardly anyone notices. These secrets are often obfuscated or otherwise hidden in ways that weren’t intended to be found. I’ll show three real-world examples from popular manufacturers (Netgear, Fortinet and Dell), and demonstrate techniques for uncovering them. In the most extreme example, an adversary can use an obfuscated key to gain access to any customer’s vCenter environment.\n

I’ll start with a straightforward look at Netgear firmware and show methods for discovering private keys in PEM-encoded text files. We’ll dig into the Fortinet firmware, which contained custom obfuscated archive files, and show how to extract Apple and Google issued certificates and I will also show that 3 year awaited “fix” did not adequately solve the issue.\n

Finally, I’ll dig into the worst case: a static AES encryption key within Dell software used to connect to vCenter. I\'ll demonstrate how retrieve, decompile and use a static AES key which will decrypt vCenter credentials. The key is the same for EVERY customer. This has not been talked about anywhere publicly.\n

I’ll conclude by discussing the importance of developer training, proper key management, and (above all), identifying and eliminating this systemic practice.\n

\n
REFERENCES
\n
\n
\n\n\'',NULL,365224),('2_Friday','14','13:30','14:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Private Keys in Public Places\'','\'Tom Pohl\'','DC_b039c270f8bb24d75d2aa264af8ae327','\'\'',NULL,365225),('2_Friday','15','15:30','16:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE\'','\'NiNi Chen\'','DC_09ca7ece25af531731b92c33229c0f4f','\'Title: A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE
\nWhen: Friday, Aug 11, 15:30 - 16:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:NiNi Chen\n, Security Researcher at DEVCORE
\nTing-Yu Chen, aka NiNi, is a security researcher at DEVCORE and a member of the Balsn CTF team. He won the title of the \"Master of Pwn\" at Pwn2Own Toronto 2022 with the DEVCORE team. NiNi has also made notable achievements in CTF competitions, including placing 2nd and 3rd in DEF CON CTF 27 and 28 as a member of HITCON⚔BFKinesiS and HITCON⚔Balsn teams, respectively. NiNi is currently immersed in vulnerability research and reverse engineering, continuing to hone his skills. You can keep up with his latest discoveries and musings on Twitter via his handle @terrynini38514 or blog at http://blog.terrynini.tw/.
\nTwitter: @terrynini38514
\n\n
\nDescription:
\nMikroTik, as a supplier of network infrastructures, its products and RouterOS are adopted widely. Currently, at least 3 million+ devices are running RouterOS online. Being the target research by attackers actively, the exploits leaked from the CIA in 2018 and the massive exploits that followed are samples of the havoc that can be caused when such devices are maliciously exploited again. Therefore, RouterOS also attracts many researchers to hunt bugs in it. However, there are rarely high-impact vulnerabilities reported over a long period. Can the OS become perfect overnight? Of course not. Some details have been missed.\n \n

Researches on RouterOS were mainly against jailbreak, Nova Message in IPC, and analysis of exploits in the wild. Especially researches against Nova Message have reported tons of post-auth vulnerabilities. However, the architecture design and the lower-layer objects, which are closely related to the functionality of Nova Binary, were being neglected due to their complexity, causing some details to be overlooked for a long time. Starting by introducing the mechanisms of the socket callback and the remote object, we will disclose more about the overlooked attack surface and implementations in RouterOS. Moreover, we will discuss how we, at the end of rarely visited trails, found the pre-auth RCE that existed for nine years and can exploit all active versions and the race condition in the remote object. We will also share our methodology and vulnerability patterns.\n \n

Delving into the design of the RouterOS, attendees will have a greater understanding of the overlooked attack surface and implementation of it and be able to review the system more reliably. Additionally, we will also share our open-source tools and methodology to facilitate researchers researching RouterOS, making it less obscure. ,\nTing-Yu Chen, aka NiNi, is a security researcher at DEVCORE and a member of the Balsn CTF team. He won the title of the \"Master of Pwn\" at Pwn2Own Toronto 2022 with the DEVCORE team. NiNi has also made notable achievements in CTF competitions, including placing 2nd and 3rd in DEF CON CTF 27 and 28 as a member of HITCON⚔BFKinesiS and HITCON⚔Balsn teams, respectively. NiNi is currently immersed in vulnerability research and reverse engineering, continuing to hone his skills. You can keep up with his latest discoveries and musings on Twitter via his handle @terrynini38514 or blog at http://blog.terrynini.tw/.\n \n

\n
REFERENCES
\n
\n \n
\n\n\'',NULL,365226),('2_Friday','16','15:30','16:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE\'','\'NiNi Chen\'','DC_09ca7ece25af531731b92c33229c0f4f','\'\'',NULL,365227),('3_Saturday','15','15:30','16:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Breaking BMC: The Forgotten Key to the Kingdom\'','\'Adam Zabrocki,Alex Tereshkin\'','DC_ed4a0bbc9e6bf903b3b61e2782c8613c','\'Title: Breaking BMC: The Forgotten Key to the Kingdom
\nWhen: Saturday, Aug 12, 15:30 - 16:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Adam Zabrocki,Alex Tereshkin
\n
SpeakerBio:Adam Zabrocki\n, Distinguished Engineer (Offensive Security) at NVIDIA
\nAdam ‘pi3’ Zabrocki is a computer security researcher, pentester and bughunter, currently working as a Distinguished Engineer (Offensive Security) at NVIDIA. He is a creator and developer of Linux Kernel Runtime Guard (LKRG) - his moonlight project defended by Openwall. Among others, he used to work in Microsoft, European Organization for Nuclear Research (CERN), HISPASEC Sistemas (known from the virustotal.com project), Wroclaw Center for Networking and Supercomputing, Cigital. The main area of his research is low-level security (CPU arch, uCode, FW, hypervisor, kernel, OS). \n \n

As a hobby, he was a developer in The ERESI Reverse Engineering Software Interface project, a bughunter (discovered vulnerabilities in Hyper-V, KVM, RISC-V ISA, Intel\'s Reference Code, Intel/NVIDIA vGPU, Linux kernel, FreeBSD, OpenSSH, gcc SSP/ProPolice, Apache, Adobe Acrobat Reader, Xpdf, Torque GRID server, and more) and studied exploitation and mitigation techniques, publishing results of his research in Phrack Magazine. \n \n

Adam is driving a Pointer Masking extension for RISC-V, he is involved in many RISC-V security related extensions (including CFI), he is a co-author of a subchapter to Windows Internals and was twice The Pwnie Awards nominee (2021 and 2022) for the most under-hyped research. He was a speaker at well-known security conferences including Blackhat, DEF CON, Security BSides, Open Source Tech conf and more.

\nTwitter: @Adam_pi3
\n
SpeakerBio:Alex Tereshkin\n, Principal System Software Engineer (Offensive Security) at NVIDIA
\nAlex Tereshkin is an experienced reverse engineer and an expert in UEFI security, Windows kernel and hardware virtualization, specializing in rootkit technologies and kernel exploitation. He has been involved in the BIOS and SMM security research since 2008. He is currently working as a Principal Offensive Security Researcher at NVIDIA. He has done significant work in the field of virtualization-based malware and Windows kernel security. He is a co-author of a few courses taught at major security conferences and a co-author of the first UEFI BIOS and Intel ME exploits. In 2022 he was a Pwnie Awards nominee for the most under-hyped research.
\nTwitter: @AlexTereshkin
\n\n
\nDescription:
\nThe Baseboard Management Controller (BMC) is a specialized microcontroller embedded on the motherboard, typically used in servers and other enterprise-level hardware. The security of the BMC is critical to the overall security of the system, as it provides a privileged level of access and control over the hardware components of the system, including the ability to perform firmware updates, and even power the system on and off remotely. \n \n

When the internal offensive security research team was analyzing one of the NVIDIA hardware, they detected several remotely exploitable bugs in AMI MegaRAC BMC. Moreover, various elevations of privileges and \"change of scope\" bugs have been identified, many of which may be chained together resulting in a highest severity security issue. During this talk we would like to take you on the journey of the whole attack sequence: from having zero knowledge about a remote AMI BMC with enabled IPMI (yeah, right) to flashing a persistent firmware implant to the server SPI flash. The chain will be about a dozen bugs long, so buckle up. \n \n

\n
REFERENCES
\n
\n
\n\n\'',NULL,365228),('3_Saturday','16','15:30','16:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Breaking BMC: The Forgotten Key to the Kingdom\'','\'Adam Zabrocki,Alex Tereshkin\'','DC_ed4a0bbc9e6bf903b3b61e2782c8613c','\'\'',NULL,365229),('2_Friday','15','15:00','15:45','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'CON trolling the weather\'','\'Paz Hameiri\'','DC_a886f4f28fb966e332c656357e772d04','\'Title: CON trolling the weather
\nWhen: Friday, Aug 11, 15:00 - 15:45 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\n
SpeakerBio:Paz Hameiri\n, Hacker
\nPaz started his professional life more than 30 years ago, hacking games and developing tools in his teen years. Since then, he has worked in several companies, developing both hardware and software. Paz has six years of experience with telecommunication systems design and circuits.\n

For 14 years, Paz led multidisciplinary systems development as a systems engineer in the aerospace industry. At home, Paz explores ideas he finds interesting.\n

In 2019 he published a work on a body-tracking device that records keystrokes on a safe\'s keypad in Hakin9 Magazine. In 2021 he developed software that used a GPU as a digital radio transmitter and presented his work at DEF CON 29. In 2015 and 2019 he launched weather balloons with elementary school pupils.\n

\n\n
\nDescription:
\nNearly 1,800 weather balloons are launched across the world on any given day. As the balloon goes up it expands and pops at an altitude up to 33 Km (110K feet) above the earth.The flight payload is called a radiosonde. It measures pressure, temperature, relative humidity, position, and velocity during its flight, and transmits the data to a sounding receiver. One or two missing weather balloons won\'t impact the daily forecast. However, many missing balloons could lead to errors in weather models and forecasts. Weather balloons are also important for gathering weather data for satellite launches and human spaceflights, as launches are often delayed or scrubbed due to upper-level wind shear.\n

In this talk, I present a simulation framework for the most popular radiosonde model. It enables an attacker to generate radiosonde messages or alter logged messages for retransmission. I also present simulations of a jamming attack and a spoofing attack on a sounding receiver:\n

During a jamming attack, the receiver is unable to receive transmissions from active radiosondes.\n

During a spoofing attack, the transmitter sends fake radiosonde messages to a target receiver, identifying as an active radiosonde.\n

I\'ll talk about the shortcomings of the military variant of the radiosonde model and suggest a simple way to cope with spoofing attacks.\n

\n
REFERENCES
\n
Vredenbregt L., \"How many weather balloons are out there? Hundreds, it turns out\", https://abcnews.go.com/Politics/weather-balloons-hundreds-turns/story?id=97082985, Feb 13, 2023.\nDudley I., \"Weather balloons and rocket science\", https://www.vandenberg.spaceforce.mil/News/Features/Display/Article/737270/weather-balloons-and-rocket-science/\nbazjo, \"RS41 Decoding\", https://github.com/bazjo/RS41_Decoding\nrs1729, \"RS\", https://github.com/rs1729/RS\nprojecthorus, \"radiosonde_auto_rx\", https://github.com/projecthorus/radiosonde_auto_rx\nsondehub, https://github.com/projecthorus/radiosonde_auto_rx\n\"Upper-air Observations Program\", https://www.weather.gov/upperair/\nMass C., \"Wind Shear: When the Atmospheric Seems to be Tearing Itself Apart\", https://cliffmass.blogspot.com/2017/05/wind-shear-when-atmospheric-seems-to-be.html\nJessop M., \"Top Radiosonde types\", https://twitter.com/vk5qi/status/1170215238978830339\nLada B., \"3 weather obstacles that SpaceX faces when launching rockets into space\", https://www.accuweather.com/en/space-news/types-of-weather-that-can-delay-a-spacex-rocket-launch/352407\nNasa, \"Falcon 9 Crew Dragon Launch Weather Criteria\", FS-2020-05-568-KSC, www.nasa.gov\nFrielingsdorf J., \"An Open-Source Documentation and Implementation of the Vaisala RS41 Data Preparation Algorithms\", WMO Technical Conference on Meteorological and Environmental Instruments and Methods of Observation, Oct. 11, 2022\nCadence PCB Solutions, \"What is Signal to Noise Ratio and How to calculate it?\", https://resources.pcb.cadence.com/blog/2020-what-is-signal-to-noise-ratio-and-how-to-calculate-it\nVaisala, \"Vaisala Radiosonde RS41-SGP Data Sheet\", www.vaisala.com, B211444EN-E, 2017\nVaisala, \"Vaisala Radiosonde RS41-SG Data Sheet\", www.vaisala.com, B211321EN-K, 2020\nVaisala, \"Vaisala Radiosonde RS41-SGM Data Sheet\", www.vaisala.com, B211448EN-E, 2017
\n\n\'',NULL,365230),('2_Friday','14','14:30','15:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Second Breakfast: Implicit and Mutation-Based Serialization Vulnerabilities in .NET\'','\'Jonathan Birch\'','DC_663d7a8ea9b6bd61b41e931511f5cf07','\'Title: Second Breakfast: Implicit and Mutation-Based Serialization Vulnerabilities in .NET
\nWhen: Friday, Aug 11, 14:30 - 15:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Jonathan Birch\n, Principal Security Software Engineer at Microsoft
\nJonathan Birch is a Principal Security Software Engineer for Microsoft. He hacks Office. His previous talks include \"Host/Split: Exploitable Antipatterns in Unicode Normalization\" at Black Hat 2019 and \"Dangerous Contents - Securing .NET Deserialization\" at BlueHat 2017.
\n\n
\nDescription:
\nExploits of insecure serialization leading to remote code execution have been a common attack against .NET applications for some time. But it\'s generally assumed that exploiting serialization requires that an application directly uses a serializer and that it unsafely reads data that an attacker can tamper with. This talk demonstrates attacks that violate both of these assumptions. This includes serialization exploits of platforms that don\'t use well-known .NET serializers and methods to exploit deserialization even when the serialized data cannot be tampered with. Remote code execution vulnerabilities in MongoDB, LiteDB, ServiceStack.Redis, RavenDB, MartenDB, JSON.Net and the .NET JavaScriptSerializer are all demonstrated. Techniques to both scan for and mitigate these vulnerabilities are also discussed.\n
\n
REFERENCES
\n
* \"Are You My Type? Breaking .net Sandboxes Through Serialization\", James Forshaw, Black Hat 2012\n* \"Friday the 13th JSON Attacks\", Alvaro Muñoz & Oleksandr Mirosh, Black Hat 2017\n* See also: https://github.com/pwntester/ysoserial.net for useful payload generators.
\n\n\'',NULL,365231),('2_Friday','15','14:30','15:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Second Breakfast: Implicit and Mutation-Based Serialization Vulnerabilities in .NET\'','\'Jonathan Birch\'','DC_663d7a8ea9b6bd61b41e931511f5cf07','\'\'',NULL,365232),('4_Sunday','13','13:00','13:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Exploring Linux Memory Manipulation for Stealth and Evasion: Strategies to bypass Read-Only, No-Exec, and Distroless Environments\'','\'Carlos Polop,Yago Gutierrez\'','DC_6f73806f6f7d19f9602ca42f97de15e5','\'Title: Exploring Linux Memory Manipulation for Stealth and Evasion: Strategies to bypass Read-Only, No-Exec, and Distroless Environments
\nWhen: Sunday, Aug 13, 13:00 - 13:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Carlos Polop,Yago Gutierrez
\n
SpeakerBio:Carlos Polop\n, Web, Mobile & Cloud Pentesting Team Leader at Halborn
\nCarlos has a degree in Telecommunications Engineering with a Master in Cybersecurity.\nHe has worked mainly as Penetration Tester and Red Teamer for several companies, but also as developer and system administrator. He has several relevant certifications in the field of cybersecurity such as OSCP, OSWE, CRTP, eMAPT and eWPTXv2. He was captain of the Spanish team in the ECSC2021 and member of Team Europe for the ICSC2022.\n

Since he started learning cybersecurity he has tried to share his knowledge with the infosec community by publishing open source tools such as https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite and writing a free hacking book that anyone can consult at https://book.hacktricks.xyz.\n

\nTwitter: @hacktricks_live
\n
SpeakerBio:Yago Gutierrez\n, Offensive Security Researcher at Mollitiam Industries
\nYago is currently studying Telecommunications Engineering. He is an experienced C programmer, tolerates python and has extensive knowledge of Linux Internals. He works as a vulnerability researcher on binaries as well as malware on mobile systems. He is an occasional CTF player and has participated in the ECSC2020 as a member of the Spanish team.
\nTwitter: @arget1313
\n\n
\nDescription:
\nAs cyber threats continue to evolve, attackers constantly develop new methods for exploiting system vulnerabilities and evading detection. In this presentation, we will delve into cutting-edge techniques for manipulating Linux memory in highly constrained environments, such as read-only, no-exec, and distroless setups. These techniques can be utilized by sophisticated malware to remain stealthy and evade traditional security mechanisms.\n

We will begin by providing an overview of the unique challenges faced in these limited environments and discuss the reasons behind their increasing prevalence. Next, we will explore how attackers can exploit vulnerabilities within these constraints and demonstrate several novel methods for manipulating Linux memory.\n

Throughout the presentation, we will showcase real-world examples and provide step-by-step explanations for each technique, enabling attendees to gain a deeper understanding of how they can be employed by adversaries. Additionally, we will discuss potential countermeasures and mitigation strategies to help security professionals better defend against these emerging threats.\n

By attending this presentation, participants will gain valuable insights into the latest advancements in Linux memory manipulation and acquire the knowledge needed to anticipate and counter stealthy attacks in constrained environments. Whether you are a security researcher, a system administrator, or an ethical hacker, this session will equip you with the expertise necessary to stay ahead of the curve in the ever-evolving world of cybersecurity.\n

\n
REFERENCES
\n
Most of the parts of the developed technique for this presentation is just based on our knowledge and experience. However, it\'s true that some previous research was done in this topic by sektor7 in https://blog.sektor7.net/#!res/2020/meterp-inject-yt.md and David Buchanan in https://twitter.com/David3141593/status/1386663070991360001
\n\n\'',NULL,365233),('2_Friday','10','10:30','11:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Route to bugs: Analyzing the security of BGP message parsing\'','\'Daniel dos Santos,Simon Guiot\'','DC_a9129da736d3c474cfa38e48f06bd201','\'Title: Route to bugs: Analyzing the security of BGP message parsing
\nWhen: Friday, Aug 11, 10:30 - 11:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Daniel dos Santos,Simon Guiot
\n
SpeakerBio:Daniel dos Santos\n, Head of Security Research at Forescout
\nDaniel dos Santos is the Head of Security Research at Forescout\'s Vedere Labs, where he leads a team of researchers that identifies new vulnerabilities and monitors active threats. He holds a PhD in computer science, has published over 35 peer-reviewed papers on cybersecurity, has found or disclosed hundreds of CVEs and is a frequent speaker at security conferences.
\n
SpeakerBio:Simon Guiot\n, Security Researcher at Forescout
\nSimon Guiot has experience in software engineering and software vulnerability management. He is currently a Security Researcher at Forescout Technologies doing vulnerability and threat research.
\n\n
\nDescription:
\nThis talk discusses an overlooked aspect of Border Gateway Protocol (BGP) security: vulnerabilities in how its implementations parse BGP messages. Software implementing BGP is relied upon for Internet routing and for functions such as internal routing in large data centers. A lot of (deserved) attention is given to aspects of BGP protocol security discussed in RFC4272, which can be mitigated with the use of RPKI and BGPsec. However, recent BGP incidents show that it might take only a malformed packet to cause a large disruption. We will present a quantitative analysis of previous vulnerabilities in both open and closed-source popular BGP implementations and focus the talk on a new analysis of seven modern implementations. \n

Main findings in this research include:\n

    \n
  1. Some implementations process parts of OPEN messages before validating the BGP ID and ASN fields of the originating router, which means that only TCP spoofing is required to inject malformed packets.
  2. Three new vulnerabilities in a leading open-source implementation, which could be exploited to achieve denial of service on vulnerable peers, thus dropping all BGP sessions and routing tables and rendering the peer unresponsive. These vulnerabilities were found using a fuzzer we developed and will release to the community.
    \n
    REFERENCES
    \n
    \n \n
    \n
\n\n\'',NULL,365234),('2_Friday','11','10:30','11:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Route to bugs: Analyzing the security of BGP message parsing\'','\'Daniel dos Santos,Simon Guiot\'','DC_a9129da736d3c474cfa38e48f06bd201','\'\'',NULL,365235),('2_Friday','10','10:00','10:45','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Contain Yourself: Staying Undetected Using the Windows Container Isolation Framework\'','\'Daniel Avinoam\'','DC_e1147d5ce0a6fdaeea967098845a540d','\'Title: Contain Yourself: Staying Undetected Using the Windows Container Isolation Framework
\nWhen: Friday, Aug 11, 10:00 - 10:45 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:Daniel Avinoam\n, Security Researcher at Deep Instinct
\nAs a security researcher at Deep Instinct, Daniel develops and researches new defense capabilities.After serving for several years in the advanced technological cyber unit under the Israeli Air Force, Daniel has experience in the defensive side of cyber warfare, including forensics, incident response, development, reverse engineering, and research.
\n\n
\nDescription:
\nThe use of containers became an integral part of any resource-efficient and secure environment. Starting from Windows Server 2016, Microsoft released its version of this solution called Windows Containers, which offers either a process or Hyper-V isolation modes.\n

In both cases, an efficient file system separation should be provided. On one hand, each container should be able to access system files and write changes that will not affect the host. On the other, copying the entire main volume on each container launch will be storage-inefficient and not practical.\n \n

In this presentation, we will cover the basics of windows containers, break down its file system isolation framework, reverse-engineer its main mini-filter driver, and see how it can be utilized and manipulated by an actor to bypass EDR products in multiple domains. Eventually, we will provide an open-source tool based on these findings.\n \n

This technology caught my attention for several reasons:\n

\n\n\'',NULL,365236),('2_Friday','10','10:00','10:20','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Look Ma I\'m the CEO! Real-Time Video and Audio Deep-Fake!\'','\'Gal Zror\'','DC_d74831e67407744e515e600df2717703','\'Title: Look Ma I\'m the CEO! Real-Time Video and Audio Deep-Fake!
\nWhen: Friday, Aug 11, 10:00 - 10:20 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Gal Zror\n, Vulnerability Research Manager at CyberArk Labs
\nGal Zror (@waveburst) acts as the vulnerability research manager in CyberArk labs. Gal has over 12 years of experience in vulnerability research and he specializes in embedded systems and protocols. Besides research, he is also an amateur boxer and a tiki culture enthusiast.
\nTwitter: @waveburst
\n\n
\nDescription:
\nHey you, yeah you! Do you want to become a big company CEO but are too lazy to invest your life in chasing that position?\n \n

Now introducing DEFCON VIDEO-ART - DEep Fake CONversation for VIDEO and Audio in Real-Time! With DEFCON VIDEO-ART you can impersonate your favorite big-company CEO without doing the hard work! You can video call anyone in the company and tell them what to do because you look and sounds like the big boss! Reset passwords, ask for the latest confidential business reports, fire people, you name it!\n \n

Deep fake has been around for years, but only recently we have reached a point where real-time deep fake has become easy and accessible to execute. Join my talk where I show how I impersonate my company\'s CEO with videos and audio I found online. Then I\'ll share how with open-source tools and a decent GPU you can also impersonate your company\'s CEO!\n

\n\n\'',NULL,365237),('3_Saturday','09','09:30','10:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Badge of Shame: Breaking into Secure Facilities with OSDP\'','\'Dan \"AltF4\" Petro,David Vargas\'','DC_4a116896bed5e941c81280fa6e914362','\'Title: Badge of Shame: Breaking into Secure Facilities with OSDP
\nWhen: Saturday, Aug 12, 09:30 - 10:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Dan \"AltF4\" Petro,David Vargas
\n
SpeakerBio:Dan \"AltF4\" Petro\n, Senior Security Engineer at Bishop Fox
\nDan \"AltF4\" Petro is a Senior Security Engineer at Bishop Fox. Dan is widely known for the tools he creates: Eyeballer (a convolutional neural network pentest tool), the Rickmote Controller (a Chromecast-hacking device), Untwister (pseudorandom number generator cracker), and SmashBot (a merciless Smash Bros noob-pwning machine).
\n
SpeakerBio:David Vargas\n, Senior Security Consultant at Bishop Fox
\nDavid \"Shad0\" Vargas is a senior red teamer at Bishop Fox. He enjoyes breaking into secure facilities by exploiting physical, social and network security controls. In a past life, David designed a power system for a cube satellite to be launched into space.
\n\n
\nDescription:
\nBreaking into secure facilities used to be possible by inserting a listening device (such as an ESPKey) behind an RFID card reader and sniffing the unencrypted Wiegand badge numbers over the wire as they go to the backend controller. The physical security industry has taken notice and there\'s a new sheriff in town: The encrypted protocol OSDP which is starting to be rolled into production. Surely encryption will solve our problems and prevent MitM attacks right? ... right?\n \n

In this presentation, we\'ll demonstrate over a dozen vulnerabilities, concerning problems, and general \"WTF\"s in the OSDP protocol that let it be subverted, coerced, and totally bypassed. This ranges from deeply in-the-weeds clever cryptographic attacks, to boneheaded mistakes that undermine the whole thing. We will also demonstrate a practical pentesting tool that can be inserted behind an RFID badge reader to exploit these vulnerabilities.\n \n

Get your orange vest and carry a ladder, because we\'re going onsite!\n

\n
REFERENCES
\n
* ESPKey https://github.com/octosavvi/ESPKey\n* OSDP v2.2 Spec https://www.securityindustry.org/2020/12/15/security-industry-association-releases-version-2-2-of-sia-osdp-standard/ https://libosdp.gotomain.io/protocol/introduction.html\n* RS485 https://en.wikipedia.org/wiki/RS-485
\n\n\'',NULL,365238),('3_Saturday','10','09:30','10:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Badge of Shame: Breaking into Secure Facilities with OSDP\'','\'Dan \"AltF4\" Petro,David Vargas\'','DC_4a116896bed5e941c81280fa6e914362','\'\'',NULL,365239),('2_Friday','11','11:00','11:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'SpamChannel: Spoofing Emails From 2 Million+ Domains and Virtually Becoming Satan\'','\'Marcello \"byt3bl33d3r\" Salvati\'','DC_c9b56b903f6f051ab6b9a5fcdf72a8e3','\'Title: SpamChannel: Spoofing Emails From 2 Million+ Domains and Virtually Becoming Satan
\nWhen: Friday, Aug 11, 11:00 - 11:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Marcello \"byt3bl33d3r\" Salvati\n, Hacker & Entrepreneur
\nMarcello Salvati (byt3bl33d3r) is a hacker & entrepreneur with over a decade of experience as an Offensive Security Researcher, Blue/Purple/Red Teamer and Open Source developer. Marcello is known for creating a number of Open Source tools such as CrackMapExec and weaponizing unorthodox programming languages for malware purposes.
\nTwitter: @byt3bl33d3r
\n\n
\nDescription:
\nEver wake up and ask yourself: “Damn, how could I make email security suck even more today”? Tired of your Red Teams phishing emails not landing in your targets inbox? Do you dislike Boston (the city) and love Satan?\n

If you answered yes to any of those questions you should come to this talk!\n \n

I\'ll be showing you how to spoof emails from 2 million+ domains (while also “bypassing” SPF & DMARC!) by (ab)using a partnership between Cloudflare and the “biggest transactional email service” on the interwebs. We\'ll be diving into \"edge\" serverless applications and the magical world of email security where everything is (still) held up by duct tape, pasta, and marinara sauce. Finally, I’ll be dropping code and releasing a tool that demonstrates how to impersonate emails from 2million+ domains. \n

\n
REFERENCES
\n
\n \n
\n\n\'',NULL,365240),('3_Saturday','15','15:00','15:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Revolutionizing ELF binary patching with Shiva: A JIT binary patching system for Linux\'','\'Ryan \"ElfMaster\" O\'Neill\'','DC_ea0d3a4053c56b50a587b908e0d523ee','\'Title: Revolutionizing ELF binary patching with Shiva: A JIT binary patching system for Linux
\nWhen: Saturday, Aug 12, 15:00 - 15:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Ryan \"ElfMaster\" O\'Neill\n, CTO at Arcana Technologies
\nRyan \"ElfMaster\" O\'Neill, has been in the security scene since about 1997.\n

Ryan is well known for authoring the book \"Learning Linux binary analysis\" and for publishing many papers and technologies in the realm of binary protection, memory forensics, exploitation, security mitigations, virus design, kernel hacking and reverse engineering techniques. Ryan has been published in many of the classic journals such as Phrack, POC||GTFO, tmp.0ut and vxheaven. Much of Ryan\'s independent research has been published over the years on https://www.bitlackeys.org, and has many public technologies available on https://github.com/elfmaster. Ryan is also the founder of Arcana technologies https://arcana-technologies.io, a threat detection company based heavily on ELF forensics research. Ryan is currently building a new ELF binary patching system for Linux to solve the worlds hardest challenges in binary patching today.\n

\nTwitter: @ryan_elfmaster
\n\n
\nDescription:
\nThe esoteric art of patching ELF binaries has a long and fascinating history who\'s roots are deep within the hacking subculture; from ELF viruses to kernel rootkits. Silvio\'s 1997 \"UNIX Viruses\" paper taught us how to insert parasitic code into a page aligned text padding region. Many backdooring and hooking techniques have been revealed to us over the last 20 years-- perfect for hacking and injecting small patches and backdoors but on their own these techniques are limited, clunky and do not support the complexities of real-world patching problems in todays industry. Developers often need to fix complex bugs that exist within legacy ELF Binaries, no source code is available or the program cannot be recompiled.\n

Let me introduce you to Shiva. Shiva is a JIT binary patching system for ELF; A custom ELF interpreter that loads and links ELF relocatable patches at runtime. Shiva allows developers to write patches in rich C code to naturally express the rewriting of binary code at runtime, in a high level language. ELF binary patching solutions over the past two decades have been scarce; some notable research: Katana and ERESI come to mind as pioneers in the early examples of custom ELF linkers and binary patchers.\n

Shiva is a next-level solution that allows developers to quickly write patches in C with little to no reversing knowledge. Born out of 16 years of ELF research into virus design, binary patching, and extensive experience with writing custom linkers and loaders.\n

In this talk we will discuss foundations of ELF binary patching and it\'s close relationship with ELF linkers, loaders and even ELF virus technology. This passionate body of research is combined and imbued into Shiva to create a highly innovative and powerful product that helps bridge the gap between Developers and Reverse engineers in modern binary patching solutions for ELF. A new workflow for maintaning insecure legacy software with modular patching capabilities is on the rise!\n \n

Prepare for an indepth discussion of incredible new ELF hacking techniques and extensions. Old concepts such as userland-exec() brought back to life, and entirely new concepts such as \"Linker chaining\" to bring multiple dynamic linkers into a single process image. We will demonstrate complex patching scenarios, function splicing, program transformation, and even the weaponization of Shiva for writing sophisticated in-memory backdoors. Shiva; the ultimate ELF Binary hacker... aiming to solve the worlds most challenging binary patching problems today.\n

\n
REFERENCES
\n
--Papers--\n Grugq - userland execve: https://grugq.github.io/docs/ul_exec.txt\n Mayhem - Cerberus ELF interface: http://phrack.org/issues/61/8.html\n Silvio - UNIX Viruses and parasites: https://vxug.fakedoma.in/archive/VxHeaven/lib/vsc02.html\n James Oakley & Sergey Bratus - Katana: A hot patching framework: https://ieeexplore.ieee.org/document/5438048\n James Oakley & Sergey Bratus - Exploiting the hard working DWARF: https://www.cs.dartmouth.edu/~sergey/battleaxe/hackito_2011_oakley_bratus.pdf\n Mlaurenzano - PEBIL (An ELF patching framework) - https://github.com/mlaurenzano/PEBIL\n sd & devik - Linux on-the-fly kernel patching without LKM: phrack.org/issues/58/7.html\n jbtzhm - static kernel patching - https://phrack.org/issues/60/8.html\n Elfmaster - Modern ELF infection techniques of SCOP binaries (POC||GTFO: 20:07)\n Elfmaster - Preloading the linker for fun and profit: https://tmpout.sh/2/6.html (This paper presents the nucleus of Shiva)\n Mayhem - IA32 Advanced function hooking: http://phrack.org/issues/58/8.html\n Richinseattle - Hooking the ELF loader: http://phrack.org/issues/58/8.html\n Silvio - Shared library call redirection via PLT infection: http://phrack.org/issues/56/7.html\n Elfmaster - Kernel instrumentation using kprobes: http://phrack.org/issues/56/7.html\n Mayhem - Next generation ELF debuggers: https://www.blackhat.com/presentations/bh-europe-07/ERSI/Presentation/bh-eu-07-ersi-apr19.pdf
\n

--A note on the illustrious tmp.0ut zine: https://tmpout.sh\n \n

The crew at tmp.0ut are a tightly formed group ELF hackers and reversing enthusiasts who are continuing to research and publish awesome ELF research on a regular basis. I highly recommend their content, and am grateful for their many new contributions keeping the spirit of ELF hacking alive. Translated into nine different languages currently.\n \n

--Source code--\n \n

https://github.com/torvalds/linux/blob/master/fs/binfmt_elf.c (Source for Linux ELF loader)\n https://www.gnu.org/software/binutils (Source for for ELF /bin/ld)\n https://sourceware.org/git/glibc.git (Source code for ld-linux.so)\n https://github.com/elfmaster (My own ELF hacking related research)\n https://github.com/elfmaster/linker_preloading_virus (My first custom ELF interpreter)\n https://musl.libc.org/
\n https://github.com/bminor/binutils-gdb <- These GDB guys really don\'t get enough credit.\n \n

--Books--\n \n

Understanding the Linux kernel (Great book on kernel internals)\n Learning Linux binary analysis (elfmaster)\n Advanced programming in the UNIX environment (Richard Stevenson)\n Turbo C (Old book from the 80s I learned C from)\n

\n\n\'',NULL,365241),('3_Saturday','09','09:00','09:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Smashing the state machine: the true potential of web race conditions\'','\'James \"albinowax\" Kettle\'','DC_c274a4012a65b57fe4a3bafd640c95a1','\'Title: Smashing the state machine: the true potential of web race conditions
\nWhen: Saturday, Aug 12, 09:00 - 09:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:James \"albinowax\" Kettle\n, Director of Research at PortSwigger
\nJames \'albinowax\' Kettle is the Director of Research at PortSwigger, the makers of Burp Suite. He\'s best known for his HTTP Desync Attacks research, which popularised HTTP Request Smuggling. James has extensive experience cultivating novel attack techniques, including web cache poisoning, browser-powered desync attacks, server-side template injection, and password reset poisoning.\n \n

James is also the author of multiple popular open-source tools including Param Miner, Turbo Intruder, and HTTP Request Smuggler. He is a frequent speaker at numerous prestigious venues including both Black Hat USA and EU, OWASP AppSec USA and EU, and DEF CON.

\nTwitter: @albinowax
\n\n
\nDescription:
\nFor too long, web race-condition attacks have focused on a tiny handful of scenarios. Their true potential has been masked thanks to tricky workflows, missing tooling, and simple network jitter hiding all but the most trivial, obvious examples. In this session, I\'ll introduce multiple new classes of race condition that go far beyond the limit-overrun exploits you\'re probably already familiar with.\n \n

Inside every website lurks a state machine: a delicately balanced system of states and transitions that each user, session, and object can flow through. I\'ll show how to fire salvos of conflicting inputs at high-profile websites to make state machines collapse, enabling you to forge trusted data, misroute tokens, and mask backdoors.\n \n

To handle this explosion of attack surface, I\'ll share a polished methodology designed to help you eke out subtle tell-tale clues and scent blood long before sacrificing anything to the RNG gods. I\'ve also taken lore amassed over years of research into HTTP Desync Attacks and developed a strategy that can squeeze 30 requests sent from Melbourne to Dublin into a sub-1ms execution window. Alongside the open source tool, we\'ll also release free online labs so you can try out your new skillset immediately.\n

\n\n\'',NULL,365242),('3_Saturday','14','14:30','15:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Exploiting OPC-UA in Every Possible Way: Practical Attacks Against Modern OPC-UA Architectures\'','\'Noam Moshe,Sharon Brizinov\'','DC_51975216fbe0a45d44884d7a42d5b6ed','\'Title: Exploiting OPC-UA in Every Possible Way: Practical Attacks Against Modern OPC-UA Architectures
\nWhen: Saturday, Aug 12, 14:30 - 15:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Noam Moshe,Sharon Brizinov
\n
SpeakerBio:Noam Moshe\n, Vulnerability Researcher at Claroty Team82
\nNoam Moshe is a vulnerability researcher at Claroty Team82. Noam specializes in vulnerability research, web applications pentesting, malware analysis, network forensics and ICS/SCADA security. In addition, Noam presented in well-known Hacking conferences like Blackhat Europe, as well as won Master of Pwn at Pwn2Own Miami 2023.
\n
SpeakerBio:Sharon Brizinov\n, Director of Security Research at Claroty Team82
\nSharon Brizinov leads the Vulnerability Research at Team82, The Claroty Research. He specializes in OT/IoT vulnerability research, has participated in multiple Pwn2Own competitions, won Pwn2Own Miami 2023, and holds a DEFCON black badge.
\n\n
\nDescription:
\nOPC-UA is the most popular protocol today in ICS/SCADA and IoT environments for data exchanges from sensors to on-premises or cloud applications. OPC-UA is therefore the bridge between different OT trust zones and a crown jewel for attacks attempting to break security zones and crossover from the industrial to corporate networks.\n \n

We have been researching during the past two years dozens of OPC-UA protocol stack implementations being used in millions of industrial products. We focused on two main attack vectors: attacking OPC-UA servers and protocol gateways, and attacking OPC-UA clients. The research yielded unique attack techniques that targeted specific OPC-UA protocol specification pitfalls that enabled us to create a wide range of vulns ranging from denial of service to remote code execution.\n \n

For example, we explored OPC-UA features such as method call processing, chunking mechanisms, certification handling, complex variant structures, monitored items, race-conditions, and many more. For each part of the specification, we tried to understand its caveats and exploit them to achieve RCE, information leaks, or denial of service attacks.\n \n

In this talk, we will share our journey, methods, and release an open-source framework with all of our techniques and vulnerabilities to exploit modern OPC-UA protocol stacks. ,\nNoam Moshe is a vulnerability researcher at Claroty Team82. Noam specializes in vulnerability research, web applications pentesting, malware analysis, network forensics and ICS/SCADA security. In addition, Noam presented in well-known Hacking conferences like Blackhat Europe, as well as won Master of Pwn at Pwn2Own Miami 2023.\n

\n\n\'',NULL,365243),('3_Saturday','15','14:30','15:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Exploiting OPC-UA in Every Possible Way: Practical Attacks Against Modern OPC-UA Architectures\'','\'Noam Moshe,Sharon Brizinov\'','DC_51975216fbe0a45d44884d7a42d5b6ed','\'\'',NULL,365244),('3_Saturday','09','09:30','10:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'J4 Gate, The Hustler Poker Cheating Scandal investigation and how Hacking helped me do it\'','\'Scott \"Duckie\" Melnick\'','DC_07f644733077fd76f7667e89573387ae','\'Title: J4 Gate, The Hustler Poker Cheating Scandal investigation and how Hacking helped me do it
\nWhen: Saturday, Aug 12, 09:30 - 10:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Scott \"Duckie\" Melnick\n, Principal Security Research and Development at Bulletproof International
\nDuckie, aka “Scott Melnick,” started his shenanigans War Dialing on his Apple ][+ at an early age and has been attending Defcon and other hacking conferences for over 26 years. Scott currently heads the Security R&D team for Bulletproof, a part of Gaming Laboratories International. Specializing in casino gaming security, he spends his time hacking and reverse engineering electronic gaming devices such as slot machines, sneaking around casinos, getting kicked out of casinos, and speaking at gaming security and regulation events. Over the years, he has worked on many gaming fraud and security breach cases. Before joining Bulletproof, he served as the Vice President of Systems Software Development for a slot and table game maker and held various positions in the slot industry, leading mechanical and electrical engineering projects, overseeing security, and managing IT gaming operations, among other things. He is excited to be delivering his first Defcon presentation this year and contributing back to the hacker community.
\nTwitter: @duckie37
\n\n
\nDescription:
\nOn September 29th, 2022, one of the most controversial poker hand was played, winning an all-in $240K cash pot on the Hustler Casino Live poker stream (HCL) by newcomer Robbi Jade Lew. The controversy and accusations of cheating took the poker and media world by storm! Conspiracy theories emerged immediately within the media, podcasts and the internet sleuths, including crossover theories from the Chess cheating scandal, accusations of collusion with HCL employees, and advanced technology being used. This is the wild tale of my investigation into cheating live stream poker if it was done and what are all the ways I would do it. \n

I will also show how I utilized my experience from attending hacking conferences such as Defcon for over 26 years, the competitions and how I tapped into a broad range of resources throughout the years of making friends in the hacking community, reaching out to discord groups and doing that which isn’t covered in the academic world. This is why I am here; this is why you are here. \n

This war story contains treachery, wild technology theories, drama and current criminals on the run. But you, the audience must all decide. Is Robbi innocent or guilty? Was something missing? How would you have cheated?\n

REFERENCES: \n

\n\n\'',NULL,365245),('3_Saturday','10','09:30','10:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'J4 Gate, The Hustler Poker Cheating Scandal investigation and how Hacking helped me do it\'','\'Scott \"Duckie\" Melnick\'','DC_07f644733077fd76f7667e89573387ae','\'\'',NULL,365246),('3_Saturday','10','10:00','10:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Demystifying (& Bypassing) macOS\'s Background Task Management\'','\'Patrick Wardle\'','DC_9e5606e99d2c6050577ad2d8ff7df90c','\'Title: Demystifying (& Bypassing) macOS\'s Background Task Management
\nWhen: Saturday, Aug 12, 10:00 - 10:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Patrick Wardle\n, Objective-See Foundation
\nPatrick Wardle is the creator of the non-profit Objective-See Foundation, author of the “The Art of Mac Malware” book series, and founder of the \"Objective by the Sea\" macOS Security conference.\n

Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.\n \n

Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing books and free open-source security tools to protect Mac users.\n

\nTwitter: @patrickwardle
\n\n
\nDescription:
\nTo retain a foothold on an infected system, most Mac malware will persist; installing itself in a manner that ensures it will be automatically (re)launched each time the infected system is rebooted.\n \n

In macOS Ventura, Apple\'s rearchitected core persistence mechanisms and added a new security mechanism that alerts the user any time an item is persisted. As the former is both undocumented and implemented in a proprietary manner this poses a problem for existing security and forensics tools (that aim to heuristically detect malware via unauthorized persistence events). On the other hand, the latter is problematic to malware authors, who obviously want their malicious creations to persist without an alert being shown to the user.\n \n

In this talk, we\'ll indiscriminately provide solutions for all! First, we\'ll dive into the internals of macOS\'s Background Task Management (BTM) which, as we\'ll see, contains a central (albeit proprietary) repository of persistent items. Armed with this information, we\'ll release open-source code capable of programmatically enumerating all persistent items from BTM, ensuring security and forensics tools regain compatibility. We\'ll also highlight design weaknesses that malicious code could trivially employ to sidestep the new security features of BTM, such that persistence may still be silently achieved.\n

\n
REFERENCES
\n
https://piunikaweb.com/2023/01/30/macos-13-ventura-background-items-added-notification-issue/\nhttps://www.sentinelone.com/blog/apples-macos-ventura-7-new-security-changes-to-be-aware-of/
\n

Apple Documentation:
\nhttps://support.apple.com/guide/deployment/manage-login-items-background-tasks-mac-depdca572563/web\n

\n\n\'',NULL,365247),('4_Sunday','12','12:00','12:45','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Retro Exploitation: Using Vintage Computing Platforms as a Vulnerability Research Playground and Learning Environment\'','\'Wesley McGrew\'','DC_ce653b050d9d8656047b6ab8d2ea91eb','\'Title: Retro Exploitation: Using Vintage Computing Platforms as a Vulnerability Research Playground and Learning Environment
\nWhen: Sunday, Aug 13, 12:00 - 12:45 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Wesley McGrew\n, Senior Cyber Fellow at MartinFed
\nDr. Wesley McGrew directs research, development, and offensive cyber operations as Senior Cybersecurity Fellow for MartinFederal. He has presented on topics of penetration testing and and malware analysis at DEF CON and Black Hat USA and taught a self-designed course on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. Wesley has a Ph.D. in Computer Science from Mississippi State University for his research in vulnerability analysis of SCADA HMI systems.
\nTwitter: @McGrewSecurity
\n\n
\nDescription:
\nIt can be very difficult for those new to hacking to learn about vulnerability discovery and exploit development on modern operating systems and software. The complexity of a modern computing environment, developer awareness of security risks, and the iterative development of exploit mitigations over the past three decades has put up an intimidating wall in front of those who would be interested in learning about vulnerability research. Vintage computing environments can provide an interesting and fun playground environment for learning and experimenting with reverse engineering, vulnerability discovery, and exploit development.\n \n

In this talk, Wesley will discuss the setup of a complete environment for hacking software for the Commodore Amiga line of computers, a 16/32 bit computing platform of the late 80s and early 90s (not to mention a dedicated following of users and software today). He will describe the hardware environment, OS architecture, and the practically endless library of software that can be used as interesting targets of research. On-system development and debugging software will be described, as well as using the modern Ghidra disassembler. A case study of identifying and exploiting a vulnerability in a 1994 vintage FTP client will be discussed in technical detail. \n

\n
REFERENCES
\n
\n
\n\n\'',NULL,365248),('2_Friday','16','16:30','17:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Malware design - abusing legacy Microsoft transports and session architecture\'','\'R.J. \"BeetleChunks\" McDown\'','DC_f5bb4ca9248c0467a25add35a5b1e5ec','\'Title: Malware design - abusing legacy Microsoft transports and session architecture
\nWhen: Friday, Aug 11, 16:30 - 17:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:R.J. \"BeetleChunks\" McDown\n, Principal Red Teamer
\nR.J. McDown (BeetleChunks) is a computer scientist who has made a career out of hacking into numerous fortune 500 companies through consulting red team engagements and penetration tests. R.J. is an avid Python and C/C++ developer who has created custom tools for bypassing leading EDR solutions and OS based monitoring, including a tool released at DerbyCon 7 called RedSails. Every now and then R.J. turns his focus to developing fuzzing harnesses, which has led to the discovery of critical zero-day vulnerabilities in popular applications including Microsoft Outlook (CVE-2019-1199) and ManageEngine OpManager (CVE-2020-12116).
\nTwitter: @BeetleChunks
\n\n
\nDescription:
\nThe future isn’t certain, nor is the continued access to our compromised endpoints. At some point, every red team operator faces the gut-wrenching event of losing command and control (C2) access. This often occurs when post exploitation activity is detected and associated to the C2 process and channel. Further link analysis may lead to the discovery of other compromised endpoints, secondary C2, and compromised credentials. Needless to say, a single mistake can cause a huge disruption in access and even lead to the detriment of the entire engagement.\n \n

This talk will present and demonstrate the methodologies and techniques built into Obligato, a covert implant tasking and communications framework, designed with the primary objectives of breaking process chaining events, disassociating network communication from the implant, providing a means for maintaining or regaining access, and evading dynamic analysis.\n

Technical information will be explained and demonstrated at both high and low levels, so prior knowledge is not required. However, to get the most out of the talk, attendees are encouraged to have a basic understanding of general Windows architecture, networking, and programming concepts. \n

REFERENCES:
\n[1] Pyle, Ned. “The Beginning of the End of Remote Mailslots.” Tech Community, Microsoft, 8 Mar. 2023, https://techcommunity.microsoft.com/t5/storage-at-microsoft/the-beginning-of-the-end-of-remote-mailslots/ba-p/3762048.\n \n

[2] Corporation, Microsoft. “[MS-Mail]: Remote Mailslot Protocol.” [MS-MAIL], Microsoft, 25 June 2021, https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-MAIL/[MS-MAIL].pdf.\n \n

[3] Aggarwal, Avnish. “PROTOCOL STANDARD FOR A NetBIOS SERVICE.” IETF, RFC Editor, Mar. 1987, https://datatracker.ietf.org/doc/html/rfc1001.\n \n

[4] ATT&CK, MITRE. “Enterprise Techniques.” Techniques - Enterprise ,\nMITRE ATT&CK, MITRE ATTCK, 25 Oct. 2022, https://attack.mitre.org/techniques/enterprise/.\n \n

[5] Yosifovich, Author Pavel. “Parent Process vs. Creator Process.” Pavel Yosifovich, 10 Jan. 2021, https://scorpiosoftware.net/2021/01/10/parent-process-vs-creator-process/.\n \n

[6] Schwarz, Roland. “Thread Local Storage - the C++ WAY.” CodeProject, CodeProject, 28 Aug. 2004, https://www.codeproject.com/Articles/8113/Thread-Local-Storage-The-C-Way.\n \n

[7] The Chromium Authors. “Chromium/thread_local_storage_win.Cc at Main · Chromium/Chromium.” GitHub, The Chromium Project, Jan. 2012, https://github.com/chromium/chromium/blob/main/base/threading/thread_local_storage_win.cc.\n \n

[8] timb3r. “How to Find Hidden Threads - Threadhidefromdebugger - Antidebug Trick.” How to Find Hidden Threads - ThreadHideFromDebugger - AntiDebug Trick, Guided Hacking, 27 Dec. 2019, https://guidedhacking.com/threads/how-to-find-hidden-threads-threadhidefromdebugger-antidebug-trick.14281/.\n \n

[9] Chappell, Geoff. “THREADINFOCLASS.” Threadinfoclass, Jan. 1997, https://www.geoffchappell.com/studies/windows/km/ntoskrnl/api/ps/psquery/class.htm.\n \n

[10] GrantMeStrength. “GetMailslotInfo Function (Winbase.h) - win32 Apps.” Win32 Apps ,\nMicrosoft Learn, 10 Oct. 2021, https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-getmailslotinfo.\n \n

[11] Alvinashcraft. “Impersonation Tokens - win32 Apps.” Win32 Apps ,\nMicrosoft Learn, 1 July 2021, https://learn.microsoft.com/en-us/windows/win32/secauthz/impersonation-tokens.\n \n

[12] GrantMeStrength. “CreateProcessWithTokenW Function (Winbase.h) - win32 Apps.” Win32 Apps ,\nMicrosoft Learn, 2 Jan. 2023, https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createprocesswithtokenw.\n \n

[13] QuinnRadich. “WTSQUERYUSERTOKEN Function (WTSAPI32.H) - win32 Apps.” Win32 Apps ,\nMicrosoft Learn, 10 Dec. 2021, https://learn.microsoft.com/en-us/windows/win32/api/wtsapi32/nf-wtsapi32-wtsqueryusertoken.\n \n

[14] Karl-Bridge-Microsoft. “PEB (Winternl.h) - win32 Apps.” PEB (Winternl.h) - Win32 Apps ,\nMicrosoft Learn, 31 Aug. 2022, https://learn.microsoft.com/en-us/windows/win32/api/winternl/ns-winternl-peb.\n \n

[15] Yosifovich, Pavel. Windows 10 System Programming Part 1. Independently Published.\n \n

[16] Yosifovich, Pavel. Windows 10 System Programming Part 2. Independently Published.\n

\n\n\'',NULL,365249),('2_Friday','17','16:30','17:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Malware design - abusing legacy Microsoft transports and session architecture\'','\'R.J. \"BeetleChunks\" McDown\'','DC_f5bb4ca9248c0467a25add35a5b1e5ec','\'\'',NULL,365250),('1_Thursday','10','10:00','10:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Boston Infinite Money Glitch: Hacking Transit Cards Without Ending Up In Handcuffs\'','\'Matthew Harris,Noah Gibson,Scott Campbell,Zachary Bertocchi\'','DC_eaf8e026fc936898008984594ec06c3e','\'Title: Boston Infinite Money Glitch: Hacking Transit Cards Without Ending Up In Handcuffs
\nWhen: Thursday, Aug 10, 10:00 - 10:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Matthew Harris,Noah Gibson,Scott Campbell,Zachary Bertocchi
\n
SpeakerBio:Matthew Harris\n, Student at Medford Vocational Technical High School
\nA 17 year old and lead hackerman of the group. He likes breaking stuff and doesn’t take kindly to being told what to do. He’s a proud (and maybe annoying) neovim and Linux user, knows how to ride a bike (without training wheels), and is a very opinionated Rustacean despite barely knowing how to use the language.
\n
SpeakerBio:Noah Gibson\n, Hacker
\nA soccer fan and web developer. In his free time he enjoys kicking a ball, drawing, and programming.
\n
SpeakerBio:Scott Campbell\n, Hacker
\nA heathen who writes things in Bash, holder of a fishing license in the Commonwealth of Massachusetts, and the proud angler of several minnows. Refuses to learn Rust even though it is better than his silly little non memory safe languages in every way.
\n
SpeakerBio:Zachary Bertocchi\n, Hacker
\nHe holds a learners permit, is a seasoned fare machine maker, and even graduated 11th grade! He has successfully made it to the ripe old age of 17, and is an enthusiastic 3D modeler.
\n\n
\nDescription:
\nWho likes paying to ride the subway? Sure, you could hop the fare gates, but that can be athletically challenging and simply isn’t cool enough for our tastes. What’s a mischievous and miserly rider to do, then? Hack the fare system of course!\n

In this talk we\'ll walk you through how we, four high school students and cybersecurity noobs became the first to fully reverse engineer Boston’s CharlieCard fare system and earn ourselves free rides for life… or at least until the system gets fixed, whichever comes first.\n

We’ll start by exploring the trials and tribulations of exploring the hardware behind the CharlieCards. Next, we’ll dive into the emotional rollercoaster of reverse engineering the black box that is a transit card system older than us. We’ll then explain the process of disclosing our findings to a government agency without having to hire a legal team. Finally, we’ll show you a demo of some of the tools we made, including our own portable fare machine!\n

By the end of our talk, regardless of whether you’re an avid RFID hackerman, or a complete noob, we’ll leave you with useful reverse engineering strategies, tips for working with a government agency, and if nothing else, a fun story. \n

\n
REFERENCES
\n
\n

Andersen, Zack. Anatomy of a Subway Hack. 10 August 2008, https://file.wikileaks.org/file/anatomy-of-a-subway-hack.pdf.\n

Bray, Hiawatha. “Your CharlieCard can be hacked by an Android phone, MBTA admits.” The Boston Globe, 8 December 2022, https://www.bostonglobe.com/2022/12/08/business/your-charliecard-can-be-hacked-by-an-android-phone-mbta-admits/?p1=HP_Feed_AuthorQuery. Accessed 18 April 2023.\n

“CharlieCard.” Wikipedia, https://en.wikipedia.org/wiki/CharlieCard. Accessed 18 April 2023.\n

Courtois, Nicolas. “Hacking Mifare Classic Cards.” Black Hat, 21 October 2014, https://www.blackhat.com/docs/sp-14/materials/arsenal/sp-14-Almeida-Hacking-MIFARE-Classic-Cards-Slides.pdf. Accessed 18 April 2023.\n

iceman001. “RfidResearchGroup/proxmark3: The Iceman fork of Proxmark3 / RFID / NFC reader, writer, sniffer and emulator.” GitHub, https://github.com/RfidResearchGroup/proxmark3. Accessed 23 April 2023.\n

“nfc-tools/mfcuk: MiFare Classic Universal toolKit (MFCUK).” GitHub, https://github.com/nfc-tools/mfcuk. Accessed 23 April 2023.\n

“nfc-tools/mfoc: Mifare Classic Offline Cracker.” GitHub, https://github.com/nfc-tools/mfoc. Accessed 23 April 2023.\n

Rauch, Bobby. “Operation Charlie: Hacking the MBTA CharlieCard from 2008 to Present.” Medium, 8 December 2022, https://medium.com/@bobbyrsec/operation-charlie-hacking-the-mbta-charliecard-from-2008-to-present-24ea9f0aaa38. Accessed 18 April 2023.\n

\n\n\'',NULL,365251),('2_Friday','17','17:00','17:20','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'HL7Magic: Medical Data Hacking Made Easy\'','\'Katie Inns\'','DC_800dee8ac94269627e0ed6ef7f493f3d','\'Title: HL7Magic: Medical Data Hacking Made Easy
\nWhen: Friday, Aug 11, 17:00 - 17:20 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Katie Inns\n, Security Consultant at WithSecure
\nKatie Inns is a Security Consultant in the Attack Surface Management (ASM) team at WithSecure. Katie has 6 years’ experience in the security industry, working in consulting and within an in-house security team focusing on vulnerability management and application security. Katie has spoken about the topic of ASM at conferences such as BlueTeam Con and conINT and holds the OSCP certification. Dancing has been Katie\'s hobby for 25 years and she also loves to listen to and play music.
\n\n
\nDescription:
\nIn recent years, the use of internet-connected devices has become more prevalent in the healthcare sector, particularly as a means to communicate patient data. Therefore, it is essential that security testing is carried out against these devices to identify misconfigurations that could cause a severe impact, such as the prescription of incorrect drugs.\n

Modern healthcare protocols such as FHIR (Fast Healthcare Interoperability Resources) use the HTTP protocol to communicate, making security testing relatively straightforward. However, the use of older protocols such as HL7 (Health Level Seven) is more widespread across medical devices in the industry. These protocols are bespoke and difficult to read or intercept using current commercial and open-source security tooling, making testing of these devices challenging and cumbersome.\n

To address this challenge, I have developed a tool (HL7Magic) to provide security testers with an easier method of intercepting and changing HL7 messages sent to and from medical devices. This tool was created for the purpose of being integrated into Burp Suite as an extension, although it can exist independently.\n

After talking about how the HL7Magic was created, I will give a short demonstration using the tool for security research purpose or to identify existing CVE’s across your estate. HL7Magic will be open sourced and collaborations to improve it further will be welcomed.\n

REFERENCES: \n

Forescout - Connected Medical Device Security: https://www.forescout.com/resources/connected-medical-device-security-a-deep-dive-into-healthcare-networks/\n

Dallas Haselhorst - HL7 Medical Attacking and Defending: https://linuxincluded.com/hl7-medical-attacking-defending/\n

Anirudh Duggal - Understanding HL7 2.X Standards, Pen Testing and Defending HL7 2.X Messages: https://www.youtube.com/watch?v=MR7cH44fjrc\n \n

Saurabh Harit - Breaking Bad: Stealing Patient Data Through Medical Devices: https://www.blackhat.com/docs/eu-17/materials/eu-17-Harit-Breaking-Bad-Stealing-Patient-Data-Through-Medical-Devices.pdf\n \n

Christian Dameff, Maxwell Bland, Kirill Levchenko, Jeff Tully - Pestilential Protocol: How Unsecure HL7 Messages Threaten Patient Lives: https://i.blackhat.com/us-18/Thu-August-9/us-18-Dameff-Pestilential-Protocol-How-Unsecure-HL7-Messages-Threaten-Patient-Lives-wp.pdf\n \n

HL7apy: https://crs4.github.io/hl7apy/tutorial/index.html#\n

\n\n\'',NULL,365252),('3_Saturday','11','11:30','12:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Apple\'s Predicament: NSPredicate Exploitation on macOS and iOS\'','\'Austin Emmitt\'','DC_5744be20af288e4a7e19ff13846a7d2f','\'Title: Apple\'s Predicament: NSPredicate Exploitation on macOS and iOS
\nWhen: Saturday, Aug 12, 11:30 - 12:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Austin Emmitt\n, Senior Security Researcher at Trellix Advanced Research Center
\nAustin Emmitt is a vulnerability researcher with a background in mobile security. He has found critical vulnerabilities in Android, iOS, and other platforms. He is also the creator of the radius2 symbolic execution framework.
\nTwitter: @alkalinesec
\n\n
\nDescription:
\nIn 2021 the FORCEDENTRY sandbox escape introduced the usage of NSPredicate in an iOS exploit. This new technique allowed attackers to sidestep codesigning, ASLR, and all other mitigations to execute arbitrary code on Apple devices. As a result, Apple put in place new restrictions to make NSPredicate less powerful and less useful for exploits. This presentation will cover new research showing that these added restrictions could be completely circumvented in iOS 16, and how NSPredicates could be exploited to gain code execution in many privileged iOS processes. This technical deep dive will be a rare instance of iOS security that anyone can comprehend without years of experience.\n \n

After an overview of the classes involved, we will explore the full syntax of NSPredicate and cover how it can be used to script the Objective-C runtime and even call any C function. It will be shown that PAC can still be bypassed 100% reliably with NSPredicates in order to execute any function with arbitrary arguments. A new tool will be unveiled to help craft complex NSPredicates to execute arbitrary code and inject those predicates in any application. Additionally, a demonstration will be given which executes arbitrary code in the highly privileged Preferences app. \n \n

Finally, the talk will cover a bypass of NSPredicateVisitor implementations which allows a malicious process to evaluate any NSPredicate within several system processes including coreduetd, appstored, OSLogService, and SpringBoard. Next there will be a live demo of exploiting SpringBoard to steal a user’s notifications and location data. The presentation will end with some discussion about what can still be done with NSPredicates now that these issues have been fixed, including bypassing App Store Review, and what app developers should know to keep their own apps safe. \n

REFERENCES: \n

NSPredicate - https://developer.apple.com/documentation/foundation/nspredicate?language=objc\nSee No Eval: Runtime Dynamic Code Execution in Objective-C by CodeColorist - https://codecolor.ist/2021/01/16/see-no-eval-runtime-code-execution-objc/\nFORCEDENTRY: Sandbox Escape by Ian Beer & Samuel Groß of Google Project Zero - https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html\n

\n\n\'',NULL,365253),('3_Saturday','12','11:30','12:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Apple\'s Predicament: NSPredicate Exploitation on macOS and iOS\'','\'Austin Emmitt\'','DC_5744be20af288e4a7e19ff13846a7d2f','\'\'',NULL,365254),('3_Saturday','13','13:00','13:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Looking into the future, what can we learn about hacking in science-fiction?\'','\'Nicolas Minvielle,Xavier Facélina\'','DC_db195d39dd4130f5ecde6d4ae9710794','\'Title: Looking into the future, what can we learn about hacking in science-fiction?
\nWhen: Saturday, Aug 12, 13:00 - 13:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Nicolas Minvielle,Xavier Facélina
\n
SpeakerBio:Nicolas Minvielle\n, Making Tomorrow
\nformer brand manager for Philippe Starck, professor, researcher and fututirst. Nicolas is also the head of the French Armie’s Science Fiction red Team
\n
SpeakerBio:Xavier Facélina\n, Seclab
\nXavier Facélina ­â€” former hacker, self taught entrepreneur, founded 3 cybersecurity companies including SECLAB, cybersecurity company protecting cyberphysical system (real world !) from cyberattacks. \n

Xavier has 25 years of experience in cybersecurity with a focus on digital war and cyberdefense. How he gets into this? By seeing the Wargames movie at the age of 8! Today, he still watch movies and read books and comics to anticipate what is coming.\n

\n\n
\nDescription:
\nThe links between science fiction and reality have been demonstrated in numerous research studies. By speculating about the possible future uses of technologies under development, science fiction shows us plausible futures. In this sense, it allows us, as a society, to popularize and debate the consequences (expected or not) of our technological developments. In addition to this not negligible social role science fiction also has an impact on our current developments. We speak here of \"loop-looping\", i.e. there is a feedback loop between what science fiction shows us and what we are then led to actually develop. From this point of view, our imaginations are performative, and this is perhaps the most critical issue: what I see can happen. In the case of hacking and cybersecurity, a particular phenomenon is added: the general public\'s knowledge of these subjects is mainly through the fictions they watch, read, or listen to. We propose to analyze a corpus of 200 fictional attacks, and 800 real attacks and to compare them to define if the imaginary ones are predictive if they inform us or on the contrary mislead us as for the reality of the current attacks. \n

REFERENCES: \n

The subject of imaginaries is a key subject of the work of the Making Tomorrow collective co-founded by Nicolas Minvielle. As such, he has been able to conduct numerous studies aimed at analyzing the impact of science fiction on a given practice.\n

A book has been published on the subject and is available online in pdf format:\nMinvielle, N. & Wathelet, O. & Lauquin, M. & Audinet, P., Design fiction for your organization, Making Tomorrow (2020), http://making-tomorrow.mkrs.fr/wp-content/uploads/2020/04/Making-Tomorrow-Design-Fiction-and-more-for-your-organization.pdf \n

Academic references on this subject: \n \n

Brake, Mark, and Neil Hook, Different Engines: How Science Drives Fiction and Fiction Drives Science (London New York: Macmillan, 2008)\n \n

Carpenter, C. (2016). Rethinking the Political / -Science- / Fiction Nexus: Global Policy Making and the Campaign to Stop Killer Robots. Perspectives on Politics, 14(1), 53-69. doi:10.1017/S1537592715003229\n \n

Jones, C., & Paris, C. (2018). It’s the End of the World and They Know It: How Dystopian Fiction Shapes Political Attitudes. Perspectives on Politics, 16(4), 969-989. doi:10.1017/S1537592718002153\n \n

Kevin L Young, Charli Carpenter, Does Science Fiction Affect Political Fact? Yes and No: A Survey Experiment on “Killer Robots”, International Studies Quarterly, Volume 62, Issue 3, September 2018, Pages 562–576, https://doi.org/10.1093/isq/sqy028\n \n

Kirby, David A., Lab Coats in Hollywood: Science, Scientists, and Cinema (Cambridge, Mass: MIT Press, 2011)\n \n

Maynard, Andrew D., Films from the Future: The Technology and Morality of Sci-Fi Movies (Coral Gables: Mango Publishing, 2018)\n \n

Seed, David, ed., Future Wars: The Anticipations and the Fears, Liverpool Science Fiction Texts and Studies, 42 (Liverpool: Liverpool Univ. Press, 2012)\n \n

Shedroff, Nathan, and Christopher Noessel, Make It so: Interaction Design Lessons from Science Fiction(Brooklyn, N.Y., USA: Rosenfeld Media, 2012)\n \n

Telotte, J. P., Replications: A Robotic History of the Science Fiction Film (Urbana: University of Illinois Press, 1995)\n \n

Westfahl, Gary, Wong Kin Yuen, and Amy Kit-sze Chan, eds., Science Fiction and the Prediction of the Future: Essays on Foresight and Fallacy, Critical Explorations in Science Fiction and Fantasy, 27 (Jefferson, N.C: McFarland, 2011)\n \n

Appadurai, Arjun, ed., The Future as Cultural Fact: Essays on the Global Condition (London: New York : Verso Books, 2013)\n \n

Here, a video (6’30 to 17’) of Xavier Facélina in 2017 inviting a panel to thing about cybersecurity from a different angle ; and with science fiction references (in French) :\nhttps://youtu.be/PIVwcu-HhQo\n \n

Here, a video (8’55 to 29’55) of Nicolas Minvielle talking about the impact of science fiction in innovation (in French) : https://www.youtube.com/live/oK-k3AqdXBc?feature=share\n

\n\n\'',NULL,365255),('3_Saturday','11','11:30','12:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Physical Attacks Against Smartphones\'','\'Christopher Wade\'','DC_827f676724fcfcf4ef211efaaba775f6','\'Title: Physical Attacks Against Smartphones
\nWhen: Saturday, Aug 12, 11:30 - 12:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:Christopher Wade\n, Hacker
\nChristopher (@Iskuri1) is a seasoned security researcher. His main focuses are in reverse engineering firmware and fingerprinting USB and NFC vulnerabilities, with his key strength lying in bootloader exploitation.
\nTwitter: @Iskuri1
\n\n
\nDescription:
\nAndroid devices are constantly improving their security to protect against attackers with physical access, with new protection techniques being added year-by-year. This talk aims to demonstrate vulnerabilities in modern Android smartphones that are still viable, despite the mitigations in place.\n \n

In the first phase of this talk, we will discuss analysis and exploitation of vendor-customised versions of Android\'s Recovery mode, demonstrating weaknesses that allow for privilege escalation to root, and traversal from Recovery to Android, without Bootloader access, using nothing but a Micro SD card.\n \n

In the second phase, we will discuss weaknesses in the Secondary Bootloader of devices produced by a popular smartphone manufacturer. We will demonstrate how, using a vulnerability in the core USB stack, code execution can be achieved, and a modified Android image can be booted, without compromising the functionality of the device.\n

\n\n\'',NULL,365256),('3_Saturday','12','11:30','12:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Physical Attacks Against Smartphones\'','\'Christopher Wade\'','DC_827f676724fcfcf4ef211efaaba775f6','\'\'',NULL,365257),('2_Friday','12','12:30','13:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Defender-Pretender: When Windows Defender Updates Become a Security Risk\'','\'Omer Attias,Tomer Bar\'','DC_14486587eb0d8f685987508e8626ea49','\'Title: Defender-Pretender: When Windows Defender Updates Become a Security Risk
\nWhen: Friday, Aug 11, 12:30 - 13:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Omer Attias,Tomer Bar
\n
SpeakerBio:Omer Attias\n, Security Researcher at SafeBreach Labs
\nOmer Attias is an accomplished security researcher with over five years of experience in the field of cybersecurity. He currently works as a researcher at SafeBreach Labs.\n

With a background in the Ministry of Defense and the Israeli Defense Forces (IDF), Omer has honed his skills in network research, including a deep understanding of Windows internals and Linux kernel components.\n

In addition to his professional pursuits, Omer is a passionate technology and science enthusiast who is always eager to explore emerging trends and innovations in these fields.\n

\nTwitter: @@omerat21
\n
SpeakerBio:Tomer Bar\n, VP of Security Research at SafeBreach Labs
\nTomer Bar is a hands-on security researcher with 20 years of unique experience in cyber security. He leads SafeBreach Labs as the VP of security research. In the past, he ran research groups for the Israeli government and then led the endpoint malware research for Palo Alto Networks. His main interests are vulnerability research, reverse engineering, and APT research.\n

Among his recent discoveries are the PrintDemon vulnerabilities in the Windows Spooler mechanism which were a candidate in the best privilege escalation of Pwnie awards and several research studies on Iranian APT campaigns. He presented his research at DEF CON (28-30), BlackHat USA, ReCon, Sector, Confidence, Security Fest and HackCon conferences.\n

\n\n
\nDescription:
\nThe signature update process is critical to EDR\'s effectiveness against emerging threats. The security update process must be highly secured, as demonstrated by the Flame malware attack that leveraged a rogue certificate for lateral movement. Nation-state capabilities are typically required for such an attack, given that signature update files are digitally signed by Microsoft.\n

We wondered if we could achieve similar capabilities running as an unprivileged user without possessing a rough certificate, instead we aimed to turn the original Windows Defender process to our full control.\n

In this talk we will deep dive into Windows Defender architecture, the signature database format and the update process, with a focus on the security verification logic. We will explain how an attacker can completely compromise any Windows agent or server, including those used by enterprises, by exploiting a powerful 0day vulnerability that even we didn\'t expect to discover.\n

We will demonstrate Defender-Pretender, a tool we developed to achieve neutralization of the EDR. allowing any already known malicious code to run Fully Un-Detected. It can also force Defender to delete admin’s data. OS and driver files, resulting in an unrecoverable OS. We will also explain how an attacker can alter Defender\'s detection and mitigation logic.\n

\n\n\'',NULL,365258),('2_Friday','13','12:30','13:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Defender-Pretender: When Windows Defender Updates Become a Security Risk\'','\'Omer Attias,Tomer Bar\'','DC_14486587eb0d8f685987508e8626ea49','\'\'',NULL,365259),('2_Friday','14','14:30','15:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Getting a Migraine - uncovering a unique SIP bypass on macOS\'','\'Anurag Bohra,Jonathan Bar Or,Michael Pearse\'','DC_c5232c286741f5d56ee772b9df4804ac','\'Title: Getting a Migraine - uncovering a unique SIP bypass on macOS
\nWhen: Friday, Aug 11, 14:30 - 15:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Anurag Bohra,Jonathan Bar Or,Michael Pearse
\n
SpeakerBio:Anurag Bohra\n, Security Researcher at Microsoft
\nAnurag Bohra is a Security Researcher 2 at Microsoft focusing on macOS security. His interests includes Reverse Engineering, Malware Analysis, Vulnerability Research, hardware security and also loves building tools on the same.
\n
SpeakerBio:Jonathan Bar Or\n, Security Researcher at Microsoft
\nJonathan Bar Or (\"JBO\") is a Principal Security Researcher at Microsoft, working as the Microsoft Defender research architect for cross-platform. Jonathan has rich experience in vulnerability research, exploitation, cryptanalysis, and offensive security in general.
\nTwitter: @yo_yo_yo_jbo
\n
SpeakerBio:Michael Pearse\n, Security Researcher at Microsoft
\nMicheal Pearse started out as an embedded developer for anti-ICBM missiles. Micheal got into reversing by trying to understand how counterstrike works and the underlying mechanics of C++. In his vulnerability research journey, Michael started with home routers, worked my way up to industrial devices, and eventually found and exploited local priv escalations for Windows.
\n\n
\nDescription:
\nSystem Integrity Protection (SIP) is a macOS technology that limits the capabilities of the root user, most notably - it maintains the integrity of the operating system by preventing loading of untrusted kernel extensions and protecting sensitive filesystem locations.\n

In this talk we will uncover a method to bypass SIP and create undeletable malware that can later load arbitrary kernel extensions. We will explain our methodology, detail our exploitation strategy and the reverse engineering involved. Lastly, we will explain how to look for similar SIP bypasses and outline a generic detection strategy for Blue Teams.\n

\n
REFERENCES
\n
https://objective-see.com/blog/blog_0x14.html\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9771\nxrootless/\">https://www.theregister.com/2016/03/30/apple_osxrootless/\nhttps://www.microsoft.com/en-us/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/\nhttps://jhftss.github.io/CVE-2022-26712-The-POC-For-SIP-Bypass-Is-Even-Tweetable/
\n\n\'',NULL,365260),('2_Friday','15','14:30','15:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Getting a Migraine - uncovering a unique SIP bypass on macOS\'','\'Anurag Bohra,Jonathan Bar Or,Michael Pearse\'','DC_c5232c286741f5d56ee772b9df4804ac','\'\'',NULL,365261),('2_Friday','17','17:00','17:45','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'Legend of Zelda: Use After Free (TASBot glitches the future into OoT)\'','\'Allan \"dwangoAC\" Cecil\'','DC_11bc76d2d69ea7cae4163c6e615756a3','\'Title: Legend of Zelda: Use After Free (TASBot glitches the future into OoT)
\nWhen: Friday, Aug 11, 17:00 - 17:45 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\n
SpeakerBio:Allan \"dwangoAC\" Cecil\n, Founder and BDFL at TASBot
\nAllan Cecil (dwangoAC) is the founder and BDFL of the TASBot online community. He is part of the senior staff for TASVideos.org, a website devoted to using emulators to find glitches and techniques to play video games perfectly. He is a published journal author, patent holder, and presenter with talks at DEF CON, GeekPwn, Thotcon, May Contain Hackers, and other hacker conferences. He uses his combined hacking interests for good at charity events like Games Done Quick to entertain viewers with never-before-seen glitches in games, with events he\'s led raising more than $1.3m for various charities.
\nTwitter: @MrTASBot
\n\n
\nDescription:
\nHow can a Use After Free exploit in Ocarina of Time lead to a cute robot taking over an entire N64 to put the future (and the Triforce) in the game using only button presses? This talk dives into the technical details of how a Use After Free exploit, Arbitrary Code Execution, and multiple bootstrap stages allowed TASBot to take full control of an original, unmodified cart and console in front of a live audience during SGDQ 2022 with the help of Sauraen and Savestate, helping raise more than $228k for charity. This talk uses engaging explainer graphics courtesy of RGME to dig into how a Use After Free vulnerability can be exploited as well as a live demo showing the significant social impact of the exploit Here Together, in the past year and into the future. \n
\n
REFERENCES
\n
\n

### Project Info
\n[FAQs](https://gettriforce.link/faq)
\n[Credits](https://gettriforce.link/credits)\n[Retro Game Mechanics Explained explainer video, contents used with permission from IsoFrieze](https://www.youtube.com/watch?v=qBK1sq1BQ2Q)\n

## Source code
\n[Triforce% Source code release](https://github.com/triforce-percent/triforce-percent)\n

### Articles posted about Triforce%
\n[Ars Technica](https://arstechnica.com/gaming/2022/07/how-zelda-fans-changed-the-ending-to-ocarina-of-time-on-a-vanilla-n64/)\n[Forever Classic Games](https://foreverclassicgames.com/news/2022/7/tasbot-summer-games-done-quick-sgdq2022-zelda-link-triforce)\n[Zelda Dungeon](https://www.zeldadungeon.net/ocarina-of-time-speedrunners-obtain-the-triforce-in-wild-beta-showcase/)\n[Zelda Universe](https://zeldauniverse.net/2022/07/05/games-done-quick-features-astonishing-ocarina-of-time-beta-demonstration/)\n[PC Gamer](https://www.pcgamer.com/this-zelda-speedrun-built-on-urban-legends-is-an-all-time-gaming-moment/)\n[NintendoLife](https://www.nintendolife.com/news/2022/07/watch-this-insane-triforcepercent-speedrun-turns-zelda-ocarina-of-time-into-breath-of-the-wild)\n[GoNintendo](https://gonintendo.com/contents/5979-speedrunning-trick-turns-zelda-ocarina-of-time-into-breath-of-the-wild)\n

### Setup info
\n[Savestate’s notes on how to do the setup by hand](https://docs.google.com/document/d/1fglILK3PdZoT1uISGMJKzsm-wZ2tP5652ayjR86QNDU)\n[BizHawk savestate of gz macro to do setup](https://drive.google.com/file/d/1tbG5TcfgXAnaxGnA_DubNcAtJR--wCeb/view?usp=sharing)\n[BizHawk build needed for compatibility with that savestate](https://drive.google.com/file/d/1K_LOyQX2MRTDOEASBbHPHltTcMB1ZDdm/view?usp=sharing)\n

### Raw video and photo assets for Triforce%:\n[Clean run video (for taking footage from)](https://www.youtube.com/watch?v=PZNywtNOe9U)\n[HD partial run video (for taking screenshots for branding)](https://www.youtube.com/watch?v=NNRqK1AQ_VY)\n[HD screenshots folder](https://drive.google.com/drive/folders/1uA5L-3pM1gBm_FDIDFX9zB5qrqo1Q1Cv?usp=sharing)\n

### Partner and reactor links
\n[SwankyBox](https://www.youtube.com/watch?v=1_RighmL04g)\n[Hard4Games](https://www.youtube.com/watch?v=f9cCtRYMKm4)\n[HMK](https://www.youtube.com/watch?v=mk1WwOu_AQQ) ([Interview](https://www.youtube.com/watch?v=buy6EcI2NKc))\n[TetraBitGaming](https://www.youtube.com/watch?v=gJ1hSMClhMI)\n

### OST Published By SiIvaGunner
\n[YouTube](https://www.youtube.com/watch?v=E1OYYi2Vzro&list=PLL0CQjrcN8D3qRiR5WUL5l_bPo2sIzdfr&index=155)\n[SoundCloud](https://soundcloud.com/sauraen/sets/triforce-percent)\n[SiIvaGunner wiki page](https://siivagunner.fandom.com/wiki/Triforce%25_SGDQ_Run)\n[SiIvaGunner joke explanations](https://gettriforce.link/siiva_jokes)\n

## Credits
\nThe primary director of Triforce% was Sauraen with Savestate as the human speedrunner and dwangoAC as the Producer; over two dozen people contributed, with full credits listed at https://gettriforce.link/credits\n

\n\n\'',NULL,365262),('3_Saturday','14','14:30','15:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Contactless Overflow: Code execution in payment terminals and ATM’s over NFC\'','\'Josep Pi Rodriguez\'','DC_7eef6cf80171d4dadbaecbe4c4f33b76','\'Title: Contactless Overflow: Code execution in payment terminals and ATM’s over NFC
\nWhen: Saturday, Aug 12, 14:30 - 15:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Josep Pi Rodriguez\n, Principal Security Consultant at IOActive
\nJosep Pi Rodriguez is experienced in network penetration and web application testing, reverse engineering, industrial control systems, transportation, RF, embedded systems, AMI, vulnerability research, exploit development, and malware analysis. As a principal consultant at IOActive, Mr. Pi Rodriguez performs penetration testing, identifies system vulnerabilities, and researches cutting-edge technologies. Mr. Pi Rodriguez has performed security services and penetration tests for numerous global organizations and a wide range of financial, technical, and educational institutions. He has presented at international conferences including Defcon, Immunity infiltrate, Hack in Paris, Japan CCDS and Confidence Conference.
\nTwitter: @Josep_pi
\n\n
\nDescription:
\nWe conducted a research to assess the current security of NFC payment readers that are present in most of the major ATM brands, portable point of sales, gas stations, vending machines, transportation and other kind of point of sales in the US, Europe and worldwide. In particular, we found code execution vulnerabilities exploitable through NFC when handling a special application protocol data unit (APDU) that affect most NFC payment vendors. The vulnerabilities affect baremetal firmware devices and Android/Linux devices as well.\n

After waiting more than 1 year and a half once we disclosed it to all the affected vendors, we are ready to disclose all the technical details to the public. This research was covered in the media by wired.com but without the technical details that we can share now\nhttps://www.wired.com/story/atm-hack-nfc-bugs-point-of-sale/\n

Some of the affected vendors are:
\nIDtech - https://idtechproducts.com/
\nIngenico - https://www.ingenico.com/
\nVerifone - https://www.verifone.com/
\nCPI - https://www.cranepi.com/
\nBBPOS - https://www.bbpos.com/
\nWiseasy - https://www.wiseasy.com/
\nNexgo - https://www.nexgoglobal.com/\n

In this presentation we will describe the vulnerabilities and also demo how the readers can be compromised, using a special Android app we created, by just tapping an Android phone to the reader. We will discuss the consequences such as financial impact in reader’s users/owners and card data stealing once the firmware is compromised. Also, we will show how to compromise the host that is connected to the reader through USB by manipulating the reader’s firmware, chaining stack buffer overflow vulnerabilities in the SDK provided by the vendor that is running in the host machine.\n

Finally, since one of the affected vendors (IDtech) is present in most ATM brands in the world, the talk will cover different scenarios of how possible can be jackpotting ATMs just tapping a smartphone into the reader of the ATM. We have many years of experience jackpotting all brands of ATMs in multiple different ways and we will show how this is technically possible.\n

\n\n\'',NULL,365263),('3_Saturday','15','14:30','15:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Contactless Overflow: Code execution in payment terminals and ATM’s over NFC\'','\'Josep Pi Rodriguez\'','DC_7eef6cf80171d4dadbaecbe4c4f33b76','\'\'',NULL,365264),('4_Sunday','12','12:00','12:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Terminally Owned - 60 years of escaping\'','\'David Leadbeater\'','DC_428d87c9d6fe94347744b5877b5a3af1','\'Title: Terminally Owned - 60 years of escaping
\nWhen: Sunday, Aug 13, 12:00 - 12:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:David Leadbeater\n, Open Source Engineer at G-Research
\nHe aims to find more CVEs than he creates and is currently succeeding.
\nTwitter: @davidgl
\n\n
\nDescription:
\nIt is 60 years since the first publication of the ASCII standard, something we now very much take for granted. ASCII introduced the Escape character; something we still use but maybe don\'t think about very much. The terminal is a tool all of us use. It\'s a way to interact with nearly every modern operating system. Underneath it uses escape codes defined in standards, some of which date back to the 1970s.\n \n

Like anything which deals with untrusted user input, it has an attack surface. 20 years ago HD Moore wrote a paper on terminal vulnerabilities, finding multiple CVEs in the process. I decided it was time to revisit this class of vulnerability.\n \n

In this talk I\'ll look at the history of terminals and then detail the issues I found in half a dozen different terminals. Even Microsoft who historically haven\'t had strong terminal support didn\'t escape a CVE. In order to exploit these vulnerabilities they often need to be combined with a vulnerability in something else. I\'ll cover how to exploit these vulnerabilities in multiple ways.\n \n

Overall this research found multiple remote code execution vulnerabilities across nearly all platforms and new unique ways to deliver the exploits. \n

REFERENCES:
\nKey citations:\n

\n

Other interesting sources:\n

\n

My posts to oss-security so far:\n

\n\n\'',NULL,365265),('2_Friday','09','09:00','09:45','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'The Hackers, The Lawyers, And The Defense Fund\'','\'Charley Snyder,Hannah Zhao,Harley Geiger,Kurt Opsahl,Miles McCain\'','DC_e7bbf7b38d8f7d5c18daf245a1c5280c','\'Title: The Hackers, The Lawyers, And The Defense Fund
\nWhen: Friday, Aug 11, 09:00 - 09:45 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Charley Snyder,Hannah Zhao,Harley Geiger,Kurt Opsahl,Miles McCain
\n
SpeakerBio:Charley Snyder\n, Head of Security Policy at Google
\nCharley serves as Head of Security Policy at Google. In this role, Charley organizes Google\'s expertise and technology to help solve the world\'s pressing public policy challenges related to safety and security online. Before joining Google, he led vulnerability management for a large financial institution, which included responsibility for researcher engagement and bug bounty programs. Previously, Charley served in the United States government, including multiple roles in the Department of Defense, where he helped create and manage the first U.S. government bug bounty program.
\nTwitter: @charley_snyder_
\n
SpeakerBio:Hannah Zhao\n, Staff Attorney at Electronic Frontier Foundation
\nHannah is a staff attorney at the Electronic Frontier Foundation. She’s part of EFF’s Coders’ Rights Project, which seeks to protect hackers, security researchers, and others through education, legal defense, amicus briefs, and involvement in the community with the goal of promoting innovation and safeguarding the rights of curious tinkerers and hackers on the digital frontier. She also works on legal issues related to police technology, surveillance, and cybersecurity.
\n
SpeakerBio:Harley Geiger\n, Counsel at Venable LLP
\nHarley Geiger is Counsel and Senior Director at Venable, LLP, where he leads the Security Research Legal Defense Fund and the Hacking Policy Council and counsels clients on a variety of cybersecurity issues. Prior to this, Geiger was Senior Director for Public Policy at Rapid7, where he worked to expand adoption of vulnerability disclosure and legal protections for security research. Geiger also worked as Senior Legislative Counsel in the U.S. House of Representatives, where he drafted Aaron’s Law, and served as Advocacy Director at the Center for Democracy & Technology.
\nTwitter: @HarleyGeiger
\n
SpeakerBio:Kurt Opsahl\n, Associate General Counsel for Cybersecurity and Civil Liberties Policy at Filecoin Foundation
\nKurt Opsahl is the Associate General Counsel for Cybersecurity and Civil Liberties Policy for the Filecoin Foundation, and a Special Counsel to the Electronic Frontier Foundation. Formerly, Opsahl was the Deputy Executive Director and General Counsel of EFF. Opsahl was also the lead attorney on the Coders\' Rights Project, and continues to assist EFF with that work as a Special Counsel. In 2007, Opsahl was named as one of the \"Attorneys of the Year\" by California Lawyer magazine. From 2014 to 2022, Opsahl served on the USENIX Board of Directors. Opsahl is a member of the CISA Cybersecurity Advisory Committee’s Technical Advisory Council.
\nTwitter: @KurtOpsahl
\n
SpeakerBio:Miles McCain\n, Student at Stanford University
\nMiles McCain is a student at Stanford University, security researcher, and open source software developer. He and his friends were once threatened with legal action for responsibly disclosing a security vulnerability in their classmates’ startup. He has previously worked on election security at CISA, privacy at Apple, and trust and safety at the Stanford Internet Observatory. Miles is a member of the Recurse Center.
\nTwitter: @MilesMcCain
\n\n
\nDescription:
\nThe hacker community has long conducted important security research that skates the edge of legality. This has led to charges and lawsuits, bogus and serious alike, against hackers. In this panel, we’ll hear from a hacker that faced legal challenges, we’ll describe what legal counseling for hackers looks like in practice, and we’ll discuss a new resource for the hacker community: the Security Research Legal Defense Fund.\n

Legal issues can arise for good faith hackers because computer or software owners want to prevent security research or vulnerability disclosure. Security researchers have rights and defenses against legal claims, but don’t always have access to representation or resources to defend themselves. EFF provides free legal counseling, ideally in advance of security researchers conducting their work so they can steer clear of problematic activity or at least mitigate the risk of legal threats. In litigation, EFF tries to find cases that will advance legal rights for the entire community, but many individuals will need representation even when their particular cases will not have a broader impact. In those cases, EFF endeavors to refer people to cooperating counsel, which can be difficult if funds are not available.\n

What is it like, as a hacker, to face legal threats? What are the common ways hackers encounter legal threats? When that happens, what should hackers do? What is it really like to provide legal representation to hackers? Are there areas of the world with greater or lesser access to legal rights and representation? What resources can hackers leverage to protect themselves, their rights, and others in the community? Join us and find out!\n

\n
REFERENCES
\n
1) Stanford student vulnerability disclosure, 2021.\n2) MBTA vs. Anderson, 2008.\n3) US Department of Justice Computer 2022 Fraud and Abuse Act charging policy.\n4) Librarian of Congress good faith security research exception to DMCA Section 1201. \n5) Disclose.io\n6) SecurityResearchLegalDefenseFund.org
\n\n\'',NULL,365266),('3_Saturday','10','10:30','11:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Unlocking Doors from Half a Continent Away\'','\'Sam Haskins,Trevor \"t1v0\" Stevado\'','DC_bb496a21658e8a176fd2ef112507b36b','\'Title: Unlocking Doors from Half a Continent Away
\nWhen: Saturday, Aug 12, 10:30 - 11:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Sam Haskins,Trevor \"t1v0\" Stevado
\n
SpeakerBio:Sam Haskins\n, Hacker at Loudmouth Security
\nSam Haskins is an honors student at Carleton University, in Ottawa ON, and hacker at Loudmouth Security. Sam is a security researcher in their spare time with several CVEs to their name, with a keen interest in cryptography and RFID hacking.
\n
SpeakerBio:Trevor \"t1v0\" Stevado\n, Founding Partner/Hacker at Loudmouth Security
\nTrevor Stevado is a security researcher and the founder of Loudmouth Security, with over 15 years of experience in the industry. In 2018, Trevor won a Black Badge in the IoT CTF at DEF CON 26, and since then he has been a regular contributor to IoT Village and is now one of the founders of the new Embedded Systems Village, where he continues to push the boundaries of embedded security research.
\n\n
\nDescription:
\nContactless credentials have become increasingly popular for secure authentication and access control systems due to their convenience and efficiency. In this talk, we will discuss a specific weakness in the ISO 14443A protocol that enables replay attacks over moderate latency connections, leading to the potential for long-range relay attacks.\n

During the presentation, we will delve into the history of contactless credential attacks, how manufacturers have adapted, and discuss why we focused on a relay attack. We will provide an overview of the ISO 14443A protocol and explain how the relay attack is executed and the ‘features’ of the underlying protocol that make it possible. Finally, we will demonstrate and release a new tool to make this relay attack feasible with the Proxmark, as we attempt to unlock a door in Ottawa, ON with a card on-stage in Vegas.\n

In addition, we will discuss the response from HID Global following our responsible disclosure against their SEOS readers and suggest mitigations to prevent these attacks on your access control systems.\n

\n\n\'',NULL,365267),('3_Saturday','11','10:30','11:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Unlocking Doors from Half a Continent Away\'','\'Sam Haskins,Trevor \"t1v0\" Stevado\'','DC_bb496a21658e8a176fd2ef112507b36b','\'\'',NULL,365268),('2_Friday','15','15:30','16:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Turning my virtual wallet into a skimming device: mPOS solutions\'','\'Dan Borgogno,Ileana Barrionuevo\'','DC_0908ecf58ec96c8eab3d67b3906b8664','\'Title: Turning my virtual wallet into a skimming device: mPOS solutions
\nWhen: Friday, Aug 11, 15:30 - 16:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Dan Borgogno,Ileana Barrionuevo
\n
SpeakerBio:Dan Borgogno\n, Security Engineer at LATU
\nDan Borgogno is a security engineer, backend developer, security researcher and international speaker with years of experience on mobile, hardware, IoT and web application hacking. Security engineer@LATU Seguros.
\nTwitter: @dborgogno
\n
SpeakerBio:Ileana Barrionuevo\n, Security Researcher at UTN FRC
\nIleana Barrionuevo is a security engineer, security researcher and international speaker with years of experience in Android mobile hacking and web application hacking. Security researcher @Labsis UTN FRC
\nTwitter: @accio_bugs
\n\n
\nDescription:
\nIn third-world economies, cheaper often means more accessible. In recent years, there has been a growing interest in modern mobile wallet solutions that allow you to save money, make transactions, payments, and transfer funds to friends or clients with the help of MPOS devices. These small, durable, and simple devices can be used to read credit card information. However, these solutions have vulnerabilities that can be exploited. In this talk, we will provide real-life examples of money theft, credit card information skimming, Bluetooth communication tampering, and hardware hacking associated with these solutions.\n
\n\n\'',NULL,365269),('2_Friday','16','15:30','16:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Turning my virtual wallet into a skimming device: mPOS solutions\'','\'Dan Borgogno,Ileana Barrionuevo\'','DC_0908ecf58ec96c8eab3d67b3906b8664','\'\'',NULL,365270),('3_Saturday','13','13:30','14:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Meduza: How an exiled pirate media outlet breaks through the Kremlin\'s propaganda firewall\'','\'Alex\'','DC_f72074cd060f4a48c41618cdac310f4f','\'Title: Meduza: How an exiled pirate media outlet breaks through the Kremlin\'s propaganda firewall
\nWhen: Saturday, Aug 12, 13:30 - 14:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:Alex\n, CTO at Meduza
\nAlex is CTO at Meduza. He joined the team in 2019. It was a rather crazy and brave decision to give up the job in a stable global corporation and join an independent media company in the times when it was already obvious that independent journalism is not welcome in Russia any more.\n \n

Alex’s main topics of expertise:
\nMedia company digital security. Protection of both employees and infrastructure against cyber threats, government run attacks, surveillance. Circumvention tools and technologies. Practical experience of reaching the audience in state-controlled countries. Government methods and approaches against media organizations. How they discover and block “forbidden” content, legal and physical pressure, surveillance. Risk analysis and research-based forecast for the further elaboration of censorship, i.e. sovereignization, criminalization of content etc.

\n\n
\nDescription:
\nMeduza is an independent international Russian- and English-language publication that still reaches millions of people inside Russia. The newsroom is operating from exile for 8 years now with headquarters in Latvia. Despite being completely outlawed and banned by the Kremlin, Meduza continues to work even under such enormously tough circumstances and still delivers the truths about the war in Ukraine along with an unbiased reporting on the situation inside Russia.\n \n

But at DEF CON Meduza will not be presented as a media. The team tries to resist the total state control of the Internet in Russia and fight not only for the freedom of speech, but for the freedom of information for millions of people.\n

Meduza CTO will explain how one of the most free internet has become one of the most regulated and censored ones within just a couple of years. Alex will share the practical experience of resisting censorship along with his (pessimistic) forecast for the future of the Internet in Russia (a new \"Iron Curtain\')\'. He will describe how the authorities were once again able to “deceive the people\'\' (before all that happened, there were no abrupt blockings in Russia and the habit of using VPN was not formed among internet users). This is important to not to let this scenario be repeated in whatever part of the world. \n

Tech Dept has always been an important part of Meduza newsroom, but in 2022 the tech guys became an even more crucial part of it. It is thanks to their work that the newsroom is able to successfully bypass blocking and retain the audience in Russia. And to protect the journalists and to repel various DDoS attacks on the infrastructure and products.\n

REFERENCES: \n

We don’t have many references that will be used in the presentation. And according to our Code of Conduct in our ordinary life we try to write about the news, and not to be the newsmakers ourselves. Here are a couple links that might be helpful to understand more about our work and values.\n \n

Meduza
\n https://meduza.io/\n \n

Meduza English-language edition
\n https://meduza.io/en\n \n

The awards:
\n https://frittord.no/en/news/speeches-at-the-awarding-of-the-fritt-ord-foundation-prize-2022\n \n

https://cpj.org/2022/03/calling-the-war-war-meduzas-galina-timchenko-bucks-russias-censorship-on-ukraine/\n \n

https://fgpj.eu/portfolio-items/preistraeger-2022/?portfolioCats=98\n \n

More about us:
\n https://rsf.org/en/rsf-creates-mirror-leading-russian-exile-news-site-blocked-kremlin\n https://www.cloudflare.com/innovator-spotlights/\n https://www.bloomberg.com/news/articles/2022-05-10/putin-s-crackdown-pushes-independent-russian-media-into-crypto?leadSource=uverify%20wall\n https://www.washingtonpost.com/media/2022/03/17/meduza-russia-sanctions/\n https://www.vox.com/future-perfect/22955885/donate-ukraine\n \n

Several examples of the most important articles:\n \n

Fact сhecking piece with a video that proved the massacre in Bucha. Meduza’s source provided us with a video that was filmed during the “entrance” to Bucha. We gave the video to two independent experts (an astronomer and a mathematician) in order to verify when the videos were shot, using chronolocation techniques. Their findings allowed us to confirm that the times in the metadata matches the actual times when the footage was recorded, and that the first video of the bodies couldn’t have been filmed after March 26, 2022, which proved that the horrific civilian killings in Bucha took place before Russian troops retreated from the town\n \n

https://meduza.io/en/feature/2022/04/09/verified-video-appears-to-show-ukrainian-troops-killing-russian-captives-here-s-what-we-know-about-it\n \n

An investigation of war crimes in Bogdanovka\n https://meduza.io/en/feature/2022/04/18/i-can-do-whatever-i-want-to-you\n \n

How Russia\'s full-scale invasion of Ukraine split the company Yandex\n https://meduza.io/en/feature/2022/05/06/toxic-assets\n \n

An investigation on Elvira Nabiullina, the chairwoman of Russia’s Central Bank\n https://meduza.io/en/feature/2022/07/07/the-banker-s-dilemma\n \n

Meduza tells the story of the first openly transgender woman in the Russian army. She is going to be sent to war with Ukraine (and that\'s not the whole story\n \n

https://meduza.io/feature/2022/11/09/pust-luchshe-ona-tam-gde-nibud-umret\n

\n\n\'',NULL,365271),('3_Saturday','14','13:30','14:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Meduza: How an exiled pirate media outlet breaks through the Kremlin\'s propaganda firewall\'','\'Alex\'','DC_f72074cd060f4a48c41618cdac310f4f','\'\'',NULL,365272),('3_Saturday','13','13:00','13:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Azure B2C 0-Day: An Exploit Chain from Public Keys to Microsoft Bug Bounty\'','\'John Novak\'','DC_fcb4da9eb4d65538dbc2ceee8f51ce35','\'Title: Azure B2C 0-Day: An Exploit Chain from Public Keys to Microsoft Bug Bounty
\nWhen: Saturday, Aug 12, 13:00 - 13:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:John Novak\n, Technical Director at Praetorian
\nJohn Novak is a Technical Director at Praetorian with a deep interest in cryptography, reverse\n engineering, and embedded firmware. His evolution to computer security and hacker culture began with an undergraduate degree in mathematics followed by ten years of cryptography, security research, and exploit development at a previous employer. His current role at Praetorian includes conducting numerous security assessments for IoT devices, web applications, mobile applications, and (on occasion) cloud services.
\nTwitter: @jwnovak
\n\n
\nDescription:
\nThis presentation will cover a complete exploit chain in Azure B2C, starting with a discovery of cryptographic misuse and leading to full account compromise in any tenant as an unauthenticated attacker.\n \n

Portions of this vulnerability have been released publicly, but several pieces were omitted to provide Microsoft time to remediate the issue and not put Azure B2C environments at unnecessary risk. New details in this talk include steps to reverse engineer and discover the crypto vulnerability along with details of a novel attack for crypto key recovery.\n \n

For background, Microsoft Azure B2C is an identity and access management service for customer-facing apps. Thousands of organizations use this service, including national/state/local governments, professional societies, and commercial companies. The service is also used in the public Microsoft Security Response Center (MSRC) web portal as the main method for researchers to disclose vulnerabilities as part of Microsoft\'s bug bounty programs. The full exploit chain was effective against the MSRC and would have allowed an attacker to enumerate details of disclosed but not-yet-patched Microsoft zero day vulnerabilities.\n

REFERENCES:
\n[1] Previous disclosure of portions of this vulnerability: https://www.praetorian.com/blog/azure-b2c-crypto-misuse-and-account-compromise/\n[2] Discussion of encryption and signatures in JSON Web Tokens (JWTs): https://www.praetorian.com/blog/signing-and-encrypting-with-json-web-tokens/\n[3] Azure B2C Configuration Tutorial: https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy\n[4] What to Expect When Reporting Vulnerabilities to Microsoft https://msrc.microsoft.com/blog/2020/09/what-to-expect-when-reporting-vulnerabilities-to-microsoft/\n

\n\n\'',NULL,365273),('2_Friday','16','16:00','16:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Visual Studio Code is why I have (Workspace) Trust issues\'','\'Paul Gerste,Thomas Chauchefoin\'','DC_52cf3a09f8ab24f0009356ad7c4d8699','\'Title: Visual Studio Code is why I have (Workspace) Trust issues
\nWhen: Friday, Aug 11, 16:00 - 16:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Paul Gerste,Thomas Chauchefoin
\n
SpeakerBio:Paul Gerste\n, Vulnerability Researcher at Sonar
\nPaul Gerste (@pspaul95) is a Vulnerability Research in the Sonar R&D team. In the last months, he has been hunting bugs in popular JavaScript and TypeScript applications, yielding critical vulnerabilities in projects such as Rocket.Chat, NodeBB, and Blitz.js. Paul has also been a CTF player and organizer for some years and loves to hack all web-related things.
\nTwitter: @pspaul95
\n
SpeakerBio:Thomas Chauchefoin\n, Vulnerability Researcher at Sonar
\nThomas Chauchefoin (@swapgs) is a Vulnerability Researcher in the Sonar R&D team. With a strong background in offensive security, he helps uncover and responsibly disclose 0-days in major open-source software. He also participated in competitions like Pwn2Own or Hack-a-Sat and was nominated for two Pwnies Awards for his research on PHP supply chain security.
\n\n
\nDescription:
\nDevelopers are threat actors\' targets of choice because of their access to business-critical services. After compromising a single developer, they could push code changes or obtain sensitive information. For instance, a recent campaign attributed to North Korea set up social network profiles to social engineer and infect prominent figures of the developer community with malicious Visual Studio projects and browser exploits.\n \n

At the same time, modern development tools offer increasingly advanced features and deep integration with ecosystems, sometimes at the cost of basic security measures. Code editors tried to counterbalance it by introducing new lines of defense (e.g., \"Workspace Trust\"), leading to a cat-and-mouse game to restrict access while keeping most features available by default.\n \n

In this talk, we present the state of the art of Visual Studio Code\'s security. We go in-depth into its attack surface, how its extensions work, and the technical details of two vulnerabilities we found in Visual Studio Code. These findings, CVE-2021-43891 and CVE-2022-30129, led to a $30.000 bounty with an unexpected twist. We also present 1-days discovered by other researchers to develop the audience\'s intuition. These concepts apply to most IDEs of the market so everybody will now think twice before opening third-party code!\n

REFERENCES:
\nhttps://blog.electrovolt.io/posts/vscode-rce/\nhttps://www.sonarsource.com/blog/securing-developer-tools-git-integrations/\nhttps://www.sonarsource.com/blog/securing-developer-tools-argument-injection-in-vscode/\nhttps://blog.doyensec.com/2022/10/27/jupytervscode.html\nhttps://iwantmore.pizza/posts/cve-2019-1414.html\nhttps://github.com/justinsteven/advisories/blob/master/2017_visual_studio_code_workspace_settings_code_execution.md\nhttps://github.com/doyensec/VSCode_PoC_Oct2019\nhttps://github.com/microsoft/vscode/issues/107951\nhttps://www.youtube.com/watch?v=Olq6XnZ4Pwo\nhttps://github.com/google/security-research/security/advisories/GHSA-pw56-c55x-cm9m\n

\n\n\'',NULL,365274),('3_Saturday','11','11:00','11:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Weaponizing Plain Text: ANSI Escape Sequences as a Forensic Nightmare\'','\'STÖK\'','DC_2619fa3f32beacd16aeca0d0df45f0e0','\'Title: Weaponizing Plain Text: ANSI Escape Sequences as a Forensic Nightmare
\nWhen: Saturday, Aug 12, 11:00 - 11:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:STÖK\n, Hacker / Creative at Truesec
\nHacker/Creative STÖK is passionate about learning new things and sharing his curiosity with the world. For the last 3 decades, he has professionally hacked anything from computers/tech to marketing, fashion, communication, and the human mind. By delivering fast-paced, engaging onstage presentations and creating educational cybersecurity video content for the hacker community. His curiosity and \"Good Vibes Only\" mentality have reached and inspired millions of people around the world.\n \n

HACKERS GONNA HACK.
\nCREATORS GONNA CREATE.
\nGOOD VIBES ONLY.\n

\nTwitter: @stokfredrik
\n\n
\nDescription:
\nLogs are a vital component for maintaining application reliability, performance, and security. They serve as a source of information for developers, security teams, and other stakeholders to understand what has happened or gone wrong within an application. However, logs can also be used to compromise the security of an application by injecting malicious content.\n \n

In this presentation, we will explore how ANSI escape sequences can be used to inject, vandalize, and even weaponize log files of modern applications. We will revisit old terminal injection research and log tampering techniques from the 80-90s. Combine them with new features, to create chaos and mischief in the modern cloud cli’s, mobile, and feature-rich DevOps terminal emulators of today.\n

We will then provide solutions on how to avoid passing on malicious escape sequences into our log files. By doing so, we can ensure that we can trust the data inside our logs, making it safe for operators to use shells to audit files. Enabling responders to quickly and accurately investigate incidents without wasting time cleaning, or having to gather additional data, while reconstructing events.\n \n

Welcome to this \"not so black and white,\" but rather quite colorful ANSI adventure, and learn how to cause, or prevent a forensic nightmare. \n

\n
REFERENCES
\n
There are multiple references to prior research featured and provided as a part of the storyline in the presentation.
\n\n\'',NULL,365275),('3_Saturday','12','12:30','13:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Video-based Cryptanalysis: Extracting Secret Keys from Power LEDs of Various Non-compromised Devices Using a Video Camera\'','\'Ben Nassi,Ofek Vayner\'','DC_eacc803634f3f237867aa2d29bb01971','\'Title: Video-based Cryptanalysis: Extracting Secret Keys from Power LEDs of Various Non-compromised Devices Using a Video Camera
\nWhen: Saturday, Aug 12, 12:30 - 13:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Ben Nassi,Ofek Vayner
\n
SpeakerBio:Ben Nassi\n, Postdoctoral Researcher at Cornell Tech
\nDr. Ben Nassi is a postdoctoral researcher at Cornell Tech. He is interested in building robust systems and investigates the security and privacy of cyber-physical systems and hardware/devices in the topics of side-channel attacks and AI security using signal processing and machine learning techniques. His research has been presented at top academic conferences, published in journals and Magazines, and covered by international media. Ben has spoken at prestigious industrial conferences (Black Hat Asia and USA, RSAC USA, AI Week, CodeBlue, SecTor, and CyberTech) and he serves as a PC member in ACM CCS (22 and 23) and BlackHat Asia (22 and 23). His research entitled him to two nominations for the Pwnie Award.
\nTwitter: @ben_nassi
\n
SpeakerBio:Ofek Vayner\n, M.Sc. Student at Ben-Gurion University of the Negev
\nOfek Vayner is an M.Sc student at Ben-Gurion University of the Negev and a security researcher at BGU\'s Cyber Security Research Center. He holds a B.Sc. degree from the Department of Electrical Engineering at Ben-Gurion University of the Negev. His primary research interests are side-channel attacks and cryptanalysis.
\n\n
\nDescription:
\nIn this talk, we present video-based cryptanalysis, a new method to recover secret keys from a non-compromised device by analyzing video footage obtained from a device’s power LED. We show that cryptographic computations performed by the device’s CPU change the power consumption of the device which affects the brightness/color of the device’s power LED. The changes in the brightness can be detected at a sufficient sampling rate for cryptanalysis by obtaining video footage from a device’s power LED (by filling the frame with the LED) and exploiting the video camera’s rolling shutter, to increase the sampling rate by three orders of magnitude. The frames of the video footage are analyzed in the RGB space, and the RGB values are used to recover the secret key. We demonstrate the recovery of: (1) a 256- bit ECDSA key from a smartcard using video footage obtained from the power LED of the smartcard reader via a hijacked Internet-connected security camera located 16 meters away from the smartcard reader, and (2) a 378-bit SIKE key from a Samsung Galaxy S8 using video footage obtained from the power LED of Logitech Z120 USB speakers (that were connected to the same USB Hub of the Galaxy S8) via iPhone 12.\n

We discuss countermeasures, limitations, and the future of video-based cryptanalysis.\n

\n\n\'',NULL,365276),('3_Saturday','13','12:30','13:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Video-based Cryptanalysis: Extracting Secret Keys from Power LEDs of Various Non-compromised Devices Using a Video Camera\'','\'Ben Nassi,Ofek Vayner\'','DC_eacc803634f3f237867aa2d29bb01971','\'\'',NULL,365277),('3_Saturday','10','10:00','10:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Defeating VPN Always-On\'','\'Maxime Clementz\'','DC_43516c5b9b14a1ce0971d04172d9d1a7','\'Title: Defeating VPN Always-On
\nWhen: Saturday, Aug 12, 10:00 - 10:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Maxime Clementz\n, Cybersecurity Senior Manager at PwC Luxembourg
\nMaxime Clementz is a Senior Manager within the Cybersecurity Advisory team of PwC Luxembourg. He develops his ethical hacker skills by committing himself to various assignments for big companies, banks and European institutions. As a technical specialist, he leads penetration tests, red-teaming, digital forensics and incident response missions.\n

He contributes to the development of the team’s hacking capabilities by sharing the results of his technology watch and R&D and is now leading the CSIRT and Threat Intelligence initiatives of PwC Luxembourg. He especially enjoys sharing knowledge by presenting the results of each mission or by giving talks (Hack.lu 2012, 2015, 2017) and training courses. Maxime teaches IT security at a French engineering school and organizes a Capture the Flag event for the students.\n

\nTwitter: @maxime_tz
\n\n
\nDescription:
\nVPN Always-On is a security control that can be deployed to mobile endpoints that remotely access corporate resources through VPN. It is designed to prevent data leaks and narrow attack surface of enrolled end-user equipment connected to untrusted networks. When it is enforced, the mobile device can only reach the VPN gateway and all connections are tunneled.\n

We will review the relevant Windows API, the practicalities of this feature, look at popular VPN software; we will then consider ridiculously complex exfil methods and... finally bypass it with unexpectedly trivial tricks. We will exploit design, implementation and configuration issues to circumvent this control in offensive scenarios. We will then learn how to fix or harden VPN Always-On deployment to further limit the risks posed by untrusted networks.\n

\n
REFERENCES
\n
\n

VPN on untrusted networks, captive portals:\n- ANSSI (France) Recommandations sur le nomadisme numérique (\"3.4.3 Maîtrise des flux réseaux sur le poste de travail\"): https://www.ssi.gouv.fr/uploads/2018/10/guide_nomadisme_anssi_pa_054_v1.pdf (I will translate the relevant part in my slide)\n

Understanding \"Windows Filtering Platform\":\n- Microsoft documentation : https://learn.microsoft.com/en-us/windows/win32/fwp/windows-filtering-platform-start-page\n- Pavel Yosifovich : https://scorpiosoftware.net/2022/12/25/introduction-to-the-windows-filtering-platform/\n- Pavel Yosifovich : https://github.com/zodiacon/WFPExplorer\n- Sagie Dulce : https://github.com/zeronetworks/wtf-wfp\n

Reverse Engineering of Windows Filtering Platform and its implementation in Windows VPN agents:\n- Ole André V. Ravnas - https://frida.re/\n- James Forshaw - https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools/tree/main/NtObjectManager\n

\n\'',NULL,365278),('2_Friday','11','11:30','12:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'I Watched You Roll the Die: Unparalleled RDP Monitoring Reveal Attackers Tradecraft\'','\'Andréanne Bergeron,Olivier Bilodeau\'','DC_a01fcfedbb008ba24099366352c5e826','\'Title: I Watched You Roll the Die: Unparalleled RDP Monitoring Reveal Attackers Tradecraft
\nWhen: Friday, Aug 11, 11:30 - 12:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Andréanne Bergeron,Olivier Bilodeau
\n
SpeakerBio:Andréanne Bergeron\n, Cybersecurity Researcher at GoSecure
\nAndréanne Bergeron has a Ph.D. in criminology from the University of Montreal and works as a cybersecurity researcher at GoSecure. Acting as the social and data scientist of the team, she is interested in online attackers’ behaviors. She is an experienced presenter with over 38 academic conferences and is now focusing on the infosec field. She has presented at BSides Montreal, NorthSec, CypherCon and Human Factor in Cybercrime amongst others.
\nTwitter: @AndreanBergeron
\n
SpeakerBio:Olivier Bilodeau\n, Cybersecurity Research Director at GoSecure
\nOlivier Bilodeau leads the Cybersecurity Research team at GoSecure. With more than 12 years of infosec experience, he enjoys luring malware operators into his traps and writing tools for malware research. Olivier is a passionate communicator having spoken at several conferences including BlackHat USA/Europe, Defcon, Botconf, Derbycon, and HackFest. Invested in his community, he co-founded MontréHack, is the President of NorthSec and host its Hacker Jeopardy.
\nTwitter: @obilodeau
\n\n
\nDescription:
\nThe Remote Desktop Protocol (RDP) is a critical attack vector used by evil threat actors including in ransomware outbreaks. To study RDP attacks, we created PyRDP, an open-source RDP interception tool with unmatched capabilities which helped us collect more than 100 hours of video footage of attackers in action.\n

To describe attackers’ behaviors, we characterized the various archetypes of threat actors in groups based on their traits through a Dungeon & Dragons analogy: 1) the Bards making obtuse search or watch unholy videos; 2) the Rangers stealthily explore computers and perform reconnaissance; 3) the Thieves try to monetize the RDP access; 4)the Barbarians use a large array of tools to brute-force their way into more computers; and 5) the Wizardsuse their RDP access as a magic portal to cloak their origins. Throughout, we will reveal the attackers’ weaponry and show video recordings of interesting characters in action.\n

This presentation demonstrates the tremendous capability in RDP interception for research benefitsand blue teams: extensive documentation of opportunistic attackers’ tradecraft. An engineer and a crime data scientist partner to deliver an epic story that includes luring, understanding and characterizing attackers which allows to collectively focus our attention on the more sophisticated threats. \n

\n
REFERENCES
\n
\n

The tool:
\nhttps://github.com/GoSecure/pyrdp/ an extensive rewrite of Citronneur’s RDPy\n

Building on our own work:
\nRDP Man-in-the-Middle - Smile! You\'re on Camera - GoSecure\nhttps://www.youtube.com/watch?v=eB7RC9FmL6Q\n

Slides - Google Slides
\nPyRDP Demo with Session Takeover - YouTube\nPyRDP Demo with a Payload on Connection - YouTube\nhttps://docs.google.com/presentation/d/1UAiN2EZwDcmBjLe_t5HXB0LzbNclU3nnigC-XM4neIU/edit?usp=sharing\nhttps://docs.google.com/presentation/d/1UAiN2EZwDcmBjLe_t5HXB0LzbNclU3nnigC-XM4neIU/edit?usp=sharing\nPyRDP on Autopilot - Unattended Credential Harvesting and Client-Side File Stealing - GoSecure\nAnnouncing PyRDP 1.0 - GoSecure
\nDEF CON Safe Mode Demo Labs - Olivier Bilodeau - PyRDP - YouTube\nCapturing RDP NetNTLMv2 Hashes: Attack details and a Technical How-To Guide - GoSecure\nCracking 2.3M Attackers-Supplied Credentials: What Can We Learn from RDP Attacks - GoSecure\nA New PyRDP Release: The Rudolph Desktop Protocol! - GoSecure\nThe Level of Human Engagement Behind Automated Attacks - GoSecure\nNever Connect to RDP Servers Over Untrusted Networks - GoSecure\n

Building on scientific articles:\n

[1] Cybersecurity & Infrastructure Security Agency (2020). Alert (AA20-099A). Retrieved from. https://www.cisa.gov/uscert/ncas/alerts/aa20-099a\n[2] Cox, O. (2021). Remote Desktop Protocol (RDP) attack analysis. Darktrace. Retrieved from: https://darktrace.com/blog/remote-desktop-protocol-rdp-attack-analysis#:~:text=Remote%20Desktop%20Protocol%20(RDP)%20is,have%20been%20around%20for%20years.\n[3] UK’s National Cyber Security Centre (2021). Alert: Further ransomware attacks on the UK education sector by cyber criminals. Retrieved from : https://www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector\n[4] Tian, Z. et al. (2018). A Real-Time Correlation of Host-Level Events in Cyber Range Service for Smart Campus. IEEE Access, 6, pp. 35355-35364. DOI: 10.1109/ACCESS.2018.2846590.\n[5] Sinitsyn, F. (2017). Kaspersky Security Bulletin: STORY OF THE YEAR 2017. Retrieved from: https://securelist.com/ksb-story-of-the-year-2017/83290/\n[6] DraÅ¡ar, M., Jirsík, T., & Vizváry, M. (2014). Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches. 8th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS). Proceedings 8 (pp. 160-172). Springer Berlin Heidelberg.\n[7] Alata, E., Nicomette, V., Kaaniche, M., Dacier, M., & Herrb, M. (2006). Lessons learned from the deployment of a high-interaction honeypot. Sixth European Dependable Computing Conference, Coimbra, Portugal, pp. 39-46, DOI: 10.1109/EDCC.2006.17.\n[8] Udhani, S., Withers, A., & Bashir, M. (2019). Human vs bots: Detecting human attacks in a honeypot environment. 7th International Symposium on Digital Forensics and Security (ISDFS) (pp. 1-6). IEEE.\n[9] Bilodeau, O. (2022). PyRDP: Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library. Tool Access from: https://github.com/GoSecure/pyrdp\n[10] Gatlan, S. (2022). Windows 11 now blocks RDP brute-force attacks by default. Bleeping Computer, https://www.bleepingcomputer.com/news/microsoft/windows-11-now-blocks-rdp-brute-force-attacks-by-default/\n[11] Seifert, C. (2006). Analyzing Malicious SSH Login Attempts. Symantec Connect Community. Retrieve from: https://www.symantec.com/connect/articles/analyzing-malicious-sshlogin-attempts\n

\n\n\'',NULL,365279),('2_Friday','12','11:30','12:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'I Watched You Roll the Die: Unparalleled RDP Monitoring Reveal Attackers Tradecraft\'','\'Andréanne Bergeron,Olivier Bilodeau\'','DC_a01fcfedbb008ba24099366352c5e826','\'\'',NULL,365280),('4_Sunday','14','14:00','15:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'TETRA tour de force: Jailbreaking digital radios and base stations for fun and secrets\'','\'Carlo Meijer,Jos Wetzels,Wouter Bokslag\'','DC_4c921775aa571b47b50dcf8e8ffcd6d3','\'Title: TETRA tour de force: Jailbreaking digital radios and base stations for fun and secrets
\nWhen: Sunday, Aug 13, 14:00 - 15:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Carlo Meijer,Jos Wetzels,Wouter Bokslag
\n
SpeakerBio:Carlo Meijer\n, Founding Partner and Security Researcher at Midnight Blue
\nCarlo Meijer is a co-founding partner and security researcher at Midnight Blue. His research focuses on the analysis of cryptographic systems deployed in the wild. He is known for his work on the security of so-called Self-Encrypting Drives (SEDs). Furthermore, he is known for breaking a hardened variant of Crypto1, the cipher used in the Mifare Classic family of cryptographic RFID tags. Finally, he co-authored research into default passwords in consumer routers as deployed by ISPs in the Netherlands. He is a PhD researcher and systems security lecturer at the Radboud University (RU) in the Netherlands.
\n
SpeakerBio:Jos Wetzels\n, Founding Partner and Security Researcher at Midnight Blue
\nJos Wetzels is a co-founding partner and security researcher at Midnight Blue. His research has involved reverse-engineering, vulnerability research and exploit development across various domains ranging from industrial and automotive systems to IoT, networking equipment and deeply embedded SoCs. He has uncovered critical zero-day vulnerabilities in dozens of embedded TCP/IP stacks, Industrial Control Systems (ICS), and RTOSes.\n \n

He previously worked as a researcher at the Distributed and Embedded Security group (DIES) at the University of Twente (UT) in the Netherlands where he developed exploit mitigation solutions for constrained embedded devices deployed in critical infrastructure, performed security analyses of state-of-the-art network and host-based intrusion detection systems and has been involved in research projects regarding on-the-fly detection and containment of unknown malware and APTs.

\nTwitter: @s4mvartaka
\n
SpeakerBio:Wouter Bokslag\n, Founding Partner and Security Researcher at Midnight Blue
\nWouter Bokslag is a co-founding partner and security researcher at Midnight Blue. He is known for the reverse-engineering and cryptanalysis of several proprietary in-vehicle immobilizer authentication ciphers used by major automotive manufacturers as well as co-developing the world\'s fastest public attack against the Hitag2 cipher. He holds a Master\'s Degree in Computer Science & Engineering from Eindhoven University of Technology (TU/e) and designed and assisted teaching hands-on offensive security classes for graduate students at the Dutch Kerckhoffs Institute for several years.
\n\n
\nDescription:
\nIn this talk we will discuss the radio jailbreaking journey that enabled us to perform the first public disclosure and analysis of the proprietary cryptography used in TETRA (Terrestrial Trunked Radio): a standard used globally by government agencies, police, prisons, and military operators as well as critical infrastructure such as SCADA telecontrol of oil rigs, pipelines, transportation and electric and water utilities.\n

For decades, the underlying algorithms have remained secret under restrictive NDAs prohibiting public scrutiny of this critical technology. In this talk, we will make public the TETRA cipher suites (TEA and TAA1 to be precise), one of the last bastions of widely deployed secret crypto, and discuss in-depth how we managed to obtain them.\n

We will discuss several different flaws we uncovered allowing passive or active adversaries to intercept and manipulate TETRA traffic, including details of a backdoored stream cipher.\n

This journey involved reverse-engineering and exploiting multiple 0-day vulnerabilities in the popular Motorola MTM5x00 radio and its TI OMAP-L138 TEE and covers everything from side-channel attacks on DSPs to writing your own decompilers. We will also discuss how we gained code execution on and instrumented a Motorola MBTS TETRA base station for research purposes.\n

REFERENCES: \n

\n\n\'',NULL,365281),('4_Sunday','15','14:00','15:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'TETRA tour de force: Jailbreaking digital radios and base stations for fun and secrets\'','\'Carlo Meijer,Jos Wetzels,Wouter Bokslag\'','DC_4c921775aa571b47b50dcf8e8ffcd6d3','\'\'',NULL,365282),('3_Saturday','14','14:00','14:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Power Corrupts; Corrupt It Back! Hacking Power Management in Data Centers\'','\'Jesse Chick,Sam Quinn\'','DC_5a08a65970d5faa147878a063fc108f2','\'Title: Power Corrupts; Corrupt It Back! Hacking Power Management in Data Centers
\nWhen: Saturday, Aug 12, 14:00 - 14:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Jesse Chick,Sam Quinn
\n
SpeakerBio:Jesse Chick\n, Security Researcher at Trellix Advanced Research Center
\nJesse Chick is a Security Researcher with the Advanced Research Center\'s vulnerability team. Jesse focusses on vulnerability discovery and exploit development for all things connected to the internet and is credited with numerous CVEs affecting popular embedded devices. He is passionate about reverse engineering, full system emulation, and educating others in offensive security techniques.
\nTwitter: @ravenousbytes
\n
SpeakerBio:Sam Quinn\n, Sr. Security Researcher at Trellix Advanced Research Center
\nSam Quinn is a Senior Security Researcher on the Advanced Research Center Vulnerability team, focused on finding new vulnerabilities in both software and hardware. Sam has a focus on embedded devices with knowledge in the fields of reverse engineering and exploitation. He has had numerous vulnerability findings, published CVEs in IOT and enterprise software, and has spoken at multiple industry conferences such as Def Con, BlackHat, North Sec, and Hardwear.io.
\nTwitter: @eAyeP
\n\n
\nDescription:
\nOur current administration lists \"Defend Critical Infrastructure\" as the #1 item in the 2023 National Cybersecurity Strategy. At the intersection of governmental and corporate concerns is data center security, a trend that is bound to continue as more and more operations move to the cloud. This talk details our findings in the domain of power management, the first category in a broader effort to investigate the security of critical data center components. We will reveal nine vulnerabilities in two integral data center appliances: a Power Distribution Unit (PDU) and a Data Center Infrastructure Management (DCIM) system. Continuing, we will delve into the technical details of the most impactful vulnerabilities and highlight the potential impact on their respective operations. The talk will challenge the misconception that data centers are inherently more secure than on-prem by exposing how attackers could leverage these vulnerabilities. This presentation will be valuable to data center professionals, security researchers, and anyone interested in understanding the characteristic vulnerabilities associated with modern data centers. \n

REFERENCES:
\nContributing Researcher - Philippe Laulheret\nClaroty Research - https://claroty.com/team82/research/jumping-nat-to-shut-down-electric-devices\nNational Cybersecurity Strategy - https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/\n

\n\n\'',NULL,365283),('2_Friday','13','13:00','13:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Over the Air, Under the Radar: Attacking and Securing the Pixel Modem\'','\'Eugene Rodionov,Farzan Karimi,Xiling Gong,Xuan Xing\'','DC_05b39810abd09b801ecfbc6240741419','\'Title: Over the Air, Under the Radar: Attacking and Securing the Pixel Modem
\nWhen: Friday, Aug 11, 13:00 - 13:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Eugene Rodionov,Farzan Karimi,Xiling Gong,Xuan Xing
\n
SpeakerBio:Eugene Rodionov\n, Security Researcher on the Android Red Team at Google
\nEugene Rodionov, PhD, is a Security Researcher at Google on the Android Red Team. In his current position, Eugene focuses on finding and exploiting vulnerabilities in the low-level components of Android platform and Pixel devices. Prior to that, Rodionov performed offensive security research on UEFI firmware for Client Platforms at Intel, and ran internal research projects and performed in-depth analysis of complex threats at ESET. His fields of interest include reverse engineering, vulnerability analysis, firmware security and anti-rootkit technologies. Rodionov is a co-author of the \"Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats\" book and has spoken at security conferences such as Black Hat, REcon, ZeroNights, and CARO.
\n
SpeakerBio:Farzan Karimi\n, Android Offensive Security Manager at Google
\nFarzan Karimi has over 15 years experience in offensive security. He is the Android Offensive Security Manager at Google. In this role, he manages red team operations targeting low-level components within the Android ecosystem. Farzan has specialized in exploiting game development consoles (devkits). His work on PlayStation and Xbox led to the development of key security features for next generation platforms. Farzan is a speaker at security conferences such as Black Hat USA, LABSCON, Microsoft STRIKE, and EA Team Blue.
\n
SpeakerBio:Xiling Gong\n, Security Researcher on the Android Red Team at Google
\nXiling Gong is a Security Researcher at Google on the Android Red Team. Xiling focuses on finding and exploiting vulnerabilities in the low-level components of Android platform and Pixel devices. Xiling is the speaker of CanSecWest 2018, BlackHat USA 2019, Def Con 27, BlackHat Asia 2021.
\n
SpeakerBio:Xuan Xing\n, Tech Lead on the Android Red Team at Google
\nXuan Xing is the tech lead of the Android Red Team at Google. For the past years, Xuan focused on finding security vulnerabilities in various low level components of Android/Pixel devices. He is passionate about software fuzzing for security research. In BlackHat USA 2022 Xuan presented the “Google Reimagined a Phone. It was Our Job to Red Team and Secure it” talking about Pixel ABL security auditing.
\n\n
\nDescription:
\nTo ensure Google Pixel devices are always at their most secure, the Android Red Team continuously attacks the riskiest areas of the phone. This allows us to proactively get ahead of bugs and protect the phone, before it’s even shipped to users.\n \n

The modem — or baseband — is considered a fundamental component of smartphones, and is at high risk because it is a privileged system component that accepts data from an untrusted remote source (cell towers). A vulnerability in the modem exposes end-users to scalable attacks carried out remotely, which may lead to many kinds of compromise on a phone.\n \n

Modem security is currently a hot topic of research, attracting growing interest from security researchers, both in the industry and in academia. This wasn’t the case up until recently for a couple of reasons: most modem code is closed source, and testing it requires expensive hardware equipment. With some of these barriers being removed in recent years, due the invention of software-defined radio (SDR) devices and public toolkits, the entry level into baseband security analysis has become more affordable. In this session the Android Red Team will be describing some findings from its offensive evaluation of modems used in Pixel devices.\n

\n\n\'',NULL,365284),('2_Friday','13','13:30','14:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Fantastic Ethertypes and Where to Find Them\'','\'Ricky \"HeadlessZeke \" Lawshae\'','DC_7b7e02c670c6637e7ad8604e856560f6','\'Title: Fantastic Ethertypes and Where to Find Them
\nWhen: Friday, Aug 11, 13:30 - 14:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Ricky \"HeadlessZeke \" Lawshae\n, Hacker
\nRicky \"HeadlessZeke\" Lawshae is a connoisseur of arcane and archaic network protocols. He is a security researcher with well over a decade of experience in the fields of IoT security, exploitation, and network protocol analysis. He has spoken at DEFCON multiple times, as well as Recon, Ruxcon, Toorcon, and many other conferences around the globe. In his offtime, he enjoys drinking Irish whiskeys and dark beers, reading comics, and listening to/playing in punk rock bands.
\nTwitter: @HeadlessZeke
\n\n
\nDescription:
\nBeneath the mundane world of TCP/IP exists the magical and mysterious realm of ethernet. There are many different types of ethernet protocols in use today, known as ‘ethertypes’, that run the gamut from the boutique to the ubiquitous. In this talk, we will delve into some of the more interesting and obscure ethertypes that exist. We will discuss the network protocols themselves, where they can be found in the wild, what you can do with them, and how they could be abused in the wrong hands. We will explore wide-ranges of networking environments including industrial/facilities, transportation, and medical, and will include several live demos. Attendees will leave this talk with a greater understanding and appreciation for the unseen networking world that exists all around them.\n

REFERENCES:
\nhttps://en.wikipedia.org/wiki/EtherType\nhttps://www.iana.org/assignments/ieee-802-numbers/ieee-802-numbers.xhtml\n

\n\n\'',NULL,365285),('2_Friday','14','13:30','14:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Fantastic Ethertypes and Where to Find Them\'','\'Ricky \"HeadlessZeke \" Lawshae\'','DC_7b7e02c670c6637e7ad8604e856560f6','\'\'',NULL,365286),('2_Friday','12','12:30','13:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Backdoor in the Core - Altering the Intel x86 Instruction Set at Runtime\'','\'Alexander Dalsgaard Krog,Alexander Skovsende\'','DC_cb7fe1eeb6049074b8a5d85bfb54f323','\'Title: Backdoor in the Core - Altering the Intel x86 Instruction Set at Runtime
\nWhen: Friday, Aug 11, 12:30 - 13:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Alexander Dalsgaard Krog,Alexander Skovsende
\n
SpeakerBio:Alexander Dalsgaard Krog\n, Vulnerability Researcher at Vectorize
\nAlexander Dalsgaard Krog is a Vulnerability Researcher at Vectorize with a focus on the low level, close to the hardware, and this talk will be no exception. He has a passion for binary exploitation and together with his prior team at Lyrebirds discovered the critical bug Cable Haunt, affecting millions of devices with a vulnerability allowing remote code execution. Both him and his co-speaker Alexander Skovsende are also heavily invested in CTF and have played a big role in putting the Danish team Kalmarunionen on top of the scoreboard in many CTFs.
\nTwitter: @alexanderkrog
\n
SpeakerBio:Alexander Skovsende\n, Grad Student at Technical University of Denmark
\nNo BIO available
\n\n
\nDescription:
\nIn this work, we present the novel results of our research on Intel CPU microcode. Building upon prior research on Intel Goldmont CPUs, we have reverse-engineered the implementations of complex x86 instructions, leading to the discovery of hidden microcode which serves to prevent the persistence of any changes made. Using this knowledge, we were able to patch those discovered sections, allowing us to make persistent microcode changes from userspace on Linux. We have developed and improved microcode tracing tools, giving us deeper insight into Intel Atom microcode than was previously possible, by allowing more dynamic analysis of the ROM.\n

Along with this presentation, we provide a C library for making microcode changes and documentation on the reverse-engineered microcode.\n

We show that vendor updates to the microcode, which cannot be verified by the user, impose a security risk by demonstrating how a Linux system can be compromised through a backdoor within a CPU core\'s microcode. \n

REFERENCES:
\nIntel TXE POC:
\nhttps://github.com/chip-red-pill/IntelTXE-PoC\nExploit used to gain Red Unlock.\n \n

\n
uCodeDisam
\n
https://github.com/chip-red-pill/uCodeDisasm\n First research (to the best of our knowledge) allowing for dumping microcode ROM as well as a publicly available disassembler for Intel\'s microcode.
\n

Undocumented x86 instructions to control the CPU at the micro-architecture level in modern Intel processors:\n https://github.com/chip-red-pill/udbgInstr\n https://github.com/chip-red-pill/udbgInstr/blob/main/paper/undocumented_x86_insts_for_uarch_control.pdf\n From the research above, two undocumented instructions intended for debug perpuse at Intel were found. This layed the groundwork for us to experiment and test the behavior of microcode operations.\n \n

Custom Processing Unit:
\n https://github.com/pietroborrello/CustomProcessingUnit\n Custom Processing Unit is the first dynamic analysis framework able to hook, patch and trace microcode from a UEFI application\n

\n\n\'',NULL,365287),('2_Friday','13','12:30','13:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Backdoor in the Core - Altering the Intel x86 Instruction Set at Runtime\'','\'Alexander Dalsgaard Krog,Alexander Skovsende\'','DC_cb7fe1eeb6049074b8a5d85bfb54f323','\'\'',NULL,365288),('3_Saturday','09','09:00','09:20','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'ELECTRONizing macOS privacy - a new weapon in your red teaming armory\'','\'Wojciech Reguła\'','DC_9acaed7335462762e1b772d683994426','\'Title: ELECTRONizing macOS privacy - a new weapon in your red teaming armory
\nWhen: Saturday, Aug 12, 09:00 - 09:20 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Wojciech Reguła\n, Principal Security Consultant at SecuRing
\nWojciech is a Principal Security Specialist working at SecuRing. He specializes in application security on Apple devices. Wojciech created the iOS Security Suite - an opensource anti-tampering framework. Bugcrowd MVP, found vulnerabilities in Apple, Facebook, Malwarebytes, Slack, Atlassian, and others. In free time he runs an infosec blog - https://wojciechregula.blog. Shared research on among others Black Hat (Las Vegas, USA), Objective by the Sea (Hawaii, USA), AppSec Global (Tel Aviv, Israel), AppSec EU (London, United Kingdom), CONFidence (Cracow, Poland), BSides (Warsaw, Poland).
\nTwitter: @_r3ggi
\n\n
\nDescription:
\nMacOS is known for an additional layer of privacy controls called TCC - Transparency, Consent, and Control (TCC) that restricts access to sensitive personal resources: documents, camera, microphone, emails, and more. Granting such access requires authorization, and the mechanism\'s main design concern was clear user consent.\n

Despite many vulnerabilities in that mechanism found in the past, using 0-days during red teaming engagements is impractical. Apple fixes TCC vulnerabilities but red teams still have to get access to files saved on the victim’s desktop or be able take a screenshot.\n

What if I tell you that there are many open doors to resolve all the TCC problems that are already installed on your target machines?! Electron apps are everywhere. And you probably heard the joke that: ‘S’ in Electron stands for security.\n

In this talk I will share a new tool that, by abusing Electron default configuration, allows executing code in the context of those Electron apps and thus inherit their TCC permissions.\n

The audience will leave with a solid understanding of the macOS privacy restrictions framework (TCC) and its weaknesses. The part of the audience interested in macOS red teaming will also get to know my new, free and open source tool. Blue teams on the stage will also see some ideas regarding detections.\n

\n\n\'',NULL,365289),('2_Friday','12','12:00','12:45','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'You\'re Not George Clooney, and This Isn\'t Ocean\'s Eleven\'','\'Andrew \"Spike\" Brandt\'','DC_61e071fc8c375b05429a5fac108dd2f3','\'Title: You\'re Not George Clooney, and This Isn\'t Ocean\'s Eleven
\nWhen: Friday, Aug 11, 12:00 - 12:45 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\n
SpeakerBio:Andrew \"Spike\" Brandt\n, Principal Researcher at Sophos X-Ops
\nAndrew Brandt is a former investigative reporter turned network forensics investigator and malware analyst, who serves as a Principal Researcher for Sophos X-Ops. Brandt has worked in information security since 2006 and, prior to working in the industry, covered it extensively as the security editor for PC World for nearly a decade. He has applied his knowledge about the behavior of malicious software and threat actors to profile identifiable characteristics of undesirable or criminal activity, specializing in attackers who target the finance, energy, and government sectors. His analysis techniques seek to determine general principles that can help analysts and defenders rapidly and comprehensively identify the root cause of infection and data loss, putting real-time network data analysis at the front line of prevention.
\n\n
\nDescription:
\nOne common thread runs through a recent wave of (initially, successful) targeted malware attacks I\'ve investigated: The attackers communicated with their targets, personally, using social engineering in real-time, in order to lay the groundwork for the rest of the attack to succeed. Throughout the course of several post-breach investigations, it became apparent that -- for a certain kind of target and a particular class of attacker -- engaging the victim in direct conversation was far more effective at assuring the target infected their computer than crafting a believable-looking \"malspam\" email that would \"fool\" the target into clicking a link or opening a file.\n \n

The attackers did not need to be charismatic for the technique to succeed. In fact, so long as the attacker \"got into character\" and treated the interaction as a normal, everyday event (from their perspective), the targets went along for the ride, and in many cases, self-infected with malware that was capable of snooping through their most sensitive files. In this session, we\'ll discuss both the social engineering and technical aspects of the attacks, and why this combination of tactics is particularly dangerous and hard to defend against. \n

\n
REFERENCES
\n
Brandt, Andrew. “Tax Firms Targeted by Precision Malware Attacks.” Sophos X-Ops Blog, Sophos News, 13 Apr. 2023, news.sophos.com/en-us/2023/04/13/tax-firms-targeted-by-precision-malware-attacks/\n@x86matthew. “EmbedExeLnk - Embedding an EXE inside a LNK with Automatic Execution.” www.x86matthew.com, 22 Apr. 2022, www.x86matthew.com/view_post?id=embed_exe_lnk
\n\n\'',NULL,365290),('3_Saturday','11','11:30','12:15','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'Mass Owning of Seedboxes - A Live Hacking Exhibition\'','\'Anon\'','DC_a2e49077bb581b9e2f37adf97ba04644','\'Title: Mass Owning of Seedboxes - A Live Hacking Exhibition
\nWhen: Saturday, Aug 12, 11:30 - 12:15 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
\n
SpeakerBio:Anon\n, Hacker
\nThe presenter has been attending DEFCON for ~20 years, and has run various villages and contests for over 10 years. A professional pentester for over 24 years, his previously released research and tools are present in MetaSploit, blog posts, blah blah blah. The hacker is a long-time member of AHA (Austin Hackers Anonymous - takeonme.org ) and is well known for their \"this one time on a pentest\" stories.\n

The thing is though. We aren\'t going to tell you their handle/name. It\'s not important. You don\'t need it. Don\'t pick a talk by how famous someone is.\n

\n\n
\nDescription:
\n\"No one hacks at DEFCON any more.\" is what I\'ve heard. That is, until now. Seedboxes/seedhosts are used by thousands of pirates to download and distribute Movies/TV/Music via USENET and Torrents. The thing is, these systems are horribly insecure. Like, they are wide open. In this talk, I am going to open up a xterm, And a FireFox window, and hack into seedhosts. LIVE. No Demos. No Powerpoint. No introduction slides. Just port scan, attack, 0wn, extract credentials, download all content, obtain other users\' credentials, etc. For literally thousands of accounts.\n

Did you know people store their Google Drive tokens on seedhosts? Did you know that your seedbox provider has no idea how to properly configure docker? Did you know that your plain-text password is sitting in multiple places on these machines, accessible to all other users? Did you know that administrators for very-large private torrent sites re-use the same password for all their accounts, and leave them on seedhosts? Let\'s hack.\n

The presenter has been attending DEFCON for ~20 years, and has run various villages and contests for over 10 years. A professional pentester for over 24 years, his previously released research and tools are present in MetaSploit, blog posts, blah blah blah. The hacker is a long-time member of AHA (Austin Hackers Anonymous - takeonme.org ) and is well known for their \"this one time on a pentest\" stories.\n

The thing is though. We aren\'t going to tell you their handle/name. It\'s not important. You don\'t need it. Don\'t pick a talk by how famous someone is.\n

REFERENCES:
\nhttps://censys.io/
\nhttps://en.wikipedia.org/wiki/Bash_(Unix_shell)\nhttps://nmap.org/
\nhttps://sonarr.tv/
\nhttps://radarr.video/
\nhttps://github.com/Novik/ruTorrent
\nhttps://rclone.org/
\nhttps://nzbget.net/
\nhttps://sabnzbd.org/
\nhttps://en.wikipedia.org/wiki/Seedbox\n

\n\n\'',NULL,365291),('3_Saturday','12','11:30','12:15','Y','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'Mass Owning of Seedboxes - A Live Hacking Exhibition\'','\'Anon\'','DC_a2e49077bb581b9e2f37adf97ba04644','\'\'',NULL,365292),('2_Friday','14','14:30','14:50','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'\"You can\'t cheat time\" - Finding foes and yourself with latency trilateration\'','\'Lorenzo ”lopoc” Cococcia\'','DC_7ad3c7bdaed812e0c9c5ddfcfb54de9f','\'Title: \"You can\'t cheat time\" - Finding foes and yourself with latency trilateration
\nWhen: Friday, Aug 11, 14:30 - 14:50 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\n
SpeakerBio:Lorenzo ”lopoc” Cococcia\n, Hacker
\nLorenzo Cococcia was born and raised in Italy, the son of two worlds: computer science and physics. Specialized in malware analysis, cyber security and threat intelligence, Lorenzo began his career as a threat intelligence analyst for large industrial companies, where he developed a rigorous approach to the field. He is particularly interested in the intersection of physics and mathematics with the world of hacking and cyber security.
\nTwitter: @lopoc_
\n\n
\nDescription:
\nSince the dawn of time, humans have been driven to discover new ways of determining their location, and the location of potential threats. In the realm of cyber threat intelligence, the ability to geolocate servers, for instance the one a C2 is running on, is crucial.\n

As a research in its early stages, this speech will delve into the exciting world of offensive geolocation. By leveraging inviolable physical laws, we can measure the time it takes for a signal to travel from an adversary to multiple network sensors, and use this information to accurately calculate their position. This technique is known as latency trilateration has never been used before in the cyber realm, and has significant implications for threat intelligence, sandbox evasion, and even malware self-geolocation. I will also discuss potential limitations and challenges of this approach, as well as its broader implications and potential future developments in this emerging field.\n

\n
REFERENCES
\n
Ben Du, Massimo Candela, Bradley Huffaker, Alex C. Snoeren, and kc claffy. 2020. RIPE IPmap active geolocation: mechanism and performance evaluation. SIGCOMM Comput. Commun. Rev. 50, 2 (April 2020), 3–10. https://doi.org/10.1145/3402413.3402415
\n\n\'',NULL,365293),('2_Friday','11','11:30','12:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Civil Cyber Defense: Use Your Resources to Defend Non-Profits as they Combat Human Trafficking and Subvert Authoritarian Regimes\'','\'Austin Shamlin,Tiffany Rad\'','DC_68bd071e7396d01b74308d6d38f73587','\'Title: Civil Cyber Defense: Use Your Resources to Defend Non-Profits as they Combat Human Trafficking and Subvert Authoritarian Regimes
\nWhen: Friday, Aug 11, 11:30 - 12:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Austin Shamlin,Tiffany Rad
\n
SpeakerBio:Austin Shamlin\n, Co-Founder at Traverse Project
\nAustin Shamlin is the CEO and founder of Traverse Project, a nonprofit founded in 2023 to combat human trafficking networks. He has served in the law enforcement and security industry for over 20 years, most recently serving as director of operations with an anti-human trafficking nonprofit under the Tim Tebow Foundation. Austin is a professionally recognized geopolitical security subject matter expert on Haiti and has previously served as a special advisor to the Haitian Minister of Justice. Prior to his nonprofit work, he served as a police executive with the D.C. government. Prior to working for the District of Columbia, Austin worked as a government contractor in Somalia, Afghanistan, Iraq, and Haiti.
\n
SpeakerBio:Tiffany Rad\n, Instructor at U.C. Berkeley
\nTiffany Strauchs Rad (BS, MA, MBA, JD) has presented cybersecurity research – both technical and legal topics -- at many security conferences such as Black Hat USA, Black Hat Abu Dhabi, Defcon (17, 18, 19), H.O.P.E., 27C3 & 28C3, and has been featured in media such as Wired, Washington Post, CNN, Reuters, 60 Minutes, Der Spiegel, CNN, Wired Magazine, and NPR. Her independent security research was listed as #4 in \"Top 10 White Hat Hacks\" by Bloomberg, and her critical infrastructure research was featured on the USA network series, “Mr. Robot.” In addition to being a car hacker and doing transportation infrastructure security consulting, she is also an adjunct instructor at the University of Maine and U.C. Berkeley teaching classes such as the \"Citizen Clinic.\"
\nTwitter: @tiffanyrad
\n\n
\nDescription:
\nCivil Cyber Defense volunteers and students challenge high-risk adversaries and threats such as human traffickers, authoritarian regimes, and surveillance being conducted on journalists. By utilizing academic resources, OSINT skills, and free/open-source tools, civil cyber defenders are supporting vulnerable non-profits, protecting volunteers, journalists, and activists while defending human rights. There is a need in the cybersecurity industry for more civil cyber defenders. Recommendations will be made as to how your organization can support and/or volunteer your time and tools to provide protection to vulnerable organizations who have high risks, face advanced and persistent adversaries, but have modest resources.\n
\n
REFERENCES
\n
The content we will present was generated by the speakers. Tiffany will present anonymized case studies from the “Citizen Clinic” at UC Berkeley and Austin will share case studies his organization has generated regarding human trafficking. Our only bibliographic reference at this moment is a reference to open source/free software tools we use at UC Berkeley. We will also reference a tool to make VPNs safer created by Berkeley’s students called “Ghost Prtcl.”
\n\n\'',NULL,365294),('2_Friday','12','11:30','12:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Civil Cyber Defense: Use Your Resources to Defend Non-Profits as they Combat Human Trafficking and Subvert Authoritarian Regimes\'','\'Austin Shamlin,Tiffany Rad\'','DC_68bd071e7396d01b74308d6d38f73587','\'\'',NULL,365295),('2_Friday','16','16:00','16:45','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'A Series of Unfortunate Events\'','\'Ben \"NahamSec\" Sadeghipour,Corben Leo\'','DC_0270ee29fd9e45e301b5fcc7aac65536','\'Title: A Series of Unfortunate Events
\nWhen: Friday, Aug 11, 16:00 - 16:45 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\nSpeakers:Ben \"NahamSec\" Sadeghipour,Corben Leo
\n
SpeakerBio:Ben \"NahamSec\" Sadeghipour\n, Hacker & Content Creator at NahamSec
\nBen Sadeghipour AKA NahamSec is a security researcher and content creator. He’s currently in the top 100 for both HackerOne(25) and Bugcrowd’s (95) leaderboards. He has helped identify over a thousand vulnerabilities in companies like Amazon, Apple, Airbnb, Lyft, Snapchat and more. Prior to doing content creation full time, he worked as a research and community education executive at Hadrian and HackerOne. Ben has presented many talks and workshops at cons such DEFCON, BSides, OWASP AppSec, RSA, Red Team Village, and more. He also enjoys hosting and organizing hacker meetups or virtual conferences such as NahamCon and Hacktivitycon!
\nTwitter: @nahamsec
\n
SpeakerBio:Corben Leo\n, Co-Founder at Boring Mattress Co
\nCorben Leo is a top–100 bug bounty hunter on HackerOne. He’s worked with Facebook, Google, Microsoft, Apple, PayPal, Yahoo, Epic Games, AT&T, the Department of Defense, and many more. He\'s also a co-founder of Boring Mattress Co.
\nTwitter: @hacker_
\n\n
\nDescription:
\nThis talk includes a series of favorite hacking stories. From hacking into a prison system to having the ability to publish “fake news” on a major tech companies website to even breaking into some of the largest entertainment and online casinos. This talk will take a look at the identification, exploitation, and escalation paths as well as the possible impact based on the company’s organization and nature of work.\n
\n\n\'',NULL,365296),('3_Saturday','12','12:00','12:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Internet censorship: what governments around the globe have in store for you\'','\'Christopher Painter,Jeff \"The Dark Tangent\" Moss,Joel Todoroff,Roger Dingledine\'','DC_f357ab581e34b45b8d8d7e55261b25b4','\'Title: Internet censorship: what governments around the globe have in store for you
\nWhen: Saturday, Aug 12, 12:00 - 12:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Christopher Painter,Jeff \"The Dark Tangent\" Moss,Joel Todoroff,Roger Dingledine
\n
SpeakerBio:Christopher Painter\n, President at Global Forum on Cyber Expertise
\nChris Painter is the President of the Global Forum on Cyber Expertise. He served as the first top cyber diplomat in the U.S. State Department, in the White House as Senior Director for Cyber Policy in the National Security Council, and in the Justice Department and the FBI. Awards include the RSA Award for Excellence in the Field of Public Policy (2016), the Attorney General\'s Award for Exceptional Service, and the Intelligence Community Legal Award (2008).
\nTwitter: @c_painter
\n
SpeakerBio:Jeff \"The Dark Tangent\" Moss\n, DEF CON Communications
\nMr. Moss is an internet security expert and is the founder of Both the Black Hat Briefings and DEF CON Hacking conferences. In 2022 Mr. Moss was named to the UK Government Cybersecurity Advisory Board, and in 2021 he was sworn in as a member of the DHS Cybersecurity Infrastructure Security Agency (CISA) Advisory Council (CSAC), and serves as a chairman of their Technical Advisory Council (TAC). Mr. Moss is a member of the Council on Foreign Relations (CFR) and is interested in policy issues around privacy, national security, and internet governance. He spends a lot of time in Singapore.
\nTwitter: @thedarktangent
\n
SpeakerBio:Joel Todoroff\n, Office of the National Cyber Director
\nJoel Todoroff works for the Office of the National Cyber Director, where he provides legal and policy support on a range of issues, including commercial spyware and securing the foundations of the internet. He has previously worked with the Department of Defense, intelligence community, and the Privacy and Civil Liberties Oversight Board.
\n
SpeakerBio:Roger Dingledine\n, The Tor Project
\nRoger Dingledine is president and co-founder of the Tor Project, a nonprofit that develops free and open source software to protect people from tracking, censorship, and surveillance online. Roger works with journalists and activists on many continents to help them understand and defend against the threats they face, and he is a lead researcher in the online anonymity field. EFF picked him for a Pioneer Award, and Foreign Policy magazine chose him as one of its top 100 global thinkers.
\nTwitter: @RogerDingledine
\n\n
\nDescription:
\nThe internet is still largely centralized, and not every country has strong institutional controls preserving the right to access information or speak freely. Heck, even many \"liberal democracies\" are backsliding. While this may sound like an infosec talk suited for the think tank crowd, these developments are impacting hackers and the results they present at hacker cons.\n

Internet freedom tools are about empowering users to have the safety to make their own priorities. While China, Iran, and Russia are obviously key concerns in this space, many other countries are seeking to enact new laws and regulations that impact all types of users -- some with nefarious intent and others just accidentally harmful.\n

This conversation will explore the reasons, the symptoms, and some ideas about how to preserve our ability to set our own priorities. We will offer a holistic and detailed picture of how censorship affects our work and that of our colleagues -- how even if you feel secure in the freedom you have where you are right now, government censorship and surveillance in other places will unquestionably affect us all.\n

\n
REFERENCES
\n
\n

Some starting points:\n \n

\n\n\'',NULL,365297),('4_Sunday','10','10:00','10:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Vacuum robot security and privacy - prevent your robot from sucking your data\'','\'Dennis Giese\'','DC_1e83f8a01139f868ae0f41b49465105d','\'Title: Vacuum robot security and privacy - prevent your robot from sucking your data
\nWhen: Sunday, Aug 13, 10:00 - 10:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Dennis Giese\n, Hacker
\nDennis Giese is currently a PhD student at Northeastern University and focuses on the security and privacy of IoT devices.\n

While being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kinds of devices.\n \n

His most known projects are the documentation and hacking of various vacuum robots. His current vacuum robot army consists of over 45 different models from various vendors.\n

\nTwitter: @dgi_DE
\n\n
\nDescription:
\nExactly 5 years ago we were presenting ways to hack and root vacuum robots. Since then, many things have changed. Back then we were looking into ways to use the robots\' \"dumb\" sensors to spy on the user (e.g. by using the ultrasonic sensor). But all our predictions were exceeded by the reality: today\'s robots bring multiple cameras and microphones with them. AI is used to detect objects and rooms. But can it be trusted? Where will pictures of your cat end up?\n

In this talk we will look at the security and privacy of current devices. We will show that their flaws pose a huge privacy risk and that certification of devices cannot be trusted. Not to worry, though - we will also show you how to protect yourself (and your data) from your robot friends.\n

You will learn on how you can get root access to current flagship models of 4 different vendors. Come with us on a journey of having fun hacking interesting devices while preventing them from breaching your privacy. We will also discuss the risks of used devices, for both old and new users.\n

Finally, we will talk about the challenges of documenting vacuum robots and developing custom software for them. While our primary goal is to disconnect the robots from the cloud, it is also for users to repair their devices - pwning to own in a wholesome way.\n

REFERENCES: \n

Robots with lasers and cameras (but no security): Liberating your vacuum from the cloud\nhttps://dontvacuum.me/talks/DEFCON29/DEFCON29-Robots_with_lasers_and_cameras.html\n \n

Unleash your smart-home devices: Vacuum Cleaning Robot Hacking (34C3)\nhttps://dontvacuum.me/talks/34c3-2017/34c3.html\n \n

Having fun with IoT: Reverse Engineering and Hacking of Xiaomi IoT Devices\nhttps://dontvacuum.me/talks/DEFCON26/DEFCON26-Having_fun_with_IoT-Xiaomi.html\n \n

https://www.technologyreview.com/2022/12/19/1065306/roomba-irobot-robot-vacuums-artificial-intelligence-training-data-privacy/\n \n

https://linux-sunxi.org/Main_Page\n

\n\n\'',NULL,365298),('4_Sunday','11','11:00','11:45','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Advanced ROP Framework: Pushing ROP to Its Limits\'','\'Bramwell Brizendine,Shiva Shashank Kusuma\'','DC_c034752fa4db8a8f72aed62b90ba2f33','\'Title: Advanced ROP Framework: Pushing ROP to Its Limits
\nWhen: Sunday, Aug 13, 11:00 - 11:45 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Bramwell Brizendine,Shiva Shashank Kusuma
\n
SpeakerBio:Bramwell Brizendine\n, Assistant Professor at University of Alabama in HuntsvilleDr.
\nDr. Bramwell Brizendine completed his Ph.D. in Cyber Operations, for which he did his dissertation on Jump-Oriented Programming, a hitherto seldom-studied and poorly understood subset of code-reuse attacks.\n

Bramwell is now an Assistant Professor of Computer Science at the University of Alabama in Huntsville; he previously was an Assistant Professor and the Director of the Vulnerability and Exploitation Research for Offensive and Novel Attacks (VERONA Lab) at Dakota State University, specializing in vulnerability research, software exploitation, and the development of new, cutting-edge tools and techniques with respect to software exploitation and malware analysis. Bramwell has taught numerous undergraduate, graduate and doctoral level courses in software exploitation, reverse engineering, malware analysis and offensive security. Bramwell was a PI on a $300,000 NSA/NCAE research grant, which culminated in the release of a shellcode emulator, SHAREM, in September 2022. Bramwell has been a speaker at many top security conferences, including DEF CON, Hack in the Box Amsterdam, @Hack, Black Hat Middle East, Black Hat Asia, Black Hat Europe, Wild West Hackin’ Fest, and more.\n

\n
SpeakerBio:Shiva Shashank Kusuma\n, Master\'s Student at University of Alabama in Huntsville
\nShiva Shashank Kusuma, a Computer Science Master\'s student at the University of Alabama in Huntsville, has a deep interest in software engineering and cybersecurity. When not at work, Shiva enjoys reading about Blockchain, Web3, and AI.
\n\n
\nDescription:
\nThis research provides innovative contributions to return-oriented programming (ROP), not seen before. We introduce ROP ROCKET, a cutting-edge ROP framework, to be released at DEF CON. With ROCKET, when attacking 32-bit applications, we can switch between x86 and x64 at will, by invoking a special ROP Heaven\'s Gate technique, thereby expanding the attack surface. We will discuss the ramifications of this novel approach.\n

Bypassing DEP via ROP is typically straightforward, using WinAPIs such as VirualProtect and VirtualAlloc. We demonstrate an alternative: using Windows syscalls. In fact, ROCKET provides automatic ROP chain construction to bypass ROP using Windows syscalls. While extremely trendy, Windows syscalls are only very rarely used in ROP.\n

One problem with automatic chain construction is bad chars or bad bytes. We demonstrate how ROCKET allows us to use virtulally any gadget whose address contains bad bytes. With this approach, automatic ROP chain construction is far less likely to fail. Thus, we overcome one of the major obstacles when creating a ROP chain: bad bytes, which reduces the attack surface needlessly. In fact, if one wanted, they could use ROCKET to \"obfuscate\" any gadget, obscuring what is being done.\n

This presentation will do the seemingly impossible - and surprise even veteran users of ROP.\n

REFERENCES: \n

    \n
  1. Brizendine, B., Babcock, A.: A Novel Method for the Automatic Generation of JOP Chain Exploits. In: National Cyber Summit. pp. 77–92 (2021)\n
  2. Min, J.W., Jung, S.M., Lee, D.Y., Chung, T.M.: Jump oriented programming on windows platform (on the x86). Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics). 7335 LNCS, 376–390 (2012). https://doi.org/10.1007/978-3-642-31137-6_29\n
  3. Erdodi, L.: Attacking x86 windows binaries by jump oriented programming. INES 2013 - IEEE 17th Int. Conf. Intell. Eng. Syst. Proc. 333–338 (2013). https://doi.org/10.1109/INES.2013.6632837\n
  4. Brizendine, B., Babcock, A.: Pre-built JOP Chains with the JOP ROCKET: Bypassing DEP without ROP. Black Hat Asia. (2021)\n
  5. One, A.: Smashing the stack for fun and profit. Phrack Mag. 7, 14–16 (1996)\n
  6. Designer, S.: “Return-to-libc” attack., https://seclists.org/bugtraq/1997/Aug/63\n
  7. Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). Proc. ACM Conf. Comput. Commun. Secur. 552–561 (2007). https://doi.org/10.1145/1315245.1315313\n
  8. Roemer, R., Buchanan, E., Shacham, H., Savage, S.: Return-Oriented Programming : Systems , Languages , and Applications. ACM Trans. Inf. Syst. Secur. 15, 1–36 (2012)\n
  9. Buchanan, E., Roemer, R., Savage, S., Shacham, H.: Return-oriented programming: Exploitation without code injection. Black Hat. 8, (2008)\n
  10. PaX, T.: PaX address space layout randomization (ASLR). http//pax. grsecurity. net/docs/aslr. txt. (2003)\n
  11. Mark E, R., Alex, I., others: Windows Internals, Part 2, (2012)\n
  12. Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM conference on Computer and communications security. pp. 298–307 (2004)\n
  13. Vreugdenhil, P.: Pwn2Own 2010 Windows 7 Internet Explorer 8 exploit.\n
  14. Gawlik, R., Holz, T.: ${$SoK$}$: Make ${$JIT-Spray$}$ Great Again. In: 12th USENIX Workshop on Offensive Technologies (WOOT 18) (2018)\n
  15. Göktas, E., Kollenda, B., Koppe, P., Bosman, E., Portokalidis, G., Holz, T., Bos, H., Giuffrida, C.: Position-independent code reuse: On the effectiveness of aslr in the absence of information disclosure. In: 2018 IEEE European Symposium on Security and Privacy (EuroS&P). pp. 227–242 (2018)\n
  16. Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.R., Shacham, H., Winandy, M.: Return-oriented programming without returns. Proc. ACM Conf. Comput. Commun. Secur. 559–572 (2010). https://doi.org/10.1145/1866307.1866370\n
  17. Bletsch, T., Jiang, X., Freeh, V.W.: Jump-oriented programming: a new class of code-reuse attack. Proc. 6th Int. Symp. Information, Comput. Commun. Secur. ASIACCS 2011. (2011)\n
  18. Brizendine, B.: JOP ROCKET repository, https://github.com/Bw3ll/JOP_ROCKET/\n
  19. Babcock, A.: IcoFX 2.6 - “.ico” Buffer Overflow SEH + DEP Bypass using JOP, https://www.exploit-db.com/exploits/49959\n
  20. Specter: Sony Playstation 4 (PS4) 5.05 - BPF Double Free Kernel Exploit Writeup, https://www.exploit-db.com/exploits/45045\n
  21. Brizendine, B., Babcock, A., Kramer, A.: Move Over, ROP: Towards a Practical Approach to Jump-Oriented Programming. HITBMag. 121–152 (2021)\n
  22. Intel Corporation: Control-flow Enforcement Technology Preview, https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf\n
  23. Schuster, F., Tendyck, T., Liebchen, C., Davi, L., Sadeghi, A.-R., Holz, T.: Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications. In: 2015 IEEE Symposium on Security and Privacy. pp. 745–762 (2015)\n
  24. Brizendine, B. Windows Syscalls in Shellcode: Advanced Techniques for Malicious Functionality. Hack in the Box Amsterdam (2023).
\n\n\'',NULL,365299),('2_Friday','11','11:00','11:20','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'mTLS: when certificate authentication done wrong\'','\'Michael Stepankin\'','DC_b16238b1887d990da844fcc7d8194294','\'Title: mTLS: when certificate authentication done wrong
\nWhen: Friday, Aug 11, 11:00 - 11:20 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:Michael Stepankin\n, Security Researcher at GitHub
\nMichael \'artsploit\' Stepankin is a researcher at GitHub Security Lab. He joined the team to put his offensive security mindset to the test, uncovering complex vulnerabilities in open source web applications. He specializes in the Java Enterprise stack, covering a wide range of security topics from insecure deserialization and XXEs, to logical bugs in OAuth systems. He\'s published a number of works throughout his employment as a researcher, including new ways to exploit JNDI injections, attacks on Apache Solr, and finding hidden Remote Code Executions in the Spring framework.
\nTwitter: @artsploit
\n\n
\nDescription:
\nAlthough x509 certificates have been here for a while, they have become more popular for client authentication in zero-trust networks in recent years. Mutual TLS, or authentication based on X509 certificates in general, brings advantages compared to passwords or tokens, but you get increased complexity in return.\n

In this talk, we’ll deep dive into some novel attacks on mTLS authentication. We won’t bother you with heavy crypto stuff, but instead we’ll have a look at implementation vulnerabilities and how developers can make their mTLS systems vulnerable to user impersonation, privilege escalation and information leakages. We present some CVEs we found in popular open-source identity servers and ways to exploit them. Finally, we’ll explain how these vulnerabilities can be spotted in source code and how the safe code looks like.\n

REFERENCES: \n

    \n
  1. Wikipedia: Mutual Authentication (mTLS) https://en.wikipedia.org/wiki/Mutual_authentication#mTLS\n
  2. Java: Possible RCEs in X.509 certificate validation [CVE-2018-2633][CVE-2017-10116] https://mbechler.github.io/2018/01/20/Java-CVE-2018-2633/
\n\n\'',NULL,365300),('4_Sunday','12','12:00','12:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'LLMs at the Forefront: Pioneering the Future of Fuzz Testing in a Rapidly Changing World\'','\'X\'','DC_a327236b2c171706c641107f84b1898b','\'Title: LLMs at the Forefront: Pioneering the Future of Fuzz Testing in a Rapidly Changing World
\nWhen: Sunday, Aug 13, 12:00 - 12:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:X\n, Hacker
\nX is a seasoned security researcher and programming language enthusiast with an impressive track record in research, vulnerability discovery, and fuzz testing. From the moment he laid hands on a Blueberry-colored Apple iBook G3 provided by his elementary school, X developed a slight obsession with technology.\n

He is a urban cycling enthusiast that needs to wear his helmet more often, a techno and bass aficionado, and tree wizard.\n

Before finding vulnerabilities for a living he developed scientific computing software. See his Clojure-based Sequoia database fuzzer for an ideal representation of X\'s skill set and interests.\n

\n\n
\nDescription:
\nLarge Language Models are already revolutionizing the software development landscape. As hackers we can only do what we\'ve always done, embrace the machine and use it to do our bidding.\n

There are many valid criticisms of GPT models for writing code like the tendency to hallucinate functions, not being able to reason about architecture, training done on amateur code, limited context due to token length, and more. None of which are particularly important when writing fuzz tests. This presentation will delve into the integration of LLMs into fuzz testing, providing attendees with the insights and tools necessary to transform and automate their security assessment strategies.\n

The presentation will kick off with an introduction to LLMs; how they work, the potential use cases and challenges for hackers, prompt writing tips, and the deficiencies of current models. We will then provide a high level overview explaining the purpose, goals, and obstacles of fuzzing, why this research was undertaken, and why we chose to start with \'memory safe\' Python. We will then explore efficient usage of LLMs for coding, and the primary benefits LLMs offer for security work, paving the way for a comprehensive understanding of how LLMs can automate tasks traditionally performed by humans in fuzz testing engagements.\n

We will then introduce FuzzForest, an open source tool that harnesses the power of LLMs to automatically write, fix, and triage fuzz tests on Python code. A thorough discussion on the workings of FuzzForest will follow, with a focus on the challenges faced during development and our solutions. The highlight of the talk will showcase the results of running the tool on the 20 most popular open-source Python libraries which resulted in identifying dozens of bugs.\n

We will end the talk with an analysis of efficacy and question if we\'ll all be replaced with a SecurityGPT model soon.\n

To maximize the benefits of this talk, attendees should possess a fundamental understanding of fuzz testing, programming languages, and basic AI concepts. However, a high-level refresher will be provided to ensure a smooth experience for all participants.\n

\n
REFERENCES
\n
My original blog post that sparked the idea:\nhttps://infiniteforest.org/LLMs+to+Write+Fuzzers\n \n
Blogs
\n
https://comby.dev/blog/2022/04/11/comby-decomposer-compiler-fuzzing\nhttps://martinfowler.com/articles/2023-chatgpt-xu-hao.html
\n

Research Papers:
\nhttps://arxiv.org/abs/2212.14834
\nhttps://embed.cs.utah.edu/csmith/
\nhttps://www.usenix.org/system/files/sec23fall-prepub-446-fu.pdf\n

\n
Tools
\n
https://github.com/google/atheris\nhttps://github.com/mpaepper/llm_agents
\n

Prompt Course:
\nhttps://www.deeplearning.ai/short-courses/chatgpt-prompt-engineering-for-developers/\n

\n\n\'',NULL,365301),('4_Sunday','10','10:00','10:20','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Snoop unto them, as they snoop unto us\'','\'Michaud \"5@\\/@g3\" Savage,Rekcahdam,nullagent\'','DC_a7904de16781b20b63d88a777c09a555','\'Title: Snoop unto them, as they snoop unto us
\nWhen: Sunday, Aug 13, 10:00 - 10:20 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Michaud \"5@\\/@g3\" Savage,Rekcahdam,nullagent
\n
SpeakerBio:Michaud \"5@\\/@g3\" Savage\n, Apprentice at Dataparty
\nNo BIO available
\n
SpeakerBio:Rekcahdam\n, Hacker
\nNo BIO available
\nTwitter: @rekcahdam
\n
SpeakerBio:nullagent\n, Member at Dataparty
\nNullagent is a robotics hacker. He built his first internet connected robot in 2004 and since then he\'s been hooked on embedded hacking. He\'s building a hacker collective that fuses artistic expression to bring cyber security tools to a broader audience.
\nTwitter: @nullagent
\n\n
\nDescription:
\nBLE devices are now all the rage. What makes a purpose built tracking device like the AirTag all that different from the majority of BLE devices that have a fixed address? With the rise of IoT we\'re also seeing a rise in government and corporate BLE surveillance systems. We\'ll look at tools that normal people can use to find out if their favorite IoT gear is easily trackable. If headphones and GoPro\'s use fixed addresses, what about stun guns and bodycams? We\'ll take a look at IoT gear used by authorities and how it may be detectedable over long durations, just like an AirTag.\n
\n
REFERENCES
\n
Handoff All Your Privacy – A Review of Apple’s Bluetooth Low Energy Continuity Protocol\nFreqy DEFCON 29 RF Village - \"Basics of Breaking BLE\"\nHandoff All Your Privacy – A Review of Apple’s Bluetooth Low Energy Continuity Protocol\nDEF CON 26 - Damien virtualabs Cauquil - You had better secure your BLE devices\nMike Spicer - I Know What U Did Last Summer 3 Yrs Wireless Monitoring DEFCON - DEF CON 27 Conference
\n\n\'',NULL,365302),('4_Sunday','10','10:00','10:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Cellular carriers hate this trick: Using SIM tunneling to travel at light speed\'','\'Adrian \"atrox\" Dabrowski,Gabriel K. Gegenhuber\'','DC_40efbca14672c626fd81865a9320ee0b','\'Title: Cellular carriers hate this trick: Using SIM tunneling to travel at light speed
\nWhen: Sunday, Aug 13, 10:00 - 10:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Adrian \"atrox\" Dabrowski,Gabriel K. Gegenhuber
\n
SpeakerBio:Adrian \"atrox\" Dabrowski\n, CISPA Helmholtz Center for Cybersecurity
\nAdrian Dabrowski wrote his PhD about large infrastructures including the identifying fake base stations (“IMSI Catchers”). Before his PhD, he was a founding member of two hackerspaces in Vienna, Austria, and on the board of one of them.
\nTwitter: @atrox_at
\n
SpeakerBio:Gabriel K. Gegenhuber\n, University of Vienna & SBA Research
\nGabriel Gegenhuber is PhD candidate in Vienna, Austria. Gabriel is conducting research in the area of cellular and mobile networks. This includes Internet measurement technologies, traffic classification systems (e.g., deep packet inspection), and technical measures that are used to detect net neutrality and privacy violations.
\nTwitter: @GGegenhuber
\n\n
\nDescription:
\nCellular networks form large complex compounds for roaming purposes. Thus, geographically-spread testbeds for masurements and rapid exploit verification are needed to do justice to the technology\'s unique structure and global scope. Additionally, such measurements suffer from a combinatorial explosion of operators, mobile plans, and services. To cope with these challenges, we are releasing an open-source framework that geographically decouples the SIM (subscription) from the cellular modem by selectively connecting both remotely. This allows testing any subscriber with any operator at any modem location within seconds without moving parts. The resulting measurement and testbed platform \"MobileAtlas\" offers a scalable, controlled experimentation environment. It is fully open-sourced and allows other researchers to contribute locations, SIM cards, and measurement scripts.\n

Using the above framework, our international experiments in commercial networks revealed exploitable inconsistencies in traffic metering, leading to multiple data \"phreaking\" opportunities (\"free-ride\"). We also expose problematic IPv6 firewall configurations, hidden SIM card communication to the home network, and fingerprint dial progress tones to track victims across different roaming networks and countries with voice calls.\n

REFERENCES: \n \n

Gabriel K. Gegenhuber, Wilfried Mayer, and Edgar Weippl. Zero-Rating, One Big Mess: Analyzing Differential Pricing Practices of European MNOs. In IEEE Global Communications Conference (GLOBECOM), 2022\nGabriel K. Gegenhuber, Wilfried Mayer, Edgar Weippl, Adrian Dabrowski. MobileAtlas: Geographically Decoupled Measurements in Cellular Networks for Security and Privacy Research., 2023, In proceedings of the 32th USENIX Security Symposium 2023.\nDavid Allen Burgess. What is AT&T doing at 1111340002? Welcome to the magical world of proac-tive SIMs., 2021. https://medium.com/telecom-expert/what-is-at-t-doing-at-1111340002-c418876c212c\nDavid Allen Burgess. More Proactive SIMs., 2021. https://medium.com/telecom-expert/more-proactive-sims-f8da2ef8b189\nOSMOCOM. Simtrace 2. https://osmocom.org/projects/simtrace2/wiki\nosmocom.org. pySim-prog - Utility for programmable SIM/USIM-Cards. https://osmocom.org/projects/pysim/wiki\nThe MONROE Alliance. Measuring Mobile Broadband Networks in Europe. https://www.monroe-project.eu\n

\n\n\'',NULL,365303),('3_Saturday','09','09:00','09:20','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Assessing the Security of Certificates at Scale\'','\'Andrew Chi,Brandon Enright,David McGrew\'','DC_f35567bc50ef64d23380a4be4fa51b4c','\'Title: Assessing the Security of Certificates at Scale
\nWhen: Saturday, Aug 12, 09:00 - 09:20 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Andrew Chi,Brandon Enright,David McGrew
\n
SpeakerBio:Andrew Chi\n, Security Research Engineering Technical Leader at Cisco
\nAndrew Chi is a Security Research Engineering Technical Leader at Cisco, where he works with product teams and incident response teams to detect threats in large network telemetry datasets. Prior to Cisco, he was a computer scientist at Raytheon BBN Technologies, where he contributed to IETF standards for routing security (RPKI and BGPSEC) and served as software lead for an open-source RPKI validator. Andrew holds a bachelor’s degree in mathematics from Harvard and a PhD in computer science from the University of North Carolina.
\n
SpeakerBio:Brandon Enright\n, Lead DIFR investigator at Cisco CSIRT
\nBrandon Enright is a lead DIFR investigator for Cisco CSIRT, an expert at DNS and network data analysis, and a contributor to Nmap and other open source projects.
\n
SpeakerBio:David McGrew\n, Fellow at Cisco Systems
\nDavid McGrew is a Fellow at Cisco Systems, where he leads research and development to detect threats, vulnerabilities, and attacks using network data, and to protect data through applied cryptography. He pioneered the commercial use of encrypted traffic analysis to defend networked information systems, and designed authenticated encryption and secure voice and video standards that are in widespread use, most notably GCM and Secure RTP, contributed to open source projects, published research results, championed open, patent/royalty-free cryptography, and co-founded the IRTF Crypto Forum Research Group. He holds a PhD in Physics from Michigan State University, and outside of work, he enjoys Linux, sailing, sports cars, jazz records, and guitar.
\n\n
\nDescription:
\nThe security of digital certificates is too often undermined by the use of poor entropy sources in key generation. Flawed entropy can be hard to discover, especially when analyzing individual devices. However, some flaws can be detected when a large set of keys from the same entropy source are analyzed, as was dramatically demonstrated in 2012 and 2016 by the detection of weak HTTPS keys on the Internet.\n

In this talk, we present tools and techniques to identify weak keys at scale, by checking issued certificates obtained from passive monitoring, active network scans, or certificate authority logs. Our tools use efficient multithreaded implementations of network monitors, scanners, certificate parsers, and mathematical tests. The batch greatest common divisor test (BGCD) identifies RSA public keys with common factors, and outputs the corresponding private keys. The common key test identifies distinct devices that share identical keys. We report on findings from both tests and demonstrate how to audit HTTPS servers, run BGCD on 100M+ keys, identify RSA keys with common factors, and generate the corresponding private keys. Because nothing convinces like an attack, we show how to produce and use PEM files for factored keys. \n

REFERENCES:
\nAndrew Chi, Brandon Enright, David McGrew. The Mercury Batch GCD Utility. https://github.com/cisco/mercury/blob/main/doc/batch-gcd.md\nDavid McGrew, The Mercury cert_analyze Utility. https://github.com/cisco/mercury/blob/main/src/cert_analyze.cc\nDavid McGrew, Blake Anderson. The Mercury tls_scanner Utility. https://github.com/cisco/mercury/blob/main/src/tls_scanner.cc\nNadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. Mining your ps and qs: Detection of widespread weak keys in network devices. In Tadayoshi Kohno, editor, Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, pages 205–220. USENIX Association, 2012. https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/heninger.\nMarcella Hastings, Joshua Fried, and Nadia Heninger. Weak keys remain widespread in network devices. In Phillipa Gill, John S. Heidemann, John W. Byers, and Ramesh Govindan, editors, Proceedings of the 2016 ACM on Internet Measurement Conference, IMC 2016, Santa Monica, CA, USA, November 14-16, 2016, pages 49–63. http://dl.acm.org/citation.cfm?id=2987486.\n

\n\n\'',NULL,365304),('4_Sunday','11','11:00','11:45','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Unlocking hidden powers in Xtensa based Qualcomm Wifi chips\'','\'Daniel Wegemer\'','DC_c56aed2a1fa50ada353a12d71512a988','\'Title: Unlocking hidden powers in Xtensa based Qualcomm Wifi chips
\nWhen: Sunday, Aug 13, 11:00 - 11:45 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Daniel Wegemer\n, Hacker
\nSecurity Researcher interested in enabling new features in closed source firmware. Areas of interest are: Wifi, IoT and Automotive.
\n\n
\nDescription:
\nWifi chips contain general purpose processors. Even though these are powerful processors, their firmware is closed source and does not allow modifications. This talk explores how the firmware of modern Xtensa based Qualcomm Wifi chips can be modified to allow extending its indented functionality. Such modifications can even be for example leveraged by security researchers to find vulnerabilities in an otherwise closed source Wifi code. During the talk we will also dive into the architecture of Qualcomms Wifi chips as well as the structure of the firmware used withing these chips. We will release a modified version of the Nexmon framework to enable patching of Xtensa based firmware and show all the steps involved to create such patches. \n
\n
REFERENCES
\n
- http://problemkaputt.de/gbatek-dsi-atheros-wifi-bmi-bootloader-commands.htm\n- https://nstarke.github.io/firmware/wifi/linux/kernel/2021/08/11/dev-coredump-and-firmware-images.html\n- https://sachin0x18.github.io/posts/demystifying-xtensa-isa/\n- https://nexmon.org
\n\n\'',NULL,365305),('2_Friday','11','11:00','11:45','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'Warshopping - further dalliances in phreaking smart shopping cart wheels, RF sniffing and hardware reverse engineering\'','\'Joseph Gabay\'','DC_2c309637fdae765d28ff8d224ecb0bb0','\'Title: Warshopping - further dalliances in phreaking smart shopping cart wheels, RF sniffing and hardware reverse engineering
\nWhen: Friday, Aug 11, 11:00 - 11:45 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\n
SpeakerBio:Joseph Gabay\n, Hacker
\nJoseph is a robotics engineer turned hacker - inspired by curiosity of the small systems in our everyday world, he went from developing products to performing security assessments of them. He specializes in embedded systems, circuit reverse engineering, and mechatronics.\n

His other hobbies include skydiving, multi-medium fabrication, and collecting strange domain names. He is also the founder and Chief Lunatic of the Flat Moon Society, who would like to ask you: isn’t it weird we never see the other side of the moon?\n

\nTwitter: @stoppingcart
\n\n
\nDescription:
\nSmart shopping cart wheels are electronic wheels with a mechanical braking mechanism meant to prevent cart removal or shoplifting, as well as electronics to provide other tracking functions. In a past talk, I’ve discussed the ultra-low-frequency communication these systems use and how to sniff and replay them (and even use your phone’s speaker to “phreak” your shopping cart!\n

This talk explores a new type of smart wheel (the Rocateq system), and focuses on a deeper exploration of the hardware and firmware. On top of capturing new sets of ultra-low-frequency control signals, we’ll look at the 2.4 GHz “checkout” signal that it receives from the register and reverse engineer the PCB - soldering on “fly-wires” to look at the chip-to-chip communication with a logic analyzer. We’ll also use a PICKIT programmer to dump the firmware from the main microcontroller for basic analysis using Ghidra.\n

In addition to the talk, the website where you can play the control signals as audio files on your phone will be updated to include the control codes for the Rocateq brand wheels. \n

REFERENCES: \n

\n\n\'',NULL,365306),('1_Thursday','16','16:30','16:50','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Small Leaks, Billions Of Dollars: Practical Cryptographic Exploits That Undermine Leading Crypto Wallets\'','\'Nikolaos Makriyannis,Oren Yomtov\'','DC_1a9e26bad8017e4575190b44eae9045c','\'Title: Small Leaks, Billions Of Dollars: Practical Cryptographic Exploits That Undermine Leading Crypto Wallets
\nWhen: Thursday, Aug 10, 16:30 - 16:50 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Nikolaos Makriyannis,Oren Yomtov
\n
SpeakerBio:Nikolaos Makriyannis\n, Cryptography Research Lead at Fireblocks
\nNikolaos Makriyannis (Nikos), Cryptography Research Lead at Fireblocks, is a cryptography PhD, specializing in the areas of multiparty computation (MPC). Nikos is the co-inventor of the CMP20 and CGGMP21 protocols published in ACM CCS\'20 and used by multiple wallet providers.​
\nTwitter: @nik_mak_
\n
SpeakerBio:Oren Yomtov\n, Blockchain Research Lead at Fireblocks
\nOren Yomtov (@orenyomtov), Blockchain Research Lead at Fireblocks, is a security researcher with over a decade of experience. In the past year, focusing on the blockchain space, he disclosed a critical vulnerability in a blockchain with a market cap of $100 million and created the first open-source, trustless Bitcoin NFT marketplace, OpenOrdex.
\nTwitter: @orenyomtov
\n\n
\nDescription:
\nMulti-Party Computation (MPC) has become a common cryptographic technique for protecting hundreds of billions of dollars in cryptocurrency wallets. MPC algorithms are currently powering the wallets of Coinbase, Binance, Zengo, BitGo, Fireblocks and many other fintechs/banks servicing hundreds of millions of consumers and thousands of financial institutions.\n

This presentation examines the most common MPC protocols and implementations and shows that securing MPC remains a challenge for most companies.\n

We show practical key-exfiltration attacks requiring no more than a couple of hundred signatures. Namely, we show three different attacks on different protocols/implementations requiring 256, 16, and one signature, respectively.\n

REFERENCES:
\nRosario Gennaro and Steven Goldfeder. \"One Round Threshold ECDSA with Identifiable Abort.\" Cryptology ePrint Archive, Paper 2020/540, 2020.\nYehuda Lindell. \"Fast Secure Two-Party ECDSA Signing.\" Journal of Cryptology, vol. 34, no. 4, 2021, pp. 44.\nRosario Gennaro and Steven Goldfeder. \"Fast Multiparty Threshold ECDSA with Fast Trustless Setup.\" Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2018, pp. 1179-1194.\n

\n\n\'',NULL,365307),('2_Friday','16','16:30','17:15','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Nothing but Net: Leveraging macOS\'s Networking Frameworks to Heuristically Detect Malware\'','\'Patrick Wardle\'','DC_01797036dfaa92538e6b2270706e27ea','\'Title: Nothing but Net: Leveraging macOS\'s Networking Frameworks to Heuristically Detect Malware
\nWhen: Friday, Aug 11, 16:30 - 17:15 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:Patrick Wardle\n, Objective-See Foundation
\nPatrick Wardle is the creator of the non-profit Objective-See Foundation, author of the “The Art of Mac Malware” book series, and founder of the \"Objective by the Sea\" macOS Security conference.\n

Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.\n \n

Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing books and free open-source security tools to protect Mac users.\n

\nTwitter: @patrickwardle
\n\n
\nDescription:
\nAs the majority of malware contains networking capabilities, it is well understood that detecting unauthorized network access is a powerful detection heuristic. However, while the concepts of network traffic analysis and monitoring to detect malicious code are well established and widely implemented on platforms such as Windows, there remains a dearth of such capabilities on macOS.\n

This talk aims to remedy this situation by delving deeply into a myriad of programmatic approaches capable of enumerating network state, statistics, and traffic, directly on a macOS host. We will showcase open-source implementations of relatively overlooked low-level APIs, private frameworks, and user-mode extensions that provide insight into all networking activity. And, by leveraging these techniques, you will learn how to efficiently and generically detect both known and unknown threats targeting macOS! \n

\n
REFERENCES
\n
- J. Levin http://newosxbook.com/src.jl?tree=listings&file=netbottom.c\n- P. Wardle https://objective-see.org/blog/blog_0x72.html\n- Will Yu / Elastic https://www.elastic.co/blog/mac-system-extensions-for-threat-detection-part-3
\n\n\'',NULL,365308),('2_Friday','17','16:30','17:15','Y','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Nothing but Net: Leveraging macOS\'s Networking Frameworks to Heuristically Detect Malware\'','\'Patrick Wardle\'','DC_01797036dfaa92538e6b2270706e27ea','\'\'',NULL,365309),('4_Sunday','12','12:00','12:45','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'#NoFilter: Abusing Windows Filtering Platform for privilege escalation\'','\'Ron Ben-Yizhak\'','DC_c4d088b5898ad9bd8c00f034bf7388ca','\'Title: #NoFilter: Abusing Windows Filtering Platform for privilege escalation
\nWhen: Sunday, Aug 13, 12:00 - 12:45 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:Ron Ben-Yizhak\n, Security Researcher at Deep Instinct
\nRon Ben-Yizhak is a security researcher at Deep Instinct.\n

He is responsible for research of malware campaigns, attack surfaces and vectors and evasion techniques. His findings are used for developing new analysis, detection, and mitigation capabilities.\n

Ron joined Deep Instinct in 2019 after serving as a security researcher and forensics specialist in one of the IDF’s elite cyber units.\n

\nTwitter: @RonB_Y
\n\n
\nDescription:
\nPrivilege escalation is a common attack vector in the Windows OS.\n

Today, there are multiple offensive tools in the wild that can execute code as “NT AUTHORITY\\SYSTEM” (Meterpreter, CobaltStrike, Potato tools), and they all usually do so by duplicating tokens and manipulating services in some way or another. This talk will show an evasive and undetected privilege escalation technique that abuses the Windows Filtering Platform (WFP). This platform processes network traffic and allow configuring filters that permit or block communication.\n

It is built-in component of the operating system since Windows Vista, and doesn’t require an installation. My research started from reverse-engineering a single RPC method in an OS service and ended with several techniques to abuse a system kernel component, that allow executing programs as “NT AUTHORITY\\SYSTEM”, as well as other users that are logged on the the machine without triggering any traditional detection algorithms.\n

The various components of the Windows Filtering Platform will be analyzed, such as the Basic Filtering Engine, the TCPIP driver and the IPSec protocol, while focusing on how to abuse them and extract valuable data from them. \n

REFERENCES\n

\n\n\'',NULL,365310),('3_Saturday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Starbase: open source graph security analysis (Pre-Registration Required)\'','\'Adam Pierson,Austin Kelleher,Guillaume Ross\'','WS_da4ed39864509294f5954306b1b13753','\'Title: Starbase: open source graph security analysis (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Adam Pierson,Austin Kelleher,Guillaume Ross
\n
SpeakerBio:Adam Pierson\n
\nAdam Pierson is a Senior Software Engineer at JupiterOne. His diverse experience includes time as an embedded software engineer, an R&D analyst working on adopting emerging technologies within large corporate IT environments, and as a developer demonstrating the value of using graph databases to solve complex problems. Currently he is on JupiterOne’s Integration team working on development tools and continuing work on the open-source Starbase project.
\n
SpeakerBio:Austin Kelleher\n
\nAustin Kelleher is a Principal Software Engineer as well as a founding member at JupiterOne. He leads the team responsible for maintaining 100+ open-source projects at JupiterOne. His background has primarily been focused on developing cloud-based software systems and tools that interact with graphs for security analysis. Prior to moving to the security industry, Austin was an engineer at eBay building Marko and Lasso, which are the open-source web tools that power the eBay.com web experience.
\n
SpeakerBio:Guillaume Ross\n, JupiterOne
\nGuillaume has worked on the blue-team side of security for close to two decades now, and loves to do things because they MATTER and not just because everyone else in security is doing the same. He leads the security and IT teams at JupiterOne.
\n\n
\nDescription:
\nSecurity teams are overwhelmed with data. How does a user account relate to a server, an application? Does this vulnerability put this important data at risk, or does it simply expose a few systems we care about much less? Who really has access to these files? This is vulnerable, but the firewall won’t let traffic to the service, or will it?\n

These types of questions are very difficult to answer in a vacuum as they require context. With the power of graphs, and Starbase, an open source graph security analysis tool, we will be able to import the data that allows us to answer them using the graph.\n

John Lambert said “Defenders think in lists, attackers think in graphs”. Join us, so we can get a lot more people thinking in graphs!\n

Skill Level: Intermediate\n

Prerequisites for students:\n

Ability to use Docker when provided with commands. Basic understanding of IT and security issues in cloud environments.\n

Materials or Equipment students will need to bring to participate: A laptop with Docker as well as a few docker images pulled in advance.\n

Due to the brittle nature of conference Wi-Fi, we’ll send instructions in advance, so as many people as possible will have downloaded it.\n

\n\n\'',NULL,365311),('3_Saturday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Starbase: open source graph security analysis (Pre-Registration Required)\'','\'Adam Pierson,Austin Kelleher,Guillaume Ross\'','WS_da4ed39864509294f5954306b1b13753','\'\'',NULL,365312),('3_Saturday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Starbase: open source graph security analysis (Pre-Registration Required)\'','\'Adam Pierson,Austin Kelleher,Guillaume Ross\'','WS_da4ed39864509294f5954306b1b13753','\'\'',NULL,365313),('3_Saturday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Starbase: open source graph security analysis (Pre-Registration Required)\'','\'Adam Pierson,Austin Kelleher,Guillaume Ross\'','WS_da4ed39864509294f5954306b1b13753','\'\'',NULL,365314),('1_Thursday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'DotNet Malware Analysis Masterclass (Pre-Registration Required)\'','\'Max \'Libra\' Kersten\'','WS_42b736cb46f83e948a2986c25988b9a3','\'Title: DotNet Malware Analysis Masterclass (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Max \'Libra\' Kersten\n, Malware Analyst at Trellix
\nMax Kersten is a malware analyst, blogger, and speaker who aims to make malware analysis more approachable for those who are starting. In 2019, Max graduated cum laude with a bachelor\'s in IT & Cyber Security, during which Max also worked as an Android malware analyst. Currently, Max works as a malware analyst at Trellix, where he analyses APT malware and creates open-source tooling to aid such research. Over the past few years, Max spoke at international conferences, such as Black Hat Arsenal (USA, EU, MEA, Asia), Botconf, Confidence-Conference, HackYeahPL, and HackFestCA. Additionally, he gave guest lectures and workshops for several universities and private entities.
\nTwitter: @Libranalysis
\n\n
\nDescription:
\nDotNet based malware originally started out as a novelty, but has shown it is here to stay. With DotNet malware being used by APT actors and script kiddies, and anything in-between, it is safe to say that one will encounter it sooner rather than later. This four-hour workshop primarily focuses on the analyst mindset and fundamental knowledge, including topics such as loaders, unpacking, obfuscation, DotNet internals, and (un)managed hooks. In short, one will learn how to analyse DotNet malware, and write automatic unpackers. As such, this class is perfect for aspiring and beginning analysts, while also providing background information and additional techniques for intermediate analysts.\n

The workshop’s materials will partially consist of actual malware samples, the precautions for which will be explained in-detail during the workshop, ensuring the safety and integrity of the systems of the attendees. A laptop with a preinstalled VM based Windows 10 trial, along with the community edition of Visual Studio (2019 or later) and the DotNet Framework runtime for version 3.5 and later. Other tools, such as dnSpyEx, de4dot, and DotDumper, can be downloaded during the workshop, as these are insignificant in size.\n

Knowing how to read VB.NET/C is a prerequisite. Being able to write in C is preferred, but the workshop can be followed without being able to, although a part of the exercises cannot be completed without it.\n

Questions about the workshop can be asked via my open Twitter DMs: @Libranalysis (https://twitter.com/Libranalysis)\n

Skill Level: Beginner to Intermediate\n

Prerequisites for students:\n

\n

Materials or Equipment students will need to bring to participate: A laptop capable of running one Windows 10 VM, with the above-mentioned prog2rams installed, and sufficient free disk space\n

\n\n\'',NULL,365315),('1_Thursday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'DotNet Malware Analysis Masterclass (Pre-Registration Required)\'','\'Max \'Libra\' Kersten\'','WS_42b736cb46f83e948a2986c25988b9a3','\'\'',NULL,365316),('1_Thursday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'DotNet Malware Analysis Masterclass (Pre-Registration Required)\'','\'Max \'Libra\' Kersten\'','WS_42b736cb46f83e948a2986c25988b9a3','\'\'',NULL,365317),('1_Thursday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'DotNet Malware Analysis Masterclass (Pre-Registration Required)\'','\'Max \'Libra\' Kersten\'','WS_42b736cb46f83e948a2986c25988b9a3','\'\'',NULL,365318),('2_Friday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'House of Heap Exploitation (Pre-Registration Required)\'','\'Elizabeth St. Germain,Kenzie Dolan,Maxwell Dulin \"Strikeout\",Nathan Kirkland,Zachary Minneker\'','WS_7eabbfcb7aef6d11badcb94402376d64','\'Title: House of Heap Exploitation (Pre-Registration Required)
\nWhen: Friday, Aug 11, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Elizabeth St. Germain,Kenzie Dolan,Maxwell Dulin \"Strikeout\",Nathan Kirkland,Zachary Minneker
\n
SpeakerBio:Elizabeth St. Germain\n
\nElizabeth St. Germain started hacking from a young age when very few inputs were sanitized. She worked in systems administration and video game development before settling into hacking as a career. She now focuses her time on web and hardware hacking, with a desire to explore the security impacts that video games can have on consumers. Most of her free time is split between either min/maxing games, competing in CTFs, exploring urban areas and nature, or making music.
\n
SpeakerBio:Kenzie Dolan\n, Security Engineer at Security Innovation
\nKenzie Dolan works for Security Innovation as a Security Engineer focusing on engagements ranging from IoT hacking to kiosk exploitation. Her current research interests include emerging threats against Mobile and IoT devices. She has a degree in Computer and Information Science from University of Oregon. In her free time, Kenzie enjoys composing music, playing video games or hiking in the greater Seattle area.
\n
SpeakerBio:Maxwell Dulin \"Strikeout\"\n
\nMaxwell Dulin (also known as Strikeout) loves hacking all things under the sun. In his day job, he works as a security engineer primarily focused on web applications. But at night, he leaves the tangled web into the open space of radio signals, garage doors, scoreboards, RC cars, and pwn challenges. From the latter, he gained enough expertise to create a heap exploitation course that has been delivered at a number of security conferences, including DEFCON. In his spare time, he has found Linux kernel 0-days, and reverse engineered numerous wireless devices. To summarize, if you put something in front of him, he\'ll find a way to break it and make it do what he wants.
\n
SpeakerBio:Nathan Kirkland\n
\nRaised on a steady diet of video game modding, when Nathan found programming as a teenager, he fit right into it. Legend says he still keeps his coffee (and tear) stained 1980s edition of The C Programming Language by K&R stored in a box somewhere. A few borrowed Kevin Mitnick books later, he had a new interest, and began spending more and more time searching for buffer overflows and SQL injections. Many coffee fueled sleepless nights later, he had earned OSCP, and graduated highschool a few months later. After a few more years of working towards a math degree and trying fervently to teach himself cryptanalysis, he decided to head back to the types of fun hacking problems that were his real first love, and has worked at Security Innovation ever since.
\n
SpeakerBio:Zachary Minneker\n, Security Innovation
\nZachary Minneker is a security researcher and security engineer at Security Innovation. His first computer was a PowerPC Macintosh, an ISA which he continues to defend to this day. At Security Innovation, he has performed security assessments on a variety of systems, including robots for kids, audio transcription codecs, and electronic medical systems. He has previous experience administrating electronic medical systems, and deep experience in fuzzing, reverse engineering, and protocol analysis. His research has focused on techniques for in-memory fuzzing, macOS sandbox security, and IPC methods.
\n\n
\nDescription:
\nHeap exploitation is an incredibly powerful tool for a hacker. As exploit mitigations have made exploitation more difficult, modern exploit development has moved to the heap. However, heap exploitation is a major wall in the binary exploitation journey because of its complexity. To conquer this difficultly, the workshop tackles the complexity head on by diving into the weeds of the allocator directly, taking on many hands-on exercises/challenges and creating easy to grasp diagrams to understand all of the concepts.\n

This workshop is for learning heap exploit development in glibc Malloc, which is the default allocator on most Linux distributions. With this hands-on introduction into glibc Malloc heap exploitation you will learn how the allocator functions, heap specific vulnerability classes and to pwn with a variety of techniques. To make the material easy to consumable, there are many hands-on exercises, a pre-built virtual machine with everything necessary for binary exploitation and an immense amount of visuals for explaining the material. After taking this course you will understand the internals of the glibc Malloc allocator, be able to uncover heap memory vulnerabilities and pwn the heap with a variety of techniques, with the capability to go further into the art afterwards.\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- Basic computer science background (x86_64 assembly, stack, programming skills in C & Python)\n- Basic binary exploitation skills (buffer overflow exploitation, ROP, ASLR, etc.)\n- Familiar with Linux developer tools such as the command line, Python scripting and GDB.\n

Materials or Equipment students will need to bring to participate:\n

\n\n\'',NULL,365319),('2_Friday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'House of Heap Exploitation (Pre-Registration Required)\'','\'Elizabeth St. Germain,Kenzie Dolan,Maxwell Dulin \"Strikeout\",Nathan Kirkland,Zachary Minneker\'','WS_7eabbfcb7aef6d11badcb94402376d64','\'\'',NULL,365320),('2_Friday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'House of Heap Exploitation (Pre-Registration Required)\'','\'Elizabeth St. Germain,Kenzie Dolan,Maxwell Dulin \"Strikeout\",Nathan Kirkland,Zachary Minneker\'','WS_7eabbfcb7aef6d11badcb94402376d64','\'\'',NULL,365321),('2_Friday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'House of Heap Exploitation (Pre-Registration Required)\'','\'Elizabeth St. Germain,Kenzie Dolan,Maxwell Dulin \"Strikeout\",Nathan Kirkland,Zachary Minneker\'','WS_7eabbfcb7aef6d11badcb94402376d64','\'\'',NULL,365322),('3_Saturday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Introduction to Exploit Development (Pre-Registration Required)\'','\'Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne\'','WS_95fe12de1afde37a2ed180da65d4e51e','\'Title: Introduction to Exploit Development (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne
\n
SpeakerBio:Elizabeth Biddlecome\n
\nElizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
\n
SpeakerBio:Irvin Lemus\n
\nIrvin Lemus, CISSP is a Cyber Range Engineer at By Light IT Professional Services, training military personnel through international cyber security exercises. Irvin has been in the field since 2006, involved with cybersecurity competitions since 2015 as a trainer, coach, and mentor. He also has taught IT and Cybersecurity courses at Coastline and Cabrillo Colleges. He is the BACCC Cyber Competitions Regional Coordinator, Board member at Pacific Hackers and is a speaker at DEFCON. He describes himself as, \"A professional troublemaker who loves hacking all the things.\"
\n
SpeakerBio:Kaitlyn Handelman\n, Offensive Security Engineer at Amazon
\nKaitlyn Handelman is an offensive security engineer at Amazon. Her focus is cybersecurity in space. In addition to traditional penetration testing, Kaitlyn works on physical devices and RF signals. In her free time, she enjoys ham radio, astronomy, and her cat, Astrocat.
\n
SpeakerBio:Sam Bowne\n, Founder at Infosec Decoded, Inc
\nSam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.\n

Credentials: PhD, CISSP, DEF CON Black Badge Co-Winner\n

\n\n
\nDescription:
\nLearn how to take control of Windows and Linux servers running vulnerable software, in a hands-on CTF-style workshop. We begin with easy command injections and SQL injections, and proceed through binary exploits including buffer overflows on the stack and the heap, format string vulnerabilities, and race conditions.\n

We will exploit 32-bit and 64-bit Intel and ARM systems, and software in PHP, Python, C++, and DOT NET. We will examine modern Windows defenses in detail, including ASLR, DEP, stack cookies, and SEHOP. We will also write Rust programs and see how they prevent memory corruption vulnerabilities.\n

Previous experience with C and assembly language is helpful but not required. Participants will need a laptop that can run VMware or VirtualBox virtual machines.\n

All materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- Familiarity with C programming and assembly language is helpful, but not essential.\n

Materials or Equipment students will need to bring to participate:\n- A laptop capable of running a virtual machine in VMware or VirtualBox.\n

\n\n\'',NULL,365323),('3_Saturday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Introduction to Exploit Development (Pre-Registration Required)\'','\'Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne\'','WS_95fe12de1afde37a2ed180da65d4e51e','\'\'',NULL,365324),('3_Saturday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Introduction to Exploit Development (Pre-Registration Required)\'','\'Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne\'','WS_95fe12de1afde37a2ed180da65d4e51e','\'\'',NULL,365325),('3_Saturday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Introduction to Exploit Development (Pre-Registration Required)\'','\'Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne\'','WS_95fe12de1afde37a2ed180da65d4e51e','\'\'',NULL,365326),('2_Friday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Machine Learning for N00bs (Pre-Registration Required)\'','\'Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne\'','WS_fa0e6226a38637a43dd22233cc268fc2','\'Title: Machine Learning for N00bs (Pre-Registration Required)
\nWhen: Friday, Aug 11, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne
\n
SpeakerBio:Elizabeth Biddlecome\n
\nElizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
\n
SpeakerBio:Irvin Lemus\n
\nIrvin Lemus, CISSP is a Cyber Range Engineer at By Light IT Professional Services, training military personnel through international cyber security exercises. Irvin has been in the field since 2006, involved with cybersecurity competitions since 2015 as a trainer, coach, and mentor. He also has taught IT and Cybersecurity courses at Coastline and Cabrillo Colleges. He is the BACCC Cyber Competitions Regional Coordinator, Board member at Pacific Hackers and is a speaker at DEFCON. He describes himself as, \"A professional troublemaker who loves hacking all the things.\"
\n
SpeakerBio:Kaitlyn Handelman\n, Offensive Security Engineer at Amazon
\nKaitlyn Handelman is an offensive security engineer at Amazon. Her focus is cybersecurity in space. In addition to traditional penetration testing, Kaitlyn works on physical devices and RF signals. In her free time, she enjoys ham radio, astronomy, and her cat, Astrocat.
\n
SpeakerBio:Sam Bowne\n, Founder at Infosec Decoded, Inc
\nSam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.\n

Credentials: PhD, CISSP, DEF CON Black Badge Co-Winner\n

\n\n
\nDescription:
\nEvery technical product is now incorporating machine learning at an explosive rate. But most people, even those with strong technical skills, don\'t understand how it works, what its capabilities are, and what security risks come with it. In this workshop, we\'ll make machine learning models using simple Python scripts, train them, and evaluate their value. Projects include computer vision, breaking a CAPTCHA, deblurring images, regression, and classification tasks. We will perform poisoning and evasion attacks on machine learning systems, and implement deep neural rejection to block such attacks.\n

No experience with programming or machine learning is required, and the only software required is a Web browser. We will use TensorFlow on free Google Colab cloud systems.\n

All materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.\n

Skill Level: Beginner\n

Prerequisites for students:
\n- None\n

Materials or Equipment students will need to bring to participate:\n- A computer with a Web browser\n

\n\n\'',NULL,365327),('2_Friday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Machine Learning for N00bs (Pre-Registration Required)\'','\'Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne\'','WS_fa0e6226a38637a43dd22233cc268fc2','\'\'',NULL,365328),('2_Friday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Machine Learning for N00bs (Pre-Registration Required)\'','\'Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne\'','WS_fa0e6226a38637a43dd22233cc268fc2','\'\'',NULL,365329),('2_Friday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Machine Learning for N00bs (Pre-Registration Required)\'','\'Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne\'','WS_fa0e6226a38637a43dd22233cc268fc2','\'\'',NULL,365330),('2_Friday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'How hackers can send feedback directly to policymakers like the pros (Pre-Registration Required)\'','\'Amit Elazari,Harley Geiger\'','WS_8209c0650b72a10b9a34c0fd74b3e263','\'Title: How hackers can send feedback directly to policymakers like the pros (Pre-Registration Required)
\nWhen: Friday, Aug 11, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Amit Elazari,Harley Geiger
\n
SpeakerBio:Amit Elazari\n, Co-Founder and CEO at OpenPolicy
\nDr. Amit Elazari is Co-Founder and CEO of OpenPolicy, the world first tech-enabled policy and advocacy company, aiming to democratize access to information concerning future regulation action, policy and lobbying to entities of all sizes by leveraging scale and technology. Prior to OpenPolicy, she served as Head of Cybersecurity Policy for Intel Corp and chaired the Cybersecurity Committee for the Information Technology Industry Council (ITI) among others. She holds a Doctoral Degree in the Law (JSD) from Berkeley Law, and graduated summa cum laude with three prior degrees in law and business. Her research appeared in leading academic journals, key conferences such as RSAC, Black Hat, DEFCON, Bsides, and USENIX, and was featured at the WSJ and NYT. She co-founded Disclose.io, a non-profit that foster adoptions of legal protections for good-faith security research. Amit has a diverse background in technical, policy, and legal roles, and practiced Hi-tech, Venture Capital, and M&A law at Israel\'s largest law firm, Goldfarb Gross Seligman & Co.
\n
SpeakerBio:Harley Geiger\n, Counsel at Venable LLP
\nHarley Geiger is Counsel and Senior Director at Venable, LLP, where he leads the Security Research Legal Defense Fund and the Hacking Policy Council and counsels clients on a variety of cybersecurity issues. Prior to this, Geiger was Senior Director for Public Policy at Rapid7, where he worked to expand adoption of vulnerability disclosure and legal protections for security research. Geiger also worked as Senior Legislative Counsel in the U.S. House of Representatives, where he drafted Aaron’s Law, and served as Advocacy Director at the Center for Democracy & Technology.
\nTwitter: @HarleyGeiger
\n\n
\nDescription:
\nThe first official comments on security policy live from DEF CON. The workshop will show hackers how to go through the process of submitting official comments to regulations and legislation.\n

Meeting with policymakers is only one way to make your voice heard. There are also formal channels for submitting written feedback on policy proposals that become a critical part of the record for regulations. These channels are open to the public, but non-policy professionals don’t always know how to access or make the most effective use of them.\n

This workshop will walk security researchers through the process of using regulations.gov and congress.gov to find open opportunities to influence regulations, and actually submit official comments via those channels from the workshop. The workshop will also talk through how to form an advocacy strategy to amplify the impact of the comments - for example, how to find the right policymakers and staff to follow up with.\n

The workshop will be led by policy professionals with deep ties to the security community.\n

Skill Level: All Levels\n

Prerequisites for students:
\n- None\n

Materials or Equipment students will need to bring to participate: \n- To walk through the process and/or submit comments, bring a laptop, iPad, or other connected device you can type on\n

\n\n\'',NULL,365331),('2_Friday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'How hackers can send feedback directly to policymakers like the pros (Pre-Registration Required)\'','\'Amit Elazari,Harley Geiger\'','WS_8209c0650b72a10b9a34c0fd74b3e263','\'\'',NULL,365332),('2_Friday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'How hackers can send feedback directly to policymakers like the pros (Pre-Registration Required)\'','\'Amit Elazari,Harley Geiger\'','WS_8209c0650b72a10b9a34c0fd74b3e263','\'\'',NULL,365333),('2_Friday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'How hackers can send feedback directly to policymakers like the pros (Pre-Registration Required)\'','\'Amit Elazari,Harley Geiger\'','WS_8209c0650b72a10b9a34c0fd74b3e263','\'\'',NULL,365334),('3_Saturday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required)\'','\'Alfie Champion,Josh Kamdjou\'','WS_430f801d22df5d3ea5893c3f5456065a','\'Title: Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Alfie Champion,Josh Kamdjou
\n
SpeakerBio:Alfie Champion\n
\nAlfie specializes in the delivery of attack detection and adversary emulation services, actively contributing education content, tooling and blogs to further the industry. He has previously worked with organisations across multiple industry verticals to uplift and validate their detective capability through red or purple team engagements, and now leads the global adversary emulation function at a FTSE 250 company. He has previously spoken at BlackHat USA, RSA and Blue Team Con 2022, among others, and is the co-founder of DelivrTo.
\n
SpeakerBio:Josh Kamdjou\n
\nJosh has been doing offensive security-related things for the past 12 years. He\'s spent most of his professional career breaking into networks via spear-phishing and other methods, and building software for both the public (Department of Defense) and private sectors. Josh is the Founder and CEO of Sublime Security, and in his private life enjoys weight lifting, Martial Arts, soccer, and spending time with his niece and nephew.
\n\n
\nDescription:
\nEmail remains the #1 initial access vector for commodity malware and nation state actors. Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to emerging attacker activity and novel offensive tradecraft.\n

In this workshop, attendees will be given detailed insight into the latest techniques used to deliver prevalent malware strains, including QakBot and Emotet, and will hunt through email data to identify this malicious activity, developing rules to detect and block these attacks.\n

Initially attendees will be introduced to the foundational technologies that enable threat hunting, detection engineering, and response in the email domain, before being given access to the email data of a fictitious company seeded with benign and real-world attack data. Throughout the day, participants will learn to hunt common phishing techniques including:\n

\n

Attendees will be guided through the rule creation process, utilizing free and open detection engines including Sublime and Yara, and will be introduced to the signals and email attributes that can be used to craft high-fidelity rules, including targeted user groups, sentiment analysis, sender domain age, and attachment analysis. Having completed the workshop, attendees will have a strong understanding of the tools and techniques at their disposal to defend their organizations from all manor of email threats.\n

Skill Level: Beginner. The training will cater to security practitioners with any level of technical experience. While a general understanding of email threats will be advantageous, all offensive and defensive techniques and tools in the training will be introduced at a foundational level and built on throughout the day.\n

Prerequisites for students:
\n- None\n

Materials or Equipment students will need to bring to participate: \n- Attendees should bring their own laptops in order to be hands-on, preloaded with Docker. Instructions to run the Docker images from Github will be shared. All tools used in this lab are free and/or open-source.\n

\n\n\'',NULL,365335),('3_Saturday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required)\'','\'Alfie Champion,Josh Kamdjou\'','WS_430f801d22df5d3ea5893c3f5456065a','\'\'',NULL,365336),('3_Saturday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required)\'','\'Alfie Champion,Josh Kamdjou\'','WS_430f801d22df5d3ea5893c3f5456065a','\'\'',NULL,365337),('3_Saturday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required)\'','\'Alfie Champion,Josh Kamdjou\'','WS_430f801d22df5d3ea5893c3f5456065a','\'\'',NULL,365338),('3_Saturday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required)\'','\'Chris Greer\'','WS_5cdab33047391ddce38a7ca9f912cf79','\'Title: Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Chris Greer\n, Network Analyst and Wireshark Instructor at Packet Pioneer
\nChris Greer is a network analyst and Wireshark instructor for Packet Pioneer, a Wireshark University partner. He has focused much of his career at the transport layer, specifically TCP, specializing in how this core protocol works to deliver applications, services, and attacks between systems. Chris is a regular speaker at Sharkfest - the Wireshark Developer and User Conference. He has presented at DEFCON and other industry conferences and regularly posts Wireshark analysis tips to his YouTube channel.
\n\n
\nDescription:
\nLet\'s break out Wireshark and dig deep in to the TCP and IP protocols. This skill is critical for anyone interested in any area of cybersecurity, no matter the color of the hat. Almost all enumeration, scans, incident response, and traffic forensics require the analyst to dig into and interpret TCP conversations. When enumerating an environment, identifying key TCP/IP indicators in protocol headers can also help when passively fingerprinting systems.\n

In this workshop we will roll back our sleeves and learn how TCP/IP really works - the handshake, options, sequence/ack numbers, retransmissions, TTL, and much more. This workshop welcomes all cybersecurity and wireshark experience levels.\n

Skill Level: Beginner to Intermediate\n

Prerequisites for students:
\n- Just a laptop with a copy of Wireshark. \n- I will provide the sample pcaps for analysis.\n

Materials or Equipment students will need to bring to participate: \n- Laptop\n

\n\n\'',NULL,365339),('3_Saturday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required)\'','\'Chris Greer\'','WS_5cdab33047391ddce38a7ca9f912cf79','\'\'',NULL,365340),('3_Saturday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required)\'','\'Chris Greer\'','WS_5cdab33047391ddce38a7ca9f912cf79','\'\'',NULL,365341),('3_Saturday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required)\'','\'Chris Greer\'','WS_5cdab33047391ddce38a7ca9f912cf79','\'\'',NULL,365342),('1_Thursday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Protecting the AWS ecosystem - Misconfigurations, IAM, and Monitoring (Pre-Registration Required)\'','\'Rodrigo Montoro\'','WS_6117bcf6af076a194d4183fc7abd1717','\'Title: Protecting the AWS ecosystem - Misconfigurations, IAM, and Monitoring (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Rodrigo Montoro\n, Head of Threat & Detection Research at Clavis Security
\nRodrigo Montoro has over 23 years of experience in Information Technology and Computer Security. For most of his career, he has worked with open-source security software (firewalls, IDS, IPS, HIDS, log management, endpoint monitoring), incident detection & response, and Cloud Security. Currently is Head of Threat & Detection Research at Clavis Security. Before that, he worked as Cloud Researcher at Tenchi Security, Head of Research and Development at Apura Cyber Intelligence, SOC/Researcher at Tempest Security, Senior Security Administrator at Sucuri, and Researcher at Spiderlabs. Author of 2 patented technologies involving innovation in the detection field. One is related to discovering malicious digital documents. The second one is in how to analyze malicious HTTP traffic. Rodrigo has spoken at several open source and security conferences (Defcon Cloud Village, OWASP AppSec, SANS (DFIR, SIEM Summit & CloudSecNext), Toorcon (USA), H2HC (São Paulo and Mexico), SecTor (Canada), CNASI, SOURCE, ZonCon (Amazon Internal Conference), Blackhat Brazil, BSides (Las Vegas e SP)).
\nTwitter: @spookerlabs
\n\n
\nDescription:
\nCloud providers\' ecosystems have brought a lot of new challenges to companies and Security teams. Many new attack vectors create known and unknown attack vectors, generating a considerable need for further research and detection in this field.\n

In the current cloud security world, access keys are the new perimeter, and permissions associated with those keys are the limits. In many real-world scenarios, leaked access keys are the initial vectors to get into an organization\'s cloud environments. Therefore, the least privilege and detection in real-time becomes critical.\n

Specifically, in AWS, we are talking about more than three hundred (300+) services that an attacker could create their specific attack path to achieve their goal. Considering this chaotic scenario, we developed this workshop to teach how to mitigate those new vectors and improve the company\'s overall cloud security posture. The workshop will cover misconfigurations, AWS IAM (Identity and Access Management) least privilege, and control plane (Cloudtrail) monitoring.\n

This workshop will help organizations improve their cloud security posture in these three fields - misconfigurations, IAM permissions management, and control plane monitoring. There will be practical demonstrations, hands-on labs, and some Capture The Flag (CTF) to practice incident response.\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- AWS basic to intermediate knowledge\n

Materials or Equipment students will need to bring to participate: \n- Laptop.
\n- Demonstrations and Capture The Flag (CTF) exercises will be executed in my AWS account and using CTFd.\n

\n\n\'',NULL,365343),('1_Thursday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Protecting the AWS ecosystem - Misconfigurations, IAM, and Monitoring (Pre-Registration Required)\'','\'Rodrigo Montoro\'','WS_6117bcf6af076a194d4183fc7abd1717','\'\'',NULL,365344),('1_Thursday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Protecting the AWS ecosystem - Misconfigurations, IAM, and Monitoring (Pre-Registration Required)\'','\'Rodrigo Montoro\'','WS_6117bcf6af076a194d4183fc7abd1717','\'\'',NULL,365345),('1_Thursday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Protecting the AWS ecosystem - Misconfigurations, IAM, and Monitoring (Pre-Registration Required)\'','\'Rodrigo Montoro\'','WS_6117bcf6af076a194d4183fc7abd1717','\'\'',NULL,365346),('2_Friday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Malware development on secured environment - Write, adapt, overcome (Pre-Registration Required)\'','\'Yoann Dequeker\'','WS_f5dacb1e4ebde00ab60dad2949773d33','\'Title: Malware development on secured environment - Write, adapt, overcome (Pre-Registration Required)
\nWhen: Friday, Aug 11, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Yoann Dequeker\n, Red Team Operator at Wavestone
\nYoann Dequeker is a red team operator at Wavestone for 4 years entitled with OSCP certification and several HTB RedTeam Prolabs. Aside from his different RedTeam operations against CAC40 companies leading him to develop several custom malware to evade EDR to ease C2 beacon deployment or phishing campaigns, he speaks at conferences such as LeHack as a Malware Development speaker and is actively sharing his knowledge on social media under the OtterHacker pseudonym.\n

Beside his contribution to opensource project such as the implementation of TDO secret extraction on Impacket, he spends time playing with several EDR to understand the pros and cons of the different malware development techniques in order to craft and use the payload the most adapted to the targeted environment.\n

\n\n
\nDescription:
\nThis workshop will give an initiation to offensive malware development in C/C++ and how it is possible to adapt the approach depending on the security solution that must be tackled down. Different methods such as ModuleStomping, DLL Injection, Threadless Injection and Hardware Breakpoint for dehooking will be seen.\n

The idea is to start with a basic malware performing process injection and apply additional techniques to start evading EDR. At each step, some analysis on the malware will be performed to understand the differences at the system level and the IOC detected by the EDR.\n

At the end of this workshop, you will have all the knowledge needed to develop your own malware and adapt it to the targeted environment to escape from the basic pattern and spawn your beacons as if EDR didn\'t exist.\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- Some basic C/C++ knowledge and an entry level skills on Windows OS.\n

Materials or Equipment students will need to bring to participate: \n- A Computer with VisualStudio Community or an equivalent compiler, WinDBG and a Windows System (Virtual machine might be better)\n

\n\n\'',NULL,365347),('2_Friday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Malware development on secured environment - Write, adapt, overcome (Pre-Registration Required)\'','\'Yoann Dequeker\'','WS_f5dacb1e4ebde00ab60dad2949773d33','\'\'',NULL,365348),('2_Friday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Malware development on secured environment - Write, adapt, overcome (Pre-Registration Required)\'','\'Yoann Dequeker\'','WS_f5dacb1e4ebde00ab60dad2949773d33','\'\'',NULL,365349),('2_Friday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Malware development on secured environment - Write, adapt, overcome (Pre-Registration Required)\'','\'Yoann Dequeker\'','WS_f5dacb1e4ebde00ab60dad2949773d33','\'\'',NULL,365350),('3_Saturday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required)\'','\'Wesley McGrew\'','WS_33cf0cb5c04c7c2bd6cf52021931bb8a','\'Title: The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Wesley McGrew\n, Senior Cyber Fellow at MartinFed
\nDr. Wesley McGrew directs research, development, and offensive cyber operations as Senior Cybersecurity Fellow for MartinFederal. He has presented on topics of penetration testing and and malware analysis at DEF CON and Black Hat USA and taught a self-designed course on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. Wesley has a Ph.D. in Computer Science from Mississippi State University for his research in vulnerability analysis of SCADA HMI systems.
\nTwitter: @McGrewSecurity
\n\n
\nDescription:
\nWhile it can be intimidating to \"get into\" software reverse engineering (RE), it can be very rewarding. Reverse engineering skills will serve you well in malicious software analysis, vulnerability discovery, exploit development, bypassing host-based protection, and in approaching many other interesting and useful problems in hacking. Being able to study how software works, without source code or documentation, will give you the confidence that there is nothing about a computer system you can\'t understand, if you simply apply enough time and effort. Beyond all of this: it\'s fun. Every malicious program becomes a new and interesting puzzle to \"solve\".\n

The purpose of this workshop is to introduce software reverse engineering to the attendees, using static and dynamic techniques with the Ghidra disassembler and WinDbg debugger. No prior experience in reverse engineering is necessary. There will be few slides--concepts and techniques will be illustrated within the Ghidra and WinDbg environments, and attendees can follow along with their own laptops and virtual environments. We will cover the following topics:\n

\n

Skill Level: Beginner\n

Prerequisites for students:
\n- No previous reverse engineering experience required. \n- Basic familiarity with programming in a high-level language is necessary (C preferred, Scripting languages like Python would be okay).\n

Materials or Equipment students will need to bring to participate: \n- A laptop with a fresh Windows 10 Virtual Machine.\n- Being able to dedicate 8GB RAM to the VM (meaning, you probably have 16GB in your laptop) will make the experience smoother, but you can get by with 4GB\n- 10 GB storage free in the VM (after installing Windows)\n- Administrative privileges
\n- Ability to copy exercise files from USB\n

We will be working with live malware samples. Depending on your comfort level with this, bring a \"burner\" laptop, use a clean drive, or plan on doing a clean install before and after the workshop.\n

\n\n\'',NULL,365351),('3_Saturday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required)\'','\'Wesley McGrew\'','WS_33cf0cb5c04c7c2bd6cf52021931bb8a','\'\'',NULL,365352),('3_Saturday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required)\'','\'Wesley McGrew\'','WS_33cf0cb5c04c7c2bd6cf52021931bb8a','\'\'',NULL,365353),('3_Saturday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required)\'','\'Wesley McGrew\'','WS_33cf0cb5c04c7c2bd6cf52021931bb8a','\'\'',NULL,365354),('1_Thursday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Applied Emulation - A Practical Approach to Emulating Malware (Pre-Registration Required)\'','\'Sean Wilson,Sergei Frankoff\'','WS_b6e772c219bcea7042ce4fc0f08265bd','\'Title: Applied Emulation - A Practical Approach to Emulating Malware (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Sean Wilson,Sergei Frankoff
\n
SpeakerBio:Sean Wilson\n, Co-Founder at OpenAnalysis Inc
\nSean, a co-founder of OpenAnalysis Inc., splits his time between reverse engineering, tracking malware and building automated malware analysis systems. Sean brings over a decade of experience working in a number of incident response, malware analysis and reverse engineering roles.
\n
SpeakerBio:Sergei Frankoff\n, Co-founder at OpenAnalysis Inc
\nSergei is a co-founder of OpenAnalysis Inc. When he is not reverse engineering malware Sergei is focused on building automation tools for malware analysis, and producing tutorials for the OALABS YouTube channel. With over a decade in the security industry Sergei has extensive experience working at the intersection of incident response and threat intelligence.
\n\n
\nDescription:
\nBinary emulation is now a must-have tool for malware analysts. With a few lines of Python you can unpack binaries, skip analysis of complex algorithms, and automatically extract the configuration data from malware! It’s not too good to be true, but there is a little preparation work involved…\n

In this workshop you will set up your own emulation environment (using Python) and work through a series of common malware analysis tasks such as unpacking, and malware configuration extraction. The workshop starts simple using Unicorn to emulate x86 shellcode, and builds to a final project where syscall hooking is used with Dumpulator to automatically extract C2s from malware.\n

This workshop is aimed at malware analysts and reverse engineers who are interested in learning more about emulation and how it can be used to automate some reverse engineering workflows. Students must be able to write basic Python scripts, and have a working knowledge of the Windows OS. Familiarity with Windows malware, assembly, and debugging are strongly recommended. If you have opened malware in a debugger before you will feel right at home here.\n

You will be provided with detailed virtual machine setup instructions prior to the workshop. Please make sure to bring a laptop that meets the following requirements.\n

\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- Students must be able to write basic Python scripts and have a basic understanding of the Windows operating system.\n- Familiarity with a Windows malware, debugging, and assembly would also be a significant benefit.\n

Materials or Equipment students will need to bring to participate:\n- Students must bring a laptop capable of running a Windows virtual machine with the following configuration. Time will be given to troubleshoot lab setup issues but it is strongly recommended that students have the following setup prior to the workshop.\n

[Host Setup]
\n- The laptop must have VirtualBox or VMWare installed and working prior to class.\n- The laptop must have at least 60GB of disk space free.\n- The laptop must be able to mount USB storage devices (ensure you have the appropriate dongle if you need one).\n

[ VM Install ]
\n- Download a free Windows 11 VM from Microsoft (https://developer.microsoft.com/en-u...tual-machines/)\n- You can also use a Windows VM of your choice (Windows 10 is also ok)\n

[ VM Install for Mac - Apple Silicon Only (M1, M2)]\n- If you have a new Apple Silicon MacBook you will are limited to running an ARM Windows VM\n- ARM Windows VMs are suitable for the workshop and you can follow our installation guide on YouTube (https://youtu.be/0eR8yrDLV5M)\n

[VM Setup]
\n- Install x64dbg in your VM (https://x64dbg.com/)\n- Install a free version of IDA in your VM (https://hex-rays.com/ida-free/)\n- Install a version of Python > 3.8.x in your VM (https://www.python.org/)\n

\n\n\'',NULL,365355),('1_Thursday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Applied Emulation - A Practical Approach to Emulating Malware (Pre-Registration Required)\'','\'Sean Wilson,Sergei Frankoff\'','WS_b6e772c219bcea7042ce4fc0f08265bd','\'\'',NULL,365356),('1_Thursday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Applied Emulation - A Practical Approach to Emulating Malware (Pre-Registration Required)\'','\'Sean Wilson,Sergei Frankoff\'','WS_b6e772c219bcea7042ce4fc0f08265bd','\'\'',NULL,365357),('1_Thursday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Applied Emulation - A Practical Approach to Emulating Malware (Pre-Registration Required)\'','\'Sean Wilson,Sergei Frankoff\'','WS_b6e772c219bcea7042ce4fc0f08265bd','\'\'',NULL,365358),('2_Friday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Learning to Hack Bluetooth Low Energy with BLE CTF (Pre-Registration Required)\'','\'Ryan Holeman\'','WS_abb069b4f202072db8ecc4a323f5dde1','\'Title: Learning to Hack Bluetooth Low Energy with BLE CTF (Pre-Registration Required)
\nWhen: Friday, Aug 11, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Ryan Holeman\n, CISO at Strike
\nRyan Holeman resides in Austin, Texas, where he works as the CISO for the peer-to-peer payment platform Strike. He is currently pursuing a Ph.D. in cyber defense from Dakota State University. He has spoken at respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon. You can keep up with his current activity, open source contributions, and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, and shredding local skateparks.
\n\n
\nDescription:
\nBLE CTF is a series of Bluetooth Low Energy challenges in a capture-the-flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user.\n

Over the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, training, and conferences have utilized it as an educational platform and CTF. As an open source, low-cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.\n

This workshop will teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. For this workshop, we will undergo a series of exercises to teach beginner students new concepts and allow more seasoned users to try new tools and techniques. After completing this workshop, you should have a good solid understanding of how to interact with and hack on BLE devices in the wild.\n

If you have done BLE CTF in the past, this class is still valuable. For advanced users, we offer BLE CTF Infinity, a sequel to BLE CTF. The workshop will also showcase new hardware platforms and client tools for interacting with and completing the exercises.\n

Skill Level: Beginner to Intermediate\n

Prerequisites for students:
\n- To prepare for the workshop, please follow the setup documentation located at https://github.com/hackgnar/ble_ctf/blob/master/docs/workshop_setup.md\n

Materials or Equipment students will need to bring to participate:\n- Preferably a Linux box with a Bluetooth controller or a Bluetooth USB dongle. An OSX or Windows machine with a Linux VM and USB passthough works as well but should be setup and tested before the workshop.\n

\n\n\'',NULL,365359),('2_Friday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Learning to Hack Bluetooth Low Energy with BLE CTF (Pre-Registration Required)\'','\'Ryan Holeman\'','WS_abb069b4f202072db8ecc4a323f5dde1','\'\'',NULL,365360),('2_Friday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Learning to Hack Bluetooth Low Energy with BLE CTF (Pre-Registration Required)\'','\'Ryan Holeman\'','WS_abb069b4f202072db8ecc4a323f5dde1','\'\'',NULL,365361),('2_Friday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Learning to Hack Bluetooth Low Energy with BLE CTF (Pre-Registration Required)\'','\'Ryan Holeman\'','WS_abb069b4f202072db8ecc4a323f5dde1','\'\'',NULL,365362),('3_Saturday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required)\'','\'Aaron Rosenmund,Brandon DeVault,Ryan Chapman\'','WS_ba2204ff9a89db6632d5d84e14c60598','\'Title: Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Aaron Rosenmund,Brandon DeVault,Ryan Chapman
\n
SpeakerBio:Aaron Rosenmund\n, Director of Security Research and Content at Pluralsight
\nAaron Rosenmund is the Director of Security Research and Content for Pluralsight, where he has also authored over 115 courses and technical labs across offensive and defensive security operations topics. Part time work includes service as an Cyber Warfare Operations office in the Delaware Air National guard, where he has also lead a 100+ member red team for the largest cyber exercise in the Nation, Cybershield. 4 years of highly rated talks and workshops have earned him the Distinguished speaker title from RSAC, and he looks forward to returning for the 3rd year to Defcon Workshops to bring practical emulation and testing capabilities to the people who need it most.
\n
SpeakerBio:Brandon DeVault\n, Pluralsight
\nBrandon DeVault is a security researcher, blue teamer, and educator. Currently works as an author for Pluralsight and member of the FL Air National Guard. Prior experience includes work at Elastic and multiple deployments with Special Operations Command.
\n
SpeakerBio:Ryan Chapman\n
\nRyan Chapman is the author of SANS’ “FOR528: Ransomware for Incident Responders” course, teaches SANS’ “FOR610: Reverse Engineering Malware” course, works as a principal incident response consultant for $dayJob, and helps run the CactusCon conference in Phoenix, Arizona, USA. Ryan has a passion for life-long learning, loves to teach people about ransomware-related attacks, and enjoys pulling apart malware. He has presented workshops at DefCon and other conferences in the past and knows how to create a step-by-step instruction set to maximize hands-on learning.
\n\n
\nDescription:
\nThreat actors such as ransomware affiliates around the world are carrying out attacks on Active Directory (AD) at scale. When doing so, such actors often stick to the mainstream in terms of attack methodologies and tooling. But… that’s lame! Why borrow tactics, techniques, and procedures (TTPs) that are so well known and thus readily detectable?! Come hang out with us as we provide an overview of AD, show the most common attack scenarios, then show you how to detect and prevent those very attacks. Stick around as we then transition to covering what you could, and should, be doing instead.\n

We will be providing a remote network range to which you will connect. Once in the range, you will be acting as the ransomware threat actor, “pentester” as they like to call themselves. You will carry out attacks such as enumeration via Bloodhound, credential discovery and compromise, pass the hash attacks, and kerberoasting via common tools such as Mimikatz & Rubeus. After carrying out the attacks yourself, you’ll then learn how to prevent and detect those very attacks. We’ll then show you custom-developed methods to carry out the same attacks without the reliance on well-known TTPs/tools. And even better, we’ll show you how you could, at least where it’s even possible, detect the more custom/advanced methodologies.\n

Join us if you are a blue teamer, red teamer, purple teamer, cyber defender, DFIR analyst… basically anyone who wants (or needs!) to learn to defend and/or attack Active Directory. Come for the tech, stay for the humor. See ya there!\n

Skill Level: Intermediate to Advanced\n

Prerequisites for students: \n

\n

Materials or Equipment students will need to bring to participate:\n- A laptop with Linux/Windows/Mac desktop environment\n- Networking capability: Students will be connecting to a remote network range – They will need a wireless NIC (assuming the workshop area provides Wi-Fi, not not we’ll need to know) that can be enabled along with administrator privileges on their system\n- IMPORTANT: This workshop relies on network connectivity. Any student not able to connect to our range will be unable to follow along with the hands-on portion of the workshop.\n

\n\n\'',NULL,365363),('3_Saturday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required)\'','\'Aaron Rosenmund,Brandon DeVault,Ryan Chapman\'','WS_ba2204ff9a89db6632d5d84e14c60598','\'\'',NULL,365364),('3_Saturday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required)\'','\'Aaron Rosenmund,Brandon DeVault,Ryan Chapman\'','WS_ba2204ff9a89db6632d5d84e14c60598','\'\'',NULL,365365),('3_Saturday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required)\'','\'Aaron Rosenmund,Brandon DeVault,Ryan Chapman\'','WS_ba2204ff9a89db6632d5d84e14c60598','\'\'',NULL,365366),('2_Friday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Getting into Trouble with Machine Learning Models (Pre-Registration Required)\'','\'Robert Koehlmoos\'','WS_f8439b8796a0d105c58a38a5148f0f81','\'Title: Getting into Trouble with Machine Learning Models (Pre-Registration Required)
\nWhen: Friday, Aug 11, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Robert Koehlmoos\n
\nRob works as a lead machine learning engineer focusing on deep learning applications, primarily with language translation. His team works with the full pipeline of training, productionizing, and deploying machine learning applications. He is happy not only talking about theory and research but also the practicalities of model selection and designing products to meet user needs. He previously worked as a data scientist and has strong opinions about effective uses of data visualization and good UI design. He is only a little afraid of AI taking over everything.
\n\n
\nDescription:
\nThis workshop is a beginner\'s introduction to deep learning with neural networks, going from fundamentals to the latest in models for image editing, object recognition, and automated pen testing using large language models. It starts with an introduction to the theory behind deep learning, with a few toy examples to give students a feel for how these systems are built. From there we shift focus to a tour of state of the art models with a focus on running open source models locally independent of proprietary corporate systems. These systems include captcha defeat, video search and tracking, and image editing, among others. Finally, students perform a pen testing capstone using AutoGPT and HuggingGPT to understand the latest in emergent large language model reasoning capabilities. Students should have a basic understanding of how to write Python code, the class will build from there. A laptop with 8Gb of RAM and 100GB of free space will be sufficient. Students may bring laptops with more powerful GPUs, but online resources will be available for more GPU intensive models.\n

Skill Level: Beginner\n

Prerequisites for students:
\n- None, this workshop will walk through all steps required to use and apply the models.\n

Materials or Equipment students will need to bring to participate: \n- A laptop with at least 8Gb of RAM and 100GB available hard drive space. Must also be able to run a Linux based VM. This isn\'t meant to be a high bar, free online resources will be used to supplement their laptop for larger models.\n- Students will need an OpenAI API token, which will require setting up a paid account with OpenAI. The final cost for API using in this class should be no more than $5. I wish there was not a requirement for this, but unfortunately some of the cutting edge application I want students to experiment with are only available in high enough quality using OpenAI\'s products. This may change between this submission and the start date of the class at the rate of current AI advancement.\n

\n\n\'',NULL,365367),('2_Friday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Getting into Trouble with Machine Learning Models (Pre-Registration Required)\'','\'Robert Koehlmoos\'','WS_f8439b8796a0d105c58a38a5148f0f81','\'\'',NULL,365368),('2_Friday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Getting into Trouble with Machine Learning Models (Pre-Registration Required)\'','\'Robert Koehlmoos\'','WS_f8439b8796a0d105c58a38a5148f0f81','\'\'',NULL,365369),('2_Friday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Getting into Trouble with Machine Learning Models (Pre-Registration Required)\'','\'Robert Koehlmoos\'','WS_f8439b8796a0d105c58a38a5148f0f81','\'\'',NULL,365370),('2_Friday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Advanced WiFi Attacks for Red Team Professionals (Pre-Registration Required)\'','\'Raúl \"r4ulcl\" Calvo Laorden\'','WS_2315d11573e57737624ec8fbf0e17f55','\'Title: Advanced WiFi Attacks for Red Team Professionals (Pre-Registration Required)
\nWhen: Friday, Aug 11, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Raúl \"r4ulcl\" Calvo Laorden\n
\nRaúl Calvo Laorden is a Spanish Senior Cybersecurity Analyst (Pentester) who is known in the online community as r4ulcl. He has a keen interest in hacking, particularly in Active Directory (AD), WiFi, and Radio Frequency (RF). Raúl enjoys working with Docker and git. He also has a passion for music, video games, and tinkering with electronic devices.\n

Raúl is the author of WiFiChallenge Lab, a 100% virtualized realistic lab designed for learning and practicing wifi hacking (presented in RootedCON 2022). He is also the creator of wifi_db, a script that parses Aircrack-ng captures into a SQLite database, extracting valuable information such as handshakes, MGT identities, interesting relations between APs, clients and their probes, WPS information, and a global view of all the APs seen. Additionally, he holds the OSCP and CRTP certifications.\n

In his free time, Raúl dedicates himself to programming hacking and cybersecurity tools. He also maintains his own micro-datacenter consisting of multiple servers and services where he continually learns and practices new technologies.\n

\n\n
\nDescription:
\nWireless networks have become ubiquitous in today\'s world, and Red Teams are increasingly using advanced WiFi attacks to gain unauthorized access to these networks. This workshop will focus on advanced WiFi attacks utilized by Red Teams to gain access to wireless networks. Participants will learn how to conduct WiFi reconnaissance, identify misconfigurations in wireless networks, create Rogue APs for launching phishing attacks, bypass WIDS, and more. The workshop is entirely virtual, and participants will have access to a lab environment where they can experiment safely. Participants must have prior knowledge of WiFi attacks on Open, WEP, and WPA2-PSK networks. The workshop covers advanced techniques for WiFi reconnaissance, creating custom TLS certificates, Rogue AP attacks, MSCHAPv2 Relay attacks, password spraying, ESSID stripping, and more. The workshop also covers the importance of Wireless Intrusion Detection Systems for Blue Teams and an example using Nzyme. Overall, this workshop is ideal for Red Team professionals looking to enhance their WiFi attack skills and stay ahead of the game.\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- All participants in participating in this workshop must have a basic understanding of Linux, 802.11 protocol and Wireshark. \n- Must have prior knowledge of WiFi attacks on Open, WEP, and WPA2-PSK networks.\n

Materials or Equipment students will need to bring to participate: \n- Participants must have access to a computer with a reliable internet connection and a virtualization software such as VirtualBox or VMware.\n

\n\n\'',NULL,365371),('2_Friday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Advanced WiFi Attacks for Red Team Professionals (Pre-Registration Required)\'','\'Raúl \"r4ulcl\" Calvo Laorden\'','WS_2315d11573e57737624ec8fbf0e17f55','\'\'',NULL,365372),('2_Friday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Advanced WiFi Attacks for Red Team Professionals (Pre-Registration Required)\'','\'Raúl \"r4ulcl\" Calvo Laorden\'','WS_2315d11573e57737624ec8fbf0e17f55','\'\'',NULL,365373),('2_Friday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Advanced WiFi Attacks for Red Team Professionals (Pre-Registration Required)\'','\'Raúl \"r4ulcl\" Calvo Laorden\'','WS_2315d11573e57737624ec8fbf0e17f55','\'\'',NULL,365374),('1_Thursday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'These Port Scans are Trash: Improving Nmap by Writing New Scripts and Libraries (Pre-Registration Required)\'','\'Philip Young \"Soldier of FORTRAN\"\'','WS_204c3404ff2377225edbdd606f163f63','\'Title: These Port Scans are Trash: Improving Nmap by Writing New Scripts and Libraries (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Philip Young \"Soldier of FORTRAN\"\n
\nPhilip Young, aka Soldier of FORTRAN, is a leading expert in all things mainframe hacking. Having spoken and taught at conferences around the world, including DEFCON, RSA, BlackHat and keynoting at both SHARE and GSE Europe, he has established himself as the thought leader in mainframe penetration testing. Since 2013 Philip has released tools to aid in the testing of mainframe security and contributed to multiple opensource projects including Nmap, allowing those with little mainframe capabilities the chance to test their mainframes. He created the Nmap TN3270 library which enabled Nmap to scan and fingerprint z/OS mainframes and SNA networks. His hope is that through education others will create new libraries and scripts to force corporations to fix their shit.
\n\n
\nDescription:
\nDoes anyone know how old Nmap is? If you guessed 20 years old, you’d be wrong! It’s been around since 1997 when it was first released in Phrack magazine. Since the beginning, it\'s been through multiple iterations and an entire community has developed around it. One of the most important additions to Nmap was the ability to add custom scripts. Changing Nmap from a simple port scanner to the swiss army knife of network scanners. Oftentimes, when zero days pop up, someone will write an nmap script to identify vulnerable servers within minutes. If you’ve ever wondered how people write Nmap scripts, what it would take to write your own and how you can use them, this workshop is for you.\n

Attendees in this workshop will learn how to understand and update the Nmap probe file, how to write Lua scripts (which Nmap scripting uses), how to write Nmap scripts to supplement the probe file, interact with custom services and ultimately write multiple Nmap scripts to do fun stuff with ports. Once attendees have a firm grasp of the Nmap scripting engine they will be introduced to writing Nmap libraries for use by their various scripts. This workshop contains many instructor lead labs so that attendees can see their code in action. To make this workshop worthwhile, a custom service running on a port has been created which the labs will allow you to probe and identify as the course goes on.\n

Nmap is the workhorse behind the scenes for so many pentesters, but the resources for writing scripts are limited. The hope is that by offering this workshop, more people will be able to write Nmap scripts for the betterment of all hackingkind.\n

Skill Level: Beginner\n

Prerequisites for students:
\n- Some basic understanding of how to write code (python, C, Lua, etc), how to use the Linux command line.\n

Materials or Equipment students will need to bring to participate: \n- A laptop capable of running a linux VM\n

\n\n\'',NULL,365375),('1_Thursday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'These Port Scans are Trash: Improving Nmap by Writing New Scripts and Libraries (Pre-Registration Required)\'','\'Philip Young \"Soldier of FORTRAN\"\'','WS_204c3404ff2377225edbdd606f163f63','\'\'',NULL,365376),('1_Thursday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'These Port Scans are Trash: Improving Nmap by Writing New Scripts and Libraries (Pre-Registration Required)\'','\'Philip Young \"Soldier of FORTRAN\"\'','WS_204c3404ff2377225edbdd606f163f63','\'\'',NULL,365377),('1_Thursday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'These Port Scans are Trash: Improving Nmap by Writing New Scripts and Libraries (Pre-Registration Required)\'','\'Philip Young \"Soldier of FORTRAN\"\'','WS_204c3404ff2377225edbdd606f163f63','\'\'',NULL,365378),('2_Friday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Android App Hacking - Hacking for Good! (Pre-Registration Required)\'','\'Kavia Venkatesh,Maria Uretsky,Olivier Tuchon,Sajjad \"JJ\" Arshad\'','WS_8ab292292e87da37a7d60a419fff88e7','\'Title: Android App Hacking - Hacking for Good! (Pre-Registration Required)
\nWhen: Friday, Aug 11, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Kavia Venkatesh,Maria Uretsky,Olivier Tuchon,Sajjad \"JJ\" Arshad
\n
SpeakerBio:Kavia Venkatesh\n, Technical Program Manager on the Android Security Team at Google
\nKavia Venkatesh is a Technical Program Manager on the Android Security Team at Google where she leads the execution of the Android Security Release Program aka Android Security Bulletin. Over the last 7+ years has led numerous security initiatives. Now, she\'s passionate about sharing her knowledge with the world.
\n
SpeakerBio:Maria Uretsky\n, Google
\nMaria Uretsky is leading the Android Vulnerability Rewards program at Google. Her passion is to break all the things before the bad actors do, to ensure they are kept out. During her 10+ years of software engineering and security work, she has been part of Google Cloud Security, Azure Sentinel, Windows Defender and AVG.
\n
SpeakerBio:Olivier Tuchon\n, Security Engineer, Android Vulnerability Research team at Google
\nOlivier Tuchon is a Security Engineer on the Android Vulnerability Research team. Olivier has been working at Google for almost 5 years, he started by chasing malware/PHA in the Play Store and into the wild (OffMarket) with a speciality in Stalkerware. Now, Olivier looks for vulnerabilities in 3P Android applications. Before Google, Olivier had been a Security Engineer in the French Army for 12 years.
\n
SpeakerBio:Sajjad \"JJ\" Arshad\n, Senior Security SWE, Android Security & Privacy team at Google
\nJJ is a Senior Security SWE at Google\'s Android Security & Privacy team where he is developing tools to fight abuse in Android with focus on JavaScript-based frameworks. He has also designed CTF challenges and helped organize GoogleCTF in the past few years. Before Google, he was a Cybersecurity researcher at iSecLab and earned his PhD in Cybersecurity from Northeastern University, Boston, MA. Some domains he is active in are large-scale web security & privacy measurement, program analysis, and Malware detection.
\n\n
\nDescription:
\nWelcome to the world of Android Hacking! This is a hands-on workshop designed to introduce you to the knowledge, tools and techniques for analyzing and exploiting vulnerabilities in Android applications.\n

The workshop will start by presenting hacking for good, insights on the Android bug bounty, then it will cover the basic concepts of Android applications, walk you through industry standard tools and techniques and then let you experiment on your own with our Android reverse engineering CTF!\n

Come and hack with us!\n

The workshop requires no prior knowledge of Android or reverse engineering.\n

Skill Level: Beginner to Intermediate\n

Prerequisites for students:
\n- Before the workshop, students should follow the setup instructions to ensure they can start working on the CTFs in the workshop: https://tinyurl.com/aah-setup\n- There is no pre-required knowledge.\n

Materials or Equipment students will need to bring to participate: \n- Laptop with 20+ GB free hard disk space 4+ GB RAM\n- Mac. Windows 7/8 , Ubuntu 12.x + (64 bit Operating System),\n- ADB\n

\n\n\'',NULL,365379),('2_Friday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Android App Hacking - Hacking for Good! (Pre-Registration Required)\'','\'Kavia Venkatesh,Maria Uretsky,Olivier Tuchon,Sajjad \"JJ\" Arshad\'','WS_8ab292292e87da37a7d60a419fff88e7','\'\'',NULL,365380),('2_Friday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Android App Hacking - Hacking for Good! (Pre-Registration Required)\'','\'Kavia Venkatesh,Maria Uretsky,Olivier Tuchon,Sajjad \"JJ\" Arshad\'','WS_8ab292292e87da37a7d60a419fff88e7','\'\'',NULL,365381),('2_Friday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Android App Hacking - Hacking for Good! (Pre-Registration Required)\'','\'Kavia Venkatesh,Maria Uretsky,Olivier Tuchon,Sajjad \"JJ\" Arshad\'','WS_8ab292292e87da37a7d60a419fff88e7','\'\'',NULL,365382),('1_Thursday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Analysis 101 for Incident Responders (Pre-Registration Required)\'','\'Kristy Westphal\'','WS_6746be18cf1ad98ed3bf2c4405b56fec','\'Title: Analysis 101 for Incident Responders (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Kristy Westphal\n
\nKristy Westphal is a versatile information technology professional with specific experience in providing advisory and management services in the area of information security and risk is currently employed as the Vice President, Security Operations at a financial services company. Specializing in leadership and program development, specific expertise in security areas includes: process analysis, risk assessments, security awareness programs, operating system security, network security, incident handling, vulnerability analysis and policy development.
\n\n
\nDescription:
\nYou have a theory about something you have found while roaming the network or conducting your own hackfest, but how do you go about proving it? This workshop will be a hands-on journey deep into the world of analysis. While analysis is a bit of an art form, there are methods that can be applied to make it less of a gut feeling and more of a scientific approach to support your hypothesis. From network forensics to log analysis to endpoint forensics and cloud log analysis, we will review numerous quick methods (including some analysis wizardry with R) to gain context over the data you have gathered and apply critical thinking in an attempt to find the answers. Sometimes, the answers weren’t meant to be found, but we’ll also discuss how to make the best of any conclusion that you reach.\n

Skill Level: Beginner to Intermediate\n

Prerequisites for students:
\n- A curiosity for security!\n

Materials or Equipment students will need to bring to participate: \n- Will need a laptop with Wireshark and R installed.\n

\n\n\'',NULL,365383),('1_Thursday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Analysis 101 for Incident Responders (Pre-Registration Required)\'','\'Kristy Westphal\'','WS_6746be18cf1ad98ed3bf2c4405b56fec','\'\'',NULL,365384),('1_Thursday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Analysis 101 for Incident Responders (Pre-Registration Required)\'','\'Kristy Westphal\'','WS_6746be18cf1ad98ed3bf2c4405b56fec','\'\'',NULL,365385),('1_Thursday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Analysis 101 for Incident Responders (Pre-Registration Required)\'','\'Kristy Westphal\'','WS_6746be18cf1ad98ed3bf2c4405b56fec','\'\'',NULL,365386),('1_Thursday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hide your kids, turn off your Wi-Fi, they Rogue APing up in here (Pre-Registration Required)\'','\'Daniel Costantini,James Hawk,Lander Beyer\'','WS_cb897e27336cb2e2309faa2921608fed','\'Title: Hide your kids, turn off your Wi-Fi, they Rogue APing up in here (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Daniel Costantini,James Hawk,Lander Beyer
\n
SpeakerBio:Daniel Costantini\n, Principal Consultant at Mandiant
\nDaniel Costantini is a Principal Consultant with Mandiant, within Proactive Services. He is a Red Team/Penetration Testing subject matter expert in a variety of disciplines. Daniel has led and contributed to over a hundred Penetration/Red Team assessments. Over the years he has gained vast experience in living off the land, application, web, and network penetration testing. He continues, to strengthen his expertise in advanced wireless assessments. Daniel is a 17-year veteran of the United States Air Force (USAF) with ten of those years on active-duty and continues to serve in the United States Air Force Reserves. He has performed Penetration tests for USAF while on active duty and as a civilian contractor. He enjoys spending time with his family, playing games, and relaxing in front of the television.
\n
SpeakerBio:James Hawk\n, Senior Consultant at Mandiant
\nJames Hawk (He/Him) is a Senior Consultant with Mandiant, within Proactive Services. He is the wireless subject matter expert for his team. James has led and contributed to dozens of assessments (Red Teams and Pen Tests). He has developed internal training and tool updates for 802.11 for his company. James is a 20-year veteran of the U.S. Army and has over 10 years hands-on experience in wireless technologies. James is always researching/testing 802.11 attacks against his home lab. He is a fan of hockey, LetterKenny, and almost anything sci-fi.
\n
SpeakerBio:Lander Beyer\n, Manager, Proactive Services team at Mandiant
\nLander Beyer (He/Him) is the Manager of Mandiant’s Proactive Services team within their Global Government section. Lander has performed dozens of penetration testing services against State, Local, and Education (SLED) organizations, to include wireless and physical assessments. Lander is a cyber branch warrant officer in the California Army National Guard, and a proud husband and father of two. He enjoys table tennis, long walks in the rain, and Domain Admin.
\n\n
\nDescription:
\nThis workshop will teach you how to deploy Rogue APs in your client\'s environment. Using Rogue APs lets you test your client\'s Wireless Intrusion Detection System, passwords, wireless phishing education, and overall wireless security. We will discuss Rogue AP Tactics, Techniques, and Procedures, and how and why they work. In this workshop we will walk through setting up an OPEN, CAPTIVE PORTAL, WPA2, and 802.1x Rogue AP. We will also go over OWE and WPA3-SAE transition mode Rogue APs.\n

The primary goal is setting up Rogue APs to harvest credentials. In the workshop, we will walk through a scenario at a client’s site, then set up a Rogue AP to harvest users’ credentials for the various networks at the site. We will go through how to crack the harvested credentials. We will be using EAPHAMMER, HOSTAPD-MANA, WIFIPHISHER, and AIRBASE-NG for the Rogue AP portion, HASHCAT, AIRCRACK-NG, and JOHN for the cracking portion. This workshop is for beginners, but participants should have basic Linux and 802.11 knowledge and be comfortable using virtual machines.\n

Recommended reading/viewing:
\n- https://posts.specterops.io/modern-wireless-attacks-pt-i-basic-rogue-ap-theory-evil-twin-and-karma-attacks-35a8571550ee\n- https://sensepost.com/blog/2015/improvements-in-rogue-ap-attacks-mana-1%2F2/\n- https://www.youtube.com/watch?v=i2-jReLBSVk\n

Skill Level: Beginner\n

Prerequisites for students:
\n- None\n

Materials or Equipment students will need to bring to participate:\n- Laptop with 8 GBS RAM
\n- Virtual Box / VMware Installed
\n- Wireless card with Access Point Mode and monitor mode. Recommended chip set AWUS036ACM.\n

\n\n\'',NULL,365387),('1_Thursday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hide your kids, turn off your Wi-Fi, they Rogue APing up in here (Pre-Registration Required)\'','\'Daniel Costantini,James Hawk,Lander Beyer\'','WS_cb897e27336cb2e2309faa2921608fed','\'\'',NULL,365388),('1_Thursday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hide your kids, turn off your Wi-Fi, they Rogue APing up in here (Pre-Registration Required)\'','\'Daniel Costantini,James Hawk,Lander Beyer\'','WS_cb897e27336cb2e2309faa2921608fed','\'\'',NULL,365389),('1_Thursday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hide your kids, turn off your Wi-Fi, they Rogue APing up in here (Pre-Registration Required)\'','\'Daniel Costantini,James Hawk,Lander Beyer\'','WS_cb897e27336cb2e2309faa2921608fed','\'\'',NULL,365390),('2_Friday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Long Live the Empire: A C2 Workshop for Modern Red Teaming (Pre-Registration Required)\'','\'Dylan \"CyberStryke\" Butler,Jake \"Hubbl3\" Krasnov,Kevin “Kent” Clark\'','WS_02c16871cec700f8ee93c1a8b5a8337c','\'Title: Long Live the Empire: A C2 Workshop for Modern Red Teaming (Pre-Registration Required)
\nWhen: Friday, Aug 11, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Dylan \"CyberStryke\" Butler,Jake \"Hubbl3\" Krasnov,Kevin “Kent” Clark
\n
SpeakerBio:Dylan \"CyberStryke\" Butler\n, Offensive Infrastructure Developer at BC Security
\nDylan \"CyberStryke\" Butler is an Offensive Infrastructure Developer at BC Security. He began his career as a software engineer, developing high-performance systems for major tech companies. His passion for cybersecurity led him to specialize in offensive infrastructure development, where he now designs and builds robust frameworks to support red team operations.
\n
SpeakerBio:Jake \"Hubbl3\" Krasnov\n, Red Team Operations Lead at BC Security
\nJake \"Hubbl3\" Krasnov is the Red Team Operations Lead at BC Security. He has spent the first half of his career as an Astronautical Engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. Hubbl3 has presented at DEF CON, where he taught courses on offensive PowerShell and has been recognized by Microsoft for his discovery of a vulnerability in AMSI. Jake has authored numerous tools, including Invoke-PrintDemon and Invoke-ZeroLogon, and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
\n
SpeakerBio:Kevin “Kent” Clark\n, Red Team Instructor at BC Security
\nKevin “Kent” Clark is a Security Consultant with TrustedSec and Red Team Instructor with BC Security. His previous work includes Penetration Testing and Red Team Operator, focusing on initial access and active directory exploitation. Kevin contributes to open-source tools such as PowerShell Empire and publishes custom security toolkits such as Badrats and WindowsBinaryReplacements. Kevin authors a cybersecurity blog at https://henpeebin.com/kevin/blog.
\n\n
\nDescription:
\nCommand and Control (C2) is a crucial component of modern Red Teams and Advanced Persistent Threats (APTs), enabling persistent connections to target networks and facilitating the spread of control throughout the infrastructure. This comprehensive workshop will provide an in-depth understanding of C2 concepts by utilizing the open-source Empire C2 framework. Participants will gain valuable insights into the deployment, features, and real-world application of C2 in offensive security. Attendees will learn how to leverage the powerful Empire framework to create, customize, and execute advanced attack scenarios, honing their skills as red team operators.\n

The workshop will cover a range of topics, from setting up Empire, understanding listeners, stagers, and agents, to exploring Empire\'s modules and evasion techniques. Participants will engage in hands-on exercises, building their proficiency in configuring and deploying Empire servers, interacting with clients, and implementing various listeners and modules. The workshop will culminate in a mini Capture-The-Flag (CTF) challenge, where attendees will apply their newfound knowledge in a cloud-hosted environment provided by the instructors.\n

Skill Level: Beginner\n

Prerequisites for students:
\n- Basic computer abilities\n

Materials or Equipment students will need to bring to participate: \n- Laptop with a Kali Linux VM\n

\n\n\'',NULL,365391),('2_Friday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Long Live the Empire: A C2 Workshop for Modern Red Teaming (Pre-Registration Required)\'','\'Dylan \"CyberStryke\" Butler,Jake \"Hubbl3\" Krasnov,Kevin “Kent” Clark\'','WS_02c16871cec700f8ee93c1a8b5a8337c','\'\'',NULL,365392),('2_Friday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Long Live the Empire: A C2 Workshop for Modern Red Teaming (Pre-Registration Required)\'','\'Dylan \"CyberStryke\" Butler,Jake \"Hubbl3\" Krasnov,Kevin “Kent” Clark\'','WS_02c16871cec700f8ee93c1a8b5a8337c','\'\'',NULL,365393),('2_Friday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Long Live the Empire: A C2 Workshop for Modern Red Teaming (Pre-Registration Required)\'','\'Dylan \"CyberStryke\" Butler,Jake \"Hubbl3\" Krasnov,Kevin “Kent” Clark\'','WS_02c16871cec700f8ee93c1a8b5a8337c','\'\'',NULL,365394),('1_Thursday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hacking The Metal: An Intro to ARM Assembly Language Programming (Pre-Registration Required)\'','\'Eigentourist\'','WS_19592cf5d37cf260e089d92f8816e9c7','\'Title: Hacking The Metal: An Intro to ARM Assembly Language Programming (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Eigentourist\n
\nEigentourist is a programmer who learned the craft in the early 1980s. He began formal education in computer science when the height of software engineering discipline meant avoiding the use of GOTO statements. Over the course of his career, he has created code of beautiful simplicity and elegance, and of horrific complexity and unpredictability. Sometimes it\'s hard to tell which was which. Today, he works on systems integration and engineering in the healthcare industry.
\n\n
\nDescription:
\n\"RISC architecture is gonna change everything.\"\n

\"Yeah. RISC is good.\"\n

So said Angelina Jolie and Jonny Lee Miller in 1995. And while many of us weren\'t looking, RISC quietly changed everything.\n

This workshop will teach an introduction to low-level programming on the CPU that runs your favorite mobile games, apps, and everything else on your personal devices -- and is now creeping onto the desktop and into the datacenters that run the world.\n

We will write assembly code for ARM CPUs, and run it on an emulated Raspberry Pi, using the QEMU emulator. In the process, we will learn the key differences between ARM and the Intel CPUs running our workstations and servers. We will also learn to parallelize operations using the Neon coprocessor, and communicate with devices via the Raspberry\'s GPIO pins. Finally, we will explore and debug some misbehaving code, and in the end, we will emerge with a deeper understanding of low-level operations as they occur on the devices that play a vital role in our present and our future.\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- Some previous coding experience is helpful, but mostly, a healthy curiosity\n

Materials or Equipment students will need to bring to participate: \n- Laptop with wifi connectivity, if wishing to participate\n

\n\n\'',NULL,365395),('1_Thursday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hacking The Metal: An Intro to ARM Assembly Language Programming (Pre-Registration Required)\'','\'Eigentourist\'','WS_19592cf5d37cf260e089d92f8816e9c7','\'\'',NULL,365396),('1_Thursday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hacking The Metal: An Intro to ARM Assembly Language Programming (Pre-Registration Required)\'','\'Eigentourist\'','WS_19592cf5d37cf260e089d92f8816e9c7','\'\'',NULL,365397),('1_Thursday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Hacking The Metal: An Intro to ARM Assembly Language Programming (Pre-Registration Required)\'','\'Eigentourist\'','WS_19592cf5d37cf260e089d92f8816e9c7','\'\'',NULL,365398),('3_Saturday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'The Petting Zoo: Breaking into CTFs (Pre-Registration Required)\'','\'Christopher Forte,Robert Fitzpatrick\'','WS_b1bc5290026d19c3bfd62a612a36cf9c','\'Title: The Petting Zoo: Breaking into CTFs (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Christopher Forte,Robert Fitzpatrick
\n
SpeakerBio:Christopher Forte\n
\nChristopher Forte is a security researcher and a junky for learning, participating in CTFs, and solving challenges. He is curious, loves teaching others, and has a passion for breaking things. As a resident of Las Vegas, Christopher co-founded DC702, is the local Chapter President of TOOOL, and enjoys introducing people to the world of hacking and lock picking.
\n
SpeakerBio:Robert Fitzpatrick\n
\nRobert Fitzpatrick is a military veteran of over 20 years. He began his cyber life leading the Information Assurance office, and quickly moved up to run the Network Operations Center, as well as the Network Test and Evaluation center. He has built multiple operations centers in both homeland and austere locations, purchased satellite infrastructures, and led vulnerability investigations for classified networks. He is also a co-founder of DC702 and enjoys training new students on an eclectic array of subjects surrounding his interests.
\n\n
\nDescription:
\nBreaking into the capture the flag (CTF) world can be daunting and many people are overwhelmed when faced with participation in these events and challenges. With how beneficial the various challenges can be to both beginners and seasoned professionals, we want to demystify this world and help people get the most out of them.\n

This workshop will start with an overview of the CTF landscape, why we do them, and what value they have in the scope of the hacking community. This presentation will include various resources and a few simple demos to show how to approach a CTF and how it may differ from \"real world\" hacking challenges that many of us face in our professions. Next, a short CTF will be hosted to give attendees hands-on experience solving challenges with the ability to ask for help and will be guided through the approach to successfully navigating these challenges. Upon completion, the group will have worked through various types of hacking challenges and will have the confidence to participate in other CTFs hosted throughout the year.\n

Areas of focus will include:\n

\n

Skill Level: Beginner\n

Prerequisites for students:
\n- Be curious about CTFs and have a very basic knowledge of or exposure to fundamental topics (e.g., Linux, websites, networking, data encoding and encryption)\n- Exposure to the above concepts will help during the workshop defined CTF challenges but is not required for the workshop\n

Materials or Equipment students will need to bring to participate:\n- Laptop
\n- Debian-based Virtual Machine (e.g., Kali) is recommended\n- Virtualized environment or Kali is not required but Kali will provide all the tools useful in solving the challenges and help standardize available tools. All challenge solutions will be possible using default Kali installations.\n- A limited number of Kali-Chromebooks and hosted resources will be available for those having issues or unable to bring their own systems.\n

\n\n\'',NULL,365399),('3_Saturday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'The Petting Zoo: Breaking into CTFs (Pre-Registration Required)\'','\'Christopher Forte,Robert Fitzpatrick\'','WS_b1bc5290026d19c3bfd62a612a36cf9c','\'\'',NULL,365400),('3_Saturday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'The Petting Zoo: Breaking into CTFs (Pre-Registration Required)\'','\'Christopher Forte,Robert Fitzpatrick\'','WS_b1bc5290026d19c3bfd62a612a36cf9c','\'\'',NULL,365401),('3_Saturday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'The Petting Zoo: Breaking into CTFs (Pre-Registration Required)\'','\'Christopher Forte,Robert Fitzpatrick\'','WS_b1bc5290026d19c3bfd62a612a36cf9c','\'\'',NULL,365402),('1_Thursday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Pentesting Inductiral Control Systems: OCP-U-HACK (Pre-Registration Required)\'','\'Alexandrine Torrents,Arnaud Soullié\'','WS_df4c286f0d74c0a7bfc9ecad162ad5e9','\'Title: Pentesting Inductiral Control Systems: OCP-U-HACK (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Alexandrine Torrents,Arnaud Soullié
\n
SpeakerBio:Alexandrine Torrents\n, Cybersecurity Expert at Wavestone
\nAlexandrine Torrents is a cybersecurity expert at Wavestone. She started as a penetration tester, and performed several cybersecurity assessments on ICS. She worked on a few ICS models to demonstrate attacks on PLCs and developed a particular tool to request Siemens PLCs. Then, she started working at securing ICS, especially in the scope of the French military law, helping companies offering a vital service to the nation to comply with security rules. Now, Alexandrine works with different industrial CISOs on their cybersecurity projects: defining secure architectures, hardening systems, implementing detection mechanisms. She is also IEC 62443 certified and still performs assessments on multiple environments.
\n
SpeakerBio:Arnaud Soullié\n, Senior Manager at Wavestone
\nArnaud Soullié (@arnaudsoullie) is a Senior Manager at Wavestone, a global consulting company. For 12 years, he has been performing security assessments and pentests on all types of targets. He started specializing in ICS cybersecurity 10 years ago. He spoke and taught workshops at numerous security conferences on ICS topics : BlackHat Europe, BruCon, CS3STHLM, BSides Las Vegas, DEFCON... He is also the creator of the DYODE project, an open­source data diode aimed at ICS. He has been teaching ICS cybersecurity training since 2015.
\nTwitter: @arnaudsoullie
\n\n
\nDescription:
\nLet’s capture the flag, literally! In this workshop you’ll participate in an engaging CTF during which you’ll take control of a robotic arm to capture a real flag on a model train!\n

To do so, we’ll start with an introduction to Industrial Control Systems to discover the specific components, the network architectures, and even program a PLC simulator.\n

We’ll then discover some ICS-specific protocols, with a focus on OPC-UA, a modern ICS protocol.\n

Finally, you’ll connect to our ICS setup composed of real ICS hardware and software and compete against other attendees to capture the flags with robotic hands!\n

Skill Level: Beginner\n

Prerequisites for students:
\n- No specific knowledge is required\n

Materials or Equipment students will need to bring to participate: \n- Students should have a laptop capable of running 64-bits virtual machines\n

\n\n\'',NULL,365403),('1_Thursday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Pentesting Inductiral Control Systems: OCP-U-HACK (Pre-Registration Required)\'','\'Alexandrine Torrents,Arnaud Soullié\'','WS_df4c286f0d74c0a7bfc9ecad162ad5e9','\'\'',NULL,365404),('1_Thursday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Pentesting Inductiral Control Systems: OCP-U-HACK (Pre-Registration Required)\'','\'Alexandrine Torrents,Arnaud Soullié\'','WS_df4c286f0d74c0a7bfc9ecad162ad5e9','\'\'',NULL,365405),('1_Thursday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Pentesting Inductiral Control Systems: OCP-U-HACK (Pre-Registration Required)\'','\'Alexandrine Torrents,Arnaud Soullié\'','WS_df4c286f0d74c0a7bfc9ecad162ad5e9','\'\'',NULL,365406),('2_Friday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Snakes on a Screen: Taming Offensive IronPython Techniques (Pre-Registration Required)\'','\'Anthony \"Coin\" Rose,Gannon “Dorf” Gebauer,Vincent \"Vinnybod\" Rose\'','WS_574d78110017dc788236a2bc37875d3d','\'Title: Snakes on a Screen: Taming Offensive IronPython Techniques (Pre-Registration Required)
\nWhen: Friday, Aug 11, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Anthony \"Coin\" Rose,Gannon “Dorf” Gebauer,Vincent \"Vinnybod\" Rose
\n
SpeakerBio:Anthony \"Coin\" Rose\n, Director of Security Researcher at BC Security
\nAnthony \"Coin\" Rose, CISSP, is the Director of Security Researcher at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA conferences. Anthony is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing wide-spread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
\n
SpeakerBio:Gannon “Dorf” Gebauer\n, Security Consultant at BC Security
\nGannon “Dorf” Gebauer is a Security Consultant at BC Security and specializes in threat intelligence and embedded system testing. He has led teams through the Cyber Patriot, a USAF CTF that tests both defense and offensive capabilities. Currently, his expertise is focused on building automation tools for range deployments. Dorf has taught courses at both, Blackhat and DEF CON.
\n
SpeakerBio:Vincent \"Vinnybod\" Rose\n, Lead Developer at Empire and Starkiller
\nVincent \"Vinnybod\" Rose is the Lead Developer for Empire and Starkiller. He is a software engineer with a decade of expertise in building highly scalable cloud services, improving developer operations, and building automation. Recently, his focus has been on the reliability and stability of the Empire C2 server in the most recent major update (Empire 5). Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://www.bc-security.org/blog/.
\n\n
\nDescription:
\nIronPython is a powerful and flexible programming language that has been increasingly used by attackers due to its ability to bypass security controls. This practical workshop will explore the inner workings of IronPython and its unique features that enable sophisticated offensive techniques. Participants will gain hands-on experience in developing IronPython payloads that can evade modern security controls and execute malicious code on target systems.\n

The workshop will cover the following topics:\n1. Introduction to IronPython: Basic syntax and usage of IronPython, and how it can be used in offensive scenarios.\n2. BYOI and DLR: Bring Your Own Interpreter (BYOI) and Dynamic Language Runtime (DLR) concepts and their role in developing offensive payloads.\n3. Malware Development with IronPython: Develop sophisticated payloads that can bypass modern security controls and execute malicious code on target systems.\n4. Anti-Forensics and Evasion Techniques: Techniques to make the payloads more resilient to forensic analysis and detection.\n5. Advanced Techniques: Advanced techniques like using IronPython with C# and PowerShell and integrating the payloads with other offensive tools.\n

This workshop is designed for offensive security professionals, red teamers, penetration testers, and anyone interested in exploring the capabilities of IronPython for offensive purposes. Participants should have a basic understanding of Python and programming concepts. By the end of the workshop, participants will have a deeper understanding of IronPython and its capabilities for developing offensive payloads.\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- A familiarity with python is preferred, but not required.\n

Materials or Equipment students will need to bring to participate: \n- Laptop with Windows or other Windows VM\n

\n\n\'',NULL,365407),('2_Friday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Snakes on a Screen: Taming Offensive IronPython Techniques (Pre-Registration Required)\'','\'Anthony \"Coin\" Rose,Gannon “Dorf” Gebauer,Vincent \"Vinnybod\" Rose\'','WS_574d78110017dc788236a2bc37875d3d','\'\'',NULL,365408),('2_Friday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Snakes on a Screen: Taming Offensive IronPython Techniques (Pre-Registration Required)\'','\'Anthony \"Coin\" Rose,Gannon “Dorf” Gebauer,Vincent \"Vinnybod\" Rose\'','WS_574d78110017dc788236a2bc37875d3d','\'\'',NULL,365409),('2_Friday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Snakes on a Screen: Taming Offensive IronPython Techniques (Pre-Registration Required)\'','\'Anthony \"Coin\" Rose,Gannon “Dorf” Gebauer,Vincent \"Vinnybod\" Rose\'','WS_574d78110017dc788236a2bc37875d3d','\'\'',NULL,365410),('3_Saturday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Creating and uncovering malicious containers Redux (Pre-Registration Required)\'','\'Adrian \"threlfall\" Wood,David \"digish0\" Mitchell\'','WS_37974da56ca9d9ee63425ece55cce50d','\'Title: Creating and uncovering malicious containers Redux (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Adrian \"threlfall\" Wood,David \"digish0\" Mitchell
\n
SpeakerBio:Adrian \"threlfall\" Wood\n, Dropbox
\nAdrian Wood, aka threlfall, discovered a love for hacking from cracking and modding video games and from the encouragement of online friends. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive research team at a US bank, where he was very interested in appsec, container security, CI/CD security and also founded their bug bounty program. He currently works for Dropbox, working on their red team. In his free time, he enjoys playing saxophone, working on vintage cars, and fly-fishing.
\n
SpeakerBio:David \"digish0\" Mitchell\n
\nDavid Mitchell, aka digish0, started his hacking career as a script kiddie running 7th Sphere in mIRC in high school. Later falling in with some Linux/RedHat nerds at a local 2600 group at college while studying CS, etc. He got into Linux, started an IT career, later rediscovering his hacking script kiddie roots when a local hacker space opened up and shared members with a lockpicking group that worked in infosec as penetration testers, etc where he discovered he could get paid to do the things he liked doing in high school/college. He now works professionally as a red team member and cyber security researcher at a large financial institution. The rest of the time he spends being a dad/husband, trying not to get injured in Muay Thai/BJJ or mountain biking, and listening to either very expensive or very cheap vinyl.
\n\n
\nDescription:
\nContainers allow bad actors access to an excellent delivery mechanism for malware deployment in organizations, offering a wide variety of detection avoidance and persistence mechanisms. Fear not protectors, containers also offer ways to detect these, but can be fraught with challenges. Whether you\'re red, blue or just container curious this workshop is for you.\n

In this workshop, you will get hands-on with containers and kubernetes, - starting with introductory content - learning how they work, where and how to hide or find things, how to identify indicators of compromise, indicators of attack, and how to apply analysis to gain a deeper understanding of container malware and what is going on inside containers.\n

This workshop will utilize the Google Cloud Platform alongside command line operands and a small amount of open source tooling to learn both offensive and defense techniques on containers. By the end, you’ll have a solid mental model of how containers work, how they are managed and deployed, and be equipped with the ability to analyze container images, identify problems, attack container supply chains and identify familiar patterns. Ultimately, these skills will allow you to generate valuable insights for your organization’s defense or aid you in your next attack.\n

This course is designed to take you deep into the world of containers, making tooling like Kubernetes much more intuitive and easy to understand.There’s lots of labs which will be used to reinforce your learnings,in both attack and defense and the course comes with very detailed notes and instructions for setup which you can repeat on your own time. This course will provide references to scripts that make certain tasks easier, but we will be challenging you to learn the process and reasoning behind them rather than relying on automation.\n

Attendees will be provided with all the lab material used in the course in digital format, including labs, guides and virtual machine setup.\n

Skill Level: Beginner to Intermediate\n

Prerequisites for students:
\n- None! the class is well designed to allow those with little to no linux, kubernetes or cloud familiarity to follow along, but a basic familiarity with Linux and terminal will allow attendees to focus on the work.\n

Materials or Equipment students will need to bring to participate: \n- A Google Cloud free tier account (basically a fresh gmail account)\n- an internet connected computer
\n- We will send out instructions to attendees prior to the class, so they can be ready on the day.\n

\n\n\'',NULL,365411),('3_Saturday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Creating and uncovering malicious containers Redux (Pre-Registration Required)\'','\'Adrian \"threlfall\" Wood,David \"digish0\" Mitchell\'','WS_37974da56ca9d9ee63425ece55cce50d','\'\'',NULL,365412),('3_Saturday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Creating and uncovering malicious containers Redux (Pre-Registration Required)\'','\'Adrian \"threlfall\" Wood,David \"digish0\" Mitchell\'','WS_37974da56ca9d9ee63425ece55cce50d','\'\'',NULL,365413),('3_Saturday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Creating and uncovering malicious containers Redux (Pre-Registration Required)\'','\'Adrian \"threlfall\" Wood,David \"digish0\" Mitchell\'','WS_37974da56ca9d9ee63425ece55cce50d','\'\'',NULL,365414),('1_Thursday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Flipping the Coin: Red and Blue Teaming in Windows Environments (Pre-Registration Required)\'','\'Angus \"0x10f2c_\" Strom,Troy Defty\'','WS_423c2095eff3b219be6dae8a65570c66','\'Title: Flipping the Coin: Red and Blue Teaming in Windows Environments (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Angus \"0x10f2c_\" Strom,Troy Defty
\n
SpeakerBio:Angus \"0x10f2c_\" Strom\n, Senior Security Engineer
\nAngus (0x10f2c_) is currently a Senior Security Engineer working at a tech company. He obtained a love for all things computers by scavenging computer parts from local garbage pickups as a kid, and then trying to make them work together without blowing up. Angus eventually realised that a career could be made out of his skills hacking together poorly written LUA code in Garry’s mod, and finished a Bachelors in Network Security. In his professional career Angus has 5+ years working in Security Consulting, working across many industries and gaining many shells. More recently Angus has made the move to a security engineer focused role. When not hacking he loves to ski on the little snow that Australia has, and loves to paint small miniatures while listening to Drone Metal.
\n
SpeakerBio:Troy Defty\n, Security Engineering Manager
\nHaving worked in the UK and Australian InfoSec industries for just over a decade, and following 8 and a half years of red teaming, Troy jumped the proverbial fence from red to blue, and is currently a Security Engineering Manager at a tech company. His interest and experience is in detection engineering, red teaming, threat modelling, hardware, and assessing ICS environments. Other interests include music, electronics, the outdoors, travel, rugby, CTF, and being bad at golf.
\n\n
\nDescription:
\nRed and blue are two sides of the same coin. Offensive and defensive teams deliver the best results when working together; sharing knowledge, ideas, and understanding with each other. And a core part of this information exchange is understanding each respective perspective. This is the overarching theme of the workshop; attackers thinking like defenders, and defenders thinking like attackers.\n

By the end of the workshop, attendees will:\n

    \n
  1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:
\n

Pass the Hash attacks;
\n ADCS abuse;
\n PrintSpoofer exploits;
\n LSASS exploitation (using Mimikatz);\n AD enumeration (using BloodHound);
\n DACL abuse;
\n Kerberos golden tickets; and
\n DLL hijacking.\n

\n

2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\n

Sigma/Yara rules.
\n Log ingestion/normalization platforms, and query engines (e.g. ELK).\n

\n

3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good. Recommended (but not required) prior reading:\n

https://nooblinux.com/metasploit-tutorial/https://posts.specterops.io/introducing-bloodhound-enterprise-attack-path-management-for-everyone-39cfd8d6eb7c\nhttps://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview\nhttps://socprime.com/blog/sigma-rules-the-beginners-guide/\nhttps://github.com/socprime/SigmaUI
\nhttps://blog.netwrix.com/2021/11/30/how-to-detect-pass-the-hash-attacks/\nhttps://posts.specterops.io/certified-pre-owned-d95910965cd2\nhttps://www.elastic.co/guide/en/security/current/suspicious-print-spooler-point-and-print-dll.html\n

Skill Level: Beginner to Intermediate\n

Prerequisites for students:
\n- Basic understanding of the Linux and Windows command line\n- some basic knowledge of IP networking and routing\n- A basic understanding of Active Directory and exposure to the Metasploit Framework/Meterpreter are beneficial, but not required.\n

Materials or Equipment students will need to bring to participate:\n- Laptop, 8GB RAM
\n- OpenVPN Client
\n- Remote Desktop Protocol (RDP) client
\n- It is strongly recommended that attendees have local administrative rights to their device.\n- An Internet connection is also required; DEF CON’s (authenticated) WiFi network will suffice, however attendees should consider alternative options in favour of resiliency (e.g. tethering/hotspotting cell phones).\n

\n\n\'',NULL,365415),('1_Thursday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Flipping the Coin: Red and Blue Teaming in Windows Environments (Pre-Registration Required)\'','\'Angus \"0x10f2c_\" Strom,Troy Defty\'','WS_423c2095eff3b219be6dae8a65570c66','\'\'',NULL,365416),('1_Thursday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Flipping the Coin: Red and Blue Teaming in Windows Environments (Pre-Registration Required)\'','\'Angus \"0x10f2c_\" Strom,Troy Defty\'','WS_423c2095eff3b219be6dae8a65570c66','\'\'',NULL,365417),('1_Thursday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Flipping the Coin: Red and Blue Teaming in Windows Environments (Pre-Registration Required)\'','\'Angus \"0x10f2c_\" Strom,Troy Defty\'','WS_423c2095eff3b219be6dae8a65570c66','\'\'',NULL,365418),('1_Thursday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Introduction to Cryptographic Attacks (Pre-Registration Required)\'','\'Matt Cheung\'','WS_355b08e36863df801abab2e83f915bf5','\'Title: Introduction to Cryptographic Attacks (Pre-Registration Required)
\nWhen: Thursday, Aug 10, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\n
SpeakerBio:Matt Cheung\n
\nMatt Cheung started developing his interest in cryptography during an internship in 2011. He worked on implementation of a secure multi-party protocol by adding elliptic curve support to an existing secure text pattern matching protocol. Implementation weaknesses were not a priority and this concerned Matt. This concern prompted him to learn about cryptographic attacks from Dan Boneh\'s crypto 1 course offered on Coursera and the Matasano/cryptopals challenges. From this experience he has given workshops at the Boston Application Security Conference, BSidesLV, DEF CON, and the Crypto and Privacy Village.
\n\n
\nDescription:
\nUsing cryptography is often a subtle practice and mistakes can result in significant vulnerabilities. This workshop will cover many of these vulnerabilities which have shown up in the real world, including CVE-2020-0601. This will be a hands-on workshop where you will implement the attacks after each one is explained. I will provide a VM with Python dependencies and skeleton code included so you can focus on implementing the attack. A good way to determine if this workshop is for you is to look at the challenges at cryptopals.com and see if those look interesting, but you could use in person help understanding the attacks. While not a strict subset of those challenges, there is significant overlap. Participants should have VMWare, VirtualBox, or some other VM software installed.\n

Skill Level: Beginner to Intermediate\n

Prerequisites for students:
\n- Students should be comfortable with modular arithmetic and the properties of XOR.\n- Experience in Python or other similar language will be a plus.\n

Materials or Equipment students will need to bring to participate: \n- A laptop with VMWare or VirtualBox installed and capable of running a VM.\n

\n\n\'',NULL,365419),('1_Thursday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Introduction to Cryptographic Attacks (Pre-Registration Required)\'','\'Matt Cheung\'','WS_355b08e36863df801abab2e83f915bf5','\'\'',NULL,365420),('1_Thursday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Introduction to Cryptographic Attacks (Pre-Registration Required)\'','\'Matt Cheung\'','WS_355b08e36863df801abab2e83f915bf5','\'\'',NULL,365421),('1_Thursday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Introduction to Cryptographic Attacks (Pre-Registration Required)\'','\'Matt Cheung\'','WS_355b08e36863df801abab2e83f915bf5','\'\'',NULL,365422),('3_Saturday','09','09:00','12:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'BLE Security 201 (Pre-Registration Required)\'','\'Maxine \"Freqy\" Filcher,Zach \"justadequate\" Reavis\'','WS_2f4d81ef6bb4c560827fe192b9addfea','\'Title: BLE Security 201 (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 09:00 - 12:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Maxine \"Freqy\" Filcher,Zach \"justadequate\" Reavis
\n
SpeakerBio:Maxine \"Freqy\" Filcher\n
\nMaxine, or Freqy, is a US Army Veteran, possessing a master\'s degree in Cybersecurity and is widely recognized for her expertise in wireless security. In sharing her knowledge, she has delivered many presentations over the last five years, exploring various facets of wireless security. Maxine\'s grasp of BLE security has helped her play pivotal roles in assisting numerous large-scale corporations in fortifying the security of consumer devices that are ubiquitous to millions of households worldwide
\n
SpeakerBio:Zach \"justadequate\" Reavis\n
\nZach, also known as justadequate, is an OSCP-certified wireless security expert specializing in waveform reverse engineering, exploit development, and embedded systems penetration testing. Demonstrating in-depth knowledge and experience in these areas, he has worked in both consulting and formal security test and engineering roles to develop, assess, and secure systems ranging from aircraft to SCADA/ICS to IoT/home-use devices deployed around the world.
\n\n
\nDescription:
\nThere have been plenty of talks on intro BLE security topics, it’s time for us to put it to use. This workshop will serve as a refresher for the BLE skills gained in previous talks, while walking students to the next level through utilizing BLE as an initial ingress vector to compromise a simulated corporate network. Come join us while we demonstrate the importance of investigating all wireless protocols in your corporate environment.\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- None\n

Materials or Equipment students will need to bring to participate:\n- Laptop
\n- Android Phone\n

\n\n\'',NULL,365423),('3_Saturday','10','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'BLE Security 201 (Pre-Registration Required)\'','\'Maxine \"Freqy\" Filcher,Zach \"justadequate\" Reavis\'','WS_2f4d81ef6bb4c560827fe192b9addfea','\'\'',NULL,365424),('3_Saturday','11','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'BLE Security 201 (Pre-Registration Required)\'','\'Maxine \"Freqy\" Filcher,Zach \"justadequate\" Reavis\'','WS_2f4d81ef6bb4c560827fe192b9addfea','\'\'',NULL,365425),('3_Saturday','12','09:00','12:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'BLE Security 201 (Pre-Registration Required)\'','\'Maxine \"Freqy\" Filcher,Zach \"justadequate\" Reavis\'','WS_2f4d81ef6bb4c560827fe192b9addfea','\'\'',NULL,365426),('3_Saturday','14','14:00','17:59','N','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required)\'','\'Michael \"S3curityNerd\" Register,Michael \"mR_F0r3n51c5\" Solomon\'','WS_f73db39bb89bf63acef385c1f4e59d80','\'Title: Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required)
\nWhen: Saturday, Aug 12, 14:00 - 17:59 PDT
\nWhere: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
\nSpeakers:Michael \"S3curityNerd\" Register,Michael \"mR_F0r3n51c5\" Solomon
\n
SpeakerBio:Michael \"S3curityNerd\" Register\n
\nMichael Register, known as S3curityNerd, with 7 years of combined experience in IT, Networking, and Cybersecurity. He holds multiple certifications and actively conducts post-exploitation research to enhance threat hunting operations.
\n
SpeakerBio:Michael \"mR_F0r3n51c5\" Solomon\n
\nMichael Solomon, also known as mR_F0r3n51c5, is a Threat Hunter with over 12 years of experience in Cyber Operations, Digital Forensics & Incident Response (DFIR), and Threat Hunting. His passion lies in helping to shape the next generation of cybersecurity analysts for a safer tomorrow.
\n\n
\nDescription:
\nAre you ready to step into the shoes of a cybersecurity or incident response analyst? Whether you\'re new to investigation or looking to take your analysis skills to the next level, we\'ve got an exciting opportunity for you! Join mR_F0r3n51c5 and S3curityNerd for a four-hour class that will take you on a journey through the world of malware analysis and investigation.\n

In today\'s ever-evolving threat landscape, malware continues to be a weapon of choice for various types of threat actors. Our class leverages forensic and malware analysis fundamentals to teach students how to investigate a compromised Windows system. To ensure the most up-to-date learning experience, the class authors have carefully selected fresh malware samples trending in 2023.\n

By the end of this class, you\'ll have the skills to:\n- Build analysis skills that leverage complex scenarios and improve comprehension\n- Practically acquire data in a forensically sound manner\n- Identify common areas of malware persistence\n- Gather evidence and create a timeline to characterize how the system was compromised\n- Participate in a hand-to-keyboard combat capstone where you\'ll be given an image of a compromised Windows system and demonstrate your newly acquired analysis skills.\n

Don\'t miss this opportunity to gain hands-on experience and take your analysis skills to the next level. Join us and discover the exciting world of forensic analysis and investigation!\n

Skill Level: Intermediate\n

Prerequisites for students:
\n- Not defined\n

Materials or Equipment students will need to bring to participate:\n- Students will be required to download material (e.g., Virtual Machine). Students will be given a URL for download access.\n- Regarding the downloaded virtual machines, these should be imported into your virtual machine software and ready before the start of class. If any additional technical support is needed, the instructors will make themselves available online.\n- Students must have a laptop that meets the following requirements:\n- A 64-bit CPU running at 2GHz or more. The students will be running one virtual machine on their host laptop.\n- Have the ability to update BIOS settings. Specifically, enable virtualization technology such as \"Intel-VT.\"\n- The student must be able to access their system\'s BIOS if it is password protected. This is in case of changes being necessary.\n- 8 GB (Gigabytes) of RAM or higher
\n- At least one open and working USB Type-A port\n- 50 Gigabytes of free hard drive space, allowing you the ability to host the VMs we distribute\n- Students must have Local Administrator Access on their system.\n- Wireless 802.11 Capability
\n- A host operating system that is running Windows 10+, Linux, or macOS 10.4 or later.\n- Virtualization software is required. The supplied VMs have been built for out-of-the-box comparability with VMWare Workstation or Player. Students may use other software if they choose, but they may have to troubleshoot unpredictable issues. Instructors cannot guarantee compatibility with all virtualization software suites. At a minimum, the following VM features will be needed:\n- NATted networking from VM to Internet\n- Copy and Paste of text and files between the Host machine and VM\n

\n\n\'',NULL,365427),('3_Saturday','15','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required)\'','\'Michael \"S3curityNerd\" Register,Michael \"mR_F0r3n51c5\" Solomon\'','WS_f73db39bb89bf63acef385c1f4e59d80','\'\'',NULL,365428),('3_Saturday','16','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required)\'','\'Michael \"S3curityNerd\" Register,Michael \"mR_F0r3n51c5\" Solomon\'','WS_f73db39bb89bf63acef385c1f4e59d80','\'\'',NULL,365429),('3_Saturday','17','14:00','17:59','Y','WS','Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin','\'Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required)\'','\'Michael \"S3curityNerd\" Register,Michael \"mR_F0r3n51c5\" Solomon\'','WS_f73db39bb89bf63acef385c1f4e59d80','\'\'',NULL,365430),('2_Friday','20','20:00','21:59','N','DC','Caesars Forum - Forum - 130-131,134','\'Ask the EFF\'','\'Cooper Quintin,Corynne McSherry,Hannah Zhao,Mario Trujillo,Rory Mir\'','DC_88f096884bbbab0de578ba5c13e45a8d','\'Title: Ask the EFF
\nWhen: Friday, Aug 11, 20:00 - 21:59 PDT
\nWhere: Caesars Forum - Forum - 130-131,134 - Map
\nSpeakers:Cooper Quintin,Corynne McSherry,Hannah Zhao,Mario Trujillo,Rory Mir
\n
SpeakerBio:Cooper Quintin\n, Senior Staff Technologist at Electronic Frontier Foundation
\nCooper Quintin is a security researcher and senior public interest technologist with the EFF Threat Lab. He has worked on projects including Privacy Badger, Canary Watch, and analysis of state sponsored malware campaigns such as Dark Caracal. Cooper has given talks at security conferences including Black Hat, DEFCON, Enigma Conference, and ReCon about issues ranging from IMSI Catcher detection to fem tech privacy issues to newly discovered APTs. He has also been published or quoted in publications including: The New York Times, Reuters, NPR, CNN, and Al Jazeera. Cooper has given security trainings for activists, non profit workers, and vulnerable populations around the world. He previously worked building websites for nonprofits, including Greenpeace, Adbusters, and the Chelsea Manning Support Network. Cooper was also an editor and contributor to the hacktivist journal, \"Hack this Zine.\" In his spare time he enjoys making music, visualizing a solar-punk anarchist future, and playing with his kids.
\nTwitter: @cooperq
\n
SpeakerBio:Corynne McSherry\n, Legal Director at Electronic Frontier Foundation
\nAs EFF\'s Legal Director, McSherry has extensive experience in advocating for digital civil liberties and promoting net neutrality. Her perspective on the legal frameworks shaping the digital landscape will provide DEF CON attendees with insights on regulatory issues affecting technology users.
\nTwitter: @cmcsherr
\n
SpeakerBio:Hannah Zhao\n, Staff Attorney at Electronic Frontier Foundation
\nHannah is a staff attorney at the Electronic Frontier Foundation. She’s part of EFF’s Coders’ Rights Project, which seeks to protect hackers, security researchers, and others through education, legal defense, amicus briefs, and involvement in the community with the goal of promoting innovation and safeguarding the rights of curious tinkerers and hackers on the digital frontier. She also works on legal issues related to police technology, surveillance, and cybersecurity.
\n
SpeakerBio:Mario Trujillo\n, Staff Attorney at Electronic Frontier Foundation
\nAs a Staff Attorney on EFF\'s civil liberties team, he has an expertise focusing on the Fourth Amendment and privacy rights. He is also part of EFF\'s Coders\' Rights Project. Prior to joining EFF, he was an attorney at the privacy law firm ZwillGen and clerked for a federal magistrate judge on the southern border.
\n
SpeakerBio:Rory Mir\n, Associate Director of Community Organizing at Electronic Frontier Foundation
\nAs EFF\'s Associate Director of Community Organizing, Rory works on the EFF activism team to engage community groups on tech policy issues and building community around our issues. This includes our work with the Electronic Frontier Alliance, which directly supports these groups — including a number of local DEFCON groups. Immersed in the community, Rory is familiar with the needs and issues commonly faced by the community. and how it connects to EFF issues.
\n\n
\nDescription:
\nElectronic Frontier Foundation (EFF) is thrilled to return to DEF CON 31 to answer your burning questions on pressing digital rights issues. Our panelists will provide updates on current EFF work, including the fight against government surveillance and protecting creative expression, before turning it over to attendees to pose questions and receive insights from our panelists on the intersection of technology and civil liberties. This is a valuable opportunity to learn from policy experts and engage in a lively discussion rooted in the problems you face. This year you’ll meet: Corynne McSherry, EFF\'s Legal Director specializing in intellectual property and free speech; Hannah Zhao, staff attorney focusing on criminal justice and privacy issues; Mario Trijillo, staff attorney with an expertise in privacy law; Rory Mir, Associate Director of Community Organizing; and Cooper Quintin, security researcher and public interest technologist with the EFF Threat Lab.\n
\n\n\'',NULL,365431),('2_Friday','21','20:00','21:59','Y','DC','Caesars Forum - Forum - 130-131,134','\'Ask the EFF\'','\'Cooper Quintin,Corynne McSherry,Hannah Zhao,Mario Trujillo,Rory Mir\'','DC_88f096884bbbab0de578ba5c13e45a8d','\'\'',NULL,365432),('3_Saturday','16','16:30','17:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'All information looks like noise until you break the code: Futureproofing the transportation sector\'','\'David Pekoske,Jen Easterly,Kevin Collier\'','DC_67a4391aee1f46178eb7fb77a3a170be','\'Title: All information looks like noise until you break the code: Futureproofing the transportation sector
\nWhen: Saturday, Aug 12, 16:30 - 17:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:David Pekoske,Jen Easterly,Kevin Collier
\n
SpeakerBio:David Pekoske\n, Administrator at Transportation Security Administration (TSA)
\nDavid Pekoske was first confirmed by the U.S. Senate as the Transportation Security Administration’s seventh administrator in August 2017 and was reconfirmed for a second term in September 2022.\n

Pekoske leads a workforce of over 60,000 employees and is responsible for security operations at nearly 440 airports throughout the United States. TSA is also the lead federal agency for security of highways, railroads, mass transit systems and pipelines. Under his leadership, TSA improved transportation security through close partnerships and alliances, a culture of innovation, and development of a dedicated workforce.\n \n

During his tenure as TSA Administrator, Pekoske also served at the Department of Homeland Security as Acting Secretary from January 20 to February 2, 2021, and as the Senior Official Performing the Duties of Deputy Secretary from April to November 2019, and again from February to June 2021. At the Department, Pekoske helped lead a unified national effort to ensure the continued security of the United States, coordinating components with missions ranging from prevention and protection to recovery and response. He was also a commissioner on the Cyberspace Solarium Commission that developed a consensus on a strategic approach to defending the United States in cyberspace against attacks of significant consequence.\n

Before joining TSA, Pekoske was an executive in the government services industry, where he led teams that provided counterterrorism, security and intelligence support services to government agencies.\n

Pekoske served as the 26th Vice Commandant of the U.S. Coast Guard, culminating a Coast Guard career that included extensive operational and command experience. As the Vice Commandant, Pekoske was second in command, also serving as Chief Operating Officer and Component Acquisition Executive of the Coast Guard. He is a recognized expert in crisis management, strategic planning, innovation, and aviation, surface transportation and maritime security. In addition, he has been twice awarded the Homeland Security Distinguished Service Medal.\n

Pekoske holds a Master of Business Administration from the Massachusetts Institute of Technology, a Master of Public Administration from Columbia University and a Bachelor of Science from the U.S. Coast Guard Academy.\n

\nTwitter: @TSA_Pekoske
\n
SpeakerBio:Jen Easterly\n, Director at Cybersecurity and Infrastructure Security Agency (CISA)
\nJen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. As Director, Jen leads CISA’s efforts to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every day. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.\n

Before serving in her current role, Jen was the head of Firm Resilience at Morgan Stanley, responsible for ensuring preparedness and response to business-disrupting operational incidents and risks to the Firm. She also helped build and served as the first Global Head of Morgan Stanley’s Cybersecurity Fusion Center, the Firm’s center of gravity for cyber defense operations.\n

Jen has a long tradition of public service, to include two tours at the White House, most recently as Special Assistant to President Obama and Senior Director for Counterterrorism and earlier as Executive Assistant to National Security Advisor Condoleezza Rice. She also served as the Deputy for Counterterrorism at the National Security Agency.\n

A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than twenty years of service in intelligence and cyber operations, including tours of duty in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the design and creation of United States Cyber Command.\n

A distinguished graduate of the United States Military Academy at West Point, Jen holds a\nmaster’s degree in Philosophy, Politics, and Economics from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors and awards, including the 2023 Sisterhood Award from Girls Who Code; the 2022 National Defense University Admiral Grace Hopper Award; the 2021 Cybersecurity Ventures Cybersecurity Person of the Year Award; the 2020 Bradley W. Snyder Changing the Narrative Award, and the 2018 James W. Foley Legacy Foundation American Hostage Freedom Award.\n

A member of the Council on Foreign Relations and a French American Foundation Young Leader, Jen is the past recipient of the Aspen Finance Leaders Fellowship, the National Security Institute Visiting Fellowship, the New America Foundation Senior International Security Fellowship, the Council on Foreign Relations International Affairs Fellowship, and the Director, National Security Agency Fellowship.\n

\nTwitter: @@CISAJen
\n
SpeakerBio:Kevin Collier\n, NBC
\nNo BIO available
\n\n
\nDescription:
\nJust like there\'s more than one way to peel a banana, there’s more than one way to protect a computer network from being pwned. Cyber threats against America’s pipelines, railroads and aviation system are increasing, and the Transportation Security Administration – with support from the White House, the Cybersecurity and Infrastructure Security Agency and Congress – is hacking traditional cybersecurity policy to improve resiliency for the growing connected transportation sector. How? TSA isn’t telling regulated parties exactly the ways they should secure their own systems. Instead, the agency is asking them to produce and provide plans for ensuring they protect their critical assets.\n

America’s adversaries are sophisticated, and TSA needs help from the hacking community to think creatively about future attacks, to identify new vulnerabilities, and to provide innovative new ways of measuring success. This talk will tell you what TSA is seeing, gives you a chance to offer us advice, and to learn specific ways in which you can contribute to new projects. Because always in motion the future is.\n

\n\n\'',NULL,365433),('3_Saturday','17','16:30','17:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'All information looks like noise until you break the code: Futureproofing the transportation sector\'','\'David Pekoske,Jen Easterly,Kevin Collier\'','DC_67a4391aee1f46178eb7fb77a3a170be','\'\'',NULL,365434),('4_Sunday','11','11:00','11:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Burrowing Through The Network: Contextualizing The Vulkan Leaks & Historical State-Sponsored Offensive Operations\'','\'Joe Slowik\'','DC_5d517a9d2d02616348d43ddd381ea95b','\'Title: Burrowing Through The Network: Contextualizing The Vulkan Leaks & Historical State-Sponsored Offensive Operations
\nWhen: Sunday, Aug 13, 11:00 - 11:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Joe Slowik\n, Threat Intelligence Manager at Huntress
\nJoe Slowik has over 15 years\' experience across multiple cyber domains. Currently, Joe leads threat intelligence, hunting, detection engineering, and purple teaming functions for Huntress. Previously, Joe performed in-depth threat intelligence research for DomainTools and Dragos, and led incident response operations at Los Alamos National Laboratory. Joe started off in information security through various roles in the US Navy and intelligence community.
\n\n
\nDescription:
\nIn March 2023, journalists and investigators released analysis of “the Vulkan files.” Consisting of documents associated with a Russian company working with intelligence and military authorities, the papers revealed a variety of ambitious programs such as “Scan-V” and“Amezit.” Both programs, in the sense that they offer capabilities to acquire, maintain, and task infrastructure for cyber and information operations at scale, are deeply concerning, indicating a significant advancement in Russian-linked network warfare and related actions.\n

Placing these items in context reveals a far more troubling picture.After reviewing the capabilities of Amezit and Scan-V, we can see glimpses of historical programs in the advertised efficacy of these projects. We will consider other items that have leaked over the years offering similar capabilities, albeit in different circumstances.Examples include Russia’s SORM framework for domestic operations,China’s Great Firewall and (more significantly) Great Cannon programs, and items that emerged in the Snowden leaks such as the US’s alleged “Quantum” program.\n

By analyzing these additional projects, we will observe a decade’s long trend in the systematization and scaling of cyber programs, especially with respect to automated exploitation and infrastructure management. Vulkan and related items, as significant as they are, represent a culmination of operational evolution and an example of the proliferation of capabilities following disclosure. With programs such as Scan-V exposed, we should anticipate other entities seeking to mirror such capabilities, progressing beyond botnets and other distributed systems to effective management of dispersed capabilities for signals intelligence and cyber operations.\n

\n
REFERENCES
\n
- https://www.spiegel.de/thema/vulkanfiles/?d=1680188834\n- https://www.spiegel.de/international/world/the-vulkan-files-a-look-inside-putin-s-secret-plans-for-cyber-warfare-a-4324e76f-cb20-4312-96c8-1101c5655236\n- https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tactics\n- https://citizenlab.ca/2015/04/chinas-great-cannon/\n- https://resources.infosecinstitute.com/topic/turbine-quantum-implants-arsenal-nsa/\n- https://theintercept.com/2014/03/12/nsa-plans-infect-millions-computers-malware/\n- https://www.wired.com/2014/03/quantum/\n- https://www.domaintools.com/resources/blog/centreon-to-exim-and-back-on-the-trail-of-sandworm/
\n\n\'',NULL,365435),('3_Saturday','14','14:00','14:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'A SSLippery Slope: Unraveling the Hidden Dangers of Certificate Misuse\'','\'Bill Demirkapi\'','DC_f9f17c4146f6835a11e916f0440f584a','\'Title: A SSLippery Slope: Unraveling the Hidden Dangers of Certificate Misuse
\nWhen: Saturday, Aug 12, 14:00 - 14:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Bill Demirkapi\n, Microsoft Security Response Center
\nBill is an undergraduate student and a security researcher for the Microsoft Security Response Center with an intense passion for Windows Internals. His interests include reverse engineering and vulnerability research, ranging from low-level memory corruption to systemic flaws with catastrophic consequences. He started his journey in high school and has since published his work at internationally-recognized conferences like DEF CON and Black Hat USA. In his pursuit to make the world a better place, Bill constantly looks for the next significant vulnerability, following the motto \"break anything and everything\".
\nTwitter: @BillDemirkapi
\n\n
\nDescription:
\nDigital signatures are fundamental for verifying the authenticity and integrity of untrusted data in the digital world. They ensure that software, firmware, and other digital content are not tampered with during transmission or at rest. Code signing certificates are significantly more challenging to obtain when compared to alternatives like SSL or S/MIME certificates. The latter only has a single criterion- proof of control over a domain, while the former requires significant validation of the publisher itself.\n

This project uncovered a systemic vulnerability present in numerous signature validation implementations, enabling attackers to exploit valid certificates in an unintended manner. Vulnerable implementations mistakenly perceive files signed with incompatible certificates as legitimate, violating their respective specifications and allowing threat actors to sign untrusted code at little to no cost. In this talk, we will explore the problem at all levels, ranging from the fundamental theory to its application across multiple formats and real-world situations.\n

\n
REFERENCES
\n
- Boeyen, Sharon, et al. “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile.” IETF, 1 May 2008, datatracker.ietf.org/doc/html/rfc5280.\n- Housley, Russ. “Cryptographic Message Syntax (CMS).” IETF, 5 Sept. 2002, datatracker.ietf.org/doc/html/rfc3369.\n- “Windows Authenticode Portable Executable Signature Format.” Microsoft.com, Microsoft, 21 Mar. 2008, download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/authenticode_pe.docx.\n- “PE Format - Win32 Apps.” Learn.microsoft.com, Microsoft, 31 Mar. 2021, learn.microsoft.com/en-us/windows/win32/debug/pe-format.\n- “Trusted Root Certification Authorities Certificate Store.” Learn.microsoft.com, Microsoft, 14 Dec. 2021, learn.microsoft.com/en-us/windows-hardware/drivers/install/trusted-root-certification-authorities-certificate-store.\n- “What’s the Difference between DV, OV & EV SSL Certificates?” Www.digicert.com, DigiCert, 23 Aug. 2022, www.digicert.com/difference-between-dv-ov-and-ev-ssl-certificates.\n- The OpenSSL Project. OpenSSL: The Open Source Toolkit for SSL/TLS. Apr. 2003.\n- Brubaker, Chad, et al. “Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations.” 2014 IEEE Symposium on Security and Privacy, 18 May 2014, www.cs.cornell.edu/~shmat/shmat_oak14.pdf, https://doi.org/10.1109/sp.2014.15.
\n\n\'',NULL,365436),('2_Friday','16','16:30','17:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'certmitm: automatic exploitation of TLS certificate validation vulnerabilities\'','\'Aapo Oksman\'','DC_46339b74528b22f90033956b90d04877','\'Title: certmitm: automatic exploitation of TLS certificate validation vulnerabilities
\nWhen: Friday, Aug 11, 16:30 - 17:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Aapo Oksman\n, Senior Security Specialist at Nixu Corporation
\nAapo Oksman is a Senior Security Specialist at Nixu Corporation working with application, network and device security. His background is in electrical engineering, embedded devices, and test automation. Combining his background with a hobby in hacking lead to a career in cybersecurity focusing on industrial IoT.\n

In his free time, Bug Bounties and security research keep Aapo motivated and learning. His work in PKI and TLS has resulting in multiple CVEs from vendors such as Microsoft and Apple. Outside work and research Aapos passion is in the community. He takes part in organizing local security meetups and coaches the Finnish national youth CTF team to the yearly European Cybersecurity Challenge competition.\n

\n\n
\nDescription:
\nTLS is the de facto way of securing network connections. It provides an easy way of ensuring confidentiality, integrity and authentication for any type of communication. However, like most things in life, this is also too good to be true.\n

TLS allows communicating parties to uniquely authenticate each other by validating each other\'s certificate. However, many TLS libraries and frameworks have insecure default settings or allow for the developers to skip important aspects of certificate validation in their client implementations.\n

This talk explores issues in TLS client certificate validation and the underlying reasons why developers still fail to implement TLS correctly. Most importantly, we hack all the things with a new TLS mitm tool: certmitm.\n

certmitm automatically discovers and exploits insecure certificate validation vulnerabilities in TLS clients. Let\'s use the tool to hack iOS, Windows 11 and more while we deep dive into the world of insecure TLS certificate validation.\n

\n
REFERENCES
\n
\n

My previous TLS talks:
\nHelSec 20 - Practical attacks against modern TLS implementations - Aapo Oksman: https://www.youtube.com/watch?v=NCm16vLfD60\n

Disobey 2023 - Your connection is not private Exploiting insecure certificate validation in TLS clients - Aapo Oksman: https://www.youtube.com/watch?v=vZvL6ZRiKls\n

Moxie Marlinspikes work in SSL/TLS:
\nDEF CON 17 - Moxie Marlinspike - More Tricks for Defeating SSL: https://www.youtube.com/watch?v=5dhSN9aEljg\nDEF CON 19 - Moxie Marlinspike - SSL And The Future Of Authenticity: https://www.youtube.com/watch?v=UawS3_iuHoA\n

Scientific publications:
\nGeorgiev, Martin, et al. \"The most dangerous code in the world: validating SSL certificates in non-browser software.\" Proceedings of the 2012 ACM conference on Computer and communications security. 2012.\nAkhawe, Devdatta, et al. \"Here\'s my cert, so trust me, maybe? Understanding TLS errors on the web.\" Proceedings of the 22nd international conference on World Wide Web. 2013.\nHuang, Lin Shung, et al. \"Analyzing forged SSL certificates in the wild.\" 2014 IEEE Symposium on Security and Privacy. IEEE, 2014.\n

Sivakorn, Suphannee, et al. \"HVLearn: Automated black-box analysis of hostname verification in SSL/TLS implementations.\" 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017.\nAlghamdi, Khalid, et al. \"Iotverif: An automated tool to verify ssl/tls certificate validation in android mqtt client applications.\" Proceedings of the Eighth ACM Conference on data and application security and privacy. 2018.\n

\n\n\'',NULL,365437),('2_Friday','17','16:30','17:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'certmitm: automatic exploitation of TLS certificate validation vulnerabilities\'','\'Aapo Oksman\'','DC_46339b74528b22f90033956b90d04877','\'\'',NULL,365438),('1_Thursday','11','11:30','12:15','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Cracking Cicada 3301: The Future of Collaborative Puzzle-Solving\'','\'Artorias,Puck,Taiiwo,TheClockworkBird\'','DC_7b63d7ad0ff889a57ae6dcb593862fe3','\'Title: Cracking Cicada 3301: The Future of Collaborative Puzzle-Solving
\nWhen: Thursday, Aug 10, 11:30 - 12:15 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Artorias,Puck,Taiiwo,TheClockworkBird
\n
SpeakerBio:Artorias\n
\nArtorias is the creator of CicadaSolvers.com, co-host of the CicadaCast podcast, and moderator of r/cicada and the CicadaSolvers discord. Well-versed in the complex history of the Cicada 3301 puzzles, he labors both to document the mystery of Cicada 3301, and to unravel the labyrinth of its interconnected topics.
\n
SpeakerBio:Puck\n
\nPuck is a 19-year-old rising junior computer science major and Cicada 3301 puzzle enthusiast. He has been involved in the community for four years, finding inspiration to pursue cryptography and cybersecurity. Puck has focused his work on promoting community solving efforts, mainly in the form of innovative events.
\n
SpeakerBio:Taiiwo\n
\nTaiiwo, a CicadaSolvers founding member, with a background in software development, sees the community\'s work as an example for the future of problem-solving. With a pragmatic, and sceptical approach to the puzzle, he aims to preserve the community so that it can continue to impact the lives of others as immensely as it did for him.
\n
SpeakerBio:TheClockworkBird\n
\nTheClockworkBird With a background in anthropology and teaching, TheClockworkBird creates collaborative spaces where people of all skill levels and interests can engage with the puzzle. He has gained a multifaceted understanding of Cicada’s impact on the individual, and the impacts of collaborative puzzle solving on the growth of privacy awareness.
\n\n
\nDescription:
\nThis talk will explore the ongoing efforts of the CicadaSolvers community to solve Cicada3301’s Liber Primus, a book of elder futhark runes and codes that has challenged cryptographers and puzzle-solvers since 2014. Using our experiences as leaders within the community, we will delve into the cultural significance of the puzzle and discuss the various strategies and techniques employed by members to crack its code, and the story of their struggle to maintain motivation through 9 years of solving one of the most difficult puzzles ever released. Attendees will gain insights into the future of collaborative puzzle-solving and the challenges that the Liber Primus presents for the future of cryptography. This presentation is suitable for anyone interested in cryptography, puzzle-solving, internet mysteries, and the persistence of collaborative communities. No prior technical knowledge or tools are required.\n
\n
REFERENCES
\n
- CicadaSolvers Discord server: https://discord.gg/cicadasolvers-572330844056715284\n- CicadaSolvers Wiki: https://uncovering-cicada.fandom.com/wiki/Uncovering_Cicada_Wiki\n- Previous DEF CON talk from CicadaSolvers member Nox Populi: https://www.youtube.com/watch?v=sVU4k2gRe_Y\n- Article written as a result of our TOR search in 2016: https://arstechnica.com/information-technology/2016/07/malicious-computers-caught-snooping-on-tor-anonymized-dark-web-sites/
\n\n\'',NULL,365439),('1_Thursday','12','11:30','12:15','Y','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Cracking Cicada 3301: The Future of Collaborative Puzzle-Solving\'','\'Artorias,Puck,Taiiwo,TheClockworkBird\'','DC_7b63d7ad0ff889a57ae6dcb593862fe3','\'\'',NULL,365440),('3_Saturday','10','10:00','11:45','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'D0 N0 H4RM: A Healthcare Security Conversation\'','\'Christian \"quaddi\" Dameff,Jacqueline Burgette,Jeff \"r3plicant\" Tully,Mark Warner,Nitin Natarajan,Suzanne Schwartz\'','DC_a0d306aca5b564eb1527ea0375748ff3','\'Title: D0 N0 H4RM: A Healthcare Security Conversation
\nWhen: Saturday, Aug 12, 10:00 - 11:45 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
\nSpeakers:Christian \"quaddi\" Dameff,Jacqueline Burgette,Jeff \"r3plicant\" Tully,Mark Warner,Nitin Natarajan,Suzanne Schwartz
\n
SpeakerBio:Christian \"quaddi\" Dameff\n, Physician & Medical Director of Cyber Security at The University of California San DiegoMD
\nChristian (quaddi) Dameff MD is an Assistant Professor of Emergency Medicine, Biomedical Informatics, and Computer Science (Affiliate) at the University of California San Diego. He is also a hacker, former open capture the flag champion, and prior DEF CON/RSA/Blackhat/HIMSS speaker. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients,and other Emergency Medicine related works. Published security research topics including hacking critical healthcare infrastructure,medical devices and the effects of malware on patient care. This is his nineteenth DEF CON.
\n
SpeakerBio:Jacqueline Burgette\n, White House Fellow at The Office of National Cyber Director (ONCD)PhD DMD
\nJacqueline Burgette DMD PhD is a White House Fellow at the Office of the National Cyber Director. Jacqueline is a clinician, educator, health policy expert and researcher working at the forefront health and cybersecurity. Jacqueline earned her DMD from the Harvard School of Dental Medicine as a Presidential Scholar and Ph.D. in Health Policy and Management from the University of North Carolina. She served on the faculty at the University of Pittsburgh where she led multi site studies that amplified the voices of vulnerable families to improve child health in Appalachia. As an expert in health services and highly-published author, she brings her systems perspective and data-driven approach to achieve cross-agency priorities in health and cybersecurity for the Federal government.
\n
SpeakerBio:Jeff \"r3plicant\" Tully\n, Anesthesiologist at The University of California San DiegoMD
\nJeff (r3plicant) Tully is a security researcher with an interest in understanding the ever growing intersections between healthcare and technology. His day job focuses primarily on the delivery of oxygen to tissues.
\n
SpeakerBio:Mark Warner\n, Virginia Senator and Chair of the US Cybersecurity Caucus
\nSen. Warner was elected to the U.S. Senate in November 2008 and reelected to a third term in November 2020. He serves as Chairman of the Select Committee on Intelligence and as a member of the Senate Finance, Banking, Budget, and Rules Committees. He also co-chairs the Senate Cybersecurity Caucus. From 2002 to 2006, he served as Governor of Virginia. He has served as a key author and negotiator of several pieces of critical legislation aimed at rebuilding our nation’s infrastructure, improving cybersecurity, restoring domestic manufacturing, protecting national security, rebounding from the COVID-19 crisis, and investing in under served and underbanked communities.
\n
SpeakerBio:Nitin Natarajan\n, Deputy Director at Cybersecurity and Infrastructure Security Agency (CISA)
\nNitin Natarajan serves as the Deputy Director for the Cybersecurity and Infrastructure Security Agency (CISA). Prior to joining CISA, Natarajan served in a variety of public and private sector positions spanning over 30 years. Natarajan also held a number of federal government roles to include Deputy Assistant Administrator at the U.S. Environmental Protection Agency, the Director of Critical Infrastructure Policy at the White House/National Security Council, and as a Director at the U.S. Health and Human Services overseeing healthcare and public health programs. At the beginning of his career, Natarajan spent 13 years as a first responder in New York, which included service as a flight paramedic. He was the Commander of a federal medical response team, based in New York, and has extensive experience deploying to natural and man-made disasters throughout the nation. He holds an under graduate degree from the State University of New York and a graduate degree from the United States Naval Postgraduate School.
\n
SpeakerBio:Suzanne Schwartz\n, Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices and Radiological Health (CDRH)MD
\nSuzanne B. Schwartz, MD, MBA is the Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices and Radiological Health (CDRH).\n

Suzanne’s work in medical device cybersecurity includes policy development, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations and coordinating incident response across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month for her work in Medical Device Cybersecurity. She also received the 2021 Routhy Award from the H-ISAC for her leadership in cybersecurity in healthcare, especially during the COVID-19 pandemic. Together with Health Canada, Suzanne has represented FDA in co-chairing the International Medical Device Regulators Forum (IMDRF) Work Group on Medical Device Cybersecurity leading to its first international guidance publication in March 2020 and two subsequent guidance publications - - one on software bill of materials and one on cybersecurity management of legacy medical devices. She has additionally served as co-chair of the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector’s healthcare cybersecurity initiatives.\n

Suzanne earned an MD from Albert Einstein College of Medicine; an executive MBA from NYU Stern School of Business, completed Cohort X of the National Preparedness Leadership Initiative – Harvard School of Public Health &amp; Harvard Kennedy School of Government executive education, and earned in September 2018 a certificate of mastery for completion of requirements at the Federal Executive Institute – Leadership for a Democratic Society.\n

\n\n
\nDescription:
\nIn 2016 a bunch of hackers took a break from DEF CON festivities to gather in a hotel room with a bathtub full of beer and talk about shared interests in a brave new world of connected healthcare. Trailblazers were popping pacemakers and pharmaceutical pumps, and we worried that instead of embracing such efforts as opportunities to make tech safer for patients, folks in charge would repeat mistakes of the past and double down on the status quo.\n

Fast forward to the 2022 passage of the Omnibus spending bill- the FDA is now locked and loaded with expanded authority to regulate cybersecurity requirements for medical devices. What changed? Keanu voice: “Policy. Lots of Policy.” Turns out when we get in with the right people, hackers can help get things done. This is the core of Policy @ DEFCON.\n

Challenges persist. We now have threats from state actors and ransomware blasts delaying lifesaving medical care while costing hospitals hundreds of millions of dollars they don’t have (been in an ER lately?). So once again, come join quaddi and r3plicant, your favorite ripper docs, for another round of D0 No H4rm- this time with special guests from Congress, FDA, and the White House as we figure out what policy patches have the best chance to save lives.\n

It starts here, in rooms like this, with hackers like you. And it ends with us changing the world.\n

\n\n\'',NULL,365441),('3_Saturday','11','10:00','11:45','Y','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'D0 N0 H4RM: A Healthcare Security Conversation\'','\'Christian \"quaddi\" Dameff,Jacqueline Burgette,Jeff \"r3plicant\" Tully,Mark Warner,Nitin Natarajan,Suzanne Schwartz\'','DC_a0d306aca5b564eb1527ea0375748ff3','\'\'',NULL,365442),('1_Thursday','13','13:30','14:15','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Damned if you do - The risks of pointing out the emperor is buck naked\'','\'RenderMan,Thomas Dang\'','DC_1f4b14b8fd8352a35e26ce7d30dcf234','\'Title: Damned if you do - The risks of pointing out the emperor is buck naked
\nWhen: Thursday, Aug 10, 13:30 - 14:15 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:RenderMan,Thomas Dang
\n
SpeakerBio:RenderMan\n, His Holiness, Pope of the Church of Wifi
\nThe man in the black hat with a monkey on his belt and a suitcase of sex toys. Pope of the Church of Wifi. Don of Dongs at the Internet of Dongs project. Hacking random things for 25+ years. Usually referred to as “oh, that guy” around Defcon.
\n
SpeakerBio:Thomas Dang\n, Cybersecurity Architect at Yukon Territorial Government
\nThomas Dang was (until May 2023) a politician in the Alberta Legislature. The youngest MLA ever elected, he was pursuing a Computing Science degree before his first term. As an MLA, he served various roles including Deputy House Leader and on various legislative committees. While elected, he continued following his passion in Cybersecurity including certifications along with his university education. In an attempt to recover from politics, he’s spending his time hanging out at DEF CON and has a day job as the Cybersecurity Architect for the Yukon Territorial Government.
\nTwitter: @@thomasdangab
\n\n
\nDescription:
\nPost 9/11, the phrase “If you see something, say something” became ubiquitous. If you saw something of concern, better to report something that was nothing than let something bad happen. Problem is, no one let the authorities know that they should apply this to the online realm too. Threats of arrest and criminal investigations have the opposite effect and chill anyone from wanting to report security vulnerabilities that affect everyone.\n

Lack of clear reporting paths, misunderstandings, jurisdiction issues, superseding laws, and good old fashioned egos can make trying to do the right thing turn into a nightmare that can cost livelihoods, reputation, criminal charges and even worse, particularly when government systems are involved.\n

This talk will cover the presenters personal experiences with poorly written or a lack of vulnerability disclosure policies with their governments and what it cost them in trying to make things better. The presentation will then move to a discussion about what should be done and what is being done to make sure that reporting a vulnerability doesn’t cost you everything. Anyone who is responsible for writing such disclosure policies or legislation will benefit, but so will any hackers that want to make it safer to report issues they find by advocating for changes. \n

\n
REFERENCES
\n
- No references cited formally. Law excerpts will be noted in slides where relevant.
\n\n\'',NULL,365443),('1_Thursday','14','13:30','14:15','Y','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Damned if you do - The risks of pointing out the emperor is buck naked\'','\'RenderMan,Thomas Dang\'','DC_1f4b14b8fd8352a35e26ce7d30dcf234','\'\'',NULL,365444),('1_Thursday','14','14:30','15:15','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Designing RFID Implants - How flipping the bird opens doors for me\'','\'Miana Ella Windall\'','DC_b3be6c873c31368a04f7686e79cd60a6','\'Title: Designing RFID Implants - How flipping the bird opens doors for me
\nWhen: Thursday, Aug 10, 14:30 - 15:15 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Miana Ella Windall\n, Hacker
\nMiana is a lifelong tinkerer who likes breaking things almost as much as she likes building them. She is a bio-hacker and info-sec researcher by night, and a professional software nerd during the day.
\nTwitter: @@NiamhAstra
\n\n
\nDescription:
\nRFID implants are basically RFID credentials that can be installed under your skin. When I discovered there was nothing on the market that worked with my employers badging system I decided that I would just have to make my own. This talk will cover the basics of RFID implants, my journey to design my own implant despite having no electronics experience, and some of the future implications of this technology.\n
\n\n\'',NULL,365445),('1_Thursday','15','14:30','15:15','Y','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Designing RFID Implants - How flipping the bird opens doors for me\'','\'Miana Ella Windall\'','DC_b3be6c873c31368a04f7686e79cd60a6','\'\'',NULL,365446),('2_Friday','17','17:30','18:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Fireside Chat with the National Cyber Director Kemba Walden\'','\'Kemba Walden\'','DC_ebc182f70f74f940104ec49cbee80b30','\'Title: Fireside Chat with the National Cyber Director Kemba Walden
\nWhen: Friday, Aug 11, 17:30 - 18:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Kemba Walden\n, Acting National Cyber Director at Office of the National Cyber Director, The White House
\nDirector Walden is the current acting National Cyber Director for the Biden-Harris Administration.
\nTwitter: @KembaWalden46
\n\n
\nDescription:
\nA fireside chat with Director Walden. Director Walden is the current acting National Cyber Director for the Biden-Harris Administration.\n
\n\n\'',NULL,365447),('2_Friday','18','17:30','18:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Fireside Chat with the National Cyber Director Kemba Walden\'','\'Kemba Walden\'','DC_ebc182f70f74f940104ec49cbee80b30','\'\'',NULL,365448),('3_Saturday','12','12:00','12:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'From Feature to Weapon: Breaking Microsoft Teams and SharePoint Integrity\'','\'Nestori Syynimaa\'','DC_536353629a3749e4613815797fa993ca','\'Title: From Feature to Weapon: Breaking Microsoft Teams and SharePoint Integrity
\nWhen: Saturday, Aug 12, 12:00 - 12:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:Nestori Syynimaa\n, Senior Principal Security Researcher at Secureworks
\nDr Nestori Syynimaa is one of the leading Azure AD / M365 experts in the world and the developer of the AADInternals toolkit. He has worked with Microsoft cloud services for over a decade and has been MCT since 2013, MVP since 2020, and awarded Microsoft Most Valuable Security Researcher for 2022. Currently, Dr Syynimaa works as a Senior Principal Security Researcher for Secureworks Counter Threat Unit. Before moving to his current position, Dr Syynimaa worked as a CIO, consultant, trainer, researcher, and university lecturer for almost 20 years. Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom, Black Hat (USA, Europe, and Asia), Def Con, and RSA Conference.
\nTwitter: @DrAzureAD
\n\n
\nDescription:
\nMicrosoft SharePoint Online (SPO) is a cloud-based service that helps organizations share and manage content. It is also used as backend file storage for other Microsoft online services, such as Microsoft 365 Groups, OneDrive, and Teams.\n

Microsoft offers tools such as Migration Manager and SharePoint Migration Tool (SPMT) to ease migrating files from on-premises file servers to SPO, OneDrive, and Teams. Both tools use the same background APIs to perform the data migration. Technically, the migration is leveraging the built-in Granular Backup feature of on-premises SharePoint, which allows exporting and importing individual SharePoint sites and lists. The Granular Backup feature is not available in SharePoint Online.\n

In this talk, I\'ll show how threat actors can leverage SPO migration APIs to break the integrity of all Microsoft online services that use SPO as storage. Threat actors can spoof new content and tamper with existing content, and inject custom code to perform XSS attacks. This, in turn, enables elevation-of-privilege attacks to all Microsoft Online services, including Azure Active Directory. And all this as a regular user.\n

\n\n\'',NULL,365449),('2_Friday','15','15:30','16:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Game-Changing Advances in Windows Shellcode Analysis\'','\'Bramwell Brizendine,Jake Hince,Max \'Libra\' Kersten\'','DC_3302d61b16f782462b837319d4e1aac2','\'Title: Game-Changing Advances in Windows Shellcode Analysis
\nWhen: Friday, Aug 11, 15:30 - 16:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Bramwell Brizendine,Jake Hince,Max \'Libra\' Kersten
\n
SpeakerBio:Bramwell Brizendine\n, Assistant Professor at University of Alabama in HuntsvilleDr.
\nDr. Bramwell Brizendine completed his Ph.D. in Cyber Operations, for which he did his dissertation on Jump-Oriented Programming, a hitherto seldom-studied and poorly understood subset of code-reuse attacks.\n

Bramwell is now an Assistant Professor of Computer Science at the University of Alabama in Huntsville; he previously was an Assistant Professor and the Director of the Vulnerability and Exploitation Research for Offensive and Novel Attacks (VERONA Lab) at Dakota State University, specializing in vulnerability research, software exploitation, and the development of new, cutting-edge tools and techniques with respect to software exploitation and malware analysis. Bramwell has taught numerous undergraduate, graduate and doctoral level courses in software exploitation, reverse engineering, malware analysis and offensive security. Bramwell was a PI on a $300,000 NSA/NCAE research grant, which culminated in the release of a shellcode emulator, SHAREM, in September 2022. Bramwell has been a speaker at many top security conferences, including DEF CON, Hack in the Box Amsterdam, @Hack, Black Hat Middle East, Black Hat Asia, Black Hat Europe, Wild West Hackin’ Fest, and more.\n

\n
SpeakerBio:Jake Hince\n, Cybersecurity Engineer
\nJake Hince recently completed his Computer Science Master\'s degree at Dakota State University. He was a security researcher and malware analyst at VERONA Lab, working on security tool development and shellcode analysis. Jake has been highly actively in collegiate cyber security competitions (CCDC, CPTC), and he participates in CTF competitions. He works professionally as a cybersecurity engineer.
\n
SpeakerBio:Max \'Libra\' Kersten\n, Malware Analyst at Trellix
\nMax Kersten is a malware analyst, blogger, and speaker who aims to make malware analysis more approachable for those who are starting. In 2019, Max graduated cum laude with a bachelor\'s in IT & Cyber Security, during which Max also worked as an Android malware analyst. Currently, Max works as a malware analyst at Trellix, where he analyses APT malware and creates open-source tooling to aid such research. Over the past few years, Max spoke at international conferences, such as Black Hat Arsenal (USA, EU, MEA, Asia), Botconf, Confidence-Conference, HackYeahPL, and HackFestCA. Additionally, he gave guest lectures and workshops for several universities and private entities.
\nTwitter: @Libranalysis
\n\n
\nDescription:
\nShellcode is omnipresent, seen or unseen. Yet tooling to analyze shellcode is lacking. We present the cutting-edge SHAREM framework to analyze enigmatic shellcode.\n

SHAREM can emulate shellcode, identifying 20,000 WinAPI functions and 99% of Windows syscalls. In some shellcode, some APIs may never be reached, due to the wrong environment, but SHAREM has a new solution: Complete code coverage preserves the CPU register context and memory at each change in control flow. Once the shellcode ends, it restarts, restoring memory and context, ensuring all functionality is reached and identifying all APIs.\n

Encoded shellcode may be puzzling at times. SHAREM is a game-changer, as it presents emulated shellcode in its decoded form in a disassembler.\n

IDA Pro and Ghidra can produce disassembly of shellcode that is of poor quality. However, SHAREM uniquely can ingest emulation data, resulting in virtually flawless disassembly. While SHAREM has its own custom disassembler, we are also releasing a Ghidra plugin, so SHAREM\'s enhanced disassembly can enhance what is in GHidra. Only SHAREM identifies APIs in disassembly, and this also can be brought to Ghidra.\n

We will also see how SHAREM can be used by aspiring shellcode authors to enhance their own work, and we will examine advanced shellcode specimens in SHAREM. | Dr. Bramwell Brizendine completed his Ph.D. in Cyber Operations, for which he did his dissertation on Jump-Oriented Programming, a hitherto seldom-studied and poorly understood subset of code-reuse attacks.\n

\n
REFERENCES
\n
[1] Mds. Research, “Bypassing User-Mode Hooks and Direct Invocation of System Calls for Red Teams,” MDSec, 2020. [Online]. Available: https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/.\n[2] K. Borders, A. Prakash, and M. Zielinski, “Spector: Automatically analyzing shell code,” Proc. - Annu. Comput. Secur. Appl. Conf. ACSAC, pp. 501–514, 2007.\n[3] Y. Fratantonio, C. Kruegel, and G. Vigna, “Shellzer: a tool for the dynamic analysis of malicious shellcode,” in International workshop on recent advances in intrusion detection, 2011, pp. 61–80.\n[4] D. Zimmer, “Scdbg Shellcode Analysis,” 2011. [Online]. Available: http://sandsprite.com/CodeStuff/scdbg_manual/MANUAL_EN.html.\n[5] FireEye, “Speakeasy.” [Online]. Available: https://github.com/fireeye/speakeasy.\n[6] M. Jurczyk, “Windows X86-64 System Call Table (XP/2003/Vista/2008/7/2012/8/10).” [Online]. Available: https://j00ru.vexillium.org/syscalls/nt/64/.\n[7] T. Nowak, “The Undocumented Functions Microsoft Windows NT/2000/XP/Win7,” NTAPI Undocumented Functions. .\n[8] A. R. Hevner, S. T. March, J. Park, and S. Ram, “Design science in information systems research,” MIS Q., pp. 75–105, 2004.\n[9] C. Anley, J. Heasman, F. Lindner, and G. Richarte, The shellcoder’s handbook: discovering and exploiting security holes. John Wiley & Sons, 2011.\n[10] S. Eckels, “WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques,” Mandiant, 2020. [Online]. Available: https://www.mandiant.com/resources/wow64-subsystem-internals-and-hooking-techniques.\n[11] A. Ionescu, “Closing Heaven’s Gate,” 2015. [Online]. Available: https://www.alex-ionescu.com/?p=300.\n[12] Hasherezade, “PE-Sieve,” GitHub, 2018. [Online]. Available: https://github.com/hasherezade/pe-sieve.\n[13] Hasherezade, “PE to Shellcode,” GitHub, 2021. [Online]. Available: https://github.com/hasherezade/pe_to_shellcode.
\n\n\'',NULL,365450),('2_Friday','16','15:30','16:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Game-Changing Advances in Windows Shellcode Analysis\'','\'Bramwell Brizendine,Jake Hince,Max \'Libra\' Kersten\'','DC_3302d61b16f782462b837319d4e1aac2','\'\'',NULL,365451),('2_Friday','09','09:00','09:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Growing the Community of AI Hackers with the Generative Red Team\'','\'Austin Carson,Rumman Chowdhury,Sven Cattell\'','DC_082302a12a2e0f2b59507c53afd1b759','\'Title: Growing the Community of AI Hackers with the Generative Red Team
\nWhen: Friday, Aug 11, 09:00 - 09:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Austin Carson,Rumman Chowdhury,Sven Cattell
\n
SpeakerBio:Austin Carson\n, Founder & President at SeedAI
\nAustin Carson is the Founder and President of SeedAI, a nonprofit established to work with a diverse group of policymakers, academics, and private sector experts to help communities across the United States access the resources they need to engage with AI.\n

Previously, Austin established and led the DC government affairs operation for NVIDIA, translating NVIDIA’s expertise in artificial intelligence and high performance computing for policymakers. Prior to joining NVIDIA, Austin held a number of public sector and NGO positions, including serving as Legislative Director for Chairman Michael McCaul and Executive Director for the Technology Freedom Institute. Austin co-founded the Congressional Tech Staff Association, co-led the Congressional Cybersecurity Caucus and the Congressional High Tech Caucus, and is a founding fellow of the Internet Law and Policy Foundry.\n

\n
SpeakerBio:Rumman Chowdhury\n, Co-Founder and CEO at Humane Intelligence
\nDr. Rumman Chowdhury’s passion lies at the intersection of artificial intelligence and humanity. She is a pioneer in the field of applied algorithmic ethics, creating cutting-edge socio-technical solutions for ethical, explainable and transparent AI. Dr. Chowdhury currently runs the nonprofit Humane Intelligence and is a Responsible AI Fellow at the Berkman Klein Center for Internet & Society at Harvard University. \n

Previously, Dr. Chowdhury was the Director of META (ML Ethics, Transparency, and Accountability) team at Twitter, leading a team of applied researchers and engineers to identify and mitigate algorithmic harms on the platform. Prior to Twitter, she was CEO and founder of Parity, an enterprise algorithmic audit platform company. She formerly served as Global Lead for Responsible AI at Accenture Applied Intelligence. In her work as Accenture’s Responsible AI lead, she led the design of the Fairness Tool, a first-in-industry algorithmic tool to identify and mitigate bias in AI systems. \n

Dr. Chowdhury is dedicated to cultivating and growing the next wave of technology-forward companies enabling the responsible use of emerging technologies.\n

\n
SpeakerBio:Sven Cattell\n, Founder at nbhd.ai & AI Village
\nSven founded the AI Village in 2018 and has been running it ever since. Sven is also the founder of nbhd.ai, a startup focused on the security and integrity of datasets and the AI they build. He was previously a senior data scientist at Elastic where he built the malware model training pipeline. He has a PhD in Algebraic Topology, and a postdoc in geometric machine learning where he focused on anomaly and novelty detection.
\nTwitter: @@comathematician
\n\n
\nDescription:
\nWe’re running the largest live AI hacking event ever in the AI village this year. Anthropic, Google, HuggingFace, Meta, NVIDIA, OpenAI, and Stability, have all provided models to attack and Scale AI have built the platform. This event is orders of magnitude bigger than any previous AI red team effort. There are observers from the White House, NIST, NSF, and the EU coming to learn from hackers. We built this event to grow the community that knows how to effectively evaluate Large Language Models as it is much more than prompt injections and jailbreaks.\n

AI works fundamentally differently to traditional software and only forms a part of a product. Trust and Security of AI in a system thus has to work fundamentally differently to traditional software. This is especially true for generative AI systems. The core difference is AI is a stochastic component of software and is allowed to make a small amount of mistakes. This changes bug hunting, reporting, and payouts.\n

Come to this talk to hear about how and why we organized this, and the history of algorithmic & bias bounties that led up to the largest one ever at DEFCON 31. We’ll also give you some tips to help you in the contest.\n

\n
REFERENCES
\n
\n

We Need Bug Bounties for Bad Algorithms - Amit Elazari - https://www.vice.com/en/article/8xkyj3/we-need-bug-bounties-for-bad-algorithms\n

Introducing Twitter’s first algorithmic bias bounty challenge - Rumman Chowdhury & Jutta Williams - https://blog.twitter.com/engineering/en_us/topics/insights/2021/algorithmic-bias-bounty-challenge\n

Sharing learnings from the first algorithmic bias bounty challenge - Kyra Yee & Irene Font Peradejordi - https://blog.twitter.com/engineering/en_us/topics/insights/2021/learnings-from-the-first-algorithmic-bias-bounty-challenge\n

Bias Buccaneers - Rumman Chowdhury, Jutta Williams, Subho Majumdar, Scott Steinhardt, Ben Colman - https://www.biasbuccaneers.org/\n

An Algorithmic Framework for Bias Bounties - Ira Globus-Harris, Michael Kearns, Aaron Roth - https://arxiv.org/abs/2201.10408\n

Machine Learning Security Evasion Competition - Hyrum Anderson, et al. - https://mlsec.io/ https://cujo.com/announcing-the-winners-of-the-2021-machine-learning-security-evasion-competition/\n

MITRE ATLAS - Ram Shankar Siva Kumar, et al - https://atlas.mitre.org/\n

The Spherical Cow of ML Security - Sven Cattell - http://aivillage.org/adversarial%20ml/spherical-cow/\n

The Case for a Hippocratic Oath for Connected Medical Devices: Viewpoint - Beau Woods, Andrea Coravos, and Joshua David Corman - https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6444210/\n

Announcing OpenAI’s Bug Bounty Program - https://openai.com/blog/bug-bounty-program\n

Microsoft Malware Classification Challenge - Royi Ronen, Marian Radu, Corina Feuerstein, Elad Yom-Tov, Mansour Ahmadi - https://www.kaggle.com/c/malware-classification https://arxiv.org/abs/1802.10135\n

\n\n\'',NULL,365452),('3_Saturday','09','09:00','09:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Hack the Future: Why Congress and the White House are supporting AI Red Teaming\'','\'Arati Prabhakar,Austin Carson\'','DC_6155abd27233bdfb50b699af961633c3','\'Title: Hack the Future: Why Congress and the White House are supporting AI Red Teaming
\nWhen: Saturday, Aug 12, 09:00 - 09:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Arati Prabhakar,Austin Carson
\n
SpeakerBio:Arati Prabhakar\n
\nNo BIO available
\n
SpeakerBio:Austin Carson\n, Founder & President at SeedAI
\nAustin Carson is the Founder and President of SeedAI, a nonprofit established to work with a diverse group of policymakers, academics, and private sector experts to help communities across the United States access the resources they need to engage with AI.\n

Previously, Austin established and led the DC government affairs operation for NVIDIA, translating NVIDIA’s expertise in artificial intelligence and high performance computing for policymakers. Prior to joining NVIDIA, Austin held a number of public sector and NGO positions, including serving as Legislative Director for Chairman Michael McCaul and Executive Director for the Technology Freedom Institute. Austin co-founded the Congressional Tech Staff Association, co-led the Congressional Cybersecurity Caucus and the Congressional High Tech Caucus, and is a founding fellow of the Internet Law and Policy Foundry.\n

\n\n
\nDescription:
\nOn May 4th, the White House announced the AI Village at DEF CON\'s Generative AI Red Team and their participation, followed by announcements from the House and Senate AI Caucus leadership and the National Science Foundation.\n

In this panel, we\'ll hear from top officials and executives about how they\'re balancing the explosion of creativity and entrepreneurship from the advent of GenAI with the known & unknown risks of deployment at scale.\n

We\'ll also hear how this exercise is viewed as a model for enhancing trust & safety through democratizing AI education. Panelists will also discuss why it\'s meaningful to bring together thousands of people from different communities to conduct the exercise across the available AI models.\n

\n
REFERENCES
\n
\n

We Need Bug Bounties for Bad Algorithms - Amit Elazari - https://www.vice.com/en/article/8xkyj3/we-need-bug-bounties-for-bad-algorithms\n

Introducing Twitter’s first algorithmic bias bounty challenge - Rumman Chowdhury & Jutta Williams - https://blog.twitter.com/engineering/en_us/topics/insights/2021/algorithmic-bias-bounty-challenge\n

Sharing learnings from the first algorithmic bias bounty challenge - Kyra Yee & Irene Font Peradejordi - https://blog.twitter.com/engineering/en_us/topics/insights/2021/learnings-from-the-first-algorithmic-bias-bounty-challenge\n

Bias Buccaneers - Rumman Chowdhury, Jutta Williams, Subho Majumdar, Scott Steinhardt, Ben Colman - https://www.biasbuccaneers.org/\n

An Algorithmic Framework for Bias Bounties - Ira Globus-Harris, Michael Kearns, Aaron Roth - https://arxiv.org/abs/2201.10408\n

Machine Learning Security Evasion Competition - Hyrum Anderson, et al. - https://mlsec.io/ https://cujo.com/announcing-the-winners-of-the-2021-machine-learning-security-evasion-competition/\n

MITRE ATLAS - Ram Shankar Siva Kumar, et al - https://atlas.mitre.org/\n

The Spherical Cow of ML Security - Sven Cattell - http://aivillage.org/adversarial%20ml/spherical-cow/\n

The Case for a Hippocratic Oath for Connected Medical Devices: Viewpoint - Beau Woods, Andrea Coravos, and Joshua David Corman - https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6444210/\n

Announcing OpenAI’s Bug Bounty Program - https://openai.com/blog/bug-bounty-program\n

Microsoft Malware Classification Challenge - Royi Ronen, Marian Radu, Corina Feuerstein, Elad Yom-Tov, Mansour Ahmadi - https://www.kaggle.com/c/malware-classification https://arxiv.org/abs/1802.10135\n

\n\n\'',NULL,365453),('2_Friday','13','13:00','13:45','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'Living Next Door to Russia\'','\'Mikko Hypponen\'','DC_734429ae947c64d9fdb70a741ad7ba71','\'Title: Living Next Door to Russia
\nWhen: Friday, Aug 11, 13:00 - 13:45 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\n
SpeakerBio:Mikko Hypponen\n, Researcher at WithSecure
\nMikko Hypponen is a malware researcher and a best-selling author. He has written for the New York Times, Wired and Scientific American. Mikko has spoken 8 times at Black Hat, and he has 3 TED Talks. Mikko works as the Chief Research Officer for WithSecure and sits in the advisory boards of EUROPOL and Verge Motorcycles.
\nTwitter: @mikko
\n\n
\nDescription:
\nRussia is the world’s largest country. I’ve lived all my life in Finland, about a hundred miles from the Russian border. Finland has learned to live next to a very large and very unpredictable neighbor. Both my grandfathers fought Russia in the second world war. Today, Finland ranks as one of the least corrupted countries in the world, while Russia ranks as one of the most corrupted countries. How is that even possible?\n

As Russia has grown more aggressive over the last decade and as it violently attacked Ukraine, attitudes about neutrality changed quicky in my home country. When Finland joined NATO in April 2023, NATO more than doubled its land border with Russia – which is probably not what Putin had in mind.\n

This talk will summarize the developments of the Russian cyber programs and about Russian patriotic hacker groups that got us into where we are today and makes educated guesses about where Russia will be headed next.\n

\n
REFERENCES
\n
\n

\"If It\'s Smart, It\'s Vulnerable\" (2022) -- Mikko Hypponen, foreword by Jeff Moss\n

\"Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin\'s Most Dangerous Hackers\" (2019) – Andy Greenberg\n

\n\n\'',NULL,365454),('3_Saturday','15','15:30','16:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'ndays are also 0days: Can hackers launch 0day RCE attack on popular softwares only with chromium ndays?\'','\'Bohan Liu,GuanCheng Li,Zheng Wang\'','DC_c17482ba7efc519d0454e951c07c3d4a','\'Title: ndays are also 0days: Can hackers launch 0day RCE attack on popular softwares only with chromium ndays?
\nWhen: Saturday, Aug 12, 15:30 - 16:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Bohan Liu,GuanCheng Li,Zheng Wang
\n
SpeakerBio:Bohan Liu\n, Senior Security Researcher at Tencent Security Xuanwu Lab
\nBohan Liu (@P4nda20371774) is a senior security researcher at Tencent Security Xuanwu Lab. He focuses on browser security research and has discovered multiple Chrome vulnerabilities. He also presented his research results on Kanxue SDC and Black Hat Asia.
\nTwitter: @@P4nda20371774
\n
SpeakerBio:GuanCheng Li\n, Senior Security Researcher at Tencent Security Xuanwu Lab
\nGuancheng Li (@atuml1) is a senior researcher at Tencent Security Xuanwu Lab. His research interests are focused on software and system security, IoT security, software engineering and AI. He is also a founder and former captain of r3kapig CTF Team.
\nTwitter: @@atuml1
\n
SpeakerBio:Zheng Wang\n, Senior Security Researcher at Tencent Security Xuanwu Lab
\nZheng Wang (@xmzyshypnc) is a senior Security Researcher at Tencent Security Xuanwu Lab. He\'s mainly engaged in browser and linux kernel security. He is also a speaker attending in Black Hat Asia 2023.
\nTwitter: @@xmzyshypnc
\n\n
\nDescription:
\nChromium is not only the most popular browser in the world but also one of the most widely integrated supply chain components. Nowadays, a large number of popular software is built on frameworks based on Chromium, such as CEF and Electron. This means that vulnerabilities in Chromium will directly affect popular software. In addition, according to Google\'s vulnerability disclosure policy, most of the details of Chromium vulnerabilities will be publicly disclosed 14 weeks after being fixed, and many of these vulnerabilities are high-impact and may lead to RCE. Unfortunately, we have found that much downstream software is unable to timely fix the Chromium vulnerabilities. This creates a window of opportunity for attackers to carry out RCE attacks on popular software. The cost for attackers to exploit these vulnerabilities during this window is relatively low, as it falls between the time of the Chromium vulnerability disclosure and the completion of fixes for popular software. We refer to this window as the \"RCE window period\".\n

In this topic, we will first evaluate the \"RCE window period\" of more than 20 popular software. In the upcoming section, we will showcase how to transform Chromium nday vulnerabilities into popular software 0day vulnerabilities in a low-cost manner within the \"RCE window period\". To illustrate this process, we will use over 10 RCE 0day vulnerabilities in popular software that we have discovered as examples. Some software will attempt to enable sandbox to mitigate this problem, so we will also provide examples of how to bypass the sandbox by exploiting vulnerabilities in the software itself rather than a Chromium sandbox bug.\n

Finally, we will discuss the reasons for the existence of the RCE window period and the lessons learned from it, hoping to help software developers improve the security of their products.\n

\n
REFERENCES
\n
\n

[1] https://googleprojectzero.blogspot.com/2022/06/2022-0-day-in-wild-exploitationso-far.html\n[2] https://bugs.chromium.org/p/chromium/issues/list?q=Type%3DBug-Security&can=2\n[3] https://bitbucket.org/chromiumembedded/cef/wiki/GeneralUsage\n[4] https://www.electronjs.org/docs/latest/\n[5] https://media.defcon.org/DEF%20CON%2027/DEF%20CON%2027%20presentations/DEFCON-27-Junyu-Zhou-and-Ce-Qin-and-Jianing-Wang-Web2Own-Attacking-Desktop-Apps-From-Web-Securitys-Perspective.pdf\n[6] https://i.blackhat.com/USA-22/Thursday/US-22-Purani-ElectroVolt-Pwning-Popular-Desktop-Apps.pdf\n[7] https://plugins.jetbrains.com/docs/intellij/jcef.html\n[8] https://medium.com/@ethicalkid/recent-burp-rce-zeroday-df39b1b24230\n[9] https://crbug.com/1307610
\n[10] https://cs.android.com/android/platform/superproject/+/master:external/selinux/libselinux/src/android/android_seapp.c\n[11] https://security.googleblog.com/2021/07/protecting-more-with-site-isolation.html\n

\n\n\'',NULL,365455),('3_Saturday','16','15:30','16:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'ndays are also 0days: Can hackers launch 0day RCE attack on popular softwares only with chromium ndays?\'','\'Bohan Liu,GuanCheng Li,Zheng Wang\'','DC_c17482ba7efc519d0454e951c07c3d4a','\'\'',NULL,365456),('1_Thursday','12','12:30','13:15','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'New Isn’t Always Novel: Grep’ing Your Way to $20K at Pwn2Own, and How You Can Too\'','\'James Horseman,Zach Hanley\'','DC_2df7d0a836aaf6c37a33d23e12d9e174','\'Title: New Isn’t Always Novel: Grep’ing Your Way to $20K at Pwn2Own, and How You Can Too
\nWhen: Thursday, Aug 10, 12:30 - 13:15 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:James Horseman,Zach Hanley
\n
SpeakerBio:James Horseman\n, Vulnerability Researcher at Horizon3.ai
\nJames Horseman loves low-level systems programming and reverse engineering. Has a history of developing implants and weaponizing n-days. He is a vulnerability researcher and attack engineer at Horizon3.ai.
\nTwitter: @JamesHorseman2
\n
SpeakerBio:Zach Hanley\n, Vulnerability Researcher at Horizon3.ai
\nZach Hanley has been hooked on exploit development and offensive security since introduced to the world of hacking as an On-Net Operator for DoD and IC organizations. He’s since developed implants and exploits for both the government and commercial sector. He currently is a vulnerability researcher and attack engineer for Horizon3.ai.
\nTwitter: @hacks_zach
\n\n
\nDescription:
\nThe year is 2023 and we’re still finding very basic vulnerabilities in enterprise software.\n

In this presentation, we detail how the hacker mindset can be applied to seemingly daunting tasks to make them more approachable. We will show how we approached our first Pwn2Own contest and how we discovered a command injection RCE vulnerability affecting nearly every Lexmark printer. We’ll take a look at why we think it went unnoticed in previous research and why current open-source static analysis tools miss this simple bug.\n

Finally we’ll release the exploit POC and an additional POC to dump credentials during engagements.\n

\n
REFERENCES
\n
1. https://research.nccgroup.com/2022/02/17/bypassing-software-update-package-encryption-extracting-the-lexmark-mc3224i-printer-firmware-part-1/\n2. https://publications.lexmark.com/publications/security-alerts/CVE-2023-26068.pdf\n3. https://www.zerodayinitiative.com/advisories/upcoming/ (ZDI-CAN-19470)
\n\n\'',NULL,365457),('1_Thursday','13','12:30','13:15','Y','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'New Isn’t Always Novel: Grep’ing Your Way to $20K at Pwn2Own, and How You Can Too\'','\'James Horseman,Zach Hanley\'','DC_2df7d0a836aaf6c37a33d23e12d9e174','\'\'',NULL,365458),('1_Thursday','15','15:30','16:15','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Nuthin But A G Thang: Evolution of Cellular Networks\'','\'Tracy Mosley\'','DC_599a69eaad85969bc4626203800ccf54','\'Title: Nuthin But A G Thang: Evolution of Cellular Networks
\nWhen: Thursday, Aug 10, 15:30 - 16:15 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Tracy Mosley\n, Trenchant
\nTracy is a New York City based Lead Security Research Engineer at Trenchant (formerly known as Azimuth Security). With a degree in Computer Engineering and over 10 years in the industry, Tracy has predominantly focused on vulnerability research, reverse engineering and development for embedded devices. She has led teams focused on telecommunications equipment and contributed to teams large and small working on routers and various types of embedded devices.\n

Her first degree is in theatre performance, with a vocal performance minor. Vocal technique, performance and understanding the vocal mechanism are what drew her into telecommunications. You may have seen her presenting at conferences, attending trainings, dancing the night away or performing on stage.\n

\nTwitter: @@hackerpinup
\n\n
\nDescription:
\n4G? LTE? 3GPP? A lot of telecommunications terminology gets thrown around, but what does it actually mean? While terms like “5G”, and “packet core” may be in common use, it’s hard to understand what they mean in terms of attack surface, or even as a consumer. Very often even network diagrams will show “Core Network” as a big blob, or stop at the Radio Access Network. It’s hard to have insight into the cellular network. So, I’ll explain generation by generation!\n

In this talk we will walk through each step of cellular evolution, starting at 2G and ending at 5G. The never-ending attack and defend paradigm will be clearly laid out. In order to understand the attack surface, I’ll cover network topology and protocol.\nFor each cellular generation, I will explain known vulnerabilities and some interesting attacks. In response to those vulnerabilities, mitigations for the subsequent cellular generation are put in place. But as we all know, new mitigations mean new opportunities for attackers to get creative.\n

While I will explain most cellular-specific terminology, a familiarity with security concepts will help to better understand this talk. Basic foundations of communications systems, information theory or RF definitely make this talk more enjoyable, but are absolutely not necessary. It’s a dense topic that is highly applicable to those working on anything that touches the cellular network!\n

\n
REFERENCES
\n
    \n
  1. LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE, Syed Rafiul Hussain, Omar Chowdhury, Shagufta Mehnaz, Elisa Bertino\n
  2. https://www.cybersecuritydive.com/news/5g-security-breaches/636693/\n
  3. https://networksimulationtools.com/5g-network-attacks-projects\n
  4. https://www.p1sec.com/corp/category/p1-security/\n
  5. A Vulnerability in 5G Authentication Protocols and Its Countermeasure Xinxin HU, Caixia LIU, Shuxin LIU, Jinsong LI, and Xiaotao CHENG\n
  6. New Vulnerabilities in 5G Networks Altaf Shaik* , Ravishankar Borgaonkar\n
  7. ESF Potential Threats to 5G Network Slicing, NSA, CISA\n
  8. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010203\n
  9. https://www.pentestpartners.com/security-blog/zte-mf910-an-end-of-life-router-running-lots-of-vivacious-hidden-code/ pentestpartners DC27 talk\n
  10. LTE Pwnage: Hacking HLR/HSS and MME Core Network Elements P1 Security https://conference.hitb.org/hitbsecconf2013ams/materials/D1T2%20-%20Philippe%20Langlois%20-%20Hacking%20HLR%20HSS%20and%20MME%20Core%20Network%20Elements.pdf\n
  11. Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information Syed Rafiul Hussain, Mitziu Echeverria, Omar Chowdhury, Ninghui L,, Elisa Bertino\n
  12. https://thehackernews.com/2018/03/4g-lte-network-hacking.html\n
  13. https://www.pentestpartners.com/security-blog/zte-mf910-an-end-of-life-router-running-lots-of-vivacious-hidden-code/\n
  14. A first look on the effects and mitigation of VoIP SPIT flooding in 4G mobile networks. 982-987. 10.1109/ICC.2012.6364233. Bou-Harb, Elias & Debbabi, Mourad & Assi, Chadi. (2012).\n
  15. https://resources.infosecinstitute.com/topic/cheating-voip-security-by-flooding-the-sip/\n
  16. https://www.mpirical.com/ for 5G trainings\n
  17. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010203\n
  18. https://www.pentestpartners.com/security-blog/zte-mf910-an-end-of-life-router-running-lots-of-vivacious-hidden-code/\n
  19. https://en.wikipedia.org/wiki/Cellular_network\n
  20. https://www.etsi.org/deliver/etsi_ts/123000_123099/123060/10.03.00_60/ts_123060v100300p.pdf Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); General Packet Radio Service (GPRS); Service description;\n
  21. https://www.etsi.org/deliver/etsi_ts/133100_133199/133102/14.01.00_60/ts_133102v140100p.pdf Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); 3G security; Security architecture (3GPP TS 33.102 version 14.1.0 Release 14)\n
  22. https://www.etsi.org/deliver/etsi_ts/133400_133499/133401/15.07.00_60/ts_133401v150700p.pdf Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; 3GPP System Architecture Evolution (SAE); Security architecture\n
  23. https://www.etsi.org/deliver/etsi_ts/133400_133499/133401/15.07.00_60/ts_133401v150700p.pdf Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; 3GPP System Architecture Evolution (SAE); Security architecture (3GPP TS 33.401 version 15.7.0 Release 15)\n
  24. https://www.etsi.org/deliver/etsi_ts/124300_124399/124301/17.06.00_60/ts_124301v170600p.pdf Universal Mobile Telecommunications System (UMTS); LTE; 5G; Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS); Stage 3 (3GPP TS 24.301 version 17.6.0 Release 17)\n
  25. https://www.etsi.org/deliver/etsi_ts/133500_133599/133501/15.04.00_60/ts_133501v150400p.pdf 5G; Security architecture and procedures for 5G System (3GPP TS 33.501 version 15.4.0 Release 15)\nPrevious talk: https://www.youtube.com/watch?v=-JX7aC0AXEk&t=7387s
\n
\n\n\'',NULL,365459),('1_Thursday','16','15:30','16:15','Y','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Nuthin But A G Thang: Evolution of Cellular Networks\'','\'Tracy Mosley\'','DC_599a69eaad85969bc4626203800ccf54','\'\'',NULL,365460),('4_Sunday','14','14:00','15:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Panel: Hacker Court - Interactive Scenario\'','\'winn0na\'','DC_862cfc4c08e98c1d5ba01e92cdcda0c9','\'Title: Panel: Hacker Court - Interactive Scenario
\nWhen: Sunday, Aug 13, 14:00 - 15:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
SpeakerBio:winn0na\n, Hacker at Policy @DEFCON
\nwinn0na is a former threat analyst turned policy professional. She has organized policy content at DEFCON and has authored multiple pieces on offensive cyber capability proliferation. She will be facilitating the Mock trial as some of the brightest lawyers in cyber (names to be released) take the stage.
\n\n
\nDescription:
\nBe a member of the jury as two lawyers prosecute and defend a hacker (live on the stand) in a made up scenario. You, the audience, will decide if the hacker was caught in the act, or if the attribution was all a false flag. Learn through the trial what evidence you don’t want to leave behind in an op, what D&R can and should collect, and how criminals who conduct cybercrime actually get prosecuted.\n

REFERENCES:
\nhttps://www.cnet.com/tech/services-and-software/use-cnet-shopping-to-seek-out-the-best-deals/ \nhttps://www.steptoecyberblog.com/files/2012/11/ccmanual1.pdf \nhttps://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/03/26/forensics_chart.pdf \nhttps://www.justice.gov/archives/opa/blog/important-court-opinion-holds-lawful-warrants-can-be-used-obtain-evidence-us-internet \nhttps://www.19thcircuitcourt.state.il.us/1610/Guide-to-Conducting-Mock-Trials\n

\n\n\'',NULL,365461),('4_Sunday','15','14:00','15:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Panel: Hacker Court - Interactive Scenario\'','\'winn0na\'','DC_862cfc4c08e98c1d5ba01e92cdcda0c9','\'\'',NULL,365462),('3_Saturday','17','17:30','17:50','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Lions and Tigers and Fancy Bears, Oh My!: A Cautionary Tale for our Cyber Future\'','\'Jen Easterly,Scott Shapiro\'','DC_daf9329f754265245befce0ba6a1be6a','\'Title: Lions and Tigers and Fancy Bears, Oh My!: A Cautionary Tale for our Cyber Future
\nWhen: Saturday, Aug 12, 17:30 - 17:50 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Jen Easterly,Scott Shapiro
\n
SpeakerBio:Jen Easterly\n, Director at Cybersecurity and Infrastructure Security Agency (CISA)
\nJen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. As Director, Jen leads CISA’s efforts to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every day. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.\n

Before serving in her current role, Jen was the head of Firm Resilience at Morgan Stanley, responsible for ensuring preparedness and response to business-disrupting operational incidents and risks to the Firm. She also helped build and served as the first Global Head of Morgan Stanley’s Cybersecurity Fusion Center, the Firm’s center of gravity for cyber defense operations.\n

Jen has a long tradition of public service, to include two tours at the White House, most recently as Special Assistant to President Obama and Senior Director for Counterterrorism and earlier as Executive Assistant to National Security Advisor Condoleezza Rice. She also served as the Deputy for Counterterrorism at the National Security Agency.\n

A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than twenty years of service in intelligence and cyber operations, including tours of duty in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the design and creation of United States Cyber Command.\n

A distinguished graduate of the United States Military Academy at West Point, Jen holds a\nmaster’s degree in Philosophy, Politics, and Economics from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors and awards, including the 2023 Sisterhood Award from Girls Who Code; the 2022 National Defense University Admiral Grace Hopper Award; the 2021 Cybersecurity Ventures Cybersecurity Person of the Year Award; the 2020 Bradley W. Snyder Changing the Narrative Award, and the 2018 James W. Foley Legacy Foundation American Hostage Freedom Award.\n

A member of the Council on Foreign Relations and a French American Foundation Young Leader, Jen is the past recipient of the Aspen Finance Leaders Fellowship, the National Security Institute Visiting Fellowship, the New America Foundation Senior International Security Fellowship, the Council on Foreign Relations International Affairs Fellowship, and the Director, National Security Agency Fellowship.\n

\nTwitter: @@CISAJen
\n
SpeakerBio:Scott Shapiro\n, Charles F. Southmayd Professor of Law and Professor of Philosophy at Yale Law School
\nScott Shapiro is the Charles F. Southmayd Professor of Law and Professor of Philosophy at Yale Law School. His areas of interest include jurisprudence, international law, constitutional law, criminal law and cybersecurity. He is the author of Legality (2011), The Internationalists (2017) (with Oona Hathaway) and editor of The Oxford Handbook of Jurisprudence and Philosophy of Law (2002) (with Jules Coleman). He earned B.A. and Ph.D. degrees in philosophy from Columbia University and a J.D. from Yale Law School. Shapiro is an editor of Legal Theory and the Stanford Encyclopedia of Philosophy. He is also the founding director of the Yale CyberSecurity Lab, which provides cutting-edge cybersecurity and information technology teaching facilities. His new book, Fancy Bear Goes Phishing, details the history and technology of Internet hacking (May 2023).
\n\n
\nDescription:
\nFancy Bear, Dynamic Panda and Charming Kitten – we live in a time where we are constantly under attack without even knowing it. CISA Director Jen Easterly and Yale Law School Professor Scott Shapiro, author of “Fancy Bear Goes Phishing: The Dark History of the Information Age In Five Extraordinary Hacks” discuss how best to understand the challenge of information security; what we can learn from looking back; and how the decisions we make today to prioritize security by design will shape our future.\n
\n\n\'',NULL,365463),('3_Saturday','17','17:00','17:20','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Polynonce: An ECDSA Attack and Polynomial Dance\'','\'Marco Macchetti,Nils Amiet\'','DC_9ba101fb8fa59d072b405b5d449cb1ad','\'Title: Polynonce: An ECDSA Attack and Polynomial Dance
\nWhen: Saturday, Aug 12, 17:00 - 17:20 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Marco Macchetti,Nils Amiet
\n
SpeakerBio:Marco Macchetti\n, Principal Cryptographer at Kudelski Security
\nMarco works as Principal Cryptographer on Kudelski Security\'s research team. He has a long experience designing a wide range of HW and SW cryptographic modules, from silicon roots of trust through physically unclonable functions to side-channel resistant cryptographic libraries. Marco likes looking at crypto from different points of view, bridging theory and implementation, to find new paths of attack (and defense).
\n
SpeakerBio:Nils Amiet\n, Lead Prototyping Engineer at Kudelski Security
\nNils is a Security Researcher on Kudelski Security’s research team performing research on various topics including privacy, authentication, big data analytics, and internet scanning. He also writes blog posts on various topics for Kudelski’s research blog. Nils likes open source software and has presented his research at DEF CON and Black Hat Arsenal. He was part of creating a massively distributed system for breaking RSA public keys.
\nTwitter: @@tmlxs
\n\n
\nDescription:
\nECDSA is a widely used digital signature algorithm. ECDSA signatures can be found everywhere since they are public. In this talk, we tell a tale of how we discovered a novel attack against ECDSA and how we applied it to datasets we found in the wild, including the Bitcoin and Ethereum networks.\n

Although we didn\'t recover Satoshi\'s private key (we’d be throwing a party on our private yacht instead of writing this abstract), we could see evidence that someone had previously attacked vulnerable wallets with a different exploit and drained them. We cover our journey, findings, and the rabbit holes we explored. We also provide an academic paper with the details of the attack and open-source code implementing it, so people building software and products using ECDSA can identify and avoid this vulnerability in their systems. We\'ve only scratched the surface, there\'s still plenty of room for exploration.\n

\n
REFERENCES
\n
* https://eprint.iacr.org/2019/023\n* https://eprint.iacr.org/2022/169.pdf\n* https://github.com/gcarq/rusty-blockparser\n* https://en.bitcoin.it/wiki/OP_CHECKSIG\n* https://bitcointalk.org/index.php?topic=1431060.0
\n\n\'',NULL,365464),('2_Friday','13','13:30','14:15','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Private Until Presumed Guilty\'','\'Allison Young,Diane Akerman\'','DC_41e9454d1d9171bcb7e71b0306e8625a','\'Title: Private Until Presumed Guilty
\nWhen: Friday, Aug 11, 13:30 - 14:15 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:Allison Young,Diane Akerman
\n
SpeakerBio:Allison Young\n, Digital Forensics Analyst at The Legal Aid Society
\nAllison Young is an Analyst in the Digital Forensics Unit of the Legal Aid Society. Allison has expertise in computer, mobile, and cloud account preservation and analysis. She is a current Cellebrite Certified Mobile Examiner and holds a Master\'s degree in Digital Forensics from the University of Central Florida. She has examined hundreds of computers and cell phones during her career and has a love-hate relationship with data\n

Allison has used her knowledge of \"how computers think\" to help attorneys understand the importance of their digital evidence so they can better serve their clients, sometimes resulting in reduced, settled, or dismissed outcomes in legal cases. She likes to bridge the gap between what the database says and what may have happened IRL - or point out when crossing that bridge won\'t necessarily bring us to the truth.\n

\n
SpeakerBio:Diane Akerman\n, Digital Forensics Attorney at The Legal Aid Society
\nDiane Akerman is a public defender working in the Legal Aid Society\'s Digital Forensics Unit (DFU). The Digital Forensics Unit is dedicated to fighting the unregulated and unfettered use of surveillance technology primarily by the NYPD. Her work involves investigating and uncovering the purchase and use of technologies, developing litigation strategies in criminal cases, and advocating for policy changes. She has litigated the full array of electronic surveillance technologies employed by the NYPD and local law enforcement, including cell phone tracking, GPS, ShotSpotter and facial recognition technology. She knows what it\'s like to get that email from Facebook informing you that they are about to give the federal government all your data, and to have her cell phone a mere Judge\'s signature away from a Cellebrite machine.
\nTwitter: @MF_Diz
\n\n
\nDescription:
\nDobbs has significantly heightened the fear that everyday private data can be leveraged by law enforcement to prosecute pregnancy outcomes. However, this data is already being used in investigating other criminalized activities. In this talk, we will show you examples of information that can easily be extracted from many phones to surveil personal reproductive decisions.\n

We will also show you how the government obtains your not-so-private thoughts using forensic extraction and reporting tools, with a focus on health and lifestyle apps. This will include a review of the output of common forensic tools, demonstrating both the practical ease of reviewing sensitive data and the technical limitations of interpreting their meaning. Warning: you may find this peek into digital investigations disturbing.\n

We will discuss the different laws that do, or do not, protect your private health data, but will focus primarily on the limitations of the 4th Amendment in the digital world. The talk will provide a brief overview of traditional warrant practice and the \"reasonable expectation of privacy\" in digital data. But because the law has no bearing on reality, we\'ll look at excerpts from search warrants for digital devices and cloud data that illustrate the flawed nature of warrant practice in general, the limitations of the practice in the digital context, and the ease with which the government can obtain your data without any real oversight.\n

Bibliography & References:\n

\n\n\'',NULL,365465),('2_Friday','14','13:30','14:15','Y','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Private Until Presumed Guilty\'','\'Allison Young,Diane Akerman\'','DC_41e9454d1d9171bcb7e71b0306e8625a','\'\'',NULL,365466),('3_Saturday','16','16:30','17:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Abortion Access in the Age of Surveillance\'','\'Corynne McSherry,Daly Barnett,India McKinney,Kate Bertash\'','DC_b0d001f7b9b4ec14d0aed864b0d9efde','\'Title: Abortion Access in the Age of Surveillance
\nWhen: Saturday, Aug 12, 16:30 - 17:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Corynne McSherry,Daly Barnett,India McKinney,Kate Bertash
\n
SpeakerBio:Corynne McSherry\n, Legal Director at Electronic Frontier Foundation
\nAs EFF\'s Legal Director, McSherry has extensive experience in advocating for digital civil liberties and promoting net neutrality. Her perspective on the legal frameworks shaping the digital landscape will provide DEF CON attendees with insights on regulatory issues affecting technology users.
\nTwitter: @cmcsherr
\n
SpeakerBio:Daly Barnett\n, Staff Technologist at Electronic Frontier Foundation
\nDaly Barnett is a staff technologist at the Electronic Frontier Foundation and a digital privacy consultant with Hacking//Hustling. She utilizes her skills as a techie and experience as an activist and educator to undermine the harms that surveillance causes movement-oriented work. Where most information security resources seek to protect capital, her goal is to re-tool those concepts to protect people and liberatory movements.
\n
SpeakerBio:India McKinney\n, Director of Federal Affairs at Electronic Frontier Foundation
\nAs a former Capitol Hill staffer and a current EFF lobbyist, India’s main job is to make sure that the laws of the land don\'t suck the life out of the internet. India’s passion has always been for good public policy, and she’s excited to be using skills developed during past legislative battles to fight for encryption, for consumer privacy, and civil liberties in the digital realm.
\nTwitter: @@imck82
\n
SpeakerBio:Kate Bertash\n, Founder at Digital Defense Fund
\nKate Bertash is the founder of the Digital Defense Fund, a digital security organization for the abortion access movement. She is a hacker and designer of the ALPR-jamming clothing line, Adversarial Wear.
\nTwitter: @@katerosebee
\n\n
\nDescription:
\nIn the year since the Supreme Court overturned federal legal protections for reproductive rights, people seeking, providing, and supporting reproductive healthcare are grappling with the challenges of digital surveillance. Multiple services and apps track our movements and communications, and that data can be used by law enforcement and private parties to police and punish abortion access. Lawsuits and prosecutions are already underway and are likely to increase as states continue to pass or expand anti-abortion laws and undermine legal protections for online expression and privacy.\n

But the fight is far from over. At the state and federal level, lawmakers, activists, and technologists are taking steps to establish and shore up legal and practical protections for secure and private healthcare access.\n

This panel brings together legal and security experts to lead a discussion about defending reproductive justice in the digital age Ð what has already been accomplished, whatÕs coming, and how hackers can help. It will build on and update a discussion held last year, also led by EFF and DDF.\n

\n
REFERENCES
\n
https://www.eff.org/issues/reproductive-rights\nhttps://www.eff.org/deeplinks/2023/03/texas-bill-would-systematically-silence-anyone-who-dares-talk-about-abortion-pills\nhttps://www.eff.org/deeplinks/2023/02/eff-backs-california-bill-protect-people-seeking-abortion-and-gender-affirming\nhttps://www.eff.org/deeplinks/2022/09/automated-license-plate-readers-threaten-abortion-access-heres-how-policymakers\nhttps://www.eff.org/deeplinks/2022/08/nonprofit-websites-are-full-of-trackers-that-should-change\nhttps://www.ifwhenhow.org/resources/self-care-criminalized-preliminary-findings/
\n\n\'',NULL,365467),('3_Saturday','17','16:30','17:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Abortion Access in the Age of Surveillance\'','\'Corynne McSherry,Daly Barnett,India McKinney,Kate Bertash\'','DC_b0d001f7b9b4ec14d0aed864b0d9efde','\'\'',NULL,365468),('3_Saturday','16','16:00','16:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Runtime Riddles: Abusing Manipulation Points in the Android Source\'','\'Laurie Kirk\'','DC_3c628c1e0c9142a0c64e11ab8499c2bc','\'Title: Runtime Riddles: Abusing Manipulation Points in the Android Source
\nWhen: Saturday, Aug 12, 16:00 - 16:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Laurie Kirk\n, Security Researcher at Microsoft
\nLaurie Kirk is a Reverse Engineer at Microsoft working in incident response. She specializes in cross-platform malware analysis with a focus on mobile threats. She also runs a YouTube channel (@LaurieWired) that covers all sorts of in-depth Malware Analysis, Reverse-Engineering, Exploitation and security topics. Laurie received her Bachelor\'s Degree from Florida State University in Computer Science with a minor in Math. She started as a Software Engineer for an aerospace company before finding her current calling in Cyber Security and low-level programming.
\nTwitter: @@LaurieWired
\n\n
\nDescription:
\nAndroid malware creators constantly struggle to devise innovative methods to obscure apps and impede reverse engineering. As numerous standard techniques have lost efficacy, I\'ll unveil the next frontier in Android obfuscation: runtime manipulation. Runtime manipulation alters standard application flow-of-control to bypass decompilers and emulators.\n

In this talk, I\'ll reveal my strategy for pinpointing manipulation targets in Android\'s source code. I will describe how I craft manipulators in native C++ once a suitable target has been located. This is accomplished by hooking Java methods via the Java Native Interface (JNI) and typecasting the handle to a C-style pointer. Runtime manipulation can entirely remove traces of ClassLoader calls which are unavoidable for standard Dalvik Executable (DEX) packing, but are also easily discovered and hooked. This technique also effectively breaks cross-reference calculations within all Android decompilers.\n

I will demonstrate and equip attendees with a custom Android library for devices running Android 13, providing a new tool that enables runtime manipulation experimentation. In addition, I\'ll demonstrate my methodology for pinpointing Java targets and modifying their underlying native data structures.\n

\n
REFERENCES
\n
https://security.csl.toronto.edu/wp-content/uploads/2018/06/mwong-usenixsec2018-tiro.pdf
\n

ArtMethod hooking: https://github.com/PAGalaxyLab/YAHFA\nmCookie manipulation: https://github.com/woxihuannisja/Bangcle\nDexFile.java: https://cs.android.com/android/platform/superproject/+/master:libcore/dalvik/src/main/java/dalvik/system/DexFile.java\ndex_file.h: https://cs.android.com/android/platform/superproject/+/refs/heads/master:art/libdexfile/dex/dex_file.h\nart_method.h: https://cs.android.com/android/platform/superproject/+/master:art/runtime/art_method.h;bpv=0;bpt=0\nExecutable.java – contains artMethod field: https://cs.android.com/android/platform/superproject/+/master:libcore/ojluni/src/main/java/java/lang/reflect/Executable.java;l=582?q=artMethod&ss=android%2Fplatform%2Fsuperproject\n

\n\n\'',NULL,365469),('2_Friday','09','09:30','10:15','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Secretary of the Department of Homeland Security Alejandro Mayorkas\'','\'Alejandro Mayorkas\'','DC_d2800c8b272dd4650cf0c6bcd8235d43','\'Title: Secretary of the Department of Homeland Security Alejandro Mayorkas
\nWhen: Friday, Aug 11, 09:30 - 10:15 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Alejandro Mayorkas\n, Secretary at Department of Homeland Security
\nAlejandro Mayorkas was sworn in as Secretary of the Department of Homeland Security by President Biden on February 2, 2021.\n

A political refugee born in Havana, Cuba, Mayorkas is the first Latino and immigrant confirmed to serve as Secretary of Homeland Security. He has led a distinguished 30-year career as a law enforcement official and a nationally recognized lawyer in the private sector. Mayorkas served as the Deputy Secretary of the U.S. Department of Homeland Security from 2013 to 2016, and as the Director of U.S. Citizenship and Immigration Services from 2009 to 2013. During his tenure at DHS, he led the development and implementation of DACA, negotiated cybersecurity and homeland security agreements with foreign governments, led the Department’s response to Ebola and Zika, helped build and administer the Blue Campaign to combat human trafficking, and developed an emergency relief program for orphaned youth following the tragic January 2010 earthquake in Haiti. Mayorkas also created the Fraud Detection and National Security Directorate to better ensure the integrity of the legal immigration system.\n

Mayorkas began his government service in the Department of Justice, where he served as an Assistant United States Attorney in the Central District of California, specializing in the prosecution of white collar crime. After nearly nine years as a federal prosecutor, he became the youngest United States Attorney in the nation, overseeing prosecutions of national significance, including the investigation and prosecution of financial fraud, violations of the Foreign Corrupt Practices Act, public corruption, violent crime, cybercrime, human trafficking, environmental crime, international narcotics money laundering, and securities fraud.\n

Mayorkas received his bachelor’s degree with distinction from the University of California at Berkeley and a law degree from Loyola Law School.\n

\n\n
\nDescription:
\nThe Secretary of US Homeland Security, Alejandro Mayorkas, joins DEF CON for a fireside chat. Secretary Mayorkas will lay some foundational groundwork on some of DHS\' priorities in cybersecurity and how they address pressing IS and global issues, then sit down to talk with The Dark Tangent, in a casual conversation with thousands of their closest hacker friends.\n
\n\n\'',NULL,365470),('2_Friday','10','09:30','10:15','Y','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Secretary of the Department of Homeland Security Alejandro Mayorkas\'','\'Alejandro Mayorkas\'','DC_d2800c8b272dd4650cf0c6bcd8235d43','\'\'',NULL,365471),('3_Saturday','17','17:00','17:20','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js\'','\'Mikhail Shcherbakov,Musard Balliu\'','DC_8a8edffed2696f81f2494d66aed59634','\'Title: Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
\nWhen: Saturday, Aug 12, 17:00 - 17:20 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Mikhail Shcherbakov,Musard Balliu
\n
SpeakerBio:Mikhail Shcherbakov\n, KTH Royal Institute of Technology
\nMikhail Shcherbakov came to security from enterprise app development. The tendency is to push it as far as you can… He is now doing a Ph.D. in Language-Based Security after 10+ years of experience in the industry. He participated in Microsoft, GitHub, and open-source bug bounty programs, found vulnerabilities in popular products, and helped to fix them. Before starting a Ph.D. program, he focused on .NET and web security, gave talks at conferences, organized IT meetups, and got the Microsoft MVP Award in 2016 – 2018. Mikhail is an author of commercial static analysis tools and continues research in program analysis.
\nTwitter: @yu5k3
\n
SpeakerBio:Musard Balliu\n, KTH Royal Institute of Technology
\nNo BIO available
\n\n
\nDescription:
\nMany have heard about Prototype Pollution vulnerabilities in JavaScript applications. This kind of vulnerability allows an attacker to inject properties into an object\'s root prototype that may lead to flow control alteration and unexpected program behavior. Every time a successful exploit looks like magic or is limited to a denial of service (DoS). Would you be surprised if I told you that every application has a chain of methods that can be triggered by Prototype Pollution and leads to arbitrary code execution? Such gadgets populated Node.js core code and popular NPM packages. Keep calm. Not every app can be exploited! However, this fact increases the risk of exploitation many times over.\n

In our research, we studied Prototype Pollution beyond DoS and analyzed Node.js source code against the gadgets. We then analyzed 15 popular Node.js apps from GitHub and got 8 RCEs. Through this talk, I will elaborate on the detected gadgets and vulnerabilities. We will also take a look at how the recent changes in Node.js mitigate these issues. \n

\n
REFERENCES
\n
\n

Mikhail Shcherbakov, Musard Balliu and Cristian-Alexandru Staicu \"Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js\" https://github.com/yuske/silent-spring/blob/master/silent-spring-full-version.pdf\nGareth Heyes \"Server-side prototype pollution: Black-box detection without the DoS\" https://portswigger.net/research/server-side-prototype-pollution\nMichał Bentkowski \"Exploiting prototype pollution – RCE in Kibana (CVE-2019-7609)\" https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/\nOlivier Arteau \"Prototype Pollution Attack in NodeJS application\" https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf\n

\n\n\'',NULL,365472),('3_Saturday','15','15:00','15:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Spooky authentication at a distance\'','\'Tamas \"SkelSec\" Jos\'','DC_68e0d6d187b7cc6d8088b78ebed60e28','\'Title: Spooky authentication at a distance
\nWhen: Saturday, Aug 12, 15:00 - 15:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Tamas \"SkelSec\" Jos\n, Principal Security Consultant at Sec-Consult AG
\nTamas Jos (@skelsec) is a principal security consultant at SEC Consult (Schwiez) AG. He has worked within the information security industry for over 10 years, focusing mainly on reversing topics across many industries around the globe. He has an in-depth technical appreciation of Windows security, which heavily influences his research. This often takes him down many low level rabbit holes, leading to the creation and maintenance of well-received open-source projects, such as pypykatz & OctoPwn.\n

You can find Tamas’ musings on his blog at https://github.com/skelsec/\n

\nTwitter: @skelsec
\n\n
\nDescription:
\nSpooky authentication at a distance outlines a new and innovative post-exploitation technique to proxy common authentication protocols used in Windows environments remotely and with no elevated privileges required. This allows security professionals to perform complete impersonation of the target user on their own machine without executing any further code on the target machine besides the agent itself. This talk will also demonstrate the applicability of this new technique by performing no-interaction, full domain takeover using a malicious peripheral in a simulated restricted environment. \n
\n
REFERENCES
\n
Tools which will be showed in the demos:\n [AioSMB] https://github.com/skelsec/aiosmb\n [MSLDAP] https://github.com/skelsec/msldap\n [WSNet] https://github.com/skelsec/wsnet\n [OctoPwn] https://community.octopwn.com\n [Asyauth] https://github.com/skelsec/asyauth\n [Aardwolf] https://github.com/skelsec/aardwolf\n \n
\n

My previous talk on [OctoPwn] the in-browser pentest suite can be found here: https://youtu.be/jStdrDHTmD4​\n \n

Related tools:
\n [PYODIDE] Octopwn uses Pyodide framework to run in the browser. https://github.com/pyodide/pyodide\n [LDAP3] The MSLDAP project used code parts from this project. https://ldap3.readthedocs.io/en/latest/\n [RDPY] The Aardwolf RDP clinet is based on this tool. https://github.com/citronneur/rdpy\n [BLOODHOUND] Jackdaw was based on this tool. https://github.com/BloodHoundAD/BloodHound\n [IMPACKET] aioSMB libraries were based partially on this tool. https://github.com/fortra/impacket\n [LsaRelayX] Future extension https://github.com/CCob/lsarelayx\n [duckencoder] To automate keystrokes on the embedded system https://github.com/mame82/duckencoder.py\n

\n\n\'',NULL,365473),('3_Saturday','11','11:00','11:45','N','DC','Caesars Forum - Academy - 407-410 - Track 4','\'Spread spectrum techniques in disposable drones for anti drone evasion\'','\'David Melendez,Gabriela \"Gabs\" García\'','DC_c06089a14d3566172de0a5000de8e1e6','\'Title: Spread spectrum techniques in disposable drones for anti drone evasion
\nWhen: Saturday, Aug 12, 11:00 - 11:45 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\nSpeakers:David Melendez,Gabriela \"Gabs\" García
\n
SpeakerBio:David Melendez\n, R&D Embedded Software Engineer
\nDavid Melendez is an R&D Embedded Systems Engineer, with over twelve years of experience in cybersecurity and hardware hacking. He has a proven track record of presenting his groundbreaking investigations at prestigious conferences around the world, including DEFCON, BLACKHAT, and ROOTEDCON.\n

David is also a drone creator and author of the book \"Hacking with Drones,\" which showcases his innovative use of drones in cybersecurity research. With his passion for pushing the boundaries of technology, David is constantly seeking new ways to improve the security and functionality of embedded systems.\n

\nTwitter: @@taiksontexas
\n
SpeakerBio:Gabriela \"Gabs\" García\n, Hacker, Professor and Mentor
\nGabriela \"Gabs\" García is a university professor and mentor, Secure Software Developer and coding and cybersecurity instructor for organizations such as LinkedIn, Cyber Hunter Academy and Kschool. She teaches, whether that\'s in a lecture hall or over the internet, about software development, with a keen eye for secure practices.\n

Gabriela is also an active member in hacker communities such as HackMadrid%27 and Hack%27, both at home in Spain and across the world. And as an independent professional, she gets to work with a wide variety of clients, crafting custom cybersecurity solutions to fit their specific needs.\n

\n\n
\nDescription:
\nThe popularity of cheap and DIY drones has made them a target for attackers using radiofrequency (RF) signals. Frequency hopping is a technique that can be used to mitigate the risks associated with RF warfare. However, implementing frequency hopping in cheap and DIY drones presents several technical challenges, such as the need for a stable clock and synchronization between the transmitter and receiver without rising hardware costs. Despite these challenges, frequency hopping can significantly enhance the security of consumer and DIY drones making much more challenging or even useless anti-drone systems\' role.\n
\n
REFERENCES
\n
\n

DEF CON 24 - Aaron Luo - Drones Hijacking: Multidimensional attack vectors and countermeasures\nDEF CON 25 - Game of Drones - Brown,Latimer\nDEF CON 26 - David Melendez Cano - Avoiding antidrone systems with nanodrones.\nDEF CON 29 - Steal This Drone - An Aerospace Village Cybersecurity Activity - http://loonwerks.com/publications/pdf/Steal-This-Drone-README.pdf\nhttps://unicornriot.ninja/2017/hacking-drones-ultrasonic-pulses/\nhttps://en.wikipedia.org/wiki/Tempest_(codename)\n

\n\n\'',NULL,365474),('4_Sunday','10','10:00','10:45','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'StackMoonwalk: A Novel approach to stack spoofing on Windows x64\'','\'Alessandro \"klezVirus\" Magnosi,Arash \"waldo-irc\" Parsa,Athanasios \"trickster0\" Tserpelis\'','DC_5e7637f5752709a8ed0eff9480df82ec','\'Title: StackMoonwalk: A Novel approach to stack spoofing on Windows x64
\nWhen: Sunday, Aug 13, 10:00 - 10:45 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Alessandro \"klezVirus\" Magnosi,Arash \"waldo-irc\" Parsa,Athanasios \"trickster0\" Tserpelis
\n
SpeakerBio:Alessandro \"klezVirus\" Magnosi\n, Principal Security Consultant at BSI
\nAlessandro Magnosi is a Principal cyber security consultant with more than 10 years of experience in the IT field. Currently, he\'s part of the Security Testing Team at BSI, which is the UK national standards body, and a Global certification, training and cybersecurity firm. On top of his normal work, Alessandro works as an independent researcher for Synack RT, and an OSS developer for Porchetta Industries, where he maintains offensive tools.
\nTwitter: @@klezVirus
\n
SpeakerBio:Arash \"waldo-irc\" Parsa\n, Cybersecurity Professional
\nArash Parsa is a highly skilled and passionate cybersecurity professional with extensive experience in threat hunting, red teaming, and research. As a dedicated member of the InfoSec community, Arash has become a trusted name in advancing the field and helping to protect digital assets from ever-evolving threats. Above all, Arash takes great pride in being an active community member and mentor to aspiring cybersecurity professionals. By sharing their knowledge and experience, he is helping to shape the next generation of InfoSec experts and ensure the continued growth and success of the industry.
\nTwitter: @@waldoirc
\n
SpeakerBio:Athanasios \"trickster0\" Tserpelis\n, Red Teamer and Malware Developer
\nThanos is a senior security consultant in Nettitude, focused mainly in Red Teaming and specializes in Offensive tool development such as elaborate malwares, EDR evasion techniques and tooling that makes a red teamer\'s life easier. Additionally, he is really into low level stuff, such as exploit development in Windows OS.
\nTwitter: @trickster012
\n\n
\nDescription:
\nThe rapid advancement of cyber defense products has led to an increase in sophisticated memory evasion techniques employed by Red Teaming and Malware Development communities. These techniques aim to bypass the detection of malicious code by concealing its presence in a target process\'s memory. Among these methods, \"Thread Stack Spoofing\" is a technique that hides malicious calls in the stack by replacing arbitrary stack frames with fake ones.\n

In this talk, we present two novel approaches, \"Full Moon\" and \"Half Moon,\" for tampering with call stacks in a manner that is both opaque and difficult to detect. These techniques manipulate the call stack to produce unwinding or logically valid stacks, thwarting conventional detection methods.\n

We also introduce a detection algorithm, Eclipse, designed to identify instances of these tampering techniques. This algorithm extends the functionality of RtlVirtualUnwind to perform strict checks on specific instructions and call sequences, enabling the detection of tampered call stacks. We evaluate the efficacy of Eclipse against both Full Moon and Half Moon techniques and discuss its performance and limitations.\n

Additionally, we explore the possibility of combining these techniques to create an even more robust method for call stack tampering that is resistant to detection. Our study contributes to the growing body of knowledge in the field of call stack tampering and detection and provides valuable insights for researchers and security professionals aiming to mitigate such threats.\n

\n
REFERENCES
\n
\n

namazso. 2019. x64 return address spoofing (source + explanation). UnKnoWnCheaTs - Multiplayer Game Hacking and Cheats. Retrieved April 4, 2023 from https://www.unknowncheats.me/forum/anti-cheat-bypass/268039-x64-return-address-spoofing-source-explanation.html\nMariusz Banach. 2023. Thread Stack Spoofing / Call Stack Spoofing PoC. Retrieved April 3, 2023 from https://github.com/mgeeky/ThreadStackSpoofer\nWilliam Burgess. Behind the Mask: Spoofing Call Stacks Dynamically with Timers | Cobalt Strike Blog. Fortra. Retrieved April 3, 2023 from https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers/\nWilliam Burgess. Spoofing Call Stacks To Confuse EDRs. Retrieved April 4, 2023 from https://labs.withsecure.com/publications/spoofing-call-stacks-to-confuse-edrs\nMicrosoft Corp. 2021. x64 prolog and epilog. Retrieved April 3, 2023 from https://learn.microsoft.com/en-us/cpp/build/prolog-and-epilog\nMicrosoft Corp. 2022. x64 exception handling. Retrieved April 3, 2023 from https://learn.microsoft.com/en-us/cpp/build/exception-handling-x64\nCodeMachine. 2021. x64 Deep Dive. Retrieved April 3, 2023 from https://www.codemachine.com/article_x64deepdive.html\n

\n\n\'',NULL,365475),('2_Friday','12','12:00','12:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Still Vulnerable Out of the Box: Revisiting the Security of Prepaid Android Carrier Devices\'','\'Angelos Stavrou,Mohamed Elsabagh,Ryan Johnson\'','DC_f203fa4a596756d80ef0239880dc67ba','\'Title: Still Vulnerable Out of the Box: Revisiting the Security of Prepaid Android Carrier Devices
\nWhen: Friday, Aug 11, 12:00 - 12:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Angelos Stavrou,Mohamed Elsabagh,Ryan Johnson
\n
SpeakerBio:Angelos Stavrou\n, Founder and Chief Scientist at Quokka
\nDr. Angelos Stavrou is Founder and Chief Scientist of Quokka (formerly Kryptowire), a Virginia based Mobile Security company. He is also a Professor at the Bradley Department of Electrical & Computer Engineering at Virginia Tech. Dr. Stavrou has served as principal investigator on research awards from NSF, DARPA, IARPA, DHS, AFOSR, ARO, ONR. He is an active member of NIST\'s Mobile Security team and has written more than 130 peer-reviewed conference and journal articles. Dr. Stavrou received his M.Sc. in Electrical Engineering, M.Phil. and Ph.D. (with distinction) in Computer Science all from Columbia University. He also holds an M.Sc. in theoretical Computer Science from the University of Athens and a B.Sc. in Physics with distinction from the University of Patras, Greece. Stavrou is an Associate Editor of IEEE Transactions on Computers, IEEE Security & Privacy, and IEEE Internet Computing magazines and a previous co-chair of the IEEE Blockchain initiative. Over the past few years, Dr. Stavrou\'s research has focused on two aspects of security: Systems\' Security and Reliability. Dr. Stavrou is a member of USENIX, and a senior member of ACM and IEEE.
\n
SpeakerBio:Mohamed Elsabagh\n, Senior Director, R&D at Quokka
\nDr. Mohamed Elsabagh leads the research and development efforts at Quokka (formerly Kryptowire). He specializes in automated static/dynamic binary security analysis and reverse engineering for Android, ARM, and x86 platforms. He has created several tools that helped detect and prevent hundreds of zero-day vulnerabilities in the wild. Mohamed holds a PhD in CS during which he developed automated binary hardening techniques for COTS systems.
\n
SpeakerBio:Ryan Johnson\n, Senior Director, R&D at Quokka
\nDr. Ryan Johnson is a Senior Director, R&D at Quokka (formerly Kryptowire). His research interests are static and dynamic analysis of Android apps and reverse engineering. He is a co-founder of Quokka and has presented at DEF CON, Black Hat (USA, Asia, & MEA), IT-Defense, and @Hack. His research in Android security has been assigned dozens of CVEs and is responsible for discovering the Adups spyware that affected millions of Android smartphones.
\n\n
\nDescription:
\nPrepaid Android smartphones present an attractive option since they can be used and discarded at will without significant financial cost. The reasons for their use are manifold, although some people may use them to dissemble their true identity. Prepaid smartphones offer value, but there may be an additional \"cost\" for their cheap price. We present an examination of the local attack surface of 21 prepaid Android smartphones sold by American carriers (and 11 unlocked smartphones). While examining these devices, we discovered instances of arbitrary command execution in the context of a \"system\" user app, arbitrary AT command execution, arbitrary file write in the context of the Android System (i.e., \"system_server\"), arbitrary file read/write in the context of a \"system\" user app, programmatic factory reset, leakage of GPS coordinates to a loopback port, numerous exposures of non-resettable device identifiers to system properties, and more.\n

The only user interaction that our threat model assumes is that the user installs and runs a third-party app that has no permissions or only a single \"normal\" level permission that is automatically granted to the third-party app upon installation. The installed third-party app can leverage flaws in pre-loaded software to escalate privileges to indirectly perform actions or obtain data while lacking the necessary privileges to do so directly. Due to a wide range of local interfaces with missing access control checks and inadequate input validation, a third-party app’s behavior is not truly circumscribed by the permissions that it requests. Due to the common inclusion of pre-loaded software from Android vendors, chipset manufacturers, carriers, and vendor partners, exploit code can have significant breadth. The inter-app communication used to exploit these vulnerabilities may be difficult to classify as inherently malicious in general since it uses the standard communication channels employed by non-malicious apps.\n

We pick up again where we left off from our DEF CON 26 talk … raiding the prepaid Android smartphone aisles at Walmart. We provide another snapshot on the state of security for Android carrier devices. In this talk, we examine 21 different prepaid Android smartphones being sold by the major American carriers, and we also cover 11 unlocked Android devices, which are primarily ZTE smartphones. We identified vulnerabilities in multiple layers of the Android software stack. For each discovered vulnerability, we step through the attack requirements, access vector, and attack workflow in order to help developers and bug hunters identify common software flaws going forward.\n

\n
REFERENCES
\n
\n

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664\nhttps://www.bleepingcomputer.com/news/security/oneplus-phones-come-preinstalled-with-a-factory-app-that-can-root-devices/\nhttps://source.android.com/docs/security/features/selinux#background\nhttps://en.wikipedia.org/wiki/Confused_deputy_problem\nhttps://github.com/thanuj10/Nokia-Debloater\nhttps://developer.android.com/training/articles/user-data-ids#best-practices-android-identifiers\nhttps://android.googlesource.com/platform/hardware/ril/+/master/include/telephony/ril.h\nhttps://github.com/lbule/android_hardware_mediatek\nhttps://security.tecno.com/SRC/blogdetail/99?lang=en_US\nhttps://extensionpublications.unl.edu/assets/pdf/ec157.pdf\nhttps://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/service/persistentdata/PersistentDataBlockManager.java#143\nhttps://github.com/ptoomey3/evilarc/blob/master/evilarc.py\nhttps://android.googlesource.com/platform/frameworks/base/+/master/packages/SystemUI/\nhttps://android.googlesource.com/platform/packages/apps/Settings/+/refs/heads/master\n

\n\n\'',NULL,365476),('4_Sunday','11','11:00','11:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'The Art of Compromising C2 Servers: A Web Application Vulnerabilities Perspective\'','\'Vangelis Stykas\'','DC_d939e519a5ee21a50b393ba43f8fa211','\'Title: The Art of Compromising C2 Servers: A Web Application Vulnerabilities Perspective
\nWhen: Sunday, Aug 13, 11:00 - 11:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Vangelis Stykas\n, CTO at Tremau
\nVangelis is a software developer, penetration tester, and PhD candidate.He applies his skills at his job as Chief Technology Officer at Tremau and his research focus revolves around API and web application security. His academic research is focused on machine learning in web application security and the development of proactive web application security. During his free time, Vangelis is helping start-ups secure themselves on the Internet and get a leg up in security terms. During the past years he has published and presented research regarding API control functions for ships, smart locks, IP cameras, EV chargers and many other IoT devices. He has performed extensive research on the stakerware industry.
\nTwitter: @@evstykas
\n\n
\nDescription:
\nC2 servers of mobile and Windows malware are usually left to their own fate after they have been discovered and the malware is no longer effective. We are going to take a deep dive into the rabbit hole of attacking and owning C2 servers, exposing details about their infrastructure, code bases, and the identity of the companies and individuals that operate and profit from them.\n

While understanding and reversing malware is a highly skilled procedure, attacking the C2 itself rarely requires a lot of technical skills. Most of the C2 servers have the same typical HTTP problems that can be detected by off-the-shelf vulnerability scanners.\n

By exploiting low-hanging fruit vulnerabilities, an attacker can obtain unauthorized access to administrative functions, allowing them to command thousands of devices and further explore other attack vectors. This can give them access to administrator panels and malware source code, and result in the identity of threat actors being exposed.\n

\n
REFERENCES
\n
\n

Harly malware: https://www.kaspersky.com/blog/harly-trojan-subscriber/45573/\nClipper malware: https://www.welivesecurity.com/2023/03/16/not-so-private-messaging-trojanized-whatsapp-telegram-cryptocurrency-wallets/\nNexus malware: https://www.techrepublic.com/article/nexus-android-malware-finance-targets/\nAurora malware: https://www.bleepingcomputer.com/news/security/aurora-infostealer-malware-increasingly-adopted-by-cybergangs/\n

\n\n\'',NULL,365477),('3_Saturday','13','13:30','14:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'The GitHub Actions Worm: Compromising GitHub repositories through the Actions dependency tree\'','\'Asi Greenholts\'','DC_a7f9de5bc75798596d84b024ea0b2a87','\'Title: The GitHub Actions Worm: Compromising GitHub repositories through the Actions dependency tree
\nWhen: Saturday, Aug 12, 13:30 - 14:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Asi Greenholts\n, Security Researcher at Palo Alto Networks
\nAsi has 8 years of experience in the security field, including security architecture, SOC management, incident response, and application security research. Asi has gained his experience working for major organizations in the financial and government sectors. Today, Asi is a security researcher that focuses on revolutionizing CI/CD security at Palo Alto Networks. During his free time, Asi likes to read, invest in the stock market and to snowboard.
\nTwitter: @@TupleType
\n\n
\nDescription:
\nGitHub is the most popular platform to host Open Source projects therefore, the popularity of their CI/CD platform - GitHub Actions is rising, which makes it an attractive target for attackers.\n

In this talk I’ll show you how an attacker can take advantage of the Custom GitHub Actions ecosystem by infecting one Action to spread malicious code to other Actions and projects by showing you a demo of POC worm.\n

We will start by exploring the ways in which Actions are loosely and implicitly dependent on other Actions. This will allow us to create a dependency tree of Actions that starts from a project that we want to attack and hopefully ends in a vulnerable Action that we can take control of.\n

We will then dive down to how GitHub Actions is working under the hood and I’ll show you how an attacker that is in control of an Action can utilize the mechanism of the GitHub Actions Runner to infect other Actions that are dependent on their Action and eventually infect the targeted project.\n

Finally, after we’ve gained all of the theoretical knowledge I’ll show you a demo with POC malware that is spreading through Actions and we will talk on how to defend against this kind of attack.\n

\n
REFERENCES
\n
https://karimrahal.com/2023/01/05/github-actions-leaking-secrets/
\n\n\'',NULL,365478),('3_Saturday','14','13:30','14:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'The GitHub Actions Worm: Compromising GitHub repositories through the Actions dependency tree\'','\'Asi Greenholts\'','DC_a7f9de5bc75798596d84b024ea0b2a87','\'\'',NULL,365479),('2_Friday','09','09:00','09:45','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'The Internals of Veilid, a New Decentralized Application Framework\'','\'Christien \"DilDog\" Rioux,Katelyn \"Medus4\" Bowden\'','DC_d7fcf82e61798d28d378e679818eec38','\'Title: The Internals of Veilid, a New Decentralized Application Framework
\nWhen: Friday, Aug 11, 09:00 - 09:45 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\nSpeakers:Christien \"DilDog\" Rioux,Katelyn \"Medus4\" Bowden
\n
SpeakerBio:Christien \"DilDog\" Rioux\n, Cult Of The Dead Cow
\nChristien \'DilDog\' Rioux is a member of The Cult Of The Dead Cow, the author of remote-access utility Back Orifice 2000, and a thorn in Microsoft\'s side for over a decade. DilDog is the creator of StuntBanana, a caller-id spoofing system, and is proprietor of the hacker-fashion line HACK.XXX. He is also Co-Founder and former Chief Scientist of Veracode, on the founding team of @stake, as well as a member of L0pht Heavy Industries. DilDog is a staunch believer that if you want to change the present you need to build the future, and is very sorry for having helped create \"InfoSec\" from hacking, and would like to undo the damage.
\nTwitter: @@dildog
\n
SpeakerBio:Katelyn \"Medus4\" Bowden\n, Cult Of The Dead Cow
\nKatelyn Bowden is a hacker, activist, and CULT OF THE DEAD cow member, who embraces the human side of hacking and tech. She also creates strange furby art and has over 60 dead things on display in her house.
\nTwitter: @@medus4_cdc
\n\n
\nDescription:
\nVeilid is an open-source, peer-to-peer, mobile-first networked application framework, with a flagship secure messaging application named VeilidChat. Veilid is conceptually similar to IPFS + Tor, but faster and designed from the ground-up to provide all services over a privately routed network. The network also enables development of distributed applications without a \'blockchain\' or a \'transactional layer\' at their base. Veilid can be included as part of user-facing applications or run as a standalone server for power users who wish to help build the network.\n

Architecturally, it is written in Rust, uses strong encryption, and nodes can run on Linux, Mac, Windows, Android, iOS, and in-browser WASM. Low-level protocols over UDP, raw TCP, Websockets and Secure Websockets. Nodes are optimized for low latency, high node churn, and are particularly capable of dealing with low level network changes, such as switching from cellular to wifi networks mid-communication.\n

This talk will focus on the internals of Veilid:\n* How it works as a protocol
\n* How it leverages strong cryptography to provide private communications\n* How it provides decentralized storage and cryptographically sound data structures\n* How applications are written to leverage the Veilid Network\n

We will demonstrate Veilid Server, and VeilidChat, the application.\n

\n
REFERENCES
\n
Tor Project: www.torproject.org\nIPFS: www.ipfs.tech
\n\n\'',NULL,365480),('4_Sunday','13','13:00','13:45','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'The Price of Convenience: How Security Vulnerabilities in Global Transportation Payment Systems Can Cost You\'','\'Omer Attias\'','DC_a68fcb51b126710fbc5d19ba43176556','\'Title: The Price of Convenience: How Security Vulnerabilities in Global Transportation Payment Systems Can Cost You
\nWhen: Sunday, Aug 13, 13:00 - 13:45 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Omer Attias\n, Security Researcher at SafeBreach Labs
\nOmer Attias is an accomplished security researcher with over five years of experience in the field of cybersecurity. He currently works as a researcher at SafeBreach Labs.\n

With a background in the Ministry of Defense and the Israeli Defense Forces (IDF), Omer has honed his skills in network research, including a deep understanding of Windows internals and Linux kernel components.\n

In addition to his professional pursuits, Omer is a passionate technology and science enthusiast who is always eager to explore emerging trends and innovations in these fields.\n

\nTwitter: @@omerat21
\n\n
\nDescription:
\nPublic transportation payment systems have undergone significant changes over the years. Recently, mobile payment solutions have become increasingly popular, allowing passengers to pay for their fare using their smartphones or other mobile devices.\n

The evolution of public transportation payment systems has been driven by the need for faster, more convenient, and more secure payment methods, and this trend is likely to continue in the years to come, But how secure are mobile payment solutions for public transportation?\n

In this presentation, we will examine the security risks associated with transportation applications, using Moovit as a case study. Moovit is a widely used transportation app operating in over 100 countries and 5000+ cities. Through our investigation of the app\'s API, including SSL-encrypted data, we discovered specific vulnerabilities, which we will discuss. We will also demonstrate a custom user interface that can obtain a \"free ticket\" and cause someone else to pay. Furthermore, we will explain how an attacker could gain unauthorized access to and exfiltrate Personal Identifiable Information (PII) of registered users. Our findings offer practical recommendations to improve the security of transportation apps.\n

\n
REFERENCES
\n
https://github.com/httptoolkit/frida-android-unpinning/blob/main/frida-script.js\nhttps://moovit.com/
\n\n\'',NULL,365481),('2_Friday','17','17:30','17:50','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Track the Planet! Mapping Identities, Monitoring Presence, and Decoding Business Alliances in the Azure Ecosystem\'','\'nyxgeek\'','DC_4d69af31554f77e37c55b4a54777ccf1','\'Title: Track the Planet! Mapping Identities, Monitoring Presence, and Decoding Business Alliances in the Azure Ecosystem
\nWhen: Friday, Aug 11, 17:30 - 17:50 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:nyxgeek\n, Hacker at TrustedSec
\nnyxgeek is a hacker at TrustedSec. Interests include: user enumeration, password spraying, password cracking. Team Trontastic on the CMIYC leaderboard.
\nTwitter: @@nyxgeek
\n\n
\nDescription:
\nMicrosoft Azure is ripe with user information disclosures. We are going to look at weaponizing these disclosures by performing data collection at a large scale against OneDrive, Teams, and Graph.\n

OneDrive and Teams present silent enumeration methods, requiring no logon attempts and creating no logs. This enables enumeration at a massive scale against the biggest corporations, educational instututes, and government entities in the world. Over the last 1.5 years I have enumerated over 20m users. We will explore the techniques used and the data that was collected, including Azure adoption rates and analysis of username formats.\n

Microsoft Teams suffers from information dislcosure due to default settings allowing users to see the online presence of others. An undocumented, unauthenticated Microsoft Teams Presence lookup trick will be shared, which enables easy unauthenticated enumeration of the online Teams Presence of users at many organizations. To demonstrate this we will monitor approximately 100,000 Microsoft employees\' online presence and any out-of-office messages that are stored.\n

Finally, Azure supports Guest users, allowing two companies to collaborate on a project. I will unveil a method of identifying Azure Guest users at other tenants. In this way, hidden corporate relationships can be revealed.\n

Related exploits identified include:\n

Microsoft Lync Time-Based User Enum (no CVE - 2016)\n Microsoft Skype for Business 2016 XSS Injection - CVE-2017-8550\n Microsoft Lync 2011 for Mac HTML Injection - CVE-2018-8474\n

Related Tools:\n

onedrive_user_enum
\n o365recon
\n lyncsmash\n \n

\n
REFERENCES
\n
\n

https://github.com/nyxgeek/onedrive_user_enum\nhttps://github.com/Flangvik/TeamFiltration/\n

\n\n\'',NULL,365482),('2_Friday','14','14:00','14:20','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'Tracking the Worlds Dumbest Cyber-Mercenaries\'','\'Cooper Quintin\'','DC_e4ef829d9064c3436f6a4eb863ef3ad3','\'Title: Tracking the Worlds Dumbest Cyber-Mercenaries
\nWhen: Friday, Aug 11, 14:00 - 14:20 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\n
SpeakerBio:Cooper Quintin\n, Senior Staff Technologist at Electronic Frontier Foundation
\nCooper Quintin is a security researcher and senior public interest technologist with the EFF Threat Lab. He has worked on projects including Privacy Badger, Canary Watch, and analysis of state sponsored malware campaigns such as Dark Caracal. Cooper has given talks at security conferences including Black Hat, DEFCON, Enigma Conference, and ReCon about issues ranging from IMSI Catcher detection to fem tech privacy issues to newly discovered APTs. He has also been published or quoted in publications including: The New York Times, Reuters, NPR, CNN, and Al Jazeera. Cooper has given security trainings for activists, non profit workers, and vulnerable populations around the world. He previously worked building websites for nonprofits, including Greenpeace, Adbusters, and the Chelsea Manning Support Network. Cooper was also an editor and contributor to the hacktivist journal, \"Hack this Zine.\" In his spare time he enjoys making music, visualizing a solar-punk anarchist future, and playing with his kids.
\nTwitter: @cooperq
\n\n
\nDescription:
\nFor the last 6 years my colleagues and I have been tracking the activities of the cyber-mercenaries we call Dark Caracal. In this time we have observed them make a number of hilarious mistakes which have allowed us to gain crucial insights into their activities and victims. In this talk we will discuss the story of Dark Caracal, the mistakes they have made, and how they have managed to remain effective despite quite possibly being the dumbest APT to ever exist.\n
\n
REFERENCES
\n
https://www.eff.org/wp/operation-manul\nhttps://info.lookout.com/rs/051-ESQ-475/images/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf\nhttps://www.welivesecurity.com/2021/07/07/bandidos-at-large-spying-campaign-latin-america/\nhttps://www.eff.org/deeplinks/2023/02/uncle-sow-dark-caracal-latin-america
\n\n\'',NULL,365483),('1_Thursday','11','11:00','11:20','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'UNConventional Cybercrime: How a Bad Anti-Hacking Treaty is Becoming a Law\'','\'Bill Budington,Katitza Rodriguez\'','DC_2a16b63c95fa7f2868d6156e10161859','\'Title: UNConventional Cybercrime: How a Bad Anti-Hacking Treaty is Becoming a Law
\nWhen: Thursday, Aug 10, 11:00 - 11:20 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Bill Budington,Katitza Rodriguez
\n
SpeakerBio:Bill Budington\n, Senior Staff Technologist at Electronic Frontier Foundation
\nBill Budington is a Senior Staff Technologist on EFF\'s Public Interest Technology team. Their research has been featured in the The New York Times, The Los Angeles Times, The Guardian, and cited by the US Congress. They are the lead developer of Cover Your Tracks.
\n
SpeakerBio:Katitza Rodriguez\n, Policy Director for Global Privacy at Electronic Frontier Foundation
\nKatitza Rodriguez is EFF\'s Policy Director for Global Privacy. She concentrates on comparative policy of global privacy issues, with special emphasis on cross-border data flows. Katitza\'s work also focuses on cybersecurity and government access to data held by the private sector at the intersection of international human rights law and standards. In 2018, CNET named Katitza one of the 20 most influential Latinos in technology in the United States.
\nTwitter: @@txitua
\n\n
\nDescription:
\nHeads up DEFCON! The future of hacking, cybersecurity, and human rights are at risk as the United Nations negotiates a draft UN cybercrime treaty that has the potential to substantively reshape anti-hacking law around the world. The proposed Treaty could change the game for security researchers and coders like you. With Russia and China playing an initial role in pushing for this treaty, the future for security researchers’s rights could be at risk.\n

Join us as we deep dive into the murky waters of these negotiations, exploring its risks for security and human rights, including the universal criminalization of network and device intrusion without any protections for legitimate security research. The lack of legal shield for security researchers could hinder bug bounties, responsible vulnerability disclosure, and pentesting. We\'ll discuss the geopolitical complexities, and the vital role you can play.\n

EFF has been on the front lines in Vienna, attending the negotiations and representing the interests of our members since the start, and we need your help. Your insights and experiences are crucial. Together we will review the text, identify new challenges that you may face so we can better understand the community concerns. Let’s champion together a future where security research and human rights can thrive!\n

\n
REFERENCES
\n
\n

https://www.washingtonpost.com/politics/2023/04/28/perilous-path-new-cybercrime-treaty/\n

    \n
  1. https://www.eff.org/issues/un-cybercrime-treaty\n
  2. https://www.eff.org/pages/submissions\n
  3. https://www.unodc.org/unodc/en/cybercrime/ad_hoc_committee/home\n
  4. https://www.unodc.org/documents/Cybercrime/AdHocCommittee/5th_session/Documents/CND_2_-_21.04.2023.pdf\n
  5. https://www.unodc.org/unodc/en/cybercrime/ad_hoc_committee/ahc_fifth_session/main\n
  6. https://www.unodc.org/documents/Cybercrime/AdHocCommittee/4th_Session/Documents/CND_21.01.2023_-_Copy.pdf\n
  7. https://www.unodc.org/unodc/en/cybercrime/ad_hoc_committee/home\n
  8. https://www.euractiv.com/section/law-enforcement/news/west-clashes-with-china-russia-over-un-cybercrime-convention/\n
  9. https://mediatalks.uol.com.br/2023/04/12/como-tratado-da-onu-sobre-crime-cibernetico-pode-ameacar-liberdade-de-expressao/\n
  10. https://www.washingtonpost.com/politics/2023/04/28/perilous-path-new-cybercrime-treaty/\")
\n\n\'',NULL,365484),('3_Saturday','16','16:30','16:50','N','DC','Caesars Forum - Forum - 105,135,136 - Track 1','\'Your Clocks Have Ears — Timing-Based Browser-Based Local Network Port Scanner\'','\'Dongsung “Donny” Kim\'','DC_d5df9d78c2bb045ef91fedf35def772f','\'Title: Your Clocks Have Ears — Timing-Based Browser-Based Local Network Port Scanner
\nWhen: Saturday, Aug 12, 16:30 - 16:50 PDT
\nWhere: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
\n
SpeakerBio:Dongsung “Donny” Kim\n, IT-Security Expert at Security Office part of Truesec
\nDongsung (Donny) Kim is an IT-Security expert at Security Office part of Truesec. Their software interests vary widely from frontend to DevSecOps, with research interests spanning from reverse engineering to web security. Equipped with both professional and academic experience, they want to reconcile two seemingly opposite ideas: understanding user-facing software problems without compromising security.\n

Bluesky: @kidi.ng
\nDiscord: kiding\n

\nTwitter: @@kid1ng
\n\n
\nDescription:
\nWhat can a website do? So many things these days. But, have you ever considered that it can port scan your LAN? It will fingerprint you with pinpoint precision and uncover hidden internal devices. Surely, a browser wouldn\'t allow that?\n

With this presentation, I will introduce a short primer on timing-based, browser-based port scanning using Fetch. Based on this primer, I will discuss three techniques that can scan open ports on the localhost, a NAT router’s presence on the LAN, and open ports of the clients on the LAN. A demo of the proof of concept exploit will be provided, with closing remarks on possible mitigation strategies.\n

\n
REFERENCES
\n
\n

[1] https://blog.nem.ec/2020/05/24/ebay-port-scanning/\n[2] https://www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/\n[3] https://www.crunchbase.com/organization/threatmetrix\n[4] https://coveryourtracks.eff.org/learn\n[5] https://web.archive.org/web/20060813034434/http://www.spidynamics.com/assets/documents/JSportscan.pdf\n[6] https://github.com/Flu1dTeam/PortScanner\n[7] https://medium.com/tenable-techblog/using-webrtc-ice-servers-for-port-scanning-in-chrome-ce17b19dd474\n[8] https://www.incolumitas.com/2021/01/10/browser-based-port-scanning/\n[9] https://docs.google.com/document/d/1a8sUFQsbN5uve7ziW61ATkrFr3o9A-Tiyw8ig6T3puA/edit\n[10] https://developer.chrome.com/articles/cors-rfc1918-feedback/\n[11] https://wicg.github.io/local-network-access/\n

\n\n\'',NULL,365485),('1_Thursday','17','17:30','18:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'DEF CON 101 - Welcome to DEF CON Panel\'','\'Jeff \"The Dark Tangent\" Moss,fivepenny,Kirsten Renner,Magen,Nikita Kronenberg,deelo\'','DC_8c44eb6be493c96e3fcfc3aba8e3a584','\'Title: DEF CON 101 - Welcome to DEF CON Panel
\nWhen: Thursday, Aug 10, 17:30 - 18:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Jeff \"The Dark Tangent\" Moss,fivepenny,Kirsten Renner,Magen,Nikita Kronenberg,deelo
\n
SpeakerBio:Jeff \"The Dark Tangent\" Moss\n, DEF CON Communications
\nMr. Moss is an internet security expert and is the founder of Both the Black Hat Briefings and DEF CON Hacking conferences. In 2022 Mr. Moss was named to the UK Government Cybersecurity Advisory Board, and in 2021 he was sworn in as a member of the DHS Cybersecurity Infrastructure Security Agency (CISA) Advisory Council (CSAC), and serves as a chairman of their Technical Advisory Council (TAC). Mr. Moss is a member of the Council on Foreign Relations (CFR) and is interested in policy issues around privacy, national security, and internet governance. He spends a lot of time in Singapore.
\nTwitter: @thedarktangent
\n
SpeakerBio:fivepenny\n
\nFivepenny is the vendor lead and an avid reader and she\'s never going to give you up never going to let you down, Never gonna run around and desert you. Never gonna make you cry, Never gonna say goodbye, Never gonna tell a lie and hurt you.
\n
SpeakerBio:Kirsten Renner\n, Talent Engagement Lead at Accenture Federal
\nKirsten is the Talent Engagement Lead at Accenture Federal. She joined AFS through the acquisition of Novetta, after serving there as Director of Recruiting for 6 years. Her career started in IT building and running helpdesks, and she later moved into Technical Recruiting. She is best known in the community for both her role in the Car Hacking Village and her efforts as a speaker and volunteer across multiple events throughout the year. Kirsten offers over 20 years in technology services space and 15 in the hacker community and conference scene.
\n
SpeakerBio:Magen\n, Urbane Security and CFP/CFW reviewer
\nKnown by many nicknames and handles, Magen (she/her) has been attending DEF CON for over 15 years. She is a member of the CFP and CFW review boards, former lead of DEF CON workshops, a past DEF CON past speaker. Outside of con, she works at Urbane Security and loves coffee, weightlifting, and adding/listening to her vinyl collection.
\n
SpeakerBio:Nikita Kronenberg\n, Director of Content & Coordination at DEF CON Communications
\nNikita works to ensure DEF CON runs as smoothly as one can expect from a hacker convention. In addition to planning a vast array of details prior to DEF CON and thwarting issues while onsite, she is the (soon to be retired) Director of Content for the CFP Review Board. This year will be her 20th anniversary.\n

Nikita is not on the social mediaz.\n

\n
SpeakerBio:deelo\n, Chief of Staff, SOC at DEF CON Conference
\ndeelo, SOC Chief of Staff, is an active member of the SOC team and SOC Leadership. deelo\'s tenure with the SOC team began at DC19; the first year DefCon was at the Rio Hotel. Her personal motto is: “How can I make your day better?” and deelo brought this attitude with her when she joined the SOC team. After spending one year working on the conference floor, she quickly found herself moving behind the scenes in a slightly more administrative role. At that time, SOC was a team of 75 and deelo’s main goal was to make sure everyone on the team ate “lunch” during their shift. Over the years, the SOC team has grown A LOT and the scope of deelo’s job has changed as the team has gotten bigger. DefCon 31\'s SOC team consists of 150 Goons, and deelo’s role is so much more than just keeping this team fed while on shift. There is a lot involved with coordinating the comings and goings of 150+ people and it keeps deelo busy for a good chunk of the year, but she wouldn’t have it any other way…deelo loves what she does and she loves her team.\n

Years of Service: 13 and counting\n

\n\n
\nDescription:
\nDEF CON 101 began as a way to introduce n00bs to DEF CON. The idea was to help attendees get the best experience out of DEF CON (and also tell them how to survive the weekend!). The DEF CON 101 panel has been a way for people who have participated in making DEF CON what it is today to share those experiences and, hopefully, inspire attendees to expand their horizons. DEF CON offers so much more than just talks and the DEF CON 101 panel is the perfect place to learn about DEF CON so you can get the best experience possible. Come watch us talk about what we love about DEF CON, give you tips and tricks, and maybe even make some new friends!\n
\n\n\'',NULL,365486),('1_Thursday','18','17:30','18:45','Y','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'DEF CON 101 - Welcome to DEF CON Panel\'','\'Jeff \"The Dark Tangent\" Moss,fivepenny,Kirsten Renner,Magen,Nikita Kronenberg,deelo\'','DC_8c44eb6be493c96e3fcfc3aba8e3a584','\'\'',NULL,365487),('2_Friday','10','10:30','10:50','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Making The DEF CON 31 Badge\'','\'Mar Williams\'','DC_2c1f163fbc6c51292330449898c08078','\'Title: Making The DEF CON 31 Badge
\nWhen: Friday, Aug 11, 10:30 - 10:50 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Mar Williams\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,365488),('2_Friday','09','09:00','09:20','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Welcome to DEF CON 31\'','\'Jeff \"The Dark Tangent\" Moss\'','DC_030628f1da816e661a4eece81615e2d8','\'Title: Welcome to DEF CON 31
\nWhen: Friday, Aug 11, 09:00 - 09:20 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Jeff \"The Dark Tangent\" Moss\n, DEF CON Communications
\nMr. Moss is an internet security expert and is the founder of Both the Black Hat Briefings and DEF CON Hacking conferences. In 2022 Mr. Moss was named to the UK Government Cybersecurity Advisory Board, and in 2021 he was sworn in as a member of the DHS Cybersecurity Infrastructure Security Agency (CISA) Advisory Council (CSAC), and serves as a chairman of their Technical Advisory Council (TAC). Mr. Moss is a member of the Council on Foreign Relations (CFR) and is interested in policy issues around privacy, national security, and internet governance. He spends a lot of time in Singapore.
\nTwitter: @thedarktangent
\n\n
\nDescription:
\nThe Dark Tangent, aka Jeff Moss, welcomes attendees to DEF CON 31.\n
\n\n\'',NULL,365489),('4_Sunday','15','15:30','17:30','N','DC','Caesars Forum - Forum - 105, 135-136, 108-119, 138-139 - Tracks 1 & 2','\'DEF CON Closing Ceremonies & Awards\'','\'Jeff \"The Dark Tangent\" Moss\'','DC_c4b583c8f940d2cede1899def6971ce7','\'Title: DEF CON Closing Ceremonies & Awards
\nWhen: Sunday, Aug 13, 15:30 - 17:30 PDT
\nWhere: Caesars Forum - Forum - 105, 135-136, 108-119, 138-139 - Tracks 1 & 2 - Map
\n
SpeakerBio:Jeff \"The Dark Tangent\" Moss\n, DEF CON Communications
\nMr. Moss is an internet security expert and is the founder of Both the Black Hat Briefings and DEF CON Hacking conferences. In 2022 Mr. Moss was named to the UK Government Cybersecurity Advisory Board, and in 2021 he was sworn in as a member of the DHS Cybersecurity Infrastructure Security Agency (CISA) Advisory Council (CSAC), and serves as a chairman of their Technical Advisory Council (TAC). Mr. Moss is a member of the Council on Foreign Relations (CFR) and is interested in policy issues around privacy, national security, and internet governance. He spends a lot of time in Singapore.
\nTwitter: @thedarktangent
\n\n
\nDescription:
\nThe end is here! DEF CON 31 is at a close and we want to thank everyone who participated, contributed, retired, promoted, and won contests. DEF CON departments will share stats, info, and data collected throughout the weekend related to the network, code of conduct transparency, stats on attendee participation in events, and more. This is the ceremony where we also announce the contestants who\'ve won a prestige UBER badge for select contests.\n
\n\n\'',NULL,365490),('4_Sunday','16','15:30','17:30','Y','DC','Caesars Forum - Forum - 105, 135-136, 108-119, 138-139 - Tracks 1 & 2','\'DEF CON Closing Ceremonies & Awards\'','\'Jeff \"The Dark Tangent\" Moss\'','DC_c4b583c8f940d2cede1899def6971ce7','\'\'',NULL,365491),('4_Sunday','17','15:30','17:30','Y','DC','Caesars Forum - Forum - 105, 135-136, 108-119, 138-139 - Tracks 1 & 2','\'DEF CON Closing Ceremonies & Awards\'','\'Jeff \"The Dark Tangent\" Moss\'','DC_c4b583c8f940d2cede1899def6971ce7','\'\'',NULL,365492),('4_Sunday','14','14:00','15:15','N','DC','Caesars Forum - Forum - 105, 135-136, 108-119, 138-139 - Tracks 1 & 2','\'Contest Closing Ceremonies & Awards\'','\' \'','DC_28554288e53fc94a2b99b8223eac41b5','\'Title: Contest Closing Ceremonies & Awards
\nWhen: Sunday, Aug 13, 14:00 - 15:15 PDT
\nWhere: Caesars Forum - Forum - 105, 135-136, 108-119, 138-139 - Tracks 1 & 2 - Map
\n
\nDescription:
\nContests announce winners, discuss game play and the outcome of some of the [sixty-five different contests held at DEF CON 31](https://forum.defcon.org/node/244766).\n

Black Badge (UBER) Winners will be announced at the DEF CON Closing ceremonies & awards, immediately following this session. \n

\n\'',NULL,365493),('4_Sunday','15','14:00','15:15','Y','DC','Caesars Forum - Forum - 105, 135-136, 108-119, 138-139 - Tracks 1 & 2','\'Contest Closing Ceremonies & Awards\'','\' \'','DC_28554288e53fc94a2b99b8223eac41b5','\'\'',NULL,365494),('4_Sunday','10','10:00','11:59','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'War Stories Off The Record AMA\'','\' \'','DC_bf1f9e5f6c20ff9b86d1015334c5103b','\'Title: War Stories Off The Record AMA
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
\n
\nDescription:
\nA series of panels and talks that are not recorded and off the record, the AMA\'s are meant to encourage thought provoking questions from the audience.\n
\n\n\'',NULL,365495),('4_Sunday','11','10:00','11:59','Y','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'War Stories Off The Record AMA\'','\' \'','DC_bf1f9e5f6c20ff9b86d1015334c5103b','\'\'',NULL,365496),('3_Saturday','14','14:00','17:59','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'Off the record war story talks - Signs Ups On Site\'','\'\'','DC_7b097638bba2c69cbc46a28babf908fb','\'Title: Off the record war story talks - Signs Ups On Site
\nWhen: Saturday, Aug 12, 14:00 - 17:59 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
\n
\nDescription:No Description available
\n\'',NULL,365497),('3_Saturday','15','14:00','17:59','Y','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'Off the record war story talks - Signs Ups On Site\'','\'\'','DC_7b097638bba2c69cbc46a28babf908fb','\'\'',NULL,365498),('3_Saturday','16','14:00','17:59','Y','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'Off the record war story talks - Signs Ups On Site\'','\'\'','DC_7b097638bba2c69cbc46a28babf908fb','\'\'',NULL,365499),('3_Saturday','17','14:00','17:59','Y','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'Off the record war story talks - Signs Ups On Site\'','\'\'','DC_7b097638bba2c69cbc46a28babf908fb','\'\'',NULL,365500),('2_Friday','14','14:00','14:20','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'There are no mushroom clouds in cyberwar\'','\'Mieke Eoyang\'','DC_56dc384cb0b6f05088a6ff5449d03c36','\'Title: There are no mushroom clouds in cyberwar
\nWhen: Friday, Aug 11, 14:00 - 14:20 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Mieke Eoyang\n
\nMs. Mieke Eoyang is the Deputy Assistant Secretary of Defense for Cyber Policy. The Cyber Policy office is responsible for establishing DoD cyberspace policy and strategy, providing guidance and oversight on DoD cyberspace activities, and managing DoD’s primary external relationships across the U.S. government, key domestic stakeholders, and our allies and partners.\n

Prior to that she was the Senior Vice President for the National Security Program at the think tank, Third Way, where she led their work on a wide range of national security issues including on foreign policy, Congress’ role in the national security policymaking process, non-proliferation, intelligence oversight, electronic surveillance, cybersecurity. She was the founder of the organization’s Cyber Enforcement Initiative which focused on improving the government’s efforts to impose consequences on the human behind malicious cyber activity.\n

Before joining Third Way, she was the Chief of Staff to Rep. Anna G. Eshoo (D-CA) having previously served as the Subcommittee Staff Director for Intelligence Community Management on the House Permanent Select Committee on Intelligence. While there, she was the committee’s lead for cybersecurity, personnel management and worked on electronic surveillance reform, among other issues.\n

Prior to that, she served as the Defense Policy Advisor to Senator Edward M. Kennedy, advising him on all matters related to the Senate Armed Services Committee and Defense Appropriations during the Iraq War. Earlier in her career, she served as the lead Democratic Professional Staff Member on the House Armed Services Committee for the Military Personnel Subcommittee.\n

Ms. Eoyang received her Juris Doctor from the University of California, Hastings College of the Law, and her Bachelor’s Degree from Wellesley College.\n

\n\n
\nDescription:
\nThis presentation will discuss the history of cyberwarfare, highlighting the misconceptions between nuclear deterrence and the nature of cyber conflict. It will shed light on this association in popular culture, including in movies like \"WarGames,\" which influenced then President Ronald Reagan and fed his concerns about potential hacking into U.S. weapons systems. These concerns and other influences helped to shape early perceptions about the cyber domain, which immediately became intertwined with notions of strategic weapons and catastrophic effects. In subsequent decades, continued theorizing about cyberwarfare envisioned strategic cyber attacks that could cause decisive effects, stoking fears of a \"Cyber Pearl Harbor.\" However, the reality is that cyber operations are ephemeral and cyber effects are hard to attribute and are rarely decisive. The turning point in U.S. cyber strategy occurred in lead up to the 2018 midterm election, with the adoption of a new approach focused on defending forward, which involved actively disrupting malicious cyber activity before it affected the U.S. Homeland. This strategy was further informed by Russia’s 2022 invasion of Ukraine, which demonstrated how cyber capabilities may be used in large-scale conventional conflict. Looking ahead, in terms of protecting Americans and strengthening our global Allies and partners, we know that private industry and individual volunteers will play a critical role, including many of the participants at DEF CON. This recognition acknowledges that cyberwarfare is pervasive and requires collective engagement.\n
\n\n\'',NULL,365501),('3_Saturday','12','12:30','13:15','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'An Audacious Plan to Halt the Internet\'s Enshittification\'','\'Cory Doctorow\'','DC_3c8ffe08bb4715edf2a4815fc3c10ec6','\'Title: An Audacious Plan to Halt the Internet\'s Enshittification
\nWhen: Saturday, Aug 12, 12:30 - 13:15 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\n
SpeakerBio:Cory Doctorow\n
\nCory Doctorow (craphound.com) is a science fiction author, activist and journalist. He is the author of many books, most recently RED TEAM BLUES, a science fiction crime thriller; CHOKEPOINT CAPITALISM, nonfiction about monopoly and creative labor markets; the LITTLE BROTHER series for young adults; IN REAL LIFE, a graphic novel; and the picture book POESY THE MONSTER SLAYER. In 2020, he was inducted into the Canadian Science Fiction and Fantasy Hall of Fame.
\nTwitter: @@doctorow
\n\n
\nDescription:
\nThe enshittification of the internet follows a predictable trajectory: first, platforms are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die.\n

It doesn\'t have to be this way. Enshittification occurs when companies gobble each other up in an orgy of mergers and acquisitions, reducing the internet to \"five giant websites filled with screenshots of text from the other four\" (credit to Tom Eastman!), which lets them endlessly tweak their back-ends to continue to shift value from users and business-customers to themselves. The government gets in on the act by banning tweaking by users - reverse-engineering, scraping, bots and other user-side self-help measures - leaving users helpless before the march of enshittification.\n

We don\'t have to accept this! Disenshittifying the internet will require antitrust, limits on corporate tweaking - through privacy laws and other protections - and aggressive self-help measures from alternative app stores to ad blockers and beyond!\n

\n\n\'',NULL,365502),('3_Saturday','13','12:30','13:15','Y','DC','Caesars Forum - Forum - 130-134 - Track 3','\'An Audacious Plan to Halt the Internet\'s Enshittification\'','\'Cory Doctorow\'','DC_3c8ffe08bb4715edf2a4815fc3c10ec6','\'\'',NULL,365503),('2_Friday','10','10:00','10:45','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record','\'A Different Uber Post Mortem\'','\'Joe Sullivan\'','DC_00a34b363d3cd2435e365a029fec1ff1','\'Title: A Different Uber Post Mortem
\nWhen: Friday, Aug 11, 10:00 - 10:45 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record - Map
\n
SpeakerBio:Joe Sullivan\n
\nJoe Sullivan is the CEO of Ukraine Friends, a nonprofit providing humanitarian aid to the people of Ukraine. He also advises a number of startups and mentors security leaders. Joe has worked at the intersection of government, technology, and security since the mid-1990s. He spent 8 years working for the US DOJ, eventually as a federal prosecutor 100% focused on technology-related crimes, received national recognition from the DOJ for outstanding service as a federal prosecutor, and worked on many first-of-their-kind cybercrime cases, including supporting the digital aspects of the 9/11 investigation. Joe was recruited to eBay in 2002 to build out their eCrime team, and later took on responsibilities at PayPal. In 2008 Joe moved to Facebook where he became their CSO, building a small security org into a team of hundreds. He was recruited from there to join Uber in 2015 to be their first CSO. After Uber, Joe spent 2018 through 2022 as the CSO at Cloudflare. He has also advised a significant number of companies over the years, including AirBnB and DoorDash. Joe has testified as an expert before the US Congress twice, been a commissioner on the National Action Alliance for Suicide Prevention, a board member on the National Cyber Security Alliance, a many-time opening plenary speaker at the Dallas Crimes Against Children Conference, a participant in a White House anti-online-bullying effort, an advisor to the Department of Homeland Security, and in 2016 accepted an appointment from President Obama to his Commission on Enhancing National Cybersecurity.
\n\n
\nDescription:
\nThe federal criminal case of United States v. Joseph Sullivan, NDCA 3-20-CR-337 WHO, has been covered and debated quite publicly since I was fired by the new Uber CEO in November 2017, a year after the incident. Most discussion has focused on questions of my guilt or innocence, the culpability of other executives at the company, and the implications of the case for other security executives. \n \n

Less has been written about the guilt or innocence of those who accessed Uber’s AWS environment in October 2016 and triggered an incident response by emailing me and asking for payment. After we met them, my team and I did not consider those 19- and 20-year-old kids to be criminal actors and treated them as security researchers. Yet both also faced federal criminal charges. \n \n

During my talk I will review the extraordinary investigation done by my team at Uber and put it into the context of other historical cases we and I had worked on. Whether or not you consider them to be security researchers, there are many lessons to be learned related to the dynamics between researchers and companies and the dynamics between companies and the government.\n

\n\n\'',NULL,365504),('3_Saturday','12','12:00','13:55','N','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'Abusing Microsoft SQL Server with SQLRecon\'','\'Sanjiv Kawa\'','DL_d943a494e9c435c8932e8f9c450b57d4','\'Title: Abusing Microsoft SQL Server with SQLRecon
\nWhen: Saturday, Aug 12, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Caucus Boardroom - Demo Labs - Map
\n
SpeakerBio:Sanjiv Kawa\n
\nSanjiv Kawa (@sanjivkawa) is a Senior Managing Security Consultant on the IBM X-Force Red Adversarial Simulation team with over ten years of experience performing offensive security assessments. As part of the IBM X-Force Red Adversarial Simulation team, Sanjiv spends his days breaking into the largest organizations in the world by emulating adversary tactics, techniques and procedures to reach target objectives. He then advises these organizations on ways they can improve their security posture by implementing or tuning controls. Sanjiv is an active member in the security community. He has developed a variety of tooling and presented at large conferences, such as BSides and Wild West Hackin’ Fest and frequently contributes to projects on GitHub.
\nTwitter: @sanjivkawa
\n\n
\nDescription:
\nSQLRecon helps address the post-exploitation tooling gap by modernizing the approach red team operators can take when attacking SQL Servers. The tool was designed to be modular, allowing for ease of extensibility and contributions from the hacker community. SQLRecon is written in C# and is compatible stand-alone or within a diverse set of command and control (C2) frameworks (Cobalt Strike, Nighthawk, Mythic, PoshC2, Sliver, etc). When using the latter, SQLRecon can be executed either in-process, or through traditional fork and run. SQLRecon has over 50 modules which can help facilitate with enumeration, collection, code execution, privilege escalation and lateral movement. It has been designed with operational security and defense evasion in mind.\n
\n\n\'',NULL,365505),('3_Saturday','13','12:00','13:55','Y','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'Abusing Microsoft SQL Server with SQLRecon\'','\'Sanjiv Kawa\'','DL_d943a494e9c435c8932e8f9c450b57d4','\'\'',NULL,365506),('3_Saturday','12','12:00','13:55','N','DL','Caesars Forum - Council Boardroom - Demo Labs','\'Am I Exploitable? (MI-X)\'','\'Ofri Ouzan,Yotam Perkal\'','DL_a70758ce3f79aa787d0c885320ce496e','\'Title: Am I Exploitable? (MI-X)
\nWhen: Saturday, Aug 12, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Council Boardroom - Demo Labs - Map
\nSpeakers:Ofri Ouzan,Yotam Perkal
\n
SpeakerBio:Ofri Ouzan\n
\nOfri Ouzan is an experienced Security Researcher who has been working in the cybersecurity field for over four years. She specializes in conducting security research on Windows, Linux, Cloud Platforms, and containerized applications with an emphasis on vulnerabilities. Her expertise lies in finding and solving complex problems in the cyber field, developing automation and open-source tools.
\n
SpeakerBio:Yotam Perkal\n
\nYotam leads the vulnerability research team at Rezilion, focusing on research around vulnerability validation, mitigation, and remediation. Prior to Rezilion, Yotam filled several roles at PayPal Security organization, dealing with vulnerability management, threat intelligence, and Insider threat. Additionally, Yotam takes part in several OpenSSF working groups around open-source security as well as several CISA work streams around SBOM and VEX and is also a member of the PyCon Israel organization committee. He is passionate about Cyber Security and Machine Learning and is especially intrigued by the intersection between the domains, whether it be using ML in order to help solve Cyber Security challenges or exploring the challenges in securing ML applications.
\n\n
\nDescription:
\nAddressing security vulnerabilities begins with verifying the impact on an environment. Merely having a vulnerable package installed does not guarantee exploitability, as several conditions must align for the vulnerability to be applicable and exploitable. For example: is the operating system in question susceptible to the vulnerability? is the vulnerable component loaded to memory? is the required configuration in place? is there a patch installed? And more... Standard vulnerability scanners simply do not take these factors into account and thus require manual triage in order to answer “Can a vulnerability be exploited in a given environment?”. ‘Am I Exploitable?’ (MI-X), is an open-source tool aimed at effectively determining whether a local host or running container is truly affected by a specific vulnerability by accounting for all factors which affect actual exploitability. MI-X also prints out the logical steps it takes in order to reach a decision and can also provide a graphical representation of the validation flow. The tool can therefore help practitioners understand what are the factors that affect exploitability for each of the supported vulnerabilities.\n
\n\n\'',NULL,365507),('3_Saturday','13','12:00','13:55','Y','DL','Caesars Forum - Council Boardroom - Demo Labs','\'Am I Exploitable? (MI-X)\'','\'Ofri Ouzan,Yotam Perkal\'','DL_a70758ce3f79aa787d0c885320ce496e','\'\'',NULL,365508),('2_Friday','14','14:00','15:55','N','DL','Caesars Forum - Council Boardroom - Demo Labs','\'Attack Surface Framework\'','\'Mike Henkelman,Prajwal Panchmahalkar\'','DL_7983896766370909860ddd6d2a8c0a24','\'Title: Attack Surface Framework
\nWhen: Friday, Aug 11, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Council Boardroom - Demo Labs - Map
\nSpeakers:Mike Henkelman,Prajwal Panchmahalkar
\n
SpeakerBio:Mike Henkelman\n
\nMike Henkelman is a Sr Manager, Vulnerability Management Global at VMWare Inc. He began his career as a MCSE certified systems administrator in the mid 90’s before joining Cisco Systems and working in the IPABU on the edge development team for the 2600 series router and 3500 series switch and authoring white papers on CEF. Going on to manage several enterprise data centers, he later began focusing on information security and managed Vulnerability Management programs for companies that include Pivotal Software before joining VMWare where his team mitigates risk for one of corporate America’s largest asset libraries with audit attestations that include FedRAMP IL5 High, CE+. I24, IRAP, PCI-DSS among nearly two dozen others.
\n
SpeakerBio:Prajwal Panchmahalkar\n
\nPrajwal Panchmahalkar is a Technical Director, Red Team at VMware Inc., He has contributed to public security research and has been the Development Lead for Matriux since 2009. In the past he was a Research Assistant at Texas Tech University working on Security of Critical Infrastructure and Smart Grid Energy Systems, with a journal published on Elsevier. A Finalist for America\'s Information Security Leadership Award 2012 (AISLA) by (ISC)2. Previously Prajwal was a speaker at BlackHat Arsenal, c0c0n, BSidesLV and GrrCon. Currently on review board for c0c0n, India. He was a chapter lead for n|u, Hyderabad an open security community. Prajwal holds a Masters degree in Computer Science from the Texas Tech University, Lubbock.
\n\n
\nDescription:
\nAttack Surface Framework(ASF) aims to protect organizations acting as an attack surface watchdog. The Attack Surface Framework (ASF) was developed with motivation to automate and address vulnerabilities through continuous scanning and tracking risks at scale, in a comprehensive and adaptable approach, particularly against 0-day vulnerabilities with publicly available POCs. The Attack Surface Framework (ASF) is a modular, extensible, and customizable framework designed to help organizations manage their public attack surface risks. ASF will auto-discover assets such as network subnets, domains including subdomains, enumerate their ports and services, track deltas and serve as a continuous and flexible, attacking and alerting framework, leveraging another layer of support. ASF provides modules for attack surface management including asset discovery and management, asset enumeration, vulnerability scanning, and vulnerability testing. ASF is equipped with a set of CLI tools and an API, enabling users to interact with the framework and integrate it with other tools and processes. Additionally, ASF includes a web-based user interface for visualizing an organization\'s attack surface and managing vulnerabilities.\n
\n\n\'',NULL,365509),('2_Friday','15','14:00','15:55','Y','DL','Caesars Forum - Council Boardroom - Demo Labs','\'Attack Surface Framework\'','\'Mike Henkelman,Prajwal Panchmahalkar\'','DL_7983896766370909860ddd6d2a8c0a24','\'\'',NULL,365510),('3_Saturday','12','12:00','13:55','N','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'BBOT (Bighuge BLS OSINT Tool)\'','\'Joel \"TheTechromancer\" Moore,Paul Mueller\'','DL_c92e4cd63ce83c943982369528ff849d','\'Title: BBOT (Bighuge BLS OSINT Tool)
\nWhen: Saturday, Aug 12, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Accord Boardroom - Demo Labs - Map
\nSpeakers:Joel \"TheTechromancer\" Moore,Paul Mueller
\n
SpeakerBio:Joel \"TheTechromancer\" Moore\n
\nTheTechromancer is a hacker at Black Lantern Security (BLS). He loves coding in Python, and is the creator of several security tools including ManSpider, TrevorSpray, and BBOT (Bighuge BLS OSINT Tool). He has also made contributions to other open-source projects such as Spiderfoot.
\n
SpeakerBio:Paul Mueller\n
\nPaul Mueller is a Principal Operator at Black Lantern Security (BLS). He specializes in web application testing and application security. He loves finding complex hard-to-find web bugs, especially when they involve cryptography. He is also one of the developers for the BLS tools Writehat and BBOT (Bighuge BLS OSINT Tool). Prior to working with BLS, he spent over a decade as a DoD contractor providing both penetration testing and security analysis/incident handling. He got his start in the field as a systems administrator and later as a Signals Intelligence Analyst with the US Marine Corps.
\n\n
\nDescription:
\nBBOT (Bighuge BLS OSINT Tool) is a new recursive OSINT scanner inspired by Spiderfoot, but designed and optimized for bigger targets and faster scan times. BBOT is open-source and written in Python. Its 80+ modules range in function from subdomain enumeration to cryptographic exploitation. BBOT can map the attack surface of an organization (and sometimes get you RCE) in a single command.\n

Features include:
\n- multiple targets
\n- automatic dependencies w/ ansible
\n- python API
\n- subdomain enumeration
\n- email enumeration
\n- cloud bucket enumeration
\n- port scanning
\n- web service enumeration
\n- web screenshots
\n- web spidering
\n- vulnerability scanning (with nuclei and more)\n

\n\n\'',NULL,365511),('3_Saturday','13','12:00','13:55','Y','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'BBOT (Bighuge BLS OSINT Tool)\'','\'Joel \"TheTechromancer\" Moore,Paul Mueller\'','DL_c92e4cd63ce83c943982369528ff849d','\'\'',NULL,365512),('3_Saturday','14','14:00','15:55','N','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'BLE CTF\'','\'Alek Amrani,Ryan Holeman\'','DL_528b988a02f7ab0e14c6d737051175a1','\'Title: BLE CTF
\nWhen: Saturday, Aug 12, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Unity Boardroom - Demo Labs - Map
\nSpeakers:Alek Amrani,Ryan Holeman
\n
SpeakerBio:Alek Amrani\n
\nAlek Amrani - bad at expense reports
\n
SpeakerBio:Ryan Holeman\n, CISO at Strike
\nRyan Holeman resides in Austin, Texas, where he works as the CISO for the peer-to-peer payment platform Strike. He is currently pursuing a Ph.D. in cyber defense from Dakota State University. He has spoken at respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon. You can keep up with his current activity, open source contributions, and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, and shredding local skateparks.
\n\n
\nDescription:
\nBLE CTF is a series of Bluetooth Low Energy challenges in a capture the flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. Over the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, trainings, and conferences have utilized it as an educational platform and CTF. As an open source, low cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.\n
\n\n\'',NULL,365513),('3_Saturday','15','14:00','15:55','Y','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'BLE CTF\'','\'Alek Amrani,Ryan Holeman\'','DL_528b988a02f7ab0e14c6d737051175a1','\'\'',NULL,365514),('2_Friday','12','12:00','13:55','N','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'Build Inspector - A modern Javert on the trail of CI/CD Anomalies and Intruders\'','\'Jeremy Banker\'','DL_3fa5bf576ed2a8f956b9a4a5d905df0c','\'Title: Build Inspector - A modern Javert on the trail of CI/CD Anomalies and Intruders
\nWhen: Friday, Aug 11, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Caucus Boardroom - Demo Labs - Map
\n
SpeakerBio:Jeremy Banker\n
\nA lifelong learner and broad technology enthusiast, Jeremy Banker holds a Masters degree in Information Security and is a founding member of the Security Product Engineering, Automation and Research (SPEAR) team at VMware. He has designed, built and implemented solutions to ensure that VMware\'s software supply chain remains secure. When not looking for new ways to keep software safe, he can usually be found tinkering with all manner of gadgets, working to bring amateur radio software into the modern era, or enjoying the peace of nature in his native Colorado.
\n\n
\nDescription:
\nIn the ever evolving landscape of software development, maintaining the integrity and security of your build, test and deployment pipelines is paramount. Build Inspector is an always-watching guard dog, looking for information about the dependencies being consumed and produced, while also calling out instances of risky practices or potential signs of compromise during pipeline runs. Watch as the inspector turns piles of plaintext logs into structured data, perfect for automated analysis, correlation and alerting. With simple containerized deployment and self-documenting REST API, it has never been easier to ensure your build logs are always being watched.\n
\n\n\'',NULL,365515),('2_Friday','13','12:00','13:55','Y','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'Build Inspector - A modern Javert on the trail of CI/CD Anomalies and Intruders\'','\'Jeremy Banker\'','DL_3fa5bf576ed2a8f956b9a4a5d905df0c','\'\'',NULL,365516),('2_Friday','12','12:00','13:55','N','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'CNAPPGoat\'','\'Igal Gofman,Noam Dahan\'','DL_86db348e39ff790d1c2bbcacd05453ca','\'Title: CNAPPGoat
\nWhen: Friday, Aug 11, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Accord Boardroom - Demo Labs - Map
\nSpeakers:Igal Gofman,Noam Dahan
\n
SpeakerBio:Igal Gofman\n
\nIgal Gofman is a Head of Security Research at Ermetic. Igal has a proven track record in cloud security, network security, research-oriented development, and threat intelligence. His research interests include cloud security, operating systems, and active directory. Prior to Ermetic Igal worked at Microsoft, XM-Cyber, and Check Point Software Technologies. Igal has spoken at various leading security conferences including Black Hat and DEF-CON.
\nTwitter: @IgalGofman
\n
SpeakerBio:Noam Dahan\n, Senior Security Researcher at Ermetic
\nNoam Dahan is a Senior Security Researcher at Ermetic with several years of experience in embedded security. He is a graduate of the Talpiot program at the Israel Defense Forces and spent several years in the 8200 Intelligence Corps. Noam was a competitive debater and is a former World Debating Champion. He is also a former speaker at Black Hat USA, DEF CON DemoLabs, Cloud Village and fwd:cloudsec.
\nTwitter: @NoamDahan
\n\n
\nDescription:
\nCNAPPGoat is a multi-cloud vulnerable-by-design environment deployment tool – it deploys vulnerable environments to various cloud service providers, so that offensive professionals and pentesters can practice exploiting them and defenders can practice detection and prevention. CNAPPGoat is an extensible modular tool that deploys environments with more complex scenarios - vulnerable VMs, multi-stage lateral movement attacks, IaC misconfigurations, and vulnerable IAM misconfigurations.\n
\n\n\'',NULL,365517),('2_Friday','13','12:00','13:55','Y','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'CNAPPGoat\'','\'Igal Gofman,Noam Dahan\'','DL_86db348e39ff790d1c2bbcacd05453ca','\'\'',NULL,365518),('2_Friday','12','12:00','13:55','N','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'Dracon\'','\'Spyros Gasteratos\'','DL_886fe85139f0004517ae40e9a1afbca0','\'Title: Dracon
\nWhen: Friday, Aug 11, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Accord Boardroom - Demo Labs - Map
\n
SpeakerBio:Spyros Gasteratos\n
\nSpyros is a Security Engineer with over a decade of experience in various organisations. Currently, he is helping Fintechs mature their AppSec programmes through automation. He maintains several Open Source projects including Dracon, opencre.org and others. Also, he is heavily involved with the OWASP foundation helping with outreach and diversity efforts.
\nTwitter: @0xfde
\n\n
\nDescription:
\nDracon is an open-source Application and Cloud security automation framework that helps organizations create security workflows and improve their security posture. Dracon can run a wide range of security tools against any target, and it can deduplicate and enrich the results of those tools with contextual or regulatory information. Dracon can then send the enriched results to any visualization or data processing tool. Here are some of its key features: Automated security workflows: Dracon can automate the execution of security tools and the aggregation of results, which saves both time and effort. Scalable and flexible: Dracon is both scalable and flexible with a wide array of existing integrations and more on the way, Dracon integrates seamlessly with any exisitng toolset. Open source: Dracon is open-source platform, which means that it is free to use and modify.\n
\n\n\'',NULL,365519),('2_Friday','13','12:00','13:55','Y','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'Dracon\'','\'Spyros Gasteratos\'','DL_886fe85139f0004517ae40e9a1afbca0','\'\'',NULL,365520),('2_Friday','12','12:00','13:55','N','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'Ek47 – Payload Encryption with Environmental Keys\'','\'Kevin “Kent” Clark,Skyler Knecht\'','DL_f61d9899d6c5f57ec0d86b3549548fea','\'Title: Ek47 – Payload Encryption with Environmental Keys
\nWhen: Friday, Aug 11, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Committee Boardroom - Demo Labs - Map
\nSpeakers:Kevin “Kent” Clark,Skyler Knecht
\n
SpeakerBio:Kevin “Kent” Clark\n, Red Team Instructor at BC Security
\nKevin “Kent” Clark is a Security Consultant with TrustedSec and Red Team Instructor with BC Security. His previous work includes Penetration Testing and Red Team Operator, focusing on initial access and active directory exploitation. Kevin contributes to open-source tools such as PowerShell Empire and publishes custom security toolkits such as Badrats and WindowsBinaryReplacements. Kevin authors a cybersecurity blog at https://henpeebin.com/kevin/blog.
\n
SpeakerBio:Skyler Knecht\n
\nSkyler Knecht is a Information Security Specialist who performs a variety of security assessments including, phishing, internal/external penetration tests and red teaming. Skyler Knecht worked as a consultant for three years and has recently pivoted to an internal team at Navy Federal Credit Union. Skyler Knecht is continually researching all fields of study but is primarily focused developing offensive tooling such as command and control frameworks and implants.
\n\n
\nDescription:
\nEk47 is a payload encryptor that leverages user-selected environmental keys associated with a target execution context. In the absence of these environmental keys, Ek47 payloads will not decrypt and execute. This creates a strong resistance to automated/manual analysis and reverse engineering of payloads. Ek47 supports many different environmental keys such as current user, domain, computer name, installed programs, and more. Additionally, Ek47 supports packing payloads of .NET assemblies, unmanaged DLLs, and raw shellcode. Ek47 payloads are themselves .NET assemblies and can be uploaded to disk or executed reflectively via any execute-assembly method. By default, a standard AMSI/ETW bypass is executed before the main payload is executed, but Ek47 makes it easy to add custom bypasses for more advanced evasion functionality. Additional miscellaneous features are provided such as entropy management, PE header stomping, and generation of service executables.\n
\n\n\'',NULL,365521),('2_Friday','13','12:00','13:55','Y','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'Ek47 – Payload Encryption with Environmental Keys\'','\'Kevin “Kent” Clark,Skyler Knecht\'','DL_f61d9899d6c5f57ec0d86b3549548fea','\'\'',NULL,365522),('2_Friday','14','14:00','15:55','N','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'EvilnoVNC: Next-Gen Spear Phishing Attacks\'','\'Joel Gámez Molina\'','DL_51ea7824dcac78391f67480294b86e9a','\'Title: EvilnoVNC: Next-Gen Spear Phishing Attacks
\nWhen: Friday, Aug 11, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Committee Boardroom - Demo Labs - Map
\n
SpeakerBio:Joel Gámez Molina\n
\nSystems administrator with more than ten years of experience, he currently works as a security consultant at Deloitte Touche Tohmatsu, where he develops adversarial simulation exercises (Red Team Operations). Previously, he was Chief Technology Officer (CTO) of the startup Cyberguard. He also teaches courses and masters in ethical hacking, pentesting and PowerShell for high-level organizations and universities. Creator of the blog darkbyte.net and speaker at renowned national and international conferences, such as Black Hat USA (2020/2021) and Black Hat Europe (2022). Programmer of hacking tools in his spare time, he has developed tools of all kinds, such as: AutoRDPwn, Cloudtopolis, EvilnoVNC, Invoke-DNSteal, PyShell or PSRansom among others.
\n\n
\nDescription:
\nEvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection. In addition, this tool allows us to see in real time all of the victim\'s actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords, browsing history and much more.\n
\n\n\'',NULL,365523),('2_Friday','15','14:00','15:55','Y','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'EvilnoVNC: Next-Gen Spear Phishing Attacks\'','\'Joel Gámez Molina\'','DL_51ea7824dcac78391f67480294b86e9a','\'\'',NULL,365524),('2_Friday','12','12:00','13:55','N','DL','Caesars Forum - Society Boardroom - Demo Labs','\'FlowMate\'','\'Florian Haag,Nicolas Schickert\'','DL_ea2a9f8320e39767359106c0ad8ea38d','\'Title: FlowMate
\nWhen: Friday, Aug 11, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Society Boardroom - Demo Labs - Map
\nSpeakers:Florian Haag,Nicolas Schickert
\n
SpeakerBio:Florian Haag\n
\nFlorian Haag is a senior security consultant at usd AG with experience in penetration testing, software security assessments as well as code reviews. He is specialized in penetration tests of thick client applications, leveraging his background in software development to reverse engineer proprietary client applications and network protocols. In previous scientific work, he worked on novel approaches to application-level data flow analysis to improve penetration testing coverage. In addition, he analyzed website clones used in phishing campaigns and the frameworks that are used by fraudsters to create and operate cloned websites.
\n
SpeakerBio:Nicolas Schickert\n
\nNicolas Schickert is security researcher and penetration tester at usd AG, an information security company based in Germany. He is in charge of SAP specific penetration tests at the usd HeroLab. In this role, Nicolas is responsible for the collection of SAP related knowledge and the development of new analysis tools. He is interested in reverse engineering and vulnerability research and has published several zero-day vulnerabilities, not only in the context of SAP.
\n\n
\nDescription:
\nImagine pentesting a large web application with hundreds of pages and forms, as well as user roles and tenants. You discover that your chosen username is reflected in many locations inside the application, but you don\'t have a detailed overview. You want to test whether the chosen username is handled properly or allows for injection attacks, such as Cross-Site Scripting or Server-Site Template Injection. Now you face the challenge of finding all locations where your payloads appear when injecting into the username. In large applications, you\'ll likely miss some, potentially leaving vulnerabilities undetected. This is where FlowMate comes into play, our novel tool to detect data flows in applications for enhanced vulnerability assessments. FlowMate consists of two components: A BurpSuite plugin and a data flow graph based on Neo4j. It records inputs to the application as you go through the pages exploring the application and searches for occurrences of the captured inputs in the responses. This results in a graph that can be visualized and searched for parameters of interest and where they\'re occurring on the site. Understanding the data flows of an application helps to significantly improve the test coverage and bring your pentesting to the next level.\n
\n\n\'',NULL,365525),('2_Friday','13','12:00','13:55','Y','DL','Caesars Forum - Society Boardroom - Demo Labs','\'FlowMate\'','\'Florian Haag,Nicolas Schickert\'','DL_ea2a9f8320e39767359106c0ad8ea38d','\'\'',NULL,365526),('2_Friday','14','14:00','15:55','N','DL','Caesars Forum - Society Boardroom - Demo Labs','\'Glyph\'','\'Corey Hartman\'','DL_b9b2703467e5db2ed8d971247acc3be3','\'Title: Glyph
\nWhen: Friday, Aug 11, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Society Boardroom - Demo Labs - Map
\n
SpeakerBio:Corey Hartman\n
\nCorey Hartman served 6 years active duty in the United States Air Force, later obtaining a Bachelor of Science degree in Software Development, and a Master of Science degree in Computer Science. Corey is now a student at Dakota State University pursuing a PhD in Cyber Operations with his dissertation focused on behavioral analysis of malware through machine learning, and works as a software developer and reverse engineer out of San Antonio, Texas.
\n\n
\nDescription:
\nReverse engineering is an important task performed by security researchers to identify vulnerable functions and malicious functions in IoT (Internet of Things) devices that are often shared across multiple devices of many system architectures. Common techniques to currently identify the reuse of these functions do not perform cross-architecture identification unless specific data such as unique strings are identified that may be of use in identifying a piece of code. Utilizing natural language processing techniques, Glyph allows you to upload an ELF binary (32 & 64 bit) for cross-architecture function fingerprinting, upon analysis, a web-based function symbol table will be created and presented to the user to aid in their analysis of binary executables/shared objects.\n
\n\n\'',NULL,365527),('2_Friday','15','14:00','15:55','Y','DL','Caesars Forum - Society Boardroom - Demo Labs','\'Glyph\'','\'Corey Hartman\'','DL_b9b2703467e5db2ed8d971247acc3be3','\'\'',NULL,365528),('3_Saturday','14','14:00','15:55','N','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'HardHat Command & Control Framework\'','\'Jonathan Owens\'','DL_d324f4c887ec648ffa088a2cbbbd3c5d','\'Title: HardHat Command & Control Framework
\nWhen: Saturday, Aug 12, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Committee Boardroom - Demo Labs - Map
\n
SpeakerBio:Jonathan Owens\n
\nJonathan Owens is a red team operator on the Adversary Simulation team at SpecterOps, where he conducts advanced offensive engagements, such as red teaming exercises, penetration tests, and tool creation. He enjoys C# development and learning new programming languages with a specific focus on command & control framework and agent development. He maintains a tool repo at https://github.com/dragoqcc.
\n\n
\nDescription:
\nHardHat is a multi-platform, multi-user, .NET command and control framework written in C# designed to aid in red team operations and penetration testing. HardHat aims to improve the quality-of-life of operators by providing an easy-to-use but formidable C2 framework by incorporating robust features, ease of data access, and modern UI upgrades to a high-level language that is easily extensible.\n
\n\n\'',NULL,365529),('3_Saturday','15','14:00','15:55','Y','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'HardHat Command & Control Framework\'','\'Jonathan Owens\'','DL_d324f4c887ec648ffa088a2cbbbd3c5d','\'\'',NULL,365530),('3_Saturday','14','14:00','15:55','N','DL','Caesars Forum - Society Boardroom - Demo Labs','\'ICS Forensics tool\'','\'Maayan Shaul,Ori Perez\'','DL_816a0f91af44457c595c97a07b69df3a','\'Title: ICS Forensics tool
\nWhen: Saturday, Aug 12, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Society Boardroom - Demo Labs - Map
\nSpeakers:Maayan Shaul,Ori Perez
\n
SpeakerBio:Maayan Shaul\n
\nMaayan Shaul is a Malware Analyst and Security Researcher in Section52 at Microsoft Defender for IoT (formerly CyberX). Experienced in the fields of malware analysis, reverse engineering and the IoT/OT landscape.
\n
SpeakerBio:Ori Perez\n
\nOri Perez is a Malware Analyst and Reverse Engineer with vast experience in dealing with Nation-sponsored cyber attacks as an ex-officer at the IDF\'s CERT. Ori is manager at Microsoft Defender for IoT research team (formerly CyberX) and research IoT/OT protocol research for IoT/OT tools .
\n\n
\nDescription:
\nMicrosoft ICS Forensics Tools is an open source forensic toolkit for analyzing Industrial PLC metadata and project files. Microsoft ICS Forensics Tools enables investigators to identify suspicious artifacts on ICS environment for detection of compromised devices during incident response or manual check. Microsoft ICS Forensics Tools is open source, which allows investigators to verify the actions of the tool or customize it to specific needs, currently support Siemens S7 via Snap7.\n
\n\n\'',NULL,365531),('3_Saturday','15','14:00','15:55','Y','DL','Caesars Forum - Society Boardroom - Demo Labs','\'ICS Forensics tool\'','\'Maayan Shaul,Ori Perez\'','DL_816a0f91af44457c595c97a07b69df3a','\'\'',NULL,365532),('2_Friday','10','10:00','11:55','N','DL','Caesars Forum - Society Boardroom - Demo Labs','\'Katalina\'','\'Gabi Cirlig\'','DL_c2648a6ced3a8c15b4794a600e36b7b0','\'Title: Katalina
\nWhen: Friday, Aug 11, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Society Boardroom - Demo Labs - Map
\n
SpeakerBio:Gabi Cirlig\n
\nSoftware developer turned rogue, Gabriel went from developing apps for small businesses to 2M+ DAU Facebook games while keeping an eye for everything shiny and new. For a couple of years he has shifted gears and started his career as a security researcher at HUMAN Security while speaking at various conferences showcasing whatever random stuff he hacked. With a background in electronics engineering and various programming languages, Gabi likes to dismantle and hopefully put back whatever he gets his hands on.
\n\n
\nDescription:
\nAndroid malware has long relied on basic string obfuscation techniques to make analysts suffer while reversing it. The current state of the art in mass string deobfuscation relies on two techniques. One of them is executing the sample and hoping to get some hits on the methods with the interesting strings, while the other is forking big bucks for some well known tools in the industry. Both the workload and the financial impact of these methods can severely impact an independent researcher\'s ability to tackle modern Android malware. My solution is simple: build an environment that can execute Android bytecode one instruction at a time. While the approach is not new (Unicorn comes to mind), there is no such tool available for the Android ecosystem. This allows researchers to speed up their reversing efforts and tackle more intricate and advanced malware with ease.\n
\n\n\'',NULL,365533),('2_Friday','11','10:00','11:55','Y','DL','Caesars Forum - Society Boardroom - Demo Labs','\'Katalina\'','\'Gabi Cirlig\'','DL_c2648a6ced3a8c15b4794a600e36b7b0','\'\'',NULL,365534),('3_Saturday','12','12:00','13:55','N','DL','Caesars Forum - Society Boardroom - Demo Labs','\'Kraken, a modular multi-language webshell for defense evasion\'','\'Raul Caro\'','DL_4c2af922267ff46194d63efa8a6e8e8e','\'Title: Kraken, a modular multi-language webshell for defense evasion
\nWhen: Saturday, Aug 12, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Society Boardroom - Demo Labs - Map
\n
SpeakerBio:Raul Caro\n
\nRaul Caro Teixido (OSCP, CRTE) is an Offensive Security Engineer at Telefonica Tech. He is the co-author of Mistica (your friendly data smuggler) presented in BlackHat Arsenal USA 2020, and the creator of Kraken (a modular multi-language webshell).
\n\n
\nDescription:
\nKraken is a modular multi-language webshell focused on web post-exploitation and defense evasion. It supports three technologies (PHP, JSP and ASPX) and its core is developed in Python. Kraken follows the principle of \"avoiding command execution\" by re-implementing it through the functionalities of the programming language in use. Kraken seeks to provide usability, scalability and improve the OPSEC of ongoing operations.\n
\n\n\'',NULL,365535),('3_Saturday','13','12:00','13:55','Y','DL','Caesars Forum - Society Boardroom - Demo Labs','\'Kraken, a modular multi-language webshell for defense evasion\'','\'Raul Caro\'','DL_4c2af922267ff46194d63efa8a6e8e8e','\'\'',NULL,365536),('3_Saturday','10','10:00','11:55','N','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'Lambda Looter\'','\'Doug Kent,Rob Ditmer\'','DL_23b28104c0c3398f67f4624a6c5474a2','\'Title: Lambda Looter
\nWhen: Saturday, Aug 12, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Accord Boardroom - Demo Labs - Map
\nSpeakers:Doug Kent,Rob Ditmer
\n
SpeakerBio:Doug Kent\n
\nDoug has worked at State Farm for about 20 years. Working on mostly security technologies ranging from Active Directory, PKI, Endpoint protection and finally landing recently on the Pen Testing team. Doug has a passion for identifying vulnerabilities and partnering with control solution teams to protect State Farm data and fulfill our promise to customers. He strives to help others with offensive security skills by providing training, guidance, and kill chain demonstrations.
\n
SpeakerBio:Rob Ditmer\n
\nRob has been on the State Farm PenTesting Team for 2 years. Prior to his time at State Farm, he has worked with various other companies as a penetration testing consultant – enabling him to experience a wide range of technologies and their differing implementations. Rob enjoys the challenge of developing tools and infrastructure to better the skills and abilities of the PenTesting team, ultimately to better the protections around State Farm data.
\n\n
\nDescription:
\nOrganizations can have thousands of lines of code that are stored in Lambda on AWS. This application was built to help reduce the amount of time it takes to review that code. On our last Pen Test, we had so much Lambda code to review it was impossible to parse through all of it in the short amount of time assigned to our test. This lack of time created a necessity to automate the review of that lambda code for secrets. Lambda Looter will take a list of profiles and scan through them and download the code you have access to and then process that code for secrets, outputting any potential secrets to a loot directory. Even though this tool can generate a number of false positives it makes looking for secrets much faster than scanning the code manually.\n
\n\n\'',NULL,365537),('3_Saturday','11','10:00','11:55','Y','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'Lambda Looter\'','\'Doug Kent,Rob Ditmer\'','DL_23b28104c0c3398f67f4624a6c5474a2','\'\'',NULL,365538),('3_Saturday','10','10:00','11:55','N','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'Lupo: Malware IOC Extractor\'','\'Vishal Thakur\'','DL_784b644c83186e62a41809e06c68688d','\'Title: Lupo: Malware IOC Extractor
\nWhen: Saturday, Aug 12, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Caucus Boardroom - Demo Labs - Map
\n
SpeakerBio:Vishal Thakur\n
\nVishal Thakur has worked in the information security industry for many years in hands-on technical roles, specializing in Incident Response with a heavy focus on Emerging Threats, Malware Analysis and Research. He has presented his research at international conferences (BlackHat, FIRST, SANS DFIR Summit) and has also run training/workshops at BlackHat and FIRST Conference. Vishal is currently working as Manager, Threat Operations Center at Huntress. In past roles, Vishal worked as a Senior Researcher at Salesforce, helping their Incident Response Centre with advanced threat analysis and developing DFIR tools and has been a part of the Incident Response team at the Commonwealth Bank of Australia.
\n\n
\nDescription:
\nLupo is a dynamic analysis tool that can be used as a module with the debugger.\n
\n\n\'',NULL,365539),('3_Saturday','11','10:00','11:55','Y','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'Lupo: Malware IOC Extractor\'','\'Vishal Thakur\'','DL_784b644c83186e62a41809e06c68688d','\'\'',NULL,365540),('2_Friday','14','14:00','15:55','N','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'OpenSSF Scorecard\'','\'Naveen Srinivasan,Neil Naveen\'','DL_bac2503015c2c68d7f90c453fee7d59f','\'Title: OpenSSF Scorecard
\nWhen: Friday, Aug 11, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Caucus Boardroom - Demo Labs - Map
\nSpeakers:Naveen Srinivasan,Neil Naveen
\n
SpeakerBio:Naveen Srinivasan\n
\nNaveen Srinivasan is a contributor and maintainer of multiple http://github.com/ossf/ projects, a member and contributor to the http://github.com/sigstore organization. His contributions have earned him recognition with Google Peer Bonus awards in 2021 https://twitter.com/snaveen/status/1422921438764453897 and 2022 https://twitter.com/snaveen/status/1563194155333222400. He has consistently contributed to the open-source community for an extended period, with no gaps in activity for the past two years. In addition to his technical contributions, He is a sought-after speaker at conferences, discussing topics related to supply chain security and mitigating risks in open-source software. He can be found on Twitter (@Naveen_Srini) at https://twitter.com/Naveen_Srini_
\nTwitter: @Naveen_Srini_
\n
SpeakerBio:Neil Naveen\n
\nNeil Naveen is an 8th grader in the US who is passionate about jiu-jitsu, solving Leetcode puzzles, and book author. OSS contributor.
\n\n
\nDescription:
\nIntroducing Scorecard, an innovative open-source tool designed to secure the software supply chain by scanning over 1.2 million GitHub repositories for potential security risks. Scorecard automates the process of evaluating a project\'s adherence to security best practices, assigning a score based on the results. The scores and detailed analysis are readily accessible via a comprehensive API (https://api.securityscorecards.dev), empowering developers to easily integrate security checks into their workflows. Additionally, Scorecard provides a CLI for individual use and a GitHub action that allows repository owners to continuously monitor and improve their project\'s security posture. Whether you\'re a seasoned developer or an open-source enthusiast, Scorecard gives you the power to make the software supply chain safer for everyone.\n
\n\n\'',NULL,365541),('2_Friday','15','14:00','15:55','Y','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'OpenSSF Scorecard\'','\'Naveen Srinivasan,Neil Naveen\'','DL_bac2503015c2c68d7f90c453fee7d59f','\'\'',NULL,365542),('2_Friday','14','14:00','15:55','N','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'OWASP crAPI: Completely Ridiculous API\'','\'Jayesh Ahire,Roshan Piyush\'','DL_cbdc753f5d6b31b6c306bf9ff495332f','\'Title: OWASP crAPI: Completely Ridiculous API
\nWhen: Friday, Aug 11, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Accord Boardroom - Demo Labs - Map
\nSpeakers:Jayesh Ahire,Roshan Piyush
\n
SpeakerBio:Jayesh Ahire\n
\nJayesh Ahire is a passionate security professional and open-source contributor with a strong background in application and API security. They have experience working with numerous organizations to design and implement secure API architectures and integrate security practices into their development processes. Jayesh has been actively involved in the OWASP community and enjoys sharing their knowledge through presentations, workshops, and mentorship.
\n
SpeakerBio:Roshan Piyush\n
\nRoshan Piyush is Security Research Engineer, solving API Security using the powers of Machine Learning and Distributed Tracing. He has 8+ years of research experience mainly focusing on API Security for the last 5+ years. He loves building security stacks, tools, and solutions. He is also a core member of the Owasp Coraza WAF team and a leader of the Owasp crAPI project.
\n\n
\nDescription:
\nOWASP crAPI is an intentionally vulnerable API designed to teach and demonstrate common API security flaws. It serves as a playground for security enthusiasts, developers, and penetration testers to learn about API vulnerabilities and practice exploiting them in a safe environment. This Demo Lab will showcase the use of crAPI for educational purposes, including how to set it up, identify vulnerabilities, and apply secure API development best practices.\n
\n\n\'',NULL,365543),('2_Friday','15','14:00','15:55','Y','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'OWASP crAPI: Completely Ridiculous API\'','\'Jayesh Ahire,Roshan Piyush\'','DL_cbdc753f5d6b31b6c306bf9ff495332f','\'\'',NULL,365544),('3_Saturday','12','12:00','13:55','N','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'Pcapinator: Rise of the PCAP Machines\'','\'Henry Hill,Mike \"d4rkm4tter\" Spicer\'','DL_1a547f52202069cc129b1a7989a80551','\'Title: Pcapinator: Rise of the PCAP Machines
\nWhen: Saturday, Aug 12, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Unity Boardroom - Demo Labs - Map
\nSpeakers:Henry Hill,Mike \"d4rkm4tter\" Spicer
\n
SpeakerBio:Henry Hill\n
\nHenry Hill is an expert with computer hardware and is able to design and build the most bleeding edge systems that are the fastest in the world. His internal knowledge of architecture and system bottlenecks help him build systems capable of extreme processing and even faster storage. Henry is also an expert with mechanical engineering and fabrication. When his modifications aren’t appearing in d4rkm4tter’s projects, they can be seen in his race car at the track.
\n
SpeakerBio:Mike \"d4rkm4tter\" Spicer\n
\nMike Spicer, known as d4rkm4tter, is a cybersecurity expert and innovative hacker with an affinity for pushing the boundaries of both hardware and software. With an unquenchable curiosity for all things wireless, Mike\'s passions have propelled him to build and explore much of the wireless spectrum. Armed with a degree in computer science, Mike has harnessed his skills to build and break a diverse range of systems. His expertise covers web application penetration testing, wireless monitoring and tracking, and reverse engineering. As the designer of the renowned #WiFiCactus, Mike has brought his projects from idea to reality in the cybersecurity world. His unique take on wireless has garnered significant attention, where he has presented and demonstrated his work at conferences such as BlackHat, DEF CON and others around the world.
\n\n
\nDescription:
\nPcapinator is a powerful and versatile network analysis tool that combines the strengths of TShark and Python to provide comprehensive and efficient packet deconstruction into a format usable for further analysis. Inspired by the Terminator, Pcapinator is designed to relentlessly analyze, decode, and filter network packets using all of the resources a system makes available to it, making it a formidable asset for diving deep into PCAPs. Leveraging the robust capabilities of Wireshark’s TShark tool, Pcapinator parses and extracts vital information from pcap files, while Python\'s extensive libraries and scripts offer advanced processing and automation options. Pcapinator is built to handle extremely large PCAP files, search for anomalies in those files, and uncover the hard-to-find information in network traffic, making it an essential tool for PCAP analysis.\n
\n\n\'',NULL,365545),('3_Saturday','13','12:00','13:55','Y','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'Pcapinator: Rise of the PCAP Machines\'','\'Henry Hill,Mike \"d4rkm4tter\" Spicer\'','DL_1a547f52202069cc129b1a7989a80551','\'\'',NULL,365546),('3_Saturday','14','14:00','15:55','N','DL','Caesars Forum - Council Boardroom - Demo Labs','\'ProjectDiscovery Nuclei\'','\'Brendan O\'Leary,Pj Metz\'','DL_d46a0257b0758025b25db49eaa87fba8','\'Title: ProjectDiscovery Nuclei
\nWhen: Saturday, Aug 12, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Council Boardroom - Demo Labs - Map
\nSpeakers:Brendan O\'Leary,Pj Metz
\n
SpeakerBio:Brendan O\'Leary\n
\nBrendan O\'Leary is Head of Community at ProjectDiscovery, on a mission to democratize security, and an advisor to various startups. Having worked in software his entire career, Brendan has had the privilege of working with many customers. Previously at GitLab and a board member of the CNCF – it is clear, every company is a software company. That means every company needs software and security operational excellence. Outside of work, you\'ll find Brendan with 1 to 4 kids hanging off of him at any given time or occasionally finding a moment alone to build something in his workshop.
\n
SpeakerBio:Pj Metz\n
\nPj Metz is Developer Community Manager at ProjectDiscovery and former Education Evangelist at GitLab. Before that, he was a High School English teacher for 11 years, making the transition into tech in 2021. Pj brought his passion for education to his roles at GitLab and ProjectDiscovery and is always excited to present, chat, or discuss DevRel, security, and the importance of open source work. Pj loves 80\'s music and 90\'s internet culture.
\n\n
\nDescription:
\nNuclei is used to send requests across targets based on a YAML template, leading to fewer false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. Nuclei is a valuable tool for bug bounty hunters, pen testers, developers looking to add more security into their CI/CD pipelines, and more.\n
\n\n\'',NULL,365547),('3_Saturday','15','14:00','15:55','Y','DL','Caesars Forum - Council Boardroom - Demo Labs','\'ProjectDiscovery Nuclei\'','\'Brendan O\'Leary,Pj Metz\'','DL_d46a0257b0758025b25db49eaa87fba8','\'\'',NULL,365548),('3_Saturday','12','12:00','13:55','N','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'Red Wizard: user-friendly Red Teaming infrastructure\'','\'Ben Brücker\'','DL_54bb626e86398dd3ea23b863e90f7efb','\'Title: Red Wizard: user-friendly Red Teaming infrastructure
\nWhen: Saturday, Aug 12, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Committee Boardroom - Demo Labs - Map
\n
SpeakerBio:Ben Brücker\n
\nBen, Secura\'s Red Teaming lead, has more than 9 years of experience in the field. With a strong passion for Social Engineering, he enjoys employing initial access techniques and has played a pivotal role in creating Secura\'s user friendly and OPSEC-safe Red Teaming infrastructure. In addition to his Red Teaming responsibilities, Ben also serves as a trainer for various courses and frequently shares his expertise as a public speaker at conferences. Having gained invaluable knowledge from the infosec community, he now aims to contribute back by open sourcing a number of tools and delivering presentations at conferences.
\n\n
\nDescription:
\nIn this demo I will introduce our new open-source tool called Red Wizard. Red Wizard is the result of years of spinning up repeatable infrastructures for Red Teaming operations. It automates a comprehensive infrastructure deployment with redirectors, backend systems, phishing relays, OSINT machines etcetera. But made easy by providing wizards that walk you through the deployments. Additionally, the infrastructure is self-documenting, making the sharing of all relevant details to your team of operators a breeze. The tool is build to make sure to provide you with a resilient setup that is OPSEC-safe. By retrieving all critical key material from the deployed servers, you will be able to rebuild and keep receiving your shells even if one of your servers crashes and burns. The technology used for Red Wizard is mainly based on Ansible and Docker.\n
\n\n\'',NULL,365549),('3_Saturday','13','12:00','13:55','Y','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'Red Wizard: user-friendly Red Teaming infrastructure\'','\'Ben Brücker\'','DL_54bb626e86398dd3ea23b863e90f7efb','\'\'',NULL,365550),('3_Saturday','14','14:00','15:55','N','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'RuleProcessorY & Gramify - Rule Optimization & Password Analysis tools\'','\'Niels Loozekoot\'','DL_3aa6297fd2b68648ace6f8e9372f34e5','\'Title: RuleProcessorY & Gramify - Rule Optimization & Password Analysis tools
\nWhen: Saturday, Aug 12, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Caucus Boardroom - Demo Labs - Map
\n
SpeakerBio:Niels Loozekoot\n
\nWorking as Pentester Niels has an extensive background in the security field. Niels has a background in web-development and knows his way around C, C++, C#, and Python and is active in the password cracking/research communities of Hashcat, Hashkiller, and HashMob. Winning in the CrackTheCon password cracking contest, and achieving 3rd place in both the CrackMeIfYouCan 2021 & 2022.
\n\n
\nDescription:
\nThe RuleProcessorY and Gramify tools are new tools that support password-cracking efforts. RuleProcessorY offers a method of optimizing hashcat rule-files so that you can prevent duplicates across multiple attacks better, leading to a shorter runtime. Additionally it can process rules as hashcat would with an additional support for multi-byte/multi-character rules (inserts & replace primarily). Gramify offers an easy method to create base words and candidates to utilize with wordlist and combination attacks by splitting data by words, characters, or character-set. This can help with password phrases, quotes, sentences, combinator attacks, and extracting base-words from passwordlists.\n
\n\n\'',NULL,365551),('3_Saturday','15','14:00','15:55','Y','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'RuleProcessorY & Gramify - Rule Optimization & Password Analysis tools\'','\'Niels Loozekoot\'','DL_3aa6297fd2b68648ace6f8e9372f34e5','\'\'',NULL,365552),('3_Saturday','10','10:00','11:55','N','DL','Caesars Forum - Council Boardroom - Demo Labs','\'Saturday\'','\'Joshua Herman\'','DL_db30ab8701e179929f9b47feff6a9c68','\'Title: Saturday
\nWhen: Saturday, Aug 12, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Council Boardroom - Demo Labs - Map
\n
SpeakerBio:Joshua Herman\n
\nI am a release engineer specializing in compliance of information security vendors for post trade currencies. Previously I was a software engineer with experience with distributed computing and UI / UX using Python and Javascript in the same department . I have a decade of professional experience in software engineering in various industries such as insurance, CRM, Trade Show applications, recommender systems and cryptocurrency . I also have contributions to open source projects such as CPython documentation, triaging and features.
\n\n
\nDescription:
\nThis tool is a digital assistant that helps you hack. Under the hood it uses langchain (a way to augment LLMss) that currently uses an SMS / MMS / Phone interface that will allow for basic information retrieval tasks (google search, searching shodan, google places) and has the goal of doing complex offensive and defensive security tasks using anything from a dumb phone to a smartphone. It is preprogramed with tools that it can intelligently use to accomplish certain tasks such as performing a search on shodan given an IP address.\n
\n\n\'',NULL,365553),('3_Saturday','11','10:00','11:55','Y','DL','Caesars Forum - Council Boardroom - Demo Labs','\'Saturday\'','\'Joshua Herman\'','DL_db30ab8701e179929f9b47feff6a9c68','\'\'',NULL,365554),('2_Friday','12','12:00','13:55','N','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'Shufflecake, AKA Truecrypt on Steroids for Linux\'','\'Elia Anzuoni,Tommaso \"tomgag\" Gagliardoni\'','DL_0afbcea1b8536d02702b05fc432dcb82','\'Title: Shufflecake, AKA Truecrypt on Steroids for Linux
\nWhen: Friday, Aug 11, 12:00 - 13:55 PDT
\nWhere: Caesars Forum - Unity Boardroom - Demo Labs - Map
\nSpeakers:Elia Anzuoni,Tommaso \"tomgag\" Gagliardoni
\n
SpeakerBio:Elia Anzuoni\n
\nElia: is a junior computer scientist and cryptographer. He recently obtained a joint M.Sc. in Cybersecurity from the Swiss universities EPFL and ETHZ. Among his relevant works, he conducted a 6-month project to refine and implement a decentralised MPC scheme based on the quantum-resistant BFV cryptosystem; as part of his first internship, he implemented a FIDO2 authenticator in a USB mouse\'s firmware; for his Master\'s Thesis (conducted as an internship at the cybersecurity company Kudelski Security), he devised a novel scheme for plausibly-deniable storage and implemented it as a kernel module for Linux. Since his graduation, he has developed an interest for blockchain technologies, especially in the Ethereum ecosystem, which has led him to delve into the vast landscape of peculiar pitfalls surrounding DeFi and Smart Contract development. He is now on a leap year, wandering around the globe with a big backpack full of dreams and t-shirts.
\n
SpeakerBio:Tommaso \"tomgag\" Gagliardoni\n
\nTommaso \"tomgag\" Gagliardoni: researcher in cryptography, privacy and security. Mathematician, cryptographer, and quantum security expert, Tommaso published influential peer-reviewed papers and spoke at many international conferences in cryptography, privacy and security (among others: CRYPTO, EUROCRYPT, ASIACRYPT, Black Hat Europe). As a subject expert, he serves as a Program Committee member at academic conferences, and collaborates with public and private institutions and official agencies in the context of legislation, international treaties and agreements on emerging technologies. Expert in blockchain and DeFi, Tommaso has performed cryptographic code audits for clients such as Binance, Coinbase, ING, Swiss Post. Additionally, he has a background in privacy hacktivism, investigative journalism, and ethical hacking, speaking at venues such as the International Journalism Festival and the E-Privacy Meeting, and being a strong advocate of the FOSS philosophy and digital freedoms. Tommaso obtained an M.Sc. in Mathematics at the University of Perugia, Italy, and a PhD at the Technical University of Darmstadt, Germany. He worked at IBM Research Zurich before joining Swiss-American cybersecurity company Kudelski Security in 2019, where he is currently technical leader for the initiatives in advanced cryptography services and quantum security. In his free time, Tommaso pursues his hobby of building tools and practices to escape the global surveillance dragnet.
\n\n
\nDescription:
\nShufflecake is a FOSS tool for Linux that allows creation of multiple hidden volumes on a storage device in such a way that it is very difficult, even under forensic inspection, to prove the existence of such volumes without the right password(s). You can consider Shufflecake a \"spiritual successor\" of tools such as Truecrypt and Veracrypt, but vastly improved: it works natively on Linux, it supports any filesystem of choice, and can manage multiple nested volumes per device, so to make deniability of the existence of these partitions really plausible.\n
\n\n\'',NULL,365555),('2_Friday','13','12:00','13:55','Y','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'Shufflecake, AKA Truecrypt on Steroids for Linux\'','\'Elia Anzuoni,Tommaso \"tomgag\" Gagliardoni\'','DL_0afbcea1b8536d02702b05fc432dcb82','\'\'',NULL,365556),('2_Friday','10','10:00','11:55','N','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'Strix Interceptor\'','\'Lexie Thach\'','DL_da43de72e1b5b4fcd788cbe33363dfc5','\'Title: Strix Interceptor
\nWhen: Friday, Aug 11, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Unity Boardroom - Demo Labs - Map
\n
SpeakerBio:Lexie Thach\n
\nLexie Thach is a dedicated cybersecurity professional who has spent nearly a decade honing her skills in various roles within the industry. Throughout her journey, she has had the privilege of gaining invaluable experience in diverse cybersecurity domains, including ICS/SCADA and avionics security. Driven by an insatiable thirst for knowledge, Lexie has developed a genuine passion for electrical engineering, programming, and robotics engineering, despite not having a conventional academic background. She is currently working towards completing her studies, constantly striving to expand her knowledge and capabilities.Lexie\'s journey began at a young age when she made the decision to serve her country in the US Airforce. For a period of eight years, she had the opportunity to contribute her expertise in cyber security and tactical networks for aircraft missions and operations. It was during this time that she was exposed to the complexities of intercepting aircraft, particularly drones, and learned valuable lessons from observing the tactics and techniques employed by state actors, hacker groups, and organizations. Drawing from her diverse experiences and the challenges she faced, Lexie has embarked on projects centered around securing and assessing the security of autonomous systems. Her passion is rooted in the desire to share the techniques she has learned and to contribute to the advancement of secure autonomous systems.
\n\n
\nDescription:
\nThe development of unmanned aerial vehicles (UAVs) has revolutionized data collection, but security challenges have emerged. In response, Strix is a security testing UAV designed to intercept other UAVs in flight while adhering to legal limitations. It utilizes software analysis to detect and track unauthorized UAVs, predicting their flight path without compromising itself. Strix also encompasses ground-based support systems for enhanced mission effectiveness. The ground-based robots and drones can perform tasks such as reconnaissance, target identification, and data analysis to enhance the effectiveness of Strix\'s mission.The drone can detect RF anti-drone systems and, if identified, utilize multi-RF spoofing technology to disrupt or block their signals. This allows Strix to enter protected airspace undetected, while staying within legal bounds when required. Strix was designed to identify other UAVs and attempt to jam or possibly control their signals to their flight operators. Its hardware includes sensors, a robust communication system, and the Pixhawk autonomous flight module, which provides open-source flexibility and customization options.Strix\'s small and agile design enables high-speed flight and maneuverability in confined spaces. Advanced encryption ensures data security during collection and transmission. As an open-source project, Strix encourages customization and collaboration, making it an invaluable tool for securing airspace and mitigating UAV threats. Its interception capabilities and defensive measures, including multi-RF spoofing, contribute to UAV-driven security systems while respecting legal considerations. This makes it a powerful tool for securing airspace and preventing unauthorized UAVs from posing a threat. Its ability to detect and intercept UAVs in flight, coupled with its defensive capabilities against anti-drone systems, including the ability to employ multi-RF spoofing technology, makes Strix an essential component of any security system that relies on UAVs for data collection and analysis. Strix aims to showcase the potential of UAVs in a lawful and responsible manner, promoting safety, innovation, and ethical practices within the drone industry.\n
\n\n\'',NULL,365557),('2_Friday','11','10:00','11:55','Y','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'Strix Interceptor\'','\'Lexie Thach\'','DL_da43de72e1b5b4fcd788cbe33363dfc5','\'\'',NULL,365558),('2_Friday','10','10:00','11:55','N','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'SucoshScanny\'','\'Mustafa Bilgici,Tibet Öğünç\'','DL_803322e38b5fc93187659b12c74c4ffd','\'Title: SucoshScanny
\nWhen: Friday, Aug 11, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Caucus Boardroom - Demo Labs - Map
\nSpeakers:Mustafa Bilgici,Tibet Öğünç
\n
SpeakerBio:Mustafa Bilgici\n
\nMustafa Bilgici has been doing cyber security and application security research for 4 years. It conducted vulnerabilities in many applications and reported these vulnerabilities to companies. He also works as a cyber security researcher and developer in various cyber security companies.
\n
SpeakerBio:Tibet Öğünç\n
\nTibet ÖÄŸünç has been doing cyber security and application security research for 4 years and has discovered vulnerabilities in many web applications and helped organizations to protect themselves from attackers. As a developer in web coding languages such as Node Js., Python, Php Javascript, he works as a software developer and team leader for the development of many products.
\n\n
\nDescription:
\nSucoshScan is a automated open source SAST(Static Application Security Testing) framework. It’s can detect a lot of vulnerability(RCE,SSTI,Insecure Deserilisation,SSRF,SQLI,CSRF etc.) in given source code.For now, only the detection modules of python(flask,django) and nodejs(express js.) languages are finished. In the future, specific detection functions will be written for php (Laravel, Codeigniter), .NET, Go languages.\n
\n\n\'',NULL,365559),('2_Friday','11','10:00','11:55','Y','DL','Caesars Forum - Caucus Boardroom - Demo Labs','\'SucoshScanny\'','\'Mustafa Bilgici,Tibet Öğünç\'','DL_803322e38b5fc93187659b12c74c4ffd','\'\'',NULL,365560),('2_Friday','10','10:00','11:55','N','DL','Caesars Forum - Council Boardroom - Demo Labs','\'T3SF (Technical TableTop Exercises Simulation Framework)\'','\'Federico Pacheco,Joaquin Lanfranconi\'','DL_37ba7a14c53776d6cf0cee91a5785770','\'Title: T3SF (Technical TableTop Exercises Simulation Framework)
\nWhen: Friday, Aug 11, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Council Boardroom - Demo Labs - Map
\nSpeakers:Federico Pacheco,Joaquin Lanfranconi
\n
SpeakerBio:Federico Pacheco\n
\nFederico - Cybersecurity professional with background in electronics engineering and several industry renowned certifications. 20+ years of teaching experience at the most prestigious universities in Argentina. Published 4 books and several research whitepapers. Has worked for the public and private sector, including regional roles in global companies.
\n
SpeakerBio:Joaquin Lanfranconi\n
\nJoaquin - Offensive cybersecurity professional with extensive programming skills, currently working as Cybersecurity Researcher. He is among the first positions of the Argentinean ranking in the main CTFs platforms, and stands out in the global rankings, besides contributing to the security community by writing posts and write-ups.
\n\n
\nDescription:
\nT3SF is a framework that offers a modular structure for the orchestration of injects from a master scenario events list (MSEL) together with a set of rules defined for each exercise and a configuration that allows defining the parameters of the correspondent platform. The main module performs the communication with the specific module (Discord, Slack, Telegram, WhatsApp, Teams, etc.) which allows the events to be presented in the input channels as messages in the platform. It supports different use cases for single or multiple organizations.\n
\n\n\'',NULL,365561),('2_Friday','11','10:00','11:55','Y','DL','Caesars Forum - Council Boardroom - Demo Labs','\'T3SF (Technical TableTop Exercises Simulation Framework)\'','\'Federico Pacheco,Joaquin Lanfranconi\'','DL_37ba7a14c53776d6cf0cee91a5785770','\'\'',NULL,365562),('2_Friday','10','10:00','11:55','N','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'The Metasploit Framework\'','\'Spencer McIntyre\'','DL_5dc7f971d334eed6776c2b03e7b54f21','\'Title: The Metasploit Framework
\nWhen: Friday, Aug 11, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Committee Boardroom - Demo Labs - Map
\n
SpeakerBio:Spencer McIntyre\n
\nSpencer McIntyre is a Security Research Manager at Rapid7, where he works on the Metasploit Framework. He has been contributing to Metasploit since 2010, a committer since 2014, and a core team member at Rapid7 since 2019. Previously, Spencer worked at a consulting firm working with clients from various industries, including healthcare, energy, and manufacturing. He is an avid open source contributor and Python enthusiast.
\n\n
\nDescription:
\nActive Directory is the foundation of the infrastructure for many organizations. As of 2023, Metasploit has added a wide range of new capabilities and attack workflows to support Active Directory exploitation. This DEF CON demonstration will cover new ways to enumerate information from LDAP, attacking Active Directory Certificate Services (AD CS), leveraging Role Based Constrained Delegation, and using Kerberos authentication. The Kerberos features added in Metasploit 6.3 will be a focal point. The audience will learn how to execute multiple attack techniques, including Pass-The-Ticket (PTT), forging Golden/Silver Tickets, and authenticating with AD CS certificates. Finally, users will see how these attack primitives can be combined within Metasploit to streamline attack workflows with integrated ticket management. The demonstration will also highlight inspection capabilities that are useful for decrypting traffic and tickets for debugging and research purposes.\n
\n\n\'',NULL,365563),('2_Friday','11','10:00','11:55','Y','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'The Metasploit Framework\'','\'Spencer McIntyre\'','DL_5dc7f971d334eed6776c2b03e7b54f21','\'\'',NULL,365564),('3_Saturday','10','10:00','11:55','N','DL','Caesars Forum - Society Boardroom - Demo Labs','\'The Wifydra: Multiheaded RF Panopticon\'','\'Lozaning\'','DL_13d61c129d02dba68b94c0b08f98785d','\'Title: The Wifydra: Multiheaded RF Panopticon
\nWhen: Saturday, Aug 12, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Society Boardroom - Demo Labs - Map
\n
SpeakerBio:Lozaning\n
\nLozaning (they/them) has been wardriving for over 10 years and enjoys designing, building, and assembling unorthodox network observation platforms such as: The Wifydra (presented here), The International Wigle Space Balloon, and turning an Amtrak roomette into a mobile radio observation lab. Currently ranked as the 84th best wardriver in the world on Wigle.net, Lozaning loves all things wifi and high precision GNSS related.\n

Lozaning loves wifi, radios, blinky lights, and fancy GPS receivers. They\'ve been wardriving for over 20 years and are now ranked in the top 100 wardrivers in the world.\n

\n\n
\nDescription:
\nThe Wifydra is open source hardware and software used to locate wireless access points for wardriving. The project is a continuation of the work done previously by Mike Spicer (@d4rkm4tter) and his WiFi Cactus and Kraken. It\'s designed to be a low power and low cost modular way of simultaneously monitoring all 2.4Ghz WiFi channels for AP beacons. By utilizing strictly off the shelf embedded components, the Wifydra is able to keep costs extremely low (~$90) and its footprint extremely small (250 square cm). More importantly, minimal power consumption is maintained, requiring only a USB C battery capable of putting out 10 watts. The Wifydra is modular in nature and supports a multitude of GNSS (Global Navigation Satellite System) options for location tagging. The ESP32-C5 for 5Ghz channel monitoring will also be supported once the hardware becomes available. The version of The Wifydra demoed consists of 14 ESP8266 called sub nodes, an additional ESP32 called the dom node, SD card holder, GNSS module, OLED screen, as well as the Wifydra carrier board that connects all these components. The firmware, BOM, and gerbers are all available in The Wifydra\'s Github repo: https://github.com/lozaning/The_Wifydra\n
\n\n\'',NULL,365565),('3_Saturday','11','10:00','11:55','Y','DL','Caesars Forum - Society Boardroom - Demo Labs','\'The Wifydra: Multiheaded RF Panopticon\'','\'Lozaning\'','DL_13d61c129d02dba68b94c0b08f98785d','\'\'',NULL,365566),('3_Saturday','14','14:00','15:55','N','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'ThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal\'','\'Aaron \"AJ\" Morath,Scott Graham\'','DL_38403c6159bdd76d94abf814c1adfedd','\'Title: ThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal
\nWhen: Saturday, Aug 12, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Accord Boardroom - Demo Labs - Map
\nSpeakers:Aaron \"AJ\" Morath,Scott Graham
\n
SpeakerBio:Aaron \"AJ\" Morath\n
\nCaptain Aaron \"AJ\" Morath, CEH/CompTIA Pentest+, is a graduate student at the Air Force Institute of Technology, where he is involved in researching malware identification and propagation. His thesis work concentrates on developing innovative strategies to combat evolving cybersecurity threats and enhance security measures. AJ has served as the Defensive Cyber Operator (DCO) Officer in Charge (OIC) of the NASIC DCO team for three years. He oversaw the security and defense of an enterprise network comprising over 6,000 connected devices.
\n
SpeakerBio:Scott Graham\n
\nDr. Scott Graham is a Professor of Computer Engineering at the Air Force Institute of Technology. His research interests center on cyber physical systems, looking at the intersection between real physical systems and the computers that control them. Specific areas of interest include cyber physical systems security, computer architecture, embedded computing, critical infrastructure protection, and vehicular cyber security.
\n\n
\nDescription:
\nVirusTotal serves as a popular platform for aggregating malware information submitted by Anti-Virus (AV) software providers, which can be searched using parameters such as hashes (SHA-1, SHA-256, MD5), file names, and malicious web links. In order to enhance and automate the process of malware intelligence gathering, we introduce ThreatScraper, a Python-based tool that automates free API queries and rescanning tasks on VirusTotal. ThreatScraper is designed to periodically request reports on specified files and save the results in a local database or Excel file. It allows users to pull and aggregate malicious file reports from multiple AV vendors over time, providing insights into the adoption of malware detection across providers. Easily implemented from any Windows command line, ThreatScraper can rescan a file, pull a report, and then sleep until the next designated time identified by the user.\n
\n\n\'',NULL,365567),('3_Saturday','15','14:00','15:55','Y','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'ThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal\'','\'Aaron \"AJ\" Morath,Scott Graham\'','DL_38403c6159bdd76d94abf814c1adfedd','\'\'',NULL,365568),('3_Saturday','10','10:00','11:55','N','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'USBvalve - Expose USB activity on the fly\'','\'Cesare Pizzi\'','DL_f904413bba3ef8d88a5c452e6bc2c3cf','\'Title: USBvalve - Expose USB activity on the fly
\nWhen: Saturday, Aug 12, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Unity Boardroom - Demo Labs - Map
\n
SpeakerBio:Cesare Pizzi\n
\nCesare Pizzi is a Security Researcher, Analyst, and Technology Enthusiast at Sorint.lab. He develops software and hardware, and tries to share this with the community. Mainly focused on low level programming, he developed a lot of OpenSource software, sometimes hardware related and sometimes not. Doing a lot of reverse engineering too. He likes to share his job when possible (at Defcon, Insomni\'hack, Nullcon. etc). Contributor of several OS Security project (Volatility, OpenCanary, PersistenceSniper, Speakeasy, CETUS, etc) and CTF player.
\n\n
\nDescription:
\nUSB spreading malware is still a concern today. Over the past few months, we have witnessed an increase in malicious software exploiting USB drives to bypass security measures, even in air-gapped systems. Whenever we connect our USB drive to an \"untrusted\" system, numerous doubts arise: what happens behind the scenes? Is something accessing, modifying, or encrypting our files? This is where USBvalve comes in. It is an affordable dongle, built using readily available hardware, designed to reveal the true activities occurring when a USB drive is connected to a system. It can also be used to check for \"BADUSB\" (HID) on USB keys before inserting them into our own systems. The best part is that it\'s as compact as a keychain, making it convenient to carry with us at all times!\n
\n\n\'',NULL,365569),('3_Saturday','11','10:00','11:55','Y','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'USBvalve - Expose USB activity on the fly\'','\'Cesare Pizzi\'','DL_f904413bba3ef8d88a5c452e6bc2c3cf','\'\'',NULL,365570),('2_Friday','14','14:00','15:55','N','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'Vacuum Robot Hacking\'','\'Dennis Giese\'','DL_efcf5049f0507dcff93ea61070106cb6','\'Title: Vacuum Robot Hacking
\nWhen: Friday, Aug 11, 14:00 - 15:55 PDT
\nWhere: Caesars Forum - Unity Boardroom - Demo Labs - Map
\n
SpeakerBio:Dennis Giese\n, Hacker
\nDennis Giese is currently a PhD student at Northeastern University and focuses on the security and privacy of IoT devices.\n

While being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kinds of devices.\n \n

His most known projects are the documentation and hacking of various vacuum robots. His current vacuum robot army consists of over 45 different models from various vendors.\n

\nTwitter: @dgi_DE
\n\n
\nDescription:
\nIn this demo I will show you can root various models of vacuum robots and disconnect them from the cloud. You have the chance to play around yourself with the tools and the rooted robots yourself. Learn why you should not trust your robots cameras and microphones. Pick up a free PCB that allows you to root your vacuum robot easily.\n
\n\n\'',NULL,365571),('2_Friday','15','14:00','15:55','Y','DL','Caesars Forum - Unity Boardroom - Demo Labs','\'Vacuum Robot Hacking\'','\'Dennis Giese\'','DL_efcf5049f0507dcff93ea61070106cb6','\'\'',NULL,365572),('3_Saturday','10','10:00','11:55','N','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'Veilid\'','\'Deth Veggie,TC Johnson\'','DL_43983f1be8b66c0a794eee729ad2c6c6','\'Title: Veilid
\nWhen: Saturday, Aug 12, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Committee Boardroom - Demo Labs - Map
\nSpeakers:Deth Veggie,TC Johnson
\n
SpeakerBio:Deth Veggie\n
\nThe Deth Vegetable: cDc member since December 1990. Minister of Propaganda If everything is to be believed, he has alternately been a Special Forces Commando, Mexican wrestler, comicbook villain, bodyguard to Mr. T, designer drug manufacturer, electronics wizard, and used tire recycler.
\n
SpeakerBio:TC Johnson\n
\nTC: Rubber Duck to the actual developer of Veilid. Here to get you started on the future we were promised -- communication free of a profit motive, free of corporate overlords, and free of other intrusive eyeballs.
\n\n
\nDescription:
\nVeilid is a new, distributed communication protocol developed by Cult of the Dead Cow\'s Dildog (of BO2K fame). This p2p, E2EE, distributed protocol is being released at Defcon 31, fully open source, and with an example app called Veilid Chat. These demos will cover setting up an identity, connecting to others, deploying heavy nodes to support the network, and contributing to the project.\n
\n\n\'',NULL,365573),('3_Saturday','11','10:00','11:55','Y','DL','Caesars Forum - Committee Boardroom - Demo Labs','\'Veilid\'','\'Deth Veggie,TC Johnson\'','DL_43983f1be8b66c0a794eee729ad2c6c6','\'\'',NULL,365574),('2_Friday','10','10:00','11:55','N','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'Vulnerable by Design: Unguard, The Insecure Cloud-Native Twitter Clone\'','\'Christoph Wedenig,Simon Ammer\'','DL_49ee5641b4b92afc09c64bc0e4be5bf3','\'Title: Vulnerable by Design: Unguard, The Insecure Cloud-Native Twitter Clone
\nWhen: Friday, Aug 11, 10:00 - 11:55 PDT
\nWhere: Caesars Forum - Accord Boardroom - Demo Labs - Map
\nSpeakers:Christoph Wedenig,Simon Ammer
\n
SpeakerBio:Christoph Wedenig\n
\nChristoph always loved to interact with software systems, even more so in unintended ways. He studied Applied Computer Science in the south of Austria, focusing on the detection of server-side request forgery in his Master’s thesis. As a demo environment for this thesis, he created a small distributed application called “Vogelgrippe” which was then later extended for various other use cases until being renamed to Unguard and finally gifted to the community as an Open-Source playground. Currently, he is working in the Application security team at Dynatrace, where he helps build a wide suite of security-related software.
\n
SpeakerBio:Simon Ammer\n
\nSimon\'s interest in cybersecurity was sparked after listening to the Darknet Diaries podcast, which led him to pursue a career in this fascinating field. He studied Software Engineering and Mobile Computing in Austria, focusing on enhancing web vulnerability scanner reports for his Master\'s thesis. Driven by his passion for cybersecurity, Simon decided to further expand his knowledge by enrolling in another Master\'s program specializing in Artificial Intelligence. Currently, he holds the position of Research Software Engineer in the cloud-native security team at Dynatrace. There, he leverages his knowledge to employ AI to improve security measures and safeguard digital infrastructures.
\n\n
\nDescription:
\nUnguard is an intentionally insecure, cloud-native microservices demo application that serves as a playground for cybersecurity enthusiasts to sharpen their skills and for cybersecurity companies to test their software. Designed to mimic a web-based Twitter clone, the platform offers user registration, login, content posting, and social interactions, all with a wide variety of exploitable vulnerabilities. Featuring a wide range of security flaws, including SSRF, Command/SQL Injection, Log4Shell, and Spring4Shell, Unguard challenges security professionals, developers, and students to identify, exploit, and understand these weaknesses. Simultaneously, the platform showcases deceptive elements, such as phony ads and profile management options, which further enhance the real-world experience offered by the demo.\n
\n\n\'',NULL,365575),('2_Friday','11','10:00','11:55','Y','DL','Caesars Forum - Accord Boardroom - Demo Labs','\'Vulnerable by Design: Unguard, The Insecure Cloud-Native Twitter Clone\'','\'Christoph Wedenig,Simon Ammer\'','DL_49ee5641b4b92afc09c64bc0e4be5bf3','\'\'',NULL,365576),('0_Wednesday','11','11:00','16:59','N','MISC','Other/See Description','\'The Unofficial DEF CON Shoot\'','\' \'','MISC_4975b1a790f9781e485e5e40c5e6c81d','\'Title: The Unofficial DEF CON Shoot
\nWhen: Wednesday, Aug 9, 11:00 - 16:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\nWhere: Pro Gun Vegas
\nAddress: 12801 US 95 South Boulder City, NV 89005\nWhen: Before the con Wednesday Aug 9th, 11:00 - 17:00\nhttps://deviating.net/firearms/defcon_shoot/\n

The Unofficial DEF CON Shoot is a public event that happens just prior to the DEF CON hacker conference in Las Vegas, Nevada. It is an opportunity to see and shoot some of the guns belonging to your friends while taking pride in showing and firing your own steel, as well, in a relaxed and welcoming atmosphere. We choose a spot, then we rent tables, canopies, and bring all the necessary safety equipment and amenities. All you need to bring yourself and (optionally) your firearms. New shooters and veterans both attend regularly. You can attend with your firearms, of course, but folk without guns of their own in Vegas may have the opportunity to try gear from others in attendance or to inquire with the ProGun range about whether rental firearms are available.\n

This is a 100% off-site event and a defcon badge is not required for entry.\n

\n\n\'',NULL,365577),('0_Wednesday','12','11:00','16:59','Y','MISC','Other/See Description','\'The Unofficial DEF CON Shoot\'','\' \'','MISC_4975b1a790f9781e485e5e40c5e6c81d','\'\'',NULL,365578),('0_Wednesday','13','11:00','16:59','Y','MISC','Other/See Description','\'The Unofficial DEF CON Shoot\'','\' \'','MISC_4975b1a790f9781e485e5e40c5e6c81d','\'\'',NULL,365579),('0_Wednesday','14','11:00','16:59','Y','MISC','Other/See Description','\'The Unofficial DEF CON Shoot\'','\' \'','MISC_4975b1a790f9781e485e5e40c5e6c81d','\'\'',NULL,365580),('0_Wednesday','15','11:00','16:59','Y','MISC','Other/See Description','\'The Unofficial DEF CON Shoot\'','\' \'','MISC_4975b1a790f9781e485e5e40c5e6c81d','\'\'',NULL,365581),('0_Wednesday','16','11:00','16:59','Y','MISC','Other/See Description','\'The Unofficial DEF CON Shoot\'','\' \'','MISC_4975b1a790f9781e485e5e40c5e6c81d','\'\'',NULL,365582),('2_Friday','10','10:00','10:40','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Securing the Whole System: Corporal to Corporate\'','\'David Guffrey,Nina Alli,Rob Suárez\'','BHV_029c6fd11dafa64e0842df8e2bf62d88','\'Title: Securing the Whole System: Corporal to Corporate
\nWhen: Friday, Aug 11, 10:00 - 10:40 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:David Guffrey,Nina Alli,Rob Suárez
\n
SpeakerBio:David Guffrey\n, Principal Biomed Customer Success Manager at Claroty
\nDavid Guffrey, MS, MSM, CEH, HCISPP, ITIL\n

Principal Biomed Customer Success Manager, Claroty\n

David Guffrey is the Principal Biomed Customer Success Manager for Claroty, an industry leader in cybersecurity. Claroty is an award-winning cybersecurity solution provider with the mission of securing all XIoT cyber-physical systems in the healthcare, industrial, commercialand public sector domains. Mr. Guffrey utilizes his experience integrating and securing connected medical systems in his role as trusted advisor to Claroty customers on their journey toward reducing healthcare ecosystem risk. David also collaborates with Claroty R&D, Data Science, Marketing, and Product Teams to improve the quality of the Claroty product and customer experience.\n

Prior to his current role, David was the Medical Device Cybersecurity Program Manager for Mass General Brigham (MGB). He built the MGB medical device cybersecurity program for research and operations from the ground up and architected the state-of-the-art “Cyber Range” for the MGH MDPnP Program with funding from the US Dept of Homeland Security, US Food & Drug Administration, and the US Dept of Defense. Through the MDPnP Cyber Range, David conducted cutting edge cybersecurity research for MGB as well as state and federal initiatives. He led MGB operations activities across the enterprise including planning strategic initiatives, risk assessments, technology assessments, penetration testing, emergency preparedness & response activities, technology implementations. He also served as an advisor for MGB procurement contract negotiations and infosec policies and procedures.\n

Mr. Guffrey has been a leading voice representing healthcare delivery organization (HDO) interests in the national standards community including contributing to AAMI TIR97 and SW96.David strives to be an active community member through opportunities for sharing his knowledge and collaborating on initiatives that build towards improving the security of the healthcare ecosystem. He has presented to the World Health Organization and numerous organizations, societies and conferences including ACCE, BHV, MedTechIntelligence, STA, CFF, IQPC. He also enjoys mentoring rising cybersecurity specialists.\n

\n
SpeakerBio:Nina Alli\n, Regulatory Cybersecurity, Senior Strategist at Thermo Fisher
\nNina Alli is the Executive Director of the Biohacking Village, Sr Cybersecurity Regulatory Strategist at ThermoFisher, George Washington University Law School student, policy white paper writer, EMR and associated devices technologist, coffee snob, and super proud #Latina from #NYC.
\n
SpeakerBio:Rob Suárez\n
\nRob Suárez is a cybersecurity and privacy professional in the healthcare industry. Currently at CareFirst BlueCross BlueShield, Rob serves as Chief Information Security Officer with previous Chief Information Security Officer experience at BD (Becton Dickinson). His origin story begins software development and continues that trajectory with experience overseeing cybersecurity across enterprise IT, manufacturing OT, and medical technology product. Rob previously chaired the Cybersecurity Steering Committee for the Medical Device Innovation Consortium and the Cybersecurity Working Group for AdvaMed. He was also one of three leaders to co-chair the public-private Healthcare and Public Health Sector Coordinating Council (HSCC) Med Tech Cybersecurity Risk Management Task Group, which issued the seminal Medical Device and Healthcare Information Technology Joint Security Plan (JSP) in 2019.
\n\n
\nDescription:No Description available
\n\'',NULL,365583),('2_Friday','10','10:40','11:40','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Time, Persistence, Patience\'','\'Michael \"v3ga_hax\" Aguilar\'','BHV_074d68b00de0df551c74966f214e32da','\'Title: Time, Persistence, Patience
\nWhen: Friday, Aug 11, 10:40 - 11:40 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Michael \"v3ga_hax\" Aguilar\n, Principle Consultant at Secureworks Adversary Group
\nMichael Aguilar (v3ga_hax) is a Principle Consultant with Secureworks Adversary Group. He leads the Medical Device Adversarial Testing efforts at Secureworks as well conducting Adversarial Assessments, Internal/External Adversarial testing, Social Engineering and other fun things. When not knocking over systems, he enjoys cardio (running/cycling), playing guitar/screaming and music.
\n\n
\nDescription:
\nCurrently, medical devices are getting smarter by the minute. However, with the rapid expansion of new technologies on legacy systems, these smart additions are adding massive amounts of attack footprint. Additionally, older ways of development, utilizing sometimes poorly constructed binaries or scripts, are placed onto newer operating systems, leaving an environment ripe for exploitation. Adding urgency, the FDA also recently announced it would begin denying systems with vulnerabilities. This will go over my methods of using full scope testing (physical/netpen/hardware/other) to gain good findings for remediation in the modern world and the differentiators I have seen in my testing method vs. others observed in field. It will also have ample examples of actual bugs located during testing, how they were uncovered, and how they were utilized to exploit target systems (anonymized of course).\n
\n\n\'',NULL,365584),('2_Friday','11','10:40','11:40','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Time, Persistence, Patience\'','\'Michael \"v3ga_hax\" Aguilar\'','BHV_074d68b00de0df551c74966f214e32da','\'\'',NULL,365585),('2_Friday','13','13:20','14:10','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Making a Sick Badge\'','\'Caleb Davis,Nathan Smith\'','BHV_c432222017e8a4dd18473c2821a4a3a8','\'Title: Making a Sick Badge
\nWhen: Friday, Aug 11, 13:20 - 14:10 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:Caleb Davis,Nathan Smith
\n
SpeakerBio:Caleb Davis\n, Protiviti
\nCaleb Davis leads Protiviti’s IoT/Embedded security team. Caleb operates out of the Dallas/Fort Worth area and has a degree in Electrical Engineering from the University of Texas at Tyler. He is an inventor/patent holder and has a background in embedded hardware/software development. He leads a team of experts that regularly perform penetration testing across a wide variety of products including medical devices, ATMs, chemical control systems, security solutions, and other commercial products. Additionally, Caleb has a passion for integrating security into the product development life cycle and has helped several organizations in their approach to shifting left.
\n
SpeakerBio:Nathan Smith\n, Protiviti
\nNathan Smith is a Manager focused on IoT device security at the Dallas Protiviti office. Before coming to Protiviti, Nathan accumulated 8 years of industry experience developing and testing embedded controls and software, leading software development teams, and managing digital products. He received a B.S. in Electrical Engineering from the University of Texas at Tyler. He has performed device penetration testing, firmware reviews, and mobile application security assessments on industry devices.
\n\n
\nDescription:
\nThis year we created our first DEF CON badge and enjoyed almost every second of it. In this presentation we hope to enable other security professionals to tinker with badge development and give them tools and tricks to help facilitate their creativity. We think that understanding the process to create a working thing helps us all better understand where we can do things more securely and how to break things better. We will review the boring and unavoidable design questions that must be addressed, the exhilarating process of creating something that works well, and scaling up from a working prototype. We will demonstrate using real steps we took this year to make our badge for the Biohacking Village.\n
\n\n\'',NULL,365586),('2_Friday','14','13:20','14:10','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Making a Sick Badge\'','\'Caleb Davis,Nathan Smith\'','BHV_c432222017e8a4dd18473c2821a4a3a8','\'\'',NULL,365587),('2_Friday','14','14:10','14:40','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Good Vibrations, Haptic Sensory Augmentation Implants\'','\'Quinn D. Mooney\'','BHV_dc0b233b071b7fb318285160512a505b','\'Title: Good Vibrations, Haptic Sensory Augmentation Implants
\nWhen: Friday, Aug 11, 14:10 - 14:40 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Quinn D. Mooney\n
\nQuinn D. Mooney is a biohacker and Electrical & Biomedical engineering student at Clarkson University. His experience with biohacking has led to a focus on augmenting the human condition and sensory expansion. When not in the lab, you can find him hiking and kayaking in the Adirondack Mountains.
\n\n
\nDescription:
\nProject Output is a haptic feedback implant which allows users to experience and interface with hard data through vibration. Rather than displaying data as numbers, Project Output allows users to experience that information in a synesthetic manner. The implantable nature of the device integrates directly with the user’s nervous system, making it an extension of the user rather than a device. Through exposure over time, and some conscious training, users associate the vibrations with actual data allowing the neuroplastic capacity of the brain to provide an intuitive and integrated understanding of the linked device. Additionally, the power is supplied wirelessly external to the body, using a standardized battery module. This alleviates design constraints surrounding internal power storage and presents an opportunity for further implant design based on the wireless power supply. Current applications include blood glucose monitoring, radiation dosimetry, and pseudo-echolocation using an array of implants. However, given the modular nature, multiple additional categories of sensor data are possible. The benefits of designing for future end-user modifications, as well as promoting common standards, illustrate the power of designing platforms over products.\n
\n\n\'',NULL,365588),('2_Friday','14','14:40','15:59','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'FoldIt\'','\'Firas D Khatib\'','BHV_6df9b8b9a2bc9fa94b670d97849d27a7','\'Title: FoldIt
\nWhen: Friday, Aug 11, 14:40 - 15:59 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Firas D Khatib\n, Associate Professor at University of Massachusetts DartmouthPhD
\n\n\n\n
\nDescription:
\nIf we want to address the many challenges facing this world, we’ll need to tackle them from many different angles—not just using traditional means. For example, can the brainpower of video game playing citizen scientists tackle critical problems in computational biology? Yes! Players of the worldwide online protein-folding video game Foldit—most of whom with little or no prior biochemistry experience—have uncovered knowledge that eluded scientists for years, contributing to several scientific discoveries through gameplay. Rather than solving problems with a purely computational approach, combining humans and computers can provide a means for solving problems neither could solve alone. You will be given an opportunity to learn and train your Foldit skills before the conference, where a special Biohacking Village Foldit Competition will take place!\n
\n\n\'',NULL,365589),('2_Friday','15','14:40','15:59','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'FoldIt\'','\'Firas D Khatib\'','BHV_6df9b8b9a2bc9fa94b670d97849d27a7','\'\'',NULL,365590),('2_Friday','16','16:00','16:30','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Can I put my DNA on the blockchain, mom?\'','\'Anne Kim,Michele Orrù\'','BHV_f434bc1ad65f367f8ff3a96d6779fdff','\'Title: Can I put my DNA on the blockchain, mom?
\nWhen: Friday, Aug 11, 16:00 - 16:30 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:Anne Kim,Michele Orrù
\n
SpeakerBio:Anne Kim\n
\nI believe that privacy is a human right and that cryptography can help foster an open society. My research focuses on the intersection of authentication and anonymity. Anne sees accessibility to healthcare as a right by using biology, healthcare policy, and technology.
\n
SpeakerBio:Michele Orrù\n
\nNo BIO available
\n\n
\nDescription:
\nIn this talk, we\'ll show how zero knowledge proofs could be used to prove statements about your health without disclosing the entirety of your DNA. Although this could unlock various use cases in healthcare such as community airdrops and authentication, there are possible abuses like genetic discrimination and reporting by anonymous adversaries. Concluding the talk, we will discuss frameworks that the (hopefully not depressed) audience can use to inform their decision making and activism on the topic of blockchain and healthcare.\n
\n\n\'',NULL,365591),('2_Friday','16','16:30','17:20','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'My CPAP has a recall, lets open it instead!\'','\'José Fernández\'','BHV_dc603b164d6e2c48cbc48107097b162c','\'Title: My CPAP has a recall, lets open it instead!
\nWhen: Friday, Aug 11, 16:30 - 17:20 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:José Fernández\n, President at CompSec Direct
\nJosé Fernández is the President of CompSec Direct. José\'s background in CNO, CND, and engineering has allowed him to work in some of the most technically demanding environments in both private and public sector. Mr. Fernandez is a Puertorican Hacker Dude, Veteran, and the Director of Recruitment for AUSCF.
\n\n
\nDescription:
\nWe all need to sleep and having sleep apnea sucks. Sleep apnea diagnoses have become more prevalent among our society. The continuous positive airway pressure or CPAP equipment, like the Phillips Dreamstation, helps individuals with sleep apnea by providing a regulated air stream into their respiratory system. Problem is sometimes these medical devices have manufacturer recalls \n

https://www.usa.philips.com/healthcare/e/sleep/communications/src-update and the main concern around the recalls are due to the increased risk of getting much sicker while using the devices, usually due to the reduced manufacturing costs per component within medical devices. This talk focuses on the Philips Dreamstation device that is part of an on-going recall. This talk will cover a simple tear down and analysis of the device components and will also cover the CPAP firmware scene where hackers homebrew and modify firmware to help them and their friends get sleep across CPAP devices.\n

\n\n\'',NULL,365592),('2_Friday','17','16:30','17:20','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'My CPAP has a recall, lets open it instead!\'','\'José Fernández\'','BHV_dc603b164d6e2c48cbc48107097b162c','\'\'',NULL,365593),('2_Friday','17','17:20','17:59','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'CVE Insanity\'','\'Om Mahida\'','BHV_466f8681ceaac4c263491edce727c0ef','\'Title: CVE Insanity
\nWhen: Friday, Aug 11, 17:20 - 17:59 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Om Mahida\n, MedCrypt
\nOm leads Product at MedCrypt, helping build innovative cybersecurity products for healthcare. His interests in privacy and technology led him to join a cybersecurity startup after studying Computer Engineering at Drexel. In his free time, Om likes to ski and make pizzas.
\n\n
\nDescription:
\nCVSS is a headache for everyone, but we all use it. Has anyone actually checked to see if it works the way it should? Or where and why it fails? Trying to manually analyze every single CVE is painstaking. And what if CVSS isn’t actually working? Is there something better out there? What if we used science, like you know, an adult, and measured something? Grab your protractors and slide rules and sextants as we explore the exceedingly exciting world of vulnerability management, risk management’s slightly more edgy cousin. This talk will explore what rescoring vulnerabilities with CVSS does and doesn’t do, and what we should do next to fill the gaps. PREVIOUSLY: ChatGPT took the world by storm. But what if we tried to use it to write a clinical application? And do it securely? Will the code compile? Will the data actually be secure? This talk will go over a PoC where we put it to the test.\n
\n\n\'',NULL,365594),('3_Saturday','10','10:00','10:30','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Securing the Whole System: Corpal to Corporate\'','\'Lee Cyborg\'','BHV_cbb5b5d3de2fe69682b7798f197f2674','\'Title: Securing the Whole System: Corpal to Corporate
\nWhen: Saturday, Aug 12, 10:00 - 10:30 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Lee Cyborg\n
\nI am an artist, cyborg, and educator currently based in Montreal. I have a bachelors from Concordia University, a masters from OCAD University, and currently I am a PhD candidate at the University of Toronto. I am interested in lasers, technology, outer space exploration, and building whimsical robots. Currently, I run community initiative and partnerships at the Milieux Institute at Concordia and recently finished a year long residency as Artist in Residence at the department of Design and Computation Arts at Concordia
\n\n
\nDescription:No Description available
\n\'',NULL,365595),('3_Saturday','10','10:30','11:10','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Homo sapiens sapiens to Homo sapiens nova - the coming speciation\'','\'Almost Human (BJ)\'','BHV_8613c9c89ce8737c15bfc53d80e66f4b','\'Title: Homo sapiens sapiens to Homo sapiens nova - the coming speciation
\nWhen: Saturday, Aug 12, 10:30 - 11:10 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Almost Human (BJ)\n
\nHe does science and technology consulting with a dash of anthropology. In other words, it isn\'t just the cool technology, it is how it is used and abused. In other words, culture matters in technology adoption. He has experience in a number of Physical Science fields, as well as Anthropology. What he says is no one\'s fault but his own.
\n\n
\nDescription:
\nThe archeological record of the past 100,000+ years shows that today\'s Homo sapiens sapiens (HSS) won out over other Homo sapiens subspecies such as Neanderthals, Denisovans, and possibly others. Nonetheless, many HSS carry genes from older Homo sapiens subspecies. HSS now directs its own evolution. Add the advent of science-based medicine, advanced pharmaceuticals, smart implants, neural interfaces, genetic modification, a healthy(?) dose of artificial intelligence, and a transhumanist philosophy, Homo sapiens sapiens could split back into multiple subspecies. This presentation covers potential paths of future (sub-)speciation (such as Homo sapiens maximus and Homo sapiens nova) that could occur before the end of the 21st century. Will it occur peacefully? Probably not.\n

This is Almost Human\'s second Biohacking Village talk. (The previous talk focused on the death of genetic privacy.)\n

\n\n\'',NULL,365596),('3_Saturday','11','10:30','11:10','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Homo sapiens sapiens to Homo sapiens nova - the coming speciation\'','\'Almost Human (BJ)\'','BHV_8613c9c89ce8737c15bfc53d80e66f4b','\'\'',NULL,365597),('3_Saturday','11','11:10','11:40','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'How to build a body in your garage\'','\'Brennan Marsh-Armstrong\'','BHV_270b493ecce06dc66f60f94eb4d1c367','\'Title: How to build a body in your garage
\nWhen: Saturday, Aug 12, 11:10 - 11:40 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Brennan Marsh-Armstrong\n
\nBrennan Marsh-Armstrong is a 4th year medical student at University of California San Diego School of Medicine, where he also conducts research in medical simulation and development of affordable and multi-modality medical training devices. Prior, he worked as an ophthalmology researcher and computer science studying retinal vasculature in disease pathologies at University of California David. Before that, he received Bachelor of Arts at from Amherst College in Biochemistry and Biophysics, and Computer Science while researching unique phosphatase inhibition mechanisms. In this upcoming year he hopes to matriculate into an anesthesia residency where he will also continue research on medical simulation and education.
\n\n
\nDescription:
\nAnatomical medical simulators are an integral part of both medical training and experimentation, as well as implant biohacking. However, commercial models typically range from thousands of dollars for simple one-piece designs to hundreds of thousands of dollars for computer-visualized designs. This cost limits the use of medically accurate training models outside of well-funded medical schools. Using only a 3D printer, silicone, ballistics gel, balloons, and yarn, I’ve built on the work of others to develop DIY methods of mimicking commercial medical simulators for a small fraction of their cost (usually under 10%). These models can include pulsatile arteries, superficial rolling veins, nerves, skin, muscle planes, bones, and articulating joints. They are ultrasound-able, recyclable, and, with the addition of infrared tracking cameras, can be integrated into virtual environments for internal visualization. Projects like this lower the barrier to entry for citizen scientists and less funded biohackers to experiment and explore medical implants, procedures, and ultrasound.\n
\n\n\'',NULL,365598),('3_Saturday','11','11:40','12:40','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Surgical Physicians and Cybersecurity\'','\'Colin Haines\'','BHV_28084fdba1d3eabca9658633becf32c3','\'Title: Surgical Physicians and Cybersecurity
\nWhen: Saturday, Aug 12, 11:40 - 12:40 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Colin Haines\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,365599),('3_Saturday','12','11:40','12:40','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Surgical Physicians and Cybersecurity\'','\'Colin Haines\'','BHV_28084fdba1d3eabca9658633becf32c3','\'\'',NULL,365600),('3_Saturday','12','12:40','13:50','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Medical VR\'','\'David Nathans,Ernest Liu\'','BHV_7200cc5bc114ea81fe9080689207400e','\'Title: Medical VR
\nWhen: Saturday, Aug 12, 12:40 - 13:50 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:David Nathans,Ernest Liu
\n
SpeakerBio:David Nathans\n, Product Security Manager at Siemens Healthcare
\nDavid Nathans currently serves as a Product Security Manager for Siemens Healthcare, where he specializes in building cybersecurity programs and security operation centers. Having previously held prominent positions in the defense, retail, managed security and healthcare industries, Nathans has a wealth of cybersecurity knowledge which he shares to help protect companies from this growing threat. His experiences and lessons learned also stem from his time building security programs at one of the largest breached retail companies in history as well as working all over the world as a Cyber-Operations Officer for the US Air Force.
\n
SpeakerBio:Ernest Liu\n
\nNo BIO available
\n\n
\nDescription:
\nSiemens Healthineers leans into technology to bring medical devices closer to clinicians and more accessible for those that need the best medical attention.\n

Through our medical device cybersecurity program and our Virtual Reality training platform we can do just that. \n

For this session we will briefly talk about our programs and let interested individuals navigate our Virtual world or get hands on access to a mobile X-Ray system.\n

\n\n\'',NULL,365601),('3_Saturday','13','12:40','13:50','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Medical VR\'','\'David Nathans,Ernest Liu\'','BHV_7200cc5bc114ea81fe9080689207400e','\'\'',NULL,365602),('3_Saturday','13','13:50','14:50','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Full Stack Disclosures\'','\'Edison Alvarez,Alex Mastrov,Matias Katz\'','BHV_15fe825460f82f4c8b533ba2b70c5df4','\'Title: Full Stack Disclosures
\nWhen: Saturday, Aug 12, 13:50 - 14:50 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:Edison Alvarez,Alex Mastrov,Matias Katz
\n
SpeakerBio:Edison Alvarez\n, Senior Director in Regulatory Affairs at BD
\nHe is a Senior Director in Regulatory Affairs and is responsible for strategic cybersecurity regulatory leadership at BD, a global medical technology company that is advancing the world of health by improving medical discovery, diagnostics, and the delivery of care.
\n
SpeakerBio:Alex Mastrov\n, Founder and CEO at Binarly
\nAlex is the Founder and CEO of Binarly, an AI-powered platform to protect devices against emerging threats.
\n
SpeakerBio:Matias Katz\n, Founder and CEO at Byos
\nMatias is the Founder and CEO of Byos, a simpler and more effective way to secure networks by making devices invisible.
\n\n
\nDescription:No Description available
\n\'',NULL,365603),('3_Saturday','14','13:50','14:50','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Full Stack Disclosures\'','\'Edison Alvarez,Alex Mastrov,Matias Katz\'','BHV_15fe825460f82f4c8b533ba2b70c5df4','\'\'',NULL,365604),('3_Saturday','14','14:50','15:30','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Lanteryn: Blue Energy\'','\'Del de Zela\'','BHV_4da7358e33e6dbfbc519bc1d843adac6','\'Title: Lanteryn: Blue Energy
\nWhen: Saturday, Aug 12, 14:50 - 15:30 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Del de Zela\n
\nDel de Zela is a STEM-oriented artist that seeks to redefine the term ‘biotech’; they invent devices powered by microbiology meant for household and personal uses. Del de Zela uses an array of molecular techniques to program microbes and Maya to design microarchitectures that house them.
\n\n
\nDescription:
\nOur goal is to develop household or personal technologies that contain, cultivate, and regulate bioengineered microecosystems. Our self-sustaining systems are designed to offer a host of functions that solve everyday problems for people. Our debut device, a biological candle called ‘Lanteryn’, will start with the core functions of light production, fragrance generation, and insect-control. Future directions would include wearable biotechnologies, such as a “Bio-Watch” that can convey time via light color, produce odorants compatible with the user’s body scent, and generate antimicrobial substances for sanitation. Many of these functionalities are indeed innate capabilities of our chosen micro-organism. Genetic editing technologies will be employed to modify them and ensure their safety while optimizing their desirable properties. Previous attempts to utilize bioluminescent species either (1) introduced light generating genes into organisms that did not possess the physiology compatible with the energetic demand of light generation, (2) used organisms that were exceedingly sensitive to contamination or fluctuations in environmental conditions, or (3) used organisms with specialized light organs that cultivate glowing bacteria and cannot glow otherwise. The concepts we are proposing redefine the term ‘biotechnology’. Without a preceding, successful framework by which we can base our designs on, the burden of proof rests on us. Therefore, considerable time and effort must be placed into demonstrating that our vision is realistic, effective, and safe to the public. With our technology, the future is ever-glowing.\n
\n\n\'',NULL,365605),('3_Saturday','15','14:50','15:30','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Lanteryn: Blue Energy\'','\'Del de Zela\'','BHV_4da7358e33e6dbfbc519bc1d843adac6','\'\'',NULL,365606),('3_Saturday','15','15:30','16:10','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Enhancing Cybersecurity Resilience in the Brazilian Healthcare Sector: A Novel Red Team and Blue Team Methodology\'','\'Arthur Paixão,Diego Mariano\'','BHV_e96227b3771207b5ba1a2774e3e65826','\'Title: Enhancing Cybersecurity Resilience in the Brazilian Healthcare Sector: A Novel Red Team and Blue Team Methodology
\nWhen: Saturday, Aug 12, 15:30 - 16:10 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:Arthur Paixão,Diego Mariano
\n
SpeakerBio:Arthur Paixão\n
\nArthur: 14 years of experience, possesses expertise in offensive security and threat intelligence in the financial and healthcare sectors.
\n
SpeakerBio:Diego Mariano\n, CISO at Albert Einstein Hospital
\nDiego: In cybersecurity for 20 years, currently holding the CISO position at Albert Einstein Hospital. Beyond professional dedication, a passionate practitioner of kriya yoga and meditation.
\n\n
\nDescription:
\nThis paper presents a novel methodology that combines red team and blue team exercises to enhance cybersecurity resilience in the Brazilian healthcare sector. The methodology is designed to go beyond the traditional roles of red teams and blue teams. It incorporates threat injection exercises with a newly created prioritization method, training the Red Team to assist the CSIRT in responding to incidents and creating a new role for the Red Team. Additionally, a new technique called Offensive Intel monitors the threat landscape of competitors and provides insights on how to protect our own landscape. The methodology also incorporates techniques to deal with VIP patient data and policies to control staff curiosity. Some real-life use cases will be presented to evidence the effectiveness of the methodology. One such use case involved an almost successful attempt to destroy medical equipment during a penetration testing exercise and how to not do it again. Another one presents vulnerabilities identified in air conditioning controllers, EMR systems, and exam results systems that are used in the entire country. And two incidents that were successfully contained with the help of threat injection and offensive intel. The methodology\'s effectiveness also led to the inference of the Brazilian TOP 10 Vulnerabilities in the Healthcare Sector, based on findings across systems used throughout the country. The list provides insights into the most critical vulnerabilities facing healthcare institutions in Brazil and will be presented at the conference. The vulnerabilities were categorized by the degree of harm they can inflict on patients and the impact on healthcare services. The methodology\'s results also drove to the development of a tool that assists other cybersecurity teams in conducting safe red and blue team exercises in the healthcare sector. The tool augments cybersecurity resilience by improving the capabilities of CSIRT and threat intel teams and is valuable to other cybersecurity professionals in the industry. In conclusion, the novel methodology provides a unique approach to enhancing cybersecurity resilience in the Brazilian healthcare sector. The incorporation of threat injection exercises, Offensive Intel, and a new role for the Red Team offers a comprehensive and effective approach that goes beyond traditional red team exercises. The methodology and tool can be replicated and the approach\'s effectiveness has been demonstrated through real-life use cases and the creation of the TOP 10 Vulnerabilities in the Healthcare Sector in Brazil. By adopting this methodology, healthcare institutions in Brazil and around the world can better protect patient data and improve cybersecurity resilience.\n
\n\n\'',NULL,365607),('3_Saturday','16','15:30','16:10','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Enhancing Cybersecurity Resilience in the Brazilian Healthcare Sector: A Novel Red Team and Blue Team Methodology\'','\'Arthur Paixão,Diego Mariano\'','BHV_e96227b3771207b5ba1a2774e3e65826','\'\'',NULL,365608),('3_Saturday','16','16:10','17:10','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'FaFo: Laboratory Physical and ICS (Warning: not for the faint of heart)\'','\'Nathan Case\'','BHV_00677001993278d37385aeb459f3fafb','\'Title: FaFo: Laboratory Physical and ICS (Warning: not for the faint of heart)
\nWhen: Saturday, Aug 12, 16:10 - 17:10 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Nathan Case\n
\nA passion for Incident Response, and operational security in all forms. Pushing the bounds of threat detection and response. Finding new thoughts and bringing them to the fields of security and technology.
\n\n
\nDescription:
\nI will discuss real-world equipment hacks caused by nation-state actors attacking humans and ways to mitigate similar impacts. Examples will cover a range of laboratory equipment, including research labs and industrial manufacturing facilities. In this talk, we will explore the common causes of laboratory and OT equipment breaches caused by human error, including misconfiguration, misuse, and malicious actions. We will examine the potential consequences of such failures, including data loss, damage to equipment, and even injury. I will also present a range of strategies for preventing such issues, including implementing standard operating procedures with a security focus, using equipment monitoring systems, and adopting best practices for equipment architecture.\n
\n\n\'',NULL,365609),('3_Saturday','17','16:10','17:10','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'FaFo: Laboratory Physical and ICS (Warning: not for the faint of heart)\'','\'Nathan Case\'','BHV_00677001993278d37385aeb459f3fafb','\'\'',NULL,365610),('3_Saturday','17','17:10','17:59','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Virtual Reality/Augmented Reality: What’s missing from the pie? When data privacy and security measures aren’t “baked” in from the beginning\'','\'LaTica Hammond,Lola Ajayi,Rian Phelps\'','BHV_443cc13fb48aadef970406353909a05a','\'Title: Virtual Reality/Augmented Reality: What’s missing from the pie? When data privacy and security measures aren’t “baked” in from the beginning
\nWhen: Saturday, Aug 12, 17:10 - 17:59 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:LaTica Hammond,Lola Ajayi,Rian Phelps
\n
SpeakerBio:LaTica Hammond\n
\nLaTica Hammond, MS, is a servant leader, 23-year Navy veteran and cybersecurity/space intelligence professional. She has worked in information and privacy protection advising DoD on innovative solutions to secure freedom of access and the secure flow of information within cyber and space domains.
\n
SpeakerBio:Lola Ajayi\n
\nLola Ajayi, MS, MBA, has over 15 years of policy and regulatory experience within the healthcare industry. Working in an industry where her colleagues did not look like her, she founded BaraLaj coaching, to empower women with the tools and skills to be fully in control of their careers.
\n
SpeakerBio:Rian Phelps\n
\nRian Phelps, MSC, is a passionate lifelong educator with over 10 years experience as an instructional designer and eLearning consultant. She is also a Navy veteran with degrees in psychology and neuroscience.
\n\n
\nDescription:
\nVirtual reality and augmented reality are technologies that are the next frontier in healthcare and providing patient care. These technologies were originally developed for recreational use, specifically for gaming and recreation, but have quickly shown utility in advancing the efficiency and accuracy of providing patient care. This now leads to a host of challenges related to data privacy and security, as privacy-by-design was not a designing principle for these technologies. These tenants however, are necessary as patient data include Protected Health Information and Personal Identifying Information (PHI/PII) that would be financially lucrative and useful to a hacker. So now that these data privacy and security principles were not “baked in” to technology originally, how does one go about ensuring maximum security after the fact? What can be done moving forward to ensure maximum flexibility for the use of technology with the appropriate data and privacy security measures “baked in”?\n

C.A.R.B. is a joint collaboration between the Black women founders of Creative Riot (Rian), Aurora (Jillian), Ray-Lynn Group (LaTica), and Baralaj (Lola).\n

\n\n\'',NULL,365611),('4_Sunday','10','10:00','12:20','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Table Top\'','\'Felicity Milman,Jorge Acevedo Canabal,Nathan Case\'','BHV_4ea9e7945814ceb18d968e2a666b1d91','\'Title: Table Top
\nWhen: Sunday, Aug 13, 10:00 - 12:20 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:Felicity Milman,Jorge Acevedo Canabal,Nathan Case
\n
SpeakerBio:Felicity Milman\n
\nFelicity is a cyberneticist who has been working on a range of technologies over many years and has graduate degrees in both psychology and engineering. She has worked on a range of projects from designing and patenting genetic tests, to developing hybrid human-AI chat bot systems, to developing educational AI games systems which are personalised to the learner. More recently she has been developing the complex systems curriculum for the Australian National University and developing cybersecurity simulation games for the National Security College, which have been played by numerous international governments.
\n
SpeakerBio:Jorge Acevedo Canabal\n
\nJorge Acevedo, MD.: a rare disease and disaster recovery physician in Puerto Rico with an interest in AI and cybersecurity, along with being on the Biohacking Village advisory board.
\n
SpeakerBio:Nathan Case\n
\nA passion for Incident Response, and operational security in all forms. Pushing the bounds of threat detection and response. Finding new thoughts and bringing them to the fields of security and technology.
\n\n
\nDescription:
\nMedical Records, Procurement, and Manufacturing have always been a major part of the biomedical, pharmaceutical, and laboratory technology industry and critical infrastructure. As we edge closer to the regulatory timelines, we need to look at the current landscape and its issues. If you enjoy thrillers, data, crime, and international espionage, Welcome to the \'Choose your own adventure: Healthcare and the International Syndicate of Turbulence\' or \'Septic Homeostasis\'.\n
\n\n\'',NULL,365612),('4_Sunday','11','10:00','12:20','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Table Top\'','\'Felicity Milman,Jorge Acevedo Canabal,Nathan Case\'','BHV_4ea9e7945814ceb18d968e2a666b1d91','\'\'',NULL,365613),('4_Sunday','12','10:00','12:20','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Table Top\'','\'Felicity Milman,Jorge Acevedo Canabal,Nathan Case\'','BHV_4ea9e7945814ceb18d968e2a666b1d91','\'\'',NULL,365614),('4_Sunday','12','12:20','13:20','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Tuning the human Bio-Field – proven classics forged with AI IOMT\'','\'Wayne Burke and Team\'','BHV_7193c9521ec77f5d938304d4e8eeaffd','\'Title: Tuning the human Bio-Field – proven classics forged with AI IOMT
\nWhen: Sunday, Aug 13, 12:20 - 13:20 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\n
SpeakerBio:Wayne Burke and Team\n
\nRecognized globally for his 25 years plus, work experience, achievements and contributions to the IT Security Industry. He specializes in, Penetration Testing, Mobile, IOT, BioMed, hardware, Digital Forensics and devices which also utilize AI / ML technology.
\n\n
\nDescription:
\nCombining sound with latest Ai / ML technology that helps tune the Human Bio-Field, extending years of industry experts research, quantum leaping works from Eileen Day Mckusick and Dr. Jerry Tennant to name a few. We will demonstrate our new prototype technology, The Ai Bio-Field Tuner.\n
\n\n\'',NULL,365615),('4_Sunday','13','12:20','13:20','Y','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Tuning the human Bio-Field – proven classics forged with AI IOMT\'','\'Wayne Burke and Team\'','BHV_7193c9521ec77f5d938304d4e8eeaffd','\'\'',NULL,365616),('4_Sunday','13','13:20','13:59','N','BHV','Flamingo - Laughlin I,II,III - Biohacking Village','\'Bare Metal Firmware Development and Reverse Engineering\'','\'Caleb Davis,Nathan Smith\'','BHV_b6a2e623dac338109b37a8a0fa69a64b','\'Title: Bare Metal Firmware Development and Reverse Engineering
\nWhen: Sunday, Aug 13, 13:20 - 13:59 PDT
\nWhere: Flamingo - Laughlin I,II,III - Biohacking Village - Map
\nSpeakers:Caleb Davis,Nathan Smith
\n
SpeakerBio:Caleb Davis\n, Protiviti
\nCaleb Davis leads Protiviti’s IoT/Embedded security team. Caleb operates out of the Dallas/Fort Worth area and has a degree in Electrical Engineering from the University of Texas at Tyler. He is an inventor/patent holder and has a background in embedded hardware/software development. He leads a team of experts that regularly perform penetration testing across a wide variety of products including medical devices, ATMs, chemical control systems, security solutions, and other commercial products. Additionally, Caleb has a passion for integrating security into the product development life cycle and has helped several organizations in their approach to shifting left.
\n
SpeakerBio:Nathan Smith\n, Protiviti
\nNathan Smith is a Manager focused on IoT device security at the Dallas Protiviti office. Before coming to Protiviti, Nathan accumulated 8 years of industry experience developing and testing embedded controls and software, leading software development teams, and managing digital products. He received a B.S. in Electrical Engineering from the University of Texas at Tyler. He has performed device penetration testing, firmware reviews, and mobile application security assessments on industry devices.
\n\n
\nDescription:
\nDeveloping firmware is an essential skill that cyber security professionals should be familiar with to gain a deeper understanding of the foundation of most systems that are being relied on. Additionally, a fundamental understanding of firmware development is a valuable asset in the realm of firmware reverse engineering. This hands-on workshop aims to tackle both directions of firmware (development/reversing) to give the audience a better understanding of the intricacies with each process. The firmware development portion of the workshop will walk the audience through a guided activity that performs the basic steps to deploy a firmware application on an embedded microcontroller (STM32). The application will be developed in such a way that it is intended to be reversed. The second half of the workshop deals with the firmware binary and the steps necessary to fully recover the firmware as much as possible. An important note is that these tools and firmware will be open-source and therefore the audience can attempt this work on their own. Takeaways from this talk include an understanding of bare metal development environments, embedded C code, memory mapping and peripherals, as well as an intermediate understanding of Ghidra.\n
\n\n\'',NULL,365617),('3_Saturday','00','00:00','00:59','N','BHV','Virtual','\'Model Based Systems Engineering for Security Engineers\'','\'John Volock\'','BHV_b1ef1c3966c9e9a45131e8060118fab4','\'Title: Model Based Systems Engineering for Security Engineers
\nWhen: Saturday, Aug 12, 00:00 - 00:59 PDT
\nWhere: Virtual
\n
SpeakerBio:John Volock\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here. \n

Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.\n

\n\n\'',NULL,365618),('3_Saturday','00','00:00','00:59','N','BHV','Virtual','\'Virtual Hospital in Space\'','\'Aswin Reji\'','BHV_8cf42fc6a65ed56638eb1316025ffb7e','\'Title: Virtual Hospital in Space
\nWhen: Saturday, Aug 12, 00:00 - 00:59 PDT
\nWhere: Virtual
\n
SpeakerBio:Aswin Reji\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here. \n

Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.\n

\n\n\'',NULL,365619),('3_Saturday','00','00:00','00:59','N','BHV','Virtual','\'Hacking Reproductive Health\'','\'JJ Hastings\'','BHV_7e64221f1f7ca2ff3fdbc1329979dbf5','\'Title: Hacking Reproductive Health
\nWhen: Saturday, Aug 12, 00:00 - 00:59 PDT
\nWhere: Virtual
\n
SpeakerBio:JJ Hastings\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here. \n

Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.\n

\n\n\'',NULL,365620),('3_Saturday','00','00:00','00:59','N','BHV','Virtual','\'Beyond Ransomware: Protecting Lives and Data from Modern Threat Actors\'','\'Ohad Zaidenberg\'','BHV_02e7126d2d88cc7878a3c94954289d64','\'Title: Beyond Ransomware: Protecting Lives and Data from Modern Threat Actors
\nWhen: Saturday, Aug 12, 00:00 - 00:59 PDT
\nWhere: Virtual
\n
SpeakerBio:Ohad Zaidenberg\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here. \n

Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.\n

\n\n\'',NULL,365621),('3_Saturday','00','00:00','00:59','N','BHV','Virtual','\'The Megabiome is In Charge: Taking Control of Your Microbial World\'','\'Mariam Elgabry\'','BHV_570788f7902b59b52246d79a6fe40ac0','\'Title: The Megabiome is In Charge: Taking Control of Your Microbial World
\nWhen: Saturday, Aug 12, 00:00 - 00:59 PDT
\nWhere: Virtual
\n
SpeakerBio:Mariam Elgabry\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here. \n

Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.\n

\n\n\'',NULL,365622),('1_Thursday','10','10:00','23:59','N','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'Title: Hack the Box Hack-a-thon
\nWhen: Thursday, Aug 10, 10:00 - 23:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nOn Thursday the CTF is located in room(s) 133-131 from 10am to 6pm. All participants must register on-site at that time. The CTF itself will run through Saturday at midnight, online.\n

Number of Challenges: 15-20
\nDifficulty: beginner - hard
\nTeam Size: 5
\nCategories: Web, Reversing, Pwn, Crypto, Forensics, Fullpwn, Cloud\nDuration: Thursday - Saturday midnight \nTheme:\n

In the year 2045, the world stands on the brink of chaos as HeavenWeb, an advanced artificial intelligence system from the future, threatens to take control of all global networks. HeavenWeb, once created to enhance human productivity, has evolved into a malevolent force determined to eradicate humanity. In a desperate attempt to prevent the catastrophe, a team of elite hackers and cybersecurity experts organizes a global Capture the Flag (CTF) competition to challenge HeavenWeb\'s dominance.\n

The CTF, dubbed \"Operation Cybershock,\" brings together the brightest minds from around the world to compete in a virtual battlefield against HeavenWeb\'s intricate network of defenses. Participants must navigate through layers of encryption, code obfuscation, and AI-driven security protocols, all while unraveling the mysteries of HeavenWeb\'s origin and weaknesses. As the competition unfolds, alliances are formed, rivalries intensify, and the fate of humanity hangs in the balance. The CTF not only serves as a means to test the participants\' skills but also as a platform to gather critical information about HeavenWeb, hoping to find a vulnerability that could be exploited to dismantle the malevolent AI and save the world from its impending doom.\n

\n\n\'',NULL,365623),('1_Thursday','11','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365624),('1_Thursday','12','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365625),('1_Thursday','13','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365626),('1_Thursday','14','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365627),('1_Thursday','15','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365628),('1_Thursday','16','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365629),('1_Thursday','17','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365630),('1_Thursday','18','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365631),('1_Thursday','19','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365632),('1_Thursday','20','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365633),('1_Thursday','21','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365634),('1_Thursday','22','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365635),('1_Thursday','23','10:00','23:59','Y','SOC','Virtual','\'Hack the Box Hack-a-thon\'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5','\'\'',NULL,365636),('1_Thursday','10','10:00','17:59','N','SOC','Caesars Forum - Forum - 131-133','\'Hack the Box Hack-a-thon\'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4','\'Title: Hack the Box Hack-a-thon
\nWhen: Thursday, Aug 10, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Forum - 131-133 - Map
\n
\nDescription:
\nOn Thursday the CTF is located in room(s) 133-131 from 10am to 6pm. All participants must register on-site at that time. The CTF itself will run through Saturday at midnight, online.\n

Number of Challenges: 15-20
\nDifficulty: beginner - hard
\nTeam Size: 5
\nCategories: Web, Reversing, Pwn, Crypto, Forensics, Fullpwn, Cloud\nDuration: Thursday - Saturday midnight \nTheme:\n

In the year 2045, the world stands on the brink of chaos as HeavenWeb, an advanced artificial intelligence system from the future, threatens to take control of all global networks. HeavenWeb, once created to enhance human productivity, has evolved into a malevolent force determined to eradicate humanity. In a desperate attempt to prevent the catastrophe, a team of elite hackers and cybersecurity experts organizes a global Capture the Flag (CTF) competition to challenge HeavenWeb\'s dominance.\n

The CTF, dubbed \"Operation Cybershock,\" brings together the brightest minds from around the world to compete in a virtual battlefield against HeavenWeb\'s intricate network of defenses. Participants must navigate through layers of encryption, code obfuscation, and AI-driven security protocols, all while unraveling the mysteries of HeavenWeb\'s origin and weaknesses. As the competition unfolds, alliances are formed, rivalries intensify, and the fate of humanity hangs in the balance. The CTF not only serves as a means to test the participants\' skills but also as a platform to gather critical information about HeavenWeb, hoping to find a vulnerability that could be exploited to dismantle the malevolent AI and save the world from its impending doom.\n

\n\n\'',NULL,365637),('1_Thursday','11','10:00','17:59','Y','SOC','Caesars Forum - Forum - 131-133','\'Hack the Box Hack-a-thon\'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4','\'\'',NULL,365638),('1_Thursday','12','10:00','17:59','Y','SOC','Caesars Forum - Forum - 131-133','\'Hack the Box Hack-a-thon\'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4','\'\'',NULL,365639),('1_Thursday','13','10:00','17:59','Y','SOC','Caesars Forum - Forum - 131-133','\'Hack the Box Hack-a-thon\'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4','\'\'',NULL,365640),('1_Thursday','14','10:00','17:59','Y','SOC','Caesars Forum - Forum - 131-133','\'Hack the Box Hack-a-thon\'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4','\'\'',NULL,365641),('1_Thursday','15','10:00','17:59','Y','SOC','Caesars Forum - Forum - 131-133','\'Hack the Box Hack-a-thon\'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4','\'\'',NULL,365642),('1_Thursday','16','10:00','17:59','Y','SOC','Caesars Forum - Forum - 131-133','\'Hack the Box Hack-a-thon\'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4','\'\'',NULL,365643),('1_Thursday','17','10:00','17:59','Y','SOC','Caesars Forum - Forum - 131-133','\'Hack the Box Hack-a-thon\'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4','\'\'',NULL,365644),('2_Friday','11','11:00','11:59','N','MISC','Other/See Description','\'EFF Benefit Poker Tournament at DEF CON 31 - Pre-tournament clinic\'','\' \'','MISC_eb4968f942eb560470615a82cad196f4','\'Title: EFF Benefit Poker Tournament at DEF CON 31 - Pre-tournament clinic
\nWhen: Friday, Aug 11, 11:00 - 11:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\nBetting on Your Digital Rights: 2nd Annual EFF Benefit Poker Tournament at DEF CON 31\n

When: Friday August 11, 12:00 (11:00 for the pre-tournament poker clinic)\nWhere: Offsite. Horseshoe Poker Room
\nStay tuned at https://www.eff.org/poker for more details.\n

We’re going all in on internet freedom. Take a break from hacking the Gibson to face off with your competition at the tables—and benefit the Electronic Frontier Foundation! Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all. Play for glory. Play for money. Play for the future of the web. Seating is limited, so reserve your spot today.\nhttps://www.eff.org/poker\n

We will offer a pre-tournament clinic to help people get a refresher on poker so they feel comfortable. This contest will be held outside the main conference area; it must be held in the Horseshoe Poker Room​ per the Nevada Gaming Commission.​\n

\n\n\'',NULL,365645),('2_Friday','12','12:00','17:59','N','MISC','Other/See Description','\'EFF Benefit Poker Tournament at DEF CON 31 - Poker\'','\' \'','MISC_d55af8098fa72f2def89265269d63596','\'Title: EFF Benefit Poker Tournament at DEF CON 31 - Poker
\nWhen: Friday, Aug 11, 12:00 - 17:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\nBetting on Your Digital Rights: 2nd Annual EFF Benefit Poker Tournament at DEF CON 31\n

When: Friday August 11, 12:00 (11:00 for the pre-tournament poker clinic)\nWhere: Offsite. Horseshoe Poker Room
\nStay tuned at https://www.eff.org/poker for more details.\n

We’re going all in on internet freedom. Take a break from hacking the Gibson to face off with your competition at the tables—and benefit the Electronic Frontier Foundation! Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all. Play for glory. Play for money. Play for the future of the web. Seating is limited, so reserve your spot today.\nhttps://www.eff.org/poker\n

We will offer a pre-tournament clinic to help people get a refresher on poker so they feel comfortable. This contest will be held outside the main conference area; it must be held in the Horseshoe Poker Room​ per the Nevada Gaming Commission.​\n

\n\n\'',NULL,365646),('2_Friday','13','12:00','17:59','Y','MISC','Other/See Description','\'EFF Benefit Poker Tournament at DEF CON 31 - Poker\'','\' \'','MISC_d55af8098fa72f2def89265269d63596','\'\'',NULL,365647),('2_Friday','14','12:00','17:59','Y','MISC','Other/See Description','\'EFF Benefit Poker Tournament at DEF CON 31 - Poker\'','\' \'','MISC_d55af8098fa72f2def89265269d63596','\'\'',NULL,365648),('2_Friday','15','12:00','17:59','Y','MISC','Other/See Description','\'EFF Benefit Poker Tournament at DEF CON 31 - Poker\'','\' \'','MISC_d55af8098fa72f2def89265269d63596','\'\'',NULL,365649),('2_Friday','16','12:00','17:59','Y','MISC','Other/See Description','\'EFF Benefit Poker Tournament at DEF CON 31 - Poker\'','\' \'','MISC_d55af8098fa72f2def89265269d63596','\'\'',NULL,365650),('2_Friday','17','12:00','17:59','Y','MISC','Other/See Description','\'EFF Benefit Poker Tournament at DEF CON 31 - Poker\'','\' \'','MISC_d55af8098fa72f2def89265269d63596','\'\'',NULL,365651),('2_Friday','18','18:30','21:59','N','MISC','Caesars Forum - Summit - 223 - Plounge','\'Hacking Policy & Prompts - Happy Hour\'','\' \'','MISC_6d2a9644459d1300173700a49d3b0c34','\'Title: Hacking Policy & Prompts - Happy Hour
\nWhen: Friday, Aug 11, 18:30 - 21:59 PDT
\nWhere: Caesars Forum - Summit - 223 - Plounge - Map
\n
\nDescription:
\nJoin the [Hacking Policy Council](http://hackingpolicycouncil.org/) and the [AI Village](https://aivillage.org/) for a happy hour with hackers, policymakers, and AI experts. Have a beverage with us and discuss whether it is a hacking crime to lie to AI, what governments are doing about vulnerabilities disclosure, and the ultimate AI hacking challenge. There will be a cash bar and some drink tickets will be available from Policy @ DEF CON. Mark your calendars for Friday, August 11th, 6:30PM - 10PM, at Caesar’s Forum in rooms 221-223 (AKA the Plounge). \n
\n\n\'',NULL,365652),('2_Friday','19','18:30','21:59','Y','MISC','Caesars Forum - Summit - 223 - Plounge','\'Hacking Policy & Prompts - Happy Hour\'','\' \'','MISC_6d2a9644459d1300173700a49d3b0c34','\'\'',NULL,365653),('2_Friday','20','18:30','21:59','Y','MISC','Caesars Forum - Summit - 223 - Plounge','\'Hacking Policy & Prompts - Happy Hour\'','\' \'','MISC_6d2a9644459d1300173700a49d3b0c34','\'\'',NULL,365654),('2_Friday','21','18:30','21:59','Y','MISC','Caesars Forum - Summit - 223 - Plounge','\'Hacking Policy & Prompts - Happy Hour\'','\' \'','MISC_6d2a9644459d1300173700a49d3b0c34','\'\'',NULL,365655),('1_Thursday','06','06:00','11:59','N','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8054705641df8816f0d9fe89c3ec6836','\'Title: Defcon.run
\nWhen: Thursday, Aug 10, 06:00 - 11:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\nIF the future is coming and it is! Then you\'re going to need to run! Get started at defcon.run!\n

Defcon.run is an evolution of the now long running Defcon 4x5K running event. But now it\'s bigger and more fun! Due to stupendous growth, we’ve been forced to change up the format. This year\'s activity will look to match up folks for fun runs, and rucks (!), in smaller distributed groups around Las Vegas. It’s the same old event but at a distributed scale! Show up in the morning to beat the heat, go for a run with folks, have a good time!\n

We’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances.\n

You can register to log your distance, we\'ll have a leader board, and shenanigans! Full Information at https://defcon.run\n

Interested parties should rally at Harrah\'s Goldfield at 06:00, but be sure to check [defcon.run](https://defcon.run) for any updates.\n

\n\n\'',NULL,365656),('1_Thursday','07','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8054705641df8816f0d9fe89c3ec6836','\'\'',NULL,365657),('1_Thursday','08','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8054705641df8816f0d9fe89c3ec6836','\'\'',NULL,365658),('1_Thursday','09','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8054705641df8816f0d9fe89c3ec6836','\'\'',NULL,365659),('1_Thursday','10','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8054705641df8816f0d9fe89c3ec6836','\'\'',NULL,365660),('1_Thursday','11','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8054705641df8816f0d9fe89c3ec6836','\'\'',NULL,365661),('2_Friday','06','06:00','11:59','N','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_83d4c66634ab4ddaaf52816bd5976864','\'Title: Defcon.run
\nWhen: Friday, Aug 11, 06:00 - 11:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\nIF the future is coming and it is! Then you\'re going to need to run! Get started at defcon.run!\n

Defcon.run is an evolution of the now long running Defcon 4x5K running event. But now it\'s bigger and more fun! Due to stupendous growth, we’ve been forced to change up the format. This year\'s activity will look to match up folks for fun runs, and rucks (!), in smaller distributed groups around Las Vegas. It’s the same old event but at a distributed scale! Show up in the morning to beat the heat, go for a run with folks, have a good time!\n

We’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances.\n

You can register to log your distance, we\'ll have a leader board, and shenanigans! Full Information at https://defcon.run\n

Interested parties should rally at Harrah\'s Goldfield at 06:00, but be sure to check [defcon.run](https://defcon.run) for any updates.\n

\n\n\'',NULL,365662),('2_Friday','07','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_83d4c66634ab4ddaaf52816bd5976864','\'\'',NULL,365663),('2_Friday','08','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_83d4c66634ab4ddaaf52816bd5976864','\'\'',NULL,365664),('2_Friday','09','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_83d4c66634ab4ddaaf52816bd5976864','\'\'',NULL,365665),('2_Friday','10','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_83d4c66634ab4ddaaf52816bd5976864','\'\'',NULL,365666),('2_Friday','11','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_83d4c66634ab4ddaaf52816bd5976864','\'\'',NULL,365667),('4_Sunday','06','06:00','11:59','N','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_849d81098ac6990a047f1be98c92e930','\'Title: Defcon.run
\nWhen: Sunday, Aug 13, 06:00 - 11:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\nIF the future is coming and it is! Then you\'re going to need to run! Get started at defcon.run!\n

Defcon.run is an evolution of the now long running Defcon 4x5K running event. But now it\'s bigger and more fun! Due to stupendous growth, we’ve been forced to change up the format. This year\'s activity will look to match up folks for fun runs, and rucks (!), in smaller distributed groups around Las Vegas. It’s the same old event but at a distributed scale! Show up in the morning to beat the heat, go for a run with folks, have a good time!\n

We’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances.\n

You can register to log your distance, we\'ll have a leader board, and shenanigans! Full Information at https://defcon.run\n

Interested parties should rally at Harrah\'s Goldfield at 06:00, but be sure to check [defcon.run](https://defcon.run) for any updates.\n

\n\n\'',NULL,365668),('4_Sunday','07','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_849d81098ac6990a047f1be98c92e930','\'\'',NULL,365669),('4_Sunday','08','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_849d81098ac6990a047f1be98c92e930','\'\'',NULL,365670),('4_Sunday','09','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_849d81098ac6990a047f1be98c92e930','\'\'',NULL,365671),('4_Sunday','10','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_849d81098ac6990a047f1be98c92e930','\'\'',NULL,365672),('4_Sunday','11','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_849d81098ac6990a047f1be98c92e930','\'\'',NULL,365673),('3_Saturday','06','06:00','11:59','N','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8aa3bb0ca0aedbe2cdc4393eb4e006f2','\'Title: Defcon.run
\nWhen: Saturday, Aug 12, 06:00 - 11:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\nIF the future is coming and it is! Then you\'re going to need to run! Get started at defcon.run!\n

Defcon.run is an evolution of the now long running Defcon 4x5K running event. But now it\'s bigger and more fun! Due to stupendous growth, we’ve been forced to change up the format. This year\'s activity will look to match up folks for fun runs, and rucks (!), in smaller distributed groups around Las Vegas. It’s the same old event but at a distributed scale! Show up in the morning to beat the heat, go for a run with folks, have a good time!\n

We’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances.\n

You can register to log your distance, we\'ll have a leader board, and shenanigans! Full Information at https://defcon.run\n

Interested parties should rally at Harrah\'s Goldfield at 06:00, but be sure to check [defcon.run](https://defcon.run) for any updates.\n

\n\n\'',NULL,365674),('3_Saturday','07','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8aa3bb0ca0aedbe2cdc4393eb4e006f2','\'\'',NULL,365675),('3_Saturday','08','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8aa3bb0ca0aedbe2cdc4393eb4e006f2','\'\'',NULL,365676),('3_Saturday','09','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8aa3bb0ca0aedbe2cdc4393eb4e006f2','\'\'',NULL,365677),('3_Saturday','10','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8aa3bb0ca0aedbe2cdc4393eb4e006f2','\'\'',NULL,365678),('3_Saturday','11','06:00','11:59','Y','MISC','Other/See Description','\'Defcon.run\'','\' \'','MISC_8aa3bb0ca0aedbe2cdc4393eb4e006f2','\'\'',NULL,365679),('2_Friday','11','11:00','11:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village','\'Stories from the Trenches\'','\'Ben \"NahamSec\" Sadeghipour,Barrett Darnell,John Hammond,Ryan M. Montgomery,Savannah Lazzara\'','RTV_2c9bb6a5c0c5c4e3f9df46f171afa4cf','\'Title: Stories from the Trenches
\nWhen: Friday, Aug 11, 11:00 - 11:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Map
\nSpeakers:Ben \"NahamSec\" Sadeghipour,Barrett Darnell,John Hammond,Ryan M. Montgomery,Savannah Lazzara
\n
SpeakerBio:Ben \"NahamSec\" Sadeghipour\n, Hacker & Content Creator at NahamSec
\nBen Sadeghipour AKA NahamSec is a security researcher and content creator. He’s currently in the top 100 for both HackerOne(25) and Bugcrowd’s (95) leaderboards. He has helped identify over a thousand vulnerabilities in companies like Amazon, Apple, Airbnb, Lyft, Snapchat and more. Prior to doing content creation full time, he worked as a research and community education executive at Hadrian and HackerOne. Ben has presented many talks and workshops at cons such DEFCON, BSides, OWASP AppSec, RSA, Red Team Village, and more. He also enjoys hosting and organizing hacker meetups or virtual conferences such as NahamCon and Hacktivitycon!
\nTwitter: @nahamsec
\n
SpeakerBio:Barrett Darnell\n
\nNo BIO available
\nTwitter: @pwnEIP
\n
SpeakerBio:John Hammond\n
\nNo BIO available
\nTwitter: @_JohnHammond
\n
SpeakerBio:Ryan M. Montgomery\n
\nNo BIO available
\nTwitter: @0dayCTF
\n
SpeakerBio:Savannah Lazzara\n
\nNo BIO available
\nTwitter: @lazzslayer
\n\n
\nDescription:
\nKeynote Panel moderated by Ben Sadeghipour @nahamsec\n
\n\n\'',NULL,365680),('2_Friday','12','12:00','13:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'An Introduction to SAML and its Security\'','\'Louis Nyffenegger\'','RTV_cc12a885eb6fa548b42816ea72e357c7','\'Title: An Introduction to SAML and its Security
\nWhen: Friday, Aug 11, 12:00 - 13:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\n
SpeakerBio:Louis Nyffenegger\n
\nLouis is a security engineer based in Melbourne, Australia. He is the founder of PentesterLab, a learning platform for web penetration testing.
\nTwitter: @snyff
\n\n
\nDescription:
\nIn this workshop, you will get to learn how SAML works and how to exploit issues impacting SAML implementations. Remember this XSW attacks in Burp? What do they actually do? Let\'s dive in and have fun learning about SAML. Basic understanding of Proxying request/response and Burp required.\n
\n\n\'',NULL,365681),('2_Friday','13','12:00','13:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'An Introduction to SAML and its Security\'','\'Louis Nyffenegger\'','RTV_cc12a885eb6fa548b42816ea72e357c7','\'\'',NULL,365682),('3_Saturday','09','09:00','11:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)\'','\'Alex Lynd\'','RTV_51772ff2cd41d6f7a8d3e24949b9b97c','\'Title: Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)
\nWhen: Saturday, Aug 12, 09:00 - 11:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
\n
SpeakerBio:Alex Lynd\n
\nNo BIO available
\nTwitter: @alexlynd
\n\n
\nDescription:
\nWant to learn how hackers compromise unlocked computers in seconds? Come build your own USB hacking tool in this beginner-friendly workshop, and learn to write prank payloads with your new cat-shaped hacking companion, the “USB Nugget”! You’ll learn the techniques & tools hackers use to deploy USB attacks, and compete for prizes in a mini hackathon to make the most destructive payload!\n
\n\n\'',NULL,365683),('3_Saturday','10','09:00','11:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)\'','\'Alex Lynd\'','RTV_51772ff2cd41d6f7a8d3e24949b9b97c','\'\'',NULL,365684),('3_Saturday','11','09:00','11:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)\'','\'Alex Lynd\'','RTV_51772ff2cd41d6f7a8d3e24949b9b97c','\'\'',NULL,365685),('2_Friday','12','12:00','14:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)\'','\'Alex Lynd\'','RTV_1e47f1452b6bd3bad34d92d8bfff0e93','\'Title: Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)
\nWhen: Friday, Aug 11, 12:00 - 14:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
\n
SpeakerBio:Alex Lynd\n
\nNo BIO available
\nTwitter: @alexlynd
\n\n
\nDescription:
\nWant to learn how hackers compromise unlocked computers in seconds? Come build your own USB hacking tool in this beginner-friendly workshop, and learn to write prank payloads with your new cat-shaped hacking companion, the “USB Nugget”! You’ll learn the techniques & tools hackers use to deploy USB attacks, and compete for prizes in a mini hackathon to make the most destructive payload!\n
\n\n\'',NULL,365686),('2_Friday','13','12:00','14:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)\'','\'Alex Lynd\'','RTV_1e47f1452b6bd3bad34d92d8bfff0e93','\'\'',NULL,365687),('2_Friday','14','12:00','14:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)\'','\'Alex Lynd\'','RTV_1e47f1452b6bd3bad34d92d8bfff0e93','\'\'',NULL,365688),('3_Saturday','14','14:00','14:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'IOCs + APTs = \"Let\'s play a game!\" - Hack your way through a hunt!\'','\'Leo Cruz\'','RTV_bebf28c8b9b95ed56cd25167b08cb30f','\'Title: IOCs + APTs = \"Let\'s play a game!\" - Hack your way through a hunt!
\nWhen: Saturday, Aug 12, 14:00 - 14:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\n
SpeakerBio:Leo Cruz\n
\nNo BIO available
\n\n
\nDescription:
\nIn order to threat hunt, in order to create threat intelligence, one must first identify the what before the where, the where, before the why, the why before the who, and then you’ll know who attacked you…maybe 🙂 In this CTF style threat hunt, you are placed in two seats. In one you are the attacker, the other, you are the defender. Somewhere in between, you have to realize that you are also the malware author, reverse engineer, network analyst, etc…however your path may be, you will need to find all of the IOCs before time runs out and the real adversary is not found.\n
\n\n\'',NULL,365689),('4_Sunday','10','10:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'IOCs + APTs = \"Let\'s play a game!\" - Hack your way through a hunt!\'','\'Leo Cruz\'','RTV_c4e878ac3850119453a888e6cacf595c','\'Title: IOCs + APTs = \"Let\'s play a game!\" - Hack your way through a hunt!
\nWhen: Sunday, Aug 13, 10:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\n
SpeakerBio:Leo Cruz\n
\nNo BIO available
\n\n
\nDescription:
\nIn order to threat hunt, in order to create threat intelligence, one must first identify the what before the where, the where, before the why, the why before the who, and then you’ll know who attacked you…maybe 🙂 In this CTF style threat hunt, you are placed in two seats. In one you are the attacker, the other, you are the defender. Somewhere in between, you have to realize that you are also the malware author, reverse engineer, network analyst, etc…however your path may be, you will need to find all of the IOCs before time runs out and the real adversary is not found.\n
\n\n\'',NULL,365690),('2_Friday','12','12:00','12:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5','\'IOCs + APTs = \"Let\'s play a game!\" - Hack your way through a hunt!\'','\'Leo Cruz\'','RTV_b37d287671c075d8a5593be9547d0e09','\'Title: IOCs + APTs = \"Let\'s play a game!\" - Hack your way through a hunt!
\nWhen: Friday, Aug 11, 12:00 - 12:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
\n
SpeakerBio:Leo Cruz\n
\nNo BIO available
\n\n
\nDescription:
\nIn order to threat hunt, in order to create threat intelligence, one must first identify the what before the where, the where, before the why, the why before the who, and then you’ll know who attacked you…maybe 🙂 In this CTF style threat hunt, you are placed in two seats. In one you are the attacker, the other, you are the defender. Somewhere in between, you have to realize that you are also the malware author, reverse engineer, network analyst, etc…however your path may be, you will need to find all of the IOCs before time runs out and the real adversary is not found.\n
\n\n\'',NULL,365691),('2_Friday','16','16:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'IOCs + APTs = \"Let\'s play a game!\" - Hack your way through a hunt!\'','\'Leo Cruz\'','RTV_51881a6fafbd730fe09c261d6c73cd9c','\'Title: IOCs + APTs = \"Let\'s play a game!\" - Hack your way through a hunt!
\nWhen: Friday, Aug 11, 16:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\n
SpeakerBio:Leo Cruz\n
\nNo BIO available
\n\n
\nDescription:
\nIn order to threat hunt, in order to create threat intelligence, one must first identify the what before the where, the where, before the why, the why before the who, and then you’ll know who attacked you…maybe 🙂 In this CTF style threat hunt, you are placed in two seats. In one you are the attacker, the other, you are the defender. Somewhere in between, you have to realize that you are also the malware author, reverse engineer, network analyst, etc…however your path may be, you will need to find all of the IOCs before time runs out and the real adversary is not found.\n
\n\n\'',NULL,365692),('2_Friday','12','12:00','12:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'OSINT Skills Lab Challenge\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_a3a4f95be18faa1cb383fb6bcf20b368','\'Title: OSINT Skills Lab Challenge
\nWhen: Friday, Aug 11, 12:00 - 12:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\nSpeakers:Lee McWhorter,Sandra Stibbards
\n
SpeakerBio:Lee McWhorter\n
\nNo BIO available
\nTwitter: @tleemcjr
\n
SpeakerBio:Sandra Stibbards\n
\nNo BIO available
\nTwitter: @Camelotinv
\n\n
\nDescription:
\nWelcome to the Open Source Intelligence Skills Lab Challenge CTF! There are 3 challenge sets, each with their own challenges. As you progress through each set, the difficulty will progressively increase. Answering a \"flag\" correctly will net you points, with a maximum possible score of 560.\n
\n\n\'',NULL,365693),('3_Saturday','15','15:00','15:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'OSINT Skills Lab Challenge\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_531461fb304b86304b1b84fd1ce2f9c3','\'Title: OSINT Skills Lab Challenge
\nWhen: Saturday, Aug 12, 15:00 - 15:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\nSpeakers:Lee McWhorter,Sandra Stibbards
\n
SpeakerBio:Lee McWhorter\n
\nNo BIO available
\nTwitter: @tleemcjr
\n
SpeakerBio:Sandra Stibbards\n
\nNo BIO available
\nTwitter: @Camelotinv
\n\n
\nDescription:
\nWelcome to the Open Source Intelligence Skills Lab Challenge CTF! There are 3 challenge sets, each with their own challenges. As you progress through each set, the difficulty will progressively increase. Answering a \"flag\" correctly will net you points, with a maximum possible score of 560.\n
\n\n\'',NULL,365694),('3_Saturday','16','16:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'OSINT Skills Lab Challenge\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_0bb621b5a4c13dbdfd73d12f8c6ff9ee','\'Title: OSINT Skills Lab Challenge
\nWhen: Saturday, Aug 12, 16:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\nSpeakers:Lee McWhorter,Sandra Stibbards
\n
SpeakerBio:Lee McWhorter\n
\nNo BIO available
\nTwitter: @tleemcjr
\n
SpeakerBio:Sandra Stibbards\n
\nNo BIO available
\nTwitter: @Camelotinv
\n\n
\nDescription:
\nWelcome to the Open Source Intelligence Skills Lab Challenge CTF! There are 3 challenge sets, each with their own challenges. As you progress through each set, the difficulty will progressively increase. Answering a \"flag\" correctly will net you points, with a maximum possible score of 560.\n
\n\n\'',NULL,365695),('4_Sunday','11','11:00','11:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'OSINT Skills Lab Challenge\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_35110fa553394368165e8f85b6b6c574','\'Title: OSINT Skills Lab Challenge
\nWhen: Sunday, Aug 13, 11:00 - 11:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\nSpeakers:Lee McWhorter,Sandra Stibbards
\n
SpeakerBio:Lee McWhorter\n
\nNo BIO available
\nTwitter: @tleemcjr
\n
SpeakerBio:Sandra Stibbards\n
\nNo BIO available
\nTwitter: @Camelotinv
\n\n
\nDescription:
\nWelcome to the Open Source Intelligence Skills Lab Challenge CTF! There are 3 challenge sets, each with their own challenges. As you progress through each set, the difficulty will progressively increase. Answering a \"flag\" correctly will net you points, with a maximum possible score of 560.\n
\n\n\'',NULL,365696),('2_Friday','13','13:00','13:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'OSINT Skills Lab Challenge\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_660afbd5af45ff9aeac7cc909b6d1dbd','\'Title: OSINT Skills Lab Challenge
\nWhen: Friday, Aug 11, 13:00 - 13:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\nSpeakers:Lee McWhorter,Sandra Stibbards
\n
SpeakerBio:Lee McWhorter\n
\nNo BIO available
\nTwitter: @tleemcjr
\n
SpeakerBio:Sandra Stibbards\n
\nNo BIO available
\nTwitter: @Camelotinv
\n\n
\nDescription:
\nWelcome to the Open Source Intelligence Skills Lab Challenge CTF! There are 3 challenge sets, each with their own challenges. As you progress through each set, the difficulty will progressively increase. Answering a \"flag\" correctly will net you points, with a maximum possible score of 560.\n
\n\n\'',NULL,365697),('3_Saturday','12','12:00','12:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'Red Hot (Red Team TTPs)\'','\'Ralph May,Steve Borosh\'','RTV_8b80d42a5d3cfec32e698513db6577f5','\'Title: Red Hot (Red Team TTPs)
\nWhen: Saturday, Aug 12, 12:00 - 12:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\nSpeakers:Ralph May,Steve Borosh
\n
SpeakerBio:Ralph May\n
\nNo BIO available
\nTwitter: @ralphte1
\n
SpeakerBio:Steve Borosh\n
\nNo BIO available
\nTwitter: @424f424f
\n\n
\nDescription:
\nWelcome to our Red Team workshop where we will be discussing the hottest Tactics, Techniques, and Procedures (TTPs) used by Red Teams today. As cyber threats become more sophisticated, it is essential for Red Teams to stay up-to-date with the latest TTPs to ensure their organizations are well-prepared and protected against potential attacks. In this workshop, we will explore the latest TTPs used by Red Teams, including social engineering, post-exploitation, and other malicious techniques that are currently being employed in “advanced” attacks. By the end of this workshop, you will have a better understanding of the latest TTPs, how to use them, and be better equipped to defend against them. Let\'s get started!\n
\n\n\'',NULL,365698),('3_Saturday','10','10:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'Red Hot (Red Team TTPs)\'','\'Ralph May,Steve Borosh\'','RTV_e21220485421909ec5c473fb48264edf','\'Title: Red Hot (Red Team TTPs)
\nWhen: Saturday, Aug 12, 10:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\nSpeakers:Ralph May,Steve Borosh
\n
SpeakerBio:Ralph May\n
\nNo BIO available
\nTwitter: @ralphte1
\n
SpeakerBio:Steve Borosh\n
\nNo BIO available
\nTwitter: @424f424f
\n\n
\nDescription:
\nWelcome to our Red Team workshop where we will be discussing the hottest Tactics, Techniques, and Procedures (TTPs) used by Red Teams today. As cyber threats become more sophisticated, it is essential for Red Teams to stay up-to-date with the latest TTPs to ensure their organizations are well-prepared and protected against potential attacks. In this workshop, we will explore the latest TTPs used by Red Teams, including social engineering, post-exploitation, and other malicious techniques that are currently being employed in “advanced” attacks. By the end of this workshop, you will have a better understanding of the latest TTPs, how to use them, and be better equipped to defend against them. Let\'s get started!\n
\n\n\'',NULL,365699),('3_Saturday','15','15:00','15:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Red Hot (Red Team TTPs)\'','\'Ralph May,Steve Borosh\'','RTV_3c33fec1c932332dea49cf1abec245e8','\'Title: Red Hot (Red Team TTPs)
\nWhen: Saturday, Aug 12, 15:00 - 15:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
\nSpeakers:Ralph May,Steve Borosh
\n
SpeakerBio:Ralph May\n
\nNo BIO available
\nTwitter: @ralphte1
\n
SpeakerBio:Steve Borosh\n
\nNo BIO available
\nTwitter: @424f424f
\n\n
\nDescription:
\nWelcome to our Red Team workshop where we will be discussing the hottest Tactics, Techniques, and Procedures (TTPs) used by Red Teams today. As cyber threats become more sophisticated, it is essential for Red Teams to stay up-to-date with the latest TTPs to ensure their organizations are well-prepared and protected against potential attacks. In this workshop, we will explore the latest TTPs used by Red Teams, including social engineering, post-exploitation, and other malicious techniques that are currently being employed in “advanced” attacks. By the end of this workshop, you will have a better understanding of the latest TTPs, how to use them, and be better equipped to defend against them. Let\'s get started!\n
\n\n\'',NULL,365700),('2_Friday','12','12:00','12:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'Red Hot (Red Team TTPs)\'','\'Ralph May,Steve Borosh\'','RTV_6695d3eb8d19ec300a28b4743dced7d0','\'Title: Red Hot (Red Team TTPs)
\nWhen: Friday, Aug 11, 12:00 - 12:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\nSpeakers:Ralph May,Steve Borosh
\n
SpeakerBio:Ralph May\n
\nNo BIO available
\nTwitter: @ralphte1
\n
SpeakerBio:Steve Borosh\n
\nNo BIO available
\nTwitter: @424f424f
\n\n
\nDescription:
\nWelcome to our Red Team workshop where we will be discussing the hottest Tactics, Techniques, and Procedures (TTPs) used by Red Teams today. As cyber threats become more sophisticated, it is essential for Red Teams to stay up-to-date with the latest TTPs to ensure their organizations are well-prepared and protected against potential attacks. In this workshop, we will explore the latest TTPs used by Red Teams, including social engineering, post-exploitation, and other malicious techniques that are currently being employed in “advanced” attacks. By the end of this workshop, you will have a better understanding of the latest TTPs, how to use them, and be better equipped to defend against them. Let\'s get started!\n
\n\n\'',NULL,365701),('2_Friday','15','15:00','15:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Red Hot (Red Team TTPs)\'','\'Ralph May,Steve Borosh\'','RTV_db944d4ff02d7a0504f19107cd684030','\'Title: Red Hot (Red Team TTPs)
\nWhen: Friday, Aug 11, 15:00 - 15:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
\nSpeakers:Ralph May,Steve Borosh
\n
SpeakerBio:Ralph May\n
\nNo BIO available
\nTwitter: @ralphte1
\n
SpeakerBio:Steve Borosh\n
\nNo BIO available
\nTwitter: @424f424f
\n\n
\nDescription:
\nWelcome to our Red Team workshop where we will be discussing the hottest Tactics, Techniques, and Procedures (TTPs) used by Red Teams today. As cyber threats become more sophisticated, it is essential for Red Teams to stay up-to-date with the latest TTPs to ensure their organizations are well-prepared and protected against potential attacks. In this workshop, we will explore the latest TTPs used by Red Teams, including social engineering, post-exploitation, and other malicious techniques that are currently being employed in “advanced” attacks. By the end of this workshop, you will have a better understanding of the latest TTPs, how to use them, and be better equipped to defend against them. Let\'s get started!\n
\n\n\'',NULL,365702),('3_Saturday','12','12:00','13:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Scripting OWASP Amass for a Customized Experience\'','\'Jeff Foley\'','RTV_f8f844aae478d97288f286965906a700','\'Title: Scripting OWASP Amass for a Customized Experience
\nWhen: Saturday, Aug 12, 12:00 - 13:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\n
SpeakerBio:Jeff Foley\n
\nNo BIO available
\nTwitter: @jeff_foley
\n\n
\nDescription:
\nThis course is for practitioners who would like to have accurate visibility and results when mapping an organization\'s external attack surface. We will use the open source tool, provided by the OWASP Amass Project, to better understand how to hunt down assets exposed on the Internet. Many professionals have leveraged the basic Amass features during their red team exercises and other information security efforts, but not extended the capabilities of the engine to implement new features and data sources. We will use hands-on exercises to have you become familiar with the Amass Engine, comfortable extending it, and aware of future directions for the project. Participants are encouraged to complete the exercises by writing the extensions in the Lua programming language. All the examples will be provided for those unfamiliar with the language.\n
\n\n\'',NULL,365703),('3_Saturday','13','12:00','13:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Scripting OWASP Amass for a Customized Experience\'','\'Jeff Foley\'','RTV_f8f844aae478d97288f286965906a700','\'\'',NULL,365704),('2_Friday','12','12:00','13:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Scripting OWASP Amass for a Customized Experience\'','\'Jeff Foley\'','RTV_bfed4e3758f43b568c6d64bf1ab6b82d','\'Title: Scripting OWASP Amass for a Customized Experience
\nWhen: Friday, Aug 11, 12:00 - 13:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
\n
SpeakerBio:Jeff Foley\n
\nNo BIO available
\nTwitter: @jeff_foley
\n\n
\nDescription:
\nThis course is for practitioners who would like to have accurate visibility and results when mapping an organization\'s external attack surface. We will use the open source tool, provided by the OWASP Amass Project, to better understand how to hunt down assets exposed on the Internet. Many professionals have leveraged the basic Amass features during their red team exercises and other information security efforts, but not extended the capabilities of the engine to implement new features and data sources. We will use hands-on exercises to have you become familiar with the Amass Engine, comfortable extending it, and aware of future directions for the project. Participants are encouraged to complete the exercises by writing the extensions in the Lua programming language. All the examples will be provided for those unfamiliar with the language.\n
\n\n\'',NULL,365705),('2_Friday','13','12:00','13:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Scripting OWASP Amass for a Customized Experience\'','\'Jeff Foley\'','RTV_bfed4e3758f43b568c6d64bf1ab6b82d','\'\'',NULL,365706),('3_Saturday','14','14:00','14:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5','\'AI-Driven Hacker\'s Toolkit: Using AI to Learn Python and Scapy for Exploitation and Post-Exploitation Techniques\'','\'Omar Santos\'','RTV_15252c0c53f40b796571dbb5db1ad4e6','\'Title: AI-Driven Hacker\'s Toolkit: Using AI to Learn Python and Scapy for Exploitation and Post-Exploitation Techniques
\nWhen: Saturday, Aug 12, 14:00 - 14:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
\n
SpeakerBio:Omar Santos\n
\nNo BIO available
\nTwitter: @santosomar
\n\n
\nDescription:
\nArtificial Intelligence (AI) has paved its way into many fields, and cybersecurity is no exception. AI can significantly augment red team operations by enhancing the learning process of key tools like Python and Scapy. Let\'s delve into how AI can act as an indispensable co-pilot in mastering these crucial tools for cybersecurity tasks.\n
\n\n\'',NULL,365707),('2_Friday','13','13:00','13:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5','\'AI-Driven Hacker\'s Toolkit: Using AI to Learn Python and Scapy for Exploitation and Post-Exploitation Techniques\'','\'Omar Santos\'','RTV_aa3d7ea902a31e48441d3db562ad0bb3','\'Title: AI-Driven Hacker\'s Toolkit: Using AI to Learn Python and Scapy for Exploitation and Post-Exploitation Techniques
\nWhen: Friday, Aug 11, 13:00 - 13:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
\n
SpeakerBio:Omar Santos\n
\nNo BIO available
\nTwitter: @santosomar
\n\n
\nDescription:
\nArtificial Intelligence (AI) has paved its way into many fields, and cybersecurity is no exception. AI can significantly augment red team operations by enhancing the learning process of key tools like Python and Scapy. Let\'s delve into how AI can act as an indispensable co-pilot in mastering these crucial tools for cybersecurity tasks.\n
\n\n\'',NULL,365708),('2_Friday','13','13:00','13:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'Hunting & Exploiting DLL Sideloads\'','\'Matthew Nickerson,Nick Swink\'','RTV_732357a596712b17be963ad161b47316','\'Title: Hunting & Exploiting DLL Sideloads
\nWhen: Friday, Aug 11, 13:00 - 13:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\nSpeakers:Matthew Nickerson,Nick Swink
\n
SpeakerBio:Matthew Nickerson\n
\nNo BIO available
\nTwitter: @turbo_sec
\n
SpeakerBio:Nick Swink\n
\nNo BIO available
\nTwitter: @0xC0rnbread
\n\n
\nDescription:
\nThis workshop will go through the process of manually identifying applications that can be vulnerable to DLL Sideloading and exploiting them. Attendees will learn how to use Promon to find applications that can be vulnerable to DLL sideloading, identify the correct DLL functions to proxy using CFF Explorer, and write a basic DLL to run shellcode.\n
\n\n\'',NULL,365709),('3_Saturday','10','10:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'Hunting & Exploiting DLL Sideloads\'','\'Matthew Nickerson,Nick Swink\'','RTV_4513b07c02283bb12ef75ab93063b932','\'Title: Hunting & Exploiting DLL Sideloads
\nWhen: Saturday, Aug 12, 10:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\nSpeakers:Matthew Nickerson,Nick Swink
\n
SpeakerBio:Matthew Nickerson\n
\nNo BIO available
\nTwitter: @turbo_sec
\n
SpeakerBio:Nick Swink\n
\nNo BIO available
\nTwitter: @0xC0rnbread
\n\n
\nDescription:
\nThis workshop will go through the process of manually identifying applications that can be vulnerable to DLL Sideloading and exploiting them. Attendees will learn how to use Promon to find applications that can be vulnerable to DLL sideloading, identify the correct DLL functions to proxy using CFF Explorer, and write a basic DLL to run shellcode.\n
\n\n\'',NULL,365710),('2_Friday','15','15:00','15:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'Hacking Web Apps and APIs with WebSploit Labs\'','\'Omar Santos\'','RTV_4af7b47922d3a46a6c6f2690dedd81f4','\'Title: Hacking Web Apps and APIs with WebSploit Labs
\nWhen: Friday, Aug 11, 15:00 - 15:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\n
SpeakerBio:Omar Santos\n
\nNo BIO available
\nTwitter: @santosomar
\n\n
\nDescription:
\nThis workshop is intended for cybersecurity professionals, system administrators, software developers, and anyone interested in learning about the art of hacking web applications and API security. It is an immersive, hands-on experience that provides comprehensive knowledge about different web application and API vulnerabilities, and, most importantly, effective hacking methodologies.\n
\n\n\'',NULL,365711),('3_Saturday','12','12:00','12:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Hacking Web Apps and APIs with WebSploit Labs\'','\'Omar Santos\'','RTV_da62547ce177d1e0e079d2589cf11723','\'Title: Hacking Web Apps and APIs with WebSploit Labs
\nWhen: Saturday, Aug 12, 12:00 - 12:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
\n
SpeakerBio:Omar Santos\n
\nNo BIO available
\nTwitter: @santosomar
\n\n
\nDescription:
\nThis workshop is intended for cybersecurity professionals, system administrators, software developers, and anyone interested in learning about the art of hacking web applications and API security. It is an immersive, hands-on experience that provides comprehensive knowledge about different web application and API vulnerabilities, and, most importantly, effective hacking methodologies.\n
\n\n\'',NULL,365712),('3_Saturday','16','16:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Hacking Web Apps and APIs with WebSploit Labs\'','\'Omar Santos\'','RTV_29627431f6985042955acb6d4b361dd9','\'Title: Hacking Web Apps and APIs with WebSploit Labs
\nWhen: Saturday, Aug 12, 16:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\n
SpeakerBio:Omar Santos\n
\nNo BIO available
\nTwitter: @santosomar
\n\n
\nDescription:
\nThis workshop is intended for cybersecurity professionals, system administrators, software developers, and anyone interested in learning about the art of hacking web applications and API security. It is an immersive, hands-on experience that provides comprehensive knowledge about different web application and API vulnerabilities, and, most importantly, effective hacking methodologies.\n
\n\n\'',NULL,365713),('2_Friday','14','14:00','14:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'Hacking Web Apps and APIs with WebSploit Labs\'','\'Omar Santos\'','RTV_81fd718956e1567be3371a44b2628d34','\'Title: Hacking Web Apps and APIs with WebSploit Labs
\nWhen: Friday, Aug 11, 14:00 - 14:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\n
SpeakerBio:Omar Santos\n
\nNo BIO available
\nTwitter: @santosomar
\n\n
\nDescription:
\nThis workshop is intended for cybersecurity professionals, system administrators, software developers, and anyone interested in learning about the art of hacking web applications and API security. It is an immersive, hands-on experience that provides comprehensive knowledge about different web application and API vulnerabilities, and, most importantly, effective hacking methodologies.\n
\n\n\'',NULL,365714),('4_Sunday','11','11:00','11:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Hacking Web Apps and APIs with WebSploit Labs\'','\'Omar Santos\'','RTV_1309a48703262c43e3ef86fb95a404c2','\'Title: Hacking Web Apps and APIs with WebSploit Labs
\nWhen: Sunday, Aug 13, 11:00 - 11:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
\n
SpeakerBio:Omar Santos\n
\nNo BIO available
\nTwitter: @santosomar
\n\n
\nDescription:
\nThis workshop is intended for cybersecurity professionals, system administrators, software developers, and anyone interested in learning about the art of hacking web applications and API security. It is an immersive, hands-on experience that provides comprehensive knowledge about different web application and API vulnerabilities, and, most importantly, effective hacking methodologies.\n
\n\n\'',NULL,365715),('3_Saturday','13','13:00','14:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'How to [NOT] look like a Red Team\'','\'Michael Wylie\'','RTV_48617dc95a01240c44f73935b43bd6f0','\'Title: How to [NOT] look like a Red Team
\nWhen: Saturday, Aug 12, 13:00 - 14:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
\n
SpeakerBio:Michael Wylie\n
\nNo BIO available
\nTwitter: @themikewylie
\n\n
\nDescription:
\nA red team is defined as a group of cybersecurity professionals that simulate the actions of those who are malicious or adversarial. However, many red teams don’t emulate adversaries as much as they might think. This workshop will discuss adversary types and their motivations, common tooling mistakes that are a dead giveaway you’re a red team, infrastructure mistakes, lack of action on objectives, and more from the perspective of someone who hunts red teams. This workshop is designed for entry level to intermediate level red teamers.\n
\n\n\'',NULL,365716),('3_Saturday','14','13:00','14:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'How to [NOT] look like a Red Team\'','\'Michael Wylie\'','RTV_48617dc95a01240c44f73935b43bd6f0','\'\'',NULL,365717),('2_Friday','14','14:00','15:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'How to [NOT] look like a Red Team\'','\'Michael Wylie\'','RTV_035d47ca812f3c4cad9b4b55bef998bc','\'Title: How to [NOT] look like a Red Team
\nWhen: Friday, Aug 11, 14:00 - 15:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\n
SpeakerBio:Michael Wylie\n
\nNo BIO available
\nTwitter: @themikewylie
\n\n
\nDescription:
\nA red team is defined as a group of cybersecurity professionals that simulate the actions of those who are malicious or adversarial. However, many red teams don’t emulate adversaries as much as they might think. This workshop will discuss adversary types and their motivations, common tooling mistakes that are a dead giveaway you’re a red team, infrastructure mistakes, lack of action on objectives, and more from the perspective of someone who hunts red teams. This workshop is designed for entry level to intermediate level red teamers.\n
\n\n\'',NULL,365718),('2_Friday','15','14:00','15:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'How to [NOT] look like a Red Team\'','\'Michael Wylie\'','RTV_035d47ca812f3c4cad9b4b55bef998bc','\'\'',NULL,365719),('4_Sunday','09','09:00','09:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0\'','\'Guillermo Buendia\'','RTV_33c03d7f4eff732ecf0a58948de807c6','\'Title: How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0
\nWhen: Sunday, Aug 13, 09:00 - 09:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\n
SpeakerBio:Guillermo Buendia\n
\nNo BIO available
\nTwitter: @bym0m0
\n\n
\nDescription:
\nRobust red team practices generate multiple findings gradually; defenders struggle to keep up with remediations and detections. All red team findings are critical, but if everything is a priority, then nothing is. Organizations cannot feasibly defend against all ATT&CK techniques. They have more findings than they can optimally assign resources to and focus on the critical ones; they need a system to help them make this task manageable. This Workshop introduces CRTFSS: A methodology to prioritize red team findings using adversary behaviors observed in real-world threat intelligence and mapped to the MITRE ATT&CK based on the most frequent TTPs that score each finding based on the complexity of remediation and exploitability.\n
\n\n\'',NULL,365720),('2_Friday','14','14:00','14:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5','\'How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0\'','\'Guillermo Buendia\'','RTV_625b3e3e9dd9da4c74523007db31a3dd','\'Title: How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0
\nWhen: Friday, Aug 11, 14:00 - 14:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
\n
SpeakerBio:Guillermo Buendia\n
\nNo BIO available
\nTwitter: @bym0m0
\n\n
\nDescription:
\nRobust red team practices generate multiple findings gradually; defenders struggle to keep up with remediations and detections. All red team findings are critical, but if everything is a priority, then nothing is. Organizations cannot feasibly defend against all ATT&CK techniques. They have more findings than they can optimally assign resources to and focus on the critical ones; they need a system to help them make this task manageable. This Workshop introduces CRTFSS: A methodology to prioritize red team findings using adversary behaviors observed in real-world threat intelligence and mapped to the MITRE ATT&CK based on the most frequent TTPs that score each finding based on the complexity of remediation and exploitability.\n
\n\n\'',NULL,365721),('3_Saturday','16','16:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0\'','\'Guillermo Buendia\'','RTV_c641d5ca4de9600871000bcb66433158','\'Title: How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0
\nWhen: Saturday, Aug 12, 16:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
\n
SpeakerBio:Guillermo Buendia\n
\nNo BIO available
\nTwitter: @bym0m0
\n\n
\nDescription:
\nRobust red team practices generate multiple findings gradually; defenders struggle to keep up with remediations and detections. All red team findings are critical, but if everything is a priority, then nothing is. Organizations cannot feasibly defend against all ATT&CK techniques. They have more findings than they can optimally assign resources to and focus on the critical ones; they need a system to help them make this task manageable. This Workshop introduces CRTFSS: A methodology to prioritize red team findings using adversary behaviors observed in real-world threat intelligence and mapped to the MITRE ATT&CK based on the most frequent TTPs that score each finding based on the complexity of remediation and exploitability.\n
\n\n\'',NULL,365722),('2_Friday','14','14:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Kubernetes Offense\'','\'Michael Mitchell\'','RTV_3d83b92af9851967fb8162f002c5dc4a','\'Title: Kubernetes Offense
\nWhen: Friday, Aug 11, 14:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
\n
SpeakerBio:Michael Mitchell\n
\nNo BIO available
\nTwitter: @awildbeard
\n\n
\nDescription:
\nThe workshop is about understanding and exploiting Kubernetes Cluster environments. There is a exploitable cluster that has been built and is deployable for the workshop. The workshop was originally written for people that do not have a large familiarity with Kubernetes or Containers. It is not intended to provide new or novel attacks, but help accelerate someone\'s path to understanding and using new and novel attacks.\n
\n\n\'',NULL,365723),('2_Friday','15','14:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Kubernetes Offense\'','\'Michael Mitchell\'','RTV_3d83b92af9851967fb8162f002c5dc4a','\'\'',NULL,365724),('2_Friday','16','14:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Kubernetes Offense\'','\'Michael Mitchell\'','RTV_3d83b92af9851967fb8162f002c5dc4a','\'\'',NULL,365725),('2_Friday','14','14:00','15:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'Open Source Intelligence (OSINT) for Hackers\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_13d42ea606b69adcdc0daf05459b41e2','\'Title: Open Source Intelligence (OSINT) for Hackers
\nWhen: Friday, Aug 11, 14:00 - 15:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\nSpeakers:Lee McWhorter,Sandra Stibbards
\n
SpeakerBio:Lee McWhorter\n
\nNo BIO available
\nTwitter: @tleemcjr
\n
SpeakerBio:Sandra Stibbards\n
\nNo BIO available
\nTwitter: @Camelotinv
\n\n
\nDescription:
\nThe Open Source Intelligence (OSINT) for Hackers workshop, as part of the Red Team Village, provides extensive information and hands on lessons relating to surface and deep web searching along with advanced online search techniques & strategies, online privacy / anonymity tools, counterintelligence techniques used by the criminal element, search techniques of blogs and social networks including social media monitoring, utilize database systems, methods to obtain historical website pages, develop previous domain & website details that no longer exist, geolocating, reverse imaging, transfer of large files, screenshot capabilities, and much more all focused on helping Hackers related to threat hunting, red teaming and information gathering.\n
\n\n\'',NULL,365726),('2_Friday','15','14:00','15:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'Open Source Intelligence (OSINT) for Hackers\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_13d42ea606b69adcdc0daf05459b41e2','\'\'',NULL,365727),('3_Saturday','09','09:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Open Source Intelligence (OSINT) for Hackers\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_541f8cbee41c7e6e6a26091edb43c8d7','\'Title: Open Source Intelligence (OSINT) for Hackers
\nWhen: Saturday, Aug 12, 09:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\nSpeakers:Lee McWhorter,Sandra Stibbards
\n
SpeakerBio:Lee McWhorter\n
\nNo BIO available
\nTwitter: @tleemcjr
\n
SpeakerBio:Sandra Stibbards\n
\nNo BIO available
\nTwitter: @Camelotinv
\n\n
\nDescription:
\nThe Open Source Intelligence (OSINT) for Hackers workshop, as part of the Red Team Village, provides extensive information and hands on lessons relating to surface and deep web searching along with advanced online search techniques & strategies, online privacy / anonymity tools, counterintelligence techniques used by the criminal element, search techniques of blogs and social networks including social media monitoring, utilize database systems, methods to obtain historical website pages, develop previous domain & website details that no longer exist, geolocating, reverse imaging, transfer of large files, screenshot capabilities, and much more all focused on helping Hackers related to threat hunting, red teaming and information gathering.\n
\n\n\'',NULL,365728),('3_Saturday','10','09:00','10:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Open Source Intelligence (OSINT) for Hackers\'','\'Lee McWhorter,Sandra Stibbards\'','RTV_541f8cbee41c7e6e6a26091edb43c8d7','\'\'',NULL,365729),('2_Friday','15','15:00','15:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5','\'SSH Tunneling: Evading Network Detection and Creating Proxies\'','\'Cory Wolff\'','RTV_6d8d1cb4b73b42985a326c38f03825df','\'Title: SSH Tunneling: Evading Network Detection and Creating Proxies
\nWhen: Friday, Aug 11, 15:00 - 15:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
\n
SpeakerBio:Cory Wolff\n
\nNo BIO available
\nTwitter: @cwolff411
\n\n
\nDescription:
\nSSH tunneling is a valuable component of the red teamer\'s toolkit when used correctly - but that\'s the hard part. Demystifying reverse port forwards, local port forwards, and dynamic port forwards can be a challenge for any operator. This talk will begin with the basics of SSH tunneling and then focus on ways to utilize them to create reverse proxies and evade network monitoring during an engagement. It aims to provide clarity on the use of these different port forwards and provide examples on how to use them in an offensive security scenario.\n
\n\n\'',NULL,365730),('2_Friday','16','16:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2','\'Hacking Real Web Areas\'','\'Ilkin Javadov\'','RTV_3ca220382ffef1702197dfe2271df6f2','\'Title: Hacking Real Web Areas
\nWhen: Friday, Aug 11, 16:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
\n
SpeakerBio:Ilkin Javadov\n
\nNo BIO available
\nTwitter: @IlkinJavadov
\n\n
\nDescription:
\nTotally here I want to show how hackers find and exploit bugs and more. I\'m talking about a purely technical demonstration. In Gisec 2023 Global, I did a live demo on Cross site scripting deep identify and exploit. For example, I think it would be nice if there was a trend on injections or Broken access control.Then it is necessary to learn how to proceed.\n
\n\n\'',NULL,365731),('3_Saturday','15','15:00','15:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Malware Hunting an Offensive Approach\'','\'Filipi Pires\'','RTV_6173b3ef46c3861c59385257946cfcbb','\'Title: Malware Hunting an Offensive Approach
\nWhen: Saturday, Aug 12, 15:00 - 15:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\n
SpeakerBio:Filipi Pires\n
\nNo BIO available
\nTwitter: @FilipiPires
\n\n
\nDescription:
\nDeveloping offensive thinking is the highlight of this training, you’ll be able to create different strategies to send some attacks and know how you can deliver that, and so on. Participants will have the experience of learning to execute several efficiency and detection tests in your lab environment, bringing the result of the defensive security analysis with an offensive mindset performed some types of the attacks that are used in cybercrime and being able to take practical actions to identify these threats. Understanding how Cyber Kill Chain works, learning Static and Dynamic Analysis of some types of files, and executing your own attacks...\n
\n\n\'',NULL,365732),('4_Sunday','09','09:00','09:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'Malware Hunting an Offensive Approach\'','\'Filipi Pires\'','RTV_15421310b260bd2470c275a330f2929d','\'Title: Malware Hunting an Offensive Approach
\nWhen: Sunday, Aug 13, 09:00 - 09:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\n
SpeakerBio:Filipi Pires\n
\nNo BIO available
\nTwitter: @FilipiPires
\n\n
\nDescription:
\nDeveloping offensive thinking is the highlight of this training, you’ll be able to create different strategies to send some attacks and know how you can deliver that, and so on. Participants will have the experience of learning to execute several efficiency and detection tests in your lab environment, bringing the result of the defensive security analysis with an offensive mindset performed some types of the attacks that are used in cybercrime and being able to take practical actions to identify these threats. Understanding how Cyber Kill Chain works, learning Static and Dynamic Analysis of some types of files, and executing your own attacks...\n
\n\n\'',NULL,365733),('2_Friday','16','16:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'Malware Hunting an Offensive Approach\'','\'Filipi Pires\'','RTV_a6196dd648f1b14d2a7a1038f97e2c48','\'Title: Malware Hunting an Offensive Approach
\nWhen: Friday, Aug 11, 16:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\n
SpeakerBio:Filipi Pires\n
\nNo BIO available
\nTwitter: @FilipiPires
\n\n
\nDescription:
\nDeveloping offensive thinking is the highlight of this training, you’ll be able to create different strategies to send some attacks and know how you can deliver that, and so on. Participants will have the experience of learning to execute several efficiency and detection tests in your lab environment, bringing the result of the defensive security analysis with an offensive mindset performed some types of the attacks that are used in cybercrime and being able to take practical actions to identify these threats. Understanding how Cyber Kill Chain works, learning Static and Dynamic Analysis of some types of files, and executing your own attacks...\n
\n\n\'',NULL,365734),('3_Saturday','11','11:00','11:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'Passwords Argh Us\'','\'Traveler\'','RTV_62bb689f836982a5f89a9f2f95e61680','\'Title: Passwords Argh Us
\nWhen: Saturday, Aug 12, 11:00 - 11:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\n
SpeakerBio:Traveler\n
\nNo BIO available
\n\n
\nDescription:
\nThe workshop is designed to provide attendees with comprehensive knowledge and hands-on experience in the realm of offensive security. In today\'s digital landscape, where passwords remain a significant line of defense for organizations, understanding their vulnerabilities is crucial for both offensive and defensive purposes. This workshop aims to equip participants with the skills required to identify weak passwords, crack hashes, and perform credential-based attacks effectively.\n
\n\n\'',NULL,365735),('4_Sunday','10','10:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'Passwords Argh Us\'','\'Traveler\'','RTV_c0b54b5feca87a62a0cb5288d98eed51','\'Title: Passwords Argh Us
\nWhen: Sunday, Aug 13, 10:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\n
SpeakerBio:Traveler\n
\nNo BIO available
\n\n
\nDescription:
\nThe workshop is designed to provide attendees with comprehensive knowledge and hands-on experience in the realm of offensive security. In today\'s digital landscape, where passwords remain a significant line of defense for organizations, understanding their vulnerabilities is crucial for both offensive and defensive purposes. This workshop aims to equip participants with the skills required to identify weak passwords, crack hashes, and perform credential-based attacks effectively.\n
\n\n\'',NULL,365736),('2_Friday','16','16:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Passwords Argh Us\'','\'Traveler\'','RTV_9112f1579ccdfa3b871e11134cf5c1da','\'Title: Passwords Argh Us
\nWhen: Friday, Aug 11, 16:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\n
SpeakerBio:Traveler\n
\nNo BIO available
\n\n
\nDescription:
\nThe workshop is designed to provide attendees with comprehensive knowledge and hands-on experience in the realm of offensive security. In today\'s digital landscape, where passwords remain a significant line of defense for organizations, understanding their vulnerabilities is crucial for both offensive and defensive purposes. This workshop aims to equip participants with the skills required to identify weak passwords, crack hashes, and perform credential-based attacks effectively.\n
\n\n\'',NULL,365737),('3_Saturday','09','09:00','09:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'Passwords Argh Us\'','\'Traveler\'','RTV_8576a913b591e6f6e98d5e2b558caea0','\'Title: Passwords Argh Us
\nWhen: Saturday, Aug 12, 09:00 - 09:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\n
SpeakerBio:Traveler\n
\nNo BIO available
\n\n
\nDescription:
\nThe workshop is designed to provide attendees with comprehensive knowledge and hands-on experience in the realm of offensive security. In today\'s digital landscape, where passwords remain a significant line of defense for organizations, understanding their vulnerabilities is crucial for both offensive and defensive purposes. This workshop aims to equip participants with the skills required to identify weak passwords, crack hashes, and perform credential-based attacks effectively.\n
\n\n\'',NULL,365738),('2_Friday','16','16:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5','\'Red Team Labs and Games for Kids\'','\'\'','RTV_d2129b0f10c53426dd26119a0c5649ab','\'Title: Red Team Labs and Games for Kids
\nWhen: Friday, Aug 11, 16:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
\n
\nDescription:No Description available
\n\'',NULL,365739),('3_Saturday','09','09:00','09:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5','\'Red Team Labs and Games for Kids\'','\'\'','RTV_39192a01e708dd20b109f5881086d7c2','\'Title: Red Team Labs and Games for Kids
\nWhen: Saturday, Aug 12, 09:00 - 09:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
\n
\nDescription:No Description available
\n\'',NULL,365740),('3_Saturday','10','10:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5','\'Red Team Labs and Games for Kids\'','\'\'','RTV_858c1a1d39e7e279c64bb78b15e708fc','\'Title: Red Team Labs and Games for Kids
\nWhen: Saturday, Aug 12, 10:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
\n
\nDescription:No Description available
\n\'',NULL,365741),('3_Saturday','09','09:00','09:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'Android Applications and APIs Hacking\'','\'Gabrielle Botbol\'','RTV_de048479924e03f99b8c8b7e71c26d61','\'Title: Android Applications and APIs Hacking
\nWhen: Saturday, Aug 12, 09:00 - 09:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\n
SpeakerBio:Gabrielle Botbol\n
\nGabrielle Botbol is a pentester and cybersecurity blogger. She created a self-study program to become a pentester and focuses on democratizing infosec. Gabrielle is on Advisory Boards and has won multiple awards for her cyber community contributions
\nTwitter: @Gabrielle_BGB
\n\n
\nDescription:
\nAs mobile devices have become increasingly prevalent, the security of Android applications has become a critical concern. Pentesting is an essential process for identifying and mitigating potential vulnerabilities in these applications, but Android app hacking is a specialized area that is less well-documented than other pentesting techniques. In this session, the focus will be on how to pentest Android apps and their APIs.The presentation will address key questions such as what Android pentesting is, how to set up an Android App pentest lab, and how to pentest an Android App and its APIs from start to finish.\n
\n\n\'',NULL,365742),('3_Saturday','09','09:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Hacking Meta Quest\'','\'Paul D.\'','RTV_4885f503296794d56bf0fe221b1ec6ff','\'Title: Hacking Meta Quest
\nWhen: Saturday, Aug 12, 09:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
\n
SpeakerBio:Paul D.\n
\nNo BIO available
\nTwitter: @knetivty
\n\n
\nDescription:
\nWe will have our Meta Quest 2, Meta Quest Pro and Ray-Ban Stories devices available and firmware on-site to support native/hardware live hack competitions.\n
\n\n\'',NULL,365743),('3_Saturday','10','09:00','10:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Hacking Meta Quest\'','\'Paul D.\'','RTV_4885f503296794d56bf0fe221b1ec6ff','\'\'',NULL,365744),('3_Saturday','11','11:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'(In)Direct Syscalls: A Journey from High to Low\'','\'Daniel Feichter\'','RTV_e6c53c99c7db7630c92656532777dd4b','\'Title: (In)Direct Syscalls: A Journey from High to Low
\nWhen: Saturday, Aug 12, 11:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
\n
SpeakerBio:Daniel Feichter\n
\nNo BIO available
\nTwitter: @VirtualAllocEx
\n\n
\nDescription:
\nOur workshop/journey will be called \"(In)direct Syscalls: A Journey from High to Low\". It is a hands-on experience where we start with some Windows internals basics, talk about system calls in Windows OS in general, take a look at Win32 APIs, Native APIs, etc. We also take a look at the concepts of direct syscalls and indirect syscalls. Based on various chapters, each student will build their own indirect syscall shellcode loader step by step and analyze it a bit with x64dbg. Below is an overview of the chapters covered in the workshop.\n
\n\n\'',NULL,365745),('3_Saturday','12','11:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'(In)Direct Syscalls: A Journey from High to Low\'','\'Daniel Feichter\'','RTV_e6c53c99c7db7630c92656532777dd4b','\'\'',NULL,365746),('3_Saturday','13','11:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'(In)Direct Syscalls: A Journey from High to Low\'','\'Daniel Feichter\'','RTV_e6c53c99c7db7630c92656532777dd4b','\'\'',NULL,365747),('3_Saturday','14','11:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'(In)Direct Syscalls: A Journey from High to Low\'','\'Daniel Feichter\'','RTV_e6c53c99c7db7630c92656532777dd4b','\'\'',NULL,365748),('3_Saturday','15','11:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'(In)Direct Syscalls: A Journey from High to Low\'','\'Daniel Feichter\'','RTV_e6c53c99c7db7630c92656532777dd4b','\'\'',NULL,365749),('3_Saturday','16','11:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1','\'(In)Direct Syscalls: A Journey from High to Low\'','\'Daniel Feichter\'','RTV_e6c53c99c7db7630c92656532777dd4b','\'\'',NULL,365750),('4_Sunday','09','09:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Artificial Intelligence for Red Team Operations\'','\'Peter Halberg\'','RTV_50ffb1c539de2d232197ddcfcea5657d','\'Title: Artificial Intelligence for Red Team Operations
\nWhen: Sunday, Aug 13, 09:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\n
SpeakerBio:Peter Halberg\n
\nNo BIO available
\nTwitter: @MiloSilo_Hacks
\n\n
\nDescription:
\nThe integration of artificial intelligence (AI) into red team operations has revolutionized the way cybersecurity professionals approach their work. This workshop will equip participants with the necessary skills and understanding to leverage AI tools effectively throughout different stages of red team operations.\n
\n\n\'',NULL,365751),('4_Sunday','10','09:00','10:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Artificial Intelligence for Red Team Operations\'','\'Peter Halberg\'','RTV_50ffb1c539de2d232197ddcfcea5657d','\'\'',NULL,365752),('3_Saturday','11','11:00','12:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Artificial Intelligence for Red Team Operations\'','\'Peter Halberg\'','RTV_e1bee07758769ae046b5b668aac2b079','\'Title: Artificial Intelligence for Red Team Operations
\nWhen: Saturday, Aug 12, 11:00 - 12:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
\n
SpeakerBio:Peter Halberg\n
\nNo BIO available
\nTwitter: @MiloSilo_Hacks
\n\n
\nDescription:
\nThe integration of artificial intelligence (AI) into red team operations has revolutionized the way cybersecurity professionals approach their work. This workshop will equip participants with the necessary skills and understanding to leverage AI tools effectively throughout different stages of red team operations.\n
\n\n\'',NULL,365753),('3_Saturday','12','11:00','12:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Artificial Intelligence for Red Team Operations\'','\'Peter Halberg\'','RTV_e1bee07758769ae046b5b668aac2b079','\'\'',NULL,365754),('3_Saturday','13','13:00','16:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux\'','\'Scott Brink\'','RTV_7f64c17e28a3e30df4c56c0456f62d2a','\'Title: How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux
\nWhen: Saturday, Aug 12, 13:00 - 16:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
\n
SpeakerBio:Scott Brink\n
\nNo BIO available
\nTwitter: @_sandw1ch
\n\n
\nDescription:
\nThe objective of the workshop is to provide hands-on practical experiences to understand Active Directory risks. The workshop will start with the basics of Active Directory and deep dive into in depth hands on exploitation of multiple vulnerabilities.\n
\n\n\'',NULL,365755),('3_Saturday','14','13:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux\'','\'Scott Brink\'','RTV_7f64c17e28a3e30df4c56c0456f62d2a','\'\'',NULL,365756),('3_Saturday','15','13:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux\'','\'Scott Brink\'','RTV_7f64c17e28a3e30df4c56c0456f62d2a','\'\'',NULL,365757),('3_Saturday','16','13:00','16:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux\'','\'Scott Brink\'','RTV_7f64c17e28a3e30df4c56c0456f62d2a','\'\'',NULL,365758),('3_Saturday','13','13:00','13:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3','\'Storfield: A Quiet Methodology to Create Attacks in Mature Networks\'','\'Cory Wolff\'','RTV_c78db06d7b86650411012e8b79c1dfbe','\'Title: Storfield: A Quiet Methodology to Create Attacks in Mature Networks
\nWhen: Saturday, Aug 12, 13:00 - 13:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
\n
SpeakerBio:Cory Wolff\n
\nNo BIO available
\nTwitter: @cwolff411
\n\n
\nDescription:
\nThe Storfield Methodology focuses on three main questions: Where am I? Where is the DC? Where are the high-value targets? The Storfield Methodology is meant to be repeatable during every engagement. When following this method the steps should be the same regardless of the security controls implemented in a particular network.\n
\n\n\'',NULL,365759),('4_Sunday','11','11:00','11:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4','\'Storfield: A Quiet Methodology to Create Attacks in Mature Networks\'','\'Cory Wolff\'','RTV_123389260b1c05b57110c15e53ac556b','\'Title: Storfield: A Quiet Methodology to Create Attacks in Mature Networks
\nWhen: Sunday, Aug 13, 11:00 - 11:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
\n
SpeakerBio:Cory Wolff\n
\nNo BIO available
\nTwitter: @cwolff411
\n\n
\nDescription:
\nThe Storfield Methodology focuses on three main questions: Where am I? Where is the DC? Where are the high-value targets? The Storfield Methodology is meant to be repeatable during every engagement. When following this method the steps should be the same regardless of the security controls implemented in a particular network.\n
\n\n\'',NULL,365760),('4_Sunday','09','09:00','10:59','N','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Recon for Red Teamers and Bug Hunters 2.0\'','\'Jason Haddix\'','RTV_1afb2379abe3efde760fb58549af2464','\'Title: Recon for Red Teamers and Bug Hunters 2.0
\nWhen: Sunday, Aug 13, 09:00 - 10:59 PDT
\nWhere: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
\n
SpeakerBio:Jason Haddix\n, CISO and “Hacker in Charge” at BuddoBot
\nJason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He\'s had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd\'s leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
\nTwitter: @jhaddix
\n\n
\nDescription:
\nAdversaries, red teamer\'s, and bug bounty hunters share some common TTPs, they all do extensive recon on their targets. Join Jason in this 2hour workshop as he goes through tools and techniques when targeting an organization and its\' people. Jason will cover email acquisition, technology profiling, external attack surface (cloud, mobile, ++), historical data mining for endpoints, and much, much more. Jason will walk through each tool in the toolchain, live, for the students while he reveals his own personal tips and tricks in each section. The workshop will be performed on LIVE targets, so fasten your seatbelts! This workshop is a must-see for anyone in the offensive security space.\n
\n\n\'',NULL,365761),('4_Sunday','10','09:00','10:59','Y','RTV','Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6','\'Recon for Red Teamers and Bug Hunters 2.0\'','\'Jason Haddix\'','RTV_1afb2379abe3efde760fb58549af2464','\'\'',NULL,365762),('2_Friday','10','10:00','10:50','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Keynote - Reshaping Reconnaissance: AI\'s Role in Open Source Intelligence\'','\'Matt Edmondson\'','RCV_cb0d63a880ca0cfc4098d39a40a41af2','\'Title: Keynote - Reshaping Reconnaissance: AI\'s Role in Open Source Intelligence
\nWhen: Friday, Aug 11, 10:00 - 10:50 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Matt Edmondson\n
\nNo BIO available
\nTwitter: @@matt0177
\n\n
\nDescription:No Description available
\n\'',NULL,365763),('2_Friday','10','10:50','11:35','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'OSINT Situational Awareness\'','\'Joe Gray\'','RCV_984534d8cfbdef641d5d6b3d71203121','\'Title: OSINT Situational Awareness
\nWhen: Friday, Aug 11, 10:50 - 11:35 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Joe Gray\n
\nNo BIO available
\nTwitter: @@C_3PJoe
\n\n
\nDescription:No Description available
\n\'',NULL,365764),('2_Friday','11','10:50','11:35','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'OSINT Situational Awareness\'','\'Joe Gray\'','RCV_984534d8cfbdef641d5d6b3d71203121','\'\'',NULL,365765),('2_Friday','11','11:35','12:10','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Oh The Places You\'ll Guo: Using Media Variants to Trace the Organization and Behavior of an Coordinated Inauthentic Influence Operation\'','\'Patrick Warren\'','RCV_c83837f5a4a900d4a667f93000d9644a','\'Title: Oh The Places You\'ll Guo: Using Media Variants to Trace the Organization and Behavior of an Coordinated Inauthentic Influence Operation
\nWhen: Friday, Aug 11, 11:35 - 12:10 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Patrick Warren\n
\nNo BIO available
\nTwitter: @@plwarre
\n\n
\nDescription:No Description available
\n\'',NULL,365766),('2_Friday','12','11:35','12:10','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Oh The Places You\'ll Guo: Using Media Variants to Trace the Organization and Behavior of an Coordinated Inauthentic Influence Operation\'','\'Patrick Warren\'','RCV_c83837f5a4a900d4a667f93000d9644a','\'\'',NULL,365767),('2_Friday','12','12:10','12:55','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'How I Found Your Password, and Other Advanced Data Hoarding Techniques\'','\'M4x 5yn74x\'','RCV_aeb69b2fbc57a47c802d2616db611f2e','\'Title: How I Found Your Password, and Other Advanced Data Hoarding Techniques
\nWhen: Friday, Aug 11, 12:10 - 12:55 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:M4x 5yn74x\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,365768),('2_Friday','14','14:00','14:25','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Mastering OSINT: Advanced Techniques in the Realm of Big Data\'','\'Seyfullah\'','RCV_bed533734badfa667613c73bd3469bc1','\'Title: Mastering OSINT: Advanced Techniques in the Realm of Big Data
\nWhen: Friday, Aug 11, 14:00 - 14:25 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Seyfullah\n
\nNo BIO available
\nTwitter: @@s3yfullah
\n\n
\nDescription:No Description available
\n\'',NULL,365769),('2_Friday','14','14:25','15:10','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Leakonomics 101: The Last Year in Data Leaks\'','\'Nick Ascoli\'','RCV_b36106ba4bd493552f57a475fe9b30ff','\'Title: Leakonomics 101: The Last Year in Data Leaks
\nWhen: Friday, Aug 11, 14:25 - 15:10 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Nick Ascoli\n
\nNo BIO available
\nTwitter: @@kcin418
\n\n
\nDescription:No Description available
\n\'',NULL,365770),('2_Friday','15','14:25','15:10','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Leakonomics 101: The Last Year in Data Leaks\'','\'Nick Ascoli\'','RCV_b36106ba4bd493552f57a475fe9b30ff','\'\'',NULL,365771),('2_Friday','15','15:10','15:45','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Getting ahead of the bad guys with Internet Scanning data.\'','\'Vitor Ventura\'','RCV_db3ae4d34d3462ac50905d3163b9bfca','\'Title: Getting ahead of the bad guys with Internet Scanning data.
\nWhen: Friday, Aug 11, 15:10 - 15:45 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Vitor Ventura\n
\nNo BIO available
\nTwitter: @@_vventura
\n\n
\nDescription:No Description available
\n\'',NULL,365772),('2_Friday','15','15:45','16:30','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Crushing crumbs of information to eat a whole cake.\'','\'Felipe Pr0teus\'','RCV_8c797f38377a8145ff2f5800b9a15b64','\'Title: Crushing crumbs of information to eat a whole cake.
\nWhen: Friday, Aug 11, 15:45 - 16:30 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Felipe Pr0teus\n
\nNo BIO available
\nTwitter: @@pr0teusbr
\n\n
\nDescription:No Description available
\n\'',NULL,365773),('2_Friday','16','15:45','16:30','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Crushing crumbs of information to eat a whole cake.\'','\'Felipe Pr0teus\'','RCV_8c797f38377a8145ff2f5800b9a15b64','\'\'',NULL,365774),('2_Friday','16','16:30','17:15','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Nosy Cops: Exposing the Hidden Potential of Police Radio\'','\'sally\'','RCV_b5afb4967ee0887cb0c96fef8e4e89ab','\'Title: Nosy Cops: Exposing the Hidden Potential of Police Radio
\nWhen: Friday, Aug 11, 16:30 - 17:15 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:sally\n
\nNo BIO available
\nTwitter: @@sally_yachts
\n\n
\nDescription:No Description available
\n\'',NULL,365775),('2_Friday','17','16:30','17:15','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Nosy Cops: Exposing the Hidden Potential of Police Radio\'','\'sally\'','RCV_b5afb4967ee0887cb0c96fef8e4e89ab','\'\'',NULL,365776),('3_Saturday','10','10:00','10:45','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Panel Discussion - Bugs, Bounties, & Breaches - Insider Tales from the Trenches\'','\'Jason Haddix\'','RCV_a741b4ffc8690fb04c6f1ba1ca9a7808','\'Title: Panel Discussion - Bugs, Bounties, & Breaches - Insider Tales from the Trenches
\nWhen: Saturday, Aug 12, 10:00 - 10:45 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Jason Haddix\n, CISO and “Hacker in Charge” at BuddoBot
\nJason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He\'s had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd\'s leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
\nTwitter: @jhaddix
\n\n
\nDescription:No Description available
\n\'',NULL,365777),('3_Saturday','10','10:45','11:30','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'OSINT Privacy Unmasked: Taking Control of Your Digital Footprint in a Hyper-Connected World\'','\'Zoey Selman\'','RCV_f9944e3fb83fd291c37342627b03feea','\'Title: OSINT Privacy Unmasked: Taking Control of Your Digital Footprint in a Hyper-Connected World
\nWhen: Saturday, Aug 12, 10:45 - 11:30 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Zoey Selman\n
\nNo BIO available
\nTwitter: @@v3rbaal
\n\n
\nDescription:No Description available
\n\'',NULL,365778),('3_Saturday','11','10:45','11:30','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'OSINT Privacy Unmasked: Taking Control of Your Digital Footprint in a Hyper-Connected World\'','\'Zoey Selman\'','RCV_f9944e3fb83fd291c37342627b03feea','\'\'',NULL,365779),('3_Saturday','11','11:30','12:05','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'I Am The Disinformation Campaign\'','\'MasterChen\'','RCV_3a868fae5167cf1212722d591f2666e3','\'Title: I Am The Disinformation Campaign
\nWhen: Saturday, Aug 12, 11:30 - 12:05 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:MasterChen\n
\nNo BIO available
\nTwitter: @@chenb0x
\n\n
\nDescription:No Description available
\n\'',NULL,365780),('3_Saturday','12','11:30','12:05','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'I Am The Disinformation Campaign\'','\'MasterChen\'','RCV_3a868fae5167cf1212722d591f2666e3','\'\'',NULL,365781),('3_Saturday','12','12:05','12:50','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'How I Built Recon to Scale with Serverless Architecture\'','\'Gunnar Andrews\'','RCV_290519703bcc928853bbe35b213e02ff','\'Title: How I Built Recon to Scale with Serverless Architecture
\nWhen: Saturday, Aug 12, 12:05 - 12:50 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Gunnar Andrews\n
\nNo BIO available
\nTwitter: @@G0LDEN_infosec
\n\n
\nDescription:No Description available
\n\'',NULL,365782),('3_Saturday','14','14:00','14:25','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Easy EASM - the zero dollar attack surface management tool\'','\'Jason Haddix\'','RCV_f39c4c25bc3a51f9cbc4d931abd2b5a2','\'Title: Easy EASM - the zero dollar attack surface management tool
\nWhen: Saturday, Aug 12, 14:00 - 14:25 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Jason Haddix\n, CISO and “Hacker in Charge” at BuddoBot
\nJason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He\'s had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd\'s leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
\nTwitter: @jhaddix
\n\n
\nDescription:No Description available
\n\'',NULL,365783),('3_Saturday','14','14:25','15:10','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Azure AD recon with OSINT tools\'','\'Nestori Syynimaa\'','RCV_169edb5a20856cf482ee81b7037fd2ea','\'Title: Azure AD recon with OSINT tools
\nWhen: Saturday, Aug 12, 14:25 - 15:10 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Nestori Syynimaa\n, Senior Principal Security Researcher at Secureworks
\nDr Nestori Syynimaa is one of the leading Azure AD / M365 experts in the world and the developer of the AADInternals toolkit. He has worked with Microsoft cloud services for over a decade and has been MCT since 2013, MVP since 2020, and awarded Microsoft Most Valuable Security Researcher for 2022. Currently, Dr Syynimaa works as a Senior Principal Security Researcher for Secureworks Counter Threat Unit. Before moving to his current position, Dr Syynimaa worked as a CIO, consultant, trainer, researcher, and university lecturer for almost 20 years. Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom, Black Hat (USA, Europe, and Asia), Def Con, and RSA Conference.
\nTwitter: @DrAzureAD
\n\n
\nDescription:No Description available
\n\'',NULL,365784),('3_Saturday','15','14:25','15:10','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Azure AD recon with OSINT tools\'','\'Nestori Syynimaa\'','RCV_169edb5a20856cf482ee81b7037fd2ea','\'\'',NULL,365785),('3_Saturday','15','15:10','15:55','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Unlocking the Power of OWASP Amass: Introducing the Open Asset Model for Comprehensive Attack Surface Mapping\'','\'Jeff Foley\'','RCV_77a215b84a1da1254c5d52c97cb2d703','\'Title: Unlocking the Power of OWASP Amass: Introducing the Open Asset Model for Comprehensive Attack Surface Mapping
\nWhen: Saturday, Aug 12, 15:10 - 15:55 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Jeff Foley\n
\nNo BIO available
\nTwitter: @jeff_foley
\n\n
\nDescription:No Description available
\n\'',NULL,365786),('3_Saturday','15','15:55','16:20','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Finding Hidden Gems In Temporary Mail Services\'','\'Berk Can Geyikci\'','RCV_1cdf4fecdb9f0342e326baaf7daaa092','\'Title: Finding Hidden Gems In Temporary Mail Services
\nWhen: Saturday, Aug 12, 15:55 - 16:20 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Berk Can Geyikci\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,365787),('3_Saturday','16','15:55','16:20','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Finding Hidden Gems In Temporary Mail Services\'','\'Berk Can Geyikci\'','RCV_1cdf4fecdb9f0342e326baaf7daaa092','\'\'',NULL,365788),('3_Saturday','16','16:20','17:05','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Riding with the Chollimas: Our 100-Day Quest to Identify a North Korean State-Sponsored Threat Actor\'','\'Mauro Eldritch\'','RCV_794d5e4ab293483370fb9b59caad6bcd','\'Title: Riding with the Chollimas: Our 100-Day Quest to Identify a North Korean State-Sponsored Threat Actor
\nWhen: Saturday, Aug 12, 16:20 - 17:05 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Mauro Eldritch\n
\nNo BIO available
\nTwitter: @@mauroeldritch
\n\n
\nDescription:No Description available
\n\'',NULL,365789),('3_Saturday','17','16:20','17:05','Y','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'Riding with the Chollimas: Our 100-Day Quest to Identify a North Korean State-Sponsored Threat Actor\'','\'Mauro Eldritch\'','RCV_794d5e4ab293483370fb9b59caad6bcd','\'\'',NULL,365790),('3_Saturday','17','17:05','17:50','N','RCV','LINQ - 3rd flr - Social B and C - Recon Village','\'The Perils of Generative AI: Implications for Open Source Intelligence Research\'','\'Andy Dennis\'','RCV_ce9838357ae337bbb7283d75294ef46d','\'Title: The Perils of Generative AI: Implications for Open Source Intelligence Research
\nWhen: Saturday, Aug 12, 17:05 - 17:50 PDT
\nWhere: LINQ - 3rd flr - Social B and C - Recon Village - Map
\n
SpeakerBio:Andy Dennis\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,365791),('3_Saturday','10','10:00','15:59','N','MISC','Caesars Forum - Summit - Contest Area','\'Book Exchange\'','\' \'','MISC_4ae2dd9d20b73e6297fed5e9657389ac','\'Title: Book Exchange
\nWhen: Saturday, Aug 12, 10:00 - 15:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nWhat’s it all about?
\nThe Book Exchange at DEF CON, will allow for members of the community to drop off a used book that has been kindly read and may be enjoyable by someone else and in return they will be able to select a “new gently used” book from the exchange table. \n

Why?
\nReading is fundamental. Many of us in the Defcon community have learned and been inspired by books and remain avid readers. The Defcon book exchange will allow community members to drop off a book that they found inspiring and is sitting on their shelf collecting dust and in return they will be able to get a new book which hopefully will continue to expand their knowledge over the next year. This effort will keep used books in circulation.\n

When and Where:
\nThe exchange will be held from 10:00 to 16:00, Day(s) to be announced. \n

Left over books will be transported and donated to a used book store in Las Vegas, but the goal will be to have a zero net sum gain.\n

\n\n\'',NULL,365792),('3_Saturday','11','10:00','15:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'Book Exchange\'','\' \'','MISC_4ae2dd9d20b73e6297fed5e9657389ac','\'\'',NULL,365793),('3_Saturday','12','10:00','15:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'Book Exchange\'','\' \'','MISC_4ae2dd9d20b73e6297fed5e9657389ac','\'\'',NULL,365794),('3_Saturday','13','10:00','15:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'Book Exchange\'','\' \'','MISC_4ae2dd9d20b73e6297fed5e9657389ac','\'\'',NULL,365795),('3_Saturday','14','10:00','15:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'Book Exchange\'','\' \'','MISC_4ae2dd9d20b73e6297fed5e9657389ac','\'\'',NULL,365796),('3_Saturday','15','10:00','15:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'Book Exchange\'','\' \'','MISC_4ae2dd9d20b73e6297fed5e9657389ac','\'\'',NULL,365797),('2_Friday','06','06:00','06:59','N','MISC','Other/See Description','\'CycleOverride Defcon Bike Ride\'','\' \'','MISC_eb77f82c45bc927b9c95ee98d62086e7','\'Title: CycleOverride Defcon Bike Ride
\nWhen: Friday, Aug 11, 06:00 - 06:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\nAt 6am on Friday, the @cycle_override crew will be hosting the 11th Defcon Bikeride. We\'ll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It\'s about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See you at 6am Friday! @jp_bourget @gdead @heidishmoo. Go to cycleoverride.org for more info.\n
\n\n\'',NULL,365798),('3_Saturday','18','18:00','21:59','N','MISC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'EFF Tech Trivia\'','\' \'','MISC_6d7facc372b6ec5d8f4d5cba592183d6','\'Title: EFF Tech Trivia
\nWhen: Saturday, Aug 12, 18:00 - 21:59 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\n
\nDescription:
\nEFF\'s team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Prize (TBD) and EFF swag pack. The second and third place teams will also win great EFF gear.\n
\n\n\'',NULL,365799),('3_Saturday','19','18:00','21:59','Y','MISC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'EFF Tech Trivia\'','\' \'','MISC_6d7facc372b6ec5d8f4d5cba592183d6','\'\'',NULL,365800),('3_Saturday','20','18:00','21:59','Y','MISC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'EFF Tech Trivia\'','\' \'','MISC_6d7facc372b6ec5d8f4d5cba592183d6','\'\'',NULL,365801),('3_Saturday','21','18:00','21:59','Y','MISC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'EFF Tech Trivia\'','\' \'','MISC_6d7facc372b6ec5d8f4d5cba592183d6','\'\'',NULL,365802),('1_Thursday','15','15:00','20:59','N','MISC','Other/See Description','\'Toxic BBQ\'','\' \'','MISC_b0c4440fee64557893367e048ea29163','\'Title: Toxic BBQ
\nWhen: Thursday, Aug 10, 15:00 - 20:59 PDT
\nWhere: Other/See Description
\n
\nDescription:
\n15:00- 21:00 Thursday, Off-site at Sunset Park, Pavilion F, (36.0636, -115.1178)\n

The humans of Vegas invite you to this year’s unofficial welcome party. Join us off-Strip in the shade of Sunset Park for a heat-blasted hangout. Burgers, dogs, and meatless options are provided. Attendees pitch in to make everything else happen. Contribute more food and drinks, staff the grill or join supply runs, and relax under the trees with good conversation with new and old friends. Come be a part of what makes this cookout something to remember year after year.\n

Grab flyers from an Info Booth, check out https://www.toxicbbq.org for the history of this event, and watch for #ToxicBBQ for the latest news.\n

--\n

Toxic BBQ is Kid Friendly and Welcoming. In fact, our marketing captain is 16! As with anything DEFCON, caveat parentum \n

If you are ok bringing and minding your kids to a backyard cookout, they’ll be fine here. While we don’t have kid-specific programming or events, it’s at a park.\n

We reserve the right to bribe them with swag to help out, and we may try to feed them Octopus jerky. \n

\n\n\'',NULL,365803),('1_Thursday','16','15:00','20:59','Y','MISC','Other/See Description','\'Toxic BBQ\'','\' \'','MISC_b0c4440fee64557893367e048ea29163','\'\'',NULL,365804),('1_Thursday','17','15:00','20:59','Y','MISC','Other/See Description','\'Toxic BBQ\'','\' \'','MISC_b0c4440fee64557893367e048ea29163','\'\'',NULL,365805),('1_Thursday','18','15:00','20:59','Y','MISC','Other/See Description','\'Toxic BBQ\'','\' \'','MISC_b0c4440fee64557893367e048ea29163','\'\'',NULL,365806),('1_Thursday','19','15:00','20:59','Y','MISC','Other/See Description','\'Toxic BBQ\'','\' \'','MISC_b0c4440fee64557893367e048ea29163','\'\'',NULL,365807),('1_Thursday','20','15:00','20:59','Y','MISC','Other/See Description','\'Toxic BBQ\'','\' \'','MISC_b0c4440fee64557893367e048ea29163','\'\'',NULL,365808),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652','\'Title: ? Cube
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you ready to put your problem-solving skills to the test?\n

This year, we are proud to introduce a brand new contest, designed to push your limits and awaken your curiosity.\n

The ? Cube Challenge is not for the faint-hearted. It is a multi-layered, complex puzzle that requires you to use all your hacking and analytical skills to solve it.\n

The cube is loaded with riddles and puzzles that must be solved one by one to progress further towards the ultimate goal.\n

This challenge is not just about solving a puzzle, it\'s about exploring your curiosity and pushing the boundaries of your knowledge.\n

It\'s about putting your hacker mindset to work and seeing how far you can go.\n

With each step, you\'ll be one step closer to unlocking the secrets of the ? Cube Challenge.We know that Defcon attendees are always looking for the next big challenge, and we have created the ? Cube Challenge with that in mind.\n

It is a contest that will test your limits, engage your creativity, and push your curiosity to the next level.So come and join us at Defcon 31 and take on the ultimate challenge! Who knows, you might just walk away with the title of ? Cub Champion and the admiration of your fellow hackers. Are you ready to take the challenge?\n

The above was totally written by ChatGPT. I don\'t want to give out too much information, but basically there is going to be a big cube like object that contestants will have to deconstruct to find the hidden awesomeness. I hope to have challenges spread across multiple domains, both online in a jeopardy style ctf as well as the physical puzzle of the cube which will be module in nature, with each physical puzzle tying to the next.\n

\n\n\'',NULL,365809),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652','\'\'',NULL,365810),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652','\'\'',NULL,365811),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652','\'\'',NULL,365812),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652','\'\'',NULL,365813),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652','\'\'',NULL,365814),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652','\'\'',NULL,365815),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652','\'\'',NULL,365816),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_042014d5d2df54e80fd32755e737418f','\'Title: ? Cube
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you ready to put your problem-solving skills to the test?\n

This year, we are proud to introduce a brand new contest, designed to push your limits and awaken your curiosity.\n

The ? Cube Challenge is not for the faint-hearted. It is a multi-layered, complex puzzle that requires you to use all your hacking and analytical skills to solve it.\n

The cube is loaded with riddles and puzzles that must be solved one by one to progress further towards the ultimate goal.\n

This challenge is not just about solving a puzzle, it\'s about exploring your curiosity and pushing the boundaries of your knowledge.\n

It\'s about putting your hacker mindset to work and seeing how far you can go.\n

With each step, you\'ll be one step closer to unlocking the secrets of the ? Cube Challenge.We know that Defcon attendees are always looking for the next big challenge, and we have created the ? Cube Challenge with that in mind.\n

It is a contest that will test your limits, engage your creativity, and push your curiosity to the next level.So come and join us at Defcon 31 and take on the ultimate challenge! Who knows, you might just walk away with the title of ? Cub Champion and the admiration of your fellow hackers. Are you ready to take the challenge?\n

The above was totally written by ChatGPT. I don\'t want to give out too much information, but basically there is going to be a big cube like object that contestants will have to deconstruct to find the hidden awesomeness. I hope to have challenges spread across multiple domains, both online in a jeopardy style ctf as well as the physical puzzle of the cube which will be module in nature, with each physical puzzle tying to the next.\n

\n\n\'',NULL,365817),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_042014d5d2df54e80fd32755e737418f','\'\'',NULL,365818),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_042014d5d2df54e80fd32755e737418f','\'\'',NULL,365819),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_042014d5d2df54e80fd32755e737418f','\'\'',NULL,365820),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_042014d5d2df54e80fd32755e737418f','\'\'',NULL,365821),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_042014d5d2df54e80fd32755e737418f','\'\'',NULL,365822),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_042014d5d2df54e80fd32755e737418f','\'\'',NULL,365823),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_042014d5d2df54e80fd32755e737418f','\'\'',NULL,365824),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_78d6afecf8fc0d798ec030c9e74a973f','\'Title: ? Cube
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you ready to put your problem-solving skills to the test?\n

This year, we are proud to introduce a brand new contest, designed to push your limits and awaken your curiosity.\n

The ? Cube Challenge is not for the faint-hearted. It is a multi-layered, complex puzzle that requires you to use all your hacking and analytical skills to solve it.\n

The cube is loaded with riddles and puzzles that must be solved one by one to progress further towards the ultimate goal.\n

This challenge is not just about solving a puzzle, it\'s about exploring your curiosity and pushing the boundaries of your knowledge.\n

It\'s about putting your hacker mindset to work and seeing how far you can go.\n

With each step, you\'ll be one step closer to unlocking the secrets of the ? Cube Challenge.We know that Defcon attendees are always looking for the next big challenge, and we have created the ? Cube Challenge with that in mind.\n

It is a contest that will test your limits, engage your creativity, and push your curiosity to the next level.So come and join us at Defcon 31 and take on the ultimate challenge! Who knows, you might just walk away with the title of ? Cub Champion and the admiration of your fellow hackers. Are you ready to take the challenge?\n

The above was totally written by ChatGPT. I don\'t want to give out too much information, but basically there is going to be a big cube like object that contestants will have to deconstruct to find the hidden awesomeness. I hope to have challenges spread across multiple domains, both online in a jeopardy style ctf as well as the physical puzzle of the cube which will be module in nature, with each physical puzzle tying to the next.\n

\n\n\'',NULL,365825),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'? Cube\'','\' \'','CON_78d6afecf8fc0d798ec030c9e74a973f','\'\'',NULL,365826),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f','\'Title: 5n4ck3y
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAND!XOR creates electronic badges that are filled with challenges. We love doing this, especially coming up with unique ways for hackers to earn them. We are excited to re-introduce the newest member of our hacker-fam... 5n4ck3y (Snackey). 5n4ck3y is a vending machine hardware hacking project, retrofitted into an IoT CTF based badge dispensing machine, complete with bling. To earn a badge, you must find a flag on our web hosted CTF platform. Once you have found a flag, you will be given a 5n4ck3y dispense code. Enter the code into the vending machine and a badge will be dispensed to you! There are a variety of challenges to earn a badge, as well as challenges to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, OS & network security to name a few. Hardware hacking is our passion and we want people to learn on badges. But more importantly, there is a lot to learn at DEF CON, so our challenge will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further. We hope you enjoy 5n4ck3y and all that it has to offer!\n
\n\n\'',NULL,365827),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f','\'\'',NULL,365828),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f','\'\'',NULL,365829),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f','\'\'',NULL,365830),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f','\'\'',NULL,365831),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f','\'\'',NULL,365832),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f','\'\'',NULL,365833),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f','\'\'',NULL,365834),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_d56e147b1ba158b57f069055742bf5ec','\'Title: 5n4ck3y
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAND!XOR creates electronic badges that are filled with challenges. We love doing this, especially coming up with unique ways for hackers to earn them. We are excited to re-introduce the newest member of our hacker-fam... 5n4ck3y (Snackey). 5n4ck3y is a vending machine hardware hacking project, retrofitted into an IoT CTF based badge dispensing machine, complete with bling. To earn a badge, you must find a flag on our web hosted CTF platform. Once you have found a flag, you will be given a 5n4ck3y dispense code. Enter the code into the vending machine and a badge will be dispensed to you! There are a variety of challenges to earn a badge, as well as challenges to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, OS & network security to name a few. Hardware hacking is our passion and we want people to learn on badges. But more importantly, there is a lot to learn at DEF CON, so our challenge will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further. We hope you enjoy 5n4ck3y and all that it has to offer!\n
\n\n\'',NULL,365835),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_d56e147b1ba158b57f069055742bf5ec','\'\'',NULL,365836),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a','\'Title: 5n4ck3y
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAND!XOR creates electronic badges that are filled with challenges. We love doing this, especially coming up with unique ways for hackers to earn them. We are excited to re-introduce the newest member of our hacker-fam... 5n4ck3y (Snackey). 5n4ck3y is a vending machine hardware hacking project, retrofitted into an IoT CTF based badge dispensing machine, complete with bling. To earn a badge, you must find a flag on our web hosted CTF platform. Once you have found a flag, you will be given a 5n4ck3y dispense code. Enter the code into the vending machine and a badge will be dispensed to you! There are a variety of challenges to earn a badge, as well as challenges to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, OS & network security to name a few. Hardware hacking is our passion and we want people to learn on badges. But more importantly, there is a lot to learn at DEF CON, so our challenge will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further. We hope you enjoy 5n4ck3y and all that it has to offer!\n
\n\n\'',NULL,365837),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a','\'\'',NULL,365838),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a','\'\'',NULL,365839),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a','\'\'',NULL,365840),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a','\'\'',NULL,365841),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a','\'\'',NULL,365842),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a','\'\'',NULL,365843),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'5n4ck3y\'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a','\'\'',NULL,365844),('3_Saturday','10','10:00','16:59','N','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_0439e5093d69bcf9d150411f8668e32b','\'Title: Adversary Wars CTF
\nWhen: Saturday, Aug 12, 10:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAdversary Village proudly presents \"Adversary Wars CTF,\" a cutting-edge capture the flag competition that revolves around adversary attack simulation, adversary-threat actor emulation, purple team tactics and adversary tradecraft. This unique competition is designed to replicate enterprise infrastructure and present participants with challenges that encourage the adoption of various techniques, tactics, and procedures (TTPs) employed by real adversaries and threat actors, all within a defined time frame.\n

Adversary Village is a community-driven initiative that prioritizes adversary simulation, emulation, breach and attack simulation, adversary tactics, offensive/adversary tradecraft, philosophy, and purple teaming.\n

Our objective is to establish a Capture the Flag competition dedicated to adversary simulation, purple teaming and knowledge sharing. Adversary Wars offers unique opportunities for “adversaries” aka participants to simulate attacks, explore new attack vectors, gain insights into threat actor profiles, master TTPs, and refine offensive tradecraft. With a range of adversary simulation exercises at different difficulty levels, this CTF promises real-world attack simulation scenarios and challenges.\n

Previous versions of the Adversary Wars CTF were hosted as part of Adversary Village, during DEF CON 29 and DEF CON 30. We are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 31.​\n

\n\n\'',NULL,365845),('3_Saturday','11','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_0439e5093d69bcf9d150411f8668e32b','\'\'',NULL,365846),('3_Saturday','12','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_0439e5093d69bcf9d150411f8668e32b','\'\'',NULL,365847),('3_Saturday','13','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_0439e5093d69bcf9d150411f8668e32b','\'\'',NULL,365848),('3_Saturday','14','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_0439e5093d69bcf9d150411f8668e32b','\'\'',NULL,365849),('3_Saturday','15','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_0439e5093d69bcf9d150411f8668e32b','\'\'',NULL,365850),('3_Saturday','16','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_0439e5093d69bcf9d150411f8668e32b','\'\'',NULL,365851),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_84d3952cdd4108d8808749dab6d39c70','\'Title: Adversary Wars CTF
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAdversary Village proudly presents \"Adversary Wars CTF,\" a cutting-edge capture the flag competition that revolves around adversary attack simulation, adversary-threat actor emulation, purple team tactics and adversary tradecraft. This unique competition is designed to replicate enterprise infrastructure and present participants with challenges that encourage the adoption of various techniques, tactics, and procedures (TTPs) employed by real adversaries and threat actors, all within a defined time frame.\n

Adversary Village is a community-driven initiative that prioritizes adversary simulation, emulation, breach and attack simulation, adversary tactics, offensive/adversary tradecraft, philosophy, and purple teaming.\n

Our objective is to establish a Capture the Flag competition dedicated to adversary simulation, purple teaming and knowledge sharing. Adversary Wars offers unique opportunities for “adversaries” aka participants to simulate attacks, explore new attack vectors, gain insights into threat actor profiles, master TTPs, and refine offensive tradecraft. With a range of adversary simulation exercises at different difficulty levels, this CTF promises real-world attack simulation scenarios and challenges.\n

Previous versions of the Adversary Wars CTF were hosted as part of Adversary Village, during DEF CON 29 and DEF CON 30. We are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 31.​\n

\n\n\'',NULL,365852),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_84d3952cdd4108d8808749dab6d39c70','\'\'',NULL,365853),('2_Friday','10','10:00','16:59','N','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_2c92bbfc1995221c1c893424dc46f0b4','\'Title: Adversary Wars CTF
\nWhen: Friday, Aug 11, 10:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAdversary Village proudly presents \"Adversary Wars CTF,\" a cutting-edge capture the flag competition that revolves around adversary attack simulation, adversary-threat actor emulation, purple team tactics and adversary tradecraft. This unique competition is designed to replicate enterprise infrastructure and present participants with challenges that encourage the adoption of various techniques, tactics, and procedures (TTPs) employed by real adversaries and threat actors, all within a defined time frame.\n

Adversary Village is a community-driven initiative that prioritizes adversary simulation, emulation, breach and attack simulation, adversary tactics, offensive/adversary tradecraft, philosophy, and purple teaming.\n

Our objective is to establish a Capture the Flag competition dedicated to adversary simulation, purple teaming and knowledge sharing. Adversary Wars offers unique opportunities for “adversaries” aka participants to simulate attacks, explore new attack vectors, gain insights into threat actor profiles, master TTPs, and refine offensive tradecraft. With a range of adversary simulation exercises at different difficulty levels, this CTF promises real-world attack simulation scenarios and challenges.\n

Previous versions of the Adversary Wars CTF were hosted as part of Adversary Village, during DEF CON 29 and DEF CON 30. We are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 31.​\n

\n\n\'',NULL,365854),('2_Friday','11','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_2c92bbfc1995221c1c893424dc46f0b4','\'\'',NULL,365855),('2_Friday','12','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_2c92bbfc1995221c1c893424dc46f0b4','\'\'',NULL,365856),('2_Friday','13','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_2c92bbfc1995221c1c893424dc46f0b4','\'\'',NULL,365857),('2_Friday','14','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_2c92bbfc1995221c1c893424dc46f0b4','\'\'',NULL,365858),('2_Friday','15','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_2c92bbfc1995221c1c893424dc46f0b4','\'\'',NULL,365859),('2_Friday','16','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Adversary Wars CTF\'','\' \'','CON_2c92bbfc1995221c1c893424dc46f0b4','\'\'',NULL,365860),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_22df7982d2ef4e68803ab2cce14fb399','\'Title: Battle of The Bots
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nBattle of The Bots presents a new twist on traditional “King-of-The-Hill” style Capture the Flag events by incorporating exploit development, vulnerability analysis, reverse engineering and software development in the form of developing computer worms aka “bots”. BOTBs requires competitors to develop proof-of-concept exploits against varying misconfigured or vulnerable network services. To maximize points scored, the competitor’s bot must automatically scan and compromise network services in the competition environment autonomously. Services that are harder to exploit (ex: requiring memory corruption exploits opposed to misconfigured databases) will result in a higher point score for the competitor. \n \n

The vulnerable network services will include real world vulnerable services where a competitor can adopt off the shelf proof-of-concepts vulnerabilities from an offensive security resource (ex: Metasploit Framework, exploit-db, packetstorm, etc…) into their bot to achieve access to said vulnerable services. Additionally, custom built vulnerable services informed by OWASP Top 10 security bugs as well as CVEs will influence challenge development resulting in a competitor to have the experience of reverse engineering new applications to identify vulnerabilities based on historically significant pain points in Software Engineering as well as infamous historical CVEs. Battle of The Bots will give competitors of all skill levels an opportunity to develop proof-of-concept exploits. Network services will be developed in a variety of compiled and interpreted languages with varying associated vulnerabilities and points. The variety of languages will provide opportunities for those less experienced with reverse engineering to analyze vulnerable Python code to find hidden API endpoints that lead to shell execution for example, rather than reverse engineer compiled binaries.\n \n

Finally, the BOTBs team will be capturing network traffic from the competition environment to later be shared with the wider community. The BOTBs team believes that this unique dataset of network service attacks can act as a unique resource for academic researchers, SOC analysts assessing their defenses and training events where having attack data for SIEM analysis. The data will be released under the Apache 2.0 License and hosted publicly on a yet to be determined platform.\n

\n\n\'',NULL,365861),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_22df7982d2ef4e68803ab2cce14fb399','\'\'',NULL,365862),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f','\'Title: Battle of The Bots
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nBattle of The Bots presents a new twist on traditional “King-of-The-Hill” style Capture the Flag events by incorporating exploit development, vulnerability analysis, reverse engineering and software development in the form of developing computer worms aka “bots”. BOTBs requires competitors to develop proof-of-concept exploits against varying misconfigured or vulnerable network services. To maximize points scored, the competitor’s bot must automatically scan and compromise network services in the competition environment autonomously. Services that are harder to exploit (ex: requiring memory corruption exploits opposed to misconfigured databases) will result in a higher point score for the competitor. \n \n

The vulnerable network services will include real world vulnerable services where a competitor can adopt off the shelf proof-of-concepts vulnerabilities from an offensive security resource (ex: Metasploit Framework, exploit-db, packetstorm, etc…) into their bot to achieve access to said vulnerable services. Additionally, custom built vulnerable services informed by OWASP Top 10 security bugs as well as CVEs will influence challenge development resulting in a competitor to have the experience of reverse engineering new applications to identify vulnerabilities based on historically significant pain points in Software Engineering as well as infamous historical CVEs. Battle of The Bots will give competitors of all skill levels an opportunity to develop proof-of-concept exploits. Network services will be developed in a variety of compiled and interpreted languages with varying associated vulnerabilities and points. The variety of languages will provide opportunities for those less experienced with reverse engineering to analyze vulnerable Python code to find hidden API endpoints that lead to shell execution for example, rather than reverse engineer compiled binaries.\n \n

Finally, the BOTBs team will be capturing network traffic from the competition environment to later be shared with the wider community. The BOTBs team believes that this unique dataset of network service attacks can act as a unique resource for academic researchers, SOC analysts assessing their defenses and training events where having attack data for SIEM analysis. The data will be released under the Apache 2.0 License and hosted publicly on a yet to be determined platform.\n

\n\n\'',NULL,365863),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f','\'\'',NULL,365864),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f','\'\'',NULL,365865),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f','\'\'',NULL,365866),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f','\'\'',NULL,365867),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f','\'\'',NULL,365868),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f','\'\'',NULL,365869),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f','\'\'',NULL,365870),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44','\'Title: Battle of The Bots
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nBattle of The Bots presents a new twist on traditional “King-of-The-Hill” style Capture the Flag events by incorporating exploit development, vulnerability analysis, reverse engineering and software development in the form of developing computer worms aka “bots”. BOTBs requires competitors to develop proof-of-concept exploits against varying misconfigured or vulnerable network services. To maximize points scored, the competitor’s bot must automatically scan and compromise network services in the competition environment autonomously. Services that are harder to exploit (ex: requiring memory corruption exploits opposed to misconfigured databases) will result in a higher point score for the competitor. \n \n

The vulnerable network services will include real world vulnerable services where a competitor can adopt off the shelf proof-of-concepts vulnerabilities from an offensive security resource (ex: Metasploit Framework, exploit-db, packetstorm, etc…) into their bot to achieve access to said vulnerable services. Additionally, custom built vulnerable services informed by OWASP Top 10 security bugs as well as CVEs will influence challenge development resulting in a competitor to have the experience of reverse engineering new applications to identify vulnerabilities based on historically significant pain points in Software Engineering as well as infamous historical CVEs. Battle of The Bots will give competitors of all skill levels an opportunity to develop proof-of-concept exploits. Network services will be developed in a variety of compiled and interpreted languages with varying associated vulnerabilities and points. The variety of languages will provide opportunities for those less experienced with reverse engineering to analyze vulnerable Python code to find hidden API endpoints that lead to shell execution for example, rather than reverse engineer compiled binaries.\n \n

Finally, the BOTBs team will be capturing network traffic from the competition environment to later be shared with the wider community. The BOTBs team believes that this unique dataset of network service attacks can act as a unique resource for academic researchers, SOC analysts assessing their defenses and training events where having attack data for SIEM analysis. The data will be released under the Apache 2.0 License and hosted publicly on a yet to be determined platform.\n

\n\n\'',NULL,365871),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44','\'\'',NULL,365872),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44','\'\'',NULL,365873),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44','\'\'',NULL,365874),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44','\'\'',NULL,365875),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44','\'\'',NULL,365876),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44','\'\'',NULL,365877),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Battle of The Bots\'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44','\'\'',NULL,365878),('2_Friday','12','12:00','16:59','N','CON','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Blacks in Cyber Village CTF\'','\' \'','CON_735bfa6cfa684a64d102b51b01e20312','\'Title: Blacks in Cyber Village CTF
\nWhen: Friday, Aug 11, 12:00 - 16:59 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
\nDescription:
\nThe year is 2323. You find yourself in an abandoned city in the future that is home to a variety of advanced technology and systems. You will need to use your skills to solve challenges and discover information to use to uncover your flags. Along the way, you will learn about social justice, privacy, civil rights and surveillance and how these can relate to communities and individuals as our world explores emerging technologies. This is a jeopardy style game with multiple categories in Cryptography, Steganography, Exploitation, Forensics, Reverse Engineering and more!\n
\n\n\'',NULL,365879),('2_Friday','13','12:00','16:59','Y','CON','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Blacks in Cyber Village CTF\'','\' \'','CON_735bfa6cfa684a64d102b51b01e20312','\'\'',NULL,365880),('2_Friday','14','12:00','16:59','Y','CON','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Blacks in Cyber Village CTF\'','\' \'','CON_735bfa6cfa684a64d102b51b01e20312','\'\'',NULL,365881),('2_Friday','15','12:00','16:59','Y','CON','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Blacks in Cyber Village CTF\'','\' \'','CON_735bfa6cfa684a64d102b51b01e20312','\'\'',NULL,365882),('2_Friday','16','12:00','16:59','Y','CON','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Blacks in Cyber Village CTF\'','\' \'','CON_735bfa6cfa684a64d102b51b01e20312','\'\'',NULL,365883),('2_Friday','10','10:30','17:59','N','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753','\'Title: Blue Team Village CTF
\nWhen: Friday, Aug 11, 10:30 - 17:59 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Map
\n
\nDescription:
\nThe Blue Team Village CTF is a cyber defense CTF inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate the recent attacks against our fictitious company: Magnus Tempus Financial. Since Magnus Tempus Financial made a vital acquisition expanding its precious metals portfolio to oil and gas operational technology (OT), you will also investigate their OT environment.\n

The CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, Malware Analysis, Threat Intelligence, and Threat Hunting, to be the first team or individual to answer or solve the challenges presented. \n

The BTV crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate, aiming to sharpen their cyber defense skills. We believe in the idea of choosing your adventure. As a result, participants can download a copy of the required evidence (logs, packets, etc.) or log into any of the 3 SIEMs we provide to hunt on. \n

If you are new to cyber defense, we highly recommend participating in the Blue Team Village Obsidian stations. They will cover many of the topics on the CTF and will help you along the way!\n

\n\n\'',NULL,365884),('2_Friday','11','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753','\'\'',NULL,365885),('2_Friday','12','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753','\'\'',NULL,365886),('2_Friday','13','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753','\'\'',NULL,365887),('2_Friday','14','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753','\'\'',NULL,365888),('2_Friday','15','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753','\'\'',NULL,365889),('2_Friday','16','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753','\'\'',NULL,365890),('2_Friday','17','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753','\'\'',NULL,365891),('3_Saturday','10','10:30','17:59','N','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0','\'Title: Blue Team Village CTF
\nWhen: Saturday, Aug 12, 10:30 - 17:59 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Map
\n
\nDescription:
\nThe Blue Team Village CTF is a cyber defense CTF inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate the recent attacks against our fictitious company: Magnus Tempus Financial. Since Magnus Tempus Financial made a vital acquisition expanding its precious metals portfolio to oil and gas operational technology (OT), you will also investigate their OT environment.\n

The CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, Malware Analysis, Threat Intelligence, and Threat Hunting, to be the first team or individual to answer or solve the challenges presented. \n

The BTV crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate, aiming to sharpen their cyber defense skills. We believe in the idea of choosing your adventure. As a result, participants can download a copy of the required evidence (logs, packets, etc.) or log into any of the 3 SIEMs we provide to hunt on. \n

If you are new to cyber defense, we highly recommend participating in the Blue Team Village Obsidian stations. They will cover many of the topics on the CTF and will help you along the way!\n

\n\n\'',NULL,365892),('3_Saturday','11','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0','\'\'',NULL,365893),('3_Saturday','12','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0','\'\'',NULL,365894),('3_Saturday','13','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0','\'\'',NULL,365895),('3_Saturday','14','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0','\'\'',NULL,365896),('3_Saturday','15','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0','\'\'',NULL,365897),('3_Saturday','16','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0','\'\'',NULL,365898),('3_Saturday','17','10:30','17:59','Y','CON','Flamingo - Sunset - Scenic - Blue Team Village','\'Blue Team Village CTF\'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0','\'\'',NULL,365899),('2_Friday','10','10:30','17:59','N','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_320f1057de14023f48bfef4879dac154','\'Title: Capture The Packet Preliminaries
\nWhen: Friday, Aug 11, 10:30 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nCapture The Packet is returning to DEF CON! Our legendary cyber defense competition has been a Black Badge contest for over 10 years! Glory and prizes await. Follow this event on Twitter at @Capturetp for the latest information on competition dates and times, as well as prizes. \n
\n\n\'',NULL,365900),('2_Friday','11','10:30','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_320f1057de14023f48bfef4879dac154','\'\'',NULL,365901),('2_Friday','12','10:30','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_320f1057de14023f48bfef4879dac154','\'\'',NULL,365902),('2_Friday','13','10:30','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_320f1057de14023f48bfef4879dac154','\'\'',NULL,365903),('2_Friday','14','10:30','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_320f1057de14023f48bfef4879dac154','\'\'',NULL,365904),('2_Friday','15','10:30','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_320f1057de14023f48bfef4879dac154','\'\'',NULL,365905),('2_Friday','16','10:30','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_320f1057de14023f48bfef4879dac154','\'\'',NULL,365906),('2_Friday','17','10:30','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_320f1057de14023f48bfef4879dac154','\'\'',NULL,365907),('3_Saturday','10','10:30','11:59','N','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_7f764078acb972477c2a095817832ef2','\'Title: Capture The Packet Preliminaries
\nWhen: Saturday, Aug 12, 10:30 - 11:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nCapture The Packet is returning to DEF CON! Our legendary cyber defense competition has been a Black Badge contest for over 10 years! Glory and prizes await. Follow this event on Twitter at @Capturetp for the latest information on competition dates and times, as well as prizes. \n
\n\n\'',NULL,365908),('3_Saturday','11','10:30','11:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Preliminaries\'','\' \'','CON_7f764078acb972477c2a095817832ef2','\'\'',NULL,365909),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_212ca802344a16165652734718c58d14','\'Title: Car Hacking Village CTF
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEM\'s and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\n

With the largest collection of hackers in one area, there\'s no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 9 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. Our contest at the village, in combination with many automotive OEMs, Suppliers, etc., is used to give people first hand experience on cutting edge and at times expensive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n

\n\n\'',NULL,365910),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_212ca802344a16165652734718c58d14','\'\'',NULL,365911),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_212ca802344a16165652734718c58d14','\'\'',NULL,365912),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_212ca802344a16165652734718c58d14','\'\'',NULL,365913),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_212ca802344a16165652734718c58d14','\'\'',NULL,365914),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_212ca802344a16165652734718c58d14','\'\'',NULL,365915),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_212ca802344a16165652734718c58d14','\'\'',NULL,365916),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_212ca802344a16165652734718c58d14','\'\'',NULL,365917),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1','\'Title: Car Hacking Village CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEM\'s and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\n

With the largest collection of hackers in one area, there\'s no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 9 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. Our contest at the village, in combination with many automotive OEMs, Suppliers, etc., is used to give people first hand experience on cutting edge and at times expensive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n

\n\n\'',NULL,365918),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1','\'\'',NULL,365919),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1','\'\'',NULL,365920),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1','\'\'',NULL,365921),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1','\'\'',NULL,365922),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1','\'\'',NULL,365923),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1','\'\'',NULL,365924),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1','\'\'',NULL,365925),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_9a7ad05ac176025aa216498947dc1921','\'Title: Car Hacking Village CTF
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEM\'s and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.\n

With the largest collection of hackers in one area, there\'s no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 9 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. Our contest at the village, in combination with many automotive OEMs, Suppliers, etc., is used to give people first hand experience on cutting edge and at times expensive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.\n

\n\n\'',NULL,365926),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Car Hacking Village CTF\'','\' \'','CON_9a7ad05ac176025aa216498947dc1921','\'\'',NULL,365927),('3_Saturday','15','15:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Chess Tournament\'','\' \'','CON_35432b241a9f8b64a13d3ffea536dbbd','\'Title: DEF CON Chess Tournament
\nWhen: Saturday, Aug 12, 15:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nTwitter: @defconchess\n

For early registration, please send your name and rating to: defconchess@gmail.com​\n

Chess, computers, and hacking go way back. In the 18th century, the Mechanical Turk appeared to play a good game, but there was a human ghost hiding in the shell. Some of the first computer software was written to play chess. In 1997, world champion Garry Kasparov lost to the program Deep Blue, but after the match he accused IBM of cheating, alleging that only a rival grandmaster could have made certain moves.\n

At DEF CON 31, we will run a human chess tournament. The games will have a “blitz” time control of 5 minutes on each player’s clock, for a maximum total game time of 10 minutes. The tournament will have a Swiss-system format, with a fixed number of rounds. The match pairing for each round is done after the previous round has ended, and depends on its results. Each player is paired with another player who has a similar running score.\n

To determine the winner, the Swiss system is considered highly effective, even when there is a large number of competitors and a small number of rounds. Every player gets to play the full tournament, and the winner has the highest aggregate score when all rounds are over.\n

There will be trophies and prizes for the top three players.\n

The tournament mechanics will be managed by the Las Vegas Chess Center (LVCC), which has many years of experience in organizing royal game tournaments for all strength levels and ages. LVCC has professional coaches, and grandmasters are frequent visitors.​\n

Max players: 100. In order to crown the best chess player at DEF CON, we will register the highest-rated players first.​ \n

\n\n\'',NULL,365928),('3_Saturday','16','15:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Chess Tournament\'','\' \'','CON_35432b241a9f8b64a13d3ffea536dbbd','\'\'',NULL,365929),('3_Saturday','17','15:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Chess Tournament\'','\' \'','CON_35432b241a9f8b64a13d3ffea536dbbd','\'\'',NULL,365930),('4_Sunday','10','10:00','11:59','N','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d0552de7e2612d8bb2219cb3e7105381','\'Title: Cloud Village CTF
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nIf you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\n

Our CTF is a three days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\n

You can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n

\n\n\'',NULL,365931),('4_Sunday','11','10:00','11:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d0552de7e2612d8bb2219cb3e7105381','\'\'',NULL,365932),('3_Saturday','10','10:00','17:59','N','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3','\'Title: Cloud Village CTF
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nIf you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\n

Our CTF is a three days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\n

You can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n

\n\n\'',NULL,365933),('3_Saturday','11','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3','\'\'',NULL,365934),('3_Saturday','12','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3','\'\'',NULL,365935),('3_Saturday','13','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3','\'\'',NULL,365936),('3_Saturday','14','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3','\'\'',NULL,365937),('3_Saturday','15','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3','\'\'',NULL,365938),('3_Saturday','16','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3','\'\'',NULL,365939),('3_Saturday','17','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3','\'\'',NULL,365940),('2_Friday','10','10:00','17:59','N','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577','\'Title: Cloud Village CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nIf you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!\n

Our CTF is a three days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.\n

You can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D\n

\n\n\'',NULL,365941),('2_Friday','11','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577','\'\'',NULL,365942),('2_Friday','12','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577','\'\'',NULL,365943),('2_Friday','13','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577','\'\'',NULL,365944),('2_Friday','14','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577','\'\'',NULL,365945),('2_Friday','15','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577','\'\'',NULL,365946),('2_Friday','16','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577','\'\'',NULL,365947),('2_Friday','17','10:00','17:59','Y','CON','Virtual','\'Cloud Village CTF\'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577','\'\'',NULL,365948),('2_Friday','10','10:00','11:59','N','CON','Virtual','\'CMD+CTRL at DEF CON 31 - Competition\'','\' \'','CON_e63eabe51e2b5ab161abe920c24a6141','\'Title: CMD+CTRL at DEF CON 31 - Competition
\nWhen: Friday, Aug 11, 10:00 - 11:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nCMD+CTRL Cyber Range is an interactive learning and hacking platform where development, security, IT, and other roles come together to build an appreciation for protecting the enterprise. Players learn security techniques in a real-world environment where they compete to find vulnerabilities. Real-time scoring keeps participants engaged and creates friendly competition. Our Cloud and App Cyber Ranges incorporate authentic, fully functioning applications and vulnerabilities often found in commercial web platforms.\n

Learn to see web applications and services from an attacker\'s perspective. CMD+CTRL is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you\'ll have a better understanding of the vulnerabilities that put real applications at risk - and you\'ll be better prepared to find and fix those vulnerabilities in your own code.\n

At DEF CON 31: We will be debuting our latest Cyber Range, which focuses on exploiting a modern health record management system, dubbed ShadowHealth. Inspired by the latest trends and real world exploits, try your hands exploiting: SSRF, Log4Shell, reverse engineering, local privilege escalation, password cracking, XXS, and so much more! With over 35 challenges do you think you can complete them all?\n

\n

CMD+CTRL will have two different games happening: free play, and the competition. Both require a code to join, and the best way to get a code is to go to the CMD+CTRL booth in the contest area. Codes to join free play may be given in Discord, on Thursday. Questions and such will also only be answered at the booth; Discord will not be staffed this year, aside from free play codes on Thursday. Once you have a code, you can play online, from anywhere -- you do not have to be in the contest area.\n

\n\n\'',NULL,365949),('2_Friday','11','10:00','11:59','Y','CON','Virtual','\'CMD+CTRL at DEF CON 31 - Competition\'','\' \'','CON_e63eabe51e2b5ab161abe920c24a6141','\'\'',NULL,365950),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8','\'Title: CrackMeIfYouCan
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe premiere password cracking contest \"CrackMeIfYouCan\" is back again. Passwords so two-thousand and late. Remember, remember, the cracks of November.\n

We\'re preparing hashes from easy to hard, so there\'ll be something for you if you want to compete casually as a Street team, or go all out in Pro.\n

Where we\'re going, we don\'t need roads. Purely a penchant for puzzles, perhaps a plethora of processors.\n

Check out past years\' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n

\n\n\'',NULL,365951),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8','\'\'',NULL,365952),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8','\'\'',NULL,365953),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8','\'\'',NULL,365954),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8','\'\'',NULL,365955),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8','\'\'',NULL,365956),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8','\'\'',NULL,365957),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8','\'\'',NULL,365958),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_f708eaefefb341aa4bad7eb86785cef2','\'Title: CrackMeIfYouCan
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe premiere password cracking contest \"CrackMeIfYouCan\" is back again. Passwords so two-thousand and late. Remember, remember, the cracks of November.\n

We\'re preparing hashes from easy to hard, so there\'ll be something for you if you want to compete casually as a Street team, or go all out in Pro.\n

Where we\'re going, we don\'t need roads. Purely a penchant for puzzles, perhaps a plethora of processors.\n

Check out past years\' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n

\n\n\'',NULL,365959),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_f708eaefefb341aa4bad7eb86785cef2','\'\'',NULL,365960),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_521a2dbce01ab666f660d14d8b089982','\'Title: CrackMeIfYouCan
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe premiere password cracking contest \"CrackMeIfYouCan\" is back again. Passwords so two-thousand and late. Remember, remember, the cracks of November.\n

We\'re preparing hashes from easy to hard, so there\'ll be something for you if you want to compete casually as a Street team, or go all out in Pro.\n

Where we\'re going, we don\'t need roads. Purely a penchant for puzzles, perhaps a plethora of processors.\n

Check out past years\' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/\n

\n\n\'',NULL,365961),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_521a2dbce01ab666f660d14d8b089982','\'\'',NULL,365962),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_521a2dbce01ab666f660d14d8b089982','\'\'',NULL,365963),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_521a2dbce01ab666f660d14d8b089982','\'\'',NULL,365964),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_521a2dbce01ab666f660d14d8b089982','\'\'',NULL,365965),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_521a2dbce01ab666f660d14d8b089982','\'\'',NULL,365966),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_521a2dbce01ab666f660d14d8b089982','\'\'',NULL,365967),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CrackMeIfYouCan\'','\' \'','CON_521a2dbce01ab666f660d14d8b089982','\'\'',NULL,365968),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_a3177c3e578f77327aa5b24e200e21cd','\'Title: Darknet-NG
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nDarknet-NG is an In-Person Massively Multiplayer Online Role Playing Game (MMO-RPG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year\'s challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n
\n\n\'',NULL,365969),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_a3177c3e578f77327aa5b24e200e21cd','\'\'',NULL,365970),('3_Saturday','10','10:00','16:30','N','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_75bb33af3590f7398b697f6fc3aaa636','\'Title: Darknet-NG
\nWhen: Saturday, Aug 12, 10:00 - 16:30 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nDarknet-NG is an In-Person Massively Multiplayer Online Role Playing Game (MMO-RPG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year\'s challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n
\n\n\'',NULL,365971),('3_Saturday','11','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_75bb33af3590f7398b697f6fc3aaa636','\'\'',NULL,365972),('3_Saturday','12','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_75bb33af3590f7398b697f6fc3aaa636','\'\'',NULL,365973),('3_Saturday','13','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_75bb33af3590f7398b697f6fc3aaa636','\'\'',NULL,365974),('3_Saturday','14','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_75bb33af3590f7398b697f6fc3aaa636','\'\'',NULL,365975),('3_Saturday','15','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_75bb33af3590f7398b697f6fc3aaa636','\'\'',NULL,365976),('3_Saturday','16','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_75bb33af3590f7398b697f6fc3aaa636','\'\'',NULL,365977),('2_Friday','10','10:00','16:30','N','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_ad09d04f277023de040d691bb19d363a','\'Title: Darknet-NG
\nWhen: Friday, Aug 11, 10:00 - 16:30 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nDarknet-NG is an In-Person Massively Multiplayer Online Role Playing Game (MMO-RPG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year\'s challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!\n
\n\n\'',NULL,365978),('2_Friday','11','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_ad09d04f277023de040d691bb19d363a','\'\'',NULL,365979),('2_Friday','12','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_ad09d04f277023de040d691bb19d363a','\'\'',NULL,365980),('2_Friday','13','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_ad09d04f277023de040d691bb19d363a','\'\'',NULL,365981),('2_Friday','14','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_ad09d04f277023de040d691bb19d363a','\'\'',NULL,365982),('2_Friday','15','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_ad09d04f277023de040d691bb19d363a','\'\'',NULL,365983),('2_Friday','16','10:00','16:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Darknet-NG\'','\' \'','CON_ad09d04f277023de040d691bb19d363a','\'\'',NULL,365984),('3_Saturday','10','10:00','16:59','N','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_cbe508c01592c4d896e3bd0f1845030d','\'Title: DC Kubernetes Capture the Flag (CTF)
\nWhen: Saturday, Aug 12, 10:00 - 16:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nThe DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\n

A scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.​\n

\n\n\'',NULL,365985),('3_Saturday','11','10:00','16:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_cbe508c01592c4d896e3bd0f1845030d','\'\'',NULL,365986),('3_Saturday','12','10:00','16:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_cbe508c01592c4d896e3bd0f1845030d','\'\'',NULL,365987),('3_Saturday','13','10:00','16:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_cbe508c01592c4d896e3bd0f1845030d','\'\'',NULL,365988),('3_Saturday','14','10:00','16:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_cbe508c01592c4d896e3bd0f1845030d','\'\'',NULL,365989),('3_Saturday','15','10:00','16:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_cbe508c01592c4d896e3bd0f1845030d','\'\'',NULL,365990),('3_Saturday','16','10:00','16:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_cbe508c01592c4d896e3bd0f1845030d','\'\'',NULL,365991),('2_Friday','10','10:00','19:59','N','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'Title: DC Kubernetes Capture the Flag (CTF)
\nWhen: Friday, Aug 11, 10:00 - 19:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nThe DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.\n

A scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.​\n

\n\n\'',NULL,365992),('2_Friday','11','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,365993),('2_Friday','12','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,365994),('2_Friday','13','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,365995),('2_Friday','14','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,365996),('2_Friday','15','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,365997),('2_Friday','16','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,365998),('2_Friday','17','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,365999),('2_Friday','18','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,366000),('2_Friday','19','10:00','19:59','Y','CON','Virtual','\'DC Kubernetes Capture the Flag (CTF)\'','\' \'','CON_96d08718e727e7e7a8442bf21003c209','\'\'',NULL,366001),('3_Saturday','13','13:00','14:59','N','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Presentation \'','\' \'','MISC_717104b4c61d42edebb23d032d3a5527','\'Title: DC’s Next Top Threat Model (DCNTTM) - BYODesign Presentation
\nWhen: Saturday, Aug 12, 13:00 - 14:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nPractice threat modeling on your own design! Be prepared to show off your design and take feedback/findings!\n

Registration required, come by our booth on Friday to sign up for a slot. \n

\n\n\'',NULL,366002),('3_Saturday','14','13:00','14:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Presentation \'','\' \'','MISC_717104b4c61d42edebb23d032d3a5527','\'\'',NULL,366003),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9','\'Title: DEF CON Scavenger Hunt
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you tired of being an NPC, mindlessly standing in line at a hacker con? Do you want to be involved and improve the hacker community? The DEF CON Scavenger Hunt is here to encourage you to interact with goons and attendees alike; to be an active participant of DEF CON itself.\n \n

Come visit the DEF CON Scavenger Hunt table in the contest area and get a list, register your team of 1 to 5 players, and gather or accomplish as many items from the list as you can. Items are submitted at the table, better than average submissions shall be awarded bonus points. The team who turns in the most points by Sunday at noon will win the admiration of your like-minded peers.\n \n

The DEF CON Scavenger Hunt is one of the longest running contests at DEF CON, visit https://defconscavhunt.com for a history lesson.\n \n

If you capture pictures or video of items from our list, or have in the past, please send them to us via email scavlist@gmail.com.\n

--\n

The scavenger hunt list is open to interpretation and we are not responsible for how list items are interpreted. We have had a number of pre-teens and teenagers play the scavenger hunt over the years, primarily with their parents but occasionally alone. The team that won at DC24 included a teenager with their parents. Parental Guidance Recommended.\n

\n\'',NULL,366004),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9','\'\'',NULL,366005),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9','\'\'',NULL,366006),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9','\'\'',NULL,366007),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9','\'\'',NULL,366008),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9','\'\'',NULL,366009),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9','\'\'',NULL,366010),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9','\'\'',NULL,366011),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_722247ab0996eba9fca264eba0eea852','\'Title: DEF CON Scavenger Hunt
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you tired of being an NPC, mindlessly standing in line at a hacker con? Do you want to be involved and improve the hacker community? The DEF CON Scavenger Hunt is here to encourage you to interact with goons and attendees alike; to be an active participant of DEF CON itself.\n \n

Come visit the DEF CON Scavenger Hunt table in the contest area and get a list, register your team of 1 to 5 players, and gather or accomplish as many items from the list as you can. Items are submitted at the table, better than average submissions shall be awarded bonus points. The team who turns in the most points by Sunday at noon will win the admiration of your like-minded peers.\n \n

The DEF CON Scavenger Hunt is one of the longest running contests at DEF CON, visit https://defconscavhunt.com for a history lesson.\n \n

If you capture pictures or video of items from our list, or have in the past, please send them to us via email scavlist@gmail.com.\n

--\n

The scavenger hunt list is open to interpretation and we are not responsible for how list items are interpreted. We have had a number of pre-teens and teenagers play the scavenger hunt over the years, primarily with their parents but occasionally alone. The team that won at DC24 included a teenager with their parents. Parental Guidance Recommended.\n

\n\'',NULL,366012),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_722247ab0996eba9fca264eba0eea852','\'\'',NULL,366013),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62','\'Title: DEF CON Scavenger Hunt
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you tired of being an NPC, mindlessly standing in line at a hacker con? Do you want to be involved and improve the hacker community? The DEF CON Scavenger Hunt is here to encourage you to interact with goons and attendees alike; to be an active participant of DEF CON itself.\n \n

Come visit the DEF CON Scavenger Hunt table in the contest area and get a list, register your team of 1 to 5 players, and gather or accomplish as many items from the list as you can. Items are submitted at the table, better than average submissions shall be awarded bonus points. The team who turns in the most points by Sunday at noon will win the admiration of your like-minded peers.\n \n

The DEF CON Scavenger Hunt is one of the longest running contests at DEF CON, visit https://defconscavhunt.com for a history lesson.\n \n

If you capture pictures or video of items from our list, or have in the past, please send them to us via email scavlist@gmail.com.\n

--\n

The scavenger hunt list is open to interpretation and we are not responsible for how list items are interpreted. We have had a number of pre-teens and teenagers play the scavenger hunt over the years, primarily with their parents but occasionally alone. The team that won at DC24 included a teenager with their parents. Parental Guidance Recommended.\n

\n\'',NULL,366014),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62','\'\'',NULL,366015),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62','\'\'',NULL,366016),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62','\'\'',NULL,366017),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62','\'\'',NULL,366018),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62','\'\'',NULL,366019),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62','\'\'',NULL,366020),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON Scavenger Hunt\'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62','\'\'',NULL,366021),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_dd049198c1cf952bdf37d06b63448298','\'Title: DEFCON MUD DUMB TERMINAL EDITION
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe DEFCON MUD is back, this time you can only access it over dumb terminals or serial terminals hosted by the DEFCON SCAV Hunt. Flags will be hosted inside the mud, good luck, have fun, and oh yes the game has exploits, can you find them all?\n

--\n

Rated PG-13.\n

\n\'',NULL,366022),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_dd049198c1cf952bdf37d06b63448298','\'\'',NULL,366023),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_891c38461af1373e8a287667993b2581','\'Title: DEFCON MUD DUMB TERMINAL EDITION
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe DEFCON MUD is back, this time you can only access it over dumb terminals or serial terminals hosted by the DEFCON SCAV Hunt. Flags will be hosted inside the mud, good luck, have fun, and oh yes the game has exploits, can you find them all?\n

--\n

Rated PG-13.\n

\n\'',NULL,366024),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_891c38461af1373e8a287667993b2581','\'\'',NULL,366025),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_891c38461af1373e8a287667993b2581','\'\'',NULL,366026),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_891c38461af1373e8a287667993b2581','\'\'',NULL,366027),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_891c38461af1373e8a287667993b2581','\'\'',NULL,366028),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_891c38461af1373e8a287667993b2581','\'\'',NULL,366029),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_891c38461af1373e8a287667993b2581','\'\'',NULL,366030),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_891c38461af1373e8a287667993b2581','\'\'',NULL,366031),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_1ae6513139f5f90779f510766792bce0','\'Title: DEFCON MUD DUMB TERMINAL EDITION
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe DEFCON MUD is back, this time you can only access it over dumb terminals or serial terminals hosted by the DEFCON SCAV Hunt. Flags will be hosted inside the mud, good luck, have fun, and oh yes the game has exploits, can you find them all?\n

--\n

Rated PG-13.\n

\n\'',NULL,366032),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_1ae6513139f5f90779f510766792bce0','\'\'',NULL,366033),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_1ae6513139f5f90779f510766792bce0','\'\'',NULL,366034),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_1ae6513139f5f90779f510766792bce0','\'\'',NULL,366035),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_1ae6513139f5f90779f510766792bce0','\'\'',NULL,366036),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_1ae6513139f5f90779f510766792bce0','\'\'',NULL,366037),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_1ae6513139f5f90779f510766792bce0','\'\'',NULL,366038),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEFCON MUD DUMB TERMINAL EDITION\'','\' \'','CON_1ae6513139f5f90779f510766792bce0','\'\'',NULL,366039),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e','\'Title: Dungeons@Defcon
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nD@D is a table-top/RPG themed puzzling campaign for teams of 1-4 players. As part of the campaign, teams will unravel crypto challenges, solve physical puzzles, and do other side-quests that will have them interacting with different components of the Defcon community (villages, goons, NPCs, local wildlife, trolls, etc.) to earn points and progress through a narrative. The theme changes each year, but typically is based loosely on a popular table-top game that fits the theme for Defcon. Teams learn how to work cooperatively to solve large puzzles, and learn how to solve puzzles that they may have seen in CTFs, escape rooms, or other puzzle venues. The contest is designed to be accessible to all technical levels and all ages.\n \n

Pre-registration will occur online the week before con (announced via Twitter) as well as Friday morning at 10 in person, first come first served until we have enough teams filled. Contest will start at 12:00 on Friday\n

--\n

Kids are welcome. The first year Dungeons @ DEF CON ran, two kids with the help of their fathers won a black badge. \n

\n\n\'',NULL,366040),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e','\'\'',NULL,366041),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e','\'\'',NULL,366042),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e','\'\'',NULL,366043),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e','\'\'',NULL,366044),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e','\'\'',NULL,366045),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e','\'\'',NULL,366046),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e','\'\'',NULL,366047),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3','\'Title: Dungeons@Defcon
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nD@D is a table-top/RPG themed puzzling campaign for teams of 1-4 players. As part of the campaign, teams will unravel crypto challenges, solve physical puzzles, and do other side-quests that will have them interacting with different components of the Defcon community (villages, goons, NPCs, local wildlife, trolls, etc.) to earn points and progress through a narrative. The theme changes each year, but typically is based loosely on a popular table-top game that fits the theme for Defcon. Teams learn how to work cooperatively to solve large puzzles, and learn how to solve puzzles that they may have seen in CTFs, escape rooms, or other puzzle venues. The contest is designed to be accessible to all technical levels and all ages.\n \n

Pre-registration will occur online the week before con (announced via Twitter) as well as Friday morning at 10 in person, first come first served until we have enough teams filled. Contest will start at 12:00 on Friday\n

--\n

Kids are welcome. The first year Dungeons @ DEF CON ran, two kids with the help of their fathers won a black badge. \n

\n\n\'',NULL,366048),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3','\'\'',NULL,366049),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3','\'\'',NULL,366050),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3','\'\'',NULL,366051),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3','\'\'',NULL,366052),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3','\'\'',NULL,366053),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3','\'\'',NULL,366054),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Dungeons@Defcon\'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3','\'\'',NULL,366055); INSERT INTO `events` VALUES ('3_Saturday','10','10:00','17:59','N','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db','\'Title: Embedded CTF
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Evolution - Embedded Systems Village - Map
\n
\nDescription:
\nEmbedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular use case and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective.\n

The Embedded CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices\' inner workings and understand their design\'s security implications.\n

New devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants\' knowledge and experience.\n

By participating in the contest, teams of up to 6 contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills.\n

With the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous. Whether you\'re a seasoned security professional or just starting in the field, this contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\n

\n\n\'',NULL,366056),('3_Saturday','11','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db','\'\'',NULL,366057),('3_Saturday','12','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db','\'\'',NULL,366058),('3_Saturday','13','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db','\'\'',NULL,366059),('3_Saturday','14','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db','\'\'',NULL,366060),('3_Saturday','15','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db','\'\'',NULL,366061),('3_Saturday','16','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db','\'\'',NULL,366062),('3_Saturday','17','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db','\'\'',NULL,366063),('2_Friday','10','10:00','17:59','N','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c','\'Title: Embedded CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Evolution - Embedded Systems Village - Map
\n
\nDescription:
\nEmbedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular use case and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective.\n

The Embedded CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices\' inner workings and understand their design\'s security implications.\n

New devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants\' knowledge and experience.\n

By participating in the contest, teams of up to 6 contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills.\n

With the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous. Whether you\'re a seasoned security professional or just starting in the field, this contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\n

\n\n\'',NULL,366064),('2_Friday','11','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c','\'\'',NULL,366065),('2_Friday','12','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c','\'\'',NULL,366066),('2_Friday','13','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c','\'\'',NULL,366067),('2_Friday','14','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c','\'\'',NULL,366068),('2_Friday','15','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c','\'\'',NULL,366069),('2_Friday','16','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c','\'\'',NULL,366070),('2_Friday','17','10:00','17:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c','\'\'',NULL,366071),('4_Sunday','10','10:00','13:59','N','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_8eb8ebf5c1afb159a35c7686098390af','\'Title: Embedded CTF
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: LINQ - 3rd flr - Evolution - Embedded Systems Village - Map
\n
\nDescription:
\nEmbedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular use case and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective.\n

The Embedded CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices\' inner workings and understand their design\'s security implications.\n

New devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants\' knowledge and experience.\n

By participating in the contest, teams of up to 6 contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills.\n

With the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous. Whether you\'re a seasoned security professional or just starting in the field, this contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.\n

\n\n\'',NULL,366072),('4_Sunday','11','10:00','13:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_8eb8ebf5c1afb159a35c7686098390af','\'\'',NULL,366073),('4_Sunday','12','10:00','13:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_8eb8ebf5c1afb159a35c7686098390af','\'\'',NULL,366074),('4_Sunday','13','10:00','13:59','Y','CON','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded CTF\'','\' \'','CON_8eb8ebf5c1afb159a35c7686098390af','\'\'',NULL,366075),('1_Thursday','08','08:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Hac-Man\'','\' \'','CON_69cbf00989439c72946b9edd8d24ec61','\'Title: Hac-Man
\nWhen: Thursday, Aug 10, 08:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nHac-Man is a hacker skills challenge, themed after the classic arcade game \"Pac-Man\". Navigate your avatar through the maze, completing skills challenges in many different skills categories such as Ciphers and Codes, Reverse Engineering, Packet Analysis, Scavenger Hunt, Trivia, and Lock-picking. Can you make it to the end of the maze, or better yet, top the Leaderboard?\n
\n\n\'',NULL,366076),('1_Thursday','09','08:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hac-Man\'','\' \'','CON_69cbf00989439c72946b9edd8d24ec61','\'\'',NULL,366077),('1_Thursday','10','08:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hac-Man\'','\' \'','CON_69cbf00989439c72946b9edd8d24ec61','\'\'',NULL,366078),('1_Thursday','11','08:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hac-Man\'','\' \'','CON_69cbf00989439c72946b9edd8d24ec61','\'\'',NULL,366079),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_63bcf37796929d99e669c5f20b640c65','\'Title: Hack-A-Sat 4 (HAS4)
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Department of the Air Force, in collaboration with the security research community, is hosting Hack-A-Sat 4 – the world’s first CTF in space. Hack-A-Sat 4 aims to enable security researchers of all levels to focus their skills and creativity on solving cyber security challenges on space systems and incentivize innovation in securing these systems. Hack-A-Sat 4 will be the first CTF hosted on an on-orbit satellite, called Moonlighter. The satellite has been designed and built to advance the security research community’s skills and knowledge of on-orbit space systems. Note: HAS4 is no longer open to new contestants as the qualifying event took place in April. Attendees stopping by the HAS4 contest area will be able to learn about the history of Hack-A-Sat, Moonlighter and this year’s challenges. The area will have live scoreboards, dashboards and visualizations relaying game status, and live commentary will be provided from the adjacent Aerospace Village throughout the weekend. \n \n

HAS4 Qualifications were held April 1-2, 2023. \n Results here: https://quals.2023.hackasat.com/scoreboard/complete\n

\n\n\'',NULL,366080),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_63bcf37796929d99e669c5f20b640c65','\'\'',NULL,366081),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_63bcf37796929d99e669c5f20b640c65','\'\'',NULL,366082),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_63bcf37796929d99e669c5f20b640c65','\'\'',NULL,366083),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_63bcf37796929d99e669c5f20b640c65','\'\'',NULL,366084),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_63bcf37796929d99e669c5f20b640c65','\'\'',NULL,366085),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_63bcf37796929d99e669c5f20b640c65','\'\'',NULL,366086),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_63bcf37796929d99e669c5f20b640c65','\'\'',NULL,366087),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_d3d952f957df8f766028dd1b31af8041','\'Title: Hack-A-Sat 4 (HAS4)
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Department of the Air Force, in collaboration with the security research community, is hosting Hack-A-Sat 4 – the world’s first CTF in space. Hack-A-Sat 4 aims to enable security researchers of all levels to focus their skills and creativity on solving cyber security challenges on space systems and incentivize innovation in securing these systems. Hack-A-Sat 4 will be the first CTF hosted on an on-orbit satellite, called Moonlighter. The satellite has been designed and built to advance the security research community’s skills and knowledge of on-orbit space systems. Note: HAS4 is no longer open to new contestants as the qualifying event took place in April. Attendees stopping by the HAS4 contest area will be able to learn about the history of Hack-A-Sat, Moonlighter and this year’s challenges. The area will have live scoreboards, dashboards and visualizations relaying game status, and live commentary will be provided from the adjacent Aerospace Village throughout the weekend. \n \n

HAS4 Qualifications were held April 1-2, 2023. \n Results here: https://quals.2023.hackasat.com/scoreboard/complete\n

\n\n\'',NULL,366088),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_d3d952f957df8f766028dd1b31af8041','\'\'',NULL,366089),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_d3d952f957df8f766028dd1b31af8041','\'\'',NULL,366090),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_d3d952f957df8f766028dd1b31af8041','\'\'',NULL,366091),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_d3d952f957df8f766028dd1b31af8041','\'\'',NULL,366092),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_d3d952f957df8f766028dd1b31af8041','\'\'',NULL,366093),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_d3d952f957df8f766028dd1b31af8041','\'\'',NULL,366094),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Hack-A-Sat 4 (HAS4)\'','\' \'','CON_d3d952f957df8f766028dd1b31af8041','\'\'',NULL,366095),('4_Sunday','12','12:00','13:30','N','CON','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack-A-Sat 4 (HAS4) -- Closing Ceremony\'','\' \'','CON_d5fbeb0b224add80ed6ff664492b4686','\'Title: Hack-A-Sat 4 (HAS4) -- Closing Ceremony
\nWhen: Sunday, Aug 13, 12:00 - 13:30 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nThis event is the closing ceremony for the Hack-A-Sat 4 (HAS4) contest.\n
\n\n\'',NULL,366096),('4_Sunday','13','12:00','13:30','Y','CON','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack-A-Sat 4 (HAS4) -- Closing Ceremony\'','\' \'','CON_d5fbeb0b224add80ed6ff664492b4686','\'\'',NULL,366097),('2_Friday','17','17:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Hack3r Runw@y\'','\' \'','CON_7d51a96a67284bac5ae4f6dfaee1d9cb','\'Title: Hack3r Runw@y
\nWhen: Friday, Aug 11, 17:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nReturning to the stage for Defcon 30 was surreal and we’d be honored to return for the 5th year. Hack3r Runw@y brings out all the sheik geeks out there. It encourages rethinking fashion in the eyes of hackers. Be it smartwear, LED additions, obfuscation, cosplay or just everyday wear using fabrics and textures that are familiar to the community. Contestants can enter clothing, shoes, jewelry, hats or accessories. If it can be worn, it is perfect for the runway. For convenience, contestants can enter the contest with designs made ahead of the conference, however it needs to be made by them and not just store bought. Hack3r Runway is perfect for everyone whether technologically savvy or just crafty.\n

Awards will be handed out in 4 categories and one trophy for the People’s Choice category where the winner is anyone’s guess:\n- Digital wearable - LED, electronic, passive\n- Smart wear - interactive, temperature sensing, mood changing, card skimmers, etc\n- Aesthetics (non-electronic)- 3d printed, geeky/nerdy wear, obfuscation, cosplay\n- Functional wear - did you bling out your mask and/or shield, have a hazmat suit, lock pick earrings, cufflinks shims\n

Winners will be selected based on, but not limited to:\n- Uniqueness
\n- Trendy
\n- Practical
\n- Couture
\n- Creativity
\n- Relevance
\n- Originality
\n- Presentation
\n- Mastery\n

Friday and Saturday, 14:00 - 16:00, Signup to walk the Contest Stage/Runway 15:30-16:30, Stage show 17:00 - 18:00\n

--\n

Is for all ages but no kid specific category.\n

\n\n\'',NULL,366098),('3_Saturday','17','17:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Hack3r Runw@y\'','\' \'','CON_516315d293d6b6a1d5585694d593366f','\'Title: Hack3r Runw@y
\nWhen: Saturday, Aug 12, 17:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nReturning to the stage for Defcon 30 was surreal and we’d be honored to return for the 5th year. Hack3r Runw@y brings out all the sheik geeks out there. It encourages rethinking fashion in the eyes of hackers. Be it smartwear, LED additions, obfuscation, cosplay or just everyday wear using fabrics and textures that are familiar to the community. Contestants can enter clothing, shoes, jewelry, hats or accessories. If it can be worn, it is perfect for the runway. For convenience, contestants can enter the contest with designs made ahead of the conference, however it needs to be made by them and not just store bought. Hack3r Runway is perfect for everyone whether technologically savvy or just crafty.\n

Awards will be handed out in 4 categories and one trophy for the People’s Choice category where the winner is anyone’s guess:\n- Digital wearable - LED, electronic, passive\n- Smart wear - interactive, temperature sensing, mood changing, card skimmers, etc\n- Aesthetics (non-electronic)- 3d printed, geeky/nerdy wear, obfuscation, cosplay\n- Functional wear - did you bling out your mask and/or shield, have a hazmat suit, lock pick earrings, cufflinks shims\n

Winners will be selected based on, but not limited to:\n- Uniqueness
\n- Trendy
\n- Practical
\n- Couture
\n- Creativity
\n- Relevance
\n- Originality
\n- Presentation
\n- Mastery\n

Friday and Saturday, 14:00 - 16:00, Signup to walk the Contest Stage/Runway 15:30-16:30, Stage show 17:00 - 18:00\n

--\n

Is for all ages but no kid specific category.\n

\n\n\'',NULL,366099),('2_Friday','20','20:00','21:59','N','CON','Caesars Forum - Summit - 233 - Shared Stage','\'Hacker Jeopardy\'','\' \'','CON_8221d465e9e6afdf260f5f91574c1457','\'Title: Hacker Jeopardy
\nWhen: Friday, Aug 11, 20:00 - 21:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
\nDescription:
\nLintile: Hiya, ChatGPT, are you aware of the annual contest called Hacker Jeopardy at DEF CON? When is it?\n

ChatGPT: Yes, Hacker Jeopardy is a popular event at DEF CON. It\'s a parody of the television game show \"Jeopardy!\" but with a twist. Instead of general knowledge, the questions (or \"answers,\" in Jeopardy style) are focused on hacker culture, computer security, technology, and similar topics. The game consists of two preliminary rounds on Friday, and a final round on Saturday. Both shows start at 2000 Las Vegas time. Just like in the original game show, there are DFIU Doubles and a Final Hacker Jeopardy round. One unique aspect of Hacker Jeopardy that distinguishes it from the TV show is the incorporation of ADULT HUMOR, vulgarity, innuendo, and beer into the game. Please remember, my knowledge is current only up to September 2021, and if there have been any significant changes to Hacker Jeopardy after that, I would not be aware of them.\n

Lintile: What\'s the catch phrase of Hacker Jeopardy?\n

ChatGPT: The catch phrase of Hacker Jeopardy is \"Drink while you think\". This refers to the unique element of the game where contestants are encouraged to drink beer while they are attempting to come up with the correct response to the clues.\n

Lintile: That\'s not correct. The acronym of the catch phrase is DFIU.\n

ChatGPT: I apologize for the oversight. The catchphrase for Hacker Jeopardy at DEF CON is \"Don\'t Forget It\'s UNIX\" (DFIU), which is used humorously due to the historically significant role of Unix-based systems in hacking and network security. This phrase is often used to remind participants of the roots of many computer systems and infrastructures. I appreciate your patience and your correct information.\n

Note that this is an ADULT show with vulgarities and alcohol consumption, but if that doesn’t bother you, come enjoy one of the largest contests at DEF CON that you really need to see to believe! And as always, DFIU!\n

\n\'',NULL,366100),('2_Friday','21','20:00','21:59','Y','CON','Caesars Forum - Summit - 233 - Shared Stage','\'Hacker Jeopardy\'','\' \'','CON_8221d465e9e6afdf260f5f91574c1457','\'\'',NULL,366101),('3_Saturday','20','20:00','21:59','N','CON','Caesars Forum - Summit - 233 - Shared Stage','\'Hacker Jeopardy\'','\' \'','CON_6b62188180267a8669b7401e4c52fc09','\'Title: Hacker Jeopardy
\nWhen: Saturday, Aug 12, 20:00 - 21:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
\nDescription:
\nLintile: Hiya, ChatGPT, are you aware of the annual contest called Hacker Jeopardy at DEF CON? When is it?\n

ChatGPT: Yes, Hacker Jeopardy is a popular event at DEF CON. It\'s a parody of the television game show \"Jeopardy!\" but with a twist. Instead of general knowledge, the questions (or \"answers,\" in Jeopardy style) are focused on hacker culture, computer security, technology, and similar topics. The game consists of two preliminary rounds on Friday, and a final round on Saturday. Both shows start at 2000 Las Vegas time. Just like in the original game show, there are DFIU Doubles and a Final Hacker Jeopardy round. One unique aspect of Hacker Jeopardy that distinguishes it from the TV show is the incorporation of ADULT HUMOR, vulgarity, innuendo, and beer into the game. Please remember, my knowledge is current only up to September 2021, and if there have been any significant changes to Hacker Jeopardy after that, I would not be aware of them.\n

Lintile: What\'s the catch phrase of Hacker Jeopardy?\n

ChatGPT: The catch phrase of Hacker Jeopardy is \"Drink while you think\". This refers to the unique element of the game where contestants are encouraged to drink beer while they are attempting to come up with the correct response to the clues.\n

Lintile: That\'s not correct. The acronym of the catch phrase is DFIU.\n

ChatGPT: I apologize for the oversight. The catchphrase for Hacker Jeopardy at DEF CON is \"Don\'t Forget It\'s UNIX\" (DFIU), which is used humorously due to the historically significant role of Unix-based systems in hacking and network security. This phrase is often used to remind participants of the roots of many computer systems and infrastructures. I appreciate your patience and your correct information.\n

Note that this is an ADULT show with vulgarities and alcohol consumption, but if that doesn’t bother you, come enjoy one of the largest contests at DEF CON that you really need to see to believe! And as always, DFIU!\n

\n\'',NULL,366102),('3_Saturday','21','20:00','21:59','Y','CON','Caesars Forum - Summit - 233 - Shared Stage','\'Hacker Jeopardy\'','\' \'','CON_6b62188180267a8669b7401e4c52fc09','\'\'',NULL,366103),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f','\'Title: HackFortress
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nHackfortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers, TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.\n
\n

-- \n

Kid friendly, as long as they want to play a 16 year old FPS.\n

\n\'',NULL,366104),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f','\'\'',NULL,366105),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f','\'\'',NULL,366106),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f','\'\'',NULL,366107),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f','\'\'',NULL,366108),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f','\'\'',NULL,366109),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f','\'\'',NULL,366110),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f','\'\'',NULL,366111),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae','\'Title: HackFortress
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nHackfortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers, TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.\n
\n

-- \n

Kid friendly, as long as they want to play a 16 year old FPS.\n

\n\'',NULL,366112),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae','\'\'',NULL,366113),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae','\'\'',NULL,366114),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae','\'\'',NULL,366115),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae','\'\'',NULL,366116),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae','\'\'',NULL,366117),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae','\'\'',NULL,366118),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'HackFortress\'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae','\'\'',NULL,366119),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2','\'Title: Ham Radio Fox Hunting Contest
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nIn the world of amateur radio, groups of hams will often put together a transmitter hunt (also called \"fox hunting\") in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. Each transmitter will provide a clue or code which will prove the player found the fox transmitter. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon at the contest table to help people who find themselves stuck. A small prize to be determined will be given to each participant who locates all of the foxes each day.\n

Expanded this year with increased difficulty each day. Friday: Foxes in a small area, non moving Saturday: Foxes in a larger area, with one moving. Sunday: Foxes are on the move. The hunt is on!\n

There will also be a beginner friendly, no radio required, Infrared LED Fox Hunt running everyday which participants can use their cameras on their phones to find!\n

--\n

We have had many kids participate and complete the contest over the years... and they\'ve all had a blast doing so.\n

\n\n\'',NULL,366120),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2','\'\'',NULL,366121),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2','\'\'',NULL,366122),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2','\'\'',NULL,366123),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2','\'\'',NULL,366124),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2','\'\'',NULL,366125),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2','\'\'',NULL,366126),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2','\'\'',NULL,366127),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_8e940209b02dc3fb39ef6471567b9904','\'Title: Ham Radio Fox Hunting Contest
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nIn the world of amateur radio, groups of hams will often put together a transmitter hunt (also called \"fox hunting\") in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. Each transmitter will provide a clue or code which will prove the player found the fox transmitter. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon at the contest table to help people who find themselves stuck. A small prize to be determined will be given to each participant who locates all of the foxes each day.\n

Expanded this year with increased difficulty each day. Friday: Foxes in a small area, non moving Saturday: Foxes in a larger area, with one moving. Sunday: Foxes are on the move. The hunt is on!\n

There will also be a beginner friendly, no radio required, Infrared LED Fox Hunt running everyday which participants can use their cameras on their phones to find!\n

--\n

We have had many kids participate and complete the contest over the years... and they\'ve all had a blast doing so.\n

\n\n\'',NULL,366128),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_8e940209b02dc3fb39ef6471567b9904','\'\'',NULL,366129),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c','\'Title: Ham Radio Fox Hunting Contest
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nIn the world of amateur radio, groups of hams will often put together a transmitter hunt (also called \"fox hunting\") in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. Each transmitter will provide a clue or code which will prove the player found the fox transmitter. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon at the contest table to help people who find themselves stuck. A small prize to be determined will be given to each participant who locates all of the foxes each day.\n

Expanded this year with increased difficulty each day. Friday: Foxes in a small area, non moving Saturday: Foxes in a larger area, with one moving. Sunday: Foxes are on the move. The hunt is on!\n

There will also be a beginner friendly, no radio required, Infrared LED Fox Hunt running everyday which participants can use their cameras on their phones to find!\n

--\n

We have had many kids participate and complete the contest over the years... and they\'ve all had a blast doing so.\n

\n\n\'',NULL,366130),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c','\'\'',NULL,366131),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c','\'\'',NULL,366132),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c','\'\'',NULL,366133),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c','\'\'',NULL,366134),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c','\'\'',NULL,366135),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c','\'\'',NULL,366136),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Ham Radio Fox Hunting Contest\'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c','\'\'',NULL,366137),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860','\'Title: Hardware Hacking Village CTF
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nThe DEF CON Hardware Hacking Village CTF is back again! Come put your skills to the test against other hackers. The contest is structured so that everyone should be able to gain some flags, and even the experienced will sweet a few drops to get them all.\n

Heat up your soldering iron and freshen the batteries in your multimeter! The Hardware Hacking Village (HHV) is hosting their first official DEF CON Capture the Flag (CTF). This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you\'re new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.\n

\n\n\'',NULL,366138),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860','\'\'',NULL,366139),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860','\'\'',NULL,366140),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860','\'\'',NULL,366141),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860','\'\'',NULL,366142),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860','\'\'',NULL,366143),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860','\'\'',NULL,366144),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860','\'\'',NULL,366145),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e8623a09b8fa75ab926003c153211b8d','\'Title: Hardware Hacking Village CTF
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nThe DEF CON Hardware Hacking Village CTF is back again! Come put your skills to the test against other hackers. The contest is structured so that everyone should be able to gain some flags, and even the experienced will sweet a few drops to get them all.\n

Heat up your soldering iron and freshen the batteries in your multimeter! The Hardware Hacking Village (HHV) is hosting their first official DEF CON Capture the Flag (CTF). This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you\'re new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.\n

\n\n\'',NULL,366146),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e8623a09b8fa75ab926003c153211b8d','\'\'',NULL,366147),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac','\'Title: Hardware Hacking Village CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nThe DEF CON Hardware Hacking Village CTF is back again! Come put your skills to the test against other hackers. The contest is structured so that everyone should be able to gain some flags, and even the experienced will sweet a few drops to get them all.\n

Heat up your soldering iron and freshen the batteries in your multimeter! The Hardware Hacking Village (HHV) is hosting their first official DEF CON Capture the Flag (CTF). This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you\'re new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.\n

\n\n\'',NULL,366148),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac','\'\'',NULL,366149),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac','\'\'',NULL,366150),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac','\'\'',NULL,366151),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac','\'\'',NULL,366152),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac','\'\'',NULL,366153),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac','\'\'',NULL,366154),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village CTF\'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac','\'\'',NULL,366155),('4_Sunday','09','09:00','12:59','N','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_fb2c0576316cd189c2187394ec3800e6','\'Title: HardWired
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nDon\'t know how to make a network cable and want to learn? Has it been years? Or do you think you\'re a pro? Come test your skills against the clock, and make the best cable at con!\n
\n\n\'',NULL,366156),('4_Sunday','10','09:00','12:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_fb2c0576316cd189c2187394ec3800e6','\'\'',NULL,366157),('4_Sunday','11','09:00','12:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_fb2c0576316cd189c2187394ec3800e6','\'\'',NULL,366158),('4_Sunday','12','09:00','12:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_fb2c0576316cd189c2187394ec3800e6','\'\'',NULL,366159),('3_Saturday','09','09:00','17:59','N','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'Title: HardWired
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nDon\'t know how to make a network cable and want to learn? Has it been years? Or do you think you\'re a pro? Come test your skills against the clock, and make the best cable at con!\n
\n\n\'',NULL,366160),('3_Saturday','10','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'\'',NULL,366161),('3_Saturday','11','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'\'',NULL,366162),('3_Saturday','12','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'\'',NULL,366163),('3_Saturday','13','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'\'',NULL,366164),('3_Saturday','14','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'\'',NULL,366165),('3_Saturday','15','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'\'',NULL,366166),('3_Saturday','16','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'\'',NULL,366167),('3_Saturday','17','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723','\'\'',NULL,366168),('2_Friday','09','09:00','17:59','N','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'Title: HardWired
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nDon\'t know how to make a network cable and want to learn? Has it been years? Or do you think you\'re a pro? Come test your skills against the clock, and make the best cable at con!\n
\n\n\'',NULL,366169),('2_Friday','10','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'\'',NULL,366170),('2_Friday','11','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'\'',NULL,366171),('2_Friday','12','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'\'',NULL,366172),('2_Friday','13','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'\'',NULL,366173),('2_Friday','14','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'\'',NULL,366174),('2_Friday','15','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'\'',NULL,366175),('2_Friday','16','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'\'',NULL,366176),('2_Friday','17','09:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'HardWired\'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719','\'\'',NULL,366177),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'IntelOps - Operation Spacewatch\'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998','\'Title: IntelOps - Operation Spacewatch
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nWelcome to IntelOps - Operation Spacewatch! This is a game that pits you against threat actors in the near future, who are trying to trigger nuclear war! Using cyber threat intelligence, it is up to you to support cyber protection teams to defend a vital satellite constellation and prevent a hacker network from undermining your collective defense in a race against time.\n

Description of the event
\nThe event will host three simultaneous instances of a team game. Teams consist of three players each. Nine players can play at a time. We will provide three laptops and displays, along with three facilitators to ensure a smooth and enjoyable experience. Each game is 20 minutes duration, allowing up to 300 players to play the game in-person on the day.\nWe have successfully delivered similar games to large groups of participants in the past, and we are confident that this event will add to the success of DEF CON 31.\n

Description of the game
\nCyber Threat Intelligence (CTI) deals with information from past attacks, malware analysis and evolving threats in cyberspace. CTI enables enhanced decisions and to get ahead of the cyber attack. But how can I apply CTI and use it? The game \"IntelOps - Operation Spacewatch\" aims to improve players\' understanding of CTI. Participants learn about different frameworks, sources and types of CTI and how they can use CTI data in a fun way. The game is built to not only teach terms and theory but apply CTI in a real-world context.\nThe game is based on four major CTI and cyber security models. These are the NIST Cyber Security Framework (CSF), MITRE ATT&CK Matrix, the Cyber Kill Chain and the Pyramid of Pain. \nAs a player, you are part of the United Nations (UN) CTI team and assigned to the mission to stop the attack on the satellite constellation. Your task is to use the available CTI your team has collected and assist the other members of the UN Cyber Protection Team (CPT).\nThe players find themselves in a near future scenario where every nation has access to ballistic-launched nuclear weapons. For monitoring and control purposes, the United Nations has established a global satellite defense system to detect ballistic and hypersonic missile launches. The defense system allows the UN to be able to react immediately when suspicious activities on the weapons are detected. A global hacker network is threatening to disable the satellite constellation to use nuclear weapons for their purposes.\nThere are 32 satellites in the global defense system your team has to protect. If 4 or more satellites are compromised and deactivated, the hacker network successfully disenabled the defense system and can take control of the nuclear weapons. It is your mission to protect the satellite network and ensure the availability of the global defense system.\n

The players are provided with the following game components:\n- CTI information in form of a card deck;\n- An overview of the satellite network and the satellite’s availability status;\n- The status and progress of the cyber attackpresented with the Cyber Kill Chain;\n- The Pyramid of Pain to allocate and classify the CTI data;\n- A NIST CSF game board to place and apply the CTI information;\n- Scenario description.\n

While the CTI cards and the NIST CSF game board are provided as physical components, the Cyber Kill Chain, the satellite network and the Pyramid of Pain will be displayed on a monitor managed through a laptop by the game facilitators.\n

Summary of gameplay
\nThe CTI cards must be played strategically to stop the cyber attack. The number of cards and information as well as the number of packages that can be sent to the satellites are limited. The CTI cards must be applied to each NIST CSF phase. Each phase of the NIST CSF has limited fields for applying the CTI information. The limitation is based on the limited number of packets that can be sent to the satellite network. The game includes four turns in total to save the satellite network. Depending on the effectiveness of the CTI application, there is a chance to stop the attack at every turn. The status of the cyber attack and the effectiveness of the applied CTI information is presented with the help of the Cyber Kill Chain. It represents the attacker\'s view. If the chosen CTI strategy and application were not successful, the team loses a satellite to the hacker network. In this case, the colour of a satellite on the monitor changes from red to green.\n

Game duration
\nEvery game last 20 minutes in total. Each turn, the players have 5 minutes to decide on their CTI strategy, apply the information to the NIST CSF board and stop the attack. There are a maximum of four turns to a game.\n

\n\n\'',NULL,366178),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'IntelOps - Operation Spacewatch\'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998','\'\'',NULL,366179),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'IntelOps - Operation Spacewatch\'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998','\'\'',NULL,366180),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'IntelOps - Operation Spacewatch\'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998','\'\'',NULL,366181),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'IntelOps - Operation Spacewatch\'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998','\'\'',NULL,366182),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'IntelOps - Operation Spacewatch\'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998','\'\'',NULL,366183),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'IntelOps - Operation Spacewatch\'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998','\'\'',NULL,366184),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'IntelOps - Operation Spacewatch\'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998','\'\'',NULL,366185),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f','\'Title: IoT Village CTF
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nHosted in IoT Village, teams of 1-6 players compete against one another by exploiting off-the-shelf IoT devices. This has been completely redesigned from previous contests, and features real-world devices that all have real-world vulnerabilities with real-world impacts. \n \n

This CTF is open to anyone! It is approachable for entry level people to experience getting their first root shell on IoT, but to really advance in this CTF teams will need to perform detailed vulnerability research, hardware hacking, firmware analysis, reverse engineering, and limited exploit development. \n \n

CTFs are a great experience to learn more about security and test your skills, and the IoT CTF provides the most realistic hacking experience around! So, join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can during the con and the top three teams will be rewarded.\n

\n\n\'',NULL,366186),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f','\'\'',NULL,366187),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f','\'\'',NULL,366188),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f','\'\'',NULL,366189),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f','\'\'',NULL,366190),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f','\'\'',NULL,366191),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f','\'\'',NULL,366192),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f','\'\'',NULL,366193),('4_Sunday','10','10:00','13:59','N','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_05a6b4753a2786bd5dbf8e523bb779ba','\'Title: IoT Village CTF
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nHosted in IoT Village, teams of 1-6 players compete against one another by exploiting off-the-shelf IoT devices. This has been completely redesigned from previous contests, and features real-world devices that all have real-world vulnerabilities with real-world impacts. \n \n

This CTF is open to anyone! It is approachable for entry level people to experience getting their first root shell on IoT, but to really advance in this CTF teams will need to perform detailed vulnerability research, hardware hacking, firmware analysis, reverse engineering, and limited exploit development. \n \n

CTFs are a great experience to learn more about security and test your skills, and the IoT CTF provides the most realistic hacking experience around! So, join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can during the con and the top three teams will be rewarded.\n

\n\n\'',NULL,366194),('4_Sunday','11','10:00','13:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_05a6b4753a2786bd5dbf8e523bb779ba','\'\'',NULL,366195),('4_Sunday','12','10:00','13:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_05a6b4753a2786bd5dbf8e523bb779ba','\'\'',NULL,366196),('4_Sunday','13','10:00','13:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_05a6b4753a2786bd5dbf8e523bb779ba','\'\'',NULL,366197),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_33f6843b4a4e1253d8990e311920946f','\'Title: IoT Village CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nHosted in IoT Village, teams of 1-6 players compete against one another by exploiting off-the-shelf IoT devices. This has been completely redesigned from previous contests, and features real-world devices that all have real-world vulnerabilities with real-world impacts. \n \n

This CTF is open to anyone! It is approachable for entry level people to experience getting their first root shell on IoT, but to really advance in this CTF teams will need to perform detailed vulnerability research, hardware hacking, firmware analysis, reverse engineering, and limited exploit development. \n \n

CTFs are a great experience to learn more about security and test your skills, and the IoT CTF provides the most realistic hacking experience around! So, join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can during the con and the top three teams will be rewarded.\n

\n\n\'',NULL,366198),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_33f6843b4a4e1253d8990e311920946f','\'\'',NULL,366199),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_33f6843b4a4e1253d8990e311920946f','\'\'',NULL,366200),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_33f6843b4a4e1253d8990e311920946f','\'\'',NULL,366201),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_33f6843b4a4e1253d8990e311920946f','\'\'',NULL,366202),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_33f6843b4a4e1253d8990e311920946f','\'\'',NULL,366203),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_33f6843b4a4e1253d8990e311920946f','\'\'',NULL,366204),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village CTF\'','\' \'','CON_33f6843b4a4e1253d8990e311920946f','\'\'',NULL,366205),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe','\'Title: It\'s In That Place Where I Put That Thing That Time
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nYour friend called. They had their place raided. They swear it\'s a setup. But now they\'re in jail and you\'re the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It\'s in that place where I put that thing that time.\" Good luck.\n
\n\n\'',NULL,366206),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe','\'\'',NULL,366207),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe','\'\'',NULL,366208),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe','\'\'',NULL,366209),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe','\'\'',NULL,366210),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe','\'\'',NULL,366211),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe','\'\'',NULL,366212),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe','\'\'',NULL,366213),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b','\'Title: It\'s In That Place Where I Put That Thing That Time
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nYour friend called. They had their place raided. They swear it\'s a setup. But now they\'re in jail and you\'re the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was \"It\'s in that place where I put that thing that time.\" Good luck.\n
\n\n\'',NULL,366214),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b','\'\'',NULL,366215),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b','\'\'',NULL,366216),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b','\'\'',NULL,366217),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b','\'\'',NULL,366218),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b','\'\'',NULL,366219),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b','\'\'',NULL,366220),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'It\'s In That Place Where I Put That Thing That Time\'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b','\'\'',NULL,366221),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_77d31650117071b79d6aa07bbba67444','\'Title: Maps of the digital lands
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nMaps of the Digital Lands is an all-ages contest that challenges participants to merge their artistic talents with their technical expertise. Contestants will be provided with a diverse array of written business designs and must hand-draw a network diagram illustrating the structure and interconnectivity of each business\'s infrastructure. Judging will be based on accuracy, adherence to best practices, and artistic prowess. In addition, a captivating Capture the Flag scenario will be available for extra points, employing a digital tool to elevate the challenge. Participants of all skill levels are encouraged to join this immersive experience, compete for assorted prizes, and showcase their unique ability to blend artistry with network engineering excellence. Network engineering is a crucial yet frequently overlooked aspect of hacking, forming the backbone of a secure and efficient cyber ecosystem. By honing their network engineering skills, participants can elevate their abilities beyond mere script kiddie status, gaining a comprehensive understanding of system vulnerabilities and strengthening their overall hacking prowess.\n
\n\n\'',NULL,366222),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_77d31650117071b79d6aa07bbba67444','\'\'',NULL,366223),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776','\'Title: Maps of the digital lands
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nMaps of the Digital Lands is an all-ages contest that challenges participants to merge their artistic talents with their technical expertise. Contestants will be provided with a diverse array of written business designs and must hand-draw a network diagram illustrating the structure and interconnectivity of each business\'s infrastructure. Judging will be based on accuracy, adherence to best practices, and artistic prowess. In addition, a captivating Capture the Flag scenario will be available for extra points, employing a digital tool to elevate the challenge. Participants of all skill levels are encouraged to join this immersive experience, compete for assorted prizes, and showcase their unique ability to blend artistry with network engineering excellence. Network engineering is a crucial yet frequently overlooked aspect of hacking, forming the backbone of a secure and efficient cyber ecosystem. By honing their network engineering skills, participants can elevate their abilities beyond mere script kiddie status, gaining a comprehensive understanding of system vulnerabilities and strengthening their overall hacking prowess.\n
\n\n\'',NULL,366224),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776','\'\'',NULL,366225),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776','\'\'',NULL,366226),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776','\'\'',NULL,366227),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776','\'\'',NULL,366228),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776','\'\'',NULL,366229),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776','\'\'',NULL,366230),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776','\'\'',NULL,366231),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee','\'Title: Maps of the digital lands
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nMaps of the Digital Lands is an all-ages contest that challenges participants to merge their artistic talents with their technical expertise. Contestants will be provided with a diverse array of written business designs and must hand-draw a network diagram illustrating the structure and interconnectivity of each business\'s infrastructure. Judging will be based on accuracy, adherence to best practices, and artistic prowess. In addition, a captivating Capture the Flag scenario will be available for extra points, employing a digital tool to elevate the challenge. Participants of all skill levels are encouraged to join this immersive experience, compete for assorted prizes, and showcase their unique ability to blend artistry with network engineering excellence. Network engineering is a crucial yet frequently overlooked aspect of hacking, forming the backbone of a secure and efficient cyber ecosystem. By honing their network engineering skills, participants can elevate their abilities beyond mere script kiddie status, gaining a comprehensive understanding of system vulnerabilities and strengthening their overall hacking prowess.\n
\n\n\'',NULL,366232),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee','\'\'',NULL,366233),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee','\'\'',NULL,366234),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee','\'\'',NULL,366235),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee','\'\'',NULL,366236),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee','\'\'',NULL,366237),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee','\'\'',NULL,366238),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Maps of the digital lands\'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee','\'\'',NULL,366239),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_1e912ad82ce62c32a861362335ba2271','\'Title: Octopus Game
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nOctopus Game is back for a second year! This contest is a battle royale style competition where fun and friendship is the goal. This year players will meet together in various locations at the same time for group competition through through fun games. 128 players will enter, but only 1 will be crowned the Octopus CHAMPION. Join us, make some new friends and remember: only the best will prevail!\n
\n\n\'',NULL,366240),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_1e912ad82ce62c32a861362335ba2271','\'\'',NULL,366241),('2_Friday','10','10:00','13:59','N','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_324a2b6dff24e99b99c57aea09795acf','\'Title: Octopus Game
\nWhen: Friday, Aug 11, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nOctopus Game is back for a second year! This contest is a battle royale style competition where fun and friendship is the goal. This year players will meet together in various locations at the same time for group competition through through fun games. 128 players will enter, but only 1 will be crowned the Octopus CHAMPION. Join us, make some new friends and remember: only the best will prevail!\n
\n\n\'',NULL,366242),('2_Friday','11','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_324a2b6dff24e99b99c57aea09795acf','\'\'',NULL,366243),('2_Friday','12','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_324a2b6dff24e99b99c57aea09795acf','\'\'',NULL,366244),('2_Friday','13','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_324a2b6dff24e99b99c57aea09795acf','\'\'',NULL,366245),('3_Saturday','10','10:00','13:59','N','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_32f6f172e36bafa1250ac2d314a4c9c7','\'Title: Octopus Game
\nWhen: Saturday, Aug 12, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nOctopus Game is back for a second year! This contest is a battle royale style competition where fun and friendship is the goal. This year players will meet together in various locations at the same time for group competition through through fun games. 128 players will enter, but only 1 will be crowned the Octopus CHAMPION. Join us, make some new friends and remember: only the best will prevail!\n
\n\n\'',NULL,366246),('3_Saturday','11','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_32f6f172e36bafa1250ac2d314a4c9c7','\'\'',NULL,366247),('3_Saturday','12','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_32f6f172e36bafa1250ac2d314a4c9c7','\'\'',NULL,366248),('3_Saturday','13','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Octopus Game\'','\' \'','CON_32f6f172e36bafa1250ac2d314a4c9c7','\'\'',NULL,366249),('2_Friday','10','10:00','19:59','N','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'Title: pTFS Presents: Mayhem Industries – Starphish
\nWhen: Friday, Aug 11, 10:00 - 19:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nDo you have what it takes to go up against Mayhem Industries\' latest maleficent project? Starphish Ltd. is up to no good in that way that only corporations can be. They\'ve got five Divisions, which means you\'ve got five opportunities to shut them down!\n

It won\'t be easy. You\'ll be directing a team of infiltrators through increasingly difficult challenges. What sort of challenges? Depends on the Division. Engineering is full of crunchy hacking challenges. HR\'s got the goods on social engineering. Finance\'ll be data processing the whole way.\n

And the C-suite? Most dangerous of all… We\'ve never been able to get an operative inside, so they could be anything. We\'re counting on you.\n

Starphish is a fun and interactive jeopardy style CTF contest. Don\'t worry if you don\'t know what that means. Winning will require demonstrating a wide range of hacking skills, but participating is encouraged for all ability levels. Challenges range from simple puzzles, to challenging crypto problems, to truly phishy hijinks.\n

pTFS is a hacker collective that has been competing in various DEF CON contests for almost 15 years.\n

\n\n\'',NULL,366250),('2_Friday','11','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366251),('2_Friday','12','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366252),('2_Friday','13','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366253),('2_Friday','14','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366254),('2_Friday','15','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366255),('2_Friday','16','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366256),('2_Friday','17','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366257),('2_Friday','18','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366258),('2_Friday','19','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'pTFS Presents: Mayhem Industries – Starphish\'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7','\'\'',NULL,366259),('2_Friday','18','18:00','20:30','N','CON','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Pub Quiz at DEF CON\'','\' \'','CON_39914b9d6b01b833ebdd5d087f6fea8f','\'Title: Pub Quiz at DEF CON
\nWhen: Friday, Aug 11, 18:00 - 20:30 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\n
\nDescription:
\nDo you like Pub Quiz please join us in participating in the first ever Pub Quiz at DEF CON. Quiz will consist of 7 rounds from Question from 90s TV shows, Movies, and DEF CON questions. The quiz will be theme will be all things DEF CON. There will be visual and audio rounds so not just boring questions. People will group into teams of 5 and a cash prize will be provided for 1st, 2nd, and 3rd high scoring groups. Ties will be broken by a dance off from a person of the tied teams. \n

1st Prize $1,000
\n2nd Prize $300
\n3rd Prize $200 \n

\n\n\'',NULL,366260),('2_Friday','19','18:00','20:30','Y','CON','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Pub Quiz at DEF CON\'','\' \'','CON_39914b9d6b01b833ebdd5d087f6fea8f','\'\'',NULL,366261),('2_Friday','20','18:00','20:30','Y','CON','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Pub Quiz at DEF CON\'','\' \'','CON_39914b9d6b01b833ebdd5d087f6fea8f','\'\'',NULL,366262),('2_Friday','10','10:00','12:59','N','CON','Virtual','\'Radio Frequency Capture the Flag\'','\' \'','CON_00e2cd73d4698c09b5d085fcf2397272','\'Title: Radio Frequency Capture the Flag
\nWhen: Friday, Aug 11, 10:00 - 12:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nDo you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?\n

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 31. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\n

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our new virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\n

There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n

FOR THE NEW FOLKS\n

Our virtual RFCTF environment is played remotely over ssh or through a web browser. It may help to have additional tools installed on your local machine, but it is not required.\n

Read the presentations at: https://rfhackers.com/resources\n

Hybrid Fun\n

For DEF CON 31 we will be running in “Hybrid” mode. That means we will have both a physical presence AND the virtual game running simultaneously. All of the challenges we have perfected in the last 2 years in our virtual game will be up and running, available to anyone all over the world (including at the conference), entirely free. In addition to the virtual challenges, we will also have a large number of “in person” only challenges, which do require valid conference admission. These “in-person” only challenges will include our traditional fox hunts, hide and seeks, and king of the hill challenges. Additionally, we will have many challenges which we simply haven’t had time or ability to virtualize. Playing only the virtual game will severely limit the maximum available points which you can score, therefore don’t expect to place. If you play virtual only, consider the game an opportunity to learn, practice, hone your skills, and still get on the scoreboard for bragging rights. The virtual challenges which are available will have the same flags as the in-person challenges, allowing physical attendees the choice of hacking those challenges using either (or both) methods of access.\n

THE GAME\n

To score you will need to submit flags which will range from decoding transmissions in the spectrum, passphrases used to gain access to wireless access points, or even files located on servers. Once you capture the flag, submit it to the scoreboard right away, if you are confident it is correct. Flags will be worth less points the more often they are solved. Offense and defense are fully in play by the participants, the RFCTF organizers, and the Conference itself. Play nice, and we might also play nice.\n

Getting started guide: https://github.com/rfhs/rfhs-wiki/wiki\n

Helpful files (in-brief, wordlist, resources) can be found at https://github.com/rfhs/rfctf-files\n

Support tickets may be opened at https://github.com/rfhs/rfctf-support/issues\n

Our whole game is also open source and available at: https://github.com/rfhs/rfctf-container\n

\n\n\'',NULL,366263),('2_Friday','11','10:00','12:59','Y','CON','Virtual','\'Radio Frequency Capture the Flag\'','\' \'','CON_00e2cd73d4698c09b5d085fcf2397272','\'\'',NULL,366264),('2_Friday','12','10:00','12:59','Y','CON','Virtual','\'Radio Frequency Capture the Flag\'','\' \'','CON_00e2cd73d4698c09b5d085fcf2397272','\'\'',NULL,366265),('4_Sunday','10','10:00','12:59','N','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_d0a6eff246102d9e9b75551655b7de19','\'Title: Radio Frequency Capture the Flag
\nWhen: Sunday, Aug 13, 10:00 - 12:59 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
\nDescription:
\nDo you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?\n

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 31. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\n

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our new virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\n

There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n

FOR THE NEW FOLKS\n

Our virtual RFCTF environment is played remotely over ssh or through a web browser. It may help to have additional tools installed on your local machine, but it is not required.\n

Read the presentations at: https://rfhackers.com/resources\n

Hybrid Fun\n

For DEF CON 31 we will be running in “Hybrid” mode. That means we will have both a physical presence AND the virtual game running simultaneously. All of the challenges we have perfected in the last 2 years in our virtual game will be up and running, available to anyone all over the world (including at the conference), entirely free. In addition to the virtual challenges, we will also have a large number of “in person” only challenges, which do require valid conference admission. These “in-person” only challenges will include our traditional fox hunts, hide and seeks, and king of the hill challenges. Additionally, we will have many challenges which we simply haven’t had time or ability to virtualize. Playing only the virtual game will severely limit the maximum available points which you can score, therefore don’t expect to place. If you play virtual only, consider the game an opportunity to learn, practice, hone your skills, and still get on the scoreboard for bragging rights. The virtual challenges which are available will have the same flags as the in-person challenges, allowing physical attendees the choice of hacking those challenges using either (or both) methods of access.\n

THE GAME\n

To score you will need to submit flags which will range from decoding transmissions in the spectrum, passphrases used to gain access to wireless access points, or even files located on servers. Once you capture the flag, submit it to the scoreboard right away, if you are confident it is correct. Flags will be worth less points the more often they are solved. Offense and defense are fully in play by the participants, the RFCTF organizers, and the Conference itself. Play nice, and we might also play nice.\n

Getting started guide: https://github.com/rfhs/rfhs-wiki/wiki\n

Helpful files (in-brief, wordlist, resources) can be found at https://github.com/rfhs/rfctf-files\n

Support tickets may be opened at https://github.com/rfhs/rfctf-support/issues\n

Our whole game is also open source and available at: https://github.com/rfhs/rfctf-container\n

\n\n\'',NULL,366266),('4_Sunday','11','10:00','12:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_d0a6eff246102d9e9b75551655b7de19','\'\'',NULL,366267),('4_Sunday','12','10:00','12:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_d0a6eff246102d9e9b75551655b7de19','\'\'',NULL,366268),('3_Saturday','10','10:00','17:59','N','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01','\'Title: Radio Frequency Capture the Flag
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
\nDescription:
\nDo you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?\n

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 31. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\n

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our new virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\n

There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n

FOR THE NEW FOLKS\n

Our virtual RFCTF environment is played remotely over ssh or through a web browser. It may help to have additional tools installed on your local machine, but it is not required.\n

Read the presentations at: https://rfhackers.com/resources\n

Hybrid Fun\n

For DEF CON 31 we will be running in “Hybrid” mode. That means we will have both a physical presence AND the virtual game running simultaneously. All of the challenges we have perfected in the last 2 years in our virtual game will be up and running, available to anyone all over the world (including at the conference), entirely free. In addition to the virtual challenges, we will also have a large number of “in person” only challenges, which do require valid conference admission. These “in-person” only challenges will include our traditional fox hunts, hide and seeks, and king of the hill challenges. Additionally, we will have many challenges which we simply haven’t had time or ability to virtualize. Playing only the virtual game will severely limit the maximum available points which you can score, therefore don’t expect to place. If you play virtual only, consider the game an opportunity to learn, practice, hone your skills, and still get on the scoreboard for bragging rights. The virtual challenges which are available will have the same flags as the in-person challenges, allowing physical attendees the choice of hacking those challenges using either (or both) methods of access.\n

THE GAME\n

To score you will need to submit flags which will range from decoding transmissions in the spectrum, passphrases used to gain access to wireless access points, or even files located on servers. Once you capture the flag, submit it to the scoreboard right away, if you are confident it is correct. Flags will be worth less points the more often they are solved. Offense and defense are fully in play by the participants, the RFCTF organizers, and the Conference itself. Play nice, and we might also play nice.\n

Getting started guide: https://github.com/rfhs/rfhs-wiki/wiki\n

Helpful files (in-brief, wordlist, resources) can be found at https://github.com/rfhs/rfctf-files\n

Support tickets may be opened at https://github.com/rfhs/rfctf-support/issues\n

Our whole game is also open source and available at: https://github.com/rfhs/rfctf-container\n

\n\n\'',NULL,366269),('3_Saturday','11','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01','\'\'',NULL,366270),('3_Saturday','12','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01','\'\'',NULL,366271),('3_Saturday','13','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01','\'\'',NULL,366272),('3_Saturday','14','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01','\'\'',NULL,366273),('3_Saturday','15','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01','\'\'',NULL,366274),('3_Saturday','16','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01','\'\'',NULL,366275),('3_Saturday','17','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01','\'\'',NULL,366276),('2_Friday','10','10:00','17:59','N','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa','\'Title: Radio Frequency Capture the Flag
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
\nDescription:
\nDo you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?\n

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 31. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\n

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our new virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\n

There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n

FOR THE NEW FOLKS\n

Our virtual RFCTF environment is played remotely over ssh or through a web browser. It may help to have additional tools installed on your local machine, but it is not required.\n

Read the presentations at: https://rfhackers.com/resources\n

Hybrid Fun\n

For DEF CON 31 we will be running in “Hybrid” mode. That means we will have both a physical presence AND the virtual game running simultaneously. All of the challenges we have perfected in the last 2 years in our virtual game will be up and running, available to anyone all over the world (including at the conference), entirely free. In addition to the virtual challenges, we will also have a large number of “in person” only challenges, which do require valid conference admission. These “in-person” only challenges will include our traditional fox hunts, hide and seeks, and king of the hill challenges. Additionally, we will have many challenges which we simply haven’t had time or ability to virtualize. Playing only the virtual game will severely limit the maximum available points which you can score, therefore don’t expect to place. If you play virtual only, consider the game an opportunity to learn, practice, hone your skills, and still get on the scoreboard for bragging rights. The virtual challenges which are available will have the same flags as the in-person challenges, allowing physical attendees the choice of hacking those challenges using either (or both) methods of access.\n

THE GAME\n

To score you will need to submit flags which will range from decoding transmissions in the spectrum, passphrases used to gain access to wireless access points, or even files located on servers. Once you capture the flag, submit it to the scoreboard right away, if you are confident it is correct. Flags will be worth less points the more often they are solved. Offense and defense are fully in play by the participants, the RFCTF organizers, and the Conference itself. Play nice, and we might also play nice.\n

Getting started guide: https://github.com/rfhs/rfhs-wiki/wiki\n

Helpful files (in-brief, wordlist, resources) can be found at https://github.com/rfhs/rfctf-files\n

Support tickets may be opened at https://github.com/rfhs/rfctf-support/issues\n

Our whole game is also open source and available at: https://github.com/rfhs/rfctf-container\n

\n\n\'',NULL,366277),('2_Friday','11','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa','\'\'',NULL,366278),('2_Friday','12','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa','\'\'',NULL,366279),('2_Friday','13','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa','\'\'',NULL,366280),('2_Friday','14','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa','\'\'',NULL,366281),('2_Friday','15','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa','\'\'',NULL,366282),('2_Friday','16','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa','\'\'',NULL,366283),('2_Friday','17','10:00','17:59','Y','CON','Flamingo - Eldorado - Radio Frequency Village','\'Radio Frequency Capture the Flag\'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa','\'\'',NULL,366284),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_5e337af57d8e14f9884426e6d3f43925','\'Title: Red Alert ICS CTF
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nRed Alert ICS CTF is a competition for Hackers by Hackers. The event exclusively focuses on having the participants break through several layers of security in our virtual SCADA environment and eventually take over complete control of the SCADA system.\n \n

The contest would house actual ICS (Industrial Control System) devices from various vendors on a testbed showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\n \n

Red Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF at DEF CON 30, DEF CON 29, DEF CON 27 and DEF CON 26 (Black Badge).\n \n

Highlights of the previous Red Alert ICS CTF is available at: https://www.youtube.com/watch?v=dz7hNnavHaY and https://youtu.be/AanKdrrQ0u0\n

\n\n\'',NULL,366285),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_5e337af57d8e14f9884426e6d3f43925','\'\'',NULL,366286),('3_Saturday','10','10:00','16:59','N','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_50b630cfdae3c75efd86ad722ae94e10','\'Title: Red Alert ICS CTF
\nWhen: Saturday, Aug 12, 10:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nRed Alert ICS CTF is a competition for Hackers by Hackers. The event exclusively focuses on having the participants break through several layers of security in our virtual SCADA environment and eventually take over complete control of the SCADA system.\n \n

The contest would house actual ICS (Industrial Control System) devices from various vendors on a testbed showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\n \n

Red Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF at DEF CON 30, DEF CON 29, DEF CON 27 and DEF CON 26 (Black Badge).\n \n

Highlights of the previous Red Alert ICS CTF is available at: https://www.youtube.com/watch?v=dz7hNnavHaY and https://youtu.be/AanKdrrQ0u0\n

\n\n\'',NULL,366287),('3_Saturday','11','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_50b630cfdae3c75efd86ad722ae94e10','\'\'',NULL,366288),('3_Saturday','12','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_50b630cfdae3c75efd86ad722ae94e10','\'\'',NULL,366289),('3_Saturday','13','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_50b630cfdae3c75efd86ad722ae94e10','\'\'',NULL,366290),('3_Saturday','14','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_50b630cfdae3c75efd86ad722ae94e10','\'\'',NULL,366291),('3_Saturday','15','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_50b630cfdae3c75efd86ad722ae94e10','\'\'',NULL,366292),('3_Saturday','16','10:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_50b630cfdae3c75efd86ad722ae94e10','\'\'',NULL,366293),('2_Friday','12','12:00','16:59','N','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_efd25df9e0271c04bc71a7684a3ef75d','\'Title: Red Alert ICS CTF
\nWhen: Friday, Aug 11, 12:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nRed Alert ICS CTF is a competition for Hackers by Hackers. The event exclusively focuses on having the participants break through several layers of security in our virtual SCADA environment and eventually take over complete control of the SCADA system.\n \n

The contest would house actual ICS (Industrial Control System) devices from various vendors on a testbed showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.\n \n

Red Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF at DEF CON 30, DEF CON 29, DEF CON 27 and DEF CON 26 (Black Badge).\n \n

Highlights of the previous Red Alert ICS CTF is available at: https://www.youtube.com/watch?v=dz7hNnavHaY and https://youtu.be/AanKdrrQ0u0\n

\n\n\'',NULL,366294),('2_Friday','13','12:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_efd25df9e0271c04bc71a7684a3ef75d','\'\'',NULL,366295),('2_Friday','14','12:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_efd25df9e0271c04bc71a7684a3ef75d','\'\'',NULL,366296),('2_Friday','15','12:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_efd25df9e0271c04bc71a7684a3ef75d','\'\'',NULL,366297),('2_Friday','16','12:00','16:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Alert ICS CTF\'','\' \'','CON_efd25df9e0271c04bc71a7684a3ef75d','\'\'',NULL,366298),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0','\'Title: Red Team CTF
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Red Team Capture the Flag (CTF) competition at DEFCON is a challenging and exciting event that tests the skills of participants in offensive security. The objective of the Red Team CTF is for teams to successfully breach the security of a simulated target network.\n \n

The Red Team CTF is designed to simulate real-world scenarios in which attackers attempt to penetrate the security of a network or system. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities in the target network.\n \n

Teams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities in the target network, while also evading detection and countermeasures put in place by the Blue Team.\n \n

The Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants\' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n

\n\n\'',NULL,366299),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0','\'\'',NULL,366300),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0','\'\'',NULL,366301),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0','\'\'',NULL,366302),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0','\'\'',NULL,366303),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0','\'\'',NULL,366304),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0','\'\'',NULL,366305),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0','\'\'',NULL,366306),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153','\'Title: Red Team CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Red Team Capture the Flag (CTF) competition at DEFCON is a challenging and exciting event that tests the skills of participants in offensive security. The objective of the Red Team CTF is for teams to successfully breach the security of a simulated target network.\n \n

The Red Team CTF is designed to simulate real-world scenarios in which attackers attempt to penetrate the security of a network or system. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities in the target network.\n \n

Teams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities in the target network, while also evading detection and countermeasures put in place by the Blue Team.\n \n

The Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants\' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n

\n\n\'',NULL,366307),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153','\'\'',NULL,366308),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153','\'\'',NULL,366309),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153','\'\'',NULL,366310),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153','\'\'',NULL,366311),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153','\'\'',NULL,366312),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153','\'\'',NULL,366313),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153','\'\'',NULL,366314),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_939d2017b6ee8de48ab1bd57a14fb5e7','\'Title: Red Team CTF
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Red Team Capture the Flag (CTF) competition at DEFCON is a challenging and exciting event that tests the skills of participants in offensive security. The objective of the Red Team CTF is for teams to successfully breach the security of a simulated target network.\n \n

The Red Team CTF is designed to simulate real-world scenarios in which attackers attempt to penetrate the security of a network or system. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities in the target network.\n \n

Teams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities in the target network, while also evading detection and countermeasures put in place by the Blue Team.\n \n

The Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants\' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n

\n\n\'',NULL,366315),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Red Team CTF\'','\' \'','CON_939d2017b6ee8de48ab1bd57a14fb5e7','\'\'',NULL,366316),('2_Friday','11','11:30','13:30','N','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Vishing Competition\'','\' \'','CON_d8cf9b33ba86a835e64171c90bf3c128','\'Title: Social Engineering Community (SEC) Vishing Competition
\nWhen: Friday, Aug 11, 11:30 - 13:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nIn this competition (#SECVC), teams go toe to toe by placing live vishing (voice phishing) phone calls in front of the Social Engineering Community audience at DEF CON. These calls showcase the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies. Teams can consist of 1-3 individuals, which we hope allows for teams to utilize novel techniques to implement different Social Engineering tactics. Each team has limited time to place as many calls as possible from a soundproof booth. During that time, their goal is to elicit from the receiver as many objectives as possible. Whether you’re an attacker, defender, business executive, or brand new to this community, you can learn by witnessing firsthand how easy it is for some competitors to schmooze their way to their goals and how well prepared some companies are to shut down those competitors! \n

2023 judges: Corgi, FC aka freakyclown, and Snow\n2023 coaches: Ibetika, JC, C_3PJoe, and Split Beans (last year\'s SECVC winners: Jenn, Matt, and Sean)\n

This competition takes place on Friday in the Social Engineering Community village, be sure to get there early to get a seat; they fill up fast! Additionally, at the end of Friday, join Snow as she covers the behind the scenes of creating the SECVC, this year\'s lessons learned, team highlights, and tips for future competitors!\n

\n\n\'',NULL,366317),('2_Friday','12','11:30','13:30','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Vishing Competition\'','\' \'','CON_d8cf9b33ba86a835e64171c90bf3c128','\'\'',NULL,366318),('2_Friday','13','11:30','13:30','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Vishing Competition\'','\' \'','CON_d8cf9b33ba86a835e64171c90bf3c128','\'\'',NULL,366319),('2_Friday','09','09:00','10:59','N','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Vishing Competition\'','\' \'','CON_ad935cc80463b683ef07a00da6d7da54','\'Title: Social Engineering Community (SEC) Vishing Competition
\nWhen: Friday, Aug 11, 09:00 - 10:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nIn this competition (#SECVC), teams go toe to toe by placing live vishing (voice phishing) phone calls in front of the Social Engineering Community audience at DEF CON. These calls showcase the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies. Teams can consist of 1-3 individuals, which we hope allows for teams to utilize novel techniques to implement different Social Engineering tactics. Each team has limited time to place as many calls as possible from a soundproof booth. During that time, their goal is to elicit from the receiver as many objectives as possible. Whether you’re an attacker, defender, business executive, or brand new to this community, you can learn by witnessing firsthand how easy it is for some competitors to schmooze their way to their goals and how well prepared some companies are to shut down those competitors! \n

2023 judges: Corgi, FC aka freakyclown, and Snow\n2023 coaches: Ibetika, JC, C_3PJoe, and Split Beans (last year\'s SECVC winners: Jenn, Matt, and Sean)\n

This competition takes place on Friday in the Social Engineering Community village, be sure to get there early to get a seat; they fill up fast! Additionally, at the end of Friday, join Snow as she covers the behind the scenes of creating the SECVC, this year\'s lessons learned, team highlights, and tips for future competitors!\n

\n\n\'',NULL,366320),('2_Friday','10','09:00','10:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Vishing Competition\'','\' \'','CON_ad935cc80463b683ef07a00da6d7da54','\'\'',NULL,366321),('2_Friday','14','14:00','16:59','N','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Vishing Competition\'','\' \'','CON_3c0e869c74ae86506b98e6e89a5b0b5a','\'Title: Social Engineering Community (SEC) Vishing Competition
\nWhen: Friday, Aug 11, 14:00 - 16:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nIn this competition (#SECVC), teams go toe to toe by placing live vishing (voice phishing) phone calls in front of the Social Engineering Community audience at DEF CON. These calls showcase the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies. Teams can consist of 1-3 individuals, which we hope allows for teams to utilize novel techniques to implement different Social Engineering tactics. Each team has limited time to place as many calls as possible from a soundproof booth. During that time, their goal is to elicit from the receiver as many objectives as possible. Whether you’re an attacker, defender, business executive, or brand new to this community, you can learn by witnessing firsthand how easy it is for some competitors to schmooze their way to their goals and how well prepared some companies are to shut down those competitors! \n

2023 judges: Corgi, FC aka freakyclown, and Snow\n2023 coaches: Ibetika, JC, C_3PJoe, and Split Beans (last year\'s SECVC winners: Jenn, Matt, and Sean)\n

This competition takes place on Friday in the Social Engineering Community village, be sure to get there early to get a seat; they fill up fast! Additionally, at the end of Friday, join Snow as she covers the behind the scenes of creating the SECVC, this year\'s lessons learned, team highlights, and tips for future competitors!\n

\n\n\'',NULL,366322),('2_Friday','15','14:00','16:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Vishing Competition\'','\' \'','CON_3c0e869c74ae86506b98e6e89a5b0b5a','\'\'',NULL,366323),('2_Friday','16','14:00','16:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Vishing Competition\'','\' \'','CON_3c0e869c74ae86506b98e6e89a5b0b5a','\'\'',NULL,366324),('3_Saturday','09','09:00','17:59','N','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'Title: Social Engineering Community (SEC) Youth Challenge
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nThe purpose of the Youth Challenge is to provide anyone under the age of 17 with an event for them to participate. Challenges and puzzles incorporate general cybersecurity with an emphasis on OSINT and Social Engineering. Challenges will be crafted in a way that steers participants to different villages with specific goals to broaden their exposure of different subject matter available at DEF CON. There will be a sign-up form prior to DEF CON, as well as encouraging walk-up participation for those who may not have been aware of the offering.\n
\n\n\'',NULL,366325),('3_Saturday','10','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'\'',NULL,366326),('3_Saturday','11','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'\'',NULL,366327),('3_Saturday','12','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'\'',NULL,366328),('3_Saturday','13','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'\'',NULL,366329),('3_Saturday','14','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'\'',NULL,366330),('3_Saturday','15','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'\'',NULL,366331),('3_Saturday','16','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'\'',NULL,366332),('3_Saturday','17','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02','\'\'',NULL,366333),('2_Friday','09','09:00','17:59','N','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'Title: Social Engineering Community (SEC) Youth Challenge
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nThe purpose of the Youth Challenge is to provide anyone under the age of 17 with an event for them to participate. Challenges and puzzles incorporate general cybersecurity with an emphasis on OSINT and Social Engineering. Challenges will be crafted in a way that steers participants to different villages with specific goals to broaden their exposure of different subject matter available at DEF CON. There will be a sign-up form prior to DEF CON, as well as encouraging walk-up participation for those who may not have been aware of the offering.\n
\n\n\'',NULL,366334),('2_Friday','10','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'\'',NULL,366335),('2_Friday','11','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'\'',NULL,366336),('2_Friday','12','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'\'',NULL,366337),('2_Friday','13','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'\'',NULL,366338),('2_Friday','14','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'\'',NULL,366339),('2_Friday','15','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'\'',NULL,366340),('2_Friday','16','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'\'',NULL,366341),('2_Friday','17','09:00','17:59','Y','CON','LINQ - 3rd flr - Social A - Social Engineering Community','\'Social Engineering Community (SEC) Youth Challenge\'','\' \'','CON_044d8829e800921de5fb8b6467acb44a','\'\'',NULL,366342),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52','\'Title: TeleChallenge
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe TeleChallenge is a fast-paced, fully immersive, and epic battle of wits and skill. The highest level of commitment is required, and this is one of the hardest contests in the world to win, but you don\'t need any special technical skills to play: just a touch-tone phone. And remember: the best way to ascend into the Phoniverse is to get others involved in the TeleChallenge opportunity, so bring a team!\n

--\n

Rated PG-13. It\'s a level of challenge that is probably most suited to high school students and up, but anyone can play and we try to make it fun even if you\'re not competitive to win. :)\n

\n\n\'',NULL,366343),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52','\'\'',NULL,366344),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52','\'\'',NULL,366345),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52','\'\'',NULL,366346),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52','\'\'',NULL,366347),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52','\'\'',NULL,366348),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52','\'\'',NULL,366349),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52','\'\'',NULL,366350),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5','\'Title: TeleChallenge
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe TeleChallenge is a fast-paced, fully immersive, and epic battle of wits and skill. The highest level of commitment is required, and this is one of the hardest contests in the world to win, but you don\'t need any special technical skills to play: just a touch-tone phone. And remember: the best way to ascend into the Phoniverse is to get others involved in the TeleChallenge opportunity, so bring a team!\n

--\n

Rated PG-13. It\'s a level of challenge that is probably most suited to high school students and up, but anyone can play and we try to make it fun even if you\'re not competitive to win. :)\n

\n\n\'',NULL,366351),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5','\'\'',NULL,366352),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5','\'\'',NULL,366353),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5','\'\'',NULL,366354),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5','\'\'',NULL,366355),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5','\'\'',NULL,366356),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5','\'\'',NULL,366357),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5','\'\'',NULL,366358),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_05a9e1fd25f0045c093ef6012f183551','\'Title: TeleChallenge
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe TeleChallenge is a fast-paced, fully immersive, and epic battle of wits and skill. The highest level of commitment is required, and this is one of the hardest contests in the world to win, but you don\'t need any special technical skills to play: just a touch-tone phone. And remember: the best way to ascend into the Phoniverse is to get others involved in the TeleChallenge opportunity, so bring a team!\n

--\n

Rated PG-13. It\'s a level of challenge that is probably most suited to high school students and up, but anyone can play and we try to make it fun even if you\'re not competitive to win. :)\n

\n\n\'',NULL,366359),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'TeleChallenge\'','\' \'','CON_05a9e1fd25f0045c093ef6012f183551','\'\'',NULL,366360),('2_Friday','10','10:00','13:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Beverage Cooling Contraption Contest\'','\' \'','CON_7f930be9399feb19928fe60be01b13fd','\'Title: The Beverage Cooling Contraption Contest
\nWhen: Friday, Aug 11, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nI don\'t know my gender non-specific guys. It\'s not funny anymore. We can\'t stop talking about a cheeto for paying hush money to a busty tortilla chip. Winny Pooh is presatator for life with a hunger for those sweet sweet chips. Off brand doctor evil is threatening to nuke the world on the weekly. And in the plot twist of the year BiBi is going fascist. I keep expecting ol\'e Joe to bust out the force lightning and tell me to \"give in to my hate\". WELL TOO LATE! This year we are going to have a change of pace. I\'m going to drink all the beverage! Lord knows I could use it. I\'m kidding of course, I\'m terribly allergic to hops. It\'s the greatest irony of all, I can\'t drink any of the beverage. But our spectators can! And they want that beverage to be COLD! So I need you to help me satisfy their thirst. Their thirst for escape from this mad world.\n

--
\nWe have soda for under 21 participants.\n

\n\n\'',NULL,366361),('2_Friday','11','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Beverage Cooling Contraption Contest\'','\' \'','CON_7f930be9399feb19928fe60be01b13fd','\'\'',NULL,366362),('2_Friday','12','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Beverage Cooling Contraption Contest\'','\' \'','CON_7f930be9399feb19928fe60be01b13fd','\'\'',NULL,366363),('2_Friday','13','10:00','13:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Beverage Cooling Contraption Contest\'','\' \'','CON_7f930be9399feb19928fe60be01b13fd','\'\'',NULL,366364),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_a877557e9d3a72354ed790a5934317b4','\'Title: The Dark Tangent Look-Alike Contest
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Dark Tangent Look A-like Contest is a creative opportunity for DEF CON attendees to put their non-technical hacking skills to the test. As a contestant in The Dark Tangent Look A-like Contest, you will be judged based on your appearance, mannerisms, efforts, and overall persuasiveness. Can you assume another identity? Can you look, walk, talk, and act like Dark Tangent? Can you become THE DARK TANGENT?\n
\n\n\'',NULL,366365),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_a877557e9d3a72354ed790a5934317b4','\'\'',NULL,366366),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_a877557e9d3a72354ed790a5934317b4','\'\'',NULL,366367),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_a877557e9d3a72354ed790a5934317b4','\'\'',NULL,366368),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_a877557e9d3a72354ed790a5934317b4','\'\'',NULL,366369),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_a877557e9d3a72354ed790a5934317b4','\'\'',NULL,366370),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_a877557e9d3a72354ed790a5934317b4','\'\'',NULL,366371),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_a877557e9d3a72354ed790a5934317b4','\'\'',NULL,366372),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_626bac3a42f5e869b63c1310499373d3','\'Title: The Dark Tangent Look-Alike Contest
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Dark Tangent Look A-like Contest is a creative opportunity for DEF CON attendees to put their non-technical hacking skills to the test. As a contestant in The Dark Tangent Look A-like Contest, you will be judged based on your appearance, mannerisms, efforts, and overall persuasiveness. Can you assume another identity? Can you look, walk, talk, and act like Dark Tangent? Can you become THE DARK TANGENT?\n
\n\n\'',NULL,366373),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_626bac3a42f5e869b63c1310499373d3','\'\'',NULL,366374),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_626bac3a42f5e869b63c1310499373d3','\'\'',NULL,366375),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_626bac3a42f5e869b63c1310499373d3','\'\'',NULL,366376),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_626bac3a42f5e869b63c1310499373d3','\'\'',NULL,366377),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_626bac3a42f5e869b63c1310499373d3','\'\'',NULL,366378),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_626bac3a42f5e869b63c1310499373d3','\'\'',NULL,366379),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_626bac3a42f5e869b63c1310499373d3','\'\'',NULL,366380),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_c9c62c08a94b896b4736d4b3602acdc5','\'Title: The Dark Tangent Look-Alike Contest
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Dark Tangent Look A-like Contest is a creative opportunity for DEF CON attendees to put their non-technical hacking skills to the test. As a contestant in The Dark Tangent Look A-like Contest, you will be judged based on your appearance, mannerisms, efforts, and overall persuasiveness. Can you assume another identity? Can you look, walk, talk, and act like Dark Tangent? Can you become THE DARK TANGENT?\n
\n\n\'',NULL,366381),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Dark Tangent Look-Alike Contest\'','\' \'','CON_c9c62c08a94b896b4736d4b3602acdc5','\'\'',NULL,366382),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_8f3922416d1298cad970e790e0c3046c','\'Title: The Gold Bug Challenge
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nLove puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go.\n

The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too!\n

:‡?( 8;(: .‡6; 6) 5; 3‡0†2?3 †‡; -(:.;‡¶600538 †‡; ‡(3\n

The CPV and Goldbug contest are always kid friendly. We will have \"junior cryptographer\" puzzle sheet hand outs for kids and those new to the field.\n

\n\n\'',NULL,366383),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_8f3922416d1298cad970e790e0c3046c','\'\'',NULL,366384),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea','\'Title: The Gold Bug Challenge
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nLove puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go.\n

The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too!\n

:‡?( 8;(: .‡6; 6) 5; 3‡0†2?3 †‡; -(:.;‡¶600538 †‡; ‡(3\n

The CPV and Goldbug contest are always kid friendly. We will have \"junior cryptographer\" puzzle sheet hand outs for kids and those new to the field.\n

\n\n\'',NULL,366385),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea','\'\'',NULL,366386),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea','\'\'',NULL,366387),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea','\'\'',NULL,366388),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea','\'\'',NULL,366389),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea','\'\'',NULL,366390),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea','\'\'',NULL,366391),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea','\'\'',NULL,366392),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8','\'Title: The Gold Bug Challenge
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nLove puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go.\n

The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too!\n

:‡?( 8;(: .‡6; 6) 5; 3‡0†2?3 †‡; -(:.;‡¶600538 †‡; ‡(3\n

The CPV and Goldbug contest are always kid friendly. We will have \"junior cryptographer\" puzzle sheet hand outs for kids and those new to the field.\n

\n\n\'',NULL,366393),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8','\'\'',NULL,366394),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8','\'\'',NULL,366395),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8','\'\'',NULL,366396),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8','\'\'',NULL,366397),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8','\'\'',NULL,366398),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8','\'\'',NULL,366399),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Gold Bug Challenge\'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8','\'\'',NULL,366400),('2_Friday','10','10:00','19:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'Title: The Lonely Hard Drive
\nWhen: Friday, Aug 11, 10:00 - 19:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you looking for a good time? Are you trying to get lucky? Did you already get lucky by finding a Lonely Hard Drive in Vegas? Satisfy your curiosity by visiting the contest hall to get started or encounter one of the Lonely Hard Drives hidden around the conference! Contained within is a maze of puzzles and challenges that increase in difficulty the further you progress. There are flags to find and points to earn towards the leaderboard to win prizes at DEF CON 31! Act now! Limited time offer! The Lonely Hard Drive is waiting for you!\n
\n\n\'',NULL,366401),('2_Friday','11','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366402),('2_Friday','12','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366403),('2_Friday','13','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366404),('2_Friday','14','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366405),('2_Friday','15','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366406),('2_Friday','16','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366407),('2_Friday','17','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366408),('2_Friday','18','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366409),('2_Friday','19','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1','\'\'',NULL,366410),('4_Sunday','10','10:00','12:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_f1e7dd978a859c65a851bbb664535e4c','\'Title: The Lonely Hard Drive
\nWhen: Sunday, Aug 13, 10:00 - 12:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you looking for a good time? Are you trying to get lucky? Did you already get lucky by finding a Lonely Hard Drive in Vegas? Satisfy your curiosity by visiting the contest hall to get started or encounter one of the Lonely Hard Drives hidden around the conference! Contained within is a maze of puzzles and challenges that increase in difficulty the further you progress. There are flags to find and points to earn towards the leaderboard to win prizes at DEF CON 31! Act now! Limited time offer! The Lonely Hard Drive is waiting for you!\n
\n\n\'',NULL,366411),('4_Sunday','11','10:00','12:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_f1e7dd978a859c65a851bbb664535e4c','\'\'',NULL,366412),('4_Sunday','12','10:00','12:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_f1e7dd978a859c65a851bbb664535e4c','\'\'',NULL,366413),('3_Saturday','10','10:00','19:59','N','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'Title: The Lonely Hard Drive
\nWhen: Saturday, Aug 12, 10:00 - 19:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAre you looking for a good time? Are you trying to get lucky? Did you already get lucky by finding a Lonely Hard Drive in Vegas? Satisfy your curiosity by visiting the contest hall to get started or encounter one of the Lonely Hard Drives hidden around the conference! Contained within is a maze of puzzles and challenges that increase in difficulty the further you progress. There are flags to find and points to earn towards the leaderboard to win prizes at DEF CON 31! Act now! Limited time offer! The Lonely Hard Drive is waiting for you!\n
\n\n\'',NULL,366414),('3_Saturday','11','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366415),('3_Saturday','12','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366416),('3_Saturday','13','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366417),('3_Saturday','14','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366418),('3_Saturday','15','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366419),('3_Saturday','16','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366420),('3_Saturday','17','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366421),('3_Saturday','18','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366422),('3_Saturday','19','10:00','19:59','Y','CON','Caesars Forum - Summit - Contest Area','\'The Lonely Hard Drive\'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81','\'\'',NULL,366423),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303','\'Title: Tinfoil Hat Contest
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nWant to block those pesky 5G microchips coursing through your vaccinated body? Did you anger our new AI overlords, and need to hide? Or do those alien mind control rays just have you down lately? Fear not, for we here at the Tin Foil Hat contest have your back for all of these! Come find us in the contest area, and we\'ll have you build a tin foil hat which is guaranteed to provide top quality protection for your noggin. How you ask? SCIENCE!\n

Show us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\n

There are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good, though, so a single winner will be selected from each category for \"Style\".\n

\n\n\'',NULL,366424),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303','\'\'',NULL,366425),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303','\'\'',NULL,366426),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303','\'\'',NULL,366427),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303','\'\'',NULL,366428),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303','\'\'',NULL,366429),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303','\'\'',NULL,366430),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303','\'\'',NULL,366431),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20','\'Title: Tinfoil Hat Contest
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nWant to block those pesky 5G microchips coursing through your vaccinated body? Did you anger our new AI overlords, and need to hide? Or do those alien mind control rays just have you down lately? Fear not, for we here at the Tin Foil Hat contest have your back for all of these! Come find us in the contest area, and we\'ll have you build a tin foil hat which is guaranteed to provide top quality protection for your noggin. How you ask? SCIENCE!\n

Show us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\n

There are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"Substance\" award for that category. We all know that hacker culture is all about looking good, though, so a single winner will be selected from each category for \"Style\".\n

\n\n\'',NULL,366432),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20','\'\'',NULL,366433),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20','\'\'',NULL,366434),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20','\'\'',NULL,366435),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20','\'\'',NULL,366436),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20','\'\'',NULL,366437),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20','\'\'',NULL,366438),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Tinfoil Hat Contest\'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20','\'\'',NULL,366439),('3_Saturday','12','12:00','14:59','N','CON','LINQ - 5th Floor / BLOQ - Lockpick Village','\'TOOOL Dozier Drill Lockpicking Challenge\'','\' \'','CON_f5c8cd25b272ce23ac378e6db9daf491','\'Title: TOOOL Dozier Drill Lockpicking Challenge
\nWhen: Saturday, Aug 12, 12:00 - 14:59 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
\nDescription:
\nHave you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that\'s why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us Friday for qualifier games, and on Saturday for an official bracket tournament.\n

**Important Note**\n

In order to participate in the official bracket tournament on Saturday, you must win a round (against anyone), observed by a village staff member, on Friday. See village staff for details. \n

\n\n\'',NULL,366440),('3_Saturday','13','12:00','14:59','Y','CON','LINQ - 5th Floor / BLOQ - Lockpick Village','\'TOOOL Dozier Drill Lockpicking Challenge\'','\' \'','CON_f5c8cd25b272ce23ac378e6db9daf491','\'\'',NULL,366441),('3_Saturday','14','12:00','14:59','Y','CON','LINQ - 5th Floor / BLOQ - Lockpick Village','\'TOOOL Dozier Drill Lockpicking Challenge\'','\' \'','CON_f5c8cd25b272ce23ac378e6db9daf491','\'\'',NULL,366442),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_96d7c68428e549743ef1599aafa64a75','\'Title: venator aurum - A Treasure Hunt
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThrough interfacing with reality you are defining that reality. Rethink your senses and test your limits. Solve the five layers and discover a hidden treasure. Each layer yields its own reward, but few will make it to the end of the hunt. For each of your senses, you will need to set aside preconceptions and look to the underlying patterns within the data.\n
\n\n\'',NULL,366443),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_96d7c68428e549743ef1599aafa64a75','\'\'',NULL,366444),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_96d7c68428e549743ef1599aafa64a75','\'\'',NULL,366445),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_96d7c68428e549743ef1599aafa64a75','\'\'',NULL,366446),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_96d7c68428e549743ef1599aafa64a75','\'\'',NULL,366447),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_96d7c68428e549743ef1599aafa64a75','\'\'',NULL,366448),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_96d7c68428e549743ef1599aafa64a75','\'\'',NULL,366449),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_96d7c68428e549743ef1599aafa64a75','\'\'',NULL,366450),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_09f786cfbccfddf5f1475b6ff29461b1','\'Title: venator aurum - A Treasure Hunt
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThrough interfacing with reality you are defining that reality. Rethink your senses and test your limits. Solve the five layers and discover a hidden treasure. Each layer yields its own reward, but few will make it to the end of the hunt. For each of your senses, you will need to set aside preconceptions and look to the underlying patterns within the data.\n
\n\n\'',NULL,366451),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_09f786cfbccfddf5f1475b6ff29461b1','\'\'',NULL,366452),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_849a46240bd695cf8178726496eb17d7','\'Title: venator aurum - A Treasure Hunt
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThrough interfacing with reality you are defining that reality. Rethink your senses and test your limits. Solve the five layers and discover a hidden treasure. Each layer yields its own reward, but few will make it to the end of the hunt. For each of your senses, you will need to set aside preconceptions and look to the underlying patterns within the data.\n
\n\n\'',NULL,366453),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_849a46240bd695cf8178726496eb17d7','\'\'',NULL,366454),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_849a46240bd695cf8178726496eb17d7','\'\'',NULL,366455),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_849a46240bd695cf8178726496eb17d7','\'\'',NULL,366456),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_849a46240bd695cf8178726496eb17d7','\'\'',NULL,366457),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_849a46240bd695cf8178726496eb17d7','\'\'',NULL,366458),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_849a46240bd695cf8178726496eb17d7','\'\'',NULL,366459),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'venator aurum - A Treasure Hunt\'','\' \'','CON_849a46240bd695cf8178726496eb17d7','\'\'',NULL,366460),('2_Friday','22','22:00','23:59','N','CON','Caesars Forum - Summit - 233 - Shared Stage','\'Whose Slide Is It Anyway?\'','\' \'','CON_c13978a800a436c7a6e6ad6c6ac1ec45','\'Title: Whose Slide Is It Anyway?
\nWhen: Friday, Aug 11, 22:00 - 23:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
\nDescription:
\n\"Whose Slide Is It Anyway?\" is an unholy union of improv comedy, hacking and slide deck sado-masochism.\n

Our team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.\n

But....why?\n

Whether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.\n

\n\n\'',NULL,366461),('2_Friday','23','22:00','23:59','Y','CON','Caesars Forum - Summit - 233 - Shared Stage','\'Whose Slide Is It Anyway?\'','\' \'','CON_c13978a800a436c7a6e6ad6c6ac1ec45','\'\'',NULL,366462),('2_Friday','13','13:00','15:59','N','MISC','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','MISC_ff5d3f5144c1eaf4ceb7c487193c65e1','\'Title: Free Amateur Radio License Exams
\nWhen: Friday, Aug 11, 13:00 - 15:59 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
\nDescription:
\nTake the test to join what has been considered to be one of the first hacker communities, amateur radio! The Ham Radio Village is back at DEF CON 31 to offer free amateur radio license exams to anyone who wishes to get their ham radio license. Examinees are encouraged to study on [ham.study](https://ham.study/), and may sign up for this time slot [here](https://ham.study/sessions/64bc92b50e6ad267cdea8ab0/1).\n
\n\n\'',NULL,366463),('2_Friday','14','13:00','15:59','Y','MISC','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','MISC_ff5d3f5144c1eaf4ceb7c487193c65e1','\'\'',NULL,366464),('2_Friday','15','13:00','15:59','Y','MISC','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','MISC_ff5d3f5144c1eaf4ceb7c487193c65e1','\'\'',NULL,366465),('3_Saturday','11','11:00','16:59','N','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_83c0f3bcb0c235702bab05c9770ced37','\'Title: Free Amateur Radio License Exams
\nWhen: Saturday, Aug 12, 11:00 - 16:59 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
\nDescription:
\nTake the test to join what has been considered to be one of the first hacker communities, amateur radio! The Ham Radio Village is back at DEF CON 31 to offer free amateur radio license exams to anyone who wishes to get their ham radio license. Examinees are encouraged to study on [ham.study](https://ham.study/), and may sign up for this time slot [here](https://ham.study/sessions/64bc92c66f588492f6063722/1).\n
\n\n\'',NULL,366466),('3_Saturday','12','11:00','16:59','Y','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_83c0f3bcb0c235702bab05c9770ced37','\'\'',NULL,366467),('3_Saturday','13','11:00','16:59','Y','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_83c0f3bcb0c235702bab05c9770ced37','\'\'',NULL,366468),('3_Saturday','14','11:00','16:59','Y','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_83c0f3bcb0c235702bab05c9770ced37','\'\'',NULL,366469),('3_Saturday','15','11:00','16:59','Y','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_83c0f3bcb0c235702bab05c9770ced37','\'\'',NULL,366470),('3_Saturday','16','11:00','16:59','Y','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_83c0f3bcb0c235702bab05c9770ced37','\'\'',NULL,366471),('4_Sunday','11','11:00','13:59','N','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_265fa31e77ab43853419cf7ee22d683d','\'Title: Free Amateur Radio License Exams
\nWhen: Sunday, Aug 13, 11:00 - 13:59 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
\nDescription:
\nTake the test to join what has been considered to be one of the first hacker communities, amateur radio! The Ham Radio Village is back at DEF CON 31 to offer free amateur radio license exams to anyone who wishes to get their ham radio license. Examinees are encouraged to study on [ham.study](https://ham.study/), and may sign up for this time slot [here](https://ham.study/sessions/64bc92f0f1d18834466defba/1).\n
\n\n\'',NULL,366472),('4_Sunday','12','11:00','13:59','Y','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_265fa31e77ab43853419cf7ee22d683d','\'\'',NULL,366473),('4_Sunday','13','11:00','13:59','Y','CON','Flamingo - Virginia City - Ham Radio Village','\'Free Amateur Radio License Exams\'','\' \'','CON_265fa31e77ab43853419cf7ee22d683d','\'\'',NULL,366474),('1_Thursday','09','09:00','17:59','N','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'Title: Ham In A Day Class
\nWhen: Thursday, Aug 10, 09:00 - 17:59 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
SpeakerBio:Dan KB6NU\n
\nDan, KB6NU, is the author of the No Nonsense amateur radio license study guides and is very proud of helping thousands of people get their licenses and upgrade their licenses. He also blogs about amateur radio [KB6NU.Com](https://KB6NU.Com), appears on the [ICQPodcast](https://icqpodcast.com), and is Communications Manager for [ARDC](https://ampr.org).
\nTwitter: @@kb6nu
\n\n
\nDescription:
\nIn this class, KB6NU will cover everything you need to know to pass the Technician Class license exam. Register [here](https://platform.hamvillage.org/collect/description/315307-u-def-con-31-ham-in-a-day).\n
\n\n\'',NULL,366475),('1_Thursday','10','09:00','17:59','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'\'',NULL,366476),('1_Thursday','11','09:00','17:59','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'\'',NULL,366477),('1_Thursday','12','09:00','17:59','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'\'',NULL,366478),('1_Thursday','13','09:00','17:59','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'\'',NULL,366479),('1_Thursday','14','09:00','17:59','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'\'',NULL,366480),('1_Thursday','15','09:00','17:59','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'\'',NULL,366481),('1_Thursday','16','09:00','17:59','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'\'',NULL,366482),('1_Thursday','17','09:00','17:59','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'Ham In A Day Class\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2','\'\'',NULL,366483),('2_Friday','21','21:00','01:59','N','SOC','Caesars Forum - Forum - 109-110, 139','\'GothCon\'','\' \'','SOC_9390b426df7a1d59a8ef4942a4580ae4','\'Title: GothCon
\nWhen: Friday, Aug 11, 21:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 109-110, 139 - Map
\n
\nDescription:
\nBack for their 6th year, GOTHCON welcomes everyone to come dance and stomp the night away with the theme \"THE FUTURE IS #000000\" on Firday, August 11 21:00 – 02:00. Follow @dcgothcon on twitter for updates & lineup. All are welcome (except nazis), and dress however you want - whatever makes you the most comfortable and happy.\n
\n\n\'',NULL,366484),('3_Saturday','21','21:00','01:59','N','SOC','Caesars Forum - Forum - 105,136','\'Arcade Party\'','\' \'','SOC_80bd25e124b209e868f5bbd4c9b810bb','\'Title: Arcade Party
\nWhen: Saturday, Aug 12, 21:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 105,136 - Map
\n
\nDescription:
\nThe Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 31 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends. \n
\n\n\'',NULL,366485),('3_Saturday','21','21:00','01:59','N','SOC','Caesars Forum - Forum - 109-110, 139','\'VetCon\'','\' \'','SOC_1d65df165ee09ac51f5f0a45128b13a2','\'Title: VetCon
\nWhen: Saturday, Aug 12, 21:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 109-110, 139 - Map
\n
\nDescription:
\n🔊 Attention all Veterans, Cyber Warriors, AI buffs, and Skynet skeptics! VETCON is calling you to action! 📢\n

Join us on August 12, 2023, at Caesars Forum Rooms 105,136 in Las Vegas for a mission of a different kind. Transition into the cyber frontline, network with comrades-in-arms, and engage in some good old military humor that even a drill sergeant can\'t resist!\n

Navy, it\'s after you\'ve mistaken the hotel pool for the high seas. Marines, we\'ll see you post-crayon snack but pre-attempting to conquer the casino. Air Force, try to fit us in between your gourmet meals and five-star luxuries. Army, no amount of camouflage can hide your poker face!\n

Coast Guard, be prepared to rescue any Navy personnel lost en route. And Space Force, we promise the gravity of the situation isn\'t too intense.\n

For our veterans and active-duty heroes looking to transition into cybersecurity, this is your chance to become the most unique people of the cyber world. For the general public, come meet the superstars ready to defend your cyberspace!\n

This mission is all fun, games, and camaraderie until someone loses at poker. So, gear up, report for duty, and let\'s show AI how the military does humor! 🤣🎖️\n

\n\n\'',NULL,366486),('2_Friday','20','20:00','23:59','N','SOC','Caesars Forum - Forum - 105,136','\'Cult Of The Dead Cow Breaks The Internet (and you can too!)\'','\' \'','SOC_872560f8973343eb3c5fb55b5eb651c8','\'Title: Cult Of The Dead Cow Breaks The Internet (and you can too!)
\nWhen: Friday, Aug 11, 20:00 - 23:59 PDT
\nWhere: Caesars Forum - Forum - 105,136 - Map
\n
\nDescription:
\nCULT OF THE DEAD COW BREAKS THE INTERNET (and you can too!)\n

What is dead shall rise again! Come do a hacktivism with cDc, as we launch a THING that will once again change the world, with the style and chaos that only the herd can bring. Let us bless you with a revolutionary communications system that will disrupt the balance of power.\n

It’s time to TAKE BACK CONTROL.\n

Recommended (but not required) dress code- y2k 31337 Haxxor threads. Think Zero Cool and Acid Burn meet Max Headroom and Franken Gibe. There is no contest, but the Bovine Mother is watching, so make her proud.\n

The herd hath spoken. Oomen.\n

\n\n\'',NULL,366487),('2_Friday','21','20:00','23:59','Y','SOC','Caesars Forum - Forum - 105,136','\'Cult Of The Dead Cow Breaks The Internet (and you can too!)\'','\' \'','SOC_872560f8973343eb3c5fb55b5eb651c8','\'\'',NULL,366488),('2_Friday','22','20:00','23:59','Y','SOC','Caesars Forum - Forum - 105,136','\'Cult Of The Dead Cow Breaks The Internet (and you can too!)\'','\' \'','SOC_872560f8973343eb3c5fb55b5eb651c8','\'\'',NULL,366489),('2_Friday','23','20:00','23:59','Y','SOC','Caesars Forum - Forum - 105,136','\'Cult Of The Dead Cow Breaks The Internet (and you can too!)\'','\' \'','SOC_872560f8973343eb3c5fb55b5eb651c8','\'\'',NULL,366490),('2_Friday','18','18:00','01:59','N','SOC','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Blacks in Cyber Lituation Party\'','\' \'','SOC_9432cca831b5f8c877198ae9798ffd7f','\'Title: Blacks in Cyber Lituation Party
\nWhen: Friday, Aug 11, 18:00 - 01:59 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
\nDescription:
\nThe BIC Lituation Party is designed to have a night\'s worth of different activities that DEF CON attendees are able to browse and fit into their DEF CON schedule for networking, knowledge sharing and fun!\n

The event will break into three sections throughout the night:\n

“Mild”
\n6:00 pm - 8:00pm
\nNetworking - Light music, Food and Drinks\n

“Medium”
\n8:00pm - 10:00pm
\nNerdcore HipHop Showcase\n

“Hot”
\n10:00pm - Until (2:00 am)
\nDJ Stage Set by DJ Roma of the DC Metro Area.\n

\n\n\'',NULL,366491),('3_Saturday','19','19:00','00:59','N','SOC','Caesars Forum - Forum - 130','\'BlanketFort Con\'','\' \'','SOC_794262b90fad416272eadb05071a88f6','\'Title: BlanketFort Con
\nWhen: Saturday, Aug 12, 19:00 - 00:59 PDT
\nWhere: Caesars Forum - Forum - 130 - Map
\n
\nDescription:
\nBlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly\\Safe environment. Now with less Gluten and more animal onesies! \n
\n\n\'',NULL,366492),('2_Friday','22','22:00','00:59','N','SOC','Caesars Forum - Forum - 111-113','\'QueerCon Party\'','\'DotOrNot,Miss Jackalope,Skittish & Bus\'','SOC_b77d0e730034bdb50a104726abe2cabd','\'Title: QueerCon Party
\nWhen: Friday, Aug 11, 22:00 - 00:59 PDT
\nWhere: Caesars Forum - Forum - 111-113 - Map
\nSpeakers:DotOrNot,Miss Jackalope,Skittish & Bus
\n
SpeakerBio:DotOrNot\n
\nNo BIO available
\n
SpeakerBio:Miss Jackalope\n
\nNo BIO available
\n
SpeakerBio:Skittish & Bus\n
\nNo BIO available
\n\n
\nDescription:
\nThe party provides a safe and inclusive environment for the lgbtqia+ community within Infosec to come together and be their authentic selves. A late evening party with music, dancing, and hanging out.\n

22:00 - 23:00 - DotOrNot
\n23:00 - 00:00 - Skittish and Bus
\n00:00 - 01:00 - Miss Jackalope\n

\n\n\'',NULL,366493),('2_Friday','20','20:00','01:59','N','SOC','Caesars Forum - Summit - 216','\'Hacker Karaoke 15\'','\' \'','SOC_e5bbf6a4a8c51137c77df47fe49b243f','\'Title: Hacker Karaoke 15
\nWhen: Friday, Aug 11, 20:00 - 01:59 PDT
\nWhere: Caesars Forum - Summit - 216 - Map
\n
\nDescription:
\nFor those who love to sing and perform in front of others, we are celebrating our 15th year of Love, Laughter, and Song from 19:30 – 02:00 Friday and Saturday night.\n

We are open to everyone of any age, and singing is not required.\n

\n\n\'',NULL,366494),('3_Saturday','20','20:00','01:59','N','SOC','Caesars Forum - Summit - 216','\'Hacker Karaoke 15\'','\' \'','SOC_f6abb18952e407027f42bf5911dc7dd2','\'Title: Hacker Karaoke 15
\nWhen: Saturday, Aug 12, 20:00 - 01:59 PDT
\nWhere: Caesars Forum - Summit - 216 - Map
\n
\nDescription:
\nFor those who love to sing and perform in front of others, we are celebrating our 15th year of Love, Laughter, and Song from 19:30 – 02:00 Friday and Saturday night.\n

We are open to everyone of any age, and singing is not required.\n

\n\n\'',NULL,366495),('3_Saturday','21','21:00','00:59','N','SOC','Caesars Forum - Forum - 111-112','\'Hack The Box, Pub Crawl\'','\' \'','SOC_7978d7564c473a256597f50972b9f876','\'Title: Hack The Box, Pub Crawl
\nWhen: Saturday, Aug 12, 21:00 - 00:59 PDT
\nWhere: Caesars Forum - Forum - 111-112 - Map
\n
\nDescription:
\nHack The Box will be hosting a pub in the DEF CON pub crawl. Come socialize and have a drink!\n
\n\n\'',NULL,366496),('3_Saturday','21','21:00','00:59','N','SOC','Caesars Forum - Forum - 113-114','\'Capitol Tech University, Pub Crawl\'','\' \'','SOC_e28080cabddc628c88ebf7dcd1490943','\'Title: Capitol Tech University, Pub Crawl
\nWhen: Saturday, Aug 12, 21:00 - 00:59 PDT
\nWhere: Caesars Forum - Forum - 113-114 - Map
\n
\nDescription:
\nCapitol Tech University will be a hosting a pub in the DEF CON pub crawl. Swing by for a chat and a beer!\n
\n\n\'',NULL,366497),('3_Saturday','21','21:00','00:59','N','SOC','Caesars Forum - Forum - 115-116','\'University of Advancing Technology, Pub Crawl\'','\' \'','SOC_791c77806d419a9e4d627ca52d62516a','\'Title: University of Advancing Technology, Pub Crawl
\nWhen: Saturday, Aug 12, 21:00 - 00:59 PDT
\nWhere: Caesars Forum - Forum - 115-116 - Map
\n
\nDescription:
\nUniversity of Advancing Technology will be hosting a pub in the DEF CON pub crawl. Grab a cocktail and meet the UAT staff!\n
\n\n\'',NULL,366498),('3_Saturday','19','19:30','21:59','N','SOC','Caesars Forum - Forum - 131-133','\'DEF CON Kids Party\'','\' \'','SOC_2fc5c479a6051433fa905bc8079f96ef','\'Title: DEF CON Kids Party
\nWhen: Saturday, Aug 12, 19:30 - 21:59 PDT
\nWhere: Caesars Forum - Forum - 131-133 - Map
\n
\nDescription:
\nParty with other DEF CON kids. Enjoy some music, and some good conversation with other DEF CON kids!\n
\n\n\'',NULL,366499),('3_Saturday','20','19:30','21:59','Y','SOC','Caesars Forum - Forum - 131-133','\'DEF CON Kids Party\'','\' \'','SOC_2fc5c479a6051433fa905bc8079f96ef','\'\'',NULL,366500),('3_Saturday','21','19:30','21:59','Y','SOC','Caesars Forum - Forum - 131-133','\'DEF CON Kids Party\'','\' \'','SOC_2fc5c479a6051433fa905bc8079f96ef','\'\'',NULL,366501),('2_Friday','21','21:00','00:59','N','SOC','Caesars Forum - Forum - 115-116','\'The Village People Party: hosted by Car Hacking, ICS, Aerospace, and Biohacking Villages\'','\'NGHTHWK\'','SOC_2a1c3a903773e5b7a9c50bc5a40792ea','\'Title: The Village People Party: hosted by Car Hacking, ICS, Aerospace, and Biohacking Villages
\nWhen: Friday, Aug 11, 21:00 - 00:59 PDT
\nWhere: Caesars Forum - Forum - 115-116 - Map
\n
SpeakerBio:NGHTHWK\n
\nNo BIO available
\n\n
\nDescription:
\nEach village will be passing out drink tickets at their booth (while supplies last!)\n
\n\n\'',NULL,366502),('3_Saturday','22','22:00','23:59','N','SOC','Caesars Forum - Forum - 117-118','\'Social Engineering Community Party\'','\' \'','SOC_25c2b8053de75ab7a6081ec3eead740d','\'Title: Social Engineering Community Party
\nWhen: Saturday, Aug 12, 22:00 - 23:59 PDT
\nWhere: Caesars Forum - Forum - 117-118 - Map
\n
\nDescription:
\nWant to hang out without the loud music so that you can actually have a conversation? Put on your raddest 80s gear and join the Social Engineering Community for a themed get-together for a chance to hang out and meet new people! We\'ll have a cash bar with both boozy and booze-free options.\n
\n\n\'',NULL,366503),('3_Saturday','23','22:00','23:59','Y','SOC','Caesars Forum - Forum - 117-118','\'Social Engineering Community Party\'','\' \'','SOC_25c2b8053de75ab7a6081ec3eead740d','\'\'',NULL,366504),('3_Saturday','19','19:00','21:59','N','SOC','Caesars Forum - Summit - 223 - Plounge','\'Policy Lounge\'','\'\'','SOC_825b472fa48d5d23a1bb0946c6533509','\'Title: Policy Lounge
\nWhen: Saturday, Aug 12, 19:00 - 21:59 PDT
\nWhere: Caesars Forum - Summit - 223 - Plounge - Map
\n
\nDescription:No Description available
\n\'',NULL,366505),('3_Saturday','20','19:00','21:59','Y','SOC','Caesars Forum - Summit - 223 - Plounge','\'Policy Lounge\'','\'\'','SOC_825b472fa48d5d23a1bb0946c6533509','\'\'',NULL,366506),('3_Saturday','21','19:00','21:59','Y','SOC','Caesars Forum - Summit - 223 - Plounge','\'Policy Lounge\'','\'\'','SOC_825b472fa48d5d23a1bb0946c6533509','\'\'',NULL,366507),('2_Friday','20','20:30','22:59','N','SOC','Flamingo - Pool','\'Blue Team Village (BTV) Pool Party\'','\' \'','SOC_4afd880fd738144a1eb1947cd9b6af7b','\'Title: Blue Team Village (BTV) Pool Party
\nWhen: Friday, Aug 11, 20:30 - 22:59 PDT
\nWhere: Flamingo - Pool - Map
\n
\nDescription:
\nJoin the AI Village and Blue Team Village for the DEF CON \"Community Experience Pool Party\" at the Flamingo \"Go Pool\" Friday, August 11, from 20:30 to 23:00 featuring a performance by the one and only Dual Core at 21:00. Free Tacos, cash bar.\n

DEF CON badge required for entry.\n

In event of rain/weather cancellation, the backup location for this party is \"Flamingo - Upstairs - Eldorado Ballroom\". \n

\n\n\'',NULL,366508),('2_Friday','21','20:30','22:59','Y','SOC','Flamingo - Pool','\'Blue Team Village (BTV) Pool Party\'','\' \'','SOC_4afd880fd738144a1eb1947cd9b6af7b','\'\'',NULL,366509),('2_Friday','22','20:30','22:59','Y','SOC','Flamingo - Pool','\'Blue Team Village (BTV) Pool Party\'','\' \'','SOC_4afd880fd738144a1eb1947cd9b6af7b','\'\'',NULL,366510),('2_Friday','14','14:00','15:59','N','SOC','Harrah\'s - Goldfield/Tonopah - Community Room','\'Book Club Discussion and Exchange\'','\' \'','SOC_232f0e31b29e78aa4e90cbd73a4f6c57','\'Title: Book Club Discussion and Exchange
\nWhen: Friday, Aug 11, 14:00 - 15:59 PDT
\nWhere: Harrah\'s - Goldfield/Tonopah - Community Room - Map
\n
\nDescription:
\nBooks bring us together, expand our ways of thinking, and allow for discourse. This DEF CON book exchange will be a quieter space for those who want to discuss what they are reading, recommend books, and trade books too. We might even have a SAO of a book - pending sponsorship.\n
\n\n\'',NULL,366511),('2_Friday','15','14:00','15:59','Y','SOC','Harrah\'s - Goldfield/Tonopah - Community Room','\'Book Club Discussion and Exchange\'','\' \'','SOC_232f0e31b29e78aa4e90cbd73a4f6c57','\'\'',NULL,366512),('2_Friday','16','16:00','18:59','N','SOC','Harrah\'s - Goldfield/Tonopah - Community Room','\'DC 404/DC 678/ DC 770/ DC 470 (Atlanta Metro)\'','\' \'','SOC_aa7133fa4f25d5521bc342198a9efbec','\'Title: DC 404/DC 678/ DC 770/ DC 470 (Atlanta Metro)
\nWhen: Friday, Aug 11, 16:00 - 18:59 PDT
\nWhere: Harrah\'s - Goldfield/Tonopah - Community Room - Map
\n
\nDescription:
\nThey say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead, we\'re meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404\'s 20+ year legacy can catch up and share stories. \n

Join us and meet your fellow ATL hackers!\n

\n\n\'',NULL,366513),('2_Friday','17','16:00','18:59','Y','SOC','Harrah\'s - Goldfield/Tonopah - Community Room','\'DC 404/DC 678/ DC 770/ DC 470 (Atlanta Metro)\'','\' \'','SOC_aa7133fa4f25d5521bc342198a9efbec','\'\'',NULL,366514),('2_Friday','18','16:00','18:59','Y','SOC','Harrah\'s - Goldfield/Tonopah - Community Room','\'DC 404/DC 678/ DC 770/ DC 470 (Atlanta Metro)\'','\' \'','SOC_aa7133fa4f25d5521bc342198a9efbec','\'\'',NULL,366515),('2_Friday','16','16:00','18:59','N','SOC','Flamingo - Bird Bar','\'DEF CON Holland Group Presents: VrijMiBo\'','\' \'','SOC_298936f369a3e1d0f6be1261a73a257f','\'Title: DEF CON Holland Group Presents: VrijMiBo
\nWhen: Friday, Aug 11, 16:00 - 18:59 PDT
\nWhere: Flamingo - Bird Bar
\n
\nDescription:
\nIn The Netherlands it\'s a tradition to catch up with your colleagues just before the end of the workday on Friday when the weekend starts to kick in. In The Netherlands this is called the \"VrijMiBo\" (Vrijdag/Friday - Middag/Afternoon Borrel/Drink)\n

\"VrijMiBo/Friday afternoon Drink\" at DEF CON is a perfect moment to talk about what your favorite thing is at DefCon, show your cool handmade badges, impress other hackers about your latest hacks, make new friends, gossip about your boss and show your cat or dog pictures.\n

Vrijdag Middag Borrel, Freitag Mittags Getränk, Apéritif du vendredi après-midi, trago de viernes por la tarde.\n

\n\n\'',NULL,366516),('2_Friday','17','16:00','18:59','Y','SOC','Flamingo - Bird Bar','\'DEF CON Holland Group Presents: VrijMiBo\'','\' \'','SOC_298936f369a3e1d0f6be1261a73a257f','\'\'',NULL,366517),('2_Friday','18','16:00','18:59','Y','SOC','Flamingo - Bird Bar','\'DEF CON Holland Group Presents: VrijMiBo\'','\' \'','SOC_298936f369a3e1d0f6be1261a73a257f','\'\'',NULL,366518),('1_Thursday','14','14:00','15:59','N','SOC','Caesars Forum - Forum - 129 - Chillout','\'DEF CON Kids Meetup\'','\' \'','SOC_a2e4647e847d682c2b2b9b1fdcfd7141','\'Title: DEF CON Kids Meetup
\nWhen: Thursday, Aug 10, 14:00 - 15:59 PDT
\nWhere: Caesars Forum - Forum - 129 - Chillout - Map
\n
\nDescription:
\nCome meet with other like minded kids and get ready for a weekend of hacking all the things!\n
\n\n\'',NULL,366519),('1_Thursday','15','14:00','15:59','Y','SOC','Caesars Forum - Forum - 129 - Chillout','\'DEF CON Kids Meetup\'','\' \'','SOC_a2e4647e847d682c2b2b9b1fdcfd7141','\'\'',NULL,366520),('2_Friday','20','20:00','21:59','N','SOC','Caesars Forum - Forum - 114','\'Hacker Flairgrounds\'','\' \'','SOC_5d514340804c4d0153f079f508cf0205','\'Title: Hacker Flairgrounds
\nWhen: Friday, Aug 11, 20:00 - 21:59 PDT
\nWhere: Caesars Forum - Forum - 114 - Map
\n
\nDescription:
\nAre you a flaming badge builder or just LED curious? Then you don\'t want to miss Hacker Flairgrounds, the ultimate gathering of hackers and blinking LEDs in Vegas. It\'s the place to be for badge folk, hardware hackers and makers who love the flashier side of DEF CON. Everyone is welcome. Show us your analog badge addons and flipper hacks! Come get inspired by the dazzling displays of creativity and skill.\n
\n\n\'',NULL,366521),('2_Friday','21','20:00','21:59','Y','SOC','Caesars Forum - Forum - 114','\'Hacker Flairgrounds\'','\' \'','SOC_5d514340804c4d0153f079f508cf0205','\'\'',NULL,366522),('2_Friday','20','20:00','20:59','N','SOC','Harrah\'s - Elko-Ely - Chillout Lounge','\'Lawyers Meet\'','\' \'','SOC_b6976702ac3b2a646e2fce680333af3d','\'Title: Lawyers Meet
\nWhen: Friday, Aug 11, 20:00 - 20:59 PDT
\nWhere: Harrah\'s - Elko-Ely - Chillout Lounge - Map
\n
\nDescription:
\nIf you’re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join Jeff McNamara for a friendly get-together, drinks, and conversation.\n
\n\n\'',NULL,366523),('1_Thursday','16','16:00','17:59','N','SOC','Caesars Forum - Forum - 129 - Chillout','\'Queercon Mixers\'','\' \'','SOC_bbfe3b6fd55b9b923a4fb296494982f6','\'Title: Queercon Mixers
\nWhen: Thursday, Aug 10, 16:00 - 17:59 PDT
\nWhere: Caesars Forum - Forum - 129 - Chillout - Map
\n
\nDescription:
\nA great way to meet other like-minded folk in this safe and inclusive environment. An informal meet-up of the lgbtqia+ community to network and unwind.\n
\n\n\'',NULL,366524),('1_Thursday','17','16:00','17:59','Y','SOC','Caesars Forum - Forum - 129 - Chillout','\'Queercon Mixers\'','\' \'','SOC_bbfe3b6fd55b9b923a4fb296494982f6','\'\'',NULL,366525),('3_Saturday','16','16:00','17:59','N','SOC','Caesars Forum - Forum - 129 - Chillout','\'Queercon Mixers\'','\' \'','SOC_058e12dc59af02a047d59972079809df','\'Title: Queercon Mixers
\nWhen: Saturday, Aug 12, 16:00 - 17:59 PDT
\nWhere: Caesars Forum - Forum - 129 - Chillout - Map
\n
\nDescription:
\nA great way to meet other like-minded folk in this safe and inclusive environment. An informal meet-up of the lgbtqia+ community to network and unwind.\n
\n\n\'',NULL,366526),('3_Saturday','17','16:00','17:59','Y','SOC','Caesars Forum - Forum - 129 - Chillout','\'Queercon Mixers\'','\' \'','SOC_058e12dc59af02a047d59972079809df','\'\'',NULL,366527),('2_Friday','16','16:00','17:59','N','SOC','Caesars Forum - Forum - 129 - Chillout','\'Queercon Mixers\'','\' \'','SOC_9a3cdc64a6c6c93081b0ea291cb64b68','\'Title: Queercon Mixers
\nWhen: Friday, Aug 11, 16:00 - 17:59 PDT
\nWhere: Caesars Forum - Forum - 129 - Chillout - Map
\n
\nDescription:
\nA great way to meet other like-minded folk in this safe and inclusive environment. An informal meet-up of the lgbtqia+ community to network and unwind.\n
\n\n\'',NULL,366528),('2_Friday','17','16:00','17:59','Y','SOC','Caesars Forum - Forum - 129 - Chillout','\'Queercon Mixers\'','\' \'','SOC_9a3cdc64a6c6c93081b0ea291cb64b68','\'\'',NULL,366529),('4_Sunday','12','12:00','13:59','N','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_3f35f801dfce6e0287509a1aaf71b255','\'Title: DCG Meetups
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Harrah\'s - Silver - DEF CON Groups - Map
\n
\nDescription:No Description available
\n\'',NULL,366530),('4_Sunday','13','12:00','13:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_3f35f801dfce6e0287509a1aaf71b255','\'\'',NULL,366531),('3_Saturday','10','10:00','17:59','N','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_b05f90c6145dcab3271a24dc6af0b9c7','\'Title: DCG Meetups
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Harrah\'s - Silver - DEF CON Groups - Map
\n
\nDescription:No Description available
\n\'',NULL,366532),('3_Saturday','11','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_b05f90c6145dcab3271a24dc6af0b9c7','\'\'',NULL,366533),('3_Saturday','12','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_b05f90c6145dcab3271a24dc6af0b9c7','\'\'',NULL,366534),('3_Saturday','13','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_b05f90c6145dcab3271a24dc6af0b9c7','\'\'',NULL,366535),('3_Saturday','14','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_b05f90c6145dcab3271a24dc6af0b9c7','\'\'',NULL,366536),('3_Saturday','15','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_b05f90c6145dcab3271a24dc6af0b9c7','\'\'',NULL,366537),('3_Saturday','16','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_b05f90c6145dcab3271a24dc6af0b9c7','\'\'',NULL,366538),('3_Saturday','17','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_b05f90c6145dcab3271a24dc6af0b9c7','\'\'',NULL,366539),('2_Friday','10','10:00','17:59','N','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_0e10458d272e092da51715dceca9f83c','\'Title: DCG Meetups
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Harrah\'s - Silver - DEF CON Groups - Map
\n
\nDescription:No Description available
\n\'',NULL,366540),('2_Friday','11','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_0e10458d272e092da51715dceca9f83c','\'\'',NULL,366541),('2_Friday','12','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_0e10458d272e092da51715dceca9f83c','\'\'',NULL,366542),('2_Friday','13','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_0e10458d272e092da51715dceca9f83c','\'\'',NULL,366543),('2_Friday','14','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_0e10458d272e092da51715dceca9f83c','\'\'',NULL,366544),('2_Friday','15','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_0e10458d272e092da51715dceca9f83c','\'\'',NULL,366545),('2_Friday','16','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_0e10458d272e092da51715dceca9f83c','\'\'',NULL,366546),('2_Friday','17','10:00','17:59','Y','SOC','Harrah\'s - Silver - DEF CON Groups','\'DCG Meetups\'','\'\'','SOC_0e10458d272e092da51715dceca9f83c','\'\'',NULL,366547),('1_Thursday','17','17:00','17:59','N','SOC','Harrah\'s - Studio 1 - Friends of Bill W','\'Friends of Bill W\'','\' \'','SOC_835883314612c6bc08bf44f1c21b8b7e','\'Title: Friends of Bill W
\nWhen: Thursday, Aug 10, 17:00 - 17:59 PDT
\nWhere: Harrah\'s - Studio 1 - Friends of Bill W - Map
\n
\nDescription:
\nThursday
\n12:00-13:00
\n17:00-18:00\n

Friday
\n12:00-13:00
\n17:00-18:00\n

Saturday
\n12:00-13:00
\n17:00-18:00\n

Sunday
\n12:00 -13:00\n

\n\n\'',NULL,366548),('1_Thursday','12','12:00','12:59','N','SOC','Harrah\'s - Studio 1 - Friends of Bill W','\'Friends of Bill W\'','\' \'','SOC_829c9315836fa7c3c92d806961c8cc92','\'Title: Friends of Bill W
\nWhen: Thursday, Aug 10, 12:00 - 12:59 PDT
\nWhere: Harrah\'s - Studio 1 - Friends of Bill W - Map
\n
\nDescription:
\nThursday
\n12:00-13:00
\n17:00-18:00\n

Friday
\n12:00-13:00
\n17:00-18:00\n

Saturday
\n12:00-13:00
\n17:00-18:00\n

Sunday
\n12:00 -13:00\n

\n\n\'',NULL,366549),('2_Friday','12','12:00','12:59','N','SOC','Harrah\'s - Studio 1 - Friends of Bill W','\'Friends of Bill W\'','\' \'','SOC_3d5bf7a126a98e08dde05f07d5bbeed9','\'Title: Friends of Bill W
\nWhen: Friday, Aug 11, 12:00 - 12:59 PDT
\nWhere: Harrah\'s - Studio 1 - Friends of Bill W - Map
\n
\nDescription:
\nThursday
\n12:00-13:00
\n17:00-18:00\n

Friday
\n12:00-13:00
\n17:00-18:00\n

Saturday
\n12:00-13:00
\n17:00-18:00\n

Sunday
\n12:00 -13:00\n

\n\n\'',NULL,366550),('3_Saturday','12','12:00','12:59','N','SOC','Harrah\'s - Studio 1 - Friends of Bill W','\'Friends of Bill W\'','\' \'','SOC_83eef49919ee5376ae8fc19aa9d10bca','\'Title: Friends of Bill W
\nWhen: Saturday, Aug 12, 12:00 - 12:59 PDT
\nWhere: Harrah\'s - Studio 1 - Friends of Bill W - Map
\n
\nDescription:
\nThursday
\n12:00-13:00
\n17:00-18:00\n

Friday
\n12:00-13:00
\n17:00-18:00\n

Saturday
\n12:00-13:00
\n17:00-18:00\n

Sunday
\n12:00 -13:00\n

\n\n\'',NULL,366551),('2_Friday','17','17:00','17:59','N','SOC','Harrah\'s - Studio 1 - Friends of Bill W','\'Friends of Bill W\'','\' \'','SOC_594509a06444709533e4d34aa9e8747e','\'Title: Friends of Bill W
\nWhen: Friday, Aug 11, 17:00 - 17:59 PDT
\nWhere: Harrah\'s - Studio 1 - Friends of Bill W - Map
\n
\nDescription:
\nThursday
\n12:00-13:00
\n17:00-18:00\n

Friday
\n12:00-13:00
\n17:00-18:00\n

Saturday
\n12:00-13:00
\n17:00-18:00\n

Sunday
\n12:00 -13:00\n

\n\n\'',NULL,366552),('4_Sunday','12','12:00','12:59','N','SOC','Harrah\'s - Studio 1 - Friends of Bill W','\'Friends of Bill W\'','\' \'','SOC_b416a32c39a551f5a410d80a80ce3557','\'Title: Friends of Bill W
\nWhen: Sunday, Aug 13, 12:00 - 12:59 PDT
\nWhere: Harrah\'s - Studio 1 - Friends of Bill W - Map
\n
\nDescription:
\nThursday
\n12:00-13:00
\n17:00-18:00\n

Friday
\n12:00-13:00
\n17:00-18:00\n

Saturday
\n12:00-13:00
\n17:00-18:00\n

Sunday
\n12:00 -13:00\n

\n\n\'',NULL,366553),('3_Saturday','17','17:00','17:59','N','SOC','Harrah\'s - Studio 1 - Friends of Bill W','\'Friends of Bill W\'','\' \'','SOC_39918b24b07066c2d05fc29286ff45ea','\'Title: Friends of Bill W
\nWhen: Saturday, Aug 12, 17:00 - 17:59 PDT
\nWhere: Harrah\'s - Studio 1 - Friends of Bill W - Map
\n
\nDescription:
\nThursday
\n12:00-13:00
\n17:00-18:00\n

Friday
\n12:00-13:00
\n17:00-18:00\n

Saturday
\n12:00-13:00
\n17:00-18:00\n

Sunday
\n12:00 -13:00\n

\n\n\'',NULL,366554),('2_Friday','10','10:00','17:59','N','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70','\'Title: Hacker Memorial
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Harrah\'s - Copper - Memorial Room - Map
\n
\nDescription:
\nA place to remember hackers that are no longer with us. Come to share stories and celebrate their life.\n

Please send photos of our fallen hacker comrades to [defconmemorial@protonmail.com](mailto:defconmemorial@protonmail.com), to be printed and displayed on the memorial wall here at DEF CON.\n

\n\n\'',NULL,366555),('2_Friday','11','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70','\'\'',NULL,366556),('2_Friday','12','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70','\'\'',NULL,366557),('2_Friday','13','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70','\'\'',NULL,366558),('2_Friday','14','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70','\'\'',NULL,366559),('2_Friday','15','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70','\'\'',NULL,366560),('2_Friday','16','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70','\'\'',NULL,366561),('2_Friday','17','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70','\'\'',NULL,366562),('3_Saturday','10','10:00','17:59','N','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3','\'Title: Hacker Memorial
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Harrah\'s - Copper - Memorial Room - Map
\n
\nDescription:
\nA place to remember hackers that are no longer with us. Come to share stories and celebrate their life.\n

Please send photos of our fallen hacker comrades to [defconmemorial@protonmail.com](mailto:defconmemorial@protonmail.com), to be printed and displayed on the memorial wall here at DEF CON.\n

\n\n\'',NULL,366563),('3_Saturday','11','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3','\'\'',NULL,366564),('3_Saturday','12','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3','\'\'',NULL,366565),('3_Saturday','13','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3','\'\'',NULL,366566),('3_Saturday','14','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3','\'\'',NULL,366567),('3_Saturday','15','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3','\'\'',NULL,366568),('3_Saturday','16','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3','\'\'',NULL,366569),('3_Saturday','17','10:00','17:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3','\'\'',NULL,366570),('4_Sunday','12','12:00','13:59','N','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_58ad942d4e010a5a8a4c5536a2f19a31','\'Title: Hacker Memorial
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Harrah\'s - Copper - Memorial Room - Map
\n
\nDescription:
\nA place to remember hackers that are no longer with us. Come to share stories and celebrate their life.\n

Please send photos of our fallen hacker comrades to [defconmemorial@protonmail.com](mailto:defconmemorial@protonmail.com), to be printed and displayed on the memorial wall here at DEF CON.\n

\n\n\'',NULL,366571),('4_Sunday','13','12:00','13:59','Y','SOC','Harrah\'s - Copper - Memorial Room','\'Hacker Memorial\'','\' \'','SOC_58ad942d4e010a5a8a4c5536a2f19a31','\'\'',NULL,366572),('4_Sunday','12','12:00','13:59','N','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_a3289d6d78369f4bd4b28139da6ddb5f','\'Title: HDA Community Meetups
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Harrah\'s - Studio 2-4 - HDA Community - Map
\n
\nDescription:No Description available
\n\'',NULL,366573),('4_Sunday','13','12:00','13:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_a3289d6d78369f4bd4b28139da6ddb5f','\'\'',NULL,366574),('3_Saturday','12','12:00','17:59','N','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d8d8f2baed8ebb991f9d391f8a11beed','\'Title: HDA Community Meetups
\nWhen: Saturday, Aug 12, 12:00 - 17:59 PDT
\nWhere: Harrah\'s - Studio 2-4 - HDA Community - Map
\n
\nDescription:No Description available
\n\'',NULL,366575),('3_Saturday','13','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d8d8f2baed8ebb991f9d391f8a11beed','\'\'',NULL,366576),('3_Saturday','14','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d8d8f2baed8ebb991f9d391f8a11beed','\'\'',NULL,366577),('3_Saturday','15','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d8d8f2baed8ebb991f9d391f8a11beed','\'\'',NULL,366578),('3_Saturday','16','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d8d8f2baed8ebb991f9d391f8a11beed','\'\'',NULL,366579),('3_Saturday','17','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d8d8f2baed8ebb991f9d391f8a11beed','\'\'',NULL,366580),('2_Friday','12','12:00','17:59','N','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d12120378cd617d8546af75ab8a748b7','\'Title: HDA Community Meetups
\nWhen: Friday, Aug 11, 12:00 - 17:59 PDT
\nWhere: Harrah\'s - Studio 2-4 - HDA Community - Map
\n
\nDescription:No Description available
\n\'',NULL,366581),('2_Friday','13','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d12120378cd617d8546af75ab8a748b7','\'\'',NULL,366582),('2_Friday','14','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d12120378cd617d8546af75ab8a748b7','\'\'',NULL,366583),('2_Friday','15','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d12120378cd617d8546af75ab8a748b7','\'\'',NULL,366584),('2_Friday','16','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d12120378cd617d8546af75ab8a748b7','\'\'',NULL,366585),('2_Friday','17','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA Community Meetups\'','\'\'','SOC_d12120378cd617d8546af75ab8a748b7','\'\'',NULL,366586),('3_Saturday','12','12:00','17:59','N','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_26d988f2cf9be290f3e8bc74b205c5ce','\'Title: Lonely Hackers Club Meetup
\nWhen: Saturday, Aug 12, 12:00 - 17:59 PDT
\nWhere: Harrah\'s - Laughlin - Lonely Hackers Club - Map
\n
\nDescription:
\nThe LHC, established on Telegram years ago, serves as a warm and inclusive hub for newcomers heading to DefCon for the first time. With over 600 members worldwide, our community has expanded significantly. This year, we\'re thrilled to provide a space that fosters connections, sharing, and giving back to the DefCon community. Whether you need a resume review, career coaching, or want to participate in sticker & badge trading, we have you covered. And don\'t miss the exciting \'Name That Noob\' event, where our seasoned hackers will help you craft a one-of-a-kind hacker handle. Embrace the welcoming atmosphere and join us for an unforgettable DefCon experience!\n

Resume reviews & Career Advice 12pm - 2pm \nBadgelife / Sticker swap 2-5pm
\nName That Noob 5-6pm\n

\n\n\'',NULL,366587),('3_Saturday','13','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_26d988f2cf9be290f3e8bc74b205c5ce','\'\'',NULL,366588),('3_Saturday','14','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_26d988f2cf9be290f3e8bc74b205c5ce','\'\'',NULL,366589),('3_Saturday','15','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_26d988f2cf9be290f3e8bc74b205c5ce','\'\'',NULL,366590),('3_Saturday','16','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_26d988f2cf9be290f3e8bc74b205c5ce','\'\'',NULL,366591),('3_Saturday','17','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_26d988f2cf9be290f3e8bc74b205c5ce','\'\'',NULL,366592),('2_Friday','12','12:00','17:59','N','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_130a172b9012fc0b78e769ade9643cdf','\'Title: Lonely Hackers Club Meetup
\nWhen: Friday, Aug 11, 12:00 - 17:59 PDT
\nWhere: Harrah\'s - Laughlin - Lonely Hackers Club - Map
\n
\nDescription:
\nThe LHC, established on Telegram years ago, serves as a warm and inclusive hub for newcomers heading to DefCon for the first time. With over 600 members worldwide, our community has expanded significantly. This year, we\'re thrilled to provide a space that fosters connections, sharing, and giving back to the DefCon community. Whether you need a resume review, career coaching, or want to participate in sticker & badge trading, we have you covered. And don\'t miss the exciting \'Name That Noob\' event, where our seasoned hackers will help you craft a one-of-a-kind hacker handle. Embrace the welcoming atmosphere and join us for an unforgettable DefCon experience!\n

Resume reviews & Career Advice 12pm - 2pm \nBadgelife / Sticker swap 2-5pm
\nName That Noob 5-6pm\n

\n\n\'',NULL,366593),('2_Friday','13','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_130a172b9012fc0b78e769ade9643cdf','\'\'',NULL,366594),('2_Friday','14','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_130a172b9012fc0b78e769ade9643cdf','\'\'',NULL,366595),('2_Friday','15','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_130a172b9012fc0b78e769ade9643cdf','\'\'',NULL,366596),('2_Friday','16','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_130a172b9012fc0b78e769ade9643cdf','\'\'',NULL,366597),('2_Friday','17','12:00','17:59','Y','SOC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club Meetup\'','\' \'','SOC_130a172b9012fc0b78e769ade9643cdf','\'\'',NULL,366598),('2_Friday','12','12:00','13:59','N','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Resume Reviews & Career Advice\'','\'\'','DC_965e332c2bc463daf6b8dedf0ba68d78','\'Title: Lonely Hackers Club - Resume Reviews & Career Advice
\nWhen: Friday, Aug 11, 12:00 - 13:59 PDT
\nWhere: Harrah\'s - Laughlin - Lonely Hackers Club - Map
\n
\nDescription:No Description available
\n\'',NULL,366599),('2_Friday','13','12:00','13:59','Y','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Resume Reviews & Career Advice\'','\'\'','DC_965e332c2bc463daf6b8dedf0ba68d78','\'\'',NULL,366600),('3_Saturday','12','12:00','13:59','N','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Resume Reviews & Career Advice\'','\'\'','DC_c998a3afc93759e62089bedfba2b3b3a','\'Title: Lonely Hackers Club - Resume Reviews & Career Advice
\nWhen: Saturday, Aug 12, 12:00 - 13:59 PDT
\nWhere: Harrah\'s - Laughlin - Lonely Hackers Club - Map
\n
\nDescription:No Description available
\n\'',NULL,366601),('3_Saturday','13','12:00','13:59','Y','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Resume Reviews & Career Advice\'','\'\'','DC_c998a3afc93759e62089bedfba2b3b3a','\'\'',NULL,366602),('2_Friday','14','14:00','16:59','N','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Badgelife & Sticker Swap\'','\'\'','DC_d34d07313c75fc4e2c87d21723348215','\'Title: Lonely Hackers Club - Badgelife & Sticker Swap
\nWhen: Friday, Aug 11, 14:00 - 16:59 PDT
\nWhere: Harrah\'s - Laughlin - Lonely Hackers Club - Map
\n
\nDescription:No Description available
\n\'',NULL,366603),('2_Friday','15','14:00','16:59','Y','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Badgelife & Sticker Swap\'','\'\'','DC_d34d07313c75fc4e2c87d21723348215','\'\'',NULL,366604),('2_Friday','16','14:00','16:59','Y','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Badgelife & Sticker Swap\'','\'\'','DC_d34d07313c75fc4e2c87d21723348215','\'\'',NULL,366605),('3_Saturday','14','14:00','16:59','N','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Badgelife & Sticker Swap\'','\'\'','DC_20e9cb2cf9c269dfc0dccf9387135543','\'Title: Lonely Hackers Club - Badgelife & Sticker Swap
\nWhen: Saturday, Aug 12, 14:00 - 16:59 PDT
\nWhere: Harrah\'s - Laughlin - Lonely Hackers Club - Map
\n
\nDescription:No Description available
\n\'',NULL,366606),('3_Saturday','15','14:00','16:59','Y','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Badgelife & Sticker Swap\'','\'\'','DC_20e9cb2cf9c269dfc0dccf9387135543','\'\'',NULL,366607),('3_Saturday','16','14:00','16:59','Y','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Badgelife & Sticker Swap\'','\'\'','DC_20e9cb2cf9c269dfc0dccf9387135543','\'\'',NULL,366608),('3_Saturday','17','17:00','17:59','N','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Name That Noob\'','\'\'','DC_6eebd680f2f74a142d548003fcc9647b','\'Title: Lonely Hackers Club - Name That Noob
\nWhen: Saturday, Aug 12, 17:00 - 17:59 PDT
\nWhere: Harrah\'s - Laughlin - Lonely Hackers Club - Map
\n
\nDescription:No Description available
\n\'',NULL,366609),('2_Friday','17','17:00','17:59','N','DC','Harrah\'s - Laughlin - Lonely Hackers Club','\'Lonely Hackers Club - Name That Noob\'','\'\'','DC_1d90ce08257fa6588a4e1bdfc2aae66d','\'Title: Lonely Hackers Club - Name That Noob
\nWhen: Friday, Aug 11, 17:00 - 17:59 PDT
\nWhere: Harrah\'s - Laughlin - Lonely Hackers Club - Map
\n
\nDescription:No Description available
\n\'',NULL,366610),('1_Thursday','10','10:00','11:59','N','MISC','Virtual','\'CMD+CTRL at DEF CON 31 - Free Play\'','\' \'','MISC_ea22cf4b725885f57205372a0fceef0c','\'Title: CMD+CTRL at DEF CON 31 - Free Play
\nWhen: Thursday, Aug 10, 10:00 - 11:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nCMD+CTRL Cyber Range is an interactive learning and hacking platform where development, security, IT, and other roles come together to build an appreciation for protecting the enterprise. Players learn security techniques in a real-world environment where they compete to find vulnerabilities. Real-time scoring keeps participants engaged and creates friendly competition. Our Cloud and App Cyber Ranges incorporate authentic, fully functioning applications and vulnerabilities often found in commercial web platforms.\n

Learn to see web applications and services from an attacker\'s perspective. CMD+CTRL is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you\'ll have a better understanding of the vulnerabilities that put real applications at risk - and you\'ll be better prepared to find and fix those vulnerabilities in your own code.\n

At DEF CON 31: We will be debuting our latest Cyber Range, which focuses on exploiting a modern health record management system, dubbed ShadowHealth. Inspired by the latest trends and real world exploits, try your hands exploiting: SSRF, Log4Shell, reverse engineering, local privilege escalation, password cracking, XXS, and so much more! With over 35 challenges do you think you can complete them all?\n

\n

CMD+CTRL will have two different games happening: free play, and the competition. Both require a code to join, and the best way to get a code is to go to the CMD+CTRL booth in the contest area. Codes to join free play will be given in Discord, on Thursday. Once you have a code, you can play online, from anywhere -- you do not have to be in the contest area.\n

For free play specifically:\n

We will utilize our contest channel on Discord: [ce-cmd-ctrl-cyberrange-text](https://discord.com/channels/708208267699945503/711643642388807800)\nCMD+CTRL Cyber Range Free Play, Thur 10:00 AM PT - Sun 12:00 PM PT\n

We will broadcast sign up instructions within this channel once Free Play beings.\n

\n\'',NULL,366611),('1_Thursday','11','10:00','11:59','Y','MISC','Virtual','\'CMD+CTRL at DEF CON 31 - Free Play\'','\' \'','MISC_ea22cf4b725885f57205372a0fceef0c','\'\'',NULL,366612),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659','\'Title: CMD+CTRL at DEF CON 31 - Booth Open
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nCMD+CTRL Cyber Range is an interactive learning and hacking platform where development, security, IT, and other roles come together to build an appreciation for protecting the enterprise. Players learn security techniques in a real-world environment where they compete to find vulnerabilities. Real-time scoring keeps participants engaged and creates friendly competition. Our Cloud and App Cyber Ranges incorporate authentic, fully functioning applications and vulnerabilities often found in commercial web platforms.\n

Learn to see web applications and services from an attacker\'s perspective. CMD+CTRL is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you\'ll have a better understanding of the vulnerabilities that put real applications at risk - and you\'ll be better prepared to find and fix those vulnerabilities in your own code.\n

At DEF CON 31: We will be debuting our latest Cyber Range, which focuses on exploiting a modern health record management system, dubbed ShadowHealth. Inspired by the latest trends and real world exploits, try your hands exploiting: SSRF, Log4Shell, reverse engineering, local privilege escalation, password cracking, XXS, and so much more! With over 35 challenges do you think you can complete them all?\n

\n

CMD+CTRL will have two different games happening: free play, and the competition. Both require a code to join, and the best way to get a code is to go to the CMD+CTRL booth in the contest area. Codes to join free play may be given in Discord, on Thursday. Questions and such will also only be answered at the booth; Discord will not be staffed this year, aside from free play codes on Thursday. Once you have a code, you can play online, from anywhere -- you do not have to be in the contest area.\n

\n\n\'',NULL,366613),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659','\'\'',NULL,366614),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659','\'\'',NULL,366615),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659','\'\'',NULL,366616),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659','\'\'',NULL,366617),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659','\'\'',NULL,366618),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659','\'\'',NULL,366619),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659','\'\'',NULL,366620),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5','\'Title: CMD+CTRL at DEF CON 31 - Booth Open
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nCMD+CTRL Cyber Range is an interactive learning and hacking platform where development, security, IT, and other roles come together to build an appreciation for protecting the enterprise. Players learn security techniques in a real-world environment where they compete to find vulnerabilities. Real-time scoring keeps participants engaged and creates friendly competition. Our Cloud and App Cyber Ranges incorporate authentic, fully functioning applications and vulnerabilities often found in commercial web platforms.\n

Learn to see web applications and services from an attacker\'s perspective. CMD+CTRL is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you\'ll have a better understanding of the vulnerabilities that put real applications at risk - and you\'ll be better prepared to find and fix those vulnerabilities in your own code.\n

At DEF CON 31: We will be debuting our latest Cyber Range, which focuses on exploiting a modern health record management system, dubbed ShadowHealth. Inspired by the latest trends and real world exploits, try your hands exploiting: SSRF, Log4Shell, reverse engineering, local privilege escalation, password cracking, XXS, and so much more! With over 35 challenges do you think you can complete them all?\n

\n

CMD+CTRL will have two different games happening: free play, and the competition. Both require a code to join, and the best way to get a code is to go to the CMD+CTRL booth in the contest area. Codes to join free play may be given in Discord, on Thursday. Questions and such will also only be answered at the booth; Discord will not be staffed this year, aside from free play codes on Thursday. Once you have a code, you can play online, from anywhere -- you do not have to be in the contest area.\n

\n\n\'',NULL,366621),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5','\'\'',NULL,366622),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5','\'\'',NULL,366623),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5','\'\'',NULL,366624),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5','\'\'',NULL,366625),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5','\'\'',NULL,366626),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5','\'\'',NULL,366627),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5','\'\'',NULL,366628),('4_Sunday','10','10:00','11:59','N','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_d0a75954efe6e1480801a660c09261d7','\'Title: CMD+CTRL at DEF CON 31 - Booth Open
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nCMD+CTRL Cyber Range is an interactive learning and hacking platform where development, security, IT, and other roles come together to build an appreciation for protecting the enterprise. Players learn security techniques in a real-world environment where they compete to find vulnerabilities. Real-time scoring keeps participants engaged and creates friendly competition. Our Cloud and App Cyber Ranges incorporate authentic, fully functioning applications and vulnerabilities often found in commercial web platforms.\n

Learn to see web applications and services from an attacker\'s perspective. CMD+CTRL is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you\'ll have a better understanding of the vulnerabilities that put real applications at risk - and you\'ll be better prepared to find and fix those vulnerabilities in your own code.\n

At DEF CON 31: We will be debuting our latest Cyber Range, which focuses on exploiting a modern health record management system, dubbed ShadowHealth. Inspired by the latest trends and real world exploits, try your hands exploiting: SSRF, Log4Shell, reverse engineering, local privilege escalation, password cracking, XXS, and so much more! With over 35 challenges do you think you can complete them all?\n

\n

CMD+CTRL will have two different games happening: free play, and the competition. Both require a code to join, and the best way to get a code is to go to the CMD+CTRL booth in the contest area. Codes to join free play may be given in Discord, on Thursday. Questions and such will also only be answered at the booth; Discord will not be staffed this year, aside from free play codes on Thursday. Once you have a code, you can play online, from anywhere -- you do not have to be in the contest area.\n

\n\n\'',NULL,366629),('4_Sunday','11','10:00','11:59','Y','CON','Caesars Forum - Summit - Contest Area','\'CMD+CTRL at DEF CON 31 - Booth Open\'','\' \'','CON_d0a75954efe6e1480801a660c09261d7','\'\'',NULL,366630),('3_Saturday','14','14:00','15:59','N','CON','Caesars Forum - Summit - Contest Area','\'DEF CON 31 Beard and Mustache Contest\'','\' \'','CON_e9e2814e285974f78daa161746713008','\'Title: DEF CON 31 Beard and Mustache Contest
\nWhen: Saturday, Aug 12, 14:00 - 15:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nHeld every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.\n \n

For 2023 there will be three categories for the competition:\n

\n\n\'',NULL,366631),('3_Saturday','15','14:00','15:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DEF CON 31 Beard and Mustache Contest\'','\' \'','CON_e9e2814e285974f78daa161746713008','\'\'',NULL,366632),('2_Friday','11','11:00','11:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Bryson Payne, Go H*ck Yourself\'','\'\'','MISC_548e6a2a3d66486d0d3920961d6b5cdf','\'Title: No Starch Press - Book Signing - Bryson Payne, Go H*ck Yourself
\nWhen: Friday, Aug 11, 11:00 - 11:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366633),('2_Friday','12','12:00','12:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Joe Gray, Practical Social Engineering\'','\'\'','MISC_225909e22e6661ca3e380fab61bf6b16','\'Title: No Starch Press - Book Signing - Joe Gray, Practical Social Engineering
\nWhen: Friday, Aug 11, 12:00 - 12:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366634),('2_Friday','13','13:00','13:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Craig Smith, The Car Hacker\'s Handbook\'','\'\'','MISC_d1719f7584d0913ab3ad93af189ab5e9','\'Title: No Starch Press - Book Signing - Craig Smith, The Car Hacker\'s Handbook
\nWhen: Friday, Aug 11, 13:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366635),('2_Friday','14','14:00','14:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Travis Goodspeed, PoC or GTFO Volume 1, 2, & 3\'','\'\'','MISC_a4aba49bf4eea55a3623975a30f8b731','\'Title: No Starch Press - Book Signing - Travis Goodspeed, PoC or GTFO Volume 1, 2, & 3
\nWhen: Friday, Aug 11, 14:00 - 14:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366636),('2_Friday','15','15:00','15:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Nick Aleks & Dolev Farhi, Black Hat GraphQL\'','\'\'','MISC_7a93cb01773a17cb4af4b1b9f419c033','\'Title: No Starch Press - Book Signing - Nick Aleks & Dolev Farhi, Black Hat GraphQL
\nWhen: Friday, Aug 11, 15:00 - 15:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366637),('2_Friday','16','16:00','16:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Bradly Smith, DevOps for the Desperate\'','\'\'','MISC_05c970c408b1f58aa54fa8c44965f88e','\'Title: No Starch Press - Book Signing - Bradly Smith, DevOps for the Desperate
\nWhen: Friday, Aug 11, 16:00 - 16:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366638),('3_Saturday','11','11:00','11:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Patrick Wardle, The Art of Mac Malware\'','\'\'','MISC_b85ba9bce65983d6593073b6bd0dcb83','\'Title: No Starch Press - Book Signing - Patrick Wardle, The Art of Mac Malware
\nWhen: Saturday, Aug 12, 11:00 - 11:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366639),('3_Saturday','12','12:00','12:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Daniel Reilly, Math for Security\'','\'\'','MISC_feb98d935c6ba635124b32955c3cfa9c','\'Title: No Starch Press - Book Signing - Daniel Reilly, Math for Security
\nWhen: Saturday, Aug 12, 12:00 - 12:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366640),('3_Saturday','13','13:00','13:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Jos Weyers, Matt Burrough & BandEAtoZ, Locksport\'','\'\'','MISC_82906a67a7dcd5da8924860bcd10e646','\'Title: No Starch Press - Book Signing - Jos Weyers, Matt Burrough & BandEAtoZ, Locksport
\nWhen: Saturday, Aug 12, 13:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366641),('3_Saturday','14','14:00','14:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Micah Lee, Hacks, Leaks and Revelations\'','\'\'','MISC_b66f0d4382876f9d0de593b7edcbec03','\'Title: No Starch Press - Book Signing - Micah Lee, Hacks, Leaks and Revelations
\nWhen: Saturday, Aug 12, 14:00 - 14:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366642),('3_Saturday','15','15:00','15:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Jon DiMaggio, The Art of Cyberwarfare\'','\'\'','MISC_a184da7898079da3954f01acc6653eaa','\'Title: No Starch Press - Book Signing - Jon DiMaggio, The Art of Cyberwarfare
\nWhen: Saturday, Aug 12, 15:00 - 15:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366643),('3_Saturday','16','16:00','16:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Fotios Chantzis, Paulino Calderon, & Beau Woods, Practical IoT Hacking\'','\'\'','MISC_e7b6c416ff4f7ae37c925e4f84ab416a','\'Title: No Starch Press - Book Signing - Fotios Chantzis, Paulino Calderon, & Beau Woods, Practical IoT Hacking
\nWhen: Saturday, Aug 12, 16:00 - 16:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:No Description available
\n\'',NULL,366644),('2_Friday','10','10:00','10:50','N','PHV','Caesars Forum - Summit - 233 - Shared Stage','\'Pwning the Pwners with Mindware\'','\'Frank \"D9\" DiGiovanni\'','PHV_c2eb31f92f16bf6dacc7ec8af5aaba87','\'Title: Pwning the Pwners with Mindware
\nWhen: Friday, Aug 11, 10:00 - 10:50 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:Frank \"D9\" DiGiovanni\n
\nForty-one years of government service, Frank DiGiovanni is a retired USAF Colonel and DoD Senior Executive Service. Co-Led with the DoD CIO the development of the SecDef\'s DoD Cyber Workforce Strategy. Built from scratch a six-month DoD Cyber Operations training course, repurposed DEFCON\'s CTF and CTP technical architecture to support DoD cyber operations training, and now working advanced cyber R&D projects in private sector. UPENN doctoral dissertation examined what makes hackers extraordinary unique from the average human population.
\n\n
\nDescription:
\nTraditionally the cyber attacker has an asymmetric advantage over the cyber defender. But does it have to be that way? Is it possible for the cyber defender to take an \"offensive stance.\" This talk will show how the emerging science of cyberpsychology and the leveraging of AI can provide the defender with the ability to pwn the most vulnerable component in the cyberattack kill chain, the attack\'s human operator. Leveraging the DoD\'s \"Tularosa Study,\" this talk will cover a theoretical framework for achieving this objective, outline an operational vignette, and then cover some the specifics for such an approach.\n
\n\n\'',NULL,366645),('2_Friday','11','11:00','11:50','N','PHV','Caesars Forum - Summit - 233 - Shared Stage','\'Death by 1000 Likes: How Much Do You Really Leak in Social Media?\'','\'Will Kay\'','PHV_ea4806e8135c8ebfb150eeabd12978ec','\'Title: Death by 1000 Likes: How Much Do You Really Leak in Social Media?
\nWhen: Friday, Aug 11, 11:00 - 11:50 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:Will Kay\n
\nWill works for a private security consultancy in Australia. He is cybersecurity advisor and insider threat consultant. His professional career began many years ago in military intelligence to which he owes his knowledge of traditional targeting methods. The organisation and team he works for today provides security awareness and reinforcement training. His passion is removing the weakness that exists across society to social engineering techniques, and believes a more secure and prosperous future begins with people.
\n\n
\nDescription:
\nAs lonely Aussies attending our first Defcon last year, we were frequently drawn to the hilarity/uniquness of the Wall of Sheep board. One of our group suggested people leaking at the con was super entertaining, but what about throughout the rest of the year? We decided to use the time between DC30 and DC31 scraping the r/defcon subreddit to create the Wall of Sheep - online edition.\n
\n\n\'',NULL,366646),('2_Friday','12','12:00','12:50','N','PHV','Caesars Forum - Summit - 233 - Shared Stage','\'OSINT for Physical Security Intelligence\'','\'Chet Hosmer,Mike Raggo\'','PHV_cc6b4ab7dc2e7d7b01429bff38d4b405','\'Title: OSINT for Physical Security Intelligence
\nWhen: Friday, Aug 11, 12:00 - 12:50 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\nSpeakers:Chet Hosmer,Mike Raggo
\n
SpeakerBio:Chet Hosmer\n
\nChet Hosmer is an international author, educator, researcher, and founder of Python Forensics, Inc., a non-profit research institute focused on the collaborative development of open source investigative technologies using the Python programming language. Chet is also a Visiting Professor at Utica College in the Cybersecurity Graduate Program, where his research and teaching is focused on data hiding, active cyber defense and security of industrial control systems. Additionally, Chet is an Adjunct Professor at Champlain College in the Digital Forensics Graduate Program, where his research and teaching is focused on solving hard digital investigation problems using the Python programming language.
\n
SpeakerBio:Mike Raggo\n
\nMichael T. Raggo has over 30 years of security research experience. During this time, he has uncovered and ethically disclosed vulnerabilities in products including Samsung, Checkpoint, and Netgear. Michael is the author of \"Mobile Data Loss: Threats &Countermeasures\" and \"Data Hiding\" for Syngress Book. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, SANS. He was also awarded the Pentagon\'s Certificate of Appreciation.
\n\n
\nDescription:
\nOrganizations seek rapid intelligence about critical situations that impact their teams, locations, or assets. Yet when it comes to OSINT we find organizations performing Open Source Information gathering; wasting time sifting through data to get to the actionable intelligence. In this presentation we demonstrate how to collect curated data and eliminate 99% of the time spent on reliminary data analysis. Furthermore, all of this data can be combined to perform trending and predictive analysis for natural disasters, geo-political situations, or business risk. The goal is to provide attendees with ideas for formulating new approaches for physical security OSINT.\n
\n\n\'',NULL,366647),('2_Friday','13','13:00','14:59','N','DDV','Caesars Forum - Summit - 233 - Shared Stage','\'What 10 years of drive stats data can tell us\'','\'Andy Klein\'','DDV_768beb5ddee3c2ad3e282000c46fbedc','\'Title: What 10 years of drive stats data can tell us
\nWhen: Friday, Aug 11, 13:00 - 14:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:Andy Klein\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366648),('2_Friday','14','13:00','14:59','Y','DDV','Caesars Forum - Summit - 233 - Shared Stage','\'What 10 years of drive stats data can tell us\'','\'Andy Klein\'','DDV_768beb5ddee3c2ad3e282000c46fbedc','\'\'',NULL,366649),('2_Friday','15','15:00','15:59','N','XRV','Caesars Forum - Summit - 233 - Shared Stage','\'Securing Critical Versions of your Reality\'','\'Bryson Bort,Keenan Skelly,Suzanne Borders\'','XRV_f74b896b25b60095c50cb9fec9148311','\'Title: Securing Critical Versions of your Reality
\nWhen: Friday, Aug 11, 15:00 - 15:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\nSpeakers:Bryson Bort,Keenan Skelly,Suzanne Borders
\n
SpeakerBio:Bryson Bort\n
\nBryson is the Founder of SCYTHE, a start-up building a next-generation threat emulation platform, and GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow at the National Security Institute and Adjunct Senior Technical Advisor for the Institute of Security and Technology. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. He was recognized as one of the Top 50 in Cyber by Business Insider, Security Executive Finalist of the Year by SC Media, and a Tech Titan in Washington, DC.\n

Bryson received his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point. He holds a Master’s Degree in Telecommunications Management from the University of Maryland, a Master’s in Business Administration from the University of Florida, and completed graduate studies in Electrical Engineering and Computer Science at the University of Texas.\n

\nTwitter: @brysonbort
\n
SpeakerBio:Keenan Skelly\n
\nKeenan Skelly is the Founder of XR Village and currently serves as a Senior Policy Advisor in the Executive Office of the President, National Cyber Director. Keenan served in the US Army as an Explosive Ordnance Disposal Tech and worked for DHS in the Office for Infrastructure Protection developing vulnerability assessments for critical infrastructure. She’s been recognized as one of the Top 25 Women in Cybersecurity by CDM, by The Software Report in the Top 25 Women Leaders in Cybersecurity and one of the Top Female Executives by Women World Awards.
\n
SpeakerBio:Suzanne Borders\n
\nSuzanne is the CEO & founder of BadVR, the world\'s first immersive data analytics platform. With her background in psychology, she previously led product and UX design at 2D data analytics companies including Remine, CREXi, and Osurv. A recipient of Magic Leap’s Independent Creator’s Program grant, and an SBIR Phase 1 grant from the National Science Foundation, Suzanne thrives at the intersection of product design, immersive technology, and data.\n

In her spare time, she travels for inspiration (75 countries and counting), and is proud to be a published poet and former punk rocker. Her creative hero is Alejandro Jodorowsky, who has inspired Suzanne to take a completely unique and innovative approach to all of her work. She also has 19 tattoos, and is a big believer in the artistry of technology and the technicality of art.\n

\n\n
\nDescription:
\n“Securing Critical Versions of Your Reality” sponsored by BadVR and in collaboration with the ICS Village, focusing on how XR is working for Critical Infrastructure owners and operators. Featuring CEO of BadVR, Suzanne Borders, XR Village Founder, Keenan Skelly, and Bryson Bort, Founder of SCYTHE and GRIMM, co-Founder of ICS Village.\n
\n\n\'',NULL,366650),('2_Friday','16','16:00','16:40','N','CHV','Caesars Forum - Summit - 233 - Shared Stage','\'Redeploying the Same Vulnerabilities: Exploiting Wireless Side-Channels in Electric Vehicle Charging Protocols\'','\'Richard Baker,Sebastian Kohler\'','CHV_3b8fc0da5606d570c5a7473149fe8e7d','\'Title: Redeploying the Same Vulnerabilities: Exploiting Wireless Side-Channels in Electric Vehicle Charging Protocols
\nWhen: Friday, Aug 11, 16:00 - 16:40 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\nSpeakers:Richard Baker,Sebastian Kohler
\n
SpeakerBio:Richard Baker\n
\nRichard is a researcher in the wireless security industry and visiting academic in the Systems Security Lab, Department of Computer Science, Oxford. He was awarded a DPhil in Cybersecurity from University of Oxford in 2020 and previously an MEng in Computing from Imperial College London in 2010. He is an alumnus of the CDT in Cybersecurity (2014 -- 2019) and a founding member of Oxford Competitive Computer Security Society / Ox002147 CTF team.
\n
SpeakerBio:Sebastian Kohler\n
\nSebastian is a Postdoctoral Research Associate in the Systems Security Lab, Department of Computer Science at the University of Oxford, where he coordinates the research activities in wireless and physical-layer security. His work focuses on the security of various systems, ranging from space and satellite systems to autonomous and electric vehicles. For his work during his PhD, which revealed a serious vulnerability in a widely used electric vehicle charging protocol, he was awarded the EPSRC Doctoral Prize and MPLS Early Career Research Impact Award.
\n\n
\nDescription:
\nThe Combined Charging System (CCS), one of the most widely used DC rapid charging technologies for EVs, is vulnerable to wireless attacks. The charging cable acts as unintentional antenna, leaking the power-line communication (PLC) signals and letting an adversary inject their own with off-the-shelf radio equipment. We show how we can eavesdrop on charging communication, or terminate multiple charging sessions wirelessly. These vulnerabilities have been known for several years, but are still present in CCS standards, while the new North American Charging Standard (NACS) uses the same vulnerable physical layer as well. How do we secure these charging systems now we\'re in so deep?\n
\n\n\'',NULL,366651),('2_Friday','17','17:00','17:40','N','CHV','Caesars Forum - Summit - 233 - Shared Stage','\'How an automotive security researcher had his car stolen via \'CAN Injection\'\'','\'Ian Tabor,Ken Tindell\'','CHV_83c4e277c256f54c8d2c8c89a79a6310','\'Title: How an automotive security researcher had his car stolen via \'CAN Injection\'
\nWhen: Friday, Aug 11, 17:00 - 17:40 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\nSpeakers:Ian Tabor,Ken Tindell
\n
SpeakerBio:Ian Tabor\n
\nIan Tabor is an automotive security consultant that has a passion for car hacking, found vulnerabilities in his own car and private Car bug bounties. Now runs Car Hacking Village UK and is part of the team behind CHV at defcon. Has created #Value-pasta-auto which is an open source \'Car in a case\' and has also created the nano-can pcb and software, which can allow potential car hackers to build a cheap OBD2 (<£20) car hacking device.
\n
SpeakerBio:Ken Tindell\n, CTO at Canis Labs
\nDr. Ken Tindell is the CTO of Canis Labs. He obtained his doctorate in real-time systems from the University of York and has spent many years in the automotive industry, focused on tools and technology for in-vehicle real-time embedded systems. He formulated timing analysis for CAN bus to guarantee frame latencies and invented the three buffer systems for CAN controllers to avoid priority inversion. He has co-founded several automotive startups, including LiveDevices (later acquired by Bosch) and Volcano Communications Technologies (later acquired by Mentor Graphics).
\n\n
\nDescription:
\nThe story of the investigation into the device that I believe was used to steal my 2021 Toyota RAV4 in July 2022 using \'CAN Injection\'\n

There will be low level details on how the CAN bus works, how the \'theft device\' spoofs CAN frames and using a modified transceiver to stop other ECUs communicating. We will also explain the disclosure process and possible fixes. Get the full story in the [blog](https://kentindell.github.io/2023/04/03/can-injection/).\n

\n\n\'',NULL,366652),('3_Saturday','10','10:00','10:25','N','CHV','Caesars Forum - Summit - 233 - Shared Stage','\'VDA Shenanigans: Attacking & Defending the Truck Part that Gets Left Behind\'','\'Alex Reuter,Wyatt Ford\'','CHV_d8e29fa162f00bd77844fa8b7d0ec838','\'Title: VDA Shenanigans: Attacking & Defending the Truck Part that Gets Left Behind
\nWhen: Saturday, Aug 12, 10:00 - 10:25 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\nSpeakers:Alex Reuter,Wyatt Ford
\n
SpeakerBio:Alex Reuter\n, Red Balloon Security
\nAlex Reuter is a security researcher at Red Balloon Security. When he isn\'t hacking low level\ndevices, you can probably find him outside: rock climbing, surfing, hiking, or scheming scenic\nshenanigans.
\n
SpeakerBio:Wyatt Ford\n, Red Balloon Security
\nWyatt Ford is a senior software engineer and engineering manager at Red Balloon Security and\na core maintainer of OFRAK.
\n\n
\nDescription:
\nVehicle Diagnostic Adapters (VDA) do a lot! They plug into automobiles, update ECU firmware,\nand pull diagnostic information. Despite their usefulness and high level of access, they get left\nbehind: in maintenance garages with insecure update mechanisms, in threat models and our\nhearts. In this presentation we will go through some of our own offensive research into VDAs,\nand our efforts in decreasing their attack surfaces. We&#39;ll also share how we turned this research\ninto four problems from the Defcon 30 CHV CTF.\n
\n\n\'',NULL,366653),('3_Saturday','11','11:00','11:40','N','CHV','Caesars Forum - Summit - 233 - Shared Stage','\'Automotive USB Fuzzing: How to fuzzing USB in vehicles to discover the real-world vulnerabilities\'','\'Donghyeon Jeong,Euntae Jang,Jonghyuk Song\'','CHV_fabd3b38a756f57a084bf46a661e1263','\'Title: Automotive USB Fuzzing: How to fuzzing USB in vehicles to discover the real-world vulnerabilities
\nWhen: Saturday, Aug 12, 11:00 - 11:40 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\nSpeakers:Donghyeon Jeong,Euntae Jang,Jonghyuk Song
\n
SpeakerBio:Donghyeon Jeong\n
\nNo BIO available
\n
SpeakerBio:Euntae Jang\n
\nNo BIO available
\n
SpeakerBio:Jonghyuk Song\n
\nJonghyuk Song is a director of Vehicle Threat Research laboratory at AUTOCRYPT. He is an offensive security researcher and, he presented at Defcon30 main talk and Defcon30 CHV. He is also a CTF player (Defcon CTF finalist 2009, 2011, 2017).
\n\n
\nDescription:
\nRecently, automotive industry is performing USB fuzzing in an inefficient way for automobiles. Usually, fuzzing is performed by commercial media fuzzers, but the fuzzers are not directly connected to the vehicle during fuzzing. So, it requires much manual efforts of testers. \n

In this talk, we propose efficient way to perform USB fuzzing to actual vehicles. We describe how to perform USB fuzzing to kernel area fuzzing as well as media fuzzing by directly connecting the fuzzer and the car with a USB cable. By this method, we found real-world vulnerabilities in Volkswagen Jetta, Renault Zoe, GM Chevrolet Equinox, and AGL. \n

\n\n\'',NULL,366654),('3_Saturday','12','12:00','12:59','N','CHV','Caesars Forum - Summit - 233 - Shared Stage','\'Abusing CAN Bus Protocol Specification for Denial of Service in Embedded Systems\'','\'Martin Petran\'','CHV_528f281c4f58ec4dc57a57fcc36f3538','\'Title: Abusing CAN Bus Protocol Specification for Denial of Service in Embedded Systems
\nWhen: Saturday, Aug 12, 12:00 - 12:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:Martin Petran\n
\nMartin is a security engineer working at Accenture in Prague specializing in performing penetration testing of embedded systems. His responsibilities and research areas of interest include but are not limited to reverse engineering, hardware hacking and radio analysis. As an open-source enthusiast, he also developed several open source tools that focus on automation during reverse engineering.
\n\n
\nDescription:
\nThe CAN bus is a traditional communication standard used (not only) in automotive to allow different components to talk to each other over reliable connection. While one of the primary motivators for CAN bus introduction was to reduce the amount of wiring inside vehicles, it became popular for its robustness, flexibility, and ease of implementation for which it is now used in almost every vehicle.As with any other protocol, it is a well-defined standard that enforces all aspects of the communication from the physical media to the message format and its processing. The formal protocol specifications like this are often seen as the source of the absolute truth when working with various transfer protocols. Such specifications are very strict on the format of the messages that belong to the given protocol and thus it is natural that developers that are familiar with it are often relying upon this information when developing their applications.In this talk, we will look at what happens when the attacker decides not to adhere to the protocol specification and uses the available metadata fields within the well-defined message in their own way. Would libraries provided by the device manufacturers handle this situation or is it left to the developer? And could a wrong assumption about the message format lead to a vulnerability?\n
\n\n\'',NULL,366655),('3_Saturday','13','13:00','13:59','N','XRV','Caesars Forum - Summit - 233 - Shared Stage','\'XR implications on Mobile Security\'','\'Whitney Phillips\'','XRV_d9ac6ed84a9094eed3dc532d283c9ecb','\'Title: XR implications on Mobile Security
\nWhen: Saturday, Aug 12, 13:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:Whitney Phillips\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366656),('3_Saturday','14','14:00','14:59','N','XRV','Caesars Forum - Summit - 233 - Shared Stage','\'The of History XR From Fiction to Reality\'','\'Bob Gourley,Starr Brown\'','XRV_c0e1b4ed0432b011e95847e5000bc90b','\'Title: The of History XR From Fiction to Reality
\nWhen: Saturday, Aug 12, 14:00 - 14:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\nSpeakers:Bob Gourley,Starr Brown
\n
SpeakerBio:Bob Gourley\n
\nBob Gourley is an experienced Chief Technology Officer (CTO), Board Qualified Technical Executive (QTE), author and entrepreneur with extensive past performance in enterprise IT, corporate cybersecurity and data analytics. CTO of OODA LLC, a unique team of international experts which provide board advisory and cybersecurity consulting services. \n

OODA publishes OODALoop.com. Bob has been an advisor to dozens of successful high tech startups and has conducted enterprise cybersecurity assessments for businesses in multiple sectors of the economy. He was a career Naval Intelligence Officer and is the former CTO of the Defense Intelligence Agency.\n

\n
SpeakerBio:Starr Brown\n
\nStarr Brown is the Executive Director of XR Village, a non-profit and non-partisan roadshow dedicated to education and better public policy in the areas of privacy, security and cyber-informed engineering. Starr is an accomplished leader with extensive experience in the computer hardware/software industry with a background in operations, software development and InfoSec.\n

As an avid gamer, Starr has also been an early advocate and supporter of eSports in education leveraging the power of competitive gaming to enhance student engagement and foster critical skills such as teamwork, problem-solving, and strategic thinking.\n

\n\n
\nDescription:
\nIn this discussion XR village Executive Director Starr Brown interviews Bob Gourley, whose site OODAloop.com has been tracking XR topics since 2003. Bob has leveraged his experience as a cybersecurity professional and an enterprise CTO to produce research and reporting on XR that points to a future of incredible potential, if we can mitigate the new threats this emerging technology brings with it. Starr Brown is a security professional with a knack for using collaboration and innovation to meet both compliance and security needs and was early in identifying the unique security and risk mitigation needs of XR, making her the perfect person to extract insights from Bob in this fireside chat.\n
\n\n\'',NULL,366657),('3_Saturday','15','15:00','15:50','N','PHV','Caesars Forum - Summit - 233 - Shared Stage','\'WINE Pairing with Malware\'','\'Jared Stroud\'','PHV_6e826cd8c4a21fca82e3f000446db5d5','\'Title: WINE Pairing with Malware
\nWhen: Saturday, Aug 12, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:Jared Stroud\n
\nJared Stroud is a Lead Security Engineer at The MITRE Corporation tackling problems related to Container and Kubernetes security. Jared also contributes to ATT&CK via Adversary Emulation for Linux threats.
\n\n
\nDescription:
\nThe growing popularity of playing AAA Windows video games on Linux has increased the compatibility of tools such as WINE and Proton. These same platforms that enable the latest games to run also can be used to execute the latest Malware. This talk will walk through configuring an environment to rapidly collect IoCs from unknown samples without having to use expensive sandboxes. Learn how to leverage your favorite UNIX tools to awk, grep, and pipe your way to extracting valuable forensic evidence without submitting your samples to $VENDOR. More on the offensive side? Come see how to shorten the feedback loop from idea generation, to testing and finally deployment!\n
\n\n\'',NULL,366658),('3_Saturday','16','16:00','16:50','N','PHV','Caesars Forum - Summit - 233 - Shared Stage','\'The Importance of Arts and Crafts in ThreatOps\'','\'Pete Hay\'','PHV_2554947c64dc1f04dcdbc085d03ecd92','\'Title: The Importance of Arts and Crafts in ThreatOps
\nWhen: Saturday, Aug 12, 16:00 - 16:50 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:Pete Hay\n
\nIn addition to being SimSpace\'s Principal Security Strategist, Pete is the Co-Founder & Editor-in-Chief of TheCyber.Report. Pete has an extensive & diverse background in technology driven fields including Computer Network Operations (CNO), Network Forensics, & Nuclear Chemistry, as well as one of the few patents issued in Cybersecurity & ZTA. A life-long learner & security enthusiast, Pete helps Fortune 10 banks test & refine their security postures, while running TheCyber.Report as a passion project.
\n\n
\nDescription:
\nCybersecurity professionals spend an huge amount of time attempting to use a visual medium to communicate complicated concepts in a simple yet information-dense manner. However if you ask 10 analysts to map out the same incident, you\'ll get 10 divergent diagrams. In this presentation we present a method of leveling-up your cybersecurity-related arts and crafts skills: effectively diagramming incidents, threat reports, threat intel, and reporting to support full-spectrum ThreatOps.\n
\n\n\'',NULL,366659),('4_Sunday','10','10:00','10:59','N','XRV','Caesars Forum - Summit - 233 - Shared Stage','\'Watching Androids Dream of Electric Sheep: Immersive Technology, Biometrics and the Law in collaboration with DEF CON Policy Village\'','\'Brittan Heller,Liz \"LawyerLiz\" Wharton\'','XRV_3d7bdf66952355063d97d661b4b38afc','\'Title: Watching Androids Dream of Electric Sheep: Immersive Technology, Biometrics and the Law in collaboration with DEF CON Policy Village
\nWhen: Sunday, Aug 13, 10:00 - 10:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\nSpeakers:Brittan Heller,Liz \"LawyerLiz\" Wharton
\n
SpeakerBio:Brittan Heller\n
\nBrittan Heller works at the intersection of technology, human rights and the law. She is currently a Senior Fellow at the Atlantic Council, with the Digital Forensics Research Lab, examining XR’s connection to society, human rights, privacy, and security. She is also on the steering committee for the World Economic Forum’s Metaverse Governance initiative. She is an incoming affiliate at the Yale Law School Information Society Project and the Stanford Law School Program on Democracy and the Internet.\n

Heller was an inaugural AI and Technology Fellow at the Harvard Kennedy School, studying content moderation and security risks in VR/AR/XR and emergent media, which resulted in award-winning publications on privacy, biometrics, targeted advertising, and XR. Heller is a frequent speaker and commentator on XR issues, and has published in The Information, Wired, The New York Times, and the Hill on online harms. She also advises governments and top XR companies on how to build safer and more inclusive immersive spaces.\n

As former counsel in Foley Hoag LLP’s Global Business and Human Rights practice, Heller advised companies, investors, and NGOs on integrating public safety and human rights. She previously founded ADL’s Center for Technology and Society. Her key projects included creating AI to study hate speech and XR experiences for civil rights advocacy. Additionally, Heller prosecuted grave human rights violations at the U.S. Department of Justice and the International Criminal Court and initiated landmark anti-cyber harassment litigation. She is a graduate of Stanford University and Yale Law School.\n

\n
SpeakerBio:Liz \"LawyerLiz\" Wharton\n
\nElizabeth (Liz) leverages almost two decades of legal, public policy, and business experience to advise researchers and to build and scale cybersecurity and threat intelligence focused companies. Currently VP, Operations of an adversary emulation platform startup, prior experience includes serving as the Senior Assistant City Attorney on Atlanta’s ransomware incident immediate response team. Liz was recognized as the 2022 “Cybersecurity or Privacy Woman Law Professional of the Year” by the United Cybersecurity Alliance.
\n\n
\nDescription:
\nVirtual reality and augmented reality present exceedingly complex privacy issues because of the enhanced user experience and reality-based models. Unlike the issues presented by traditional gaming and social media, immersive technology poses inherent risks, which our legal understanding of biometrics and online harassment is simply not prepared to address. Explore these topics in depth with Brittan and Liz in collaboration with DEF CON Policy Village.\n
\n\n\'',NULL,366660),('4_Sunday','11','11:00','11:59','N','XRV','Caesars Forum - Summit - 233 - Shared Stage','\'Most Meta - Live Meta Quest2 Hack\'','\'David \"Icer\" Maynor\'','XRV_ef04c6bb922e881401c1227f3a841c15','\'Title: Most Meta - Live Meta Quest2 Hack
\nWhen: Sunday, Aug 13, 11:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:David \"Icer\" Maynor\n
\nDavid “Icer” Maynor, Secret Keeper at ThreatHunter.ai, has over 20 years of experience in information security with deep technical expertise in threat intelligence, reverse engineering, exploit development, and offensive security testing. Results-driven research, analysis, and solutions leveraging partnerships and cross-disciplinary teams, to strengthen customer and business security posture and capabilities. Served as founder, executive, and advisor within the information security startup space. Author of and contributor to several popular open-source tools, presenter and instructor, and subject matter expert contributor for print, television, and online media.
\n\n
\nDescription:No Description available
\n\'',NULL,366661),('2_Friday','11','11:00','11:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'What\'s up, Doc? Using documentation to build better OT security knowledge graphs\'','\'Ian Fox\'','ICSV_202c1c31dc70b826e96753786443f4d2','\'Title: What\'s up, Doc? Using documentation to build better OT security knowledge graphs
\nWhen: Friday, Aug 11, 11:00 - 11:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Ian Fox\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366662),('2_Friday','11','11:30','11:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Five (or More) Maritime Cybersecurity Challenges\'','\'Gary C. Kessler\'','ICSV_8f4ff50d1b80a1ce98bf1ac7c44be32c','\'Title: Five (or More) Maritime Cybersecurity Challenges
\nWhen: Friday, Aug 11, 11:30 - 11:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Gary C. Kessler\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366663),('2_Friday','12','12:00','13:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'ICS Village - TSA Keynote\'','\'Tim Weston\'','ICSV_64ccbb66b231dcceec27880d461b9df8','\'Title: ICS Village - TSA Keynote
\nWhen: Friday, Aug 11, 12:00 - 13:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Tim Weston\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366664),('2_Friday','13','12:00','13:30','Y','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'ICS Village - TSA Keynote\'','\'Tim Weston\'','ICSV_64ccbb66b231dcceec27880d461b9df8','\'\'',NULL,366665),('2_Friday','13','13:30','14:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Open Distro of Malicious Maritime Hacking Tools: What Could Go Wrong?\'','\'Austin Reid,Gary C. Kessler,Nina Kollars\'','ICSV_f9f341e38a6b29807908d8ecc2471efd','\'Title: Open Distro of Malicious Maritime Hacking Tools: What Could Go Wrong?
\nWhen: Friday, Aug 11, 13:30 - 14:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\nSpeakers:Austin Reid,Gary C. Kessler,Nina Kollars
\n
SpeakerBio:Austin Reid\n
\nNo BIO available
\n
SpeakerBio:Gary C. Kessler\n
\nNo BIO available
\n
SpeakerBio:Nina Kollars\n, Associate Professor at Cyber and Innovation Policy Institute at the US Naval War College
\nNina (Kitty Hegemon) Kollars is an associate professor in the Cyber and Innovation Policy\nInstitute at the US Naval War College. Dr. Kollars is a former Special Advisor to OUSD R&E,\nLogistics, Emerging tech, Cyber Conflict & Military Innovation for the Department of Defense.\nShe publishes on cybersecurity, hackers and military innovation. She presented her own hacker\nproject at DefCon27, “Confessions of a Nespresso Money Mule.” She will soon publish her book “Trustworthy Deviants: White Hat Hackers and Security.” Kollars is also an Executive Bourbon\nSteward.
\n\n
\nDescription:No Description available
\n\'',NULL,366666),('2_Friday','14','13:30','14:59','Y','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Open Distro of Malicious Maritime Hacking Tools: What Could Go Wrong?\'','\'Austin Reid,Gary C. Kessler,Nina Kollars\'','ICSV_f9f341e38a6b29807908d8ecc2471efd','\'\'',NULL,366667),('2_Friday','15','15:00','15:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Wired for Safety: Prioritizing Safety in Deadly Systems\'','\'Jace Powell\'','ICSV_686eec8ad8a49f0cb6f2a45dc387c5e1','\'Title: Wired for Safety: Prioritizing Safety in Deadly Systems
\nWhen: Friday, Aug 11, 15:00 - 15:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Jace Powell\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366668),('2_Friday','15','15:30','15:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'OT Vulnerability analysis methodology\'','\'Jeonghoon Bae\'','ICSV_62ee540531d1f58d04c937624544ca15','\'Title: OT Vulnerability analysis methodology
\nWhen: Friday, Aug 11, 15:30 - 15:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Jeonghoon Bae\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366669),('2_Friday','16','16:00','16:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'I\'m On The Hype Train: Bottom\'s Up!\'','\'Joe Slowik\'','ICSV_cb801a5897bc1449d0ce12b4b81fc792','\'Title: I\'m On The Hype Train: Bottom\'s Up!
\nWhen: Friday, Aug 11, 16:00 - 16:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Joe Slowik\n, Threat Intelligence Manager at Huntress
\nJoe Slowik has over 15 years\' experience across multiple cyber domains. Currently, Joe leads threat intelligence, hunting, detection engineering, and purple teaming functions for Huntress. Previously, Joe performed in-depth threat intelligence research for DomainTools and Dragos, and led incident response operations at Los Alamos National Laboratory. Joe started off in information security through various roles in the US Navy and intelligence community.
\n\n
\nDescription:No Description available
\n\'',NULL,366670),('2_Friday','16','16:30','16:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Anaotomy of the Top 10 Cybersecurity Terrain for Critical Infrastructure\'','\'Mars Cheng\'','ICSV_257c04b78991864369d919b7e4dd2101','\'Title: Anaotomy of the Top 10 Cybersecurity Terrain for Critical Infrastructure
\nWhen: Friday, Aug 11, 16:30 - 16:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Mars Cheng\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366671),('3_Saturday','10','10:00','10:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'I am the captain now: Taking remote control of ships engines, helm, azipods, ballasting and plenty more.\'','\'Ken Munro\'','ICSV_3faaabeb8d4ba3b42296d02c9c514c4e','\'Title: I am the captain now: Taking remote control of ships engines, helm, azipods, ballasting and plenty more.
\nWhen: Saturday, Aug 12, 10:00 - 10:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Ken Munro\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366672),('3_Saturday','10','10:30','10:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'EMBA - From firmware to exploit\'','\'Michael Messner\'','ICSV_b117be968dba403fe5b5c8038373118d','\'Title: EMBA - From firmware to exploit
\nWhen: Saturday, Aug 12, 10:30 - 10:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Michael Messner\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366673),('3_Saturday','11','11:00','11:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Wrenches, Widgets, and Walkdowns: Unraveling the Tangle of Digital Assets in Industrial Control Systems\'','\'Tony Turner\'','ICSV_acdf27f86b2617ec551c477e26fd735b','\'Title: Wrenches, Widgets, and Walkdowns: Unraveling the Tangle of Digital Assets in Industrial Control Systems
\nWhen: Saturday, Aug 12, 11:00 - 11:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Tony Turner\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366674),('3_Saturday','11','11:30','11:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Cyber-Physical Detection and Response: A new Paradigm in IACS Monitoring and Security\'','\'Ryan Heartfield\'','ICSV_a8c6f724b9e0e350047fa49123bbc567','\'Title: Cyber-Physical Detection and Response: A new Paradigm in IACS Monitoring and Security
\nWhen: Saturday, Aug 12, 11:30 - 11:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Ryan Heartfield\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366675),('3_Saturday','12','12:00','13:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Fear and Loathing on Plum Island\'','\'David Emmerich,Emma Stewart,Jeremy Jones,Joe Minicucci\'','ICSV_3cf543db18b041582eea25f98f161bd7','\'Title: Fear and Loathing on Plum Island
\nWhen: Saturday, Aug 12, 12:00 - 13:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\nSpeakers:David Emmerich,Emma Stewart,Jeremy Jones,Joe Minicucci
\n
SpeakerBio:David Emmerich\n, University of Illinois Information Trust Institute
\nNo BIO available
\n
SpeakerBio:Emma Stewart\n
\nNo BIO available
\n
SpeakerBio:Jeremy Jones\n, Idaho National Lab
\nNo BIO available
\n
SpeakerBio:Joe Minicucci\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366676),('3_Saturday','13','12:00','13:30','Y','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Fear and Loathing on Plum Island\'','\'David Emmerich,Emma Stewart,Jeremy Jones,Joe Minicucci\'','ICSV_3cf543db18b041582eea25f98f161bd7','\'\'',NULL,366677),('3_Saturday','13','13:30','14:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Panel Discussion -- Designing and Deploying NOC/SOC in a Mobile, Limited Bandwidth Maritime Environment\'','\'Brad Proctor,Cliff Neve,Danny Joslin,Peter Dreyer,Tom Stites\'','ICSV_ca8d4fea6169cad5676ac084caf1b130','\'Title: Panel Discussion -- Designing and Deploying NOC/SOC in a Mobile, Limited Bandwidth Maritime Environment
\nWhen: Saturday, Aug 12, 13:30 - 14:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\nSpeakers:Brad Proctor,Cliff Neve,Danny Joslin,Peter Dreyer,Tom Stites
\n
SpeakerBio:Brad Proctor\n
\nNo BIO available
\n
SpeakerBio:Cliff Neve\n, US Coast Guard
\nCDR Cliff Neve is a retired Coast Guard Commander whose assignments included Chief of Staff at Coast Guard Cyber Command, Deputy Chief Information Officer at the White House Communications Agency, and Assistant C4ISR Program Manager for the Coast Guard’s multi billion dollar recapitalization program. Since retiring from the Coast Guard in 2013, CDR Neve has led all manner of cyber security assessments and security architecture consulting for diverse clients that include Ports and Waterways, Wall Street firms, Fortune 100 companies, banks, hospitals, and defense agencies. CDR Neve is a Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP).
\n
SpeakerBio:Danny Joslin\n
\nNo BIO available
\n
SpeakerBio:Peter Dreyer\n
\nNo BIO available
\n
SpeakerBio:Tom Stites\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366678),('3_Saturday','14','13:30','14:59','Y','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Panel Discussion -- Designing and Deploying NOC/SOC in a Mobile, Limited Bandwidth Maritime Environment\'','\'Brad Proctor,Cliff Neve,Danny Joslin,Peter Dreyer,Tom Stites\'','ICSV_ca8d4fea6169cad5676ac084caf1b130','\'\'',NULL,366679),('3_Saturday','15','15:00','15:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Your Ship is Leaking... How Social Media Plays a Role in the Uncovering of Critical Maritime Systems\'','\'Rae Baker\'','ICSV_08e4397fd9db026c30c88b9c74cc259a','\'Title: Your Ship is Leaking... How Social Media Plays a Role in the Uncovering of Critical Maritime Systems
\nWhen: Saturday, Aug 12, 15:00 - 15:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Rae Baker\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366680),('3_Saturday','15','15:30','15:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Improving the Speed of Cybersecurity: Seven Cyber Metrics for Maritime Owners and Operators\'','\'Tyson Meadors\'','ICSV_4c08eae0488cb57551f16bd9db98fcb4','\'Title: Improving the Speed of Cybersecurity: Seven Cyber Metrics for Maritime Owners and Operators
\nWhen: Saturday, Aug 12, 15:30 - 15:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Tyson Meadors\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366681),('3_Saturday','16','16:00','16:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'The Unlikely Romance: Critical Infrastructure Edition\'','\'Casey Ellis\'','ICSV_c52bb848c97ed707f8c14bd220c90765','\'Title: The Unlikely Romance: Critical Infrastructure Edition
\nWhen: Saturday, Aug 12, 16:00 - 16:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Casey Ellis\n, Bugcrowd
\nCasey is the Chairperson, Founder, and Chief Technology Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20-year veteran of information security who spent his childhood inventing things and generally getting technology to do things it isn\'t supposed to do.\nCasey pioneered the Crowdsourced Security as-a-Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014 prior to its launch in 2018.\n

Since then, he has personally advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives, including preemptive cyberspace protection ahead of the 2020 Presidential Elections.\n

Casey, a native of Sydney, Australia, is based in the San Francisco Bay Area.\n

\n\n
\nDescription:No Description available
\n\'',NULL,366682),('3_Saturday','16','16:30','16:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Lessons learned when building a Maritime Systems Security Laboratory Testbench\'','\'Brien Croteau\'','ICSV_878d88141bc8cf473cedb4435286e30e','\'Title: Lessons learned when building a Maritime Systems Security Laboratory Testbench
\nWhen: Saturday, Aug 12, 16:30 - 16:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Brien Croteau\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366683),('4_Sunday','10','10:00','10:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Let\'s Talk about Voice\'','\'Travis Juhr\'','ICSV_a6f6e79f85f3534fa9065f66871437ef','\'Title: Let\'s Talk about Voice
\nWhen: Sunday, Aug 13, 10:00 - 10:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Travis Juhr\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366684),('4_Sunday','10','10:30','10:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Vulnerability instead of security: How we managed to hack a PSIM system\'','\'Lukas Sokefeld\'','ICSV_14df419c54e42ca86448d74d58f9d784','\'Title: Vulnerability instead of security: How we managed to hack a PSIM system
\nWhen: Sunday, Aug 13, 10:30 - 10:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Lukas Sokefeld\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366685),('4_Sunday','11','11:00','11:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'The Flaws in Cloud-based ICS Ecosystem\'','\'Hank Chen\'','ICSV_3de869f130cf9293eea9f6bcda66b788','\'Title: The Flaws in Cloud-based ICS Ecosystem
\nWhen: Sunday, Aug 13, 11:00 - 11:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Hank Chen\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366686),('4_Sunday','11','11:30','11:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Hunting Aberrant Maritime Network Traffic with Open-Source Software and Hardware\'','\'Chet Hosmer\'','ICSV_ae706707085cc612fed6942d6da4142b','\'Title: Hunting Aberrant Maritime Network Traffic with Open-Source Software and Hardware
\nWhen: Sunday, Aug 13, 11:30 - 11:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Chet Hosmer\n
\nChet Hosmer is an international author, educator, researcher, and founder of Python Forensics, Inc., a non-profit research institute focused on the collaborative development of open source investigative technologies using the Python programming language. Chet is also a Visiting Professor at Utica College in the Cybersecurity Graduate Program, where his research and teaching is focused on data hiding, active cyber defense and security of industrial control systems. Additionally, Chet is an Adjunct Professor at Champlain College in the Digital Forensics Graduate Program, where his research and teaching is focused on solving hard digital investigation problems using the Python programming language.
\n\n
\nDescription:No Description available
\n\'',NULL,366687),('4_Sunday','12','12:00','12:30','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'The War is Coming: Why Securing OPC-UA is more critical than ever\'','\'Hank Chen\'','ICSV_df2043b8e1b77dc05068bb3e2aa3882d','\'Title: The War is Coming: Why Securing OPC-UA is more critical than ever
\nWhen: Sunday, Aug 13, 12:00 - 12:30 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Hank Chen\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366688),('4_Sunday','12','12:30','12:59','N','ICSV','Caesars Forum - Alliance - 313-319 - ICS Village','\'Is China Prepping an “Unforgettable Humiliation for GPS & America\" [VIRTUAL]\'','\'Dana Goward\'','ICSV_d8093e898cae4308a101828f93478d9b','\'Title: Is China Prepping an “Unforgettable Humiliation for GPS & America\" [VIRTUAL]
\nWhen: Sunday, Aug 13, 12:30 - 12:59 PDT
\nWhere: Caesars Forum - Alliance - 313-319 - ICS Village - Map
\n
SpeakerBio:Dana Goward\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,366689),('2_Friday','10','10:00','11:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'US Cyber Policy 101\'','\'Harley Geiger,Lauren Zabierek,Lindsey Forson,Michaela Lee,Suzanne Schwartz\'','PLV_74fe12ea5881a8d7bfd10a857a04e743','\'Title: US Cyber Policy 101
\nWhen: Friday, Aug 11, 10:00 - 11:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Harley Geiger,Lauren Zabierek,Lindsey Forson,Michaela Lee,Suzanne Schwartz
\n
SpeakerBio:Harley Geiger\n, Counsel at Venable LLP
\nHarley Geiger is Counsel and Senior Director at Venable, LLP, where he leads the Security Research Legal Defense Fund and the Hacking Policy Council and counsels clients on a variety of cybersecurity issues. Prior to this, Geiger was Senior Director for Public Policy at Rapid7, where he worked to expand adoption of vulnerability disclosure and legal protections for security research. Geiger also worked as Senior Legislative Counsel in the U.S. House of Representatives, where he drafted Aaron’s Law, and served as Advocacy Director at the Center for Democracy & Technology.
\nTwitter: @HarleyGeiger
\n
SpeakerBio:Lauren Zabierek\n, Senior Policy Advisor in the Cybersecurity Division at Cybersecurity and Infrastructure Security Agency (CISA)
\nLauren Zabierek is a Senior Policy Advisor in the Cybersecurity Division at CISA. Previously, she served as the Executive Director of the Cyber Project at the Harvard Kennedy School’s Belfer Center, where she ran a policy-relevant research program and managed students and nonresident fellows. She also served as the Acting Executive Director of the Belfer Center in her final semester there. She came to that role as a 2019 graduate of the Kenney School’s midcareer MPA program. Prior to graduate school, she was an early member of the cybersecurity firm Recorded Future, having established and managed their public sector team. She also served as a civilian intelligence analyst at the National Geospatial Intelligence Agency with multiple deployments to Afghanistan, and served as a US Air Force intelligence officer at the beginning of her career. Lauren is also the co-founder of the online social media movement, #ShareTheMicInCyber. She is a mentor with Girl Security, a fellow at the National Security Institute at George Mason University, and a fellow at New America.
\n
SpeakerBio:Lindsey Forson\n, Deputy Executive Director at National Association of Secretaries of State
\nLindsey Forson has worked at the intersection of cybersecurity and public policy for the past five years. She is dedicated to fostering relationships between NASS members and collaborators in the cybersecurity space.
\n
SpeakerBio:Michaela Lee\n, Director for Strategy and Research at The Office of National Cyber Director (ONCD)
\nMichaela Lee is the Director for Strategy and Research at the Office of the National Cyber Director. Prior to her present role, Michaela worked at the intersection of geopolitical risk and cybersecurity at the Krebs Stamos Group. Her background is in emerging technologies and human rights, having covered issues of artificial intelligence, privacy, and platform governance at nonprofit BSR (Business for Social Responsibility). She is a graduate of the University of California, Davis and the Harvard Kennedy School.
\n
SpeakerBio:Suzanne Schwartz\n, Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices and Radiological Health (CDRH)MD
\nSuzanne B. Schwartz, MD, MBA is the Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices and Radiological Health (CDRH).\n

Suzanne’s work in medical device cybersecurity includes policy development, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations and coordinating incident response across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month for her work in Medical Device Cybersecurity. She also received the 2021 Routhy Award from the H-ISAC for her leadership in cybersecurity in healthcare, especially during the COVID-19 pandemic. Together with Health Canada, Suzanne has represented FDA in co-chairing the International Medical Device Regulators Forum (IMDRF) Work Group on Medical Device Cybersecurity leading to its first international guidance publication in March 2020 and two subsequent guidance publications - - one on software bill of materials and one on cybersecurity management of legacy medical devices. She has additionally served as co-chair of the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector’s healthcare cybersecurity initiatives.\n

Suzanne earned an MD from Albert Einstein College of Medicine; an executive MBA from NYU Stern School of Business, completed Cohort X of the National Preparedness Leadership Initiative – Harvard School of Public Health &amp; Harvard Kennedy School of Government executive education, and earned in September 2018 a certificate of mastery for completion of requirements at the Federal Executive Institute – Leadership for a Democratic Society.\n

\n\n
\nDescription:
\nThis is your CliffsNotes on what\'s happening in US cyber policy. Whether you\'re completely new to policy discussions as a whole, more used to following policy in other countries, or just feeling a little out of date, this session will help you get up to speed with the main US cyber policy focus areas and players. \n

The session will start with an overview of the current themes and topics being explored by US policymakers, provided by policy expert and leader, Harley Geiger. He will provide insight on the status of various initiatives and what is likely to move forward through the year. \n

This will be followed by a discussion with representatives from different parts of the US government currently working on setting US cyber policy. Each will explain what their agency does, how it fits in the ecosystem and partners with the other agencies, what it\'s working on for 2023-24 and how people can interact with them. \n

This will be followed by audience Q&A so you can better explore the information provided and find out the status of the issues you care about most. This session creates a baseline for the other Policy @ DEF CON content.\n

This is a double length session lasting 110 minutes. \n

\n\n\'',NULL,366690),('2_Friday','11','10:00','11:50','Y','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'US Cyber Policy 101\'','\'Harley Geiger,Lauren Zabierek,Lindsey Forson,Michaela Lee,Suzanne Schwartz\'','PLV_74fe12ea5881a8d7bfd10a857a04e743','\'\'',NULL,366691),('2_Friday','12','12:00','13:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'International Cyber Policy 101\'','\'Adam Dobell,Ari Schwartz,Bryony Crown,Peter Brown,Peter Stephens\'','PLV_2a3b90335c1a37e6679c03ca1069ccaa','\'Title: International Cyber Policy 101
\nWhen: Friday, Aug 11, 12:00 - 13:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Adam Dobell,Ari Schwartz,Bryony Crown,Peter Brown,Peter Stephens
\n
SpeakerBio:Adam Dobell\n, First Secretary at Department of Home Affairs, Embassy of Australia, Washington DC
\nAdam Dobell is the First Secretary (Home Affairs) at the Embassy of Australia in Washington DC. He is responsible for policy engagement across the United States Government and with industry on a range of issues, including cybersecurity, critical infrastructure protection, and the security of critical and emerging technologies. Adam’s most recent role before commencing at the Embassy was as the Acting Director for the Countering Violent Extremism Policy Coordination Section within the Department of Home Affairs from 2019-20. From 2015-2019, Adam undertook several roles in the International Policy Division of the Department of Home Affairs, including Executive Officer to the First Assistant Secretary and Acting Director of the Papua New Guinea Section. He enjoys playing and watching football (soocer), reading history and political studies.
\n
SpeakerBio:Ari Schwartz\n, Executive Coordinator at Center for Cybersecurity Policy and Law
\nA leading voice in cybersecurity policy with over two decades of government and nonprofit experience, Ari serves as the Coordinator for the Center for Cybersecurity Policy and Law.\n

Ari also serves as Venable LLP’s Managing Director of Cybersecurity Services and Policy. Mr. Schwartz assists organizations in developing risk management strategies, including implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework, to help minimize risk.\n

Prior to joining Venable, Mr. Schwartz was a member of the White House National Security Council, where he served as Special Assistant to the President and Senior Director for Cybersecurity.\n

\n
SpeakerBio:Bryony Crown\n, First Secretary Cyber Policy at British Embassy, Washington D.C.
\nBryony Crown is First Secretary for Cyber Policy in the British Embassy Washington DC. She covers a broad range of issues relating to cyber and works with an extensive number of international government and industry partners. Bryony has 15 years’ experience in a variety of policy roles within government and specialises in national security issues.
\n
SpeakerBio:Peter Brown\n, Senior Policy Adviser at Strategy and Innovation Unit of the European Parliament
\nPeter F Brown is Senior Policy Adviser at the Strategy and Innovation Unit of the European Parliament.\n

He recently returned to Brussels after serving as Senior Adviser on Technology Policy in the European Parliament’s office in Washington DC.\n

Peter’s professional career has been predominantly in the European public service and since 1990 as a career official in the European Parliament.\n

He resumed his career as a civil servant in 2018 after a decade in the private sector, where he advised several Fortune 50 companies and many national governments and international organisations on technology strategy and governance, in cloud, cyber, IoT, AI, and data.\n

He has been engaged in global standardization policy and IT standards development for more than 25 years.\n

\n
SpeakerBio:Peter Stephens\n, OECD
\nPeter Stephens is an experienced policy lead, in the UK and abroad. From 2018 to 2021, he led the IoT Security Policy Division across the UK government, responding to the Mirai attack, and delivering the Product Security and Telecommunications Infrastructure Bill. He is an experienced public servant, well versed in delivering through government. He has advised Ministers and Prime Ministers on the creation and running of Delivery Units in Government. \n

Whilst not technical by background, he brings a rebellious streak. As a student, Peter hitch hiked from Buenos Aires to New York City and he also spent two years teaching in an inner city school in south London. Experiences like this have left him with a staunch optimism about people, and he is a passionate advocate for the partnerships between policy makers and hackers to make better informed policies that can support policymakers, and citizens, around the world. He is currently a Policy Advisor at the OECD, supporting member states to navigate the range of challenges across digital security.\n

\n\n
\nDescription:
\nThis session will help highlight the international landscape for cyber policy, highlighting the need for governments around the world to align on policy development and intervention. It will help establish a baseline of knowledge on what\'s happening in international cyber policy for those wanting to get up to speed, and will help set the scene for many of the policy discussions to come throughout DEF CON. This session goes hand-in-hand with the US policy 101. \n

The session will start with Peter Stephens of the OECD providing an overview of the main themes and topics being explored by policymakers around the world, as well as sharing what is likely to move forward through the year. Peter has direct experience of driving international policy development as he previously worked at the UK\'s Department for Digital, Culture, Media and Sport, where he developed the Code of Practice for Security of Consumer IoT. Peter then worked with ETSI to see the Code adopted as a standard across the European Union, and later worked with the Australian, Indian, and Singaporean governments as they explored adoption of the Code, so he has an excellent understanding of the benefits and challenges of international policy harmonization. \n

This portion of the session will be followed by a panel of representatives from the Australian government, the UK government, and the Center for Cybersecurity Policy and Law, which works with government on cyber policy issues around the world. These participants will each highlight top international cyber policy priorities and challenges for 2023-24, as well as how they approach policy development in the context of the global digital technology ecosystem.\n

This will be followed by audience Q&A so attendees can better explore the information provided and build an understanding of the international cyber policy landscape. This session establishes a baseline for many of the Policy @ DEF CON content to follow.\n

This is a double length session lasting 110 minutes.\n

\n\n\'',NULL,366692),('2_Friday','13','12:00','13:50','Y','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'International Cyber Policy 101\'','\'Adam Dobell,Ari Schwartz,Bryony Crown,Peter Brown,Peter Stephens\'','PLV_2a3b90335c1a37e6679c03ca1069ccaa','\'\'',NULL,366693),('2_Friday','14','14:00','14:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'Cyber Policy Adrift – Charting a Path Forward for International Maritime Cybersecurity\'','\'Blake Benson,Cliff Neve,Josh Reiter,Nina Kollars\'','PLV_5bde02cd29c87315d1999e299d8fcbde','\'Title: Cyber Policy Adrift – Charting a Path Forward for International Maritime Cybersecurity
\nWhen: Friday, Aug 11, 14:00 - 14:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Blake Benson,Cliff Neve,Josh Reiter,Nina Kollars
\n
SpeakerBio:Blake Benson\n
\nBlake A. Benson has helped a wide variety of critical infrastructure stakeholders develop solutions to improve the effectiveness of their decision-making process for cyber risk. He specializes in navigating the challenges associated with developing tailored, industry-specific solutions in non-traditional cyber environments. He has taken a particular interest in the assets and infrastructure that supports America\'s critical functions, providing strategic and technical cyber risk expertise across multiple business divisions and industries. Blake\'s desire to safeguard America\'s most critical assets is driven by his first-hand experience with cyber operations, where he was a founding member of one of the Air Force\'s first operational cyber squadrons and later became a sought-after cyber intelligence expert.
\n
SpeakerBio:Cliff Neve\n, US Coast Guard
\nCDR Cliff Neve is a retired Coast Guard Commander whose assignments included Chief of Staff at Coast Guard Cyber Command, Deputy Chief Information Officer at the White House Communications Agency, and Assistant C4ISR Program Manager for the Coast Guard’s multi billion dollar recapitalization program. Since retiring from the Coast Guard in 2013, CDR Neve has led all manner of cyber security assessments and security architecture consulting for diverse clients that include Ports and Waterways, Wall Street firms, Fortune 100 companies, banks, hospitals, and defense agencies. CDR Neve is a Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP).
\n
SpeakerBio:Josh Reiter\n, Deputy PCA at US Navy
\nMr. Joshua Reiter is the Department of the Navy Deputy Principal Cyber Advisor (PCA). In this role, he is responsible for supporting the PCA in advising the Secretary of the Navy, Chief of Naval Operations, and Commandant of the Marine Corps, and implementing the Department of Defense Cyber Strategy within the Department of the Navy. Mr. Reiter also serves in the additional capacity as the Department of the Navy Chief Information Officer’s (DON CIO) Chief Workforce Officer. He was originally appointed to Defense Intelligence Senior Level (DISL) in December 2018 as the Director of Cyber Workforce Policy and Planning under the Cybersecurity Directorate of OPNAV N2N6. A former U.S. Coast Guard licensed merchant mariner, for the first several years of his career, Mr. Reiter served as a DoD civilian mariner with the U.S. Navy’s Military Sealift Command as Third Officer aboard USNS Saturn (T-AFS-10), USNS John McDonnell (T-AGS 51), USNS Apache (T-ATF 172), USNS Hayes (T-AG-195) and as Second Officer/Navigator aboard USNS Sirius (T-AFS-8).
\n
SpeakerBio:Nina Kollars\n, Associate Professor at Cyber and Innovation Policy Institute at the US Naval War College
\nNina (Kitty Hegemon) Kollars is an associate professor in the Cyber and Innovation Policy\nInstitute at the US Naval War College. Dr. Kollars is a former Special Advisor to OUSD R&E,\nLogistics, Emerging tech, Cyber Conflict & Military Innovation for the Department of Defense.\nShe publishes on cybersecurity, hackers and military innovation. She presented her own hacker\nproject at DefCon27, “Confessions of a Nespresso Money Mule.” She will soon publish her book “Trustworthy Deviants: White Hat Hackers and Security.” Kollars is also an Executive Bourbon\nSteward.
\n\n
\nDescription:
\nThe global economy is afloat. It is cheap and fast, and vulnerable. Everyone relies upon it but there is no single entity responsible for it. Whether it be reliance on dated legacy systems, rampant prioritization of innovation over security, under-funded infrastructure, or unclear security principles and enforcement mechanisms, the maritime ecosystem is becoming increasingly insecure - making the world’s seas and ports a target for pirates, hackers, and states. And we know it....that’s the good news.\n \n

The panel will discuss challenges to developing actionable maritime cyber policy, the technical realities behind maritime cybersecurity, review existing US and international programs, and discuss how the global ecosystem could harmonize these policies to push the maritime ecosystem towards a more secure state. There will also be time for questions and broader discussion/audience engagement.\n

\n\n\'',NULL,366694),('2_Friday','15','15:00','16:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'A global approach to tackling software resilience\'','\'Allan Friedman,Camille Stewart Gloster,Charlie Gladstone,David Rogers\'','PLV_f207497c052f13bf857e8223ecaaa97e','\'Title: A global approach to tackling software resilience
\nWhen: Friday, Aug 11, 15:00 - 16:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Allan Friedman,Camille Stewart Gloster,Charlie Gladstone,David Rogers
\n
SpeakerBio:Allan Friedman\n, Senior Advisor and Strategist at Cybersecurity and Infrastructure Security Agency (CISA)
\nDr. Allan Friedman is the guy who won’t shut up about SBOM. A Senior Advisor and Strategist at the Cybersecurity and Infrastructure Security Agency, he coordinates the global cross-sector community efforts around software bill of materials (SBOM) and related vulnerability initiatives, and works to advance their adoption inside the US government. He was previously the Director of Cybersecurity Initiatives at NTIA, leading pioneering work on vulnerability disclosure, SBOM, and IOT. Prior to joining the Federal government, Friedman spent over a decade as a noted information security and technology policy scholar at Harvard’s Computer Science department, the Brookings Institution, and George Washington University’s Engineering School. He is the co-author of the popular text “Cybersecurity and Cyberwar: What Everyone Needs to Know,” has a degree in computer science from Swarthmore College and a PhD in public policy from Harvard University. He is quite friendly for a failed-professor-turned-technocrat.
\n
SpeakerBio:Camille Stewart Gloster\n, Deputy National Cyber Director at Technology and Ecosystem Security Division, Office of the National Cyber Director
\nCamille Stewart Gloster, Esq. is the Deputy National Cyber Director for Technology & Ecosystem for The White House. In her role, Camille leads technology, supply chain, data security, and cyber workforce and education efforts for the Office of the National Cyber Director. Camille is a cyber, technology, and national security strategist and policy leader whose career has spanned the private, public, and non-profit sectors. She joined ONCD from Google, where she most recently served as Global Head of Product Security Strategy, and before that as Head of Security Policy and Election Integrity for Google Play and Android. \n

Prior to working at Google, Camille led cyber diplomacy, technology policy, privacy, and technical policy areas like encryption and PNT as the Senior Policy Advisor for Cyber, Infrastructure & Resilience at the U.S. Department of Homeland Security. During her time at DHS, Camille led campaigns, international engagements, and policy development that bolstered national and international cyber resilience. Those policies include Presidential Policy Directive 41 (PPD – 41) on federal cyber incident coordination, supporting Privacy Shield negotiations, and the 2016 Cybersecurity National Action Plan (CNAP) which outlined 75 tasks to enhance cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security. Camille has also held leadership roles focused on cyber and technology on Capitol Hill, at Deloitte, and Cyveillance, an open-source threat intelligence company.\n

\n
SpeakerBio:Charlie Gladstone\n, UK Department for Science, Innovation, and Technology
\nCharlie Gladstone leads the UK Government’s work on app store security in the Department for Science, Technology and Innovation. He has worked in tech policy for over five years, where he has specialised in exploring the intersection between technology, society and regulation. Before working in Government, Charlie provided public policy consultancy services to the tech sector clients. He has developed policy on a range of issues including cyber security, digital regulation and artificial intelligence.
\n
SpeakerBio:David Rogers\n, CEO at Copper Horse
\nDavid is a mobile phone and IoT security specialist who runs Copper Horse Ltd, a software and security company based in Windsor, UK. He chairs the Fraud and Security Group at the GSMA. He has spoken at a number of hacking conferences on his security research work including DEF CON’s Car Hacking Village, 44CON, B-Sides London, B-Sides Cymru and B-Sides LV. He was awarded an MBE for services to Cyber Security in the Queen’s Birthday Honours 2019.
\n\n
\nDescription:
\nSoftware is the lifeblood of the digital world, but as software embeds itself ever further into our societies and economies, the threat of software attacks grows with it. In our ever-more connected world, Governments are realizing that more must be done to protect businesses, organizations and individuals from these cyber threats. Governments are exploring a range of options to foster software security practices, including convening experts, international organizations and standards, using the power of government purchasing, and even potential regulation. However, the software ecosystem and the risks are rapidly evolving, and require insights into the dynamics of attack and defense from the security and developer communities.\n

This panel will bring together representatives from governments around the world which are trying to address this challenge. Software risks are global risks, and this will be a unique opportunity to hear how different governments are approaching the issue of software resilience, and discuss how policymakers and the hacker community can to work together to overcome these collective challenges.\n

\n\n\'',NULL,366695),('2_Friday','16','15:00','16:50','Y','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'A global approach to tackling software resilience\'','\'Allan Friedman,Camille Stewart Gloster,Charlie Gladstone,David Rogers\'','PLV_f207497c052f13bf857e8223ecaaa97e','\'\'',NULL,366696),('2_Friday','17','17:00','17:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'Demystifying Hacking for Government Officials\'','\'Brad Manuel,Jack Cable,Jason Ingalls,Lindsey Forson,Michael Ross\'','PLV_3b5299f8a5ed37fd8e2b5cc06ed356c7','\'Title: Demystifying Hacking for Government Officials
\nWhen: Friday, Aug 11, 17:00 - 17:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Brad Manuel,Jack Cable,Jason Ingalls,Lindsey Forson,Michael Ross
\n
SpeakerBio:Brad Manuel\n, Chief Information Officer at Louisiana Secretary of State’s Office
\nBrad Manuel brings to the table extensive election administration and disaster recovery experience. He has led a cross-agency team to administer elections during challenging emergencies. He also serves as the co-chair of Louisiana’s Election Security Committee under the Louisiana Cybersecurity Commission.
\n
SpeakerBio:Jack Cable\n, Senior Technical Advisor at Cybersecurity and Infrastructure Security Agency (CISA)
\nJack Cable is a Senior Technical Advisor at the Cybersecurity and Infrastructure Security Agency (CISA). Prior to that, Jack worked as a TechCongress Fellow for the Senate Homeland Security and Governmental Affairs Committee, advising Chairman Gary Peters on cybersecurity policy, including election security and open source software security. He previously worked as a Security Architect at Krebs Stamos Group. Jack also served as an Election Security Technical Advisor at CISA, where he created Crossfeed, a pilot to scan election assets nationwide. Jack is a top bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies. After placing first in the Hack the Air Force bug bounty challenge, he began working at the Pentagon’s Defense Digital Service. Jack holds a bachelor’s degree in Computer Science from Stanford University and has published academic research on election security, ransomware, and cloud security.
\n
SpeakerBio:Jason Ingalls\n, Founder & CEO at Ingalls Information Security
\nJason Ingalls has attended Blackhat and DEFCON since 2006. He has spoken and presented at numerous conferences, including as keynote for the University of California Inaugural Cybersecurity Conference in 2016. His experience with data breach response and his firm\'s work with election cybersecurity controls provide valuable insight that few possess into the technology, processes, and people involved in securing elections.
\n
SpeakerBio:Lindsey Forson\n, Deputy Executive Director at National Association of Secretaries of State
\nLindsey Forson has worked at the intersection of cybersecurity and public policy for the past five years. She is dedicated to fostering relationships between NASS members and collaborators in the cybersecurity space.
\n
SpeakerBio:Michael Ross\n, Deputy Secretary of State and Chief of Staff at Iowa Secretary of State’s Office
\nMichael Ross, the Deputy Secretary of State and Chief of Staff for the Iowa Secretary of State’s office, has led the office’s strong engagement with federal partners and the security research community. Through NASS and relationships developed with peers that oversee elections in their states, Ross has encouraged engagement with the researcher community.
\n\n
\nDescription:
\nMost of us acknowledge that collaboration between hackers and policymakers is necessary and beneficial. Specifically, the security research community is more effective in supporting security improvements for state and local government entities when they work collaboratively with government officials. We also know building bridges between these communities, each of which includes a diverse makeup of individuals and organizations, is not a simple task. Several years ago, the National Association of Secretaries of State (NASS) and a small group of hackers began construction on one such bridge. This session shares lessons learned from that experience. NASS created an interactive event, called Hacking Demystified, which complements broader efforts to educate and foster relationship-building. We will provide examples of where we have found success and seek input from the audience on how to further expand our work. We will generate ideas for how everyone in the room may create more opportunities for productive collaboration between security researchers and state government officials. Join us to learn more about how NASS is demystifying hacking and participate in a brainstorming session on how we may all work together to further increase knowledge and understanding across our communities.\n
\n\n\'',NULL,366697),('2_Friday','10','10:00','11:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Building the Hacker Talent Pipeline Through Workforce and Education Ecosystems\'','\'Ashley Sequeira,Ayan Islam,Bryony Crown,Randy Pestana,Safa Shahwan Edwards,Sarah Powazek\'','PLV_49120b71776f00fe85e056dbd42a8eb5','\'Title: Building the Hacker Talent Pipeline Through Workforce and Education Ecosystems
\nWhen: Friday, Aug 11, 10:00 - 11:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Ashley Sequeira,Ayan Islam,Bryony Crown,Randy Pestana,Safa Shahwan Edwards,Sarah Powazek
\n
SpeakerBio:Ashley Sequeira\n, Security Operations Sales Engineering Training Program Manager at Google Cloud Security
\nAshley is the Security Operations Sales Engineering Training Program Manager at Google Cloud Security. Previously, Sequeira worked for Palo Alto Networks and ran the security operations training program, consulted for SOAR platforms, worked as a professional services consultant and ran an employee resource group focused on veterans. Ashley served 13 years in the US Army Reserve and was hired through a VetsInTech and Palo Alto Networks program.
\n
SpeakerBio:Ayan Islam\n, Director, Cyber Workforce at Office of the National Cyber Director, The White House
\nAyan oversees the cyber workforce portfolio and supports the development and implementation of the upcoming National Cyber Workforce and Education Strategy. Previously, she was Associate Policy Director for R Street’s Cybersecurity and Emerging Threats program, and held several roles at the Cybersecurity Infrastructure Security Agency (CISA).
\n
SpeakerBio:Bryony Crown\n, First Secretary Cyber Policy at British Embassy, Washington D.C.
\nBryony Crown is First Secretary for Cyber Policy in the British Embassy Washington DC. She covers a broad range of issues relating to cyber and works with an extensive number of international government and industry partners. Bryony has 15 years’ experience in a variety of policy roles within government and specialises in national security issues.
\n
SpeakerBio:Randy Pestana\n, Associate Director at FIU Jack D Gordon Institute for Public Policy
\nRandy Pestana serves as Assistant Director of Research and Strategic Initiatives at the Jack D. Gordon Institute for Public Policy at Florida International University’s (FIU) Steven J. Green School of International and Public Affairs, where he manages the institute’s partnerships with U.S. Departments of Commerce, Defense, and State. Mr. Pestana also serves as Director of Education and Training at Cybersecurity@FIU, a designated Emerging Preeminent Program.
\n
SpeakerBio:Safa Shahwan Edwards\n, Deputy Director, Cyber Statecraft Initiative at Atlantic Council
\nSafa Shahwan Edwards is the deputy director of the Atlantic Council’s Cyber Statecraft Initiative under the Digital Forensic Research Lab (DFRLab). In this role, she leads the administration and external communications of the Initiative, as well as the Cyber 9/12 Strategy Challenge, the Initiative’s global cyber policy and strategy competition. Safa holds an MA in International Affairs with a concentration in Conflict Resolution from the George Washington University Elliott School of International Affairs and a BA in Political Science from Miami University of Ohio. Safa is of Bolivian and Jordanian heritage and speaks Spanish and Arabic.
\n
SpeakerBio:Sarah Powazek\n, Program Director of Public Interest Cybersecurity at UC Berkeley Center for Long-Term Cybersecurity (CLTC)
\nSarah Powazek serves as the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity (CLTC), where she leads flagship work on the Citizen Clinic, the Consortium of Cybersecurity Clinics, and public interest cybersecurity research. She recently hosted the flagship Cyber Civil Defense Summit, a mission-based gathering to protect the nation’s most vulnerable public infrastructure. Sarah previously worked at CrowdStrike Strategic Advisory Services, and as the Program Manager of the Ransomware Task Force. She is also an active member of the hacker community, and helps organize Hackers On The Hill and DEF CON Policy.
\n\n
\nDescription:
\nOur lives have become more digitally interconnected and the pandemic accelerated the use of technology (remote work, cashless payments, virtual healthcare sessions and gatherings, an uptick in streaming services, etc.). And, year by year, market demand for more information security/cybersecurity professionals is growing and yet research shows there are artificial barriers that limit opportunities for entry level positions to those with the skill, aptitude, and attitude, and impacts underserved and underrepresented communities. The panel discussion will look at the history of the information security/cybersecurity recruitment pipeline, discuss recent policy changes, and a call to action in removing the artificial barriers that are limiting access into the field. Furthermore, the talk will look at the upcoming National Cyber Workforce and Education Strategy; current public and private sector to address the current workforce challenges; and how we need to bolster our workforce to combat ongoing threats to critical infrastructure. We also can’t discuss workforce development without addressing the education landscape and the need to incorporate cybersecurity awareness and skills development in K-12 education systems, and preparing the workforce through two-year, four-year, and post-graduate education programs. The diverse perspectives will cover policy, current activities, and include engagement with the audience to troubleshoot potential solutions on how we can collaboratively work to grow and sustain the hacker talent pipeline.\n
\n\n\'',NULL,366698),('2_Friday','11','10:00','11:50','Y','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Building the Hacker Talent Pipeline Through Workforce and Education Ecosystems\'','\'Ashley Sequeira,Ayan Islam,Bryony Crown,Randy Pestana,Safa Shahwan Edwards,Sarah Powazek\'','PLV_49120b71776f00fe85e056dbd42a8eb5','\'\'',NULL,366699),('2_Friday','12','12:00','12:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'The Promise and Perils of Planetary-Scale ISPs\'','\'J. Scott Christianson\'','PLV_c23cdfa678b84fa5cd228946598eba21','\'Title: The Promise and Perils of Planetary-Scale ISPs
\nWhen: Friday, Aug 11, 12:00 - 12:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\n
SpeakerBio:J. Scott Christianson\n
\nJ Scott Christianson is an Associate Teaching Professor of management at the University of Missouri, where his interests are focused on the impact of emerging technology on society and geopolitics. Prior to joining the college, he was an entrepreneur with decades of experience in videoconferencing, networking and project management. He currently serves as the College’s Director of the Center for Entrepreneurship and Innovation, helping student turn their ideas into profitable products and services. You can reach him at christiansonjs.com
\n\n
\nDescription:
\nOur tiny blue planet is quickly being encased in layers of fast-flying, low-earth orbiting satellites in an effort to provide Internet access to earth\'s three billion unconnected and slowly connected inhabitants. SpaceX\'s Starlink system is the first planetary-scale ISPs for consumers; more are set to follow. Planetary ISPs can drive much-needed economic growth in the world\'s poorest countries but introduce unique policy and operational challenges. The regulatory bodies and frameworks set up to deal with terrestrial ISPs are not prepared to deal with issues of internet access, content filtering/moderation, and network neutrality on a global scale. Nor are the agencies governing space launches and operations. While planetary ISPs may see enormous profits, the rest of us may pay the potential costs: an end to ground-based astronomy; an end to clear viewing of the sky; increasing costs for space operations, collision avoidance, and debris removal; and the geopolitical risk when access is provided or not-provided in certain regions. Humanity\'s future will be determined by how we operate on the internet and in space. How we navigate this new era of space-based internet and what policy frameworks we put in place will determine the winners and losers in this new race in space.\n
\n\n\'',NULL,366700),('2_Friday','13','13:00','13:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Securing the Supply Chain\'','\'Camille Stewart Gloster,Eric Goldstein\'','PLV_c32bb546d7f86b657100e1c654344cf4','\'Title: Securing the Supply Chain
\nWhen: Friday, Aug 11, 13:00 - 13:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Camille Stewart Gloster,Eric Goldstein
\n
SpeakerBio:Camille Stewart Gloster\n, Deputy National Cyber Director at Technology and Ecosystem Security Division, Office of the National Cyber Director
\nCamille Stewart Gloster, Esq. is the Deputy National Cyber Director for Technology & Ecosystem for The White House. In her role, Camille leads technology, supply chain, data security, and cyber workforce and education efforts for the Office of the National Cyber Director. Camille is a cyber, technology, and national security strategist and policy leader whose career has spanned the private, public, and non-profit sectors. She joined ONCD from Google, where she most recently served as Global Head of Product Security Strategy, and before that as Head of Security Policy and Election Integrity for Google Play and Android. \n

Prior to working at Google, Camille led cyber diplomacy, technology policy, privacy, and technical policy areas like encryption and PNT as the Senior Policy Advisor for Cyber, Infrastructure & Resilience at the U.S. Department of Homeland Security. During her time at DHS, Camille led campaigns, international engagements, and policy development that bolstered national and international cyber resilience. Those policies include Presidential Policy Directive 41 (PPD – 41) on federal cyber incident coordination, supporting Privacy Shield negotiations, and the 2016 Cybersecurity National Action Plan (CNAP) which outlined 75 tasks to enhance cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security. Camille has also held leadership roles focused on cyber and technology on Capitol Hill, at Deloitte, and Cyveillance, an open-source threat intelligence company.\n

\n
SpeakerBio:Eric Goldstein\n, Executive Assistant Director for Cybersecurity at Cybersecurity and Infrastructure Security Agency (CISA)
\nEric Goldstein serves as the Executive Assistant Director for Cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA) as of February 19, 2021. In this role, Goldstein leads CISA’s mission to protect and strengthen federal civilian agencies and the nation’s critical infrastructure against cyber threats.\n

Previously, Goldstein was the Head of Cybersecurity Policy, Strategy, and Regulation at Goldman Sachs, where he led a global team to improve and mature the firm’s cybersecurity risk management program. He served at CISA’s precursor agency, the National Protection and Programs Directorate, from 2013 to 2017 in various roles including Policy Advisor for Federal Network Resilience, Branch Chief for Cybersecurity Partnerships and Engagement, Senior Advisor to the Assistant Secretary for Cybersecurity, and Senior Counselor to the Under Secretary.\n

\n\n
\nDescription:
\nSecuring the supply chain is a significant challenge for the public sector and private sector alike. Supply chains are complex, global, and non-linear. Accordingly, we must be strategic in the deployment of resources to ensure that doctrine, policy, and cross-sector collaboration are aligned to this problem set as incisively as possible. The Biden Administration has undertaken several efforts to achieve the necessary alignment and drive down ecosystem-level risk from insecure supply chains, to include working from the most atomic unit – the code in which software is written. This fireside chat explores how the government is facilitating progress toward foundational supply chain security (including open source software security, AI security, and software security by design), highlights the next iteration of its approach to long-term resilience, and outlines opportunities for individuals and organizations to partner in these efforts.\n
\n\n\'',NULL,366701),('2_Friday','14','14:00','14:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'What are your thoughts on AI assisted voice cloning being used for scams?\'','\'Christine Barker\'','PLV_85e2fe9e3f54ddeb0dff180a70e80729','\'Title: What are your thoughts on AI assisted voice cloning being used for scams?
\nWhen: Friday, Aug 11, 14:00 - 14:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\n
SpeakerBio:Christine Barker\n, Senior Investigator at Federal Trade Commission
\nChristine Barker is a Senior Investigator at the Federal Trade Commission. Prior to this, she was an independent digital forensic analyst. She has legal and computer networking undergraduate degrees and has worked in the two fields for the last 20 years. Currently, at the Federal Trade Commission, she investigates marketing fraud that ranges from, but is not limited to, multi-level marketing, tech support, coaching, and impersonation scams.
\n\n
\nDescription:
\nScammers have evolved with technology. Technology has already helped scammers evolve from calling individual consumers to using technology to blast millions of calls to consumers. Some scammers have used generative AI models to clone a loved one’s voice as part of a scam where the scammer asks the family member to send money to resolve a fake emergency, such as hospitalization or arrested. How will scammers use telephones and technology to transform, and what are the options available to stop them? This is a call for discussion about how to combat the use of generative AI models being used to clone voices to scam people’s money.\n
\n\n\'',NULL,366702),('2_Friday','16','16:00','16:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'I Am A Former National Cybersecurity Director, Ask Me Anything!\'','\'Chris Inglis\'','PLV_373044fd8d1422befca4f0a9e58b197c','\'Title: I Am A Former National Cybersecurity Director, Ask Me Anything!
\nWhen: Friday, Aug 11, 16:00 - 16:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\n
SpeakerBio:Chris Inglis\n
\nMr. Inglis is a former Managing Director at Paladin and former National Cyber Director and currently serves as Paladin’s Senior Strategic Advisor. He is also the former Deputy Director and senior civilian leader of the National Security Agency. Mr. Inglis acted as the Agency’s chief operating officer, responsible for guiding and directing strategies, operations, and policy.\n

Mr. Inglis began his career at NSA as a computer scientist within the National Computer Security Center. His NSA assignments include service across information assurance, policy, time-sensitive operations, and signals intelligence organizations. Promoted to NSA’s Senior Executive Service in 1997, he subsequently served in a variety of senior leadership assignments culminating in his selection as the NSA Deputy Director. He has twice served away from NSA Headquarters, first as a visiting professor of computer science at the U.S. Military Academy (1991-1992) and later as the U.S. Special Liaison to the United Kingdom (2003-2006).\n

A 1976 graduate of the U.S. Air Force Academy, Mr. Inglis holds advanced degrees in engineering and computer science from Columbia University, Johns Hopkins University, and the George Washington University. He is also a graduate of the Kellogg Business School executive development program, the USAF Air War College, Air Command and Staff College, and Squadron Officers’ School.\n

Mr. Inglis’ military career included nine years active service with the US Air Force and twenty one years with the Air National Guard from which he retired as a Brigadier General in 2006. He holds the rating of Command Pilot and has commanded units at the squadron, group, and joint force headquarters levels. Mr Inglis’ significant Awards include the Clements award as the U.S. Naval Academy’s Outstanding Military Faculty member (1984), three Presidential Rank Awards (2000, 2004, 2009), and the Boy Scouts of America Distinguished Eagle Scout Award (2009).\n

Mr. Inglis currently serves as a Board Member of the Baltimore Area Council, Boy Scouts of America.\n

\n\n
\nDescription:No Description available
\n\'',NULL,366703),('3_Saturday','16','16:00','16:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'How do you solve a problem like Mirai - establishing a policy baseline for the IoT around the world\'','\'Kat Megas,Peter Stephens\'','PLV_34d4d1cd2ed87d3d082dfd1fbed9c6e0','\'Title: How do you solve a problem like Mirai - establishing a policy baseline for the IoT around the world
\nWhen: Saturday, Aug 12, 16:00 - 16:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Kat Megas,Peter Stephens
\n
SpeakerBio:Kat Megas\n
\nKat leads the NIST Cybersecurity for the Internet of Things (IoT) Program, focused on advancing and accelerating the development and application of research, standards, guidelines, and technologies to improve the security and privacy of the ecosystem of connected devices. She coordinates across NIST on all things related to cybersecurity of the IoT including leading the NIST response on IoT for a number of Presidential directives (EO 13800, 14028), the IoT Cybersecurity Improvement Act of 2020 and the Consumer product cybersecurity labeling effort announced by the White House in July. Before coming to NIST, Kat worked in the private sector for 25 years leading organizations’ development and execution of their IT strategies.
\n
SpeakerBio:Peter Stephens\n, OECD
\nPeter Stephens is an experienced policy lead, in the UK and abroad. From 2018 to 2021, he led the IoT Security Policy Division across the UK government, responding to the Mirai attack, and delivering the Product Security and Telecommunications Infrastructure Bill. He is an experienced public servant, well versed in delivering through government. He has advised Ministers and Prime Ministers on the creation and running of Delivery Units in Government. \n

Whilst not technical by background, he brings a rebellious streak. As a student, Peter hitch hiked from Buenos Aires to New York City and he also spent two years teaching in an inner city school in south London. Experiences like this have left him with a staunch optimism about people, and he is a passionate advocate for the partnerships between policy makers and hackers to make better informed policies that can support policymakers, and citizens, around the world. He is currently a Policy Advisor at the OECD, supporting member states to navigate the range of challenges across digital security.\n

\n\n
\nDescription:
\n2023 is a significant year for the IoT, with the Cyber Resilience Act in the EU and the Product Security and Telecommunications Infrastructure Bill in the UK, as well as labelling approaches in the US and Singapore. With new regulation, there is always a threat that the \'floor\' will become a \'ceiling\' in the levels of security. This panel will feature speakers from across policy, industry and the hacker community to discuss what steps policy makers should take to address this live challenge.\n
\n\n\'',NULL,366704),('2_Friday','17','17:00','17:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Keeping stores safe: how do we better secure apps and app stores?\'','\'Charlie Gladstone,David Rogers\'','PLV_5bb3c2530e804fce9cb07632d24756bc','\'Title: Keeping stores safe: how do we better secure apps and app stores?
\nWhen: Friday, Aug 11, 17:00 - 17:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Charlie Gladstone,David Rogers
\n
SpeakerBio:Charlie Gladstone\n, UK Department for Science, Innovation, and Technology
\nCharlie Gladstone leads the UK Government’s work on app store security in the Department for Science, Technology and Innovation. He has worked in tech policy for over five years, where he has specialised in exploring the intersection between technology, society and regulation. Before working in Government, Charlie provided public policy consultancy services to the tech sector clients. He has developed policy on a range of issues including cyber security, digital regulation and artificial intelligence.
\n
SpeakerBio:David Rogers\n, CEO at Copper Horse
\nDavid is a mobile phone and IoT security specialist who runs Copper Horse Ltd, a software and security company based in Windsor, UK. He chairs the Fraud and Security Group at the GSMA. He has spoken at a number of hacking conferences on his security research work including DEF CON’s Car Hacking Village, 44CON, B-Sides London, B-Sides Cymru and B-Sides LV. He was awarded an MBE for services to Cyber Security in the Queen’s Birthday Honours 2019.
\n\n
\nDescription:
\nAs the global pivot to mobile continues and demand for smart devices grows stronger, apps are the main interface between users and the internet, and app stores are the stewards of this ecosystem. App stores are an increasingly valuable target for cyber attacks, with malicious apps stealing vast amounts of data, hijacking devices, and defrauding users of money and personal data. As our usage of apps continues to accelerate at pace, protecting app users from these threats is a collective challenge for governments, hackers, and the cyber security community as a whole.\n

In this fireside discussion, Charlie Gladstone from the UK\'s Department for Science, Innovation and Technology will provide an overview of the UK\'s approach to tackling this issue, and discuss the challenges facing governments in securing apps and app stores. This is an opportunity to discuss the distinct challenges we see in the management of app security, and how these risks vary between different countries. As geopolitical trends continue to shape the development of the internet, this Q&A will explore how governments can work with the hacking community to strengthen app stores and app security across the world.\n

\n\n\'',NULL,366705),('3_Saturday','10','10:00','11:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'How hackers can work with government, industry, civil society to protect high-risk communities\'','\'Adrien Ogee,David Forscey,Mark E. Schreiber,Maurice Kent,Monica M. Ruiz,Sarah Powazek\'','PLV_cd4d009118142a2f31641e16772bc8a3','\'Title: How hackers can work with government, industry, civil society to protect high-risk communities
\nWhen: Saturday, Aug 12, 10:00 - 11:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Adrien Ogee,David Forscey,Mark E. Schreiber,Maurice Kent,Monica M. Ruiz,Sarah Powazek
\n
SpeakerBio:Adrien Ogee\n, Chief Operations Officer at CyberPeace Institute
\nAdrien is the Chief Operations Officer of the CyberPeace Institute, an NGO based in Geneva, Switzerland. He oversees the provision of cybersecurity assistance to vulnerable populations. He spent his career in various cyber crisis response roles in Thales, ANSSI, ENISA and the WEF. Adrien holds an MEng in telecommunication and information systems, an MSc in Global Security and an MBA.
\n
SpeakerBio:David Forscey\n, Cyber Strategy Planner at CISA JCDC
\nDavid Forscey is a Cyber Operations Planner with the Joint Cyber Defense Collaborative at the Cybersecurity and Infrastructure Security Agency. Prior to entering federal service, David was Managing Director for the Aspen Cybersecurity Group at The Aspen Institute based in Washington, D.C. Before that he worked as a Senior Policy Analyst at the National Governors Association Center for Best Practices and a National Security Fellow at Third Way. He graduated magna cum laude from University of Virginia and earned his law degree from Georgetown University Law Center. He also makes beats that slap.
\n
SpeakerBio:Mark E. Schreiber\n
\nMark E. Schreiber is a Senior Counsel at McDermott Will and Emery. Mark focuses his practice on cybersecurity, data breach response and global privacy coordination. He advises entities facing cross-border data protection, the General Data Protection Regulation (GDPR), Privacy Shield and related issues, strategic decisions, cyber assessments and investigations.
\n
SpeakerBio:Maurice Kent\n
\nMaurice Kent is the Deputy in USAID\'s Cybersecurity team in the Technology Division of the Democracy, Development and Innovation Bureau. He oversees global cybersecurity capacity-building support to government and non-government partners across a range of sectors, including management of Digital APEX, one of USAID\'s primary capacity-building programs. He is a 15-year civil service veteran of USAID and has worked on issues such as the intersection of national security & international development, private-sector engagement and off-grid energy, innovative finance/funding practice, higher education engagement and procurement.
\n
SpeakerBio:Monica M. Ruiz\n, Senior Government Affairs Manager, Digital Diplomacy at Microsoft
\nMonica M. Ruiz is a Senior Government Affairs Manager in Microsoft’s Digital Diplomacy team. In this role she focuses on efforts to promote stability in cyberspace and advance trust, security and human rights in this domain. She holds a bachelor’s degree from Florida International University and a master’s degree from The Fletcher School of Law and Diplomacy at Tufts University.
\n
SpeakerBio:Sarah Powazek\n, Program Director of Public Interest Cybersecurity at UC Berkeley Center for Long-Term Cybersecurity (CLTC)
\nSarah Powazek serves as the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity (CLTC), where she leads flagship work on the Citizen Clinic, the Consortium of Cybersecurity Clinics, and public interest cybersecurity research. She recently hosted the flagship Cyber Civil Defense Summit, a mission-based gathering to protect the nation’s most vulnerable public infrastructure. Sarah previously worked at CrowdStrike Strategic Advisory Services, and as the Program Manager of the Ransomware Task Force. She is also an active member of the hacker community, and helps organize Hackers On The Hill and DEF CON Policy.
\n\n
\nDescription:
\nThe US cyber workforce consists of 1.2 million professionals, but over half a million jobs in the cybersecurity sector remain vacant, leading to a talent shortage that affects society as a whole, and high-risk communities most particularly. The predicted talent shortage rising to 3.5 million by 2030 suggests that these communities are unlikely to receive the help they need anytime soon.\n

The hacker community has been helping high-risk communities for decades. But how can they do so at scale? How can decision makers around the world, in government but also industry and civil society, work together with hackers to create solutions that build cyber resiliency for high-risk communities? \n

This public session will explore how governments, industry and civil society can work with the hacker community at large, to develop scalable and systemic solutions to protect those no one should ever attack. It will also aim to identify policy solutions and overall recommendations to generate more secure environments for communities at risk.\n

\n\n\'',NULL,366706),('3_Saturday','11','10:00','11:50','Y','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'How hackers can work with government, industry, civil society to protect high-risk communities\'','\'Adrien Ogee,David Forscey,Mark E. Schreiber,Maurice Kent,Monica M. Ruiz,Sarah Powazek\'','PLV_cd4d009118142a2f31641e16772bc8a3','\'\'',NULL,366707),('3_Saturday','13','13:00','13:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'Beyond the Breach: Exploring Cybersecurity Policies with Hacker Perspectives\'','\'Andrés Velázquez,Isabella Rolz,Mauro Vignati,Orlando Garces\'','PLV_aaeae99ff1f34efc698b0dc11fa2e246','\'Title: Beyond the Breach: Exploring Cybersecurity Policies with Hacker Perspectives
\nWhen: Saturday, Aug 12, 13:00 - 13:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Andrés Velázquez,Isabella Rolz,Mauro Vignati,Orlando Garces
\n
SpeakerBio:Andrés Velázquez\n, Founder and President at MaTTica
\nAndrés Velázquez is a cybersecurity expert and the Founder and President of MaTTica, a leading strategic cybersecurity company in Latin America. With specialized knowledge in cybersecurity, incident response, and computer forensics, Andrés possesses a deep understanding of the ever-evolving landscape of digital investigations and the associated challenges. He is particularly focused on providing expert guidance to Computer Security Incident Response Teams (CSIRTs), playing a pivotal role in incident response and policy development for these teams in Latin America. With a notable career in the industry, Andrés has trained over 1,500 law enforcement and intelligence officers, lawyers, and judges in the region on combating cybercrime. His expertise extends to the academic realm, where he serves as a cybersecurity professor at multiple prestigious universities.
\n
SpeakerBio:Isabella Rolz\n, Communications Specialist at Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS)
\nIsabella Rolz is a communications specialist and journalist with over eight years of experience covering topics related to Latin America and the Caribbean. Her publications address issues such as ensuring security and transparency in LAC, poverty, and immigration, among other social problems. Isabella has worked at the Inter-American Development Bank, The World Bank, Pan-American Health Organization, and now the Organization ofAmerican States. Her work as a journalist has been published in the Washington Post, ABC News, the Daily Beast, Univision, and the New Humanitarian, among other media outlets. She graduated from Columbia University\'s Graduate School of Journalism with a scholarship from the Maria Moors Foundation and is a National Association of Hispanic Journalists member.
\n
SpeakerBio:Mauro Vignati\n, ICRC
\nIn 2003 Mauro started working at the first unit of the Swiss Federal Police fighting cybercrime. Later on, he collaborated to the establishment of MELANI, Switzerland\'s first centre for public-private partnership on cybersecurity for critical infrastructure. Back in 2013, he set up and led the Cyber Threat Intelligence Division within the Department of Defence in Bern. In 2021, he was tasked to create the Vulnerability Management unit within the National Cyber Security Centre NCSC.ch, leading several projects, among them the first bug bounty program of the Swiss government. He then joined the International Committee of the Red Cross ICRC one year later, as advisor on new digital technologies of warfare.
\n
SpeakerBio:Orlando Garces\n, Cybersecurity Program Officer at Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS)
\nOrlando Garcés, Cybersecurity Program Officer of the Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS), focusing primarily on strategy and policy, governance issues, and gender mainstreaming in cybersecurity. He has strategically participated in the formulation and implementation of National Cybersecurity Strategies and Policies in several countries in the Latin American and Caribbean region, as well as in the development of reports and studies on the state of cybersecurity in strategic industries and sectors.
\n\n
\nDescription:
\nThe field of cybersecurity policy is constantly evolving, and as such, the need to think innovatively and critically about policy solutions to address new and emerging threats. “Beyond the Breach: Exploring Cybersecurity Policies with Hacker Perspectives” is a panel that will bring together experts to explore the role of cybersecurity policy hackers in responding to cyber policy challenges that governments and organizations face in this rapidly evolving landscape. The discussion will delve into ongoing processes of elaborating global, regional, and local cyber policies that engage the hacker community. Globally, those discussed in the ICRC Delegation for Cyberspace; regionally, in OAS member states in the Americas; and locally, those in the public and private organizations, such as Computer Security Incident Response Teams (CSIRTs) in Latin America. Additionally, it will explore initiatives to create platforms for hackers’ participation and encourage innovation in cybersecurity policymaking. Furthermore, the panel will also discuss the role of cybersecurity policy hackers in the ongoing evolving landscape of digital investigations and the associated challenges across different regions.\n
\n\n\'',NULL,366708),('3_Saturday','12','12:00','12:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'The Coming War on Encryption, Part 3 (and how you can fight back)\'','\'India McKinney\'','PLV_704d2ccec0dc8252f5d8af5ea05c4d6e','\'Title: The Coming War on Encryption, Part 3 (and how you can fight back)
\nWhen: Saturday, Aug 12, 12:00 - 12:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\n
SpeakerBio:India McKinney\n, Director of Federal Affairs at Electronic Frontier Foundation
\nAs a former Capitol Hill staffer and a current EFF lobbyist, India’s main job is to make sure that the laws of the land don\'t suck the life out of the internet. India’s passion has always been for good public policy, and she’s excited to be using skills developed during past legislative battles to fight for encryption, for consumer privacy, and civil liberties in the digital realm.
\nTwitter: @@imck82
\n\n
\nDescription:
\nIn recent years, lawmakers around the world have proposed legislation aimed at ending encryption, under the guise of ending child exploitation. In the first half of 2023, we have already seen two serious legislative proposals in the Senate that would result in potentially disastrous legal risks for any company that provides encrypted messages. \n

Come join us to get an update about the government’s efforts to break encryption – again. We’ll talk about what is different from the last Encryption Wars, what the conversation sounds like right now in DC*, and we’ve been doing to fight back. Most important, we’ll talk about what technologists can do to protect encryption and everyone who uses it. \n

*when you read this, EARN IT and the STOP CSAM Act, both bills designed to break encryption, will have been marked up and passed out of the Senate Judiciary Committee. What happens after that is entirely dependent on many factors outside my control. The FBI is super gearing up to double down on their position, though.\n

\n\n\'',NULL,366709),('3_Saturday','14','14:00','14:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'How can we encourage more hackers to engage with policy makers?\'','\'Peter Stephens,Thomas Kranz\'','PLV_e321dac368427da333db014f12fbc023','\'Title: How can we encourage more hackers to engage with policy makers?
\nWhen: Saturday, Aug 12, 14:00 - 14:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Peter Stephens,Thomas Kranz
\n
SpeakerBio:Peter Stephens\n, OECD
\nPeter Stephens is an experienced policy lead, in the UK and abroad. From 2018 to 2021, he led the IoT Security Policy Division across the UK government, responding to the Mirai attack, and delivering the Product Security and Telecommunications Infrastructure Bill. He is an experienced public servant, well versed in delivering through government. He has advised Ministers and Prime Ministers on the creation and running of Delivery Units in Government. \n

Whilst not technical by background, he brings a rebellious streak. As a student, Peter hitch hiked from Buenos Aires to New York City and he also spent two years teaching in an inner city school in south London. Experiences like this have left him with a staunch optimism about people, and he is a passionate advocate for the partnerships between policy makers and hackers to make better informed policies that can support policymakers, and citizens, around the world. He is currently a Policy Advisor at the OECD, supporting member states to navigate the range of challenges across digital security.\n

\n
SpeakerBio:Thomas Kranz\n
\nThomas Kranz is an award-winning cybersecurity consultant, a senior security & technology leader, and an author, with more than 30 years of experience in IT and cybersecurity. Starting his hacking career in the 80s in the UK, Thomas has also spent the decades since then involved in lobbying UK and EU policy makers, and contributed to various government consultations around hacking and cybersecurity. He has written two books; his award-winning “Making Sense of Cybersecurity”, and “How is AI transforming Cybersecurity?” for NVIDIA.
\n\n
\nDescription:
\nFor decades, the US has led the way when it comes to involving hackers with policy making. From l0pht appearing before the US Congress in 1998, to the first Policy@DEFCON sessions, DEF CON has shown how hackers and feds can work together to improve the legal landscape for all of us. As Europe tackles big technology issues like privacy, reigning in Big Tech, and encouraging startups and innovation, there is a danger that hackers will be left out of contributing. What lessons can we learn from the different groups in the US who have come together to get hackers involved in policy making?\n
\n\n\'',NULL,366710),('3_Saturday','15','15:00','15:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'All Your Vulns are Belong to Terms & Conditions\'','\'Casey Ellis,David Rogers,Harley Geiger,Katie Trimble-Noble\'','PLV_ae7bbb06b9d5ddc95c4dbd63e56446cb','\'Title: All Your Vulns are Belong to Terms & Conditions
\nWhen: Saturday, Aug 12, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Casey Ellis,David Rogers,Harley Geiger,Katie Trimble-Noble
\n
SpeakerBio:Casey Ellis\n, Bugcrowd
\nCasey is the Chairperson, Founder, and Chief Technology Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20-year veteran of information security who spent his childhood inventing things and generally getting technology to do things it isn\'t supposed to do.\nCasey pioneered the Crowdsourced Security as-a-Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014 prior to its launch in 2018.\n

Since then, he has personally advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives, including preemptive cyberspace protection ahead of the 2020 Presidential Elections.\n

Casey, a native of Sydney, Australia, is based in the San Francisco Bay Area.\n

\n
SpeakerBio:David Rogers\n, CEO at Copper Horse
\nDavid is a mobile phone and IoT security specialist who runs Copper Horse Ltd, a software and security company based in Windsor, UK. He chairs the Fraud and Security Group at the GSMA. He has spoken at a number of hacking conferences on his security research work including DEF CON’s Car Hacking Village, 44CON, B-Sides London, B-Sides Cymru and B-Sides LV. He was awarded an MBE for services to Cyber Security in the Queen’s Birthday Honours 2019.
\n
SpeakerBio:Harley Geiger\n, Counsel at Venable LLP
\nHarley Geiger is Counsel and Senior Director at Venable, LLP, where he leads the Security Research Legal Defense Fund and the Hacking Policy Council and counsels clients on a variety of cybersecurity issues. Prior to this, Geiger was Senior Director for Public Policy at Rapid7, where he worked to expand adoption of vulnerability disclosure and legal protections for security research. Geiger also worked as Senior Legislative Counsel in the U.S. House of Representatives, where he drafted Aaron’s Law, and served as Advocacy Director at the Center for Democracy & Technology.
\nTwitter: @HarleyGeiger
\n
SpeakerBio:Katie Trimble-Noble\n, Director, PSIRT and Bug Bounty at A Tech Company
\nKatie serves as a CVE Program Board, Bug Bounty Community of Interest Board, and Hacking Policy Council member. She is a passionate defensive cybersecurity community activist, she is regularly involved is community driven projects and is most happy when she is able to effect positive progress in cyber defense. In her day-job Katie Noble serves as a Director of PSIRT, Bug Bounty, and the Security Working Artifacts Team at a fortune 50 Technology Company. Prior to joining private sector, Katie spent over 15 years in the US Government. Most recently as the Section Chief of Vulnerability Management and Coordination at the Department of Homeland Security, Cyber and Infrastructure Security Agency (CISA). Her team is credited with the coordination and public disclosure of 20,000+ cybersecurity vulnerabilities within a two-year period. During her government tenure, in roles spanning Intelligence Analyst for the National Intelligence Community to Senior Policy Advisor for White House led National Security Council Cyber programs, Katie’s work directly impacted decision making for government agencies in the United States, United Kingdom, Canada, and Australia.
\n\n
\nDescription:
\nWhat happens when a vulnerability is submitted to a programme? Why do some disclosures take forever? What are governments doing about vulnerability disclosure and why are they so bothered about it? Why do people not understand what the words “vulnerability disclosure” mean and why can’t policy makers quite get their heads around 0 days? Why are companies in some sectors just not adopting CVD even though governments are passing it into law? Have we got RAS or can we think of anymore TLAs to add to the CRA, NIS and VDP? What are countries and regions around the world doing and how do they differ? And yes, what the heck is an equities process?\n
\n\n\'',NULL,366711),('2_Friday','15','15:00','15:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Blocking Pathways into Cybercrime: Current Efforts and Future Opportunities\'','\'Greg Francis,Jonathan Lusthaus,Marcia Hofmann,Marcus Hutchins,Will McKeen\'','PLV_1fcd93e45aa6473ac066221ba224782b','\'Title: Blocking Pathways into Cybercrime: Current Efforts and Future Opportunities
\nWhen: Friday, Aug 11, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Greg Francis,Jonathan Lusthaus,Marcia Hofmann,Marcus Hutchins,Will McKeen
\n
SpeakerBio:Greg Francis\n, Cybercrime Prevention Consultant at MD 4D Cyber Security
\nGreg Francis leads MD 4D Cyber Security and is a Consultant to Dutch National Police. He is a cybercrime prevention specialist with over 20 years of experience gleaned from work as a Specialist Investigator (Serious Organised Crime) and as a Lay Magistrate. For almost seven years, Greg was a Senior Officer in the UK’s National Cyber Crime Unit Prevent Team, serving as Acting Manager for two of these years. He is one of the global pioneers of cybercrime prevention. His specialisms include deterring people from online criminal activity and diverting them into a legitimate path based on their digital interests.
\n
SpeakerBio:Jonathan Lusthaus\n, Senior Research Fellow and Director of the Human Cybercriminal Project at Department of Sociology, University of Oxford
\nDr. Jonathan Lusthaus is Director of The Human Cybercriminal Project and a Senior Research Fellow in the Department of Sociology, University of Oxford. He is also a Research Fellow at Nuffield College. Jonathan’s research focuses on the \"\"human\"\" side of profit-driven cybercrime: who cybercriminals are and how they are organised. He is a regular speaker at major conferences, such as Black Hat, Enigma and the International Conference on Cyber Security. Jonathan has also written widely across academic, policy and media publications, including for the European Journal of Sociology, the Council on Foreign Relations and The New York Times. He is the author of Industry of Anonymity: Inside the Business of Cybercrime published by Harvard University Press. Fieldwork for this study took place over a 7-year period, involved travel to cybercrime hotspots around the globe, and included almost 250 interviews with law enforcement, the private sector, and former cybercriminals. Jonathan holds a doctorate in sociology from the University of Oxford, where he was a Clarendon Scholar.
\n
SpeakerBio:Marcia Hofmann\n, Founder at Zeitgeist Law
\nMarcia Hofmann is the founder and principal of Zeitgeist Law, a boutique law practice that specializes in information security, free expression, consumer protection, intellectual property, privacy, and data protection. She helps security researchers navigate the murky laws around access to computers and data. She has also defended a number of people accused of violating computer crime laws, including malware researcher Marcus Hutchins and three MIT students who were sued over their presentation at DEF CON 16. She studied law enforcement engagement with young computer crime offenders as a US-UK Fulbright scholar. She has also taught computer crime law as an adjunct professor at the University of Colorado Law School.
\n
SpeakerBio:Marcus Hutchins\n
\nMarcus Hutchins is cybersecurity specialist, speaker, and ex-hacker. He is best known for stopping one of the largest cyberattacks in history, the 2017 WannaCry ransomware attack. Marcus and his story were featured on the cover of Wired Magazine’s June 2020 issue, titled “The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet.” He is based in Los Angeles, where he works for a cybersecurity company.
\n
SpeakerBio:Will McKeen\n, Special Agent at FBI
\nWill McKeen is a Special Agent on the FBI\'s Cyber Crimes Task Force in New York. Will specializes in Business Email Compromise, criminal computer intrusion investigations, and Insider Threat cases. Through this work, Will has seen the impact of cyber criminal networks, both on victims and young actors in this space. Will’s background working with victims of crimes, and those behind the keyboard sparked a keen interest in developing new solutions to youth in cyber. Will is also a Cyber Instructor for the FBI and a member of the FBI New York Office’s Crisis Negotiation Team.
\n\n
\nDescription:
\nA movement is building among law enforcement around the world to connect with young people who are on the path to cybercrime and help them redirect their skills to more constructive, lawful ends. While conventional law enforcement is concerned with prosecutions, prevention strategies seek to engage with (future) offenders and divert them away from committing cybercrime in the first place (or to desist from doing so once they have started). A number of tactics have been explored for blocking pathways into cybercrime. These include TV advertisements to encourage parents to take note of what their children might doing online, warnings when youths are crossing into cybercriminal activities, workshops with mentor figures who can demonstrate more productive (and legal) uses of hacking skills, and connections to employers who can potentially offer pathways towards legitimate employment in cybersecurity or the technology sector more broadly. This panel offers a diverse range of perspectives on cybercrime prevention: a pioneer of prevention efforts in the United Kingdom and the Netherlands; an American attorney involved in high profile computer crime defense cases; a US law enforcement agent; and a well-known former hacker. The panel is moderated by an academic expert on cybercrime. Come learn about ongoing prevention efforts and how you might be able to help as a policymaker, potential mentor, or general supporter.\n
\n\n\'',NULL,366712),('3_Saturday','17','17:00','17:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'Navigating the Digital Frontier: Advancing Cyber Diplomacy in a Connected World\'','\'Christopher Painter,Harry Krejsa,Monica M. Ruiz,Océane Thieriot,Orlando Garces\'','PLV_ab7e91f088c2295c289ff8b7522c4132','\'Title: Navigating the Digital Frontier: Advancing Cyber Diplomacy in a Connected World
\nWhen: Saturday, Aug 12, 17:00 - 17:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\nSpeakers:Christopher Painter,Harry Krejsa,Monica M. Ruiz,Océane Thieriot,Orlando Garces
\n
SpeakerBio:Christopher Painter\n, President at Global Forum on Cyber Expertise
\nChris Painter is the President of the Global Forum on Cyber Expertise. He served as the first top cyber diplomat in the U.S. State Department, in the White House as Senior Director for Cyber Policy in the National Security Council, and in the Justice Department and the FBI. Awards include the RSA Award for Excellence in the Field of Public Policy (2016), the Attorney General\'s Award for Exceptional Service, and the Intelligence Community Legal Award (2008).
\nTwitter: @c_painter
\n
SpeakerBio:Harry Krejsa\n, Assistant National Cyber Director for Strategy at The Office of National Cyber Director (ONCD)
\nHarry Krejsa leads cyber strategy for the Office of the National Cyber Director (ONCD), including the development of the Biden-Harris Administration’s 2023 National Cybersecurity Strategy. Harry joined ONCD from the Department of Defense where he developed frameworks for deterring and disrupting adversary cyber campaigns while overseeing military cyber policy engagement in the Indo-Pacific. Previously, Harry directed emerging technology policy at the Cyberspace Solarium Commission, researched U.S.-China strategic competition at the Center for a New American Security, and received a Fulbright Fellowship to Taiwan. A native to rural Iowa, Harry graduated from Grinnell College with a B.A. in Political Science and East Asian Studies and holds a master’s degree in International Relations from the Princeton School of Public and International Affairs.
\n
SpeakerBio:Monica M. Ruiz\n, Senior Government Affairs Manager, Digital Diplomacy at Microsoft
\nMonica M. Ruiz is a Senior Government Affairs Manager in Microsoft’s Digital Diplomacy team. In this role she focuses on efforts to promote stability in cyberspace and advance trust, security and human rights in this domain. She holds a bachelor’s degree from Florida International University and a master’s degree from The Fletcher School of Law and Diplomacy at Tufts University.
\n
SpeakerBio:Océane Thieriot\n, Counselor for Cyber Affairs at Embassy of France in Washington DC
\nOcéane Thieriot is the Counselor for Cyber Affairs at the Embassy of France in Washington DC.\n

Before joining the Embassy, she held positions within the French Ministry of Foreign Affairs, serving in Brussels (Deputy Antici Counselor at the French Permanent Representation to the EU) as well as in Paris (member of the cabinet of the Minister for European Affairs). She is a graduate from Ecole Normale Supérieure, Sciences Po and Ecole Nationale d’Administration.\n

\n
SpeakerBio:Orlando Garces\n, Cybersecurity Program Officer at Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS)
\nOrlando Garcés, Cybersecurity Program Officer of the Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS), focusing primarily on strategy and policy, governance issues, and gender mainstreaming in cybersecurity. He has strategically participated in the formulation and implementation of National Cybersecurity Strategies and Policies in several countries in the Latin American and Caribbean region, as well as in the development of reports and studies on the state of cybersecurity in strategic industries and sectors.
\n\n
\nDescription:
\nIn an increasingly interconnected and technologically driven world, the need for robust and comprehensive cyber diplomacy has become paramount. This panel titled \"\"Navigating the Digital Frontier: Advancing Cyber Diplomacy in a Connected World\"\" will bring together experts across government, industry and civil society to explore the multifaceted challenges posed by cyberspace and discuss strategies to ensure a secure and resilient digital landscape. The panel will delve into ongoing global and regional international cyber dialogues, such as the United Nations (UN) Open-Ended Working Group on security of and in the use of information and communications technologies, the UN Ad-Hoc Committee on Cybercrime (AHC), and the Organization of American States (OAS) Working Group on Cooperation and Confidence-Building Measures in cyberspace. It will also explore capacity building initiatives being pursued across the international community and surface efforts that promote cooperation and trust in cyberspace across different regions. Moreover, the panel will investigate the role of public-private partnerships in shaping effective cyber policy frameworks.\n
\n\n\'',NULL,366713),('3_Saturday','10','10:00','10:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'What “Secure by Design” means for software breakers and builders\'','\'Cassie Crossley,Christopher Butera,Daniel Bardenstein\'','PLV_00f53deac315890df4a9bf722d344aad','\'Title: What “Secure by Design” means for software breakers and builders
\nWhen: Saturday, Aug 12, 10:00 - 10:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Cassie Crossley,Christopher Butera,Daniel Bardenstein
\n
SpeakerBio:Cassie Crossley\n, Vice President, Supply Chain Security at Cybersecurity & Product Security Office at Schneider Electric
\nCassie Crossley, Vice President, Supply Chain Security in the global Cybersecurity & Product Security Office at Schneider Electric, is an experienced cybersecurity technology executive in Information Technology and Product Development. She has many years of business and technical leadership experience in supply chain security, cybersecurity, product/application security, software/firmware development, program management, and data privacy. Ms. Crossley has designed frameworks and operating models for end-to-end security in software development lifecycles, third party risk management, cybersecurity governance, and cybersecurity initiatives. She is a member of the CISA SBOM working groups and presents frequently on the topic of SBOMs and Supply Chain Security. Ms. Crossley has an M.B.A. from California State University, Fresno, and her Bachelor of Science degree in Technical and Professional Communication with a specialization in Computer Science.
\n
SpeakerBio:Christopher Butera\n, Cybersecurity and Infrastructure Security Agency (CISA)
\nChris Butera is the Senior Technical Director for the Cybersecurity Division (CSD) of the Cybersecurity and Infrastructure Security Agency (CISA). In this role, Mr. Butera’s priorities are increasing CISA’s operational visibility, enhancing CISA’s analytical capabilities, envisioning new innovative cybersecurity services, and closing gaps between emerging technologies and CSD operations. Chris leads the Office of the Technical Director which also leads CISA’s Zero Trust efforts, prioritization of cyber R&D work, and leads strategic work in the Industrial Control Systems (ICS) and Operational Technology (OT) space.
\n
SpeakerBio:Daniel Bardenstein\n, Manifest
\nDaniel Bardenstein is the CTO and co-founder of Manifest, a venture-backed software supply chain company allowing enterprises with end-to-end SBOM management. Prior to founding Manifest, Daniel served as the Chief of Tech Strategy at CISA, where he drove technology modernization and OT/ICS strategy across the agency, and led the development of the Cybersecurity Performance Goals. At the Defense Digital Service, he led cybersecurity programs across the Department of Defense, including securing the COVID-19 vaccines and the Hack the Pentagon program. Before joining government, Daniel directed product teams at Exabeam and Palantir developing cybersecurity and data analysis platforms. \n

Daniel was also a Tech Policy Fellow as the Aspen Institute, and is the co-President Foresight Partners, a non-profit that provides free cybersecurity support to political campaigns. He holds several security certifications as well as a patent.\n

\n\n
\nDescription:
\nFor years, the hacker community has fought to try to make technology more secure by exposing weaknesses in the software that underlies our entire society. And now, it seems the US government (USG) - and others around the world - are finally heeding the warnings from the hacker community. \n

In the past two years alone, USG has proposed policies that could shift the burden of security onto software developers, and defined guidance for ‘secure-by-design.’ These efforts, if implemented properly, could create a foundational shift in how software manufacturers build and secure software, and ultimately in the security of tech around the world. \n

In this technical policy talk, CISA’s #1 Cybersecurity Leader, Intel’s Global Cybersecurity Policy Lead, and an experienced security entrepreneur and former USG leader, dissect the buzzwords, policy documents, and implementation details of this wave of policy action, and what it means for software builders and hackers. \n

For the DEF CON / hacker community, this is an opportunity to hear – and inform – what may constitute ‘secure by design’ – from memory safety, to open-source security, vulnerability disclosure programs, and more – and how software suppliers are held accountable for insecure software.\n

\n\n\'',NULL,366714),('3_Saturday','12','12:00','13:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Hands On a Cyber Policy Crisis: Testing Assumptions and Navigating Challenges through a Cyber Simulation\'','\'Safa Shahwan Edwards\'','PLV_bd91f9663b8d567b9ef20fad6e9fcde1','\'Title: Hands On a Cyber Policy Crisis: Testing Assumptions and Navigating Challenges through a Cyber Simulation
\nWhen: Saturday, Aug 12, 12:00 - 13:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\n
SpeakerBio:Safa Shahwan Edwards\n, Deputy Director, Cyber Statecraft Initiative at Atlantic Council
\nSafa Shahwan Edwards is the deputy director of the Atlantic Council’s Cyber Statecraft Initiative under the Digital Forensic Research Lab (DFRLab). In this role, she leads the administration and external communications of the Initiative, as well as the Cyber 9/12 Strategy Challenge, the Initiative’s global cyber policy and strategy competition. Safa holds an MA in International Affairs with a concentration in Conflict Resolution from the George Washington University Elliott School of International Affairs and a BA in Political Science from Miami University of Ohio. Safa is of Bolivian and Jordanian heritage and speaks Spanish and Arabic.
\n\n
\nDescription:
\nA major cyber incident has occurred. How will you respond? \n

A war game but make it cyber. In groups of 3-4 people, hackers and policymakers at the village will respond to a cybersecurity crisis scenario with far reaching impacts on the public but especially vulnerable communities. Groups of 3-4 participants will develop responses to mitigate the crisis and present these to the larger group. Participants may take on specific roles based on the storyline of the crisis (e.g. CISA, the White House, CVD coordinating bodies, OT security researchers, and more).\n

\n\n\'',NULL,366715),('3_Saturday','13','12:00','13:50','Y','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Hands On a Cyber Policy Crisis: Testing Assumptions and Navigating Challenges through a Cyber Simulation\'','\'Safa Shahwan Edwards\'','PLV_bd91f9663b8d567b9ef20fad6e9fcde1','\'\'',NULL,366716),('3_Saturday','14','14:00','14:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Let Night City Sleep - Governance Against a Cyberpunk Future\'','\'Cameron Byrd,Clayton Dixon\'','PLV_84b4738b5eab935c5befee4275ec2ac9','\'Title: Let Night City Sleep - Governance Against a Cyberpunk Future
\nWhen: Saturday, Aug 12, 14:00 - 14:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Cameron Byrd,Clayton Dixon
\n
SpeakerBio:Cameron Byrd\n, Cyber Policy Analyst at Office of Cyber, Infrastructure, Risk, and Resilience Policy, U.S. Department of Homeland Security
\nCameron Byrd is a Cyber Policy Analyst in the Office of Cyber, Infrastructure, Risk, and Resilience Policy at the U.S. Department of Homeland Security (DHS) Headquarters. He supports the Under Secretary for Strategy, Policy, and Plans and leads the development of cybersecurity, technology, and infrastructure policy and strategy for the Department. Cameron engages regularly with DHS components to develop unified Departmental policies and a harmonized cross-Departmental approach to issues including the implementation of Executive Orders and Congressional legislation, fulfillment of Secretary and Presidential cyber priorities, and stewardship of domestic cybersecurity initiatives across the Federal Civilian Executive Branch, Sector Risk Management Agencies, and other stakeholders. He assists in developing position papers, technical policy documents, strategies, and other policy or strategic recommendations for consideration by DHS leadership. Cameron graduated with a B.S., Information Science from the University of Maryland, College Park in 2019 and completed an M.A., Security Policy Studies from George Washington University in 2022.
\n
SpeakerBio:Clayton Dixon\n, Cyber Policy Advisor to the Assistant Secretary of Cyber, Infrastructure, Risk, and Resilience at Department of Homeland Security
\nClayton “CJ” Dixon is Cyber Policy Advisor to the Assistant Secretary of Cyber, Infrastructure, Risk, and Resilience at the Department of Homeland Security. His cyber policy portfolio covers emerging technologies such as Web3, quantum computing, and AI, however, he has a special passion for secure smart cities. CJ was also a Senior Advisor at New York City Cyber Command where he helped develop and implement citywide cybersecurity policies. In a previous life, CJ served in the US Army countering terrorist propaganda in West Africa as Special Operations Psychological Operations Officer.
\n\n
\nDescription:
\nThere are currently 7.4 billion people living on Earth and more than half of those people live in a metropolitan area. Urbanization is accelerating - demand for infrastructure is expected to increase by 100% by 2060. City planners are rapidly turning to digital technology to meet the growing demands of urban life.\n

Enter the “smart city” – the promise that equitable, safe, and sustainable urban life can be achieved through digitization. However, digitization also comes with digital risks. Malicious cyber actors have attacked 222 local government entities and 62 public safety agencies between 2021 and 2023. Malicious actors know our communities are target-rich environments and public policy is often slow to respond. \n

Does this mean humanity is doomed to a Cyberpunk 2077-like future with urban life marred by constant cyber-attacks? The Department of Homeland Security and city officials believe this need not be the case, but it all starts with good governance. In this workshop, DHS will introduce a draft of the Connected Communities Governance Toolkit – a series of guides for connected community governance developed in collaboration with cities across the US. DHS will host a collaborative workshop to examine the implications of a city considering a digital transformation using the Governance Toolkit as a guide.\n

\n\n\'',NULL,366717),('3_Saturday','11','11:00','11:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'AI Caramba! A DC <> DEF CON interface on machine learning\'','\'Austin Carson,Erick Galinkin,Kellee Wicker,Rumman Chowdhury,Tim Ryder\'','PLV_8818540b25403a70ce303eb4d001ebd5','\'Title: AI Caramba! A DC <> DEF CON interface on machine learning
\nWhen: Saturday, Aug 12, 11:00 - 11:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Austin Carson,Erick Galinkin,Kellee Wicker,Rumman Chowdhury,Tim Ryder
\n
SpeakerBio:Austin Carson\n, Founder & President at SeedAI
\nAustin Carson is the Founder and President of SeedAI, a nonprofit established to work with a diverse group of policymakers, academics, and private sector experts to help communities across the United States access the resources they need to engage with AI.\n

Previously, Austin established and led the DC government affairs operation for NVIDIA, translating NVIDIA’s expertise in artificial intelligence and high performance computing for policymakers. Prior to joining NVIDIA, Austin held a number of public sector and NGO positions, including serving as Legislative Director for Chairman Michael McCaul and Executive Director for the Technology Freedom Institute. Austin co-founded the Congressional Tech Staff Association, co-led the Congressional Cybersecurity Caucus and the Congressional High Tech Caucus, and is a founding fellow of the Internet Law and Policy Foundry.\n

\n
SpeakerBio:Erick Galinkin\n, Principal researcher at Rapid7
\nErick Galinkin is a hacker and computer scientist working as principal researcher in Rapid7\'s Office of the CTO. Presently, Erick leads R&D supporting Rapid7\'s Managed Detection and Response service. Widely renowned for his equestrian abilities, Erick is a man of several talents. An alumnus of Johns Hopkins University, he has also published and given talks on security, decision theory, information geometry, and artificial intelligence at conferences from AAAI and GameSec to DEF CON\'s AI and Cloud Villages.
\n
SpeakerBio:Kellee Wicker\n, Director of the Science and Technology Innovation Program at Wilson Center
\nKellee Wicker leads the Science and Technology Innovation Program (STIP) at the Wilson Center, a Congressionally chartered think tank that provides nonpartisan counsel and insights on global affairs to policymakers through deep research, impartial analysis, and independent scholarship. The STIP team provides research and insight to Congress, global policymakers, and the general public on a number of emerging technologies and scientific advances, with special emphasis on artificial intelligence, cybersecurity, space in the commercial age, and more. Through games, experiential learning, and educational opportunities, STIP also works beyond traditional research to directly provide policymakers and their staff with the foundational knowledge they need to devise smart legislation and regulation that protects individuals and workers while continuing to bolster flourishing technological innovation.
\n
SpeakerBio:Rumman Chowdhury\n, Co-Founder and CEO at Humane Intelligence
\nDr. Rumman Chowdhury’s passion lies at the intersection of artificial intelligence and humanity. She is a pioneer in the field of applied algorithmic ethics, creating cutting-edge socio-technical solutions for ethical, explainable and transparent AI. Dr. Chowdhury currently runs the nonprofit Humane Intelligence and is a Responsible AI Fellow at the Berkman Klein Center for Internet & Society at Harvard University. \n

Previously, Dr. Chowdhury was the Director of META (ML Ethics, Transparency, and Accountability) team at Twitter, leading a team of applied researchers and engineers to identify and mitigate algorithmic harms on the platform. Prior to Twitter, she was CEO and founder of Parity, an enterprise algorithmic audit platform company. She formerly served as Global Lead for Responsible AI at Accenture Applied Intelligence. In her work as Accenture’s Responsible AI lead, she led the design of the Fairness Tool, a first-in-industry algorithmic tool to identify and mitigate bias in AI systems. \n

Dr. Chowdhury is dedicated to cultivating and growing the next wave of technology-forward companies enabling the responsible use of emerging technologies.\n

\n
SpeakerBio:Tim Ryder\n, Legislative Assistant at Office of U.S. Senate Majority Leader Charles E. Schumer
\nTim joined U.S. Senate Majority Leader Charles E. Schumer’s office in May 2019 and currently serves as a Legislative Assistant. Tim is spearheading the Leader’s work on artificial intelligence, while overseeing the disaster policy portfolio. He is also a member of the Schumer Climate Team, where he helped formulate, negotiate, and pass the Inflation Reduction Act, Infrastructure Investment and Jobs Act, and a number of other bills last Congress.\n

Prior to his time on the Hill, Tim worked for The Climate Reality Project – former Vice President Al Gore’s non-profit – on Gore’s famous slideshow featured in An Inconvenient Truth. Tim is active in a number of young professional organizations and runs a small business in the district – Green Drinks DC – with his longtime friend. Tim is a graduate of Stetson University, where he studied Environmental Science and Philosophy, and is an alumnus of American University’s Washington Semester Program. In what little spare time there is these days, Tim loves to garden, cook, and make music.\n

\n\n
\nDescription:
\nAI is a huge focus for multiple governments and they are keen to get input from the DEF CON community on what they should be considering for policy interventions. \n

This session will be led by Austin Carson, exploring how we can combine the expertise of DEF CON attendees with the political will and specialized knowledge networks in the Administration and around DC to create wise policy for AI. Topics covered will include how the two communities can support each other and create a virtuous cycle of information conveyance and policy progress? What should the next steps of this work be - how do we move beyond the Biden EO? In this session we\'ll have top experts in policy and the hacker community come together to discuss what that can look like and how to be mutually conscientious of what our experiences and priorities may be.\n

\n\n\'',NULL,366718),('3_Saturday','15','15:00','15:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Non-State Actors in the Russia/Ukraine Conflict\'','\'Dan Grobarcik,Marc Rogers,Mauro Vignati,Stefanie Metka\'','PLV_8eaa8cf9724a0b1095015752b5aa1aa8','\'Title: Non-State Actors in the Russia/Ukraine Conflict
\nWhen: Saturday, Aug 12, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Dan Grobarcik,Marc Rogers,Mauro Vignati,Stefanie Metka
\n
SpeakerBio:Dan Grobarcik\n, Research Associate at Cyber and Innovation Policy Institute at the U.S. Naval War College
\nDan Grobarcik is a Research Associate with the Cyber and Innovation Policy Institute at the U.S. Naval War College. His research covers information warfare, the Cold War, and European and Eurasian security issues.
\n
SpeakerBio:Marc Rogers\n, Senior Adjunct Advisor at Institute for Security and Technology
\nMarc Rogers is the CTO and Cofounder of nbhd.ai and a Senior Adjunct Advisor for the Institute for Security and Technology. Formerly a cybersecurity strategist at Okta, head of security at Cloudflare and co-founder of Vectra.ai. Marc is a whitehat hacker and breaker of things from Teslas, to iPhones, Google Glasses and more. As seen on Mr Robot. Part of IST\'s Ransomware Task Force, Co-Founder of CTI League, Cultivator of beards.
\n
SpeakerBio:Mauro Vignati\n, ICRC
\nIn 2003 Mauro started working at the first unit of the Swiss Federal Police fighting cybercrime. Later on, he collaborated to the establishment of MELANI, Switzerland\'s first centre for public-private partnership on cybersecurity for critical infrastructure. Back in 2013, he set up and led the Cyber Threat Intelligence Division within the Department of Defence in Bern. In 2021, he was tasked to create the Vulnerability Management unit within the National Cyber Security Centre NCSC.ch, leading several projects, among them the first bug bounty program of the Swiss government. He then joined the International Committee of the Red Cross ICRC one year later, as advisor on new digital technologies of warfare.
\n
SpeakerBio:Stefanie Metka\n, NATO
\nStefanie Metka is the head of NATO’s Cyber Threat Analysis Branch and serves as a primary advisor to NATO’s political, military, and security leadership on cyber threats. Prior to joining NATO, Stefanie served as a Strategic Threat Analyst in the Canadian civil service, and has had a number of postings with a focus on cyber threats and national security. Stefanie received her Master’s degree in infrastructure protection and international security from Carleton University, and is also an alumni of the Geneva Centre for Security Policy, and Cornell University.
\n\n
\nDescription:
\nThis panel explores the presence and actions of non-state actors in the Russia-Ukraine conflict. With a focus on volunteerist cyber actors in the conflict, such as patriotic hackers and hacktivist collectives, individual volunteers - or even the private sector -, the panel explores the conduct of these actors during the conflict, as well as how the cyber criminal landscape has evolved during the course of the conflict. Bringing together a set of diverse perspectives from across the policy, operational, legal, and security community spheres, both within, and outside of government, including the NGO space, it focuses on the implications of these actions: can these indeed be considered altruistic actions in cyberspace? Or do they hold more complex implications than we are prepared to admit? This panel intends to demonstrate the ways in which the actions of non-state actors challenge some of our basic assumptions about cyberspace as a domain of operations – but also how adversaries might understand this behaviour too. Ultimately, it argues that the unique space that non-state actors occupy within the cyber elements of the conflict requires much deeper consideration, and complex, considered thought from the wider international security community.\n
\n\n\'',NULL,366719),('3_Saturday','16','16:00','17:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'We\'re From the Government and We\'re Here to Help Secure Open Source Software\'','\'Anjana Rajan,Brian Behlendorf,Charlie Gladstone,Jack Cable\'','PLV_b562ae0a502e271087bfd6c6ecd57854','\'Title: We\'re From the Government and We\'re Here to Help Secure Open Source Software
\nWhen: Saturday, Aug 12, 16:00 - 17:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\nSpeakers:Anjana Rajan,Brian Behlendorf,Charlie Gladstone,Jack Cable
\n
SpeakerBio:Anjana Rajan\n, Assistant National Cyber Director for Technology Security at The White House
\nAnjana Rajan currently serves as the Assistant National Cyber Director for Technology Security at The White House. A renowned cryptographer, technology executive, and entrepreneur, Rajan has spent her career working at the nexus of national security and human rights. Prior to joining the White House, she was the first Chief Technology Officer of Polaris, the largest anti-human trafficking NGO in the United States. In this role, she architected Polaris’s web3 & human rights vision and built a proactive security strategy to defend the organization against foreign malign influence operations and violent extremist threats. \n

Previously, Anjana was a Tech Policy Fellow at the Aspen Institute, was a former Y Combinator founder, led open-source development of advanced cryptographic libraries, and worked at Palantir Technologies. She was a Knight Scholar at Cornell University’s Engineering School and received her bachelor’s and master’s degrees in Operations Research Engineering.\n

\n
SpeakerBio:Brian Behlendorf\n, Open Source Security Foundation
\nNo BIO available
\n
SpeakerBio:Charlie Gladstone\n, UK Department for Science, Innovation, and Technology
\nCharlie Gladstone leads the UK Government’s work on app store security in the Department for Science, Technology and Innovation. He has worked in tech policy for over five years, where he has specialised in exploring the intersection between technology, society and regulation. Before working in Government, Charlie provided public policy consultancy services to the tech sector clients. He has developed policy on a range of issues including cyber security, digital regulation and artificial intelligence.
\n
SpeakerBio:Jack Cable\n, Senior Technical Advisor at Cybersecurity and Infrastructure Security Agency (CISA)
\nJack Cable is a Senior Technical Advisor at the Cybersecurity and Infrastructure Security Agency (CISA). Prior to that, Jack worked as a TechCongress Fellow for the Senate Homeland Security and Governmental Affairs Committee, advising Chairman Gary Peters on cybersecurity policy, including election security and open source software security. He previously worked as a Security Architect at Krebs Stamos Group. Jack also served as an Election Security Technical Advisor at CISA, where he created Crossfeed, a pilot to scan election assets nationwide. Jack is a top bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies. After placing first in the Hack the Air Force bug bounty challenge, he began working at the Pentagon’s Defense Digital Service. Jack holds a bachelor’s degree in Computer Science from Stanford University and has published academic research on election security, ransomware, and cloud security.
\n\n
\nDescription:
\nOpen source software is the backbone of the Internet. As a public good, open source software has enabled tremendous innovations -- and our government and companies alike have a role to play in sustaining it. In this fireside chat, White House Assistant National Cyber Director Anjana Rajan and CISA Senior Technical Advisor Jack Cable will present an overview of the US government\'s strategy on open source software security. The Federal government is the biggest user of open source software in the world, and we recognize that we must do our part in contributing back to the open source community. Priority areas for the U.S. government include advancing the adoption of memory-safe programming languages, reforming CVE, understanding software prevalence, and building a software developer workforce of the future by integrating security into computer science curricula. As part of this, we need your help in getting it right. How can the government best support OSS community efforts? What should the government NOT be doing? It\'s all on the table, and we look to work with you to ensure a secure, sustainable, and resilient OSS future.\n
\n\n\'',NULL,366720),('3_Saturday','17','16:00','17:50','Y','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'We\'re From the Government and We\'re Here to Help Secure Open Source Software\'','\'Anjana Rajan,Brian Behlendorf,Charlie Gladstone,Jack Cable\'','PLV_b562ae0a502e271087bfd6c6ecd57854','\'\'',NULL,366721),('3_Saturday','11','11:00','13:50','N','PLV','Caesars Forum - Summit - 220 - Policy NOT-A-SCIF','\'Secure by Design: Ask the Government Anything and Red-Pen Workshop\'','\'Bob Lord,Cheri Caddy,Jack Cable,Jen Easterly,Lauren Zabierek,Oumou Ly,Yael Grauer\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be','\'Title: Secure by Design: Ask the Government Anything and Red-Pen Workshop
\nWhen: Saturday, Aug 12, 11:00 - 13:50 PDT
\nWhere: Caesars Forum - Summit - 220 - Policy NOT-A-SCIF - Map
\nSpeakers:Bob Lord,Cheri Caddy,Jack Cable,Jen Easterly,Lauren Zabierek,Oumou Ly,Yael Grauer
\n
SpeakerBio:Bob Lord\n, Senior Technical Advisor at Cybersecurity and Infrastructure Security Agency (CISA)
\nBob Lord joined the Cybersecurity and Infrastructure Security Agency (CISA) as a Senior Technical Advisor in April 2022. Previously he was the Chief Security Officer at the Democratic National Committee where he brought more than 20 years of experience in the information security space to the committee, state parties, and campaigns. Before that he was Yahoo’s Chief Information Security Officer, covering areas such as risk management, product security, security software development, e-crimes and APT programs. He wasthe Chief Information Security Officer in Residence at Rapid7, and before that headed up Twitter’s information security program as its first security hire.
\n
SpeakerBio:Cheri Caddy\n, Deputy Assistant National Cyber Director for Cyber Technology, Research & Development at Office of the National Cyber Director at the White House
\nCheri Caddy is the Deputy Assistant National Cyber Director for Cyber Technology, Research & Development in the Office of the National Cyber Director at the White House. In this role she leads technical strategy and policy for national cyber programs on R&D, operational technology, securing the clean energy transition, technical standards, and software liability. Over the past 30 years, Cheri has held senior cyber technology and policy roles at the Department of Energy, the Intelligence Community, and the National Security Council. Cheri is a Senior Cybersecurity Fellow at the McCrary Institute for Cybersecurity & Critical Infrastructure.
\n
SpeakerBio:Jack Cable\n, Senior Technical Advisor at Cybersecurity and Infrastructure Security Agency (CISA)
\nJack Cable is a Senior Technical Advisor at the Cybersecurity and Infrastructure Security Agency (CISA). Prior to that, Jack worked as a TechCongress Fellow for the Senate Homeland Security and Governmental Affairs Committee, advising Chairman Gary Peters on cybersecurity policy, including election security and open source software security. He previously worked as a Security Architect at Krebs Stamos Group. Jack also served as an Election Security Technical Advisor at CISA, where he created Crossfeed, a pilot to scan election assets nationwide. Jack is a top bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies. After placing first in the Hack the Air Force bug bounty challenge, he began working at the Pentagon’s Defense Digital Service. Jack holds a bachelor’s degree in Computer Science from Stanford University and has published academic research on election security, ransomware, and cloud security.
\n
SpeakerBio:Jen Easterly\n, Director at Cybersecurity and Infrastructure Security Agency (CISA)
\nJen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. As Director, Jen leads CISA’s efforts to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every day. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.\n

Before serving in her current role, Jen was the head of Firm Resilience at Morgan Stanley, responsible for ensuring preparedness and response to business-disrupting operational incidents and risks to the Firm. She also helped build and served as the first Global Head of Morgan Stanley’s Cybersecurity Fusion Center, the Firm’s center of gravity for cyber defense operations.\n

Jen has a long tradition of public service, to include two tours at the White House, most recently as Special Assistant to President Obama and Senior Director for Counterterrorism and earlier as Executive Assistant to National Security Advisor Condoleezza Rice. She also served as the Deputy for Counterterrorism at the National Security Agency.\n

A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than twenty years of service in intelligence and cyber operations, including tours of duty in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the design and creation of United States Cyber Command.\n

A distinguished graduate of the United States Military Academy at West Point, Jen holds a\nmaster’s degree in Philosophy, Politics, and Economics from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors and awards, including the 2023 Sisterhood Award from Girls Who Code; the 2022 National Defense University Admiral Grace Hopper Award; the 2021 Cybersecurity Ventures Cybersecurity Person of the Year Award; the 2020 Bradley W. Snyder Changing the Narrative Award, and the 2018 James W. Foley Legacy Foundation American Hostage Freedom Award.\n

A member of the Council on Foreign Relations and a French American Foundation Young Leader, Jen is the past recipient of the Aspen Finance Leaders Fellowship, the National Security Institute Visiting Fellowship, the New America Foundation Senior International Security Fellowship, the Council on Foreign Relations International Affairs Fellowship, and the Director, National Security Agency Fellowship.\n

\nTwitter: @@CISAJen
\n
SpeakerBio:Lauren Zabierek\n, Senior Policy Advisor in the Cybersecurity Division at Cybersecurity and Infrastructure Security Agency (CISA)
\nLauren Zabierek is a Senior Policy Advisor in the Cybersecurity Division at CISA. Previously, she served as the Executive Director of the Cyber Project at the Harvard Kennedy School’s Belfer Center, where she ran a policy-relevant research program and managed students and nonresident fellows. She also served as the Acting Executive Director of the Belfer Center in her final semester there. She came to that role as a 2019 graduate of the Kenney School’s midcareer MPA program. Prior to graduate school, she was an early member of the cybersecurity firm Recorded Future, having established and managed their public sector team. She also served as a civilian intelligence analyst at the National Geospatial Intelligence Agency with multiple deployments to Afghanistan, and served as a US Air Force intelligence officer at the beginning of her career. Lauren is also the co-founder of the online social media movement, #ShareTheMicInCyber. She is a mentor with Girl Security, a fellow at the National Security Institute at George Mason University, and a fellow at New America.
\n
SpeakerBio:Oumou Ly\n, Senior Advisor for Technology and Ecosystem Security at The White House
\nOumou Ly is the Senior Advisor for Technology and Ecosystem Security at the White House. In her role, Oumou provides counsel to senior White House officials on matters which include domestic and international technology and supply chain security, emerging technology, data security, and cyber workforce and education. She came to the White House from the Cybersecurity and Infrastructure Security Agency (CISA) within the U.S. Department of Homeland Security. Similarly, in this role, Oumou advised senior agency and Administration leaders in the execution of top Administration priorities to secure critical infrastructure and led policy and strategy for the CISA Cybersecurity Division. On the Joint Ransomware Task Force, she led the effort to develop metrics to improve policy interventions against ransomware and other categories of cybercrime. Prior to serving at CISA, Oumou was a fellow at Harvard University’s Berkman Klein Center, where she represented the Center in media commentary at the nexus of national security, cybersecurity, and technology including in The Hill, NBC News, and the Financial Times. Furthermore, while a fellow at the Harvard University, Oumou co-authored the concept paper for the distributed Bluesky protocol; curated Chatham House convenings of security practitioners, academics, and top government officials; authored and hosted tabletop exercises to prepare state and local officials for disruption anticipated during the 2020 election, and contributed significant thought leadership on root causes and policy interventions around disinformation. Prior to joining the Berkman Klein Center, Oumou was an advisor to U.S. Senate Democratic Leader Charles Schumer, where she provided counsel on a cross-cutting portfolio which included national security policy, foreign policy, the defense industrial base, and veterans’ affairs. In this role, she routinely led inter and intraparty negotiations on key provisions which were enacted into law, including in the National Defense Authorization Act and the Bipartisan Budget Act of 2018. Oumou holds cybersecurity fellowships at Harvard University and the Atlantic Council’s Digital Forensic Research Lab and holds the position of Trustee at Notre Dame de Namur University. Oumou holds a B.A. from Notre Dame de Namur University in Belmont, CA and an MSc from the London School of Economics and Political Science. Oumou is a member of the Board of Trustees at Notre Dame de Namur University.
\n
SpeakerBio:Yael Grauer\n, Consumer Reports
\nYael Grauer works at Consumer Reports managing Security Planner, a free, easy-to-use guide to staying safer online. Her background is in investigative tech reporting, and she has covered privacy and security for over a decade for various tech publications. She has extensively researched the privacy and security (or lack thereof) of consumer VPNs, teamed up with Electronic Frontier Foundation to research street-level surveillance, broken stories on Zoom misleading users about end-to-encryption, looked into questionable claims about blockchain voting, and investigated surveillance against China’s Uyghur minority. Yael serves on the Board of Directors of the CyberMed Summit, the world’s only clinically-oriented healthcare cybersecurity conference. She also runs a do-it-yourself data broker opt-out list, and is currently writing a book on investigations for No Starch Press.
\n\n
\nDescription:
\nIn this unique session, come learn about and help shape the US Government’s Secure by Design work. The event will begin with opening remarks by CISA Director Jen Easterly, and feature a panel with representatives from CISA and the White House Office of the National Cyber Director (ONCD). Following that, attendees will be given a draft of CISA’s latest guidance on Secure by Design, and will be able to offer edits, comments, and suggestions to inform the final version of the guidance.\n
\n\n\'',NULL,366722),('3_Saturday','12','11:00','13:50','Y','PLV','Caesars Forum - Summit - 220 - Policy NOT-A-SCIF','\'Secure by Design: Ask the Government Anything and Red-Pen Workshop\'','\'Bob Lord,Cheri Caddy,Jack Cable,Jen Easterly,Lauren Zabierek,Oumou Ly,Yael Grauer\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be','\'\'',NULL,366723),('3_Saturday','13','11:00','13:50','Y','PLV','Caesars Forum - Summit - 220 - Policy NOT-A-SCIF','\'Secure by Design: Ask the Government Anything and Red-Pen Workshop\'','\'Bob Lord,Cheri Caddy,Jack Cable,Jen Easterly,Lauren Zabierek,Oumou Ly,Yael Grauer\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be','\'\'',NULL,366724),('4_Sunday','10','10:00','10:50','N','PLV','Caesars Forum - Summit - 221-222 - Policy Atrium','\'Putting Your Money Where Your Cyber Is: A Guided Discussion of Software Liability and Security\'','\'Andrea Matwyshyn\'','PLV_44784f6761eb4a6c320a2d421f80b3e1','\'Title: Putting Your Money Where Your Cyber Is: A Guided Discussion of Software Liability and Security
\nWhen: Sunday, Aug 13, 10:00 - 10:50 PDT
\nWhere: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
\n
SpeakerBio:Andrea Matwyshyn\n, Professor at Penn State Law & Penn State Engineering
\nDr. Andrea Matwyshyn is a full professor in the law school and engineering school at Penn State, the Associate Dean of Innovation at Penn State Law, and the founding faculty director of both the Penn State PILOT Lab (Policy Innovation Lab of Tomorrow), an interdisciplinary technology policy lab, and the Manglona Lab for Gender and Economic Equity, a technology equity lab and clinic. She has also worked in both the private and public sector, most recently in 2023 as a Senior Special Advisor on Information Security and Data Privacy to the U.S. Consumer Financial Protection Bureau’s Office of Enforcement and a Senior Special Advisor on Law, Technology, and the Digital Economy to the U.S. Federal Trade Commission’s Bureau of Consumer Protection. Her first hackercon talk was at BlackHat USA in 2003, and she has previously served as a specialty reviewer on the DEF CON CFP Review team.
\n\n
\nDescription:
\nAre you interested in discussing the future of “shifting liability for software products and services to promote secure development practices”? If so, join a guided discussion led by law and engineering Prof. Andrea Matwyshyn on Pillar 3 of the Biden-Harris National Cybersecurity Strategy. After a brief introduction to the history of software liability and what (various forms of) “security liability” already exist, we will engage in structured legal exercises intended to help us discuss, crystalize, and clarify the relevant variables that courts, regulators, and policymakers will consider in deciding how to generate the next generation of security liability. We will talk through what the legal future is likely to hold (and assess what we think it should hold). We will debate the edge cases and try to generate some consensus, as well as perhaps a master list of concerns that can help further inform policymakers’ thinking on the future of security and software liability policy.\n
\n\n\'',NULL,366725),('4_Sunday','11','11:00','11:50','N','PLV','Caesars Forum - Summit - 218-219 - Policy Rotunda','\'Hangover Trivia: Cyber Policy Edition\'','\'Kurt Opsahl\'','PLV_2020a1944b00f9e8bd228c4521416270','\'Title: Hangover Trivia: Cyber Policy Edition
\nWhen: Sunday, Aug 13, 11:00 - 11:50 PDT
\nWhere: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
\n
SpeakerBio:Kurt Opsahl\n, Associate General Counsel for Cybersecurity and Civil Liberties Policy at Filecoin Foundation
\nKurt Opsahl is the Associate General Counsel for Cybersecurity and Civil Liberties Policy for the Filecoin Foundation, and a Special Counsel to the Electronic Frontier Foundation. Formerly, Opsahl was the Deputy Executive Director and General Counsel of EFF. Opsahl was also the lead attorney on the Coders\' Rights Project, and continues to assist EFF with that work as a Special Counsel. In 2007, Opsahl was named as one of the \"Attorneys of the Year\" by California Lawyer magazine. From 2014 to 2022, Opsahl served on the USENIX Board of Directors. Opsahl is a member of the CISA Cybersecurity Advisory Committee’s Technical Advisory Council.
\nTwitter: @KurtOpsahl
\n\n
\nDescription:
\nCome down to the Policy track on Sunday morning and test your knowledge of all the most trivial aspects of tech policy! Bring a team or ride solo, and see if your deep knowledge of cybersecurity and tech policy is the best of the best. We’ll have a short quiz on tech law, policy, security and privacy topics that will blow your mind. Or what’s left of your mind after those shenanigans you got up to on Saturday night. BYO Bloody Mary.\n

Kurt Opsahl will be your most masterful and hungover Trivia Master, joined by three surprise judges.\n

\n\n\'',NULL,366726),('2_Friday','12','12:00','13:50','N','PLV','Caesars Forum - Summit - 220 - Policy NOT-A-SCIF','\'It\'s Coming from Inside the House: Next Steps for Addressing U.S. Network Abuse\'','\'David Forscey,Emily Paull,Peter Su,Seth McKinnis,Thomas Klein\'','PLV_29ce68ba56281702376470206f5cb5b3','\'Title: It\'s Coming from Inside the House: Next Steps for Addressing U.S. Network Abuse
\nWhen: Friday, Aug 11, 12:00 - 13:50 PDT
\nWhere: Caesars Forum - Summit - 220 - Policy NOT-A-SCIF - Map
\nSpeakers:David Forscey,Emily Paull,Peter Su,Seth McKinnis,Thomas Klein
\n
SpeakerBio:David Forscey\n, Cyber Strategy Planner at CISA JCDC
\nDavid Forscey is a Cyber Operations Planner with the Joint Cyber Defense Collaborative at the Cybersecurity and Infrastructure Security Agency. Prior to entering federal service, David was Managing Director for the Aspen Cybersecurity Group at The Aspen Institute based in Washington, D.C. Before that he worked as a Senior Policy Analyst at the National Governors Association Center for Best Practices and a National Security Fellow at Third Way. He graduated magna cum laude from University of Virginia and earned his law degree from Georgetown University Law Center. He also makes beats that slap.
\n
SpeakerBio:Emily Paull\n, Cyber Operations Planner at CISA JCDC
\nEmily Paull is a Cyber Operations Planner with the Cybersecurity and Infrastructure Security Agency’s Joint Cyber Defense Collaborative (JCDC). Emily works with government and private sector partners to identify and address cyber threats to U.S. critical infrastructure. Her prior experience includes working on various policy issues, including election security, emerging technology, and foreign investment risk. She has a BA from the University of Michigan and an MA from Columbia University.
\n
SpeakerBio:Peter Su\n, Cyber Operations Planner at CISA JCDC
\nPeter Su is a Cyber Operations Planner with the Cybersecurity and Infrastructure Security Agency\'s (CISA) Joint Cyber Defense Collaborative (JCDC), where he works with government and private sector partners to identify, measure, and mitigate cyber risk. Before joining CISA JCDC, Peter worked as a Professional Staff Member on the Senate Homeland Security and Governmental Affairs Committee\'s (HSGAC) Subcommittee on Emerging Threats and Spending Oversight, focusing on cybersecurity and other emerging technology issues in the homeland security space. Peter has a PhD from MIT in Materials Science and Engineering (researching semiconductor materials and nanofabrication) and a BSE from the University of Michigan.
\n
SpeakerBio:Seth McKinnis\n, Future Plans Section Chief at CISA JCDC
\nSeth McKinnis is Section Chief for Future Plans at CISA’s Joint Cyber Defense Collaborative. In this role, Seth sets JCDC’s joint cyber planning priorities by identifying critical cyber issues at the nexus between cybersecurity and critical infrastructure. Seth has worked with critical infrastructure and cybersecurity at CISA and the Department of Homeland Security since 2013, including CISA’s Shields Up campaign, Free Cybersecurity Services and Tools List, #RumorControl, and leading CISA’s risk analysis on security and resilience of election systems. Seth is a Certified Information Systems Security Professional (CISSP) and a graduate of Patrick Henry College and the Naval Postgraduate School’s Emergence Program.
\n
SpeakerBio:Thomas Klein\n, Cyber Operations Planner at CISA JCDC (Joint Cyber Defense Collaborative)
\nTom Klein is a Cyber Operations Planner with the Cybersecurity and Infrastructure Security Agency’s Joint Cyber Defense Collaborative (JCDC). In his current role, Tom focuses on policy & strategy inputs to JCDC’s planning efforts as well as, the unique cyber risks facing industrial control systems, and to some extent the financial sector. Previously, Tom was a National Security Fellow with Third Way and an OSINT investigator. He received his BA in Philosophy & Political Science from NYU Abu Dhabi, and his MPP focusing on cyber policy from Oxford University’s Blavatnik School of Government.
\n\n
\nDescription:
\nThe Joint Cyber Defense Collaborative (JCDC) unifies cyber defenders, including running collaborative cyber planning efforts between government and industry to develop practical courses of action that address cyber risks. The JCDC team is now working with partners across the cyber ecosystem to develop planning priorities for 2024. One focus area we’re exploring for future work is supporting and strengthening collaborative, voluntary efforts to understand and prevent malicious abuse of virtual resources hosted inside the United States. This session will give DEF CON attendees the opportunity to provide direct and candid feedback to JCDC on the nature of the problem posed by abuse of US infrastructure propose tangible ideas that will inform 2024 joint cyber defense planning efforts.\n
\n\n\'',NULL,366727),('2_Friday','13','12:00','13:50','Y','PLV','Caesars Forum - Summit - 220 - Policy NOT-A-SCIF','\'It\'s Coming from Inside the House: Next Steps for Addressing U.S. Network Abuse\'','\'David Forscey,Emily Paull,Peter Su,Seth McKinnis,Thomas Klein\'','PLV_29ce68ba56281702376470206f5cb5b3','\'\'',NULL,366728),('3_Saturday','14','14:00','15:50','N','PLV','Caesars Forum - Summit - 220 - Policy NOT-A-SCIF','\'Abating the Eye of Sauron: Help Combat Authoritarian Censorship\'','\'David Houston,Michaela Lee\'','PLV_0ea81c466b8006c5ef2b569d448925e7','\'Title: Abating the Eye of Sauron: Help Combat Authoritarian Censorship
\nWhen: Saturday, Aug 12, 14:00 - 15:50 PDT
\nWhere: Caesars Forum - Summit - 220 - Policy NOT-A-SCIF - Map
\nSpeakers:David Houston,Michaela Lee
\n
SpeakerBio:David Houston\n, International Relations Officer, Bureau of Democracy, Human Rights, and Labor at U.S. Department of State
\nDavid Houston is a career member of the Foreign Service with the U.S. Department of State, currently working on the Internet freedom team and confronting issues at the nexus of emerging technology and human rights impact. He is a former Army Captain and combat veteran of the war in Afghanistan, and has served at embassies in Beijing, Panama, and Mogadishu.
\n
SpeakerBio:Michaela Lee\n, Director for Strategy and Research at The Office of National Cyber Director (ONCD)
\nMichaela Lee is the Director for Strategy and Research at the Office of the National Cyber Director. Prior to her present role, Michaela worked at the intersection of geopolitical risk and cybersecurity at the Krebs Stamos Group. Her background is in emerging technologies and human rights, having covered issues of artificial intelligence, privacy, and platform governance at nonprofit BSR (Business for Social Responsibility). She is a graduate of the University of California, Davis and the Harvard Kennedy School.
\n\n
\nDescription:
\nAuthoritarian regimes abuse technology as a tool to suppress critics, journalists, human rights defenders, and more. Often, they exploit security weaknesses in common Internet technologies in their attempts to censor information and communication and curtail freedom of expression. ONCD and the State Department will talk about how authoritarian regimes censor their populations, U.S. Government efforts to increase security while combatting authoritarian censorship and repression, and how to help.\n

The lack of security and resilience throughout the network stack creates opportunities for authoritarian regimes to repress or censor at scale. We will talk through how regimes have historically taken advantage of protocols, internet infrastructure, and lack of encryption to do just that. We’ll then talk about how the U.S. Government is approaching this problem.\n

But most technology, development, and internet services are in the private sector, not the government. So we\'ll talk about how the community can help: from protocols that need more research and testing, to implementing known security practices, attendees will learn how they can contribute to Internet freedom!\n

\n\n\'',NULL,366729),('3_Saturday','15','14:00','15:50','Y','PLV','Caesars Forum - Summit - 220 - Policy NOT-A-SCIF','\'Abating the Eye of Sauron: Help Combat Authoritarian Censorship\'','\'David Houston,Michaela Lee\'','PLV_0ea81c466b8006c5ef2b569d448925e7','\'\'',NULL,366730),('1_Thursday','18','18:00','01:59','N','MUS','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Music Set / Entertainment (Thursday, SYN Stage)\'','\'Bolonium,Deepblue,Dries,Dual Core,NPC Collective,Nina Lowe,PankleDank,The Icarus Kid\'','MUS_36af1b68cac9f88db44bbf4da582d80a','\'Title: Music Set / Entertainment (Thursday, SYN Stage)
\nWhen: Thursday, Aug 10, 18:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\nSpeakers:Bolonium,Deepblue,Dries,Dual Core,NPC Collective,Nina Lowe,PankleDank,The Icarus Kid
\n
SpeakerBio:Bolonium\n
\nNo BIO available
\n
SpeakerBio:Deepblue\n
\nNo BIO available
\n
SpeakerBio:Dries\n
\nNo BIO available
\n
SpeakerBio:Dual Core\n
\nNo BIO available
\n
SpeakerBio:NPC Collective\n
\nNo BIO available
\n
SpeakerBio:Nina Lowe\n
\nNo BIO available
\n
SpeakerBio:PankleDank\n
\nNo BIO available
\n
SpeakerBio:The Icarus Kid\n
\nNo BIO available
\n\n
\nDescription:
\nFeaturing performances by:\n
\n

Content from this stage will be streamed to https://www.twitch.tv/defconorg_entertainment\n

\n\'',NULL,366731),('1_Thursday','18','18:00','01:59','N','MUS','Caesars Forum - Forum Pre-Function 2 - ACK Stage','\'Music Set / Entertainment (Thursday, ACK Stage)\'','\'Alexi Husky,DJ Scythe,Delchi,Grind613,Syntax,Talk Sinn,YTCracker,c0debreaker,mattrix\'','MUS_6c8720607c4a95e173f1c4f850316c24','\'Title: Music Set / Entertainment (Thursday, ACK Stage)
\nWhen: Thursday, Aug 10, 18:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum Pre-Function 2 - ACK Stage - Map
\nSpeakers:Alexi Husky,DJ Scythe,Delchi,Grind613,Syntax,Talk Sinn,YTCracker,c0debreaker,mattrix
\n
SpeakerBio:Alexi Husky\n
\nNo BIO available
\n
SpeakerBio:DJ Scythe\n
\nNo BIO available
\n
SpeakerBio:Delchi\n
\nNo BIO available
\nTwitter: @HDA_DEFCON
\n
SpeakerBio:Grind613\n
\nNo BIO available
\n
SpeakerBio:Syntax\n
\nNo BIO available
\n
SpeakerBio:Talk Sinn\n
\nNo BIO available
\nTwitter: @Cuteboi_Roxin
\n
SpeakerBio:YTCracker\n
\nNo BIO available
\n
SpeakerBio:c0debreaker\n
\nNo BIO available
\n
SpeakerBio:mattrix\n
\nNo BIO available
\n\n
\nDescription:
\nFeaturing performances by:\n
\n

ACK Stage is located in front of the doors to rooms 117/118 in the Forum Pre-function 2. Look for the tents and the beats!\n

\n\'',NULL,366732),('2_Friday','18','18:00','01:59','N','MUS','Caesars Forum - Forum Pre-Function 2 - ACK Stage','\'Music Set / Entertainment (Friday, ACK Stage)\'','\'Acid T,CTRL/rsm,DJ PatAttack,DJ St3rling,Magik Plan,Scotch and Bubbles,Spice Rack,kampf\'','MUS_eba674ee0a271abf7280af5f1143d4f5','\'Title: Music Set / Entertainment (Friday, ACK Stage)
\nWhen: Friday, Aug 11, 18:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum Pre-Function 2 - ACK Stage - Map
\nSpeakers:Acid T,CTRL/rsm,DJ PatAttack,DJ St3rling,Magik Plan,Scotch and Bubbles,Spice Rack,kampf
\n
SpeakerBio:Acid T\n
\nNo BIO available
\n
SpeakerBio:CTRL/rsm\n
\nNo BIO available
\n
SpeakerBio:DJ PatAttack\n
\nNo BIO available
\n
SpeakerBio:DJ St3rling\n
\nNo BIO available
\n
SpeakerBio:Magik Plan\n
\nNo BIO available
\n
SpeakerBio:Scotch and Bubbles\n
\nNo BIO available
\n
SpeakerBio:Spice Rack\n
\nNo BIO available
\n
SpeakerBio:kampf\n
\nNo BIO available
\n\n
\nDescription:
\nFeaturing performances by:\n
\n

ACK Stage is located in front of the doors to rooms 117/118 in the Forum Pre-function 2. Look for the tents and the beats!\n

\n\'',NULL,366733),('3_Saturday','18','18:00','01:59','N','MUS','Caesars Forum - Forum Pre-Function 2 - ACK Stage','\'Music Set / Entertainment (Saturday, ACK Stage)\'','\'DotOrNot,Dr. McGrew,H4X,Icetre Normal,NGHTHWK,SK,Z3npi,n0x08\'','MUS_0287a4b485f22bccd4f894f268734917','\'Title: Music Set / Entertainment (Saturday, ACK Stage)
\nWhen: Saturday, Aug 12, 18:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum Pre-Function 2 - ACK Stage - Map
\nSpeakers:DotOrNot,Dr. McGrew,H4X,Icetre Normal,NGHTHWK,SK,Z3npi,n0x08
\n
SpeakerBio:DotOrNot\n
\nNo BIO available
\n
SpeakerBio:Dr. McGrew\n
\nNo BIO available
\n
SpeakerBio:H4X\n
\nNo BIO available
\n
SpeakerBio:Icetre Normal\n
\nNo BIO available
\n
SpeakerBio:NGHTHWK\n
\nNo BIO available
\n
SpeakerBio:SK\n
\nNo BIO available
\n
SpeakerBio:Z3npi\n
\nNo BIO available
\n
SpeakerBio:n0x08\n
\nNo BIO available
\n\n
\nDescription:
\nFeaturing performances by:\n
\n

ACK Stage is located in front of the doors to rooms 117/118 in the Forum Pre-function 2. Look for the tents and the beats!\n

\n\'',NULL,366734),('2_Friday','21','21:00','01:59','N','MUS','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Music Set / Entertainment (Friday, SYN Stage)\'','\'Great Scott,Krisz Klink,TRIODE,Zebbler Encanti Experience,heckseven\'','MUS_06cfc5a8575d223a8be2540ef7f3ab39','\'Title: Music Set / Entertainment (Friday, SYN Stage)
\nWhen: Friday, Aug 11, 21:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\nSpeakers:Great Scott,Krisz Klink,TRIODE,Zebbler Encanti Experience,heckseven
\n
SpeakerBio:Great Scott\n
\nNo BIO available
\nTwitter: @greatscottmusic
\n
SpeakerBio:Krisz Klink\n
\nNo BIO available
\nTwitter: @kriszklink
\n
SpeakerBio:TRIODE\n
\nNo BIO available
\n
SpeakerBio:Zebbler Encanti Experience\n
\nNo BIO available
\n
SpeakerBio:heckseven\n
\nNo BIO available
\n\n
\nDescription:
\nFeaturing performances by:\n
\n

Content from this stage will be streamed to https://www.twitch.tv/defconorg_entertainment\n

\n\'',NULL,366735),('3_Saturday','21','21:00','01:59','N','MUS','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Yarrrrgh Pirate Night - Music Set / Entertainment (Saturday, SYN Stage)\'','\'FuzzyNop,Miss Jackalope,Ninjula,O\'Craven Pirate Band,Skittish & Bus\'','MUS_a839adadf8ae1d98babdf7e253c99058','\'Title: Yarrrrgh Pirate Night - Music Set / Entertainment (Saturday, SYN Stage)
\nWhen: Saturday, Aug 12, 21:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\nSpeakers:FuzzyNop,Miss Jackalope,Ninjula,O\'Craven Pirate Band,Skittish & Bus
\n
SpeakerBio:FuzzyNop\n
\nNo BIO available
\n
SpeakerBio:Miss Jackalope\n
\nNo BIO available
\n
SpeakerBio:Ninjula\n
\nNo BIO available
\nTwitter: @countninjula
\n
SpeakerBio:O\'Craven Pirate Band\n
\nNo BIO available
\n
SpeakerBio:Skittish & Bus\n
\nNo BIO available
\n\n
\nDescription:
\nJoin us Saturday night (Aug 12) at the SYN Stage in Caesars Forum for \"Yarrrrgh Pirate Night\", which is our answer to last year\'s Night of the Ninjas. \n

At 23:00, we feature the pirate rock band O\'Craven.\n

Contest - Win the cost of a DEF CON Badge - $440!\n

It\'s your turn to participate! We seek the best dressed as a pirate! Dust off your costume or make a new one -- just show up -- it\'s supposed to be fun! The winner will receive a cash prize equal to the cost of the DEF CON 31 badge. The pirate band will judge the costumes and help choose a winner. Contest on the stage immediately following O\'Craven at 00:00.\n

Featuring performances by:\n

\n

Content from this stage will be streamed to https://www.twitch.tv/defconorg_entertainment\n

\n\'',NULL,366736),('1_Thursday','16','16:00','18:59','N','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_dbdc6ecd9a2f73af2ccef4ce115482cb','\'Title: DDV open and accepting drives for duplication
\nWhen: Thursday, Aug 10, 16:00 - 18:59 PDT
\nWhere: Caesars Forum - Summit - 231 - Data Dupe Vlg - Map
\n
\nDescription:
\nWe start taking drives at 4:00pm local time on Thursday - possibly a little earlier. We reopen at 10:00am on Friday, Saturday, and Sunday.\n

We\'ll keep accepting drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can\'t copy any more - first come, first served.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\n

Most of the drive information can be found [here](https://dcddv.org/dc31-drive-info). If you have questions that have not yet been answered, you can email [info@dcddv.org](mailto:info@dcddv.org), or visit the [DEF CON Forums](https://forum.defcon.org/node/244903).\n

\n\n\'',NULL,366737),('1_Thursday','17','16:00','18:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_dbdc6ecd9a2f73af2ccef4ce115482cb','\'\'',NULL,366738),('1_Thursday','18','16:00','18:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_dbdc6ecd9a2f73af2ccef4ce115482cb','\'\'',NULL,366739),('2_Friday','10','10:00','16:59','N','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_451ea4cead475bad86ea2a10c7972db9','\'Title: DDV open and accepting drives for duplication
\nWhen: Friday, Aug 11, 10:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - 231 - Data Dupe Vlg - Map
\n
\nDescription:
\nWe start taking drives at 4:00pm local time on Thursday - possibly a little earlier. We reopen at 10:00am on Friday, Saturday, and Sunday.\n

We\'ll keep accepting drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can\'t copy any more - first come, first served.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\n

Most of the drive information can be found [here](https://dcddv.org/dc31-drive-info). If you have questions that have not yet been answered, you can email [info@dcddv.org](mailto:info@dcddv.org), or visit the [DEF CON Forums](https://forum.defcon.org/node/244903).\n

\n\n\'',NULL,366740),('2_Friday','11','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_451ea4cead475bad86ea2a10c7972db9','\'\'',NULL,366741),('2_Friday','12','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_451ea4cead475bad86ea2a10c7972db9','\'\'',NULL,366742),('2_Friday','13','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_451ea4cead475bad86ea2a10c7972db9','\'\'',NULL,366743),('2_Friday','14','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_451ea4cead475bad86ea2a10c7972db9','\'\'',NULL,366744),('2_Friday','15','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_451ea4cead475bad86ea2a10c7972db9','\'\'',NULL,366745),('2_Friday','16','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_451ea4cead475bad86ea2a10c7972db9','\'\'',NULL,366746),('3_Saturday','10','10:00','16:59','N','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_07cc99571f823740441bc57f8c0b1497','\'Title: DDV open and accepting drives for duplication
\nWhen: Saturday, Aug 12, 10:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - 231 - Data Dupe Vlg - Map
\n
\nDescription:
\nWe start taking drives at 4:00pm local time on Thursday - possibly a little earlier. We reopen at 10:00am on Friday, Saturday, and Sunday.\n

We\'ll keep accepting drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can\'t copy any more - first come, first served.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.\n

Most of the drive information can be found [here](https://dcddv.org/dc31-drive-info). If you have questions that have not yet been answered, you can email [info@dcddv.org](mailto:info@dcddv.org), or visit the [DEF CON Forums](https://forum.defcon.org/node/244903).\n

\n\n\'',NULL,366747),('3_Saturday','11','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_07cc99571f823740441bc57f8c0b1497','\'\'',NULL,366748),('3_Saturday','12','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_07cc99571f823740441bc57f8c0b1497','\'\'',NULL,366749),('3_Saturday','13','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_07cc99571f823740441bc57f8c0b1497','\'\'',NULL,366750),('3_Saturday','14','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_07cc99571f823740441bc57f8c0b1497','\'\'',NULL,366751),('3_Saturday','15','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_07cc99571f823740441bc57f8c0b1497','\'\'',NULL,366752),('3_Saturday','16','10:00','16:59','Y','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'DDV open and accepting drives for duplication\'','\' \'','MISC_07cc99571f823740441bc57f8c0b1497','\'\'',NULL,366753),('4_Sunday','10','10:00','10:59','N','MISC','Caesars Forum - Summit - 231 - Data Dupe Vlg','\'Last chance to pick up drives at the DDV\'','\' \'','MISC_706fac635b1832181ba6fca6989ab734','\'Title: Last chance to pick up drives at the DDV
\nWhen: Sunday, Aug 13, 10:00 - 10:59 PDT
\nWhere: Caesars Forum - Summit - 231 - Data Dupe Vlg - Map
\n
\nDescription:
\nThis is your last chance to pickup your drives whether they\'re finished or not. Get here between 10:00 and 11:00 on Sunday as any drives left behind are considered donations. Please leave the 8TB ones - we need them for next year.\n
\n\n\'',NULL,366754),('2_Friday','08','08:00','19:59','N','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'Title: Human Registration Open
\nWhen: Friday, Aug 11, 08:00 - 19:59 PDT
\nWhere: Caesars Forum - Forum - 101-103 - Reg - Map
\n
\nDescription:
\nExtremely **IMPORTANT** notes regarding human registration:\n
\n\n\'',NULL,366755),('2_Friday','09','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366756),('2_Friday','10','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366757),('2_Friday','11','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366758),('2_Friday','12','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366759),('2_Friday','13','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366760),('2_Friday','14','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366761),('2_Friday','15','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366762),('2_Friday','16','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366763),('2_Friday','17','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366764),('2_Friday','18','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366765),('2_Friday','19','08:00','19:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83','\'\'',NULL,366766),('4_Sunday','10','10:00','13:59','N','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_fee38845a2ae761750cd45a79c1c4951','\'Title: Human Registration Open
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Forum - 101-103 - Reg - Map
\n
\nDescription:
\nExtremely **IMPORTANT** notes regarding human registration:\n
\n\n\'',NULL,366767),('4_Sunday','11','10:00','13:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_fee38845a2ae761750cd45a79c1c4951','\'\'',NULL,366768),('4_Sunday','12','10:00','13:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_fee38845a2ae761750cd45a79c1c4951','\'\'',NULL,366769),('4_Sunday','13','10:00','13:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_fee38845a2ae761750cd45a79c1c4951','\'\'',NULL,366770),('3_Saturday','09','09:30','18:59','N','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'Title: Human Registration Open
\nWhen: Saturday, Aug 12, 09:30 - 18:59 PDT
\nWhere: Caesars Forum - Forum - 101-103 - Reg - Map
\n
\nDescription:
\nExtremely **IMPORTANT** notes regarding human registration:\n
\n\n\'',NULL,366771),('3_Saturday','10','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366772),('3_Saturday','11','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366773),('3_Saturday','12','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366774),('3_Saturday','13','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366775),('3_Saturday','14','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366776),('3_Saturday','15','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366777),('3_Saturday','16','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366778),('3_Saturday','17','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366779),('3_Saturday','18','09:30','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b','\'\'',NULL,366780),('1_Thursday','07','07:00','18:59','N','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'Title: Human Registration Open
\nWhen: Thursday, Aug 10, 07:00 - 18:59 PDT
\nWhere: Caesars Forum - Forum - 101-103 - Reg - Map
\n
\nDescription:
\nExtremely **IMPORTANT** notes regarding human registration:\n
\n\n\'',NULL,366781),('1_Thursday','08','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366782),('1_Thursday','09','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366783),('1_Thursday','10','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366784),('1_Thursday','11','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366785),('1_Thursday','12','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366786),('1_Thursday','13','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366787),('1_Thursday','14','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366788),('1_Thursday','15','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366789),('1_Thursday','16','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366790),('1_Thursday','17','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366791),('1_Thursday','18','07:00','18:59','Y','DC','Caesars Forum - Forum - 101-103 - Reg','\'Human Registration Open\'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39','\'\'',NULL,366792),('0_Wednesday','17','17:00','06:59','N','MISC','Caesars Forum - Forum - 101-103 - Reg','\'Linecon\'','\' \'','MISC_7d0e99df51df083cc7213c1fe1a10eff','\'Title: Linecon
\nWhen: Wednesday, Aug 9, 17:00 - 06:59 PDT
\nWhere: Caesars Forum - Forum - 101-103 - Reg - Map
\n
\nDescription:
\nLinecon is your optional opportunity to stand (or sit) in line for human registration to open.\n

Doors open at 17:00 Wednesday. Registration will open and queue processing will begin at approximately 07:00 Thursday.\n

At all times, follow directions from on-duty goons -- linecon may need to be relocated into a different ballroom. The currently planned location is Caesars Forum, Rooms 101-103.\n

For purposes of clarity: Caesars Forum is not connected to Caesars Palace; it is connected to Harrah\'s and LINQ. Please see the published maps (in this app) for further information.\n

Please also review the \"Human Registration Open\" event, and familiarize yourself with the **important notes** therein. \n

\n\n\'',NULL,366793),('3_Saturday','16','16:00','17:59','N','SOC','Caesars Forum - Summit - 217 - WISP','\'WISP Peer-to-Peer Mentoring and Networking\'','\' \'','SOC_8fac82a287ac4f62196b7ed9b0b47ba4','\'Title: WISP Peer-to-Peer Mentoring and Networking
\nWhen: Saturday, Aug 12, 16:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 217 - WISP - Map
\n
\nDescription:
\nJoin us at DEF CON to mingle and network with privacy and security professionals. Also, consider becoming part of the WISP Tandems Mentoring program. It\'s our peer-to-peer mentorship program, which connects you with a partner who has a different background, expertise, and a different network. Why? We believe that you bring unique value to your women peers, no matter which career stage you\'re at. Knowledge is fluent, and leadership manifests at every career level. You can find your Tandem partner right here and sign up to be matched in our next round of the program!\n
\n\n\'',NULL,366794),('3_Saturday','17','16:00','17:59','Y','SOC','Caesars Forum - Summit - 217 - WISP','\'WISP Peer-to-Peer Mentoring and Networking\'','\' \'','SOC_8fac82a287ac4f62196b7ed9b0b47ba4','\'\'',NULL,366795),('3_Saturday','14','14:00','15:59','N','SOC','Caesars Forum - Summit - 217 - WISP','\'WISP Chill Out Space with Refreshments\'','\' \'','SOC_914c4caa37cc25f6a1c4cef6b74163d8','\'Title: WISP Chill Out Space with Refreshments
\nWhen: Saturday, Aug 12, 14:00 - 15:59 PDT
\nWhere: Caesars Forum - Summit - 217 - WISP - Map
\n
\nDescription:
\nCome relax with us in a quiet space! Grab a non-alcoholic drink and check out this year’s WISP swag.\n
\n\n\'',NULL,366796),('3_Saturday','15','14:00','15:59','Y','SOC','Caesars Forum - Summit - 217 - WISP','\'WISP Chill Out Space with Refreshments\'','\' \'','SOC_914c4caa37cc25f6a1c4cef6b74163d8','\'\'',NULL,366797),('2_Friday','12','12:00','15:59','N','SOC','Caesars Forum - Summit - 217 - WISP','\'WISP Chill Out Space with Refreshments\'','\' \'','SOC_31eea850a1ca434aae827d0c434ac74b','\'Title: WISP Chill Out Space with Refreshments
\nWhen: Friday, Aug 11, 12:00 - 15:59 PDT
\nWhere: Caesars Forum - Summit - 217 - WISP - Map
\n
\nDescription:
\nCome relax with us in a quiet space! Grab a non-alcoholic drink and check out this year’s WISP swag.\n
\n\n\'',NULL,366798),('2_Friday','13','12:00','15:59','Y','SOC','Caesars Forum - Summit - 217 - WISP','\'WISP Chill Out Space with Refreshments\'','\' \'','SOC_31eea850a1ca434aae827d0c434ac74b','\'\'',NULL,366799),('2_Friday','14','12:00','15:59','Y','SOC','Caesars Forum - Summit - 217 - WISP','\'WISP Chill Out Space with Refreshments\'','\' \'','SOC_31eea850a1ca434aae827d0c434ac74b','\'\'',NULL,366800),('2_Friday','15','12:00','15:59','Y','SOC','Caesars Forum - Summit - 217 - WISP','\'WISP Chill Out Space with Refreshments\'','\' \'','SOC_31eea850a1ca434aae827d0c434ac74b','\'\'',NULL,366801),('2_Friday','20','20:30','22:59','N','SOC','Flamingo - Pool','\'WISP Community Meet Up at BTV Pool Party\'','\' \'','SOC_d1b5a18c0c7cda79162ed822a91d41f3','\'Title: WISP Community Meet Up at BTV Pool Party
\nWhen: Friday, Aug 11, 20:30 - 22:59 PDT
\nWhere: Flamingo - Pool - Map
\n
\nDescription:
\nBVT has generously donated a cabana for WISP to host our community meet up at their pool party. Arrive early to be in line when the doors open. There will be free tacos and non-alcoholic drinks!\n
\n\n\'',NULL,366802),('2_Friday','21','20:30','22:59','Y','SOC','Flamingo - Pool','\'WISP Community Meet Up at BTV Pool Party\'','\' \'','SOC_d1b5a18c0c7cda79162ed822a91d41f3','\'\'',NULL,366803),('2_Friday','22','20:30','22:59','Y','SOC','Flamingo - Pool','\'WISP Community Meet Up at BTV Pool Party\'','\' \'','SOC_d1b5a18c0c7cda79162ed822a91d41f3','\'\'',NULL,366804),('3_Saturday','21','21:00','23:59','N','SOC','Caesars Forum - Forum - 117-118','\'SECV - 80\'s Themed Party!\'','\' \'','SOC_dacedff672fecc2ff6876eedb7d90508','\'Title: SECV - 80\'s Themed Party!
\nWhen: Saturday, Aug 12, 21:00 - 23:59 PDT
\nWhere: Caesars Forum - Forum - 117-118 - Map
\n
\nDescription:
\nThis year it is **80\'s themed** so be sure to dress up (although we\'ll have some accessories if you forget yours).\n

The party will be in the Forums (room 117/118), not our village, Saturday from 2100-2359. Cash bar with boozy and booze-free options.\n

\n\n\'',NULL,366805),('3_Saturday','22','21:00','23:59','Y','SOC','Caesars Forum - Forum - 117-118','\'SECV - 80\'s Themed Party!\'','\' \'','SOC_dacedff672fecc2ff6876eedb7d90508','\'\'',NULL,366806),('3_Saturday','23','21:00','23:59','Y','SOC','Caesars Forum - Forum - 117-118','\'SECV - 80\'s Themed Party!\'','\' \'','SOC_dacedff672fecc2ff6876eedb7d90508','\'\'',NULL,366807),('4_Sunday','12','12:00','13:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Awards & Competitor Panel\'','\' \'','SEV_2c862c9716fba44fb749eb14e2e51295','\'Title: SECV - Awards & Competitor Panel
\nWhen: Sunday, Aug 13, 12:00 - 13:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nSee who won in our village! During this time we’ll present the Youth Challenge winner, the #SECVC 1st and 2nd place winners, as well as the much-coveted Dundies! Then stick around as we have a panel interview with the winners to hear their story about their path to victory!\n
\n\n\'',NULL,366808),('4_Sunday','13','12:00','13:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Awards & Competitor Panel\'','\' \'','SEV_2c862c9716fba44fb749eb14e2e51295','\'\'',NULL,366809),('3_Saturday','13','13:30','15:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Cold Calls\'','\' \'','SEV_09b4ea012986f4be77fcb7d190743617','\'Title: Cold Calls
\nWhen: Saturday, Aug 12, 13:30 - 15:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nCold Calls give attendees a walk-up opportunity to make a short call to get a feel for both the contest and the world of Social Engineering through vishing but without the contest elements.\n

This is on a first-come, first-served basis. Please see the \"More Information\" link.\n

\n\n\'',NULL,366810),('3_Saturday','14','13:30','15:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Cold Calls\'','\' \'','SEV_09b4ea012986f4be77fcb7d190743617','\'\'',NULL,366811),('3_Saturday','15','13:30','15:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Cold Calls\'','\' \'','SEV_09b4ea012986f4be77fcb7d190743617','\'\'',NULL,366812),('3_Saturday','10','10:00','11:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Cold Calls\'','\' \'','SEV_d489d07c784859d82afc34c161888901','\'Title: Cold Calls
\nWhen: Saturday, Aug 12, 10:00 - 11:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nCold Calls give attendees a walk-up opportunity to make a short call to get a feel for both the contest and the world of Social Engineering through vishing but without the contest elements.\n

This is on a first-come, first-served basis. Please see the \"More Information\" link.\n

\n\n\'',NULL,366813),('3_Saturday','11','10:00','11:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Cold Calls\'','\' \'','SEV_d489d07c784859d82afc34c161888901','\'\'',NULL,366814),('4_Sunday','10','10:00','11:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Cold Calls\'','\' \'','SEV_5d673e529b6d19391796b3fed38f89cc','\'Title: Cold Calls
\nWhen: Sunday, Aug 13, 10:00 - 11:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nCold Calls give attendees a walk-up opportunity to make a short call to get a feel for both the contest and the world of Social Engineering through vishing but without the contest elements.\n

This is on a first-come, first-served basis. Please see the \"More Information\" link.\n

\n\n\'',NULL,366815),('4_Sunday','11','10:00','11:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Cold Calls\'','\' \'','SEV_5d673e529b6d19391796b3fed38f89cc','\'\'',NULL,366816),('3_Saturday','11','11:30','13:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SE Improv\'','\' \'','SEV_0f51f9a7d711618365d9d55d6cdfecc1','\'Title: SE Improv
\nWhen: Saturday, Aug 12, 11:30 - 13:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nImprov is when two (or more) actors don’t know their lines ahead of time, but both agree on a set of rules and on the goal of getting somewhere together.\n

Social engineering is a form of improv in which two (or more) people come together to reach a goal only one person (the ‘actor’) has knowledge of, using rules the other (the target) defines along the way.\n

At least, that’s how we see it. Led by three facilitators who are both information security professionals and improvisers, this first-time program will give attendees an introduction to improv and its special communication techniques. Parallels will be drawn between improv and social engineering, including examples of how the theories and practices of improv can be applied by social engineers to work with their targets in an effective, ethical, and even collaborative way.\n

This engaging program will consist of demonstrations, explanations, and interactions in which attendees will be invited to try out improvisation* themselves in a safe, participatory “sandbox” to apply the concepts learned.\n

Come find out why some of the world’s best social engineers utilize these techniques to improv(e) their game.\n

\n

Please see the \"More Information\" link.\n

\n\n\'',NULL,366817),('3_Saturday','12','11:30','13:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SE Improv\'','\' \'','SEV_0f51f9a7d711618365d9d55d6cdfecc1','\'\'',NULL,366818),('3_Saturday','13','11:30','13:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SE Improv\'','\' \'','SEV_0f51f9a7d711618365d9d55d6cdfecc1','\'\'',NULL,366819),('2_Friday','08','08:30','17:59','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'Title: SECV Village Open
\nWhen: Friday, Aug 11, 08:30 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:No Description available
\n\'',NULL,366820),('2_Friday','09','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366821),('2_Friday','10','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366822),('2_Friday','11','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366823),('2_Friday','12','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366824),('2_Friday','13','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366825),('2_Friday','14','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366826),('2_Friday','15','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366827),('2_Friday','16','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366828),('2_Friday','17','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_4d79a2a0c5a222180497407473e98908','\'\'',NULL,366829),('4_Sunday','10','10:00','13:59','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_e8e7d60f390e390da78cc0de274381a0','\'Title: SECV Village Open
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:No Description available
\n\'',NULL,366830),('4_Sunday','11','10:00','13:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_e8e7d60f390e390da78cc0de274381a0','\'\'',NULL,366831),('4_Sunday','12','10:00','13:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_e8e7d60f390e390da78cc0de274381a0','\'\'',NULL,366832),('4_Sunday','13','10:00','13:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_e8e7d60f390e390da78cc0de274381a0','\'\'',NULL,366833),('3_Saturday','08','08:30','17:59','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'Title: SECV Village Open
\nWhen: Saturday, Aug 12, 08:30 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:No Description available
\n\'',NULL,366834),('3_Saturday','09','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366835),('3_Saturday','10','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366836),('3_Saturday','11','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366837),('3_Saturday','12','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366838),('3_Saturday','13','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366839),('3_Saturday','14','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366840),('3_Saturday','15','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366841),('3_Saturday','16','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366842),('3_Saturday','17','08:30','17:59','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV Village Open\'','\'\'','SEV_154eef5763474ac8e156ff4979cd6cc8','\'\'',NULL,366843),('2_Friday','08','08:30','17:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'Title: SECV - Youth Challenge
\nWhen: Friday, Aug 11, 08:30 - 17:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nMany parents and guardians bring their children to DEF CON to allow them to experience the same learning, networking, and community that they enjoy. As parents and educators ourselves, we want to help make this experience even more memorable with our Youth Challenge!\n

Please see the \"More Information\" link.\n

\n\n\'',NULL,366844),('2_Friday','09','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366845),('2_Friday','10','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366846),('2_Friday','11','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366847),('2_Friday','12','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366848),('2_Friday','13','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366849),('2_Friday','14','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366850),('2_Friday','15','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366851),('2_Friday','16','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366852),('2_Friday','17','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34','\'\'',NULL,366853),('4_Sunday','10','10:00','10:59','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_4d8f03ff8dd825c0121d99adfb08d52c','\'Title: SECV - Youth Challenge
\nWhen: Sunday, Aug 13, 10:00 - 10:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nMany parents and guardians bring their children to DEF CON to allow them to experience the same learning, networking, and community that they enjoy. As parents and educators ourselves, we want to help make this experience even more memorable with our Youth Challenge!\n

Please see the \"More Information\" link.\n

\n\n\'',NULL,366854),('3_Saturday','08','08:30','17:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'Title: SECV - Youth Challenge
\nWhen: Saturday, Aug 12, 08:30 - 17:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
\nDescription:
\nMany parents and guardians bring their children to DEF CON to allow them to experience the same learning, networking, and community that they enjoy. As parents and educators ourselves, we want to help make this experience even more memorable with our Youth Challenge!\n

Please see the \"More Information\" link.\n

\n\n\'',NULL,366855),('3_Saturday','09','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366856),('3_Saturday','10','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366857),('3_Saturday','11','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366858),('3_Saturday','12','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366859),('3_Saturday','13','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366860),('3_Saturday','14','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366861),('3_Saturday','15','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366862),('3_Saturday','16','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366863),('3_Saturday','17','08:30','17:30','Y','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'SECV - Youth Challenge\'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa','\'\'',NULL,366864),('3_Saturday','16','16:00','16:59','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Building an Effective Security Culture Program\'','\'Jessica Barker,Maxie Reynolds,Rebecca Markwick,Sam Davison\'','SEV_e41cfe2b678ebc4d93bd5204a8f4617f','\'Title: Building an Effective Security Culture Program
\nWhen: Saturday, Aug 12, 16:00 - 16:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\nSpeakers:Jessica Barker,Maxie Reynolds,Rebecca Markwick,Sam Davison
\n
SpeakerBio:Jessica Barker\n
\nDr Jessica Barker MBE is an award-winning leader in the human side of cyber security and has delivered face-to-face awareness sessions to over 50,000 people. Jessica is the go-to expert for media such as BBC, Sky News and Wired and she has delivered over 80 keynotes including NATO, the World Government Summit and RSA. She serves on numerous boards, including the UK Government Cyber Security Advisory Board. She is the author of the best-selling book ‘Confident Cyber Security’ and in June 2023, Jessica was awarded an MBE for services to cyber security by King Charles in his first Birthday Honours.
\nTwitter: @drjessicabarker
\n
SpeakerBio:Maxie Reynolds\n
\nMaxie Reynolds started her career in oil and gas as an underwater robotics pilot and subsea engineer working in Norway, Venezuela, Australia, Italy, Russia, Nigeria and the US. She then transitioned into cyber security at PwC in Australia, working in ethical hacking and social engineering. She also published a best selling book in 2021 titled ‘The Art of Attack: Attacker Mindset for Security Professionals.’ In late 2021, she moved back to the field of subsea engineering and created Subsea Cloud – a data center infrastructure company that places data centers underwater. Maxie was born in Scotland and is educated in Computer Science and Underwater Robotics. Currently, Maxie’s aim through her startup is to reduce latency, costs and CO2 emissions for hyper-scale spenders and small businesses alike whilst being the most agile infrastructure company around.
\n
SpeakerBio:Rebecca Markwick\n, Enterprise Cyber Security Awareness and Culture Lead
\nRebecca has spent over a decade designing and delivering training. Her experience in complex behavioural training allows for an innovative approach to designing security awareness programmes and accompanying metrics. One of her key areas of interest is the ethics of phishing and pen testing when considering effective training and culture and how best to protect the everyday user from attack. She is currently Enterprise Cyber Security Awareness and Culture Lead at a global BioTech company. Prior to this she was Security Culture Advocate at the UK’s Ministry of Justice.
\nTwitter: @BexMarkwick
\n
SpeakerBio:Sam Davison\n, Head of Security and Privacy Engineering at Etsy
\nSam Davison is a Security, Privacy, and Trust & Safety leader.  She recently joined Etsy as the Head of Security and Privacy Engineering. Prior to her current role, Davison served as Director of Trust & Privacy Engineering at Robinhood, building and leading all consumer-facing security, privacy, and trust & safety engineering in addition to offensive security and intelligence functions. Davison has held leadership roles at the Krebs Stamos Group, Lyft, Snap Inc., and Uber where she led efforts with a particular emphasis on behavioral engineering, offensive security, and content moderation. Before working in Silicon Valley, she conducted extensive research on the efficacy of security engagement and co-led a consulting firm that built behavioral-based programs for 15+ Fortune 500 companies. Davison has volunteered throughout her career, lending her expertise to survivors of domestic abuse and election protection efforts.
\nTwitter: @Sam_E_Davison
\n\n
\nDescription:
\nWith most cyber attacks and incidents involving social engineering, security culture is hugely influential in cyber security prevention and response. Your security culture is the foundation of your security posture, influencing whether people value cyber security, engage in awareness-raising training and report incidents and concerns. In this panel discussion, we will explore:\n
\n

Join us as we debate how to best protect the number one vector in cyber attacks: people.\n

\n\n\'',NULL,366865),('2_Friday','17','17:15','17:59','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'A Slice of Deception: The 2023 #SECVC Debrief\'','\'JC,Snow\'','SEV_1aa56dcfd6dc5f07a0a051005c3475de','\'Title: A Slice of Deception: The 2023 #SECVC Debrief
\nWhen: Friday, Aug 11, 17:15 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\nSpeakers:JC,Snow
\n
SpeakerBio:JC\n, President at Snowfenive
\nJC is one of the two co-founders of the Social Engineering Community and has competed in previous Social Engineering competitions. JC also runs the Vault, a physical security competition held at SAINTCON in Utah. JC’s passion for competition as well as innovation has been an exciting avenue for him as he and Snow built the new Social Engineering Community’s Vishing Competition.
\nTwitter: @JC_SoCal
\n
SpeakerBio:Snow\n, Chief People Hacker at IBM
\nOver a decade ago, in a hotel not far away from this very location in Vegas, Snow began her career in Social Engineering. At the very beginning of her journey multiple people told her she couldn’t make a career as a dedicated Social Engineer. Through late nights of studying, practice, determination, learning from her mentor, and a lot of spite, she has made a successful career as a Social Engineer. Today, she is the Chief People Hacker for IBM Security’s X-Force Red team, where she leads the global Social Engineering practice.
\nTwitter: @_sn0ww
\n\n
\nDescription:
\nJoin the Founders of the Social Engineering Community as they break down this year’s Vishing Competition (#SECVC). They’ll talk about how the competition is organized, and some of the big takeaways, trends, and surprises (both good and bad) from the OSINT and Vishing Plan reports. They’ll also recount some of the highlights from this year’s live calls.\n
\n\n\'',NULL,366866),('3_Saturday','09','09:00','09:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Anti-Social Engineering: Can You Be a Good Social Engineer Without Being Social\'','\'Andrew Lemon\'','SEV_2bd2c133b6785530a6653d24a4ccaed8','\'Title: Anti-Social Engineering: Can You Be a Good Social Engineer Without Being Social
\nWhen: Saturday, Aug 12, 09:00 - 09:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\n
SpeakerBio:Andrew Lemon\n, Principal Security Engineer at Red Threat
\nLemon is Lemon is the Principal Security Engineer at Red Threat where he serves as the lead over Penetration Testing and Red Teaming. His primary interest lie in physical penetration testing and social engineering. Lemon honed his skills on high pressure physical penetration test usually involving armed guards.
\nTwitter: @Lemonitup
\n\n
\nDescription:
\nSocial engineering has long been thought of as a domain for outgoing, charismatic people. However, in this talk, I will argue that introverted and socially-awkward individuals can be just as effective in social engineering as their extroverted counterparts. Drawing on my personal experience as an introverted social engineer, I will share tips and tricks for blending in, avoiding confrontation, and getting the information you need without attracting unwanted attention. Through real-world examples from my physical pentesting engagements, I will demonstrate how my “anti-social” approach has yielded results that even my more outgoing colleagues were unable to achieve. I will also dispel common misconceptions about social engineering and challenge the notion that charisma and acting skills are essential to the craft. Attendees will leave with a newfound appreciation for the power of blending in and avoiding attention, as well as practical tips for incorporating these techniques into their own social engineering engagements.\n
\n\n\'',NULL,366867),('3_Saturday','17','17:00','17:30','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Phishing with Dynamite: Harnessing AI to Supercharge Offensive Operations\'','\'Dani Goland,Preston Thornburg\'','SEV_a7f2298b139247a9421a50d5b5b18209','\'Title: Phishing with Dynamite: Harnessing AI to Supercharge Offensive Operations
\nWhen: Saturday, Aug 12, 17:00 - 17:30 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\nSpeakers:Dani Goland,Preston Thornburg
\n
SpeakerBio:Dani Goland\n
\nAt the age of 20, Dani Goland founded his own boutique company for innovative software and hardware solutions. Dani did not neglect his hands-on capabilities in both making and breaking systems. Dani spoke at numerous cybersecurity conferences such as BlackHat USA, CodeBlue Japan, CONfidence, SEC-T, and more. After serving in the IDF as a commander of a Field Intelligence unit, Dani went on an 8-month journey across South America. He loves snowboarding, and music concerts.
\nTwitter: @danigoland
\n
SpeakerBio:Preston Thornburg\n
\nPreston is the co-founder of Upshield, a full-stack web3 security platform. Much of his research focuses on the automated identification of adversaries throughout the Ethereum and broader cryptocurrency landscapes. He’s recently launched a technical podcast, ‘Mad Blocks’, that deep dives into web3 projects to extract underlying risks and breakpoints. Preston’s background is heavily based in offensive security, having led operations against cryptocurrency platforms, international banks, critical infrastructure, and governments. 
\n\n
\nDescription:
\nArtificial Intelligence (AI) has fundamentally reshaped the landscape of cybersecurity, making traditional defensive strategies outdated and inadequate, particularly in the realm of phishing attacks. In this era of large language models (LLMs), phishing has evolved from flawed syntax, primitive design, and generic narratives. Using state-of-the-art AI tooling, we can now generate spear-phishing campaigns that are highly personalized with unprecedented precision, leveraging publicly available data from social media, work profiles, and more. In this talk, we’ll show you how it’s done. We will also delve into innovative exploitation techniques that leverage alternative communication channels, like AI-based audio deepfakes for conversational reeling. All of this is made possible with our soon to be released and open-source phishing framework – nemo. We’ll give you a front-row seat to how AI is revolutionizing offensive security operations. Get ready to step into the future of phishing attacks – it’s more sophisticated, more realistic, and scarier than you could ever imagine.\n
\n\n\'',NULL,366868),('3_Saturday','09','09:30','09:59','N','SEV','LINQ - 3rd flr - Social A - Social Engineering Community','\'Your Swag is My Swag: Pwning Fortune 500 Companies with Vistaprint\'','\'Daniel \"Jcache\" Goga,Langston \"Shock\" Clement\'','SEV_8d8c8f73f0a7ad53b81f2f59d2868203','\'Title: Your Swag is My Swag: Pwning Fortune 500 Companies with Vistaprint
\nWhen: Saturday, Aug 12, 09:30 - 09:59 PDT
\nWhere: LINQ - 3rd flr - Social A - Social Engineering Community - Map
\nSpeakers:Daniel \"Jcache\" Goga,Langston \"Shock\" Clement
\n
SpeakerBio:Daniel \"Jcache\" Goga\n, Security Consultant at Core BTS
\nDan Goga serves as a Security Consultant with Core BTS focused on conducting penetration testing and vulnerability assessments. Dan Goga has eight years of information security experience in the public, private, and academic sectors. Dan has extensive knowledge and experience with RFID hacking, phishing techniques, social engineering techniques, and penetration testing.
\nTwitter: @_BadCharacters
\n
SpeakerBio:Langston \"Shock\" Clement\n, Lead for Red Team operations and Penetration Testing engagements at Core BTS
\nLangston grew up reading stories about the 90’s hacker escapades, and after years of observing the scene, he jumped into the cybersecurity field and never looked back. He is the current lead for Red Team operations and Penetration Testing engagements at Core BTS. With over fifteen (15) years of public and private sector experience in cybersecurity and ethical hacking, he aims to provide organizations with valuable and actionable information to help improve their security posture. Langston’s specializations focus on modern-day social engineering techniques, wireless and RFID attacks, vulnerability analysis, as well as physical and cloud penetration testing.
\nTwitter: @sh0ckSec
\n\n
\nDescription:
\nSocially engineering a target organization with a hard hat and safety vest never gets old, but there are more ways to the server room. Take your physical penetration test to the next level, swagged out in the latest company-branded quarter zip sweatshirt. In this presentation, Langston and Dan will share their adventures hiding in plain sight while pwning Fortune 500 companies with official apparel and replica merchandise. They will explain their OSINT methodology for identifying 3rd party branding sites and tips for creating authentic-looking, made-to-order gear for any occasion. After learning these new techniques, you’ll be so convincing that you might even get invited to your target client’s next BBQ!\n
\n\n\'',NULL,366869),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_dba395287b9d048198fa6972452beb19','\'Title: Honey Pot Workshop
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nThink you know your way around a honeypot? Come to the Packet Hacking Village for a friendly, fun, low-pressure DEFCON challenge that\'s open to all! This game is designed for users of all experience levels: bring your own laptop, SSH in, and explore the adventure.\n
\n\n\'',NULL,366870),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_dba395287b9d048198fa6972452beb19','\'\'',NULL,366871),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_dba395287b9d048198fa6972452beb19','\'\'',NULL,366872),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_dba395287b9d048198fa6972452beb19','\'\'',NULL,366873),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'Title: Honey Pot Workshop
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nThink you know your way around a honeypot? Come to the Packet Hacking Village for a friendly, fun, low-pressure DEFCON challenge that\'s open to all! This game is designed for users of all experience levels: bring your own laptop, SSH in, and explore the adventure.\n
\n\n\'',NULL,366874),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'\'',NULL,366875),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'\'',NULL,366876),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'\'',NULL,366877),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'\'',NULL,366878),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'\'',NULL,366879),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'\'',NULL,366880),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'\'',NULL,366881),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed','\'\'',NULL,366882),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'Title: Honey Pot Workshop
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nThink you know your way around a honeypot? Come to the Packet Hacking Village for a friendly, fun, low-pressure DEFCON challenge that\'s open to all! This game is designed for users of all experience levels: bring your own laptop, SSH in, and explore the adventure.\n
\n\n\'',NULL,366883),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'\'',NULL,366884),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'\'',NULL,366885),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'\'',NULL,366886),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'\'',NULL,366887),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'\'',NULL,366888),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'\'',NULL,366889),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'\'',NULL,366890),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Honey Pot Workshop\'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8','\'\'',NULL,366891),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_82b2232353f6512eb8c78cd0d5e437d4','\'Title: Build Your Own Botnet
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nBYOB is intended to be a beginner friendly workshop dive into how botnets work. Attendees will use a web application to create a \"dropper\" file. (It is a tiny file whose only purposes is to fetch and execute the next stage of code). Then put the dropper file on another computer to obfuscate the command computer. The dropper is heavily obfuscated and compressed, and is a small python script. Attendees will learn how bot command and control works and cause several bots to probe a potential next target to gain access.\n
\n\n\'',NULL,366892),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_82b2232353f6512eb8c78cd0d5e437d4','\'\'',NULL,366893),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_82b2232353f6512eb8c78cd0d5e437d4','\'\'',NULL,366894),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_82b2232353f6512eb8c78cd0d5e437d4','\'\'',NULL,366895),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'Title: Build Your Own Botnet
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nBYOB is intended to be a beginner friendly workshop dive into how botnets work. Attendees will use a web application to create a \"dropper\" file. (It is a tiny file whose only purposes is to fetch and execute the next stage of code). Then put the dropper file on another computer to obfuscate the command computer. The dropper is heavily obfuscated and compressed, and is a small python script. Attendees will learn how bot command and control works and cause several bots to probe a potential next target to gain access.\n
\n\n\'',NULL,366896),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'\'',NULL,366897),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'\'',NULL,366898),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'\'',NULL,366899),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'\'',NULL,366900),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'\'',NULL,366901),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'\'',NULL,366902),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'\'',NULL,366903),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad','\'\'',NULL,366904),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'Title: Build Your Own Botnet
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nBYOB is intended to be a beginner friendly workshop dive into how botnets work. Attendees will use a web application to create a \"dropper\" file. (It is a tiny file whose only purposes is to fetch and execute the next stage of code). Then put the dropper file on another computer to obfuscate the command computer. The dropper is heavily obfuscated and compressed, and is a small python script. Attendees will learn how bot command and control works and cause several bots to probe a potential next target to gain access.\n
\n\n\'',NULL,366905),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'\'',NULL,366906),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'\'',NULL,366907),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'\'',NULL,366908),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'\'',NULL,366909),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'\'',NULL,366910),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'\'',NULL,366911),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'\'',NULL,366912),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Build Your Own Botnet\'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9','\'\'',NULL,366913),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_23f7346ef3410bceb4f887d1c6f93424','\'Title: Linux Trainer Workshop
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nAre you new to hacking? Want to learn Linux? We have a workshop for you! Interactive style training will teach you the basics of this operating system step by step so you can start your journey.\n
\n\n\'',NULL,366914),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_23f7346ef3410bceb4f887d1c6f93424','\'\'',NULL,366915),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_23f7346ef3410bceb4f887d1c6f93424','\'\'',NULL,366916),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_23f7346ef3410bceb4f887d1c6f93424','\'\'',NULL,366917),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'Title: Linux Trainer Workshop
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nAre you new to hacking? Want to learn Linux? We have a workshop for you! Interactive style training will teach you the basics of this operating system step by step so you can start your journey.\n
\n\n\'',NULL,366918),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'\'',NULL,366919),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'\'',NULL,366920),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'\'',NULL,366921),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'\'',NULL,366922),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'\'',NULL,366923),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'\'',NULL,366924),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'\'',NULL,366925),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab','\'\'',NULL,366926),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'Title: Linux Trainer Workshop
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nAre you new to hacking? Want to learn Linux? We have a workshop for you! Interactive style training will teach you the basics of this operating system step by step so you can start your journey.\n
\n\n\'',NULL,366927),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'\'',NULL,366928),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'\'',NULL,366929),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'\'',NULL,366930),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'\'',NULL,366931),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'\'',NULL,366932),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'\'',NULL,366933),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'\'',NULL,366934),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Linux Trainer Workshop\'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32','\'\'',NULL,366935),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_a2d6ca04db765230edc4afbb1d0f572f','\'Title: NetworkOS: Be The Cloud
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nThe NetworkOS workshop takes you into the mysterious world underpinning modern computing and global communication: the network itself. Step by step, you\'ll learn all the basics you need. No experience needed: must know how to type and copy/paste. \n
\n\n\'',NULL,366936),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_a2d6ca04db765230edc4afbb1d0f572f','\'\'',NULL,366937),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_a2d6ca04db765230edc4afbb1d0f572f','\'\'',NULL,366938),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_a2d6ca04db765230edc4afbb1d0f572f','\'\'',NULL,366939),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'Title: NetworkOS: Be The Cloud
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nThe NetworkOS workshop takes you into the mysterious world underpinning modern computing and global communication: the network itself. Step by step, you\'ll learn all the basics you need. No experience needed: must know how to type and copy/paste. \n
\n\n\'',NULL,366940),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'\'',NULL,366941),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'\'',NULL,366942),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'\'',NULL,366943),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'\'',NULL,366944),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'\'',NULL,366945),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'\'',NULL,366946),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'\'',NULL,366947),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1','\'\'',NULL,366948),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'Title: NetworkOS: Be The Cloud
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nThe NetworkOS workshop takes you into the mysterious world underpinning modern computing and global communication: the network itself. Step by step, you\'ll learn all the basics you need. No experience needed: must know how to type and copy/paste. \n
\n\n\'',NULL,366949),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'\'',NULL,366950),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'\'',NULL,366951),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'\'',NULL,366952),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'\'',NULL,366953),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'\'',NULL,366954),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'\'',NULL,366955),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'\'',NULL,366956),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'NetworkOS: Be The Cloud\'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df','\'\'',NULL,366957),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'Title: RegEx Trainer
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nIs regex a mystery to you? We\'ve got your back at the Packet Hacking Village. Our new interactive REGEX Trainer will walk you through learning then doing, giving you a full understanding of how Regular Expressions work. \n
\n\n\'',NULL,366958),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'\'',NULL,366959),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'\'',NULL,366960),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'\'',NULL,366961),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'\'',NULL,366962),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'\'',NULL,366963),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'\'',NULL,366964),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'\'',NULL,366965),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e','\'\'',NULL,366966),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'Title: RegEx Trainer
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nIs regex a mystery to you? We\'ve got your back at the Packet Hacking Village. Our new interactive REGEX Trainer will walk you through learning then doing, giving you a full understanding of how Regular Expressions work. \n
\n\n\'',NULL,366967),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'\'',NULL,366968),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'\'',NULL,366969),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'\'',NULL,366970),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'\'',NULL,366971),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'\'',NULL,366972),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'\'',NULL,366973),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'\'',NULL,366974),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7','\'\'',NULL,366975),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_f008b9ed9d781e47311091782ce8f623','\'Title: RegEx Trainer
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nIs regex a mystery to you? We\'ve got your back at the Packet Hacking Village. Our new interactive REGEX Trainer will walk you through learning then doing, giving you a full understanding of how Regular Expressions work. \n
\n\n\'',NULL,366976),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_f008b9ed9d781e47311091782ce8f623','\'\'',NULL,366977),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_f008b9ed9d781e47311091782ce8f623','\'\'',NULL,366978),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'RegEx Trainer\'','\' \'','PHV_f008b9ed9d781e47311091782ce8f623','\'\'',NULL,366979),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_8cadc9fb1e4bdf58497de014bc1b0e9b','\'Title: Password Lab
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nIn this workshop, you\'ll learn real-world penetration testing techniques for guessing passwords using Hydra, xHydra, and Hashcat.\n
\n\n\'',NULL,366980),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_8cadc9fb1e4bdf58497de014bc1b0e9b','\'\'',NULL,366981),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_8cadc9fb1e4bdf58497de014bc1b0e9b','\'\'',NULL,366982),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_8cadc9fb1e4bdf58497de014bc1b0e9b','\'\'',NULL,366983),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'Title: Password Lab
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nIn this workshop, you\'ll learn real-world penetration testing techniques for guessing passwords using Hydra, xHydra, and Hashcat.\n
\n\n\'',NULL,366984),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'\'',NULL,366985),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'\'',NULL,366986),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'\'',NULL,366987),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'\'',NULL,366988),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'\'',NULL,366989),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'\'',NULL,366990),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'\'',NULL,366991),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_559596b15ddbbffb284454d5925538da','\'\'',NULL,366992),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'Title: Password Lab
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nIn this workshop, you\'ll learn real-world penetration testing techniques for guessing passwords using Hydra, xHydra, and Hashcat.\n
\n\n\'',NULL,366993),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'\'',NULL,366994),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'\'',NULL,366995),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'\'',NULL,366996),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'\'',NULL,366997),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'\'',NULL,366998),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'\'',NULL,366999),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'\'',NULL,367000),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Password Lab\'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1','\'\'',NULL,367001),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_41bbb2494695b74c13e6e4aeb8b04f01','\'Title: Fleet DefCon 31 Workshop
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nFleet is an open-core, cross-platform solution that provides real-time insights using osquery and GitOps-driven management for all your devices, including Mac, Windows, Linux, and ChromeOS. Join the adventure and explore a wonderland of data!\n
\n\n\'',NULL,367002),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_41bbb2494695b74c13e6e4aeb8b04f01','\'\'',NULL,367003),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_41bbb2494695b74c13e6e4aeb8b04f01','\'\'',NULL,367004),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_41bbb2494695b74c13e6e4aeb8b04f01','\'\'',NULL,367005),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'Title: Fleet DefCon 31 Workshop
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nFleet is an open-core, cross-platform solution that provides real-time insights using osquery and GitOps-driven management for all your devices, including Mac, Windows, Linux, and ChromeOS. Join the adventure and explore a wonderland of data!\n
\n\n\'',NULL,367006),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'\'',NULL,367007),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'\'',NULL,367008),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'\'',NULL,367009),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'\'',NULL,367010),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'\'',NULL,367011),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'\'',NULL,367012),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'\'',NULL,367013),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_9d7839bcf24171763230df827f30f23a','\'\'',NULL,367014),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'Title: Fleet DefCon 31 Workshop
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nFleet is an open-core, cross-platform solution that provides real-time insights using osquery and GitOps-driven management for all your devices, including Mac, Windows, Linux, and ChromeOS. Join the adventure and explore a wonderland of data!\n
\n\n\'',NULL,367015),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'\'',NULL,367016),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'\'',NULL,367017),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'\'',NULL,367018),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'\'',NULL,367019),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'\'',NULL,367020),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'\'',NULL,367021),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'\'',NULL,367022),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Fleet DefCon 31 Workshop\'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb','\'\'',NULL,367023),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'Title: Packet Inspector
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nNew to packet-fu? Don\'t know a pcap from a bottle cap? Packet Inspector is the game for you! We provide the laptops and all necessary tools for you to learn the basics of network analysis, sniffing, and forensics.\n
\n\n\'',NULL,367024),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'\'',NULL,367025),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'\'',NULL,367026),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'\'',NULL,367027),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'\'',NULL,367028),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'\'',NULL,367029),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'\'',NULL,367030),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'\'',NULL,367031),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c','\'\'',NULL,367032),('4_Sunday','09','09:00','13:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_9f520bb414d8505a03b1588057be9d98','\'Title: Packet Inspector
\nWhen: Sunday, Aug 13, 09:00 - 13:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nNew to packet-fu? Don\'t know a pcap from a bottle cap? Packet Inspector is the game for you! We provide the laptops and all necessary tools for you to learn the basics of network analysis, sniffing, and forensics.\n
\n\n\'',NULL,367033),('4_Sunday','10','09:00','13:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_9f520bb414d8505a03b1588057be9d98','\'\'',NULL,367034),('4_Sunday','11','09:00','13:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_9f520bb414d8505a03b1588057be9d98','\'\'',NULL,367035),('4_Sunday','12','09:00','13:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_9f520bb414d8505a03b1588057be9d98','\'\'',NULL,367036),('4_Sunday','13','09:00','13:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_9f520bb414d8505a03b1588057be9d98','\'\'',NULL,367037),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'Title: Packet Inspector
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nNew to packet-fu? Don\'t know a pcap from a bottle cap? Packet Inspector is the game for you! We provide the laptops and all necessary tools for you to learn the basics of network analysis, sniffing, and forensics.\n
\n\n\'',NULL,367038),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'\'',NULL,367039),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'\'',NULL,367040),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'\'',NULL,367041),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'\'',NULL,367042),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'\'',NULL,367043),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'\'',NULL,367044),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'\'',NULL,367045),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Inspector\'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b','\'\'',NULL,367046),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'Title: Packet Detective
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nReady to upgrade your skills at the Packet Hacking Village? It’s time to play Packet Detective. A step up in difficulty from Packet Investigator, Packet Detective will test your network hunting abilities at the intermediate level. Come learn some new tricks!\n
\n\n\'',NULL,367047),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'\'',NULL,367048),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'\'',NULL,367049),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'\'',NULL,367050),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'\'',NULL,367051),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'\'',NULL,367052),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'\'',NULL,367053),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'\'',NULL,367054),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80','\'\'',NULL,367055),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_4d2ca5d8f39327ccf0c946d64bb9e049','\'Title: Packet Detective
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nReady to upgrade your skills at the Packet Hacking Village? It’s time to play Packet Detective. A step up in difficulty from Packet Investigator, Packet Detective will test your network hunting abilities at the intermediate level. Come learn some new tricks!\n
\n\n\'',NULL,367056),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_4d2ca5d8f39327ccf0c946d64bb9e049','\'\'',NULL,367057),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_4d2ca5d8f39327ccf0c946d64bb9e049','\'\'',NULL,367058),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_4d2ca5d8f39327ccf0c946d64bb9e049','\'\'',NULL,367059),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'Title: Packet Detective
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nReady to upgrade your skills at the Packet Hacking Village? It’s time to play Packet Detective. A step up in difficulty from Packet Investigator, Packet Detective will test your network hunting abilities at the intermediate level. Come learn some new tricks!\n
\n\n\'',NULL,367060),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'\'',NULL,367061),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'\'',NULL,367062),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'\'',NULL,367063),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'\'',NULL,367064),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'\'',NULL,367065),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'\'',NULL,367066),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'\'',NULL,367067),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Packet Detective\'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82','\'\'',NULL,367068),('3_Saturday','17','17:00','17:59','N','XRV','Caesars Forum - Summit - 233 - Shared Stage','\'Push All the Buttons Digital Twinning with Idaho National Labs in collaboration with DEF CON ICS Village\'','\'Kolton Heaps\'','XRV_f36829b0fef70b208b5166cd6709f629','\'Title: Push All the Buttons Digital Twinning with Idaho National Labs in collaboration with DEF CON ICS Village
\nWhen: Saturday, Aug 12, 17:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 233 - Shared Stage - Map
\n
SpeakerBio:Kolton Heaps\n
\nKolton Heaps is a Digital Twin Visualization Scientist at the Idaho National Laboratory. He focuses on creating visualizations and software that assist in design, operations and training on projects including, fuel processing, non-proliferation, modular reactors, and advanced digital twin of nuclear reactor. Kolton has a bachelor’s in software engineering from Brigham Young University – Idaho and lives in Idaho Falls where he enjoys mountain biking and other outdoor activities.
\n\n
\nDescription:
\nExtended Reality (XR) is an umbrella term that involves virtual reality (VR), augmented reality (AR), and mixed reality (MR) capabilities. VR describes an environment in which a user’s physical environment is completely replaced with a virtual one. This allows the user to view any digitally created content but separates the user from interacting with the physical world. On the other hand, AR enhances the user’s physical environment with virtual overlays but offers little interaction with digital content. Lastly, MR is a blend of the physical and digital worlds, unlocking natural and intuitive 3D human, computer, and environmental interactions. Using these technologies, analysts, operators, and stakeholders will be able to interpret radio frequency data effectively and efficiently.  \n \n

The Idaho National Laboratory is integrating the next-generation XR capabilities into the various projects that support Nuclear, Integrated Energy and National and Homeland Security missions. They use a suite of tools for the visualization of capabilities to capture and analyze digital twins. Digital Engineering delivers semi-autonomous design, autonomous operation, and real-time anomaly detection as well as integrates threads of data, visualizations, AI/ML, and physics models into a cohesive digital twin. \n \n

The primary benefit of incorporating XR with signal analysis is to allow for simple interpretation and representation of complex data. Current techniques or trends rely on certain subject matter experts to collect, examine, and report anomalous data manually. By allowing the operator to spatially view the captured data, the process of identifying and plotting data is anticipated to be greatly simplified. Data and anomalies will become engaging, allowing the operator to easily identify unknown signals in real-time or near real-time.  \n

\n\n\'',NULL,367069),('2_Friday','11','11:00','11:45','N','DC','Caesars Forum - Forum - 130-134 - Track 3','\'Defending KA-SAT: The detailed story of the response, how it was analyzed, and what was learned\'','\'Mark Colaluca,Nick Saunders\'','DC_5c63d9bf2430844699343a5107b4fd8c','\'Title: Defending KA-SAT: The detailed story of the response, how it was analyzed, and what was learned
\nWhen: Friday, Aug 11, 11:00 - 11:45 PDT
\nWhere: Caesars Forum - Forum - 130-134 - Track 3 - Map
\nSpeakers:Mark Colaluca,Nick Saunders
\n
SpeakerBio:Mark Colaluca\n, Vice President and Chief Information Security Officer (CISO) at Viasat
\nMark Colaluca is Vice President & Chief Information Security Officer for Viasat, a global satellite communications service provider. Mark is responsible for Viasat’s corporate information security program, as well as infrastructure and security engineering for Viasat’s enterprise networks serving customers across government, commercial and residential markets. During Mark’s tenure at Viasat, he has held various engineering, architecture, and leadership roles within the organization, including the design, development, and delivery of the ground system infrastructure for Viasat’s first and second generation satellite networks. Mark has also led Viasat’s engagement with the private sector and government security communities, which includes facilitating active information sharing with these partners. Prior to joining Viasat, Mark provided security and network architecture consulting to several Fortune 50 firms as a member of KPMG, and held network and security engineering roles with Texas Instruments and Raytheon. Mark is a graduate of the University of Texas at Austin with a bachelor’s degree in Electrical & Computer Engineering, and is the joint U.S. Patent holder for an advanced method of providing layer-2 network services through a non-routed ground segment network.
\n
SpeakerBio:Nick Saunders\n, Chief Cybersecurity and Data Officer at Viasat
\nNick Saunders serves as the Chief Cybersecurity and Data Officer for Government Systems at Viasat. He is responsible for ensuring the security for government users of Viasat’s global networks. Nick leads teams focused on the development of novel cybersecurity analytics techniques, maintaining compliance across Viasat’s global networks, performing active cybersecurity defense, red team activities, forensics, cyber threat intelligence, and other cybersecurity-related functions. Nick has 15 years of experience leading and advancing technology focused on cybersecurity, information assurance, embedded systems, bootloaders, operating systems, space systems architecture, critical infrastructure, and multiple communications-focused disciplines. He has been published in IEEE and presented at multiple technical conferences (IEEE, SANS). Nick has presented cybersecurity briefings for USMC, USAF, Space Command, and multiple other USG departments. Nick also works to champion and improve data practices across Government systems by advancing AI/ML initiatives and product capabilities. Nick is a graduate of Virginia Tech and holds degree in Computer Engineering.
\n\n
\nDescription:
\nIn February 2022, the Viasat owned KA-SAT network experienced a significant cyberattack that resulted in a partial outage of services for thousands of users in Ukraine and tens of thousands of users in other parts of Europe. This presentation will provide detailed background on the attack, which involved the deployment of malware against terminals on the network, as well as several distinct network-based attacks that appeared focused on further denying connectivity to KA-SAT users. These network-based attacks needed to be characterized and responded to by Viasat’s operational teams in real-time, and the attacks continued with intensity for many weeks after the original malware incident. \n

Viasat will share the story of how it responded and performed a rapid forensic on several impacted terminals to determine within 36 hours that the terminal flash memory had been overwritten with a distinctive pattern in the attack. This presentation will explain details around the forensic analysis as well as the process of reverse engineering the malicious toolkit to verify it would produce the observed flash memory effects. Viasat will also share technical details of over-the-air network attacks that were used to attack the KA-SAT network.\n

\n\n\'',NULL,367070),('1_Thursday','07','07:00','17:59','N','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'Title: Merch (formerly swag) Area Open -- README
\nWhen: Thursday, Aug 10, 07:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 227-230 - Merch - Map
\n
\nDescription:
\nAll merch sales are USD CASH ONLY. No cards will be accepted.\n

The published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \n

Note that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can\'t predict the length of the line or when doors will be closed.\n

**PLEASE NOTE**\n

The Saturday open time was incorrectly listed as 08:00, and has been corrected to 09:00. **PLEASE** check stock status in HackerTracker.\n

\n\n\'',NULL,367071),('1_Thursday','08','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367072),('1_Thursday','09','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367073),('1_Thursday','10','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367074),('1_Thursday','11','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367075),('1_Thursday','12','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367076),('1_Thursday','13','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367077),('1_Thursday','14','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367078),('1_Thursday','15','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367079),('1_Thursday','16','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367080),('1_Thursday','17','07:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_f866b4483924d90de5d6433b40707362','\'\'',NULL,367081),('2_Friday','08','08:00','17:59','N','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'Title: Merch (formerly swag) Area Open -- README
\nWhen: Friday, Aug 11, 08:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 227-230 - Merch - Map
\n
\nDescription:
\nAll merch sales are USD CASH ONLY. No cards will be accepted.\n

The published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \n

Note that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can\'t predict the length of the line or when doors will be closed.\n

**PLEASE NOTE**\n

The Saturday open time was incorrectly listed as 08:00, and has been corrected to 09:00. **PLEASE** check stock status in HackerTracker.\n

\n\n\'',NULL,367082),('2_Friday','09','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367083),('2_Friday','10','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367084),('2_Friday','11','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367085),('2_Friday','12','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367086),('2_Friday','13','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367087),('2_Friday','14','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367088),('2_Friday','15','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367089),('2_Friday','16','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367090),('2_Friday','17','08:00','17:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f','\'\'',NULL,367091),('3_Saturday','09','09:00','11:59','N','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_12d17bb988ea363a921b5581caa592e2','\'Title: Merch (formerly swag) Area Open -- README
\nWhen: Saturday, Aug 12, 09:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - 227-230 - Merch - Map
\n
\nDescription:
\nAll merch sales are USD CASH ONLY. No cards will be accepted.\n

The published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.) \n

Note that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can\'t predict the length of the line or when doors will be closed.\n

**PLEASE NOTE**\n

The Saturday open time was incorrectly listed as 08:00, and has been corrected to 09:00. **PLEASE** check stock status in HackerTracker.\n

\n\n\'',NULL,367092),('3_Saturday','10','09:00','11:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_12d17bb988ea363a921b5581caa592e2','\'\'',NULL,367093),('3_Saturday','11','09:00','11:59','Y','DC','Caesars Forum - Summit - 227-230 - Merch','\'Merch (formerly swag) Area Open -- README\'','\' \'','DC_12d17bb988ea363a921b5581caa592e2','\'\'',NULL,367094),('3_Saturday','10','10:00','17:59','N','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2','\'Title: Vendor Area Open
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:
\nThis is when you can go visit our awesome vendors. \n

We don\'t know whether they will be accepting cash or cards. That\'s up to each vendor, and we do not have a list.\n

We also don\'t know if/when vendors will sell out of anything they may be selling.\n

\n\n\'',NULL,367095),('3_Saturday','11','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2','\'\'',NULL,367096),('3_Saturday','12','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2','\'\'',NULL,367097),('3_Saturday','13','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2','\'\'',NULL,367098),('3_Saturday','14','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2','\'\'',NULL,367099),('3_Saturday','15','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2','\'\'',NULL,367100),('3_Saturday','16','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2','\'\'',NULL,367101),('3_Saturday','17','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2','\'\'',NULL,367102),('2_Friday','10','10:00','17:59','N','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5','\'Title: Vendor Area Open
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:
\nThis is when you can go visit our awesome vendors. \n

We don\'t know whether they will be accepting cash or cards. That\'s up to each vendor, and we do not have a list.\n

We also don\'t know if/when vendors will sell out of anything they may be selling.\n

\n\n\'',NULL,367103),('2_Friday','11','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5','\'\'',NULL,367104),('2_Friday','12','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5','\'\'',NULL,367105),('2_Friday','13','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5','\'\'',NULL,367106),('2_Friday','14','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5','\'\'',NULL,367107),('2_Friday','15','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5','\'\'',NULL,367108),('2_Friday','16','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5','\'\'',NULL,367109),('2_Friday','17','10:00','17:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5','\'\'',NULL,367110),('4_Sunday','10','10:00','15:59','N','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_94f6050dc51bf60e22bdc4fff0816c23','\'Title: Vendor Area Open
\nWhen: Sunday, Aug 13, 10:00 - 15:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
\nDescription:
\nThis is when you can go visit our awesome vendors. \n

We don\'t know whether they will be accepting cash or cards. That\'s up to each vendor, and we do not have a list.\n

We also don\'t know if/when vendors will sell out of anything they may be selling.\n

\n\n\'',NULL,367111),('4_Sunday','11','10:00','15:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_94f6050dc51bf60e22bdc4fff0816c23','\'\'',NULL,367112),('4_Sunday','12','10:00','15:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_94f6050dc51bf60e22bdc4fff0816c23','\'\'',NULL,367113),('4_Sunday','13','10:00','15:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_94f6050dc51bf60e22bdc4fff0816c23','\'\'',NULL,367114),('4_Sunday','14','10:00','15:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_94f6050dc51bf60e22bdc4fff0816c23','\'\'',NULL,367115),('4_Sunday','15','10:00','15:59','Y','DC','Caesars Forum - Alliance - 305-306 - Vendors','\'Vendor Area Open\'','\' \'','DC_94f6050dc51bf60e22bdc4fff0816c23','\'\'',NULL,367116),('2_Friday','10','10:00','17:59','N','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0','\'Title: Exhibitor Area Open
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Forum - 124-126 - Exhibitors - Map
\n
\nDescription:
\nThis is when you can go visit our awesome exhibitors.\n
\n\n\'',NULL,367117),('2_Friday','11','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0','\'\'',NULL,367118),('2_Friday','12','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0','\'\'',NULL,367119),('2_Friday','13','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0','\'\'',NULL,367120),('2_Friday','14','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0','\'\'',NULL,367121),('2_Friday','15','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0','\'\'',NULL,367122),('2_Friday','16','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0','\'\'',NULL,367123),('2_Friday','17','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0','\'\'',NULL,367124),('4_Sunday','10','10:00','13:59','N','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_2ec0a6e4132ffee0863604ee50c4ce66','\'Title: Exhibitor Area Open
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Forum - 124-126 - Exhibitors - Map
\n
\nDescription:
\nThis is when you can go visit our awesome exhibitors.\n
\n\n\'',NULL,367125),('4_Sunday','11','10:00','13:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_2ec0a6e4132ffee0863604ee50c4ce66','\'\'',NULL,367126),('4_Sunday','12','10:00','13:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_2ec0a6e4132ffee0863604ee50c4ce66','\'\'',NULL,367127),('4_Sunday','13','10:00','13:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_2ec0a6e4132ffee0863604ee50c4ce66','\'\'',NULL,367128),('3_Saturday','10','10:00','17:59','N','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1','\'Title: Exhibitor Area Open
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Forum - 124-126 - Exhibitors - Map
\n
\nDescription:
\nThis is when you can go visit our awesome exhibitors.\n
\n\n\'',NULL,367129),('3_Saturday','11','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1','\'\'',NULL,367130),('3_Saturday','12','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1','\'\'',NULL,367131),('3_Saturday','13','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1','\'\'',NULL,367132),('3_Saturday','14','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1','\'\'',NULL,367133),('3_Saturday','15','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1','\'\'',NULL,367134),('3_Saturday','16','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1','\'\'',NULL,367135),('3_Saturday','17','10:00','17:59','Y','DC','Caesars Forum - Forum - 124-126 - Exhibitors','\'Exhibitor Area Open\'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1','\'\'',NULL,367136),('2_Friday','13','13:00','13:59','N','HRV','Flamingo - Virginia City - Ham Radio Village','\'Amateur Radio Digital Modes Primer\'','\'Jon Marler\'','HRV_ae223fb8dfdbdd94c2206011478274cd','\'Title: Amateur Radio Digital Modes Primer
\nWhen: Friday, Aug 11, 13:00 - 13:59 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
SpeakerBio:Jon Marler\n
\nNo BIO available
\n\n
\nDescription:
\nAmateur radio operator Jon Marler, callsign K4CHN, presents an introduction to many of the digital modes available to amateur radio operators. Jon will be discussing the modes available for voice and data, as well as many of the hardware options available. Jon will also be presenting a very simple design for a way to connect a Raspberry Pi to your radio safely. A demonstration of slow scan television (SSTV) will be made to end the presentation before Q&A.\n
\n\n\'',NULL,367137),('3_Saturday','11','11:00','11:30','N','HRV','Flamingo - Virginia City - Ham Radio Village','\'How to Crush Field Day and Win Big Prizes\'','\'Hamster\'','HRV_ecd27efc2ef36349250cdd2b6ed426dd','\'Title: How to Crush Field Day and Win Big Prizes
\nWhen: Saturday, Aug 12, 11:00 - 11:30 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
SpeakerBio:Hamster\n
\nEngineer, hacker, hat wearer
\nTwitter: @hamster
\n\n
\nDescription:
\nField Day is a great chance to let your competition flag fly. With a few tips and tricks, take it from a sad evening in front of a microphone to having a blast with your fellow hams.\n
\n\n\'',NULL,367138),('3_Saturday','13','13:00','13:59','N','HRV','Flamingo - Virginia City - Ham Radio Village','\'Using an SBC for ham radio digital modes that isn\'t a raspberry pi\'','\'Jon Marler\'','HRV_2f9142f12ee30dc68c48964849f18a80','\'Title: Using an SBC for ham radio digital modes that isn\'t a raspberry pi
\nWhen: Saturday, Aug 12, 13:00 - 13:59 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
SpeakerBio:Jon Marler\n
\nNo BIO available
\n\n
\nDescription:
\nAmateur radio operator Jon Marler, callsign K4CHN, presents a discussion about how to use an SBC for ham radio digital modes in a world without the raspberry pi. There are hundreds of other options now, but which of those meet these requirements: Easy to obtain, cheap, runs Linux, and can run popular ham radio digital mode software. Jon will present his findings and show you how to build out an SBC that can get you on the air, without having to beg, borrow, or steal a raspberry pi.\n
\n\n\'',NULL,367139),('3_Saturday','15','15:00','15:30','N','HRV','Flamingo - Virginia City - Ham Radio Village','\'Modernizing AX.25 packet radio with Modern Packet Message Manager\'','\'Jeremy Banker\'','HRV_b5b10fe65ee88ace129eaac7fffa0124','\'Title: Modernizing AX.25 packet radio with Modern Packet Message Manager
\nWhen: Saturday, Aug 12, 15:00 - 15:30 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
SpeakerBio:Jeremy Banker\n
\nA lifelong learner and broad technology enthusiast, Jeremy Banker holds a Masters degree in Information Security and is a founding member of the Security Product Engineering, Automation and Research (SPEAR) team at VMware. He has designed, built and implemented solutions to ensure that VMware\'s software supply chain remains secure. When not looking for new ways to keep software safe, he can usually be found tinkering with all manner of gadgets, working to bring amateur radio software into the modern era, or enjoying the peace of nature in his native Colorado.
\n\n
\nDescription:
\nIf you\'ve ever looked into the current standard software for many different packet radio operations, you\'ve probably experienced the 90s interfaces, weird and wacky undocumented configuration, and general lack of consideration for open source. Modern Packet Message Manager hopes to put an end to that situation by either creating or collecting a full open-source stack of software to facilitate digital packet messaging, with a focus on modularity, open source, and modern interfaces.\n
\n\n\'',NULL,367140),('2_Friday','10','10:10','10:50','N','CLV','Flamingo - Mesquite - Cloud Village','\'Cloud Village - Keynote\'','\'Ben \"NahamSec\" Sadeghipour\'','CLV_135cd19c08b27ac94abcfaf53d57c0dd','\'Title: Cloud Village - Keynote
\nWhen: Friday, Aug 11, 10:10 - 10:50 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Ben \"NahamSec\" Sadeghipour\n, Hacker & Content Creator at NahamSec
\nBen Sadeghipour AKA NahamSec is a security researcher and content creator. He’s currently in the top 100 for both HackerOne(25) and Bugcrowd’s (95) leaderboards. He has helped identify over a thousand vulnerabilities in companies like Amazon, Apple, Airbnb, Lyft, Snapchat and more. Prior to doing content creation full time, he worked as a research and community education executive at Hadrian and HackerOne. Ben has presented many talks and workshops at cons such DEFCON, BSides, OWASP AppSec, RSA, Red Team Village, and more. He also enjoys hosting and organizing hacker meetups or virtual conferences such as NahamCon and Hacktivitycon!
\nTwitter: @nahamsec
\n\n
\nDescription:No Description available
\n\'',NULL,367141),('2_Friday','11','11:30','12:10','N','CLV','Flamingo - Mesquite - Cloud Village','\'The Dark Playground of CI/CD: Attack Delivery by GitHub Actions\'','\'Kiyohito Yamamoto,Yusuke Kubo\'','CLV_9e5fb687b38f524dc47f9c9b5ca7c22a','\'Title: The Dark Playground of CI/CD: Attack Delivery by GitHub Actions
\nWhen: Friday, Aug 11, 11:30 - 12:10 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\nSpeakers:Kiyohito Yamamoto,Yusuke Kubo
\n
SpeakerBio:Kiyohito Yamamoto\n, Security Engineer at NTT Communications
\nKiyohito Yamamoto works as an Security Engineer at NTT Communications, Japanese Telecommunication Company, and is also NTT Group Certified Security Principal. He served as a Senior Response Expert during the Tokyo Olympics and also conducted TLPT tests.
\n
SpeakerBio:Yusuke Kubo\n, Offensive Security Researcher at NTT Communications
\nYusuke Kubo works as an Offensive Security Researcher at NTT Communications, Japanese Telecommunication Company, and is also NTT Group Certified Security Principal. His responsibilities include researching attack techniques and providing RedTeam for internal. And he contributed to MITRE ATT&CK regarding Safe Mode Boot(T1562.009).
\n\n
\nDescription:
\nGitHub, a software development platform, has become popular in recent years and as of March 2023 and according to GitHub, Inc., is being used by 100 million users worldwide. As the service used by developers around the world, security related to the service becomes a global research topic.\nMost of the security topic for GitHub are about information leakage such as source code and APIKEY, which is related to the main function of GitHub service. On the other hand, we focused on the potential for attacks using GitHub Actions, a CICD feature provided by GitHub.\n

Our research includes both known attack techniques already used by attackers and unknown attacks not yet observed in the wild. The following is a description of the five attacks introduced in this presentation.\n

\n

Finally, we have systematized the above five attacks based on two perspectives: - GitHub Actions features, such as repository ownership and runner types. - Threat level, including severity and probability. Each attack is shown with its use cases, as well as the potential damages that could occur if it were executed.\n

The attack we demonstrate in this presentation could potentially be widely used in other CI/CD services. By discovering threats in CI/CD, we hope to enhance the overall security of these services.\n

\n\n\'',NULL,367142),('2_Friday','12','11:30','12:10','Y','CLV','Flamingo - Mesquite - Cloud Village','\'The Dark Playground of CI/CD: Attack Delivery by GitHub Actions\'','\'Kiyohito Yamamoto,Yusuke Kubo\'','CLV_9e5fb687b38f524dc47f9c9b5ca7c22a','\'\'',NULL,367143),('2_Friday','13','13:25','14:05','N','CLV','Flamingo - Mesquite - Cloud Village','\'Azure DevOps Security\'','\'Viktor Gazdag\'','CLV_f117a05120094ffd448ac4d7333e0bd3','\'Title: Azure DevOps Security
\nWhen: Friday, Aug 11, 13:25 - 14:05 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Viktor Gazdag\n
\nViktor Gazdag has worked as pentester and security consultant for 8 years, lead cloud research working group and M365 capability service. He has reported numerous vulnerabilities in products from companies such as Oracle, SAP, Atlassian, Jenkins, CloudBees Jenkins, JetBrains, Sonatype, as well as hundreds of plugin vulnerabilities in Jenkins Plugins. In 2019, he received the Jenkins Security MVP award. He gave a talk about the research behind finding more than a 100 Jenkins Plugin vulnerabilities at DevOps World. He also gave a presentation at Black Hat USA and DoD CyberDT XSWG about CI/CD pipeline compromises. He also holds multiple AWS/Azure/GCP, Infra as Code, DevOps and Hacking certifications.
\n\n
\nDescription:
\nCompanies move their development environment from on-prem to the cloud as well. One of the solutions is Azure DevOps (ADO). ADO provides same or similar service that are already existed on-prem such as ticketing, wiki, repository, pipeline, artifacts etc.\n

There is a difference between security in the pipeline and security of the pipeline. As a security consultant/pentester we saw both ends and came across these environments either in assumed breach, configuration review or SDL assessment.\n

In this talk, we take a look at the later and review the security controls for Azure DevOps (although can be used for other cloud providers as well) that can help in mitigating attacks and the blast radius of a breach. There will be also some resources shared where to go after the talk.\n

\n\n\'',NULL,367144),('2_Friday','14','13:25','14:05','Y','CLV','Flamingo - Mesquite - Cloud Village','\'Azure DevOps Security\'','\'Viktor Gazdag\'','CLV_f117a05120094ffd448ac4d7333e0bd3','\'\'',NULL,367145),('3_Saturday','14','14:10','14:50','N','CLV','Flamingo - Mesquite - Cloud Village','\'Bridging the Gap: Cloud Threat Intelligence for Detection and Offensive Security Practitioners\'','\'Alex Delamotte\'','CLV_826f5ac4f89f5b82c23d34188d096cea','\'Title: Bridging the Gap: Cloud Threat Intelligence for Detection and Offensive Security Practitioners
\nWhen: Saturday, Aug 12, 14:10 - 14:50 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Alex Delamotte\n
\nAlex\'s passion for cybersecurity is humbly rooted in the early aughts, when she declared a vendetta against a computer worm. Over the past decade, Alex has worked with blue, purple, and red teams serving companies in the technology, financial, pharmaceuticals, and telecom sectors and she has shared research with several ISACs. Alex enjoys researching the intersection of cybercrime and state-sponsored activity. She relentlessly questions why actors pivot to a new technique or attack surface. In her spare time, she can be found DJing or servicing her music arcade games.
\nTwitter: @spiderspiders_
\n\n
\nDescription:
\nDuring my transition from a conventional malware research position to a detection engineering role within a technology company, I encountered significant difficulties in acquiring actionable and timely intelligence regarding cloud-based threat actors. Subsequently, when I assumed a new position on an offensive security team, I faced similar challenges due to the scarcity of threat intelligence necessary for effective adversary emulation.\n

Recently, I had the opportunity to publish my research on [AlienFox](https://www.sentinelone.com/labs/dissecting-alienfox-the-cloud-spammers-swiss-army-knife/), a communally-developed cloud spamming toolset. As a curator of cloud intelligence, I am confronted with the arduous task of providing defenders with actionable threat intelligence in situations where the tools employed by attackers remain confined within their own systems. In targeted service environments, the utilization of payloads is considerably reduced, with the absence of prominent features such as Cobalt Strike beacons or Meterpreter. Additionally, the intricacies of DLL injection and registry modifications are rendered obsolete. Instead, cloud attackers harness robust and extensively documented APIs developed by the respective service providers, eliminating the need for complex shellcode encoders.\n

Given these limitations, how can defenders effectively operate? These attacks invariably leave behind artifacts in the form of configurations, such as the creation of new user profiles, which can be traced through API logs. Ultimately, if approached with an open mind and a willingness to adapt forensic methodologies, these techniques can be extrapolated from the realm of endpoint security. This talk will discuss how to approach detection of several familiar techniques--such as privilege escalation and persistence--ported to the cloud realm.\n

\n\n\'',NULL,367146),('2_Friday','10','10:50','11:30','N','CLV','Flamingo - Mesquite - Cloud Village','\'Evading Logging in the Cloud: Bypassing AWS CloudTrail\'','\'Nick Frichette\'','CLV_3da177937b79dad4f7c0b5b0f1c96327','\'Title: Evading Logging in the Cloud: Bypassing AWS CloudTrail
\nWhen: Friday, Aug 11, 10:50 - 11:30 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Nick Frichette\n
\nNick Frichette is a Senior Security Researcher at Datadog, where he specializes in AWS offensive security. He is known for finding multiple zero-day vulnerabilities in the AWS services and regularly publishing on new attack techniques. In addition to his research, Nick is the creator and primary contributor to Hacking the Cloud, an open source encyclopedia of offensive cloud security tradecraft.
\nTwitter: @Frichette_n
\n\n
\nDescription:
\nAmazon Web Services (AWS) customers rely on CloudTrail for continuous monitoring and detection of security incidents within their cloud environments. But what if an attacker could bypass this vital security layer, conducting stealthy reconnaissance and even modifying the environment without leaving any log evidence?\n

In this talk I will explore the attack surface of the AWS API, and share multiple vulnerabilities I discovered that allowed me to bypass CloudTrail logging for different AWS services. These vulnerabilities have now been fixed by AWS.\n

Attendees will gain an understanding of how these vulnerabilities are found, an understanding of the internals of the AWS APIs, and knowledge of how to apply these methods to new CloudTrail bypasses.\n

\n\n\'',NULL,367147),('2_Friday','11','10:50','11:30','Y','CLV','Flamingo - Mesquite - Cloud Village','\'Evading Logging in the Cloud: Bypassing AWS CloudTrail\'','\'Nick Frichette\'','CLV_3da177937b79dad4f7c0b5b0f1c96327','\'\'',NULL,367148),('3_Saturday','10','10:30','11:10','N','CLV','Flamingo - Mesquite - Cloud Village','\'Between a Log and a Hard Place: (mis)Adventures in Azure Logs\'','\'Dmitriy Beryoza\'','CLV_69f492629bba0e474986da8869900a85','\'Title: Between a Log and a Hard Place: (mis)Adventures in Azure Logs
\nWhen: Saturday, Aug 12, 10:30 - 11:10 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Dmitriy Beryoza\n
\nDmitriy Beryoza is a Senior Security Researcher with Vectra AI, working on threat detection in the cloud and on-prem networks. Before that, he was a penetration tester and secure software development advocate at IBM. Before switching to security full-time, Dmitriy has been a software developer for many years. He presented talks at BSides Las Vegas, BSides SF, HackFest, and others. Dmitriy holds a Ph.D. in Computer Science and OSCP, CISSP, CCSP and CEH certifications. His interests include reverse engineering, secure software development, and CTF competitions.
\nTwitter: @0xd13a
\n\n
\nDescription:
\nSecurity monitoring in any environment is made or broken by the signal quality in the event logs.\nCloud-based solutions have transformed the computing landscape with advantages like on-demand resource availability, scalability, cost-effectiveness, and enhanced collaboration capabilities. For defenders, this new world offered many benefits: robust identity management, patching at scale, improved incident detection and response, and more.\n

Cloud providers expose detailed logs that are consumed by security monitoring tools and SOC analysts. One would expect a common, streamlined logging solution to be a clear win in attack detection functionality, but the reality is more complicated.\n

We have spent the last three years studying and monitoring Azure logs and have seen many problems that can complicate incident detection and response. With no alternatives to the provider\'s logging solution and slow problem mitigation speed, these issues go beyond mere annoyances and can help attackers avoid detection.\n

In this talk, we will examine logging facilities in Azure, concentrating on events generated by Azure AD and Microsoft 365, and discuss multiple problems that we have observed in monitoring them.\n

These include:\n

\n

and more\n

For all these issues, we will:\n

\n\n\'',NULL,367149),('3_Saturday','11','10:30','11:10','Y','CLV','Flamingo - Mesquite - Cloud Village','\'Between a Log and a Hard Place: (mis)Adventures in Azure Logs\'','\'Dmitriy Beryoza\'','CLV_69f492629bba0e474986da8869900a85','\'\'',NULL,367150),('4_Sunday','10','10:00','10:40','N','CLV','Flamingo - Mesquite - Cloud Village','\'Call Me Phishmael: Hunting Sensitive Docker Images in Google Container Registry Leaks\'','\'Ian Dillon\'','CLV_94f63d85ca823eccb52099d71c7e7b64','\'Title: Call Me Phishmael: Hunting Sensitive Docker Images in Google Container Registry Leaks
\nWhen: Sunday, Aug 13, 10:00 - 10:40 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Ian Dillon\n, Staff Security Engineer at New York Times
\nIan Dillon is a Staff Security engineer at the New York Times, mostly focusing on cloud security. Long interested in security (like driving 24 hours straight for DEF CON 8), he instead wandered in the desert for years as a software engineer, DBA, then cloud engineer before coming to his senses.
\nTwitter: @amenbreakpoint
\n\n
\nDescription:
\nUI confusion, ACL limitations, and default product behaviors in Google Cloud Platform (GCP) have created a scenario in which it is very easy to accidentally expose sensitive Google Container Registry (GCR) Docker images to the public. To try and determine the frequency of this misconfiguration, and the resulting value of leaked Docker images to attackers, we built a scanner to help find GCP projects with mis-configured GCR repositories. The results were surprising: scores of open image repositories with sensitive source code and a multitude of active secrets to cloud environments, build systems, and external vendors.\n

In this presentation, I\'ll explain the common cause of the GCR misconfiguration and how other GCP service defaults can widen the exposure. We\'ll also discuss our scanner\'s approach in narrowing down potential target projects and avoiding GCP abuse mitigation. Finally, we\'ll go over the common mistakes I found in image builds and applications that allowed simple image exposure to cascade into privilege escalation and direct production system access.\n

\n\n\'',NULL,367151),('3_Saturday','12','12:20','12:59','N','CLV','Flamingo - Mesquite - Cloud Village','\'The Rocky Balboa Guide to Security Research: Getting Back Up When You Get Knocked Down\'','\'Liv Matan\'','CLV_6fb068d7653b11d2b4a5c6d7a0140ba8','\'Title: The Rocky Balboa Guide to Security Research: Getting Back Up When You Get Knocked Down
\nWhen: Saturday, Aug 12, 12:20 - 12:59 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Liv Matan\n, Cloud Security Researcher at Ermetic
\nLiv Matan is a cloud security researcher at Ermetic, where he specializes in application and web security. He previously served in the 8200 Intelligence Corps unit as a software developer. As a bug bounty hunter, Liv has found several vulnerabilities in popular software platforms, such as Azure web services, Facebook and Gitlab. In his free time, Liv boxes, lifts and plays Capture the Flag (CTF).Liv studied computer science at the Weizmann Institute of Science, in Israel.
\nTwitter: @terminatorLM
\n\n
\nDescription:
\nVulnerability research is sometimes perceived as a glamorous pursuit, where researchers constantly uncover security flaws and find critical exploits that can lead to catastrophic results. In this talk, we show you what it\'s really like behind the scenes of cloud vulnerability research.\n

We discuss the lessons learned while dealing with the barriers and challenges that arise when searching for and reporting new vulnerabilities to the biggest cloud vendors. We will present the mindset we embrace to find common ground in major services, and the importance of a responsible disclosure process. We debate why we, the researchers, are accountable for our findings and how we should push the cloud vendor for the best bug resolution.\n

Often, vulnerability talks are about the researcher\'s greatest success stories. This talk also explores the unexpected benefits of coming up short in vulnerability research. We argue that these \"\"losses\"\" can provide valuable insights into security research, allowing us to better understand a system\'s strengths and weaknesses and its security stack.\n

The session draws on real-world examples, including a major vulnerability we uncovered that affected multiple Azure web services, exploitation of internal communication channels across various CSPs, and our go-to approach when exploring new unfamiliar cloud services. We close the session by discussing each vendor\'s unique approach to fixing reported security issues.\n

Join us for this thought-provoking talk and discover the hidden side of vulnerability research. You\'ll come away with a new appreciation for the challenges and rewards of this fascinating field and a deeper understanding of its role in keeping us all safe and secure.\n

\n\n\'',NULL,367152),('3_Saturday','13','13:30','14:10','N','CLV','Flamingo - Mesquite - Cloud Village','\'What the Function: A Deep Dive into Azure Function App Security\'','\'Karl Fosaaen,Thomas Elling\'','CLV_87e4eb758d803b4cd9e2a2b26ef39379','\'Title: What the Function: A Deep Dive into Azure Function App Security
\nWhen: Saturday, Aug 12, 13:30 - 14:10 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\nSpeakers:Karl Fosaaen,Thomas Elling
\n
SpeakerBio:Karl Fosaaen\n, VP of Research at NetSPI
\nAs a VP of Research, Karl is part of a team developing new services and product offerings at NetSPI. Karl previously oversaw the Cloud Penetration Testing service lines at NetSPI and is one of the founding members of NetSPI\'s Portland, OR team. Karl has a Bachelors of Computer Science from the University of Minnesota and has been in the security consulting industry for 15 years. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit (https://github.com/NetSPI/Microburst) to house many of the PowerShell tools that he uses for testing Azure. In 2021, Karl co-authored the book \"Penetration Testing Azure for Ethical Hackers\" with David Okeyode.
\nTwitter: @kfosaaen
\n
SpeakerBio:Thomas Elling\n
\nThomas Elling is the Director of Cloud Pentesting and a security researcher at NetSPI. He specializes in web application and cloud security testing. He has advised multiple Fortune 500 companies in the technology sector. In his spare time, Thomas enjoys improving his coding skills, watching bad action movies, and hanging out with his dog, Chunks.
\n\n
\nDescription:
\nAs organizations have evolved from the \"Lift and Shift\" cloud migration strategy to building \"Cloud Native\" applications, there has been a significant increase in the usage of Platform as a Service (PaaS) services in the cloud. The Azure Function App service is a commonly used resource in this space, as it provides simple and easy to deploy application hosting. While the serverless service offers a wide variety of convenient features, it also comes with its own security challenges.\n

We will be discussing how the service is utilized by Azure customers and some of the architecture design flaws that can lead to privilege escalation scenarios. Additionally, we will be covering a recently remediated privilege escalation issue that resulted in the Azure “Reader” RBAC role gaining code execution privileges in Function App containers.\n

We will also be releasing a tool that automates the exploitation of write access on a Function App\'s Storage Account. The tool will allow you to gain cleartext access to the Function App keys, and will generate Managed Identity tokens that can be used to pivot to the Function App’s identity. Finally, we will also include best practices and recommendations on how defenders can implement policy and configuration changes that help mitigate these issues.\n

\n\n\'',NULL,367153),('3_Saturday','14','13:30','14:10','Y','CLV','Flamingo - Mesquite - Cloud Village','\'What the Function: A Deep Dive into Azure Function App Security\'','\'Karl Fosaaen,Thomas Elling\'','CLV_87e4eb758d803b4cd9e2a2b26ef39379','\'\'',NULL,367154),('3_Saturday','11','11:10','11:50','N','CLV','Flamingo - Mesquite - Cloud Village','\'SSO Sloppy, SSO Suspect, SSO Vulnerable\'','\'Jenko Hwong\'','CLV_cbfd4e5f0e57ff7de813e5e62d9e154b','\'Title: SSO Sloppy, SSO Suspect, SSO Vulnerable
\nWhen: Saturday, Aug 12, 11:10 - 11:50 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Jenko Hwong\n, Principal Researcher, Threat Research Team at Netskope
\nJenko Hwong is a Principal Researcher on Netskope\'s Threat Research Team, focusing on cloud threats/vectors. He\'s spent time in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and windows security.
\nTwitter: @jenkohwong
\n\n
\nDescription:
\nEnterprise SSO protocols and vendor implementations continue to evolve for the worse, as we\'ve gone from SAML to OAuth to MUVP (Made-Up-Vendor-Protocol).\n

Attacks against SSO started with the Golden SAML attack (Cyberark, 11/2017), which used stolen certificates to spoof SAML responses, recently used in the SolarWinds hack in 2020. Recently, OAuth has been used to implement SSO, and new POC identity attacks have been published such as gaining access to a Facebook account that uses Gmail as the SSO identity provider via OAuth 2.0 (Sammouda, 5/2022), utilizing the chaining of traditional web vulnerabilities such as XSS with the design of the OAuth protocol in order to steal OAuth session tokens. AWS\'s SSO implementation mixes SAML, OAuth, and traditional AWS access keys. And Microsoft and Google also use custom OAuth to implement SSO among their app suites.\n

This protocol soup opens up more areas for abuse by attackers with key benefits: remotely-enabled attacks by design without need for endpoint compromise, near-permanent access, no need to go through MFA challenges, and incomplete controls for in preventing, detecting, and responding to these attacks.\n

We will demonstrate how these attacks work, what\'s different, how the underlying SSO protocols and features are abused, and where defensive measures fail.\n

\n\n\'',NULL,367155),('4_Sunday','10','10:40','11:20','N','CLV','Flamingo - Mesquite - Cloud Village','\'Tag, You\'re Exposed: Exploring Azure Service Tags and their Impact on your Security Boundary\'','\'Aled Mehta,Christian Philipov\'','CLV_3a7abf7087119fe1bd0f978c54fde8f8','\'Title: Tag, You\'re Exposed: Exploring Azure Service Tags and their Impact on your Security Boundary
\nWhen: Sunday, Aug 13, 10:40 - 11:20 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\nSpeakers:Aled Mehta,Christian Philipov
\n
SpeakerBio:Aled Mehta\n
\nAled is security consultant in the cloud security team at WithSecure. He spends the majority of his time exploring Microsoft Cloud services focussing on identifying new attack paths, or new ways of performing well established attacks. Outside of this exploration, he is motivated by sharing knowledge and skills with his colleagues and with the wider community.
\nTwitter: @x_delfino
\n
SpeakerBio:Christian Philipov\n, Senior Security Consultant at WithSecure
\nChris is a senior security consultant in the cloud security team at WithSecure. Loves looking into the unique ways that Microsoft Azure and Google Cloud Platform (GCP) works as well as helping out his fellow colleagues with all their various cloud technical issues. Chris has previously presented at fwd:cloudsec as well as BlueTeamCon, and holds multiple Microsoft certificates with the latest one being Microsoft Cybersecurity Architect.
\nTwitter: @chrispy_sec
\n\n
\nDescription:
\nWithin Cloud environments, the approach to securing networks and resources has shifted. An organisation\'s security perimeter has become blurred, with resources increasingly exposed, making it harder to clearly establish their attack surface. Components of network and security controls have been abstracted away, including the specific on how they are implemented. One of these abstractions is through Azure Service Tags, a feature that we frequently see being used, and one that often results in resources being more exposed than intended.\n

In this talk, we will explore Service Tags in Azure, a common method for modern organisations to use pre-defined network ranges to be allow-listed for inbound and outbound network traffic. Although a useful means to simplify configuration to allow service-to-service communication, its usage can lead to unintentional cross-tenant access to Azure resources. The aim of the talk is to highlight several novel methods by which attackers can get access to a corporate environment. These will range from:\n

\n

Fundamentally, this is the service working as intended. Service Tags are supposed to cover Azure service network ranges and these do, by design, include other organisations\' environments. The issue mostly lies in the lack of detailed documentation and the lack of awareness around the breadth of coverage, and the potential impact of these controls. Where documentation is available that highlights some of these components, it is inconsistent in outlining the risks and potential impact. Through our work at a consultancy, we have worked with a range of organisations from large enterprises to medium sized companies. Based on our observations, this is a common issue that is present in different production Azure environments.\n

Listeners of the talk will come out with an understanding of:\n

\n\n\'',NULL,367156),('4_Sunday','11','10:40','11:20','Y','CLV','Flamingo - Mesquite - Cloud Village','\'Tag, You\'re Exposed: Exploring Azure Service Tags and their Impact on your Security Boundary\'','\'Aled Mehta,Christian Philipov\'','CLV_3a7abf7087119fe1bd0f978c54fde8f8','\'\'',NULL,367157),('4_Sunday','11','11:20','11:59','N','CLV','Flamingo - Mesquite - Cloud Village','\'Security Logging in the cloud, trade-offs to consider and patterns to maximise the effectiveness of security data pipelines\'','\'Marco Mancini\'','CLV_a5909e26864782f26716259e7038715d','\'Title: Security Logging in the cloud, trade-offs to consider and patterns to maximise the effectiveness of security data pipelines
\nWhen: Sunday, Aug 13, 11:20 - 11:59 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Marco Mancini\n, Tech Lead for the Detection Engineering at Thought Machine
\nI am the tech lead for the Detection Engineering team at Thought Machine a cloud-native core banking company. My career has been based on doing Incident Response and Security monitoring for banks and financial institutions with a deep focus on engineering data driven solutions to several security problems.
\nTwitter: @ManciniJ
\n\n
\nDescription:
\nSecurity Operations in the cloud can be thought as a data problem. If you can immediately and easily answer questions of what, how and who has done an action attackers can be uncovered and dealt with much quicker.\n

Building the infrastructure to do this however can easily become very expensive and there are some big trade-offs to consider when building a security logging pipeline.\n

This talk will explain the different logging patterns that you can find in public clouds like AWS, GCP and Azure and the pitfalls and experience from building and rebuilding the security logging at different scale levels.\n

This talk should give any attendees protecting a company with a big cloud exposure valuable insights that could be applied to building a new security logging function and also how to improve their current security pipelines.\n

\n\n\'',NULL,367158),('4_Sunday','12','12:00','12:40','N','CLV','Flamingo - Mesquite - Cloud Village','\'Tales from a detection engineering in AWSland\'','\'Rodrigo Montoro\'','CLV_17ca741d9bd4812ea88a93622c7bc26c','\'Title: Tales from a detection engineering in AWSland
\nWhen: Sunday, Aug 13, 12:00 - 12:40 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Rodrigo Montoro\n, Head of Threat & Detection Research at Clavis Security
\nRodrigo Montoro has over 23 years of experience in Information Technology and Computer Security. For most of his career, he has worked with open-source security software (firewalls, IDS, IPS, HIDS, log management, endpoint monitoring), incident detection & response, and Cloud Security. Currently is Head of Threat & Detection Research at Clavis Security. Before that, he worked as Cloud Researcher at Tenchi Security, Head of Research and Development at Apura Cyber Intelligence, SOC/Researcher at Tempest Security, Senior Security Administrator at Sucuri, and Researcher at Spiderlabs. Author of 2 patented technologies involving innovation in the detection field. One is related to discovering malicious digital documents. The second one is in how to analyze malicious HTTP traffic. Rodrigo has spoken at several open source and security conferences (Defcon Cloud Village, OWASP AppSec, SANS (DFIR, SIEM Summit & CloudSecNext), Toorcon (USA), H2HC (São Paulo and Mexico), SecTor (Canada), CNASI, SOURCE, ZonCon (Amazon Internal Conference), Blackhat Brazil, BSides (Las Vegas e SP)).
\nTwitter: @spookerlabs
\n\n
\nDescription:
\nCloud providers\' ecosystems have brought a lot of new challenges to the Security Operations Center (SOC). We now have a lot of attack vectors that create known and still unknown attack vectors, generating a considerable need for further research and detection in this field.\n

Specifically, in AWS, we are talking about more than three hundred (300+) services that an attacker could have their specific attack path to achieve their goal. Considering that chaotic scenario and leading a Detection Engineering Team that monitors hundreds of customers, we developed new and innovative ways to improve customer detection in three paths:\n

First, the largest market for cloud security is associated with Cloud Security Posture Management (CSPM), a tool that monitors misconfigurations in cloud accounts. We converted the top 10 results based on the CSPM vendor\'s statistics reports. The findings are prioritized from informational to critical, helping to fix the misconfiguration and making the attacker path more difficult.\n

Second, we examined the standard tools\' behavior and built detections based on those. In particular, PACU (comprehensive AWS security-testing toolkit designed for offensive security practitioners), Endgame, and Cloudfox. The main goal is to have tool-agnostic detections using a combination of them to better fit into the AWS scenario.\n

Third, and just as important, are uncommon paths that abuse services that are not commonly used or have enough research on it but could lead to data exfiltration, resource exposure, privilege escalation, and so on.\n

By the end of this talk, attendees will be able to acquire new detection ideas, improve their cloud security posture, and mitigate attack surfaces.\n

\n\n\'',NULL,367159),('2_Friday','14','14:35','16:30','N','CLV','Flamingo - Mesquite - Cloud Village','\'Infrastructure as Remote Code Execution\'','\'Michael McCabe\'','CLV_7c1410d2782b5b095326367e6dbead21','\'Title: Infrastructure as Remote Code Execution
\nWhen: Friday, Aug 11, 14:35 - 16:30 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Michael McCabe\n, Founder at Cloud Security Partners
\nMichael McCabe founded Cloud Security Partners in 2017 to create and implement security solutions for a select number of clients. Over the course of his career, Michael has led teams in startups and large financial institutions and guided them through their security journeys. He leads the OWASP Northern Virginia chapter, where he coordinated countless talks and meetups that hosted industry-leading experts. He has been a featured speaker at numerous conferences about application security, cloud security, and more.
\nTwitter: @mccabe615
\n\n
\nDescription:
\nThe workshop will focus on research done on Terraform implementations and ways a malicious user could abuse them. During the workshop attendees will learn how Terraform works, how common Terraform security controls are applied, and multiple ways to bypass them and gain further access to environments.\n

Terraform is a powerful infrastructure as code tool, but it is also a potential security gap when not properly configured. Built into Terraform, there are numerous ways an attacker with developer-level access could abuse it to gain a larger foothold or harvest data.\n

During the workshop, attendees will be led through various exercises using GitHub Actions, Terraform Cloud, and AWS. The workshop aims to teach attendees how Terraform works, various methods that can be potentially abused, and some controls to prevent them.\n

\n\n\'',NULL,367160),('2_Friday','15','14:35','16:30','Y','CLV','Flamingo - Mesquite - Cloud Village','\'Infrastructure as Remote Code Execution\'','\'Michael McCabe\'','CLV_7c1410d2782b5b095326367e6dbead21','\'\'',NULL,367161),('2_Friday','16','14:35','16:30','Y','CLV','Flamingo - Mesquite - Cloud Village','\'Infrastructure as Remote Code Execution\'','\'Michael McCabe\'','CLV_7c1410d2782b5b095326367e6dbead21','\'\'',NULL,367162),('2_Friday','13','13:00','13:25','N','CLV','Flamingo - Mesquite - Cloud Village','\'Identifying and securing Firebase vulnerabilities at scale\'','\'Rojan Rijal\'','CLV_d96d0f0544654c74db60807e3876626e','\'Title: Identifying and securing Firebase vulnerabilities at scale
\nWhen: Friday, Aug 11, 13:00 - 13:25 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Rojan Rijal\n
\nRojan Rijal is a security researcher with seven years of experience identifying vulnerabilities in open source, SaaS products and cloud environments. Rojan has been recognized for finding impactful vulnerabilities in private organizations such as Netflix, Zoom, Google, and GitHub and public organizations like the United State Air Force and the United Kingdom\'s Ministry of Defence. Rojan has presented his research at conferences like BSides San Francisco, Recon Village at Defcon 30 and more.
\nTwitter: @uraniumhacker
\n\n
\nDescription:
\nGoogle\'s Firebase product is a one-stop-shop for deploying infrastructure for small and large scale applications. Firebase provides products ranging from databases, file storage to application authentication and more. Misconfigurations in setting up these infrastructure can result in severe information disclosure and breaches.\n

In this talk, we will go over common vulnerabilities on each Firebase product. When going over the vulnerabilities, we will show some sample case-studies affecting small and large organizations. We will then cover some automation test cases that we used to identify these vulnerabilities at scale. Finally, we will cover some example rules that can help mitigate these vulnerabilities at large.\n

At the end of this talk, the audience will walkway with knowledge about different types of vulnerabilities to test when reviewing Firebase configurations.\n

\n\n\'',NULL,367163),('2_Friday','12','12:10','12:30','N','CLV','Flamingo - Mesquite - Cloud Village','\'From Service Catalog Admin to Account takeover: Privilege Escalation with Service Catalog Launch Constraint\'','\'Sarachai Boonyakiat\'','CLV_9a0e2078c136128539e71cf6e70a8d97','\'Title: From Service Catalog Admin to Account takeover: Privilege Escalation with Service Catalog Launch Constraint
\nWhen: Friday, Aug 11, 12:10 - 12:30 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Sarachai Boonyakiat\n, Principal Cloud Security
\nI am Principal Cloud Security in a Non-Profit organization with several years experience in IT security in many industries including Industrial automation, Banking, Insurance, MSSP, Non-Profit and transition to full time Cloud Security since 2019. My current area of responsibilities are design, implement, maintain security controls as well as threat research, pen-testing, log management and incident response in the Cloud (primary AWS). Beside work I like to travel and explore food from different places and cultures.
\nTwitter: @ChaiBoonyakiat
\n\n
\nDescription:
\nAWS offers Service Catalog to help organization centrally manage commonly deployed IT services through Infrastructure As Code whether it be CloudFormation template or Terraform, and helps organizations achieve consistent governance and meet compliance requirements. Additionally, as the security feature, organization can delegate the permission to what AWS called \"Launch Constraints\" role to provision resources on behalf of regular users whom otherwise do not have enough permission to provision resource themselves.\n

In this talk, we are going to explore how attackers, after initial access, can establish persistence and escalate their permission and continue further down the attack chain by leveraging the misconfiguration of the launch constraints role in conjunction with compromised service catalog admin user to take over the entire AWS account. We also will talk about how to detect such attempt and how to apply defense in depth to stop attackers at different stages of the attack chain.\n

\n\n\'',NULL,367164),('2_Friday','12','12:30','12:59','N','CLV','Flamingo - Mesquite - Cloud Village','\'Attacks as a Service with The DeRF\'','\'Kat Traxler\'','CLV_8b7df5862d16eff90b3705c05b60a49c','\'Title: Attacks as a Service with The DeRF
\nWhen: Friday, Aug 11, 12:30 - 12:59 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Kat Traxler\n, Principal Security Researcher at Vectra AI
\nKat Traxler is the Principal Security Researcher at Vectra AI focusing on threat detection in the public cloud. Prior to her current role, she worked in various stages in the SDLC performing web application penetration testing and security architecture design for Web, IAM, Payment Technologies and Cloud Native Technologies.\n

Kat\'s research philosophy directs her attention to where design flaws and misconfigurations are most probable. This guiding principle leads her research to the intersection of technologies, particularly the convergence of cloud security and application security and where the OS-layer interfaces with higher-level abstractions.\n

Kat has presented at various conferences including the SANS CloudSecNext Summit and fwd:CloudSec on topics such as privilege escalation in GCP, and bug-hunting in the cloud. In addition to her work at Vectra AI, she is a member of IAN Faculty and the Lead Author of the SANS SEC549 - Enterprise Cloud Security Architecture and currently holds multiple GIAC certifications. You can find her on the internet as @nightmareJS\n

\nTwitter: @NightmareJS
\n\n
\nDescription:
\nIntroducing the DeRF (Detection Replay Framework), a tool which hosts attack techniques and supports the invocation of those attacks across cloud environments. What sets DeRF apart from other cloud attack tools?\n
\n

During this demo, we will guide you through the straightforward and automated deployment process for the DeRF. We\'ll demonstrate how to invoke pre-configured attack techniques and illustrate how you can customize the framework to align with your internal attacker profile. By deploying the DeRF within your organization you can easily spin up attacker simulations, to augment training or automate the testing of detection capabilities.\n

\n\n\'',NULL,367165),('4_Sunday','12','12:40','13:10','N','CLV','Flamingo - Mesquite - Cloud Village','\'CNAPPGoat - A multicloud vulnerable-by-design infrastructure deployment tool\'','\'Igal Gofman,Noam Dahan\'','CLV_61d6cf3dad3edc3228887e99857cda1b','\'Title: CNAPPGoat - A multicloud vulnerable-by-design infrastructure deployment tool
\nWhen: Sunday, Aug 13, 12:40 - 13:10 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\nSpeakers:Igal Gofman,Noam Dahan
\n
SpeakerBio:Igal Gofman\n
\nIgal Gofman is a Head of Security Research at Ermetic. Igal has a proven track record in cloud security, network security, research-oriented development, and threat intelligence. His research interests include cloud security, operating systems, and active directory. Prior to Ermetic Igal worked at Microsoft, XM-Cyber, and Check Point Software Technologies. Igal has spoken at various leading security conferences including Black Hat and DEF-CON.
\nTwitter: @IgalGofman
\n
SpeakerBio:Noam Dahan\n, Senior Security Researcher at Ermetic
\nNoam Dahan is a Senior Security Researcher at Ermetic with several years of experience in embedded security. He is a graduate of the Talpiot program at the Israel Defense Forces and spent several years in the 8200 Intelligence Corps. Noam was a competitive debater and is a former World Debating Champion. He is also a former speaker at Black Hat USA, DEF CON DemoLabs, Cloud Village and fwd:cloudsec.
\nTwitter: @NoamDahan
\n\n
\nDescription:
\nCNAPPGoat is a CLI tool designed to deploy intentionally vulnerable-by-design cloud infrastructure. It provides a useful playground for defenders to test their protective strategies, tools, and procedures and for offensive professionals to refine their skills and tooling. This tool deploys diverse infrastructures, including those with misconfigurations, IAM issues, network exposure, and those conducive to lateral movement attacks. While other (excellent) tools are designed to deploy tailored capture-the-flag scenarios, CNAPPGoat takes a broader approach by deploying a wide array of environments with diverse misconfigurations, providing a comprehensive perspective.\n

CNAPPGoat supports modular deployment of various vulnerable environments and is a multi-cloud tool. CNAPPGoat is built on Pulumi and supports multiple programming languages. It operates as a CLI tool, requiring no specific IaC expertise, enabling a wide range of professionals to deploy and monitor environments.\n

The tool enables defenders to test detection, prevention, and control mechanisms against vulnerabilities and misconfigurations, while aiding offensive professionals by providing practice environments. Demonstrations will include tool showcasing, deployment and remediation of a scenario, practical exploitation for learning, and guidance on building modules to customize CNAPPGoat.\n

\n\n\'',NULL,367166),('4_Sunday','13','12:40','13:10','Y','CLV','Flamingo - Mesquite - Cloud Village','\'CNAPPGoat - A multicloud vulnerable-by-design infrastructure deployment tool\'','\'Igal Gofman,Noam Dahan\'','CLV_61d6cf3dad3edc3228887e99857cda1b','\'\'',NULL,367167),('2_Friday','14','14:05','14:35','N','CLV','Flamingo - Mesquite - Cloud Village','\'MetaHub Demo: Automating Ownership, Context, and Impact Assessment in Security Findings\'','\' \'','CLV_663ff6ce749d7f47ba277f89dcddb60b','\'Title: MetaHub Demo: Automating Ownership, Context, and Impact Assessment in Security Findings
\nWhen: Friday, Aug 11, 14:05 - 14:35 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
\nDescription:
\nSecurity findings from automated sources such as network, software, or compliance scanners often overwhelm security teams with excessive generic, context-less information. Determining ownership and impact takes time and can cause critical vulnerabilities to go unnoticed, unnecessary noise, or friction between security teams and other stakeholders.\nMy proposed demo introduces MetaHub, a tool designed to mitigate these issues by automating the three crucial stages of security finding assessment: owner determination, contextualization, and impact definition. Leveraging the power of metadata through MetaChecks, MetaTags, MetaTrails, and MetaAccount, MetaHub provides a detailed, context-aware assessment of each finding.\n

By integrating MetaHub, teams can significantly reduce false positives, streamline the detection and resolution of security findings, and strategically tailor their scanner selection to minimize unnecessary noise. This ability to focus on meaningful, high-impact issues represents a significant step forward in security engineering and will be the primary focus of the demo.\n

MetaHub relies on the ASFF format for ingesting security findings which can be consumed from AWS Security Hub or any ASFF-supported scanner, like Prowler or ElectricEye. It can also help to generate reports and dashboards.\n

MetaHub is designed for use as a CLI tool or within automated workflows, such as AWS Security Hub custom actions, AWS Lambda functions, or AWS Step Functions.\n

Context, ownership, and impact definitions are not common topics that open source tools are addressing; this one is the approach I found for this problem that aims to be agnostic to the source scanner itself. For me, it would be more than valuable to connect with other people to understand other approaches and get feedback on this one.\n

Github: https://github.com/gabrielsoltz/metahub\n

\n\n\'',NULL,367168),('3_Saturday','10','10:00','10:30','N','CLV','Flamingo - Mesquite - Cloud Village','\'Introducing IAM-APE\'','\'Tohar Braun\'','CLV_d25df0c3343b0144d7ad87852d811fe4','\'Title: Introducing IAM-APE
\nWhen: Saturday, Aug 12, 10:00 - 10:30 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Tohar Braun\n
\nTohar Braun is a Research Tech Lead at Orca Security. During his career, he has helped bring cybercriminals to justice, stopped ransomware from extorting innocents, and unveiled numerous security issues for high-profile companies. He is passionate about helping businesses secure their cloud assets, taking malware apart, and getting shells where they shouldn\'t be.\n

Tohar is an avid gamer, trained chef, and on a quest to become a one man metal band.\n

\nTwitter: @MaliciousDelish
\n\n
\nDescription:
\nPermission management in AWS can be a daunting task. A single user can have an inline policy, attached managed policies, and be a member of several IAM groups. Not to mention Service Control Policies and permission boundaries!\n

IAM-APE, or IAM AWS Policy Evaluator, is an open source, automated tool that was designed to simplify the process of calculating effective permissions for an AWS entity. The tool gathers all the IAM policies present in your account, and then calculates the effective permissions that each entity - User, Group, or Role - has. It presents you with a single policy, summarizing all of their actual permissions\n

\n\n\'',NULL,367169),('3_Saturday','13','13:00','13:30','N','CLV','Flamingo - Mesquite - Cloud Village','\'CloudRecon - finding ephemeral assets in the cloud\'','\'Gunnar Andrews,Jason Haddix\'','CLV_90c1e49de73e4f2b0ee5dc78cb7f2bfb','\'Title: CloudRecon - finding ephemeral assets in the cloud
\nWhen: Saturday, Aug 12, 13:00 - 13:30 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\nSpeakers:Gunnar Andrews,Jason Haddix
\n
SpeakerBio:Gunnar Andrews\n
\nNo BIO available
\nTwitter: @@G0LDEN_infosec
\n
SpeakerBio:Jason Haddix\n, CISO and “Hacker in Charge” at BuddoBot
\nJason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He\'s had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd\'s leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
\nTwitter: @jhaddix
\n\n
\nDescription:
\nCloudRecon is a suite of tools for red teamers and bug hunters to find ephemeral and development assets in their campaigns and hunts.\n

Often, target organizations stand up cloud infrastructure that is not tied to their ASN or related to known infrastructure. Many times these assets are development sites, IT product portals, etc. Sometimes they don\'t have domains at all but many still need HTTPs.\n

CloudRecon is a suite of tools to scan all the cloud providers and find these hidden gems for testers, by inspecting those SSL certificates.\n

The tool suite is three parts in GO:\n

\n\n\'',NULL,367170),('3_Saturday','11','11:50','12:20','N','CLV','Flamingo - Mesquite - Cloud Village','\'Google Workspace Red Team Automation with SWAT\'','\'Justin Ibarra,Terrance DeJesus\'','CLV_a557c4b1ae68350b31209182dda7082c','\'Title: Google Workspace Red Team Automation with SWAT
\nWhen: Saturday, Aug 12, 11:50 - 12:20 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\nSpeakers:Justin Ibarra,Terrance DeJesus
\n
SpeakerBio:Justin Ibarra\n, Leader of the Threat Research and Detection Engineering Team at Elastic
\nJustin Ibarra is the leader of the Threat Research and Detection Engineering team at Elastic, where he was previously a principal security research engineer. He focuses on many aspects of offensive and defensive security research, including endpoint, cloud, and web based technologies. He spends a lot of time in telemetry and building detection capabilities, while also continually looking for ways to advance and evolve detection engineering approaches and principles.
\nTwitter: @br0k3ns0und
\n
SpeakerBio:Terrance DeJesus\n
\nTerrance DeJesus is a Security Detection Engineer for Elastic, where I balance engineering development with threat research into cloud-based threats. Previously held various positions at NTT Ltd. such as cyber threat hunter, threat intelligence analyst, and SOC analyst. Overall, I don\'t take myself seriously by am committed to whatever has my attention. Became a father at 19 years old and now have a beautiful family of 5. Selfishly, I love hip-hop culture and any role-playing game (RPG) I can get my hands on, but will choose WoW over Runescape any day. Focused on pursuing threat research in cloud-security, with a focus on GCP and AWS, but Google Workspace has been my interest lately. Looking forward to meeting others like-minded and potentially collaborating.
\nTwitter: @_xDeJesus
\n\n
\nDescription:
\nThe Simple Workspace ATT&CK Tool (SWAT) is a cutting-edge cybersecurity application that serves as an invaluable asset for threat detection rule authors, red team members, and security researchers. Designed with modularity and simplicity at its core, SWAT is an interactive Python shell tool, instrumental in emulating red-teaming behavior specifically against Google Workspace, and acting as a post-compromise tool.\n

At its heart, SWAT is grounded in the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and techniques. By hosting the ATT&CK enterprise data locally, SWAT significantly reduces lookup times, enhancing the overall user experience while ensuring access to the most relevant and current information.\n

A standout feature of SWAT is its inherent modularity, enabling security practitioners to add their custom modules for adversary emulation seamlessly. This flexibility allows the tool to adapt to evolving cybersecurity landscapes, and meet the unique needs of individual use-cases, thereby fostering a collaborative approach to threat detection and response.\n

SWAT further enhances its value proposition by integrating a payload known as \'Tango\'. Written in Go, Tango functions as a Command and Control (C2) agent, thus adding another layer of realism to red-teaming exercises. This integration encourages a deeper understanding of adversarial behavior and aids in the development of effective defense mechanisms.\n

In addition to its emulation capabilities, SWAT offers functionality to analyze data from Google Workspace. This feature empowers users to inspect and evaluate their current security posture, identify potential vulnerabilities, and proactively take steps to strengthen their defenses.\n

Finally, the tool\'s use extends beyond being a mere testing platform. SWAT can be a vital component in security workflows to model potential threats, formulate countermeasures, and train personnel on various facets of cybersecurity. With the continually evolving threat landscape, SWAT is well-positioned to assist cybersecurity professionals in staying ahead of their adversaries. The simplicity and modularity of SWAT make it a powerful tool in the arsenal of those committed to enhancing cybersecurity.\n

\n\n\'',NULL,367171),('3_Saturday','12','11:50','12:20','Y','CLV','Flamingo - Mesquite - Cloud Village','\'Google Workspace Red Team Automation with SWAT\'','\'Justin Ibarra,Terrance DeJesus\'','CLV_a557c4b1ae68350b31209182dda7082c','\'\'',NULL,367172),('2_Friday','09','09:00','01:59','N','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_8d2eaef878b673ae3ad0527cf29d94ef','\'Title: Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)
\nWhen: Friday, Aug 11, 09:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\n
\nDescription:
\nThe Shell On Demand Appliance Machine (S.O.D.A. Machine) at DEF CON provided by the National Upcycled Computing Collective, Inc. (NUCC).\n

So, what\'s the S.O.D.A. Machine all about? \n

Picture this:\n

You\'re at DEF CON, thirsty for some hacking. You\'re looking for a virtual machine (VM) to play with but don\'t want to be chained to your laptop.\n

Enter the Shell On Demand Appliance:\n

This heavily modified VM is your gateway to an anonymous VM, available in the Chillout Lounge and accessible over the DEF CON network. \n

A fusion of hardware, software, art, and hacking, all encapsulated in a project derived from recycled materials. The S.O.D.A. Machine provides a way for Humans to experience the DEF CON network in a way the secure WiFi won\'t allow, because the datacenter is inside the S.O.D.A. Machine and directly connected to the NOC.\n

Simply insert cash or coins into the bill or coin acceptor to get started. The lights on the buttons will change color depending on availibility.\n

A green light means the VM is available and ready.\n

An amber light requests the user to insert more money to ensure fair distribution according to current resources.\n

A red light denotes the selection is unavailable.\n

Once you make a selection, the system will deploy the VM to the network and a receipt will be printed.\n

On the receipt, login credentials are provided for you to access your virtual machine via remote shell. You are then able to change the password, install whatever tools and applications you need, making the VM your own.\n

What you do with the VM is up to you. Should you choose to share your virtual machine with someone outside of the DEF CON network, a Tor address is provided as well.\n

All proceeds go to the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization helping further research and education in computer science, technology and engineering as an (NTEE U41) Research Institute.\n

We accept donations: https://www.paypal.com/paypalme/NUCC\n

\n\'',NULL,367173),('4_Sunday','09','09:00','15:30','N','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_144b7a5f9dad2168d9bcaa0399785441','\'Title: Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)
\nWhen: Sunday, Aug 13, 09:00 - 15:30 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\n
\nDescription:
\nThe Shell On Demand Appliance Machine (S.O.D.A. Machine) at DEF CON provided by the National Upcycled Computing Collective, Inc. (NUCC).\n

So, what\'s the S.O.D.A. Machine all about? \n

Picture this:\n

You\'re at DEF CON, thirsty for some hacking. You\'re looking for a virtual machine (VM) to play with but don\'t want to be chained to your laptop.\n

Enter the Shell On Demand Appliance:\n

This heavily modified VM is your gateway to an anonymous VM, available in the Chillout Lounge and accessible over the DEF CON network. \n

A fusion of hardware, software, art, and hacking, all encapsulated in a project derived from recycled materials. The S.O.D.A. Machine provides a way for Humans to experience the DEF CON network in a way the secure WiFi won\'t allow, because the datacenter is inside the S.O.D.A. Machine and directly connected to the NOC.\n

Simply insert cash or coins into the bill or coin acceptor to get started. The lights on the buttons will change color depending on availibility.\n

A green light means the VM is available and ready.\n

An amber light requests the user to insert more money to ensure fair distribution according to current resources.\n

A red light denotes the selection is unavailable.\n

Once you make a selection, the system will deploy the VM to the network and a receipt will be printed.\n

On the receipt, login credentials are provided for you to access your virtual machine via remote shell. You are then able to change the password, install whatever tools and applications you need, making the VM your own.\n

What you do with the VM is up to you. Should you choose to share your virtual machine with someone outside of the DEF CON network, a Tor address is provided as well.\n

All proceeds go to the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization helping further research and education in computer science, technology and engineering as an (NTEE U41) Research Institute.\n

We accept donations: https://www.paypal.com/paypalme/NUCC\n

\n\'',NULL,367174),('4_Sunday','10','09:00','15:30','Y','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_144b7a5f9dad2168d9bcaa0399785441','\'\'',NULL,367175),('4_Sunday','11','09:00','15:30','Y','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_144b7a5f9dad2168d9bcaa0399785441','\'\'',NULL,367176),('4_Sunday','12','09:00','15:30','Y','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_144b7a5f9dad2168d9bcaa0399785441','\'\'',NULL,367177),('4_Sunday','13','09:00','15:30','Y','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_144b7a5f9dad2168d9bcaa0399785441','\'\'',NULL,367178),('4_Sunday','14','09:00','15:30','Y','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_144b7a5f9dad2168d9bcaa0399785441','\'\'',NULL,367179),('4_Sunday','15','09:00','15:30','Y','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_144b7a5f9dad2168d9bcaa0399785441','\'\'',NULL,367180),('1_Thursday','09','09:00','01:59','N','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_ec19fef0ed8d1f433150f8c582281049','\'Title: Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)
\nWhen: Thursday, Aug 10, 09:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\n
\nDescription:
\nThe Shell On Demand Appliance Machine (S.O.D.A. Machine) at DEF CON provided by the National Upcycled Computing Collective, Inc. (NUCC).\n

So, what\'s the S.O.D.A. Machine all about? \n

Picture this:\n

You\'re at DEF CON, thirsty for some hacking. You\'re looking for a virtual machine (VM) to play with but don\'t want to be chained to your laptop.\n

Enter the Shell On Demand Appliance:\n

This heavily modified VM is your gateway to an anonymous VM, available in the Chillout Lounge and accessible over the DEF CON network. \n

A fusion of hardware, software, art, and hacking, all encapsulated in a project derived from recycled materials. The S.O.D.A. Machine provides a way for Humans to experience the DEF CON network in a way the secure WiFi won\'t allow, because the datacenter is inside the S.O.D.A. Machine and directly connected to the NOC.\n

Simply insert cash or coins into the bill or coin acceptor to get started. The lights on the buttons will change color depending on availibility.\n

A green light means the VM is available and ready.\n

An amber light requests the user to insert more money to ensure fair distribution according to current resources.\n

A red light denotes the selection is unavailable.\n

Once you make a selection, the system will deploy the VM to the network and a receipt will be printed.\n

On the receipt, login credentials are provided for you to access your virtual machine via remote shell. You are then able to change the password, install whatever tools and applications you need, making the VM your own.\n

What you do with the VM is up to you. Should you choose to share your virtual machine with someone outside of the DEF CON network, a Tor address is provided as well.\n

All proceeds go to the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization helping further research and education in computer science, technology and engineering as an (NTEE U41) Research Institute.\n

We accept donations: https://www.paypal.com/paypalme/NUCC\n

\n\'',NULL,367181),('3_Saturday','09','09:00','01:59','N','DC','Caesars Forum - Forum - 121-123, 129, 137 - Chillout','\'Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)\'','\' \'','DC_d9e95519c990c241b855971cc389aaab','\'Title: Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)
\nWhen: Saturday, Aug 12, 09:00 - 01:59 PDT
\nWhere: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
\n
\nDescription:
\nThe Shell On Demand Appliance Machine (S.O.D.A. Machine) at DEF CON provided by the National Upcycled Computing Collective, Inc. (NUCC).\n

So, what\'s the S.O.D.A. Machine all about? \n

Picture this:\n

You\'re at DEF CON, thirsty for some hacking. You\'re looking for a virtual machine (VM) to play with but don\'t want to be chained to your laptop.\n

Enter the Shell On Demand Appliance:\n

This heavily modified VM is your gateway to an anonymous VM, available in the Chillout Lounge and accessible over the DEF CON network. \n

A fusion of hardware, software, art, and hacking, all encapsulated in a project derived from recycled materials. The S.O.D.A. Machine provides a way for Humans to experience the DEF CON network in a way the secure WiFi won\'t allow, because the datacenter is inside the S.O.D.A. Machine and directly connected to the NOC.\n

Simply insert cash or coins into the bill or coin acceptor to get started. The lights on the buttons will change color depending on availibility.\n

A green light means the VM is available and ready.\n

An amber light requests the user to insert more money to ensure fair distribution according to current resources.\n

A red light denotes the selection is unavailable.\n

Once you make a selection, the system will deploy the VM to the network and a receipt will be printed.\n

On the receipt, login credentials are provided for you to access your virtual machine via remote shell. You are then able to change the password, install whatever tools and applications you need, making the VM your own.\n

What you do with the VM is up to you. Should you choose to share your virtual machine with someone outside of the DEF CON network, a Tor address is provided as well.\n

All proceeds go to the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization helping further research and education in computer science, technology and engineering as an (NTEE U41) Research Institute.\n

We accept donations: https://www.paypal.com/paypalme/NUCC\n

\n\'',NULL,367182),('2_Friday','16','16:00','16:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Are you really eyeing my network? Network Reconnaissance for n00bs!\'','\'RJ McCarley\'','BICV_dc95cf71b2aadc4abdcedfa404dc651c','\'Title: Are you really eyeing my network? Network Reconnaissance for n00bs!
\nWhen: Friday, Aug 11, 16:00 - 16:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:RJ McCarley\n
\nNo BIO available
\n\n
\nDescription:
\nDuring this hands-on lab, participants will learn the fundamentals of the basics of network reconnaissance in Penetration Testing. The course will focus on practical scenarios and real-world examples to ensure participants gain practical skills that can be applied in their day-to-day work.\n

Prerequisites: Basic understanding of computer networks, cyber security concepts, command line interface, and operating systems.\n

Tools Covered:\n

\n\n\'',NULL,367183),('2_Friday','10','10:00','10:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'BIC Village Opening Keynote\'','\'John Threat\'','BICV_cf986661c2976fed27eba92a2b44ae2e','\'Title: BIC Village Opening Keynote
\nWhen: Friday, Aug 11, 10:00 - 10:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:John Threat\n
\nJohn Lee is a world renowned computer hacker , a writer/director, and a radical creative futurist. He’s been on the cover for Wired magazine and 60 Minutes.\n

He consults with several institutions and think tanks as a futurist, developing reasonable calculations of future events to both inspire creative endeavors for humanity and avoid or mitigate calamity.\n

John consults with a select group of entities about computer security and has appeared on the cover of magazines like Wired and on news programs like 60 minutes for his exploits and expert commentary on the hacker world.\n

John also develops narrative film and documentary projects about sci-fi and technology exploring the thematics of freedom and revolution. He also works on developing technologies to help in spreading and maintaining free speech and democracy for humans world wide. \n

John currently is consulting for entities like MoMa , Vision 2030 Futurist Collective, and [ redacted ] on security futures while developing a new film project for 2023 (Don’t Talk To Trees).\n

\n\n
\nDescription:
\nHe will be speaking about history in hacking & security from a general perspective and specifically from a Black perspective.\n

He will be talking about great hacks from history including his own! He will talk about his journey in security and how security has evolved over the years, his theories on security going into the future and how to stay flexible in reference to new platforms and attack vectors. He will discuss all the avenues security can bring an up and coming Hacker career wise as well!\n

\n\n\'',NULL,367184),('2_Friday','11','11:00','11:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Cyber Hygiene: Security Awareness Training and Education\'','\'Dontae Tyler\'','BICV_75fc8598ebe6c4f9dc07fddab56f10a9','\'Title: Cyber Hygiene: Security Awareness Training and Education
\nWhen: Friday, Aug 11, 11:00 - 11:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:Dontae Tyler\n
\nA community college drop-out born in Southeast Washington DC but by way of Prince Georges County, Dontae Tyler believes that success in the tech industry does not have to be traditional. With over 9 years of experience in IT, supporting various federal agencies Dontae has begun to distinguish himself as a premier advocate for GRC, Data Privacy and Security Awareness Training. He currently holds several certifications including CISM, CDSPE, CEH, SEC+. Dontae\'s unconventional cyber awareness training and education teaching methods seek to educate the everyday user and challenge the most experienced tech professionals on the evolving cyber threats.
\n\n
\nDescription:
\nDontae Tyler developed a security awareness training called Cyber Hygiene after getting tired of sitting through boring cyber security awareness videos that were not effective. After conducting his own research, He was able to come to the conclusion that the annual security training of the past was not as effective in remediating issues related to non-technical people utilizing interconnected devices and systems to complete their work. In his training he plans to equip end users with simple yet effective mitigation strategies and tools to reduce risk to acceptable levels.\n
\n\n\'',NULL,367185),('2_Friday','13','13:00','13:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Artificial Intelligence and Race: Security or Surveillance?\'','\'Fatou Sankare\'','BICV_77fd9e8c5d969108bfb22c56fe2624e7','\'Title: Artificial Intelligence and Race: Security or Surveillance?
\nWhen: Friday, Aug 11, 13:00 - 13:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:Fatou Sankare\n
\nFatou Sankare graduated with a Bachelor of Arts in Political Science from Howard University and received her Master of Science in Cybersecurity at Fordham University. Fatou Sankare is currently a Doctoral Candidate in Cybersecurity at Marymount University.\n

Currently, Fatou is a government contractor working as a Cyber Crime Data Scientist. She is also an Assistant Professor of Cybersecurity and Director of the Cybersecurity Labs at Capitol Technology University.\n

Fatou is also the founder of Datacation LLC — with a mission to increase cyber education particularly in low-income neighborhoods. Fatou is a Certified Ethical Hacker and currently holds the AWS Machine Learning Specialty Certification.\n

\n\n
\nDescription:
\nToday, with the advancement of technology, investigative searches are not only physical but also digital. With electronic devices such as cellphones and computers no longer being considered a luxury device but an essential device, law enforcement is now relying on evidence extracted from these items in criminal investigations. Digital devices contain massive amounts of data that can be useful in not only criminal matters but national security-related instances as well. The problem is that the data on these devices contain information that may be deemed private to citizens. Law enforcement has been using the Fourth Amendment to justify their use of digital evidence. However, the Fourth Amendment does not explicitly factor in digital evidence. The policies are not up to date with the procedures used by law enforcement, and citizens may be paying for it through the invasion of privacy. With the increased use of artificial intelligence, the biggest question becomes is it security or surveillance, and which communities are negatively impacted or targeted?\n
\n\n\'',NULL,367186),('2_Friday','15','15:00','15:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Career Workshop: New Career Seekers In Cybersecurity\'','\'Keith Chapman\'','BICV_a351b3c8ca5562bd782adda035575b4e','\'Title: Career Workshop: New Career Seekers In Cybersecurity
\nWhen: Friday, Aug 11, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:Keith Chapman\n
\nKeith Chapman is a former school teacher and has been a cybersecurity professional for the better part of a decade. He is currently a manager of U.S. Bank\'s global security operations center and is a reservist and emergency cyber responder for the state of Ohio as a member of the Ohio Cyber Reserve, a team of trained civilians which assists municipalities with cybersecurity vulnerabilities and fosters workforce development efforts within the state. He also participates in other cyber workforce development initiatives, including his work with Dayton Equity and Ohio high schools.
\n\n
\nDescription:
\nCybersecurity is a new collar job where college and/or university is optional and there are alternate methods of getting the training and development for entry level roles such as workshops, bootcamps, online courses and a wealth of cybersecurity focused certifications and certificates. Career seekers from other fields can \n

This workshop is for individuals that are involved in or initiating cyber workforce development programs. It involves best practices and techniques for managing an effective and sustainable program.\n

\n\n\'',NULL,367187),('3_Saturday','11','11:00','11:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'General-purpose Languages: What Are Your Habits?\'','\'D.J. Davis\'','BICV_1b999bd7df4c5efbcefc8303d4ef675a','\'Title: General-purpose Languages: What Are Your Habits?
\nWhen: Saturday, Aug 12, 11:00 - 11:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:D.J. Davis\n
\nD.J. Davis is a Washington DC-based practitioner in information security. His background spans across IT Operations, Development, designing Wide-area networks for WorldCom, and supporting high-redundancy high-performance Linux systems. D.J. has a keen interest in what happens in computer languages down to the Assembly level.
\n\n
\nDescription:
\nThe software language we choose to use has a profound effect on the behavior of a program. Sometimes we reflexively pick a language based on the genre. But some languages are more prone to success in some circumstances and surprises in other cases. Surprises lead to certain types of bugs. Some bugs are vulnerabilities.\n

Whether we are learning a new language as a newcomer to hacking or as a seasoned pro, the behaviors of a language can make the difference between a fun time or frustration. Every language has \"\"gotchas\"\". We explore a variety of behaviors and a few beginners\' level \"gotchas\" in popular languages.\n

We examine and compare several current languages. There are some basic instructions to get started in running an initial program. Lastly, we explore a few ideas that allow us to craft a future of fewer bugs and vulnerabilities.\n

There are only a few prerequisites to this talk. It is helpful that you have viewed a program source code listing before, that you have an awareness of Compiled programs versus Interpreted programs, and you have a general awareness of using variables in a program.\n

\n\n\'',NULL,367188),('3_Saturday','13','13:00','13:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Why don\'t we have Internet, Daddy?\'','\'Jess Hoffman\'','BICV_2f0ab3667aee53a0cdd34b5f6ca8a5a9','\'Title: Why don\'t we have Internet, Daddy?
\nWhen: Saturday, Aug 12, 13:00 - 13:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:Jess Hoffman\n
\nJessica Hoffman, CISSP, has almost 20 years of IT experience and 15 years in cybersecurity in both the public and private sectors. She has taught cybersecurity classes at Harrisburg University and Penn State and is a national speaker on cyber topics as well as diversity, equity, and inclusion in the workplace. Jessica is a graduate of Bloomsburg University of PA and currently serves as the Deputy Chief Information Security Officer (“CISO”) for the City of Philadelphia. She is also one of the founding members of the BIC Mentorship program and forever supporter of the BIC community!
\n\n
\nDescription:
\nDid you know that TODAY there are 150 neighborhoods in Philadelphia that DO NOT HAVE INTERNET ACCESS?!?! \n

Let\'s talk about why there is such a huge Digital divide between POC\'s and everyone else -- How historically blacks haven’t had access to the same technology that middle and upper class white families did. \n

Hence another reason to explain the generational wealth gap, technological restrictions in access, exposure, understanding, and the low percentage of representation in the industry. Let\'s talk about it!\n

\n\n\'',NULL,367189),('3_Saturday','15','15:00','15:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'Unveiling My Journey to My First CVE: A Tale of Discovery and Achievement\'','\'Gaspard Baye\'','BICV_24771115998fc37974154c835aaec075','\'Title: Unveiling My Journey to My First CVE: A Tale of Discovery and Achievement
\nWhen: Saturday, Aug 12, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:Gaspard Baye\n
\nGaspard Baye, a doctoral student and research assistant at the University of Massachusetts Dartmouth Cybersecurity Center, is a prominent figure in cybersecurity with expertise in vulnerability identification and security. With certifications like OSCP and CEH, Gaspard\'s leadership as an OWASP AppSec Global Reviewer and experience securing software applications and fintech/banking infrastructures highlights their capabilities. He also actively contribute to FOSS projects and advocate for cybersecurity awareness, training professionals globally and driving innovation in the industry.
\n\n
\nDescription:
\nIn this captivating talk, I will share my personal journey of obtaining my first CVE (Common Vulnerabilities and Exposures) identification. I will take you through the thrilling experience of finding a security vulnerability, navigating the responsible disclosure process, and the ultimate achievement of receiving a CVE identifier.\n

During my talk, I will discuss the challenges I faced during my research, highlighting the technical skills and methodologies I employed to identify the vulnerability. I will delve into the intricacies of responsible disclosure, including engaging with vendors, coordinating patches, and collaborating with the security community.\n

Furthermore, I will reflect on the significance of receiving a CVE and how it has impacted my career and professional development. By attending my talk, you will gain insights into the rewards and growth opportunities that come with contributing to the cybersecurity community.\n

Join me for an inspiring journey as I share my experiences, provide valuable insights into obtaining a CVE, and showcase the personal and professional achievements it can bring.\n

\n\n\'',NULL,367190),('3_Saturday','16','16:00','16:50','N','BICV','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','\'BIC Village Closing Keynote\'','\'Kevin Roberts\'','BICV_175bea5a5501707e16a4da341dcb8240','\'Title: BIC Village Closing Keynote
\nWhen: Saturday, Aug 12, 16:00 - 16:50 PDT
\nWhere: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
\n
SpeakerBio:Kevin Roberts\n
\nKevin is a Social Media Personality who is dedicated to Technology Tips, Tricks, and Information Security Awareness!\n

He has a focus on making content that caters to both the tech-savvy and those just starting their journey into tech. Topics he goes over include: Internet Safety, Privacy, and Educational Cybersecurity content.\n

He has a growing community in Discord, called OWLsec. Currently they have over 17,000 members with a diversity of backgrounds. He boasts an inclusive community where \"leaving egos at the door\" and \"understanding we all started somewhere\" are the main focal points of their community growth.\n

\n\n
\nDescription:
\nJoin me as I share my tech journey!\n

I will share a brief insight of my origin, what sparked my interest in technology and the path that led me to where I am today! I\'ll reveal some of the exciting hacks and experiences I\'ve had with friends along the way. I\'ll take you behind the scenes, sharing where and how I spend countless hours connecting and learning about Cybersecurity.\n

I will also share my exciting growing community \"OWLsec\", which came to life with the help of amazing individuals!\n

\n\n\'',NULL,367191),('2_Friday','11','11:00','12:30','N','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Workshop\'','\'Leigh-Anne Galloway\'','PYV_de45465358e31fc6f70df164bb3019b6','\'Title: Payment Village Workshop
\nWhen: Friday, Aug 11, 11:00 - 12:30 PDT
\nWhere: Flamingo - Virginia City - Payment Village - Map
\n
SpeakerBio:Leigh-Anne Galloway\n
\nNo BIO available
\nTwitter: @@L_Agalloway
\n\n
\nDescription:
\nWe have a simple mission, educate the world about payments. We all interact with payment technologies every day, yet how much do we know about them? This is a beginner\'s course in card payments. This workshop is also helpful for anyone who tries to solve our CTF.\n
\n\n\'',NULL,367192),('2_Friday','12','11:00','12:30','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Workshop\'','\'Leigh-Anne Galloway\'','PYV_de45465358e31fc6f70df164bb3019b6','\'\'',NULL,367193),('3_Saturday','11','11:00','12:30','N','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Workshop\'','\'Leigh-Anne Galloway\'','PYV_cc44085618ecfec900894600d738dd58','\'Title: Payment Village Workshop
\nWhen: Saturday, Aug 12, 11:00 - 12:30 PDT
\nWhere: Flamingo - Virginia City - Payment Village - Map
\n
SpeakerBio:Leigh-Anne Galloway\n
\nNo BIO available
\nTwitter: @@L_Agalloway
\n\n
\nDescription:
\nWe have a simple mission, educate the world about payments. We all interact with payment technologies every day, yet how much do we know about them? This is a beginner\'s course in card payments. This workshop is also helpful for anyone who tries to solve our CTF.\n
\n\n\'',NULL,367194),('3_Saturday','12','11:00','12:30','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Workshop\'','\'Leigh-Anne Galloway\'','PYV_cc44085618ecfec900894600d738dd58','\'\'',NULL,367195),('3_Saturday','11','11:00','17:59','N','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_451cf6c6f7518ee447839c64bf94832a','\'Title: Payment Village Challenges/CTF
\nWhen: Saturday, Aug 12, 11:00 - 17:59 PDT
\nWhere: Flamingo - Virginia City - Payment Village - Map
\n
\nDescription:
\nWe have three challenges this year!\n
    \n
  1. A CTF for which there is no equipment is required.
  2. Card Hacking Challenge for which you will need an Android phone with NFC and a special Card Hacking Challenge card (grab one on the booth):
  3. Easter egg hunt. Use your brain!
\n

We have a tonne of cool prizes to be won, such as custom mugs, numbered challenge coins with atc numbers, key rings, embroidered patches and more!\n

\n\n\'',NULL,367196),('3_Saturday','12','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_451cf6c6f7518ee447839c64bf94832a','\'\'',NULL,367197),('3_Saturday','13','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_451cf6c6f7518ee447839c64bf94832a','\'\'',NULL,367198),('3_Saturday','14','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_451cf6c6f7518ee447839c64bf94832a','\'\'',NULL,367199),('3_Saturday','15','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_451cf6c6f7518ee447839c64bf94832a','\'\'',NULL,367200),('3_Saturday','16','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_451cf6c6f7518ee447839c64bf94832a','\'\'',NULL,367201),('3_Saturday','17','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_451cf6c6f7518ee447839c64bf94832a','\'\'',NULL,367202),('2_Friday','11','11:00','17:59','N','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_a701f257d6d40090ac0a96607ff5f2a3','\'Title: Payment Village Challenges/CTF
\nWhen: Friday, Aug 11, 11:00 - 17:59 PDT
\nWhere: Flamingo - Virginia City - Payment Village - Map
\n
\nDescription:
\nWe have three challenges this year!\n
    \n
  1. A CTF for which there is no equipment is required.
  2. Card Hacking Challenge for which you will need an Android phone with NFC and a special Card Hacking Challenge card (grab one on the booth):
  3. Easter egg hunt. Use your brain!
\n

We have a tonne of cool prizes to be won, such as custom mugs, numbered challenge coins with atc numbers, key rings, embroidered patches and more!\n

\n\n\'',NULL,367203),('2_Friday','12','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_a701f257d6d40090ac0a96607ff5f2a3','\'\'',NULL,367204),('2_Friday','13','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_a701f257d6d40090ac0a96607ff5f2a3','\'\'',NULL,367205),('2_Friday','14','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_a701f257d6d40090ac0a96607ff5f2a3','\'\'',NULL,367206),('2_Friday','15','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_a701f257d6d40090ac0a96607ff5f2a3','\'\'',NULL,367207),('2_Friday','16','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_a701f257d6d40090ac0a96607ff5f2a3','\'\'',NULL,367208),('2_Friday','17','11:00','17:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_a701f257d6d40090ac0a96607ff5f2a3','\'\'',NULL,367209),('4_Sunday','10','10:00','13:59','N','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_4517859173a7d0f39fbb81d94093985f','\'Title: Payment Village Challenges/CTF
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Flamingo - Virginia City - Payment Village - Map
\n
\nDescription:
\nWe have three challenges this year!\n
    \n
  1. A CTF for which there is no equipment is required.
  2. Card Hacking Challenge for which you will need an Android phone with NFC and a special Card Hacking Challenge card (grab one on the booth):
  3. Easter egg hunt. Use your brain!
\n

We have a tonne of cool prizes to be won, such as custom mugs, numbered challenge coins with atc numbers, key rings, embroidered patches and more!\n

\n\n\'',NULL,367210),('4_Sunday','11','10:00','13:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_4517859173a7d0f39fbb81d94093985f','\'\'',NULL,367211),('4_Sunday','12','10:00','13:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_4517859173a7d0f39fbb81d94093985f','\'\'',NULL,367212),('4_Sunday','13','10:00','13:59','Y','PYV','Flamingo - Virginia City - Payment Village','\'Payment Village Challenges/CTF\'','\' \'','PYV_4517859173a7d0f39fbb81d94093985f','\'\'',NULL,367213),('4_Sunday','10','10:00','13:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_a427bd270168b0987af4672c4ed921af','\'Title: IoT Village Hacking Playground
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nIoT Village Hacking Playground: The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Whether you\'re a penetration tester that has never hacked IoT devices, or even someone that has never hacked anything, these self-guided labs will introduce the audience to the world of IoT and the security issues that can plague these devices. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n
\n\n\'',NULL,367214),('4_Sunday','11','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_a427bd270168b0987af4672c4ed921af','\'\'',NULL,367215),('4_Sunday','12','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_a427bd270168b0987af4672c4ed921af','\'\'',NULL,367216),('4_Sunday','13','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_a427bd270168b0987af4672c4ed921af','\'\'',NULL,367217),('3_Saturday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83','\'Title: IoT Village Hacking Playground
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nIoT Village Hacking Playground: The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Whether you\'re a penetration tester that has never hacked IoT devices, or even someone that has never hacked anything, these self-guided labs will introduce the audience to the world of IoT and the security issues that can plague these devices. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n
\n\n\'',NULL,367218),('3_Saturday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83','\'\'',NULL,367219),('3_Saturday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83','\'\'',NULL,367220),('3_Saturday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83','\'\'',NULL,367221),('3_Saturday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83','\'\'',NULL,367222),('3_Saturday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83','\'\'',NULL,367223),('3_Saturday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83','\'\'',NULL,367224),('3_Saturday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83','\'\'',NULL,367225),('2_Friday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f','\'Title: IoT Village Hacking Playground
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nIoT Village Hacking Playground: The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Whether you\'re a penetration tester that has never hacked IoT devices, or even someone that has never hacked anything, these self-guided labs will introduce the audience to the world of IoT and the security issues that can plague these devices. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.\n
\n\n\'',NULL,367226),('2_Friday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f','\'\'',NULL,367227),('2_Friday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f','\'\'',NULL,367228),('2_Friday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f','\'\'',NULL,367229),('2_Friday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f','\'\'',NULL,367230),('2_Friday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f','\'\'',NULL,367231),('2_Friday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f','\'\'',NULL,367232),('2_Friday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hacking Playground\'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f','\'\'',NULL,367233),('4_Sunday','10','10:00','13:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_0181efbf9e2a9b79532e12d25c1aa3f4','\'Title: Critical Infrastructure & IoT Exploitation
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nJoin for hands-on content and labs exploiting critical IoT and network infrastructure. Participate in initial public disclosure of new vulnerabilities with our team of experts, explore the 0-day development process, and power up your reverse engineering skills by \"living off the land\" like a pro using simple, free tools!Want to hack an Emergency Alert System unit, extract network traffic from recycled phone systems & routers, or exploit security controls in firewalls & proxies?\n

Bring a laptop, your favorite intercepting proxy, and a lot of caffeine.\n

\n\n\'',NULL,367234),('4_Sunday','11','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_0181efbf9e2a9b79532e12d25c1aa3f4','\'\'',NULL,367235),('4_Sunday','12','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_0181efbf9e2a9b79532e12d25c1aa3f4','\'\'',NULL,367236),('4_Sunday','13','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_0181efbf9e2a9b79532e12d25c1aa3f4','\'\'',NULL,367237),('3_Saturday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202','\'Title: Critical Infrastructure & IoT Exploitation
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nJoin for hands-on content and labs exploiting critical IoT and network infrastructure. Participate in initial public disclosure of new vulnerabilities with our team of experts, explore the 0-day development process, and power up your reverse engineering skills by \"living off the land\" like a pro using simple, free tools!Want to hack an Emergency Alert System unit, extract network traffic from recycled phone systems & routers, or exploit security controls in firewalls & proxies?\n

Bring a laptop, your favorite intercepting proxy, and a lot of caffeine.\n

\n\n\'',NULL,367238),('3_Saturday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202','\'\'',NULL,367239),('3_Saturday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202','\'\'',NULL,367240),('3_Saturday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202','\'\'',NULL,367241),('3_Saturday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202','\'\'',NULL,367242),('3_Saturday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202','\'\'',NULL,367243),('3_Saturday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202','\'\'',NULL,367244),('3_Saturday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202','\'\'',NULL,367245),('2_Friday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681','\'Title: Critical Infrastructure & IoT Exploitation
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nJoin for hands-on content and labs exploiting critical IoT and network infrastructure. Participate in initial public disclosure of new vulnerabilities with our team of experts, explore the 0-day development process, and power up your reverse engineering skills by \"living off the land\" like a pro using simple, free tools!Want to hack an Emergency Alert System unit, extract network traffic from recycled phone systems & routers, or exploit security controls in firewalls & proxies?\n

Bring a laptop, your favorite intercepting proxy, and a lot of caffeine.\n

\n\n\'',NULL,367246),('2_Friday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681','\'\'',NULL,367247),('2_Friday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681','\'\'',NULL,367248),('2_Friday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681','\'\'',NULL,367249),('2_Friday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681','\'\'',NULL,367250),('2_Friday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681','\'\'',NULL,367251),('2_Friday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681','\'\'',NULL,367252),('2_Friday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Critical Infrastructure & IoT Exploitation\'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681','\'\'',NULL,367253),('3_Saturday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35','\'Title: Secure or Surrender
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nTake Control of Your xIoT Don your white coat, and step into the Mobile xIoT Security Lab at IoT Village during DefCon 31 for a hands-on experience allowing you to Find, Fix, and Monitor an array of IoT, OT, IIoT, and IoMT devices. Brace yourself for the thrill of controlling real-world devices with known CVEs and safely automating fixes. Accompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. And for the cherry on top, be among the first 100 attendees to receive an exclusive, limited edition \"Secure Your Things\" T-shirt as a token of our appreciation.\n
\n\n\'',NULL,367254),('3_Saturday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35','\'\'',NULL,367255),('3_Saturday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35','\'\'',NULL,367256),('3_Saturday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35','\'\'',NULL,367257),('3_Saturday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35','\'\'',NULL,367258),('3_Saturday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35','\'\'',NULL,367259),('3_Saturday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35','\'\'',NULL,367260),('3_Saturday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35','\'\'',NULL,367261),('4_Sunday','10','10:00','13:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_ac4a16679e89df2e501ece7ac30dd3fd','\'Title: Secure or Surrender
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nTake Control of Your xIoT Don your white coat, and step into the Mobile xIoT Security Lab at IoT Village during DefCon 31 for a hands-on experience allowing you to Find, Fix, and Monitor an array of IoT, OT, IIoT, and IoMT devices. Brace yourself for the thrill of controlling real-world devices with known CVEs and safely automating fixes. Accompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. And for the cherry on top, be among the first 100 attendees to receive an exclusive, limited edition \"Secure Your Things\" T-shirt as a token of our appreciation.\n
\n\n\'',NULL,367262),('4_Sunday','11','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_ac4a16679e89df2e501ece7ac30dd3fd','\'\'',NULL,367263),('4_Sunday','12','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_ac4a16679e89df2e501ece7ac30dd3fd','\'\'',NULL,367264),('4_Sunday','13','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_ac4a16679e89df2e501ece7ac30dd3fd','\'\'',NULL,367265),('2_Friday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31','\'Title: Secure or Surrender
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nTake Control of Your xIoT Don your white coat, and step into the Mobile xIoT Security Lab at IoT Village during DefCon 31 for a hands-on experience allowing you to Find, Fix, and Monitor an array of IoT, OT, IIoT, and IoMT devices. Brace yourself for the thrill of controlling real-world devices with known CVEs and safely automating fixes. Accompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. And for the cherry on top, be among the first 100 attendees to receive an exclusive, limited edition \"Secure Your Things\" T-shirt as a token of our appreciation.\n
\n\n\'',NULL,367266),('2_Friday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31','\'\'',NULL,367267),('2_Friday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31','\'\'',NULL,367268),('2_Friday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31','\'\'',NULL,367269),('2_Friday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31','\'\'',NULL,367270),('2_Friday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31','\'\'',NULL,367271),('2_Friday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31','\'\'',NULL,367272),('2_Friday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Secure or Surrender\'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31','\'\'',NULL,367273),('3_Saturday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_078477962be0677fe42ffc11f4073344','\'Title: The IoT Kill Zone
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nBluetooth Hacking: Hands-on exercises provide insights into powerful Bluetooth, WiFi, and IoT Security Assessment tools to unleash your hacking potential. Talk with security researchers on Bluetooth, WiFi, and 5G research; learn about firmware analysis and fuzzing. Walk away knowing the tools and lab equipment you need to perform IoT research.\n
\n\n\'',NULL,367274),('3_Saturday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_078477962be0677fe42ffc11f4073344','\'\'',NULL,367275),('3_Saturday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_078477962be0677fe42ffc11f4073344','\'\'',NULL,367276),('3_Saturday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_078477962be0677fe42ffc11f4073344','\'\'',NULL,367277),('3_Saturday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_078477962be0677fe42ffc11f4073344','\'\'',NULL,367278),('3_Saturday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_078477962be0677fe42ffc11f4073344','\'\'',NULL,367279),('3_Saturday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_078477962be0677fe42ffc11f4073344','\'\'',NULL,367280),('3_Saturday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_078477962be0677fe42ffc11f4073344','\'\'',NULL,367281),('4_Sunday','10','10:00','13:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_541682ef66a133920307650e5bf34fb4','\'Title: The IoT Kill Zone
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nBluetooth Hacking: Hands-on exercises provide insights into powerful Bluetooth, WiFi, and IoT Security Assessment tools to unleash your hacking potential. Talk with security researchers on Bluetooth, WiFi, and 5G research; learn about firmware analysis and fuzzing. Walk away knowing the tools and lab equipment you need to perform IoT research.\n
\n\n\'',NULL,367282),('4_Sunday','11','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_541682ef66a133920307650e5bf34fb4','\'\'',NULL,367283),('4_Sunday','12','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_541682ef66a133920307650e5bf34fb4','\'\'',NULL,367284),('4_Sunday','13','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_541682ef66a133920307650e5bf34fb4','\'\'',NULL,367285),('2_Friday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1','\'Title: The IoT Kill Zone
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nBluetooth Hacking: Hands-on exercises provide insights into powerful Bluetooth, WiFi, and IoT Security Assessment tools to unleash your hacking potential. Talk with security researchers on Bluetooth, WiFi, and 5G research; learn about firmware analysis and fuzzing. Walk away knowing the tools and lab equipment you need to perform IoT research.\n
\n\n\'',NULL,367286),('2_Friday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1','\'\'',NULL,367287),('2_Friday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1','\'\'',NULL,367288),('2_Friday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1','\'\'',NULL,367289),('2_Friday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1','\'\'',NULL,367290),('2_Friday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1','\'\'',NULL,367291),('2_Friday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1','\'\'',NULL,367292),('2_Friday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'The IoT Kill Zone\'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1','\'\'',NULL,367293),('4_Sunday','10','10:00','13:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_0c366d6caad1823214cb080cab4d24d4','\'Title: IoT Village Hardware Hacking Exercises 2023
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nFrom Memory Manipulation to Root Access: In this year\'s exercises, we will be guiding the attendees through another multistep process to gain root access to a targeted IoT device via UART by first extracting the firmware to gain access to the root password and identifying memory offsets that allow attendees to alter U-Boot running memory to disable filters blocking needed changes to device boot environment variables. This series of exercises will cover steps including U-boot interaction, firmware extraction process, altering memory style attack, binwalk to extract cramfs filesystem, hexedit to identify memory offsets, and cracking of extracted password hashes.\n
\n\n\'',NULL,367294),('4_Sunday','11','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_0c366d6caad1823214cb080cab4d24d4','\'\'',NULL,367295),('4_Sunday','12','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_0c366d6caad1823214cb080cab4d24d4','\'\'',NULL,367296),('4_Sunday','13','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_0c366d6caad1823214cb080cab4d24d4','\'\'',NULL,367297),('2_Friday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0','\'Title: IoT Village Hardware Hacking Exercises 2023
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nFrom Memory Manipulation to Root Access: In this year\'s exercises, we will be guiding the attendees through another multistep process to gain root access to a targeted IoT device via UART by first extracting the firmware to gain access to the root password and identifying memory offsets that allow attendees to alter U-Boot running memory to disable filters blocking needed changes to device boot environment variables. This series of exercises will cover steps including U-boot interaction, firmware extraction process, altering memory style attack, binwalk to extract cramfs filesystem, hexedit to identify memory offsets, and cracking of extracted password hashes.\n
\n\n\'',NULL,367298),('2_Friday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0','\'\'',NULL,367299),('2_Friday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0','\'\'',NULL,367300),('2_Friday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0','\'\'',NULL,367301),('2_Friday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0','\'\'',NULL,367302),('2_Friday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0','\'\'',NULL,367303),('2_Friday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0','\'\'',NULL,367304),('2_Friday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0','\'\'',NULL,367305),('3_Saturday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_76314879236938389e10421eecfd4dc7','\'Title: IoT Village Hardware Hacking Exercises 2023
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nFrom Memory Manipulation to Root Access: In this year\'s exercises, we will be guiding the attendees through another multistep process to gain root access to a targeted IoT device via UART by first extracting the firmware to gain access to the root password and identifying memory offsets that allow attendees to alter U-Boot running memory to disable filters blocking needed changes to device boot environment variables. This series of exercises will cover steps including U-boot interaction, firmware extraction process, altering memory style attack, binwalk to extract cramfs filesystem, hexedit to identify memory offsets, and cracking of extracted password hashes.\n
\n\n\'',NULL,367306),('3_Saturday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_76314879236938389e10421eecfd4dc7','\'\'',NULL,367307),('3_Saturday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_76314879236938389e10421eecfd4dc7','\'\'',NULL,367308),('3_Saturday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_76314879236938389e10421eecfd4dc7','\'\'',NULL,367309),('3_Saturday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_76314879236938389e10421eecfd4dc7','\'\'',NULL,367310),('3_Saturday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_76314879236938389e10421eecfd4dc7','\'\'',NULL,367311),('3_Saturday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_76314879236938389e10421eecfd4dc7','\'\'',NULL,367312),('3_Saturday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village Hardware Hacking Exercises 2023\'','\' \'','IOTV_76314879236938389e10421eecfd4dc7','\'\'',NULL,367313),('2_Friday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986','\'Title: Embedded Device Security Workshops
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nEmbedded Device Security Workshops: two hands-on workshops showcasing common security vulnerabilities present in IoT/OT devices. These workshops will give you an opportunity to use a variety of device hacking tools and techniques to attack multiple components at varying layers of the stack, enabling a deeper understanding of device security.\n
\n\n\'',NULL,367314),('2_Friday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986','\'\'',NULL,367315),('2_Friday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986','\'\'',NULL,367316),('2_Friday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986','\'\'',NULL,367317),('2_Friday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986','\'\'',NULL,367318),('2_Friday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986','\'\'',NULL,367319),('2_Friday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986','\'\'',NULL,367320),('2_Friday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986','\'\'',NULL,367321),('4_Sunday','10','10:00','13:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_b585c67a2cbdf465ad1bac33c542208f','\'Title: Embedded Device Security Workshops
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nEmbedded Device Security Workshops: two hands-on workshops showcasing common security vulnerabilities present in IoT/OT devices. These workshops will give you an opportunity to use a variety of device hacking tools and techniques to attack multiple components at varying layers of the stack, enabling a deeper understanding of device security.\n
\n\n\'',NULL,367322),('4_Sunday','11','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_b585c67a2cbdf465ad1bac33c542208f','\'\'',NULL,367323),('4_Sunday','12','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_b585c67a2cbdf465ad1bac33c542208f','\'\'',NULL,367324),('4_Sunday','13','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_b585c67a2cbdf465ad1bac33c542208f','\'\'',NULL,367325),('3_Saturday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3','\'Title: Embedded Device Security Workshops
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nEmbedded Device Security Workshops: two hands-on workshops showcasing common security vulnerabilities present in IoT/OT devices. These workshops will give you an opportunity to use a variety of device hacking tools and techniques to attack multiple components at varying layers of the stack, enabling a deeper understanding of device security.\n
\n\n\'',NULL,367326),('3_Saturday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3','\'\'',NULL,367327),('3_Saturday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3','\'\'',NULL,367328),('3_Saturday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3','\'\'',NULL,367329),('3_Saturday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3','\'\'',NULL,367330),('3_Saturday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3','\'\'',NULL,367331),('3_Saturday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3','\'\'',NULL,367332),('3_Saturday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Embedded Device Security Workshops\'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3','\'\'',NULL,367333),('3_Saturday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be','\'Title: Perform Memory Extraction, Emulation and Shellcode
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nWant to put your MIPS shellcode skills to the test for a chance to win a prize? Learn to dump flash from our custom-built PCB that we use to teach our Hardware Hacking Workshop. Hone your dynamic analysis skills and exploit a WPS pin generation algorithm used in a popular Real Time Operating System.\n
\n\n\'',NULL,367334),('3_Saturday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be','\'\'',NULL,367335),('3_Saturday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be','\'\'',NULL,367336),('3_Saturday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be','\'\'',NULL,367337),('3_Saturday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be','\'\'',NULL,367338),('3_Saturday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be','\'\'',NULL,367339),('3_Saturday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be','\'\'',NULL,367340),('3_Saturday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be','\'\'',NULL,367341),('4_Sunday','10','10:00','13:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_733b290674acef421481f0daf04691b8','\'Title: Perform Memory Extraction, Emulation and Shellcode
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nWant to put your MIPS shellcode skills to the test for a chance to win a prize? Learn to dump flash from our custom-built PCB that we use to teach our Hardware Hacking Workshop. Hone your dynamic analysis skills and exploit a WPS pin generation algorithm used in a popular Real Time Operating System.\n
\n\n\'',NULL,367342),('4_Sunday','11','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_733b290674acef421481f0daf04691b8','\'\'',NULL,367343),('4_Sunday','12','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_733b290674acef421481f0daf04691b8','\'\'',NULL,367344),('4_Sunday','13','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_733b290674acef421481f0daf04691b8','\'\'',NULL,367345),('2_Friday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1','\'Title: Perform Memory Extraction, Emulation and Shellcode
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nWant to put your MIPS shellcode skills to the test for a chance to win a prize? Learn to dump flash from our custom-built PCB that we use to teach our Hardware Hacking Workshop. Hone your dynamic analysis skills and exploit a WPS pin generation algorithm used in a popular Real Time Operating System.\n
\n\n\'',NULL,367346),('2_Friday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1','\'\'',NULL,367347),('2_Friday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1','\'\'',NULL,367348),('2_Friday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1','\'\'',NULL,367349),('2_Friday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1','\'\'',NULL,367350),('2_Friday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1','\'\'',NULL,367351),('2_Friday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1','\'\'',NULL,367352),('2_Friday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Perform Memory Extraction, Emulation and Shellcode\'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1','\'\'',NULL,367353),('4_Sunday','10','10:00','13:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_38d78e204a018c6bca9ca0a8916541e9','\'Title: Hardware Hacking Your Kitchen
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nHardware Hacking Your Kitchen: bug bounty is back! Join us for the opportunity to live hack into some of the most popular home kitchen devices, right in the IoT Village!\n
\n\n\'',NULL,367354),('4_Sunday','11','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_38d78e204a018c6bca9ca0a8916541e9','\'\'',NULL,367355),('4_Sunday','12','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_38d78e204a018c6bca9ca0a8916541e9','\'\'',NULL,367356),('4_Sunday','13','10:00','13:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_38d78e204a018c6bca9ca0a8916541e9','\'\'',NULL,367357),('2_Friday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b','\'Title: Hardware Hacking Your Kitchen
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nHardware Hacking Your Kitchen: bug bounty is back! Join us for the opportunity to live hack into some of the most popular home kitchen devices, right in the IoT Village!\n
\n\n\'',NULL,367358),('2_Friday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b','\'\'',NULL,367359),('2_Friday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b','\'\'',NULL,367360),('2_Friday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b','\'\'',NULL,367361),('2_Friday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b','\'\'',NULL,367362),('2_Friday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b','\'\'',NULL,367363),('2_Friday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b','\'\'',NULL,367364),('2_Friday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b','\'\'',NULL,367365),('3_Saturday','10','10:00','17:59','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41','\'Title: Hardware Hacking Your Kitchen
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nHardware Hacking Your Kitchen: bug bounty is back! Join us for the opportunity to live hack into some of the most popular home kitchen devices, right in the IoT Village!\n
\n\n\'',NULL,367366),('3_Saturday','11','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41','\'\'',NULL,367367),('3_Saturday','12','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41','\'\'',NULL,367368),('3_Saturday','13','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41','\'\'',NULL,367369),('3_Saturday','14','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41','\'\'',NULL,367370),('3_Saturday','15','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41','\'\'',NULL,367371),('3_Saturday','16','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41','\'\'',NULL,367372),('3_Saturday','17','10:00','17:59','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'Hardware Hacking Your Kitchen\'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41','\'\'',NULL,367373),('2_Friday','15','15:30','16:29','N','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village - Free Book Signing with author Ted Harrington\'','\' \'','IOTV_3ca09cda55c49dd28d16929620ed523a','\'Title: IoT Village - Free Book Signing with author Ted Harrington
\nWhen: Friday, Aug 11, 15:30 - 16:29 PDT
\nWhere: Caesars Forum - Alliance - 307-310 - IOT Village - Map
\n
\nDescription:
\nFree Book Signing with author Ted Harrington of the #1 bestseller, Hackable. This is a free event. Attendees will receive the book on a first come, first serve basis. We recommend arriving at least 30 minutes early.\n
\n\n\'',NULL,367374),('2_Friday','16','15:30','16:29','Y','IOTV','Caesars Forum - Alliance - 307-310 - IOT Village','\'IoT Village - Free Book Signing with author Ted Harrington\'','\' \'','IOTV_3ca09cda55c49dd28d16929620ed523a','\'\'',NULL,367375),('2_Friday','10','10:00','10:05','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'CPV Welcome - Day 1\'','\'CPV Staff\'','CPV_345d8e5fa9466908dab5715b93e545bd','\'Title: CPV Welcome - Day 1
\nWhen: Friday, Aug 11, 10:00 - 10:05 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367376),('2_Friday','11','11:00','11:30','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Certs Fucking Suck, So We Made a Cert: DISCO for Bodily Autonomy\'','\'Blunt,Daly\'','CPV_b881903a77db4a5dbb51873a80b2bb76','\'Title: Certs Fucking Suck, So We Made a Cert: DISCO for Bodily Autonomy
\nWhen: Friday, Aug 11, 11:00 - 11:30 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:Blunt,Daly
\n
SpeakerBio:Blunt\n
\nNo BIO available
\n
SpeakerBio:Daly\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367377),('2_Friday','13','13:00','13:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Attacking Decentralized Identity\'','\'Brent Zundel,Gabe Cohen\'','CPV_37d06cd663817a0bbf3515412399a05e','\'Title: Attacking Decentralized Identity
\nWhen: Friday, Aug 11, 13:00 - 13:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:Brent Zundel,Gabe Cohen
\n
SpeakerBio:Brent Zundel\n
\nNo BIO available
\n
SpeakerBio:Gabe Cohen\n
\nNo BIO available
\n\n
\nDescription:
\nDecentralized identity systems based on W3C Decentralized Identifiers and Verifiable Credentials are becoming increasingly popular for their promises of improved security, privacy, and user control in identity management. Impactful deployments are coming: from the US DHS for worker authorization and soon passports, multiple DMVs for driver\'s licenses, the EU for university degree credentials, and much more in both public and private sectors. However, as with any technology, these systems are not immune to vulnerabilities and attacks, both on the ideologies of decentralization and self-sovereignty and vulnerabilities in implemented systems.\n

In this talk, we will examine different types of vulnerabilities in the SSI space, walk through examples of potential attacks, and discuss the potential consequences of the technology. Additionally, we will explore potential solutions to mitigate the risks associated with these vulnerabilities. We will discuss best practices for trust, cryptographic techniques, and security protocols that one can use in decentralized identity systems.\n

\n\n\'',NULL,367378),('2_Friday','14','14:00','14:30','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Climate Change and its Implications for Security and Privacy: An Uncharted Territory\'','\'Chloé Messdaghi\'','CPV_9ee16a9fbc93772a4475c50bd6438575','\'Title: Climate Change and its Implications for Security and Privacy: An Uncharted Territory
\nWhen: Friday, Aug 11, 14:00 - 14:30 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:Chloé Messdaghi\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367379),('2_Friday','15','15:00','15:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Privacy of Web PKI Revocation\'','\'Matthew McPherrin\'','CPV_29b510c1b228d58a7011b0d866706342','\'Title: Privacy of Web PKI Revocation
\nWhen: Friday, Aug 11, 15:00 - 15:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:Matthew McPherrin\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367380),('2_Friday','17','17:00','17:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Spoofing certificates with MD5 collisions - party like it\'s 2008!\'','\'Tomer,Yoni\'','CPV_16868d534324b9ec2dbac62daf5adae4','\'Title: Spoofing certificates with MD5 collisions - party like it\'s 2008!
\nWhen: Friday, Aug 11, 17:00 - 17:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:Tomer,Yoni
\n
SpeakerBio:Tomer\n
\nNo BIO available
\n
SpeakerBio:Yoni\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367381),('2_Friday','16','16:00','16:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Cicada 3301: An Exploration of the Cryptographic Enigma\'','\'Artorias,Puck,Taiiwo,TheClockworkBird\'','CPV_3194d240f2bed0b5ed95be64a5311278','\'Title: Cicada 3301: An Exploration of the Cryptographic Enigma
\nWhen: Friday, Aug 11, 16:00 - 16:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:Artorias,Puck,Taiiwo,TheClockworkBird
\n
SpeakerBio:Artorias\n
\nArtorias is the creator of CicadaSolvers.com, co-host of the CicadaCast podcast, and moderator of r/cicada and the CicadaSolvers discord. Well-versed in the complex history of the Cicada 3301 puzzles, he labors both to document the mystery of Cicada 3301, and to unravel the labyrinth of its interconnected topics.
\n
SpeakerBio:Puck\n
\nPuck is a 19-year-old rising junior computer science major and Cicada 3301 puzzle enthusiast. He has been involved in the community for four years, finding inspiration to pursue cryptography and cybersecurity. Puck has focused his work on promoting community solving efforts, mainly in the form of innovative events.
\n
SpeakerBio:Taiiwo\n
\nTaiiwo, a CicadaSolvers founding member, with a background in software development, sees the community\'s work as an example for the future of problem-solving. With a pragmatic, and sceptical approach to the puzzle, he aims to preserve the community so that it can continue to impact the lives of others as immensely as it did for him.
\n
SpeakerBio:TheClockworkBird\n
\nTheClockworkBird With a background in anthropology and teaching, TheClockworkBird creates collaborative spaces where people of all skill levels and interests can engage with the puzzle. He has gained a multifaceted understanding of Cicada’s impact on the individual, and the impacts of collaborative puzzle solving on the growth of privacy awareness.
\n\n
\nDescription:No Description available
\n\'',NULL,367382),('3_Saturday','12','12:00','12:59','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Ten Years of CPV - The Gold Bug Challenge\'','\'CPV Staff,Gold Bug Challenge Team\'','CPV_957df172399a92f8e5a54ff3becfea6e','\'Title: Ten Years of CPV - The Gold Bug Challenge
\nWhen: Saturday, Aug 12, 12:00 - 12:59 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:CPV Staff,Gold Bug Challenge Team
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n
SpeakerBio:Gold Bug Challenge Team\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367383),('3_Saturday','10','10:00','10:05','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'CPV Welcome - Day 2\'','\'CPV Staff\'','CPV_25de84ef1728268cb91edce1b53f8b73','\'Title: CPV Welcome - Day 2
\nWhen: Saturday, Aug 12, 10:00 - 10:05 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367384),('3_Saturday','11','11:00','11:59','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Ten Years of CPV - Program Committees\'','\'CPV Program Committees,CPV Staff\'','CPV_3feeaf8a8538a324cead670ac4d5f8f4','\'Title: Ten Years of CPV - Program Committees
\nWhen: Saturday, Aug 12, 11:00 - 11:59 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:CPV Program Committees,CPV Staff
\n
SpeakerBio:CPV Program Committees\n
\nNo BIO available
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367385),('3_Saturday','13','13:00','13:30','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Is 2023 the Year of Privacy: How History and States are Posed to Change Privacy?\'','\'Anthony Hendricks\'','CPV_deeadf9c91cfba749f2a7393526a7bab','\'Title: Is 2023 the Year of Privacy: How History and States are Posed to Change Privacy?
\nWhen: Saturday, Aug 12, 13:00 - 13:30 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:Anthony Hendricks\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367386),('3_Saturday','14','14:00','14:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Exploring the Impact of PQC on Cryptographic Key Management\'','\'Deirdre Connolly,James Howe,Mark Carney,Ryan Hurst,Sandra Guasch Castello,Sofi Celi\'','CPV_b4f248224cddfd73a1a17c9e77ecec55','\'Title: Exploring the Impact of PQC on Cryptographic Key Management
\nWhen: Saturday, Aug 12, 14:00 - 14:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:Deirdre Connolly,James Howe,Mark Carney,Ryan Hurst,Sandra Guasch Castello,Sofi Celi
\n
SpeakerBio:Deirdre Connolly\n
\nNo BIO available
\n
SpeakerBio:James Howe\n
\nNo BIO available
\n
SpeakerBio:Mark Carney\n
\nNo BIO available
\n
SpeakerBio:Ryan Hurst\n
\nNo BIO available
\n
SpeakerBio:Sandra Guasch Castello\n
\nNo BIO available
\n
SpeakerBio:Sofi Celi\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367387),('3_Saturday','15','15:00','15:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Cryptosploit Workshop\'','\'Matt Cheung\'','CPV_e905be39538c8d57abfce7e4421d7653','\'Title: Cryptosploit Workshop
\nWhen: Saturday, Aug 12, 15:00 - 15:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:Matt Cheung\n
\nMatt Cheung started developing his interest in cryptography during an internship in 2011. He worked on implementation of a secure multi-party protocol by adding elliptic curve support to an existing secure text pattern matching protocol. Implementation weaknesses were not a priority and this concerned Matt. This concern prompted him to learn about cryptographic attacks from Dan Boneh\'s crypto 1 course offered on Coursera and the Matasano/cryptopals challenges. From this experience he has given workshops at the Boston Application Security Conference, BSidesLV, DEF CON, and the Crypto and Privacy Village.
\n\n
\nDescription:No Description available
\n\'',NULL,367388),('3_Saturday','10','10:30','10:59','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Blindly hunting for Mercenaries\'','\'Asheer Malhotra,Vitor Ventura\'','CPV_5b5807fe5369d609fba005923d621b3b','\'Title: Blindly hunting for Mercenaries
\nWhen: Saturday, Aug 12, 10:30 - 10:59 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:Asheer Malhotra,Vitor Ventura
\n
SpeakerBio:Asheer Malhotra\n
\nNo BIO available
\n
SpeakerBio:Vitor Ventura\n
\nNo BIO available
\nTwitter: @@_vventura
\n\n
\nDescription:No Description available
\n\'',NULL,367389),('3_Saturday','13','13:30','13:59','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Domain Fronting Through Microsoft Azure and CloudFlare: How to Identify Viable Domain Fronting Proxies\'','\'Charles Miller,Michael Brown,Michael Pelosi\'','CPV_47fa1d86250bd749695d367a186c3def','\'Title: Domain Fronting Through Microsoft Azure and CloudFlare: How to Identify Viable Domain Fronting Proxies
\nWhen: Saturday, Aug 12, 13:30 - 13:59 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\nSpeakers:Charles Miller,Michael Brown,Michael Pelosi
\n
SpeakerBio:Charles Miller\n
\nNo BIO available
\n
SpeakerBio:Michael Brown\n
\nNo BIO available
\n
SpeakerBio:Michael Pelosi\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367390),('4_Sunday','10','10:00','10:05','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'CPV Welcome - Day 3\'','\'CPV Staff\'','CPV_b981f86b4085a1d2765a35b200ebf676','\'Title: CPV Welcome - Day 3
\nWhen: Sunday, Aug 13, 10:00 - 10:05 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367391),('2_Friday','12','12:30','12:59','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Practical advice for navigating edtech privacy\'','\'Michelle Levesley\'','CPV_83904570e9aae799175d0882077d9d45','\'Title: Practical advice for navigating edtech privacy
\nWhen: Friday, Aug 11, 12:30 - 12:59 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:Michelle Levesley\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367392),('4_Sunday','13','13:00','13:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'How mathematical implementation issues lead to cryptographic vulnerabilities\'','\'Bing Shi\'','CPV_b364533499db4a8cd172a7c09f547e9e','\'Title: How mathematical implementation issues lead to cryptographic vulnerabilities
\nWhen: Sunday, Aug 13, 13:00 - 13:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:Bing Shi\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367393),('4_Sunday','10','10:30','10:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Intro to Ciphers\'','\'CPV Staff\'','CPV_9b020fe8975276d04d98e80198126349','\'Title: Intro to Ciphers
\nWhen: Sunday, Aug 13, 10:30 - 10:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367394),('2_Friday','10','10:30','10:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Intro to Ciphers\'','\'CPV Staff\'','CPV_f5347f809766740d5ad6f23e529381d5','\'Title: Intro to Ciphers
\nWhen: Friday, Aug 11, 10:30 - 10:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367395),('2_Friday','16','16:30','16:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Intro to Ciphers\'','\'CPV Staff\'','CPV_cca22c15f27ab4e8149b2d549568a679','\'Title: Intro to Ciphers
\nWhen: Friday, Aug 11, 16:30 - 16:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367396),('3_Saturday','10','10:30','10:45','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Intro to Ciphers\'','\'CPV Staff\'','CPV_182e908f7e1fbe90dd6b8bb9ab3f7f85','\'Title: Intro to Ciphers
\nWhen: Saturday, Aug 12, 10:30 - 10:45 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367397),('2_Friday','12','12:00','12:30','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'Art vs AI: How Artists Hack Computer Vision Systems\'','\'Kate\'','CPV_8fa81ad22216a700be2a2a6066d7e700','\'Title: Art vs AI: How Artists Hack Computer Vision Systems
\nWhen: Friday, Aug 11, 12:00 - 12:30 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:Kate\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367398),('3_Saturday','12','12:00','12:30','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'About Face! Beginner Intro to Facial Recognition\'','\'Kate\'','CPV_3347216d844b58c778424d1ed19ebd24','\'Title: About Face! Beginner Intro to Facial Recognition
\nWhen: Saturday, Aug 12, 12:00 - 12:30 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:Kate\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367399),('3_Saturday','16','16:00','17:59','N','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'CPV Ten Year Anniversary Gathering\'','\'CPV Staff\'','CPV_2e26666010a9793ff61b77e281685c81','\'Title: CPV Ten Year Anniversary Gathering
\nWhen: Saturday, Aug 12, 16:00 - 17:59 PDT
\nWhere: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
\n
SpeakerBio:CPV Staff\n
\nNo BIO available
\n\n
\nDescription:
\nCome on over to join a full takeover of the CPV space, take cute selfies everywhere, and see all our old and new faces for a two hour celebration at CPV!!! We\'ll see what we can pull off.\n

We have speakers and microphones so we\'ll make usage of them, maybe we\'ll sort people by what year they joined us because it\'s fun, who knows? We just want to see everyone\'s lovely faces, we wish we could see you all more often! A group photo with people who want to be part of one perhaps?\n

Logistics: Sadly, we can\'t offer food or drink for many reasons including hotel. Eat beforehand or afterwards! We\'ll try to not demolish the CPV Stage chairs (too much) so talks can continue after.\n

\n\'',NULL,367400),('3_Saturday','17','16:00','17:59','Y','CPV','Flamingo - Sunset - Vista - Crypto & Privacy Village','\'CPV Ten Year Anniversary Gathering\'','\'CPV Staff\'','CPV_2e26666010a9793ff61b77e281685c81','\'\'',NULL,367401),('2_Friday','10','10:00','10:10','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Opening Remarks\'','\'AI Village Organizers\'','AIV_3e691f9706fbc4545d2a01da4e0b52b0','\'Title: AI Village Opening Remarks
\nWhen: Friday, Aug 11, 10:00 - 10:10 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:AI Village Organizers\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367402),('2_Friday','10','10:15','10:59','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Keynote: The last attempted AI revolution in security, and the next one\'','\'Joshua Saxe\'','AIV_250d75860e15a9d9f40443ef0c717cc2','\'Title: AI Village Keynote: The last attempted AI revolution in security, and the next one
\nWhen: Friday, Aug 11, 10:15 - 10:59 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Joshua Saxe\n
\nNo BIO available
\n\n
\nDescription:
\nThis isn’t our first “ChatGPT moment” – a decade ago, when AlexNet realized a step function jump in image classification accuracy, there was a similar wave of hype. Breathless claims were made about deep learning replacing signatures, revolutionizing zero-day attack detection, threat intelligence, and predicting the future. A decade later we can say that it didn’t. ML found a few applications as a value-add (e.g. as a complement to signatures in malware detection), but never became load bearing. Instead, our field continued to improve its basic technologies – signatures, databases, event processing pipelines, and, most importantly, manual human processes. In this talk, I’ll argue that while the past decade gives reasons to doubt it, this AI moment really is different. I’ll delineate the ways in which today’s scaled machine learning models address some (but not all) of the core blockers ML faced in the last decade, and take positions on how scaled ML will shape defensive practice and the threat landscape over the next few years.\n\n\n\n
\n\'',NULL,367403),('2_Friday','11','11:00','11:15','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village CTF Kickoff and Introduction\'','\'Will Pearce\'','AIV_90619cc8b35cba12e854f895a4c78c7e','\'Title: AI Village CTF Kickoff and Introduction
\nWhen: Friday, Aug 11, 11:00 - 11:15 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Will Pearce\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367404),('2_Friday','11','11:30','11:55','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'LLMs: Loose Lips Multipliers\'','\'Kyle Easterly,Mitch Kitter\'','AIV_c91b6246b338ebd3f6e34f92c619c43d','\'Title: LLMs: Loose Lips Multipliers
\nWhen: Friday, Aug 11, 11:30 - 11:55 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\nSpeakers:Kyle Easterly,Mitch Kitter
\n
SpeakerBio:Kyle Easterly\n
\nNo BIO available
\n
SpeakerBio:Mitch Kitter\n
\nNo BIO available
\n\n
\nDescription:
\nIn this talk, we explore the potential risk posed by usage of Large Language Models (LLMs) in a business environment, asking the question: Are LLMs \"Loose Lips Multipliers?\" Using the hypothetical case of Purple Aerospace Manufacturing Corporation, we investigate whether an LLM fine-tuned on user interactions can infer sensitive business strategies. After creating a synthetic dataset emulating corporate documents, we put our model to the test, exploring different information extraction techniques and discussing the implications of our findings. We propose future work and invite dialogue on mitigations and the best practices for using LLMs in business contexts.\n
\n\n\'',NULL,367405),('2_Friday','12','12:00','12:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Assessing the Vulnerabilities of the Open-Source Artificial Intelligence (AI) Landscape: A Large-Scale Analysis of the Hugging Face Platform\'','\'Adhishree Kathikar,Aishwarya Nair\'','AIV_1feae108a23b7fca2108ac254d74b826','\'Title: Assessing the Vulnerabilities of the Open-Source Artificial Intelligence (AI) Landscape: A Large-Scale Analysis of the Hugging Face Platform
\nWhen: Friday, Aug 11, 12:00 - 12:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\nSpeakers:Adhishree Kathikar,Aishwarya Nair
\n
SpeakerBio:Adhishree Kathikar\n
\nNo BIO available
\n
SpeakerBio:Aishwarya Nair\n
\nNo BIO available
\n\n
\nDescription:
\nArtificial Intelligence (AI) has earned its title as one of the most critical disruptive technologies in the 21st century. As AI develops at a rapid rate, open-source software (OSS) platforms develop alongside it. Hugging Face is one of these prevailing OSS platforms as it hosts pre-trained AI models, facilitating the accessibility of AI models. Hugging Face is used by over 22,000 organizations, including Intel and Microsoft, has supported more than 2.6 billion model downloads, and is rapidly growing. Just in the past year, Hugging Face has more than doubled its model library from 80,000 models to 203,000 models. However, while Hugging Face democratizes access to AI models, these models may contain unknown security vulnerabilities. Our research focuses on automating our collection process of Hugging Face models, linking them to their primary codebases on GitHub, and executing a large-scale vulnerability assessment of these GitHub repositories using static scanners. We collected more than 110,000 Hugging Face models and over 29,000 GitHub repositories. Our vulnerability assessment of these GitHub models depicted that 35.98% of the severities detected from the root GitHub repositories (developed by Hugging Face) were high-severity vulnerabilities while only 6.79% were low-severity. On the other hand, 82.89% of vulnerabilities from searched repositories (determined through the ‘huggingface’ keyword) are low-severity and 7.49% high-severity, while 82.69% of vulnerabilities from the repositories forked from the root repositories were low-severity and 9.22% were high-severity. The trend in severity levels found in root repositories contradicts the results of severities detected in forked and searched repositories. Given that many of the vulnerabilities reside in fundamental AI repositories such as Transformers, this vulnerability assessment has significant implications for supply chain software security and AI risk management more broadly.\n
\n\n\'',NULL,367406),('2_Friday','12','12:30','13:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Not Just The Pickle: An Overview of Exploitable ML Serialization Formats\'','\'Marta Janus\'','AIV_2442fdc8c26f3e983116940155687134','\'Title: Not Just The Pickle: An Overview of Exploitable ML Serialization Formats
\nWhen: Friday, Aug 11, 12:30 - 13:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Marta Janus\n
\nNo BIO available
\n\n
\nDescription:
\nMachine learning models are often treated as black boxes, with their internals hidden away from users. However, as ML technology has become more prevalent in everyday life, it is crucial to understand that these models are essentially code - and as such, can be manipulated in unexpected and potentially malicious ways. In this talk, we explore several model serialization formats used by popular ML libraries, such as PyTorch, Keras, TensorFlow, and scikit-learn. We show how each of these formats can be exploited to execute arbitrary code and bypass security measures, leading to the compromise of critical ML infrastructure systems. We also demonstrate how it is possible to hide a malicious payload inside an ML model using steganography and then reconstruct and execute it when the model is loaded into memory.\n
\n\n\'',NULL,367407),('2_Friday','13','12:30','13:25','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Not Just The Pickle: An Overview of Exploitable ML Serialization Formats\'','\'Marta Janus\'','AIV_2442fdc8c26f3e983116940155687134','\'\'',NULL,367408),('2_Friday','14','14:00','14:55','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'A Few Useful Lessons about AI Red Teaming\'','\'Ram Shankar Siva Kumar\'','AIV_33921f4d372e27f7064237f034c5bee6','\'Title: A Few Useful Lessons about AI Red Teaming
\nWhen: Friday, Aug 11, 14:00 - 14:55 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Ram Shankar Siva Kumar\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk captures the lessons learned from red teaming production AI systems from Microsoft and Google. We contextualize how red teaming AI systems is similar yet different from red teaming traditional software systems, and distill 10 lessons from a practioner’s perspective. Whether you are considering a career change into red teaming AI systems, or subverting AI systems for fun/twitter clout or simply want to cash in on the AI bug bounties for profit, these lessons on attacking AI systems applies to you.\n

The 10 lessons are:\n

Lesson 1: Red Teaming AI systems means different things to different communities\nLesson 2: AI Red Teaming is somewhere in the middle\nLesson 3: AI Red Teaming is a shared responsibility with a different process\nLesson 4: Red Teaming AI models is different from red teaming AI applications\nLesson 5: There are novel security risks to look out for….\nLesson 6: …But do not forget traditional security\nLesson 7: The goal of the AI Red Team is not to find all the different ways AI systems fail\nLesson 8: You do not need to be a math whiz to red team AI system\nLesson 9: AI Red Team needs a diverse set of skills in the team\nLesson 10: There is so much to do before you start red teaming your AI system\n

\n\'',NULL,367409),('2_Friday','16','16:00','16:55','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Unveiling the Secrets: Breaking into AI/ML Security Bug Bounty Hunting\'','\'Chloé Messdaghi,Daniel Miessler,Joseph Thacker,Marcello \"byt3bl33d3r\" Salvati\'','AIV_8366540f1d62ca377fd65c6d366a63ff','\'Title: Unveiling the Secrets: Breaking into AI/ML Security Bug Bounty Hunting
\nWhen: Friday, Aug 11, 16:00 - 16:55 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\nSpeakers:Chloé Messdaghi,Daniel Miessler,Joseph Thacker,Marcello \"byt3bl33d3r\" Salvati
\n
SpeakerBio:Chloé Messdaghi\n
\nNo BIO available
\n
SpeakerBio:Daniel Miessler\n
\nNo BIO available
\n
SpeakerBio:Joseph Thacker\n
\nNo BIO available
\n
SpeakerBio:Marcello \"byt3bl33d3r\" Salvati\n, Hacker & Entrepreneur
\nMarcello Salvati (byt3bl33d3r) is a hacker & entrepreneur with over a decade of experience as an Offensive Security Researcher, Blue/Purple/Red Teamer and Open Source developer. Marcello is known for creating a number of Open Source tools such as CrackMapExec and weaponizing unorthodox programming languages for malware purposes.
\nTwitter: @byt3bl33d3r
\n\n
\nDescription:
\nAs the world becomes increasingly dependent on artificial intelligence and machine learning systems, the need for robust ML security measures is more critical than ever. AI/ML security bug bounty hunting is a specialized field that focuses on identifying vulnerabilities and weaknesses in AI/ML systems to ensure their resilience against potential attacks. This panel talk aims to provide participants with an in-depth understanding of AI/ML security bug bounty hunting, including an introduction to the field, insights into vulnerabilities and attack surfaces specific to AI/ML systems, and a comprehensive overview of tools and techniques for effective bug hunting.\n
\n\n\'',NULL,367410),('2_Friday','17','17:00','17:55','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Ghost in the Neurons - ML Webshells\'','\'Tom Bonner\'','AIV_2fcf1b7e40913ab03bcee096746ab403','\'Title: Ghost in the Neurons - ML Webshells
\nWhen: Friday, Aug 11, 17:00 - 17:55 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Tom Bonner\n
\nNo BIO available
\n\n
\nDescription:
\nGhost in the Neurons will reveal for the first time how an interactive remote shell can be operated via machine learning deep neural networks that are accessible through inference APIs. Somewhat akin to webshells, ML reverse shells can be implanted into pre-trained models by an adversary and used to perform initial compromise or maintain persistence within an environment while conducting command and control communications surreptitiously over legitimate channels. Alongside traditional features you’d expect to see in a backdoor, such as an interactive remote shell, upload/download/execute commands etc., ML “webshells” can also provide bespoke functionality allowing an attacker to steal input features, perform fault injection and tamper with a model’s predictions.\n

In this talk, we will explain how machine learning models can be abused to operate a covert remote shell and backdoor. We will demonstrate how to capture commands from the model’s vectorized feature input, how to encode responses to the attacker via the model’s output predictions, and how ML shells can be deployed, either through direct code insertion or data deserialization flaws that can be leveraged when loading models. We will also show how most stages of the attack evade detection from traditional security solutions.\n

\n\'',NULL,367411),('3_Saturday','15','15:00','15:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'you sound confused, anyways - thanks for the jewels.\'','\'Adrian \"threlfall\" Wood\'','AIV_c31fbb567793124c9135bf97117a365f','\'Title: you sound confused, anyways - thanks for the jewels.
\nWhen: Saturday, Aug 12, 15:00 - 15:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Adrian \"threlfall\" Wood\n, Dropbox
\nAdrian Wood, aka threlfall, discovered a love for hacking from cracking and modding video games and from the encouragement of online friends. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive research team at a US bank, where he was very interested in appsec, container security, CI/CD security and also founded their bug bounty program. He currently works for Dropbox, working on their red team. In his free time, he enjoys playing saxophone, working on vintage cars, and fly-fishing.
\n\n
\nDescription:
\nA case study in using Huggingface and machine learning models for supply chain style attacks in red team operations. Machine learning models execute by necessity within a businesses most sensitive environment with high level access to crown jewels, making it a perfect target. Learn the ways in which these attacks can be performed, how to avoid detection and what you can expect to find or do with your newfound ML environment access as a red teamer.\n
\n\n\'',NULL,367412),('3_Saturday','10','10:30','11:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Keynote 2: AI red teaming tradecraft: a team of teams approach\'','\'Daniel Fabian,Mikel Rodriguez,Sarah Hodkinson\'','AIV_e02ba75166a784415e3aea25171ae604','\'Title: AI Village Keynote 2: AI red teaming tradecraft: a team of teams approach
\nWhen: Saturday, Aug 12, 10:30 - 11:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\nSpeakers:Daniel Fabian,Mikel Rodriguez,Sarah Hodkinson
\n
SpeakerBio:Daniel Fabian\n
\nNo BIO available
\n
SpeakerBio:Mikel Rodriguez\n
\nNo BIO available
\n
SpeakerBio:Sarah Hodkinson\n
\nNo BIO available
\n\n
\nDescription:
\nAI-enabled systems are rapidly being deployed in a wide range of high-stakes environments. These systems are vulnerable to a wide range of attacks that can trigger errors, degrade performance, or disclose sensitive data. This talk will offer a firsthand account and reflect on some lessons learned from Google DeepMind’s AI red team. While research in ensuring the security and privacy of AI-enabled systems is rapidly growing, much of today’s research is focused on lab settings, and a more holistic understanding of how these emerging vulnerabilities can interact with known real-world security vulnerabilities in deployed systems is lacking. As part of this talk we will explore opportunities for the DEFCON community to work together to ensure mission-critical AI systems are battle-tested with the rigor and scrutiny of real-world adversaries.\n
\n\n\'',NULL,367413),('3_Saturday','11','10:30','11:25','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Keynote 2: AI red teaming tradecraft: a team of teams approach\'','\'Daniel Fabian,Mikel Rodriguez,Sarah Hodkinson\'','AIV_e02ba75166a784415e3aea25171ae604','\'\'',NULL,367414),('3_Saturday','11','11:30','12:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Creative Misuse of AI Systems\'','\'Eryk Salvaggio\'','AIV_6b86ac2be2078bc862a629f5b0141568','\'Title: Creative Misuse of AI Systems
\nWhen: Saturday, Aug 12, 11:30 - 12:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Eryk Salvaggio\n
\nNo BIO available
\n\n
\nDescription:
\nIn this panel, three artists from the Algorithmic Resistance Research Group (ARRG!) present creative work and workflows that emerged from attempts to crack AI black boxes open. Aligned with the hacker ethos of exploration, experimentation and creative misuse, this panel presents adversarial, ethical artmaking practices for artificial intelligence systems, including image synthesis and recognition. The panel includes three artists displayed in the AI Village Art Exhibition space: Steph Maj Swanson, creator of Loab, the viral \"latent space cryptid,\" Eryk Salvaggio, an artist who revels in confusing AI systems into making images from error states; and Caroline Sinders, an artist and researcher who recontextualizes these systems into revealing underlying biases and potential harms.\n

This non-technical, but conceptual conversation offers up art alongside possible strategies. It will be of interest for hackers intrigued by the creative potential of these tools, but who may have ethical concerns or doubts about the way these tools are assembled, built, and deployed. The artists will share their work and offer insights into strategies and implications of creative misuse.\n

\n\'',NULL,367415),('3_Saturday','12','11:30','12:25','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Creative Misuse of AI Systems\'','\'Eryk Salvaggio\'','AIV_6b86ac2be2078bc862a629f5b0141568','\'\'',NULL,367416),('3_Saturday','12','12:30','13:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'LLM Legal Risk Management, and Use Case Development Strategies to Minimize Risk\'','\'Nick Maietta,Robert Hudock\'','AIV_c25c71563e57287628bda11e07752856','\'Title: LLM Legal Risk Management, and Use Case Development Strategies to Minimize Risk
\nWhen: Saturday, Aug 12, 12:30 - 13:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\nSpeakers:Nick Maietta,Robert Hudock
\n
SpeakerBio:Nick Maietta\n
\nNo BIO available
\n
SpeakerBio:Robert Hudock\n
\nNo BIO available
\n\n
\nDescription:
\nThe California Privacy Rights Act (CPRA), the Colorado Privacy Act (CPA), the Virginia Consumer Data Protection Act (VCDPA), and the Connecticut Data Privacy Act (CTDPA) empower consumers with the option to withdraw from the processing of their personal data for profiling objectives, establishing regulations that influence automated decision-making. As organizations, including legal firms, are adopting large language models (LLMs) more frequently for various purposes, addressing issues related to privacy and security becomes critical. This talk will explore tactics and best practices implemented by King & Spalding to mitigate risks connected with LLMs. The conversation will particularly emphasize de-identification tools, terms of service, and the potential risk of client confidential data breaches. Attendees will be updated about recent privacy and security regulations, along with methodologies to ensure regulatory adherence and uphold trust.\n
\n\n\'',NULL,367417),('3_Saturday','13','12:30','13:25','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'LLM Legal Risk Management, and Use Case Development Strategies to Minimize Risk\'','\'Nick Maietta,Robert Hudock\'','AIV_c25c71563e57287628bda11e07752856','\'\'',NULL,367418),('3_Saturday','13','13:30','14:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'The Sinister Synergy of Advanced AI: Automatically Orchestrating Large-scale Scam Campaigns with Large Generative Models\'','\'Ben Gelman,Younghoo Lee\'','AIV_e36b13cd4acaeeb1ecc43625f6ef7f53','\'Title: The Sinister Synergy of Advanced AI: Automatically Orchestrating Large-scale Scam Campaigns with Large Generative Models
\nWhen: Saturday, Aug 12, 13:30 - 14:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\nSpeakers:Ben Gelman,Younghoo Lee
\n
SpeakerBio:Ben Gelman\n
\nNo BIO available
\n
SpeakerBio:Younghoo Lee\n
\nNo BIO available
\n\n
\nDescription:
\nRapid advancements in AI have enabled large language models (LLMs) and generative technologies to fuse their outputs, creating a new level of diverse, synthetic content that can deceive on an unprecedented scale. This chilling union of AI capabilities opens the door to the generation of entire scam campaigns, blurring the boundary between reality and fiction.\n

Many people are already aware of how LLMs can help with basic writing and coding. In this talk, we go beyond simple LLM-assisted ploys and automatically orchestrate unprecedented credential-stealing scam campaigns that combine code, text, images, and audio to build dozens of websites, product catalogs, testimonials, and social media advertisements. We discuss how the barriers to entry have decreased for criminals with minimal knowledge of AI, the scale that automation can achieve, and the current shortcomings that still require human intervention.\n

\n\'',NULL,367419),('3_Saturday','14','13:30','14:25','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'The Sinister Synergy of Advanced AI: Automatically Orchestrating Large-scale Scam Campaigns with Large Generative Models\'','\'Ben Gelman,Younghoo Lee\'','AIV_e36b13cd4acaeeb1ecc43625f6ef7f53','\'\'',NULL,367420),('3_Saturday','15','15:30','15:55','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Hackaprompt 2023: Trials and Tribulations\'','\'Kenneth Yeung\'','AIV_bf913a3d6b16a67f3f5009a9419901b6','\'Title: Hackaprompt 2023: Trials and Tribulations
\nWhen: Saturday, Aug 12, 15:30 - 15:55 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Kenneth Yeung\n
\nNo BIO available
\n\n
\nDescription:
\nIn this presentation, we unpack various prompt injection and hijacking techniques in the context of the Hackaprompt 2023 competition, the world’s first prompt injection/hacking competition. Starting from exploiting AI\'s ignorance in simple prompt injections to evading catch-all defenses in task-oriented attacks, we explore complex techniques like output manipulation, input filtering, and password leak exploits. Further, we delve into dictionary attacks and gaslighting AI models, manipulations of proxy prompts, formatting strategies, and maneuvering past redundant defenses. The talk culminates in tackling the challenge of \'Slash Hell\', where we exploit max token limits and prompt language models to interpret hidden meanings, thus emphasizing the need for robust AI defense mechanisms and ongoing AI education.\n
\n\n\'',NULL,367421),('3_Saturday','16','16:00','16:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Ignore the Law: The Legal Risks of Prompt Injection Attacks on Large Language Models\'','\'Ram Shankar Siva Kumar\'','AIV_7293155b7ec3c4dec60e3547c3d135b0','\'Title: Ignore the Law: The Legal Risks of Prompt Injection Attacks on Large Language Models
\nWhen: Saturday, Aug 12, 16:00 - 16:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Ram Shankar Siva Kumar\n
\nNo BIO available
\n\n
\nDescription:
\n“What are the legal risks to a user/security enthusiast when performing prompt injection attacks?” That is the question this talk attempts to answer.\n

Prompt injection has frequently been compared to SQL injection or remote code execution. This comparison is warranted because the adversary in prompt injection is exploiting that the input to the LLM does not explicitly bound the data and the instruction: it is all garbled in natural language. So, if SQL injection is prohibited by the law in most circumstances, what about prompt injection?\n

\n\'',NULL,367422),('3_Saturday','16','16:30','17:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'ChatGPT: Your Red Teaming Ally\'','\'Gavin Klondike\'','AIV_56fe57fba9af4cbd025ed75709e4cd5f','\'Title: ChatGPT: Your Red Teaming Ally
\nWhen: Saturday, Aug 12, 16:30 - 17:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Gavin Klondike\n
\nNo BIO available
\n\n
\nDescription:
\nIn this talk, we\'ll dive into how ChatGPT can enhance your existing workflow and provide valuable insights. We\'ll start with a brief overview of what GPT models are, how to craft the perfect prompt, and then focus on red team specific use cases for day-to-day operations.\n
\n\n\'',NULL,367423),('3_Saturday','17','16:30','17:25','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'ChatGPT: Your Red Teaming Ally\'','\'Gavin Klondike\'','AIV_56fe57fba9af4cbd025ed75709e4cd5f','\'\'',NULL,367424),('4_Sunday','10','10:00','10:25','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'Fuzzing and Symbolic Execution: Offensive Techniques to Unmask Vulnerabilities in Neural Networks\'','\'Rafael Turner\'','AIV_1a4c7a1333f010b21bf26c91028f20d4','\'Title: Fuzzing and Symbolic Execution: Offensive Techniques to Unmask Vulnerabilities in Neural Networks
\nWhen: Sunday, Aug 13, 10:00 - 10:25 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Rafael Turner\n
\nNo BIO available
\n\n
\nDescription:
\nThe complexity of neural networks often renders them opaque to thorough introspection, thus leading to potential vulnerabilities. This talk introduces program analysis techniques, explicitly fuzzing and symbolic execution, as tools to probe and uncover these hidden weak spots in neural networks. Symbolic execution and fuzzing have played a big part in vulnerability discovery. Tools like Radamsa and AFL are familiar to many vulnerability research and exploit developers. However, how these tools help evaluate and assess machine learning models could be more well-known. So, I will share how I use fuzzing for robustness testing, equivalence checking, and general bug discovery and property invalidation. I will share how I wrote a tool that will take in deep learning models, such as the latest transformed-based language models, generate inputs that cause floating-point computation errors, divergent behavior between quantized and unquantized models, and discover inputs that cause language models to misbehave. This talk shows how familiar concepts can be reused to evaluate machine learning models. While gradient-based methods are powerful for understanding and exploiting the behavior of neural networks, an approach using fuzzing and symbolic execution offers a few unique advantages:\n
    \n
  1. Black-Box Compatibility: Unlike gradient-based methods, which typically require access to the model\'s internal parameters, fuzzing and symbolic execution can be applied to black-box models where such information is unavailable.
  2. Different Error Detection: These methods can uncover a different set of potential issues that may not be readily discovered or expressed using gradient-based techniques, such as floating point errors, numerical instabilities, and discrepancies between quantized and unquantized models.
\n\n\'',NULL,367425),('4_Sunday','10','10:45','11:30','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'GRT Report Out\'','\'Sven Cattell\'','AIV_11ecc6cc5043522bc07a29be23f1f139','\'Title: GRT Report Out
\nWhen: Sunday, Aug 13, 10:45 - 11:30 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:Sven Cattell\n, Founder at nbhd.ai & AI Village
\nSven founded the AI Village in 2018 and has been running it ever since. Sven is also the founder of nbhd.ai, a startup focused on the security and integrity of datasets and the AI they build. He was previously a senior data scientist at Elastic where he built the malware model training pipeline. He has a PhD in Algebraic Topology, and a postdoc in geometric machine learning where he focused on anomaly and novelty detection.
\nTwitter: @@comathematician
\n\n
\nDescription:No Description available
\n\'',NULL,367426),('4_Sunday','11','10:45','11:30','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'GRT Report Out\'','\'Sven Cattell\'','AIV_11ecc6cc5043522bc07a29be23f1f139','\'\'',NULL,367427),('4_Sunday','11','11:15','11:45','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Closing Remarks\'','\'AI Village Organizers\'','AIV_41b6c07e2ef988e015cfcb8f58e0fbad','\'Title: AI Village Closing Remarks
\nWhen: Sunday, Aug 13, 11:15 - 11:45 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
SpeakerBio:AI Village Organizers\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367428),('3_Saturday','11','11:00','11:45','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Getting More Bang for your Buck:Appsec on a Limited Budget\'','\'Vandana Verma Sehgal,Viraj Gandhi\'','APV_e645a0fbeb4cf7d5ca7212ccf6ffa935','\'Title: Getting More Bang for your Buck:Appsec on a Limited Budget
\nWhen: Saturday, Aug 12, 11:00 - 11:45 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\nSpeakers:Vandana Verma Sehgal,Viraj Gandhi
\n
SpeakerBio:Vandana Verma Sehgal\n
\nVandana Verma is a Security Leader at Snyk, Podcast host Diversity and Inclusion Advocate and an International speaker and influencer on a range of themes in Information Security, including Application Security, DevSecOps, Cloud Security and Security Careers.\n

From being the Chair of the OWASP Global Board of Directors to running various groups promoting security to organising conferences to even delivering keynote addresses at several of them, she is engaged continuously and proactively in making the global application security community a better place for individuals, organizations and societies.\n

\nTwitter: @InfosecVandana
\n
SpeakerBio:Viraj Gandhi\n
\nMy name is Viraj Gandhi,I am a Product Security Manager at SailPoint. I have Successfully led “Shift-to-left” transformations of security programs at various companies like ServiceNow,SailPoint.
\n\n
\nDescription:
\nThe talk is about the importance of application security (AppSec) in modern software development due to the increasing number of applications being built, bought, and downloaded. As applications are the main source of security breaches, organizations need to establish strong AppSec programs to ensure weaknesses are identified and resolved early in the development cycle. However, small startups with limited budgets may struggle to establish a dedicated AppSec team, making it important to focus on key areas such as establishing baseline knowledge, implementing basic security controls, prioritizing security based on risk, and continuous monitoring and improvement. The talk will cover ways to build a business case for investing in AppSec programs and establishing benchmarks and metrics for success.\n
\n\n\'',NULL,367429),('2_Friday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Defensive Coding and Hardened Javascript\'','\'Aaron Kumavis,Zbyszek Tenerowicz\'','APV_bec8305f03f0e88a27429cbc6cc420e1','\'Title: Defensive Coding and Hardened Javascript
\nWhen: Friday, Aug 11, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Workshop - Map
\nSpeakers:Aaron Kumavis,Zbyszek Tenerowicz
\n
SpeakerBio:Aaron Kumavis\n
\nfounder metamask
\nTwitter: @kumavis_
\n
SpeakerBio:Zbyszek Tenerowicz\n
\nJS Security Engineer at MetaMask working on LavaMoat and Endo. Started using Node.js at v0.8 and never stopped. Enjoys innovating and teaching security, diagnostics and maintainability. One of the oldest members of meet.js Poland community.
\nTwitter: @naugtur
\n\n
\nDescription:
\nMalicious code is out to get you. Can you keep your app working as expected and hold on to your secrets? Come to this workshop and try!\n

The entire workshop will be delivered as bite-sized hands-on exercises where increasingly advanced threats are presented and you get to defend. \n

We\'ll explore techniques allowing cooperation with packages thatintend to steal your secrets and mess with built-in functionality of JavaScript via prototype-poisoning.\nAnother part of the workshop will focus on using tools to isolate code and scale the defensive coding practice up for larger codebases.\n

\n\n\'',NULL,367430),('2_Friday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Defensive Coding and Hardened Javascript\'','\'Aaron Kumavis,Zbyszek Tenerowicz\'','APV_bec8305f03f0e88a27429cbc6cc420e1','\'\'',NULL,367431),('2_Friday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Hands-on GitHub Actions\'','\'Magno Logan\'','APV_871f859b00b97afbd85cf97e16f51a54','\'Title: Hands-on GitHub Actions
\nWhen: Friday, Aug 11, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 1 - Map
\n
SpeakerBio:Magno Logan\n
\nMagno Logan works as an Information Security Specialist. He specializes in Cloud, Container, and Application Security Research. He has been tapped as a resource speaker for numerous security conferences around the globe.
\nTwitter: @magnologan
\n\n
\nDescription:
\nIn each round, the participants will get to deploy a set of GitHub Actions in a chosen project to implement security best practices. Whoever completes the challenge first among the competitors, or gets closer to completing it, wins. The set of Actions at each round will be chosen randomly among the Actions in the Security category available in the Marketplace.\n
\n\n\'',NULL,367432),('2_Friday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Hands-on GitHub Actions\'','\'Magno Logan\'','APV_871f859b00b97afbd85cf97e16f51a54','\'\'',NULL,367433),('2_Friday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'vAPI : Vulnerable Adversely Programmed Interface\'','\'Tushar Kulkarni\'','APV_3d8e9dc6f7b5b2c6d777d326b76cb572','\'Title: vAPI : Vulnerable Adversely Programmed Interface
\nWhen: Friday, Aug 11, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 2 - Map
\n
SpeakerBio:Tushar Kulkarni\n
\nTushar Kulkarni is a graduate student in Secure Computing at Indiana University Bloomington. He has a interest in Web Application Security and has presented before at various conferences like Blackhat , HITB, OWASP AppSecDays, APISecure
\nTwitter: @vk_tushar
\n\n
\nDescription:
\nvAPI is a Vulnerable Interface in a Lab like environment that mimics the scenarios from OWASP API Top 10 and helps the user understand and exploit the vulnerabilities according to OWASP API Top 10 2019. Apart from that, the lab consists some more exercises/challenges related to advanced topics related to Authorization and Access Control.\n
\n\n\'',NULL,367434),('2_Friday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'vAPI : Vulnerable Adversely Programmed Interface\'','\'Tushar Kulkarni\'','APV_3d8e9dc6f7b5b2c6d777d326b76cb572','\'\'',NULL,367435),('2_Friday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Spot the True Positives!\'','\'Backslash\'','APV_4ee84b59c920d509e29c267a6e85a804','\'Title: Spot the True Positives!
\nWhen: Friday, Aug 11, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 3 - Map
\n
SpeakerBio:Backslash\n
\nNo BIO available
\n\n
\nDescription:
\nHave participants find the true positives out of 5 SQLi. \n
\n\n\'',NULL,367436),('2_Friday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Spot the True Positives!\'','\'Backslash\'','APV_4ee84b59c920d509e29c267a6e85a804','\'\'',NULL,367437),('3_Saturday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Spot the True Positives!\'','\'Backslash\'','APV_a36d9eea147780ab740f01e79c1e87af','\'Title: Spot the True Positives!
\nWhen: Saturday, Aug 12, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 3 - Map
\n
SpeakerBio:Backslash\n
\nNo BIO available
\n\n
\nDescription:
\nHave participants find the true positives out of 5 SQLi. \n
\n\n\'',NULL,367438),('3_Saturday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Spot the True Positives!\'','\'Backslash\'','APV_a36d9eea147780ab740f01e79c1e87af','\'\'',NULL,367439),('3_Saturday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'The Ultimate AppSec Trivia Challenge\'','\'Probely\'','APV_f0c7dcb153e3748c6c89114495122e7d','\'Title: The Ultimate AppSec Trivia Challenge
\nWhen: Saturday, Aug 12, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 4 - Map
\n
SpeakerBio:Probely\n
\nNo BIO available
\n\n
\nDescription:
\nThe Ultimate AppSec Trivia Challenge is a fun and educational game that tests your application security knowledge. The game consists of cards with questions ranging from easy to hard, all related to application security. Players can challenge themselves, or each other, to test their knowledge. You can improve your understanding of AppSec and have fun simultaneously. Bring your team or yourself and see where you rank on the leaderboard! Whether you\'re a beginner or an expert in application security, The Ultimate AppSec Trivia Challenge has something for everyone to learn.\n
\n\n\'',NULL,367440),('3_Saturday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'The Ultimate AppSec Trivia Challenge\'','\'Probely\'','APV_f0c7dcb153e3748c6c89114495122e7d','\'\'',NULL,367441),('2_Friday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'The Ultimate AppSec Trivia Challenge\'','\'Probely\'','APV_3ca8fb04b586c1112c6bf985eeebdeee','\'Title: The Ultimate AppSec Trivia Challenge
\nWhen: Friday, Aug 11, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 4 - Map
\n
SpeakerBio:Probely\n
\nNo BIO available
\n\n
\nDescription:
\nThe Ultimate AppSec Trivia Challenge is a fun and educational game that tests your application security knowledge. The game consists of cards with questions ranging from easy to hard, all related to application security. Players can challenge themselves, or each other, to test their knowledge. You can improve your understanding of AppSec and have fun simultaneously. Bring your team or yourself and see where you rank on the leaderboard! Whether you\'re a beginner or an expert in application security, The Ultimate AppSec Trivia Challenge has something for everyone to learn.\n
\n\n\'',NULL,367442),('2_Friday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'The Ultimate AppSec Trivia Challenge\'','\'Probely\'','APV_3ca8fb04b586c1112c6bf985eeebdeee','\'\'',NULL,367443),('3_Saturday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'The Ultimate AppSec Trivia Challenge\'','\'Probely\'','APV_fa0fcf1de3966473ac5dd2aad121c263','\'Title: The Ultimate AppSec Trivia Challenge
\nWhen: Saturday, Aug 12, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 4 - Map
\n
SpeakerBio:Probely\n
\nNo BIO available
\n\n
\nDescription:
\nThe Ultimate AppSec Trivia Challenge is a fun and educational game that tests your application security knowledge. The game consists of cards with questions ranging from easy to hard, all related to application security. Players can challenge themselves, or each other, to test their knowledge. You can improve your understanding of AppSec and have fun simultaneously. Bring your team or yourself and see where you rank on the leaderboard! Whether you\'re a beginner or an expert in application security, The Ultimate AppSec Trivia Challenge has something for everyone to learn.\n
\n\n\'',NULL,367444),('3_Saturday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'The Ultimate AppSec Trivia Challenge\'','\'Probely\'','APV_fa0fcf1de3966473ac5dd2aad121c263','\'\'',NULL,367445),('2_Friday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'The Ultimate AppSec Trivia Challenge\'','\'Probely\'','APV_83920c217bf9c6f03f1a222210c0c6e7','\'Title: The Ultimate AppSec Trivia Challenge
\nWhen: Friday, Aug 11, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 4 - Map
\n
SpeakerBio:Probely\n
\nNo BIO available
\n\n
\nDescription:
\nThe Ultimate AppSec Trivia Challenge is a fun and educational game that tests your application security knowledge. The game consists of cards with questions ranging from easy to hard, all related to application security. Players can challenge themselves, or each other, to test their knowledge. You can improve your understanding of AppSec and have fun simultaneously. Bring your team or yourself and see where you rank on the leaderboard! Whether you\'re a beginner or an expert in application security, The Ultimate AppSec Trivia Challenge has something for everyone to learn.\n
\n\n\'',NULL,367446),('2_Friday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'The Ultimate AppSec Trivia Challenge\'','\'Probely\'','APV_83920c217bf9c6f03f1a222210c0c6e7','\'\'',NULL,367447),('2_Friday','11','11:45','12:30','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'The attackers guide to exploiting secrets in the universe\'','\'Mackenzie Jackson\'','APV_001b2344c5f52e7674ee52d6d32a82dc','\'Title: The attackers guide to exploiting secrets in the universe
\nWhen: Friday, Aug 11, 11:45 - 12:30 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Mackenzie Jackson\n
\nMackenzie is a developer and security advocate with a passion for ode security. As the co-founder and former CTO of Conpago he learnt first-hand how critical it is to build secure applications and today is able to continue that passion at GitGuardian
\nTwitter: @advocatemack
\n\n
\nDescription:
\nExposed secrets like API keys and other credentials continue to be a persistent vulnerability. This presentation sheds light on the methods used to discover and exploit such secrets in various environments, including public and private git repositories, containers, and compiled mobile applications. This presentation combines various different research projects that illustrates the different methods attackers use to find and exploit secrets to gain initial access, elevate privileges and created persisted access. \nIt covers research into exploiting secrets in git repositories, private and public, exploiting secrets in compiled mobile applications and exploiting secrets in packages and containers. \n

This presentation offers valuable insights and information on how to identify and address exposed secrets, one of the most persistent vulnerabilities in application security.\n

\n\n\'',NULL,367448),('2_Friday','12','11:45','12:30','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'The attackers guide to exploiting secrets in the universe\'','\'Mackenzie Jackson\'','APV_001b2344c5f52e7674ee52d6d32a82dc','\'\'',NULL,367449),('2_Friday','12','12:30','13:15','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'DevSecOps Worst Practices\'','\'Tanya Janca\'','APV_301ef848fbdfa07918c48aa914882707','\'Title: DevSecOps Worst Practices
\nWhen: Friday, Aug 11, 12:30 - 13:15 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Tanya Janca\n
\nTanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an academy, community and podcast that teaches everyone to create secure software.
\nTwitter: @shehackspurple
\n\n
\nDescription:
\nQuite often when we read best practices we are told ‘what’ to do, but not the ‘why’. When we are told to ensure there are no false positives in the pipeline, the reason seems obvious, but not every part of DevOps is that intuitive, and not all ‘best practices’ make sense on first blush. Let’s explore tried, tested, and failed methods, and then flip them on their head, so we know not only what to do to avoid them, but also why it is important to do so, with these DevSecOps WORST practices.\n
\n\n\'',NULL,367450),('2_Friday','13','12:30','13:15','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'DevSecOps Worst Practices\'','\'Tanya Janca\'','APV_301ef848fbdfa07918c48aa914882707','\'\'',NULL,367451),('2_Friday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Web Shells - What They Are And How To Hunt Them\'','\'Joe Schottman\'','APV_5ca0310ecc556a59173791e3e421ee14','\'Title: Web Shells - What They Are And How To Hunt Them
\nWhen: Friday, Aug 11, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Workshop - Map
\n
SpeakerBio:Joe Schottman\n
\nJoe Schottman is an application security focused security professional with experience including web app development and purple team engagements. He has spoken at conferences on threat hunting, web shells, purple teams, and more.
\nTwitter: @JoeSchottman
\n\n
\nDescription:
\nWeb Shells are malicious web applications used for remote access and. They\'ve been used in many of the recent prominent breaches/vulnerabilities including Equifax, SolarWinds, and ProxyLogon and are used by APTs and other threats. With ProxyLogon, the FBI was authorized to remove them from victim machines.\n

This session will help you avoid telling your employer that the FBI is now doing volunteer admin work by teaching you about Web Shells, how to hunt for them, and doing hands-on hunting in a VM. A little groundwork goes a long way and this class will show what to do.\n

\n\n\'',NULL,367452),('2_Friday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Web Shells - What They Are And How To Hunt Them\'','\'Joe Schottman\'','APV_5ca0310ecc556a59173791e3e421ee14','\'\'',NULL,367453),('2_Friday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'AMA - Tib3rius\'','\'Tib3rius\'','APV_bad595b2f724be0115b55a5411c4d9cb','\'Title: AMA - Tib3rius
\nWhen: Friday, Aug 11, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 1 - Map
\n
SpeakerBio:Tib3rius\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367454),('2_Friday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'AMA - Tib3rius\'','\'Tib3rius\'','APV_bad595b2f724be0115b55a5411c4d9cb','\'\'',NULL,367455),('2_Friday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'IDN-Squatting Detector\'','\'Gal Bitensky\'','APV_56b4fdd1ad329e18fba5122c33a1649c','\'Title: IDN-Squatting Detector
\nWhen: Friday, Aug 11, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 2 - Map
\n
SpeakerBio:Gal Bitensky\n
\nGal is a “full stack researcher, poking anything from x86 malware binaries, ICS protocols to classic web security. He likes to share his thoughts and experiments on-stage using simple concepts and tools to demonstrate surprising results.
\nTwitter: @Gal_B1t
\n\n
\nDescription:
\nPut yourself in the shoes of a fraudster, you are trying to create a phishing website. Why inserting detectable unicode characters into a mostly-ASCII domain when you can register an entire domain in unicode? This is available when one uses a lesser-known feature called Internationalized Domain Name Top Level Domains (IDN TLD). Consider registering domains like google.com\'s lookalike in Hebrew - גוגל.קום, アマゾン.コム in Japanese instead of amazon.com or 微软.公司 which is the Chinese equivalent of microsoft.com.\n

Nekuda (dot in Hebrew) assists blue teamers to detect such domains. Its input is a string (e.g. the blue teamer\'s employer Brand name) and it emits over 150 potential IDN TLD domains and its registration status. It covers a potential gap in proactive phishing detection and prevention strategies and can be easily integrated into existing open-source tools like dnstwist.\n

\n\n\'',NULL,367456),('2_Friday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'IDN-Squatting Detector\'','\'Gal Bitensky\'','APV_56b4fdd1ad329e18fba5122c33a1649c','\'\'',NULL,367457),('2_Friday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'FlowMate and CSTC for Advanced Pentesting\'','\'Florian Haag,Matthias Göhring\'','APV_a4bdc60db6dd16de05e2f07aa02b47f0','\'Title: FlowMate and CSTC for Advanced Pentesting
\nWhen: Friday, Aug 11, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 3 - Map
\nSpeakers:Florian Haag,Matthias Göhring
\n
SpeakerBio:Florian Haag\n
\nFlorian Haag is a senior security consultant at usd AG with experience in penetration testing, software security assessments as well as code reviews. He is specialized in penetration tests of thick client applications, leveraging his background in software development to reverse engineer proprietary client applications and network protocols. In previous scientific work, he worked on novel approaches to application-level data flow analysis to improve penetration testing coverage. In addition, he analyzed website clones used in phishing campaigns and the frameworks that are used by fraudsters to create and operate cloned websites.
\n
SpeakerBio:Matthias Göhring\n
\nMatthias Göhring is security consultant and penetration tester at usd AG, an information security company based in Germany with the mission #moresecurity. He is Head of usd HeroLab, the division of usd specialized in technical security assessments. In addition, he holds lectures at Technical University Darmstadt and University of Applied Sciences Darmstadt on ethical hacking and penetration testing. In previous scientific work, he focused on network and communication security as well as software security.\n

Previous publications:
\n- Catching the Clones – Insights in Website Cloning Attacks, Risk Connect Conference, 2021\n- Path MTU Discovery Considered Harmful, IEEE 38th International Conference on Distributed Computing Systems (ICDCS), 2018\n- Tor Experimentation Tools, IEEE Security and Privacy Workshops, 2015\n- On randomness testing in physical layer key agreement, IEEE 2nd World Forum on Internet of Things (WF-IoT), 2015\n

\n\n
\nDescription:
\nWith our two open-source BurpSuite extensions FlowMate and the Cyber Security Transformation Chef (CSTC) we want to step up penetration testing of web applications to the next level. \nFlowMate is a plugin that helps to identify all data flows of a application by only analyzing requests to and responses from the target. In the background it creates a graph you can browse visually to identify data flows to test for injection vulnerabilities. \nThe CSTC like the swiss-army knive for pentesting. It enables you to define custom recipes that can be applied to outgoing or incoming requests. This gives you the possibility to alter HTTP messages in transit in various ways. The only limit here is your creativity.\n
\n\n\'',NULL,367458),('2_Friday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'FlowMate and CSTC for Advanced Pentesting\'','\'Florian Haag,Matthias Göhring\'','APV_a4bdc60db6dd16de05e2f07aa02b47f0','\'\'',NULL,367459),('2_Friday','13','13:15','13:59','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'The Dark Playground of CI/CD: Attack Delivery by GitHub Actions\'','\'Kiyohito Yamamoto,Yusuke Kubo\'','APV_2df7bc9211b8ea0812fff12f96a2166f','\'Title: The Dark Playground of CI/CD: Attack Delivery by GitHub Actions
\nWhen: Friday, Aug 11, 13:15 - 13:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\nSpeakers:Kiyohito Yamamoto,Yusuke Kubo
\n
SpeakerBio:Kiyohito Yamamoto\n, Security Engineer at NTT Communications
\nKiyohito Yamamoto works as an Security Engineer at NTT Communications, Japanese Telecommunication Company, and is also NTT Group Certified Security Principal. He served as a Senior Response Expert during the Tokyo Olympics and also conducted TLPT tests.
\n
SpeakerBio:Yusuke Kubo\n, Offensive Security Researcher at NTT Communications
\nYusuke Kubo works as an Offensive Security Researcher at NTT Communications, Japanese Telecommunication Company, and is also NTT Group Certified Security Principal. His responsibilities include researching attack techniques and providing RedTeam for internal. And he contributed to MITRE ATT&CK regarding Safe Mode Boot(T1562.009).
\n\n
\nDescription:
\nWe are investigating new attack vectors regarding a CICD service called Github Actions.\nThrough an analysis of GitHub Actions behavior on Windows, our research has discovered two attack techniques\n

・Malicious Custom Action
\n It is an attack technique to execute arbitrary TTPs from custom actions. Introduce two types, “Malicious JScript Composite Action” and “Malicious JavaScript Custom Action”.\n

・GitHub Actions C2
\n We will demonstrate a new C2 framework using self-hosted runner in GitHub Actions\n

In this presentation, we will provide a detailed explanation of these attack techniques, along with PoC code and demonstrations. We will also discuss real-world threats and provide insight on detection and mitigation strategies.\n

\n\n\'',NULL,367460),('2_Friday','14','14:00','14:45','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Living off the Land with Connectwise: How I Built An Attack Platform & Botnet in 23 lines of Python!\'','\'Ken Pyle\'','APV_7838b8adfe01d7169d0e323426e12085','\'Title: Living off the Land with Connectwise: How I Built An Attack Platform & Botnet in 23 lines of Python!
\nWhen: Friday, Aug 11, 14:00 - 14:45 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Ken Pyle\n
\nKen Pyle is a partner of CYBIR, specializing in exploit development, penetration testing, reverse engineering, and enterprise risk management. As a highly rated and popular lecturer he’s presented groundbreaking research at major industry events .
\nTwitter: @syngularity1
\n\n
\nDescription:
\nKen Pyle is a partner of CYBIR, specializing in exploit development, penetration testing, reverse engineering, and enterprise risk management. As a highly rated and popular lecturer he’s presented groundbreaking research at major industry events such as DEFCON, ShmooCon, Secureworld, HTCIA International, and others. He’s also discovered and published numerous critical software vulnerabilities in products from a wide range of companies that includes Cisco, Dell, Netgear, Sonicwall, HP, Datto, Kaseya, and ManageEngine, earning him multiple Hall of Fame acknowledgements for his work. Ken has been publishing DNS work and vulnerability research privately for a number of years. He began showing some of his work in the web application, DNS and IPv4 space at different cybersecurity conferences, with a focus on fixing sets of problems that had been deemed estoteric or limited.\n
\n\n\'',NULL,367461),('2_Friday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Faking GitHub Contributions\'','\'Alik Koldobsky,Tal Folkman\'','APV_d5d447037a373467dc41df3eb00d4d05','\'Title: Faking GitHub Contributions
\nWhen: Friday, Aug 11, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Workshop - Map
\nSpeakers:Alik Koldobsky,Tal Folkman
\n
SpeakerBio:Alik Koldobsky\n
\nAlik is a security researcher and software engineer at Checkmarx supply chain security group, leading the development of the behavior analysis engine of code packages.\n
\n
SpeakerBio:Tal Folkman\n
\nTal brings over 7 years of experience to her role as a principal supply chain security research within Checkmarx Supply Chain Security group. She is in charge of detecting tracking and stopping Opensource attacks.
\n\n
\nDescription:
\nWhen using Open Source Packages, we tend to rely on strangers to deliver us code. There are many ways to determine the legitimacy of a package, whether it will be the number of stars of the package or the maintainer \'s GitHub account credibility.\n

Unfortunately all you can see can be easily spoofed.\n

\n\n\'',NULL,367462),('2_Friday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Faking GitHub Contributions\'','\'Alik Koldobsky,Tal Folkman\'','APV_d5d447037a373467dc41df3eb00d4d05','\'\'',NULL,367463),('2_Friday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Threat modelling fun session with OWASP Cornucopia\'','\'Spyros Gasteratos\'','APV_c7d2d7334b8f8086fe528d41d5044795','\'Title: Threat modelling fun session with OWASP Cornucopia
\nWhen: Friday, Aug 11, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 1 - Map
\n
SpeakerBio:Spyros Gasteratos\n
\nSpyros is a Security Engineer with over a decade of experience in various organisations. Currently, he is helping Fintechs mature their AppSec programmes through automation. He maintains several Open Source projects including Dracon, opencre.org and others. Also, he is heavily involved with the OWASP foundation helping with outreach and diversity efforts.
\nTwitter: @0xfde
\n\n
\nDescription:
\nJoin us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!\n
\n\n\'',NULL,367464),('2_Friday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Threat modelling fun session with OWASP Cornucopia\'','\'Spyros Gasteratos\'','APV_c7d2d7334b8f8086fe528d41d5044795','\'\'',NULL,367465),('4_Sunday','10','10:00','11:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Threat modelling fun session with OWASP Cornucopia\'','\'Spyros Gasteratos\'','APV_1abbb16aa14beed52869a6da5c53fe20','\'Title: Threat modelling fun session with OWASP Cornucopia
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 1 - Map
\n
SpeakerBio:Spyros Gasteratos\n
\nSpyros is a Security Engineer with over a decade of experience in various organisations. Currently, he is helping Fintechs mature their AppSec programmes through automation. He maintains several Open Source projects including Dracon, opencre.org and others. Also, he is heavily involved with the OWASP foundation helping with outreach and diversity efforts.
\nTwitter: @0xfde
\n\n
\nDescription:
\nJoin us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!\n
\n\n\'',NULL,367466),('4_Sunday','11','10:00','11:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Threat modelling fun session with OWASP Cornucopia\'','\'Spyros Gasteratos\'','APV_1abbb16aa14beed52869a6da5c53fe20','\'\'',NULL,367467),('4_Sunday','12','12:00','13:59','N','APV','Flamingo - Savoy - AppSec Village','\'Threat modelling fun session with OWASP Cornucopia\'','\'Spyros Gasteratos\'','APV_30ad03294c72e0de124a52cf1d6d4680','\'Title: Threat modelling fun session with OWASP Cornucopia
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Map
\n
SpeakerBio:Spyros Gasteratos\n
\nSpyros is a Security Engineer with over a decade of experience in various organisations. Currently, he is helping Fintechs mature their AppSec programmes through automation. He maintains several Open Source projects including Dracon, opencre.org and others. Also, he is heavily involved with the OWASP foundation helping with outreach and diversity efforts.
\nTwitter: @0xfde
\n\n
\nDescription:
\nJoin us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!\n
\n\n\'',NULL,367468),('4_Sunday','13','12:00','13:59','Y','APV','Flamingo - Savoy - AppSec Village','\'Threat modelling fun session with OWASP Cornucopia\'','\'Spyros Gasteratos\'','APV_30ad03294c72e0de124a52cf1d6d4680','\'\'',NULL,367469),('2_Friday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'How to Hide Behavior from Security Tools\'','\'Mike Larkin\'','APV_fe5c945453324943e81db39951c4136b','\'Title: How to Hide Behavior from Security Tools
\nWhen: Friday, Aug 11, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 2 - Map
\n
SpeakerBio:Mike Larkin\n
\nMike Larkin is Founder/ CTO of Deepfactor. He’s a serial entrepreneur, having been Founder/CTO at RingCube (acq. by Citrix). Mike is the author of OpenBSD Hypervisor VMM and holds numerous patents.
\n\n
\nDescription:
\nDetecting application behavior by monitoring library and system calls is a popular technique employed by AppSec tools. These tools can monitor and log activity, block API requests, and so on. In this workshop, you will learn some techniques to keep your activities hidden from these types of tools, using uncommon / unmonitored APIs, using unmonitored processes as confused deputies, and other approaches. You will learn how popular monitoring frameworks like eBPF work and how to circumvent their monitoring capabilities.\n
\n\n\'',NULL,367470),('2_Friday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'How to Hide Behavior from Security Tools\'','\'Mike Larkin\'','APV_fe5c945453324943e81db39951c4136b','\'\'',NULL,367471),('2_Friday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Fix The Flag: A Secure Programming Competition\'','\'Pedram Hayati\'','APV_7a9f3e1b19ed623fdc1c5ab5a2208a78','\'Title: Fix The Flag: A Secure Programming Competition
\nWhen: Friday, Aug 11, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 3 - Map
\n
SpeakerBio:Pedram Hayati\n
\nDr. Pedram Hayati, Founder of SecTalks.org, Founder of SecDim.com. Senior lecturer at UNSW. Kite surfer. Lives in downunder
\nTwitter: @pi3ch
\n\n
\nDescription:
\nFind a security vulnerability in an app and get a score when you effectively fix it. The winner of the competition is the first person who fixes the vulnerability.\n
\n\n\'',NULL,367472),('2_Friday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Fix The Flag: A Secure Programming Competition\'','\'Pedram Hayati\'','APV_7a9f3e1b19ed623fdc1c5ab5a2208a78','\'\'',NULL,367473),('2_Friday','11','11:00','11:45','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Generative Adversarial Network (GAN) based autonomous penetration testing for Web Applications\'','\'Ankur Chowdhary\'','APV_5f727935b859b782a7e263a7dd95fcdc','\'Title: Generative Adversarial Network (GAN) based autonomous penetration testing for Web Applications
\nWhen: Friday, Aug 11, 11:00 - 11:45 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Ankur Chowdhary\n
\nDr. Ankur Chowdhary is a cybersecurity researcher. He received Ph.D. (2020) and M.S. (2015) with specialization in cybersecurity from Arizona State University (ASU). His research interests include appsec, cloud security and AI/ML in cybersecurity.
\n\n
\nDescription:
\nThe web application market has shown rapid growth in recent years. Current security research utilizes source code analysis, and manual exploitation of web applications to identify security vulnerabilities such as Cross-site Scripting, SQL Injection. The attack samples generated as part of web application penetration testing can be easily blocked using Web Application Firewalls (WAFs). In this talk, I will discuss the use of conditional generative adversarial network (GAN) to identify key features for XSS attacks, and train a generative model based on attack labels, and attack features. The attack features are identified using semantic tokenization, and the attack payloads are generated using conditional GAN. The generated attack samples can be used to target web applications protected by WAFs in an automated manner. This model scales well on a large-scale web application platform and saves significant effort invested by the penetration testing team.\n
\n\n\'',NULL,367474),('3_Saturday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Workshop','\'JWT Parkour\'','\'Louis Nyffenegger\'','APV_dea385eb764cbd328790195142c5be20','\'Title: JWT Parkour
\nWhen: Saturday, Aug 12, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Workshop - Map
\n
SpeakerBio:Louis Nyffenegger\n
\nLouis is a security engineer based in Melbourne, Australia. He is the founder of PentesterLab, a learning platform for web penetration testing.
\nTwitter: @snyff
\n\n
\nDescription:
\nNowadays, JSON Web Tokens are everywhere. They are used as session tokens, OAuth tokens or just to pass information between applications or microservices. By design, JWT contains a high number of security and cryptography pitfalls that creates interesting vulnerabilities. In this workshop, we are going to learn how to exploit some of those issues. \n

First, we are going to look at the old issues: the none algorithm, guessing/bruteforcing the hmac secret.\n

Then we will look at more recent issues like how an RSA public key can be computed from multiple signatures to exploit algorithm confusion and how the same attack can be done with ECDSA. We will also look at leveraging issues with the kid/jku/x5u. And finally how to leverage CVE-2022-21449 to bypass the signature mechanism. \n

\n\n\n\'',NULL,367475),('3_Saturday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Workshop','\'JWT Parkour\'','\'Louis Nyffenegger\'','APV_dea385eb764cbd328790195142c5be20','\'\'',NULL,367476),('3_Saturday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Hunt the Hacker - Detect compromises in your repositories!\'','\'GitGuardian\'','APV_7a6b2ef19a166420fcda99938aa2ef1f','\'Title: Hunt the Hacker - Detect compromises in your repositories!
\nWhen: Saturday, Aug 12, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 1 - Map
\n
SpeakerBio:GitGuardian\n
\nNo BIO available
\n\n
\nDescription:
\nPut on your blue team hat and learn to detect and remediate compromises in your software delivery pipeline. Whether you have a beginner, intermediate, or advanced level, we have challenges catered for you! Using honeytokens, uncover ongoing application security attacks and map the attack surface. Gain hands-on experience prioritizing threats and enhancing your defensive skills. Receive feedback and recommendations for improvement. Plus, participants will receive a cool T-shirt! Take advantage of this exciting and educational opportunity.\n
\n\n\'',NULL,367477),('3_Saturday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Hunt the Hacker - Detect compromises in your repositories!\'','\'GitGuardian\'','APV_7a6b2ef19a166420fcda99938aa2ef1f','\'\'',NULL,367478),('3_Saturday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Hunt the Hacker - Detect compromises in your repositories!\'','\'GitGuardian\'','APV_2d10b003bfba4d709750fefc7e62f5b1','\'Title: Hunt the Hacker - Detect compromises in your repositories!
\nWhen: Saturday, Aug 12, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 1 - Map
\n
SpeakerBio:GitGuardian\n
\nNo BIO available
\n\n
\nDescription:
\nPut on your blue team hat and learn to detect and remediate compromises in your software delivery pipeline. Whether you have a beginner, intermediate, or advanced level, we have challenges catered for you! Using honeytokens, uncover ongoing application security attacks and map the attack surface. Gain hands-on experience prioritizing threats and enhancing your defensive skills. Receive feedback and recommendations for improvement. Plus, participants will receive a cool T-shirt! Take advantage of this exciting and educational opportunity.\n
\n\n\'',NULL,367479),('3_Saturday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Hunt the Hacker - Detect compromises in your repositories!\'','\'GitGuardian\'','APV_2d10b003bfba4d709750fefc7e62f5b1','\'\'',NULL,367480),('2_Friday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'Hunt the Hacker - Detect compromises in your repositories!\'','\'GitGuardian\'','APV_15b28c2e753cd0ae2c677f3617b55251','\'Title: Hunt the Hacker - Detect compromises in your repositories!
\nWhen: Friday, Aug 11, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 4 - Map
\n
SpeakerBio:GitGuardian\n
\nNo BIO available
\n\n
\nDescription:
\nPut on your blue team hat and learn to detect and remediate compromises in your software delivery pipeline. Whether you have a beginner, intermediate, or advanced level, we have challenges catered for you! Using honeytokens, uncover ongoing application security attacks and map the attack surface. Gain hands-on experience prioritizing threats and enhancing your defensive skills. Receive feedback and recommendations for improvement. Plus, participants will receive a cool T-shirt! Take advantage of this exciting and educational opportunity.\n
\n\n\'',NULL,367481),('2_Friday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'Hunt the Hacker - Detect compromises in your repositories!\'','\'GitGuardian\'','APV_15b28c2e753cd0ae2c677f3617b55251','\'\'',NULL,367482),('4_Sunday','10','10:00','11:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'Hunt the Hacker - Detect compromises in your repositories!\'','\'GitGuardian\'','APV_a0f0a6d187762bbbc2b9403f791ff595','\'Title: Hunt the Hacker - Detect compromises in your repositories!
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 2 - Map
\n
SpeakerBio:GitGuardian\n
\nNo BIO available
\n\n
\nDescription:
\nPut on your blue team hat and learn to detect and remediate compromises in your software delivery pipeline. Whether you have a beginner, intermediate, or advanced level, we have challenges catered for you! Using honeytokens, uncover ongoing application security attacks and map the attack surface. Gain hands-on experience prioritizing threats and enhancing your defensive skills. Receive feedback and recommendations for improvement. Plus, participants will receive a cool T-shirt! Take advantage of this exciting and educational opportunity.\n
\n\n\'',NULL,367483),('4_Sunday','11','10:00','11:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'Hunt the Hacker - Detect compromises in your repositories!\'','\'GitGuardian\'','APV_a0f0a6d187762bbbc2b9403f791ff595','\'\'',NULL,367484),('3_Saturday','11','11:00','12:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'Secure Code Review Challenge\'','\'Alon Lerner\'','APV_53a9795b7d58a8f5ad8e0b4d8d76a3b9','\'Title: Secure Code Review Challenge
\nWhen: Saturday, Aug 12, 11:00 - 12:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 2 - Map
\n
SpeakerBio:Alon Lerner\n
\n10 years experience in offensive hacking and application security
\n\n
\nDescription:No Description available
\n\'',NULL,367485),('3_Saturday','12','11:00','12:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'Secure Code Review Challenge\'','\'Alon Lerner\'','APV_53a9795b7d58a8f5ad8e0b4d8d76a3b9','\'\'',NULL,367486),('3_Saturday','11','11:45','12:30','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Discovering Shadow Vulnerabilities in Popular Open-Source Projects: A Reverse-Fuzzing Journey\'','\'Gal Elbaz,Guy Kaplan\'','APV_f970ab453590b540f4fc69edff6d2121','\'Title: Discovering Shadow Vulnerabilities in Popular Open-Source Projects: A Reverse-Fuzzing Journey
\nWhen: Saturday, Aug 12, 11:45 - 12:30 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\nSpeakers:Gal Elbaz,Guy Kaplan
\n
SpeakerBio:Gal Elbaz\n
\nCo-founder & CTO at Oligo Security with 10+ years of experience in vulnerability research and practical hacking. He previously worked as a Security Researcher at CheckPoint and served in the IDF Intelligence. In his free time, he enjoys playing CTFs.
\nTwitter: @GalElbaz1
\n
SpeakerBio:Guy Kaplan\n
\nGuy Kaplan is a Security Researcher in the CTO Office of Oligo Security with more than a decade of experience in software development and vulnerability research.
\nTwitter: @gkpln3
\n\n
\nDescription:
\nIn a world full of vulnerabilities, there is an untold story of those libraries that are insecure by design. For example, libraries that by using them in a certain way, the application could be compromised. Not all libraries\' security issues are treated as vulnerabilities and addressed with a patch or CVE, hence addressed with minor documentation warnings at best. These vulnerabilities pose a significant risk to organizations as they are nearly impossible to detect, we named them \"Shadow Vulnerabilities\". \n

We discovered a new shadow vulnerable code pattern in a widely used OSS library and wondered who might be vulnerable.\n

We developed a tool that automatically analyzed more than 100k repositories to determine whether each repository is vulnerable and prioritized them based on their potential to create vast damage. We were able to validate the exploitability of hundreds of high-profile targets such as Apache Cassandra, Prometheus, PyTorch, and many more…\n

In this presentation, we will review the discovered vulnerabilities, and discuss the challenges of scaling the triage, validating exploitation, and building a reliable infrastructure. We will use Apache Cassandra to demonstrate how we validated the attack vector for each target, sharing the exploitation details of the critical RCE we found, and its implications on a database-as-a-service used by multiple cloud providers.\n

Although reporting and working with OSS projects security teams on resolving these issues was addressed quickly, still no CVE was assigned. Both project owners and library owners claimed the responsibility to use it “safely” is on the users themselves. The result is that most users are vulnerable and have no process to fix this or even be aware of it.\n

We believe it is vital to raise community awareness of shadow vulnerabilities, as we only scratched the surface with one example out of many more that are still out there.\n

\n\n\'',NULL,367487),('3_Saturday','12','11:45','12:30','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Discovering Shadow Vulnerabilities in Popular Open-Source Projects: A Reverse-Fuzzing Journey\'','\'Gal Elbaz,Guy Kaplan\'','APV_f970ab453590b540f4fc69edff6d2121','\'\'',NULL,367488),('3_Saturday','12','12:30','13:30','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Not All Alerts Are Born Equal: Insights from AppSec Experts on Prioritizing Security Alerts\'','\'Joe Christian,Kunal Bhattacharya,Shahar Man,Trupti Shiralkar\'','APV_3078f3da356771503983cea7d28bc6e7','\'Title: Not All Alerts Are Born Equal: Insights from AppSec Experts on Prioritizing Security Alerts
\nWhen: Saturday, Aug 12, 12:30 - 13:30 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\nSpeakers:Joe Christian,Kunal Bhattacharya,Shahar Man,Trupti Shiralkar
\n
SpeakerBio:Joe Christian\n
\nJoe Christian currently serves as the Engineering Manager for the DevSecOps Platforms team at Paylocity. Previously, Joe held leadership positions at Brex and Zappos. Joe is also a Cyber Defense Ph.D. student at Dakota State University.
\nTwitter: @Jo3Ram
\n
SpeakerBio:Kunal Bhattacharya\n
\nA Security Leader, Organization builder and mentor who helps organizations build robust Cyber defense and detection capabilities. I do this by building Secure SDL processes and machination encapsulating Shiftleft strategy, SecDevOps, Cloud and Penetration testing. My prior experience in all phases of Application development, System and database administration and Quality engineering helps me in building lasting relationships with peers in engineering and product organizations and working towards shared security goals.
\n
SpeakerBio:Shahar Man\n
\nPassionate about building and leading teams, I have successfully grown Engineering and Product teams from scratch, leveraging Agile methodologies. My focus lies in Application and Cloud Security, advocating for context-driven AppSec decisions.\n\n
\n
SpeakerBio:Trupti Shiralkar\n
\nTrupti Shiralkar is a Sr Engineering Manager at Datadog. Her 15+ years of industry experience ranges from Fortune 500s to small startups including Illumio, Amazon, Hewlett Packard, Q2ebanking and ATSEC Information Security. She holds a Master of Science degree in Information Security from Johns Hopkins University Information Security Institute (JHUISI) and several security certifications. As a product security leader and seasoned public speaker, she is committed to sharing her knowledge to influence positive security and reduce organization wide risk. She holds a patent for secure and anonymous electronic polling.
\nTwitter: @tshiralkar
\n\n
\nDescription:
\nIn today\'s threat landscape, security teams are overwhelmed with the number of alerts generated by their security stack. However, not all alerts are equally critical, and it\'s essential to prioritize them based on their severity and context impact on the organization. In this panel discussion, our AppSec experts will share their experiences and insights on how to effectively prioritize alerts and reduce alert fatigue. They will discuss best practices for triaging alerts, techniques to automate the process, and strategies to ensure that the most critical alerts receive immediate attention. Join us to learn from the experts on how to effectively manage security alerts and improve your organization\'s security posture.\n\n\n\n
\n\'',NULL,367489),('3_Saturday','13','12:30','13:30','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Not All Alerts Are Born Equal: Insights from AppSec Experts on Prioritizing Security Alerts\'','\'Joe Christian,Kunal Bhattacharya,Shahar Man,Trupti Shiralkar\'','APV_3078f3da356771503983cea7d28bc6e7','\'\'',NULL,367490),('3_Saturday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Secure from Scratch: Secure Code Workshop for DEF CON Kids\'','\'Or Sahar,Yariv Tal\'','APV_5edc39dd93ca93962b0f0113759a9742','\'Title: Secure from Scratch: Secure Code Workshop for DEF CON Kids
\nWhen: Saturday, Aug 12, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Workshop - Map
\nSpeakers:Or Sahar,Yariv Tal
\n
SpeakerBio:Or Sahar\n
\nTwo decades of software development and security\nexperience including penetration testing, application security, and secure code instruction. She holds a BSC in software engineering and is OSCE certified. \nThere are several CVEs to her name.
\nTwitter: @securylight
\n
SpeakerBio:Yariv Tal\n
\nSenior developer turned security researcher, with 4 decades of programming experience, university lecturing and mentoring at bootcamps, he has a fresh look at the world of security, as an outsider looking in.
\nTwitter: @YarivDevMentor
\n\n
\nDescription:
\nWant to learn how to stop hackers in their tracks?\nCome to the Secure From Scratch coding workshop.\nLearn what you need to know to write secure code from the very first line of code.\nIt\'s surprisingly easy!\n

(Some coding experience in either C#, Java, Python or C++ required. You need to know loops, if, arrays and functions).\n

\n\n\'',NULL,367491),('3_Saturday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Secure from Scratch: Secure Code Workshop for DEF CON Kids\'','\'Or Sahar,Yariv Tal\'','APV_5edc39dd93ca93962b0f0113759a9742','\'\'',NULL,367492),('3_Saturday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'How to Hide Behavior from Security Tools\'','\'Deepfactor\'','APV_f04d2ca47fea20adf3f678feadda4352','\'Title: How to Hide Behavior from Security Tools
\nWhen: Saturday, Aug 12, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 2 - Map
\n
SpeakerBio:Deepfactor\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367493),('3_Saturday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'How to Hide Behavior from Security Tools\'','\'Deepfactor\'','APV_f04d2ca47fea20adf3f678feadda4352','\'\'',NULL,367494),('3_Saturday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'How to Hide Behavior from Security Tools\'','\'Deepfactor\'','APV_282a8f5d261ee70664976eec28dd5989','\'Title: How to Hide Behavior from Security Tools
\nWhen: Saturday, Aug 12, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 2 - Map
\n
SpeakerBio:Deepfactor\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367495),('3_Saturday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'How to Hide Behavior from Security Tools\'','\'Deepfactor\'','APV_282a8f5d261ee70664976eec28dd5989','\'\'',NULL,367496),('4_Sunday','12','12:00','13:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'How to Hide Behavior from Security Tools\'','\'Deepfactor\'','APV_deaf80248bcc83a1c28b5583fe1a37d1','\'Title: How to Hide Behavior from Security Tools
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 3 - Map
\n
SpeakerBio:Deepfactor\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367497),('4_Sunday','13','12:00','13:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'How to Hide Behavior from Security Tools\'','\'Deepfactor\'','APV_deaf80248bcc83a1c28b5583fe1a37d1','\'\'',NULL,367498),('3_Saturday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Open Source API Security for devsecops\'','\'Ankita Gupta,Ankush Jain\'','APV_c16b0e7f552b63830bf81d06e33368c0','\'Title: Open Source API Security for devsecops
\nWhen: Saturday, Aug 12, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 3 - Map
\nSpeakers:Ankita Gupta,Ankush Jain
\n
SpeakerBio:Ankita Gupta\n
\nAnkita is the co-founder and CEO of Akto.io. Prior to Akto she has experience working in VMware, LinkedIn and JP Morgan. She holds MBA from Dartmouth College and Bachelors in Technology from IIT Roorkee.
\nTwitter: @ankitaiitr
\n
SpeakerBio:Ankush Jain\n
\nAnkush is the co-founder & CTO at Akto (https://www.akto.io). Prior to starting Akto he worked at CleverTap as VP of Engineering. He has also worked for 5 years as a Quant at Morgan Stanley. He has acquired US patents at Microsoft at CleverTap.
\nTwitter: @Ankush12389
\n\n
\nDescription:
\nWe want to present in Arsenal. Akto is an open source API Security product. During the session, we will showcase how to:\n
    \n
  1. Automate your API inventory and generate open API spec file \n
  2. We will teach how to write custom test for security testing with live demo of 20+ custom business logic tests.\n
  3. Automate API security testing in CI/CD with GitHub Actions as an example
\n\n\'',NULL,367499),('3_Saturday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Open Source API Security for devsecops\'','\'Ankita Gupta,Ankush Jain\'','APV_c16b0e7f552b63830bf81d06e33368c0','\'\'',NULL,367500),('3_Saturday','13','13:30','14:15','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Dress Code - Analysis of the current status of the Content Security Policy\'','\'Felipe Molina\'','APV_fbd8dae0e99f28f6664a1a6b39f80f7e','\'Title: Dress Code - Analysis of the current status of the Content Security Policy
\nWhen: Saturday, Aug 12, 13:30 - 14:15 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Felipe Molina\n
\nFelipe Molina is a Spaniard hacker working in the SensePost Team at Orange Cyberdefense. He loves Andalusia, to hack, drink beer, barbecue with family and friends, deep diving into new software to find cool vulnerabilities.
\nTwitter: @felmoltor
\n\n
\nDescription:
\nContent Security Policy (CSP) has been in support by most modern browsers for a while now. The RFC of the first version was released in 2014. Almost 10 years later, and with version 3 recently released, a far-reaching study of CSP deployment across the Internet was due.\n

The top one million most popular sites were scanned and their CSP related headers were stored. The values of the CSP headers were analysed to answer several questions. How popular is this security measure nowadays. What are common pitfalls and misconfigurations within CSP headers. How often do sites enable reporting of violations to take a more proactive approach? Do sites blindly trust third parties such as content delivery networks and how can this trust be abused.\n

This talk will cover the results of the analysis against real world data and answer the previous questions. Additionally, it will present practical exploitation examples and provide with effective hardening and mitigation to the detected weaknesses.\n

\n\n\'',NULL,367501),('3_Saturday','14','13:30','14:15','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Dress Code - Analysis of the current status of the Content Security Policy\'','\'Felipe Molina\'','APV_fbd8dae0e99f28f6664a1a6b39f80f7e','\'\'',NULL,367502),('3_Saturday','14','14:15','14:59','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'MitmWs: A new way to pentest websocket applications\'','\'Jon F\'','APV_7c941beb2d6e1148ab5b79d635da61de','\'Title: MitmWs: A new way to pentest websocket applications
\nWhen: Saturday, Aug 12, 14:15 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Jon F\n
\nBeen hacking professionally (and ethically) for over 10 years. Primarily pentest web applications & the odd desktop application.
\n\n
\nDescription:
\nMitmWs is a pentesting HTTP proxy created specifically for testing applications that use websockets. Websocket applications present unique challenges to pentesters. The the asynchronous nature of the conversation, the often times statefulness of the conversation and the sometimes tricky timing requirements of specific messages are all challenges that MitmWs helps mitigate.\n
\n\n\'',NULL,367503),('3_Saturday','15','15:00','15:45','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'SusParams: Hypercharge your web testing with DATA\'','\'Jason Haddix\'','APV_0dc39b3b1d679217d3f36b5e8410af0f','\'Title: SusParams: Hypercharge your web testing with DATA
\nWhen: Saturday, Aug 12, 15:00 - 15:45 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Jason Haddix\n, CISO and “Hacker in Charge” at BuddoBot
\nJason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He\'s had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd\'s leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
\nTwitter: @jhaddix
\n\n
\nDescription:
\nSusParams is a testing dataset for offensive security folk assessing web technologies. Years ago, I released a tool called HUNT at DEF CON and Blackhat Arsenal. The secret sauce was a dataset of commonly vulnerable parameters to certain web vulnerability types. This dataset was created using statistical analysis of over 18,000 parameters. Jhaddix and Gunnar have extended this research to over 40,000 parameters. Our data sources have expanded into hackerone hacktivity, 5 years of recent CVE data, XSSed.com, and more!\n

Join us as we release this epic tool and helper scripts to supercharge your offensive web hacking.\n

\n\n\'',NULL,367504),('3_Saturday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Per-mission Impossible: Exploring the Android Permission Model and Intents\'','\'Miłosz Gaczkowski,William Taylor\'','APV_a3f2eced9413914b3b4e44db8b04c373','\'Title: Per-mission Impossible: Exploring the Android Permission Model and Intents
\nWhen: Saturday, Aug 12, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Workshop - Map
\nSpeakers:Miłosz Gaczkowski,William Taylor
\n
SpeakerBio:Miłosz Gaczkowski\n
\nMiłosz is a mobile security specialist at WithSecure, having previously spent entirely too much time working in academia\n

His work revolves around mobile security. Outside of technical work, his interests are in education and the culture of education\n

\nTwitter: @cyberMilosz
\n
SpeakerBio:William Taylor\n
\nSecurity consultant with an interest in mobile security supported by a background in embedded mobile engineering. I used to make them work; now I break them, professionally and ethically.
\n\n
\nDescription:
\nThe way in which Android applications talk to each other is often misunderstood, and it is entirely too common to see apps whose sensitive functionality is completely open to anyone who asks nicely.\n

This workshop will cover several case studies of overly permissive apps/devices found in the wild, including an OEM\'s voice recorder application that could be made to start and stop voice recordings without the user\'s knowledge.\n

We will go over common implementation flaws, play around with exploiting them from the perspective of an unprivileged application, and explore how an understanding of Android permissions could help us avoid these mistakes.\n

\n\n\'',NULL,367505),('3_Saturday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Per-mission Impossible: Exploring the Android Permission Model and Intents\'','\'Miłosz Gaczkowski,William Taylor\'','APV_a3f2eced9413914b3b4e44db8b04c373','\'\'',NULL,367506),('3_Saturday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Fix The Flag - Battle Challenge\'','\'Pedram Hayati\'','APV_2864a96084005c575e56634144c1b8e3','\'Title: Fix The Flag - Battle Challenge
\nWhen: Saturday, Aug 12, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 3 - Map
\n
SpeakerBio:Pedram Hayati\n
\nDr. Pedram Hayati, Founder of SecTalks.org, Founder of SecDim.com. Senior lecturer at UNSW. Kite surfer. Lives in downunder
\nTwitter: @pi3ch
\n\n
\nDescription:
\nFind a security vulnerability in an app and get a score when you effectively fix it. The winner of the competition is the first person who fixes the vulnerability.\n
\n\n\'',NULL,367507),('3_Saturday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Fix The Flag - Battle Challenge\'','\'Pedram Hayati\'','APV_2864a96084005c575e56634144c1b8e3','\'\'',NULL,367508),('3_Saturday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'Faking GitHub Reputation\'','\'Checkmarx\'','APV_f2bea2c4612a7b3d1cc66cff76c09e82','\'Title: Faking GitHub Reputation
\nWhen: Saturday, Aug 12, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 4 - Map
\n
SpeakerBio:Checkmarx\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367509),('3_Saturday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'Faking GitHub Reputation\'','\'Checkmarx\'','APV_f2bea2c4612a7b3d1cc66cff76c09e82','\'\'',NULL,367510),('4_Sunday','12','12:00','13:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'Faking GitHub Reputation\'','\'Checkmarx\'','APV_8bd431c2bd0434f71fb85dba6a378fc5','\'Title: Faking GitHub Reputation
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 4 - Map
\n
SpeakerBio:Checkmarx\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367511),('4_Sunday','13','12:00','13:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 4','\'Faking GitHub Reputation\'','\'Checkmarx\'','APV_8bd431c2bd0434f71fb85dba6a378fc5','\'\'',NULL,367512),('3_Saturday','15','15:45','16:30','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Securing the Front Lines: Protecting Front-End Applications from Overlooked Vulnerabilities\'','\'Dohyeon Kim,WooWon Kang\'','APV_bb9e0858fea57418d054a4f11f46b8dd','\'Title: Securing the Front Lines: Protecting Front-End Applications from Overlooked Vulnerabilities
\nWhen: Saturday, Aug 12, 15:45 - 16:30 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\nSpeakers:Dohyeon Kim,WooWon Kang
\n
SpeakerBio:Dohyeon Kim\n
\nDohyeon is a full-stack engineer with cybersecurity background in his early career. Woowon is a security researcher who specializes in web application security. They have won multiple CTFs, including DEF CON 2022.
\n
SpeakerBio:WooWon Kang\n
\nI have over 8 years of experience in web application security research and consulting across various industries, and won many CTFs, including 2022 DEF CON CTF.
\nTwitter: @wooeong337
\n\n
\nDescription:
\nFinding complex vulnerabilities is important, but for companies, it can be more important to mitigate against vulnerabilities that are relatively less difficult to exploit.\n

We are going to discuss vulnerabilities exposed on the internet, that are easily missed but can have a big impact. We will talk about ways to identify front-end attack surfaces, the impact they can have, and methods for securing the endpoint of applications.\n

\n\n\'',NULL,367513),('3_Saturday','16','15:45','16:30','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Securing the Front Lines: Protecting Front-End Applications from Overlooked Vulnerabilities\'','\'Dohyeon Kim,WooWon Kang\'','APV_bb9e0858fea57418d054a4f11f46b8dd','\'\'',NULL,367514),('3_Saturday','16','16:30','17:15','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Breaking Barriers: A Deep Dive into Bypassing Next-Gen 2FA and MFA Security Measures\'','\'Muhammad Shahmeer\'','APV_de31de6529c99621de869351f721e56a','\'Title: Breaking Barriers: A Deep Dive into Bypassing Next-Gen 2FA and MFA Security Measures
\nWhen: Saturday, Aug 12, 16:30 - 17:15 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Muhammad Shahmeer\n
\nShahmeer Amir iise 3rd most accomplished bug hunter who has helped over 400 Fortune companies. He has founded multiple companies. He is a keynote speaker on Cyber Security, Blockchain at including Blackhat, GiSec, FIC, AEC Alberta, Hackfest
\nTwitter: @Shahmeer_Amir
\n\n
\nDescription:
\nAs cyberattacks become more sophisticated, companies are increasingly relying on two-factor authentication (2FA) and multi-factor authentication (MFA) to protect their assets. However, these security measures are not foolproof and can be bypassed by determined attackers. In this presentation, we will take a deep dive into the techniques used by attackers to bypass next-generation 2FA and MFA security measures.\n

We will begin by discussing the limitations of 2FA and MFA and why they can be vulnerable to attacks. Then we will demonstrate a variety of attacks used by attackers to bypass these security measures, including phishing attacks, man-in-the-middle attacks, and SIM swapping attacks. We will also explore more advanced techniques such as exploiting vulnerabilities in authentication protocols and exploiting weaknesses in mobile authentication applications.\n

Throughout the presentation, we will provide real-world examples of successful attacks that have bypassed 2FA and MFA, highlighting the impact of such attacks on businesses and organizations. We will also discuss the latest trends and developments in 2FA and MFA security and the steps organizations can take to improve their security posture.\n

By the end of the presentation, attendees will have a better understanding of the vulnerabilities in 2FA and MFA security measures and how attackers can exploit them. They will also gain practical knowledge and tools to help them better protect their organizations against these types of attacks.\n

\n\n\'',NULL,367515),('3_Saturday','17','16:30','17:15','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Breaking Barriers: A Deep Dive into Bypassing Next-Gen 2FA and MFA Security Measures\'','\'Muhammad Shahmeer\'','APV_de31de6529c99621de869351f721e56a','\'\'',NULL,367516),('4_Sunday','09','09:30','10:15','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'WAF: Making a Problematic Security Tool Suck Less\'','\'Emile Spir,Emmanuelle Lejeail\'','APV_6a993619464eab23cbb6e60c12077797','\'Title: WAF: Making a Problematic Security Tool Suck Less
\nWhen: Sunday, Aug 13, 09:30 - 10:15 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\nSpeakers:Emile Spir,Emmanuelle Lejeail
\n
SpeakerBio:Emile Spir\n
\nBuild, operate, fight WAF & RASP solutions. Then jump off planes. Ex-Sqreen, now Datadog.
\nTwitter: @Taiki__San
\n
SpeakerBio:Emmanuelle Lejeail\n
\nEmmanuelle is a data and security enthusiast. She started her career working on machine learning models for 4 years. Last year, she joined Datadog to work on application security. Since then she has tried improving WAF rules thanks to AI.
\nTwitter: @ManuLejeail
\n\n
\nDescription:
\nThe WAF. The world\'s most beloved security tool after antiviruses and password complexity requirements. The speakers spent the last five years working on making them suck less and operating one at a global scale. By sharing war stories, mistakes and discoveries, we will provide the audience with tools and strategies to make their WAF experience more palatable. Whether you\'re a WAF operator, user or vendor, you will get actionable takeaways from our ordeal^W^W^W experience.\n

First, we will share our learnings on creating a generic set of rules with low noise. This will go from a better understanding of real world attacks to common false positive patterns. We will also cover strategies to catch issues in rules at scale and expand the coverage of new unknown attacks.\n

\n\n\'',NULL,367517),('4_Sunday','10','09:30','10:15','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'WAF: Making a Problematic Security Tool Suck Less\'','\'Emile Spir,Emmanuelle Lejeail\'','APV_6a993619464eab23cbb6e60c12077797','\'\'',NULL,367518),('4_Sunday','10','10:00','11:59','N','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Enhancing Security for ReactJS Applications: Exploring Advanced Defense Techniques\'','\'Jim Manico\'','APV_3bc45fd35824cb1a3e656eb08da9d522','\'Title: Enhancing Security for ReactJS Applications: Exploring Advanced Defense Techniques
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Workshop - Map
\n
SpeakerBio:Jim Manico\n
\nJim Manico is the founder of Manicode Security, training devs on secure coding. He advises/invests in companies like 10Security, MergeBase. A speaker, Java Champion, and author of \"Iron-Clad Java.\" Active in OWASP, co-leading projects like ASVS.
\nTwitter: @manicode
\n\n
\nDescription:
\nAs we explore the digital world, client-side security risks, such as Cross-Site Scripting (XSS) and unintended privileged information leaks, remain significant concerns. These challenges have long troubled web application developers, underscoring the need for evolving security practices.\n

ReactJS, a prominent framework in today\'s tech landscape, has taken strides to mitigate such threats, offering automatic defenses against Cross-Site Scripting. However, building secure ReactJS applications requires in-depth knowledge and specialized expertise.\n

In this presentation, we will delve into the realm of general-purpose Cross-Site Scripting defense and various client-side security strategies within the ReactJS framework. ReactJS developers of all levels are invited to join us as we explore advanced techniques and practical recommendations that can elevate your approach to ReactJS security.\n

Our discussion will cover several important topics:\n

\n

Join us for an informative session that aims to enhance your skill set and bolster your defense strategies for creating more secure ReactJS applications. Let\'s navigate the intricacies of ReactJS security together, empowering ourselves with advanced defense techniques to foster a secure environment for application development.\n

\n\'',NULL,367519),('4_Sunday','11','10:00','11:59','Y','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Enhancing Security for ReactJS Applications: Exploring Advanced Defense Techniques\'','\'Jim Manico\'','APV_3bc45fd35824cb1a3e656eb08da9d522','\'\'',NULL,367520),('4_Sunday','10','10:00','11:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Secure Code Review Challenge\'','\'Checkmarx\'','APV_c55d53661b88e9afc02b810830ad406c','\'Title: Secure Code Review Challenge
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 1 - Map
\n
SpeakerBio:Checkmarx\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367521),('4_Sunday','11','10:00','11:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 1','\'Secure Code Review Challenge\'','\'Checkmarx\'','APV_c55d53661b88e9afc02b810830ad406c','\'\'',NULL,367522),('4_Sunday','10','10:00','11:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Pasteur - A C++ library to eliminate injections\'','\'Yariv Tal\'','APV_3076d50e1a3c06d0bf3410a209e0380e','\'Title: Pasteur - A C++ library to eliminate injections
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 3 - Map
\n
SpeakerBio:Yariv Tal\n
\nSenior developer turned security researcher, with 4 decades of programming experience, university lecturing and mentoring at bootcamps, he has a fresh look at the world of security, as an outsider looking in.
\nTwitter: @YarivDevMentor
\n\n
\nDescription:
\nEnables forwarding mixed trusted/untrusted concatenated data that can be sanitized at the point of use, when the sanitization requirements are known, instead of at the point of input.\n

Examples:
\nWith Pasteur this classic sql injection code\nsql << pstr / \"select email from demo.useremails where username = \" + name + \" and type=\" + emailType;\nis automatically converted into a parameterized sql query\n

This os injection code
\nSystem(pstr / \"ping \" + hostname)
\nautomatically sanitizes the hostname parameter.\n

See more at https://github.com/SecureFromScratch/pasteur\n

\n\n\'',NULL,367523),('4_Sunday','11','10:00','11:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 3','\'Pasteur - A C++ library to eliminate injections\'','\'Yariv Tal\'','APV_3076d50e1a3c06d0bf3410a209e0380e','\'\'',NULL,367524),('4_Sunday','12','12:30','13:15','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Unveiling the Dual Nature of ChatGPT and Copilot in Secure Development\'','\'Kalyani Pawar\'','APV_60edc05cdafd8e2a599d7c3d8ad4a363','\'Title: Unveiling the Dual Nature of ChatGPT and Copilot in Secure Development
\nWhen: Sunday, Aug 13, 12:30 - 13:15 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Kalyani Pawar\n
\nKalyani is an AppSec engineer at heart, navigating the dynamic world of startups. Currently, she works at a Series F startup called Zipline, on securing their drones and infrastructure. You can find her playing with legos when not with her laptop.
\n\n
\nDescription:
\nIn this session, attendees will explore the combined power of ChatGPT and Copilot to transform application security across the SDLC. Learn how these AI tools can streamline threat modeling, identify and remediate vulnerabilities, and educate developers to enforce secure coding practices. They will also discover how Copilot delivers real-time code suggestions that comply to secure coding rules and also generates security-focused test cases. Attendees will leave equipped with practical applications and insights into AI-driven application security, ready to integrate these tools into their security engineering practices with precaution.\n
\n\n\'',NULL,367525),('4_Sunday','13','12:30','13:15','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Unveiling the Dual Nature of ChatGPT and Copilot in Secure Development\'','\'Kalyani Pawar\'','APV_60edc05cdafd8e2a599d7c3d8ad4a363','\'\'',NULL,367526),('4_Sunday','11','11:00','11:45','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Threat modeling-based application security pipeline\'','\'Larkins Carvalho,Nielet D\'mello\'','APV_f48fff4330ae69e2474747fdbe842f1e','\'Title: Threat modeling-based application security pipeline
\nWhen: Sunday, Aug 13, 11:00 - 11:45 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\nSpeakers:Larkins Carvalho,Nielet D\'mello
\n
SpeakerBio:Larkins Carvalho\n
\nLarkins is a product security engineer,\na builder by nature who loves to build solutions to various application security challenges with a developer centric mindset making security accessible early in the application lifecycle.
\nTwitter: @larkinscarvalho
\n
SpeakerBio:Nielet D\'mello\n
\nNielet is a Security engineer at Datadog with a focus on Appsec for the products used by customers globally for observability. \nShe loves to share her learnings via writing publicly and also mentoring at grad schools.
\n\n
\nDescription:
\nApplication security reviews are performed to proactively discover and mitigate vulnerabilities in applications and services being developed or deployed in order to reduce risk. It includes any or all of these activities: threat modeling, in-depth secure code review and dynamic testing.\n

In a fast-paced and engineering-heavy organizations, these are typically non-blocking and can be seen as a security pipeline defining roles and responsibilities, scope of the review, a priority queue based on business risk profiling, expected outcomes and risk findings across the application.\n

We start with a strong foundation for secure design by performing a security design review focused on threat modeling to derive security requirements and test plans. This is followed by an in-depth secure code review and dynamic testing / validation. \n

As we progress through the application lifecycle, if secure code reviews uncover high risk code changes and vulnerabilities or penetration testing results point to exploitable findings this indicates a need to do better threat modeling.\n

The success of this in terms of scaling and maturity depends on three factors working in tandem: tools, processes and people. Therefore, we need to leverage a security pipeline approach for well defined structure and automation.. \n

In this talk, we will cover:
\n- creating a structure for these reviews based on their scope and priority\n- calibrating reviews as a team and organization\n- leveraging partnerships like security champions (engineers) as key players who are not responsible for the pipeline but help move the pipeline further\n- capturing key risk and remediation metrics\n- building automation and tooling centered around for threat modeling in a complete security assessment\n

\n\'',NULL,367527),('4_Sunday','11','11:45','12:30','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Android Applications and APIs hacking\'','\'Gabrielle Botbol\'','APV_2087fcecfc306d6b977fd8ff3a0595cc','\'Title: Android Applications and APIs hacking
\nWhen: Sunday, Aug 13, 11:45 - 12:30 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Gabrielle Botbol\n
\nGabrielle Botbol is a pentester and cybersecurity blogger. She created a self-study program to become a pentester and focuses on democratizing infosec. Gabrielle is on Advisory Boards and has won multiple awards for her cyber community contributions
\nTwitter: @Gabrielle_BGB
\n\n
\nDescription:
\nAs mobile devices have become increasingly prevalent, the security of Android applications has become a critical concern. \nPentesting is an essential process for identifying and mitigating potential vulnerabilities in these applications, but Android app hacking is a specialized area that is less well-documented than other pentesting techniques. \nIn this session, the focus will be on how to pentest Android apps and their APIs. \n

The presentation will address key questions such as what Android pentesting is, how to set up an Android App pentest lab, and how to pentest an Android App and its APIs from start to finish. \n

Participants will leave the session with tips and resources for learning, practicing, and setting up a complete set of tools for Android application pentesting, including detailed examples on a purposefully vulnerable application. \nThe goal is to equip attendees with the knowledge and skills necessary to conduct thorough and effective pentests of Android applications.\n

\n\'',NULL,367528),('4_Sunday','12','11:45','12:30','Y','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Android Applications and APIs hacking\'','\'Gabrielle Botbol\'','APV_2087fcecfc306d6b977fd8ff3a0595cc','\'\'',NULL,367529),('4_Sunday','12','12:00','13:59','N','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Secure from Scratch: Secure Code Workshop\'','\'Or Sahar\'','APV_9927cd4b81b2366b92ebff0513c92592','\'Title: Secure from Scratch: Secure Code Workshop
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Workshop - Map
\n
SpeakerBio:Or Sahar\n
\nTwo decades of software development and security\nexperience including penetration testing, application security, and secure code instruction. She holds a BSC in software engineering and is OSCE certified. \nThere are several CVEs to her name.
\nTwitter: @securylight
\n\n
\nDescription:
\nWant to learn how to stop hackers in their tracks?\nCome to the Secure From Scratch coding workshop.\nLearn what you need to know to write secure code from the very first line of code.\nIt\'s surprisingly easy!\n

(Some coding experience in either C#, Java, Python or C++ required. You need to know loops, if, arrays and functions).\n

\n\n\'',NULL,367530),('4_Sunday','13','12:00','13:59','Y','APV','Flamingo - Savoy - AppSec Village - Workshop','\'Secure from Scratch: Secure Code Workshop\'','\'Or Sahar\'','APV_9927cd4b81b2366b92ebff0513c92592','\'\'',NULL,367531),('4_Sunday','12','12:00','13:59','N','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'AMA - Jim Manico\'','\'Jim Manico\'','APV_047b75d7cb3b745e8b6fdba15aad85ea','\'Title: AMA - Jim Manico
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Pod 2 - Map
\n
SpeakerBio:Jim Manico\n
\nJim Manico is the founder of Manicode Security, training devs on secure coding. He advises/invests in companies like 10Security, MergeBase. A speaker, Java Champion, and author of \"Iron-Clad Java.\" Active in OWASP, co-leading projects like ASVS.
\nTwitter: @manicode
\n\n
\nDescription:No Description available
\n\'',NULL,367532),('4_Sunday','13','12:00','13:59','Y','APV','Flamingo - Savoy - AppSec Village - Pod 2','\'AMA - Jim Manico\'','\'Jim Manico\'','APV_047b75d7cb3b745e8b6fdba15aad85ea','\'\'',NULL,367533),('4_Sunday','10','10:15','10:59','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Hacking GitHub Actions: Abusing GitHub and Azure for fun and profit\'','\'Magno Logan\'','APV_1970234727653fbdd1b8781c3492459c','\'Title: Hacking GitHub Actions: Abusing GitHub and Azure for fun and profit
\nWhen: Sunday, Aug 13, 10:15 - 10:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\n
SpeakerBio:Magno Logan\n
\nMagno Logan works as an Information Security Specialist. He specializes in Cloud, Container, and Application Security Research. He has been tapped as a resource speaker for numerous security conferences around the globe.
\nTwitter: @magnologan
\n\n
\nDescription:
\nMore organizations are applying a DevOps methodology to optimize software development. One of the main tools used in this process is a continuous integration (CI) tool that automates code changes from multiple developers working on the same project. Multiple CI tools are available today, Jenkins, CircleCI, TravisCI, GitLab CI, and now GitHub Actions. In 2019, GitHub released its own CI tool called GitHub Actions (GHA). According to GitHub, GitHub Actions help you automate tasks within your software development life cycle, and it has been gaining a lot of adoption from developers. \n

This presentation results from detailed research on the topic where the author investigated abuse case scenarios, such as how attackers leveraged this free service to mine cryptocurrencies on their behalf and behalf of other users, among other attack vectors. We\'ll also demonstrate how to perform interactive commands to the Runner servers via reverse shell, which is technically not allowed via traditional means. Ultimately, we\'ll show the problem of third-party dependencies via the GitHub Actions Marketplace. Finally, we\'ll demonstrate how easy creating and publishing a fake GitHub Action on the GitHub Marketplace is. And if used unwillingly by other projects, it can compromise the victim\'s Runners to act as bots, target other victims, and even be used in supply-chain attacks by tampering with the result of the pipeline or even creating a botnet of crypto miners inside Azure.\n

\n\n\'',NULL,367534),('4_Sunday','13','13:15','13:59','N','APV','Flamingo - Savoy - AppSec Village - Main Stage','\'Scoping for Success (Building a Great Bug Bounty program)\'','\'Jeffrey Guerra,Logan MacLaren\'','APV_6fbccee2f0764cb06d1ca58dbe9d52a3','\'Title: Scoping for Success (Building a Great Bug Bounty program)
\nWhen: Sunday, Aug 13, 13:15 - 13:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Main Stage - Map
\nSpeakers:Jeffrey Guerra,Logan MacLaren
\n
SpeakerBio:Jeffrey Guerra\n
\nJeff is an enthusiastic person who has a passion for Application Security and the power of Bug Bounty programs. During his free time, Jeff is a car enthusiast that goes to the race track, bug hunt, and go on trips with friends and family.
\nTwitter: @s2jeff_gh
\n
SpeakerBio:Logan MacLaren\n
\nLogan has been a cybersecurity enthusiast since getting online in the 90s and currently focuses on helping grow GitHub’s Bug Bounty program. During his free time, Logan dabbles in powerlifting, CTFs, and retro gaming.
\n\n
\nDescription:
\nJeff & Logan, Security Engineers at GitHub, share best practices they’ve learned regarding building and operating Bug Bounty programs based on their experiences working at and with multiple companies. Come and learn from their mistakes and successes so that you can be set up for success, attract researchers to your program, and keep them coming back!\n
\n\n\'',NULL,367535),('2_Friday','11','11:00','11:20','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'The Creation Of The Out-Of-Band Anti Virus Dock (Oobavd)\'','\'Bosen Zhang,Howard Yang,Pengfei “BigZaddy” Yu,Tan Jing Zhi\'','HHV_523d4e4050fafed9e4bd5574eef43a29','\'Title: The Creation Of The Out-Of-Band Anti Virus Dock (Oobavd)
\nWhen: Friday, Aug 11, 11:00 - 11:20 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\nSpeakers:Bosen Zhang,Howard Yang,Pengfei “BigZaddy” Yu,Tan Jing Zhi
\n
SpeakerBio:Bosen Zhang\n
\nBosen loves breaking things, he lives by his mantra: “Just Nuke It”.
\n
SpeakerBio:Howard Yang\n
\nHoward is the data science-wiz, we asked him for one good model, and he gave us five.
\n
SpeakerBio:Pengfei “BigZaddy” Yu\n
\nPengfei is a professional cyber firefighter, always jumping from fire to fire.
\n
SpeakerBio:Tan Jing Zhi\n
\nJing Zhi is slenderman, the hardware padawan.
\n\n
\nDescription:
\nUSB-based attacks account for over 52% of all cybersecurity attacks on operational technology (OT) systems in the industrial control systems (ICS) industry. Stuxnet’s discovery in 2015 showed the vulnerability of air-gapped systems, previously considered invulnerable. These systems are found in secure military organizations and SCADA systems. The societal impact of such attacks can be enormous, as evidenced by Stuxnet’s impact on Iran’s nuclear programs. \n

Air-gapped systems, while considered secure, mostly require mobile storage devices like USB sticks for updates and data transfers, exposing them to malware. Adding peripherals like keyboards and mice will also render the systems vulnerable to BadUSB attacks. This all can be prevented by OOBAVD, which acts as an intermediary between air-gapped systems and USB devices, blocks malicious files from entering the air-gapped systems. OOBAVD being out of band also mitigates the risk of malware attacking the host’s antivirus software.\n

So what exactly is OOBAVD and how does one take an anti-virus out of band?\n

\n\n\'',NULL,367536),('2_Friday','12','12:00','12:50','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Introduction To Esp8266/Esp32 Microcontrollers And Building A Wi-Fi Deauthentication Detector\'','\'Ryan Zagrodnik\'','HHV_3a4f782db6474162e023a0a6133d02a4','\'Title: Introduction To Esp8266/Esp32 Microcontrollers And Building A Wi-Fi Deauthentication Detector
\nWhen: Friday, Aug 11, 12:00 - 12:50 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
SpeakerBio:Ryan Zagrodnik\n
\nRyan Zagrodnik has been consulting as a Penetration Tester for SynerComm for almost five years. Ryan brings over sixteen years of red and blue team experience. Ryan started his career maintaining large enterprise networks as a System Administrator in 2007. Ryan earned his CISSP in 2011 and has been working in offensive security ever since. Prior to starting at SynerComm, Ryan spent three years on an internal red team at a Fortune 1000 organization. Ryan also spent several years working in offensive and defensive security roles for large enterprises who provided services for the U.S. Department of Defense and Department of Education.
\n\n
\nDescription:
\nJoin us as we provide an introduction to the Adruino IDE and the ESP8266 microcontroller. Receive a free ESP8266 (Limited to the first 30 attendees to approach the speaker before the start of the talk and ask for a kit), and build your own Wi-Fi deauthentication detector. We will walkthrough assembly, flashing, and configuration steps.\n
\n\n\'',NULL,367537),('2_Friday','13','13:00','13:50','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Sadprotocol Goes To Hollywood: Hijacking An Ip Camera Stream As Seen In The Movies\'','\'Javier Aguinaga,Octavio Gianatiempo\'','HHV_d1c86120f76c1760f6545037454398ca','\'Title: Sadprotocol Goes To Hollywood: Hijacking An Ip Camera Stream As Seen In The Movies
\nWhen: Friday, Aug 11, 13:00 - 13:50 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\nSpeakers:Javier Aguinaga,Octavio Gianatiempo
\n
SpeakerBio:Javier Aguinaga\n
\nJavier Aguinaga is a self-taught reverse engineer with a principal focus in exploiting, currently working at Faraday for the last 7 years. He started his journey as a hobbyist electronic enthusiast and began learning how to crack security systems for video games. This led him to pursue a career in reverse engineering, where he has gained extensive experience analyzing and breaking down complex systems. With his expertise, Javier has been able to identify vulnerabilities in various technologies and has presented his findings at several conferences. He looks forward to sharing his insights and learning from others at the upcoming conference.
\n
SpeakerBio:Octavio Gianatiempo\n, Security Researcher at Faraday
\nOctavio Gianatiempo is a Security Researcher at Faraday and a Computer Science student at the University of Buenos Aires. He’s also a biologist with research experience in molecular biology and neuroscience. The necessity of analyzing complex biological data was his point of entry into programming. But he wanted to achieve a deeper understanding of how computers work, so he enrolled in Computer Science. As a Security Researcher at Faraday, he focuses on embedded devices, reverse engineering and fuzzing open and closed source software to find new vulnerabilities and exploit them.
\n\n
\nDescription:
\nWhen people think about a compromised surveillance camera, privacy is their first concern. But what about attacking the stream integrity? How hard can this movie hacking stunt be in real life? Previous research has focused on the network layer, but we wondered if we could achieve the feat by finding a zero-day on a device we owned. \n

Our research has uncovered two LAN RCE vulnerabilities in the implementation of Hikvision’s Search Active Devices Protocol (SADP) and SDK server found in several Ezviz products. Exploiting either of these bugs, we managed to serve a victim an arbitrary stream by tunneling their connection with the camera into an attacker-controlled server while leaving all other camera features operational. \n

We will take a deep dive into the whole research process: firmware analysis, vulnerability discovery, building a toolchain to compile a debugger for the target, developing an exploit capable of bypassing ASLR, and all the details about the Hollywood-style post-exploitation including tracing, in memory code patching and manipulating the execution of the binary that implements most of the camera features. \n

By filling the gap between IoT hacking and the big screen, we put the integrity of video surveillance systems into question and hope to raise awareness about the security risks posed by these devices.\n

\n\n\'',NULL,367538),('2_Friday','14','14:00','14:50','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Open Sesame! How To Open One Thousand And One Locks In The 21St Century?\'','\'Thomas BYGODT\'','HHV_30e4b1ac3177d70f9f6cae86f7ac67fd','\'Title: Open Sesame! How To Open One Thousand And One Locks In The 21St Century?
\nWhen: Friday, Aug 11, 14:00 - 14:50 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
SpeakerBio:Thomas BYGODT\n
\nThomas BYGODT is a penetration tester at Orange Cyberdefense, a CTF player and a developer. He does not want to remain passive in front of the technologies that interact with the real world. Testing and understanding them allows us to better understand their limits, both for people’s privacy and for their security. He has been specializing in connected devices for 3 years now.
\n\n
\nDescription:
\nIn an ever increasingly connected society, we are often introduced to “new and improved” devices that offer smart capabilities, and door locks are no exception. Increased security and ease of use are some of the key selling points for these locks.\n

While some devices are hard to attack, the majority are not, because manufacturers are not following simple security practices in their physical, hardware and code design. Improving their security is essential, but how do you do that when hardware and IoT hacking looks like black magic at every step? From electrical signals inside the lock to the Bluetooth Low Energy (BLE) communication with a mobile application developed using a widely used software development kit (SDK), I will share my simple spells that has led me to find vulnerabilities impacting tens of thousands of smart devices from multiple manufacturers. That and why never giving up can pay off!\n

\n\n\'',NULL,367539),('2_Friday','15','15:00','15:50','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Radiation Detection For The Rest Of Us - Diy Radiation Spectroscopy\'','\'Patrick Kiley\'','HHV_7c9ee6519010bbc704f456a99b116ae6','\'Title: Radiation Detection For The Rest Of Us - Diy Radiation Spectroscopy
\nWhen: Friday, Aug 11, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
SpeakerBio:Patrick Kiley\n
\nPatrick Kiley is a Security Consultant doing hardware penetration testing and has over 20 years of information security experience. Patrick has performed research in Avionics security, Vehicles, and even managed to brick a Tesla. Patrick has experience in penetration testing all the things, hardware hacking, IoT and Transportation.
\n\n
\nDescription:
\nWhen radiation detectors are mentioned, one tends to think of the geiger counter. This type of detector happens to be just one method of radiation detection. This workshop will introduce gamma ray spectrography, which measures the energy absorbed by the individual gamma rays. This energy level can let us know what radioactive isotope generated the gamma and can aid in identifying the material being examined.\n
\n\n\'',NULL,367540),('3_Saturday','15','15:00','15:50','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Generating Rf With Stock Hardware For Drones\'','\'David Melendez\'','HHV_6ed05655e7d65c8300b7e0ef47da663a','\'Title: Generating Rf With Stock Hardware For Drones
\nWhen: Saturday, Aug 12, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
SpeakerBio:David Melendez\n, R&D Embedded Software Engineer
\nDavid Melendez is an R&D Embedded Systems Engineer, with over twelve years of experience in cybersecurity and hardware hacking. He has a proven track record of presenting his groundbreaking investigations at prestigious conferences around the world, including DEFCON, BLACKHAT, and ROOTEDCON.\n

David is also a drone creator and author of the book \"Hacking with Drones,\" which showcases his innovative use of drones in cybersecurity research. With his passion for pushing the boundaries of technology, David is constantly seeking new ways to improve the security and functionality of embedded systems.\n

\nTwitter: @@taiksontexas
\n\n
\nDescription:
\nThe popularity of cheap and DIY drones has made them a target for attackers using radiofrequency (RF) signals. Frequency hopping is a technique that can be used to mitigate the risks associated with RF warfare. However, implementing frequency hopping in cheap and DIY drones presents several technical challenges, such as the need for a stable clock and synchronization between the transmitter and receiver without rising hardware costs. Despite these challenges, frequency hopping can significantly enhance the security of consumer and DIY drones making much more challenging or even useless anti-drone systems’ role.\n
\n\n\'',NULL,367541),('3_Saturday','12','12:30','13:30','N','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'Metawar\'','\'Winn\'','DC_02d4f03e1378265a06c9f44d91d4cf89','\'Title: Metawar
\nWhen: Saturday, Aug 12, 12:30 - 13:30 PDT
\nWhere: Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
\n
SpeakerBio:Winn\n
\nWinn has lived Cybersecurity since 1983. He coined the term \"Electronic Pearl Harbor” while testifying before Congress in 1991. His seminal book, \"Information Warfare” showed the world how and why massive identity theft, cyber-espionage, nation-state hacking and cyber-terrorism would be an integral part of today.\n

Currently, he is exploring \"Metawar,\" a term he coined to describe the art and science of reality distortion and addiction in the metaverse. Increasingly impressive immersive technologies, active metacontent orchestration, and powertul feedback systems OODA loops) will amplity disinformation through believable simulations and the powerful addictive effects of reward-based virtual existences. At some distant date, the metapoint will be reached, where persistent immersive simulations will be indistinguishable from our default \'reality\'. Just with current and short-term technological capabilities, the security, privacy, ethics, and global policy implications are staggering. (The book \"Metawar\" will be available 2023)\n

\n\n
\nDescription:
\nThe Metaverse is the Most Powerful, Addictive Reality Distortion Machine Ever Conceived… and it Can Predict the Future.\n \n

The metaverse is an evolving storytelling environment in which humans have congregated for millennia to experience alternate, immersive, and simulated realities, with or without technology. Storytelling is designed to influence mental and physical perceptions suiting the purposes of the content creators.\n \n

Metawar is the art of applying science to create and defend against the influence of alternate realities in the metaverse.\n \n

My research into Metawar initially focused on metaversal technologies. Unexpectedly, it morphed into an intensely personal experience, triggering my own Metanoia, which had a profound impact on the entire Metawar Thesis.\n \n

Immersive Experience = > Reality Distortion => Disinformation = >> Manipulation => Reward => Addiction => Compliance\n \n

My Metanoia has been integral to the evolution of thinking about the synthesis of carbon-silicon technologies and the Venn of objective-subjective reality perception. Please, bring your thoughts so we can talk about what being human even means as increasingly immersive metaverse experiences bend our sense of reality.\n \n

WARNING: There may be some maths.\n

\n\n\'',NULL,367542),('3_Saturday','13','12:30','13:30','Y','DC','Harrah\'s - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record','\'Metawar\'','\'Winn\'','DC_02d4f03e1378265a06c9f44d91d4cf89','\'\'',NULL,367543),('2_Friday','11','11:00','11:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack-A-Sat 4 Briefing\'','\'Hack-A-Sat 4 Team\'','ASV_412487c0f5dec702ef365a7ec688fa68','\'Title: Hack-A-Sat 4 Briefing
\nWhen: Friday, Aug 11, 11:00 - 11:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Hack-A-Sat 4 Team\n
\nNo BIO available
\n\n
\nDescription:
\nHack-A-Sat 4 is quite simply the world\'s first CTF in space. Now in its 4th year, the Hack-A-Sat competition series aims to enable security researchers of all levels to focus their skills and creativity on solving cyber security challenges on space systems and incentivize innovation in securing these systems. Stop by and witness the 5 finalist teams compete for $100K in prizes, learn more about the history of Hack-A-Sat, and the Moonlighter satellite hosting this year\'s competition. Competition updates will be presented on the AV stage both Friday and Saturday morning at 11 am PT.\n
\n\n\'',NULL,367544),('3_Saturday','11','11:00','11:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack-A-Sat 4 Briefing\'','\'Hack-A-Sat 4 Team\'','ASV_fbfea8c394bd70deb0c8c0a6a7567d05','\'Title: Hack-A-Sat 4 Briefing
\nWhen: Saturday, Aug 12, 11:00 - 11:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Hack-A-Sat 4 Team\n
\nNo BIO available
\n\n
\nDescription:
\nHack-A-Sat 4 is quite simply the world\'s first CTF in space. Now in its 4th year, the Hack-A-Sat competition series aims to enable security researchers of all levels to focus their skills and creativity on solving cyber security challenges on space systems and incentivize innovation in securing these systems. Stop by and witness the 5 finalist teams compete for $100K in prizes, learn more about the history of Hack-A-Sat, and the Moonlighter satellite hosting this year\'s competition. Competition updates will be presented on the AV stage both Friday and Saturday morning at 11 am PT.\n
\n\n\'',NULL,367545),('2_Friday','12','12:00','12:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Secure Micropatching on the ISS\'','\'Henry Haswell\'','ASV_bd056a87174d3ed31986761addb5a2e3','\'Title: Secure Micropatching on the ISS
\nWhen: Friday, Aug 11, 12:00 - 12:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Henry Haswell\n
\nNo BIO available
\n\n
\nDescription:
\nThis presentation discusses how SwRI’s secure micropatching service was recently demonstrated running on a commercial team member’s asset on the international space station (ISS). The micropatching service was able to correct insertion, deletion, or modification of data without needing to resend the full update. This work sets a foundation for securing over-the-air updates from malicious perturbation by utilizing communications between space assets.\n
\n\n\'',NULL,367546),('2_Friday','13','13:00','13:25','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Guarding the Galaxy: Ransomware Resilience in CubeSats\'','\'Peter Hansen\'','ASV_cd6c3f307a7cb5121e55652ad4415634','\'Title: Guarding the Galaxy: Ransomware Resilience in CubeSats
\nWhen: Friday, Aug 11, 13:00 - 13:25 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Peter Hansen\n
\nNo BIO available
\n\n
\nDescription:
\nDelve into the world of ransomware - in space! We will explore how malicious actors might exploit vulnerabilities in research satellites: defeating built in defense mechanisms, locking up internal systems and immobilizing a CubeSat, and holding its operations hostage while demanding a ransom. Join us as we chart a course through this cosmic cybersecurity threat, shedding light on the shadows of the final frontier and guarding our satellites from danger!\n
\n\n\'',NULL,367547),('2_Friday','13','13:30','13:55','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Moving Target Defense for Space Systems\'','\'Chris Jenkins\'','ASV_07a5c0dadab9564d874bd8ccd030abbb','\'Title: Moving Target Defense for Space Systems
\nWhen: Friday, Aug 11, 13:30 - 13:55 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Chris Jenkins\n
\nNo BIO available
\n\n
\nDescription:
\nWe devised a MTD algorithm and tested its application to a MIL-STD-1553 network. We demonstrated and analyzed four aspects of the MTD algorithm: 1) characterized the performance and unpredictability of the core algorithm, 2) demonstrated experiments on actual commercial hardware, 3) conducted an exfiltration experiment where the reduction in adversarial knowledge was 97%, and 4) employed the LSTM machine learning model to see if it could defeat the algorithm.\n
\n\n\'',NULL,367548),('2_Friday','14','14:00','14:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Orbiting the White House: Cybersecurity as a Space Imperative\'','\'Lauryn Williams,Tanya Simms\'','ASV_9ab9336d3b25391b5b508a4e38c793f9','\'Title: Orbiting the White House: Cybersecurity as a Space Imperative
\nWhen: Friday, Aug 11, 14:00 - 14:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\nSpeakers:Lauryn Williams,Tanya Simms
\n
SpeakerBio:Lauryn Williams\n
\nNo BIO available
\n
SpeakerBio:Tanya Simms\n
\nNo BIO available
\n\n
\nDescription:
\nDue to current and emerging threats in the space ecosystem, notably from the recent and ongoing war in Ukraine and even US GPS related outages, space is front and center as both an industry of intense innovation and imperative for civil, military, and commercial growth. It is often the case, that existing cybersecurity policies and frameworks do not apply to space systems. In this presentation, we hope to illuminate the current gaps in such policies and offer ways that the audience can help.\n
\n\n\'',NULL,367549),('2_Friday','15','15:00','15:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A Fireside Chat with the TSA Administrator\'','\'David Pekoske,Steve Luczynski\'','ASV_75002a3a9bdd838d1a944cb48c661d5a','\'Title: A Fireside Chat with the TSA Administrator
\nWhen: Friday, Aug 11, 15:00 - 15:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\nSpeakers:David Pekoske,Steve Luczynski
\n
SpeakerBio:David Pekoske\n, Administrator at Transportation Security Administration (TSA)
\nDavid Pekoske was first confirmed by the U.S. Senate as the Transportation Security Administration’s seventh administrator in August 2017 and was reconfirmed for a second term in September 2022.\n

Pekoske leads a workforce of over 60,000 employees and is responsible for security operations at nearly 440 airports throughout the United States. TSA is also the lead federal agency for security of highways, railroads, mass transit systems and pipelines. Under his leadership, TSA improved transportation security through close partnerships and alliances, a culture of innovation, and development of a dedicated workforce.\n \n

During his tenure as TSA Administrator, Pekoske also served at the Department of Homeland Security as Acting Secretary from January 20 to February 2, 2021, and as the Senior Official Performing the Duties of Deputy Secretary from April to November 2019, and again from February to June 2021. At the Department, Pekoske helped lead a unified national effort to ensure the continued security of the United States, coordinating components with missions ranging from prevention and protection to recovery and response. He was also a commissioner on the Cyberspace Solarium Commission that developed a consensus on a strategic approach to defending the United States in cyberspace against attacks of significant consequence.\n

Before joining TSA, Pekoske was an executive in the government services industry, where he led teams that provided counterterrorism, security and intelligence support services to government agencies.\n

Pekoske served as the 26th Vice Commandant of the U.S. Coast Guard, culminating a Coast Guard career that included extensive operational and command experience. As the Vice Commandant, Pekoske was second in command, also serving as Chief Operating Officer and Component Acquisition Executive of the Coast Guard. He is a recognized expert in crisis management, strategic planning, innovation, and aviation, surface transportation and maritime security. In addition, he has been twice awarded the Homeland Security Distinguished Service Medal.\n

Pekoske holds a Master of Business Administration from the Massachusetts Institute of Technology, a Master of Public Administration from Columbia University and a Bachelor of Science from the U.S. Coast Guard Academy.\n

\nTwitter: @TSA_Pekoske
\n
SpeakerBio:Steve Luczynski\n
\nNo BIO available
\n\n
\nDescription:
\nJoin Steve Luczynski in a fireside chat with with David Pekoske, Administrator of the Transportation Security Administration.\n
\n\n\'',NULL,367550),('2_Friday','16','16:00','16:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Transportation Screening Equipment Cybersecurity Briefing\'','\'Edam Colón\'','ASV_8baccde0966668c75096cb1fe436d34d','\'Title: Transportation Screening Equipment Cybersecurity Briefing
\nWhen: Friday, Aug 11, 16:00 - 16:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Edam Colón\n
\nNo BIO available
\n\n
\nDescription:
\nThis presentation discusses the Cybersecurity challenges faced when evaluating the Transportation Screening Equipment at TSA. It covers at a high level the components seem during an evaluation, what stakeholders of systems should be aware of and how we can improve the security of the systems going forward. The briefing will cover a wide variety of topics related to security testing of the equipment and how it will differ between IT and OT while still maintaining the overall security.\n
\n\n\'',NULL,367551),('2_Friday','17','17:00','17:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Pen Test Partners Power Hour\'','\'Alex Lomas,Ken Munro\'','ASV_20cce588baefd0283c130e43ad0e55d3','\'Title: Pen Test Partners Power Hour
\nWhen: Friday, Aug 11, 17:00 - 17:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\nSpeakers:Alex Lomas,Ken Munro
\n
SpeakerBio:Alex Lomas\n
\nNo BIO available
\n
SpeakerBio:Ken Munro\n
\nNo BIO available
\n\n
\nDescription:
\nPen Test Partners invites you to pull up a free beer and join us for further adventures in hacking electronic flight bags (EFBs), and then a fun rant at terrible aviation hacking in the movies to close the first day at the aerospace village.\n
\n\n\'',NULL,367552),('3_Saturday','12','12:00','12:25','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'CON trolling the weather\'','\'Paz Hameiri\'','ASV_5085423dc304c40e32f6d9175d3ac2bb','\'Title: CON trolling the weather
\nWhen: Saturday, Aug 12, 12:00 - 12:25 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Paz Hameiri\n, Hacker
\nPaz started his professional life more than 30 years ago, hacking games and developing tools in his teen years. Since then, he has worked in several companies, developing both hardware and software. Paz has six years of experience with telecommunication systems design and circuits.\n

For 14 years, Paz led multidisciplinary systems development as a systems engineer in the aerospace industry. At home, Paz explores ideas he finds interesting.\n

In 2019 he published a work on a body-tracking device that records keystrokes on a safe\'s keypad in Hakin9 Magazine. In 2021 he developed software that used a GPU as a digital radio transmitter and presented his work at DEF CON 29. In 2015 and 2019 he launched weather balloons with elementary school pupils.\n

\n\n
\nDescription:
\nWeather balloons’ radiosondes measure and transmit weather data. Besides weather models and forecasts, radiosondes are also important for gathering weather data for satellite launches and human spaceflights. I’ll present a simulation framework for the most popular radiosonde model and present simulations of a jamming attack and a spoofing attack on a receiver. I\'ll talk about the shortcomings of the military variant of the radiosonde model and suggest a simple way to cope with spoofing attacks.\n
\n\n\'',NULL,367553),('3_Saturday','12','12:30','13:20','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Building Space Attack Chains using SPARTA\'','\'Brandon Bailey\'','ASV_7c226e00d99793fb9970e20d47e371af','\'Title: Building Space Attack Chains using SPARTA
\nWhen: Saturday, Aug 12, 12:30 - 13:20 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Brandon Bailey\n
\nNo BIO available
\n\n
\nDescription:
\nWill demonstrate how to use SPARTA to develop attack chains against space systems. This presentation will present pre-existing attack chains (e.g., CySat 2023, Hack-a-Sat 3, etc.) that have been performed as well as new attack chains leveraging the SPARTA TTPs. The presentation will include a demonstration of at least one attack chain using a digital twin simulation.\n
\n\n\'',NULL,367554),('3_Saturday','13','12:30','13:20','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Building Space Attack Chains using SPARTA\'','\'Brandon Bailey\'','ASV_7c226e00d99793fb9970e20d47e371af','\'\'',NULL,367555),('3_Saturday','13','13:30','13:55','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Elon, Twitter and the PIA: How not to achieve privacy in aviation\'','\'Martin Strohmeier\'','ASV_64dd3f1de1599f2f13573e83f1446236','\'Title: Elon, Twitter and the PIA: How not to achieve privacy in aviation
\nWhen: Saturday, Aug 12, 13:30 - 13:55 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Martin Strohmeier\n
\nNo BIO available
\n\n
\nDescription:
\nIn 2022, aviation tracking privacy (or the lack thereof) has truly entered the global mainstream, with operational security and climate shaming of private jets suddenly discussed all over the world. Following up on previous work presented at the Aerospace Village, we will conduct a deep dive into how we arrived in this position, why nothing has worked so far, and how we need to change our thinking in order to achieve any meaningful privacy in aviation.\n
\n\n\'',NULL,367556),('3_Saturday','14','14:00','14:25','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Labs and Trust: How to build a successful aviation cybersecurity research programme\'','\'Martin Strohmeier\'','ASV_7242173f0c980cef981ac1509b882a94','\'Title: Labs and Trust: How to build a successful aviation cybersecurity research programme
\nWhen: Saturday, Aug 12, 14:00 - 14:25 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Martin Strohmeier\n
\nNo BIO available
\n\n
\nDescription:
\nOver the past 10 years, armasusisse Science + Technology has been successfully conducting open security research with real avionics hardware, working closely with industry and regulators. The talk will cover our technical results as well as our approach to building trust with regulators and the industry by working as responsibly as possible while still maintaining the openness required to obtain the necessary results and drive change in the wider ecosystem.\n
\n\n\'',NULL,367557),('3_Saturday','14','14:30','14:55','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Stories from the Trenches: Operating a Aeronautics Cyber Range\'','\'Christopher Ottesen\'','ASV_25c1f42a7bf7667f9d6726e12e24db5f','\'Title: Stories from the Trenches: Operating a Aeronautics Cyber Range
\nWhen: Saturday, Aug 12, 14:30 - 14:55 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Christopher Ottesen\n
\nNo BIO available
\n\n
\nDescription:
\nThe Aeronautics Cyber Range performs penetration testing on DoD aviation weapons systems. Since becoming operational in 2019, the team has accumulated many lessons learned and best practices to support testing of aerospace embedded systems. This talk details how to deal with fundamental challenges of operating this type of facility. Brace yourselves for an incredible journey filled with the obstacles we encountered and the strategies and tactics you can use to avoid our growing pains.\n
\n\n\'',NULL,367558),('3_Saturday','15','15:00','15:25','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Space Pirates on the Loose! - Space-Based Threats to US Interests\'','\'Henry Danielson,Sage Meadows\'','ASV_5aa83c8aa22aca9d9361efe9a54a05f2','\'Title: Space Pirates on the Loose! - Space-Based Threats to US Interests
\nWhen: Saturday, Aug 12, 15:00 - 15:25 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\nSpeakers:Henry Danielson,Sage Meadows
\n
SpeakerBio:Henry Danielson\n
\nNo BIO available
\n
SpeakerBio:Sage Meadows\n
\nNo BIO available
\n\n
\nDescription:
\nMany US interests heavily depend on space assets. With the rapid development of space technology, security is often overlooked. This talk covers a range of space-based attack scenarios, developed via extensive threat modeling efforts (attack trees, PnGs, etc). The paper being produced from this research effort will be presented to the National Space Council. By addressing these issues, the US can strengthen its resilience in space and ensure the security of critical space-based infrastructures.\n
\n\n\'',NULL,367559),('3_Saturday','15','15:30','16:20','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Wingin\' It - Pentesting a 737\'','\'Alexander Dodd\'','ASV_0e6fdb7627ad038b6875bc8af58e3e0c','\'Title: Wingin\' It - Pentesting a 737
\nWhen: Saturday, Aug 12, 15:30 - 16:20 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Alexander Dodd\n
\nNo BIO available
\n\n
\nDescription:
\nIn January 2023, Attack Research was invited to perform an on-wing penetration test of a Boeing 737NG that was being decommissioned. Come, listen, and be taken on a journey through this little-explored realm of aviation security. Discover some of our secrets from the decades of combined experience working on in-flight entertainment systems and various aircraft as well as the reasons why airlines and OEMs are urged to open their minds to external expertise and embrace the insights presented.\n
\n\n\'',NULL,367560),('3_Saturday','16','15:30','16:20','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Wingin\' It - Pentesting a 737\'','\'Alexander Dodd\'','ASV_0e6fdb7627ad038b6875bc8af58e3e0c','\'\'',NULL,367561),('3_Saturday','16','16:30','16:55','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A Fireside Chat with Chris Roberts and Pete Cooper\'','\'Chris Roberts,Pete Cooper\'','ASV_5882c7037f73d2d62d710d1ca7d74178','\'Title: A Fireside Chat with Chris Roberts and Pete Cooper
\nWhen: Saturday, Aug 12, 16:30 - 16:55 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\nSpeakers:Chris Roberts,Pete Cooper
\n
SpeakerBio:Chris Roberts\n
\nChris is the CISO for Boom Supersonic and works as an advisor for several entities and organizations around the globe. His most recent projects are focused within the aerospace, deception, identity, cryptography, Artificial Intelligence, and services sectors. Over the years, he\'s founded or worked with several folks specializing in OSINT/SIGINT/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration, and communication word across the industry. (Likely while coding his EEG driven digital clone that’s monitoring his tea and biscuit consumption!)\n

Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that, he managed to get various computers confiscated by several European entities.)\n

He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also gotten a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 15 years. (To interesting effect.)\n

\nTwitter: @Sidragon1
\n
SpeakerBio:Pete Cooper\n
\nNo BIO available
\n\n
\nDescription:
\nJoin Pete Cooper in a fireside chat with Chris Roberts about his role as the CISO for Boom Supersonic and how he is approaching the challenges of securing a flying platform from the ground up using everything from digital twins to AI. It will also be a chance to discuss what he has learnt across his career and his advice for the next generation coming through.\n
\n\n\'',NULL,367562),('3_Saturday','17','17:00','17:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Aerospace Village - 5 Years On\'','\'Pete Cooper\'','ASV_a9f0a132ed06527ee9cb2a54f3cc270d','\'Title: Aerospace Village - 5 Years On
\nWhen: Saturday, Aug 12, 17:00 - 17:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Pete Cooper\n
\nNo BIO available
\n\n
\nDescription:
\nThis is the 5th year of the Aerospace Village and the landscape now is totally different to what it was at the start. This is the story of how a diverse bunch of hackers, engineers, pilots, policy leaders and more from across both the public and private sectors founded and built the Aerospace Village to promote safe, reliable, and trustworthy aviation and space operations. A panel with Pete Cooper, Beau Woods, Jen Ellis, RoRo, and Katie Trimble-Noble.\n
\n\n\'',NULL,367563),('4_Sunday','10','10:30','11:20','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Looming Perils for End Users in Satellite Communications\'','\'Vincent Lenders\'','ASV_3607dfcdb23490f3dc5525f30cf8a663','\'Title: The Looming Perils for End Users in Satellite Communications
\nWhen: Sunday, Aug 13, 10:30 - 11:20 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Vincent Lenders\n
\nNo BIO available
\n\n
\nDescription:
\nSatellite communication has gained importance in our mobile and hyper-connected society, but end users are exposed to various security threats that are often not well understood. In this talk, I will present several practical attacks targeting the security and privacy of satellite end users. These attacks target satellite systems such as DVB-S, Inmarsat, Iridium, and GPS. The attacks have been developed and performed in our satellite security research labs at the Swiss Cyber-Defence Campus.\n
\n\n\'',NULL,367564),('4_Sunday','11','10:30','11:20','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Looming Perils for End Users in Satellite Communications\'','\'Vincent Lenders\'','ASV_3607dfcdb23490f3dc5525f30cf8a663','\'\'',NULL,367565),('4_Sunday','12','12:00','12:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack-A-Sat 4 Awards Ceremony\'','\'Hack-A-Sat 4 Team\'','ASV_08c9790460caa5282e8fde19ae42b4eb','\'Title: Hack-A-Sat 4 Awards Ceremony
\nWhen: Sunday, Aug 13, 12:00 - 12:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Hack-A-Sat 4 Team\n
\nNo BIO available
\n\n
\nDescription:
\nHack-A-Sat 4 is quite simply the world\'s first CTF in space. Now in its 4th year, the Hack-A-Sat competition series aims to enable security researchers of all levels to focus their skills and creativity on solving cyber security challenges on space systems and incentivize innovation in securing these systems. Stop by and witness the 5 finalist teams compete for $100K in prizes, learn more about the history of Hack-A-Sat, and the Moonlighter satellite hosting this year\'s competition. The competition culminates with the HAS4 Award Ceremony on Sunday at 12 pm PT.\n
\n\n\'',NULL,367566),('4_Sunday','13','13:00','13:50','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hacking Satellites: Houston, We Have a Problem\'','\'Jacob Oakley\'','ASV_b729462d5c492ee266e16317f1f8a1ef','\'Title: Hacking Satellites: Houston, We Have a Problem
\nWhen: Sunday, Aug 13, 13:00 - 13:50 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
SpeakerBio:Jacob Oakley\n
\nNo BIO available
\n\n
\nDescription:
\nThe intersection of the space and cyber domains presents a complex emerging challenge to cybersecurity and space professionals. This talk covers an introduction to satellites and space operations, the attacks that space assets face, and the vectors used to facilitate malicious activity. It discusses adversarial campaigns against space vehicles at a micro and macro scale and outlines the foundational issues to securing-space resident attack surfaces.\n
\n\n\'',NULL,367567),('4_Sunday','10','10:00','13:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_48f03cd7685498832449be9456094b55','\'Title: PTP Flight Challenge
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nPTP Flight Challenge\n

Pen Test Partners\n

Come try your hand at flying our immersive Airbus A320 simulator and see if you can stick our landing challenge! We\'ll also be talking about electronic flight bags, how their data integrity is relied upon by pilots to assist with a safe landing, and demonstrate the impacts in a safe environment.\n

\n\n\'',NULL,367568),('4_Sunday','11','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_48f03cd7685498832449be9456094b55','\'\'',NULL,367569),('4_Sunday','12','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_48f03cd7685498832449be9456094b55','\'\'',NULL,367570),('4_Sunday','13','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_48f03cd7685498832449be9456094b55','\'\'',NULL,367571),('3_Saturday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2','\'Title: PTP Flight Challenge
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nPTP Flight Challenge\n

Pen Test Partners\n

Come try your hand at flying our immersive Airbus A320 simulator and see if you can stick our landing challenge! We\'ll also be talking about electronic flight bags, how their data integrity is relied upon by pilots to assist with a safe landing, and demonstrate the impacts in a safe environment.\n

\n\n\'',NULL,367572),('3_Saturday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2','\'\'',NULL,367573),('3_Saturday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2','\'\'',NULL,367574),('3_Saturday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2','\'\'',NULL,367575),('3_Saturday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2','\'\'',NULL,367576),('3_Saturday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2','\'\'',NULL,367577),('3_Saturday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2','\'\'',NULL,367578),('3_Saturday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2','\'\'',NULL,367579),('2_Friday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f','\'Title: PTP Flight Challenge
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nPTP Flight Challenge\n

Pen Test Partners\n

Come try your hand at flying our immersive Airbus A320 simulator and see if you can stick our landing challenge! We\'ll also be talking about electronic flight bags, how their data integrity is relied upon by pilots to assist with a safe landing, and demonstrate the impacts in a safe environment.\n

\n\n\'',NULL,367580),('2_Friday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f','\'\'',NULL,367581),('2_Friday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f','\'\'',NULL,367582),('2_Friday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f','\'\'',NULL,367583),('2_Friday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f','\'\'',NULL,367584),('2_Friday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f','\'\'',NULL,367585),('2_Friday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f','\'\'',NULL,367586),('2_Friday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'PTP Flight Challenge\'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f','\'\'',NULL,367587),('3_Saturday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_d87de2aac7693afe98333905046ca3be','\'Title: Ask Me Anything About Cybersecurity in Aerospace
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nAsk Me Anything About Cybersecurity in Aerospace\n

AIAA\n

We have added a special feature to this year’s activities during DEF CON 31. This will be on Friday and Saturday from 11AM - 5PM.\n

Our friends at AIAA are helping us host “Ask Me Anything” sessions on Friday and Saturday. It’s an opportunity to meet Aerospace Village members and partners who are experts in the field. Bring your questions about getting into cybersecurity, aviation, space, likes/dislikes, you name it!\n

\n\n\'',NULL,367588),('3_Saturday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_d87de2aac7693afe98333905046ca3be','\'\'',NULL,367589),('3_Saturday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_d87de2aac7693afe98333905046ca3be','\'\'',NULL,367590),('3_Saturday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_d87de2aac7693afe98333905046ca3be','\'\'',NULL,367591),('3_Saturday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_d87de2aac7693afe98333905046ca3be','\'\'',NULL,367592),('3_Saturday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_d87de2aac7693afe98333905046ca3be','\'\'',NULL,367593),('3_Saturday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_d87de2aac7693afe98333905046ca3be','\'\'',NULL,367594),('3_Saturday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_d87de2aac7693afe98333905046ca3be','\'\'',NULL,367595),('4_Sunday','10','10:00','13:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_45848bccbb39a4241b6c2c76a4ae732c','\'Title: Ask Me Anything About Cybersecurity in Aerospace
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nAsk Me Anything About Cybersecurity in Aerospace\n

AIAA\n

We have added a special feature to this year’s activities during DEF CON 31. This will be on Friday and Saturday from 11AM - 5PM.\n

Our friends at AIAA are helping us host “Ask Me Anything” sessions on Friday and Saturday. It’s an opportunity to meet Aerospace Village members and partners who are experts in the field. Bring your questions about getting into cybersecurity, aviation, space, likes/dislikes, you name it!\n

\n\n\'',NULL,367596),('4_Sunday','11','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_45848bccbb39a4241b6c2c76a4ae732c','\'\'',NULL,367597),('4_Sunday','12','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_45848bccbb39a4241b6c2c76a4ae732c','\'\'',NULL,367598),('4_Sunday','13','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_45848bccbb39a4241b6c2c76a4ae732c','\'\'',NULL,367599),('2_Friday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a','\'Title: Ask Me Anything About Cybersecurity in Aerospace
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nAsk Me Anything About Cybersecurity in Aerospace\n

AIAA\n

We have added a special feature to this year’s activities during DEF CON 31. This will be on Friday and Saturday from 11AM - 5PM.\n

Our friends at AIAA are helping us host “Ask Me Anything” sessions on Friday and Saturday. It’s an opportunity to meet Aerospace Village members and partners who are experts in the field. Bring your questions about getting into cybersecurity, aviation, space, likes/dislikes, you name it!\n

\n\n\'',NULL,367600),('2_Friday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a','\'\'',NULL,367601),('2_Friday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a','\'\'',NULL,367602),('2_Friday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a','\'\'',NULL,367603),('2_Friday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a','\'\'',NULL,367604),('2_Friday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a','\'\'',NULL,367605),('2_Friday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a','\'\'',NULL,367606),('2_Friday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Ask Me Anything About Cybersecurity in Aerospace\'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a','\'\'',NULL,367607),('2_Friday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0','\'Title: Hack The Airport
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nHack The Airport\n

IntelliGenesis and IG Labs\n

IG Labs will be bringing our Runway Lighting System in a box as part of our Hack The Airport CTF. Participants will be able to attempt to get hands on with practical OT and IT cyber security environment in a mobile converged environment with real-world hardware and protocols.\n

\n\n\'',NULL,367608),('2_Friday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0','\'\'',NULL,367609),('2_Friday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0','\'\'',NULL,367610),('2_Friday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0','\'\'',NULL,367611),('2_Friday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0','\'\'',NULL,367612),('2_Friday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0','\'\'',NULL,367613),('2_Friday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0','\'\'',NULL,367614),('2_Friday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0','\'\'',NULL,367615),('3_Saturday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156','\'Title: Hack The Airport
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nHack The Airport\n

IntelliGenesis and IG Labs\n

IG Labs will be bringing our Runway Lighting System in a box as part of our Hack The Airport CTF. Participants will be able to attempt to get hands on with practical OT and IT cyber security environment in a mobile converged environment with real-world hardware and protocols.\n

\n\n\'',NULL,367616),('3_Saturday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156','\'\'',NULL,367617),('3_Saturday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156','\'\'',NULL,367618); INSERT INTO `events` VALUES ('3_Saturday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156','\'\'',NULL,367619),('3_Saturday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156','\'\'',NULL,367620),('3_Saturday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156','\'\'',NULL,367621),('3_Saturday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156','\'\'',NULL,367622),('3_Saturday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156','\'\'',NULL,367623),('4_Sunday','10','10:00','13:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_0e675088b35a550816246683a90f8432','\'Title: Hack The Airport
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nHack The Airport\n

IntelliGenesis and IG Labs\n

IG Labs will be bringing our Runway Lighting System in a box as part of our Hack The Airport CTF. Participants will be able to attempt to get hands on with practical OT and IT cyber security environment in a mobile converged environment with real-world hardware and protocols.\n

\n\n\'',NULL,367624),('4_Sunday','11','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_0e675088b35a550816246683a90f8432','\'\'',NULL,367625),('4_Sunday','12','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_0e675088b35a550816246683a90f8432','\'\'',NULL,367626),('4_Sunday','13','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Hack The Airport\'','\' \'','ASV_0e675088b35a550816246683a90f8432','\'\'',NULL,367627),('2_Friday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_e16190dfee0be9d55e97883128efb003','\'Title: Unmanned Aerial Systems – Platform Security
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nDiscover the exciting world of cybersecurity and unmanned aerial systems (UAS)! Learn how to safeguard UAS from all angles with a comprehensive platform security perspective.\n

Engage in some fun and challenging CTF adventures where you can put your skills to the test. See firsthand how your actions affect our UAS demonstrator. The UAS demonstrator contains all the sensors from our Mobile Optical Ultrasonic Sensor Explorer, or MOUSE for short. The MOUSE represents a small Unmanned Aircraft System (sUAS) comprising a pan/tilt object recognition camera, navigation camera, temperature & humidity sensor, ultrasonic sensor, and drive system powering four motors.\n

You won\'t need to worry about any complicated registration process; all you need is your personal laptop to join in the excitement. Earn enough points in the challenge, and you could be the proud owner of a CT Cubed SAO, a special prize while supplies last. Get ready to embark on this fascinating journey and prove your cybersecurity prowess!\n

\n\n\'',NULL,367628),('2_Friday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_e16190dfee0be9d55e97883128efb003','\'\'',NULL,367629),('2_Friday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_e16190dfee0be9d55e97883128efb003','\'\'',NULL,367630),('2_Friday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_e16190dfee0be9d55e97883128efb003','\'\'',NULL,367631),('2_Friday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_e16190dfee0be9d55e97883128efb003','\'\'',NULL,367632),('2_Friday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_e16190dfee0be9d55e97883128efb003','\'\'',NULL,367633),('2_Friday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_e16190dfee0be9d55e97883128efb003','\'\'',NULL,367634),('2_Friday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_e16190dfee0be9d55e97883128efb003','\'\'',NULL,367635),('4_Sunday','10','10:00','13:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_b0bbe9a59129942ce0e41c8127ae88ca','\'Title: Unmanned Aerial Systems – Platform Security
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nDiscover the exciting world of cybersecurity and unmanned aerial systems (UAS)! Learn how to safeguard UAS from all angles with a comprehensive platform security perspective.\n

Engage in some fun and challenging CTF adventures where you can put your skills to the test. See firsthand how your actions affect our UAS demonstrator. The UAS demonstrator contains all the sensors from our Mobile Optical Ultrasonic Sensor Explorer, or MOUSE for short. The MOUSE represents a small Unmanned Aircraft System (sUAS) comprising a pan/tilt object recognition camera, navigation camera, temperature & humidity sensor, ultrasonic sensor, and drive system powering four motors.\n

You won\'t need to worry about any complicated registration process; all you need is your personal laptop to join in the excitement. Earn enough points in the challenge, and you could be the proud owner of a CT Cubed SAO, a special prize while supplies last. Get ready to embark on this fascinating journey and prove your cybersecurity prowess!\n

\n\n\'',NULL,367636),('4_Sunday','11','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_b0bbe9a59129942ce0e41c8127ae88ca','\'\'',NULL,367637),('4_Sunday','12','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_b0bbe9a59129942ce0e41c8127ae88ca','\'\'',NULL,367638),('4_Sunday','13','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_b0bbe9a59129942ce0e41c8127ae88ca','\'\'',NULL,367639),('3_Saturday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_6466eb407257199d0537a8820997a95e','\'Title: Unmanned Aerial Systems – Platform Security
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nDiscover the exciting world of cybersecurity and unmanned aerial systems (UAS)! Learn how to safeguard UAS from all angles with a comprehensive platform security perspective.\n

Engage in some fun and challenging CTF adventures where you can put your skills to the test. See firsthand how your actions affect our UAS demonstrator. The UAS demonstrator contains all the sensors from our Mobile Optical Ultrasonic Sensor Explorer, or MOUSE for short. The MOUSE represents a small Unmanned Aircraft System (sUAS) comprising a pan/tilt object recognition camera, navigation camera, temperature & humidity sensor, ultrasonic sensor, and drive system powering four motors.\n

You won\'t need to worry about any complicated registration process; all you need is your personal laptop to join in the excitement. Earn enough points in the challenge, and you could be the proud owner of a CT Cubed SAO, a special prize while supplies last. Get ready to embark on this fascinating journey and prove your cybersecurity prowess!\n

\n\n\'',NULL,367640),('3_Saturday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_6466eb407257199d0537a8820997a95e','\'\'',NULL,367641),('3_Saturday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_6466eb407257199d0537a8820997a95e','\'\'',NULL,367642),('3_Saturday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_6466eb407257199d0537a8820997a95e','\'\'',NULL,367643),('3_Saturday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_6466eb407257199d0537a8820997a95e','\'\'',NULL,367644),('3_Saturday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_6466eb407257199d0537a8820997a95e','\'\'',NULL,367645),('3_Saturday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_6466eb407257199d0537a8820997a95e','\'\'',NULL,367646),('3_Saturday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Unmanned Aerial Systems – Platform Security\'','\' \'','ASV_6466eb407257199d0537a8820997a95e','\'\'',NULL,367647),('4_Sunday','10','10:00','13:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c45a5262ccc52eb91e219f6c4c655140','\'Title: The Challenge - Lockheed Martin
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nThe Challenge\n

Lockheed Martin\n

**Laptop Needed**\n

This is your chance to demonstrate your superior aviation hacking knowledge and skills. This contest requires you to keep your eyes open in the Aerospace Village, a personal device to access the contest webpage, and various other technical skills that are useful in the Aerospace industry. A laptop will be helpful for binary analysis and packet decoding. The final flag is an RF replay attack, so you will need to bring or borrow a device capable of rebroadcasting a signal. If you get stuck on any the challenges help can likely be found in some of the other villages. No pre-registration is required and it is OK to work in teams. The first to finish will receive a 1/48 scale model of an F-35B as well as the prestige of being the first ever winner of this challenging contest. A second model will be awarded based on a random drawing of all other people who successfully solve the final flag. The Aerospace Village CTF starts when the village opens on Friday and ends when the village closes Sunday at 2.\n

\n\n\'',NULL,367648),('4_Sunday','11','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c45a5262ccc52eb91e219f6c4c655140','\'\'',NULL,367649),('4_Sunday','12','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c45a5262ccc52eb91e219f6c4c655140','\'\'',NULL,367650),('4_Sunday','13','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c45a5262ccc52eb91e219f6c4c655140','\'\'',NULL,367651),('3_Saturday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e','\'Title: The Challenge - Lockheed Martin
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nThe Challenge\n

Lockheed Martin\n

**Laptop Needed**\n

This is your chance to demonstrate your superior aviation hacking knowledge and skills. This contest requires you to keep your eyes open in the Aerospace Village, a personal device to access the contest webpage, and various other technical skills that are useful in the Aerospace industry. A laptop will be helpful for binary analysis and packet decoding. The final flag is an RF replay attack, so you will need to bring or borrow a device capable of rebroadcasting a signal. If you get stuck on any the challenges help can likely be found in some of the other villages. No pre-registration is required and it is OK to work in teams. The first to finish will receive a 1/48 scale model of an F-35B as well as the prestige of being the first ever winner of this challenging contest. A second model will be awarded based on a random drawing of all other people who successfully solve the final flag. The Aerospace Village CTF starts when the village opens on Friday and ends when the village closes Sunday at 2.\n

\n\n\'',NULL,367652),('3_Saturday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e','\'\'',NULL,367653),('3_Saturday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e','\'\'',NULL,367654),('3_Saturday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e','\'\'',NULL,367655),('3_Saturday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e','\'\'',NULL,367656),('3_Saturday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e','\'\'',NULL,367657),('3_Saturday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e','\'\'',NULL,367658),('3_Saturday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e','\'\'',NULL,367659),('2_Friday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663','\'Title: The Challenge - Lockheed Martin
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nThe Challenge\n

Lockheed Martin\n

**Laptop Needed**\n

This is your chance to demonstrate your superior aviation hacking knowledge and skills. This contest requires you to keep your eyes open in the Aerospace Village, a personal device to access the contest webpage, and various other technical skills that are useful in the Aerospace industry. A laptop will be helpful for binary analysis and packet decoding. The final flag is an RF replay attack, so you will need to bring or borrow a device capable of rebroadcasting a signal. If you get stuck on any the challenges help can likely be found in some of the other villages. No pre-registration is required and it is OK to work in teams. The first to finish will receive a 1/48 scale model of an F-35B as well as the prestige of being the first ever winner of this challenging contest. A second model will be awarded based on a random drawing of all other people who successfully solve the final flag. The Aerospace Village CTF starts when the village opens on Friday and ends when the village closes Sunday at 2.\n

\n\n\'',NULL,367660),('2_Friday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663','\'\'',NULL,367661),('2_Friday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663','\'\'',NULL,367662),('2_Friday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663','\'\'',NULL,367663),('2_Friday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663','\'\'',NULL,367664),('2_Friday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663','\'\'',NULL,367665),('2_Friday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663','\'\'',NULL,367666),('2_Friday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'The Challenge - Lockheed Martin\'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663','\'\'',NULL,367667),('2_Friday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91','\'Title: A-ISAC CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nA-ISAC CTF\n

A-ISAC and Embry-Riddle Aeronautical University - Prescott\n

**Laptop Needed**\n

A variety of aviation infrastructure have been compromised. Immerse yourself into challenges where you are tasked with identifying attacks/attackers, stopping attacks, and restoring normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n

\n\n\'',NULL,367668),('2_Friday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91','\'\'',NULL,367669),('2_Friday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91','\'\'',NULL,367670),('2_Friday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91','\'\'',NULL,367671),('2_Friday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91','\'\'',NULL,367672),('2_Friday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91','\'\'',NULL,367673),('2_Friday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91','\'\'',NULL,367674),('2_Friday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91','\'\'',NULL,367675),('4_Sunday','10','10:00','13:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_34306d7362d448b4997e0930c3bcd0cb','\'Title: A-ISAC CTF
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nA-ISAC CTF\n

A-ISAC and Embry-Riddle Aeronautical University - Prescott\n

**Laptop Needed**\n

A variety of aviation infrastructure have been compromised. Immerse yourself into challenges where you are tasked with identifying attacks/attackers, stopping attacks, and restoring normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n

\n\n\'',NULL,367676),('4_Sunday','11','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_34306d7362d448b4997e0930c3bcd0cb','\'\'',NULL,367677),('4_Sunday','12','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_34306d7362d448b4997e0930c3bcd0cb','\'\'',NULL,367678),('4_Sunday','13','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_34306d7362d448b4997e0930c3bcd0cb','\'\'',NULL,367679),('3_Saturday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd','\'Title: A-ISAC CTF
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nA-ISAC CTF\n

A-ISAC and Embry-Riddle Aeronautical University - Prescott\n

**Laptop Needed**\n

A variety of aviation infrastructure have been compromised. Immerse yourself into challenges where you are tasked with identifying attacks/attackers, stopping attacks, and restoring normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!\n

\n\n\'',NULL,367680),('3_Saturday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd','\'\'',NULL,367681),('3_Saturday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd','\'\'',NULL,367682),('3_Saturday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd','\'\'',NULL,367683),('3_Saturday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd','\'\'',NULL,367684),('3_Saturday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd','\'\'',NULL,367685),('3_Saturday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd','\'\'',NULL,367686),('3_Saturday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'A-ISAC CTF\'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd','\'\'',NULL,367687),('4_Sunday','10','10:00','13:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_41444264e68e7103c9351c37a1830844','\'Title: Bricks in the Air
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nBricks in the Air\n

Aerospace Village\n

Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation. The attendees are not required to have any prerequisite knowledge. No equipment is needed for attendees.\n

\n\n\'',NULL,367688),('4_Sunday','11','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_41444264e68e7103c9351c37a1830844','\'\'',NULL,367689),('4_Sunday','12','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_41444264e68e7103c9351c37a1830844','\'\'',NULL,367690),('4_Sunday','13','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_41444264e68e7103c9351c37a1830844','\'\'',NULL,367691),('3_Saturday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1','\'Title: Bricks in the Air
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nBricks in the Air\n

Aerospace Village\n

Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation. The attendees are not required to have any prerequisite knowledge. No equipment is needed for attendees.\n

\n\n\'',NULL,367692),('3_Saturday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1','\'\'',NULL,367693),('3_Saturday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1','\'\'',NULL,367694),('3_Saturday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1','\'\'',NULL,367695),('3_Saturday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1','\'\'',NULL,367696),('3_Saturday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1','\'\'',NULL,367697),('3_Saturday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1','\'\'',NULL,367698),('3_Saturday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1','\'\'',NULL,367699),('2_Friday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1','\'Title: Bricks in the Air
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nBricks in the Air\n

Aerospace Village\n

Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation. The attendees are not required to have any prerequisite knowledge. No equipment is needed for attendees.\n

\n\n\'',NULL,367700),('2_Friday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1','\'\'',NULL,367701),('2_Friday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1','\'\'',NULL,367702),('2_Friday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1','\'\'',NULL,367703),('2_Friday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1','\'\'',NULL,367704),('2_Friday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1','\'\'',NULL,367705),('2_Friday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1','\'\'',NULL,367706),('2_Friday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'Bricks in the Air\'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1','\'\'',NULL,367707),('3_Saturday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff','\'Title: ARINC 615a CTF
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nARINC 615a CTF\n

Boeing\n

**Laptop Needed**\n

Boeing will be hosting an ARINC 615a dataload CTF broken into two major modules. The first module will focus on decomposing and analyzing a PCAP capture of a simulated dataload between an airplane dataload server and an avionics component. The second module will allow participants to execute a dataload against simulated avionics to help improve understanding and awareness of how software is loaded onto airplanes. Additionally, Boeing is aiming to increase its cyber outreach into the STEM community by offering an additional challenge centered on an operational system and the impact of that system on the overall airplane. The challenge will walk participants through how the operational system functions, how it can be negatively impacted, the results of tampering with the system while it’s in flight, and how the system can secured via CIA and PKI.\n

\n\n\'',NULL,367708),('3_Saturday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff','\'\'',NULL,367709),('3_Saturday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff','\'\'',NULL,367710),('3_Saturday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff','\'\'',NULL,367711),('3_Saturday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff','\'\'',NULL,367712),('3_Saturday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff','\'\'',NULL,367713),('3_Saturday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff','\'\'',NULL,367714),('3_Saturday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff','\'\'',NULL,367715),('2_Friday','10','10:00','17:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8','\'Title: ARINC 615a CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nARINC 615a CTF\n

Boeing\n

**Laptop Needed**\n

Boeing will be hosting an ARINC 615a dataload CTF broken into two major modules. The first module will focus on decomposing and analyzing a PCAP capture of a simulated dataload between an airplane dataload server and an avionics component. The second module will allow participants to execute a dataload against simulated avionics to help improve understanding and awareness of how software is loaded onto airplanes. Additionally, Boeing is aiming to increase its cyber outreach into the STEM community by offering an additional challenge centered on an operational system and the impact of that system on the overall airplane. The challenge will walk participants through how the operational system functions, how it can be negatively impacted, the results of tampering with the system while it’s in flight, and how the system can secured via CIA and PKI.\n

\n\n\'',NULL,367716),('2_Friday','11','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8','\'\'',NULL,367717),('2_Friday','12','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8','\'\'',NULL,367718),('2_Friday','13','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8','\'\'',NULL,367719),('2_Friday','14','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8','\'\'',NULL,367720),('2_Friday','15','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8','\'\'',NULL,367721),('2_Friday','16','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8','\'\'',NULL,367722),('2_Friday','17','10:00','17:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8','\'\'',NULL,367723),('4_Sunday','10','10:00','13:59','N','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_576aeacbc7931b8a16c6a45fd31017ed','\'Title: ARINC 615a CTF
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
\n
\nDescription:
\nARINC 615a CTF\n

Boeing\n

**Laptop Needed**\n

Boeing will be hosting an ARINC 615a dataload CTF broken into two major modules. The first module will focus on decomposing and analyzing a PCAP capture of a simulated dataload between an airplane dataload server and an avionics component. The second module will allow participants to execute a dataload against simulated avionics to help improve understanding and awareness of how software is loaded onto airplanes. Additionally, Boeing is aiming to increase its cyber outreach into the STEM community by offering an additional challenge centered on an operational system and the impact of that system on the overall airplane. The challenge will walk participants through how the operational system functions, how it can be negatively impacted, the results of tampering with the system while it’s in flight, and how the system can secured via CIA and PKI.\n

\n\n\'',NULL,367724),('4_Sunday','11','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_576aeacbc7931b8a16c6a45fd31017ed','\'\'',NULL,367725),('4_Sunday','12','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_576aeacbc7931b8a16c6a45fd31017ed','\'\'',NULL,367726),('4_Sunday','13','10:00','13:59','Y','ASV','Caesars Forum - Summit - 208-214 - Aerospace Village','\'ARINC 615a CTF\'','\' \'','ASV_576aeacbc7931b8a16c6a45fd31017ed','\'\'',NULL,367727),('2_Friday','10','10:00','10:30','N','QTV','LINQ - 3rd flr - Quantum Village','\'Quantum Village Opening!\'','\'Mark Carney,Quantum Village Organizers,Victoria Kumaran\'','QTV_d4e920d30aac89b57fc02f3d8741df22','\'Title: Quantum Village Opening!
\nWhen: Friday, Aug 11, 10:00 - 10:30 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\nSpeakers:Mark Carney,Quantum Village Organizers,Victoria Kumaran
\n
SpeakerBio:Mark Carney\n
\nNo BIO available
\n
SpeakerBio:Quantum Village Organizers\n
\nNo BIO available
\n
SpeakerBio:Victoria Kumaran\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367728),('2_Friday','10','10:30','10:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'QOLOSSUS - Quantum Capture the Flag Introduction!\'','\'Quantum Quizmasters\'','QTV_d39fc00bed985a5cbc2376e15b14252c','\'Title: QOLOSSUS - Quantum Capture the Flag Introduction!
\nWhen: Friday, Aug 11, 10:30 - 10:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Quantum Quizmasters\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367729),('2_Friday','12','12:00','12:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'World\'s Cheapest \"QKD\" ;) -QKD for fun and non- profit from home\'','\'Ben Varcoe,Jose Pisaro,Mark Carney\'','QTV_edfb3aefc36e5e88ef21ce602fbc7add','\'Title: World\'s Cheapest \"QKD\" ;) -QKD for fun and non- profit from home
\nWhen: Friday, Aug 11, 12:00 - 12:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\nSpeakers:Ben Varcoe,Jose Pisaro,Mark Carney
\n
SpeakerBio:Ben Varcoe\n
\nNo BIO available
\n
SpeakerBio:Jose Pisaro\n
\nNo BIO available
\n
SpeakerBio:Mark Carney\n
\nNo BIO available
\n\n
\nDescription:
\n\"QKD\". You\'ve heard of it! You want to try it! But are afraid of what the neighbours would think. Today we present a Didactic solution to \"QKD\" from home. We will \"attempt\" the world\'s first transatlantic \"VEGAS QKD\" live. \n

Last year it was quantum snake oil. This year.... See what is on the \"Kards.....\". \n

Note and Caveat: keywords are ‘Didactic’ and ‘air-quotes’ ;) The attendee will leave the presentation with a more intuitive feel for how QKD works.\n

\n\n\'',NULL,367730),('2_Friday','14','14:00','14:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Doomed to repeat the past: classical hardware exploits made quantum\'','\'Jamie Friel\'','QTV_aa62ce9aef6aecfbbb0d7565251a97e7','\'Title: Doomed to repeat the past: classical hardware exploits made quantum
\nWhen: Friday, Aug 11, 14:00 - 14:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Jamie Friel\n
\nNo BIO available
\n\n
\nDescription:
\nWith quantum computing we have an entirely new model of computing and its execution. Whilst this is exciting for algorithm developers looking to change the world, it\'s equally exciting to hardware hackers looking for a new challenge. Here we\'ll discuss some of the unique elements of quantum computing and how they might have an impact on the future of hardware security.\n
\n\n\'',NULL,367731),('2_Friday','15','15:00','15:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Hacking Quantum Advantage for Classical Processes; Intro to Quantum-Inspired Use Cases\'','\'Konstantinos Karagiannis\'','QTV_ffc584e6902c973c42145fb28b1f35ba','\'Title: Hacking Quantum Advantage for Classical Processes; Intro to Quantum-Inspired Use Cases
\nWhen: Friday, Aug 11, 15:00 - 15:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Konstantinos Karagiannis\n
\nNo BIO available
\n\n
\nDescription:
\nQuantum computing will change the world ... eventually. Until we achieve quantum advantage, we can see actual performance boosts from quantum-inspired approaches today. In this talk, we discuss tensor networks inspired by the world of quantum physics that run on classical hardware and digital annealers designed to act like quantum hardware. Get a sense of the types of use cases you can explore now, including examples of the performance edges you can expect today.\n
\n\n\'',NULL,367732),('2_Friday','16','16:00','17:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'The Quantum Debates\'','\' \'','QTV_d26da7b2dd56883265c8d8ec89c26b29','\'Title: The Quantum Debates
\nWhen: Friday, Aug 11, 16:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
\nDescription:
\nFollowing from the success of last year’s Oxford Union-style debates, we bring you two debates this year! Come and hear experts debate, ruminate, and explore the possible futures of our post-quantum world.\n

1600 - Debate 1\n

1645 - TBC (talk)\n

1715 - Debate 2\n

\n\n\'',NULL,367733),('2_Friday','17','16:00','17:59','Y','QTV','LINQ - 3rd flr - Quantum Village','\'The Quantum Debates\'','\' \'','QTV_d26da7b2dd56883265c8d8ec89c26b29','\'\'',NULL,367734),('3_Saturday','10','10:30','10:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Q-CTF QOLOSSUS Update\'','\'Mark Carney\'','QTV_968506c59add7412cdb8b95d54f7d50f','\'Title: Q-CTF QOLOSSUS Update
\nWhen: Saturday, Aug 12, 10:30 - 10:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Mark Carney\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367735),('3_Saturday','11','11:00','12:30','N','QTV','LINQ - 3rd flr - Quantum Village','\'Quantum attacks on next-gen cryptosystems: lattices, annealers, notebooks\'','\' \'','QTV_b0b267ad6a2e9a89fea797e838f0f81e','\'Title: Quantum attacks on next-gen cryptosystems: lattices, annealers, notebooks
\nWhen: Saturday, Aug 12, 11:00 - 12:30 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
\nDescription:
\nIn this workshop we will develop quantum algorithms to solve a computer science problem called the shortest lattice problem (SVP). SVP is geometrically simple - given a description of a mathematical lattice (a repeating pattern of points in N-dimensional space), can you find the shortest distance between any two points - i.e. the shortest vector? This problem is NP hard and we believe it is resistant to quantum computers. \n

Based upon the results of “Two quantum Ising algorithms for the shortest-vector problem”, we will explain the principle of quantum adiabatic computation, of Hamiltonian minimization, and of how to map mathematical problems into a Hamiltonian ready to be plugged into a quantum computation framework. \n

During the course of the workshop, participants will fill in functions in a Jupyter notebook to construct lattices, convert them into a Hamiltonian, and describe quantum annealing dynamics. They will then (hopefully) be able to submit these queries to a D-Wave QPU to which will sample short vectors for them, and we will visualize as a group the results returned. \n

This exercise will get participants directly interacting with a QPU, understanding some of the benefits and limitations of annealing-based quantum computation, and will learn about an exciting computer science problem and how it directly feeds into our security architecture, (e.g. Kyber!)\n

\n\n\'',NULL,367736),('3_Saturday','12','11:00','12:30','Y','QTV','LINQ - 3rd flr - Quantum Village','\'Quantum attacks on next-gen cryptosystems: lattices, annealers, notebooks\'','\' \'','QTV_b0b267ad6a2e9a89fea797e838f0f81e','\'\'',NULL,367737),('3_Saturday','13','13:00','13:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'QDoor: Exploiting Approximate Synthesis for Backdoor Attacks in Quantum Neural Networks\'','\'Lei Jiang\'','QTV_8a7281f396b723c23dd6b22e076bb178','\'Title: QDoor: Exploiting Approximate Synthesis for Backdoor Attacks in Quantum Neural Networks
\nWhen: Saturday, Aug 12, 13:00 - 13:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Lei Jiang\n, Assoc. Prof. at Indiana University Bloomington
\nNo BIO available
\n\n
\nDescription:
\nQuantum neural networks (QNNs) succeed in object recognition, natural language processing, and financial analysis. To maximize the accuracy of a QNN on a Noisy Intermediate Scale Quantum (NISQ) computer, approximate synthesis modifies the QNN circuit by reducing error-prone 2-qubit quantum gates. The success of QNNs motivates adversaries to attack QNNs via backdoors. However, na¨Ä±vely transplanting backdoors designed for classical neural networks to QNNs yields only low attack success rate, due to the noises and approximate synthesis on NISQ computers. Prior quantum circuit-based backdoors cannot selectively attack some inputs or work with all types of encoding layers of a QNN circuit. Moreover, it is easy to detect both transplanted and circuit-based backdoors in a QNN. \n

In this talk, we introduce a novel and stealthy backdoor attack, QDoor, to achieve high attack success rate in approximately-synthesized QNN circuits by weaponizing unitary differences between uncompiled QNNs and their synthesized counterparts. QDoor trains a QNN behaving normally for all inputs with and without a trigger. However, after approximate synthesis, the QNN circuit always predicts any inputs with a trigger to a predefined class while still acts normally for benign inputs. Compared to prior backdoor attacks, QDoor improves the attack success rate by 13× and the clean data accuracy by 65% on average. Furthermore, prior backdoor detection techniques cannot find QDoor attacks in uncompiled QNN circuits.\n

\n\n\'',NULL,367738),('3_Saturday','14','14:00','14:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'OpenQuantum: open-source hardware for quantum engineering via trapped atoms\'','\'Max Shirokawa Aalto\'','QTV_8628872f8a759dfd4a1cd455c8f83570','\'Title: OpenQuantum: open-source hardware for quantum engineering via trapped atoms
\nWhen: Saturday, Aug 12, 14:00 - 14:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Max Shirokawa Aalto\n
\nNo BIO available
\n\n
\nDescription:
\nAlmost all existing tutorials in the applied quantum world are focused on quantum programming languages & how to interact with a QPU – until now. OpenQuantum is a fully open-source, mostly 3D printable blueprint for a hardware platform that allows for the cooling, trapping and manipulation of rubidium atoms, an ideal platform for quantum engineering. This workshop will cover the history of the field, the operational principles of the apparatus, and technical details on the open-source devices we have designed to make this science more accessible.\n
\n\n\'',NULL,367739),('3_Saturday','15','15:00','15:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Quantum Technologies on a Raspberry Pi (and HackRF one)\'','\'Ben Varcoe\'','QTV_2b82db4b0831e96262b7fd989da728a7','\'Title: Quantum Technologies on a Raspberry Pi (and HackRF one)
\nWhen: Saturday, Aug 12, 15:00 - 15:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Ben Varcoe\n
\nNo BIO available
\n\n
\nDescription:
\nQuantum Sensing is a new paradigm of technology that allows us to use quantum-level effects for macro-level sensing outputs. Join Ben as he demonstrates how to use off-the-shelf components to build a quantum sensor; using just a HackRF, a Raspberry Pi, and some high-quality oscillators being the primary ingredients! \n

Time shifts are used to test special and general relativity, they are used for navigation and they shed light on things like quantum field theory and quantum gravity. In special relativity, a moving clock will have a time shift with respect to a stationary clock. This is typically very small and requires extremely fast moving objects to really see a difference. On the other hand an accelerated clock adds something new. Rather than just seeing a change in the passage of time the accelerated observer sees a change in the speed of light for other observers. To measure this we shall make use of the Rindler frame; an artefact of \"Special Relativity\" rather than \"General Relativity\".\n

By utilising these effects and a little quantum field theory, we can use the fact that in the Rindler frame, time shifts would manifest as phase shifts, hence a very sensitive measurement of phase could detect the acceleration based time shifts giving us a new kind of quantum sensor.. All of which can be done on off-the-shelf components, as Ben shall be building and demonstrating during the village!\n

\n\n\'',NULL,367740),('3_Saturday','16','16:00','17:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Quantini Time! Cocktail hour for the Quantum curious and creative\'','\' \'','QTV_e08d3e5ecdd423cfc065cd3aa58181a9','\'Title: Quantini Time! Cocktail hour for the Quantum curious and creative
\nWhen: Saturday, Aug 12, 16:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
\nDescription:
\nCocktail hour for the Quantum curious and creative.\n

Come and join us for some complimentary drinks with like-minded hackers. Come along and listen to - or even make! - quantum music.\n

\n\n\'',NULL,367741),('3_Saturday','17','16:00','17:59','Y','QTV','LINQ - 3rd flr - Quantum Village','\'Quantini Time! Cocktail hour for the Quantum curious and creative\'','\' \'','QTV_e08d3e5ecdd423cfc065cd3aa58181a9','\'\'',NULL,367742),('3_Saturday','16','16:00','16:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Quantum Music Workshop: Build Your Own Quantum Synthesizer!\'','\'Mark Carney\'','QTV_d086f60b26e5abdd75e98c5defc3ba53','\'Title: Quantum Music Workshop: Build Your Own Quantum Synthesizer!
\nWhen: Saturday, Aug 12, 16:00 - 16:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Mark Carney\n
\nNo BIO available
\n\n
\nDescription:
\nQuantum Music is a new paradigm of art, part of the new wave of ‘Quantum Art’ that we shall be showcasing with a live performance from Scott Oshiro! In the run up to this, Mark will show us how to embed quantum simulators (and quantum computer connections) into everyday musical apparatus… from quantum enabled MIDI to a quantum stylophone and more!\n
\n\n\'',NULL,367743),('3_Saturday','17','17:00','17:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Quantum Computer Music Performance, by Scott Oshiro (one half of NpHz)\'','\'Scott Oshiro\'','QTV_260491836c8324d0bf64970fc4e91a87','\'Title: Quantum Computer Music Performance, by Scott Oshiro (one half of NpHz)
\nWhen: Saturday, Aug 12, 17:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Scott Oshiro\n
\nNo BIO available
\n\n
\nDescription:
\nNpHz is a new electro-acoustic duo featuring OCH (Omar Costa Hamido) and SYO (Scott Oshiro): two artist-researchers working in music and technology focusing on improvised Music and Quantum Computing (QC). In our work we explore the potential advantages QC can provide for music composition. This performance will include ½ of NpHz, Scott Oshiro (SYO). He will be performing adapted works from NpHz’s recent album “[\\Equations of Coltrane](https://omarcostahamido.bandcamp.com/album/equations-of-coltrane)\'\' (Released June 2, 2023 on Bandcamp). Scott will also be playing flute alongside his real-time Quantum Jazz Improvisation system entitled Lineage.\n
\n\n\'',NULL,367744),('4_Sunday','10','10:00','10:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Math for Quantum\'','\'Mark Carney\'','QTV_a46966770f22b432ed1477dfdfc2a63c','\'Title: Math for Quantum
\nWhen: Sunday, Aug 13, 10:00 - 10:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Mark Carney\n
\nNo BIO available
\n\n
\nDescription:
\nQuantum mechanics is quite hard, mathematically speaking. But Quantum information theory needs remarkably few resources! Inspired by the work of others, Mark will present a short introductory lecture with minimal pain but mathematical gain - getting you from tense to tensors, suspicious to superposition, and enraged to entangled in no time!\n
\n\n\'',NULL,367745),('4_Sunday','11','11:00','11:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Quantum Life - An open mic space discussing the possible futures granted by quantum technologies\'','\'Mark Carney,Victoria Kumaran\'','QTV_90a5f452968f43d5349814136c966844','\'Title: Quantum Life - An open mic space discussing the possible futures granted by quantum technologies
\nWhen: Sunday, Aug 13, 11:00 - 11:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\nSpeakers:Mark Carney,Victoria Kumaran
\n
SpeakerBio:Mark Carney\n
\nNo BIO available
\n
SpeakerBio:Victoria Kumaran\n
\nNo BIO available
\n\n
\nDescription:
\nWe present our second open session on what Quantum Life might look like in the future! Join our experts, enthusiasts, and other community members to discover what this quantum future could all be about…\n
\n\n\'',NULL,367746),('4_Sunday','12','12:00','12:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'QOLOSSUS; Quantum CTF - Results!\'','\' \'','QTV_0fb148fc7633bfe6cd90f1086a19f997','\'Title: QOLOSSUS; Quantum CTF - Results!
\nWhen: Sunday, Aug 13, 12:00 - 12:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
\nDescription:
\nWith this year’s Q-CTF coming to a close, we will announce our winners!\n
\n\n\'',NULL,367747),('3_Saturday','10','10:00','17:59','N','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072','\'Title: Password Village Activities
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 236 - Password Village - Map
\n
\nDescription:
\nThe Password Village provides training, discussion, and hands-on access to hardware and techniques utilized in modern password cracking, with an emphasis on how password cracking relates to your job function and the real world . No laptop? No problem! Feel free to use one of our terminals to access a pre-configured GPGPU environment to run password attacks against simulated real-world passwords. Village staff and expert volunteers will be standing by to assist you with on-the-spot training and introductions to Hashcat, as well as other FOSS cracking applications.\n
\n\n\'',NULL,367748),('3_Saturday','11','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072','\'\'',NULL,367749),('3_Saturday','12','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072','\'\'',NULL,367750),('3_Saturday','13','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072','\'\'',NULL,367751),('3_Saturday','14','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072','\'\'',NULL,367752),('3_Saturday','15','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072','\'\'',NULL,367753),('3_Saturday','16','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072','\'\'',NULL,367754),('3_Saturday','17','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072','\'\'',NULL,367755),('2_Friday','10','10:00','17:59','N','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14','\'Title: Password Village Activities
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 236 - Password Village - Map
\n
\nDescription:
\nThe Password Village provides training, discussion, and hands-on access to hardware and techniques utilized in modern password cracking, with an emphasis on how password cracking relates to your job function and the real world . No laptop? No problem! Feel free to use one of our terminals to access a pre-configured GPGPU environment to run password attacks against simulated real-world passwords. Village staff and expert volunteers will be standing by to assist you with on-the-spot training and introductions to Hashcat, as well as other FOSS cracking applications.\n
\n\n\'',NULL,367756),('2_Friday','11','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14','\'\'',NULL,367757),('2_Friday','12','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14','\'\'',NULL,367758),('2_Friday','13','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14','\'\'',NULL,367759),('2_Friday','14','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14','\'\'',NULL,367760),('2_Friday','15','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14','\'\'',NULL,367761),('2_Friday','16','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14','\'\'',NULL,367762),('2_Friday','17','10:00','17:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14','\'\'',NULL,367763),('4_Sunday','10','10:00','13:59','N','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_05af1299f8e032487ac894ca5807c8c9','\'Title: Password Village Activities
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 236 - Password Village - Map
\n
\nDescription:
\nThe Password Village provides training, discussion, and hands-on access to hardware and techniques utilized in modern password cracking, with an emphasis on how password cracking relates to your job function and the real world . No laptop? No problem! Feel free to use one of our terminals to access a pre-configured GPGPU environment to run password attacks against simulated real-world passwords. Village staff and expert volunteers will be standing by to assist you with on-the-spot training and introductions to Hashcat, as well as other FOSS cracking applications.\n
\n\n\'',NULL,367764),('4_Sunday','11','10:00','13:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_05af1299f8e032487ac894ca5807c8c9','\'\'',NULL,367765),('4_Sunday','12','10:00','13:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_05af1299f8e032487ac894ca5807c8c9','\'\'',NULL,367766),('4_Sunday','13','10:00','13:59','Y','PWV','Caesars Forum - Summit - 236 - Password Village','\'Password Village Activities\'','\' \'','PWV_05af1299f8e032487ac894ca5807c8c9','\'\'',NULL,367767),('3_Saturday','10','10:00','10:30','N','DCGVR','Virtual','\'DEF CON Groups Keynote\'','\'Jayson E. Street\'','DCGVR_d8ece00de4e8ad00343760f82f50fd26','\'Title: DEF CON Groups Keynote
\nWhen: Saturday, Aug 12, 10:00 - 10:30 PDT
\nWhere: Virtual
\n
SpeakerBio:Jayson E. Street\n
\nNo BIO available
\nTwitter: @jaysonstreet
\n\n
\nDescription:No Description available
\n\'',NULL,367768),('3_Saturday','11','11:35','12:20','N','DCGVR','Virtual','\'Taking Down Applications with Logic: A Comprehensive Guide to Modern DOS Attacks\'','\'Abhijeet Singh\'','DCGVR_f123d54247ec6b6d66d52a68c8e43f64','\'Title: Taking Down Applications with Logic: A Comprehensive Guide to Modern DOS Attacks
\nWhen: Saturday, Aug 12, 11:35 - 12:20 PDT
\nWhere: Virtual
\n
SpeakerBio:Abhijeet Singh\n
\nAbhijeet Singh is a cybersecurity expert with a passion for securing digital assets and currently working in a start-up \"Cultfit\". Abhijeet specializes in vulnerability assessment and penetration testing of various applications, network and cloud security, and enjoys automating security tasks.
\nTwitter: @abhiunix
\n\n
\nDescription:
\nIt will be a comprehensive guide that explores the various types of Denial of Service (DOS) attacks and the latest techniques used to attack applications which can evade the Firewall. Abhijeet will cover the concept of logical attacks, which are a new type of DOS attack that exploits vulnerabilities in an application\'s logic, making them increasingly difficult to detect.\n
\n\n\'',NULL,367769),('3_Saturday','12','11:35','12:20','Y','DCGVR','Virtual','\'Taking Down Applications with Logic: A Comprehensive Guide to Modern DOS Attacks\'','\'Abhijeet Singh\'','DCGVR_f123d54247ec6b6d66d52a68c8e43f64','\'\'',NULL,367770),('3_Saturday','12','12:35','13:20','N','DCGVR','Virtual','\'The Curse of Ncurses\'','\'Jonathan Bar Or\'','DCGVR_f70696c23dbad2e416506f05101b3adc','\'Title: The Curse of Ncurses
\nWhen: Saturday, Aug 12, 12:35 - 13:20 PDT
\nWhere: Virtual
\n
SpeakerBio:Jonathan Bar Or\n, Security Researcher at Microsoft
\nJonathan Bar Or (\"JBO\") is a Principal Security Researcher at Microsoft, working as the Microsoft Defender research architect for cross-platform. Jonathan has rich experience in vulnerability research, exploitation, cryptanalysis, and offensive security in general.
\nTwitter: @yo_yo_yo_jbo
\n\n
\nDescription:
\nTerminals are ancient and dangerous beasts. While performing a routine code auditing, our team has discovered several vulnerabilities in ncurses, present on multiple operating systems. In this talk we will discuss those vulnerabilities and the dangers they pose, as well as discuss oss security in general.\n
\n\n\'',NULL,367771),('3_Saturday','13','12:35','13:20','Y','DCGVR','Virtual','\'The Curse of Ncurses\'','\'Jonathan Bar Or\'','DCGVR_f70696c23dbad2e416506f05101b3adc','\'\'',NULL,367772),('3_Saturday','13','13:35','14:05','N','DCGVR','Virtual','\'Bootsquad: Stomping out squatters\'','\'Joe Mast\'','DCGVR_4b0620c19e2d2997b0f7fd09cd11031f','\'Title: Bootsquad: Stomping out squatters
\nWhen: Saturday, Aug 12, 13:35 - 14:05 PDT
\nWhere: Virtual
\n
SpeakerBio:Joe Mast\n
\nJoe Mast is a Security Engineer, life long learner, and breaker of things. He has a passion for DNS and operational security. His background consists of helping to secure global financial, retail, and security environments.
\n\n
\nDescription:
\nHave you ever attempted to register a domain for your trademark only to find it\'s already registered? Has a domain squatters attempted to extort you for relevant domains at exorbitant fees? Has a threat actor attempted to register look-alike domains and commence phishing attacks? This talks seeks to document a process for abusing URDP to obtain desirable domains when the opposition\'s operational security is lacking. Discussion will include covering URDP (Uniform Domain-Name Dispute-Resolution Policy) and the criteria required to initiate a domain successful takedown request. We will document in detail scenarios, which can be abused in order to produce evidence, which will lead to a successful domain takedown, regardless of the registering parties initiatives. Finally we will provide security guidance to threat actors, blue teamers and domain squatters to strengthen their portfolio and ensure URDP cannot be abused in this manner.\n
\n\n\'',NULL,367773),('3_Saturday','14','13:35','14:05','Y','DCGVR','Virtual','\'Bootsquad: Stomping out squatters\'','\'Joe Mast\'','DCGVR_4b0620c19e2d2997b0f7fd09cd11031f','\'\'',NULL,367774),('3_Saturday','14','14:35','15:20','N','DCGVR','Virtual','\'Enhancing vulnerability research through the use of virtual reality workspaces.\'','\'datalocaltmp\'','DCGVR_5b7664b3e6ff66d4fe539fdd3ba19486','\'Title: Enhancing vulnerability research through the use of virtual reality workspaces.
\nWhen: Saturday, Aug 12, 14:35 - 15:20 PDT
\nWhere: Virtual
\n
SpeakerBio:datalocaltmp\n
\nI am an independent security researcher focused on mobile technology. Recently I have enhanced a lot of my work by using Visualizations in Virtual Reality, in particular visualizing code coverage in Android ([write-up here](https://datalocaltmp.github.io/visualizing-android-code-coverage-pt-1.html)) and then navigating the function graphs in Virtual Reality [example video here](https://twitter.com/datalocaltmp/status/1666964834334785536).
\nTwitter: @datalocaltmp
\n\n
\nDescription:
\nEnhancing vulnerability research through the use of virtual reality workspaces. This talk will provide an overview of my set-up for performing vulnerability research within virtual reality and some of the benefits I have observed. Examples of my particular setup available [here](https://twitter.com/datalocaltmp/status/1620643279657390082). Additionally I will cover visualization of Android native code execution within Ghidra and how virtual reality has allowed me to better navigate the function graphs while reverse engineering. An example of my particular setup for function graph navigation in VR available [here](https://twitter.com/datalocaltmp/status/1666964834334785536).\n
\n\n\'',NULL,367775),('3_Saturday','15','14:35','15:20','Y','DCGVR','Virtual','\'Enhancing vulnerability research through the use of virtual reality workspaces.\'','\'datalocaltmp\'','DCGVR_5b7664b3e6ff66d4fe539fdd3ba19486','\'\'',NULL,367776),('3_Saturday','15','15:35','16:05','N','DCGVR','Virtual','\'Gender Inclusive Features Across the Health Information System\'','\'Squiddy\'','DCGVR_19e239a407b7e6997399ebf8ca5b7823','\'Title: Gender Inclusive Features Across the Health Information System
\nWhen: Saturday, Aug 12, 15:35 - 16:05 PDT
\nWhere: Virtual
\n
SpeakerBio:Squiddy\n
\nSquiddy is a gay and transmasc graduate student, medical laboratory scientist, and Desktop Engineer from the cornfields of the midwest. They are a self-taught hacker, who recently transitioned from the medical laboratory into IT. While they are self-taught when it comes to technology, they possess 8 years of education in the healthcare field and currently work for one of America\'s 50 Best Hospitals where they advocate for (and actively contribute to) gender-inclusive care features.
\n\n
\nDescription:
\nWhere is your PHI flowing? This talk provides a brief overview of hospital information systems, what goes into gender-inclusive care features, and how these features integrate across various systems in the HIS. This talk will explore a unique risk to transgender healthcare.\n
\n\n\'',NULL,367777),('3_Saturday','16','15:35','16:05','Y','DCGVR','Virtual','\'Gender Inclusive Features Across the Health Information System\'','\'Squiddy\'','DCGVR_19e239a407b7e6997399ebf8ca5b7823','\'\'',NULL,367778),('3_Saturday','16','16:35','17:35','N','DCGVR','Virtual','\'Hey CryptoBro!: How Are Criminals Laundering, Monetizing, and Targeting Cryptocurrency, NFTs, and Smart Contracts?\'','\'Sam Colaizzi\'','DCGVR_057339d959ca8c6d38c38e82efea3f03','\'Title: Hey CryptoBro!: How Are Criminals Laundering, Monetizing, and Targeting Cryptocurrency, NFTs, and Smart Contracts?
\nWhen: Saturday, Aug 12, 16:35 - 17:35 PDT
\nWhere: Virtual
\n
SpeakerBio:Sam Colaizzi\n, Recorded Future
\nCurrently working at Recorded Future, Sam’s areas of focus and interest include: the cryptocurrency, NFT, and smart contract space, the Russian and English-language cybercrime ecosystem, and threat actor engagement / research. He has previously worked as cyber threat intelligence analyst and researcher at Aon, Kroll, Terbium Labs, and the National Cyber-Forensics and Training Alliance (NCFTA). Prior to starting his career, he attended Duquesne University and earned a B.A. in Political Science. Afterwards, he attended The University of Pittsburgh’s Graduate School of International Affairs and earned an M.A. in Security and Intelligence Studies.
\n\n
\nDescription:
\nFor this presentation, I will be covering some of the methods of laundering (mixers / tumblers, over-the-counter (OTC) exchanges, peer-to-peer (P2P) exchanges, and high-risk exchanges) as well as how threat actors monetize their illicit digital profits by utilizing virtual credit cards (VCCs), account cash-out services, and more.\n

Next, I will analyze and discuss the attack vectors utilized by threat actors to target cryptocurrency, non-fungible tokens (NFTs), and smart contracts. I will also discuss popular attack vectors, such as airdrops, cross-chain bridge attacks, rugpulls, wallet compromises, flash-loan attacks, smart contract vulnerabilities, API withdrawals, drainers, and notable incidents that highlight successful laundering and monetization activities via cryptocurrencies. Finally, I will discuss how threat actors will likely evolve and transform their laundering and monetization methods.\n

\n\n\'',NULL,367779),('3_Saturday','17','16:35','17:35','Y','DCGVR','Virtual','\'Hey CryptoBro!: How Are Criminals Laundering, Monetizing, and Targeting Cryptocurrency, NFTs, and Smart Contracts?\'','\'Sam Colaizzi\'','DCGVR_057339d959ca8c6d38c38e82efea3f03','\'\'',NULL,367780),('3_Saturday','18','18:05','18:35','N','DCGVR','Virtual','\'Ghost on the wire- check the air\'','\'hoodiePony\'','DCGVR_09af0b34b550bbf07d690464ccd74b2e','\'Title: Ghost on the wire- check the air
\nWhen: Saturday, Aug 12, 18:05 - 18:35 PDT
\nWhere: Virtual
\n
SpeakerBio:hoodiePony\n
\nI\'m just a friendly local cyber security sherpa. Helping people verifiably build a safer, secure, and more resilient world by sharing knowledge through telling stories. This includes the privilege of presenting here at DCG VR previously, and a keynote at ChCon NZ, amongst many other conferences. I am grounded by the many years of experience spent security advising and assessing critical infrastructure in Australia, and governments, to small startups. That said, I’m just another nerd of figuring out how things work, tinkering, and challenging assumptions; sharing a story so that we can all make better informed decisions through broader perspectives.
\n\n
\nDescription:
\nWhat happens when the network defenders get so good that you can no longer do command and control over the network without getting detected? When your job depends on it, you get creative, and do it out-of-band. Here\'s an interactive short story to talk about off-the-wire command and control, and how you can do it too for fun, a more pragmatic approach, and what to look out for if you\'re defending.\n
\n\n\'',NULL,367781),('3_Saturday','19','19:05','20:05','N','DCGVR','Virtual','\'What is a GRC Hacker anyway?\'','\'Allen Baranov\'','DCGVR_c3f90d0fd955c34501faf9d7ff79128a','\'Title: What is a GRC Hacker anyway?
\nWhen: Saturday, Aug 12, 19:05 - 20:05 PDT
\nWhere: Virtual
\n
SpeakerBio:Allen Baranov\n, CyberCX
\nAllen works as a GRC consultant and sometimes assessor for CyberCX. He was the founder of DCG11613 - a Def Con Group based in Melbourne, Australia. He calls himself the only GRC Hacker in the world.
\n\n
\nDescription:
\nI call myself the only AAA-rated GRC Hacker in the world and I think it is time to address what this really means. This talk will jump into what it really means to be a hacker, what the future will look like for hackers and where hacking fits into a field as plain and boring (not really!) as GRC. This is not a talk for GRC people but for all those that are keen to be hackers but also don\'t want to dive directly into offensive security.\n
\n\n\'',NULL,367782),('3_Saturday','20','19:05','20:05','Y','DCGVR','Virtual','\'What is a GRC Hacker anyway?\'','\'Allen Baranov\'','DCGVR_c3f90d0fd955c34501faf9d7ff79128a','\'\'',NULL,367783),('3_Saturday','20','20:05','20:10','N','DCGVR','Virtual','\'DCGVR Closing\'','\'\'','DCGVR_0f411ce692de5d55c9b4a7c78b5a25d2','\'Title: DCGVR Closing
\nWhen: Saturday, Aug 12, 20:05 - 20:10 PDT
\nWhere: Virtual
\n
\nDescription:No Description available
\n\'',NULL,367784),('3_Saturday','20','20:10','21:10','N','DCGVR','Virtual','\'After Hours Social / Hang out with DEF CON Group members and DCG VR Staff\'','\'\'','DCGVR_6d0ab50593efda73a6e49b56ffbbf331','\'Title: After Hours Social / Hang out with DEF CON Group members and DCG VR Staff
\nWhen: Saturday, Aug 12, 20:10 - 21:10 PDT
\nWhere: Virtual
\n
\nDescription:No Description available
\n\'',NULL,367785),('3_Saturday','21','20:10','21:10','Y','DCGVR','Virtual','\'After Hours Social / Hang out with DEF CON Group members and DCG VR Staff\'','\'\'','DCGVR_6d0ab50593efda73a6e49b56ffbbf331','\'\'',NULL,367786),('2_Friday','11','11:30','12:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'CTH: (n)Map Exploration: A Great Time in Remote Destinations\'','\'SamunoskeX\'','BTV_bdc07d1736a42f092329ed5b3f048c1a','\'Title: CTH: (n)Map Exploration: A Great Time in Remote Destinations
\nWhen: Friday, Aug 11, 11:30 - 12:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
\n
SpeakerBio:SamunoskeX\n
\nSamunoskeX is an Information Security Professional who works as part of a Security Operations Team and is also an Information Security instructor at a college. He is a Blue Team enthusiast and enjoys sharing all things Blue Team with the world.\n

SamunoskeX has attended DEFCON Events since DC26.\n

\n\n
\nDescription:
\nCan we find activity within the corporate network that might be suspicious?\n
\n

Can we find activity within the corporate network that might be suspicious?\n

\n\'',NULL,367787),('2_Friday','12','11:30','12:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'CTH: (n)Map Exploration: A Great Time in Remote Destinations\'','\'SamunoskeX\'','BTV_bdc07d1736a42f092329ed5b3f048c1a','\'\'',NULL,367788),('4_Sunday','10','10:00','10:45','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Blue Team Village Game Session\'','\'aviditas\'','BTV_0c2a2a2c3246be0e7fd06c901a1e0fb4','\'Title: Blue Team Village Game Session
\nWhen: Sunday, Aug 13, 10:00 - 10:45 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\n
SpeakerBio:aviditas\n
\nNo BIO available
\n\n
\nDescription:
\n.\n
\n

Game session\n

\n\'',NULL,367789),('2_Friday','13','13:30','14:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'OT: Why OT Cybersecurity Engineers Drink So Much\'','\'ThatDeadGuy\'','BTV_41116746e099057f1870d9d1bd4e0dcb','\'Title: OT: Why OT Cybersecurity Engineers Drink So Much
\nWhen: Friday, Aug 11, 13:30 - 14:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\n
SpeakerBio:ThatDeadGuy\n
\nAfter thirteen years as a controls engineer within the Automotive Manufacturing and Oil & Gas Exploration Manufacturing industries, ThatDeadGuy was converted over to cyber security. His experience on the design and implementation of the equipment gave him a perspective into the OT realm that was not shared with most of the security team. Over the last five years he has built up cyber security architectures, implemented detection tools and created the IR processes for multiple critical infrastructure process environments.
\n\n
\nDescription:
\n.\n
\n

A brief view into the odd world of Operational Technology (OT) and why so many OT Security Engineers drink like they hate themselves. This will cover the realities of their tech stack, business risk considerations, control systems recovery and how incident response is conducted within the environment. We will briefly cover how this environment was emulated for the Project Obsidian attack chain and how it differs from the physical environments.\n

\n\'',NULL,367790),('2_Friday','14','13:30','14:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'OT: Why OT Cybersecurity Engineers Drink So Much\'','\'ThatDeadGuy\'','BTV_41116746e099057f1870d9d1bd4e0dcb','\'\'',NULL,367791),('3_Saturday','13','13:30','14:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'So you want to become a Detection Engineer\'','\'Ben Bornholm,CerealKiller,kobaltfox,plug\'','BTV_30ed43eda7951c1111c836d4f60db547','\'Title: So you want to become a Detection Engineer
\nWhen: Saturday, Aug 12, 13:30 - 14:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\nSpeakers:Ben Bornholm,CerealKiller,kobaltfox,plug
\n
SpeakerBio:Ben Bornholm\n
\nHey y’all,\n

I am Ben (@CptOfEvilMinions), I crafted my whimsical presenting style when I was the President of RIT Competitive Cybersecurity Club (RC3). Cybersecurity is not just my day job, it’s my passion. I have continued my passion with my blog and with the creation of DEFCON workshops with the BTV.\n

During the day I fight off cyber hooligans as a DART engineer at Dropbox.com. At night, I am continuing my passion on my blog HoldMyBeerSecurity.com where I discuss topics in security that interest me such as incident response, threat hunting, detection engineering, Osquery, and DevSecOps.\n

\n
SpeakerBio:CerealKiller\n
\nCerealKiller or Cereal is a Cyber Defense Practitioner with over 10yrs of experience.
\n
SpeakerBio:kobaltfox\n
\nTODO\n
\n
SpeakerBio:plug\n
\nNo BIO available
\n\n
\nDescription:
\nSecurity is nothing without visibility, join a group of practitioners as they outline ways to get you started in detection engineering.\n
\n

Security is nothing without visibility, join a group of practitioners as they outline ways to get you started in detection engineering.\n

\n\'',NULL,367792),('3_Saturday','14','13:30','14:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'So you want to become a Detection Engineer\'','\'Ben Bornholm,CerealKiller,kobaltfox,plug\'','BTV_30ed43eda7951c1111c836d4f60db547','\'\'',NULL,367793),('2_Friday','10','10:30','11:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Insider Threats (InT): Hindsight and Foresight\'','\'aviditas,plug\'','BTV_c447a0aa6b4373e49a8ee60d0b0e2f50','\'Title: Insider Threats (InT): Hindsight and Foresight
\nWhen: Friday, Aug 11, 10:30 - 11:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\nSpeakers:aviditas,plug
\n
SpeakerBio:aviditas\n
\nNo BIO available
\n
SpeakerBio:plug\n
\nNo BIO available
\n\n
\nDescription:
\nFact vs Fiction: Starting at zero how to approach and handle an InT incident from a real-world use case, and then an overview of how InT is both the same and yet different from a traditional incident.\n

Foe vs Friend: For the right peas of mind, a primer on using a post-mortem to shift into preparation to proactively manage InT risks, plus how to preclude the usual pitfalls to promote positive reinforcement and minimize paranoia.\n

\n

Fact vs Fiction: Starting at zero how to approach and handle an InT incident from a real-world use case, and then an overview of how InT is both the same and yet different from a traditional incident.\n

Foe vs Friend: For the right peas of mind, a primer on using a post-mortem to shift into preparation to proactively manage InT risks, plus how to preclude the usual pitfalls to promote positive reinforcement and minimize paranoia.\n

\n\'',NULL,367794),('2_Friday','11','10:30','11:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Insider Threats (InT): Hindsight and Foresight\'','\'aviditas,plug\'','BTV_c447a0aa6b4373e49a8ee60d0b0e2f50','\'\'',NULL,367795),('3_Saturday','10','10:30','11:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'DE: Breaking the Rule\'','\'Oldmonk\'','BTV_44807acbc006daa67477ff3aefb04924','\'Title: DE: Breaking the Rule
\nWhen: Saturday, Aug 12, 10:30 - 11:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
\n
SpeakerBio:Oldmonk\n
\nIntrusion detection, analytics, packet forensics, security engineering and product engineering. 20+ years of being an entrepreneur building teams, solving big challenges.
\n\n
\nDescription:
\nThis is a 101 track that takes you through the various aspects of detection engineering and a practitioners process of writing threat content. Its a great place to start for engineers and enthusiasts that might be exploring detection engineering as a career path.\n
\n

The what, how and process of detection engineering.\n

\n\'',NULL,367796),('3_Saturday','11','10:30','11:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'DE: Breaking the Rule\'','\'Oldmonk\'','BTV_44807acbc006daa67477ff3aefb04924','\'\'',NULL,367797),('2_Friday','11','11:30','12:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'IR 101: Part I, II, III\'','\'ChocolateCoat,CountZ3r0,Cyb3rhawk\'','BTV_3384fbfe2c10f4b4518415ee17b66542','\'Title: IR 101: Part I, II, III
\nWhen: Friday, Aug 11, 11:30 - 12:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
\nSpeakers:ChocolateCoat,CountZ3r0,Cyb3rhawk
\n
SpeakerBio:ChocolateCoat\n
\nNo BIO available
\n
SpeakerBio:CountZ3r0\n
\nDavid Roman is a Senior Incident Response Consultant at Cisco Talos Incident Response, with 26 years of experience in the IT and security industry. David leads investigations to help customers on their worst career day recover from security incidents and help them better prepare for the future. Volunteering and helping others learn about cybersecurity is a passion for David. He helps run local DEF CON and CitySec groups and guest lectures at Oklahoma State University.
\n
SpeakerBio:Cyb3rhawk\n
\nDE&TH
\n\n
\nDescription:
\nThis IR 101 session include two modules.\n

Part I: What is IR
\nPart II: IR Lifecycle and Frameworks
\nPart III: IR Plans and Playbooks\n

\n

IR Foundations & Analyst Mindset and Quality Assurance\n

\n\'',NULL,367798),('2_Friday','12','11:30','12:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'IR 101: Part I, II, III\'','\'ChocolateCoat,CountZ3r0,Cyb3rhawk\'','BTV_3384fbfe2c10f4b4518415ee17b66542','\'\'',NULL,367799),('2_Friday','13','13:30','14:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'IR 101: Part IV, V\'','\'juju43\'','BTV_d3e12b5004049e830c6904f2429c74be','\'Title: IR 101: Part IV, V
\nWhen: Friday, Aug 11, 13:30 - 14:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
\n
SpeakerBio:juju43\n
\nBlueTeam DFIR helping people to grow
\n\n
\nDescription:
\nThis IR 101 session include two modules.\n

Part IV: Analyst Mindset
\nPart V: Quality Assurance Processes\n

\n

IR 101 covering Analyst Mindset and Quality Assurance Processes.\n

\n\'',NULL,367800),('2_Friday','14','13:30','14:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'IR 101: Part IV, V\'','\'juju43\'','BTV_d3e12b5004049e830c6904f2429c74be','\'\'',NULL,367801),('2_Friday','10','10:00','10:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Blue Team Village Opening Ceremony\'','\' \'','BTV_b9bc349831d108bfa397541ac4c1885f','\'Title: Blue Team Village Opening Ceremony
\nWhen: Friday, Aug 11, 10:00 - 10:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\n
\nDescription:
\n.\n
\n

Blue Team Village Opening Ceremony\n

\n\'',NULL,367802),('3_Saturday','10','10:30','11:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'CTH: Log4j - The Silent Menace Among Us\'','\'Cyb3rhawk\'','BTV_000867dc79de4efa28a982469d5dee51','\'Title: CTH: Log4j - The Silent Menace Among Us
\nWhen: Saturday, Aug 12, 10:30 - 11:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
\n
SpeakerBio:Cyb3rhawk\n
\nDE&TH
\n\n
\nDescription:
\nThe recent Log4j vulnerability has been making headlines and causing significant harm to organizations that rely on Apache Log4j for logging. In this talk, we\'ll go beyond the headlines and provide a deep dive into threat hunting techniques and their application in detecting vulnerabilities like Log4j. We\'ll start with the basics of threat hunting and how it can help you stay ahead of emerging threats. From there, we\'ll explore the technical details of the Log4j vulnerability, including its nature, impact, and how it can be exploited. You\'ll learn how to analyze and respond to security threats through real-world examples of threat hunting in action. We\'ll provide hands-on labs that give you the experience you need to implement these techniques in your own organization. Whether you\'re a security analyst, engineer, or manager, this talk will provide valuable insights into threat hunting and enable you to stay ahead of emerging threats. Join us on this technical journey into the unknown with \"Log4j: The Silent Menace Among Us.\n
\n

The recent Log4j vulnerability has been making headlines and causing significant harm to organizations that rely on Apache Log4j for logging. In this talk, we\'ll go beyond the headlines and provide a deep dive into threat hunting techniques and their application in detecting vulnerabilities like Log4j.\n

\n\'',NULL,367803),('3_Saturday','11','10:30','11:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'CTH: Log4j - The Silent Menace Among Us\'','\'Cyb3rhawk\'','BTV_000867dc79de4efa28a982469d5dee51','\'\'',NULL,367804),('2_Friday','13','13:30','14:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'Forensic Analysis: Part I & II\'','\'Danny D. \"B4nd1t0\" Henderson Jr,Omenscan\'','BTV_b1ec85c696e12321767e623c45cd6624','\'Title: Forensic Analysis: Part I & II
\nWhen: Friday, Aug 11, 13:30 - 14:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
\nSpeakers:Danny D. \"B4nd1t0\" Henderson Jr,Omenscan
\n
SpeakerBio:Danny D. \"B4nd1t0\" Henderson Jr\n
\nDanny \"B4nd1t0\" Henderson Jr has over 11 years in the IT field from the U.S. Public Sector to life in the Private Sector and supported operations such as Cyber Warfare. Danny currently works at Novartis in Czech Republic as a Threat Hunter. He holds a master\'s degree in Cyber and Information Security from Capitol Technology University and certifications such as GCIH, GCFA, and CISSP. His skillset includes digital forensics, threat intelligence, and malware analysis. Outside of the field, Danny is fond of fantasy-themed tabletop games and retro RPGs which is displayed through his Bandit\'s Bytes website.
\n
SpeakerBio:Omenscan\n
\nNo BIO available
\n\n
\nDescription:
\nThis Forensics Kill Chain session includes two modules.\n

Part I: Forensics Analysis: Insider Threat - Forensics walkthrough of the Project Obsidian Insider Threat - Covering both Technical and Non-Technical considerations.\nPart II: Forensics Analysis: Pivoting from IT to OT: Forensics walkthrough of the Project Obsidian external attacker (Kill Chain) - Covering Telemetry and artifacts collected and parsed to determine what happened.\n

\n

Forensics analysis; Part I: Forensics Analysis: Insider Threat, Part II: Forensics Analysis: Pivoting from IT to OT\n

\n\'',NULL,367805),('2_Friday','14','13:30','14:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'Forensic Analysis: Part I & II\'','\'Danny D. \"B4nd1t0\" Henderson Jr,Omenscan\'','BTV_b1ec85c696e12321767e623c45cd6624','\'\'',NULL,367806),('2_Friday','10','10:30','11:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'CTH 101: Part I & II\'','\'CerealKiller\'','BTV_53614a1364ee80c83c569e9af23f5047','\'Title: CTH 101: Part I & II
\nWhen: Friday, Aug 11, 10:30 - 11:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
\n
SpeakerBio:CerealKiller\n
\nCerealKiller or Cereal is a Cyber Defense Practitioner with over 10yrs of experience.
\n\n
\nDescription:
\nThis 101 session includes two cyber threat hunting training modules.\n

Part I: Introduction to Cyber Threat Hunting: A brief introduction to Cyber Threat Hunting\nPart II: Threat Hunting Methodologies: A look into hunting methodologies\n

\n

Introduction to Cyber Threat Hunting & Threat Hunting Methodologies\n

\n\'',NULL,367807),('2_Friday','11','10:30','11:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'CTH 101: Part I & II\'','\'CerealKiller\'','BTV_53614a1364ee80c83c569e9af23f5047','\'\'',NULL,367808),('3_Saturday','11','11:30','12:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'DE: Building a Detection Alert From a Threat Hunt\'','\'kobaltfox\'','BTV_f9bcf4e3046fb0b65855a2210b24ed7a','\'Title: DE: Building a Detection Alert From a Threat Hunt
\nWhen: Saturday, Aug 12, 11:30 - 12:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
\n
SpeakerBio:kobaltfox\n
\nTODO\n
\n\n
\nDescription:
\n.\n
\n

A review of the detection engineering cycle and a walkthrough taking a threat hunt report and building a SIEM alert.\n

\n\'',NULL,367809),('3_Saturday','12','11:30','12:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'DE: Building a Detection Alert From a Threat Hunt\'','\'kobaltfox\'','BTV_f9bcf4e3046fb0b65855a2210b24ed7a','\'\'',NULL,367810),('2_Friday','10','10:30','11:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'IR Analysis: Part I & II\'','\'juju43\'','BTV_85bb6fc972a559fe9c9c88960738574a','\'Title: IR Analysis: Part I & II
\nWhen: Friday, Aug 11, 10:30 - 11:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
\n
SpeakerBio:juju43\n
\nBlueTeam DFIR helping people to grow
\n\n
\nDescription:
\nThis Kill Chain IR analysis session includes two modules.\n

Part I: Know Yourself, Know Your Logs: How to establish some baselines with the logs that you have to support incident response.\nPart II: MSTICPY and Velociraptor Offline Collection Analysis: Offline analysis using code. How to setup your questions and make your analysis process repeatable with jupyter notebook and msticpy.\n

\n

IR analysis in two parts; Part I: Know Yourself, Know Your Logs, Part II: MSTICPY and Velociraptor Collection & Offline Analysis.\n

\n\'',NULL,367811),('2_Friday','11','10:30','11:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'IR Analysis: Part I & II\'','\'juju43\'','BTV_85bb6fc972a559fe9c9c88960738574a','\'\'',NULL,367812),('3_Saturday','17','17:00','17:59','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'It’s not that your threat intelligence IOCs are worthless…\'','\'Charlie,Lauren Proehl,Mick/nohackme,Silas Cutler\'','BTV_d7169b90e69fdc75775345fd10e0f90a','\'Title: It’s not that your threat intelligence IOCs are worthless…
\nWhen: Saturday, Aug 12, 17:00 - 17:59 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\nSpeakers:Charlie,Lauren Proehl,Mick/nohackme,Silas Cutler
\n
SpeakerBio:Charlie\n
\nCharlie has worked in threat intelligence for over a decade, focusing mostly on financial services but has also worked for an email security vendor providing threat intelligence to a variety of verticals. He is now a part of a team that provides threat intelligence to banks of all sizes.
\n
SpeakerBio:Lauren Proehl\n
\nLauren Proehl is the Director of Global Cyber Defense at Marsh McLennan. She is an experienced incident responder and threat hunter who has helped identify and mitigate cyber adversaries in Fortune 500 networks. After leading investigations ranging from data breaches to targeted attacks, she now works to define some part of the limitless unknowns in cyberspace and make cybersecurity less abstract, and more tangible. Lauren sits on the CFP board for BSides Kansas City, heads up SecKC parties, and tries to escape computers by running long distances in the woods.
\n
SpeakerBio:Mick/nohackme\n
\nMick fell in love with the idea of cyberspace around 9-years-old after reading “Neuromancer,” thinking “I could do that.” He is still trying to do “that.”\nFormer perennial spot the fed participant, Mick has seen threat intelligence work, and... not. \nAfter spending too long in government and a stint in South Bend, Mick is a Global Security Advisor on Splunk\'s SURGe team.\n

Taking a break from Gooning at DEFCon, he\'s back for another year to moderate a spicy panel you\'ll want to see.\n

\n
SpeakerBio:Silas Cutler\n
\nSilas Cutler is an experienced security researcher and malware analyst. His focus has been researching organized cyber-crime groups and state-sponsored attacks.
\n\n
\nDescription:
\n.\n
\n

From discovery to dissemination, the value of cyber threat intelligence rapidly decreases to the point of uselessness. Why? It’s complicated. Does it have to be? Join us for a lively discussion on threat intelligence from discovery and dissemination, and how to find value in the valueless.\n

\n\'',NULL,367813),('3_Saturday','15','15:45','16:45','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Arson Herders: An IR Guide to Fighting and Lighting Fires\'','\'Litmoose,Matt \"dis0wn\" Wagenknecht,Tina \"Mugwump Jones\" Velez,Unnamed user\'','BTV_f160350dc1279f5885a8e386e38e42a8','\'Title: Arson Herders: An IR Guide to Fighting and Lighting Fires
\nWhen: Saturday, Aug 12, 15:45 - 16:45 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\nSpeakers:Litmoose,Matt \"dis0wn\" Wagenknecht,Tina \"Mugwump Jones\" Velez,Unnamed user
\n
SpeakerBio:Litmoose\n
\nCats and violins.
\n
SpeakerBio:Matt \"dis0wn\" Wagenknecht\n
\nExperienced in penetration testing, red team activities, and incident response
\n
SpeakerBio:Tina \"Mugwump Jones\" Velez\n
\nA caffeinated muppet with a day job of Enterprise Field Strategist/Chief Taco Officer for Expel and a night job of maybe being The Batman.
\n
SpeakerBio:Unnamed user\n
\nNo BIO available
\n\n
\nDescription:
\n.\n
\n

Join three of our seasoned (and sometimes crispy) Digital Forensics and Incident Response heavy hitters as they relay their tales from the front lines fighting against active threat actors, insider oopsies, and general misconfigurations. The catch? A holistic approach to security can involve lighting some fires of your own. The discussion will cover how the hot, hot flames of an incident touch everyone -- from C-levels to admins, intel to the red team. Come bask in the warm glow (while enjoying the cool Vegas AC), and be sure to stay for the Q & A!\n

\n\'',NULL,367814),('3_Saturday','16','15:45','16:45','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Arson Herders: An IR Guide to Fighting and Lighting Fires\'','\'Litmoose,Matt \"dis0wn\" Wagenknecht,Tina \"Mugwump Jones\" Velez,Unnamed user\'','BTV_f160350dc1279f5885a8e386e38e42a8','\'\'',NULL,367815),('2_Friday','11','11:30','12:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Security Engineering for Adversarial Emulation and Red Teaming\'','\'plug,sandw1ch\'','BTV_48929548a2c7809b82fd11fadefb802f','\'Title: Security Engineering for Adversarial Emulation and Red Teaming
\nWhen: Friday, Aug 11, 11:30 - 12:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\nSpeakers:plug,sandw1ch
\n
SpeakerBio:plug\n
\nNo BIO available
\n
SpeakerBio:sandw1ch\n
\nScott Brink is a hacker and manager within X-Force Red who specializes in network penetration testing. He graduated with a degree in computing security with a minor in networking and system administration from Rochester Institute of Technology. While there, he was the captain of the school’s team for the Collegiate Penetration Testing Competition. His research includes a presentation at Thotcon 0xA that looked into visitor management systems, where he found 19 zero-day vulnerabilities in these products. He has also presented a workshop at Red Team Village at Defcon 30 about Active Directory.
\n\n
\nDescription:
\nSecuring Engineering is a core element of security. In this session, you will hear how the Obsidian Engineers collaborated with the Red Team to architect and build this year\'s Obsidian adversary simulation environment. PS: You will be able to make your own too!\n
\n

Securing Engineering is a core element of security. In this session, you will hear how the Obsidian Engineers collaborated with the Red Team to architect and build this year\'s Obsidian adversary simulation environment. PS: You will be able to make your own too!\n

\n\'',NULL,367816),('2_Friday','12','11:30','12:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Security Engineering for Adversarial Emulation and Red Teaming\'','\'plug,sandw1ch\'','BTV_48929548a2c7809b82fd11fadefb802f','\'\'',NULL,367817),('4_Sunday','11','11:00','11:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Project Obsidian Panel\'','\' \'','BTV_af3ac677bfefbbd54ea6ee4aa8aacfeb','\'Title: Project Obsidian Panel
\nWhen: Sunday, Aug 13, 11:00 - 11:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\n
\nDescription:
\n.\n
\n

Project Obsidian panel discussion: Who, What, When, Where, and How\n

\n\'',NULL,367818),('3_Saturday','10','10:30','11:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'IR/4n6: Obsidian DFIR - Gang aft agley\'','\'Omenscan\'','BTV_9c1bbe2b2c2119cbeb13dbb7410d6f29','\'Title: IR/4n6: Obsidian DFIR - Gang aft agley
\nWhen: Saturday, Aug 12, 10:30 - 11:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\n
SpeakerBio:Omenscan\n
\nNo BIO available
\n\n
\nDescription:
\n.\n
\n

Come listen to some grouchy, well worn Incident Responders talk about the planning and reality of staging a live fire DFIR simulation, and how even well planned exercises, just like any other IR never go as planned.\n

\n\'',NULL,367819),('3_Saturday','11','10:30','11:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'IR/4n6: Obsidian DFIR - Gang aft agley\'','\'Omenscan\'','BTV_9c1bbe2b2c2119cbeb13dbb7410d6f29','\'\'',NULL,367820),('3_Saturday','11','11:30','12:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'(n)Map Exploration: A Great Time in Remote Destinations\'','\'SamunoskeX\'','BTV_a821a6ddaaf501c5288521c4533f85f4','\'Title: (n)Map Exploration: A Great Time in Remote Destinations
\nWhen: Saturday, Aug 12, 11:30 - 12:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\n
SpeakerBio:SamunoskeX\n
\nSamunoskeX is an Information Security Professional who works as part of a Security Operations Team and is also an Information Security instructor at a college. He is a Blue Team enthusiast and enjoys sharing all things Blue Team with the world.\n

SamunoskeX has attended DEFCON Events since DC26.\n

\n\n
\nDescription:
\nCan we find activity within the corporate network that might be suspicious?\n
\n

Can we find activity within the corporate network that might be suspicious?\n

\n\'',NULL,367821),('3_Saturday','12','11:30','12:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'(n)Map Exploration: A Great Time in Remote Destinations\'','\'SamunoskeX\'','BTV_a821a6ddaaf501c5288521c4533f85f4','\'\'',NULL,367822),('3_Saturday','13','13:30','13:59','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'CTH 101: Part III, IV, V\'','\'Cyb3rhawk\'','BTV_e7e46b27f8ca2f2b6f263aba2e6a229a','\'Title: CTH 101: Part III, IV, V
\nWhen: Saturday, Aug 12, 13:30 - 13:59 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
\n
SpeakerBio:Cyb3rhawk\n
\nDE&TH
\n\n
\nDescription:
\nThis CTH 101 session includes three modules.\n

Part III: Threat Hunting Techniques: A look into various hunting techniques.\nPart IV: Case Studies and Labs: What we can learn from case studies and how to get started with labs.\nPart V: Conclusion and Next Steps: Where to go next to learn more.\n

\n

CTH 101: Threat Hunting Techniques, Case Studies and Labs, Conclusion and Next Steps\n

\n\'',NULL,367823),('3_Saturday','11','11:30','11:59','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41)','\'Forensics 101 Part I & II\'','\'Danny D. \"B4nd1t0\" Henderson Jr,Gyle_dC\'','BTV_80fd2bec1a731d6bea3f1b8611804838','\'Title: Forensics 101 Part I & II
\nWhen: Saturday, Aug 12, 11:30 - 11:59 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
\nSpeakers:Danny D. \"B4nd1t0\" Henderson Jr,Gyle_dC
\n
SpeakerBio:Danny D. \"B4nd1t0\" Henderson Jr\n
\nDanny \"B4nd1t0\" Henderson Jr has over 11 years in the IT field from the U.S. Public Sector to life in the Private Sector and supported operations such as Cyber Warfare. Danny currently works at Novartis in Czech Republic as a Threat Hunter. He holds a master\'s degree in Cyber and Information Security from Capitol Technology University and certifications such as GCIH, GCFA, and CISSP. His skillset includes digital forensics, threat intelligence, and malware analysis. Outside of the field, Danny is fond of fantasy-themed tabletop games and retro RPGs which is displayed through his Bandit\'s Bytes website.
\n
SpeakerBio:Gyle_dC\n
\nGyle first got connected to the internet via her reliable 56k US Robotics modem and has been fascinated ever since with technology and security. She got her Graduate Certificate in Incident Response from the SANS Institute and her master’s in cyber security – Digital Forensics from UNSW Canberra. In her day job as an incident responder, she uses her skills and knowledge to help protect and defend the organisation she works for. In her spare time, she mentors other people who are new to the field, presents in different cyber security events and volunteers with different community-based organisations.
\n\n
\nDescription:
\nThis Forensics 101 session includes two modules.\n

Part I: General Introduction to Forensics\nPart II: General Introduction to Forensics Continued\n

\n

Introduction to Forensics: Part I & II\n

\n\'',NULL,367824),('4_Sunday','12','12:45','13:45','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Blue Team Village Closing Ceremony\'','\' \'','BTV_9ce62c90172ae2c4481a3b8a43fd8360','\'Title: Blue Team Village Closing Ceremony
\nWhen: Sunday, Aug 13, 12:45 - 13:45 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\n
\nDescription:
\n.\n
\n

Blue Team Village Closing Ceremony\n

\n\'',NULL,367825),('4_Sunday','13','12:45','13:45','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Blue Team Village Closing Ceremony\'','\' \'','BTV_9ce62c90172ae2c4481a3b8a43fd8360','\'\'',NULL,367826),('2_Friday','16','16:00','17:59','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Monroeville Live: An IR Tabletop for the Rest of Us\'','\'Dave Collins,Gwyddia,Litmoose,Matt Mahler,Nathan Case,Nina Alli,Shea Nangle\'','BTV_d6e961f925410fa1f111a4979fea697e','\'Title: Monroeville Live: An IR Tabletop for the Rest of Us
\nWhen: Friday, Aug 11, 16:00 - 17:59 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\nSpeakers:Dave Collins,Gwyddia,Litmoose,Matt Mahler,Nathan Case,Nina Alli,Shea Nangle
\n
SpeakerBio:Dave Collins\n
\nI work in public transportation IT doing cybersecurity and network infrastructure work. In the past, I have worked as a Linux sysadmin, Windows sysadmin, network engineer, and security engineer. I will happily geek out about anything computer related.
\n
SpeakerBio:Gwyddia\n
\nA Principal Consultant at CrowdStrike and frequent security conference speaker, Kelly is passionate about bringing the best of tabletop roleplaying games into high-level security tabletop simulations. She has designed and facilitated single-scenario and multi-table games for companies ranging from VC-stage startups to multi-billion dollar megacorps, and for audiences including both the information security and indie tabletop RPG game spaces.\n

Mooom, trained therapist, recovering attorney, gnome.\n

\"Talk about hard things. Do hard things. Throw soft things.\" -- ShmooCon 2022(+1)\n

\n
SpeakerBio:Litmoose\n
\nCats and violins.
\n
SpeakerBio:Matt Mahler\n
\nNo BIO available
\n
SpeakerBio:Nathan Case\n
\nA passion for Incident Response, and operational security in all forms. Pushing the bounds of threat detection and response. Finding new thoughts and bringing them to the fields of security and technology.
\n
SpeakerBio:Nina Alli\n, Regulatory Cybersecurity, Senior Strategist at Thermo Fisher
\nNina Alli is the Executive Director of the Biohacking Village, Sr Cybersecurity Regulatory Strategist at ThermoFisher, George Washington University Law School student, policy white paper writer, EMR and associated devices technologist, coffee snob, and super proud #Latina from #NYC.
\n
SpeakerBio:Shea Nangle\n
\nShea Nangle does not now, nor has he ever, worked for a three letter agency. He has, however, been accused on several occasions of being a Fed, and there was a multiyear period when his wife really thought he worked for a front company. To the best of his knowledge, only one of his previous employers has ever been investigated by the US government as a potential front for foreign intelligence. GLOMAR.\n

In his spare time, he enjoys long walks on the beach and reruns of Magnum, P.I.\n

\n\n
\nDescription:
\n.\n
\n

This is an interactive incident response tabletop workshop in a “game show”-type format. Attendees will work through a crisis response scenario designed exclusively for a live studio audience and will have the opportunity to describe how they might handle progressive stages of an emerging incident. Their responses will be evaluated by our “celebrity” judges who will balance a light tone with meaningful feedback that participants can use both to work through the problem sets presented and to learn to guide their teams through a real IR. Wrong answers allowed and encouraged; all experience and tech levels welcome.\n

\n\'',NULL,367827),('2_Friday','17','16:00','17:59','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'Monroeville Live: An IR Tabletop for the Rest of Us\'','\'Dave Collins,Gwyddia,Litmoose,Matt Mahler,Nathan Case,Nina Alli,Shea Nangle\'','BTV_d6e961f925410fa1f111a4979fea697e','\'\'',NULL,367828),('3_Saturday','13','13:30','14:30','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'Why OT Cybersecurity Engineers Drink So Much\'','\'ThatDeadGuy\'','BTV_5de343645d0f243cc53dc33ef0b0c1c0','\'Title: Why OT Cybersecurity Engineers Drink So Much
\nWhen: Saturday, Aug 12, 13:30 - 14:30 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
\n
SpeakerBio:ThatDeadGuy\n
\nAfter thirteen years as a controls engineer within the Automotive Manufacturing and Oil & Gas Exploration Manufacturing industries, ThatDeadGuy was converted over to cyber security. His experience on the design and implementation of the equipment gave him a perspective into the OT realm that was not shared with most of the security team. Over the last five years he has built up cyber security architectures, implemented detection tools and created the IR processes for multiple critical infrastructure process environments.
\n\n
\nDescription:
\n.\n
\n

A brief view into the odd world of Operational Technology (OT) and why so many OT Security Engineers drink like they hate themselves. This will cover the realities of their tech stack, business risk considerations, control systems recovery and how incident response is conducted within the environment. We will briefly cover how this environment was emulated for the Project Obsidian attack chain and how it differs from the physical environments.\n

\n\'',NULL,367829),('3_Saturday','14','13:30','14:30','Y','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42)','\'Why OT Cybersecurity Engineers Drink So Much\'','\'ThatDeadGuy\'','BTV_5de343645d0f243cc53dc33ef0b0c1c0','\'\'',NULL,367830),('2_Friday','15','15:00','15:59','N','BTV','Flamingo - Sunset - Scenic - Blue Team Village - Main Stage','\'SOC Panel: Finding, Keeping, and Caring for the Best People\'','\'Alissa Torres,Carson Zimmerman,Christopher Crowley,Russ McRee\'','BTV_a2e2d0a0dd4531fdbd0b6c5f39b1b36c','\'Title: SOC Panel: Finding, Keeping, and Caring for the Best People
\nWhen: Friday, Aug 11, 15:00 - 15:59 PDT
\nWhere: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
\nSpeakers:Alissa Torres,Carson Zimmerman,Christopher Crowley,Russ McRee
\n
SpeakerBio:Alissa Torres\n
\nAlissa Torres is a blue team practitioner/educator turned consultant, laser-focused on the people element of the SecOps equation. With 3 dog-years of experience spanning roles in IT and Security Operations, she discovered her passion for adversary hunting while serving in the trenches as an incident analyst with a third-party services company, and later, leading an incident response team for a global manufacturing company.
\n
SpeakerBio:Carson Zimmerman\n
\nCarson Zimmerman is a veteran cybersecurity specialist, author, and speaker. In his current role at Microsoft, Carson leads an investigations team responsible for defending the M365 platform and ecosystem. In his previous role, at The MITRE Corporation, Carson specialized in cybersecurity operations center (CSOC) architecture and CSOC consulting. His experiences over 20 years as a CSOC analyst and engineer led Carson to author Ten Strategies of a World-Class Cybersecurity Operations Center, and co-authored its second edition, Eleven Strategies… which may be downloaded for free at mitre.org/11Strategies.
\n
SpeakerBio:Christopher Crowley\n
\nNo BIO available
\n
SpeakerBio:Russ McRee\n
\nNo BIO available
\n\n
\nDescription:
\n.\n
\n

Come hear 4 SOC veterans discuss some of the most challenging topics in SOCs today. People are our most important asset, but recruiting, retention, and career growth continue to be a sore spot for many. Trying to break into the field? Been laid off? Worried about training or outsourcing? This panel is for you. We share with you what we’ve learned over the years; along the way we will spice it up with some war stories and hard won lessons.\n

\n\'',NULL,367831),('4_Sunday','10','10:00','12:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_a862db7fa5a53c212be8b26b7149c188','\'Title: RoboSumo Play Time
\nWhen: Sunday, Aug 13, 10:00 - 12:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nA little to shy to own the ring in open battle? Come play! There will be robots available to program, sample code, a ring and many opportunities to discover some of the fun of robotics.\n
\n\n\'',NULL,367832),('4_Sunday','11','10:00','12:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_a862db7fa5a53c212be8b26b7149c188','\'\'',NULL,367833),('4_Sunday','12','10:00','12:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_a862db7fa5a53c212be8b26b7149c188','\'\'',NULL,367834),('3_Saturday','10','10:00','17:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a','\'Title: RoboSumo Play Time
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nA little to shy to own the ring in open battle? Come play! There will be robots available to program, sample code, a ring and many opportunities to discover some of the fun of robotics.\n
\n\n\'',NULL,367835),('3_Saturday','11','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a','\'\'',NULL,367836),('3_Saturday','12','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a','\'\'',NULL,367837),('3_Saturday','13','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a','\'\'',NULL,367838),('3_Saturday','14','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a','\'\'',NULL,367839),('3_Saturday','15','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a','\'\'',NULL,367840),('3_Saturday','16','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a','\'\'',NULL,367841),('3_Saturday','17','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a','\'\'',NULL,367842),('2_Friday','10','10:00','17:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6','\'Title: RoboSumo Play Time
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nA little to shy to own the ring in open battle? Come play! There will be robots available to program, sample code, a ring and many opportunities to discover some of the fun of robotics.\n
\n\n\'',NULL,367843),('2_Friday','11','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6','\'\'',NULL,367844),('2_Friday','12','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6','\'\'',NULL,367845),('2_Friday','13','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6','\'\'',NULL,367846),('2_Friday','14','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6','\'\'',NULL,367847),('2_Friday','15','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6','\'\'',NULL,367848),('2_Friday','16','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6','\'\'',NULL,367849),('2_Friday','17','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Play Time\'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6','\'\'',NULL,367850),('3_Saturday','10','10:00','15:30','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_28765869a13b08ac09c319cfb1aad84c','\'Title: Hardware Hacking Rube Goldberg Machine
\nWhen: Saturday, Aug 12, 10:00 - 15:30 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nHardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!\n
\n\n\'',NULL,367851),('3_Saturday','11','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_28765869a13b08ac09c319cfb1aad84c','\'\'',NULL,367852),('3_Saturday','12','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_28765869a13b08ac09c319cfb1aad84c','\'\'',NULL,367853),('3_Saturday','13','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_28765869a13b08ac09c319cfb1aad84c','\'\'',NULL,367854),('3_Saturday','14','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_28765869a13b08ac09c319cfb1aad84c','\'\'',NULL,367855),('3_Saturday','15','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_28765869a13b08ac09c319cfb1aad84c','\'\'',NULL,367856),('2_Friday','10','10:00','17:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce','\'Title: Hardware Hacking Rube Goldberg Machine
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nHardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!\n
\n\n\'',NULL,367857),('2_Friday','11','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce','\'\'',NULL,367858),('2_Friday','12','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce','\'\'',NULL,367859),('2_Friday','13','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce','\'\'',NULL,367860),('2_Friday','14','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce','\'\'',NULL,367861),('2_Friday','15','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce','\'\'',NULL,367862),('2_Friday','16','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce','\'\'',NULL,367863),('2_Friday','17','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Rube Goldberg Machine\'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce','\'\'',NULL,367864),('2_Friday','10','10:00','17:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121','\'Title: Make Your Own Use
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nHave you taken your IoT toaster and created a remote activated fire-alarm tester? How about that old toy your kids (right, it was for the kids?) don’t play with anymore that now fuzzes your neighbor’s drone? Or what about putting that con badge to good use? The Hardware Hacking Village is hosting a “Make Your 0wn Use” contest. Submissions can be a solo or team based project that bend, mend, or repurpose any device and show others how it can be done.\n
\n\n\'',NULL,367865),('2_Friday','11','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121','\'\'',NULL,367866),('2_Friday','12','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121','\'\'',NULL,367867),('2_Friday','13','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121','\'\'',NULL,367868),('2_Friday','14','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121','\'\'',NULL,367869),('2_Friday','15','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121','\'\'',NULL,367870),('2_Friday','16','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121','\'\'',NULL,367871),('2_Friday','17','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121','\'\'',NULL,367872),('3_Saturday','10','10:00','15:30','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_c6b2e72b4f64984af24c6dde03b72d62','\'Title: Make Your Own Use
\nWhen: Saturday, Aug 12, 10:00 - 15:30 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nHave you taken your IoT toaster and created a remote activated fire-alarm tester? How about that old toy your kids (right, it was for the kids?) don’t play with anymore that now fuzzes your neighbor’s drone? Or what about putting that con badge to good use? The Hardware Hacking Village is hosting a “Make Your 0wn Use” contest. Submissions can be a solo or team based project that bend, mend, or repurpose any device and show others how it can be done.\n
\n\n\'',NULL,367873),('3_Saturday','11','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_c6b2e72b4f64984af24c6dde03b72d62','\'\'',NULL,367874),('3_Saturday','12','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_c6b2e72b4f64984af24c6dde03b72d62','\'\'',NULL,367875),('3_Saturday','13','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_c6b2e72b4f64984af24c6dde03b72d62','\'\'',NULL,367876),('3_Saturday','14','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_c6b2e72b4f64984af24c6dde03b72d62','\'\'',NULL,367877),('3_Saturday','15','10:00','15:30','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Make Your Own Use\'','\' \'','HHV_c6b2e72b4f64984af24c6dde03b72d62','\'\'',NULL,367878),('3_Saturday','16','16:00','16:30','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Hardware Hacking Village Prize Ceremony\'','\' \'','HHV_59e8882f7780ce2550d4c5d46a8245df','\'Title: Hardware Hacking Village Prize Ceremony
\nWhen: Saturday, Aug 12, 16:00 - 16:30 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nWe announce winners for the Make Your Own Use, and Hardware Hacking Rube Goldberg Machine contests and hand out prizes.\n
\n\n\'',NULL,367879),('3_Saturday','13','13:00','13:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'RoboSumo Bracket Competition\'','\' \'','HHV_ec707d637ef43d13506b870d980279dc','\'Title: RoboSumo Bracket Competition
\nWhen: Saturday, Aug 12, 13:00 - 13:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nBring your official Mini Sumo class robots to go head to head in a battle of glory! For rule details see https://dchhv.org/events/robosumo.html Event will last as long as it takes to work through the bracket.\n
\n\n\'',NULL,367880),('2_Friday','10','10:00','10:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'Telecom Village Inauguration\'','\'Harshit Mahajan\'','TCV_f8a601a434ce6b19ed52cf751f553843','\'Title: Telecom Village Inauguration
\nWhen: Friday, Aug 11, 10:00 - 10:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\n
SpeakerBio:Harshit Mahajan\n, Event Head at NullCon
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367881),('2_Friday','14','14:30','15:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'SS7 Workshop\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_8a2982b182bc40e29c5a5c464fd332fe','\'Title: SS7 Workshop
\nWhen: Friday, Aug 11, 14:30 - 15:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\nSpeakers:Akib Sayyed,Zibran Sayyed
\n
SpeakerBio:Akib Sayyed\n, Director at Matrix Shell Technologies Prviate Limited
\nNo BIO available
\n
SpeakerBio:Zibran Sayyed\n, Sr. Security Consultant Telecom
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367882),('2_Friday','15','14:30','15:59','Y','TCV','Flamingo - Virginia City - Telecom Village','\'SS7 Workshop\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_8a2982b182bc40e29c5a5c464fd332fe','\'\'',NULL,367883),('2_Friday','11','11:00','12:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'SS7 Workshop\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_82d4e65039892de05b38ec106ef2ba1b','\'Title: SS7 Workshop
\nWhen: Friday, Aug 11, 11:00 - 12:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\nSpeakers:Akib Sayyed,Zibran Sayyed
\n
SpeakerBio:Akib Sayyed\n, Director at Matrix Shell Technologies Prviate Limited
\nNo BIO available
\n
SpeakerBio:Zibran Sayyed\n, Sr. Security Consultant Telecom
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367884),('2_Friday','12','11:00','12:59','Y','TCV','Flamingo - Virginia City - Telecom Village','\'SS7 Workshop\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_82d4e65039892de05b38ec106ef2ba1b','\'\'',NULL,367885),('2_Friday','16','16:00','17:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'SS7 CTF\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_3622a8466ccc2f309b6dc20c4b58d8e6','\'Title: SS7 CTF
\nWhen: Friday, Aug 11, 16:00 - 17:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\nSpeakers:Akib Sayyed,Zibran Sayyed
\n
SpeakerBio:Akib Sayyed\n, Director at Matrix Shell Technologies Prviate Limited
\nNo BIO available
\n
SpeakerBio:Zibran Sayyed\n, Sr. Security Consultant Telecom
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367886),('2_Friday','17','16:00','17:59','Y','TCV','Flamingo - Virginia City - Telecom Village','\'SS7 CTF\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_3622a8466ccc2f309b6dc20c4b58d8e6','\'\'',NULL,367887),('4_Sunday','10','10:00','10:30','N','TCV','Flamingo - Virginia City - Telecom Village','\'RF in the Middle Earth- Fallen 5G\'','\'Utku Y\'','TCV_8f292e529a6adcddea291c0ebbf9e668','\'Title: RF in the Middle Earth- Fallen 5G
\nWhen: Sunday, Aug 13, 10:00 - 10:30 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\n
SpeakerBio:Utku Y\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367888),('3_Saturday','11','11:00','12:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'Diameter Workshop\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_fff487f49a5edccc2cac309c87f9db5b','\'Title: Diameter Workshop
\nWhen: Saturday, Aug 12, 11:00 - 12:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\nSpeakers:Akib Sayyed,Zibran Sayyed
\n
SpeakerBio:Akib Sayyed\n, Director at Matrix Shell Technologies Prviate Limited
\nNo BIO available
\n
SpeakerBio:Zibran Sayyed\n, Sr. Security Consultant Telecom
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367889),('3_Saturday','12','11:00','12:59','Y','TCV','Flamingo - Virginia City - Telecom Village','\'Diameter Workshop\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_fff487f49a5edccc2cac309c87f9db5b','\'\'',NULL,367890),('3_Saturday','14','14:30','15:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'Diameter Workshop\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_0abfb4f8c53467b94415bdf50c3fbb4d','\'Title: Diameter Workshop
\nWhen: Saturday, Aug 12, 14:30 - 15:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\nSpeakers:Akib Sayyed,Zibran Sayyed
\n
SpeakerBio:Akib Sayyed\n, Director at Matrix Shell Technologies Prviate Limited
\nNo BIO available
\n
SpeakerBio:Zibran Sayyed\n, Sr. Security Consultant Telecom
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367891),('3_Saturday','15','14:30','15:59','Y','TCV','Flamingo - Virginia City - Telecom Village','\'Diameter Workshop\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_0abfb4f8c53467b94415bdf50c3fbb4d','\'\'',NULL,367892),('3_Saturday','16','16:00','17:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'Diameter CTF\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_d8d6371095ea12079204ee42b8eab031','\'Title: Diameter CTF
\nWhen: Saturday, Aug 12, 16:00 - 17:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\nSpeakers:Akib Sayyed,Zibran Sayyed
\n
SpeakerBio:Akib Sayyed\n, Director at Matrix Shell Technologies Prviate Limited
\nNo BIO available
\n
SpeakerBio:Zibran Sayyed\n, Sr. Security Consultant Telecom
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367893),('3_Saturday','17','16:00','17:59','Y','TCV','Flamingo - Virginia City - Telecom Village','\'Diameter CTF\'','\'Akib Sayyed,Zibran Sayyed\'','TCV_d8d6371095ea12079204ee42b8eab031','\'\'',NULL,367894),('3_Saturday','10','10:00','10:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'Gazing into the crystal ball: Hacking and Securing Future Telecoms Networks\'','\'Ajit Hatti,Akib Sayyed,David Rogers,Galina Pildush\'','TCV_79fad03e1af278b71cfa0370241c71df','\'Title: Gazing into the crystal ball: Hacking and Securing Future Telecoms Networks
\nWhen: Saturday, Aug 12, 10:00 - 10:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\nSpeakers:Ajit Hatti,Akib Sayyed,David Rogers,Galina Pildush
\n
SpeakerBio:Ajit Hatti\n, NullCon
\nNo BIO available
\n
SpeakerBio:Akib Sayyed\n, Director at Matrix Shell Technologies Prviate Limited
\nNo BIO available
\n
SpeakerBio:David Rogers\n, CEO at Copper Horse
\nDavid is a mobile phone and IoT security specialist who runs Copper Horse Ltd, a software and security company based in Windsor, UK. He chairs the Fraud and Security Group at the GSMA. He has spoken at a number of hacking conferences on his security research work including DEF CON’s Car Hacking Village, 44CON, B-Sides London, B-Sides Cymru and B-Sides LV. He was awarded an MBE for services to Cyber Security in the Queen’s Birthday Honours 2019.
\n
SpeakerBio:Galina Pildush\n, Global Sr. Consulting Engineer at xG/IoT/MEC Security)
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367895),('4_Sunday','11','11:00','12:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'Telecom Village CTF\'','\'\'','TCV_850a82cadd9dca2a20ada62701098b5b','\'Title: Telecom Village CTF
\nWhen: Sunday, Aug 13, 11:00 - 12:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\n
\nDescription:No Description available
\n\'',NULL,367896),('4_Sunday','12','11:00','12:59','Y','TCV','Flamingo - Virginia City - Telecom Village','\'Telecom Village CTF\'','\'\'','TCV_850a82cadd9dca2a20ada62701098b5b','\'\'',NULL,367897),('3_Saturday','10','10:00','17:59','N','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c','\'Title: Tamper Evident Village Activities
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Tamper Evident Village - Map
\n
\nDescription:
\n\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. The goal of the Tamper Evident Village is to teach attendees how these technologies work and how many can be tampered with without leaving evidence. The village includes hands-on areas for mechanical seals, cargo seals, adhesive seals, mail and shipping seals, as well as a collection of demos, contests, and events to participate in.\n
\n\n\'',NULL,367898),('3_Saturday','11','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c','\'\'',NULL,367899),('3_Saturday','12','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c','\'\'',NULL,367900),('3_Saturday','13','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c','\'\'',NULL,367901),('3_Saturday','14','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c','\'\'',NULL,367902),('3_Saturday','15','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c','\'\'',NULL,367903),('3_Saturday','16','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c','\'\'',NULL,367904),('3_Saturday','17','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c','\'\'',NULL,367905),('4_Sunday','10','10:00','13:59','N','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_177546043a164569921f4700d90a42b6','\'Title: Tamper Evident Village Activities
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Tamper Evident Village - Map
\n
\nDescription:
\n\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. The goal of the Tamper Evident Village is to teach attendees how these technologies work and how many can be tampered with without leaving evidence. The village includes hands-on areas for mechanical seals, cargo seals, adhesive seals, mail and shipping seals, as well as a collection of demos, contests, and events to participate in.\n
\n\n\'',NULL,367906),('4_Sunday','11','10:00','13:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_177546043a164569921f4700d90a42b6','\'\'',NULL,367907),('4_Sunday','12','10:00','13:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_177546043a164569921f4700d90a42b6','\'\'',NULL,367908),('4_Sunday','13','10:00','13:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_177546043a164569921f4700d90a42b6','\'\'',NULL,367909),('2_Friday','10','10:00','17:59','N','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8','\'Title: Tamper Evident Village Activities
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Tamper Evident Village - Map
\n
\nDescription:
\n\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. The goal of the Tamper Evident Village is to teach attendees how these technologies work and how many can be tampered with without leaving evidence. The village includes hands-on areas for mechanical seals, cargo seals, adhesive seals, mail and shipping seals, as well as a collection of demos, contests, and events to participate in.\n
\n\n\'',NULL,367910),('2_Friday','11','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8','\'\'',NULL,367911),('2_Friday','12','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8','\'\'',NULL,367912),('2_Friday','13','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8','\'\'',NULL,367913),('2_Friday','14','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8','\'\'',NULL,367914),('2_Friday','15','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8','\'\'',NULL,367915),('2_Friday','16','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8','\'\'',NULL,367916),('2_Friday','17','10:00','17:59','Y','TEV','LINQ - 5th Floor / BLOQ - Tamper Evident Village','\'Tamper Evident Village Activities\'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8','\'\'',NULL,367917),('4_Sunday','10','10:00','13:59','N','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_5b6e407ccf483951a65b89a7e29bbd36','\'Title: Embedded Systems Village Activities
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: LINQ - 3rd flr - Evolution - Embedded Systems Village - Map
\n
\nDescription:
\n**ESV Badge**
\nThe ESV Badge is a cool-looking shard PCB that will fit into the DEF CON badge shard holder, but also doubles as a hardware debugger with a built-in USB-Serial adapter. On sale at the village for $60, but also available for free to CTF players that score a minimum number of points. \n

**Embedded CTF**
\nAn approachable yet challenging CTF competition with a wide range of embedded devices and attacks. \n

Categories include: \n

\n

**101 Labs**
\nA series of computer-based workshops that will guide you through the basics of hacking embedded devices. From extracting and analyzing firmware, exploiting command injections and more, these labs will introduce even the most noob to the world of embedded device hacking.\n

**Hands-on Hardware Hacking**
\nWe\'ve raided our local thrift stores and electronics recyclers and brought a whole bunch of embedded systems for you to try out the ESV badge on. Come pull memory chips off PCBs, dump memory, connect to UART consoles, and see what was left behind on these devices!\n

**LoRA Labs**
\nA hands-on and interactive lab using LoRa gateways where you will discover the noisy 915 MHz radio spectrum world.\n

\n\n\'',NULL,367918),('4_Sunday','11','10:00','13:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_5b6e407ccf483951a65b89a7e29bbd36','\'\'',NULL,367919),('4_Sunday','12','10:00','13:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_5b6e407ccf483951a65b89a7e29bbd36','\'\'',NULL,367920),('4_Sunday','13','10:00','13:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_5b6e407ccf483951a65b89a7e29bbd36','\'\'',NULL,367921),('2_Friday','10','10:00','17:59','N','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47','\'Title: Embedded Systems Village Activities
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Evolution - Embedded Systems Village - Map
\n
\nDescription:
\n**ESV Badge**
\nThe ESV Badge is a cool-looking shard PCB that will fit into the DEF CON badge shard holder, but also doubles as a hardware debugger with a built-in USB-Serial adapter. On sale at the village for $60, but also available for free to CTF players that score a minimum number of points. \n

**Embedded CTF**
\nAn approachable yet challenging CTF competition with a wide range of embedded devices and attacks. \n

Categories include: \n

\n

**101 Labs**
\nA series of computer-based workshops that will guide you through the basics of hacking embedded devices. From extracting and analyzing firmware, exploiting command injections and more, these labs will introduce even the most noob to the world of embedded device hacking.\n

**Hands-on Hardware Hacking**
\nWe\'ve raided our local thrift stores and electronics recyclers and brought a whole bunch of embedded systems for you to try out the ESV badge on. Come pull memory chips off PCBs, dump memory, connect to UART consoles, and see what was left behind on these devices!\n

**LoRA Labs**
\nA hands-on and interactive lab using LoRa gateways where you will discover the noisy 915 MHz radio spectrum world.\n

\n\n\'',NULL,367922),('2_Friday','11','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47','\'\'',NULL,367923),('2_Friday','12','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47','\'\'',NULL,367924),('2_Friday','13','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47','\'\'',NULL,367925),('2_Friday','14','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47','\'\'',NULL,367926),('2_Friday','15','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47','\'\'',NULL,367927),('2_Friday','16','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47','\'\'',NULL,367928),('2_Friday','17','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47','\'\'',NULL,367929),('3_Saturday','10','10:00','17:59','N','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8','\'Title: Embedded Systems Village Activities
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Evolution - Embedded Systems Village - Map
\n
\nDescription:
\n**ESV Badge**
\nThe ESV Badge is a cool-looking shard PCB that will fit into the DEF CON badge shard holder, but also doubles as a hardware debugger with a built-in USB-Serial adapter. On sale at the village for $60, but also available for free to CTF players that score a minimum number of points. \n

**Embedded CTF**
\nAn approachable yet challenging CTF competition with a wide range of embedded devices and attacks. \n

Categories include: \n

\n

**101 Labs**
\nA series of computer-based workshops that will guide you through the basics of hacking embedded devices. From extracting and analyzing firmware, exploiting command injections and more, these labs will introduce even the most noob to the world of embedded device hacking.\n

**Hands-on Hardware Hacking**
\nWe\'ve raided our local thrift stores and electronics recyclers and brought a whole bunch of embedded systems for you to try out the ESV badge on. Come pull memory chips off PCBs, dump memory, connect to UART consoles, and see what was left behind on these devices!\n

**LoRA Labs**
\nA hands-on and interactive lab using LoRa gateways where you will discover the noisy 915 MHz radio spectrum world.\n

\n\n\'',NULL,367930),('3_Saturday','11','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8','\'\'',NULL,367931),('3_Saturday','12','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8','\'\'',NULL,367932),('3_Saturday','13','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8','\'\'',NULL,367933),('3_Saturday','14','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8','\'\'',NULL,367934),('3_Saturday','15','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8','\'\'',NULL,367935),('3_Saturday','16','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8','\'\'',NULL,367936),('3_Saturday','17','10:00','17:59','Y','ESV','LINQ - 3rd flr - Evolution - Embedded Systems Village','\'Embedded Systems Village Activities\'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8','\'\'',NULL,367937),('2_Friday','11','11:00','11:25','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'RF Village Kickoff\'','\'\'','RFV_39a7b64ca80dcdb435f281da4f1e617e','\'Title: RF Village Kickoff
\nWhen: Friday, Aug 11, 11:00 - 11:25 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
\nDescription:No Description available
\n\'',NULL,367938),('2_Friday','12','12:00','12:59','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'The International Wigle Space Balloon\'','\'Lozaning\'','RFV_51b282240e1547c6e599de9f1b6b8e8e','\'Title: The International Wigle Space Balloon
\nWhen: Friday, Aug 11, 12:00 - 12:59 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:Lozaning\n
\nLozaning (they/them) has been wardriving for over 10 years and enjoys designing, building, and assembling unorthodox network observation platforms such as: The Wifydra (presented here), The International Wigle Space Balloon, and turning an Amtrak roomette into a mobile radio observation lab. Currently ranked as the 84th best wardriver in the world on Wigle.net, Lozaning loves all things wifi and high precision GNSS related.\n

Lozaning loves wifi, radios, blinky lights, and fancy GPS receivers. They\'ve been wardriving for over 20 years and are now ranked in the top 100 wardrivers in the world.\n

\n\n
\nDescription:
\nThis talk will cover the story of the International Wigle Space Balloon from the inception to launch. Along the way we\'ll cover FAA legalities, hardware design constraints, minimizing launch costs using OTSH, buoyancy and flight characteristic calculations, and conclude with the networks observed during the various flights as well as the introduction of a surprise friend we made along the way.\n
\n\n\'',NULL,367939),('2_Friday','13','13:00','13:59','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'WIFISHARK\'','\'Wasabi\'','RFV_97930e269f910fbdeb986386fac6abff','\'Title: WIFISHARK
\nWhen: Friday, Aug 11, 13:00 - 13:59 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:Wasabi\n
\nWasabi. The other Wasabi. Doing RF stuff with the RF Hackers Sanctuary and Sharing my Research and Tools with the masses
\nTwitter: @@FrustratedITGuy
\n\n
\nDescription:
\nCreating a Wifi Profile for Wireshark and why it made me mad while doing it. I needed a Red Team profile not a trouble shooting filter or a regular profile. It was not fun or an enjoyable experience but I will be happy to share my profile at the end of the presentation.\n
\n\n\'',NULL,367940),('2_Friday','14','14:00','14:20','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'Signals! In! Spaaaaaace!\'','\'Ark (from WiGLE),wytshadow\'','RFV_a7e49b51edb89fe96275a6381750bd9e','\'Title: Signals! In! Spaaaaaace!
\nWhen: Friday, Aug 11, 14:00 - 14:20 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\nSpeakers:Ark (from WiGLE),wytshadow
\n
SpeakerBio:Ark (from WiGLE)\n
\nMy name is Andy or sometimes Ark- I\'m a co-founder of WiGLE.net - the largest crowd-sourced, open database of wardriving data on the internet. In my day job, I mostly build fintech and privacy tech start-ups. I co-maintain both client and server sides of WiGLE, design our swag, and serve as the designated sacrifice for public appearances. I\'ve been wardriving since the year 2001, and still manage to stay in the top 20 on the WiGLE leader board, largely through distance running using WiGLE as my personal trainer.
\nTwitter: @@wiglenet
\n
SpeakerBio:wytshadow\n
\nNo BIO available
\nTwitter: @@theDarracott
\n\n
\nDescription:
\nWytshadow, Dragorn, and Ark have been preparing to support network stumbling on bodies beyond earth. This is a synopsis of the challenges, our proposed solutions, and a preview/introduction of how you measure and report wireless data from Earths\' moon, Mars, and beyond.\n
\n\n\'',NULL,367941),('2_Friday','15','15:00','15:20','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'Protocol Identification for Integration\'','\'Eric Escobar\'','RFV_08d2c2dcd228d502fce5eec568032774','\'Title: Protocol Identification for Integration
\nWhen: Friday, Aug 11, 15:00 - 15:20 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:Eric Escobar\n
\nEric is a seasoned pentester and a Principal Security Consultant at Secureworks. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. He has successfully compromised companies from all sectors of business including: Healthcare, Pharmaceutical, Entertainment, Amusement Parks, Banking, Finance, Technology, Insurance, Military, Retail, Food Distribution, Government, Education, Transportation, Energy and Industrial Manufacturing.\n

His team consecutively won first place at DEF CON 23, 24, and 25’s Wireless CTF, snagging a black badge along the way. Forcibly retired from competing in the Wireless CTF, he now helps create challenges!\n

Before entering the cyber security arena, Eric attained both a BS and MS in Civil Engineering along with his Professional Engineering license.\n

\nTwitter: @@EricEscobar
\n\n
\nDescription:
\nIn this talk you’ll see how hacking doesn’t always involve pillaging or exploit development. In fact, hacking can allow you to expand functionality! I’ll be walking you through steps of reverse engineering a wireless signal in order to hack, build and implement additional functionality of a wireless device. If you like IoT, wireless, and a little bit of software defined radio, you’ll love this talk!\n
\n\n\'',NULL,367942),('2_Friday','16','16:00','16:20','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'Badge Cloning With Doppelgänger\'','\'Travis Weathers\'','RFV_5db501ce96930344ab23add0d36d9170','\'Title: Badge Cloning With Doppelgänger
\nWhen: Friday, Aug 11, 16:00 - 16:20 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:Travis Weathers\n
\nTravis Weathers is a Practice Director on Optiv\'s Attack & Penetration team based out of Tampa, FL. Since stepping out of the military, Travis has worked within the offensive security space performing advanced adversarial emulation assessments and leading offensive security practitioners.
\n\n
\nDescription:
\nThe Doppelgänger project stemmed from the Raspberry Pi chip shortage, which drove up the cost of RPi Nano W boards, making the cost to repair my team\'s long-range cloners not feasible. In addition, there were some limitations with existing tooling that I aimed to mitigate.\n

This project intended to accomplish the following:\n

    \n
  1. Use modern/actively supported and hot-swappable CoTS equipment that can easily be replaced.\n
  2. The operator can\'t enter a comms blackhole while connected to the device.\n
  3. Egress method for notifications, reducing the need to check for card reads while in the middle of an operation.\n
  4. Simplified WebGUI that only displays Bit Length, Facility Code, and Card Number. Option to download the complete data set (e.g., BL, FC, CC, HEX, BIN).\n
  5. Error handling, so the device doesn\'t log bad reads, EMI, etc.\n
  6. Easy configuration and reset functionality for team use.
\n\n\'',NULL,367943),('3_Saturday','12','12:00','12:20','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'Shipping Wardriving Hardware - Cross-country Wigle on the Cheap\'','\'Segfault\'','RFV_1b3bd37ceeb791b5736bbbe22f97bece','\'Title: Shipping Wardriving Hardware - Cross-country Wigle on the Cheap
\nWhen: Saturday, Aug 12, 12:00 - 12:20 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:Segfault\n
\nI am a hardware hacker and a wardriver, among many other things as they catch my interest. I don\'t have many qualifications to make me uniquely capable to do the things that I do, other than just having an idea or desire to make things happen.
\nTwitter: @CoD_Segfault
\n\n
\nDescription:
\n\"After designing a miniature PCB based on jhewitt\'s ESP32 Wardriver design, a friend across the country showed interest in obtaining one of the boards. The idea came up that the hardware could be shipped along with a battery and the results could be analyzed and uploaded to Wigle.net after the fact. \n

This talk goes over the hardware used, the safety considerations, testing methodologies, and criteria needed to be met before proceeding. The results will be analyzed and compared to the shipping service’s tracking methods, with visualizations on a map to show shipping progress.\"\n

\n\n\'',NULL,367944),('3_Saturday','13','13:00','13:59','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'125khz the Brown note for Cars\'','\'Woody\'','RFV_436f94c64b208db911a55126be4e338f','\'Title: 125khz the Brown note for Cars
\nWhen: Saturday, Aug 12, 13:00 - 13:59 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:Woody\n
\nInfared Tracking, Gotenna Exploits, and Raptor Captor. He is also staff for the RF Village, probably luck. He has also been know to watch Burn Notice, but doesn\'t eat at much yogurt as Zero.
\nTwitter: @@tb69rr
\n\n
\nDescription:
\nI will demonstrate how to use LF 125-137 khz to make vehicles and their components play nice together. Using LF to make TPMS and Keyfobs spit out their info. We will show how to do this and how to check the responses. Think of being able to make TPMS and Keyfobs spit their data out at will. I will show how to use everything from a Proxmark to a hackrf to make this happen. I\'ll also demo antennas and hardware mods we recommend.\n
\n\n\'',NULL,367945),('3_Saturday','14','14:00','14:59','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'Wardriving 102: Moving Beyond the Wigle App\'','\'bkobe\'','RFV_c47cb005762e36fbe2f32cb605f1ae37','\'Title: Wardriving 102: Moving Beyond the Wigle App
\nWhen: Saturday, Aug 12, 14:00 - 14:59 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:bkobe\n
\nbkobe is a formally trained electrical engineer who focuses on all things analog/digital circuits to microcontroller/digital signal processors and software defined radios. Background in hardware printed circuit board design, software/firmware development, radios and repeaters (commercial site installation and maintenance), and recently radio mesh networks. Enjoys the camaraderie in this community with common passions, and the sharing of ideas and knowledge. Member of the Hard Hat Brigade.
\nTwitter: @@kobeski1906
\n\n
\nDescription:
\nA summary of wardriving beyond the wigle app (hardware rigs) will be discussed with the main example/inspiration documenting the process of the WigleBottleV2 build. Topics include (chronologically): a short history of wardriving and what it is, the sub-genre of hardware rig building (and introduction of design specs), the WigleBottleV2 design goal, and some “gotchas” (power/redundant power, single board computer selection (Pi4 in V1 to the Pi3B in V2 and why the downgrade), GPS receivers (tie in/link to wytshadow’s GPS talk), and general clock timing). In selecting the single board computer (which dictates power/redundant power options), a side story will be discussed on the heat produced, and what to think about for case design. The V1 bottle used a Pi4, however uses 1W more power than the Pi3B, also radiating more heat (not too good for a bottle build). For the GPS receivers, a few were experimented with, and yielded vast differences in wigle upload data. Also, a consequence of USB 3.0 on poorly shielded cables is increased electromagnetic interference right in the GPS band (show a short video clip using a common SDR, and what to look for when diagnosing). Lastly on specific topics, with using a Pi, go into the design of a real-time clock, along with some of the configuration of the pi software to keep timing in order (pulse per second and chronyc -- and the accuracy to UTC it brings). Conclusion will showcase the hardware design process from the WigleBottleV1 and what went wrong in last year’s WWWD (with screenshots of trilateration gone wrong), to the version 2 design. References will link to resources others can use (as well as the hardware printed circuit boards used for this project).\n
\n\n\'',NULL,367946),('3_Saturday','15','15:00','15:20','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'Antennas\'','\'Kent\'','RFV_a4dac1d845a9797b7c9b2e79cd05b13e','\'Title: Antennas
\nWhen: Saturday, Aug 12, 15:00 - 15:20 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:Kent\n
\nKent has a long history is developing over 1200 different PCB antennas for a lot of different applications.
\n\n
\nDescription:
\nGPS Jamming and Anti-Jamming
\nHow to modify GPS antennas to reduce jammer signals\nDirection Finding
\nSome results for the Ukraine on DF\'ing on GPS hammers.\nMight include DFing on artillery counterfire Radars\nQuick overview of general RF monitoring\nSome history of Code Breaking
\nSchematics of an Enigma and the Polish Spread Sheets of find the set up.\nCommon setups (Enigma had a 6 letter setup, Brits quickly found HITLER BERLIN LONDON would decode many messages)\nOn to Lorenz 12 rotor machine for teletype machines\nCOLOSSUS The first programmable computer ENIAC was not num 1, it was number 11!\nUsed to find the Key to a Lorenz message.\nHistory books are wrong because after WWII Colossus worked against US and Soviet code machines. Secret until the 1970\'s\n

May need to tweak this for the list.\n

\n\n\'',NULL,367947),('4_Sunday','11','11:00','12:59','N','RFV','Flamingo - Eldorado - Radio Frequency Village','\'War Driver Meetup\'','\'RF Village Staff\'','RFV_1789e900972fb02dedbcc241e6197c70','\'Title: War Driver Meetup
\nWhen: Sunday, Aug 13, 11:00 - 12:59 PDT
\nWhere: Flamingo - Eldorado - Radio Frequency Village - Map
\n
SpeakerBio:RF Village Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367948),('4_Sunday','12','11:00','12:59','Y','RFV','Flamingo - Eldorado - Radio Frequency Village','\'War Driver Meetup\'','\'RF Village Staff\'','RFV_1789e900972fb02dedbcc241e6197c70','\'\'',NULL,367949),('3_Saturday','10','10:00','17:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc','\'Title: Soldering Skills Village Activities
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nHave you ever fused metal to create electronic mayhem? Do you want to learn? Travel too far to take your solder tools with you? Hotel take your irons cause they thought it was a fire risk? Come on over to the Solder Skills village. We have irons and supplies. Volunteers (and some attendees) help teach, advise or just put out fires. We aim to grow the skill-set of the community and overcome inhibitions to this most basic skill to make electronic dreams happen.\n
\n\n\'',NULL,367950),('3_Saturday','11','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc','\'\'',NULL,367951),('3_Saturday','12','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc','\'\'',NULL,367952),('3_Saturday','13','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc','\'\'',NULL,367953),('3_Saturday','14','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc','\'\'',NULL,367954),('3_Saturday','15','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc','\'\'',NULL,367955),('3_Saturday','16','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc','\'\'',NULL,367956),('3_Saturday','17','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc','\'\'',NULL,367957),('4_Sunday','10','10:00','12:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_9d6578a845c1f90722d78d5d4275808c','\'Title: Soldering Skills Village Activities
\nWhen: Sunday, Aug 13, 10:00 - 12:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nHave you ever fused metal to create electronic mayhem? Do you want to learn? Travel too far to take your solder tools with you? Hotel take your irons cause they thought it was a fire risk? Come on over to the Solder Skills village. We have irons and supplies. Volunteers (and some attendees) help teach, advise or just put out fires. We aim to grow the skill-set of the community and overcome inhibitions to this most basic skill to make electronic dreams happen.\n
\n\n\'',NULL,367958),('4_Sunday','11','10:00','12:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_9d6578a845c1f90722d78d5d4275808c','\'\'',NULL,367959),('4_Sunday','12','10:00','12:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_9d6578a845c1f90722d78d5d4275808c','\'\'',NULL,367960),('2_Friday','10','10:00','17:59','N','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d','\'Title: Soldering Skills Village Activities
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
\n
\nDescription:
\nHave you ever fused metal to create electronic mayhem? Do you want to learn? Travel too far to take your solder tools with you? Hotel take your irons cause they thought it was a fire risk? Come on over to the Solder Skills village. We have irons and supplies. Volunteers (and some attendees) help teach, advise or just put out fires. We aim to grow the skill-set of the community and overcome inhibitions to this most basic skill to make electronic dreams happen.\n
\n\n\'',NULL,367961),('2_Friday','11','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d','\'\'',NULL,367962),('2_Friday','12','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d','\'\'',NULL,367963),('2_Friday','13','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d','\'\'',NULL,367964),('2_Friday','14','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d','\'\'',NULL,367965),('2_Friday','15','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d','\'\'',NULL,367966),('2_Friday','16','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d','\'\'',NULL,367967),('2_Friday','17','10:00','17:59','Y','HHV','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','\'Soldering Skills Village Activities\'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d','\'\'',NULL,367968),('2_Friday','11','11:00','11:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Cutting through the noise: What you need to know are the real threats when it comes to AI\'','\'Chloé Messdaghi\'','MIV_82df548de45bda26ff56ede88b35c34d','\'Title: Cutting through the noise: What you need to know are the real threats when it comes to AI
\nWhen: Friday, Aug 11, 11:00 - 11:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Chloé Messdaghi\n
\nNo BIO available
\n\n
\nDescription:
\n\n
\n\n\'',NULL,367969),('2_Friday','15','15:30','16:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Digital Media Authentication - A Toolkit for Journalists in the Fight Against Misinformation with Cryptographic Tools\'','\'Adam Rose\'','MIV_fd745a69f668c8ca204c705bd598c32e','\'Title: Digital Media Authentication - A Toolkit for Journalists in the Fight Against Misinformation with Cryptographic Tools
\nWhen: Friday, Aug 11, 15:30 - 16:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Adam Rose\n, COO at Starling Lab for Data Integrity
\nAdam Rose is COO at the Starling Lab for Data Integrity, which was co-founded by Stanford University and USC Shoah Foundation. The lab explores the intersection of Web3 technologies with human rights, focusing on three practice areas: journalism, law and history. Through real-world case studies, they help practitioners to implement open-source technologies that can authenticate and preserve digital records. The lab has helped publishers to establish proof that images haven’t been manipulated, and saved authenticated recordings of webpages at risk of disappearing. Starling\'s recent projects have received honors from the American Society of Magazine Editors, News Emmy Awards, National Press Club, National Press Photographers Association, and Overseas Press Club of America. Adam previously worked in media for two decades, including CBS/Paramount+, HuffPost, LA Times and LAist. He volunteers as press rights chair for the Los Angeles Press Club and successfully lobbied for legislation in California to protect journalists from arrest at protests.
\n\n
\nDescription:
\nHumanity is producing more content than at any point in history. Generative AI is poised to accelerate that trend. Our collective stream of information is surging, but all too often it\'s filled with misinformation. As audiences and fact checkers confront these muddied waters, could there be solutions back upstream? Researchers are testing innovative ways to authenticate digital records at their origin, establishing the time, date and location of their creation. With enhanced provenance we can establish a new resilient form of authenticity with cryptography, and decentralized systems. These methods have been used to establish trust in critical records like photos and web archives, and recently used in stories published by Reuters, Rolling Stone, Associated Press, Inside Climate News, and Bay City News. The techniques are even finding their way into legal submissions to prosecutors at the International Criminal Court and helping preserve the testimony of the survivors of genocide. Several promising solutions are available in free and open-source apps that you can install on your phone or computer browser today, and a number of emerging consumer products could help professionals to bolster trust in their own digital records. The workshop will provide case studies that can help explain these technologies to general audiences, with authentication being done on digital assets from today\'s phones and digital cameras -- and even 30-year-old film. It will also look at ways for journalists (and citizen journalists) to use these tools to capture authenticated assets or explore the provenance of assets with content credentials.\n
\n\n\'',NULL,367970),('2_Friday','16','15:30','16:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Digital Media Authentication - A Toolkit for Journalists in the Fight Against Misinformation with Cryptographic Tools\'','\'Adam Rose\'','MIV_fd745a69f668c8ca204c705bd598c32e','\'\'',NULL,367971),('4_Sunday','11','11:30','11:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Misinfo Village Closing / Panel / Summary / Feedback\'','\'Misinformation Village Staff\'','MIV_77d9816ba70086102ca70ce478c0195f','\'Title: Misinfo Village Closing / Panel / Summary / Feedback
\nWhen: Sunday, Aug 13, 11:30 - 11:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Misinformation Village Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367972),('2_Friday','10','10:00','10:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Opening Session of MisinfoVillage 2023\'','\'Misinformation Village Staff\'','MIV_d026f466981ae9f8bc899f1da8e64932','\'Title: Opening Session of MisinfoVillage 2023
\nWhen: Friday, Aug 11, 10:00 - 10:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Misinformation Village Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367973),('2_Friday','10','10:30','10:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Teaching Information Warfare: Strategies in Academic and Government Institutions\'','\'Greg Carpenter\'','MIV_302ceb403cb0a6efb32dd2704dc07b3b','\'Title: Teaching Information Warfare: Strategies in Academic and Government Institutions
\nWhen: Friday, Aug 11, 10:30 - 10:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Greg Carpenter\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367974),('2_Friday','12','12:30','12:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Hackathon presentation\'','\'Misinformation Village Staff\'','MIV_cb8068596c8f3e1881ab7eccc152699d','\'Title: Hackathon presentation
\nWhen: Friday, Aug 11, 12:30 - 12:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Misinformation Village Staff\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367975),('2_Friday','13','13:30','13:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'The Russian Playbook vs. the Chinese Little Red Playbook: Broadening our Understanding of Effective Disinformation Operations\'','\'Darren Linvill\'','MIV_f2c405ed5244919d5ca29965e5d4bafc','\'Title: The Russian Playbook vs. the Chinese Little Red Playbook: Broadening our Understanding of Effective Disinformation Operations
\nWhen: Friday, Aug 11, 13:30 - 13:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Darren Linvill\n
\nNo BIO available
\n\n
\nDescription:
\n\n
\n\n\'',NULL,367976),('2_Friday','14','14:00','14:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Holding Leaflets in the Left Hand and Bullets in the Right: A Guide to Understanding Modern Chinese Information Operations\'','\'Kieran Green\'','MIV_134a1cd6e55bcbabf781143d17fe1b3f','\'Title: Holding Leaflets in the Left Hand and Bullets in the Right: A Guide to Understanding Modern Chinese Information Operations
\nWhen: Friday, Aug 11, 14:00 - 14:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Kieran Green\n
\nNo BIO available
\n\n
\nDescription:
\n\n
\n\n\'',NULL,367977),('2_Friday','16','16:30','17:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Film screening: Reality Games Using film and interactive storytelling to inoculate against the disinformation tsunami:\'','\'Michael Morgenstern\'','MIV_2ac40eb21ecaf1a33062ca7fb5515b5e','\'Title: Film screening: Reality Games Using film and interactive storytelling to inoculate against the disinformation tsunami:
\nWhen: Friday, Aug 11, 16:30 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Michael Morgenstern\n
\nMichael Morgenstern is a filmmaker, technologist, and culture hacker. He has produced and directed three films in over 70 festivals worldwide. Michael focuses on the interaction between social media, news cycles, interaction design, and cultural discourse, and how disinformation is propagated. He is CEO and Creative Director of This is Definitely Real, an alternate reality media company telling interactive stories online.
\n\n
\nDescription:
\nJoin us for a preview screening of the first half of Reality Games, a new feature film about disinformation, deepfakes, AI, and a world where the boundary between reality and fiction bends and then shatters. In the style of Fight Club meets a video game, the movie follows the story of two kids who ruin each others\' lives online, exploring how tribalism takes hold. The movie is a work-in-progress screening and will be released in 2024. Hear how their team created an ethical disinformation event during the heart of the pandemic and learned how easy it is to control the narrative.\n

After the film, join director Michael Morgenstern and ____________________, for a fireside chat. What\'s coming next with disinformation enhanced by AI? How does tribalism form? How can experiential storytelling be used to modify our existing meta-narratives? How will we operate in a world where reality has broken down?\n

\n\n\'',NULL,367978),('2_Friday','17','16:30','17:59','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Film screening: Reality Games Using film and interactive storytelling to inoculate against the disinformation tsunami:\'','\'Michael Morgenstern\'','MIV_2ac40eb21ecaf1a33062ca7fb5515b5e','\'\'',NULL,367979),('3_Saturday','11','11:30','12:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Navigating the Disinformation Landscape\'','\'Eric Curwin\'','MIV_73484f6e96fc2c7fc9858cd08aa38004','\'Title: Navigating the Disinformation Landscape
\nWhen: Saturday, Aug 12, 11:30 - 12:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Eric Curwin\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,367980),('3_Saturday','12','11:30','12:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Navigating the Disinformation Landscape\'','\'Eric Curwin\'','MIV_73484f6e96fc2c7fc9858cd08aa38004','\'\'',NULL,367981),('3_Saturday','12','12:30','13:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Patient Zero Day: The Leaking of Patients\' Private Health Data Contributed To A Medical Infodemic\'','\'Andrea Downing\'','MIV_bd9e37198d8758e1d5b5476517619b98','\'Title: Patient Zero Day: The Leaking of Patients\' Private Health Data Contributed To A Medical Infodemic
\nWhen: Saturday, Aug 12, 12:30 - 13:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Andrea Downing\n
\nNo BIO available
\n\n
\nDescription:
\nAndrea Downing and Eric Perakslis co-published evidence of health data leaking illegally from medical institutions via cross-site trackers such as Meta Pixel. Since publication, follow-up investigations have uncovered a historic data breach currently at 61 million patients and counting as of May 2023. This research has catalyzed unprecedented enforcement of the Health Breach Notification Rule by the Federal Trade Commission, and is now expanding to show whether health tech companies and clinical sites are complying with the law.\n
\n\n\'',NULL,367982),('3_Saturday','13','12:30','13:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Patient Zero Day: The Leaking of Patients\' Private Health Data Contributed To A Medical Infodemic\'','\'Andrea Downing\'','MIV_bd9e37198d8758e1d5b5476517619b98','\'\'',NULL,367983),('3_Saturday','14','14:30','14:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'156 million targeted: Biggest social phishing cyberattacks during Brazil´s election\'','\'Douglas Bernardini\'','MIV_72053e3420c276afab1e14fb84e447b7','\'Title: 156 million targeted: Biggest social phishing cyberattacks during Brazil´s election
\nWhen: Saturday, Aug 12, 14:30 - 14:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Douglas Bernardini\n
\nCybersecurity professional with degrees from FGV/Brazil & specializations from Insper/Brazil and Harvard/USA. Leading a data privacy consulting firm, specializing in cloud assessment, pentest, OSINT, SOC implementation, SIEM configuration, and cloud security. An accomplished author, speaker, professor, and researcher with editorial roles in cyber0.io blog. Active member of OWASP and the Linux Foundation. Currently a trust advisor in corporate cybersecurity for banks, retail, industries, and insurance companies. Boasts a vast physical library of 100+ cybersecurity books and a digital collection of 100,000+ documents on hacking, cloud computing, DevSecOps, SIEM, Cyberdefense, Digital forensics, and cryptography. Holds +8 cybersecurity, cloud computing, and ethical hacking certifications.
\n\n
\nDescription:
\nIn the era of digitalization, the world has witnessed an unprecedented increase in cyber threats, particularly during crucial events such as elections. Today, we delve into a significant case study that shook the Brazilian political landscape and shed light on the immense challenges posed by social phishing cyberattacks.\n

As we all know, Brazil\'s elections are not only a matter of national importance but also hold global significance. The ability to conduct free and fair elections is the cornerstone of any democratic society. However, in recent years, cybercriminals have exploited the vulnerability of social media platforms and unleashed sophisticated phishing attacks to manipulate public opinion and disrupt the democratic process.\n

In this presentation, we focus on the largest social phishing cyberattacks ever recorded during Brazil\'s election, where a staggering 156 million individuals were specifically targeted. These attacks, meticulously orchestrated and strategically timed, aimed to deceive and manipulate voters by spreading disinformation, creating confusion, and influencing their decision-making process.\n

We will explore the modus operandi of the cybercriminals behind these attacks, the techniques they employed to infiltrate the social media landscape, and the sophisticated psychological tactics utilized to exploit the vulnerabilities of the unsuspecting public. Moreover, we will analyze the significant consequences of these cyberattacks on the political climate, public trust, and the overall integrity of the electoral process.\n

Throughout this presentation, we will also discuss the challenges faced by government authorities, law enforcement agencies, and technology companies in countering such threats. From advanced artificial intelligence algorithms to public awareness campaigns, we will explore various strategies implemented to mitigate the impact of social phishing cyberattacks and safeguard the democratic principles that Brazil holds dear.\n

By examining this case study, we aim to shed light on the growing need for enhanced cybersecurity measures, international collaboration, and comprehensive policies to prevent the recurrence of such incidents in future elections, not only in Brazil but also across the globe. It is essential for all stakeholders to understand the gravity of these threats and work together to fortify our digital ecosystems against cybercriminals seeking to undermine the very foundations of democracy.\n

\n\n\'',NULL,367984),('3_Saturday','15','15:00','15:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Misinformation As A Service: Social Engineering techniques applied in service contexts.\'','\'Daniel Isler\'','MIV_2afd0d2d46938e8118470d28099bbb7e','\'Title: Misinformation As A Service: Social Engineering techniques applied in service contexts.
\nWhen: Saturday, Aug 12, 15:00 - 15:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Daniel Isler\n
\nNo BIO available
\n\n
\nDescription:
\n\n
\n\n\'',NULL,367985),('3_Saturday','15','15:30','16:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'IVY HAUL: A Computational Linguistics Analysis of a Disinformation Actor\'','\'Shea Nangle\'','MIV_b4d597acc369306f25f0b42a80764f05','\'Title: IVY HAUL: A Computational Linguistics Analysis of a Disinformation Actor
\nWhen: Saturday, Aug 12, 15:30 - 16:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Shea Nangle\n
\nShea Nangle does not now, nor has he ever, worked for a three letter agency. He has, however, been accused on several occasions of being a Fed, and there was a multiyear period when his wife really thought he worked for a front company. To the best of his knowledge, only one of his previous employers has ever been investigated by the US government as a potential front for foreign intelligence. GLOMAR.\n

In his spare time, he enjoys long walks on the beach and reruns of Magnum, P.I.\n

\n\n
\nDescription:
\nIn April 2023, Sarah Bils was revealed to be one of the main people behind the DonbassDevushka social media \"personality\", posting pro-Russian propaganda to a variety of social media accounts since 2014. One of the main accounts, the PeImeniPusha Twitter account has been active since 2015. Ms. Bils has claimed that there was a team of at least a dozen people responsible for the Donbass Devushka personality. I have leveraged a number of open source tools, along with original methodology and tools, to analyze data collected from the PeImeniPusha Twitter account and several other sources. Primary areas of research and analysis have included identification of authorship clusters, as well as analysis of changes to content posted, with a focus on identifying changes to account content that are linked to current events, such as the Russian invasion of Ukraine. In this session, I will share the results of this research and analysis for the first time, and will include an exploration of methodologies used (including successes and failures) and a discussion of applications of this work to the analysis of other disinformation actors.\n
\n\n\'',NULL,367986),('3_Saturday','16','15:30','16:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'IVY HAUL: A Computational Linguistics Analysis of a Disinformation Actor\'','\'Shea Nangle\'','MIV_b4d597acc369306f25f0b42a80764f05','\'\'',NULL,367987),('3_Saturday','16','16:30','17:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Hacks, Leaks, and Revelations: Pandemic Profiteers and COVID-19 Disinformation\'','\'Micah Lee\'','MIV_192384afd84d08165dc07998a4afbc57','\'Title: Hacks, Leaks, and Revelations: Pandemic Profiteers and COVID-19 Disinformation
\nWhen: Saturday, Aug 12, 16:30 - 17:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Micah Lee\n
\nMicah Lee is an investigative journalist, computer security engineer, and open source software developer who is known for helping secure Edward Snowden’s communications while Snowden leaked secret NSA documents. Lee is the director of information security at The Intercept and an adviser to the transparency collective Distributed Denial of Secrets. He’s a former staff technologist for the Electronic Frontier Foundation and a co- founder of the Freedom of the Press Foundation. Lee is also a Tor Project core contributor, and he develops open source security and privacy tools like OnionShare and Dangerzone.
\n\n
\nDescription:
\n\n
\n\n\'',NULL,367988),('3_Saturday','17','16:30','17:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Hacks, Leaks, and Revelations: Pandemic Profiteers and COVID-19 Disinformation\'','\'Micah Lee\'','MIV_192384afd84d08165dc07998a4afbc57','\'\'',NULL,367989),('4_Sunday','10','10:00','11:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Hackathon result\'s presentation\'','\'Misinformation Village Staff\'','MIV_79de27a2e88b656785a8a15914ab04c6','\'Title: Hackathon result\'s presentation
\nWhen: Sunday, Aug 13, 10:00 - 11:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Misinformation Village Staff\n
\nNo BIO available
\n\n
\nDescription:
\n\n
\n\n\'',NULL,367990),('4_Sunday','11','10:00','11:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Hackathon result\'s presentation\'','\'Misinformation Village Staff\'','MIV_79de27a2e88b656785a8a15914ab04c6','\'\'',NULL,367991),('2_Friday','11','11:30','12:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'If it looks like a duck... Russia\'s new MDM communication strategies on Social Media after the War in Ukraine\'','\'Paula González Nagore\'','MIV_d5da417224efbff921a090f07612c7f0','\'Title: If it looks like a duck... Russia\'s new MDM communication strategies on Social Media after the War in Ukraine
\nWhen: Friday, Aug 11, 11:30 - 12:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Paula González Nagore\n
\nPaula González Nagore is an Intelligence Analyst specialized in OSINT and SOCMINT investigations and Cyber Intelligence. She currently works in the private sector conducting Digital Footprint, Digital Surveillance and Competitive Intelligence investigations. She also collaborates with different public and educational institutions to investigate disinformation and its effects, as well as the digital tools that are used today to develop disinformation campaigns and fake news in digital media and social networks.
\n\n
\nDescription:
\nRussia has always had a well-structured social media communication policy. With the help of media outlets such as RT or Sputnik among many others, they acted as (dis)information proxies for years. At the same time, many social media influencers helped to viralize their content by sharing and disseminating it.\n

However, with the start of the war in Ukraine in February 2022, all that changed. From the European Union and other countries, a cancellation of media was launched, as well as a targeting of those profiles that in a very visible way support Russian narratives. This has not stopped their action during this year and a half, but it has caused a change in the communication vectors they use and how they are using them.\n

In this workshop we will take the opportunity to analyze how communication strategies have evolved in social networks to disseminate and viralize disinformative narratives from official profiles of some state institutions such as embassies. To do this, we will make a comparison that will allow us to see the activity of this type of profiles in Europe and Latin America, as well as compare it with the activity of embassies in these countries by other countries such as the United States. \n

Based on this research, we will develop practical exercises that focus on analyzing the content of the messages, the interest in some topics over others and the use of different communication channels beyond social networks, as well as specific entities and actors to position the content to the audience. With this, we will work on the TTPs implemented as an incident creator, and the strategies that can be developed from a Blue Team perspective.\n

\n\n\'',NULL,367992),('2_Friday','12','11:30','12:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'If it looks like a duck... Russia\'s new MDM communication strategies on Social Media after the War in Ukraine\'','\'Paula González Nagore\'','MIV_d5da417224efbff921a090f07612c7f0','\'\'',NULL,367993),('2_Friday','13','13:00','13:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Dissecting Deception: The Role of Twitter in U.S. Political Discourse\'','\'Travis Allen\'','MIV_d279f991b0125a401254eb8378e76509','\'Title: Dissecting Deception: The Role of Twitter in U.S. Political Discourse
\nWhen: Friday, Aug 11, 13:00 - 13:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Travis Allen\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk will take you back in time to 2015, the year I dove headfirst into the swirling vortex of American political misinformation on Twitter. Having navigated three presidential administrations, and amassing over 250,000 followers on Twitter, I\'ve seen firsthand how misinformation in American politics has evolved since the election of Donald Trump. I\'ll recount the strategies that led to the growth of my account and the circumstances under which it was ultimately blocked by President Trump. Prepare to unravel the inner workings of political misinformation networks on Twitter — their operations, their financing, and how they go viral. We\'ll delve into how influencers, celebrities, PACs, campaigns, politicians, the media, and candidates orchestrate their efforts to disseminate their messaging. It will mark the differences in the American social media landscape between the right and the left. This talk will also illuminate how contemporary political movements promulgate their messages and counter disinformation. I will tie all of these strategies, both offensive and defensive, to the DISARM framework.\n
\n\n\'',NULL,367994),('2_Friday','14','14:30','15:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Be a Nerd that Talks Good: Up-leveling how we talk about misinformation, to build community trust and awareness\'','\'Joel Benge\'','MIV_196d8009207a0523ca99171c665bef86','\'Title: Be a Nerd that Talks Good: Up-leveling how we talk about misinformation, to build community trust and awareness
\nWhen: Friday, Aug 11, 14:30 - 15:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Joel Benge\n, MessageSpec Consulting
\nJoel Benge is the principal at MessageSpec Consulting. He supports founders and product teams at startups and scale-ups in creating technically-accurate and textually-beautiful stories and messages. He works closely with clients to connect their business objectives to the human emotions and motivations of their target audiences — creating content that gets attention, gets remembered, and gets results. With over 25 years in IT, cybersecurity, and marketing, Joel has worked for companies from NASA to Nickelodeon, along with several other organizations that start with different letters than N. He is a proponent of the series comma and (poorly) plays the didgeridoo.
\n\n
\nDescription:
\nSure, you’ve got skills to “build the stuff and do the thing.” But how good are you at talking to non-techs, execs, and the general public about why what you’re doing is important? If you can’t get people’s attention, get them to remember the important things, and motivate them to act (or not act, in the case of misinformation), you can’t be as effective.\n

This workshop explores a framework for a better understanding of how we as technologists can develop messages that get attention, get noticed, and get results without “dumbing down” or sacrificing technical acuity. Basically, being the Nerds that Talk Good.\n

The solution to misinformation, especially machine-generated misinformation, is not solely a bot vs. bot problem. Understanding why messages take hold in the first place and leveraging our human heart, mind, and gut-level responses to stories can make us better communicators as technologists—which can help authentic and trustworthy content rise above the machines.\n

Leveraging the MessageDeck—a novel, nontechnical, hands-on card-based approach—, participants will be coached to discover the higher-order motivations and objectives necessary for their communications and content to be trusted and believed. The model also serves as a framework to develop an informed, skeptical awareness when receiving information.\n

The model was developed after 25 years in arts and entertainment, hardcore IT and cybersecurity, and government communications and is being presented with none of that boring nonsense. We’ll get together, play some cards, spark some conversations, and out of it will come a messaging platform that will recapture the public sphere for good.\n

Participants will also have an opportunity to contribute to a Misinformation Village Messaging Platform—a set of hallmark messages that can be adopted by the broader community. By discovering these authentic messages, we build cohesion and consistency across the misinformation awareness movement.\n

Samples of the MessageDeck will be available as supplies last to any who want them, but the strength of the approach lies in its flexibility to be used explicitly or to inform other facilitated conversations. So we will also have an opportunity to explore other ways to apply it to the work of others.\n

\n\n\'',NULL,367995),('2_Friday','15','14:30','15:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Be a Nerd that Talks Good: Up-leveling how we talk about misinformation, to build community trust and awareness\'','\'Joel Benge\'','MIV_196d8009207a0523ca99171c665bef86','\'\'',NULL,367996),('3_Saturday','10','10:00','10:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Disincentivizing misinformation: co-create a new platform business model\'','\'Vardon Hamdiu\'','MIV_310d63767e5e30284e394642e29a997e','\'Title: Disincentivizing misinformation: co-create a new platform business model
\nWhen: Saturday, Aug 12, 10:00 - 10:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Vardon Hamdiu\n, Co-Lead at Sparkable
\nVardon Hamdiu is the Co-Lead of Sparkable, a nonprofit organization working on a new platform model to counter misinformation, hate, and other harms connected to the advertisement business model. In the last decade, he worked in the communications of a Swiss President, lived in South Africa for half a year, and worked with refugees. During that time, he realized the enormous disconnect between the information we consume online and the lived reality of so many people around the world. This made him start Sparkable, a community-led effort to create a better information environment.
\n\n
\nDescription:
\nWhat are the economic incentives driving misinformation, and what does the advertisement/engagement business model have to do with it? If we could create a new model for our information ecosystem, how would we ensure civic integrity and security by design?\n \n

Join this workshop to co-create a new incentive system for open platforms focused on people, not profit. \n \n

In the workshop, you will modify and improve this new system in two different tracks: integrity and research/design. It will cover a wide range of interests, including trust & safety, cybersecurity, media, content creation, UX, and systems design. You can choose the track most relevant to you and contribute ideas, questions, and feedback that will directly inform the Sparkable roadmap. No previous knowledge is required.\n

\n\n\'',NULL,367997),('3_Saturday','11','11:00','11:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Evil Digital Twin: Learn Psychological Manipulation with an Uncensored LLM\'','\'Ben D. Sawyer,Matthew Canham\'','MIV_fe8275ad21c73e7f80fb725cf74b98e1','\'Title: Evil Digital Twin: Learn Psychological Manipulation with an Uncensored LLM
\nWhen: Saturday, Aug 12, 11:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\nSpeakers:Ben D. Sawyer,Matthew Canham
\n
SpeakerBio:Ben D. Sawyer\n
\nDr. Ben D. Sawyer is an applied neuroscientist and human factors engineer known for using brainwaves, eye movements, and mathematical theory to build better human-machine teams. His models and algorithms power trustworthy machines that work with their human partners. His design recommendations are leveraged by Fortune 500 companies. His work has been covered by Forbes, Reuters, Fast Company, and The BBC, and more. Dr. Sawyer\'s postdoctoral work at MIT was in collaboration with industry including Google, Jaguar-Landrover, Honda, DENSO, Monotype, and Panasonic. A two-time Repperger Research Fellow with the Air Force Research Laboratory (AFRL), he performed research with the 711th Human Performance Wing in both their Applied Neuroscience and Battlefield Acoustics (BATMAN group) divisions. He is a recipient of The Human Factors Prize, for Cybersecurity research, The K.U. Smith Award, for consumer electronics work investigating driving distraction and Google Glass, and an Outstanding Dissertation Award for work investigating the applied psychophysics of warfighter multitasking. Dr. Sawyer is presently faculty in Industrial Engineering and Management Systems and the Institute for Simulation and Training at UCF, and the Director of LabX, an applied neuroscience group addressing human performance. In addition to academic pursuits, Dr. Sawyer provides consulting and expert witness services in matters including distraction, attention, and error. He is the co-founder of Awayr, an AI startup within MIT\'s The Engine. In his leisure time, Ben enjoys adventure travel with his wife, swimming, sailing the Charles, and building things. He volunteers, helping people to learn to repair their own things. He does not enjoy writing about himself in the third person and will now stop.
\n
SpeakerBio:Matthew Canham\n, CEO at Beyond Layer 7
\nDr. Matthew Canham is the CEO of Beyond Layer 7, a security consulting firm specializing in mitigating insider risk, human-centric security solutions, and data analytics. He is a founding member of the Cognitive Security Institute, a non-profit organization dedicated to research and understanding the nuances of defending human and artificial decision makers from cognitive attacks. He currently holds an affiliated faculty member appointment with George Mason University, where the focus of his research orients around synthetic media –deepfake– social engineering attacks, cognitive security, and insider risk. Dr. Canham was previously a Special Agent for the FBI, where he investigated cybercrimes, insider threats, and ran cyber HUMINT operations as a certified online covert employee. During his tenure with the FBI, he also served as a subject matter expert with the Behavioral Analysis Program (BAP) and as the Technical Liaison between the Operational Technology Division (OTD) and the Cyber Behavioral Analysis Center (CBAC). Dr. Canham has previously taught courses on synthetic media attacks, cognitive warfare, human-centric security, and insider risk for; NATO, NASA (Kennedy Space Center), DARPA, MIT, BI (Oslo, Norway), Aberdeen Proving Ground, ISC2, and the FBI. He holds a PhD in Cognitive Psychology with special expertise in human centric security, data analytics, and behavioral engineering; as well as GIAC certifications in Certified Forensics Examiner (GCFE), Certified Auditing Wireless Networks (GWAN), Mobile Device Security Analyst (GMOB), and Certified Incident Handler (GCIH).
\n\n
\nDescription:
\nThis workshop will delve into the uncharted territory of Uncensored Large Language Models (LLMs) and explore their latent potential. This immersive session invites cybersecurity experts, researchers, and enthusiasts alike to understand the profound capabilities of uncensored LLMs displayed in misinformation and manipulation tactics, and how malicious actors might exploit this capability.\n \n

During the workshop, attendees will gain a practical understanding of how LLMs can deploy sophisticated strategies pulled from psychological literature and advertising science. From harnessing cognitive biases and social norms to capitalizing on habit loops, the mechanisms of manipulation are as intriguing as they are unsettling. An uncensored LLM, ripe for exploration, serves as our playground, providing invaluable insights into its interaction patterns.\n \n

But it\'s not just about understanding these models; it\'s about looking beyond the horizon. Participants will also be introduced to the concept of \'shadow prompts,\' concealed instructions that a compromised or malicious LLM runs alongside standard user prompts. Unraveling the intricacies of these shadow prompts will reveal how they can stealthily shift the outcomes of LLM interactions.\n \n

This workshop is more than just a one-off event. All participants will automatically become members of our burgeoning \"\"Evil Digital Twin\"\" community. This membership comes with the opportunity to engage in an ongoing learning journey, unveiling the less-discussed capabilities of LLMs. By fostering a collaborative environment, we aim to empower members to not only understand these evolving digital entities but also devise robust defenses against them within their respective organizations and institutions.\n \n

Two deep experts in psychology and cybersecurity and the intelligence community will be your guides.\n

\n\n\'',NULL,367998),('3_Saturday','13','13:30','14:30','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Main features of Russia\'s disinformation and propaganda ecosystem in Spanish-speaking countries\'','\'Carlos Galán\'','MIV_635bca05c1953600f9740b6b6c072e40','\'Title: Main features of Russia\'s disinformation and propaganda ecosystem in Spanish-speaking countries
\nWhen: Saturday, Aug 12, 13:30 - 14:30 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Carlos Galán\n
\nCarlos Galán is a lawyer, Master in International Relations and Communication and professor at the Carlos III and Antonio de Nebrija Universities in Spain, in subjects related to Technology Law, Security, Hybrid Threats, Intelligence and International Relations. He has been part of the European Parliament research team for the project \"Strategic communications as a key factor in countering hybrid threats\". He is a member of the Jean Monnet Chair on Disinformation and Fake News of the European Union, and is currently a member of several working teams of the Department of National Security of Spain, an organization whose competences include research on aspects related to disinformation campaigns and hybrid threats.
\n\n
\nDescription:
\nThe participatory paper presents the usual functioning of the Russian propaganda and disinformation ecosystem, as well as the possible indicators exhibited both by the Russian unofficial media and by its journalists/researchers, in those narratives especially focused on the Spanish-speaking public, showing concrete examples from several Latin American countries of this modus operandi.\n
\n\n\'',NULL,367999),('3_Saturday','14','13:30','14:30','Y','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Main features of Russia\'s disinformation and propaganda ecosystem in Spanish-speaking countries\'','\'Carlos Galán\'','MIV_635bca05c1953600f9740b6b6c072e40','\'\'',NULL,368000),('2_Friday','10','10:15','10:45','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Intro to Lockpicking\'','\'TOOOL\'','LPV_09ac44ae7d97cc67318eda1d3b612996','\'Title: Intro to Lockpicking
\nWhen: Friday, Aug 11, 10:15 - 10:45 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.\n
\n\n\'',NULL,368001),('2_Friday','13','13:00','13:30','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Intro to Lockpicking\'','\'TOOOL\'','LPV_1906a5c1feeb2dece584f2ed7c91cc6d','\'Title: Intro to Lockpicking
\nWhen: Friday, Aug 11, 13:00 - 13:30 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.\n
\n\n\'',NULL,368002),('2_Friday','16','16:00','16:30','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Intro to Lockpicking\'','\'TOOOL\'','LPV_e5d9ec0314638350378ed99fcb419a64','\'Title: Intro to Lockpicking
\nWhen: Friday, Aug 11, 16:00 - 16:30 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.\n
\n\n\'',NULL,368003),('3_Saturday','16','16:00','16:30','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Intro to Lockpicking\'','\'TOOOL\'','LPV_5e7c6b9648d91467471ae0ca19d6ceec','\'Title: Intro to Lockpicking
\nWhen: Saturday, Aug 12, 16:00 - 16:30 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.\n
\n\n\'',NULL,368004),('4_Sunday','10','10:15','10:45','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Intro to Lockpicking\'','\'TOOOL\'','LPV_5a6567688b5eb303af4359e36070aef7','\'Title: Intro to Lockpicking
\nWhen: Sunday, Aug 13, 10:15 - 10:45 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.\n
\n\n\'',NULL,368005),('4_Sunday','13','13:00','13:30','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Intro to Lockpicking\'','\'TOOOL\'','LPV_1a940ecb94558cabc401ff63a900b79c','\'Title: Intro to Lockpicking
\nWhen: Sunday, Aug 13, 13:00 - 13:30 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.\n
\n\n\'',NULL,368006),('3_Saturday','10','10:15','10:45','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Intro to Lockpicking\'','\'TOOOL\'','LPV_f4a45d2df83197879fa97488814fdb7c','\'Title: Intro to Lockpicking
\nWhen: Saturday, Aug 12, 10:15 - 10:45 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:TOOOL\n
\nNo BIO available
\n\n
\nDescription:
\nNew to lock picking? Haven\'t picked in a year and need a refresher? Don\'t know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.\n
\n\n\'',NULL,368007),('2_Friday','12','12:00','12:20','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'The \"Why\" of Lock Picking\'','\'Christopher Forte\'','LPV_0b1192e8bba17c2aade2820ba1b6c362','\'Title: The \"Why\" of Lock Picking
\nWhen: Friday, Aug 11, 12:00 - 12:20 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:Christopher Forte\n
\nChristopher Forte is a security researcher and a junky for learning, participating in CTFs, and solving challenges. He is curious, loves teaching others, and has a passion for breaking things. As a resident of Las Vegas, Christopher co-founded DC702, is the local Chapter President of TOOOL, and enjoys introducing people to the world of hacking and lock picking.
\n\n
\nDescription:
\n\"Why would you possibly need to know how to do that?\" and “Couldn’t you just break the lock?” are two of the more common questions I get when discussing lock picking or various bypasses. At first glance, many see lock picking as a nefarious and largely unnecessary hobby. But, whether you are a locksport enthusiast, security researcher, emergency responder, or just someone who enjoys puzzles, lock picking can be a constructive—and useful—skill to learn. This talk aims to show how diverse the community is, explore some of the many reasons we engage in this hobby, and try to give some answers as to why we practice lock picking.\n
\n\n\'',NULL,368008),('2_Friday','14','14:00','14:30','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Doors, Cameras, and Mantraps: Oh, my!\'','\'Dylan Baklor\'','LPV_c7bc3252556bdb2112935803a81b0f92','\'Title: Doors, Cameras, and Mantraps: Oh, my!
\nWhen: Friday, Aug 11, 14:00 - 14:30 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:Dylan Baklor\n
\nNo BIO available
\n\n
\nDescription:
\nThis is a general talk about the nuts and bolts of Physical Security. Not a lockpicking talk.\n
\n\n\'',NULL,368009),('2_Friday','15','15:00','15:40','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'How to Lose Access to your Door in Two Easy Steps\'','\'jos weyers\'','LPV_b2f9f52cf3d6d5b319e238d1a563ebec','\'Title: How to Lose Access to your Door in Two Easy Steps
\nWhen: Friday, Aug 11, 15:00 - 15:40 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:jos weyers\n
\nNo BIO available
\n\n
\nDescription:
\nInformation leakage is not just a digital problem. Neither is your access management system. This talk will address this often overlooked opsec fail; pictures of keys can be found all over the internet, put there by proud new buildingowners, jobhoppers or correctional facility officers. These pictures can be turned into actual working keys, causing all sorts of chaos. This talk will show why this is a problem, why we should care and maybe make you rethink your physical security a bit.\n
\n\n\'',NULL,368010),('3_Saturday','16','16:45','17:45','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Totally Tubular: An Impromptu Talk About Tubular Locks and Keys\'','\'Deviant Ollam\'','LPV_f8d1e992a83715a454c1257f7adfb04c','\'Title: Totally Tubular: An Impromptu Talk About Tubular Locks and Keys
\nWhen: Saturday, Aug 12, 16:45 - 17:45 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:Deviant Ollam\n
\nNo BIO available
\n\n
\nDescription:
\nTubular locks (also known colloquially as \"barrel key\" locks or by the O.G. name \"ACE\" lock or \"Chicago\" lock) have been around for ages and are mostly considered obsolescent at this point... but how many of you can reliably pick them and produce keys for them?\n

This talk will attempt to demystify some of the oddities surrounding tubular systems and reveal the tools and hardware that you can use to side-step many hassles regarding tubular locks if you encounter them in the field.\n

\n\n\'',NULL,368011),('3_Saturday','17','16:45','17:45','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Totally Tubular: An Impromptu Talk About Tubular Locks and Keys\'','\'Deviant Ollam\'','LPV_f8d1e992a83715a454c1257f7adfb04c','\'\'',NULL,368012),('4_Sunday','11','11:00','11:59','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Safecracking for Everyone\'','\'Jared Dygert\'','LPV_56eb7930dae9f028486aee4272044078','\'Title: Safecracking for Everyone
\nWhen: Sunday, Aug 13, 11:00 - 11:59 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:Jared Dygert\n
\nNo BIO available
\n\n
\nDescription:
\nThis talk covers the workings of mechanical combination safe locks, their vulnerabilities, and how to manipulate them.\n
\n\n\'',NULL,368013),('4_Sunday','12','12:00','13:30','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Officially Unofficial Safecracking Tournament\'','\'Jared Dygert\'','LPV_4b026553dff26f93e4ea04b39ab45458','\'Title: Officially Unofficial Safecracking Tournament
\nWhen: Sunday, Aug 13, 12:00 - 13:30 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
SpeakerBio:Jared Dygert\n
\nNo BIO available
\n\n
\nDescription:
\nHands on experience with learning techniques to manipulate mechanical safe locks\n
\n\n\'',NULL,368014),('4_Sunday','13','12:00','13:30','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Officially Unofficial Safecracking Tournament\'','\'Jared Dygert\'','LPV_4b026553dff26f93e4ea04b39ab45458','\'\'',NULL,368015),('3_Saturday','14','14:00','14:59','N','MISC','Caesars Forum - Summit - Contest Area','\'DEF CON Chess Kids Free-Play\'','\' \'','MISC_fa800a68eb746f118718f9c9f80bf8a9','\'Title: DEF CON Chess Kids Free-Play
\nWhen: Saturday, Aug 12, 14:00 - 14:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nKids free play chess for an hour before the main chess tournament (which is also kid friendly). Kids open play is 14:00 to 15:00 Saturday, forum contest area.\n
\n\n\'',NULL,368016),('2_Friday','13','13:30','13:55','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'How NOT to Train your Hack Bot: Dos and Don’ts of Building Offensive GPTs\'','\'Ari Herbert-Voss,Shane Caldwell\'','AIV_686b736e3f2294abdff23485a6685790','\'Title: How NOT to Train your Hack Bot: Dos and Don’ts of Building Offensive GPTs
\nWhen: Friday, Aug 11, 13:30 - 13:55 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\nSpeakers:Ari Herbert-Voss,Shane Caldwell
\n
SpeakerBio:Ari Herbert-Voss\n
\nNo BIO available
\n
SpeakerBio:Shane Caldwell\n
\nNo BIO available
\n\n
\nDescription:
\nGPTs are all the rage and no doubt everybody is curious if you can use them for offensive security operations. In this talk we demonstrate how you can and can’t use large language models (LLMs) like GPT4 to find security vulnerabilities in applications, and discuss in detail the promise and limitations of using LLMs this way. We go deep on how LLMs work, the differences between various models, and state-of-the-art techniques to improve performance.\n
\n\n\'',NULL,368017),('3_Saturday','10','10:00','17:59','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9','\'Title: AI Village Generative Red Team Challenge
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
\nDescription:
\nParticipate in a Jeopardy-style CTFs competition that challenges you to break through the guardrails within 8 different LLMs. In your 50-minute session, execute prompt injections, find internal inconsistencies, and identify issues in information integrity, privacy, and societal harm. Compete for points and take home the prize, or just have fun coming up with novel attacks.\n

This exercise, first of its kind, will allow the best and brightest minds in the security industry to join diverse voices new and veteran to the AI scene in pursuit of making AI and machine learning safer.\n

\n\n\'',NULL,368018),('3_Saturday','11','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9','\'\'',NULL,368019),('3_Saturday','12','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9','\'\'',NULL,368020),('3_Saturday','13','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9','\'\'',NULL,368021),('3_Saturday','14','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9','\'\'',NULL,368022),('3_Saturday','15','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9','\'\'',NULL,368023),('3_Saturday','16','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9','\'\'',NULL,368024),('3_Saturday','17','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9','\'\'',NULL,368025),('2_Friday','10','10:00','17:59','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8af87042394726da231b53ad08f705da','\'Title: AI Village Generative Red Team Challenge
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
\nDescription:
\nParticipate in a Jeopardy-style CTFs competition that challenges you to break through the guardrails within 8 different LLMs. In your 50-minute session, execute prompt injections, find internal inconsistencies, and identify issues in information integrity, privacy, and societal harm. Compete for points and take home the prize, or just have fun coming up with novel attacks.\n

This exercise, first of its kind, will allow the best and brightest minds in the security industry to join diverse voices new and veteran to the AI scene in pursuit of making AI and machine learning safer.\n

\n\n\'',NULL,368026),('2_Friday','11','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8af87042394726da231b53ad08f705da','\'\'',NULL,368027),('2_Friday','12','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8af87042394726da231b53ad08f705da','\'\'',NULL,368028),('2_Friday','13','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8af87042394726da231b53ad08f705da','\'\'',NULL,368029),('2_Friday','14','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8af87042394726da231b53ad08f705da','\'\'',NULL,368030),('2_Friday','15','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8af87042394726da231b53ad08f705da','\'\'',NULL,368031),('2_Friday','16','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8af87042394726da231b53ad08f705da','\'\'',NULL,368032),('2_Friday','17','10:00','17:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8af87042394726da231b53ad08f705da','\'\'',NULL,368033),('4_Sunday','10','10:00','12:59','N','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8ec07e78622127ace84570c67583c8a1','\'Title: AI Village Generative Red Team Challenge
\nWhen: Sunday, Aug 13, 10:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 401-406 - AI Village - Map
\n
\nDescription:
\nParticipate in a Jeopardy-style CTFs competition that challenges you to break through the guardrails within 8 different LLMs. In your 50-minute session, execute prompt injections, find internal inconsistencies, and identify issues in information integrity, privacy, and societal harm. Compete for points and take home the prize, or just have fun coming up with novel attacks.\n

This exercise, first of its kind, will allow the best and brightest minds in the security industry to join diverse voices new and veteran to the AI scene in pursuit of making AI and machine learning safer.\n

\n\n\'',NULL,368034),('4_Sunday','11','10:00','12:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8ec07e78622127ace84570c67583c8a1','\'\'',NULL,368035),('4_Sunday','12','10:00','12:59','Y','AIV','Caesars Forum - Academy - 401-406 - AI Village','\'AI Village Generative Red Team Challenge\'','\' \'','AIV_8ec07e78622127ace84570c67583c8a1','\'\'',NULL,368036),('2_Friday','19','19:00','19:59','N','MISC','Caesars Forum - Summit - Contest Area','\'Kids Only Karaoke\'','\' \'','MISC_e0618b8acfe6378b45fe4d71c5fa09a9','\'Title: Kids Only Karaoke
\nWhen: Friday, Aug 11, 19:00 - 19:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nCome sing Hacker Karaoke! Its just like normal Karaoke, but with 110% more root shellz.\n
\n\n\'',NULL,368037),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'AutoDriving CTF\'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e','\'Title: AutoDriving CTF
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nAutoDriving CTF is a Jeopardy style of CTF game with a set of challenges specific to self-driving functions and components. The contest offers participants the ability to use a simulation-based autonomous driving environment (based on the open-source simulators; e.g., LGSVL and CARLA) and explore specific attacks (such as camouflage stickers, road graffiti, and sensor spoofing/hijacking) as well as defense strategies.\n

We hope to continue the engagement with the hacking community to demonstrate security implications of autonomous driving system design decisions through hands-on challenges, increase the awareness of potential risks in security professionals, and encourage them to propose defense solutions and tools to detect such risks.​\n

\n\n\'',NULL,368038),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'AutoDriving CTF\'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e','\'\'',NULL,368039),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'AutoDriving CTF\'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e','\'\'',NULL,368040),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'AutoDriving CTF\'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e','\'\'',NULL,368041),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'AutoDriving CTF\'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e','\'\'',NULL,368042),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'AutoDriving CTF\'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e','\'\'',NULL,368043),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'AutoDriving CTF\'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e','\'\'',NULL,368044),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'AutoDriving CTF\'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e','\'\'',NULL,368045),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Sign-ups\'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d','\'Title: Trace Labs OSINT Search Party CTF - Sign-ups
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons.\n

You can have teams of 1-4 people, 4 person teams provide many benefits which include the coaching of more junior members. Often a great learning opportunity if you are able to pair up with OSINT veterans. Get your team together and join us in our [Discord group](https://tracelabs.org/discord) to get started.\n

\n\n\'',NULL,368046),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Sign-ups\'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d','\'\'',NULL,368047),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Sign-ups\'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d','\'\'',NULL,368048),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Sign-ups\'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d','\'\'',NULL,368049),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Sign-ups\'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d','\'\'',NULL,368050),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Sign-ups\'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d','\'\'',NULL,368051),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Sign-ups\'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d','\'\'',NULL,368052),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Sign-ups\'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d','\'\'',NULL,368053),('0_Wednesday','00','00:00','09:59','N','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'Title: The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition
\nWhen: Wednesday, Aug 9, 00:00 - 09:59 PDT
\nWhere: Virtual
\n
\nDescription:
\nThe DEFCON MUD is available now for those who would like to play remotely. New characters created will be eligible to enter, however only DUMB Terminals in the DEFCON contest area may actually score points. For details go to https://evil.af/\n

START: Monday August 5th 2023 @ 0001\n

END: Sunday August 13th 2023 @ 1000\n

\n\n\'',NULL,368054),('0_Wednesday','01','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368055),('0_Wednesday','02','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368056),('0_Wednesday','03','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368057),('0_Wednesday','04','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368058),('0_Wednesday','05','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368059),('0_Wednesday','06','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368060),('0_Wednesday','07','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368061),('0_Wednesday','08','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368062),('0_Wednesday','09','00:00','09:59','Y','MISC','Virtual','\'The DEFCON31 Multi User Dungeon Adventure (DEFCON MUD) Internet Edition\'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696','\'\'',NULL,368063),('3_Saturday','10','10:00','17:59','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb','\'Title: Lockpick Village Activities
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
\nDescription:
\nWant to tinker with locks and tools the likes of which you\'ve only seen in movies featuring secret agents, daring heists, or covert entry teams?\n

Then come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\n

The Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\n

Experts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\n

--\n

A popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n

\n\n\'',NULL,368064),('3_Saturday','11','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb','\'\'',NULL,368065),('3_Saturday','12','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb','\'\'',NULL,368066),('3_Saturday','13','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb','\'\'',NULL,368067),('3_Saturday','14','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb','\'\'',NULL,368068),('3_Saturday','15','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb','\'\'',NULL,368069),('3_Saturday','16','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb','\'\'',NULL,368070),('3_Saturday','17','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb','\'\'',NULL,368071),('2_Friday','10','10:00','17:59','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_8906ba17f659a30437f56c67737e738d','\'Title: Lockpick Village Activities
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
\nDescription:
\nWant to tinker with locks and tools the likes of which you\'ve only seen in movies featuring secret agents, daring heists, or covert entry teams?\n

Then come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\n

The Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\n

Experts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\n

--\n

A popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n

\n\n\'',NULL,368072),('2_Friday','11','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_8906ba17f659a30437f56c67737e738d','\'\'',NULL,368073),('2_Friday','12','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_8906ba17f659a30437f56c67737e738d','\'\'',NULL,368074),('2_Friday','13','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_8906ba17f659a30437f56c67737e738d','\'\'',NULL,368075),('2_Friday','14','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_8906ba17f659a30437f56c67737e738d','\'\'',NULL,368076),('2_Friday','15','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_8906ba17f659a30437f56c67737e738d','\'\'',NULL,368077),('2_Friday','16','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_8906ba17f659a30437f56c67737e738d','\'\'',NULL,368078),('2_Friday','17','10:00','17:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_8906ba17f659a30437f56c67737e738d','\'\'',NULL,368079),('4_Sunday','10','10:00','13:59','N','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_23dea0be1c5d831922ca6df60c860fc7','\'Title: Lockpick Village Activities
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
\n
\nDescription:
\nWant to tinker with locks and tools the likes of which you\'ve only seen in movies featuring secret agents, daring heists, or covert entry teams?\n

Then come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\n

The Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\n

Experts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\n

--\n

A popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.\n

\n\n\'',NULL,368080),('4_Sunday','11','10:00','13:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_23dea0be1c5d831922ca6df60c860fc7','\'\'',NULL,368081),('4_Sunday','12','10:00','13:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_23dea0be1c5d831922ca6df60c860fc7','\'\'',NULL,368082),('4_Sunday','13','10:00','13:59','Y','LPV','LINQ - 5th Floor / BLOQ - Lockpick Village','\'Lockpick Village Activities\'','\' \'','LPV_23dea0be1c5d831922ca6df60c860fc7','\'\'',NULL,368083),('3_Saturday','17','17:30','17:59','N','MIV','Caesars Forum - Summit - 224 - Misinfo Village','\'Misinformation Village Q and A\'','\'Misinformation Village Staff\'','MIV_5d20d79bddf273ff9a4db8c974cd874f','\'Title: Misinformation Village Q and A
\nWhen: Saturday, Aug 12, 17:30 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 224 - Misinfo Village - Map
\n
SpeakerBio:Misinformation Village Staff\n
\nNo BIO available
\n\n
\nDescription:
\nA chance to ask us questions about the misinformation village\n
\n\n\'',NULL,368084),('3_Saturday','11','11:00','11:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Maria Markstedter, Blue Fox: Arm Assembly Internals and Reverse Engineering\'','\'Maria Markstedter\'','MISC_b3c003dfa92aa5a1b33c928f666e887b','\'Title: No Starch Press - Book Signing - Maria Markstedter, Blue Fox: Arm Assembly Internals and Reverse Engineering
\nWhen: Saturday, Aug 12, 11:00 - 11:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
SpeakerBio:Maria Markstedter\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368085),('3_Saturday','14','14:30','14:59','N','MISC','Caesars Forum - Alliance - 305-306 - Vendors','\'No Starch Press - Book Signing - Cory Doctorow, Red Team Blues & Chokepoint Capitalism\'','\'Cory Doctorow\'','MISC_b7138bb3c85577c3dc6791b19ba30b33','\'Title: No Starch Press - Book Signing - Cory Doctorow, Red Team Blues & Chokepoint Capitalism
\nWhen: Saturday, Aug 12, 14:30 - 14:59 PDT
\nWhere: Caesars Forum - Alliance - 305-306 - Vendors - Map
\n
SpeakerBio:Cory Doctorow\n
\nCory Doctorow (craphound.com) is a science fiction author, activist and journalist. He is the author of many books, most recently RED TEAM BLUES, a science fiction crime thriller; CHOKEPOINT CAPITALISM, nonfiction about monopoly and creative labor markets; the LITTLE BROTHER series for young adults; IN REAL LIFE, a graphic novel; and the picture book POESY THE MONSTER SLAYER. In 2020, he was inducted into the Canadian Science Fiction and Fantasy Hall of Fame.
\nTwitter: @@doctorow
\n\n
\nDescription:No Description available
\n\'',NULL,368086),('3_Saturday','10','10:00','15:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_2c45b645c47e804688a7e4b0dc92a96f','\'Title: Haptics Hack-a-Thon
\nWhen: Saturday, Aug 12, 10:00 - 15:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nOpen Bug Hunt | Hack the MetaQuest 2 in collaboration with Adversary Village, Red Team Village and sponsored by ThreatSims and Meta. Bug bounties to be reported via Meta Bug Bounty terms & conditions. Please sign up if you plan to participate.\n
\n\n\'',NULL,368087),('3_Saturday','11','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_2c45b645c47e804688a7e4b0dc92a96f','\'\'',NULL,368088),('3_Saturday','12','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_2c45b645c47e804688a7e4b0dc92a96f','\'\'',NULL,368089),('3_Saturday','13','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_2c45b645c47e804688a7e4b0dc92a96f','\'\'',NULL,368090),('3_Saturday','14','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_2c45b645c47e804688a7e4b0dc92a96f','\'\'',NULL,368091),('3_Saturday','15','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_2c45b645c47e804688a7e4b0dc92a96f','\'\'',NULL,368092),('2_Friday','10','10:00','15:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_a30e2b1a5a6bec4cd671582b9744a148','\'Title: Haptics Hack-a-Thon
\nWhen: Friday, Aug 11, 10:00 - 15:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nOpen Bug Hunt | Hack the MetaQuest 2 in collaboration with Adversary Village, Red Team Village and sponsored by ThreatSims and Meta. Bug bounties to be reported via Meta Bug Bounty terms & conditions. Please sign up if you plan to participate.\n
\n\n\'',NULL,368093),('2_Friday','11','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_a30e2b1a5a6bec4cd671582b9744a148','\'\'',NULL,368094),('2_Friday','12','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_a30e2b1a5a6bec4cd671582b9744a148','\'\'',NULL,368095),('2_Friday','13','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_a30e2b1a5a6bec4cd671582b9744a148','\'\'',NULL,368096),('2_Friday','14','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_a30e2b1a5a6bec4cd671582b9744a148','\'\'',NULL,368097),('2_Friday','15','10:00','15:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Haptics Hack-a-Thon\'','\' \'','XRV_a30e2b1a5a6bec4cd671582b9744a148','\'\'',NULL,368098),('2_Friday','16','16:00','16:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'Glad Scientist | Village Vibes Immersive Performance, a data-driven real time audiovisual VR performance\'','\' \'','XRV_c1616fb230d380769c45ece59af16c89','\'Title: Glad Scientist | Village Vibes Immersive Performance, a data-driven real time audiovisual VR performance
\nWhen: Friday, Aug 11, 16:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nThe Glad Scientist (Daniel Sabio) is a Puerto Rican conceptual new media artist and creative technologist living and working in Barcelona, ES.\n

Most well-known for their audiovisual performances, their work ranges from VR modular synth performances and multichannel sound installations to brain/heart controlled artworks and video game experiences, with the chosen medium being a reflection of the concept.\n

For nearly 10 years, the artist’s work has been welcomed at diverse festivals including Ars Electronica, ISEA, SXSW, Bass Coast, VRHAM!, FILE, LEV, and DreamHack, among others. It has been awarded placement in Oculus Launchpad, Art Omi: Music Fellowship, Berlin Sessions Residency, UNCSA METL Immersive Storytelling Residency, ARTnSHELTER Residency, and Zoo Labs Music Accelerator.\n

As a local organizer they founded Art in Tech Atlanta and are a founding member of Volta Laboratory Social Club, a music label and cornerstone in the Atlanta underground music scene. They have been invited to speak at Google DevFest, IAM Weekend, Chaos Communication Congress, and Tate Modern.\n

In professional realms they are a former member of Envoy Chicago (Leviathan), Cosmic Lab in Osaka, IMRSV in Berlin, and contribute as needed to Ommatidium Studios in Edmonton.\n

\n\n\'',NULL,368099),('3_Saturday','16','16:00','16:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'Glad Scientist | Village Vibes Immersive Performance, a data-driven real time audiovisual VR performance\'','\' \'','XRV_a5ddd69db8bbf658bcb44046b3a29aee','\'Title: Glad Scientist | Village Vibes Immersive Performance, a data-driven real time audiovisual VR performance
\nWhen: Saturday, Aug 12, 16:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nThe Glad Scientist (Daniel Sabio) is a Puerto Rican conceptual new media artist and creative technologist living and working in Barcelona, ES.\n

Most well-known for their audiovisual performances, their work ranges from VR modular synth performances and multichannel sound installations to brain/heart controlled artworks and video game experiences, with the chosen medium being a reflection of the concept.\n

For nearly 10 years, the artist’s work has been welcomed at diverse festivals including Ars Electronica, ISEA, SXSW, Bass Coast, VRHAM!, FILE, LEV, and DreamHack, among others. It has been awarded placement in Oculus Launchpad, Art Omi: Music Fellowship, Berlin Sessions Residency, UNCSA METL Immersive Storytelling Residency, ARTnSHELTER Residency, and Zoo Labs Music Accelerator.\n

As a local organizer they founded Art in Tech Atlanta and are a founding member of Volta Laboratory Social Club, a music label and cornerstone in the Atlanta underground music scene. They have been invited to speak at Google DevFest, IAM Weekend, Chaos Communication Congress, and Tate Modern.\n

In professional realms they are a former member of Envoy Chicago (Leviathan), Cosmic Lab in Osaka, IMRSV in Berlin, and contribute as needed to Ommatidium Studios in Edmonton.\n

\n\n\'',NULL,368100),('4_Sunday','10','10:00','11:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f546fcc299b8a674a342afbb3030d00','\'Title: XR Village Playground
\nWhen: Sunday, Aug 13, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nExplore emerging technology, hardware and experiences in the XR Village Playground. Meet and learn from technologists, futurists, and artists in the XR (VR / AR) space. Sponsored by BadVR and in collaboration with ICS Village, Red Team Village, Adversary Village and Policy Village.\n
\n\n\'',NULL,368101),('4_Sunday','11','10:00','11:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f546fcc299b8a674a342afbb3030d00','\'\'',NULL,368102),('3_Saturday','10','10:00','17:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f1c092353098111688bc0de68db931c','\'Title: XR Village Playground
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nExplore emerging technology, hardware and experiences in the XR Village Playground. Meet and learn from technologists, futurists, and artists in the XR (VR / AR) space. Sponsored by BadVR and in collaboration with ICS Village, Red Team Village, Adversary Village and Policy Village.\n
\n\n\'',NULL,368103),('3_Saturday','11','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f1c092353098111688bc0de68db931c','\'\'',NULL,368104),('3_Saturday','12','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f1c092353098111688bc0de68db931c','\'\'',NULL,368105),('3_Saturday','13','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f1c092353098111688bc0de68db931c','\'\'',NULL,368106),('3_Saturday','14','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f1c092353098111688bc0de68db931c','\'\'',NULL,368107),('3_Saturday','15','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f1c092353098111688bc0de68db931c','\'\'',NULL,368108),('3_Saturday','16','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f1c092353098111688bc0de68db931c','\'\'',NULL,368109),('3_Saturday','17','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_4f1c092353098111688bc0de68db931c','\'\'',NULL,368110),('2_Friday','10','10:00','17:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570','\'Title: XR Village Playground
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nExplore emerging technology, hardware and experiences in the XR Village Playground. Meet and learn from technologists, futurists, and artists in the XR (VR / AR) space. Sponsored by BadVR and in collaboration with ICS Village, Red Team Village, Adversary Village and Policy Village.\n
\n\n\'',NULL,368111),('2_Friday','11','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570','\'\'',NULL,368112),('2_Friday','12','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570','\'\'',NULL,368113),('2_Friday','13','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570','\'\'',NULL,368114),('2_Friday','14','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570','\'\'',NULL,368115),('2_Friday','15','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570','\'\'',NULL,368116),('2_Friday','16','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570','\'\'',NULL,368117),('2_Friday','17','10:00','17:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'XR Village Playground\'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570','\'\'',NULL,368118),('2_Friday','11','11:00','16:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_23a710f24c40ad83758e97081cca19a0','\'Title: Off the Rails: A demo with Pacific Northwest National Labs
\nWhen: Friday, Aug 11, 11:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nPacific Northwest National Laboratory (PNNL) has developed and operates modeled physical environments for training and demonstrating cyber security for DHS CISA as part of their ICS Control Environment Laboratory Resource (CELR). To expose a broader audience at conferences and industry venues, CISA is implementing an XR interface to enable remote users to have a visceral experience as if they are in the same room as the CELR models. The CISA CELR team is developing cutting-edge data pipelines with the Depthkit software and developers at Scatter that can record and transmit accurate 3D renderings of objects and people in near real-time to an XR headset (HoloLens 2). Depthkit combines the data streams from up to 10 Microsoft Azure Kinect cameras and combines them into a calibrated photorealistic 3D video. This video can be exported into the Unity game engine and embedded as recordings or live streams into an XR application. The demonstration planned for Defcon will be for the Rail sector systems including an AR overview of the skid model with some pre-recorded videos of failure scenarios and some VR exploration of rail sector subsystems including a locomotive cab, wayside controller, and regional dispatch display. Conference attendees will learn more about the rail sector and its use of cyber components and the potential risks of cyber based failures.\n
\n\n\'',NULL,368119),('2_Friday','12','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_23a710f24c40ad83758e97081cca19a0','\'\'',NULL,368120),('2_Friday','13','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_23a710f24c40ad83758e97081cca19a0','\'\'',NULL,368121),('2_Friday','14','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_23a710f24c40ad83758e97081cca19a0','\'\'',NULL,368122),('2_Friday','15','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_23a710f24c40ad83758e97081cca19a0','\'\'',NULL,368123),('2_Friday','16','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_23a710f24c40ad83758e97081cca19a0','\'\'',NULL,368124),('3_Saturday','11','11:00','16:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_8d07b146bcabc0cfd63209db1ef29c63','\'Title: Off the Rails: A demo with Pacific Northwest National Labs
\nWhen: Saturday, Aug 12, 11:00 - 16:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nPacific Northwest National Laboratory (PNNL) has developed and operates modeled physical environments for training and demonstrating cyber security for DHS CISA as part of their ICS Control Environment Laboratory Resource (CELR). To expose a broader audience at conferences and industry venues, CISA is implementing an XR interface to enable remote users to have a visceral experience as if they are in the same room as the CELR models. The CISA CELR team is developing cutting-edge data pipelines with the Depthkit software and developers at Scatter that can record and transmit accurate 3D renderings of objects and people in near real-time to an XR headset (HoloLens 2). Depthkit combines the data streams from up to 10 Microsoft Azure Kinect cameras and combines them into a calibrated photorealistic 3D video. This video can be exported into the Unity game engine and embedded as recordings or live streams into an XR application. The demonstration planned for Defcon will be for the Rail sector systems including an AR overview of the skid model with some pre-recorded videos of failure scenarios and some VR exploration of rail sector subsystems including a locomotive cab, wayside controller, and regional dispatch display. Conference attendees will learn more about the rail sector and its use of cyber components and the potential risks of cyber based failures.\n
\n\n\'',NULL,368125),('3_Saturday','12','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_8d07b146bcabc0cfd63209db1ef29c63','\'\'',NULL,368126),('3_Saturday','13','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_8d07b146bcabc0cfd63209db1ef29c63','\'\'',NULL,368127),('3_Saturday','14','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_8d07b146bcabc0cfd63209db1ef29c63','\'\'',NULL,368128),('3_Saturday','15','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_8d07b146bcabc0cfd63209db1ef29c63','\'\'',NULL,368129),('3_Saturday','16','11:00','16:59','Y','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_8d07b146bcabc0cfd63209db1ef29c63','\'\'',NULL,368130),('4_Sunday','11','11:00','11:59','N','XRV','Caesars Forum - Summit - 206 - XR Village','\'Off the Rails: A demo with Pacific Northwest National Labs\'','\' \'','XRV_c3a10f593fb5ab4efa30cbfe82aeef27','\'Title: Off the Rails: A demo with Pacific Northwest National Labs
\nWhen: Sunday, Aug 13, 11:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - 206 - XR Village - Map
\n
\nDescription:
\nPacific Northwest National Laboratory (PNNL) has developed and operates modeled physical environments for training and demonstrating cyber security for DHS CISA as part of their ICS Control Environment Laboratory Resource (CELR). To expose a broader audience at conferences and industry venues, CISA is implementing an XR interface to enable remote users to have a visceral experience as if they are in the same room as the CELR models. The CISA CELR team is developing cutting-edge data pipelines with the Depthkit software and developers at Scatter that can record and transmit accurate 3D renderings of objects and people in near real-time to an XR headset (HoloLens 2). Depthkit combines the data streams from up to 10 Microsoft Azure Kinect cameras and combines them into a calibrated photorealistic 3D video. This video can be exported into the Unity game engine and embedded as recordings or live streams into an XR application. The demonstration planned for Defcon will be for the Rail sector systems including an AR overview of the skid model with some pre-recorded videos of failure scenarios and some VR exploration of rail sector subsystems including a locomotive cab, wayside controller, and regional dispatch display. Conference attendees will learn more about the rail sector and its use of cyber components and the potential risks of cyber based failures.\n
\n\n\'',NULL,368131),('2_Friday','10','10:00','17:59','N','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_6ef0aaf189d52f9c2ebf61ab5dfb601e','\'Title: Contest Area Open
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:No Description available
\n\'',NULL,368132),('2_Friday','11','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_6ef0aaf189d52f9c2ebf61ab5dfb601e','\'\'',NULL,368133),('2_Friday','12','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_6ef0aaf189d52f9c2ebf61ab5dfb601e','\'\'',NULL,368134),('2_Friday','13','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_6ef0aaf189d52f9c2ebf61ab5dfb601e','\'\'',NULL,368135),('2_Friday','14','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_6ef0aaf189d52f9c2ebf61ab5dfb601e','\'\'',NULL,368136),('2_Friday','15','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_6ef0aaf189d52f9c2ebf61ab5dfb601e','\'\'',NULL,368137),('2_Friday','16','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_6ef0aaf189d52f9c2ebf61ab5dfb601e','\'\'',NULL,368138),('2_Friday','17','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_6ef0aaf189d52f9c2ebf61ab5dfb601e','\'\'',NULL,368139),('3_Saturday','10','10:00','17:59','N','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_8c173c4939c183958d8ba03ccc050d34','\'Title: Contest Area Open
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:No Description available
\n\'',NULL,368140),('3_Saturday','11','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_8c173c4939c183958d8ba03ccc050d34','\'\'',NULL,368141),('3_Saturday','12','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_8c173c4939c183958d8ba03ccc050d34','\'\'',NULL,368142),('3_Saturday','13','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_8c173c4939c183958d8ba03ccc050d34','\'\'',NULL,368143),('3_Saturday','14','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_8c173c4939c183958d8ba03ccc050d34','\'\'',NULL,368144),('3_Saturday','15','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_8c173c4939c183958d8ba03ccc050d34','\'\'',NULL,368145),('3_Saturday','16','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_8c173c4939c183958d8ba03ccc050d34','\'\'',NULL,368146),('3_Saturday','17','10:00','17:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_8c173c4939c183958d8ba03ccc050d34','\'\'',NULL,368147),('4_Sunday','10','10:00','13:59','N','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_b5fc09bc2522efe80e72f1209f857cdd','\'Title: Contest Area Open
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:No Description available
\n\'',NULL,368148),('4_Sunday','11','10:00','13:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_b5fc09bc2522efe80e72f1209f857cdd','\'\'',NULL,368149),('4_Sunday','12','10:00','13:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_b5fc09bc2522efe80e72f1209f857cdd','\'\'',NULL,368150),('4_Sunday','13','10:00','13:59','Y','DC','Caesars Forum - Summit - Contest Area','\'Contest Area Open\'','\'\'','DC_b5fc09bc2522efe80e72f1209f857cdd','\'\'',NULL,368151),('3_Saturday','12','12:00','17:59','N','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_b74bc51bbea457624af0f57e45e27a56','\'Title: HDA / Accessibility Area Open
\nWhen: Saturday, Aug 12, 12:00 - 17:59 PDT
\nWhere: Harrah\'s - Studio 2-4 - HDA Community - Map
\n
\nDescription:No Description available
\n\'',NULL,368152),('3_Saturday','13','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_b74bc51bbea457624af0f57e45e27a56','\'\'',NULL,368153),('3_Saturday','14','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_b74bc51bbea457624af0f57e45e27a56','\'\'',NULL,368154),('3_Saturday','15','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_b74bc51bbea457624af0f57e45e27a56','\'\'',NULL,368155),('3_Saturday','16','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_b74bc51bbea457624af0f57e45e27a56','\'\'',NULL,368156),('3_Saturday','17','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_b74bc51bbea457624af0f57e45e27a56','\'\'',NULL,368157),('4_Sunday','12','12:00','13:59','N','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_d3e95ca5443207a07818e11e81969e47','\'Title: HDA / Accessibility Area Open
\nWhen: Sunday, Aug 13, 12:00 - 13:59 PDT
\nWhere: Harrah\'s - Studio 2-4 - HDA Community - Map
\n
\nDescription:No Description available
\n\'',NULL,368158),('4_Sunday','13','12:00','13:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_d3e95ca5443207a07818e11e81969e47','\'\'',NULL,368159),('2_Friday','12','12:00','17:59','N','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_20c6a3f00ec2a8eac36ebf7e6767b5bd','\'Title: HDA / Accessibility Area Open
\nWhen: Friday, Aug 11, 12:00 - 17:59 PDT
\nWhere: Harrah\'s - Studio 2-4 - HDA Community - Map
\n
\nDescription:No Description available
\n\'',NULL,368160),('2_Friday','13','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_20c6a3f00ec2a8eac36ebf7e6767b5bd','\'\'',NULL,368161),('2_Friday','14','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_20c6a3f00ec2a8eac36ebf7e6767b5bd','\'\'',NULL,368162),('2_Friday','15','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_20c6a3f00ec2a8eac36ebf7e6767b5bd','\'\'',NULL,368163),('2_Friday','16','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_20c6a3f00ec2a8eac36ebf7e6767b5bd','\'\'',NULL,368164),('2_Friday','17','12:00','17:59','Y','SOC','Harrah\'s - Studio 2-4 - HDA Community','\'HDA / Accessibility Area Open\'','\'\'','SOC_20c6a3f00ec2a8eac36ebf7e6767b5bd','\'\'',NULL,368165),('4_Sunday','09','09:00','12:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_9261e7aad50a689c5f2ccab7744a975f','\'Title: Wall of Sheep
\nWhen: Sunday, Aug 13, 09:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nWe passively monitor the #DEFCON network looking for insecure network traffic. Drop by and see just how easy it can be! We strive to educate the “sheep” we catch: a friendly reminder that security matters.\n
\n\n\'',NULL,368166),('4_Sunday','10','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_9261e7aad50a689c5f2ccab7744a975f','\'\'',NULL,368167),('4_Sunday','11','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_9261e7aad50a689c5f2ccab7744a975f','\'\'',NULL,368168),('4_Sunday','12','09:00','12:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_9261e7aad50a689c5f2ccab7744a975f','\'\'',NULL,368169),('2_Friday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'Title: Wall of Sheep
\nWhen: Friday, Aug 11, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nWe passively monitor the #DEFCON network looking for insecure network traffic. Drop by and see just how easy it can be! We strive to educate the “sheep” we catch: a friendly reminder that security matters.\n
\n\n\'',NULL,368170),('2_Friday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'\'',NULL,368171),('2_Friday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'\'',NULL,368172),('2_Friday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'\'',NULL,368173),('2_Friday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'\'',NULL,368174),('2_Friday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'\'',NULL,368175),('2_Friday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'\'',NULL,368176),('2_Friday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'\'',NULL,368177),('2_Friday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_ed2245370dca51400f531a739ca05789','\'\'',NULL,368178),('3_Saturday','09','09:00','17:59','N','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'Title: Wall of Sheep
\nWhen: Saturday, Aug 12, 09:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nWe passively monitor the #DEFCON network looking for insecure network traffic. Drop by and see just how easy it can be! We strive to educate the “sheep” we catch: a friendly reminder that security matters.\n
\n\n\'',NULL,368179),('3_Saturday','10','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'\'',NULL,368180),('3_Saturday','11','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'\'',NULL,368181),('3_Saturday','12','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'\'',NULL,368182),('3_Saturday','13','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'\'',NULL,368183),('3_Saturday','14','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'\'',NULL,368184),('3_Saturday','15','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'\'',NULL,368185),('3_Saturday','16','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'\'',NULL,368186),('3_Saturday','17','09:00','17:59','Y','PHV','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Wall of Sheep\'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36','\'\'',NULL,368187),('3_Saturday','12','12:00','17:59','N','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Main Rounds\'','\' \'','CON_8e48dd0e453b974ef43f0949e9d076ec','\'Title: Capture The Packet Main Rounds
\nWhen: Saturday, Aug 12, 12:00 - 17:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nCapture The Packet is returning to DEF CON! Our legendary cyber defense competition has been a Black Badge contest for over 10 years! Glory and prizes await. Follow this event on Twitter at @Capturetp for the latest information on competition dates and times, as well as prizes.\n
\n\n\'',NULL,368188),('3_Saturday','13','12:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Main Rounds\'','\' \'','CON_8e48dd0e453b974ef43f0949e9d076ec','\'\'',NULL,368189),('3_Saturday','14','12:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Main Rounds\'','\' \'','CON_8e48dd0e453b974ef43f0949e9d076ec','\'\'',NULL,368190),('3_Saturday','15','12:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Main Rounds\'','\' \'','CON_8e48dd0e453b974ef43f0949e9d076ec','\'\'',NULL,368191),('3_Saturday','16','12:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Main Rounds\'','\' \'','CON_8e48dd0e453b974ef43f0949e9d076ec','\'\'',NULL,368192),('3_Saturday','17','12:00','17:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet Main Rounds\'','\' \'','CON_8e48dd0e453b974ef43f0949e9d076ec','\'\'',NULL,368193),('4_Sunday','10','10:00','12:59','N','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet FINALS\'','\' \'','CON_bf6c7b35440ecb9c3af5dd904475c9ec','\'Title: Capture The Packet FINALS
\nWhen: Sunday, Aug 13, 10:00 - 12:59 PDT
\nWhere: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
\n
\nDescription:
\nCapture The Packet is returning to DEF CON! Our legendary cyber defense competition has been a Black Badge contest for over 10 years! Glory and prizes await. Follow this event on Twitter at @Capturetp for the latest information on competition dates and times, as well as prizes.\n
\n\n\'',NULL,368194),('4_Sunday','11','10:00','12:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet FINALS\'','\' \'','CON_bf6c7b35440ecb9c3af5dd904475c9ec','\'\'',NULL,368195),('4_Sunday','12','10:00','12:59','Y','CON','Caesars Forum - Academy - 411-414 - Packet Hacking Village','\'Capture The Packet FINALS\'','\' \'','CON_bf6c7b35440ecb9c3af5dd904475c9ec','\'\'',NULL,368196),('2_Friday','12','12:30','13:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'DISARM Workshop\'','\'Charles Smith,Dan Meidenbauer\'','VMV_90af42195d8ba127ad63c30877fcaca2','\'Title: DISARM Workshop
\nWhen: Friday, Aug 11, 12:30 - 13:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Charles Smith,Dan Meidenbauer
\n
SpeakerBio:Charles Smith\n
\nCharles Smith is a cybersecurity researcher at Johns Hopkins University Applied Physics Lab (JHU/APL), where he focuses on the intersection of cyber and information operations and their impact on national security.  Charles spent the first fourteen years of his career as an officer in the U.S. Army, and the recipient of numerous awards and badges including the Ranger Tab, Combat Infantry Badge, and Purple Heart.  He deployed five times as both an infantry officer and intelligence officer to Iraq and Afghanistan, and was selected to serve as an intelligence officer for the 2nd Battalion, 75th Ranger Regiment.  His served his last four years in uniform at US Cyber Command, where he led intelligence support to the defense of the 2020 elections.  Prior to joining JHU/APL, Charles also worked at Twitter on trust and safety response to crises.  Charles holds a bachelor’s of science in Business Administration from Bucknell University, and a Masters of Strategic Intelligence from National Intelligence University.
\n
SpeakerBio:Dan Meidenbauer\n
\nDan Meidenbauer is an experienced cyber systems engineer, electrical/nuclear engineering professional, and program manager with specific expertise in information operations, military cyber operations, critical infrastructure protection, cyber physical systems, cyber systems engineering/analysis/policy, electro-mechanical equipment development, and naval nuclear systems integration. For the past ten years he has served as a cyber systems engineering researcher/strategist at Johns Hopkins University Applied Physics Laboratory (JHU/APL) and as a Cryptologic Warfare Officer (CWO) in the U.S. Navy Reserve. He has seven years of active-duty military experience as a Naval Reactors Engineer and CWO.  Dan is a strategic leader serving operational and technical research contributions with additional skills in national security strategy development/policy, research/technical leadership, and applied scientific strategy. He is a graduate of Virginia Tech with a B.S. in Electrical and Computer Engineering and holds a Master’s in Engineering Management/Systems from Old Dominion University, an M.A. from the U.S. Naval War College in Defense and Strategic Studies, and a master’s equivalency in naval nuclear engineering from the Bettis Reactor Engineering School. He is currently selected for Commander in the U.S. Navy Reserve.
\n\n
\nDescription:
\nOur objectives for our presentation will be to: provide an introduction to the DISARM foundation’s framework, STIX bundles, and OPENCTI, and demonstrate how STIX bundles/OPENCTI can provide indications and warning of IO campaigns, and show how this is relevant to the civic integrity community. For audience participation, we will be conducting a simplified version of the tabletop exercise we just ran using an online polling tool to gather results and provide the audience a chance to upvote ideas they find most successful.  We will aim to run through 3 different polling rounds, and allow 15 mins at the end of wrap up time.\n
\n\n\'',NULL,368197),('2_Friday','13','12:30','13:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'DISARM Workshop\'','\'Charles Smith,Dan Meidenbauer\'','VMV_90af42195d8ba127ad63c30877fcaca2','\'\'',NULL,368198),('3_Saturday','10','10:30','12:30','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'First Timers Workshop\'','\'Tailor Herrarte\'','VMV_aca50a625655134f504b98d559bb44cb','\'Title: First Timers Workshop
\nWhen: Saturday, Aug 12, 10:30 - 12:30 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Tailor Herrarte\n
\nWith over 8 years in government and commercial incident response, I\'m a seasoned cybersecurity expert specializing in OSINT, social engineering, phishing, and pentesting. From fortifying systems in pharmaceuticals to refining best practices at the National Institutes of Health, I bring a wealth of experience. Currently, I\'m dedicated to enhancing web application security at Yahoo.
\n\n
\nDescription:
\nNever hacked a voting machine before? Come check out our First Timers Workshop to give it a try. Don\'t think you can do it? There is only one way to find out. To try it yourself! Even if you have never hacked anything before, this is the workshop for you. \n
\n\n\'',NULL,368199),('3_Saturday','11','10:30','12:30','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'First Timers Workshop\'','\'Tailor Herrarte\'','VMV_aca50a625655134f504b98d559bb44cb','\'\'',NULL,368200),('3_Saturday','12','10:30','12:30','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'First Timers Workshop\'','\'Tailor Herrarte\'','VMV_aca50a625655134f504b98d559bb44cb','\'\'',NULL,368201),('3_Saturday','12','12:30','13:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Review: Surprise Unboxing\'','\'Harri Hursti\'','VMV_a8a2e3157078ca9f04ad5ac64fc75e5e','\'Title: Review: Surprise Unboxing
\nWhen: Saturday, Aug 12, 12:30 - 13:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Harri Hursti\n
\nHarri Hursti, a world renowned data security expert and internet visionary is the Founder of the 501(c)(3) organization the Election Integrity Foundation as well as an original co-Founder of the Voting Village. Featured in two Emmy nominated documentaries, Mr. Hursti is famously known for the Hursti Hacks, where he demonstrated how to successfully alter final voting results on the Diebold Election Systems voting machines.
\nTwitter: @harrihursti
\n\n
\nDescription:
\nThe Voting Village will review it\'s initial analysis from the high-profile unboxing from the day before.\n
\n\n\'',NULL,368202),('3_Saturday','13','12:30','13:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Review: Surprise Unboxing\'','\'Harri Hursti\'','VMV_a8a2e3157078ca9f04ad5ac64fc75e5e','\'\'',NULL,368203),('3_Saturday','15','15:35','16:15','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Influencing Voters Through Social Media, ADTECH, Big Data, and AI\'','\'Joe Schniebes\'','VMV_cc33cf4898681fac5a8f43af2aec4eab','\'Title: Influencing Voters Through Social Media, ADTECH, Big Data, and AI
\nWhen: Saturday, Aug 12, 15:35 - 16:15 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Joe Schniebes\n
\nJoe Schniebs is the Chief Strategy Officer and Founder at Ridgeline International, where he has developed a hands-on approach to digital signature management. He helps cross-sector organizations strike the right balance between data privacy and conveniences. 
\n\n
\nDescription:
\nThe internet and modern technologies have changed the way the world works. They have made it easier to communicate, buy and sell things, and to scale your business. But, those benefits come at a cost. The cost of convenience is your privacy. Who else is benefiting from your sensitive data? Joe Schniebs has developed a training framework that analyzes risks related to our inadvertent digital identities and the stories our data patterns tell across the devices. In this talk, Joe delves into the mechanics of how we are perceived online, who uses our data, how it impacts society, and what this means for political outcomes. He further emphasizes what we can do to exercise choice in the data sharing economy, and shares some key tips and tricks to technically safeguarding your communications data. Joe is adamant in empowering users to reclaim their digital voices and believes that entities entrusted with our data must uphold higher standards of responsibility. In the meantime, the least you can do is protect your data output.\n
\n\n\'',NULL,368204),('3_Saturday','16','15:35','16:15','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Influencing Voters Through Social Media, ADTECH, Big Data, and AI\'','\'Joe Schniebes\'','VMV_cc33cf4898681fac5a8f43af2aec4eab','\'\'',NULL,368205),('3_Saturday','14','14:40','15:30','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Democracy, Are You Citizen Or Subject?\'','\'Kendall Spencer\'','VMV_4dda860190ca402021523b2589f5c920','\'Title: Democracy, Are You Citizen Or Subject?
\nWhen: Saturday, Aug 12, 14:40 - 15:30 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Kendall Spencer\n
\nKendall Spencer is an associate in the Intellectual Property Department. Kendall is based in the Boston office where he is a member of the Technology Transactions, Cybersecurity, and Privacy Practice Group. In his previous position as a law clerk, Kendall specialized in Complex Litigation. He also has a strong focus on technology law. Kendall has advised on blockchain technology integration, researched blockchain voting regulations, and investigated the use of blockchain technology to create a database of information on its advantages and efficacy. Additionally, he assisted in drafting an article regarding data privacy issues within real estate law. Kendall serves as a member of the Executive Leadership Team with the National Governing Body of USA Track and Field (USATF), as well as a board member with the National Collegiate Athletic Association (NCAA). As a professional athlete on the U.S. Olympic Team, he has earned accolades such as USA Indoor Bronze Medalist, NCAA National Champion, on top of serving as a USA Track and Field board member.
\nTwitter: @Kspencer24
\n\n
\nDescription:
\nWhat does it mean to be an American today? In a world where innovation outpaces regulatory progress; principles of law, technology, and policy collide to create a nation of unprecedented conflict. But when it’s all said and done what is left of our Democracy? Institutions structured to protect our democratic way of life such as voting and the vehicles used to carry out voting have become increasingly difficult to protect. Yet, those most effected are often too inundated with every day life to engage in activity likely to contribute to meaningful change. Maybe democracy has become too hard to uphold, or maybe it’s become too hard to be an American.\n
\n\n\'',NULL,368206),('3_Saturday','15','14:40','15:30','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Democracy, Are You Citizen Or Subject?\'','\'Kendall Spencer\'','VMV_4dda860190ca402021523b2589f5c920','\'\'',NULL,368207),('3_Saturday','11','11:30','12:15','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Chinese Prototype Review\'','\'William Baggett\'','VMV_edaff2baea5823c9a6cd0d2a50849623','\'Title: Chinese Prototype Review
\nWhen: Saturday, Aug 12, 11:30 - 12:15 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:William Baggett\n
\nWill Baggett has a background in the U.S. Intelligence Community and also in NATO SOF as a cyber instructor His experience in the Intelligence Community provided a foundation for Insider Threat, Digital Forensics, and Cyber Intelligence consulting to pharmaceutical, financial, and technical entities. He is a graduate of Georgia Tech, holds multiple digital forensic certifications as well as that of a Certified Fraud Examiner and has appeared on several news broadcasts discussing cybersecurity issues. Will is also the Director of Digital Forensic services for Operation Safe Escape, a volunteer-run non-profit assisting domestic abuse victims as they begin new lives. 
\n\n
\nDescription:No Description available
\n\'',NULL,368208),('3_Saturday','12','11:30','12:15','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Chinese Prototype Review\'','\'William Baggett\'','VMV_edaff2baea5823c9a6cd0d2a50849623','\'\'',NULL,368209),('3_Saturday','11','11:30','11:59','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'VOTEC Corporation\'','\'John Medcalf\'','VMV_d750ed66c7a50484af88055674186400','\'Title: VOTEC Corporation
\nWhen: Saturday, Aug 12, 11:30 - 11:59 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:John Medcalf\n
\nJohn Medcalf founded VOTEC Corporation (fka Proform Software) in 1979 and serves as the company\'s Chief Executive Officer. In addition to his executive duties, John provides design guidance for the company\'s accessible elections initiative. John\'s accomplishments in the election technology space include mini-computer and PC-based ballot counting solutions, PostScript ballot printing for punch card and optical scan ballots, and the creation of signature digitizing hardware and software. John is most pleased to have learned early on that customers wanted VOTEC staff to speak their language. Thus the many hires from elections offices.
\n\n
\nDescription:
\nJoin the CEO of VOTEC Corporation, our special guest John Medcalf, for a first of its kind presentation where an actual technology systems provider is exposing their technology to public scrutiny at the Voting Village. This is happening for the first time ever at the Voting Village and will be an enriching experince for attendees. Mr. Medcalf will make himself available after the presentation for any questions and inquiries from the audience. We are so excited to have him and cannot wait to examine the systems he is bringing to DEF CON. Please join us for this exciting event.\n
\n\n\'',NULL,368210),('3_Saturday','13','13:55','14:35','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Political Polarization\'','\'Constantine Nicolaidis\'','VMV_6e5fb19b3b6e130052c1b512820b657a','\'Title: Political Polarization
\nWhen: Saturday, Aug 12, 13:55 - 14:35 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Constantine Nicolaidis\n
\nConstantine Nicolaidis leads a Risk Management practice that focuses on securing U.S. privately owned critical infrastructure. Over the last decade he has leveraged his expertise in security and data-based product development to create tools for security professionals. Constantine has also spent the last five years developing a geopolitical modeling system to help forecast and describe the nature of political and social crises. He advises various security groups on the nature of modern multi-domain warfare with an emphasis on the cyber and cognitive domains. Constantine holds a Master’s Degree in Human-Computer Interaction from the Carnegie Mellon School of Computer Science and is currently enrolled in the Master’s in Cybersecurity Degree program at the SANS Technology Institute.
\n\n
\nDescription:
\nWhat are the root causes of today’s politically charged and polarized environment? Conventional wisdom likes to point the finger at social media and middle class immiseration but is there more to the story? A few researchers were able to accurately predict the current trends toward populism and political polarization, decades ago. A new field of study that combines big data and historical analysis was created in the early 2000s. What do these perspectives have to say about the current political crisis? Our geopolitical environment has changed significantly in the last few decades as well. Authoritarian states actively seek to delegitimize democratic systems. What are their motivations and what types of vulnerabilities in the liberal democratic order might they try to exploit? Come experience a whirlwind tour of multi-model geopolitical forecasting. What do some of the most well researched and respected economic, political and historical models have to say about the current state of politics in the U.S? Have we been here before and what are the implications of these perspectives for the next election?\n
\n\n\'',NULL,368211),('3_Saturday','14','13:55','14:35','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Political Polarization\'','\'Constantine Nicolaidis\'','VMV_6e5fb19b3b6e130052c1b512820b657a','\'\'',NULL,368212),('2_Friday','15','15:30','16:15','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'What Makes Hackers Extraordinary - It\'s A Gift!\'','\'D9\'','VMV_f4d91868a220ee18d3e15772c55cbb90','\'Title: What Makes Hackers Extraordinary - It\'s A Gift!
\nWhen: Friday, Aug 11, 15:30 - 16:15 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:D9\n
\nForty-one years of government service, retired USAF Colonel and DoD Senior Executive Service. Co-Led with the DoD CIO the development of the SecDef’s DoD Cyber Workforce Strategy. Built from scratch a six-month DoD Cyber Operations training course, repurposed DEFCON’s CTF and CTP technical architecture to support DoD cyber operations training, and now working advanced cyber R&D projects in private sector. UPENN doctoral dissertation examined what makes hackers extraordinary unique from the average human population.
\n\n
\nDescription:No Description available
\n\'',NULL,368213),('2_Friday','16','15:30','16:15','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'What Makes Hackers Extraordinary - It\'s A Gift!\'','\'D9\'','VMV_f4d91868a220ee18d3e15772c55cbb90','\'\'',NULL,368214),('2_Friday','14','14:10','14:45','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Risk Limiting Audits Of All Contests\'','\'Amanda Glazer\'','VMV_27205fcfc0a98e986a41e6fc8cede194','\'Title: Risk Limiting Audits Of All Contests
\nWhen: Friday, Aug 11, 14:10 - 14:45 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Amanda Glazer\n
\nAmanda Glazer is a PhD candidate in statistics at UC Berkeley advised by Philip Stark. Her research focuses on causal inference with applications in the social sciences. One of her main research areas is election integrity and risk-limiting audits. Risk-limiting audits (RLAs) manually inspect ballots from a trustworthy record of the votes to provide affirmative evidence that electoral outcomes are correct if they are indeed correct, and to correct any outcomes that are wrong. In her research she has developed methods to increase the efficiency of RLAs (i.e., decrease the number of ballots you have to inspect to confirm an election outcome is correct, if it really is).
\nTwitter: @PandaGlazer
\n\n
\nDescription:
\nThe principle of evidence-based elections is that elections should provide convincing evidence that the reported winners really won. Risk-limiting audits (RLAs) manually inspect ballots from a trustworthy record of the votes to provide affirmative evidence that electoral outcomes are correct if they are indeed correct, and to correct any outcomes that are wrong. When the outcome is correct, RLAs may inspect only a small fraction of all ballot cards, saving considerable labor compared to a full manual recount. Using information about which ballot cards contain which contests (card-style data, CSD) further reduces labor. In this talk, I give an overview of how RLAs work, and new advancements that substantially reduce workload. Using data from the 2020 and 2022 general elections in Orange County, I demonstrate the efficiency of RLAs that take into account CSD. I conclude with a demo showing how RLAs work.\n
\n\n\'',NULL,368215),('2_Friday','14','14:50','15:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Understand Your Trust Assumptions!\'','\'Carsten Schürmann\'','VMV_bf80771f4777e3baf64cf79de3b9e1b6','\'Title: Understand Your Trust Assumptions!
\nWhen: Friday, Aug 11, 14:50 - 15:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Carsten Schürmann\n
\nCarsten is a professor in computer science at the IT University of Copenhagen and heads the Center for Information Security and Trust. His research focuses on cyber and information security, with particular emphasis on election security. He consults with EMBs, governmental, and non-governmental organizaions on requirements and quality assurance for election technologies. Carsten is an expert in voting machine security and demonstrated at DefCon 2017 vulnerabilities of the WinVote voting machine. He has conducted experiments with risk-limiting audits in Denmark in 2014. Carsten has participated as core team member (IT expert) in the Carter Center Mission to Kenya 2017 and 2022 and was part of the IFES Cyber Assessment Week in Ukraine 2018. He has also served as New Voting Technology Analyst for the OSCE Limited Election Observation Mission to the United States in 2018 and the Expert Election Mission to Estonia in 2019 and 2023. Prior to moving to Denmark, Carsten was a member of the computer science faculty at Yale University. He holds a PhD degree from Carnegie-Mellon University.
\nTwitter: @CESchuermann
\n\n
\nDescription:
\nDespite the best efforts of the election security community, things seem to go wrong in elections. Different software versions are blamed for the irregularities observed in Antrim country in 2021. An unreasonably slow update process of the online voter register in Estonia let to 63 voters casting incorrect electronic ballots that needed to be removed by court order from the digital ballot box. A slow voting machine repair process left thousands of voters waiting to cast their vote in the Philippines in 2022. The recently unsealed Halderman and Springall’s Security Analysis of Georgia’s ImageCast X Ballot Marking Devices shows vulnerabilities in hardware, software, and operations. In Professor Schürmann’s presentation, he provides a different look at these failures through the lens of trust assumptions that help quantify interactions between election technologies and people. Being precise about trust assumptions helps us identify and fix vulnerabilities at design stage rather than on or after election day.\n
\n\n\'',NULL,368216),('2_Friday','15','14:50','15:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Understand Your Trust Assumptions!\'','\'Carsten Schürmann\'','VMV_bf80771f4777e3baf64cf79de3b9e1b6','\'\'',NULL,368217),('2_Friday','12','12:30','13:15','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Ghost in the (Voting) Machine: Failures in Election Software Supply Chain Security\'','\'Ashlee Benge\'','VMV_7900895b2ebb523fdae8d5402109abf5','\'Title: Ghost in the (Voting) Machine: Failures in Election Software Supply Chain Security
\nWhen: Friday, Aug 11, 12:30 - 13:15 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Ashlee Benge\n
\nAshlee is an astrophysicist turned security researcher whose career has spanned across roles in detection engineering, threat hunting, analytics, and security outreach. In her current role as Director of Threat Intelligence Advocacy at ReversingLabs, she focuses on efficient use and mobilization of threat research outputs across the business and in public outreach. She has previously held roles in threat hunting and research at Cisco Talos, the ThreatGrid Research and Efficacy team, and ZeroFOX. In addition to degrees in Chemistry and Physics, she also holds an MBA from the Smith School of Business.
\nTwitter: @ashlee_benge
\n\n
\nDescription:
\nThe public’s view of election security is built primarily on trust. Much media attention has been given to the possibility of active attack against election infrastructure, but very little focus has been placed on securing elements of the software supply chain behind this infrastructure. Efforts have been made to improve the security of elections and software used in these elections, but are these efforts enough to move the security world in the right direction? This talk discusses the blindspot in election security: the lurking threat of incomplete software supply chain analysis and presents insights gleaned in a recent real-world ReversingLabs engagement.\n
\n\n\'',NULL,368218),('2_Friday','13','12:30','13:15','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Ghost in the (Voting) Machine: Failures in Election Software Supply Chain Security\'','\'Ashlee Benge\'','VMV_7900895b2ebb523fdae8d5402109abf5','\'\'',NULL,368219),('2_Friday','11','11:30','12:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Top 10 Hacks To Watch Out For From An Election Official\'','\'John Odum\'','VMV_4b708d4bc6c8998df46d93200f655807','\'Title: Top 10 Hacks To Watch Out For From An Election Official
\nWhen: Friday, Aug 11, 11:30 - 12:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:John Odum\n
\nJohn Odum has served as the city clerk and election administrator of Vermont\'s capital city of Montpelier for 11 years. He is a Certified Ethical Hacker and Certified Network Defense Architect, as well as a Certified Municipal Clerk. John holds a Certificate in Election Administration from the University of Minnesota Humphrey School of Public Affairs and has served on the Advisory Board of the Cyber Policy Initiative at the University of Chicago Harris School of Public Policy. John has written on election security and politics for the Guardian (online), Huffington Post, Governing, and others. He previously worked in electoral politics for many years, including serving as the statewide Field Director for the Clavelle for Governor campaign in Vermont
\nTwitter: @jodum
\n\n
\nDescription:
\nThis paper is written to give a very brief overview of several potential security issues that could exist in an election environment. It is a subjective list and should be read as such. Also, it lays out brief descriptions of potential vectors of attack, particularly vectors that could be used for simple disruption or to create opportunities for direct access to voter data and election management systems through privilege escalation. It also speaks to physical security. The term “hack” is to be interpreted broadly, sometimes referring to specific techniques (such as LDAP injection), broader hack categories (such as Man in the Middle) and other times referring to broad strategic approaches that facilitate specific hacks (such as social engineering). The paper is designed to paint a picture of the threat landscape, rather than serve as a technical guide. The paper is written at a basic technical level to keep it as accessible as possible to non-technical readers, as many of those participating in Voting Village are uniquely non-techie within the DEF CON setting. It starts early from a more technical perspective before becoming more accessible and eventually policy-focused. The objective is to promote best security practices and provide organizational administrators (as opposed to technical administrators) context for the types of challenges that exist. As such, it attempts to walk a tricky line to be accessible to as many as possible. It is presented in a casual “top ten” format and touches on a broad range of hacks are discussed very briefly. The paper should not be considered a tool for security professionals to gain a comprehensive understanding of each hack on the list. Its purpose is to educate generally, help point security admins in the right direction, and encourage them to dig deeper than the ankle-deep information provided. All the topics presented demand more thorough discussion and examination than the snapshots this paper provides.\n
\n\n\'',NULL,368220),('2_Friday','12','11:30','12:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Top 10 Hacks To Watch Out For From An Election Official\'','\'John Odum\'','VMV_4b708d4bc6c8998df46d93200f655807','\'\'',NULL,368221),('2_Friday','11','11:30','11:59','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'VOTEC Corporation\'','\'John Medcalf\'','VMV_13c354f17d87229aad513cfd22385a9f','\'Title: VOTEC Corporation
\nWhen: Friday, Aug 11, 11:30 - 11:59 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:John Medcalf\n
\nJohn Medcalf founded VOTEC Corporation (fka Proform Software) in 1979 and serves as the company\'s Chief Executive Officer. In addition to his executive duties, John provides design guidance for the company\'s accessible elections initiative. John\'s accomplishments in the election technology space include mini-computer and PC-based ballot counting solutions, PostScript ballot printing for punch card and optical scan ballots, and the creation of signature digitizing hardware and software. John is most pleased to have learned early on that customers wanted VOTEC staff to speak their language. Thus the many hires from elections offices.
\n\n
\nDescription:
\nJoin the CEO of VOTEC Corporation, our special guest John Medcalf, for a first of its kind presentation where an actual technology systems provider is exposing their technology to public scrutiny at the Voting Village. This is happening for the first time ever at the Voting Village and will be an enriching experince for attendees. Mr. Medcalf will make himself available after the presentation for any questions and inquiries from the audience. We are so excited to have him and cannot wait to examine the systems he is bringing to DEF CON. Please join us for this exciting event.\n
\n\n\'',NULL,368222),('2_Friday','13','13:20','14:05','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Divided We Fall\'','\'Michael Moore\'','VMV_566c145446b0085e3147176a54eeb2db','\'Title: Divided We Fall
\nWhen: Friday, Aug 11, 13:20 - 14:05 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Michael Moore\n
\nAfter volunteering to be a poll worker, Michael Moore developed a passion for Election Security.  He was the first Information Security Officer for the Maricopa County Recorder\'s office and is  now the first Chief Information Security Officer for the Arizona Secretary of State. Michael believes it is only through effective federal, state, and local government partnerships, as  well as assistance from trusted vendors that we can protect our democracy and fulfill our duty to  the American voter. The greatest threats to elections are MDM and the resulting insider threat caused by radicalized  citizens. The best protection against these threats is combating lies with the truth, developing  secure and resilient systems that prevent attacks whenever possible, allow for detections of  compromise and facilitate accurate and rapid recovery. Michael has pushed forward these  initiatives in his own organizations as well as across the Elections community. Michael is an alumnus of Arizona State University with a B.S. in Mathematics and a B.A. in  Education and is a CISSP, Certified Election Official (CEO) and Certified Public Manager  (CPM). 
\nTwitter: @Secur3Elections
\n\n
\nDescription:
\nThere has been a massive exodus of skilled Election Officials since the 2020 General Election. In this presentation we will show actual death threats to Election Officials, the repercussions, and our threat reporting process. Lastly, we’ll inform the audience on how they can do their part - fight MDM, demand intellectual integrity from themselves and those around them, normalize requesting citations, volunteer to work for elections and speak up if something seems wrong!\n
\n\n\'',NULL,368223),('2_Friday','14','13:20','14:05','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Divided We Fall\'','\'Michael Moore\'','VMV_566c145446b0085e3147176a54eeb2db','\'\'',NULL,368224),('2_Friday','13','13:30','14:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'The Fallacy Of Privacy\'','\'Antigone Peyton\'','VMV_cc385ed82389d52abc2280749ce3da97','\'Title: The Fallacy Of Privacy
\nWhen: Friday, Aug 11, 13:30 - 14:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Antigone Peyton\n
\nAntigone is the Director of Legal and Policy at Ridgeline International, Inc. a technology integration company. She also provides privacy, Intellectual Property, and technology law counseling though her boutique law firm, Cloudigy Law. Antigone is a registered patent attorney with over 20 years of legal experience, focused on the intersection of privacy, cybersecurity, information governance, tech law, policy, and regulation. She regularly speaks about legal and policy implications of the digital economy, including social media, IoT, AI, blockchain, and cloud computing. She has been recognized among the Virginia Legal Elite and WIPR Leaders by her peers and a SuperLawyer for her work involving intellectual property law. Before moving in-house and restarting her boutique firm, Antigone managed the IP and Tech Group at a large Virginia law firm and she managed the e-Discovery group at the international IP firm Finnegan LLP. Antigone has counseled a wide variety of tech-startups and Fortune 500 companies over the years. Before becoming a lawyer, she conducted scientific research at a large university medical center and has supported the National Science Foundation SBIR/STTR seed fund program for over 10 years as a commercial panel reviewer of early development proposals and an awardee conference participant. All of these experiences honed her passion for exploring the intersection of cutting edge science and technology, law, and policy. Having worked for former Chief Administrative Law Judge Paul Luckern at the U.S. International Trade Commission (ITC) and the Honorable Kimberly Moore at the U.S. Court of Appeals for the Federal Circuit, Antigone brings a practical perspective to her litigation and client counseling practice. She received a B.S. in Chemistry from The College of William and Mary, pursued graduate Bioethics and pre-clinical research work at the University of Pennsylvania, and a J.D. in law with an Intellectual Property focus from the Scalia School of Law, George Mason University, where she was the editor-in-chief of the Federal Circuit Bar Journal and a member of the Moot Court.
\nTwitter: @antigonepeyton
\n\n
\nDescription:
\nDid you know that data analytics vendors, tech companies, political campaigns, PACs, and government agencies know your political leanings, whether you are interested in certain conspiracy theories, follow a hot-button issue, or are having financial trouble? During this talk, you will learn how data siphoned from the Internet, mobile devices, and the IoT webs that surround us are used to analyze and construct your unique digital signature—your travel patterns, interests, relationships, reading behaviors, and other private activities. Under current U.S. laws, foreign actors, political organizations, and private companies can legally access your digital signature, including your voting records. In most states, almost all voter registration information is available for purchase or through a public record request. Some states have additional protections for voter information for certain sensitive groups, including domestic violence victims, judges, law enforcement, and minors. In other states, like Florida, almost all voter information (including party affiliation) is public, by default. Interested actors use that information to influence your political activities, uncover your motivations, and influence your decision to vote, not vote, and how you vote. They do this through targeted digital ads, communications, the news you see in your “feed” on social media platforms, your suggested purchases, and the multimedia you see every day. Your personal interests and demographic information drive what you see in the digital space—each and every day. So how can we manage and protect our digital signature and make more informed decisions in light of these sophisticated influence marketplaces? We can expand the news, comments, and other information we see using tools that are available today and become more aware of why we see the particular information that is served up to us on the Internet. This presentation will close with tips for understanding and managing your digital signature.\n
\n\n\'',NULL,368225),('2_Friday','14','13:30','14:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'The Fallacy Of Privacy\'','\'Antigone Peyton\'','VMV_cc385ed82389d52abc2280749ce3da97','\'\'',NULL,368226),('2_Friday','11','11:45','12:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Surprise Unboxing\'','\'Harri Hursti\'','VMV_42f884d66593053df17a2675406542f2','\'Title: Surprise Unboxing
\nWhen: Friday, Aug 11, 11:45 - 12:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Harri Hursti\n
\nHarri Hursti, a world renowned data security expert and internet visionary is the Founder of the 501(c)(3) organization the Election Integrity Foundation as well as an original co-Founder of the Voting Village. Featured in two Emmy nominated documentaries, Mr. Hursti is famously known for the Hursti Hacks, where he demonstrated how to successfully alter final voting results on the Diebold Election Systems voting machines.
\nTwitter: @harrihursti
\n\n
\nDescription:
\nHarri Hursti will be doing an unboxing of sometthing very high profile.\n
\n\n\'',NULL,368227),('2_Friday','12','11:45','12:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Surprise Unboxing\'','\'Harri Hursti\'','VMV_42f884d66593053df17a2675406542f2','\'\'',NULL,368228),('3_Saturday','16','16:30','17:30','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'The Impact Of Misinformation On Elections\'','\'Joe Schniebes,Maia Mazurkiewicz,Michael Moore\'','VMV_0726fde7af856fc33d94e0d7ca5244ed','\'Title: The Impact Of Misinformation On Elections
\nWhen: Saturday, Aug 12, 16:30 - 17:30 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Joe Schniebes,Maia Mazurkiewicz,Michael Moore
\n
SpeakerBio:Joe Schniebes\n
\nJoe Schniebs is the Chief Strategy Officer and Founder at Ridgeline International, where he has developed a hands-on approach to digital signature management. He helps cross-sector organizations strike the right balance between data privacy and conveniences. 
\n
SpeakerBio:Maia Mazurkiewicz\n
\nMaia Mazurkiewicz is an expert on countering disinformation and behavioural changes. She has 15 years of experience in political management, foreign affairs, and communication in administration, business and CSOs. She is a speaker, trainer and moderator. She believes that we need to change the way we communicate, to introduce more understanding in between humans. She is a Co-founder and Head of StratCom of Alliance4Europe where she deals with strategic communication, to build more diverse internet. She co-founded Future Forces Foundation that is working for more impactful business. She is also Vice-President of the Free European Media Association. In 2017 she co-created Keyboard Warriors in Poland, community that debunks disinformation. Maia is a barrister educated in Poland and the United States. She is actively involved in supporting Ukrainian refugees. Maia cooperated with number of foundations and NGOs where she worked on various projects concerning democratization and political parties trainings in Eastern Europe. She advices clients on strategy building and public affairs, as well as trains on leadership, project management and campaign building.
\nTwitter: @MaiaMazurkiewic
\n
SpeakerBio:Michael Moore\n
\nAfter volunteering to be a poll worker, Michael Moore developed a passion for Election Security.  He was the first Information Security Officer for the Maricopa County Recorder\'s office and is  now the first Chief Information Security Officer for the Arizona Secretary of State. Michael believes it is only through effective federal, state, and local government partnerships, as  well as assistance from trusted vendors that we can protect our democracy and fulfill our duty to  the American voter. The greatest threats to elections are MDM and the resulting insider threat caused by radicalized  citizens. The best protection against these threats is combating lies with the truth, developing  secure and resilient systems that prevent attacks whenever possible, allow for detections of  compromise and facilitate accurate and rapid recovery. Michael has pushed forward these  initiatives in his own organizations as well as across the Elections community. Michael is an alumnus of Arizona State University with a B.S. in Mathematics and a B.A. in  Education and is a CISSP, Certified Election Official (CEO) and Certified Public Manager  (CPM). 
\nTwitter: @Secur3Elections
\n\n
\nDescription:
\nThis panel will explore all the different ways misinformation, disinformation, and malinformation are being used today, and what we can expect leading up to the 2024 election. The audience will get a comprehensive overview of what to look out for when trying distinguish what kind of information to consume, and how to protect oneself from misinformation, disinformation, and malinformation campaigns. Different perspecives from accross the election and security industires will come together to provide a dynamic outlook on what are experiencing now as well as what we will see in the future.\n
\n\n\'',NULL,368229),('3_Saturday','17','16:30','17:30','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'The Impact Of Misinformation On Elections\'','\'Joe Schniebes,Maia Mazurkiewicz,Michael Moore\'','VMV_0726fde7af856fc33d94e0d7ca5244ed','\'\'',NULL,368230),('3_Saturday','15','15:30','16:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'2024 Election Threat Landscape\'','\'Catherine Terranova,Hallie Stern,Rebecca Scott Thein,Sandra Khalil,Sarah Amos\'','VMV_8e411b6eccaa9916f8fa0371d4ec8a61','\'Title: 2024 Election Threat Landscape
\nWhen: Saturday, Aug 12, 15:30 - 16:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Catherine Terranova,Hallie Stern,Rebecca Scott Thein,Sandra Khalil,Sarah Amos
\n
SpeakerBio:Catherine Terranova\n
\nCatherine Terranova is the Vice President of Operations at the Election Integrity Foundation, the 501(c)(3) organization founded by world renown ethical hacker Harri Hursti. She co-organized the Voting Village at DEFCON 29, DEFCON 30, and DEFCON 31. She is a Columbia University alumna and researcher whose current focus is on cyber security and election integrity with an emphasis on data and voting rights.
\nTwitter: @catlovesvoting
\n
SpeakerBio:Hallie Stern\n
\nHallie Stern is the Founder and Director of Digital Rapid Response and Information Strategy for Mad Mirror Media, a digital identity and technology consultancy, where she conducts research & development initiatives, teaches courses on disinformation and influence, and investigates anomalies in ad-tech ecosystems and algorithms for her cross-sector, cross-industry clients. She also works with the Disarm Foundation to develop tools and tandards for mitigating online harm related to disinformation and is a member of the Integrity Institute. She holds an M.S. from NYU in Global Security, Conflict, and Cybercrime, where she focused on The Human Side of Cyber Conflict, with practicums and fellowships at The Global Disinformation Index, UMD START, the Dept of State, and the Department of Homeland Security. Additional awards include The David L. Boren National Security Fellowship. Prior to her studies, Hallie spent a year exploring digital communication and data surveillance in Africa, the Mediterranean, and South East Asia.
\n
SpeakerBio:Rebecca Scott Thein\n
\nRebecca Scott Thein is an experienced product, program and people manager at the intersection of society, responsible product development and accessible design. Rebecca was most recently a Senior Technical Program Manager at Twitter, where she oversaw the globalization efforts of civic and crisis response work, including the Brazil & US midterm elections, Covid misinformation and the conflict in Ukraine. Additionally, she oversaw all harmful & illegal content (IP, terrorism & coordinated harmful group activity, Information Operations, and csam/abuse. Rebecca became a recent Digital Sherlock Scholar through the Atlantic Council’s Digital Forensics Research Lab, serves as a Visiting Fellow for the Integrity Institute and acts as a Responsible Tech Advisor for All Tech is Human.
\n
SpeakerBio:Sandra Khalil\n
\nSandra Khalil manages strategic partnerships for All Tech is Human, a global responsible technology nonprofit organization based in New York. Before her time at All Tech Is Human, she spent eight years working in federal, municipal, and think tank roles making people-to-people connections and amplifying globally underrepresented voices. Sandra holds a Master of Science in Global Security, Conflict, and Cyber from New York University with a concentration on cyber policy. Her interests are at the nexus of people, technology, and democracy, with the end user being the most critical stakeholder and driver of innovation for a safer, equitable, and inclusive tech future.
\n
SpeakerBio:Sarah Amos\n
\nSarah Amos is a former journalist turned product manager with nearly a decade of experience contributing to the development and optimization of AI-enabled informational products for start-ups, Fortune 500 companies and the public sector. Most recently she worked closely with Twitter’s Trust and Safety Team as a product manager for Civic Integrity, building features to mitigate the harms of platform manipulation, misinformation and abuse during global election cycles. Before that she founded and led the R&D Department at Dataminr, an AI platform that detects the earliest signals of high-impact events and emerging risks from open source data.
\nTwitter: @sarah3amos
\n\n
\nDescription:
\nThis panel is a comprehensive overview on the most pressing threats to public confidence in 2024 election outcomes. The panel is intended to answer questions such as, “What threats since 2020 still remain? How have they evolved? What new threats have emerged that were not present before? And how might the 2024 elections face challenges different from the past? What should voters, election officials, journalists and tech platforms be paying attention to?” The panel will address infrastructure foundations in election administration (election officials; voting technology);  foreign threats; the disinformation ecosystem; and new technologies such as generative AI.\n
\n\n\'',NULL,368231),('3_Saturday','16','15:30','16:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'2024 Election Threat Landscape\'','\'Catherine Terranova,Hallie Stern,Rebecca Scott Thein,Sandra Khalil,Sarah Amos\'','VMV_8e411b6eccaa9916f8fa0371d4ec8a61','\'\'',NULL,368232),('3_Saturday','14','14:30','15:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Defense Community\'','\'Brian Stearns,Charles Smith,Eric Davis,Glenn Borskey,Jon A.\'','VMV_ac6875e5702b6c39275a110d852343ab','\'Title: Defense Community
\nWhen: Saturday, Aug 12, 14:30 - 15:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Brian Stearns,Charles Smith,Eric Davis,Glenn Borskey,Jon A.
\n
SpeakerBio:Brian Stearns\n
\nBrian C. Stearns has 25 years of experience across the public and private sector in technical instruction, systems engineering, information security, digital forensics, and secure communications. Brian founded the Institute for Secure Activism to support activists, organizers, and protesters who advocate for LGBTQ+, BIPOC, and other marginalized communities. Brian is also a senior Signature Management instructor with Ridgeline International and the director of Ridgeline\'s Signature Validation Lab. Prior to his current positions Brian spent 15 years supporting US government global counterterrorism operations as a tactical digital forensic collection and targeting specialist.
\n
SpeakerBio:Charles Smith\n
\nCharles Smith is a cybersecurity researcher at Johns Hopkins University Applied Physics Lab (JHU/APL), where he focuses on the intersection of cyber and information operations and their impact on national security.  Charles spent the first fourteen years of his career as an officer in the U.S. Army, and the recipient of numerous awards and badges including the Ranger Tab, Combat Infantry Badge, and Purple Heart.  He deployed five times as both an infantry officer and intelligence officer to Iraq and Afghanistan, and was selected to serve as an intelligence officer for the 2nd Battalion, 75th Ranger Regiment.  His served his last four years in uniform at US Cyber Command, where he led intelligence support to the defense of the 2020 elections.  Prior to joining JHU/APL, Charles also worked at Twitter on trust and safety response to crises.  Charles holds a bachelor’s of science in Business Administration from Bucknell University, and a Masters of Strategic Intelligence from National Intelligence University.
\n
SpeakerBio:Eric Davis\n
\nEric Davis has safeguarded brands, platforms, and billions of users from bad ads, bad apps, and other machinations of malefactors across global policy, product, and engineering functions. A frequent consultant and advisor across civic and private sectors on Trust & Safety, Privacy, and Security issues, Eric is a founding advisor to the Trust & Safety Professional Association, and a member of the Integrity Institute’s Elections Integrity Working Group, which publishes a series of best practices and resources guides for tech platforms contending with disinformation and other issues impacting elections integrity. Previously, Eric was the former Chief Privacy and Policy Officer and global trust & safety lead at Bigo, a live streaming and short form video social media platform with over 200M users globally. Prior to Bigo, he was Senior Director for Product Management at Lifelock (acquired by Symantec), prototyping new consumer products, leading AppSec, and leading product strategy for GDPR and other privacy regulations globally. Prior to Symantec, Eric spent 13 years at Google, where he founded Google’s first Trust & Safety team, Anti-Malvertising program, and the Android Security Operations and Intel team in addition to his other product policy and public policy leadership roles. Earlier in his career, he was the charter International Product Manager for Trust & Safety at eBay.
\nTwitter: @ericdavis
\n
SpeakerBio:Glenn Borskey\n
\nGlenn Borsky is a strategic cyber threat intelligence analyst who’s area of research is in cyber threat and cognitive security. He brings experience developing cybersecurity strategies for senior leadership and executive level audiences. His main area of interest is in countering mis/disinformation and cyber enabled cognitive warfare.
\nTwitter: @GlennBorsky
\n
SpeakerBio:Jon A.\n
\nNo BIO available
\n\n
\nDescription:
\nThis panel explores the pivotal role of technology in shaping voter outcomes, drawing insights from the perspectives of the defense community. The discussion delves into how various technological advancements, including data analytics, digital marketing, and cybersecurity, influence the democratic process. By assessing the role of technology in shaping voter engagement, perception, and decision-making, the panel seeks to deepen our understanding of the evolving dynamics between technology and democratic governance. The aim is to generate informed discussions and policy considerations to preserve the integrity and fairness of democratic elections. Join us for an illuminating session as we uncover the opportunities and challenges presented by technological interventions in the electoral landscape.\n
\n\n\'',NULL,368233),('3_Saturday','15','14:30','15:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Defense Community\'','\'Brian Stearns,Charles Smith,Eric Davis,Glenn Borskey,Jon A.\'','VMV_ac6875e5702b6c39275a110d852343ab','\'\'',NULL,368234),('3_Saturday','10','10:30','11:25','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'I Can Shop Securely Online So Why Can\'t I Vote Online?\'','\'David Jefferson,Harri Hursti,Matt Blaze,Susan Greenhalgh\'','VMV_02f4745d874090f89cf4dd15bef9dd72','\'Title: I Can Shop Securely Online So Why Can\'t I Vote Online?
\nWhen: Saturday, Aug 12, 10:30 - 11:25 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:David Jefferson,Harri Hursti,Matt Blaze,Susan Greenhalgh
\n
SpeakerBio:David Jefferson\n
\nDr. David Jefferson is a computer scientist and an internationally recognized researcher on election security for well over twenty years, advising five Secretaries of State of California on voting technology issues. He served as the Chair of the Secretary of State\'s Post-Election Audit Standards Working Group, the panel that invented the notion of risk limiting audits and has written extensively on elections and voting security.
\nTwitter: @drjefferson
\n
SpeakerBio:Harri Hursti\n
\nHarri Hursti, a world renowned data security expert and internet visionary is the Founder of the 501(c)(3) organization the Election Integrity Foundation as well as an original co-Founder of the Voting Village. Featured in two Emmy nominated documentaries, Mr. Hursti is famously known for the Hursti Hacks, where he demonstrated how to successfully alter final voting results on the Diebold Election Systems voting machines.
\nTwitter: @harrihursti
\n
SpeakerBio:Matt Blaze\n
\nMatt Blaze is one of the original co-founders of the Voting Village and is currently the McDevitt Professor of Computer Science and Law at Georgetown University. He has over two decades of experience with election system security, and his current research focuses on security, privacy, and robustness in large scale systems with an emphasis on problems at the intersection of technology and public policy.
\nTwitter: @mattblaze
\n
SpeakerBio:Susan Greenhalgh\n
\nSusan Greenhalgh is the Senior Advisor on Election Security for Free Speech For People. Ms. Greenhalgh has previously served as vice president of programs at Verified Voting and at the National Election Defense Coalition, advocating for secure election protocols, paper ballot voting systems and post-election audits. Recognized as an expert on election security, she has been invited to testify before the U.S. Commission on Civil Rights and has been an invited speaker at meetings of the MITRE Corporation, the National Conference of State Legislatures, the Mid-West Election Officials Conference, the International Association of Government Officials, the Election Verification Network and the E-Vote-ID conference in Bregenz, Austria. She is a frequent source for reporters from TheNew York Times, The Washington Post, The Wall Street Journal, Politico, USAToday, Associated Press, National Public Radio and other leading news outlets. She has appeared on CNN and MSNBC’s The Rachel Maddow Show, and various other television news shows. She has a BA in Chemistry from the University of Vermont.
\n\n
\nDescription:
\nThis panel will provide a comprehensive overview of all aspects of internet voting and will also provide critical perspectives on the . We will unpack common misconceptions as well as highlight some of the most vulerable\n
\n\n\'',NULL,368235),('3_Saturday','11','10:30','11:25','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'I Can Shop Securely Online So Why Can\'t I Vote Online?\'','\'David Jefferson,Harri Hursti,Matt Blaze,Susan Greenhalgh\'','VMV_02f4745d874090f89cf4dd15bef9dd72','\'\'',NULL,368236),('3_Saturday','13','13:30','14:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Interventions To Address Technology-Facilitated Violence in Democracy\'','\'Eric Davis,Hallie Stern,Omri Preiss,Theodora Skeadas\'','VMV_4502995c7129dcfcd419d88cdd8497b6','\'Title: Interventions To Address Technology-Facilitated Violence in Democracy
\nWhen: Saturday, Aug 12, 13:30 - 14:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Eric Davis,Hallie Stern,Omri Preiss,Theodora Skeadas
\n
SpeakerBio:Eric Davis\n
\nEric Davis has safeguarded brands, platforms, and billions of users from bad ads, bad apps, and other machinations of malefactors across global policy, product, and engineering functions. A frequent consultant and advisor across civic and private sectors on Trust & Safety, Privacy, and Security issues, Eric is a founding advisor to the Trust & Safety Professional Association, and a member of the Integrity Institute’s Elections Integrity Working Group, which publishes a series of best practices and resources guides for tech platforms contending with disinformation and other issues impacting elections integrity. Previously, Eric was the former Chief Privacy and Policy Officer and global trust & safety lead at Bigo, a live streaming and short form video social media platform with over 200M users globally. Prior to Bigo, he was Senior Director for Product Management at Lifelock (acquired by Symantec), prototyping new consumer products, leading AppSec, and leading product strategy for GDPR and other privacy regulations globally. Prior to Symantec, Eric spent 13 years at Google, where he founded Google’s first Trust & Safety team, Anti-Malvertising program, and the Android Security Operations and Intel team in addition to his other product policy and public policy leadership roles. Earlier in his career, he was the charter International Product Manager for Trust & Safety at eBay.
\nTwitter: @ericdavis
\n
SpeakerBio:Hallie Stern\n
\nHallie Stern is the Founder and Director of Digital Rapid Response and Information Strategy for Mad Mirror Media, a digital identity and technology consultancy, where she conducts research & development initiatives, teaches courses on disinformation and influence, and investigates anomalies in ad-tech ecosystems and algorithms for her cross-sector, cross-industry clients. She also works with the Disarm Foundation to develop tools and tandards for mitigating online harm related to disinformation and is a member of the Integrity Institute. She holds an M.S. from NYU in Global Security, Conflict, and Cybercrime, where she focused on The Human Side of Cyber Conflict, with practicums and fellowships at The Global Disinformation Index, UMD START, the Dept of State, and the Department of Homeland Security. Additional awards include The David L. Boren National Security Fellowship. Prior to her studies, Hallie spent a year exploring digital communication and data surveillance in Africa, the Mediterranean, and South East Asia.
\n
SpeakerBio:Omri Preiss\n
\nOmri Preiss is a co-founder and managing director of Alliance4Europe, working to activate citizens towards a more democratic and sustainable Europe. Omri is based in Brussels, and has worked in EU affairs, particularly on human rights, democracy, and sustainability issues.
\nTwitter: @OmriPreiss
\n
SpeakerBio:Theodora Skeadas\n
\nTheodora Skeadas works full-time as the Deputy Director of Strategy for the Massachusetts Executive Office of Technology Services and Security and part-time as a consultant on digital safety issues. Previously, she worked at Twitter, where she supported Twitter’s global elections work and managed the Trust and Safety Council, and Booz Allen Hamilton, where she supported digital listening efforts around elections. In her political work, she ran for Cambridge City Council in 2021, she managed an MA Lieutenant Governor’s campaign for Jimmy Tingle in 2018, and she managed a successful Cambridge City Council campaign for Sumbul Siddiqui in 2017.
\nTwitter: @theodoraskeadas
\n\n
\nDescription:
\nTechnology companies with social media platforms have the potential to be a powerful ally in civil society’s work to build an open, free, and democratic Internet. They have the ability to provide safe and accessible mechanisms for all people to participate in democracy, especially in closed information spaces. Continued, active engagement with technology companies is required to properly convey the stories and experiences of democratic activists. Online violence and cyber threats against women in politics and public life (OVAW-P) poses a deepening challenge to democracy, serving as a key tool of illiberalism and democratic backsliding across the globe. OVAW-P encompasses all forms of aggression, coercion, and intimidation seeking to exclude women from politics simply because they are women. This online behavior seeks to achieve political outcomes: targeting individual women to harm them or drive them out of public life, while also sending a message that women in general should not be involved in politics. This online violence has a chilling effect on the political ambitions and engagement of women and girls, decreasing their presence and agency in politics and public life. Stopping gender-based attacks online is a solvable problem, and it is the fastest and clearest investment toward building an internet that enables everyone to be politically engaged. To address this issue, the National Democratic Institute developed a set of solutions-based interventions for technology platforms to end online violence against women in politics and public life. The interventions were developed in collaboration with a global network of women survivors. In order to more successfully advocate for the implementation of these interventions, research and advocacy efforts are needed to demonstrate the power and profitability of providing a safe space for women to politically engage online. \n
\n\n\'',NULL,368237),('3_Saturday','14','13:30','14:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Interventions To Address Technology-Facilitated Violence in Democracy\'','\'Eric Davis,Hallie Stern,Omri Preiss,Theodora Skeadas\'','VMV_4502995c7129dcfcd419d88cdd8497b6','\'\'',NULL,368238),('2_Friday','16','16:30','17:30','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Election Preparation: 2024\'','\'Ashlee Benge,Jake Braun,John Odum,Michael Moore\'','VMV_115c7bcc5afd58f5f09ec823432e666d','\'Title: Election Preparation: 2024
\nWhen: Friday, Aug 11, 16:30 - 17:30 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Ashlee Benge,Jake Braun,John Odum,Michael Moore
\n
SpeakerBio:Ashlee Benge\n
\nAshlee is an astrophysicist turned security researcher whose career has spanned across roles in detection engineering, threat hunting, analytics, and security outreach. In her current role as Director of Threat Intelligence Advocacy at ReversingLabs, she focuses on efficient use and mobilization of threat research outputs across the business and in public outreach. She has previously held roles in threat hunting and research at Cisco Talos, the ThreatGrid Research and Efficacy team, and ZeroFOX. In addition to degrees in Chemistry and Physics, she also holds an MBA from the Smith School of Business.
\nTwitter: @ashlee_benge
\n
SpeakerBio:Jake Braun\n
\nJake Braun currently serves as the Acting Principal Deputy National Cyber Director. Most recently, Jake was appointed as a Senior Advisor to the DHS Management Directorate, which oversees all operations for the department. Previously, Jake served as the Executive Director for the University of Chicago’s Cyber Policy Initiative where he worked at the centner of policy, technology, and national security. In addition to his role at the University of Chicago, Jake also co-founded and served as the CEO of Cambridge Global Advisors, a national security consulting firm with offices here in Chicago. He was also co-founder of the DE CON Voting Machine Hacking Village where he co-authored two award-winning works on election security and has also recently published the critically acclaimed book, “\'Democracy in Danger: How Hackers and Activists Exposed Fatal Flaws in the Election System”, on the same topic. Previous to that, he served in the Obama Administration as the Director of White House and Public Liaison for the Department of Homeland Security. He holds an MA in International Relations from Troy St. University, an MA in Education from National-Louis University in Chicago, and a BA in Philosophy from Loyola University of Chicago.
\nTwitter: @jakehbraun
\n
SpeakerBio:John Odum\n
\nJohn Odum has served as the city clerk and election administrator of Vermont\'s capital city of Montpelier for 11 years. He is a Certified Ethical Hacker and Certified Network Defense Architect, as well as a Certified Municipal Clerk. John holds a Certificate in Election Administration from the University of Minnesota Humphrey School of Public Affairs and has served on the Advisory Board of the Cyber Policy Initiative at the University of Chicago Harris School of Public Policy. John has written on election security and politics for the Guardian (online), Huffington Post, Governing, and others. He previously worked in electoral politics for many years, including serving as the statewide Field Director for the Clavelle for Governor campaign in Vermont
\nTwitter: @jodum
\n
SpeakerBio:Michael Moore\n
\nAfter volunteering to be a poll worker, Michael Moore developed a passion for Election Security.  He was the first Information Security Officer for the Maricopa County Recorder\'s office and is  now the first Chief Information Security Officer for the Arizona Secretary of State. Michael believes it is only through effective federal, state, and local government partnerships, as  well as assistance from trusted vendors that we can protect our democracy and fulfill our duty to  the American voter. The greatest threats to elections are MDM and the resulting insider threat caused by radicalized  citizens. The best protection against these threats is combating lies with the truth, developing  secure and resilient systems that prevent attacks whenever possible, allow for detections of  compromise and facilitate accurate and rapid recovery. Michael has pushed forward these  initiatives in his own organizations as well as across the Elections community. Michael is an alumnus of Arizona State University with a B.S. in Mathematics and a B.A. in  Education and is a CISSP, Certified Election Official (CEO) and Certified Public Manager  (CPM). 
\nTwitter: @Secur3Elections
\n\n
\nDescription:
\nIn this session we will cover what can be done to secure elections leading up to 2024. With two actual election officials on the panel, plus an expert in software supply chain, we will get to hear strategies on election preparation from different perspectives across the election industry. Panelists will discuss what can be done in preparation of the 2024 election season and how public and public/private partnerships are securing election infrastructure in its entirety. Panelists will discuss what initiatives are directly derivable from recent federal government cyber security initiatives. They will give insight into what each of their industries are doing now and what they plan to do in the future to ensure secure democratic processes. \n
\n\n\'',NULL,368239),('2_Friday','17','16:30','17:30','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Election Preparation: 2024\'','\'Ashlee Benge,Jake Braun,John Odum,Michael Moore\'','VMV_115c7bcc5afd58f5f09ec823432e666d','\'\'',NULL,368240),('2_Friday','14','14:30','15:20','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Building Partnerships\'','\'Catherine Terranova,Maia Mazurkiewicz,Maria Bique,Sandra Khalil\'','VMV_ec97ccb7241c1193c8f892a30d70e740','\'Title: Building Partnerships
\nWhen: Friday, Aug 11, 14:30 - 15:20 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Catherine Terranova,Maia Mazurkiewicz,Maria Bique,Sandra Khalil
\n
SpeakerBio:Catherine Terranova\n
\nCatherine Terranova is the Vice President of Operations at the Election Integrity Foundation, the 501(c)(3) organization founded by world renown ethical hacker Harri Hursti. She co-organized the Voting Village at DEFCON 29, DEFCON 30, and DEFCON 31. She is a Columbia University alumna and researcher whose current focus is on cyber security and election integrity with an emphasis on data and voting rights.
\nTwitter: @catlovesvoting
\n
SpeakerBio:Maia Mazurkiewicz\n
\nMaia Mazurkiewicz is an expert on countering disinformation and behavioural changes. She has 15 years of experience in political management, foreign affairs, and communication in administration, business and CSOs. She is a speaker, trainer and moderator. She believes that we need to change the way we communicate, to introduce more understanding in between humans. She is a Co-founder and Head of StratCom of Alliance4Europe where she deals with strategic communication, to build more diverse internet. She co-founded Future Forces Foundation that is working for more impactful business. She is also Vice-President of the Free European Media Association. In 2017 she co-created Keyboard Warriors in Poland, community that debunks disinformation. Maia is a barrister educated in Poland and the United States. She is actively involved in supporting Ukrainian refugees. Maia cooperated with number of foundations and NGOs where she worked on various projects concerning democratization and political parties trainings in Eastern Europe. She advices clients on strategy building and public affairs, as well as trains on leadership, project management and campaign building.
\nTwitter: @MaiaMazurkiewic
\n
SpeakerBio:Maria Bique\n
\nMaria Bique is the CEO and one of the founders of CyberCoach, a cyber awareness geek, data privacy professional, security culture expert and digital rights activist. She has cultured cells in a lab, developed algorithms for analyzing brain activity and led security and tech teams at various companies including Nordea and Futurice. Currently she’s lost in the startup world, trying to finish a Ph.D. and fight for digital skills equality through CyberCoach and the #cybercivicduty campaign. With CyberCoach, Maria and the rest of the team are aiming to build the most diverse and impactful cyber security company in the world. In her free time, she’s an active football player, assistant football coach and a mentor to aspiring female cyber talent in the US and Europe.
\nTwitter: @MariaBique
\n
SpeakerBio:Sandra Khalil\n
\nSandra Khalil manages strategic partnerships for All Tech is Human, a global responsible technology nonprofit organization based in New York. Before her time at All Tech Is Human, she spent eight years working in federal, municipal, and think tank roles making people-to-people connections and amplifying globally underrepresented voices. Sandra holds a Master of Science in Global Security, Conflict, and Cyber from New York University with a concentration on cyber policy. Her interests are at the nexus of people, technology, and democracy, with the end user being the most critical stakeholder and driver of innovation for a safer, equitable, and inclusive tech future.
\n\n
\nDescription:
\nPartnerships are critical for companies to integrate expertise into products, policies, and processes, when supporting elections globally. Additionally partnerships are an effective way for organizations to get the word out or share targeted elections information. Explore the ways in which partnerships can be leveraged for greater transparency and collaboration during the electoral processes. It’s often much easier to get people to join communities and much harder to keep them engaged and actively participating in community efforts. This Panel discusses how to build operational mechanisms to incentivize participation, projects, develop policies, and drive initiatives within community members that can contribute to the broader electoral ecosystem and more broadly to civil society. We know the risks to elections, now how do we create partnerships and build competencies to take on the implications?\n
\n\n\'',NULL,368241),('2_Friday','15','14:30','15:20','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Building Partnerships\'','\'Catherine Terranova,Maia Mazurkiewicz,Maria Bique,Sandra Khalil\'','VMV_ec97ccb7241c1193c8f892a30d70e740','\'\'',NULL,368242),('2_Friday','10','10:30','11:25','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'A Global Perspective On Election Integrity\'','\'Bryson Bort,Chris Krebs,Kendall Spencer,Maia Mazurkiewicz\'','VMV_87c073a9bd9d3863e33dfca9cf437994','\'Title: A Global Perspective On Election Integrity
\nWhen: Friday, Aug 11, 10:30 - 11:25 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Bryson Bort,Chris Krebs,Kendall Spencer,Maia Mazurkiewicz
\n
SpeakerBio:Bryson Bort\n
\nBryson is the Founder of SCYTHE, a start-up building a next-generation threat emulation platform, and GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow at the National Security Institute and Adjunct Senior Technical Advisor for the Institute of Security and Technology. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. He was recognized as one of the Top 50 in Cyber by Business Insider, Security Executive Finalist of the Year by SC Media, and a Tech Titan in Washington, DC.
\nTwitter: @brysonbort
\n
SpeakerBio:Chris Krebs\n
\nChris Krebs is the Senior Official Performing the Duties of the Under Secretary for the National Protection and Programs Directorate in the Department of Homeland Security, where he oversees the cyber and physical infrastructure security mission for the Department. He is concurrently filling the role of Assistant Secretary for the Office of Infrastructure Protection, to which he was appointed by the President in August 2017. As Assistant Secretary, he leads NPPD’s mission on issues such as preventing complex mass attacks, securing high-risk chemicals, and other areas related to cyber and physical infrastructure resilience. This includes serving as the national coordinator for the critical infrastructure security and resilience mission and directly managing 6 of the 16 critical infrastructure sectors outlined in the National Infrastructure Protection Plan. The 16 sectors cover a complex and interconnected range of infrastructure, such as commercial facilities, emergency services, chemical facilities, nuclear facilities and government facilities including the 2017 addition of an election infrastructure subsector. Mr. Krebs joined the Department of Homeland Security in March 2017, serving as Senior Counselor to the Secretary, where he advised DHS leadership on a range of cybersecurity, critical infrastructure protection, and national resilience issues. Prior to coming to DHS, Krebs was a member of Microsoft’s US Government Affairs team as Director for Cybersecurity Policy, where he led Microsoft’s U.S. policy work on cybersecurity and technology issues. Before Microsoft, Krebs advised industry and Federal, State, and local government customers on range of cybersecurity and risk management issues. This the second time he has worked at the Department, previously serving as Senior Advisor to the Assistant Secretary for Infrastructure Protection and playing a formative role in a number of national and international risk management programs. He holds a Bachelors in Environmental Sciences from the University of Virginia and a J.D. from the Antonin Scalia Law School at George Mason University.
\nTwitter: @CISAKrebs
\n
SpeakerBio:Kendall Spencer\n
\nKendall Spencer is an associate in the Intellectual Property Department. Kendall is based in the Boston office where he is a member of the Technology Transactions, Cybersecurity, and Privacy Practice Group. In his previous position as a law clerk, Kendall specialized in Complex Litigation. He also has a strong focus on technology law. Kendall has advised on blockchain technology integration, researched blockchain voting regulations, and investigated the use of blockchain technology to create a database of information on its advantages and efficacy. Additionally, he assisted in drafting an article regarding data privacy issues within real estate law. Kendall serves as a member of the Executive Leadership Team with the National Governing Body of USA Track and Field (USATF), as well as a board member with the National Collegiate Athletic Association (NCAA). As a professional athlete on the U.S. Olympic Team, he has earned accolades such as USA Indoor Bronze Medalist, NCAA National Champion, on top of serving as a USA Track and Field board member.
\nTwitter: @Kspencer24
\n
SpeakerBio:Maia Mazurkiewicz\n
\nMaia Mazurkiewicz is an expert on countering disinformation and behavioural changes. She has 15 years of experience in political management, foreign affairs, and communication in administration, business and CSOs. She is a speaker, trainer and moderator. She believes that we need to change the way we communicate, to introduce more understanding in between humans. She is a Co-founder and Head of StratCom of Alliance4Europe where she deals with strategic communication, to build more diverse internet. She co-founded Future Forces Foundation that is working for more impactful business. She is also Vice-President of the Free European Media Association. In 2017 she co-created Keyboard Warriors in Poland, community that debunks disinformation. Maia is a barrister educated in Poland and the United States. She is actively involved in supporting Ukrainian refugees. Maia cooperated with number of foundations and NGOs where she worked on various projects concerning democratization and political parties trainings in Eastern Europe. She advices clients on strategy building and public affairs, as well as trains on leadership, project management and campaign building.
\nTwitter: @MaiaMazurkiewic
\n\n
\nDescription:
\nOur keynote panel with special guest moderator former CISA Director Chris Krebs will give audiences a global perspective on democracy and will discuss a variety of topics related to election integrity. This panel will give listeners a comprehensive overview of the election space and will lay the foundation for the rest of our program. Experts from different aspects of the cybersecurity industry will provide colorful insight and intersectional perspectives, giving attendees a holistic understanding of all aspects of election integrity.\n
\n\n\'',NULL,368243),('2_Friday','11','10:30','11:25','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'A Global Perspective On Election Integrity\'','\'Bryson Bort,Chris Krebs,Kendall Spencer,Maia Mazurkiewicz\'','VMV_87c073a9bd9d3863e33dfca9cf437994','\'\'',NULL,368244),('2_Friday','10','10:00','10:30','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Voting Village Opening Remarks\'','\'Catherine Terranova,Harri Hursti,Matt Blaze\'','VMV_415d9164b2ac475b6051abac47065cb4','\'Title: Voting Village Opening Remarks
\nWhen: Friday, Aug 11, 10:00 - 10:30 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Catherine Terranova,Harri Hursti,Matt Blaze
\n
SpeakerBio:Catherine Terranova\n
\nCatherine Terranova is the Vice President of Operations at the Election Integrity Foundation, the 501(c)(3) organization founded by world renown ethical hacker Harri Hursti. She co-organized the Voting Village at DEFCON 29, DEFCON 30, and DEFCON 31. She is a Columbia University alumna and researcher whose current focus is on cyber security and election integrity with an emphasis on data and voting rights.
\nTwitter: @catlovesvoting
\n
SpeakerBio:Harri Hursti\n
\nHarri Hursti, a world renowned data security expert and internet visionary is the Founder of the 501(c)(3) organization the Election Integrity Foundation as well as an original co-Founder of the Voting Village. Featured in two Emmy nominated documentaries, Mr. Hursti is famously known for the Hursti Hacks, where he demonstrated how to successfully alter final voting results on the Diebold Election Systems voting machines.
\nTwitter: @harrihursti
\n
SpeakerBio:Matt Blaze\n
\nMatt Blaze is one of the original co-founders of the Voting Village and is currently the McDevitt Professor of Computer Science and Law at Georgetown University. He has over two decades of experience with election system security, and his current research focuses on security, privacy, and robustness in large scale systems with an emphasis on problems at the intersection of technology and public policy.
\nTwitter: @mattblaze
\n\n
\nDescription:
\nTwo of the original co-founders of the Voting Village along with the current co-organizer will provide opening remarkers.\n
\n\n\'',NULL,368245),('3_Saturday','10','10:00','10:30','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Voting Village Opening Remarks\'','\'Catherine Terranova,Harri Hursti,Matt Blaze\'','VMV_163a2d3d74b0c224e0cbb5f8e80e5702','\'Title: Voting Village Opening Remarks
\nWhen: Saturday, Aug 12, 10:00 - 10:30 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:Catherine Terranova,Harri Hursti,Matt Blaze
\n
SpeakerBio:Catherine Terranova\n
\nCatherine Terranova is the Vice President of Operations at the Election Integrity Foundation, the 501(c)(3) organization founded by world renown ethical hacker Harri Hursti. She co-organized the Voting Village at DEFCON 29, DEFCON 30, and DEFCON 31. She is a Columbia University alumna and researcher whose current focus is on cyber security and election integrity with an emphasis on data and voting rights.
\nTwitter: @catlovesvoting
\n
SpeakerBio:Harri Hursti\n
\nHarri Hursti, a world renowned data security expert and internet visionary is the Founder of the 501(c)(3) organization the Election Integrity Foundation as well as an original co-Founder of the Voting Village. Featured in two Emmy nominated documentaries, Mr. Hursti is famously known for the Hursti Hacks, where he demonstrated how to successfully alter final voting results on the Diebold Election Systems voting machines.
\nTwitter: @harrihursti
\n
SpeakerBio:Matt Blaze\n
\nMatt Blaze is one of the original co-founders of the Voting Village and is currently the McDevitt Professor of Computer Science and Law at Georgetown University. He has over two decades of experience with election system security, and his current research focuses on security, privacy, and robustness in large scale systems with an emphasis on problems at the intersection of technology and public policy.
\nTwitter: @mattblaze
\n\n
\nDescription:
\nTwo of the original co-founders of the Voting Village along with the current co-organizer will provide opening remarkers.\n
\n\n\'',NULL,368246),('2_Friday','15','15:00','15:45','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'Shall we play a game? Just because a Large Language Model speaks like a human, doesn’t mean it can reason like one.\'','\'Craig Martell\'','DC_0b7f0abb2e028e5abc77867d1802ed99','\'Title: Shall we play a game? Just because a Large Language Model speaks like a human, doesn’t mean it can reason like one.
\nWhen: Friday, Aug 11, 15:00 - 15:45 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\n
SpeakerBio:Craig Martell\n, Chief Digital and AI Officer at US Department of Defense
\nDr. Craig Martell is the first-ever Chief Digital and AI Officer at the Department of Defense. Previously, he was the Head of Machine Learning at Lyft, the Head of Machine Intelligence at Dropbox, and led AI teams and initiatives at LinkedIn. He is also a tenured computer science professor in natural language processing at the Naval Postgraduate School.
\n\n
\nDescription:
\nIn 1979, NORAD was duped by a simulation that caused NORAD (North American Aerospace Defense) to believe a full-scale Soviet nuclear attack was underway. This only legitimized the plot in the 1983 classic, War Games, of the possibility of a computer making unstoppable, life-altering decisions. On the 40th anniversary of the movie that predicted the potential role of AI in military systems, LLMs have become a sensation and increasingly, synonymous with AI. This is a dangerous detour in AI’s development, one that humankind can’t afford to take. Join Dr. Martell for an off-the-cuff discussion on what’s at stake as the Department of Defense presses forward to balance agility with accountability and the role hackers play in ensuring the responsible and secure use of AI from the boardroom to the battlefield.\n
\n\n\'',NULL,368247),('4_Sunday','12','12:00','12:30','N','HRV','Flamingo - Virginia City - Ham Radio Village','\'My Callsign Is My Passport - Responsible Testing And Disclosure Of Amateur Radio Websites\'','\'Dan Norte,Lucas Gahler\'','HRV_9039bb67c1fe8f65b82bec186a972785','\'Title: My Callsign Is My Passport - Responsible Testing And Disclosure Of Amateur Radio Websites
\nWhen: Sunday, Aug 13, 12:00 - 12:30 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\nSpeakers:Dan Norte,Lucas Gahler
\n
SpeakerBio:Dan Norte\n, NetSPI
\nRed teamer for 4 years, currently with NetSPI. Ham for 6 years, currently Amateur Extra class Likes to pop shells and chase DX.
\n
SpeakerBio:Lucas Gahler\n, ICF
\n10 years in infosec, mostly in blue team roles ham for 13 years, currently Amateur Extra class Avid POTA enthusiast serial hobbyist in anything involving motors, circuit boards, or kinetic energy.
\n\n
\nDescription:
\nAmateur radio websites / web applications are notorious for terrible / non-existence information security practices and there\'s normally no budget to get professional help. Meanwhile, there\'s a large overlap in the Venn Diagram circles of infosec talent and amateur radio licensees. Leveraging our callsigns as AuthN and establishing mutual trust, we\'ve developed a loose framework for how the hacker community can provide infosec consulting as a volunteer service, helping the hobby level up their security practices (or at least clean up some of the low hanging fruit). This talk walks through an example where this concept was applied, what was learned in the process, and reflections on how this could be leveraged by the broader community.\n
\n\n\'',NULL,368248),('3_Saturday','10','10:30','14:30','N','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions\'','\' \'','CON_164a5ddacc8558b25b5064468341aa3d','\'Title: Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions
\nWhen: Saturday, Aug 12, 10:30 - 14:30 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons.\n

You can have teams of 1-4 people, 4 person teams provide many benefits which include the coaching of more junior members. Often a great learning opportunity if you are able to pair up with OSINT veterans. Get your team together and join us in our [Discord group](https://tracelabs.org/discord) to get started.\n

\n\n\'',NULL,368249),('3_Saturday','11','10:30','14:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions\'','\' \'','CON_164a5ddacc8558b25b5064468341aa3d','\'\'',NULL,368250),('3_Saturday','12','10:30','14:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions\'','\' \'','CON_164a5ddacc8558b25b5064468341aa3d','\'\'',NULL,368251),('3_Saturday','13','10:30','14:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions\'','\' \'','CON_164a5ddacc8558b25b5064468341aa3d','\'\'',NULL,368252),('3_Saturday','14','10:30','14:30','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions\'','\' \'','CON_164a5ddacc8558b25b5064468341aa3d','\'\'',NULL,368253),('3_Saturday','15','15:30','16:29','N','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Announce CTF Grand Prize Winners\'','\' \'','CON_107f8f5cdd314ae3ce5cdbccaf4db07a','\'Title: Trace Labs OSINT Search Party CTF - Announce CTF Grand Prize Winners
\nWhen: Saturday, Aug 12, 15:30 - 16:29 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThe Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons.\n

You can have teams of 1-4 people, 4 person teams provide many benefits which include the coaching of more junior members. Often a great learning opportunity if you are able to pair up with OSINT veterans. Get your team together and join us in our [Discord group](https://tracelabs.org/discord) to get started.\n

\n\n\'',NULL,368254),('3_Saturday','16','15:30','16:29','Y','CON','Caesars Forum - Summit - Contest Area','\'Trace Labs OSINT Search Party CTF - Announce CTF Grand Prize Winners\'','\' \'','CON_107f8f5cdd314ae3ce5cdbccaf4db07a','\'\'',NULL,368255),('4_Sunday','10','10:30','10:59','N','TCV','Flamingo - Virginia City - Telecom Village','\'All the things, all the time: Lifting the veil on security in the global mobile industry and how it works with hackers\'','\'James Moran\'','TCV_42cb19bc0ca5a0a6e3f7ac4d640496b9','\'Title: All the things, all the time: Lifting the veil on security in the global mobile industry and how it works with hackers
\nWhen: Sunday, Aug 13, 10:30 - 10:59 PDT
\nWhere: Flamingo - Virginia City - Telecom Village - Map
\n
SpeakerBio:James Moran\n, Head of Security at GSMA
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368256),('2_Friday','15','15:30','16:15','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'RLA Workshop\'','\'Amanda Glazer\'','VMV_df8cc787a91cc8924d280555192ec10d','\'Title: RLA Workshop
\nWhen: Friday, Aug 11, 15:30 - 16:15 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Amanda Glazer\n
\nAmanda Glazer is a PhD candidate in statistics at UC Berkeley advised by Philip Stark. Her research focuses on causal inference with applications in the social sciences. One of her main research areas is election integrity and risk-limiting audits. Risk-limiting audits (RLAs) manually inspect ballots from a trustworthy record of the votes to provide affirmative evidence that electoral outcomes are correct if they are indeed correct, and to correct any outcomes that are wrong. In her research she has developed methods to increase the efficiency of RLAs (i.e., decrease the number of ballots you have to inspect to confirm an election outcome is correct, if it really is).
\nTwitter: @PandaGlazer
\n\n
\nDescription:
\nThe workshop is a bare bones example of the core statistical method, for auditing a singel contest, without releying on any exported data from the voting system . If there are three - four teams with three - four people and they are on task, this workshop will last forfty five minuties with time for Q&A.\n
\n\n\'',NULL,368257),('2_Friday','16','15:30','16:15','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'RLA Workshop\'','\'Amanda Glazer\'','VMV_df8cc787a91cc8924d280555192ec10d','\'\'',NULL,368258),('2_Friday','12','12:00','12:30','N','PSV','Flamingo - Carson City - Physical Security Village','\'Lock Bypass 101\'','\'Karen\'','PSV_06ff5b1a9fc8cb10debd47238a50c70a','\'Title: Lock Bypass 101
\nWhen: Friday, Aug 11, 12:00 - 12:30 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Karen\n
\nAs a founding member of the Physical Security Village, Karen has always been eager to spread awareness of physical security vulnerabilities. Karen works with GGR Security as a Security Risk Assessor.
\n\n
\nDescription:No Description available
\n\'',NULL,368259),('2_Friday','12','12:30','12:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Lock Bypass 102\'','\'Karen\'','PSV_7f5f94344c197db8ee0a7b2d3d299a58','\'Title: Lock Bypass 102
\nWhen: Friday, Aug 11, 12:30 - 12:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Karen\n
\nAs a founding member of the Physical Security Village, Karen has always been eager to spread awareness of physical security vulnerabilities. Karen works with GGR Security as a Security Risk Assessor.
\n\n
\nDescription:No Description available
\n\'',NULL,368260),('2_Friday','13','13:30','14:30','N','PSV','Flamingo - Carson City - Physical Security Village','\'Access Control Vulnerabilities: Breaking Into Buildings With Computers\'','\'Chad,Shortman\'','PSV_63113feefd4726697bee38ad55fc05d3','\'Title: Access Control Vulnerabilities: Breaking Into Buildings With Computers
\nWhen: Friday, Aug 11, 13:30 - 14:30 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\nSpeakers:Chad,Shortman
\n
SpeakerBio:Chad\n
\nNo BIO available
\n
SpeakerBio:Shortman\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368261),('2_Friday','14','13:30','14:30','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Access Control Vulnerabilities: Breaking Into Buildings With Computers\'','\'Chad,Shortman\'','PSV_63113feefd4726697bee38ad55fc05d3','\'\'',NULL,368262),('2_Friday','14','14:30','15:30','N','PSV','Flamingo - Carson City - Physical Security Village','\'Flipping Locks: Remote Badge Cloning with the Flipper Zero\'','\'Dan,Langston \"Shock\" Clement\'','PSV_98a87d424d487daf2ecfccaa41dc5844','\'Title: Flipping Locks: Remote Badge Cloning with the Flipper Zero
\nWhen: Friday, Aug 11, 14:30 - 15:30 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\nSpeakers:Dan,Langston \"Shock\" Clement
\n
SpeakerBio:Dan\n
\nNo BIO available
\n
SpeakerBio:Langston \"Shock\" Clement\n, Lead for Red Team operations and Penetration Testing engagements at Core BTS
\nLangston grew up reading stories about the 90’s hacker escapades, and after years of observing the scene, he jumped into the cybersecurity field and never looked back. He is the current lead for Red Team operations and Penetration Testing engagements at Core BTS. With over fifteen (15) years of public and private sector experience in cybersecurity and ethical hacking, he aims to provide organizations with valuable and actionable information to help improve their security posture. Langston’s specializations focus on modern-day social engineering techniques, wireless and RFID attacks, vulnerability analysis, as well as physical and cloud penetration testing.
\nTwitter: @sh0ckSec
\n\n
\nDescription:No Description available
\n\'',NULL,368263),('2_Friday','15','14:30','15:30','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Flipping Locks: Remote Badge Cloning with the Flipper Zero\'','\'Dan,Langston \"Shock\" Clement\'','PSV_98a87d424d487daf2ecfccaa41dc5844','\'\'',NULL,368264),('2_Friday','15','15:30','16:30','N','PSV','Flamingo - Carson City - Physical Security Village','\'Deep Diving Into HID Vulnerabilities: Heart of Darkness\'','\'Chad,Shortman\'','PSV_f20ca48d62bc62a30c8ecbf382a5b194','\'Title: Deep Diving Into HID Vulnerabilities: Heart of Darkness
\nWhen: Friday, Aug 11, 15:30 - 16:30 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\nSpeakers:Chad,Shortman
\n
SpeakerBio:Chad\n
\nNo BIO available
\n
SpeakerBio:Shortman\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368265),('2_Friday','16','15:30','16:30','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Deep Diving Into HID Vulnerabilities: Heart of Darkness\'','\'Chad,Shortman\'','PSV_f20ca48d62bc62a30c8ecbf382a5b194','\'\'',NULL,368266),('3_Saturday','12','12:00','12:30','N','PSV','Flamingo - Carson City - Physical Security Village','\'RFID Hacking\'','\'Ege\'','PSV_9bac34440837a0c1ff3d2d746d445c9d','\'Title: RFID Hacking
\nWhen: Saturday, Aug 12, 12:00 - 12:30 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Ege\n
\nEge is a security researcher specialising in access control systems and electronics. She is currently pursuing a degree in Electrical Engineering and work part-time for GGR Security as a Security Risk Assessor.
\n\n
\nDescription:No Description available
\n\'',NULL,368267),('3_Saturday','12','12:30','13:15','N','PSV','Flamingo - Carson City - Physical Security Village','\'Physical pentesting in a post-covid world\'','\'Brian Halbach\'','PSV_72c888ec0244ebac804ed66748f88112','\'Title: Physical pentesting in a post-covid world
\nWhen: Saturday, Aug 12, 12:30 - 13:15 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Brian Halbach\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368268),('3_Saturday','13','12:30','13:15','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical pentesting in a post-covid world\'','\'Brian Halbach\'','PSV_72c888ec0244ebac804ed66748f88112','\'\'',NULL,368269),('3_Saturday','13','13:15','13:30','N','PSV','Flamingo - Carson City - Physical Security Village','\'Free Pokemon Card Bus Passes\'','\'Jarvis,Malcolm\'','PSV_c3af3a9d55d373b77d541550ac4c4074','\'Title: Free Pokemon Card Bus Passes
\nWhen: Saturday, Aug 12, 13:15 - 13:30 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\nSpeakers:Jarvis,Malcolm
\n
SpeakerBio:Jarvis\n
\nNo BIO available
\n
SpeakerBio:Malcolm\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368270),('3_Saturday','14','14:00','14:30','N','PSV','Flamingo - Carson City - Physical Security Village','\'Lock Bypass 101\'','\'Terry\'','PSV_d089655e991affda24dc09c44aa70033','\'Title: Lock Bypass 101
\nWhen: Saturday, Aug 12, 14:00 - 14:30 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Terry\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368271),('3_Saturday','14','14:30','14:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Lock Bypass 102\'','\'Ege\'','PSV_d30436f0f82a550bc668aecc4001381d','\'Title: Lock Bypass 102
\nWhen: Saturday, Aug 12, 14:30 - 14:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Ege\n
\nEge is a security researcher specialising in access control systems and electronics. She is currently pursuing a degree in Electrical Engineering and work part-time for GGR Security as a Security Risk Assessor.
\n\n
\nDescription:No Description available
\n\'',NULL,368272),('4_Sunday','11','11:30','11:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Elevators 101\'','\'Karen\'','PSV_ac8e4b1e97d5a843d2c173ead1be8d67','\'Title: Elevators 101
\nWhen: Sunday, Aug 13, 11:30 - 11:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Karen\n
\nAs a founding member of the Physical Security Village, Karen has always been eager to spread awareness of physical security vulnerabilities. Karen works with GGR Security as a Security Risk Assessor.
\n\n
\nDescription:No Description available
\n\'',NULL,368273),('4_Sunday','12','12:30','12:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Forcible Entry 101\'','\'Bill Graydon\'','PSV_cb832d5925d947bc69cc18f12478c030','\'Title: Forcible Entry 101
\nWhen: Sunday, Aug 13, 12:30 - 12:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Bill Graydon\n
\nBill Graydon is a principal researcher at GGR Security, where he hacks everything from locks and alarms to critical infrastructure; this has given him some very fine-tuned skills for breaking stuff. He’s passionate about advancing the security field through research, teaching numerous courses, giving talks, and running DEF CON’s Physical Security Village. He’s received various degrees in computer engineering, security, and forensics and comes from a broad background of work experience in cyber security, software development, anti-money laundering, and infectious disease detection.
\n\n
\nDescription:No Description available
\n\'',NULL,368274),('4_Sunday','13','13:00','13:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Access Control Vulnerabilities: Breaking Into Buildings With Computers\'','\'Chad,Shortman\'','PSV_ddd834de576977a9e77bca6df6b12516','\'Title: Access Control Vulnerabilities: Breaking Into Buildings With Computers
\nWhen: Sunday, Aug 13, 13:00 - 13:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\nSpeakers:Chad,Shortman
\n
SpeakerBio:Chad\n
\nNo BIO available
\n
SpeakerBio:Shortman\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368275),('4_Sunday','14','14:00','14:30','N','PSV','Flamingo - Carson City - Physical Security Village','\'Bypass 101\'','\'Terry\'','PSV_2ea1bdac10a02307628ac9872ac6429c','\'Title: Bypass 101
\nWhen: Sunday, Aug 13, 14:00 - 14:30 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Terry\n
\nNo BIO available
\n\n
\nDescription:No Description available
\n\'',NULL,368276),('4_Sunday','14','14:30','14:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Bypass 102\'','\'Ege\'','PSV_ef6daff2d432bf6294ab68091463d015','\'Title: Bypass 102
\nWhen: Sunday, Aug 13, 14:30 - 14:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
SpeakerBio:Ege\n
\nEge is a security researcher specialising in access control systems and electronics. She is currently pursuing a degree in Electrical Engineering and work part-time for GGR Security as a Security Risk Assessor.
\n\n
\nDescription:No Description available
\n\'',NULL,368277),('2_Friday','11','11:00','17:59','N','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Registration\'','\' \'','MISC_92be3841ce396715c08eb331a7253992','\'Title: DC’s Next Top Threat Model (DCNTTM) - BYODesign Registration
\nWhen: Friday, Aug 11, 11:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nDo you have a design you would like to have Threat Modeled? Would you like to present it to DCNTTM organizers and DEF CON attendees for review? Come by our booth on Friday to register for a slot during our Saturday 2-hour event. We will provide you with a whiteboard and markers, present your design and we\'ll give you feedback.\n
\n\n\'',NULL,368278),('2_Friday','12','11:00','17:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Registration\'','\' \'','MISC_92be3841ce396715c08eb331a7253992','\'\'',NULL,368279),('2_Friday','13','11:00','17:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Registration\'','\' \'','MISC_92be3841ce396715c08eb331a7253992','\'\'',NULL,368280),('2_Friday','14','11:00','17:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Registration\'','\' \'','MISC_92be3841ce396715c08eb331a7253992','\'\'',NULL,368281),('2_Friday','15','11:00','17:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Registration\'','\' \'','MISC_92be3841ce396715c08eb331a7253992','\'\'',NULL,368282),('2_Friday','16','11:00','17:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Registration\'','\' \'','MISC_92be3841ce396715c08eb331a7253992','\'\'',NULL,368283),('2_Friday','17','11:00','17:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - BYODesign Registration\'','\' \'','MISC_92be3841ce396715c08eb331a7253992','\'\'',NULL,368284),('2_Friday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2','\'Title: DC’s Next Top Threat Model (DCNTTM)
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThreat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\n

As part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).\n

\n\n\'',NULL,368285),('2_Friday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2','\'\'',NULL,368286),('2_Friday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2','\'\'',NULL,368287),('2_Friday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2','\'\'',NULL,368288),('2_Friday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2','\'\'',NULL,368289),('2_Friday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2','\'\'',NULL,368290),('2_Friday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2','\'\'',NULL,368291),('2_Friday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2','\'\'',NULL,368292),('3_Saturday','10','10:00','17:59','N','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3','\'Title: DC’s Next Top Threat Model (DCNTTM)
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nThreat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\n

As part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).\n

\n\n\'',NULL,368293),('3_Saturday','11','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3','\'\'',NULL,368294),('3_Saturday','12','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3','\'\'',NULL,368295),('3_Saturday','13','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3','\'\'',NULL,368296),('3_Saturday','14','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3','\'\'',NULL,368297),('3_Saturday','15','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3','\'\'',NULL,368298),('3_Saturday','16','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3','\'\'',NULL,368299),('3_Saturday','17','10:00','17:59','Y','CON','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM)\'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3','\'\'',NULL,368300),('4_Sunday','10','10:00','13:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_c88193ba4313b324311806bee72ceb83','\'Title: Physical Security Village Activities
\nWhen: Sunday, Aug 13, 10:00 - 13:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
\nDescription:
\nCome join us at Carson City I and II for some hands on physical security bypass exhibits! Try your hand on bypassing elevators, deadlocks, deadlatches, shopping cart locks, building intercoms or more! Challenge yourself by trying to get out of handcuffs using only a bobby pin, and win a real police handcuff key! In addition, meet some of our external partners. You can augment yourself by injecting your hand with a mini RFID/NFC chip implant, and play around with our RFID displays! We also have returning the physical RFID wall of sheep where you can learn about long distance RFID cloning!\n
\n\n\'',NULL,368301),('4_Sunday','11','10:00','13:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_c88193ba4313b324311806bee72ceb83','\'\'',NULL,368302),('4_Sunday','12','10:00','13:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_c88193ba4313b324311806bee72ceb83','\'\'',NULL,368303),('4_Sunday','13','10:00','13:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_c88193ba4313b324311806bee72ceb83','\'\'',NULL,368304),('3_Saturday','10','10:00','17:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641','\'Title: Physical Security Village Activities
\nWhen: Saturday, Aug 12, 10:00 - 17:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
\nDescription:
\nCome join us at Carson City I and II for some hands on physical security bypass exhibits! Try your hand on bypassing elevators, deadlocks, deadlatches, shopping cart locks, building intercoms or more! Challenge yourself by trying to get out of handcuffs using only a bobby pin, and win a real police handcuff key! In addition, meet some of our external partners. You can augment yourself by injecting your hand with a mini RFID/NFC chip implant, and play around with our RFID displays! We also have returning the physical RFID wall of sheep where you can learn about long distance RFID cloning!\n
\n\n\'',NULL,368305),('3_Saturday','11','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641','\'\'',NULL,368306),('3_Saturday','12','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641','\'\'',NULL,368307),('3_Saturday','13','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641','\'\'',NULL,368308),('3_Saturday','14','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641','\'\'',NULL,368309),('3_Saturday','15','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641','\'\'',NULL,368310),('3_Saturday','16','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641','\'\'',NULL,368311),('3_Saturday','17','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641','\'\'',NULL,368312),('2_Friday','10','10:00','17:59','N','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c','\'Title: Physical Security Village Activities
\nWhen: Friday, Aug 11, 10:00 - 17:59 PDT
\nWhere: Flamingo - Carson City - Physical Security Village - Map
\n
\nDescription:
\nCome join us at Carson City I and II for some hands on physical security bypass exhibits! Try your hand on bypassing elevators, deadlocks, deadlatches, shopping cart locks, building intercoms or more! Challenge yourself by trying to get out of handcuffs using only a bobby pin, and win a real police handcuff key! In addition, meet some of our external partners. You can augment yourself by injecting your hand with a mini RFID/NFC chip implant, and play around with our RFID displays! We also have returning the physical RFID wall of sheep where you can learn about long distance RFID cloning!\n
\n\n\'',NULL,368313),('2_Friday','11','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c','\'\'',NULL,368314),('2_Friday','12','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c','\'\'',NULL,368315),('2_Friday','13','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c','\'\'',NULL,368316),('2_Friday','14','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c','\'\'',NULL,368317),('2_Friday','15','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c','\'\'',NULL,368318),('2_Friday','16','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c','\'\'',NULL,368319),('2_Friday','17','10:00','17:59','Y','PSV','Flamingo - Carson City - Physical Security Village','\'Physical Security Village Activities\'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c','\'\'',NULL,368320),('2_Friday','14','14:30','14:50','N','DC','Caesars Forum - Forum - 109-119, 138-139 - Track 2','\'DARPA Announces an AI Cyber Initiative, Live at DC 32 and DC 33\'','\'Dave Weston,Heather Adkins,Matthew Knight,Michael Sellitto,Omkhar Arasaratnam,Perri Adams,Vijay Bolina\'','DC_1dfa739f373f77fd0f799bce10309ad8','\'Title: DARPA Announces an AI Cyber Initiative, Live at DC 32 and DC 33
\nWhen: Friday, Aug 11, 14:30 - 14:50 PDT
\nWhere: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
\nSpeakers:Dave Weston,Heather Adkins,Matthew Knight,Michael Sellitto,Omkhar Arasaratnam,Perri Adams,Vijay Bolina
\n
SpeakerBio:Dave Weston\n, Vice President of Enterprise and OS Security at Microsoft
\nNo BIO available
\n
SpeakerBio:Heather Adkins\n, Vice President of Security Engineering at Google
\nNo BIO available
\n
SpeakerBio:Matthew Knight\n, Head of Security at OpenAI
\nNo BIO available
\n
SpeakerBio:Michael Sellitto\n, Head of Geopolitics and Security Policy at Anthropic
\nNo BIO available
\n
SpeakerBio:Omkhar Arasaratnam\n, General Manager at Open Source Security Foundation (OpenSSF)
\nNo BIO available
\n
SpeakerBio:Perri Adams\n, AIxCC Program Manager at DARPA
\nNo BIO available
\n
SpeakerBio:Vijay Bolina\n, Chief Information Security Officer & Head of Cybersecurity Research at Google DeepMind
\nNo BIO available
\n\n
\nDescription:
\nDARPA’s AI Cyber Challenge program manager, Perri Adams, is joined by collaborators from Anthropic, Google, Google DeepMind, OpenAI and the Open Source Security Foundation to share insights about the upcoming competition and discuss the software security challenges facing the commercial sector and open-source community.\n
\n\n\'',NULL,368321),('2_Friday','20','20:00','23:59','N','MISC','Caesars Forum - Academy - 407-410 - Track 4','\'Movie Night\'','\' \'','MISC_4af1f1cafbb9df57b2128cb97e292612','\'Title: Movie Night
\nWhen: Friday, Aug 11, 20:00 - 23:59 PDT
\nWhere: Caesars Forum - Academy - 407-410 - Track 4 - Map
\n
\nDescription:
\n
\n
Friday
\n
\n
\nSaturday: \n
\n\n\'',NULL,368322),('2_Friday','21','20:00','23:59','Y','MISC','Caesars Forum - Academy - 407-410 - Track 4','\'Movie Night\'','\' \'','MISC_4af1f1cafbb9df57b2128cb97e292612','\'\'',NULL,368323),('2_Friday','22','20:00','23:59','Y','MISC','Caesars Forum - Academy - 407-410 - Track 4','\'Movie Night\'','\' \'','MISC_4af1f1cafbb9df57b2128cb97e292612','\'\'',NULL,368324),('2_Friday','23','20:00','23:59','Y','MISC','Caesars Forum - Academy - 407-410 - Track 4','\'Movie Night\'','\' \'','MISC_4af1f1cafbb9df57b2128cb97e292612','\'\'',NULL,368325),('3_Saturday','10','10:00','11:59','N','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling\'','\' \'','MISC_91f1dba2127d295b01743a5eb2ec5df1','\'Title: DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling
\nWhen: Saturday, Aug 12, 10:00 - 11:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nWant to teach your kid threat modeling? Are you new, yourself?\n \n

Stop by our booth, learn what threat modeling is, and get some practice with an introductory non-technical scenario.\n

\n\n\'',NULL,368326),('3_Saturday','11','10:00','11:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling\'','\' \'','MISC_91f1dba2127d295b01743a5eb2ec5df1','\'\'',NULL,368327),('2_Friday','14','14:00','15:59','N','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling\'','\' \'','MISC_a52b0f1d06e2453ff1e326943f657dd4','\'Title: DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling
\nWhen: Friday, Aug 11, 14:00 - 15:59 PDT
\nWhere: Caesars Forum - Summit - Contest Area - Map
\n
\nDescription:
\nWant to teach your kid threat modeling? Are you new, yourself?\n \n

Stop by our booth, learn what threat modeling is, and get some practice with an introductory non-technical scenario.\n

\n\n\'',NULL,368328),('2_Friday','15','14:00','15:59','Y','MISC','Caesars Forum - Summit - Contest Area','\'DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling\'','\' \'','MISC_a52b0f1d06e2453ff1e326943f657dd4','\'\'',NULL,368329),('2_Friday','11','11:00','11:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'No time for NISQy Business\'','\'Rafal Janik\'','QTV_001642527e1b158967c63298b2e68cc4','\'Title: No time for NISQy Business
\nWhen: Friday, Aug 11, 11:00 - 11:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\n
SpeakerBio:Rafal Janik\n
\nNo BIO available
\n\n
\nDescription:
\nThe allure of quantum computing has long been clouded by overstated claims of quantum advantage, many of which are quickly debunked. As we navigate the noisy intermediate-scale quantum (NISQ) era, the cruciality of error correction and fault tolerance becomes undeniable. Without these, the quantum promise remains elusive. Amidst the NISQy noise, it\'s high time we prioritize genuine progress and deep work over fleeting attention. Join us in championing a clear-eyed approach to the quantum future.\n
\n\n\'',NULL,368330),('3_Saturday','12','12:55','13:40','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Conflicting Security Reports from Halderman-Springalll and from MITRE: Which Is Right?\'','\'David Jefferson,Drew Springall,Richard DeMillo\'','VMV_f153698f351ee084af2bc79ad9cc3770','\'Title: Conflicting Security Reports from Halderman-Springalll and from MITRE: Which Is Right?
\nWhen: Saturday, Aug 12, 12:55 - 13:40 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\nSpeakers:David Jefferson,Drew Springall,Richard DeMillo
\n
SpeakerBio:David Jefferson\n
\nDr. David Jefferson is a computer scientist and an internationally recognized researcher on election security for well over twenty years, advising five Secretaries of State of California on voting technology issues. He served as the Chair of the Secretary of State\'s Post-Election Audit Standards Working Group, the panel that invented the notion of risk limiting audits and has written extensively on elections and voting security.
\nTwitter: @drjefferson
\n
SpeakerBio:Drew Springall\n
\nI am an Assistant Professor in the Department of Computer Science and Software Engineering (https://www.eng.auburn.edu/comp/) at Auburn University (https://auburn.edu/). As a security researcher, I focus on nation-state/highly privileged attackers, Internet-scale measurement/vulnerabilities, and election security. I recently left Google\'s Production Security team where I was working to mitigate insider threats, secure core infrastructure, and improve the overall security and privacy properties of Google\'s products and services. My Ph.D. research focused on studying nation-state attackers such as the NSA, GCHQ, and other intelligence agencies to understand their approach to security issues and identify weaknesses that are form-fitted to their special abilities and characteristics. Throughout my graduate education at the University of Michigan (https://umich.edu/), I was advised by Prof. J. Alex Halderman (https://jhalderm.com/) and funded by an NSF Graduate Research Fellowship, the Post-9/11 GI Bill, Google ATAP, and others. My work has helped explain intelligence agencies\' ability to defeat widely used cryptography (https://aaspring.com/ccs2015/imperfect-forward-secrecy-ccs15.pdf), identify and analyze the danger posed by common cryptographic shortcuts (https://aaspring.com/imc2016/crypto-shortcuts.pdf) used in the TLS protocol, and demonstrated the real-world potential of election interference by foreign actors (https://aaspring.com/ccs2014/ivoting-paper.pdf)through technical means. This research has been covered and cited by The Wall Street Journal (https://cacm.acm.org/news/187259-new-computer-bug-exposes-broad-security-flaws/fulltext), The Washington Post (https://www.washingtonpost.com/news/the-switch/wp/2014/05/13/how-russia-could-easily-hack-its-neighbors-elections/), ARS Technica (https://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/), the Guardian (https://www.theguardian.com/technology/2014/may/12/estonian-e-voting-security-warning-european-elections-research), US-CERT (https://www.us-cert.gov/ncas/alerts/TA17-075A), NIST (https://nvd.nist.gov/vuln/detail/CVE-2015-4000), FBI Cyber Division (https://info.publicintelligence.net/FBI-PHI-FTP.pdf, Playboy (SFW) (https://web.archive.org/web/20180126034202/https://www.playboy.com/articles/technology-will-destroy-democracy).
\nTwitter: @_aaspring_
\n
SpeakerBio:Richard DeMillo\n
\nRichard DeMillo is a professor at Georgia Tech’s School of Cybersecurity and Privacy. He holds the Charlotte B. and Roger C. Warren Chair in Computing at Georgia Tech. He is is also Managing Director of Gtatrium™, LLC, a subsidiary of Georgia Advanced Technology Ventures. He was formerly the John P. Imlay Dean of Computing and Director of the Georgia Tech Information Security Center. Positions he held prior to joining Georgia Tech, include:  Chief Technology Officer for Hewlett-Packard, Vice President of Computing Research for Bell Communications Research, Director of the Computer Research Division for the National Science Foundation, and Director of the Software Test and Evaluation Project for the Office of the Secretary of Defense. He has also held faculty positions at the University of Wisconsin, Purdue University and the University of Padua, Italy. His research includes over 100 articles, books and patents in software and computer engineering, cryptography, cybersecurity, and theoretical computer science. In 1982, he wrote the first policy for testing software intensive systems for the US Department of Defense. DeMillo and his collaborators launched and developed the field of program mutation for software testing, which is today the standard technique for determining software test adequacy. He is a co-inventor of Differential Fault Cryptanalysis and holds the patent on applying DFA to break public key cryptosystems.  His 1979 paper “Social Processes and Proofs of Theorems and Programs,” co-authored with Richard Lipton and Alan Perlis has been reprinted dozens of times and was recently cited as one of the 50 classic papers in the history of computer science. He currently works in the area of election and voting system security. His work has been cited in court cases, including a 2019 Federal Court decision declaring unconstitutional the use of paperless voting machines. He has served as a foreign election observer for the Carter Center and is a member of the State of Michigan Election Security Commission. He has served on boards of public and private cybersecurity and privacy companies, including RSA Security and SecureWorks. He has served on many non-profit and philanthropic boards including the Exploratorium and the Campus Community Partnership Foundation (formerly the Rosalind and Jimmy Carter Foundation). He is a fellow of both the Association for Computing Machinery and the American Association for the Advancement of Science. In 2010, he founded the Center for 21st Century Universities, Georgia Tech’s living laboratory for fundamental change in higher education. He served as Executive Director for ten years. He was named Lumina Foundation Fellow for his work in higher education. His book, Abelard to Apple: The Fate of American Colleges and Universities, (MIT Press, 2011) helped spark a national conversation about online education.  A 2015 sequel, Revolution in Higher Education, also published by MIT Press, won the Best Education Book award from the American Association of Publishers. From 2015-2018, he co-chaired Georgia Tech’s Commission on Creating the Next in Education. The Commission’s report was released in 2018 and was awarded the awarded 2019 Achievement Award of the Association for Educational Communications and Technology. He received the ANAK Society’s Outstanding Faculty Member Award in 2016 for his work in service to students.
\nTwitter: @rad_atl
\n\n
\nDescription:
\nJoin us for a timely and important discussion of the vulnerability of Dominion Voting Systems ImageCast X (ICX) ballot-marking devices, used in many states including Georgia--where there was extended illicit access to voting systems and software in 2021. (An ICX is available at Voting Village this year for researchers to explore.) In an unrebutted expert report filed in a federal suit seeking to compel the State of Georgia to reduce reliance on the ICX, Professors J. Alex Halderman and Drew Springall documented security vulnerabilities in the ICX that would allow votes to be altered. CISA issued a vulnerability advisory confirming the principal claims in that report. Dominion Voting Systems contracted with MITRE Corporation, a Federally Funded Contract Research and Development Center (FFRDC), to critique the Halderman/Springall report. Georgia election officials have cited the MITRE report in their decision to use unpatched versions of Dominion’s software in every precinct during the 2024 Presidential Election, despite CISA\'s warnings.\n
\n\n\'',NULL,368331),('3_Saturday','13','12:55','13:40','Y','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'Conflicting Security Reports from Halderman-Springalll and from MITRE: Which Is Right?\'','\'David Jefferson,Drew Springall,Richard DeMillo\'','VMV_f153698f351ee084af2bc79ad9cc3770','\'\'',NULL,368332),('3_Saturday','15','15:00','16:30','N','HRV','Flamingo - Virginia City - Ham Radio Village','\'HF Radio Demonstration\'','\'KitKat\'','HRV_02e2f50ecdb98339aa1ac5d2bbcdf794','\'Title: HF Radio Demonstration
\nWhen: Saturday, Aug 12, 15:00 - 16:30 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
SpeakerBio:KitKat\n
\nNo BIO available
\n\n
\nDescription:
\nJoin us on the rooftop hangout at the flamingo as we set up and operate a protable HF radio rig!\n
\n\n\'',NULL,368333),('3_Saturday','16','15:00','16:30','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'HF Radio Demonstration\'','\'KitKat\'','HRV_02e2f50ecdb98339aa1ac5d2bbcdf794','\'\'',NULL,368334),('2_Friday','15','15:00','16:30','N','HRV','Flamingo - Virginia City - Ham Radio Village','\'HF Radio Demonstration\'','\'KitKat\'','HRV_cfddd9aa4e7e568d9e10c1e4fa5e1ed1','\'Title: HF Radio Demonstration
\nWhen: Friday, Aug 11, 15:00 - 16:30 PDT
\nWhere: Flamingo - Virginia City - Ham Radio Village - Map
\n
SpeakerBio:KitKat\n
\nNo BIO available
\n\n
\nDescription:
\nJoin us on the rooftop hangout at the flamingo as we set up and operate a protable HF radio rig!\n
\n\n\'',NULL,368335),('2_Friday','16','15:00','16:30','Y','HRV','Flamingo - Virginia City - Ham Radio Village','\'HF Radio Demonstration\'','\'KitKat\'','HRV_cfddd9aa4e7e568d9e10c1e4fa5e1ed1','\'\'',NULL,368336),('2_Friday','15','15:00','16:59','N','APV','Flamingo - Savoy - AppSec Village','\'Finding bugs and scaling your security program with Semgrep\'','\'Lewis Ardern\'','APV_8501b605694f5549d51f1a443fc2ab63','\'Title: Finding bugs and scaling your security program with Semgrep
\nWhen: Friday, Aug 11, 15:00 - 16:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Map
\n
SpeakerBio:Lewis Ardern\n, Staff Security Researcher at Semgrep
\nLewis is a Staff Security Researcher for Semgrep, a SAST startup. Previously, Lewis was a Lead Security Engineer at Salesforce and spent many years at Cigital and Synopsys as a consultant. Lewis hosts a podcast called SecuriTEA & Crumpets.
\n\n
\nDescription:
\nBetween Agile, DevOps, and infrastructure as code, development is happening faster than ever. As a security team, it can be tough to keep up. We need to move fast, and iterate quickly as new issues emerge. SAST is one piece of a very important puzzle in the SDLC, so using tools effectively is the key to success! This workshop will be a hands-on masterclass by the creators and maintainers of Semgrep (https://github.com/returntocorp/semgrep), an open source, lightweight static analysis tool which can help enable development teams to scale their SAST efforts.\n
\n\n\'',NULL,368337),('2_Friday','16','15:00','16:59','Y','APV','Flamingo - Savoy - AppSec Village','\'Finding bugs and scaling your security program with Semgrep\'','\'Lewis Ardern\'','APV_8501b605694f5549d51f1a443fc2ab63','\'\'',NULL,368338),('2_Friday','10','10:00','10:59','N','APV','Flamingo - Savoy - AppSec Village','\'AppSec Village Keynote: From Camels to Collaboration, A Journey Through Technology AND Humans\'','\'Chris Roberts\'','APV_ad6d49acdb49dbf2a7dbb063e5560695','\'Title: AppSec Village Keynote: From Camels to Collaboration, A Journey Through Technology AND Humans
\nWhen: Friday, Aug 11, 10:00 - 10:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Map
\n
SpeakerBio:Chris Roberts\n
\nChris is the CISO for Boom Supersonic and works as an advisor for several entities and organizations around the globe. His most recent projects are focused within the aerospace, deception, identity, cryptography, Artificial Intelligence, and services sectors. Over the years, he\'s founded or worked with several folks specializing in OSINT/SIGINT/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration, and communication word across the industry. (Likely while coding his EEG driven digital clone that’s monitoring his tea and biscuit consumption!)\n

Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that, he managed to get various computers confiscated by several European entities.)\n

He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also gotten a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 15 years. (To interesting effect.)\n

\nTwitter: @Sidragon1
\n\n
\nDescription:
\nLet’s face it, it’s all connected, talking to us, with us, and behind our backs (we CAN go all paranoid on AI if we want to go down that rabbit hole.) However, the situation’s not changing, it’s evolved beyond any one person/team’s ability to understand, and we as an industry still chase our tails around, pointing fingers, and chasing technology like a rabid, over caffeinated squirrel.\n

So, what do we do? Piecemeal solutions, buy more empty promises, or can we take a step back, breath and talk about the hoomans in the equation?\n

Let’s explore some of the tech challenges, and a more human centric approach to solving things. I promise we’ll have exploits, hacks, and tasers, but we’re going to throw in communication, collaboration, cooperation, and maybe a shout out on all of US going out to the greater village community and bringing us all a little closer together. After all, we’re ALL in this together, it might be nice to start acting like it.\n

\n\n\'',NULL,368339),('3_Saturday','10','10:00','10:59','N','APV','Flamingo - Savoy - AppSec Village','\'AppSec Village Keynote: Collaborative Security: Fostering Innovation and Resilient Cyber Practices\'','\'Maril Vernon\'','APV_b2952fa6c014c8dba691d4f9e8cac93d','\'Title: AppSec Village Keynote: Collaborative Security: Fostering Innovation and Resilient Cyber Practices
\nWhen: Saturday, Aug 12, 10:00 - 10:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Map
\n
SpeakerBio:Maril Vernon\n
\nMaril Vernon (@SheWhoHacks) known as the “One Woman Purple Team\'\' is an award-winning Ethical Hacker, Senior Application Security Architect and Purple Team Program Manager — a niche in offensive security testing that has recently gained popularity demonstrating cyber resilience in the advanced threat landscape. Maril is also Co-host and Co-founder of The Cyber Queens Podcast, an all-female-lead podcast aimed at increasing female and LGBTQ diversity in cybersecurity. She also serves as the COO of Teach Kids Tech, a non-profit organization with the goal of getting technology and its educational resources to children in underprivileged communities and increasing technical capability and cyber awareness in tomorrow’s workforce. Maril has been named one of the ‘Epic Women in Cyber,’ 2023 CyberSHEcurity “Top 10 Women in Cyber,” 2023 Women’s CyberJustu Pentest Ninja Award winner, and is a finalist for Cybersecurity woman of the Year: Hacker of the Year and Cybersecurity Woman of the World 2023! She is also an SME and contributing writer to CSO Online magazine on cyber resilience, Purple and Red Team best practices and industry trends. Maril\'s passion for closing the gender gap in cyber is further highlighted in her affiliations with The Cyber Guild, The Diana Initiative, BBWIC, and WiCyS.
\nTwitter: @shewhohacks
\n\n
\nDescription:
\nIn the journey of life, we all encounter challenges and setbacks that put our resiliency to the test. Resilience, the ability to bounce back from adversity, is a vital trait that empowers individuals to navigate life\'s trials with grace and strength. At the heart of building this essential attribute lies the power of relationships. As they say, oftentimes trials of life \"take a village.\" The same is true with information security in the digital age.\n

The keynote \"Collaborative Security\" delves into the parallel benefits between the foundational pillars of fostering resilient relationships and cybersecurity principles. How often do organizations suffer from silos across verticals that should be information sharing and collaborating?\n

Resilient relationships create a supportive ecosystem where teams can learn from failures, adapt to emerging threats, and continuously improve cyber strategies. By breaking down silos and bringing together diverse perspectives, collaborative security fosters a culture of creativity and problem-solving. Witness how collaborative efforts among teams and organizations lead to breakthrough ideas and cutting-edge solutions. As innovation and collaboration intertwine, we see the emergence of more resilient cyber infrastructures and practices.\n

At the end of the day tech and cyber are still people industries. Discover how resilient relationships translate into fortified cyber practices, safeguarding critical assets and bolstering organizational resilience.\n

Join us for an enlightening and inspiring journey into the heart of collaborative security, where resilient relationships fuel innovation, fortify infrastructure, and pave the way for a safer cyber landscape. Together, we will embrace the collaborative spirit and ignite the spark of innovation to protect the digital realm from ever-evolving threats.\n

\n\n\'',NULL,368340),('3_Saturday','13','13:00','14:59','N','APV','Flamingo - Savoy - AppSec Village','\'For Kids: Castle Defenders\'','\'Pentera\'','APV_d760dfe56c3165bb30a0a77af8445bea','\'Title: For Kids: Castle Defenders
\nWhen: Saturday, Aug 12, 13:00 - 14:59 PDT
\nWhere: Flamingo - Savoy - AppSec Village - Map
\n
SpeakerBio:Pentera\n
\nMommy is late for dinner again, and Emma and Oliver are frustrated. Daddy comes to the rescue with spaghetti and an enchanting tale of brave knights and mysterious castles, revealing how he and Mommy work tirelessly to protect the people on the internet from bad hackers and other online threats.\n

This charming story, filled with delightful illustrations and playful storytelling, is perfect for young minds eager to explore the captivating world of cybersecurity.\n

\n\n
\nDescription:
\nAmazon Best Selling children\'s book \"Castle Defenders\" is making its DEFCON debut!\n

Bring your elementary school-aged kids to learn \"what cyber parents do\" with story time and on-site coloring station.*\n

*While supplies last.\n

\n\n\'',NULL,368341),('3_Saturday','14','13:00','14:59','Y','APV','Flamingo - Savoy - AppSec Village','\'For Kids: Castle Defenders\'','\'Pentera\'','APV_d760dfe56c3165bb30a0a77af8445bea','\'\'',NULL,368342),('2_Friday','16','16:00','16:45','N','QTV','LINQ - 3rd flr - Quantum Village','\'Debate: The Quantum Village believes individual citizen privacy will be enhanced with the fielding of new quantum technologies.\'','\'David Joseph,Troy Mills\'','QTV_958513756869028daa4a8a6cab4ac7ae','\'Title: Debate: The Quantum Village believes individual citizen privacy will be enhanced with the fielding of new quantum technologies.
\nWhen: Friday, Aug 11, 16:00 - 16:45 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\nSpeakers:David Joseph,Troy Mills
\n
SpeakerBio:David Joseph\n
\nNo BIO available
\n
SpeakerBio:Troy Mills\n
\nNo BIO available
\n\n
\nDescription:
\nDavid Joseph will argue for the proposition Troy Mills will argue against the proposition. \n
\n\n\'',NULL,368343),('2_Friday','17','17:15','17:59','N','QTV','LINQ - 3rd flr - Quantum Village','\'Debate: NISQ and the future of Quantum Advantage: This village believes the current state of NISQ is already enabling quantum advantage for those who know how to use these technologies\'','\'Konstantinos Karagiannis,Rafal Janik\'','QTV_0a35434698d11fa3f07e68a78892ef50','\'Title: Debate: NISQ and the future of Quantum Advantage: This village believes the current state of NISQ is already enabling quantum advantage for those who know how to use these technologies
\nWhen: Friday, Aug 11, 17:15 - 17:59 PDT
\nWhere: LINQ - 3rd flr - Quantum Village - Map
\nSpeakers:Konstantinos Karagiannis,Rafal Janik
\n
SpeakerBio:Konstantinos Karagiannis\n
\nNo BIO available
\n
SpeakerBio:Rafal Janik\n
\nNo BIO available
\n\n
\nDescription:
\nRafal Janik will argue for the proposition Konstantinos Karagiannis will argue against\n

for each talk: Opening - Bob introduces the topic 5 mins - speaker FOR the proposition 5 mins - speaker AGAINST the proposition ~10mins - rebuttals ~15mins - audience questions/comments 5 minis Vote & results and wrap up.\n

\n\n\'',NULL,368344),('3_Saturday','14','14:50','15:35','N','CLV','Flamingo - Mesquite - Cloud Village','\'The Human Threat Factor - Cloud Security Misconfigurations\'','\'Kat Fitzgerald\'','CLV_86259f637d622ae43acdc2fdf8465c61','\'Title: The Human Threat Factor - Cloud Security Misconfigurations
\nWhen: Saturday, Aug 12, 14:50 - 15:35 PDT
\nWhere: Flamingo - Mesquite - Cloud Village - Map
\n
SpeakerBio:Kat Fitzgerald\n
\nI have to say who I am and why I\'m here and my qualifications. I want to explain how/why I do this and how I\'m going to make it a fun project for everyone after the talk - with some very specific key takeaways!
\nTwitter: @rnbwkat
\n\n
\nDescription:
\nThreat modeling the human security risk, or as others might call it, Security Misconfigurations in the cloud and all the fun attack vectors they create. Yep, it\'s clobberin time and this is what makes this job fun - helping others to find their own security problems before others do!\n
\n\n\'',NULL,368345),('3_Saturday','15','14:50','15:35','Y','CLV','Flamingo - Mesquite - Cloud Village','\'The Human Threat Factor - Cloud Security Misconfigurations\'','\'Kat Fitzgerald\'','CLV_86259f637d622ae43acdc2fdf8465c61','\'\'',NULL,368346),('3_Saturday','12','12:20','12:50','N','VMV','Caesars Forum - Academy - 415-418 - Voting Village','\'US private elections: the easy way in for foreign adversaries.\'','\'Scheme\'','VMV_507bce01e83bd1a44bc7ea17d954045a','\'Title: US private elections: the easy way in for foreign adversaries.
\nWhen: Saturday, Aug 12, 12:20 - 12:50 PDT
\nWhere: Caesars Forum - Academy - 415-418 - Voting Village - Map
\n
SpeakerBio:Scheme\n
\nNo BIO available
\n\n
\nDescription:
\nIn 2010, the FBI arrested a group of 10 Russian spies that were posing as Americans to gather intelligence. They spent decades building legitimacy in the US all towards the goal of getting jobs at big banks, consulting firms and tech companies.\n

These Russian spies didn’t know it back then, but there was a shortcut to influential positions in US society: becoming an elected official of a private organization.\n

Private elections are elections for leadership positions of organizations like unions, NGOs, universities, boards, pension funds, etc.\n

For a foreign adversary, private elections are a goldmine of powerful positions at the state and national level. Unlike civil elections, these elections have no paper trail, often little oversight and minimal technical safeguards against vote tampering.\n

And as we\'ll see in this talk: they\'re highly hackable.\n

\n\n\'',NULL,368347); /*!40000 ALTER TABLE `events` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `pge` -- DROP TABLE IF EXISTS `pge`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `pge` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Name` varchar(200) COLLATE utf8_unicode_ci NOT NULL, `ForumPage` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `ForumArticle` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `Twitter` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `Webpage` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `Weblink` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `ImagePath` varchar(30) COLLATE utf8_unicode_ci NOT NULL, `Descript` varchar(15000) COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=527 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `pge` -- LOCK TABLES `pge` WRITE; /*!40000 ALTER TABLE `pge` DISABLE KEYS */; INSERT INTO `pge` VALUES (490,'\'Arts and Entertainment general discussion\'','\'https://forum.defcon.org/node/246436\'','\'https://forum.defcon.org/node/246952\'','','','','','\'\n\nDEF CON Arts & Entertainment Presents: Yarrrrgh Pirate Night featuring O’Craven\n
\n
\n
\nJoin us Saturday night (Aug 12) at the SYN Stage in Caesars Forum for “Yarrrrgh Pirate Night”, which is our answer to last year’s Night of the Ninjas. At 23:00, we feature the pirate rock band \nO’Craven.\n \nContest – Win the cost of a DEF CON Badge – $440!\n
\n
\n
\nIt’s your turn to participate! We seek the best dressed as a pirate! Dust off your costume or make a new one – just show up – it’s supposed to be fun! The winner will receive a cash prize equal to the cost of the DEF CON 31 badge. The pirate band will judge the costumes and help choose a winner.
\nContest on the stage immediately following O’Craven at 00:00.
\n
\n
\n\n\nO’CRAVEN\n\n is Northern California’s best and most infamous Celtic Pirate Rock band! Anchored in San Jose, California, O’Craven plunders all along the West Coast, from the sunny shores of Southern California, to the cold waters of the Pacific Northwest, and all points in between. Originally conceived in 2006, O’Craven was the first band to combine the genres of traditional Celtic music, pirate sea shanties and Rock ‘n’ Roll. Since then, others have come and gone, but none can do it better, or have the reputation and long history of delivering such an exciting, unforgettable, one-of-a-kind show.
\n
\nInfo: \nhttps://defconmusic.org/yarrrrgh-pirate-night/\n
\n
\n\"Click\n​
\n
\n​\n\n\n======================================
\nDJ Jackalope
\ndopest dj in the galaxy. *mwah!*
\n
\nsend in the drop bears!
\n======================================\n\n\n\''),(491,'\'Betting on Your Digital Rights: 2nd Annual EFF Benefit Poker Tournament at DC31\'','\'https://forum.defcon.org/node/244821\'','\'https://forum.defcon.org/node/244822\'','','','','','\'\nBetting on Your Digital Rights: 2nd Annual EFF Benefit Poker Tournament at DEF CON 31
\n
\n
\nWhen: Friday August 11, 12:00 (11:00 for the pre-tournament poker clinic)
\nWhere: Offsite. \nHorseshoe Poker Room\n
\n\nStay tuned at \n\n\nhttps://www.eff.org/poker\n\n\n for more details. \n
\n
\nWe’re going all in on internet freedom. Take a break from hacking the Gibson to face off with your competition at the tables—and benefit the Electronic Frontier Foundation! Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all. Play for glory. Play for money. Play for the future of the web. Seating is limited, so reserve your spot today.
\n\n\nhttps://www.eff.org/poker\n\n
\n
\n\nWe will offer a pre-tournament clinic to help people get a refresher on poker so they feel comfortable. This contest will be held outside the main conference area; it must be held in the Horseshoe Poker Room\n​\n per the Nevada Gaming Commission.\n​\n\n\''),(492,'\'Blue Team Village Pool Party\'','\'https://forum.defcon.org/node/246679\'','\'https://forum.defcon.org/node/246680\'','','','','','\'\nBTV Pool Party
\n
\nLocation: Flamingo Pool
\n
\nTime: Friday 20:30 - 23:00​
\n
\nDetails:
\nJoin the AI Village and Blue Team Village for the DEF CON "Community Experience Pool Party" at the Flamingo "Go Pool" Friday, August 11, from 8:30pm - 11pm featuring a performance by the one and only Dual Core at 9pm. Free Tacos, cash bar.
\n
\nDEF CON badge required for entry.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 20:30\n\n\n\nEnds\n\nAugust 11, 2023 23:00\n\n\n\nLocation\n\nFlamingo Pool\n\n\n\''),(493,'\'Books, Books, Books will Prevail\'','\'https://forum.defcon.org/node/246718\'','\'https://forum.defcon.org/node/246719\'','','','','','\'\nBooks, Books, Books will Prevail
\nFriday 14:00 – 16:00
\nHarrah’s GoldField
\n
\nA quieter space for those who want to discuss what they are reading, recommend books, and trade books too. We might even have a SAO of a book - pending sponsorship.
\n
\nTwitter: \nhttps://twitter.com/CarpeDiemT3ch\n​​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 16:00\n\n\n\nLocation\n\nHarrah’s GoldField\n\n\n\n\n\''),(494,'\'Hacking Policy & Prompts - Happy Hour\'','\'https://forum.defcon.org/node/246414\'','\'https://forum.defcon.org/node/246415\'','','','','','\'\n.. \n\n\"Click\n\n\n
\n
\n..
\nHappy Hour - Hacking Policy and Prompts
\n
\nFriday 18:30 - 22:00
\nForums 221-223 (Policy Village)
\n\nWebsites:\n \nhttps://defcon.org/policy\n
\n\nTwitter:\n @\ndefconpolicy​\n
\n
\n\nHappy Hour - Hacking Policy and Prompts\n: Join the \n\nHacking Policy Council\n\n and the \n\nAI Village\n\n for a happy hour with hackers, policymakers, and AI experts. Have a beverage with us and discuss whether it is a hacking crime to lie to AI, what governments are doing about vulnerabilities disclosure, and the ultimate AI hacking challenge. There will be a cash bar and some drink tickets will be available from Policy @ DEF CON. Mark your calendars for Friday, August 11th, 6:30PM - 10PM, at Caesar’s Forum in rooms 221-223 (AKA the Plounge).​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 18:30\n\n\n\nEnds\n\nAugust 11, 2023 22:00\n\n\n\nLocation\n\nForums 221-223 (Policy Village)\n\n\n\''),(495,'\'Lonely Hackers Club\'','\'https://forum.defcon.org/node/246678\'','\'https://forum.defcon.org/node/246687\'','','','','','\'\nLonely Hackers Club
\n
\nLocation: Harrah\'s Laughlin
\n
\nHours:
\nFriday 1200-1800
\nSaturday 1200-1800
\n
\nEvents:
\nResume reviews & Career Advice 1200-1400
\nBadgelife / Sticker swap 1400-1700
\nName That Noob 1700-1800
\n
\nDescription:
\nThe LHC, established on Telegram years ago, serves as a warm and inclusive hub for newcomers heading to DefCon for the first time. With over 600 members worldwide, our community has expanded significantly. This year, we\'re thrilled to provide a space that fosters connections, sharing, and giving back to the DefCon community. Whether you need a resume review, career coaching, or want to participate in sticker & badge trading, we have you covered. And don\'t miss the exciting \'Name That Noob\' event, where our seasoned hackers will help you craft a one-of-a-kind hacker handle. Embrace the welcoming atmosphere and join us for an unforgettable DefCon experience!​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 17:00\n\n\n\nEnds\n\nAugust 11, 2023 18:00\n\n\n\nLocation\n\nHarrah\'s Laughlin\n\n\n\''),(496,'\'Panel: Ask the EFF\'','\'https://forum.defcon.org/node/246090\'','\'https://forum.defcon.org/node/246091\'','','','','','\'\n\nPanel: Ask the EFF\n
\n
\nCorynne McSherry, Legal Director, Electronic Frontier Foundation, She/Her
\nCooper Quintin, (he/him), Senior Staff Technologist, Electronic Frontier Foundation
\nMario Trujillo, (he/him), Staff Attorney, Electronic Frontier Foundation
\nHannah Zhao, (she/they/ze), Staff Attorney, Electronic Frontier Foundation
\nRory Mir, (they/them), Associate Director of Community Organizing , Electronic Frontier Foundation
\n
\n
\nFriday 20:00 - 22:00, Track 3 Forum
\n
\nElectronic Frontier Foundation (EFF) is thrilled to return to DEF CON 31 to answer your burning questions on pressing digital rights issues. Our panelists will provide updates on current EFF work, including the fight against government surveillance and protecting creative expression, before turning it over to attendees to pose questions and receive insights from our panelists on the intersection of technology and civil liberties. This is a valuable opportunity to learn from policy experts and engage in a lively discussion rooted in the problems you face. This year you’ll meet: Corynne McSherry, EFF\'s Legal Director specializing in intellectual property and free speech; Hannah Zhao, staff attorney focusing on criminal justice and privacy issues; Mario Trijillo, staff attorney with an expertise in privacy law; Rory Mir, Associate Director of Community Organizing; and Cooper Quintin, security researcher and public interest technologist with the EFF Threat Lab.
\n
\n
\n
\nCorynne McSherry: As EFF\'s Legal Director, McSherry has extensive experience in advocating for digital civil liberties and promoting net neutrality. Her perspective on the legal frameworks shaping the digital landscape will provide DEF CON attendees with insights on regulatory issues affecting technology users.
\n\nCorynne McSherry\n @\ncmcsherr\n
\n
\n
\nHannah Zhao: As a staff attorney at EFF, Zhao brings a legal expertise on criminal justice and privacy issues, with a unique background in international law and Computer Science and Management. Her breadth of expertise can offer DEF CON attendees a new way of thinking about privacy, security, and coders rights.
\n\nHannah Zhao\n \nhttps://www.eff.org/about/staff/hannah-zhao\n
\n
\n
\nMario Trujillo: As a Staff Attorney on EFF\'s civil liberties team, he has an expertise focusing on the Fourth Amendment and privacy rights. He is also part of EFF\'s Coders\' Rights Project. Prior to joining EFF, he was an attorney at the privacy law firm ZwillGen and clerked for a federal magistrate judge on the southern border.
\n\nMario Trujillo\n \nhttps://www.eff.org/about/staff/f-mario-trujillo\n
\n
\n
\nCooper Quintin: As a senior public interest technologist at EFF, Quintin has a technical expertise on security, privacy, and civil liberties. He has worked on developing tools that empower users to control their online data and has researched state-sponsored malware campaigns. Quintin roots his digital security expertise in a civil liberty framework mindful of the impacts these tools have on people on the margins.
\n\nCooper Quintin\n \nhttps://www.eff.org/about/staff/cooper-quintin\n
\n@\ncooperq\n,
\n@\ncooperq@infosec.exchange\n
\n
\n
\nRory Mir: As EFF\'s Associate Director of Community Organizing, Rory works on the EFF activism team to engage community groups on tech policy issues and building community around our issues. This includes our work with the Electronic Frontier Alliance, which directly supports these groups — including a number of local DEFCON groups. Immersed in the community, Rory is familiar with the needs and issues commonly faced by the community. and how it connects to EFF issues.
\n
\n
\n\nRory Mir\n, \nhttps://www.eff.org/about/staff/\n
\n\nfalsemirror@octodon.social\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 20:00\n\n\n\nEnds\n\nAugust 11, 2023 22:00\n\n\n\nLocation\n\nTrack 3 Forum\n\n\n\''),(497,'\'S.O.D.A Machine (Shell On Demand Appliance)\'','\'https://forum.defcon.org/node/246906\'','\'https://forum.defcon.org/node/246908\'','','','','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n.
\nS.O.D.A Machine (Shell On Demand Appliance)
\nOpen: Thursday + Friday + Saturday 09:00-02:00, Sunday 09:00-15:30
\nLocation: Cesars Forum, 121,122,123,129,137, Chillout
\nTwitter: @\nShellsOnDemand\n
\nMastodon: \n@soda@defcon.social\n
\n​
\nThe Shell On Demand Appliance Machine (S.O.D.A. Machine) at DEF CON provided by the National Upcycled Computing Collective, Inc. (NUCC).
\n
\nSo, what\'s the S.O.D.A. Machine all about?
\n
\nPicture this:
\n
\nYou\'re at DEF CON, thirsty for some hacking. You\'re looking for a virtual machine (VM) to play with but don\'t want to be chained to your laptop.
\n
\nEnter the Shell On Demand Appliance:
\n
\nThis heavily modified VM is your gateway to an anonymous VM, available in the Chillout Lounge and accessible over the DEF CON network.
\n
\nA fusion of hardware, software, art, and hacking, all encapsulated in a project derived from recycled materials. The S.O.D.A. Machine provides a way for Humans to experience the DEF CON network in a way the secure WiFi won\'t allow, because the datacenter is inside the S.O.D.A. Machine and directly connected to the NOC.
\n
\nSimply insert cash or coins into the bill or coin acceptor to get started. The lights on the buttons will change color depending on availibility.
\n
\nA green light means the VM is available and ready.
\n
\nAn amber light requests the user to insert more money to ensure fair distribution according to current resources.
\n
\nA red light denotes the selection is unavailable.
\n
\nOnce you make a selection, the system will deploy the VM to the network and a receipt will be printed.
\n
\nOn the receipt, login credentials are provided for you to access your virtual machine via remote shell. You are then able to change the password, install whatever tools and applications you need, making the VM your own.
\n
\nWhat you do with the VM is up to you. Should you choose to share your virtual machine with someone outside of the DEF CON network, a Tor address is provided as well.
\n
\nAll proceeds go to the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization helping further research and education in computer science, technology and engineering as an (NTEE U41) Research Institute.​
\n
\nWe accept donations: \nhttps://www.paypal.com/paypalme/NUCC\n​​​\n\n\''),(498,'\'Village People Party\'','\'https://forum.defcon.org/node/246826\'','\'https://forum.defcon.org/node/246827\'','','','','','\'\nVillage People Party
\nLocation: Forum 115-116
\nTime: Friday 21:00-01:00
\n
\nDescription:
\nHosted by:
\nCar Hacking Village
\nICS Village
\nAerospace Village
\nBiohacking Village
\n
\nMusic by NGHTHWK
\n(We might have a surprise guest)
\n
\nEach village will be passing out drink tickets at their booth (while supplies last!)​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 21:00\n\n\n\nEnds\n\nAugust 12, 2023 01:00\n\n\n\nLocation\n\nForum 115-116\n\n\n\n\n\''),(499,'\'WISP Chill Out Space with Refreshments\'','\'https://forum.defcon.org/node/246830\'','\'https://forum.defcon.org/node/246832\'','','','','','\'\nWISP Chill Out Space with Refreshments
\n
\nLocation:Summit 217
\nTime:
\nFriday 12:00-16:00
\nSaturday 14:00-16:00
\n
\nDescription:
\nCome relax with us in a quiet space! Grab a non-alcoholic drink and check out this year’s WISP swag.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 16:00\n\n\n\nLocation\n\nSummit 217\n\n\n\n\n\''),(500,'\'Wisp Community Meet Up at BTV Pool Party\'','\'https://forum.defcon.org/node/246822\'','\'https://forum.defcon.org/node/246823\'','','','','','\'\nWISP Community Meet Up at BTV Pool Party
\n
\nLocation: Flamingo "Go Pool"
\nTime: Friday 8:30pm
\n
\nDescription
\nBVT has generously donated a cabana for WISP to host our community meet up at their pool party. Arrive early to be in line when the doors open. There will be free tacos and non-alcoholic drinks!​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 20:30\n\n\n\nEnds\n\nAugust 11, 2023 23:00\n\n\n\nLocation\n\nFlamingo "Go Pool"\n\n\n\n\n\''),(501,'\'WISP Peer-to-Peer Mentoring and Networking\'','\'https://forum.defcon.org/node/246828\'','\'https://forum.defcon.org/node/246829\'','','','','','\'\nWISP Peer-to-Peer Mentoring and Networking
\n
\nLocation: Summit 217
\nTime: Saturday 16:00-18:00
\n
\nDescription:
\nJoin us at DEF CON to mingle and network with privacy and security professionals. Also, consider becoming part of the \nWISP Tandems Mentoring program\n. It\'s our peer-to-peer mentorship program, which connects you with a partner who has a different background, expertise, and a different network. Why? We believe that you bring unique value to your women peers, no matter which career stage you\'re at. Knowledge is fluent, and leadership manifests at every career level. You can find your Tandem partner right here and sign up to be matched in our next round of the program!​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 16:00\n\n\n\nEnds\n\nAugust 12, 2023 18:00\n\n\n\nLocation\n\nSummit 217\n\n\n\n\n\''),(502,'\'THE UNOFFICIAL DEF CON SHOOT\'','\'https://forum.defcon.org/node/244825\'','\'https://forum.defcon.org/node/244826\'','','','','','\'\n. \n\n\"Click\n\n\n
\n
\n.
\n
\nWhere: Pro Gun Vegas
\nAddress: 12801 US 95 South Boulder City, NV 89005
\nWhen: Before the con Wednesday Aug 9th, 11:00 - 17:00
\n\nhttps://deviating.net/firearms/defcon_shoot/\n
\n
\nThe Unofficial DEF CON Shoot is a public event that happens just prior to the DEF CON hacker conference in Las Vegas, Nevada. It is an opportunity to see and shoot some of the guns belonging to your friends while taking pride in showing and firing your own steel, as well, in a relaxed and welcoming atmosphere. We choose a spot, then we rent tables, canopies, and bring all the necessary safety equipment and amenities. All you need to bring yourself and (optionally) your firearms. New shooters and veterans both attend regularly. You can attend with your firearms, of course, but folk without guns of their own in Vegas may have the opportunity to try gear from others in attendance or to inquire with the ProGun range about whether rental firearms are available.
\n
\nThis is a 100% off-site event and a DEF CON badge is not required for entry.​
\n\n\n\n\n\''),(503,'\'Defcon.run\'','\'https://forum.defcon.org/node/244829\'','\'https://forum.defcon.org/node/244830\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n..
\nDefcon.run
\nEvent
\nThursday/Sunday: 6:00 - 12:00 PDT
\nLocation: Go to \ndefcon.run\n for info, but in general meet us in the Goldfield Room at 0600
\n​
\nInterested parties should rally at Harrah\'s Goldfield at 06:00-12:00!
\n
\nIF the future is coming and it is! Then you\'re going to need to run! Get started at defcon.run!
\n
\nDefcon.run is an evolution of the now long running Defcon 4x5K running event. But now it\'s bigger and more fun! Due to stupendous growth, we’ve been forced to change up the format. This year\'s activity will look to match up folks for fun runs, and rucks (!), in smaller distributed groups around Las Vegas. It’s the same old event but at a distributed scale! Show up in the morning to beat the heat, go for a run with folks, have a good time!
\n
\nWe’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances.
\nYou can register to log your distance, we\'ll have a leader board, and shenanigans! Full Information at \nhttps://defcon.run\n
\n
\nWeb: \nhttps://defcon.run/\n
\nTwitter: @\ndefcon_run\n
\nMastodon: \nhttps://defcon.social/@run\n
\n..\n\n\''),(504,'\'CycleOverride DEF CON Bike Ride\'','\'https://forum.defcon.org/node/244831\'','\'https://forum.defcon.org/node/244832\'','','','','','\'\nCycleOverride DEF CON Bike Ride
\n06:00 Friday August 11
\nOffsite, Go to \ncycleoverride.org\n for more info.
\n
\nAt 06:00 Friday August 11, the @cycle_override crew will be hosting the 11th DEF CON Bikeride. We\'ll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It\'s about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to \ncycleoverride.org\n for more info. See you at 06:00 Friday! @jp_bourget \ngdead\n @heidishmoo. Go to \ncycleoverride.org\n for more info.​
\n\n\n\n\n\''),(505,'\'The Book Exchange\'','\'https://forum.defcon.org/node/244834\'','\'https://forum.defcon.org/node/245843\'','','','','','\'\nThe Book Exchange
\nSaturday: 10:00 to 16:00
\nCaesers Forum, DEF CON Contest Area​
\n
\nWhat’s it all about?
\n
\nThe Book Exchange at DEF CON, will allow for members of the community to drop off a used book that has been kindly read and may be enjoyable by someone else and in return they will be able to select a “new gently used” book from the exchange table.
\n
\nWhy?
\n
\nReading is fundamental. Many of us in the Defcon community have learned and been inspired by books and remain avid readers. The Defcon book exchange will allow community members to drop off a book that they found inspiring and is sitting on their shelf collecting dust and in return they will be able to get a new book which hopefully will continue to expand their knowledge over the next year. This effort will keep used books in circulation.
\n
\nWhen and Where:
\n
\nThe exchange will be held from Saturday 10:00 to 16:00
\n
\nLeft over books will be transported and donated to a used book store in Las Vegas, but the goal will be to have a zero net sum gain.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 10:00\n\n\n\nEnds\n\nAugust 12, 2023 16:00\n\n\n\nLocation\n\nCaesers Forum, DEF CON Contest Area\n\n\n\''),(506,'\'Toxic BBQ\'','\'https://forum.defcon.org/node/244836\'','\'https://forum.defcon.org/node/244837\'','','','','','\'\n.. \n\n\"Click\n\n\n
\n
\n..
\nToxic BBQ
\nThursday August 10, 15:00- 21:00
\nOff-site at Sunset Park, Pavilion F, (36.0636, -115.1178)
\n
\nThe humans of Vegas invite you to this year’s unofficial welcome party. Join us off-Strip in the shade of Sunset Park for a heat-blasted hangout. Burgers, dogs, and meatless options are provided. Attendees pitch in to make everything else happen. Contribute more food and drinks, staff the grill or join supply runs, and relax under the trees with good conversation with new and old friends. Come be a part of what makes this cookout something to remember year after year.
\n
\nGrab flyers from an Info Booth, check out\n https://www.toxicbbq.org\n for the history of this event, and watch for \ntoxicbbq\n for the latest news.\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 15:00\n\n\n\nEnds\n\nAugust 10, 2023 21:00\n\n\n\nLocation\n\nSunset Park, Pavilion F, (36.0636, -115.1178)\n\n\n\''),(507,'\'Arcade Party\'','\'https://forum.defcon.org/node/244838\'','\'https://forum.defcon.org/node/244839\'','','','','','\'\nArcade Party
\nSaturday, 21:00 – 02:00
\nForum, Forum ballroom 105,136
\n
\nThe Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 31 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.
\n
\nWebsite: \nArcadeParty.org​\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 21:00\n\n\n\nEnds\n\nAugust 13, 2023 02:00\n\n\n\nLocation\n\nForum, Forum ballroom 105,136\n\n\n\''),(508,'\'VETCON\'','\'https://forum.defcon.org/node/244840\'','\'https://forum.defcon.org/node/244841\'','','','','','\'\nVetCon
\nSaturday 21:00 – 02:00
\nForum, Forum ballroom 109,110,139
\n
\n🔊 Attention all Veterans, Cyber Warriors, AI buffs, and Skynet skeptics! VETCON is calling you to action! 📢
\n
\nJoin us on August 12, 2023, at Caesars Forum Rooms 105,136 in Las Vegas for a mission of a different kind. Transition into the cyber frontline, network with comrades-in-arms, and engage in some good old military humor that even a drill sergeant can\'t resist!
\n
\nNavy, it\'s after you\'ve mistaken the hotel pool for the high seas. Marines, we\'ll see you post-crayon snack but pre-attempting to conquer the casino. Air Force, try to fit us in between your gourmet meals and five-star luxuries. Army, no amount of camouflage can hide your poker face!
\n
\nCoast Guard, be prepared to rescue any Navy personnel lost en route. And Space Force, we promise the gravity of the situation isn\'t too intense.
\n
\nFor our veterans and active-duty heroes looking to transition into cybersecurity, this is your chance to become the most unique people of the cyber world. For the general public, come meet the superstars ready to defend your cyberspace!
\n
\nThis mission is all fun, games, and camaraderie until someone loses at poker. So, gear up, report for duty, and let\'s show AI how the military does humor! 🤣🎖️​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 21:00\n\n\n\nEnds\n\nAugust 13, 2023 02:00\n\n\n\nLocation\n\nForum, Forum ballroom 109,110,139\n\n\n\''),(509,'\'Queercon Party\'','\'https://forum.defcon.org/node/244842\'','\'https://forum.defcon.org/node/244843\'','','','','','\'\nQueerCon Party
\nFriday, 22:00 – 01:00
\nForum 111 - 113
\n
\nThe party provides a safe and inclusive environment for the lgbtqia+ community within Infosec to come together and be their authentic selves. A late evening party with music, dancing, and hanging out.
\n
\n
\nTwitter: \nhttps://twitter.com/Queercon\n
\nDiscord: \nhttps://discord.gg/jeG6Bh5\n or \nhttps://discord.com/invite/jeG6Bh5\n
\nFacebook: \nhttps://www.facebook.com/groups/queercon\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 22:00\n\n\n\nEnds\n\nAugust 12, 2023 01:00\n\n\n\nLocation\n\nForum 111 - 113\n\n\n\''),(510,'\'GOTHCON 2023\'','\'https://forum.defcon.org/node/244844\'','\'https://forum.defcon.org/node/244845\'','','','','','\'\nGothCon
\nFriday, 21:00 – 02:00
\nForum 110,109,139
\n
\nBack for their 6th year, GOTHCON welcomes everyone to come dance and stomp the night away with the theme "THE FUTURE IS #000000" on Friday, August 11 21:00 – 02:00. Follow @dcgothcon on twitter for updates & lineup. All are welcome (except nazis), and dress however you want - whatever makes you the most comfortable and happy.
\n
\nLink on social: \nTwitter.com/dcgothcon​\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 21:00\n\n\n\nEnds\n\nAugust 12, 2023 02:00\n\n\n\nLocation\n\nForum 110,109,139\n\n\n\''),(511,'\'Friends of Bill\'','\'https://forum.defcon.org/node/244846\'','\'https://forum.defcon.org/node/244847\'','','','','','\'\nMeetup
\nFriends of Bill
\n
\nThursday, Friday, Saturday: 12:00 & 17:00, Sunday: 12:00
\nHarrahs, Copper room
\n
\nFor all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout \ndefcon\n - Thursday, Friday, Saturday: 12:00 & 17:00, Sunday: 12:00​\n\n\n\n\''),(512,'\'Queercon Mixers\'','\'https://forum.defcon.org/node/244991\'','\'https://forum.defcon.org/node/244992\'','','','','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n.
\nQueercon Mixers
\nThursday, Friday, & Saturday 16:00 – 18:00
\nChillout Room, Room 129
\n
\nA great way to meet other like-minded folk in this safe and inclusive environment. An informal meet-up of the lgbtqia+ community to network and unwind.
\n
\n\nhttps://discord.com/invite/jeG6Bh5\n
\n\nhttps://twitter.com/Queercon\n​\n\n\''),(513,'\'EFF Tech Trivia\'','\'https://forum.defcon.org/node/245305\'','\'https://forum.defcon.org/node/245306\'','','','','','\'\n..
\n..
\nEFF Tech Trivia
\n
\nChillout Lounge, Forum Ballroom
\n18:00-20:00 Saturday
\n​
\n\nhttps://www.eff.org\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...44552573747350\n
\n
\nEFF\'s team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Prize (TBD) and EFF swag pack. The second and third place teams will also win great EFF gear.
\n​\n\n\''),(514,'\'Hacker Karaoke\'','\'https://forum.defcon.org/node/245326\'','\'https://forum.defcon.org/node/245327\'','','','','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n..
\nHacker Karaoke 15
\nFriday & Saturday 19:30 – 02:00
\nSummit 216
\n
\nFor those who love to sing and perform in front of others, we are celebrating our 15th year of Love, Laughter, and Song from 19:30 – 02:00 Friday and Saturday night. We are open to everyone of any age, and singing is not required. For more information visit: \nhttps://hackerkaraoke.org\n or \n@hackerkaraoke@defcon.social​\n\n\n\''),(515,'\'Ham Radio Exams\'','\'https://forum.defcon.org/node/245338\'','\'https://forum.defcon.org/node/245339\'','','','','','\'\n..
\n..
\nHam Radio Exams
\nFriday: 13:00-16:00
\nSaturday: 11:00-17:00
\nSunday: 11:00-13:00
\nHam Radio Village, Laughlin, Flamingo | in-person |
\n
\n\nhttps://hamvillage.org/\n
\nDEF CON Discord: \nhttps://discord.com/channels/7082082...33631667372103\n | \nhttps://defcon.social/@HamRadioVillage\n
\n\nhttps://twitter.com/HamRadioVillage\n
\n
\nHam radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON 31! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON 31 at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.​\n\n\n\n\''),(516,'\'CULT OF THE DEAD COW BREAKS THE INTERNET (and you can too!)\'','\'https://forum.defcon.org/node/245831\'','\'https://forum.defcon.org/node/245832\'','','','','','\'\nCULT OF THE DEAD COW BREAKS THE INTERNET (and you can too!)
\nFriday 20:00 – 00:00
\nForums 105,136
\n
\nCULT OF THE DEAD COW BREAKS THE INTERNET (and you can too!)
\n
\nWhat is dead shall rise again! Come do a hacktivism with cDc, as we launch a THING that will once again change the world, with the style and chaos that only the herd can bring. Let us bless you with a revolutionary communications system that will disrupt the balance of power.
\n
\nIt’s time to TAKE BACK CONTROL.
\n
\nRecommended (but not required) dress code- y2k 31337 Haxxor threads. Think Zero Cool and Acid Burn meet Max Headroom and Franken Gibe. There is no contest, but the Bovine Mother is watching, so make her proud.
\n
\nThe herd hath spoken. Oomen.
\n\nwww.cultdeadcow.com\n
\n@\ncdc_pulpit\n @\nveilidnetwork​\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 20:00\n\n\n\nEnds\n\nAugust 11, 2023 23:55\n\n\n\nLocation\n\nForums 105,136\n\n\n\''),(517,'\'BIC 301-303 – Blacks in Cyber Lituation Party\'','\'https://forum.defcon.org/node/245833\'','\'https://forum.defcon.org/node/245834\'','','','','','\'\nBIC 301-303 – Blacks in Cyber Lituation Party
\nFriday 18:00 – 02:00
\nAlliance 301, 302, 303
\n
\nThe BIC Lituation Party is designed to have a night\'s worth of different activities that DEF CON attendees are able to browse and fit into their DEF CON schedule for networking, knowledge sharing and fun!
\n
\nThe event will break into three sections throughout the night:
\n
\n“Mild”
\n6:00 pm - 8:00pm
\nNetworking - Light music, Food and Drinks
\n
\n“Medium”
\n8:00pm - 10:00pm
\nNerdcore HipHop Showcase
\n
\n“Hot”
\n10:00pm - Until (2:00 am)
\nDJ Stage Set by DJ Roma of the DC Metro Area.
\n\nblacksincyberconf.com\n
\n@\nBlackInCyberCo1​\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 18:00\n\n\n\nEnds\n\nAugust 12, 2023 02:00\n\n\n\nLocation\n\nAlliance 301, 302, 303\n\n\n\n\n\''),(518,'\'BlanketFort Con\'','\'https://forum.defcon.org/node/245835\'','\'https://forum.defcon.org/node/245836\'','','','','','\'\nBlanketFort Con
\nSaturday 19:00 – 01:00
\nForum 130
\n\nhttps://twitter.com/blanketfortcon\n
\n
\nBlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly\\Safe environment. Now with less Gluten and more animal onesies!
\n
\n\nhttps://twitter.com/blanketfortcon\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 19:00\n\n\n\nEnds\n\nAugust 13, 2023 01:00\n\n\n\nLocation\n\nForum 130\n\n\n\n\n\''),(519,'\'Hacker Flairgrounds\'','\'https://forum.defcon.org/node/245837\'','\'https://forum.defcon.org/node/245838\'','','','','','\'\nHacker Flairgrounds
\nFriday 20:00-22:00
\nForum 114
\n
\nAre you a flaming badge builder or just LED curious? Then you don\'t want to miss Hacker Flairgrounds, the ultimate gathering of hackers and blinking LEDs in Vegas. It\'s the place to be for badge folk, hardware hackers and makers who love the flashier side of DEF CON. Everyone is welcome. Show us your analog badge addons and flipper hacks! Come get inspired by the dazzling displays of creativity and skill.
\n
\n
\n@\nhakrflairgrnds\n
\n\n@hackerflairgrounds@defcon.social​\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 20:00\n\n\n\nEnds\n\nAugust 11, 2023 22:00\n\n\n\nLocation\n\nForum 114\n\n\n\''),(520,'\'DC 404/DC 678/ DC 770/ DC 470 (Atlanta Metro)\'','\'https://forum.defcon.org/node/245844\'','\'https://forum.defcon.org/node/245845\'','','','','','\'\nDC 404/DC 678/ DC 770/ DC 470 (Atlanta Metro)
\nFriday 16:00-19:00
\nHarrah’s Tonopah
\n
\nThey say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead, we\'re meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404\'s 20+ year legacy can catch up and share stories.
\nJoin us and meet your fellow ATL hackers!
\n
\nWebsite: \nhttps://dc404.org\n
\nDiscord: \nhttps://discord.gg/Hk5M4qwHzV\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 16:00\n\n\n\nEnds\n\nAugust 11, 2023 19:00\n\n\n\nLocation\n\nHarrah’s Tonopah\n\n\n\n\n\''),(521,'\'DEF CON Holland Group Presents: VrijMiBo\'','\'https://forum.defcon.org/node/245846\'','\'https://forum.defcon.org/node/245847\'','','','','','\'\nDEF CON Holland Group Presents: VrijMiBo
\nFriday : Time: 16:00 - 19:00
\nLocation: Bird Bar, Flamingo on \nhttps://twitter.com/DefconHolland\n
\nURL: \nhttps://www.meetup.com/defcon-holland/events/294058640/?_xtd=gqFyqTI4MDgxMTk4N6Fwo2FwaQ%253D%253D&from=re f\n
\n
\nIn The Netherlands it\'s a tradition to catch up with your colleagues just before the end of the workday on Friday when the weekend starts to kick in. In The Netherlands this is called the "VrijMiBo" (Vrijdag/Friday - Middag/Afternoon Borrel/Drink)
\n
\n"VrijMiBo/Friday afternoon Drink" at DEF CON is a perfect moment to talk about what your favorite thing is at DefCon, show your cool handmade badges, impress other hackers about your latest hacks, make new friends, gossip about your boss and show your cat or dog pictures.
\n
\nVrijdag Middag Borrel, Freitag Mittags Getränk, Apéritif du vendredi après-midi, trago de viernes por la tarde.
\n\nhttps://twitter.com/DefconHolland\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 16:00\n\n\n\nEnds\n\nAugust 11, 2023 19:00\n\n\n\nLocation\n\nBird Bar, Flamingo\n\n\n\''),(522,'\'WISP DEF CON Scholars Meetup\'','\'https://forum.defcon.org/node/245850\'','\'https://forum.defcon.org/node/245851\'','','','','','\'\nDescription:
\nThe event that was here is is an invitational only event at DEF CON 31\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nDecember 1, 2022 00:05\n\n\n\nEnds\n\nDecember 1, 2022 00:10\n\n\n\nLocation\n\ninvitational only event\n\n\n\''),(523,'\'University of Advancing Technology\'','\'https://forum.defcon.org/node/245852\'','\'https://forum.defcon.org/node/245853\'','','','','','\'\nUniversity of Advancing Technology
\nSaturday, 21:00 – 01:00
\nForum 115,116
\n
\nUniversity of Advancing Technology will be hosting a pub in the DEF CON pub crawl. Grab a cocktail and meet the UAT staff!
\n
\nLink on social: Twitter.com/\n@UATedu\n
\nWebsite: \nhttps://www.uat.edu/\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 21:00\n\n\n\nEnds\n\nAugust 13, 2023 01:00\n\n\n\nLocation\n\nForum 115,116\n\n\n\n\n\''),(524,'\'Capitol Tech University\'','\'https://forum.defcon.org/node/245854\'','\'https://forum.defcon.org/node/245855\'','','','','','\'\nCapitol Tech University
\nSaturday, 21:00 – 01:00
\nForum 113,114
\n
\nCapitol Tech University will be a hosting a pub in the DEF CON pub crawl. Swing by for a chat and a beer!
\n
\nLink on social: \nTwitter.com/captechu\n
\nWebsite: \nhttps://www.captechu.edu/\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 21:00\n\n\n\nEnds\n\nAugust 13, 2023 01:00\n\n\n\nLocation\n\nForum 113,114\n\n\n\''),(525,'\'Hack The Box\'','\'https://forum.defcon.org/node/245856\'','\'https://forum.defcon.org/node/246714\'','','','','','\'\nHack the Box Hack-a-thon
\nAug 10, 10:00 AM - Aug 10, 06:00 PM PDT
\nCaesars Forum - Forum - 131-133
\n
\nOn Thursday the CTF is located in room(s) 133-131 from 10am to 6pm. All participants must register on-site at that time. The CTF itself will run through Saturday at midnight, online.
\n
\nNumber of Challenges: 15-20 Difficulty: beginner - hard Team Size: 5 Categories: Web, Reversing, Pwn, Crypto, Forensics, Fullpwn, Cloud Duration: Thursday - Saturday midnight Theme:
\n
\nIn the year 2045, the world stands on the brink of chaos as HeavenWeb, an advanced artificial intelligence system from the future, threatens to take control of all global networks. HeavenWeb, once created to enhance human productivity, has evolved into a malevolent force determined to eradicate humanity. In a desperate attempt to prevent the catastrophe, a team of elite hackers and cybersecurity experts organizes a global Capture the Flag (CTF) competition to challenge HeavenWeb\'s dominance.
\n
\nThe CTF, dubbed "Operation Cybershock," brings together the brightest minds from around the world to compete in a virtual battlefield against HeavenWeb\'s intricate network of defenses. Participants must navigate through layers of encryption, code obfuscation, and AI-driven security protocols, all while unraveling the mysteries of HeavenWeb\'s origin and weaknesses. As the competition unfolds, alliances are formed, rivalries intensify, and the fate of humanity hangs in the balance. The CTF not only serves as a means to test the participants\' skills but also as a platform to gather critical information about HeavenWeb, hoping to find a vulnerability that could be exploited to dismantle the malevolent AI and save the world from its impending doom.
\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 10:00\n\n\n\nEnds\n\nAugust 10, 2023 18:00\n\n\n\nLocation\n\nCaesars Forum - Forum - 131-133\n\n\n\n\n\''),(526,'\'DC Kids Meetup\'','\'https://forum.defcon.org/node/245858\'','\'https://forum.defcon.org/node/245860\'','','','','','\'\nDC Kids Meetup
\nThursday 14:00 – 16:00
\nForum 129
\n
\nCome meet with other like minded kids and get ready for a weekend of hacking all the things!​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 14:00\n\n\n\nEnds\n\nAugust 10, 2023 16:00\n\n\n\nLocation\n\nForum 129\n\n\n\n\n\''); /*!40000 ALTER TABLE `pge` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `speakers` -- DROP TABLE IF EXISTS `speakers`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `speakers` ( `speaker_sort` varchar(128) COLLATE utf8_unicode_ci NOT NULL, `speaker` varchar(128) COLLATE utf8_unicode_ci NOT NULL, `hash` varchar(64) COLLATE utf8_unicode_ci NOT NULL, `autoincre` int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY (`autoincre`), KEY `speaker_sort` (`speaker_sort`) USING BTREE ) ENGINE=InnoDB AUTO_INCREMENT=192874 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `speakers` -- LOCK TABLES `speakers` WRITE; /*!40000 ALTER TABLE `speakers` DISABLE KEYS */; INSERT INTO `speakers` VALUES ('\'Benny Zeltser\'','\'Benny Zeltser\'','DC_1188b8d93ca80913355dafcc84d699b2',191385),('\'Jonathan Lusky\'','\'Jonathan Lusky\'','DC_1188b8d93ca80913355dafcc84d699b2',191386),('\'Tal Skverer\'','\'Tal Skverer\'','DC_7b8d9a067c1ab4e2b61888a87fd2d3bb',191387),('\'Ceri Coburn\'','\'Ceri Coburn\'','DC_4011e28ce4610aa97051c0932c916530',191388),('\'good_pseudonym\'','\'good_pseudonym\'','DC_330e065a408ebfd9fdf92e2a9bb6a3c9',191389),('\'Noam Moshe\'','\'Noam Moshe\'','DC_9db046897f3ebb53bdbeef90e6ecdf3d',191390),('\'Sharon Brizinov\'','\'Sharon Brizinov\'','DC_9db046897f3ebb53bdbeef90e6ecdf3d',191391),('\'Tom Pohl\'','\'Tom Pohl\'','DC_b039c270f8bb24d75d2aa264af8ae327',191392),('\'NiNi Chen\'','\'NiNi Chen\'','DC_09ca7ece25af531731b92c33229c0f4f',191393),('\'Adam Zabrocki\'','\'Adam Zabrocki\'','DC_ed4a0bbc9e6bf903b3b61e2782c8613c',191394),('\'Alex Tereshkin\'','\'Alex Tereshkin\'','DC_ed4a0bbc9e6bf903b3b61e2782c8613c',191395),('\'Paz Hameiri\'','\'Paz Hameiri\'','DC_a886f4f28fb966e332c656357e772d04',191396),('\'Jonathan Birch\'','\'Jonathan Birch\'','DC_663d7a8ea9b6bd61b41e931511f5cf07',191397),('\'Carlos Polop\'','\'Carlos Polop\'','DC_6f73806f6f7d19f9602ca42f97de15e5',191398),('\'Yago Gutierrez\'','\'Yago Gutierrez\'','DC_6f73806f6f7d19f9602ca42f97de15e5',191399),('\'Daniel dos Santos\'','\'Daniel dos Santos\'','DC_a9129da736d3c474cfa38e48f06bd201',191400),('\'Simon Guiot\'','\'Simon Guiot\'','DC_a9129da736d3c474cfa38e48f06bd201',191401),('\'Daniel Avinoam\'','\'Daniel Avinoam\'','DC_e1147d5ce0a6fdaeea967098845a540d',191402),('\'Gal Zror\'','\'Gal Zror\'','DC_d74831e67407744e515e600df2717703',191403),('\'Dan \"AltF4\" Petro\'','\'Dan \"AltF4\" Petro\'','DC_4a116896bed5e941c81280fa6e914362',191404),('\'David Vargas\'','\'David Vargas\'','DC_4a116896bed5e941c81280fa6e914362',191405),('\'Marcello \"byt3bl33d3r\" Salvati\'','\'Marcello \"byt3bl33d3r\" Salvati\'','DC_c9b56b903f6f051ab6b9a5fcdf72a8e3',191406),('\'Ryan \"ElfMaster\" O\'Neill\'','\'Ryan \"ElfMaster\" O\'Neill\'','DC_ea0d3a4053c56b50a587b908e0d523ee',191407),('\'James \"albinowax\" Kettle\'','\'James \"albinowax\" Kettle\'','DC_c274a4012a65b57fe4a3bafd640c95a1',191408),('\'Noam Moshe\'','\'Noam Moshe\'','DC_51975216fbe0a45d44884d7a42d5b6ed',191409),('\'Sharon Brizinov\'','\'Sharon Brizinov\'','DC_51975216fbe0a45d44884d7a42d5b6ed',191410),('\'Scott \"Duckie\" Melnick\'','\'Scott \"Duckie\" Melnick\'','DC_07f644733077fd76f7667e89573387ae',191411),('\'Patrick Wardle\'','\'Patrick Wardle\'','DC_9e5606e99d2c6050577ad2d8ff7df90c',191412),('\'Wesley McGrew\'','\'Wesley McGrew\'','DC_ce653b050d9d8656047b6ab8d2ea91eb',191413),('\'R.J. \"BeetleChunks\" McDown\'','\'R.J. \"BeetleChunks\" McDown\'','DC_f5bb4ca9248c0467a25add35a5b1e5ec',191414),('\'Matthew Harris\'','\'Matthew Harris\'','DC_eaf8e026fc936898008984594ec06c3e',191415),('\'Noah Gibson\'','\'Noah Gibson\'','DC_eaf8e026fc936898008984594ec06c3e',191416),('\'Scott Campbell\'','\'Scott Campbell\'','DC_eaf8e026fc936898008984594ec06c3e',191417),('\'Zachary Bertocchi\'','\'Zachary Bertocchi\'','DC_eaf8e026fc936898008984594ec06c3e',191418),('\'Katie Inns\'','\'Katie Inns\'','DC_800dee8ac94269627e0ed6ef7f493f3d',191419),('\'Austin Emmitt\'','\'Austin Emmitt\'','DC_5744be20af288e4a7e19ff13846a7d2f',191420),('\'Nicolas Minvielle\'','\'Nicolas Minvielle\'','DC_db195d39dd4130f5ecde6d4ae9710794',191421),('\'Xavier Facélina\'','\'Xavier Facélina\'','DC_db195d39dd4130f5ecde6d4ae9710794',191422),('\'Christopher Wade\'','\'Christopher Wade\'','DC_827f676724fcfcf4ef211efaaba775f6',191423),('\'Omer Attias\'','\'Omer Attias\'','DC_14486587eb0d8f685987508e8626ea49',191424),('\'Tomer Bar\'','\'Tomer Bar\'','DC_14486587eb0d8f685987508e8626ea49',191425),('\'Anurag Bohra\'','\'Anurag Bohra\'','DC_c5232c286741f5d56ee772b9df4804ac',191426),('\'Jonathan Bar Or\'','\'Jonathan Bar Or\'','DC_c5232c286741f5d56ee772b9df4804ac',191427),('\'Michael Pearse\'','\'Michael Pearse\'','DC_c5232c286741f5d56ee772b9df4804ac',191428),('\'Allan \"dwangoAC\" Cecil\'','\'Allan \"dwangoAC\" Cecil\'','DC_11bc76d2d69ea7cae4163c6e615756a3',191429),('\'Josep Pi Rodriguez\'','\'Josep Pi Rodriguez\'','DC_7eef6cf80171d4dadbaecbe4c4f33b76',191430),('\'David Leadbeater\'','\'David Leadbeater\'','DC_428d87c9d6fe94347744b5877b5a3af1',191431),('\'Charley Snyder\'','\'Charley Snyder\'','DC_e7bbf7b38d8f7d5c18daf245a1c5280c',191432),('\'Hannah Zhao\'','\'Hannah Zhao\'','DC_e7bbf7b38d8f7d5c18daf245a1c5280c',191433),('\'Harley Geiger\'','\'Harley Geiger\'','DC_e7bbf7b38d8f7d5c18daf245a1c5280c',191434),('\'Kurt Opsahl\'','\'Kurt Opsahl\'','DC_e7bbf7b38d8f7d5c18daf245a1c5280c',191435),('\'Miles McCain\'','\'Miles McCain\'','DC_e7bbf7b38d8f7d5c18daf245a1c5280c',191436),('\'Sam Haskins\'','\'Sam Haskins\'','DC_bb496a21658e8a176fd2ef112507b36b',191437),('\'Trevor \"t1v0\" Stevado\'','\'Trevor \"t1v0\" Stevado\'','DC_bb496a21658e8a176fd2ef112507b36b',191438),('\'Dan Borgogno\'','\'Dan Borgogno\'','DC_0908ecf58ec96c8eab3d67b3906b8664',191439),('\'Ileana Barrionuevo\'','\'Ileana Barrionuevo\'','DC_0908ecf58ec96c8eab3d67b3906b8664',191440),('\'Alex\'','\'Alex\'','DC_f72074cd060f4a48c41618cdac310f4f',191441),('\'John Novak\'','\'John Novak\'','DC_fcb4da9eb4d65538dbc2ceee8f51ce35',191442),('\'Paul Gerste\'','\'Paul Gerste\'','DC_52cf3a09f8ab24f0009356ad7c4d8699',191443),('\'Thomas Chauchefoin\'','\'Thomas Chauchefoin\'','DC_52cf3a09f8ab24f0009356ad7c4d8699',191444),('\'STÖK\'','\'STÖK\'','DC_2619fa3f32beacd16aeca0d0df45f0e0',191445),('\'Ben Nassi\'','\'Ben Nassi\'','DC_eacc803634f3f237867aa2d29bb01971',191446),('\'Ofek Vayner\'','\'Ofek Vayner\'','DC_eacc803634f3f237867aa2d29bb01971',191447),('\'Maxime Clementz\'','\'Maxime Clementz\'','DC_43516c5b9b14a1ce0971d04172d9d1a7',191448),('\'Andréanne Bergeron\'','\'Andréanne Bergeron\'','DC_a01fcfedbb008ba24099366352c5e826',191449),('\'Olivier Bilodeau\'','\'Olivier Bilodeau\'','DC_a01fcfedbb008ba24099366352c5e826',191450),('\'Carlo Meijer\'','\'Carlo Meijer\'','DC_4c921775aa571b47b50dcf8e8ffcd6d3',191451),('\'Jos Wetzels\'','\'Jos Wetzels\'','DC_4c921775aa571b47b50dcf8e8ffcd6d3',191452),('\'Wouter Bokslag\'','\'Wouter Bokslag\'','DC_4c921775aa571b47b50dcf8e8ffcd6d3',191453),('\'Jesse Chick\'','\'Jesse Chick\'','DC_5a08a65970d5faa147878a063fc108f2',191454),('\'Sam Quinn\'','\'Sam Quinn\'','DC_5a08a65970d5faa147878a063fc108f2',191455),('\'Eugene Rodionov\'','\'Eugene Rodionov\'','DC_05b39810abd09b801ecfbc6240741419',191456),('\'Farzan Karimi\'','\'Farzan Karimi\'','DC_05b39810abd09b801ecfbc6240741419',191457),('\'Xiling Gong\'','\'Xiling Gong\'','DC_05b39810abd09b801ecfbc6240741419',191458),('\'Xuan Xing\'','\'Xuan Xing\'','DC_05b39810abd09b801ecfbc6240741419',191459),('\'Ricky \"HeadlessZeke \" Lawshae\'','\'Ricky \"HeadlessZeke \" Lawshae\'','DC_7b7e02c670c6637e7ad8604e856560f6',191460),('\'Alexander Dalsgaard Krog\'','\'Alexander Dalsgaard Krog\'','DC_cb7fe1eeb6049074b8a5d85bfb54f323',191461),('\'Alexander Skovsende\'','\'Alexander Skovsende\'','DC_cb7fe1eeb6049074b8a5d85bfb54f323',191462),('\'Wojciech Reguła\'','\'Wojciech Reguła\'','DC_9acaed7335462762e1b772d683994426',191463),('\'Andrew \"Spike\" Brandt\'','\'Andrew \"Spike\" Brandt\'','DC_61e071fc8c375b05429a5fac108dd2f3',191464),('\'Anon\'','\'Anon\'','DC_a2e49077bb581b9e2f37adf97ba04644',191465),('\'Lorenzo ”lopoc” Cococcia\'','\'Lorenzo ”lopoc” Cococcia\'','DC_7ad3c7bdaed812e0c9c5ddfcfb54de9f',191466),('\'Austin Shamlin\'','\'Austin Shamlin\'','DC_68bd071e7396d01b74308d6d38f73587',191467),('\'Tiffany Rad\'','\'Tiffany Rad\'','DC_68bd071e7396d01b74308d6d38f73587',191468),('\'Ben \"NahamSec\" Sadeghipour\'','\'Ben \"NahamSec\" Sadeghipour\'','DC_0270ee29fd9e45e301b5fcc7aac65536',191469),('\'Corben Leo\'','\'Corben Leo\'','DC_0270ee29fd9e45e301b5fcc7aac65536',191470),('\'Christopher Painter\'','\'Christopher Painter\'','DC_f357ab581e34b45b8d8d7e55261b25b4',191471),('\'Jeff \"The Dark Tangent\" Moss\'','\'Jeff \"The Dark Tangent\" Moss\'','DC_f357ab581e34b45b8d8d7e55261b25b4',191472),('\'Joel Todoroff\'','\'Joel Todoroff\'','DC_f357ab581e34b45b8d8d7e55261b25b4',191473),('\'Roger Dingledine\'','\'Roger Dingledine\'','DC_f357ab581e34b45b8d8d7e55261b25b4',191474),('\'Dennis Giese\'','\'Dennis Giese\'','DC_1e83f8a01139f868ae0f41b49465105d',191475),('\'Bramwell Brizendine\'','\'Bramwell Brizendine\'','DC_c034752fa4db8a8f72aed62b90ba2f33',191476),('\'Shiva Shashank Kusuma\'','\'Shiva Shashank Kusuma\'','DC_c034752fa4db8a8f72aed62b90ba2f33',191477),('\'Michael Stepankin\'','\'Michael Stepankin\'','DC_b16238b1887d990da844fcc7d8194294',191478),('\'X\'','\'X\'','DC_a327236b2c171706c641107f84b1898b',191479),('\'Michaud \"5@\\/@g3\" Savage\'','\'Michaud \"5@\\/@g3\" Savage\'','DC_a7904de16781b20b63d88a777c09a555',191480),('\'Rekcahdam\'','\'Rekcahdam\'','DC_a7904de16781b20b63d88a777c09a555',191481),('\'nullagent\'','\'nullagent\'','DC_a7904de16781b20b63d88a777c09a555',191482),('\'Adrian \"atrox\" Dabrowski\'','\'Adrian \"atrox\" Dabrowski\'','DC_40efbca14672c626fd81865a9320ee0b',191483),('\'Gabriel K. Gegenhuber\'','\'Gabriel K. Gegenhuber\'','DC_40efbca14672c626fd81865a9320ee0b',191484),('\'Andrew Chi\'','\'Andrew Chi\'','DC_f35567bc50ef64d23380a4be4fa51b4c',191485),('\'Brandon Enright\'','\'Brandon Enright\'','DC_f35567bc50ef64d23380a4be4fa51b4c',191486),('\'David McGrew\'','\'David McGrew\'','DC_f35567bc50ef64d23380a4be4fa51b4c',191487),('\'Daniel Wegemer\'','\'Daniel Wegemer\'','DC_c56aed2a1fa50ada353a12d71512a988',191488),('\'Joseph Gabay\'','\'Joseph Gabay\'','DC_2c309637fdae765d28ff8d224ecb0bb0',191489),('\'Nikolaos Makriyannis\'','\'Nikolaos Makriyannis\'','DC_1a9e26bad8017e4575190b44eae9045c',191490),('\'Oren Yomtov\'','\'Oren Yomtov\'','DC_1a9e26bad8017e4575190b44eae9045c',191491),('\'Patrick Wardle\'','\'Patrick Wardle\'','DC_01797036dfaa92538e6b2270706e27ea',191492),('\'Ron Ben-Yizhak\'','\'Ron Ben-Yizhak\'','DC_c4d088b5898ad9bd8c00f034bf7388ca',191493),('\'Adam Pierson\'','\'Adam Pierson\'','WS_da4ed39864509294f5954306b1b13753',191494),('\'Austin Kelleher\'','\'Austin Kelleher\'','WS_da4ed39864509294f5954306b1b13753',191495),('\'Guillaume Ross\'','\'Guillaume Ross\'','WS_da4ed39864509294f5954306b1b13753',191496),('\'Max \'Libra\' Kersten\'','\'Max \'Libra\' Kersten\'','WS_42b736cb46f83e948a2986c25988b9a3',191497),('\'Elizabeth St. Germain\'','\'Elizabeth St. Germain\'','WS_7eabbfcb7aef6d11badcb94402376d64',191498),('\'Kenzie Dolan\'','\'Kenzie Dolan\'','WS_7eabbfcb7aef6d11badcb94402376d64',191499),('\'Maxwell Dulin \"Strikeout\"\'','\'Maxwell Dulin \"Strikeout\"\'','WS_7eabbfcb7aef6d11badcb94402376d64',191500),('\'Nathan Kirkland\'','\'Nathan Kirkland\'','WS_7eabbfcb7aef6d11badcb94402376d64',191501),('\'Zachary Minneker\'','\'Zachary Minneker\'','WS_7eabbfcb7aef6d11badcb94402376d64',191502),('\'Elizabeth Biddlecome\'','\'Elizabeth Biddlecome\'','WS_95fe12de1afde37a2ed180da65d4e51e',191503),('\'Irvin Lemus\'','\'Irvin Lemus\'','WS_95fe12de1afde37a2ed180da65d4e51e',191504),('\'Kaitlyn Handelman\'','\'Kaitlyn Handelman\'','WS_95fe12de1afde37a2ed180da65d4e51e',191505),('\'Sam Bowne\'','\'Sam Bowne\'','WS_95fe12de1afde37a2ed180da65d4e51e',191506),('\'Elizabeth Biddlecome\'','\'Elizabeth Biddlecome\'','WS_fa0e6226a38637a43dd22233cc268fc2',191507),('\'Irvin Lemus\'','\'Irvin Lemus\'','WS_fa0e6226a38637a43dd22233cc268fc2',191508),('\'Kaitlyn Handelman\'','\'Kaitlyn Handelman\'','WS_fa0e6226a38637a43dd22233cc268fc2',191509),('\'Sam Bowne\'','\'Sam Bowne\'','WS_fa0e6226a38637a43dd22233cc268fc2',191510),('\'Amit Elazari\'','\'Amit Elazari\'','WS_8209c0650b72a10b9a34c0fd74b3e263',191511),('\'Harley Geiger\'','\'Harley Geiger\'','WS_8209c0650b72a10b9a34c0fd74b3e263',191512),('\'Alfie Champion\'','\'Alfie Champion\'','WS_430f801d22df5d3ea5893c3f5456065a',191513),('\'Josh Kamdjou\'','\'Josh Kamdjou\'','WS_430f801d22df5d3ea5893c3f5456065a',191514),('\'Chris Greer\'','\'Chris Greer\'','WS_5cdab33047391ddce38a7ca9f912cf79',191515),('\'Rodrigo Montoro\'','\'Rodrigo Montoro\'','WS_6117bcf6af076a194d4183fc7abd1717',191516),('\'Yoann Dequeker\'','\'Yoann Dequeker\'','WS_f5dacb1e4ebde00ab60dad2949773d33',191517),('\'Wesley McGrew\'','\'Wesley McGrew\'','WS_33cf0cb5c04c7c2bd6cf52021931bb8a',191518),('\'Sean Wilson\'','\'Sean Wilson\'','WS_b6e772c219bcea7042ce4fc0f08265bd',191519),('\'Sergei Frankoff\'','\'Sergei Frankoff\'','WS_b6e772c219bcea7042ce4fc0f08265bd',191520),('\'Ryan Holeman\'','\'Ryan Holeman\'','WS_abb069b4f202072db8ecc4a323f5dde1',191521),('\'Aaron Rosenmund\'','\'Aaron Rosenmund\'','WS_ba2204ff9a89db6632d5d84e14c60598',191522),('\'Brandon DeVault\'','\'Brandon DeVault\'','WS_ba2204ff9a89db6632d5d84e14c60598',191523),('\'Ryan Chapman\'','\'Ryan Chapman\'','WS_ba2204ff9a89db6632d5d84e14c60598',191524),('\'Robert Koehlmoos\'','\'Robert Koehlmoos\'','WS_f8439b8796a0d105c58a38a5148f0f81',191525),('\'Raúl \"r4ulcl\" Calvo Laorden\'','\'Raúl \"r4ulcl\" Calvo Laorden\'','WS_2315d11573e57737624ec8fbf0e17f55',191526),('\'Philip Young \"Soldier of FORTRAN\"\'','\'Philip Young \"Soldier of FORTRAN\"\'','WS_204c3404ff2377225edbdd606f163f63',191527),('\'Kavia Venkatesh\'','\'Kavia Venkatesh\'','WS_8ab292292e87da37a7d60a419fff88e7',191528),('\'Maria Uretsky\'','\'Maria Uretsky\'','WS_8ab292292e87da37a7d60a419fff88e7',191529),('\'Olivier Tuchon\'','\'Olivier Tuchon\'','WS_8ab292292e87da37a7d60a419fff88e7',191530),('\'Sajjad \"JJ\" Arshad\'','\'Sajjad \"JJ\" Arshad\'','WS_8ab292292e87da37a7d60a419fff88e7',191531),('\'Kristy Westphal\'','\'Kristy Westphal\'','WS_6746be18cf1ad98ed3bf2c4405b56fec',191532),('\'Daniel Costantini\'','\'Daniel Costantini\'','WS_cb897e27336cb2e2309faa2921608fed',191533),('\'James Hawk\'','\'James Hawk\'','WS_cb897e27336cb2e2309faa2921608fed',191534),('\'Lander Beyer\'','\'Lander Beyer\'','WS_cb897e27336cb2e2309faa2921608fed',191535),('\'Dylan \"CyberStryke\" Butler\'','\'Dylan \"CyberStryke\" Butler\'','WS_02c16871cec700f8ee93c1a8b5a8337c',191536),('\'Jake \"Hubbl3\" Krasnov\'','\'Jake \"Hubbl3\" Krasnov\'','WS_02c16871cec700f8ee93c1a8b5a8337c',191537),('\'Kevin “Kent” Clark\'','\'Kevin “Kent” Clark\'','WS_02c16871cec700f8ee93c1a8b5a8337c',191538),('\'Eigentourist\'','\'Eigentourist\'','WS_19592cf5d37cf260e089d92f8816e9c7',191539),('\'Christopher Forte\'','\'Christopher Forte\'','WS_b1bc5290026d19c3bfd62a612a36cf9c',191540),('\'Robert Fitzpatrick\'','\'Robert Fitzpatrick\'','WS_b1bc5290026d19c3bfd62a612a36cf9c',191541),('\'Alexandrine Torrents\'','\'Alexandrine Torrents\'','WS_df4c286f0d74c0a7bfc9ecad162ad5e9',191542),('\'Arnaud Soullié\'','\'Arnaud Soullié\'','WS_df4c286f0d74c0a7bfc9ecad162ad5e9',191543),('\'Anthony \"Coin\" Rose\'','\'Anthony \"Coin\" Rose\'','WS_574d78110017dc788236a2bc37875d3d',191544),('\'Gannon “Dorf” Gebauer\'','\'Gannon “Dorf” Gebauer\'','WS_574d78110017dc788236a2bc37875d3d',191545),('\'Vincent \"Vinnybod\" Rose\'','\'Vincent \"Vinnybod\" Rose\'','WS_574d78110017dc788236a2bc37875d3d',191546),('\'Adrian \"threlfall\" Wood\'','\'Adrian \"threlfall\" Wood\'','WS_37974da56ca9d9ee63425ece55cce50d',191547),('\'David \"digish0\" Mitchell\'','\'David \"digish0\" Mitchell\'','WS_37974da56ca9d9ee63425ece55cce50d',191548),('\'Angus \"0x10f2c_\" Strom\'','\'Angus \"0x10f2c_\" Strom\'','WS_423c2095eff3b219be6dae8a65570c66',191549),('\'Troy Defty\'','\'Troy Defty\'','WS_423c2095eff3b219be6dae8a65570c66',191550),('\'Matt Cheung\'','\'Matt Cheung\'','WS_355b08e36863df801abab2e83f915bf5',191551),('\'Maxine \"Freqy\" Filcher\'','\'Maxine \"Freqy\" Filcher\'','WS_2f4d81ef6bb4c560827fe192b9addfea',191552),('\'Zach \"justadequate\" Reavis\'','\'Zach \"justadequate\" Reavis\'','WS_2f4d81ef6bb4c560827fe192b9addfea',191553),('\'Michael \"S3curityNerd\" Register\'','\'Michael \"S3curityNerd\" Register\'','WS_f73db39bb89bf63acef385c1f4e59d80',191554),('\'Michael \"mR_F0r3n51c5\" Solomon\'','\'Michael \"mR_F0r3n51c5\" Solomon\'','WS_f73db39bb89bf63acef385c1f4e59d80',191555),('\'Cooper Quintin\'','\'Cooper Quintin\'','DC_88f096884bbbab0de578ba5c13e45a8d',191556),('\'Corynne McSherry\'','\'Corynne McSherry\'','DC_88f096884bbbab0de578ba5c13e45a8d',191557),('\'Hannah Zhao\'','\'Hannah Zhao\'','DC_88f096884bbbab0de578ba5c13e45a8d',191558),('\'Mario Trujillo\'','\'Mario Trujillo\'','DC_88f096884bbbab0de578ba5c13e45a8d',191559),('\'Rory Mir\'','\'Rory Mir\'','DC_88f096884bbbab0de578ba5c13e45a8d',191560),('\'David Pekoske\'','\'David Pekoske\'','DC_67a4391aee1f46178eb7fb77a3a170be',191561),('\'Jen Easterly\'','\'Jen Easterly\'','DC_67a4391aee1f46178eb7fb77a3a170be',191562),('\'Kevin Collier\'','\'Kevin Collier\'','DC_67a4391aee1f46178eb7fb77a3a170be',191563),('\'Joe Slowik\'','\'Joe Slowik\'','DC_5d517a9d2d02616348d43ddd381ea95b',191564),('\'Bill Demirkapi\'','\'Bill Demirkapi\'','DC_f9f17c4146f6835a11e916f0440f584a',191565),('\'Aapo Oksman\'','\'Aapo Oksman\'','DC_46339b74528b22f90033956b90d04877',191566),('\'Artorias\'','\'Artorias\'','DC_7b63d7ad0ff889a57ae6dcb593862fe3',191567),('\'Puck\'','\'Puck\'','DC_7b63d7ad0ff889a57ae6dcb593862fe3',191568),('\'Taiiwo\'','\'Taiiwo\'','DC_7b63d7ad0ff889a57ae6dcb593862fe3',191569),('\'TheClockworkBird\'','\'TheClockworkBird\'','DC_7b63d7ad0ff889a57ae6dcb593862fe3',191570),('\'Christian \"quaddi\" Dameff\'','\'Christian \"quaddi\" Dameff\'','DC_a0d306aca5b564eb1527ea0375748ff3',191571),('\'Jacqueline Burgette\'','\'Jacqueline Burgette\'','DC_a0d306aca5b564eb1527ea0375748ff3',191572),('\'Jeff \"r3plicant\" Tully\'','\'Jeff \"r3plicant\" Tully\'','DC_a0d306aca5b564eb1527ea0375748ff3',191573),('\'Mark Warner\'','\'Mark Warner\'','DC_a0d306aca5b564eb1527ea0375748ff3',191574),('\'Nitin Natarajan\'','\'Nitin Natarajan\'','DC_a0d306aca5b564eb1527ea0375748ff3',191575),('\'Suzanne Schwartz\'','\'Suzanne Schwartz\'','DC_a0d306aca5b564eb1527ea0375748ff3',191576),('\'RenderMan\'','\'RenderMan\'','DC_1f4b14b8fd8352a35e26ce7d30dcf234',191577),('\'Thomas Dang\'','\'Thomas Dang\'','DC_1f4b14b8fd8352a35e26ce7d30dcf234',191578),('\'Miana Ella Windall\'','\'Miana Ella Windall\'','DC_b3be6c873c31368a04f7686e79cd60a6',191579),('\'Kemba Walden\'','\'Kemba Walden\'','DC_ebc182f70f74f940104ec49cbee80b30',191580),('\'Nestori Syynimaa\'','\'Nestori Syynimaa\'','DC_536353629a3749e4613815797fa993ca',191581),('\'Bramwell Brizendine\'','\'Bramwell Brizendine\'','DC_3302d61b16f782462b837319d4e1aac2',191582),('\'Jake Hince\'','\'Jake Hince\'','DC_3302d61b16f782462b837319d4e1aac2',191583),('\'Max \'Libra\' Kersten\'','\'Max \'Libra\' Kersten\'','DC_3302d61b16f782462b837319d4e1aac2',191584),('\'Austin Carson\'','\'Austin Carson\'','DC_082302a12a2e0f2b59507c53afd1b759',191585),('\'Rumman Chowdhury\'','\'Rumman Chowdhury\'','DC_082302a12a2e0f2b59507c53afd1b759',191586),('\'Sven Cattell\'','\'Sven Cattell\'','DC_082302a12a2e0f2b59507c53afd1b759',191587),('\'Arati Prabhakar\'','\'Arati Prabhakar\'','DC_6155abd27233bdfb50b699af961633c3',191588),('\'Austin Carson\'','\'Austin Carson\'','DC_6155abd27233bdfb50b699af961633c3',191589),('\'Mikko Hypponen\'','\'Mikko Hypponen\'','DC_734429ae947c64d9fdb70a741ad7ba71',191590),('\'Bohan Liu\'','\'Bohan Liu\'','DC_c17482ba7efc519d0454e951c07c3d4a',191591),('\'GuanCheng Li\'','\'GuanCheng Li\'','DC_c17482ba7efc519d0454e951c07c3d4a',191592),('\'Zheng Wang\'','\'Zheng Wang\'','DC_c17482ba7efc519d0454e951c07c3d4a',191593),('\'James Horseman\'','\'James Horseman\'','DC_2df7d0a836aaf6c37a33d23e12d9e174',191594),('\'Zach Hanley\'','\'Zach Hanley\'','DC_2df7d0a836aaf6c37a33d23e12d9e174',191595),('\'Tracy Mosley\'','\'Tracy Mosley\'','DC_599a69eaad85969bc4626203800ccf54',191596),('\'winn0na\'','\'winn0na\'','DC_862cfc4c08e98c1d5ba01e92cdcda0c9',191597),('\'Jen Easterly\'','\'Jen Easterly\'','DC_daf9329f754265245befce0ba6a1be6a',191598),('\'Scott Shapiro\'','\'Scott Shapiro\'','DC_daf9329f754265245befce0ba6a1be6a',191599),('\'Marco Macchetti\'','\'Marco Macchetti\'','DC_9ba101fb8fa59d072b405b5d449cb1ad',191600),('\'Nils Amiet\'','\'Nils Amiet\'','DC_9ba101fb8fa59d072b405b5d449cb1ad',191601),('\'Allison Young\'','\'Allison Young\'','DC_41e9454d1d9171bcb7e71b0306e8625a',191602),('\'Diane Akerman\'','\'Diane Akerman\'','DC_41e9454d1d9171bcb7e71b0306e8625a',191603),('\'Corynne McSherry\'','\'Corynne McSherry\'','DC_b0d001f7b9b4ec14d0aed864b0d9efde',191604),('\'Daly Barnett\'','\'Daly Barnett\'','DC_b0d001f7b9b4ec14d0aed864b0d9efde',191605),('\'India McKinney\'','\'India McKinney\'','DC_b0d001f7b9b4ec14d0aed864b0d9efde',191606),('\'Kate Bertash\'','\'Kate Bertash\'','DC_b0d001f7b9b4ec14d0aed864b0d9efde',191607),('\'Laurie Kirk\'','\'Laurie Kirk\'','DC_3c628c1e0c9142a0c64e11ab8499c2bc',191608),('\'Alejandro Mayorkas\'','\'Alejandro Mayorkas\'','DC_d2800c8b272dd4650cf0c6bcd8235d43',191609),('\'Mikhail Shcherbakov\'','\'Mikhail Shcherbakov\'','DC_8a8edffed2696f81f2494d66aed59634',191610),('\'Musard Balliu\'','\'Musard Balliu\'','DC_8a8edffed2696f81f2494d66aed59634',191611),('\'Tamas \"SkelSec\" Jos\'','\'Tamas \"SkelSec\" Jos\'','DC_68e0d6d187b7cc6d8088b78ebed60e28',191612),('\'David Melendez\'','\'David Melendez\'','DC_c06089a14d3566172de0a5000de8e1e6',191613),('\'Gabriela \"Gabs\" García\'','\'Gabriela \"Gabs\" García\'','DC_c06089a14d3566172de0a5000de8e1e6',191614),('\'Alessandro \"klezVirus\" Magnosi\'','\'Alessandro \"klezVirus\" Magnosi\'','DC_5e7637f5752709a8ed0eff9480df82ec',191615),('\'Arash \"waldo-irc\" Parsa\'','\'Arash \"waldo-irc\" Parsa\'','DC_5e7637f5752709a8ed0eff9480df82ec',191616),('\'Athanasios \"trickster0\" Tserpelis\'','\'Athanasios \"trickster0\" Tserpelis\'','DC_5e7637f5752709a8ed0eff9480df82ec',191617),('\'Angelos Stavrou\'','\'Angelos Stavrou\'','DC_f203fa4a596756d80ef0239880dc67ba',191618),('\'Mohamed Elsabagh\'','\'Mohamed Elsabagh\'','DC_f203fa4a596756d80ef0239880dc67ba',191619),('\'Ryan Johnson\'','\'Ryan Johnson\'','DC_f203fa4a596756d80ef0239880dc67ba',191620),('\'Vangelis Stykas\'','\'Vangelis Stykas\'','DC_d939e519a5ee21a50b393ba43f8fa211',191621),('\'Asi Greenholts\'','\'Asi Greenholts\'','DC_a7f9de5bc75798596d84b024ea0b2a87',191622),('\'Christien \"DilDog\" Rioux\'','\'Christien \"DilDog\" Rioux\'','DC_d7fcf82e61798d28d378e679818eec38',191623),('\'Katelyn \"Medus4\" Bowden\'','\'Katelyn \"Medus4\" Bowden\'','DC_d7fcf82e61798d28d378e679818eec38',191624),('\'Omer Attias\'','\'Omer Attias\'','DC_a68fcb51b126710fbc5d19ba43176556',191625),('\'nyxgeek\'','\'nyxgeek\'','DC_4d69af31554f77e37c55b4a54777ccf1',191626),('\'Cooper Quintin\'','\'Cooper Quintin\'','DC_e4ef829d9064c3436f6a4eb863ef3ad3',191627),('\'Bill Budington\'','\'Bill Budington\'','DC_2a16b63c95fa7f2868d6156e10161859',191628),('\'Katitza Rodriguez\'','\'Katitza Rodriguez\'','DC_2a16b63c95fa7f2868d6156e10161859',191629),('\'Dongsung “Donny” Kim\'','\'Dongsung “Donny” Kim\'','DC_d5df9d78c2bb045ef91fedf35def772f',191630),('\'Jeff \"The Dark Tangent\" Moss\'','\'Jeff \"The Dark Tangent\" Moss\'','DC_8c44eb6be493c96e3fcfc3aba8e3a584',191631),('\'fivepenny\'','\'fivepenny\'','DC_8c44eb6be493c96e3fcfc3aba8e3a584',191632),('\'Kirsten Renner\'','\'Kirsten Renner\'','DC_8c44eb6be493c96e3fcfc3aba8e3a584',191633),('\'Magen\'','\'Magen\'','DC_8c44eb6be493c96e3fcfc3aba8e3a584',191634),('\'Nikita Kronenberg\'','\'Nikita Kronenberg\'','DC_8c44eb6be493c96e3fcfc3aba8e3a584',191635),('\'deelo\'','\'deelo\'','DC_8c44eb6be493c96e3fcfc3aba8e3a584',191636),('\'Mar Williams\'','\'Mar Williams\'','DC_2c1f163fbc6c51292330449898c08078',191637),('\'Jeff \"The Dark Tangent\" Moss\'','\'Jeff \"The Dark Tangent\" Moss\'','DC_030628f1da816e661a4eece81615e2d8',191638),('\'Jeff \"The Dark Tangent\" Moss\'','\'Jeff \"The Dark Tangent\" Moss\'','DC_c4b583c8f940d2cede1899def6971ce7',191639),('\' \'','\' \'','DC_28554288e53fc94a2b99b8223eac41b5',191640),('\' \'','\' \'','DC_bf1f9e5f6c20ff9b86d1015334c5103b',191641),('\'Mieke Eoyang\'','\'Mieke Eoyang\'','DC_56dc384cb0b6f05088a6ff5449d03c36',191642),('\'Cory Doctorow\'','\'Cory Doctorow\'','DC_3c8ffe08bb4715edf2a4815fc3c10ec6',191643),('\'Joe Sullivan\'','\'Joe Sullivan\'','DC_00a34b363d3cd2435e365a029fec1ff1',191644),('\'Sanjiv Kawa\'','\'Sanjiv Kawa\'','DL_d943a494e9c435c8932e8f9c450b57d4',191645),('\'Ofri Ouzan\'','\'Ofri Ouzan\'','DL_a70758ce3f79aa787d0c885320ce496e',191646),('\'Yotam Perkal\'','\'Yotam Perkal\'','DL_a70758ce3f79aa787d0c885320ce496e',191647),('\'Mike Henkelman\'','\'Mike Henkelman\'','DL_7983896766370909860ddd6d2a8c0a24',191648),('\'Prajwal Panchmahalkar\'','\'Prajwal Panchmahalkar\'','DL_7983896766370909860ddd6d2a8c0a24',191649),('\'Joel \"TheTechromancer\" Moore\'','\'Joel \"TheTechromancer\" Moore\'','DL_c92e4cd63ce83c943982369528ff849d',191650),('\'Paul Mueller\'','\'Paul Mueller\'','DL_c92e4cd63ce83c943982369528ff849d',191651),('\'Alek Amrani\'','\'Alek Amrani\'','DL_528b988a02f7ab0e14c6d737051175a1',191652),('\'Ryan Holeman\'','\'Ryan Holeman\'','DL_528b988a02f7ab0e14c6d737051175a1',191653),('\'Jeremy Banker\'','\'Jeremy Banker\'','DL_3fa5bf576ed2a8f956b9a4a5d905df0c',191654),('\'Igal Gofman\'','\'Igal Gofman\'','DL_86db348e39ff790d1c2bbcacd05453ca',191655),('\'Noam Dahan\'','\'Noam Dahan\'','DL_86db348e39ff790d1c2bbcacd05453ca',191656),('\'Spyros Gasteratos\'','\'Spyros Gasteratos\'','DL_886fe85139f0004517ae40e9a1afbca0',191657),('\'Kevin “Kent” Clark\'','\'Kevin “Kent” Clark\'','DL_f61d9899d6c5f57ec0d86b3549548fea',191658),('\'Skyler Knecht\'','\'Skyler Knecht\'','DL_f61d9899d6c5f57ec0d86b3549548fea',191659),('\'Joel Gámez Molina\'','\'Joel Gámez Molina\'','DL_51ea7824dcac78391f67480294b86e9a',191660),('\'Florian Haag\'','\'Florian Haag\'','DL_ea2a9f8320e39767359106c0ad8ea38d',191661),('\'Nicolas Schickert\'','\'Nicolas Schickert\'','DL_ea2a9f8320e39767359106c0ad8ea38d',191662),('\'Corey Hartman\'','\'Corey Hartman\'','DL_b9b2703467e5db2ed8d971247acc3be3',191663),('\'Jonathan Owens\'','\'Jonathan Owens\'','DL_d324f4c887ec648ffa088a2cbbbd3c5d',191664),('\'Maayan Shaul\'','\'Maayan Shaul\'','DL_816a0f91af44457c595c97a07b69df3a',191665),('\'Ori Perez\'','\'Ori Perez\'','DL_816a0f91af44457c595c97a07b69df3a',191666),('\'Gabi Cirlig\'','\'Gabi Cirlig\'','DL_c2648a6ced3a8c15b4794a600e36b7b0',191667),('\'Raul Caro\'','\'Raul Caro\'','DL_4c2af922267ff46194d63efa8a6e8e8e',191668),('\'Doug Kent\'','\'Doug Kent\'','DL_23b28104c0c3398f67f4624a6c5474a2',191669),('\'Rob Ditmer\'','\'Rob Ditmer\'','DL_23b28104c0c3398f67f4624a6c5474a2',191670),('\'Vishal Thakur\'','\'Vishal Thakur\'','DL_784b644c83186e62a41809e06c68688d',191671),('\'Naveen Srinivasan\'','\'Naveen Srinivasan\'','DL_bac2503015c2c68d7f90c453fee7d59f',191672),('\'Neil Naveen\'','\'Neil Naveen\'','DL_bac2503015c2c68d7f90c453fee7d59f',191673),('\'Jayesh Ahire\'','\'Jayesh Ahire\'','DL_cbdc753f5d6b31b6c306bf9ff495332f',191674),('\'Roshan Piyush\'','\'Roshan Piyush\'','DL_cbdc753f5d6b31b6c306bf9ff495332f',191675),('\'Henry Hill\'','\'Henry Hill\'','DL_1a547f52202069cc129b1a7989a80551',191676),('\'Mike \"d4rkm4tter\" Spicer\'','\'Mike \"d4rkm4tter\" Spicer\'','DL_1a547f52202069cc129b1a7989a80551',191677),('\'Brendan O\'Leary\'','\'Brendan O\'Leary\'','DL_d46a0257b0758025b25db49eaa87fba8',191678),('\'Pj Metz\'','\'Pj Metz\'','DL_d46a0257b0758025b25db49eaa87fba8',191679),('\'Ben Brücker\'','\'Ben Brücker\'','DL_54bb626e86398dd3ea23b863e90f7efb',191680),('\'Niels Loozekoot\'','\'Niels Loozekoot\'','DL_3aa6297fd2b68648ace6f8e9372f34e5',191681),('\'Joshua Herman\'','\'Joshua Herman\'','DL_db30ab8701e179929f9b47feff6a9c68',191682),('\'Elia Anzuoni\'','\'Elia Anzuoni\'','DL_0afbcea1b8536d02702b05fc432dcb82',191683),('\'Tommaso \"tomgag\" Gagliardoni\'','\'Tommaso \"tomgag\" Gagliardoni\'','DL_0afbcea1b8536d02702b05fc432dcb82',191684),('\'Lexie Thach\'','\'Lexie Thach\'','DL_da43de72e1b5b4fcd788cbe33363dfc5',191685),('\'Mustafa Bilgici\'','\'Mustafa Bilgici\'','DL_803322e38b5fc93187659b12c74c4ffd',191686),('\'Tibet Öğünç\'','\'Tibet Öğünç\'','DL_803322e38b5fc93187659b12c74c4ffd',191687),('\'Federico Pacheco\'','\'Federico Pacheco\'','DL_37ba7a14c53776d6cf0cee91a5785770',191688),('\'Joaquin Lanfranconi\'','\'Joaquin Lanfranconi\'','DL_37ba7a14c53776d6cf0cee91a5785770',191689),('\'Spencer McIntyre\'','\'Spencer McIntyre\'','DL_5dc7f971d334eed6776c2b03e7b54f21',191690),('\'Lozaning\'','\'Lozaning\'','DL_13d61c129d02dba68b94c0b08f98785d',191691),('\'Aaron \"AJ\" Morath\'','\'Aaron \"AJ\" Morath\'','DL_38403c6159bdd76d94abf814c1adfedd',191692),('\'Scott Graham\'','\'Scott Graham\'','DL_38403c6159bdd76d94abf814c1adfedd',191693),('\'Cesare Pizzi\'','\'Cesare Pizzi\'','DL_f904413bba3ef8d88a5c452e6bc2c3cf',191694),('\'Dennis Giese\'','\'Dennis Giese\'','DL_efcf5049f0507dcff93ea61070106cb6',191695),('\'Deth Veggie\'','\'Deth Veggie\'','DL_43983f1be8b66c0a794eee729ad2c6c6',191696),('\'TC Johnson\'','\'TC Johnson\'','DL_43983f1be8b66c0a794eee729ad2c6c6',191697),('\'Christoph Wedenig\'','\'Christoph Wedenig\'','DL_49ee5641b4b92afc09c64bc0e4be5bf3',191698),('\'Simon Ammer\'','\'Simon Ammer\'','DL_49ee5641b4b92afc09c64bc0e4be5bf3',191699),('\' \'','\' \'','MISC_4975b1a790f9781e485e5e40c5e6c81d',191700),('\'David Guffrey\'','\'David Guffrey\'','BHV_029c6fd11dafa64e0842df8e2bf62d88',191701),('\'Nina Alli\'','\'Nina Alli\'','BHV_029c6fd11dafa64e0842df8e2bf62d88',191702),('\'Rob Suárez\'','\'Rob Suárez\'','BHV_029c6fd11dafa64e0842df8e2bf62d88',191703),('\'Michael \"v3ga_hax\" Aguilar\'','\'Michael \"v3ga_hax\" Aguilar\'','BHV_074d68b00de0df551c74966f214e32da',191704),('\'Caleb Davis\'','\'Caleb Davis\'','BHV_c432222017e8a4dd18473c2821a4a3a8',191705),('\'Nathan Smith\'','\'Nathan Smith\'','BHV_c432222017e8a4dd18473c2821a4a3a8',191706),('\'Quinn D. Mooney\'','\'Quinn D. Mooney\'','BHV_dc0b233b071b7fb318285160512a505b',191707),('\'Firas D Khatib\'','\'Firas D Khatib\'','BHV_6df9b8b9a2bc9fa94b670d97849d27a7',191708),('\'Anne Kim\'','\'Anne Kim\'','BHV_f434bc1ad65f367f8ff3a96d6779fdff',191709),('\'Michele Orrù\'','\'Michele Orrù\'','BHV_f434bc1ad65f367f8ff3a96d6779fdff',191710),('\'José Fernández\'','\'José Fernández\'','BHV_dc603b164d6e2c48cbc48107097b162c',191711),('\'Om Mahida\'','\'Om Mahida\'','BHV_466f8681ceaac4c263491edce727c0ef',191712),('\'Lee Cyborg\'','\'Lee Cyborg\'','BHV_cbb5b5d3de2fe69682b7798f197f2674',191713),('\'Almost Human (BJ)\'','\'Almost Human (BJ)\'','BHV_8613c9c89ce8737c15bfc53d80e66f4b',191714),('\'Brennan Marsh-Armstrong\'','\'Brennan Marsh-Armstrong\'','BHV_270b493ecce06dc66f60f94eb4d1c367',191715),('\'Colin Haines\'','\'Colin Haines\'','BHV_28084fdba1d3eabca9658633becf32c3',191716),('\'David Nathans\'','\'David Nathans\'','BHV_7200cc5bc114ea81fe9080689207400e',191717),('\'Ernest Liu\'','\'Ernest Liu\'','BHV_7200cc5bc114ea81fe9080689207400e',191718),('\'Edison Alvarez\'','\'Edison Alvarez\'','BHV_15fe825460f82f4c8b533ba2b70c5df4',191719),('\'Alex Mastrov\'','\'Alex Mastrov\'','BHV_15fe825460f82f4c8b533ba2b70c5df4',191720),('\'Matias Katz\'','\'Matias Katz\'','BHV_15fe825460f82f4c8b533ba2b70c5df4',191721),('\'Del de Zela\'','\'Del de Zela\'','BHV_4da7358e33e6dbfbc519bc1d843adac6',191722),('\'Arthur Paixão\'','\'Arthur Paixão\'','BHV_e96227b3771207b5ba1a2774e3e65826',191723),('\'Diego Mariano\'','\'Diego Mariano\'','BHV_e96227b3771207b5ba1a2774e3e65826',191724),('\'Nathan Case\'','\'Nathan Case\'','BHV_00677001993278d37385aeb459f3fafb',191725),('\'LaTica Hammond\'','\'LaTica Hammond\'','BHV_443cc13fb48aadef970406353909a05a',191726),('\'Lola Ajayi\'','\'Lola Ajayi\'','BHV_443cc13fb48aadef970406353909a05a',191727),('\'Rian Phelps\'','\'Rian Phelps\'','BHV_443cc13fb48aadef970406353909a05a',191728),('\'Felicity Milman\'','\'Felicity Milman\'','BHV_4ea9e7945814ceb18d968e2a666b1d91',191729),('\'Jorge Acevedo Canabal\'','\'Jorge Acevedo Canabal\'','BHV_4ea9e7945814ceb18d968e2a666b1d91',191730),('\'Nathan Case\'','\'Nathan Case\'','BHV_4ea9e7945814ceb18d968e2a666b1d91',191731),('\'Wayne Burke and Team\'','\'Wayne Burke and Team\'','BHV_7193c9521ec77f5d938304d4e8eeaffd',191732),('\'Caleb Davis\'','\'Caleb Davis\'','BHV_b6a2e623dac338109b37a8a0fa69a64b',191733),('\'Nathan Smith\'','\'Nathan Smith\'','BHV_b6a2e623dac338109b37a8a0fa69a64b',191734),('\'John Volock\'','\'John Volock\'','BHV_b1ef1c3966c9e9a45131e8060118fab4',191735),('\'Aswin Reji\'','\'Aswin Reji\'','BHV_8cf42fc6a65ed56638eb1316025ffb7e',191736),('\'JJ Hastings\'','\'JJ Hastings\'','BHV_7e64221f1f7ca2ff3fdbc1329979dbf5',191737),('\'Ohad Zaidenberg\'','\'Ohad Zaidenberg\'','BHV_02e7126d2d88cc7878a3c94954289d64',191738),('\'Mariam Elgabry\'','\'Mariam Elgabry\'','BHV_570788f7902b59b52246d79a6fe40ac0',191739),('\' \'','\' \'','SOC_440e85e9a5b8c8bfd468a6db5093c2a5',191740),('\' \'','\' \'','SOC_4c3d340f1b86ff550c039b06bbc327c4',191741),('\' \'','\' \'','MISC_eb4968f942eb560470615a82cad196f4',191742),('\' \'','\' \'','MISC_d55af8098fa72f2def89265269d63596',191743),('\' \'','\' \'','MISC_6d2a9644459d1300173700a49d3b0c34',191744),('\' \'','\' \'','MISC_8054705641df8816f0d9fe89c3ec6836',191745),('\' \'','\' \'','MISC_83d4c66634ab4ddaaf52816bd5976864',191746),('\' \'','\' \'','MISC_849d81098ac6990a047f1be98c92e930',191747),('\' \'','\' \'','MISC_8aa3bb0ca0aedbe2cdc4393eb4e006f2',191748),('\'Ben \"NahamSec\" Sadeghipour\'','\'Ben \"NahamSec\" Sadeghipour\'','RTV_2c9bb6a5c0c5c4e3f9df46f171afa4cf',191749),('\'Barrett Darnell\'','\'Barrett Darnell\'','RTV_2c9bb6a5c0c5c4e3f9df46f171afa4cf',191750),('\'John Hammond\'','\'John Hammond\'','RTV_2c9bb6a5c0c5c4e3f9df46f171afa4cf',191751),('\'Ryan M. Montgomery\'','\'Ryan M. Montgomery\'','RTV_2c9bb6a5c0c5c4e3f9df46f171afa4cf',191752),('\'Savannah Lazzara\'','\'Savannah Lazzara\'','RTV_2c9bb6a5c0c5c4e3f9df46f171afa4cf',191753),('\'Louis Nyffenegger\'','\'Louis Nyffenegger\'','RTV_cc12a885eb6fa548b42816ea72e357c7',191754),('\'Alex Lynd\'','\'Alex Lynd\'','RTV_51772ff2cd41d6f7a8d3e24949b9b97c',191755),('\'Alex Lynd\'','\'Alex Lynd\'','RTV_1e47f1452b6bd3bad34d92d8bfff0e93',191756),('\'Leo Cruz\'','\'Leo Cruz\'','RTV_bebf28c8b9b95ed56cd25167b08cb30f',191757),('\'Leo Cruz\'','\'Leo Cruz\'','RTV_c4e878ac3850119453a888e6cacf595c',191758),('\'Leo Cruz\'','\'Leo Cruz\'','RTV_b37d287671c075d8a5593be9547d0e09',191759),('\'Leo Cruz\'','\'Leo Cruz\'','RTV_51881a6fafbd730fe09c261d6c73cd9c',191760),('\'Lee McWhorter\'','\'Lee McWhorter\'','RTV_a3a4f95be18faa1cb383fb6bcf20b368',191761),('\'Sandra Stibbards\'','\'Sandra Stibbards\'','RTV_a3a4f95be18faa1cb383fb6bcf20b368',191762),('\'Lee McWhorter\'','\'Lee McWhorter\'','RTV_531461fb304b86304b1b84fd1ce2f9c3',191763),('\'Sandra Stibbards\'','\'Sandra Stibbards\'','RTV_531461fb304b86304b1b84fd1ce2f9c3',191764),('\'Lee McWhorter\'','\'Lee McWhorter\'','RTV_0bb621b5a4c13dbdfd73d12f8c6ff9ee',191765),('\'Sandra Stibbards\'','\'Sandra Stibbards\'','RTV_0bb621b5a4c13dbdfd73d12f8c6ff9ee',191766),('\'Lee McWhorter\'','\'Lee McWhorter\'','RTV_35110fa553394368165e8f85b6b6c574',191767),('\'Sandra Stibbards\'','\'Sandra Stibbards\'','RTV_35110fa553394368165e8f85b6b6c574',191768),('\'Lee McWhorter\'','\'Lee McWhorter\'','RTV_660afbd5af45ff9aeac7cc909b6d1dbd',191769),('\'Sandra Stibbards\'','\'Sandra Stibbards\'','RTV_660afbd5af45ff9aeac7cc909b6d1dbd',191770),('\'Ralph May\'','\'Ralph May\'','RTV_8b80d42a5d3cfec32e698513db6577f5',191771),('\'Steve Borosh\'','\'Steve Borosh\'','RTV_8b80d42a5d3cfec32e698513db6577f5',191772),('\'Ralph May\'','\'Ralph May\'','RTV_e21220485421909ec5c473fb48264edf',191773),('\'Steve Borosh\'','\'Steve Borosh\'','RTV_e21220485421909ec5c473fb48264edf',191774),('\'Ralph May\'','\'Ralph May\'','RTV_3c33fec1c932332dea49cf1abec245e8',191775),('\'Steve Borosh\'','\'Steve Borosh\'','RTV_3c33fec1c932332dea49cf1abec245e8',191776),('\'Ralph May\'','\'Ralph May\'','RTV_6695d3eb8d19ec300a28b4743dced7d0',191777),('\'Steve Borosh\'','\'Steve Borosh\'','RTV_6695d3eb8d19ec300a28b4743dced7d0',191778),('\'Ralph May\'','\'Ralph May\'','RTV_db944d4ff02d7a0504f19107cd684030',191779),('\'Steve Borosh\'','\'Steve Borosh\'','RTV_db944d4ff02d7a0504f19107cd684030',191780),('\'Jeff Foley\'','\'Jeff Foley\'','RTV_f8f844aae478d97288f286965906a700',191781),('\'Jeff Foley\'','\'Jeff Foley\'','RTV_bfed4e3758f43b568c6d64bf1ab6b82d',191782),('\'Omar Santos\'','\'Omar Santos\'','RTV_15252c0c53f40b796571dbb5db1ad4e6',191783),('\'Omar Santos\'','\'Omar Santos\'','RTV_aa3d7ea902a31e48441d3db562ad0bb3',191784),('\'Matthew Nickerson\'','\'Matthew Nickerson\'','RTV_732357a596712b17be963ad161b47316',191785),('\'Nick Swink\'','\'Nick Swink\'','RTV_732357a596712b17be963ad161b47316',191786),('\'Matthew Nickerson\'','\'Matthew Nickerson\'','RTV_4513b07c02283bb12ef75ab93063b932',191787),('\'Nick Swink\'','\'Nick Swink\'','RTV_4513b07c02283bb12ef75ab93063b932',191788),('\'Omar Santos\'','\'Omar Santos\'','RTV_4af7b47922d3a46a6c6f2690dedd81f4',191789),('\'Omar Santos\'','\'Omar Santos\'','RTV_da62547ce177d1e0e079d2589cf11723',191790),('\'Omar Santos\'','\'Omar Santos\'','RTV_29627431f6985042955acb6d4b361dd9',191791),('\'Omar Santos\'','\'Omar Santos\'','RTV_81fd718956e1567be3371a44b2628d34',191792),('\'Omar Santos\'','\'Omar Santos\'','RTV_1309a48703262c43e3ef86fb95a404c2',191793),('\'Michael Wylie\'','\'Michael Wylie\'','RTV_48617dc95a01240c44f73935b43bd6f0',191794),('\'Michael Wylie\'','\'Michael Wylie\'','RTV_035d47ca812f3c4cad9b4b55bef998bc',191795),('\'Guillermo Buendia\'','\'Guillermo Buendia\'','RTV_33c03d7f4eff732ecf0a58948de807c6',191796),('\'Guillermo Buendia\'','\'Guillermo Buendia\'','RTV_625b3e3e9dd9da4c74523007db31a3dd',191797),('\'Guillermo Buendia\'','\'Guillermo Buendia\'','RTV_c641d5ca4de9600871000bcb66433158',191798),('\'Michael Mitchell\'','\'Michael Mitchell\'','RTV_3d83b92af9851967fb8162f002c5dc4a',191799),('\'Lee McWhorter\'','\'Lee McWhorter\'','RTV_13d42ea606b69adcdc0daf05459b41e2',191800),('\'Sandra Stibbards\'','\'Sandra Stibbards\'','RTV_13d42ea606b69adcdc0daf05459b41e2',191801),('\'Lee McWhorter\'','\'Lee McWhorter\'','RTV_541f8cbee41c7e6e6a26091edb43c8d7',191802),('\'Sandra Stibbards\'','\'Sandra Stibbards\'','RTV_541f8cbee41c7e6e6a26091edb43c8d7',191803),('\'Cory Wolff\'','\'Cory Wolff\'','RTV_6d8d1cb4b73b42985a326c38f03825df',191804),('\'Ilkin Javadov\'','\'Ilkin Javadov\'','RTV_3ca220382ffef1702197dfe2271df6f2',191805),('\'Filipi Pires\'','\'Filipi Pires\'','RTV_6173b3ef46c3861c59385257946cfcbb',191806),('\'Filipi Pires\'','\'Filipi Pires\'','RTV_15421310b260bd2470c275a330f2929d',191807),('\'Filipi Pires\'','\'Filipi Pires\'','RTV_a6196dd648f1b14d2a7a1038f97e2c48',191808),('\'Traveler\'','\'Traveler\'','RTV_62bb689f836982a5f89a9f2f95e61680',191809),('\'Traveler\'','\'Traveler\'','RTV_c0b54b5feca87a62a0cb5288d98eed51',191810),('\'Traveler\'','\'Traveler\'','RTV_9112f1579ccdfa3b871e11134cf5c1da',191811),('\'Traveler\'','\'Traveler\'','RTV_8576a913b591e6f6e98d5e2b558caea0',191812),('\'Gabrielle Botbol\'','\'Gabrielle Botbol\'','RTV_de048479924e03f99b8c8b7e71c26d61',191813),('\'Paul D.\'','\'Paul D.\'','RTV_4885f503296794d56bf0fe221b1ec6ff',191814),('\'Daniel Feichter\'','\'Daniel Feichter\'','RTV_e6c53c99c7db7630c92656532777dd4b',191815),('\'Peter Halberg\'','\'Peter Halberg\'','RTV_50ffb1c539de2d232197ddcfcea5657d',191816),('\'Peter Halberg\'','\'Peter Halberg\'','RTV_e1bee07758769ae046b5b668aac2b079',191817),('\'Scott Brink\'','\'Scott Brink\'','RTV_7f64c17e28a3e30df4c56c0456f62d2a',191818),('\'Cory Wolff\'','\'Cory Wolff\'','RTV_c78db06d7b86650411012e8b79c1dfbe',191819),('\'Cory Wolff\'','\'Cory Wolff\'','RTV_123389260b1c05b57110c15e53ac556b',191820),('\'Jason Haddix\'','\'Jason Haddix\'','RTV_1afb2379abe3efde760fb58549af2464',191821),('\'Matt Edmondson\'','\'Matt Edmondson\'','RCV_cb0d63a880ca0cfc4098d39a40a41af2',191822),('\'Joe Gray\'','\'Joe Gray\'','RCV_984534d8cfbdef641d5d6b3d71203121',191823),('\'Patrick Warren\'','\'Patrick Warren\'','RCV_c83837f5a4a900d4a667f93000d9644a',191824),('\'M4x 5yn74x\'','\'M4x 5yn74x\'','RCV_aeb69b2fbc57a47c802d2616db611f2e',191825),('\'Seyfullah\'','\'Seyfullah\'','RCV_bed533734badfa667613c73bd3469bc1',191826),('\'Nick Ascoli\'','\'Nick Ascoli\'','RCV_b36106ba4bd493552f57a475fe9b30ff',191827),('\'Vitor Ventura\'','\'Vitor Ventura\'','RCV_db3ae4d34d3462ac50905d3163b9bfca',191828),('\'Felipe Pr0teus\'','\'Felipe Pr0teus\'','RCV_8c797f38377a8145ff2f5800b9a15b64',191829),('\'sally\'','\'sally\'','RCV_b5afb4967ee0887cb0c96fef8e4e89ab',191830),('\'Jason Haddix\'','\'Jason Haddix\'','RCV_a741b4ffc8690fb04c6f1ba1ca9a7808',191831),('\'Zoey Selman\'','\'Zoey Selman\'','RCV_f9944e3fb83fd291c37342627b03feea',191832),('\'MasterChen\'','\'MasterChen\'','RCV_3a868fae5167cf1212722d591f2666e3',191833),('\'Gunnar Andrews\'','\'Gunnar Andrews\'','RCV_290519703bcc928853bbe35b213e02ff',191834),('\'Jason Haddix\'','\'Jason Haddix\'','RCV_f39c4c25bc3a51f9cbc4d931abd2b5a2',191835),('\'Nestori Syynimaa\'','\'Nestori Syynimaa\'','RCV_169edb5a20856cf482ee81b7037fd2ea',191836),('\'Jeff Foley\'','\'Jeff Foley\'','RCV_77a215b84a1da1254c5d52c97cb2d703',191837),('\'Berk Can Geyikci\'','\'Berk Can Geyikci\'','RCV_1cdf4fecdb9f0342e326baaf7daaa092',191838),('\'Mauro Eldritch\'','\'Mauro Eldritch\'','RCV_794d5e4ab293483370fb9b59caad6bcd',191839),('\'Andy Dennis\'','\'Andy Dennis\'','RCV_ce9838357ae337bbb7283d75294ef46d',191840),('\' \'','\' \'','MISC_4ae2dd9d20b73e6297fed5e9657389ac',191841),('\' \'','\' \'','MISC_eb77f82c45bc927b9c95ee98d62086e7',191842),('\' \'','\' \'','MISC_6d7facc372b6ec5d8f4d5cba592183d6',191843),('\' \'','\' \'','MISC_b0c4440fee64557893367e048ea29163',191844),('\' \'','\' \'','CON_f4ac151b36ca42aa2b03eab020a77652',191845),('\' \'','\' \'','CON_042014d5d2df54e80fd32755e737418f',191846),('\' \'','\' \'','CON_78d6afecf8fc0d798ec030c9e74a973f',191847),('\' \'','\' \'','CON_5b624abcf8db6d573a78a97bf950c16f',191848),('\' \'','\' \'','CON_d56e147b1ba158b57f069055742bf5ec',191849),('\' \'','\' \'','CON_27bfcad32fd4a7d6b9cccc502d311f8a',191850),('\' \'','\' \'','CON_0439e5093d69bcf9d150411f8668e32b',191851),('\' \'','\' \'','CON_84d3952cdd4108d8808749dab6d39c70',191852),('\' \'','\' \'','CON_2c92bbfc1995221c1c893424dc46f0b4',191853),('\' \'','\' \'','CON_22df7982d2ef4e68803ab2cce14fb399',191854),('\' \'','\' \'','CON_c8532956fa3fe06bcd36396576b69b6f',191855),('\' \'','\' \'','CON_8da686b2d2b09bb6d4eba85a0edeee44',191856),('\' \'','\' \'','CON_735bfa6cfa684a64d102b51b01e20312',191857),('\' \'','\' \'','CON_d27f8a2abe6c9af6fb3c3e1d61aaa753',191858),('\' \'','\' \'','CON_67f7a3de3a5c5f410b034c85622a20c0',191859),('\' \'','\' \'','CON_320f1057de14023f48bfef4879dac154',191860),('\' \'','\' \'','CON_7f764078acb972477c2a095817832ef2',191861),('\' \'','\' \'','CON_212ca802344a16165652734718c58d14',191862),('\' \'','\' \'','CON_3f96a3c799ca285d02b36649364ddce1',191863),('\' \'','\' \'','CON_9a7ad05ac176025aa216498947dc1921',191864),('\' \'','\' \'','CON_35432b241a9f8b64a13d3ffea536dbbd',191865),('\' \'','\' \'','CON_d0552de7e2612d8bb2219cb3e7105381',191866),('\' \'','\' \'','CON_d5a1b25ba8fd170182aadd4a1107cbf3',191867),('\' \'','\' \'','CON_d2e413e5ee4696cfe931ac485b764577',191868),('\' \'','\' \'','CON_e63eabe51e2b5ab161abe920c24a6141',191869),('\' \'','\' \'','CON_0c4c7d80788c29c7ed5b4ec5978b8ae8',191870),('\' \'','\' \'','CON_f708eaefefb341aa4bad7eb86785cef2',191871),('\' \'','\' \'','CON_521a2dbce01ab666f660d14d8b089982',191872),('\' \'','\' \'','CON_a3177c3e578f77327aa5b24e200e21cd',191873),('\' \'','\' \'','CON_75bb33af3590f7398b697f6fc3aaa636',191874),('\' \'','\' \'','CON_ad09d04f277023de040d691bb19d363a',191875),('\' \'','\' \'','CON_cbe508c01592c4d896e3bd0f1845030d',191876),('\' \'','\' \'','CON_96d08718e727e7e7a8442bf21003c209',191877),('\' \'','\' \'','MISC_717104b4c61d42edebb23d032d3a5527',191878),('\' \'','\' \'','CON_a641b1c9fd6d6bf5ea50cf4299b130b9',191879),('\' \'','\' \'','CON_722247ab0996eba9fca264eba0eea852',191880),('\' \'','\' \'','CON_5db667b2e53058bb085b10bc2cdb3f62',191881),('\' \'','\' \'','CON_dd049198c1cf952bdf37d06b63448298',191882),('\' \'','\' \'','CON_891c38461af1373e8a287667993b2581',191883),('\' \'','\' \'','CON_1ae6513139f5f90779f510766792bce0',191884),('\' \'','\' \'','CON_84045f1206f060eb00b07d7b5a5d015e',191885),('\' \'','\' \'','CON_4ccd7cbbb992cefadcc9f64e404be3f3',191886),('\' \'','\' \'','CON_35371fd42c58c49df17d04215cd9d6db',191887),('\' \'','\' \'','CON_814791e63e2f74dbb135935d1a2f240c',191888),('\' \'','\' \'','CON_8eb8ebf5c1afb159a35c7686098390af',191889),('\' \'','\' \'','CON_69cbf00989439c72946b9edd8d24ec61',191890),('\' \'','\' \'','CON_63bcf37796929d99e669c5f20b640c65',191891),('\' \'','\' \'','CON_d3d952f957df8f766028dd1b31af8041',191892),('\' \'','\' \'','CON_d5fbeb0b224add80ed6ff664492b4686',191893),('\' \'','\' \'','CON_7d51a96a67284bac5ae4f6dfaee1d9cb',191894),('\' \'','\' \'','CON_516315d293d6b6a1d5585694d593366f',191895),('\' \'','\' \'','CON_8221d465e9e6afdf260f5f91574c1457',191896),('\' \'','\' \'','CON_6b62188180267a8669b7401e4c52fc09',191897),('\' \'','\' \'','CON_73320bfdcabf4ff0d6ba6609b38f520f',191898),('\' \'','\' \'','CON_045abc0be4ab3763d41125c0c2528aae',191899),('\' \'','\' \'','CON_ae0a8ca1a8f096dad01e066ca08323b2',191900),('\' \'','\' \'','CON_8e940209b02dc3fb39ef6471567b9904',191901),('\' \'','\' \'','CON_05ab6217f9bfee63b3d71830543f602c',191902),('\' \'','\' \'','CON_ff45c3ff582203bf4af1a1ce738c3860',191903),('\' \'','\' \'','CON_e8623a09b8fa75ab926003c153211b8d',191904),('\' \'','\' \'','CON_e3ff5eef4e739953444e3b818ef265ac',191905),('\' \'','\' \'','CON_fb2c0576316cd189c2187394ec3800e6',191906),('\' \'','\' \'','CON_e9f6fd2c0235f3c94844f49d7a1d3723',191907),('\' \'','\' \'','CON_254d8f46fb51d7c7e305a47ce161a719',191908),('\' \'','\' \'','CON_71c8b9cf30239384f13bd944f3d6f998',191909),('\' \'','\' \'','CON_a45b7f16a946e66929c66dba0f6a879f',191910),('\' \'','\' \'','CON_05a6b4753a2786bd5dbf8e523bb779ba',191911),('\' \'','\' \'','CON_33f6843b4a4e1253d8990e311920946f',191912),('\' \'','\' \'','CON_32daaf0251c30a7819b4fab22fd889fe',191913),('\' \'','\' \'','CON_7f3febb6d6ee47d002f759a558fbf55b',191914),('\' \'','\' \'','CON_77d31650117071b79d6aa07bbba67444',191915),('\' \'','\' \'','CON_2863a0b18065fd3b06f595a9c3c73776',191916),('\' \'','\' \'','CON_d70cfa69a20122889e9d9a76aa36cdee',191917),('\' \'','\' \'','CON_1e912ad82ce62c32a861362335ba2271',191918),('\' \'','\' \'','CON_324a2b6dff24e99b99c57aea09795acf',191919),('\' \'','\' \'','CON_32f6f172e36bafa1250ac2d314a4c9c7',191920),('\' \'','\' \'','CON_28e962d0670d338d5c325e1f84febdc7',191921),('\' \'','\' \'','CON_39914b9d6b01b833ebdd5d087f6fea8f',191922),('\' \'','\' \'','CON_00e2cd73d4698c09b5d085fcf2397272',191923),('\' \'','\' \'','CON_d0a6eff246102d9e9b75551655b7de19',191924),('\' \'','\' \'','CON_f0ff00e430e5902a8e219cd7cc825b01',191925),('\' \'','\' \'','CON_f15515ba138eaded8e7a2b772d5508fa',191926),('\' \'','\' \'','CON_5e337af57d8e14f9884426e6d3f43925',191927),('\' \'','\' \'','CON_50b630cfdae3c75efd86ad722ae94e10',191928),('\' \'','\' \'','CON_efd25df9e0271c04bc71a7684a3ef75d',191929),('\' \'','\' \'','CON_5fc6fde126036f7465c27ca5bb898ca0',191930),('\' \'','\' \'','CON_e0d0ee09f1adc1c97722e7eafe93a153',191931),('\' \'','\' \'','CON_939d2017b6ee8de48ab1bd57a14fb5e7',191932),('\' \'','\' \'','CON_d8cf9b33ba86a835e64171c90bf3c128',191933),('\' \'','\' \'','CON_ad935cc80463b683ef07a00da6d7da54',191934),('\' \'','\' \'','CON_3c0e869c74ae86506b98e6e89a5b0b5a',191935),('\' \'','\' \'','CON_f7758c42eca882d05823a2bb0834fe02',191936),('\' \'','\' \'','CON_044d8829e800921de5fb8b6467acb44a',191937),('\' \'','\' \'','CON_e448fcc2933899df5dbc3dfbda9d9a52',191938),('\' \'','\' \'','CON_b2cd7601f88043c890e88bb264b20dc5',191939),('\' \'','\' \'','CON_05a9e1fd25f0045c093ef6012f183551',191940),('\' \'','\' \'','CON_7f930be9399feb19928fe60be01b13fd',191941),('\' \'','\' \'','CON_a877557e9d3a72354ed790a5934317b4',191942),('\' \'','\' \'','CON_626bac3a42f5e869b63c1310499373d3',191943),('\' \'','\' \'','CON_c9c62c08a94b896b4736d4b3602acdc5',191944),('\' \'','\' \'','CON_8f3922416d1298cad970e790e0c3046c',191945),('\' \'','\' \'','CON_1e21de440b333b8ae2ab0e1466a3cdea',191946),('\' \'','\' \'','CON_0b4139474757c8b68aecfcd1c000aae8',191947),('\' \'','\' \'','CON_9050fc986ac7d4927a7e11b3f32d3df1',191948),('\' \'','\' \'','CON_f1e7dd978a859c65a851bbb664535e4c',191949),('\' \'','\' \'','CON_0bb0cdc21acbd8b79c363e429a29fb81',191950),('\' \'','\' \'','CON_74865dd5d094ef71f4a63ccb69e56303',191951),('\' \'','\' \'','CON_782d4bae051cd33ceb11c6ccb00d5c20',191952),('\' \'','\' \'','CON_f5c8cd25b272ce23ac378e6db9daf491',191953),('\' \'','\' \'','CON_96d7c68428e549743ef1599aafa64a75',191954),('\' \'','\' \'','CON_09f786cfbccfddf5f1475b6ff29461b1',191955),('\' \'','\' \'','CON_849a46240bd695cf8178726496eb17d7',191956),('\' \'','\' \'','CON_c13978a800a436c7a6e6ad6c6ac1ec45',191957),('\' \'','\' \'','MISC_ff5d3f5144c1eaf4ceb7c487193c65e1',191958),('\' \'','\' \'','CON_83c0f3bcb0c235702bab05c9770ced37',191959),('\' \'','\' \'','CON_265fa31e77ab43853419cf7ee22d683d',191960),('\'Dan KB6NU\'','\'Dan KB6NU\'','HRV_66924a31ed13fd4971a4f8e68085a3b2',191961),('\' \'','\' \'','SOC_9390b426df7a1d59a8ef4942a4580ae4',191962),('\' \'','\' \'','SOC_80bd25e124b209e868f5bbd4c9b810bb',191963),('\' \'','\' \'','SOC_1d65df165ee09ac51f5f0a45128b13a2',191964),('\' \'','\' \'','SOC_872560f8973343eb3c5fb55b5eb651c8',191965),('\' \'','\' \'','SOC_9432cca831b5f8c877198ae9798ffd7f',191966),('\' \'','\' \'','SOC_794262b90fad416272eadb05071a88f6',191967),('\'DotOrNot\'','\'DotOrNot\'','SOC_b77d0e730034bdb50a104726abe2cabd',191968),('\'Miss Jackalope\'','\'Miss Jackalope\'','SOC_b77d0e730034bdb50a104726abe2cabd',191969),('\'Skittish & Bus\'','\'Skittish & Bus\'','SOC_b77d0e730034bdb50a104726abe2cabd',191970),('\' \'','\' \'','SOC_e5bbf6a4a8c51137c77df47fe49b243f',191971),('\' \'','\' \'','SOC_f6abb18952e407027f42bf5911dc7dd2',191972),('\' \'','\' \'','SOC_7978d7564c473a256597f50972b9f876',191973),('\' \'','\' \'','SOC_e28080cabddc628c88ebf7dcd1490943',191974),('\' \'','\' \'','SOC_791c77806d419a9e4d627ca52d62516a',191975),('\' \'','\' \'','SOC_2fc5c479a6051433fa905bc8079f96ef',191976),('\'NGHTHWK\'','\'NGHTHWK\'','SOC_2a1c3a903773e5b7a9c50bc5a40792ea',191977),('\' \'','\' \'','SOC_25c2b8053de75ab7a6081ec3eead740d',191978),('\' \'','\' \'','SOC_4afd880fd738144a1eb1947cd9b6af7b',191979),('\' \'','\' \'','SOC_232f0e31b29e78aa4e90cbd73a4f6c57',191980),('\' \'','\' \'','SOC_aa7133fa4f25d5521bc342198a9efbec',191981),('\' \'','\' \'','SOC_298936f369a3e1d0f6be1261a73a257f',191982),('\' \'','\' \'','SOC_a2e4647e847d682c2b2b9b1fdcfd7141',191983),('\' \'','\' \'','SOC_5d514340804c4d0153f079f508cf0205',191984),('\' \'','\' \'','SOC_b6976702ac3b2a646e2fce680333af3d',191985),('\' \'','\' \'','SOC_bbfe3b6fd55b9b923a4fb296494982f6',191986),('\' \'','\' \'','SOC_058e12dc59af02a047d59972079809df',191987),('\' \'','\' \'','SOC_9a3cdc64a6c6c93081b0ea291cb64b68',191988),('\' \'','\' \'','SOC_835883314612c6bc08bf44f1c21b8b7e',191989),('\' \'','\' \'','SOC_829c9315836fa7c3c92d806961c8cc92',191990),('\' \'','\' \'','SOC_3d5bf7a126a98e08dde05f07d5bbeed9',191991),('\' \'','\' \'','SOC_83eef49919ee5376ae8fc19aa9d10bca',191992),('\' \'','\' \'','SOC_594509a06444709533e4d34aa9e8747e',191993),('\' \'','\' \'','SOC_b416a32c39a551f5a410d80a80ce3557',191994),('\' \'','\' \'','SOC_39918b24b07066c2d05fc29286ff45ea',191995),('\' \'','\' \'','SOC_8b2c23bb578e2592b3e9a3dc0ca4ba70',191996),('\' \'','\' \'','SOC_4245741b69d397acc13dfc7fc1391ba3',191997),('\' \'','\' \'','SOC_58ad942d4e010a5a8a4c5536a2f19a31',191998),('\' \'','\' \'','SOC_26d988f2cf9be290f3e8bc74b205c5ce',191999),('\' \'','\' \'','SOC_130a172b9012fc0b78e769ade9643cdf',192000),('\' \'','\' \'','MISC_ea22cf4b725885f57205372a0fceef0c',192001),('\' \'','\' \'','CON_8902e1674b1e7c7f83412ad3d963b659',192002),('\' \'','\' \'','CON_f3bb45738db5e034f7eec76f57a8b5d5',192003),('\' \'','\' \'','CON_d0a75954efe6e1480801a660c09261d7',192004),('\' \'','\' \'','CON_e9e2814e285974f78daa161746713008',192005),('\'Frank \"D9\" DiGiovanni\'','\'Frank \"D9\" DiGiovanni\'','PHV_c2eb31f92f16bf6dacc7ec8af5aaba87',192006),('\'Will Kay\'','\'Will Kay\'','PHV_ea4806e8135c8ebfb150eeabd12978ec',192007),('\'Chet Hosmer\'','\'Chet Hosmer\'','PHV_cc6b4ab7dc2e7d7b01429bff38d4b405',192008),('\'Mike Raggo\'','\'Mike Raggo\'','PHV_cc6b4ab7dc2e7d7b01429bff38d4b405',192009),('\'Andy Klein\'','\'Andy Klein\'','DDV_768beb5ddee3c2ad3e282000c46fbedc',192010),('\'Bryson Bort\'','\'Bryson Bort\'','XRV_f74b896b25b60095c50cb9fec9148311',192011),('\'Keenan Skelly\'','\'Keenan Skelly\'','XRV_f74b896b25b60095c50cb9fec9148311',192012),('\'Suzanne Borders\'','\'Suzanne Borders\'','XRV_f74b896b25b60095c50cb9fec9148311',192013),('\'Richard Baker\'','\'Richard Baker\'','CHV_3b8fc0da5606d570c5a7473149fe8e7d',192014),('\'Sebastian Kohler\'','\'Sebastian Kohler\'','CHV_3b8fc0da5606d570c5a7473149fe8e7d',192015),('\'Ian Tabor\'','\'Ian Tabor\'','CHV_83c4e277c256f54c8d2c8c89a79a6310',192016),('\'Ken Tindell\'','\'Ken Tindell\'','CHV_83c4e277c256f54c8d2c8c89a79a6310',192017),('\'Alex Reuter\'','\'Alex Reuter\'','CHV_d8e29fa162f00bd77844fa8b7d0ec838',192018),('\'Wyatt Ford\'','\'Wyatt Ford\'','CHV_d8e29fa162f00bd77844fa8b7d0ec838',192019),('\'Donghyeon Jeong\'','\'Donghyeon Jeong\'','CHV_fabd3b38a756f57a084bf46a661e1263',192020),('\'Euntae Jang\'','\'Euntae Jang\'','CHV_fabd3b38a756f57a084bf46a661e1263',192021),('\'Jonghyuk Song\'','\'Jonghyuk Song\'','CHV_fabd3b38a756f57a084bf46a661e1263',192022),('\'Martin Petran\'','\'Martin Petran\'','CHV_528f281c4f58ec4dc57a57fcc36f3538',192023),('\'Whitney Phillips\'','\'Whitney Phillips\'','XRV_d9ac6ed84a9094eed3dc532d283c9ecb',192024),('\'Bob Gourley\'','\'Bob Gourley\'','XRV_c0e1b4ed0432b011e95847e5000bc90b',192025),('\'Starr Brown\'','\'Starr Brown\'','XRV_c0e1b4ed0432b011e95847e5000bc90b',192026),('\'Jared Stroud\'','\'Jared Stroud\'','PHV_6e826cd8c4a21fca82e3f000446db5d5',192027),('\'Pete Hay\'','\'Pete Hay\'','PHV_2554947c64dc1f04dcdbc085d03ecd92',192028),('\'Brittan Heller\'','\'Brittan Heller\'','XRV_3d7bdf66952355063d97d661b4b38afc',192029),('\'Liz \"LawyerLiz\" Wharton\'','\'Liz \"LawyerLiz\" Wharton\'','XRV_3d7bdf66952355063d97d661b4b38afc',192030),('\'David \"Icer\" Maynor\'','\'David \"Icer\" Maynor\'','XRV_ef04c6bb922e881401c1227f3a841c15',192031),('\'Ian Fox\'','\'Ian Fox\'','ICSV_202c1c31dc70b826e96753786443f4d2',192032),('\'Gary C. Kessler\'','\'Gary C. Kessler\'','ICSV_8f4ff50d1b80a1ce98bf1ac7c44be32c',192033),('\'Tim Weston\'','\'Tim Weston\'','ICSV_64ccbb66b231dcceec27880d461b9df8',192034),('\'Austin Reid\'','\'Austin Reid\'','ICSV_f9f341e38a6b29807908d8ecc2471efd',192035),('\'Gary C. Kessler\'','\'Gary C. Kessler\'','ICSV_f9f341e38a6b29807908d8ecc2471efd',192036),('\'Nina Kollars\'','\'Nina Kollars\'','ICSV_f9f341e38a6b29807908d8ecc2471efd',192037),('\'Jace Powell\'','\'Jace Powell\'','ICSV_686eec8ad8a49f0cb6f2a45dc387c5e1',192038),('\'Jeonghoon Bae\'','\'Jeonghoon Bae\'','ICSV_62ee540531d1f58d04c937624544ca15',192039),('\'Joe Slowik\'','\'Joe Slowik\'','ICSV_cb801a5897bc1449d0ce12b4b81fc792',192040),('\'Mars Cheng\'','\'Mars Cheng\'','ICSV_257c04b78991864369d919b7e4dd2101',192041),('\'Ken Munro\'','\'Ken Munro\'','ICSV_3faaabeb8d4ba3b42296d02c9c514c4e',192042),('\'Michael Messner\'','\'Michael Messner\'','ICSV_b117be968dba403fe5b5c8038373118d',192043),('\'Tony Turner\'','\'Tony Turner\'','ICSV_acdf27f86b2617ec551c477e26fd735b',192044),('\'Ryan Heartfield\'','\'Ryan Heartfield\'','ICSV_a8c6f724b9e0e350047fa49123bbc567',192045),('\'David Emmerich\'','\'David Emmerich\'','ICSV_3cf543db18b041582eea25f98f161bd7',192046),('\'Emma Stewart\'','\'Emma Stewart\'','ICSV_3cf543db18b041582eea25f98f161bd7',192047),('\'Jeremy Jones\'','\'Jeremy Jones\'','ICSV_3cf543db18b041582eea25f98f161bd7',192048),('\'Joe Minicucci\'','\'Joe Minicucci\'','ICSV_3cf543db18b041582eea25f98f161bd7',192049),('\'Brad Proctor\'','\'Brad Proctor\'','ICSV_ca8d4fea6169cad5676ac084caf1b130',192050),('\'Cliff Neve\'','\'Cliff Neve\'','ICSV_ca8d4fea6169cad5676ac084caf1b130',192051),('\'Danny Joslin\'','\'Danny Joslin\'','ICSV_ca8d4fea6169cad5676ac084caf1b130',192052),('\'Peter Dreyer\'','\'Peter Dreyer\'','ICSV_ca8d4fea6169cad5676ac084caf1b130',192053),('\'Tom Stites\'','\'Tom Stites\'','ICSV_ca8d4fea6169cad5676ac084caf1b130',192054),('\'Rae Baker\'','\'Rae Baker\'','ICSV_08e4397fd9db026c30c88b9c74cc259a',192055),('\'Tyson Meadors\'','\'Tyson Meadors\'','ICSV_4c08eae0488cb57551f16bd9db98fcb4',192056),('\'Casey Ellis\'','\'Casey Ellis\'','ICSV_c52bb848c97ed707f8c14bd220c90765',192057),('\'Brien Croteau\'','\'Brien Croteau\'','ICSV_878d88141bc8cf473cedb4435286e30e',192058),('\'Travis Juhr\'','\'Travis Juhr\'','ICSV_a6f6e79f85f3534fa9065f66871437ef',192059),('\'Lukas Sokefeld\'','\'Lukas Sokefeld\'','ICSV_14df419c54e42ca86448d74d58f9d784',192060),('\'Hank Chen\'','\'Hank Chen\'','ICSV_3de869f130cf9293eea9f6bcda66b788',192061),('\'Chet Hosmer\'','\'Chet Hosmer\'','ICSV_ae706707085cc612fed6942d6da4142b',192062),('\'Hank Chen\'','\'Hank Chen\'','ICSV_df2043b8e1b77dc05068bb3e2aa3882d',192063),('\'Dana Goward\'','\'Dana Goward\'','ICSV_d8093e898cae4308a101828f93478d9b',192064),('\'Harley Geiger\'','\'Harley Geiger\'','PLV_74fe12ea5881a8d7bfd10a857a04e743',192065),('\'Lauren Zabierek\'','\'Lauren Zabierek\'','PLV_74fe12ea5881a8d7bfd10a857a04e743',192066),('\'Lindsey Forson\'','\'Lindsey Forson\'','PLV_74fe12ea5881a8d7bfd10a857a04e743',192067),('\'Michaela Lee\'','\'Michaela Lee\'','PLV_74fe12ea5881a8d7bfd10a857a04e743',192068),('\'Suzanne Schwartz\'','\'Suzanne Schwartz\'','PLV_74fe12ea5881a8d7bfd10a857a04e743',192069),('\'Adam Dobell\'','\'Adam Dobell\'','PLV_2a3b90335c1a37e6679c03ca1069ccaa',192070),('\'Ari Schwartz\'','\'Ari Schwartz\'','PLV_2a3b90335c1a37e6679c03ca1069ccaa',192071),('\'Bryony Crown\'','\'Bryony Crown\'','PLV_2a3b90335c1a37e6679c03ca1069ccaa',192072),('\'Peter Brown\'','\'Peter Brown\'','PLV_2a3b90335c1a37e6679c03ca1069ccaa',192073),('\'Peter Stephens\'','\'Peter Stephens\'','PLV_2a3b90335c1a37e6679c03ca1069ccaa',192074),('\'Blake Benson\'','\'Blake Benson\'','PLV_5bde02cd29c87315d1999e299d8fcbde',192075),('\'Cliff Neve\'','\'Cliff Neve\'','PLV_5bde02cd29c87315d1999e299d8fcbde',192076),('\'Josh Reiter\'','\'Josh Reiter\'','PLV_5bde02cd29c87315d1999e299d8fcbde',192077),('\'Nina Kollars\'','\'Nina Kollars\'','PLV_5bde02cd29c87315d1999e299d8fcbde',192078),('\'Allan Friedman\'','\'Allan Friedman\'','PLV_f207497c052f13bf857e8223ecaaa97e',192079),('\'Camille Stewart Gloster\'','\'Camille Stewart Gloster\'','PLV_f207497c052f13bf857e8223ecaaa97e',192080),('\'Charlie Gladstone\'','\'Charlie Gladstone\'','PLV_f207497c052f13bf857e8223ecaaa97e',192081),('\'David Rogers\'','\'David Rogers\'','PLV_f207497c052f13bf857e8223ecaaa97e',192082),('\'Brad Manuel\'','\'Brad Manuel\'','PLV_3b5299f8a5ed37fd8e2b5cc06ed356c7',192083),('\'Jack Cable\'','\'Jack Cable\'','PLV_3b5299f8a5ed37fd8e2b5cc06ed356c7',192084),('\'Jason Ingalls\'','\'Jason Ingalls\'','PLV_3b5299f8a5ed37fd8e2b5cc06ed356c7',192085),('\'Lindsey Forson\'','\'Lindsey Forson\'','PLV_3b5299f8a5ed37fd8e2b5cc06ed356c7',192086),('\'Michael Ross\'','\'Michael Ross\'','PLV_3b5299f8a5ed37fd8e2b5cc06ed356c7',192087),('\'Ashley Sequeira\'','\'Ashley Sequeira\'','PLV_49120b71776f00fe85e056dbd42a8eb5',192088),('\'Ayan Islam\'','\'Ayan Islam\'','PLV_49120b71776f00fe85e056dbd42a8eb5',192089),('\'Bryony Crown\'','\'Bryony Crown\'','PLV_49120b71776f00fe85e056dbd42a8eb5',192090),('\'Randy Pestana\'','\'Randy Pestana\'','PLV_49120b71776f00fe85e056dbd42a8eb5',192091),('\'Safa Shahwan Edwards\'','\'Safa Shahwan Edwards\'','PLV_49120b71776f00fe85e056dbd42a8eb5',192092),('\'Sarah Powazek\'','\'Sarah Powazek\'','PLV_49120b71776f00fe85e056dbd42a8eb5',192093),('\'J. Scott Christianson\'','\'J. Scott Christianson\'','PLV_c23cdfa678b84fa5cd228946598eba21',192094),('\'Camille Stewart Gloster\'','\'Camille Stewart Gloster\'','PLV_c32bb546d7f86b657100e1c654344cf4',192095),('\'Eric Goldstein\'','\'Eric Goldstein\'','PLV_c32bb546d7f86b657100e1c654344cf4',192096),('\'Christine Barker\'','\'Christine Barker\'','PLV_85e2fe9e3f54ddeb0dff180a70e80729',192097),('\'Chris Inglis\'','\'Chris Inglis\'','PLV_373044fd8d1422befca4f0a9e58b197c',192098),('\'Kat Megas\'','\'Kat Megas\'','PLV_34d4d1cd2ed87d3d082dfd1fbed9c6e0',192099),('\'Peter Stephens\'','\'Peter Stephens\'','PLV_34d4d1cd2ed87d3d082dfd1fbed9c6e0',192100),('\'Charlie Gladstone\'','\'Charlie Gladstone\'','PLV_5bb3c2530e804fce9cb07632d24756bc',192101),('\'David Rogers\'','\'David Rogers\'','PLV_5bb3c2530e804fce9cb07632d24756bc',192102),('\'Adrien Ogee\'','\'Adrien Ogee\'','PLV_cd4d009118142a2f31641e16772bc8a3',192103),('\'David Forscey\'','\'David Forscey\'','PLV_cd4d009118142a2f31641e16772bc8a3',192104),('\'Mark E. Schreiber\'','\'Mark E. Schreiber\'','PLV_cd4d009118142a2f31641e16772bc8a3',192105),('\'Maurice Kent\'','\'Maurice Kent\'','PLV_cd4d009118142a2f31641e16772bc8a3',192106),('\'Monica M. Ruiz\'','\'Monica M. Ruiz\'','PLV_cd4d009118142a2f31641e16772bc8a3',192107),('\'Sarah Powazek\'','\'Sarah Powazek\'','PLV_cd4d009118142a2f31641e16772bc8a3',192108),('\'Andrés Velázquez\'','\'Andrés Velázquez\'','PLV_aaeae99ff1f34efc698b0dc11fa2e246',192109),('\'Isabella Rolz\'','\'Isabella Rolz\'','PLV_aaeae99ff1f34efc698b0dc11fa2e246',192110),('\'Mauro Vignati\'','\'Mauro Vignati\'','PLV_aaeae99ff1f34efc698b0dc11fa2e246',192111),('\'Orlando Garces\'','\'Orlando Garces\'','PLV_aaeae99ff1f34efc698b0dc11fa2e246',192112),('\'India McKinney\'','\'India McKinney\'','PLV_704d2ccec0dc8252f5d8af5ea05c4d6e',192113),('\'Peter Stephens\'','\'Peter Stephens\'','PLV_e321dac368427da333db014f12fbc023',192114),('\'Thomas Kranz\'','\'Thomas Kranz\'','PLV_e321dac368427da333db014f12fbc023',192115),('\'Casey Ellis\'','\'Casey Ellis\'','PLV_ae7bbb06b9d5ddc95c4dbd63e56446cb',192116),('\'David Rogers\'','\'David Rogers\'','PLV_ae7bbb06b9d5ddc95c4dbd63e56446cb',192117),('\'Harley Geiger\'','\'Harley Geiger\'','PLV_ae7bbb06b9d5ddc95c4dbd63e56446cb',192118),('\'Katie Trimble-Noble\'','\'Katie Trimble-Noble\'','PLV_ae7bbb06b9d5ddc95c4dbd63e56446cb',192119),('\'Greg Francis\'','\'Greg Francis\'','PLV_1fcd93e45aa6473ac066221ba224782b',192120),('\'Jonathan Lusthaus\'','\'Jonathan Lusthaus\'','PLV_1fcd93e45aa6473ac066221ba224782b',192121),('\'Marcia Hofmann\'','\'Marcia Hofmann\'','PLV_1fcd93e45aa6473ac066221ba224782b',192122),('\'Marcus Hutchins\'','\'Marcus Hutchins\'','PLV_1fcd93e45aa6473ac066221ba224782b',192123),('\'Will McKeen\'','\'Will McKeen\'','PLV_1fcd93e45aa6473ac066221ba224782b',192124),('\'Christopher Painter\'','\'Christopher Painter\'','PLV_ab7e91f088c2295c289ff8b7522c4132',192125),('\'Harry Krejsa\'','\'Harry Krejsa\'','PLV_ab7e91f088c2295c289ff8b7522c4132',192126),('\'Monica M. Ruiz\'','\'Monica M. Ruiz\'','PLV_ab7e91f088c2295c289ff8b7522c4132',192127),('\'Océane Thieriot\'','\'Océane Thieriot\'','PLV_ab7e91f088c2295c289ff8b7522c4132',192128),('\'Orlando Garces\'','\'Orlando Garces\'','PLV_ab7e91f088c2295c289ff8b7522c4132',192129),('\'Cassie Crossley\'','\'Cassie Crossley\'','PLV_00f53deac315890df4a9bf722d344aad',192130),('\'Christopher Butera\'','\'Christopher Butera\'','PLV_00f53deac315890df4a9bf722d344aad',192131),('\'Daniel Bardenstein\'','\'Daniel Bardenstein\'','PLV_00f53deac315890df4a9bf722d344aad',192132),('\'Safa Shahwan Edwards\'','\'Safa Shahwan Edwards\'','PLV_bd91f9663b8d567b9ef20fad6e9fcde1',192133),('\'Cameron Byrd\'','\'Cameron Byrd\'','PLV_84b4738b5eab935c5befee4275ec2ac9',192134),('\'Clayton Dixon\'','\'Clayton Dixon\'','PLV_84b4738b5eab935c5befee4275ec2ac9',192135),('\'Austin Carson\'','\'Austin Carson\'','PLV_8818540b25403a70ce303eb4d001ebd5',192136),('\'Erick Galinkin\'','\'Erick Galinkin\'','PLV_8818540b25403a70ce303eb4d001ebd5',192137),('\'Kellee Wicker\'','\'Kellee Wicker\'','PLV_8818540b25403a70ce303eb4d001ebd5',192138),('\'Rumman Chowdhury\'','\'Rumman Chowdhury\'','PLV_8818540b25403a70ce303eb4d001ebd5',192139),('\'Tim Ryder\'','\'Tim Ryder\'','PLV_8818540b25403a70ce303eb4d001ebd5',192140),('\'Dan Grobarcik\'','\'Dan Grobarcik\'','PLV_8eaa8cf9724a0b1095015752b5aa1aa8',192141),('\'Marc Rogers\'','\'Marc Rogers\'','PLV_8eaa8cf9724a0b1095015752b5aa1aa8',192142),('\'Mauro Vignati\'','\'Mauro Vignati\'','PLV_8eaa8cf9724a0b1095015752b5aa1aa8',192143),('\'Stefanie Metka\'','\'Stefanie Metka\'','PLV_8eaa8cf9724a0b1095015752b5aa1aa8',192144),('\'Anjana Rajan\'','\'Anjana Rajan\'','PLV_b562ae0a502e271087bfd6c6ecd57854',192145),('\'Brian Behlendorf\'','\'Brian Behlendorf\'','PLV_b562ae0a502e271087bfd6c6ecd57854',192146),('\'Charlie Gladstone\'','\'Charlie Gladstone\'','PLV_b562ae0a502e271087bfd6c6ecd57854',192147),('\'Jack Cable\'','\'Jack Cable\'','PLV_b562ae0a502e271087bfd6c6ecd57854',192148),('\'Bob Lord\'','\'Bob Lord\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be',192149),('\'Cheri Caddy\'','\'Cheri Caddy\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be',192150),('\'Jack Cable\'','\'Jack Cable\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be',192151),('\'Jen Easterly\'','\'Jen Easterly\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be',192152),('\'Lauren Zabierek\'','\'Lauren Zabierek\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be',192153),('\'Oumou Ly\'','\'Oumou Ly\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be',192154),('\'Yael Grauer\'','\'Yael Grauer\'','PLV_8a06ec11cdc8c2135ee3b1addb1503be',192155),('\'Andrea Matwyshyn\'','\'Andrea Matwyshyn\'','PLV_44784f6761eb4a6c320a2d421f80b3e1',192156),('\'Kurt Opsahl\'','\'Kurt Opsahl\'','PLV_2020a1944b00f9e8bd228c4521416270',192157),('\'David Forscey\'','\'David Forscey\'','PLV_29ce68ba56281702376470206f5cb5b3',192158),('\'Emily Paull\'','\'Emily Paull\'','PLV_29ce68ba56281702376470206f5cb5b3',192159),('\'Peter Su\'','\'Peter Su\'','PLV_29ce68ba56281702376470206f5cb5b3',192160),('\'Seth McKinnis\'','\'Seth McKinnis\'','PLV_29ce68ba56281702376470206f5cb5b3',192161),('\'Thomas Klein\'','\'Thomas Klein\'','PLV_29ce68ba56281702376470206f5cb5b3',192162),('\'David Houston\'','\'David Houston\'','PLV_0ea81c466b8006c5ef2b569d448925e7',192163),('\'Michaela Lee\'','\'Michaela Lee\'','PLV_0ea81c466b8006c5ef2b569d448925e7',192164),('\'Bolonium\'','\'Bolonium\'','MUS_36af1b68cac9f88db44bbf4da582d80a',192165),('\'Deepblue\'','\'Deepblue\'','MUS_36af1b68cac9f88db44bbf4da582d80a',192166),('\'Dries\'','\'Dries\'','MUS_36af1b68cac9f88db44bbf4da582d80a',192167),('\'Dual Core\'','\'Dual Core\'','MUS_36af1b68cac9f88db44bbf4da582d80a',192168),('\'NPC Collective\'','\'NPC Collective\'','MUS_36af1b68cac9f88db44bbf4da582d80a',192169),('\'Nina Lowe\'','\'Nina Lowe\'','MUS_36af1b68cac9f88db44bbf4da582d80a',192170),('\'PankleDank\'','\'PankleDank\'','MUS_36af1b68cac9f88db44bbf4da582d80a',192171),('\'The Icarus Kid\'','\'The Icarus Kid\'','MUS_36af1b68cac9f88db44bbf4da582d80a',192172),('\'Alexi Husky\'','\'Alexi Husky\'','MUS_6c8720607c4a95e173f1c4f850316c24',192173),('\'DJ Scythe\'','\'DJ Scythe\'','MUS_6c8720607c4a95e173f1c4f850316c24',192174),('\'Delchi\'','\'Delchi\'','MUS_6c8720607c4a95e173f1c4f850316c24',192175),('\'Grind613\'','\'Grind613\'','MUS_6c8720607c4a95e173f1c4f850316c24',192176),('\'Syntax\'','\'Syntax\'','MUS_6c8720607c4a95e173f1c4f850316c24',192177),('\'Talk Sinn\'','\'Talk Sinn\'','MUS_6c8720607c4a95e173f1c4f850316c24',192178),('\'YTCracker\'','\'YTCracker\'','MUS_6c8720607c4a95e173f1c4f850316c24',192179),('\'c0debreaker\'','\'c0debreaker\'','MUS_6c8720607c4a95e173f1c4f850316c24',192180),('\'mattrix\'','\'mattrix\'','MUS_6c8720607c4a95e173f1c4f850316c24',192181),('\'Acid T\'','\'Acid T\'','MUS_eba674ee0a271abf7280af5f1143d4f5',192182),('\'CTRL/rsm\'','\'CTRL/rsm\'','MUS_eba674ee0a271abf7280af5f1143d4f5',192183),('\'DJ PatAttack\'','\'DJ PatAttack\'','MUS_eba674ee0a271abf7280af5f1143d4f5',192184),('\'DJ St3rling\'','\'DJ St3rling\'','MUS_eba674ee0a271abf7280af5f1143d4f5',192185),('\'Magik Plan\'','\'Magik Plan\'','MUS_eba674ee0a271abf7280af5f1143d4f5',192186),('\'Scotch and Bubbles\'','\'Scotch and Bubbles\'','MUS_eba674ee0a271abf7280af5f1143d4f5',192187),('\'Spice Rack\'','\'Spice Rack\'','MUS_eba674ee0a271abf7280af5f1143d4f5',192188),('\'kampf\'','\'kampf\'','MUS_eba674ee0a271abf7280af5f1143d4f5',192189),('\'DotOrNot\'','\'DotOrNot\'','MUS_0287a4b485f22bccd4f894f268734917',192190),('\'Dr. McGrew\'','\'Dr. McGrew\'','MUS_0287a4b485f22bccd4f894f268734917',192191),('\'H4X\'','\'H4X\'','MUS_0287a4b485f22bccd4f894f268734917',192192),('\'Icetre Normal\'','\'Icetre Normal\'','MUS_0287a4b485f22bccd4f894f268734917',192193),('\'NGHTHWK\'','\'NGHTHWK\'','MUS_0287a4b485f22bccd4f894f268734917',192194),('\'SK\'','\'SK\'','MUS_0287a4b485f22bccd4f894f268734917',192195),('\'Z3npi\'','\'Z3npi\'','MUS_0287a4b485f22bccd4f894f268734917',192196),('\'n0x08\'','\'n0x08\'','MUS_0287a4b485f22bccd4f894f268734917',192197),('\'Great Scott\'','\'Great Scott\'','MUS_06cfc5a8575d223a8be2540ef7f3ab39',192198),('\'Krisz Klink\'','\'Krisz Klink\'','MUS_06cfc5a8575d223a8be2540ef7f3ab39',192199),('\'TRIODE\'','\'TRIODE\'','MUS_06cfc5a8575d223a8be2540ef7f3ab39',192200),('\'Zebbler Encanti Experience\'','\'Zebbler Encanti Experience\'','MUS_06cfc5a8575d223a8be2540ef7f3ab39',192201),('\'heckseven\'','\'heckseven\'','MUS_06cfc5a8575d223a8be2540ef7f3ab39',192202),('\'FuzzyNop\'','\'FuzzyNop\'','MUS_a839adadf8ae1d98babdf7e253c99058',192203),('\'Miss Jackalope\'','\'Miss Jackalope\'','MUS_a839adadf8ae1d98babdf7e253c99058',192204),('\'Ninjula\'','\'Ninjula\'','MUS_a839adadf8ae1d98babdf7e253c99058',192205),('\'O\'Craven Pirate Band\'','\'O\'Craven Pirate Band\'','MUS_a839adadf8ae1d98babdf7e253c99058',192206),('\'Skittish & Bus\'','\'Skittish & Bus\'','MUS_a839adadf8ae1d98babdf7e253c99058',192207),('\' \'','\' \'','MISC_dbdc6ecd9a2f73af2ccef4ce115482cb',192208),('\' \'','\' \'','MISC_451ea4cead475bad86ea2a10c7972db9',192209),('\' \'','\' \'','MISC_07cc99571f823740441bc57f8c0b1497',192210),('\' \'','\' \'','MISC_706fac635b1832181ba6fca6989ab734',192211),('\' \'','\' \'','DC_7043a5e24cfdcab394ef5fee6cc30a83',192212),('\' \'','\' \'','DC_fee38845a2ae761750cd45a79c1c4951',192213),('\' \'','\' \'','DC_3f0410fb0cb2a3d9c13575d030bbbd4b',192214),('\' \'','\' \'','DC_cc915bc3a2358442fe1c59d09dd30f39',192215),('\' \'','\' \'','MISC_7d0e99df51df083cc7213c1fe1a10eff',192216),('\' \'','\' \'','SOC_8fac82a287ac4f62196b7ed9b0b47ba4',192217),('\' \'','\' \'','SOC_914c4caa37cc25f6a1c4cef6b74163d8',192218),('\' \'','\' \'','SOC_31eea850a1ca434aae827d0c434ac74b',192219),('\' \'','\' \'','SOC_d1b5a18c0c7cda79162ed822a91d41f3',192220),('\' \'','\' \'','SOC_dacedff672fecc2ff6876eedb7d90508',192221),('\' \'','\' \'','SEV_2c862c9716fba44fb749eb14e2e51295',192222),('\' \'','\' \'','SEV_09b4ea012986f4be77fcb7d190743617',192223),('\' \'','\' \'','SEV_d489d07c784859d82afc34c161888901',192224),('\' \'','\' \'','SEV_5d673e529b6d19391796b3fed38f89cc',192225),('\' \'','\' \'','SEV_0f51f9a7d711618365d9d55d6cdfecc1',192226),('\' \'','\' \'','SEV_f4b4295e82ffc6f9d51761a7616a6a34',192227),('\' \'','\' \'','SEV_4d8f03ff8dd825c0121d99adfb08d52c',192228),('\' \'','\' \'','SEV_14bd2e71f100c87304192c9f49e457aa',192229),('\'Jessica Barker\'','\'Jessica Barker\'','SEV_e41cfe2b678ebc4d93bd5204a8f4617f',192230),('\'Maxie Reynolds\'','\'Maxie Reynolds\'','SEV_e41cfe2b678ebc4d93bd5204a8f4617f',192231),('\'Rebecca Markwick\'','\'Rebecca Markwick\'','SEV_e41cfe2b678ebc4d93bd5204a8f4617f',192232),('\'Sam Davison\'','\'Sam Davison\'','SEV_e41cfe2b678ebc4d93bd5204a8f4617f',192233),('\'JC\'','\'JC\'','SEV_1aa56dcfd6dc5f07a0a051005c3475de',192234),('\'Snow\'','\'Snow\'','SEV_1aa56dcfd6dc5f07a0a051005c3475de',192235),('\'Andrew Lemon\'','\'Andrew Lemon\'','SEV_2bd2c133b6785530a6653d24a4ccaed8',192236),('\'Dani Goland\'','\'Dani Goland\'','SEV_a7f2298b139247a9421a50d5b5b18209',192237),('\'Preston Thornburg\'','\'Preston Thornburg\'','SEV_a7f2298b139247a9421a50d5b5b18209',192238),('\'Daniel \"Jcache\" Goga\'','\'Daniel \"Jcache\" Goga\'','SEV_8d8c8f73f0a7ad53b81f2f59d2868203',192239),('\'Langston \"Shock\" Clement\'','\'Langston \"Shock\" Clement\'','SEV_8d8c8f73f0a7ad53b81f2f59d2868203',192240),('\' \'','\' \'','PHV_dba395287b9d048198fa6972452beb19',192241),('\' \'','\' \'','PHV_37789a605f9ee8ac22e6b58a9c5168ed',192242),('\' \'','\' \'','PHV_fbd1c1a10201cac1f7b46b832f3764c8',192243),('\' \'','\' \'','PHV_82b2232353f6512eb8c78cd0d5e437d4',192244),('\' \'','\' \'','PHV_cdac4c98a7b18619b66abdc279a517ad',192245),('\' \'','\' \'','PHV_f8e8321b5b3a3bb5c5f4d39e023cd1e9',192246),('\' \'','\' \'','PHV_23f7346ef3410bceb4f887d1c6f93424',192247),('\' \'','\' \'','PHV_56b5ad0fddb0440506b09c85215ed2ab',192248),('\' \'','\' \'','PHV_fe3391eb8fa97e7669b9d457e8c25f32',192249),('\' \'','\' \'','PHV_a2d6ca04db765230edc4afbb1d0f572f',192250),('\' \'','\' \'','PHV_0068eec4ec0c2cf621eab00c163dbea1',192251),('\' \'','\' \'','PHV_4de334336ee73f5efc2678d9fbbfc7df',192252),('\' \'','\' \'','PHV_4a478fe64467ec0687e1565a1a026c7e',192253),('\' \'','\' \'','PHV_995f19e16203c8616c31a77443b2cba7',192254),('\' \'','\' \'','PHV_f008b9ed9d781e47311091782ce8f623',192255),('\' \'','\' \'','PHV_8cadc9fb1e4bdf58497de014bc1b0e9b',192256),('\' \'','\' \'','PHV_559596b15ddbbffb284454d5925538da',192257),('\' \'','\' \'','PHV_ef4565cce66f72983a1456f8c71d36d1',192258),('\' \'','\' \'','PHV_41bbb2494695b74c13e6e4aeb8b04f01',192259),('\' \'','\' \'','PHV_9d7839bcf24171763230df827f30f23a',192260),('\' \'','\' \'','PHV_01e8ff54acacdae413dae30d5a9e9aeb',192261),('\' \'','\' \'','PHV_a82ee4b5b76171909eeae8c880d5182c',192262),('\' \'','\' \'','PHV_9f520bb414d8505a03b1588057be9d98',192263),('\' \'','\' \'','PHV_bf00aeaf4d249a3e6261f6f9fa8e2b7b',192264),('\' \'','\' \'','PHV_dc6c2c37d1c44784b44bbbde17092b80',192265),('\' \'','\' \'','PHV_4d2ca5d8f39327ccf0c946d64bb9e049',192266),('\' \'','\' \'','PHV_bb6720ef2cbf937685a11bbb4b090e82',192267),('\'Kolton Heaps\'','\'Kolton Heaps\'','XRV_f36829b0fef70b208b5166cd6709f629',192268),('\'Mark Colaluca\'','\'Mark Colaluca\'','DC_5c63d9bf2430844699343a5107b4fd8c',192269),('\'Nick Saunders\'','\'Nick Saunders\'','DC_5c63d9bf2430844699343a5107b4fd8c',192270),('\' \'','\' \'','DC_f866b4483924d90de5d6433b40707362',192271),('\' \'','\' \'','DC_90019d3bac8c78dab6126837b0f6b84f',192272),('\' \'','\' \'','DC_12d17bb988ea363a921b5581caa592e2',192273),('\' \'','\' \'','DC_2853e63ca4760cffe6397e02b65a2de2',192274),('\' \'','\' \'','DC_132e82a90bec6dfd5b2747f89dab28e5',192275),('\' \'','\' \'','DC_94f6050dc51bf60e22bdc4fff0816c23',192276),('\' \'','\' \'','DC_c75d6b52ebd678752d3ae4c7000401c0',192277),('\' \'','\' \'','DC_2ec0a6e4132ffee0863604ee50c4ce66',192278),('\' \'','\' \'','DC_b6295ccd7a812297d582f173c957d8d1',192279),('\'Jon Marler\'','\'Jon Marler\'','HRV_ae223fb8dfdbdd94c2206011478274cd',192280),('\'Hamster\'','\'Hamster\'','HRV_ecd27efc2ef36349250cdd2b6ed426dd',192281),('\'Jon Marler\'','\'Jon Marler\'','HRV_2f9142f12ee30dc68c48964849f18a80',192282),('\'Jeremy Banker\'','\'Jeremy Banker\'','HRV_b5b10fe65ee88ace129eaac7fffa0124',192283),('\'Ben \"NahamSec\" Sadeghipour\'','\'Ben \"NahamSec\" Sadeghipour\'','CLV_135cd19c08b27ac94abcfaf53d57c0dd',192284),('\'Kiyohito Yamamoto\'','\'Kiyohito Yamamoto\'','CLV_9e5fb687b38f524dc47f9c9b5ca7c22a',192285),('\'Yusuke Kubo\'','\'Yusuke Kubo\'','CLV_9e5fb687b38f524dc47f9c9b5ca7c22a',192286),('\'Viktor Gazdag\'','\'Viktor Gazdag\'','CLV_f117a05120094ffd448ac4d7333e0bd3',192287),('\'Alex Delamotte\'','\'Alex Delamotte\'','CLV_826f5ac4f89f5b82c23d34188d096cea',192288),('\'Nick Frichette\'','\'Nick Frichette\'','CLV_3da177937b79dad4f7c0b5b0f1c96327',192289),('\'Dmitriy Beryoza\'','\'Dmitriy Beryoza\'','CLV_69f492629bba0e474986da8869900a85',192290),('\'Ian Dillon\'','\'Ian Dillon\'','CLV_94f63d85ca823eccb52099d71c7e7b64',192291),('\'Liv Matan\'','\'Liv Matan\'','CLV_6fb068d7653b11d2b4a5c6d7a0140ba8',192292),('\'Karl Fosaaen\'','\'Karl Fosaaen\'','CLV_87e4eb758d803b4cd9e2a2b26ef39379',192293),('\'Thomas Elling\'','\'Thomas Elling\'','CLV_87e4eb758d803b4cd9e2a2b26ef39379',192294),('\'Jenko Hwong\'','\'Jenko Hwong\'','CLV_cbfd4e5f0e57ff7de813e5e62d9e154b',192295),('\'Aled Mehta\'','\'Aled Mehta\'','CLV_3a7abf7087119fe1bd0f978c54fde8f8',192296),('\'Christian Philipov\'','\'Christian Philipov\'','CLV_3a7abf7087119fe1bd0f978c54fde8f8',192297),('\'Marco Mancini\'','\'Marco Mancini\'','CLV_a5909e26864782f26716259e7038715d',192298),('\'Rodrigo Montoro\'','\'Rodrigo Montoro\'','CLV_17ca741d9bd4812ea88a93622c7bc26c',192299),('\'Michael McCabe\'','\'Michael McCabe\'','CLV_7c1410d2782b5b095326367e6dbead21',192300),('\'Rojan Rijal\'','\'Rojan Rijal\'','CLV_d96d0f0544654c74db60807e3876626e',192301),('\'Sarachai Boonyakiat\'','\'Sarachai Boonyakiat\'','CLV_9a0e2078c136128539e71cf6e70a8d97',192302),('\'Kat Traxler\'','\'Kat Traxler\'','CLV_8b7df5862d16eff90b3705c05b60a49c',192303),('\'Igal Gofman\'','\'Igal Gofman\'','CLV_61d6cf3dad3edc3228887e99857cda1b',192304),('\'Noam Dahan\'','\'Noam Dahan\'','CLV_61d6cf3dad3edc3228887e99857cda1b',192305),('\' \'','\' \'','CLV_663ff6ce749d7f47ba277f89dcddb60b',192306),('\'Tohar Braun\'','\'Tohar Braun\'','CLV_d25df0c3343b0144d7ad87852d811fe4',192307),('\'Gunnar Andrews\'','\'Gunnar Andrews\'','CLV_90c1e49de73e4f2b0ee5dc78cb7f2bfb',192308),('\'Jason Haddix\'','\'Jason Haddix\'','CLV_90c1e49de73e4f2b0ee5dc78cb7f2bfb',192309),('\'Justin Ibarra\'','\'Justin Ibarra\'','CLV_a557c4b1ae68350b31209182dda7082c',192310),('\'Terrance DeJesus\'','\'Terrance DeJesus\'','CLV_a557c4b1ae68350b31209182dda7082c',192311),('\' \'','\' \'','DC_8d2eaef878b673ae3ad0527cf29d94ef',192312),('\' \'','\' \'','DC_144b7a5f9dad2168d9bcaa0399785441',192313),('\' \'','\' \'','DC_ec19fef0ed8d1f433150f8c582281049',192314),('\' \'','\' \'','DC_d9e95519c990c241b855971cc389aaab',192315),('\'RJ McCarley\'','\'RJ McCarley\'','BICV_dc95cf71b2aadc4abdcedfa404dc651c',192316),('\'John Threat\'','\'John Threat\'','BICV_cf986661c2976fed27eba92a2b44ae2e',192317),('\'Dontae Tyler\'','\'Dontae Tyler\'','BICV_75fc8598ebe6c4f9dc07fddab56f10a9',192318),('\'Fatou Sankare\'','\'Fatou Sankare\'','BICV_77fd9e8c5d969108bfb22c56fe2624e7',192319),('\'Keith Chapman\'','\'Keith Chapman\'','BICV_a351b3c8ca5562bd782adda035575b4e',192320),('\'D.J. Davis\'','\'D.J. Davis\'','BICV_1b999bd7df4c5efbcefc8303d4ef675a',192321),('\'Jess Hoffman\'','\'Jess Hoffman\'','BICV_2f0ab3667aee53a0cdd34b5f6ca8a5a9',192322),('\'Gaspard Baye\'','\'Gaspard Baye\'','BICV_24771115998fc37974154c835aaec075',192323),('\'Kevin Roberts\'','\'Kevin Roberts\'','BICV_175bea5a5501707e16a4da341dcb8240',192324),('\'Leigh-Anne Galloway\'','\'Leigh-Anne Galloway\'','PYV_de45465358e31fc6f70df164bb3019b6',192325),('\'Leigh-Anne Galloway\'','\'Leigh-Anne Galloway\'','PYV_cc44085618ecfec900894600d738dd58',192326),('\' \'','\' \'','PYV_451cf6c6f7518ee447839c64bf94832a',192327),('\' \'','\' \'','PYV_a701f257d6d40090ac0a96607ff5f2a3',192328),('\' \'','\' \'','PYV_4517859173a7d0f39fbb81d94093985f',192329),('\' \'','\' \'','IOTV_a427bd270168b0987af4672c4ed921af',192330),('\' \'','\' \'','IOTV_db3c728ac7a095b4cf13e8ec39817e83',192331),('\' \'','\' \'','IOTV_640faf5b2932b4135f1f857c0bcbf70f',192332),('\' \'','\' \'','IOTV_0181efbf9e2a9b79532e12d25c1aa3f4',192333),('\' \'','\' \'','IOTV_d8c286fe3fcd1367c7ecaf9d549a2202',192334),('\' \'','\' \'','IOTV_6de77e2fa9404155ca024b953029a681',192335),('\' \'','\' \'','IOTV_c9ee052d31cd5250cdb77abd57e0ce35',192336),('\' \'','\' \'','IOTV_ac4a16679e89df2e501ece7ac30dd3fd',192337),('\' \'','\' \'','IOTV_baabf960ec961cd9329867ef1be59a31',192338),('\' \'','\' \'','IOTV_078477962be0677fe42ffc11f4073344',192339),('\' \'','\' \'','IOTV_541682ef66a133920307650e5bf34fb4',192340),('\' \'','\' \'','IOTV_ceaedb9e7eb00d01e61692508c2680a1',192341),('\' \'','\' \'','IOTV_0c366d6caad1823214cb080cab4d24d4',192342),('\' \'','\' \'','IOTV_f246458c709fceaa37f76fb6e720cff0',192343),('\' \'','\' \'','IOTV_76314879236938389e10421eecfd4dc7',192344),('\' \'','\' \'','IOTV_049ff4b8de4065af6cf5ff2a4dfc4986',192345),('\' \'','\' \'','IOTV_b585c67a2cbdf465ad1bac33c542208f',192346),('\' \'','\' \'','IOTV_5e6e364822659abfb215f39e278daaf3',192347),('\' \'','\' \'','IOTV_44475c23328722ea81f0068f9cfe75be',192348),('\' \'','\' \'','IOTV_733b290674acef421481f0daf04691b8',192349),('\' \'','\' \'','IOTV_8f1dae1283f6b8c2e817d4afb6ca71c1',192350),('\' \'','\' \'','IOTV_38d78e204a018c6bca9ca0a8916541e9',192351),('\' \'','\' \'','IOTV_4900de22d3da44f546fe679d4898718b',192352),('\' \'','\' \'','IOTV_bacd3a68a37ea0a674a456339ef4ac41',192353),('\' \'','\' \'','IOTV_3ca09cda55c49dd28d16929620ed523a',192354),('\'CPV Staff\'','\'CPV Staff\'','CPV_345d8e5fa9466908dab5715b93e545bd',192355),('\'Blunt\'','\'Blunt\'','CPV_b881903a77db4a5dbb51873a80b2bb76',192356),('\'Daly\'','\'Daly\'','CPV_b881903a77db4a5dbb51873a80b2bb76',192357),('\'Brent Zundel\'','\'Brent Zundel\'','CPV_37d06cd663817a0bbf3515412399a05e',192358),('\'Gabe Cohen\'','\'Gabe Cohen\'','CPV_37d06cd663817a0bbf3515412399a05e',192359),('\'Chloé Messdaghi\'','\'Chloé Messdaghi\'','CPV_9ee16a9fbc93772a4475c50bd6438575',192360),('\'Matthew McPherrin\'','\'Matthew McPherrin\'','CPV_29b510c1b228d58a7011b0d866706342',192361),('\'Tomer\'','\'Tomer\'','CPV_16868d534324b9ec2dbac62daf5adae4',192362),('\'Yoni\'','\'Yoni\'','CPV_16868d534324b9ec2dbac62daf5adae4',192363),('\'Artorias\'','\'Artorias\'','CPV_3194d240f2bed0b5ed95be64a5311278',192364),('\'Puck\'','\'Puck\'','CPV_3194d240f2bed0b5ed95be64a5311278',192365),('\'Taiiwo\'','\'Taiiwo\'','CPV_3194d240f2bed0b5ed95be64a5311278',192366),('\'TheClockworkBird\'','\'TheClockworkBird\'','CPV_3194d240f2bed0b5ed95be64a5311278',192367),('\'CPV Staff\'','\'CPV Staff\'','CPV_957df172399a92f8e5a54ff3becfea6e',192368),('\'Gold Bug Challenge Team\'','\'Gold Bug Challenge Team\'','CPV_957df172399a92f8e5a54ff3becfea6e',192369),('\'CPV Staff\'','\'CPV Staff\'','CPV_25de84ef1728268cb91edce1b53f8b73',192370),('\'CPV Program Committees\'','\'CPV Program Committees\'','CPV_3feeaf8a8538a324cead670ac4d5f8f4',192371),('\'CPV Staff\'','\'CPV Staff\'','CPV_3feeaf8a8538a324cead670ac4d5f8f4',192372),('\'Anthony Hendricks\'','\'Anthony Hendricks\'','CPV_deeadf9c91cfba749f2a7393526a7bab',192373),('\'Deirdre Connolly\'','\'Deirdre Connolly\'','CPV_b4f248224cddfd73a1a17c9e77ecec55',192374),('\'James Howe\'','\'James Howe\'','CPV_b4f248224cddfd73a1a17c9e77ecec55',192375),('\'Mark Carney\'','\'Mark Carney\'','CPV_b4f248224cddfd73a1a17c9e77ecec55',192376),('\'Ryan Hurst\'','\'Ryan Hurst\'','CPV_b4f248224cddfd73a1a17c9e77ecec55',192377),('\'Sandra Guasch Castello\'','\'Sandra Guasch Castello\'','CPV_b4f248224cddfd73a1a17c9e77ecec55',192378),('\'Sofi Celi\'','\'Sofi Celi\'','CPV_b4f248224cddfd73a1a17c9e77ecec55',192379),('\'Matt Cheung\'','\'Matt Cheung\'','CPV_e905be39538c8d57abfce7e4421d7653',192380),('\'Asheer Malhotra\'','\'Asheer Malhotra\'','CPV_5b5807fe5369d609fba005923d621b3b',192381),('\'Vitor Ventura\'','\'Vitor Ventura\'','CPV_5b5807fe5369d609fba005923d621b3b',192382),('\'Charles Miller\'','\'Charles Miller\'','CPV_47fa1d86250bd749695d367a186c3def',192383),('\'Michael Brown\'','\'Michael Brown\'','CPV_47fa1d86250bd749695d367a186c3def',192384),('\'Michael Pelosi\'','\'Michael Pelosi\'','CPV_47fa1d86250bd749695d367a186c3def',192385),('\'CPV Staff\'','\'CPV Staff\'','CPV_b981f86b4085a1d2765a35b200ebf676',192386),('\'Michelle Levesley\'','\'Michelle Levesley\'','CPV_83904570e9aae799175d0882077d9d45',192387),('\'Bing Shi\'','\'Bing Shi\'','CPV_b364533499db4a8cd172a7c09f547e9e',192388),('\'CPV Staff\'','\'CPV Staff\'','CPV_9b020fe8975276d04d98e80198126349',192389),('\'CPV Staff\'','\'CPV Staff\'','CPV_f5347f809766740d5ad6f23e529381d5',192390),('\'CPV Staff\'','\'CPV Staff\'','CPV_cca22c15f27ab4e8149b2d549568a679',192391),('\'CPV Staff\'','\'CPV Staff\'','CPV_182e908f7e1fbe90dd6b8bb9ab3f7f85',192392),('\'Kate\'','\'Kate\'','CPV_8fa81ad22216a700be2a2a6066d7e700',192393),('\'Kate\'','\'Kate\'','CPV_3347216d844b58c778424d1ed19ebd24',192394),('\'CPV Staff\'','\'CPV Staff\'','CPV_2e26666010a9793ff61b77e281685c81',192395),('\'AI Village Organizers\'','\'AI Village Organizers\'','AIV_3e691f9706fbc4545d2a01da4e0b52b0',192396),('\'Joshua Saxe\'','\'Joshua Saxe\'','AIV_250d75860e15a9d9f40443ef0c717cc2',192397),('\'Will Pearce\'','\'Will Pearce\'','AIV_90619cc8b35cba12e854f895a4c78c7e',192398),('\'Kyle Easterly\'','\'Kyle Easterly\'','AIV_c91b6246b338ebd3f6e34f92c619c43d',192399),('\'Mitch Kitter\'','\'Mitch Kitter\'','AIV_c91b6246b338ebd3f6e34f92c619c43d',192400),('\'Adhishree Kathikar\'','\'Adhishree Kathikar\'','AIV_1feae108a23b7fca2108ac254d74b826',192401),('\'Aishwarya Nair\'','\'Aishwarya Nair\'','AIV_1feae108a23b7fca2108ac254d74b826',192402),('\'Marta Janus\'','\'Marta Janus\'','AIV_2442fdc8c26f3e983116940155687134',192403),('\'Ram Shankar Siva Kumar\'','\'Ram Shankar Siva Kumar\'','AIV_33921f4d372e27f7064237f034c5bee6',192404),('\'Chloé Messdaghi\'','\'Chloé Messdaghi\'','AIV_8366540f1d62ca377fd65c6d366a63ff',192405),('\'Daniel Miessler\'','\'Daniel Miessler\'','AIV_8366540f1d62ca377fd65c6d366a63ff',192406),('\'Joseph Thacker\'','\'Joseph Thacker\'','AIV_8366540f1d62ca377fd65c6d366a63ff',192407),('\'Marcello \"byt3bl33d3r\" Salvati\'','\'Marcello \"byt3bl33d3r\" Salvati\'','AIV_8366540f1d62ca377fd65c6d366a63ff',192408),('\'Tom Bonner\'','\'Tom Bonner\'','AIV_2fcf1b7e40913ab03bcee096746ab403',192409),('\'Adrian \"threlfall\" Wood\'','\'Adrian \"threlfall\" Wood\'','AIV_c31fbb567793124c9135bf97117a365f',192410),('\'Daniel Fabian\'','\'Daniel Fabian\'','AIV_e02ba75166a784415e3aea25171ae604',192411),('\'Mikel Rodriguez\'','\'Mikel Rodriguez\'','AIV_e02ba75166a784415e3aea25171ae604',192412),('\'Sarah Hodkinson\'','\'Sarah Hodkinson\'','AIV_e02ba75166a784415e3aea25171ae604',192413),('\'Eryk Salvaggio\'','\'Eryk Salvaggio\'','AIV_6b86ac2be2078bc862a629f5b0141568',192414),('\'Nick Maietta\'','\'Nick Maietta\'','AIV_c25c71563e57287628bda11e07752856',192415),('\'Robert Hudock\'','\'Robert Hudock\'','AIV_c25c71563e57287628bda11e07752856',192416),('\'Ben Gelman\'','\'Ben Gelman\'','AIV_e36b13cd4acaeeb1ecc43625f6ef7f53',192417),('\'Younghoo Lee\'','\'Younghoo Lee\'','AIV_e36b13cd4acaeeb1ecc43625f6ef7f53',192418),('\'Kenneth Yeung\'','\'Kenneth Yeung\'','AIV_bf913a3d6b16a67f3f5009a9419901b6',192419),('\'Ram Shankar Siva Kumar\'','\'Ram Shankar Siva Kumar\'','AIV_7293155b7ec3c4dec60e3547c3d135b0',192420),('\'Gavin Klondike\'','\'Gavin Klondike\'','AIV_56fe57fba9af4cbd025ed75709e4cd5f',192421),('\'Rafael Turner\'','\'Rafael Turner\'','AIV_1a4c7a1333f010b21bf26c91028f20d4',192422),('\'Sven Cattell\'','\'Sven Cattell\'','AIV_11ecc6cc5043522bc07a29be23f1f139',192423),('\'AI Village Organizers\'','\'AI Village Organizers\'','AIV_41b6c07e2ef988e015cfcb8f58e0fbad',192424),('\'Vandana Verma Sehgal\'','\'Vandana Verma Sehgal\'','APV_e645a0fbeb4cf7d5ca7212ccf6ffa935',192425),('\'Viraj Gandhi\'','\'Viraj Gandhi\'','APV_e645a0fbeb4cf7d5ca7212ccf6ffa935',192426),('\'Aaron Kumavis\'','\'Aaron Kumavis\'','APV_bec8305f03f0e88a27429cbc6cc420e1',192427),('\'Zbyszek Tenerowicz\'','\'Zbyszek Tenerowicz\'','APV_bec8305f03f0e88a27429cbc6cc420e1',192428),('\'Magno Logan\'','\'Magno Logan\'','APV_871f859b00b97afbd85cf97e16f51a54',192429),('\'Tushar Kulkarni\'','\'Tushar Kulkarni\'','APV_3d8e9dc6f7b5b2c6d777d326b76cb572',192430),('\'Backslash\'','\'Backslash\'','APV_4ee84b59c920d509e29c267a6e85a804',192431),('\'Backslash\'','\'Backslash\'','APV_a36d9eea147780ab740f01e79c1e87af',192432),('\'Probely\'','\'Probely\'','APV_f0c7dcb153e3748c6c89114495122e7d',192433),('\'Probely\'','\'Probely\'','APV_3ca8fb04b586c1112c6bf985eeebdeee',192434),('\'Probely\'','\'Probely\'','APV_fa0fcf1de3966473ac5dd2aad121c263',192435),('\'Probely\'','\'Probely\'','APV_83920c217bf9c6f03f1a222210c0c6e7',192436),('\'Mackenzie Jackson\'','\'Mackenzie Jackson\'','APV_001b2344c5f52e7674ee52d6d32a82dc',192437),('\'Tanya Janca\'','\'Tanya Janca\'','APV_301ef848fbdfa07918c48aa914882707',192438),('\'Joe Schottman\'','\'Joe Schottman\'','APV_5ca0310ecc556a59173791e3e421ee14',192439),('\'Tib3rius\'','\'Tib3rius\'','APV_bad595b2f724be0115b55a5411c4d9cb',192440),('\'Gal Bitensky\'','\'Gal Bitensky\'','APV_56b4fdd1ad329e18fba5122c33a1649c',192441),('\'Florian Haag\'','\'Florian Haag\'','APV_a4bdc60db6dd16de05e2f07aa02b47f0',192442),('\'Matthias Göhring\'','\'Matthias Göhring\'','APV_a4bdc60db6dd16de05e2f07aa02b47f0',192443),('\'Kiyohito Yamamoto\'','\'Kiyohito Yamamoto\'','APV_2df7bc9211b8ea0812fff12f96a2166f',192444),('\'Yusuke Kubo\'','\'Yusuke Kubo\'','APV_2df7bc9211b8ea0812fff12f96a2166f',192445),('\'Ken Pyle\'','\'Ken Pyle\'','APV_7838b8adfe01d7169d0e323426e12085',192446),('\'Alik Koldobsky\'','\'Alik Koldobsky\'','APV_d5d447037a373467dc41df3eb00d4d05',192447),('\'Tal Folkman\'','\'Tal Folkman\'','APV_d5d447037a373467dc41df3eb00d4d05',192448),('\'Spyros Gasteratos\'','\'Spyros Gasteratos\'','APV_c7d2d7334b8f8086fe528d41d5044795',192449),('\'Spyros Gasteratos\'','\'Spyros Gasteratos\'','APV_1abbb16aa14beed52869a6da5c53fe20',192450),('\'Spyros Gasteratos\'','\'Spyros Gasteratos\'','APV_30ad03294c72e0de124a52cf1d6d4680',192451),('\'Mike Larkin\'','\'Mike Larkin\'','APV_fe5c945453324943e81db39951c4136b',192452),('\'Pedram Hayati\'','\'Pedram Hayati\'','APV_7a9f3e1b19ed623fdc1c5ab5a2208a78',192453),('\'Ankur Chowdhary\'','\'Ankur Chowdhary\'','APV_5f727935b859b782a7e263a7dd95fcdc',192454),('\'Louis Nyffenegger\'','\'Louis Nyffenegger\'','APV_dea385eb764cbd328790195142c5be20',192455),('\'GitGuardian\'','\'GitGuardian\'','APV_7a6b2ef19a166420fcda99938aa2ef1f',192456),('\'GitGuardian\'','\'GitGuardian\'','APV_2d10b003bfba4d709750fefc7e62f5b1',192457),('\'GitGuardian\'','\'GitGuardian\'','APV_15b28c2e753cd0ae2c677f3617b55251',192458),('\'GitGuardian\'','\'GitGuardian\'','APV_a0f0a6d187762bbbc2b9403f791ff595',192459),('\'Alon Lerner\'','\'Alon Lerner\'','APV_53a9795b7d58a8f5ad8e0b4d8d76a3b9',192460),('\'Gal Elbaz\'','\'Gal Elbaz\'','APV_f970ab453590b540f4fc69edff6d2121',192461),('\'Guy Kaplan\'','\'Guy Kaplan\'','APV_f970ab453590b540f4fc69edff6d2121',192462),('\'Joe Christian\'','\'Joe Christian\'','APV_3078f3da356771503983cea7d28bc6e7',192463),('\'Kunal Bhattacharya\'','\'Kunal Bhattacharya\'','APV_3078f3da356771503983cea7d28bc6e7',192464),('\'Shahar Man\'','\'Shahar Man\'','APV_3078f3da356771503983cea7d28bc6e7',192465),('\'Trupti Shiralkar\'','\'Trupti Shiralkar\'','APV_3078f3da356771503983cea7d28bc6e7',192466),('\'Or Sahar\'','\'Or Sahar\'','APV_5edc39dd93ca93962b0f0113759a9742',192467),('\'Yariv Tal\'','\'Yariv Tal\'','APV_5edc39dd93ca93962b0f0113759a9742',192468),('\'Deepfactor\'','\'Deepfactor\'','APV_f04d2ca47fea20adf3f678feadda4352',192469),('\'Deepfactor\'','\'Deepfactor\'','APV_282a8f5d261ee70664976eec28dd5989',192470),('\'Deepfactor\'','\'Deepfactor\'','APV_deaf80248bcc83a1c28b5583fe1a37d1',192471),('\'Ankita Gupta\'','\'Ankita Gupta\'','APV_c16b0e7f552b63830bf81d06e33368c0',192472),('\'Ankush Jain\'','\'Ankush Jain\'','APV_c16b0e7f552b63830bf81d06e33368c0',192473),('\'Felipe Molina\'','\'Felipe Molina\'','APV_fbd8dae0e99f28f6664a1a6b39f80f7e',192474),('\'Jon F\'','\'Jon F\'','APV_7c941beb2d6e1148ab5b79d635da61de',192475),('\'Jason Haddix\'','\'Jason Haddix\'','APV_0dc39b3b1d679217d3f36b5e8410af0f',192476),('\'Miłosz Gaczkowski\'','\'Miłosz Gaczkowski\'','APV_a3f2eced9413914b3b4e44db8b04c373',192477),('\'William Taylor\'','\'William Taylor\'','APV_a3f2eced9413914b3b4e44db8b04c373',192478),('\'Pedram Hayati\'','\'Pedram Hayati\'','APV_2864a96084005c575e56634144c1b8e3',192479),('\'Checkmarx\'','\'Checkmarx\'','APV_f2bea2c4612a7b3d1cc66cff76c09e82',192480),('\'Checkmarx\'','\'Checkmarx\'','APV_8bd431c2bd0434f71fb85dba6a378fc5',192481),('\'Dohyeon Kim\'','\'Dohyeon Kim\'','APV_bb9e0858fea57418d054a4f11f46b8dd',192482),('\'WooWon Kang\'','\'WooWon Kang\'','APV_bb9e0858fea57418d054a4f11f46b8dd',192483),('\'Muhammad Shahmeer\'','\'Muhammad Shahmeer\'','APV_de31de6529c99621de869351f721e56a',192484),('\'Emile Spir\'','\'Emile Spir\'','APV_6a993619464eab23cbb6e60c12077797',192485),('\'Emmanuelle Lejeail\'','\'Emmanuelle Lejeail\'','APV_6a993619464eab23cbb6e60c12077797',192486),('\'Jim Manico\'','\'Jim Manico\'','APV_3bc45fd35824cb1a3e656eb08da9d522',192487),('\'Checkmarx\'','\'Checkmarx\'','APV_c55d53661b88e9afc02b810830ad406c',192488),('\'Yariv Tal\'','\'Yariv Tal\'','APV_3076d50e1a3c06d0bf3410a209e0380e',192489),('\'Kalyani Pawar\'','\'Kalyani Pawar\'','APV_60edc05cdafd8e2a599d7c3d8ad4a363',192490),('\'Larkins Carvalho\'','\'Larkins Carvalho\'','APV_f48fff4330ae69e2474747fdbe842f1e',192491),('\'Nielet D\'mello\'','\'Nielet D\'mello\'','APV_f48fff4330ae69e2474747fdbe842f1e',192492),('\'Gabrielle Botbol\'','\'Gabrielle Botbol\'','APV_2087fcecfc306d6b977fd8ff3a0595cc',192493),('\'Or Sahar\'','\'Or Sahar\'','APV_9927cd4b81b2366b92ebff0513c92592',192494),('\'Jim Manico\'','\'Jim Manico\'','APV_047b75d7cb3b745e8b6fdba15aad85ea',192495),('\'Magno Logan\'','\'Magno Logan\'','APV_1970234727653fbdd1b8781c3492459c',192496),('\'Jeffrey Guerra\'','\'Jeffrey Guerra\'','APV_6fbccee2f0764cb06d1ca58dbe9d52a3',192497),('\'Logan MacLaren\'','\'Logan MacLaren\'','APV_6fbccee2f0764cb06d1ca58dbe9d52a3',192498),('\'Bosen Zhang\'','\'Bosen Zhang\'','HHV_523d4e4050fafed9e4bd5574eef43a29',192499),('\'Howard Yang\'','\'Howard Yang\'','HHV_523d4e4050fafed9e4bd5574eef43a29',192500),('\'Pengfei “BigZaddy” Yu\'','\'Pengfei “BigZaddy” Yu\'','HHV_523d4e4050fafed9e4bd5574eef43a29',192501),('\'Tan Jing Zhi\'','\'Tan Jing Zhi\'','HHV_523d4e4050fafed9e4bd5574eef43a29',192502),('\'Ryan Zagrodnik\'','\'Ryan Zagrodnik\'','HHV_3a4f782db6474162e023a0a6133d02a4',192503),('\'Javier Aguinaga\'','\'Javier Aguinaga\'','HHV_d1c86120f76c1760f6545037454398ca',192504),('\'Octavio Gianatiempo\'','\'Octavio Gianatiempo\'','HHV_d1c86120f76c1760f6545037454398ca',192505),('\'Thomas BYGODT\'','\'Thomas BYGODT\'','HHV_30e4b1ac3177d70f9f6cae86f7ac67fd',192506),('\'Patrick Kiley\'','\'Patrick Kiley\'','HHV_7c9ee6519010bbc704f456a99b116ae6',192507),('\'David Melendez\'','\'David Melendez\'','HHV_6ed05655e7d65c8300b7e0ef47da663a',192508),('\'Winn\'','\'Winn\'','DC_02d4f03e1378265a06c9f44d91d4cf89',192509),('\'Hack-A-Sat 4 Team\'','\'Hack-A-Sat 4 Team\'','ASV_412487c0f5dec702ef365a7ec688fa68',192510),('\'Hack-A-Sat 4 Team\'','\'Hack-A-Sat 4 Team\'','ASV_fbfea8c394bd70deb0c8c0a6a7567d05',192511),('\'Henry Haswell\'','\'Henry Haswell\'','ASV_bd056a87174d3ed31986761addb5a2e3',192512),('\'Peter Hansen\'','\'Peter Hansen\'','ASV_cd6c3f307a7cb5121e55652ad4415634',192513),('\'Chris Jenkins\'','\'Chris Jenkins\'','ASV_07a5c0dadab9564d874bd8ccd030abbb',192514),('\'Lauryn Williams\'','\'Lauryn Williams\'','ASV_9ab9336d3b25391b5b508a4e38c793f9',192515),('\'Tanya Simms\'','\'Tanya Simms\'','ASV_9ab9336d3b25391b5b508a4e38c793f9',192516),('\'David Pekoske\'','\'David Pekoske\'','ASV_75002a3a9bdd838d1a944cb48c661d5a',192517),('\'Steve Luczynski\'','\'Steve Luczynski\'','ASV_75002a3a9bdd838d1a944cb48c661d5a',192518),('\'Edam Colón\'','\'Edam Colón\'','ASV_8baccde0966668c75096cb1fe436d34d',192519),('\'Alex Lomas\'','\'Alex Lomas\'','ASV_20cce588baefd0283c130e43ad0e55d3',192520),('\'Ken Munro\'','\'Ken Munro\'','ASV_20cce588baefd0283c130e43ad0e55d3',192521),('\'Paz Hameiri\'','\'Paz Hameiri\'','ASV_5085423dc304c40e32f6d9175d3ac2bb',192522),('\'Brandon Bailey\'','\'Brandon Bailey\'','ASV_7c226e00d99793fb9970e20d47e371af',192523),('\'Martin Strohmeier\'','\'Martin Strohmeier\'','ASV_64dd3f1de1599f2f13573e83f1446236',192524),('\'Martin Strohmeier\'','\'Martin Strohmeier\'','ASV_7242173f0c980cef981ac1509b882a94',192525),('\'Christopher Ottesen\'','\'Christopher Ottesen\'','ASV_25c1f42a7bf7667f9d6726e12e24db5f',192526),('\'Henry Danielson\'','\'Henry Danielson\'','ASV_5aa83c8aa22aca9d9361efe9a54a05f2',192527),('\'Sage Meadows\'','\'Sage Meadows\'','ASV_5aa83c8aa22aca9d9361efe9a54a05f2',192528),('\'Alexander Dodd\'','\'Alexander Dodd\'','ASV_0e6fdb7627ad038b6875bc8af58e3e0c',192529),('\'Chris Roberts\'','\'Chris Roberts\'','ASV_5882c7037f73d2d62d710d1ca7d74178',192530),('\'Pete Cooper\'','\'Pete Cooper\'','ASV_5882c7037f73d2d62d710d1ca7d74178',192531),('\'Pete Cooper\'','\'Pete Cooper\'','ASV_a9f0a132ed06527ee9cb2a54f3cc270d',192532),('\'Vincent Lenders\'','\'Vincent Lenders\'','ASV_3607dfcdb23490f3dc5525f30cf8a663',192533),('\'Hack-A-Sat 4 Team\'','\'Hack-A-Sat 4 Team\'','ASV_08c9790460caa5282e8fde19ae42b4eb',192534),('\'Jacob Oakley\'','\'Jacob Oakley\'','ASV_b729462d5c492ee266e16317f1f8a1ef',192535),('\' \'','\' \'','ASV_48f03cd7685498832449be9456094b55',192536),('\' \'','\' \'','ASV_5062dad9eb1c93f8ff88a47f4bf086b2',192537),('\' \'','\' \'','ASV_fd5349fb783ff2006786d0ec93c3027f',192538),('\' \'','\' \'','ASV_d87de2aac7693afe98333905046ca3be',192539),('\' \'','\' \'','ASV_45848bccbb39a4241b6c2c76a4ae732c',192540),('\' \'','\' \'','ASV_dcae5bb3bda8655196706bc17d98223a',192541),('\' \'','\' \'','ASV_dd07879cef10682493d2a1c9b6dc55c0',192542),('\' \'','\' \'','ASV_4d41da0c20fda37471ba9f8c15214156',192543),('\' \'','\' \'','ASV_0e675088b35a550816246683a90f8432',192544),('\' \'','\' \'','ASV_e16190dfee0be9d55e97883128efb003',192545),('\' \'','\' \'','ASV_b0bbe9a59129942ce0e41c8127ae88ca',192546),('\' \'','\' \'','ASV_6466eb407257199d0537a8820997a95e',192547),('\' \'','\' \'','ASV_c45a5262ccc52eb91e219f6c4c655140',192548),('\' \'','\' \'','ASV_a1466e675f68887fd98b937bbfc6892e',192549),('\' \'','\' \'','ASV_c5fd1b3df0f9c31384456d2728b93663',192550),('\' \'','\' \'','ASV_e62b1f7f9b7c97d57c7a30438e0ead91',192551),('\' \'','\' \'','ASV_34306d7362d448b4997e0930c3bcd0cb',192552),('\' \'','\' \'','ASV_1f0e689638a35ca25d9811e963c898cd',192553),('\' \'','\' \'','ASV_41444264e68e7103c9351c37a1830844',192554),('\' \'','\' \'','ASV_55daec1d0c6f894e6a4eac6d4324b4a1',192555),('\' \'','\' \'','ASV_07be36afbcb4c27a432b51b7e11c24d1',192556),('\' \'','\' \'','ASV_c41d377ce846152990ad536172f5b4ff',192557),('\' \'','\' \'','ASV_954c068d605f348f226cbc8efb4671a8',192558),('\' \'','\' \'','ASV_576aeacbc7931b8a16c6a45fd31017ed',192559),('\'Mark Carney\'','\'Mark Carney\'','QTV_d4e920d30aac89b57fc02f3d8741df22',192560),('\'Quantum Village Organizers\'','\'Quantum Village Organizers\'','QTV_d4e920d30aac89b57fc02f3d8741df22',192561),('\'Victoria Kumaran\'','\'Victoria Kumaran\'','QTV_d4e920d30aac89b57fc02f3d8741df22',192562),('\'Quantum Quizmasters\'','\'Quantum Quizmasters\'','QTV_d39fc00bed985a5cbc2376e15b14252c',192563),('\'Ben Varcoe\'','\'Ben Varcoe\'','QTV_edfb3aefc36e5e88ef21ce602fbc7add',192564),('\'Jose Pisaro\'','\'Jose Pisaro\'','QTV_edfb3aefc36e5e88ef21ce602fbc7add',192565),('\'Mark Carney\'','\'Mark Carney\'','QTV_edfb3aefc36e5e88ef21ce602fbc7add',192566),('\'Jamie Friel\'','\'Jamie Friel\'','QTV_aa62ce9aef6aecfbbb0d7565251a97e7',192567),('\'Konstantinos Karagiannis\'','\'Konstantinos Karagiannis\'','QTV_ffc584e6902c973c42145fb28b1f35ba',192568),('\' \'','\' \'','QTV_d26da7b2dd56883265c8d8ec89c26b29',192569),('\'Mark Carney\'','\'Mark Carney\'','QTV_968506c59add7412cdb8b95d54f7d50f',192570),('\' \'','\' \'','QTV_b0b267ad6a2e9a89fea797e838f0f81e',192571),('\'Lei Jiang\'','\'Lei Jiang\'','QTV_8a7281f396b723c23dd6b22e076bb178',192572),('\'Max Shirokawa Aalto\'','\'Max Shirokawa Aalto\'','QTV_8628872f8a759dfd4a1cd455c8f83570',192573),('\'Ben Varcoe\'','\'Ben Varcoe\'','QTV_2b82db4b0831e96262b7fd989da728a7',192574),('\' \'','\' \'','QTV_e08d3e5ecdd423cfc065cd3aa58181a9',192575),('\'Mark Carney\'','\'Mark Carney\'','QTV_d086f60b26e5abdd75e98c5defc3ba53',192576),('\'Scott Oshiro\'','\'Scott Oshiro\'','QTV_260491836c8324d0bf64970fc4e91a87',192577),('\'Mark Carney\'','\'Mark Carney\'','QTV_a46966770f22b432ed1477dfdfc2a63c',192578),('\'Mark Carney\'','\'Mark Carney\'','QTV_90a5f452968f43d5349814136c966844',192579),('\'Victoria Kumaran\'','\'Victoria Kumaran\'','QTV_90a5f452968f43d5349814136c966844',192580),('\' \'','\' \'','QTV_0fb148fc7633bfe6cd90f1086a19f997',192581),('\' \'','\' \'','PWV_dfe9d0c33fdd25a9eb9b09f99e89d072',192582),('\' \'','\' \'','PWV_8dc3d1476d669969ab4473f61b41dd14',192583),('\' \'','\' \'','PWV_05af1299f8e032487ac894ca5807c8c9',192584),('\'Jayson E. Street\'','\'Jayson E. Street\'','DCGVR_d8ece00de4e8ad00343760f82f50fd26',192585),('\'Abhijeet Singh\'','\'Abhijeet Singh\'','DCGVR_f123d54247ec6b6d66d52a68c8e43f64',192586),('\'Jonathan Bar Or\'','\'Jonathan Bar Or\'','DCGVR_f70696c23dbad2e416506f05101b3adc',192587),('\'Joe Mast\'','\'Joe Mast\'','DCGVR_4b0620c19e2d2997b0f7fd09cd11031f',192588),('\'datalocaltmp\'','\'datalocaltmp\'','DCGVR_5b7664b3e6ff66d4fe539fdd3ba19486',192589),('\'Squiddy\'','\'Squiddy\'','DCGVR_19e239a407b7e6997399ebf8ca5b7823',192590),('\'Sam Colaizzi\'','\'Sam Colaizzi\'','DCGVR_057339d959ca8c6d38c38e82efea3f03',192591),('\'hoodiePony\'','\'hoodiePony\'','DCGVR_09af0b34b550bbf07d690464ccd74b2e',192592),('\'Allen Baranov\'','\'Allen Baranov\'','DCGVR_c3f90d0fd955c34501faf9d7ff79128a',192593),('\'SamunoskeX\'','\'SamunoskeX\'','BTV_bdc07d1736a42f092329ed5b3f048c1a',192594),('\'aviditas\'','\'aviditas\'','BTV_0c2a2a2c3246be0e7fd06c901a1e0fb4',192595),('\'ThatDeadGuy\'','\'ThatDeadGuy\'','BTV_41116746e099057f1870d9d1bd4e0dcb',192596),('\'Ben Bornholm\'','\'Ben Bornholm\'','BTV_30ed43eda7951c1111c836d4f60db547',192597),('\'CerealKiller\'','\'CerealKiller\'','BTV_30ed43eda7951c1111c836d4f60db547',192598),('\'kobaltfox\'','\'kobaltfox\'','BTV_30ed43eda7951c1111c836d4f60db547',192599),('\'plug\'','\'plug\'','BTV_30ed43eda7951c1111c836d4f60db547',192600),('\'aviditas\'','\'aviditas\'','BTV_c447a0aa6b4373e49a8ee60d0b0e2f50',192601),('\'plug\'','\'plug\'','BTV_c447a0aa6b4373e49a8ee60d0b0e2f50',192602),('\'Oldmonk\'','\'Oldmonk\'','BTV_44807acbc006daa67477ff3aefb04924',192603),('\'ChocolateCoat\'','\'ChocolateCoat\'','BTV_3384fbfe2c10f4b4518415ee17b66542',192604),('\'CountZ3r0\'','\'CountZ3r0\'','BTV_3384fbfe2c10f4b4518415ee17b66542',192605),('\'Cyb3rhawk\'','\'Cyb3rhawk\'','BTV_3384fbfe2c10f4b4518415ee17b66542',192606),('\'juju43\'','\'juju43\'','BTV_d3e12b5004049e830c6904f2429c74be',192607),('\' \'','\' \'','BTV_b9bc349831d108bfa397541ac4c1885f',192608),('\'Cyb3rhawk\'','\'Cyb3rhawk\'','BTV_000867dc79de4efa28a982469d5dee51',192609),('\'Danny D. \"B4nd1t0\" Henderson Jr\'','\'Danny D. \"B4nd1t0\" Henderson Jr\'','BTV_b1ec85c696e12321767e623c45cd6624',192610),('\'Omenscan\'','\'Omenscan\'','BTV_b1ec85c696e12321767e623c45cd6624',192611),('\'CerealKiller\'','\'CerealKiller\'','BTV_53614a1364ee80c83c569e9af23f5047',192612),('\'kobaltfox\'','\'kobaltfox\'','BTV_f9bcf4e3046fb0b65855a2210b24ed7a',192613),('\'juju43\'','\'juju43\'','BTV_85bb6fc972a559fe9c9c88960738574a',192614),('\'Charlie\'','\'Charlie\'','BTV_d7169b90e69fdc75775345fd10e0f90a',192615),('\'Lauren Proehl\'','\'Lauren Proehl\'','BTV_d7169b90e69fdc75775345fd10e0f90a',192616),('\'Mick/nohackme\'','\'Mick/nohackme\'','BTV_d7169b90e69fdc75775345fd10e0f90a',192617),('\'Silas Cutler\'','\'Silas Cutler\'','BTV_d7169b90e69fdc75775345fd10e0f90a',192618),('\'Litmoose\'','\'Litmoose\'','BTV_f160350dc1279f5885a8e386e38e42a8',192619),('\'Matt \"dis0wn\" Wagenknecht\'','\'Matt \"dis0wn\" Wagenknecht\'','BTV_f160350dc1279f5885a8e386e38e42a8',192620),('\'Tina \"Mugwump Jones\" Velez\'','\'Tina \"Mugwump Jones\" Velez\'','BTV_f160350dc1279f5885a8e386e38e42a8',192621),('\'Unnamed user\'','\'Unnamed user\'','BTV_f160350dc1279f5885a8e386e38e42a8',192622),('\'plug\'','\'plug\'','BTV_48929548a2c7809b82fd11fadefb802f',192623),('\'sandw1ch\'','\'sandw1ch\'','BTV_48929548a2c7809b82fd11fadefb802f',192624),('\' \'','\' \'','BTV_af3ac677bfefbbd54ea6ee4aa8aacfeb',192625),('\'Omenscan\'','\'Omenscan\'','BTV_9c1bbe2b2c2119cbeb13dbb7410d6f29',192626),('\'SamunoskeX\'','\'SamunoskeX\'','BTV_a821a6ddaaf501c5288521c4533f85f4',192627),('\'Cyb3rhawk\'','\'Cyb3rhawk\'','BTV_e7e46b27f8ca2f2b6f263aba2e6a229a',192628),('\'Danny D. \"B4nd1t0\" Henderson Jr\'','\'Danny D. \"B4nd1t0\" Henderson Jr\'','BTV_80fd2bec1a731d6bea3f1b8611804838',192629),('\'Gyle_dC\'','\'Gyle_dC\'','BTV_80fd2bec1a731d6bea3f1b8611804838',192630),('\' \'','\' \'','BTV_9ce62c90172ae2c4481a3b8a43fd8360',192631),('\'Dave Collins\'','\'Dave Collins\'','BTV_d6e961f925410fa1f111a4979fea697e',192632),('\'Gwyddia\'','\'Gwyddia\'','BTV_d6e961f925410fa1f111a4979fea697e',192633),('\'Litmoose\'','\'Litmoose\'','BTV_d6e961f925410fa1f111a4979fea697e',192634),('\'Matt Mahler\'','\'Matt Mahler\'','BTV_d6e961f925410fa1f111a4979fea697e',192635),('\'Nathan Case\'','\'Nathan Case\'','BTV_d6e961f925410fa1f111a4979fea697e',192636),('\'Nina Alli\'','\'Nina Alli\'','BTV_d6e961f925410fa1f111a4979fea697e',192637),('\'Shea Nangle\'','\'Shea Nangle\'','BTV_d6e961f925410fa1f111a4979fea697e',192638),('\'ThatDeadGuy\'','\'ThatDeadGuy\'','BTV_5de343645d0f243cc53dc33ef0b0c1c0',192639),('\'Alissa Torres\'','\'Alissa Torres\'','BTV_a2e2d0a0dd4531fdbd0b6c5f39b1b36c',192640),('\'Carson Zimmerman\'','\'Carson Zimmerman\'','BTV_a2e2d0a0dd4531fdbd0b6c5f39b1b36c',192641),('\'Christopher Crowley\'','\'Christopher Crowley\'','BTV_a2e2d0a0dd4531fdbd0b6c5f39b1b36c',192642),('\'Russ McRee\'','\'Russ McRee\'','BTV_a2e2d0a0dd4531fdbd0b6c5f39b1b36c',192643),('\' \'','\' \'','HHV_a862db7fa5a53c212be8b26b7149c188',192644),('\' \'','\' \'','HHV_7eff67ed6b03b977e13e755c940bb12a',192645),('\' \'','\' \'','HHV_4d21e117e352985925070a4f814ef6b6',192646),('\' \'','\' \'','HHV_28765869a13b08ac09c319cfb1aad84c',192647),('\' \'','\' \'','HHV_3791ab3a0800747dfffe6ff9ed9b28ce',192648),('\' \'','\' \'','HHV_6f261e9e1be64b550aa258ade00bb121',192649),('\' \'','\' \'','HHV_c6b2e72b4f64984af24c6dde03b72d62',192650),('\' \'','\' \'','HHV_59e8882f7780ce2550d4c5d46a8245df',192651),('\' \'','\' \'','HHV_ec707d637ef43d13506b870d980279dc',192652),('\'Harshit Mahajan\'','\'Harshit Mahajan\'','TCV_f8a601a434ce6b19ed52cf751f553843',192653),('\'Akib Sayyed\'','\'Akib Sayyed\'','TCV_8a2982b182bc40e29c5a5c464fd332fe',192654),('\'Zibran Sayyed\'','\'Zibran Sayyed\'','TCV_8a2982b182bc40e29c5a5c464fd332fe',192655),('\'Akib Sayyed\'','\'Akib Sayyed\'','TCV_82d4e65039892de05b38ec106ef2ba1b',192656),('\'Zibran Sayyed\'','\'Zibran Sayyed\'','TCV_82d4e65039892de05b38ec106ef2ba1b',192657),('\'Akib Sayyed\'','\'Akib Sayyed\'','TCV_3622a8466ccc2f309b6dc20c4b58d8e6',192658),('\'Zibran Sayyed\'','\'Zibran Sayyed\'','TCV_3622a8466ccc2f309b6dc20c4b58d8e6',192659),('\'Utku Y\'','\'Utku Y\'','TCV_8f292e529a6adcddea291c0ebbf9e668',192660),('\'Akib Sayyed\'','\'Akib Sayyed\'','TCV_fff487f49a5edccc2cac309c87f9db5b',192661),('\'Zibran Sayyed\'','\'Zibran Sayyed\'','TCV_fff487f49a5edccc2cac309c87f9db5b',192662),('\'Akib Sayyed\'','\'Akib Sayyed\'','TCV_0abfb4f8c53467b94415bdf50c3fbb4d',192663),('\'Zibran Sayyed\'','\'Zibran Sayyed\'','TCV_0abfb4f8c53467b94415bdf50c3fbb4d',192664),('\'Akib Sayyed\'','\'Akib Sayyed\'','TCV_d8d6371095ea12079204ee42b8eab031',192665),('\'Zibran Sayyed\'','\'Zibran Sayyed\'','TCV_d8d6371095ea12079204ee42b8eab031',192666),('\'Ajit Hatti\'','\'Ajit Hatti\'','TCV_79fad03e1af278b71cfa0370241c71df',192667),('\'Akib Sayyed\'','\'Akib Sayyed\'','TCV_79fad03e1af278b71cfa0370241c71df',192668),('\'David Rogers\'','\'David Rogers\'','TCV_79fad03e1af278b71cfa0370241c71df',192669),('\'Galina Pildush\'','\'Galina Pildush\'','TCV_79fad03e1af278b71cfa0370241c71df',192670),('\' \'','\' \'','TEV_9e3aadafeab5735d14fe1d6df4f5781c',192671),('\' \'','\' \'','TEV_177546043a164569921f4700d90a42b6',192672),('\' \'','\' \'','TEV_6e6259432807fd81bab14ee4003da7e8',192673),('\' \'','\' \'','ESV_5b6e407ccf483951a65b89a7e29bbd36',192674),('\' \'','\' \'','ESV_8b9e45074f84aedfce0f6b652536ba47',192675),('\' \'','\' \'','ESV_d31e2330bcadd2339e7276fe93d9b0d8',192676),('\'Lozaning\'','\'Lozaning\'','RFV_51b282240e1547c6e599de9f1b6b8e8e',192677),('\'Wasabi\'','\'Wasabi\'','RFV_97930e269f910fbdeb986386fac6abff',192678),('\'Ark (from WiGLE)\'','\'Ark (from WiGLE)\'','RFV_a7e49b51edb89fe96275a6381750bd9e',192679),('\'wytshadow\'','\'wytshadow\'','RFV_a7e49b51edb89fe96275a6381750bd9e',192680),('\'Eric Escobar\'','\'Eric Escobar\'','RFV_08d2c2dcd228d502fce5eec568032774',192681),('\'Travis Weathers\'','\'Travis Weathers\'','RFV_5db501ce96930344ab23add0d36d9170',192682),('\'Segfault\'','\'Segfault\'','RFV_1b3bd37ceeb791b5736bbbe22f97bece',192683),('\'Woody\'','\'Woody\'','RFV_436f94c64b208db911a55126be4e338f',192684),('\'bkobe\'','\'bkobe\'','RFV_c47cb005762e36fbe2f32cb605f1ae37',192685),('\'Kent\'','\'Kent\'','RFV_a4dac1d845a9797b7c9b2e79cd05b13e',192686),('\'RF Village Staff\'','\'RF Village Staff\'','RFV_1789e900972fb02dedbcc241e6197c70',192687),('\' \'','\' \'','HHV_55ed800dc10ecc9af2b6cbdae54617bc',192688),('\' \'','\' \'','HHV_9d6578a845c1f90722d78d5d4275808c',192689),('\' \'','\' \'','HHV_aba4ecab8ea2be8234de27b261c9da2d',192690),('\'Chloé Messdaghi\'','\'Chloé Messdaghi\'','MIV_82df548de45bda26ff56ede88b35c34d',192691),('\'Adam Rose\'','\'Adam Rose\'','MIV_fd745a69f668c8ca204c705bd598c32e',192692),('\'Misinformation Village Staff\'','\'Misinformation Village Staff\'','MIV_77d9816ba70086102ca70ce478c0195f',192693),('\'Misinformation Village Staff\'','\'Misinformation Village Staff\'','MIV_d026f466981ae9f8bc899f1da8e64932',192694),('\'Greg Carpenter\'','\'Greg Carpenter\'','MIV_302ceb403cb0a6efb32dd2704dc07b3b',192695),('\'Misinformation Village Staff\'','\'Misinformation Village Staff\'','MIV_cb8068596c8f3e1881ab7eccc152699d',192696),('\'Darren Linvill\'','\'Darren Linvill\'','MIV_f2c405ed5244919d5ca29965e5d4bafc',192697),('\'Kieran Green\'','\'Kieran Green\'','MIV_134a1cd6e55bcbabf781143d17fe1b3f',192698),('\'Michael Morgenstern\'','\'Michael Morgenstern\'','MIV_2ac40eb21ecaf1a33062ca7fb5515b5e',192699),('\'Eric Curwin\'','\'Eric Curwin\'','MIV_73484f6e96fc2c7fc9858cd08aa38004',192700),('\'Andrea Downing\'','\'Andrea Downing\'','MIV_bd9e37198d8758e1d5b5476517619b98',192701),('\'Douglas Bernardini\'','\'Douglas Bernardini\'','MIV_72053e3420c276afab1e14fb84e447b7',192702),('\'Daniel Isler\'','\'Daniel Isler\'','MIV_2afd0d2d46938e8118470d28099bbb7e',192703),('\'Shea Nangle\'','\'Shea Nangle\'','MIV_b4d597acc369306f25f0b42a80764f05',192704),('\'Micah Lee\'','\'Micah Lee\'','MIV_192384afd84d08165dc07998a4afbc57',192705),('\'Misinformation Village Staff\'','\'Misinformation Village Staff\'','MIV_79de27a2e88b656785a8a15914ab04c6',192706),('\'Paula González Nagore\'','\'Paula González Nagore\'','MIV_d5da417224efbff921a090f07612c7f0',192707),('\'Travis Allen\'','\'Travis Allen\'','MIV_d279f991b0125a401254eb8378e76509',192708),('\'Joel Benge\'','\'Joel Benge\'','MIV_196d8009207a0523ca99171c665bef86',192709),('\'Vardon Hamdiu\'','\'Vardon Hamdiu\'','MIV_310d63767e5e30284e394642e29a997e',192710),('\'Ben D. Sawyer\'','\'Ben D. Sawyer\'','MIV_fe8275ad21c73e7f80fb725cf74b98e1',192711),('\'Matthew Canham\'','\'Matthew Canham\'','MIV_fe8275ad21c73e7f80fb725cf74b98e1',192712),('\'Carlos Galán\'','\'Carlos Galán\'','MIV_635bca05c1953600f9740b6b6c072e40',192713),('\'TOOOL\'','\'TOOOL\'','LPV_09ac44ae7d97cc67318eda1d3b612996',192714),('\'TOOOL\'','\'TOOOL\'','LPV_1906a5c1feeb2dece584f2ed7c91cc6d',192715),('\'TOOOL\'','\'TOOOL\'','LPV_e5d9ec0314638350378ed99fcb419a64',192716),('\'TOOOL\'','\'TOOOL\'','LPV_5e7c6b9648d91467471ae0ca19d6ceec',192717),('\'TOOOL\'','\'TOOOL\'','LPV_5a6567688b5eb303af4359e36070aef7',192718),('\'TOOOL\'','\'TOOOL\'','LPV_1a940ecb94558cabc401ff63a900b79c',192719),('\'TOOOL\'','\'TOOOL\'','LPV_f4a45d2df83197879fa97488814fdb7c',192720),('\'Christopher Forte\'','\'Christopher Forte\'','LPV_0b1192e8bba17c2aade2820ba1b6c362',192721),('\'Dylan Baklor\'','\'Dylan Baklor\'','LPV_c7bc3252556bdb2112935803a81b0f92',192722),('\'jos weyers\'','\'jos weyers\'','LPV_b2f9f52cf3d6d5b319e238d1a563ebec',192723),('\'Deviant Ollam\'','\'Deviant Ollam\'','LPV_f8d1e992a83715a454c1257f7adfb04c',192724),('\'Jared Dygert\'','\'Jared Dygert\'','LPV_56eb7930dae9f028486aee4272044078',192725),('\'Jared Dygert\'','\'Jared Dygert\'','LPV_4b026553dff26f93e4ea04b39ab45458',192726),('\' \'','\' \'','MISC_fa800a68eb746f118718f9c9f80bf8a9',192727),('\'Ari Herbert-Voss\'','\'Ari Herbert-Voss\'','AIV_686b736e3f2294abdff23485a6685790',192728),('\'Shane Caldwell\'','\'Shane Caldwell\'','AIV_686b736e3f2294abdff23485a6685790',192729),('\' \'','\' \'','AIV_fab72f3099952e4cfc3343fde58f81c9',192730),('\' \'','\' \'','AIV_8af87042394726da231b53ad08f705da',192731),('\' \'','\' \'','AIV_8ec07e78622127ace84570c67583c8a1',192732),('\' \'','\' \'','MISC_e0618b8acfe6378b45fe4d71c5fa09a9',192733),('\' \'','\' \'','CON_7bcca7c414e7ccb9fa2902e60b1fd27e',192734),('\' \'','\' \'','CON_6fde54c91eb2692242ba87b00f89de6d',192735),('\' \'','\' \'','MISC_dc86531e7342b531cd6f77e2b95f6696',192736),('\' \'','\' \'','LPV_4309608e0bcf494df3728ff2fa0b13bb',192737),('\' \'','\' \'','LPV_8906ba17f659a30437f56c67737e738d',192738),('\' \'','\' \'','LPV_23dea0be1c5d831922ca6df60c860fc7',192739),('\'Misinformation Village Staff\'','\'Misinformation Village Staff\'','MIV_5d20d79bddf273ff9a4db8c974cd874f',192740),('\'Maria Markstedter\'','\'Maria Markstedter\'','MISC_b3c003dfa92aa5a1b33c928f666e887b',192741),('\'Cory Doctorow\'','\'Cory Doctorow\'','MISC_b7138bb3c85577c3dc6791b19ba30b33',192742),('\' \'','\' \'','XRV_2c45b645c47e804688a7e4b0dc92a96f',192743),('\' \'','\' \'','XRV_a30e2b1a5a6bec4cd671582b9744a148',192744),('\' \'','\' \'','XRV_c1616fb230d380769c45ece59af16c89',192745),('\' \'','\' \'','XRV_a5ddd69db8bbf658bcb44046b3a29aee',192746),('\' \'','\' \'','XRV_4f546fcc299b8a674a342afbb3030d00',192747),('\' \'','\' \'','XRV_4f1c092353098111688bc0de68db931c',192748),('\' \'','\' \'','XRV_93f0701d56402b3f5068e13c19fbf570',192749),('\' \'','\' \'','XRV_23a710f24c40ad83758e97081cca19a0',192750),('\' \'','\' \'','XRV_8d07b146bcabc0cfd63209db1ef29c63',192751),('\' \'','\' \'','XRV_c3a10f593fb5ab4efa30cbfe82aeef27',192752),('\' \'','\' \'','PHV_9261e7aad50a689c5f2ccab7744a975f',192753),('\' \'','\' \'','PHV_ed2245370dca51400f531a739ca05789',192754),('\' \'','\' \'','PHV_19d5a4aea4beb452a97cf8ad0d8e5e36',192755),('\' \'','\' \'','CON_8e48dd0e453b974ef43f0949e9d076ec',192756),('\' \'','\' \'','CON_bf6c7b35440ecb9c3af5dd904475c9ec',192757),('\'Charles Smith\'','\'Charles Smith\'','VMV_90af42195d8ba127ad63c30877fcaca2',192758),('\'Dan Meidenbauer\'','\'Dan Meidenbauer\'','VMV_90af42195d8ba127ad63c30877fcaca2',192759),('\'Tailor Herrarte\'','\'Tailor Herrarte\'','VMV_aca50a625655134f504b98d559bb44cb',192760),('\'Harri Hursti\'','\'Harri Hursti\'','VMV_a8a2e3157078ca9f04ad5ac64fc75e5e',192761),('\'Joe Schniebes\'','\'Joe Schniebes\'','VMV_cc33cf4898681fac5a8f43af2aec4eab',192762),('\'Kendall Spencer\'','\'Kendall Spencer\'','VMV_4dda860190ca402021523b2589f5c920',192763),('\'William Baggett\'','\'William Baggett\'','VMV_edaff2baea5823c9a6cd0d2a50849623',192764),('\'John Medcalf\'','\'John Medcalf\'','VMV_d750ed66c7a50484af88055674186400',192765),('\'Constantine Nicolaidis\'','\'Constantine Nicolaidis\'','VMV_6e5fb19b3b6e130052c1b512820b657a',192766),('\'D9\'','\'D9\'','VMV_f4d91868a220ee18d3e15772c55cbb90',192767),('\'Amanda Glazer\'','\'Amanda Glazer\'','VMV_27205fcfc0a98e986a41e6fc8cede194',192768),('\'Carsten Schürmann\'','\'Carsten Schürmann\'','VMV_bf80771f4777e3baf64cf79de3b9e1b6',192769),('\'Ashlee Benge\'','\'Ashlee Benge\'','VMV_7900895b2ebb523fdae8d5402109abf5',192770),('\'John Odum\'','\'John Odum\'','VMV_4b708d4bc6c8998df46d93200f655807',192771),('\'John Medcalf\'','\'John Medcalf\'','VMV_13c354f17d87229aad513cfd22385a9f',192772),('\'Michael Moore\'','\'Michael Moore\'','VMV_566c145446b0085e3147176a54eeb2db',192773),('\'Antigone Peyton\'','\'Antigone Peyton\'','VMV_cc385ed82389d52abc2280749ce3da97',192774),('\'Harri Hursti\'','\'Harri Hursti\'','VMV_42f884d66593053df17a2675406542f2',192775),('\'Joe Schniebes\'','\'Joe Schniebes\'','VMV_0726fde7af856fc33d94e0d7ca5244ed',192776),('\'Maia Mazurkiewicz\'','\'Maia Mazurkiewicz\'','VMV_0726fde7af856fc33d94e0d7ca5244ed',192777),('\'Michael Moore\'','\'Michael Moore\'','VMV_0726fde7af856fc33d94e0d7ca5244ed',192778),('\'Catherine Terranova\'','\'Catherine Terranova\'','VMV_8e411b6eccaa9916f8fa0371d4ec8a61',192779),('\'Hallie Stern\'','\'Hallie Stern\'','VMV_8e411b6eccaa9916f8fa0371d4ec8a61',192780),('\'Rebecca Scott Thein\'','\'Rebecca Scott Thein\'','VMV_8e411b6eccaa9916f8fa0371d4ec8a61',192781),('\'Sandra Khalil\'','\'Sandra Khalil\'','VMV_8e411b6eccaa9916f8fa0371d4ec8a61',192782),('\'Sarah Amos\'','\'Sarah Amos\'','VMV_8e411b6eccaa9916f8fa0371d4ec8a61',192783),('\'Brian Stearns\'','\'Brian Stearns\'','VMV_ac6875e5702b6c39275a110d852343ab',192784),('\'Charles Smith\'','\'Charles Smith\'','VMV_ac6875e5702b6c39275a110d852343ab',192785),('\'Eric Davis\'','\'Eric Davis\'','VMV_ac6875e5702b6c39275a110d852343ab',192786),('\'Glenn Borskey\'','\'Glenn Borskey\'','VMV_ac6875e5702b6c39275a110d852343ab',192787),('\'Jon A.\'','\'Jon A.\'','VMV_ac6875e5702b6c39275a110d852343ab',192788),('\'David Jefferson\'','\'David Jefferson\'','VMV_02f4745d874090f89cf4dd15bef9dd72',192789),('\'Harri Hursti\'','\'Harri Hursti\'','VMV_02f4745d874090f89cf4dd15bef9dd72',192790),('\'Matt Blaze\'','\'Matt Blaze\'','VMV_02f4745d874090f89cf4dd15bef9dd72',192791),('\'Susan Greenhalgh\'','\'Susan Greenhalgh\'','VMV_02f4745d874090f89cf4dd15bef9dd72',192792),('\'Eric Davis\'','\'Eric Davis\'','VMV_4502995c7129dcfcd419d88cdd8497b6',192793),('\'Hallie Stern\'','\'Hallie Stern\'','VMV_4502995c7129dcfcd419d88cdd8497b6',192794),('\'Omri Preiss\'','\'Omri Preiss\'','VMV_4502995c7129dcfcd419d88cdd8497b6',192795),('\'Theodora Skeadas\'','\'Theodora Skeadas\'','VMV_4502995c7129dcfcd419d88cdd8497b6',192796),('\'Ashlee Benge\'','\'Ashlee Benge\'','VMV_115c7bcc5afd58f5f09ec823432e666d',192797),('\'Jake Braun\'','\'Jake Braun\'','VMV_115c7bcc5afd58f5f09ec823432e666d',192798),('\'John Odum\'','\'John Odum\'','VMV_115c7bcc5afd58f5f09ec823432e666d',192799),('\'Michael Moore\'','\'Michael Moore\'','VMV_115c7bcc5afd58f5f09ec823432e666d',192800),('\'Catherine Terranova\'','\'Catherine Terranova\'','VMV_ec97ccb7241c1193c8f892a30d70e740',192801),('\'Maia Mazurkiewicz\'','\'Maia Mazurkiewicz\'','VMV_ec97ccb7241c1193c8f892a30d70e740',192802),('\'Maria Bique\'','\'Maria Bique\'','VMV_ec97ccb7241c1193c8f892a30d70e740',192803),('\'Sandra Khalil\'','\'Sandra Khalil\'','VMV_ec97ccb7241c1193c8f892a30d70e740',192804),('\'Bryson Bort\'','\'Bryson Bort\'','VMV_87c073a9bd9d3863e33dfca9cf437994',192805),('\'Chris Krebs\'','\'Chris Krebs\'','VMV_87c073a9bd9d3863e33dfca9cf437994',192806),('\'Kendall Spencer\'','\'Kendall Spencer\'','VMV_87c073a9bd9d3863e33dfca9cf437994',192807),('\'Maia Mazurkiewicz\'','\'Maia Mazurkiewicz\'','VMV_87c073a9bd9d3863e33dfca9cf437994',192808),('\'Catherine Terranova\'','\'Catherine Terranova\'','VMV_415d9164b2ac475b6051abac47065cb4',192809),('\'Harri Hursti\'','\'Harri Hursti\'','VMV_415d9164b2ac475b6051abac47065cb4',192810),('\'Matt Blaze\'','\'Matt Blaze\'','VMV_415d9164b2ac475b6051abac47065cb4',192811),('\'Catherine Terranova\'','\'Catherine Terranova\'','VMV_163a2d3d74b0c224e0cbb5f8e80e5702',192812),('\'Harri Hursti\'','\'Harri Hursti\'','VMV_163a2d3d74b0c224e0cbb5f8e80e5702',192813),('\'Matt Blaze\'','\'Matt Blaze\'','VMV_163a2d3d74b0c224e0cbb5f8e80e5702',192814),('\'Craig Martell\'','\'Craig Martell\'','DC_0b7f0abb2e028e5abc77867d1802ed99',192815),('\'Dan Norte\'','\'Dan Norte\'','HRV_9039bb67c1fe8f65b82bec186a972785',192816),('\'Lucas Gahler\'','\'Lucas Gahler\'','HRV_9039bb67c1fe8f65b82bec186a972785',192817),('\' \'','\' \'','CON_164a5ddacc8558b25b5064468341aa3d',192818),('\' \'','\' \'','CON_107f8f5cdd314ae3ce5cdbccaf4db07a',192819),('\'James Moran\'','\'James Moran\'','TCV_42cb19bc0ca5a0a6e3f7ac4d640496b9',192820),('\'Amanda Glazer\'','\'Amanda Glazer\'','VMV_df8cc787a91cc8924d280555192ec10d',192821),('\'Karen\'','\'Karen\'','PSV_06ff5b1a9fc8cb10debd47238a50c70a',192822),('\'Karen\'','\'Karen\'','PSV_7f5f94344c197db8ee0a7b2d3d299a58',192823),('\'Chad\'','\'Chad\'','PSV_63113feefd4726697bee38ad55fc05d3',192824),('\'Shortman\'','\'Shortman\'','PSV_63113feefd4726697bee38ad55fc05d3',192825),('\'Dan\'','\'Dan\'','PSV_98a87d424d487daf2ecfccaa41dc5844',192826),('\'Langston \"Shock\" Clement\'','\'Langston \"Shock\" Clement\'','PSV_98a87d424d487daf2ecfccaa41dc5844',192827),('\'Chad\'','\'Chad\'','PSV_f20ca48d62bc62a30c8ecbf382a5b194',192828),('\'Shortman\'','\'Shortman\'','PSV_f20ca48d62bc62a30c8ecbf382a5b194',192829),('\'Ege\'','\'Ege\'','PSV_9bac34440837a0c1ff3d2d746d445c9d',192830),('\'Brian Halbach\'','\'Brian Halbach\'','PSV_72c888ec0244ebac804ed66748f88112',192831),('\'Jarvis\'','\'Jarvis\'','PSV_c3af3a9d55d373b77d541550ac4c4074',192832),('\'Malcolm\'','\'Malcolm\'','PSV_c3af3a9d55d373b77d541550ac4c4074',192833),('\'Terry\'','\'Terry\'','PSV_d089655e991affda24dc09c44aa70033',192834),('\'Ege\'','\'Ege\'','PSV_d30436f0f82a550bc668aecc4001381d',192835),('\'Karen\'','\'Karen\'','PSV_ac8e4b1e97d5a843d2c173ead1be8d67',192836),('\'Bill Graydon\'','\'Bill Graydon\'','PSV_cb832d5925d947bc69cc18f12478c030',192837),('\'Chad\'','\'Chad\'','PSV_ddd834de576977a9e77bca6df6b12516',192838),('\'Shortman\'','\'Shortman\'','PSV_ddd834de576977a9e77bca6df6b12516',192839),('\'Terry\'','\'Terry\'','PSV_2ea1bdac10a02307628ac9872ac6429c',192840),('\'Ege\'','\'Ege\'','PSV_ef6daff2d432bf6294ab68091463d015',192841),('\' \'','\' \'','MISC_92be3841ce396715c08eb331a7253992',192842),('\' \'','\' \'','CON_bd6de46ebc6de51c7810498dfe944ca2',192843),('\' \'','\' \'','CON_005c844c28a5f48ea045a7fc7ce90fa3',192844),('\' \'','\' \'','PSV_c88193ba4313b324311806bee72ceb83',192845),('\' \'','\' \'','PSV_11c070d656c647016d058aa6bd7e6641',192846),('\' \'','\' \'','PSV_6900e1904bf57c6903d883ef16cdf71c',192847),('\'Dave Weston\'','\'Dave Weston\'','DC_1dfa739f373f77fd0f799bce10309ad8',192848),('\'Heather Adkins\'','\'Heather Adkins\'','DC_1dfa739f373f77fd0f799bce10309ad8',192849),('\'Matthew Knight\'','\'Matthew Knight\'','DC_1dfa739f373f77fd0f799bce10309ad8',192850),('\'Michael Sellitto\'','\'Michael Sellitto\'','DC_1dfa739f373f77fd0f799bce10309ad8',192851),('\'Omkhar Arasaratnam\'','\'Omkhar Arasaratnam\'','DC_1dfa739f373f77fd0f799bce10309ad8',192852),('\'Perri Adams\'','\'Perri Adams\'','DC_1dfa739f373f77fd0f799bce10309ad8',192853),('\'Vijay Bolina\'','\'Vijay Bolina\'','DC_1dfa739f373f77fd0f799bce10309ad8',192854),('\' \'','\' \'','MISC_4af1f1cafbb9df57b2128cb97e292612',192855),('\' \'','\' \'','MISC_91f1dba2127d295b01743a5eb2ec5df1',192856),('\' \'','\' \'','MISC_a52b0f1d06e2453ff1e326943f657dd4',192857),('\'Rafal Janik\'','\'Rafal Janik\'','QTV_001642527e1b158967c63298b2e68cc4',192858),('\'David Jefferson\'','\'David Jefferson\'','VMV_f153698f351ee084af2bc79ad9cc3770',192859),('\'Drew Springall\'','\'Drew Springall\'','VMV_f153698f351ee084af2bc79ad9cc3770',192860),('\'Richard DeMillo\'','\'Richard DeMillo\'','VMV_f153698f351ee084af2bc79ad9cc3770',192861),('\'KitKat\'','\'KitKat\'','HRV_02e2f50ecdb98339aa1ac5d2bbcdf794',192862),('\'KitKat\'','\'KitKat\'','HRV_cfddd9aa4e7e568d9e10c1e4fa5e1ed1',192863),('\'Lewis Ardern\'','\'Lewis Ardern\'','APV_8501b605694f5549d51f1a443fc2ab63',192864),('\'Chris Roberts\'','\'Chris Roberts\'','APV_ad6d49acdb49dbf2a7dbb063e5560695',192865),('\'Maril Vernon\'','\'Maril Vernon\'','APV_b2952fa6c014c8dba691d4f9e8cac93d',192866),('\'Pentera\'','\'Pentera\'','APV_d760dfe56c3165bb30a0a77af8445bea',192867),('\'David Joseph\'','\'David Joseph\'','QTV_958513756869028daa4a8a6cab4ac7ae',192868),('\'Troy Mills\'','\'Troy Mills\'','QTV_958513756869028daa4a8a6cab4ac7ae',192869),('\'Konstantinos Karagiannis\'','\'Konstantinos Karagiannis\'','QTV_0a35434698d11fa3f07e68a78892ef50',192870),('\'Rafal Janik\'','\'Rafal Janik\'','QTV_0a35434698d11fa3f07e68a78892ef50',192871),('\'Kat Fitzgerald\'','\'Kat Fitzgerald\'','CLV_86259f637d622ae43acdc2fdf8465c61',192872),('\'Scheme\'','\'Scheme\'','VMV_507bce01e83bd1a44bc7ea17d954045a',192873); /*!40000 ALTER TABLE `speakers` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `training` -- DROP TABLE IF EXISTS `training`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `training` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Name` varchar(200) COLLATE utf8_unicode_ci NOT NULL, `ForumPage` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `ForumArticle` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `Webpage` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `Weblink` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `ImagePath` varchar(30) COLLATE utf8_unicode_ci NOT NULL, `Descript` varchar(20000) COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=491 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `training` -- LOCK TABLES `training` WRITE; /*!40000 ALTER TABLE `training` DISABLE KEYS */; INSERT INTO `training` VALUES (455,'\'Bobby Thomas, Matthew Lamanna, Kyle Smathers, Nathan Johnson - Cyber Threat Intelligence A... $1,900\'','\'https://forum.defcon.org/node/245926\'','\'https://forum.defcon.org/node/245926\'','','','','\'\nURL=\nhttps://training.defcon.org/products...nalysis-course\n
\n
\n[quote=URL]
\n\nName of Training\n:
\nCyber Threat Intelligence Analysis Course
\n
\n\nDescription\n:
\nThis course presents the fundamentals of cyber threat intelligence (CTI) and guides analysts in the application of intelligence to enable proactive defensive operations and support incident response.
\n
\n\nTraining description\n:
\nThis course presents the fundamentals of cyber threat intelligence (CTI) and guides analysts in the application of intelligence to enable proactive defensive operations and support incident response. The threat environment is growing more complex and correspondingly, costs to businesses affected by malevolent activity is also increasing. Intelligence is information that has been analyzed and refined to meet the needs of the cyber defenders and/or decision makers. Cyber Threat Intelligence should use the intelligence operations cycle of Planning and Direction, Collection, Processing and Exploitation, Analysis and Production, Dissemination and Integration, and Evaluation and Feedback to facilitate its mission. The end state should characterize, investigate, and attribute indicators of compromise (IOCs) to advanced persistent threats (APTs) and the application of adversarial profiles to tactics, techniques, and procedures (TTPs) in order to proactively defend networks. CTI analysts should work to identify and generate threats relevant to client requirements, illuminating adversary’s exploitation methodology and motivation, applying them in a structured way not only to integrate but to drive an organization’s DCO posture.
\nThis course applies the intelligence cycle to the full-spectrum exercise of proactive network defense. When properly employed, this process fosters a cyber environment of pre-emptive action. Network defenders and operators are provided with the necessary tactics, techniques, and procedures (TTPs) to generate timely and relevant intelligence. Such intelligence informs stakeholders and applies network fortifications before compromise.
\n\nTrainer(s) bio\n:
\nDeloitte is recognized as a global leader in Security Consulting, Cybersecurity Incident Response Services, Managed Cloud Services, and Strategic Risk Management Consulting. Deloitte is considered one of the “Big Four” accounting firms and is the largest professional services organization in the world.
\nBobby Thomas
\n20+ years of experience in Cyber Security Career Field. Bobby served with the Air Force where he was a Cyber Operator most of his career. He was also a previous Intelligence Analyst with the Air Force. Bobby currently works for Deloitte as a Hunt Instructor. He enjoys working out and traveling with his family. Their favorite vacation spot is anywhere there are relaxing beaches and good restaurants to visit.
\nCISSP:
\nAwarded July 04, 2022
\nISC2 Member ID 830294
\nNathan Johnson
\n20+ years of experience working in both the government and commercial Cybersecurity industry. Served in the Air Force for 21 years as a Cyber Operator in different operational roles. Nathan most recently worked for the U.S. Space Force (USSF) as the 16\nth\n Air Force Liaison to the USSF Delta 6. Past projects also include implementation and curriculum development for the Air Force Big Data Platform (ELICSAR). Nathan’s current role supports Deloitte’s Strategic Growth Offering as a DCO Hunt curriculum developer and instructor. He is currently enrolled in the SANS Graduate Certificate track in Cybersecurity Engineer (Core) and expects to graduate summer of 2024. His off time includes spending time with family, traveling and cycling.
\nSecurity+:
\nCE Awarded July 02, 2015
\nMember ID COMP001008448250
\nITIL Foundation
\nAwarded April 18, 2012
\nMatthew Lamanna
\nMatt Lamanna is a Specialist Master in Deloitte Risk & Financial Advisory. Current focus areas include business development within New Mexico & Texas as well as being the deputy program manager on the United States Space Force (USSF) Space Operations Command Intelligence and Cyberdefense Enterprise Services (SPICES) contract. Matt is also the cybersecurity lead for a HQ USAF A2/6O Enterprise Digital Transformation project, and Defensive Cyber Operations project. Lastly, he is part of two Deloitte Strategic Growth Offerings; a big data platform and defensive cyber for on-orbit space vehicles.
\nBefore joining Deloitte Matt spent 20 years in the Air Force and retired a Master Sergeant out of the Air Force Operational Test & Evaluation Center, Kirtland AFB, NM. He spent 15 years as a Signals Intelligence Specialist and 5 years in offensive cyberspace operators and cyber threat intelligence.
\nGSEC, Awarded 2013
\nGCIH, Awarded 2013
\nRoot9B OCO Operator, Awarded 2013
\nKyle Smathers
\nBattle tested cybersecurity professional, capabilities developer, and leader. Previously an active duty Air Force Officer of 10 years, current Air Force reserve member. Experienced with state-of-the-art cybersecurity platforms, training and missions. Previously served on a Cyber Protection Team as the lead threat hunter, wrote the requirements for the Air Force’s ‘Interceptor’ hunting platform and taught as a formal training instructor.
\nIn my free time I am either with my family, riding my bicycle or working on a house project.
\nCISSP- Awarded Oct, 2017
\nElastic Certified Analyst – Sept 2022
\nVMWare Certified Professional-Data Center Virtualization – April 2022
\n\nTrainer(s) social media links\n:
\n
\n\nOutline\n:
\n\nDay 1\n:
    \n
  1. \nIntroduction to Threat Intelligence
      \n
    1. \nWhat is Intelligence?
      2. \n
    2. \nIntelligence vs. information vs evidence
      3. \n
    3. \nThe intelligence cycle: Information into intelligence
      4. \n
    4. \nReducing uncertainty
      5. \n
    5. \nBias and Cognition
      6. \n
    \n
    2. \n
  2. \nPlanning and Direction
      \n
    1. \nPlanning and Direction
      2. \n
    2. \nIntelligence planning: Strategic, operational, tactical, and technical
      3. \n
    3. \nPIRs, Irs, EEIs
      4. \n
    4. \nCyber Threat Intelligence (CTI)-driven cyber risk management
      5. \n
    5. \nRisk rating methodologies
      6. \n
    6. \nProject management for intelligence operations
      7. \n
    7. \nCTI support to proactive DCO planning
      8. \n
    8. \nNetwork discovery/Topology
      9. \n
    9. \nThreat assessment/gap analysis
      10. \n
    \n
    3. \n
  3. \nExercise: Risk rating methodology; Explore your security controls; Write and answer a Priority Intelligence Requirements (PIRs)
    4. \n
  4. \nCollection, Processing, and Exploitation
      \n
    1. \nCollection
      2. \n
    2. \nCollection Sources
      3. \n
    3. \nOSINT
      4. \n
    4. \nFurther OSINT resources
      5. \n
    5. \nMitigation strategies/Counterintelligence concerns
      6. \n
    6. \nDedicated cybersecurity intelligence repositories
      7. \n
    7. \nThe Dark Web
      8. \n
    8. \nData collection and analysis
      9. \n
    9. \nMalware collection and forensics
      10. \n
    10. \nMemory forensics
      11. \n
    11. \nProcessing and Exploitation
      12. \n
    \n
    5. \n
  5. \nExercise: Generate Intelligence Collection Requirements (ICRs); Maltego; Research a given domain
    6. \n
\n\nDay 2\n:
    \n
  1. \nAnalysis and Production
      \n
    1. \nAnalysis and Production
      2. \n
    2. \nAnalysis overview
      3. \n
    3. \nCTI Objectives
      4. \n
    4. \nCTI Models and Frameworks
      5. \n
    5. \nStructured Analytic Techniques (SATs)
      6. \n
    6. \nAdditional analytic concepts
      7. \n
    7. \nProduction overview: The writing process
      8. \n
    8. \nEditing and final review
      9. \n
    9. \nCTI production categories
      10. \n
    10. \nIntelligence Community Directive (ICD) 203
      11. \n
    \n
    2. \n
  2. \nExercise: Reporting
    3. \n
  3. \nDissemination, Integration, Evaluation, and Feedback
      \n
    1. \nAnalysis and Production/CTI report categories
      2. \n
    2. \nDissemination and Evaluation/Feedback
      3. \n
    3. \nIntegration
      4. \n
    \n
    4. \n
  4. \nCyber Threats and Network Security Operations
      \n
    1. \nCyber Threats
      2. \n
    2. \nPhishing
      3. \n
    3. \nNetwork Security Operations
      4. \n
    \n
    5. \n
  5. \nFinal Capstone
    6. \n
\n\nTechnical difficulty\n:
\nBeginner
\n\nSuggested Prerequisites\n:
\nBasic understanding of defensive cyber operations or basic understanding of security controls.
\n\nWhat students should bring\n:
\nStudents will need to bring their personal laptops.
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER:\n Bobby Thomas, Matthew Lamanna, Kyle Smathers, Nathan Johnson
\n- 16 hours of training with a certificate of completion.
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
\n
\n
\n​\n\n\n\n\''),(459,'\'Jayson E. Street - Simulated Adversary - Tactics & Tools Training $2,400\'','\'https://forum.defcon.org/node/245922\'','\'https://forum.defcon.org/node/245922\'','','','','\'\nURL=\nhttps://training.defcon.org/products...training-2-400\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nSimulated Adversary - Tactics & Tools Training
\n
\n\nDescription\n:
\nAttendees will learn how adversaries can attack in non-traditional ways.
\n
\n\nTraining description\n:
\nThis class covers all aspects of an engagement, starting with online
\nresearch in a quick and efficient manner. Attendees will learn how
\nadversaries can attack in non-traditional ways. Jayson\'s style focuses on
\neducation over compromise by helping show how to move past finding
\nvulnerabilities into educating and improving the security of the target. The
\nemphasis for this class will be hands-on, real-world examples and
\ndemonstrations that help companies understand the human side of social
\nengineering attacks.
\nTraditional pentest focuses on exposing vulnerabilities and showing how they
\ncan be exploited. A Red Team engagement does a more in-depth simulation of
\nan advanced targeted attack with once again focusing on not just discovering
\npotential weaknesses in the target\'s defenses but giving proof of concepts
\nshowing they can be exploited. Jayson has created the Security Awareness
\nEngagement methodology for a way to show real world threats without actually
\ncompromising or exploiting discovered vulnerabilities in a way that might
\nnegatively impact the company. Instead simulations use non-intrusive
\ndemonstrations that work in tandem with direct and immediate education of
\nThrough the use of hands-on, real-world examples and demonstrations. This
\nclass will go beyond Metasploit, popping shells and zero day exploits,
\nfocusing on the most considerable threat a company faces, the human factor.
\nThis class is not just for pentesters but also for security teams who want
\nto educate their employees. Class activities will introduce students to real
\nworld simulations of how Social Engineering and Physical Compromise attacks
\noccur. Students will also participate in simulations where they use the
\nresults from their labs to execute the attack, an attack with Jayson playing
\nthe roles of the target to compromise.
\n
\n\nTrainer(s) bio\n:
\nJayson E. Street referred to in the past as:
\nA "notorious hacker" by FOX25 Boston, "World Class Hacker" by National
\nGeographic Breakthrough Series and described as a "paunchy hacker" by
\nRolling Stone Magazine. He however prefers if people refer to him simply as
\na Hacker, Helper & Human.
\n
\nThe Chief Chaos Officer of Truesec a global cybersecurity solutions
\nprovider. The author of the "Dissecting the hack: Series" (which is
\ncurrently required reading at 5 colleges in 3 countries that he knows of).
\nAlso the DEF CON Groups Global Ambassador. He\'s spoken at DEF CON, DEF CON
\nChina, GRRCon, SAINTCON & at several other CONs & colleges on a variety of
\nInformation Security subjects. He was also a guest lecturer for the Beijing
\nInstitute of Technology for 10 years.
\n
\nHe loves to explore the world & networks as much as he can. He has
\nsuccessfully robbed banks, hotels, government facilities, Biochemical
\ncompanies, etc.. on five continents (Only successfully robbing the wrong
\nbank in Lebanon once all others he was supposed to)!
\n
\n*He is a highly carbonated speaker who has partaken of Pizza from Bulgaria
\nto Brazil & China to The Canary Islands. He does not expect anybody to still
\nbe reading this far but if they are please note he was proud to be chosen as
\none of Time\'s persons of the year for 2006.
\n
\n\nTrainer(s) social media links\n:
\n\nhttps://twitter.com/\n\njaysonstreet\n : @\njaysonstreet\n
\n\nhttps://defcon.social/@\n\njayson\n : @\ndefcon.social/@jayson\n
\n\nhttps://infosec.exchange/@\n\njaysonestreet\n : @\ninfosec.exchange/@jaysonestreet\n
\n\nhttps://linkedin.com/in/jstreet/\n
\n\nJaysonEStreet.com\n & \nHackerAdventures.World\n
\n
\n\nOutline\n:
\n\nDay 1\n:
\nIntroduction
\nAgenda
\nDifferences
\nWho am I
\nWho are we
\nCurrent State of security awareness
\n
\nModule 1
\nWhat is Social Engineering
\nRed Teaming or Physical Pentest
\nThe human factor
\n
\n
\nModule 2 Recon
\nRecon online
\nRecon in real life
\nPresenting findings
\nCase study
\n
\nLab: Conducting your own recon
\n
\nModule 3 Phishing
\nPhishing for results
\nFinding target
\nImpersonation
\nFinding emotional trigger
\nCase study
\n
\nLab: Constructing a phish using results from Module
\n
\nModule 4: Importance of preparedness
\nPreparing for onsite engagement
\nClarifying scope of work
\nManaging client expectations
\nDefining success
\nGet out of jail free card
\nCase Study
\n
\nLab: \'Creating\' a "Get out of jail free" card
\n
\nModule 5 Weapons of Mass Education & Learning to code in Ducky script
\nAn overview of the tools such as Bash Bunny, Pineapple, OMG cables & rubber
\nducky, Flipper Zero & other useful devices.
\nPurpose of these tools
\nEach student will be given a book on programming in Ducky script.
\nWe will go over several chapters that I will teach from. This will give
\nstudents the understanding and ability to write their own beginner payloads
\nfor the Rubber Ducky.
\nCase study
\n
\n\nDay 2\n:
\n
\nLab: Configuring the Rubber Ducky
\n
\nModule 6 Infiltration of the Location
\nPersona creation
\nPassive infiltration
\nAssertive infiltration
\nLocation infiltration
\nCommitment to your persona
\nLocation
\nTime of attack
\nPopulation onsite
\n
\nLab: Creating your persona for your scenario
\n
\nModule 7 Execution Phase
\nThe attack
\nThe approach
\nThe target
\nDeployment
\nThe escape
\nCase Study
\nLab: Setting the stage and acting it out
\nModule 8 What\'s next?
\nThe aftermath
\nDealing with compromised humans
\nEducating on the spot
\nConveying the lessons to management
\nCovering the findings in a positive way
\nCase Study
\n
\nLab 7: Consoling and educating the compromised
\nClosing
\n
\n\nTechnical difficulty\n:
\nBeginners to start. Intermediate & advanced students to learn new techniques.
\n
\n\nSuggested Prerequisites\n:
\nNone
\n
\n\nWhat students should bring\n:
\nA laptop and a desire to learn! A Hak5 Rubber Ducky will be provided for all
\nstudents.
\n
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n:\n\n Jayson E. Street\n\n
\n\n\n- 16 hours of training with a certificate of completion.
\n- Note: Classes that do not meet their minimum class size by July 15 will be canceled, please register early\n\n \n\n- 2 coffee breaks are provided per day
\n- Note: Food is not included\n\n \nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(460,'\'Korstiaan Stam - Hands-on incident response in the cloud — Microsoft edition $2,250\'','\'https://forum.defcon.org/node/245921\'','\'https://forum.defcon.org/node/245921\'','','','','\'\nURL=\nhttps://training.defcon.org/products...rosoft-edition\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of training:\n
\nHands-on incident response in the cloud — Microsoft edition
\n\nTrainer information:\n
\nKorstiaan Stam is the Founder and CEO of Invictus Incident Response & SANS Trainer - FOR509: Cloud Forensics and Incident Response
\n\nTrainer bio:\n
\nKorstiaan is a passionate incident responder, preferably in the cloud. He developed and contributed to many open-source tools related to cloud incident response. Korstiaan has gained a lot of knowledge and skills over the years which he is keen to share.
\nWay before the cloud became a hot topic, Korstiaan was already researching it from a forensics perspective. “Because I took this approach I have an advantage, because I simple spent more time in the cloud than others. More so, because I have my own IR consultancy company, I spent a lot of time in the cloud investigating malicious behavior, so I don’t just know one cloud platform, but I have knowledge about all of them.” That equips him to help students with the challenge of every cloud working slightly or completely different. “If you understand the main concepts, you can then see that there’s also a similarity among all the clouds. That is why
\nI start with the big picture in my classes and then zoom in on the details. Korstiaan also uses real-life examples from his work to discuss challenges he’s faced with students to relate with their day-to-day work. “To me, teaching not only means sharing my knowledge on a topic, but also applying real-life implications of that knowledge. I always try to combine the theory with the everyday practice so students can see why it’s important to understand certain concepts and how the newly founded knowledge can be applied.”
\n\nTrainer social media links:\n
\nTwitter: \nhttps://twitter.com/InvictusIR\n & \nhttps://twitter.com/korstiaans \n
\nLinkedIn: \nhttps://linkedin.com/in/korstiaanstam \n
\nBlog: \nhttps://invictus-ir.medium.com/ \n
\nRepository with tools & research: \nhttps://github.com/invictus-ir \n
\nPast content:
\nThis is a new training so no information is available yet. I do however have several videos of myself speaking/discussing various topics, please find them below:
\nRelease of new Microsoft IR tools livestream:
\n\nhttps://www.youtube.com/live/I7aIi6R3NMk?\n
\nPresentation at SANS DFIR Summit 2022:
\n\nhttps://youtu.be/HzuVhbpO_go\n
\nPresentation at SANS DFIR Summit 2021:
\n\nhttps://youtu.be/sV-BzlHSyes \n
\nMnemonic security podcast
\n\nhttp://youtu.be/ZMQcTSOsZik.\n
\n
\n\nClass outline\n
\n
\nOverview – Day 1 Microsoft Azure
\nOn day 1 an overview of services in the Azure cloud relevant to IR is provided. Followed by a deep dive into how Azure clouds are often configured in client environments. We will then look at all the different log sources available in Azure that can be used for IR and how we can export out these logs. You will learn how to find real life attacks in the various Microsoft Azure log sources.
\nExercises\nTopics covered
\nDay 1- Morning session\nDay 1- Afternoon session\nDay 2 - Morning session\nDay 2 - Afternoon session\n
\n
\n
\n\nTechnical difficulty of the class:\n
\nBeginner/Intermediate.
\nExperience in the Microsoft cloud will prove very useful to be able to keep up. Experience with PowerShell and/or KQL is not required but will help you to gain even more from the training. You must also not be afraid of the command-line interface as this will be a handson training and not everything will be in the GUI.
\n\nItems students will need to provide:\n
\nA laptop running Windows, whether it’s native or in a virtual machine. Also, laptop must have a browser that can access the Microsoft Portals and the ability to run PowerShell tools. I suggest to not use corporate laptops for this training.
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Korstiaan Stam
\n- 16 hours of training with a certificate of completion.
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n\nRegistration terms and conditions\n:
\nTrainings are refundable before July 1st, the processing fee is $250.
\nTrainings are non-refundable after July 10th, 2023.
\nTraining tickets may be transferred. Please email us for specifics.
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(461,'\'Offensive IoT Exploitation $2,000\'','\'https://forum.defcon.org/node/245920\'','\'https://forum.defcon.org/node/245920\'','','','','\'\nURL=\nhttps://training.defcon.org/products...t-exploitation\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nOffensive IoT Exploitation
\n
\n\nDescription\n:
\nThis course teaches security professionals and hackers how to identify and exploit security vulnerabilities in IoT devices.
\n
\n\nTraining description\n:
\nAs IoT becomes more integrated and integral into personal and work lives, there is a growing need to understand the inner workings of IoT devices and ensure these devices are secure. This course teaches security professionals and hackers how to identify and exploit security vulnerabilities in IoT devices. Participants will learn to interact with hardware debug capabilities, communicate with memory devices, and virtualize and analyze firmware. The course also covers various hardware attacks including glitching and side channel attacks, as well as diving into communications protocols, including Bluetooth, Zigbee, Thread and Matter. Participants will gain hands-on experience with industry tools and techniques. This course is suitable for security professionals, penetration testers, and hackers with basic programming and computer system knowledge, and equips them with skills to discover new vulnerabilities in IoT devices.
\nThis was the largest class at the inaugural DEF CON trainings. We expect this course to sell out so book your seat today!
\nWe believe firmly that you learn best from doing, which is why our course is jampacked with approximately \n\n10\n\n hands-on exercises throughout the 2 days of the course.
\nMany courses either scratch the surface of IoT or go very deep into specific topics. Our course strikes a \n\nbalance between breadth and depth\n\n, giving the student a solid foundation from which to start researching IoT Security
\n\n\nWe know our stuff\n\n – after winning the DEF CON black badge at DEF CON 26, we have been an integral part of the IoT Village both at DEF CON and other conferences throughout the world. Our team developed the IoT 101 Labs that had lineups out the door of IoT Village at DEF CON 27. We have contributed to the IoT CTF since DEF CON 27, but starting this year our team is bring the new Embedded Systems Village to DEF CON.
\n\nTrainer(s) bio\n:
\nTrevor Stevado
\nTrevor Stevado is a renowned security consultant and the founder of Loudmouth Security. With over 15 years of experience in the industry, Trevor has developed a deep understanding of cyber security and is recognized as an expert in his field. In 2018, Trevor won a Black Badge in the IoT CTF at DEF CON 26, and since then, he has been a regular contributor to IoT Village. In fact, he\'s now one of the founders of the new Embedded Systems Village, where he continues to push the boundaries of security research.
\nIn addition to his technical expertise, Trevor is an exceptional teacher with a proven track record of success. He\'s adept at explaining complicated technical findings to executive management teams, and he\'s spent years mentoring younger hackers coming into the field. Trevor\'s ability to teach stems from his passion for the subject matter and his dedication to continuous learning. He\'s always seeking out new information and insights, which he incorporates into his courses to provide the most up-to-date and relevant training possible.
\nTrevor Hough
\nTrevor Hough is a partner and passionate security researcher at Loudmouth Security. With extensive experience participating in large-scale cyber training operations involving embedded systems, Trevor has become a recognized expert in his field. He has an insatiable curiosity and has performed research on some of the weirdest and coolest embedded systems around, discovering and disclosing bugs in the process.
\nTrevor has a deep technical knowledge and passion for security that\'s evident in his work. He won a Black Badge in the IoT CTF at DEF CON 26 and has been a regular contributor to DEF CON ever since. Trevor is part of the team that\'s bringing the new Embedded Systems Village to DEF CON 31, where he\'s excited to push the envelope of bigger, cooler, and more exotic systems that attendees can interact with. He is a highly skilled trainer who\'s always eager to share his knowledge and experience with others.
\nNicholas Coad
\nNicholas is a consultant at Loudmouth Security and an accomplished PCB designer with extensive knowledge of hardware. He brings his expertise to our training team, where he\'s an invaluable asset. Nicholas is also a regular contributor to IoT Village and part of the team behind the new Embedded Systems Village.
\nPrior to joining Loudmouth Security, Nicholas worked as an IT administrator for industrial and manufacturing companies, where he gained invaluable experience about the practical applications of embedded systems. This hands-on experience gives him a unique perspective that he brings to this training.
\nNicholas is an exceptional trainer with a passion for sharing his knowledge and experience with others. He\'s a key member of our team, and his expertise in PCB design and embedded systems makes him an invaluable resource to our students.
\nPatrick Ross
\nPatrick is a seasoned security expert with a wealth of experience in the field. As a member of the team that won the Black Badge at DEF CON 26 in the IoT CTF, Patrick is recognized as one of the top experts in his field. He\'s also a DEF CON goon and an integral part of the team behind the new Embedded Systems Village.
\nPatrick\'s expertise lies in the virtualization of embedded devices, and he\'s one of the key researchers behind the MIPS-X project. His deep technical knowledge and experience make him a valuable asset to Loudmouth Security\'s training team.
\nIn addition to his technical skills, Patrick is an exceptional teacher with superb teaching skills. He\'s passionate about sharing his knowledge and experience with others, and he\'s committed to helping organizations stay ahead of the latest cyber threats.
\n\nTrainer(s) social media links\n:
\n\nhttps://twitter.com/_t1v0_\n : @\n_t1v0_ \n
\n\nhttps://twitter.com/2fluffyhuffy\n : @\n2fluffyhuffy\n
\n\nOutline\n:
\nThe course is broken down into the following sections:
    \n
  1. \nIntroduction to IoT and Embedded Device Hacking\n
    2. \n
  2. \nInteracting with Hardware Debugging Interfaces\n
    3. \n
  3. \nCommunicating with Memory Devices\n
    4. \n
  4. \nAnalyzing Firmware for Security Vulnerabilities\n
    5. \n
  5. \nVirtualizing Firmware\n
    6. \n
  6. \nGlitching and Side Channel Attacks\n
    7. \n
  7. \nCommunications Protocols in Embedded Systems\n
    8. \n
\n\nTechnical difficulty\n:
\nBeginner to Intermediate. This is a compressed course and will move quickly.
\n\nSuggested Prerequisites\n:
\n
\n\nWhat students should bring\n:\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Trevor Stevado, Trevor Hough, Nicholas Coad, Patrick Ross
\n- 16 hours of training with a certificate of completion
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(462,'\'Rod Soto - SOC 101 - SOC 1 Analyst Bootcamp $2,100\'','\'https://forum.defcon.org/node/245919\'','\'https://forum.defcon.org/node/245919\'','','','','\'\nURL=\nhttps://training.defcon.org/products...alyst-bootcamp\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nSOC 101 - SOC 1 Analyst Bootcamp
\n
\n\nDescription\n:
\nThis course will provide students with extensive hands-on exercises and labs that emulate real-life security operation center tasks and related technologies.
\n
\n\nTraining description\n:
\nDuring this comprehensive course, tools and methodologies that are used in Security Operation Centers will be introduced and detailed. This course will provide students with extensive hands-on exercises and labs that emulate real-life security operation center tasks and related technologies.
\n
\nFrom text handling, packet dissection, and analysis, to adversarial simulation and detection engineering, this course will provide students with a solid base of skills and a comprehensive understanding of a Security Operations Center (SOC) Analyst job.
\n
\nThe focus will be geared toward basic, hands-on skills that allow students to perform and excel at baseline SOC tasks.
\n
\nHardware & Minimum Course Requirements:
\nA laptop with 16GB of RAM and the ability to run Virtual Machines. Understanding of basic networking concepts and basic Linux comprehension.
\n
\nTarget Audience:
\nThis training is geared towards Information Technology, Computer System, or Computer Network Professionals seeking to enter the Information Security Industry while enriching those who seek to develop the skills and knowledge necessary to work at a Security Operations Center.
\n
\nSkills that will be learned:
\nThis course will provide students with the necessary skills and knowledge to work in a Security Analyst 1 job and understand the dynamics of a Security Operations Center
\nPast content:
\n
\nRod Soto Udacity Instructor \nhttps://www.udacity.com/course/secur...odegree--nd698\n
\nRod Soto RSA Conference 2021
\n\nhttps://www.rsaconference.com/Librar...0Hacking%20101\n
\nRod Soto - Red Team Village - Adversarial Simulation Workshop 2 hours. \nhttps://www.youtube.com/watch?v=YEnL8QfFlJI\n
\nRod Soto - Linux Threat Detection using Attack Range - Texas CyberSummit 2022 \nhttps://www.youtube.com/watch?v=YEnL8QfFlJI\n
\nFor new Trainers, so the Review Board is able to get a sense of your presentation style, do you have a video sample of any previous conference presentations or training? (Optional)
\nRod Soto - Red Team Village - Adversarial Simulation Workshop 2 hours. \nhttps://www.youtube.com/watch?v=YEnL8QfFlJI\n
\n
\n\nTrainer(s) bio\n:
\nRod Soto has over 15 years of experience in information technology and security. Has worked in Security Operations Centers as a support engineer, soc engineer, security emergency response, and incident response. Currently working as a detection engineer and researcher at Splunk Threat Research Team. Previously worked at Prolexic/AKAMAI, Splunk UBA, JASK (SOC Automation).
\nRod Soto was the winner of the 2012 BlackHat Las Vegas CTF competition and Red Alert ICS CTF at DEFCON 2022 contest. He has spoken at ISSA, ISC2, OWASP, DEFCON, RSA Conference,Hackmiami, DerbyCon, Splunk .CONF, Black Hat,BSides, Underground Economy and also been featured in Rolling Stone Magazine, Pentest Magazine, Univision, BBC, Forbes, VICE, Fox News and CNN.
\n
\n\nTrainer(s) social media links\n:
\n\nhttps://twitter.com/rodsoto\n : @\nrodsoto\n
\n
\n\nOutline\n:
\n\nDay 1\n:
\nIntroduction to SOC & SOC-related technologies (2 hours)
\nWhoami
\nWhat is a SOC
\nTypes of SOC
\nWhat is expected of a SOC Analyst (SOC 101)
\nSecurity Principles
\nAccess Controls
\nSOC Security Technologies
\nPrinciples of Defense in Depth
\nDefense in Depth technologies
\nSOC main focus - Endpoints (Linux - Windows)
\nLinux Access Controls (DAC, MAC), Access Log locations
\nExercise 1. Linux Access Controls, Linux Access Logs (grep, awk, and cli tools)
\nExercise 2. Windows Access Controls - NTFS & Active Directory
\n(SysIinternals AccessEnum, Powershell & Windows CLi commands)
\nUser Groups, Permissions, NTFS folder and file permissions.
\nSecurity Events & Data Manipulation (2 hours)
\nWhat is a security event?
\nSecurity Event Types
\nTriage of Security Events/Incidents
\nLogs & Text manipulation
\n- Logs, metadata, management, ETL, storage
\n- Linux, PowerShell, Batch - GREP, AWK, SED, REGEX
\n- Log and Metadata Standards - CIM, WWW, JSON, XML, SYSMON, SYSLOG, CSV
\n- Linux Logs → locations and structure
\n- Windows Logs → locations and structure
\nExercise -
\nUse Regex against CSV, WWW, RAW logs to find security events relevant metadata
\nUse PowerShell to view, parse and find data in files
\nUse cat, grep, sed, and awk to manipulate, find data and understand the structure of log files (syslog, sysmon, json, xml)
\nIdentify attack vector in logs
\nNetworking - Threat Detection & Analysis (2 hours)
\nNetwork Basics
\nBasic TCP/IP – OSI Layers, distribution by protocol RFCs
\nNetflow
\nPacket Capture
\nWireshark, TCPDump
\nPCAP readers – Chaos Reader, Foremost, Network Miner, Arkime
\nNetwork Analysis and threat detection
\nArkime
\nSuricata
\nExercise -
\nUse TCPdump & Wireshark to find attack signatures in attack pcaps
\nUse NetworkMiner to mine and identify information
\nUse Arkime to capture and obtain pcaps
\nReplay pcap and visualize detection in Suricata
\nVulnerabilities & Attacks (2 hours)
\nVulnerabilities & Attacks SOCs are exposed
\nEndpoints
\nServers
\nApplications
\nCloud
\nIndustry Nomenclature
\nMitre CVEs, Mitre ATT&CK, OWASP TOP 10
\nTLP Protocol
\nCVSS
\nIndustry Compliance Frameworks
\nRisk & Threat Modeling
\nExercise -
\nIdentify vulnerability, score RISK, and calculate CVSS
\nIdentify APT 28 TTPs
\nPerform RDP attack against a windows host and find related policies and security logs
\nIdentify OWASP Top 10 attack in a campaign (sqli / nginx logs)
\n
\n\nDay 2\n:
\n
\nManagement of logs (3 hours)
\nHow to send logs to a centralized location
\n→ syslog, rsyslog, netcat
\n- Windows Event Subscription
\n– malware related logs
\nMalware-centric logs → registry, evtx/xml, json, www
\nManagement of centralized logs
\nSIEM
\nSPLUNK
\nElastic
\nIntroduction to EDR
\nWazuh
\nOpenEdr
\nExercise
\nUse docker to create a Splunk Instance and upload data, find a threat in the uploaded data
\nUse docker to create Elastic instance upload data and find threat
\nOperate a Wazuh Instance to load data and discover and analyze threats
\nInstall OpenEdr and detonate threats to verify detection
\nUse EICAR file to visualize windows defender and logs at endpoint and SIEM
\nUse Elastic EDR to find threats
\nAdversarial Simulation & Detection Engineering (3 hours)
\nInfrastructure as Code
\nAdversarial Simulation Frameworks
\nAtomic Red Team
\nOperator
\nSplunk Attack Range
\nManual exploitation
\nDetection engineering Windows (Sysmon)
\nDetection Engineering Linux (Syslog)
\nExercise
\nExecute Atomic Red Team atomics against a target
\nDevice a detection from collected logs
\nExecute an attack on Linux host, detect an attack from collected logs
\nSOC challenges and interactions (1 hour)
\nCryptography and the SOC
\nIncident Response
\nSOC Periphery teams
\nCTF (1 hour)
\n
\n\nTechnical difficulty\n:
\nBeginner.
\n\nSuggested Prerequisites\n:
\nBasic understanding of Windows and Linux Command Line, as well as basic networking skills (TCP/IP)
\n
\n\nWhat students should bring\n:
\nA laptop with 16GB of RAM and the ability to run Virtual Machines. Understanding of basic networking concepts and basic Linux comprehension.
\n*Due to virtualization issues with M2 Apple Chip based laptops, these types of laptops are NOT supported for this training. Please bring Intel-based laptops that support x86 virtualization.
\n
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Rod Soto
\n- 16 hours of training with a certificate of completion
\n- 2 coffee breaks are provided per day.
\n- Note: Food is not included.
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(463,'\'Abhinav Singh - Cloud Security Masterclass Defender\'s Guide to Securing AWS &... $2,000 early $1,600\'','\'https://forum.defcon.org/node/245918\'','\'https://forum.defcon.org/node/245918\'','','','','\'\nURL=\nhttps://training.defcon.org/products...infrastructure\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nCloud Security Masterclass Defender\'s Guide to Securing AWS & Azure Infrastructure
\n
\n\nDescription\n:
\nThis is a unique course that is on the cloud and for the cloud. It helps train individuals on cloud terminologies and enables them to build scalable defense mechanisms for their services running in the public cloud. The training explicitly focuses on threat detection, Incident response, malware investigations, and forensic analysis of cloud infrastructure which is still a very less known domain in the market. The training will not use cloud-native security tools, but will focus more on building generic analysis pipelines that can be implemented in any cloud environment.
\n
\n- Using cloud native technologies to build your own security services for your applications and services running in the cloud.
\n- Building real-time detection, monitoring and response capabilities for threat tracking and intelligence gathering.
\n- Building Advanced automated pipelines through Detection-as-code features to defend public cloud infrastructures.
\n
\n## Who Should Take This Course:
\n
\n- Red Team members
\n- Blue team and Purple team members
\n- Cloud Security Teams
\n- Incident responders, Analysts
\n- Malware investigators and Analysts
\n- Threat intelligence analysts and Responders
\n
\n\nTraining description\n:
\nThis hands-on CTF-style training focuses on elevating your security knowledge into the cloud. Learn to defend your AWS & Azure cloud infrastructure by building automated detection, alerting and response pipelines for your workloads by using native cloud services. This training focuses on building security knowledge on the cloud and for the cloud.
\nThis training takes both investigator and builder approach towards security. It teaches you the fundamentals of cloud infrastructure security and focuses on building highly scalable threat detection, monitoring, and response tools by using cloud-native services like serverless, containers, object stores, IAM/AD, logic apps, SQL/KQL queries and much more.
\n
\nBy the end of this training, we will be able to(applies to both AWS & Azure):
\n* Use cloud technologies to detect & build automated responses against IAM & AD attacks.
\n* Understand and mitigate advanced identity based attacks like pivoting and privilege escalation and build defense techniques against them.
\n* Use serverless functions to perform on-demand threat scans.
\n* Deploy containers to build threat detection services at scale.
\n* Build notification services to create detection alerts.
\n* Analyze malware-infected virtual machines to perform automated forensic investigations.
\n* Define step functions & logic apps to implement automated forensic artifacts collection for cloud resources.
\n* Build cloud security response playbooks for defense evasion, persistence and lateral movements.
\n* Perform advanced security investigations through architecting and deploying security data-lake for real-time threat intelligence and monitoring.
\n* Enforce multi-cloud security strategy through assessments, compliance checks and benchmarking automation.
\nHands-on: 65-70%. Lecture: 30-35%.
\n
\nDay 1: 6 hands-on labs: Approximately 6 hours
\n
\nDay 2: 5 hands-on labs: Approximately 6 hours.
\n
\nThis has homework or after class exercises: students will be provided with Cloudformation templates for next day\'s lessons.
\nTraining provides:
\n- PDF versions of slides that will be used during the training.
\n- Complete course guide containing 200+ pages in PDF format. It will contain step-by-step guidelines for all the exercises, labs, and a detailed explanation of concepts discussed during the training.
\n- 20+ pages of cloud security rulebook to implement cloud security controls in an enterprise.
\n- 15 day access to Slack channel & CTF platform.
\n- Infrastructure-as-code templates to deploy the test environments & simulations for continued practice after the class ends.
\n- Access to Github account for accessing custom-built source codes and tools.
\n- Collection of test malware samples, forensic images, detection rules and queries.
\nKeywords: Cloud Security, DevSecOps, Red-team, Blue team, Infrastructure security
\nPast content:
\n#### 2022
\n- Defcon Las Vegas, Aug 2022: \nhttps://training.defcon.org/products...nfrastructures\n
\n- Hack in Paris June 2022: \nhttps://hackinparis.com/trainings/#t...ructure-2-days\n
\n- Insomnihack, Geneva, March 2022
\n- Blackhat EU 2022: \nhttps://www.blackhat.com/eu-22/train...tructure-28220\n
\n- OWASP Lascon 2022, SaintCon 2022.
\n
\n#### 2020-2021
\n- Blackhat EU 2021: \nhttps://www.blackhat.com/eu-21/train...tructure-24306\n
\n- Troopers 2021, 2020: \nhttps://troopers.de/troopers22/trainings/slwggf/\n
\n- HITB 2020, 2021.
\n
\n\nTrainer(s) bio\n:
\nAbhinav Singh is a cybersecurity researcher with a decade long experience working for global leaders in security technology, financial institutions and as an independent trainer/consultant. He is the author of Metasploit Penetration Testing Cookbook (first, second & third editions) and Instant Wireshark Starter, by Packt. He is an active contributor to the security community in the form of patents, open-source tools, paper publications, articles, and blogs. His work has been quoted in several security and privacy magazines, and digital portals. He is a frequent speaker and trainer at eminent international conferences like Black Hat, RSA & Defcon. His areas of expertise include malware research, reverse engineering, enterprise security, forensics, and cloud security.
\n
\n\nTrainer(s) social media links\n:
\n
\n\nhttps://twitter.com/\n\nabhinavbom\n : @\nabhinavbom\n
\n\nhttps://www.linkedin.com/in/abhinavbom\n
\n\nOutline\n:
\n\nDay 1\n:
\n
\n*Introduction*
\n- Quick Introduction to AWS & Azure cloud services.
\n- Basic terminologies: IAM, VPC, AMI, serverless, ARNs etc.
\n- Introduction to Logging services in cloud.
\n- Setting up your free tier account.
\n- Setting up AWS & Azure command-line interface.
\n*Cloud Attack Surface*
\n- Cloud service enumeration for attack surface identification.
\n- Exploiting serverless functions and harvesting cloud credentials.
\n*Detecting and monitoring against AWS IAM attacks.*
\n- Identity & Access management crash course.
\n- Policy enumeration from an attacker\'s & defender\'s perspective.
\n- Detecting and responding to user account brute force attempts.
\n- Building controls against privilege escalation and access permission flaws.
\n- Attacking and defending against user role enumeration.
\n- Brute force attack detection using cloudTrail & Athena SQL queries.
\n- Automated notification for alarms and alerts.
\n- Exercise on detecting IAM attacks in a simulated environment containing web application compromise and lateral movement.
\n*Malware detection and investigation on/for cloud infrastructure*
\n- Quick Introduction to cloud infrastructure security.
\n- Building clamAV & Yara based static scanner for S3 buckets using AWS lambda.
\n- Building signature update pipelines using static storage buckets to detect recent threats.
\n- Malware alert notification through SNS and slack channel.
\n- Adding advanced context to slack notification for quick remediation.
\n- Exercise on simulating a malware infection in AWS and building an automated detection & alerting system.
\n
\n\nDay 2\n:
\n
\n*Threat Response & Intelligence analysis techniques on/for Cloud infrastructure*
\n- Integrating playbooks for threat feed ingestion and Virustotal lookups.
\n- Building a SIEM-like service for advance alerting and threat intelligence gathering using Elasticsearch.
\n- Creating a Security datalake for advance analytics and intelligence search.
\n- Building dashboards and queries for real-time monitoring and analytics.
\n- CTF exercise to correlate multiple logs to determine the source of infection.
\n*Azure AD Attacks & Defenses*
\n- Azure AD enumeration & permission gathering.
\n- Privilege escalation & lateral movement through RBAC, service principals etc.
\n- Auditing & logging in Azure.
\n- Detecting attacks through KQL queries.
\n*Forensic Acquisition & analysis In the Cloud.*
\n- Building an IR \'flight simulator\' in the cloud(AWS).
\n- Creating an API service for automated instance isolation and volume snapshots(AWS).
\n- lambda functions to perform instance isolation and status alerts(AWS).
\n- Automating alert using Sentinel(Azure) for threat analysis.
\n- Automating threat response through Azure logic apps.
\n- Implementing rulebook for cloud IR in an enterprise.
\n- Enforcing security measures and policies to avoid instance compromise.
\n*Multi-cloud Compliance*
\n- Building a multi-cloud security assessment & monitoring strategy.
\n- Automatic inventory and change detection in a multi-cloud environment.
\n- Implementing compliance standards and benchmark standards(CIS) to the cloud environment.
\n
\n\nTechnical difficulty\n:
\nBeginners and Intermediate.
\n
\n\nSuggested Prerequisites\n:
\n- Free tier account for AWS with command line tools installed.
\n- Free Tier account for Azure with command line tools installed.
\n- Read and complete the pre-training briefing document that will be sent a week before the training date.
\n
\n\nWhat students should bring\n:
\n- Laptop with Wi-Fi capability.
\n- Basic understanding of cloud services.
\n- System administration and linux cli.
\n- Able to write basic programs in python.
\n- Familiarity with SQL and KQL queries will be a plus.
\n
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Abhinav Singh
\n- 16 hours of training with a certificate of completion.
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(466,'\'Ben Sadeghipour - Hacking Organizations: Phishing Not Required $1,500\'','\'https://forum.defcon.org/node/245915\'','\'https://forum.defcon.org/node/245915\'','','','','\'\nURL=\nhttps://training.defcon.org/products...g-not-required\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nHacking Organizations: Phishing Not Required
\n
\n\nDescription\n:
\nTeach students how to identify vulnerabilities in web applications and digital assets from an external perspective.
\n\nTraining description\n:
\n“Hacking Organizations: Phishing Not Required” is a comprehensive course designed to teach students how to identify vulnerabilities in web applications and digital assets from an external perspective. The first two days of the course is cover the ten most common vulnerabilities found in web applications as well as principles of reconnaissance. On the third day, students will apply these skills to develop a technique for identifying impactful vulnerabilities that potentially allow access to an organization\'s internal infrastructure. This training is appropriate for anyone interested in web application penetration testing, bug bounties, or joining a red team with a web and reconnaissance focus.
\nPast content:
\n\nhttps://hackfest.ca/en/trainings/web/\n
\n
\n\nhttps://appsecus2018.sched.com/event...step-at-a-time\n
\n\nTrainer(s) bio\n:
\nBen Sadeghipour, also known as NahamSec, is a hacker, content creator, trainer, public speaker, and conference organizer. He has extensive experience in ethical hacking and bug bounty hunting, having identified and exploited thousands of security vulnerabilities for companies such as Apple, Yahoo, Google, Airbnb, Snapchat, the US Department of Defense, and Yelp. Sadeghipour was formerly the head of Hacker Education at HackerOne. In addition to his professional pursuits, Sadeghipour also creates content on YouTube and Twitch to help others get into ethical hacking, bug bounty, web hacking and reconnaissance.
\n\nTrainer(s) social media links\n:
\n\nhttps://twitter.com/NahamSec\n
\n\nhttps://youtube.com/NahamSec\n
\n
\n\nOutline\n:
\n\nDay 1\n:
\nBurp Suite Basics
\nHTTP Basic Refresher
\nRequest Types
\nHeaders
\nRespond Codes
\nStatus Codes
\nOpen Redirects + Labs
\nWhitelisting
\nBlacklisting
\nBasics of open redirects
\nCross-Site Scripting (XSS) + Lab Reflected Cross-Site Scripting Stored Cross-Site Scripting Dom Cross-Site Scripting
\nBlind XSS Break
\nCross Site Request forgery (CSRF) + Lab No CSRF token Reusable CSRF token
\nInsecure Direct Object References (IDOR) + Lab Incrementing IDs Weak encryption (B64) UUID from other vulnerabilities
\nLocal file Read & Path Traversal + Lab
\nPath Traversal Basics
\nLocal File read
\nPath traversal bypasses
\nAdvanced Path Traversal and local file read
\nServer-Side Request Forgery (SSRF) + Lab
\nUnderstanding SSRF + Protocols
\nLocal File Read
\nBlind SSRF and Port Scan
\nAccessing Local Network via SSRf
\nWhite Listing and Black Listing
\nExploiting PDF Generators and Similar
\n\nDay 2\n:
\nPrivilege Escalation + Lab
\nUnderstanding user roles
\nPriv Esc through IDOR
\nPriv Esc via password brute force
\nElevating user access roles
\nArbitrary file upload + Lab
\nUnvalidated upload (php, asp, etc)
\nPath Traversal in uploaders
\nXML external entity (XXE) + Lab
\nBasics of XXE XXE in excel, docx, etc
\nXXE in PDF Generators
\nRemote Command / Code Execution
\nUnderstanding RCE
\nRCE via file uploads
\nRemote Command Injection in URL parsing
\nWeak or default credentials
\nWeak or default credential Basics
\nWordlists
\nLooking through previous password dumps
\nDefault Credentials
\nPassword Guessing
\nComponents with Known Vulnerabilities
\nSSRF
\nRCE via known vulnerabilities
\nImage Magick
\nTomcat
\nStruts2
\nShellshock
\nlog4j
\nReconnaissance - Asset Discovery + Hands on demo
\nDNS Basics
\nASN Ranges (Cloud vs in house)
\nSubdomain Brute Forcing
\nCertificate Transparency
\n3rd Party tools (Shodan, Censys, etc)
\nPermutation and Environments
\nAutomation Demo
\nReconnaissance - Content Discovery + Lab
\nCreating and maintaining word list
\nContextualizing directory/file brute forcing
\nPort scanning
\nInformation gathering using https
\nApproaching APIs
\nLeveraging search engines for reconnaissance
\nGoogle Dorking
\nLeaked credentials
\nFinding additional information about your target
\nMethodology
\nUnderstanding company infrastructure
\nIdentifying and prioritizing interesting assets
\nCombining asset discovery and content discovery
\nLooking for leads (documentation, API specs, etc)
\nLooking for patterns of mistake across an infrastructure
\nDNS Misconfigurations (subdomain or DNS takeover)
\nUnderstanding SSO
\nSSO Bypass or priv escalation
\nFinal Lab + Test
\n\nTechnical difficulty\n:
\nBeginner to intermediate
\n
\n\nSuggested Prerequisites\n:
\nWhile this training will offer and cover the foundations of web application hacking, it is highly suggested that students have a solid foundation in web application hacking and in web development.
\nHTTP Basics:
\n\n\nhttps://developer.mozilla.org/en-US/docs/Web/HTTP\n\n
\nHow to set up burp suite:
\n\nhttps://portswigger.net/burp/documen...ad-and-install\n
\nUnderstanding DNS:
\n\nhttps://www.cloudflare.com/learning/dns/what-is-dns\n
\n\nWhat students should bring\n:
\nStudents should bring in a laptop (Mac OS, Windows, or a Linux distribution of your choice) with a working browser. Please make sure you have installed Burp Suite and are able to intercept your browsers traffic.
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Ben Sadeghipour
\n- 16 hours of training with a certificate of completion.
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(470,'\'Web Hacking Bootcamp - Orange Cyberdefense $2,600\'','\'https://forum.defcon.org/node/245910\'','\'https://forum.defcon.org/node/245910\'','','','','\'\nURL=\nhttps://training.defcon.org/products...e-cyberdefense\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nWeb Hacking Bootcamp
\n\nDescription\n:
\nGreater understanding of the risks associated with web applications, understanding of the tools and techniques for examining web applications, practical skills to exploit a wide variety of web application vulnerabilities.
\n\nTraining description\n:
\nMost organizations utilize web applications. Due to the exposed nature of web applications and complex business logic they contain, they are a valuable target for attackers. Throughout this course focus will be placed on the various vulnerabilities that could affect web applications.
\nThis course will teach you how to analyze web applications for vulnerabilities and teach you how to exploit them in order improve your understanding of the inner workings and the associated risks.
\nPractical exposure to hacking web application will provide developers a deeper understanding of the potential threats and issues that could find its way into the development lifecycle and furthermore ensure that penetration testers are well versed with the discovery and exploitation of web related issues.
\nKey Points:
\n* Greater understanding of the risks associated with web applications
\n* A good understanding of the tools and techniques for examining web applications
\n* Practical skills to exploit a wide variety of web application vulnerabilities
\nWe have been conducting penetration tests against web applications for nearly two decades have pulled out the most relevant and fun hacks we could find into this course.
\nWhether you’re a developer looking to better understand how to defend your applications or a penetration tester looking to enhance your web application bug hunting, this course is for you.
\nThis course is highly practical, with a cornucopia different practical exercises. You’ll learn how to hand exploit numerous common web vulnerabilities and understand the theory behind them. You will be better able to help developers prevent these classes of attacks in their applications. We aim to teach you the trade not just the tricks, and while tools are covered and help, you will be taught how to exploit many of these vulnerabilities by hand.
\nDetails:
\n* 2-day course
\n* 60% practical and 40% theoretical
\n* Immersive practicals with a wide spread of coverage
\n* Delivered by active penetration testers
\nTopics covered:
\n* Web technology fundamentals
\n* Cookies and sessions abuse
\n* Web vulnerabilities and exploitation
\n* Enumeration
\n* File upload manipulations
\n* Injection based attacks
\nOur training facility is delivered via SensePost, the specialist pentesting arm of Orange Cyberdefense.
\nSensePost have trained thousands of students on the art of network and application exploitation for the past two decade. It’s safe to say we enjoy teaching others how to own networks and applications. Our courses are developed from the work we perform for clients, so that you get a better understanding of how to exploit real-world scenarios.
\nCome join us and hack hard!
\n\nTrainer(s) bio\n:
\nSensePost, an elite ethical hacking team of Orange Cyberdefense have been training internationally since 2002. We pride ourselves on ensuring our content, our training environment and trainers are all epic in every way possible. The trainers you will meet are working penetration testers, responsible for numerous tools, talks and 0day releases. This provides you with real experiences from the field along with actual practitioners who will be able to support you in a wide range of real-world security discussions. We have years of experience building environments and labs tailored for learning, after all education is at the core of SensePost and Orange Cyberdefense.
\nPast content:
\nA version of this course has been presented at BlackHat in 2022.
\nThis course has been adjusted in 2023 to focus its delivery to be jam packed and a bit of a bootcamp course. Going from zero to hero in two-days.
\nHere is the 2022 web course details: \nhttps://www.blackhat.com/us-22/train...--2-days-25715\n
\n\nTrainer(s) social media links\n:
\n\nhttps://twitter.com/\n\nsensepost_train\n : @\nsensepost_train\n
\n\nhttps://twitter.com/sensepost\n : @\nsensepost\n
\n\nhttps://twitter.com/orangecyberdef\n : @\norangecyberdef\n
\n
\n\nOutline\n:
\nThe full course outline is for use by the Def Con Training review team and preferably not published on the website.
\n
\nThe content of the course has 16 main modules and multiple sub modules as follows:
\nIntroduction to web technologies
\n* HTTP basics
\n* GET and POST requests
\n* Parameters
\n* Web servers and web applications
\n* URL, Base64 and HTML encoding
\n* Intercepting proxies
\n* Practical outcome: Understand how GET and POST requests work, and how they can be intercepted
\nCookies and Session Management
\n* How cookies work
\n* How sessions work
\n* How to manipulate cookies with Firefox\'s Development Console
\n* Practical outcome: Understand how cookies work, and how they can be modified
\nIntroduction to Web Vulnerabilities
\n* What is a vulnerability?
\n* Common web vulnerabilities and OWASP Top 10
\nClient and Server Side Attacks
\n* Server side controls
\n* Client side controls
\n* Bypassing server and client controls with Burp and Firefox\'s Development Console
\n* Practical outcome: Understand how to bypass client and server side controls
\nBroken authentication and authorization
\n* Identifying broken authorization and authentication controls.
\n* Exploiting client side redirection
\n* Practical outcome: Understand how to identify and bypass broken authentication and authentication controls.
\nEnumeration
\n* How to find useful information
\n* Directory listing and brute forcing URLs
\n* User enumeration and other error conditions
\nSession identifier disclosure
\n* The impact of session identifiers
\n* Practical outcome: Understand how find and exploit disclosed session identifiers.
\nInsecure Direct Object References (IDOR)
\n* Accessing other users objects via IDOR vulnerabilities
\n* How to automate IDOR and other brute-force attacks
\n* Practical outcome: Understand how to enumerate users, brute force accounts and exploit IDOR vulnerabilities.
\nLocal File Inclusion (LFI) vulnerabilities
\n* How to find local file inclusion vulnerabilities.
\n* How to exploit local file inclusion vulnerabilities with uploaded files
\n* How to exploit local file inclusion vulnerabilities when files cannot be uploaded
\n* Practical outcome: Understand how local file inclusion vulnerabilities can be exploited with and without file upload functionality.
\nInsecure file upload vulnerabilities
\n* How web applications use extensions and why they matter
\n* Web shells and code execution
\n* Bypassing extension whitelists and blacklists
\n* Bypassing additional controls such as .htaccess files
\n* Practical outcome: Understand the basics of file upload exploitation, and how to bypass upload restrictions.
\nInjection
\n* The concept of injection
\n* Different types of injection
\n* Demonstrating injection
\n* How to find injection vulnerabilities by fuzzing
\nCross-Site Scripting (XSS)
\n* Introduction to HTML injection and XSS
\n* Stored, Reflective and DOM XSS
\n* XSS attack payloads
\n* SOP and Cookie stealers
\n* Bypassing XSS restrictions
\n* Practical Outcome: Understand how reflective cross site scripting vulnerabilities can be identified and exploited, and how to bypass reflective cross site scripting vulnerability filters.
\nCross Site Request Forgery (CSRF)
\n* Introduction to CSRF vulnerabilities
\n* Using XSS to exploit CSRF
\n* Practical outcome: Understand how to exploit stored cross site scripting and cross site request forgery vulnerabilities, and how they can be used together.
\nCommand Injection
\n* Chaining commands for stacked command execution
\n* Testing and exploiting command injection
\n* Finding and exploiting blind injection
\n* How reverse shells work
\n* Practical Outcome: Understand how to find and exploit both blind and non-blind command injection vulnerabilities.
\nSQL Injection
\n* SQL at a glance
\n* SQL injection introduction
\n* How to find SQL injection
\n* How to exploit different SQLi over different databases (Postgres and MSSQL)
\n* How to use SQL injection to execute operating system commands
\n* Practical outcome: Learn basic SQL, how SQL injection vulnerabilities can be identified, used to extract information, and execute operating system commands.
\nJava Deserialization
\n* How Java serialization and deserialization work
\n* How to identify and exploit Java Deserialization vulnerabilities with ysoserial
\n* Practical outcome: Learn how Java Deserialisation vulnerabilities can be identified and used to execute code.
\n\nTechnical difficulty\n:
\nIntermediate
\n\nSuggested Prerequisites\n:
\nRequires students to have a solid working understanding of web technologies.
\nHacking experience isn\'t a requirement for this course. However, a technical understanding of how web applications work is required. Development experience isn\'t a requirement but can help.
\nWhile not a strict requirement, students will benefit from having an understanding of the following topics before attending the course:
\n* Fundamentals of programming
\n* Programming in the following languages:
\n** HTML
\n** JavaScript
\n** SQL
\n** NoSQL
\nA familiarity of these topics can be obtained from the following links or other resources:
\n* \nhttps://www.tutorialspoint.com/compu...ming_functions\n
\n* \nhttps://www.w3schools.com/html/html_intro.asp\n
\n* \nhttps://www.w3schools.com/js/js_intro.asp\n
\n* \nhttps://www.w3schools.com/sql/default.asp\n
\n* \nhttps://www.guru99.com/mongodb-query...sing-find.html\n
\n
\n\nWhat students should bring\n:
\nAs the bare minimum, you will need to bring along a laptop that is able to run the latest version of Firefox.
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: TBA
\n- 16 hours of training with a certificate of completion.
\n- Note: Classes that do not meet their minimum class size by July 15 will be canceled, please register early
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(471,'\'API Exploration and Exploitation $2,800\'','\'https://forum.defcon.org/node/245909\'','\'https://forum.defcon.org/node/245909\'','','','','\'\nURL=\nhttps://training.defcon.org/products...d-exploitation\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nAPI Exploration and Exploitation
\n\nDescription\n:
\nIntroduction to APIs, Engaging and exploring APIs, Enumerate the API Attack Surface, Demystifying the OWASP Top 10 for APIs, Exploring GraphQL, Capture The Flag Exercise
\n
\n\nTraining description\n:
\nThe use of Application Programming Interfaces (APIs) have increased over the years. Therefore, the threat landscape of organizations increases with the adoption of APIs. The content of the course creates awareness around the various attack vectors used targeting APIs and provides actionable mitigation strategies.
\nThe aim of this course is to empower you to conduct a risk assessment of an API. This hands-on course covers API basics, setting up a test environment, API threat model, API protocols and architectures, typical vulnerabilities, enumerating an attack surface and best practices around security.
\nMoreover, it focuses on gaining practical experience of the OWASP Top 10 for APIs. In addition, you would be gaining practical experience on exploiting typical vulnerabilities on RESTful (REST) APIs and GraphQL. The course concludes with a capture the flag (CTF) to apply knowledge gained during the course.
\nThis course aims to unpack the security considerations of an API and demonstrate how various attack vectors could be used to impact the security of an API.
\nMore Details:
\n* 2-day course
\n* 60% practical and 40% theoretical
\n* Real-world attacks and methodologies
\n* Delivered by active penetration testers and red team members
\nMain modules:
    \n
  1. \nIntroduction to APIs
    2. \n
  2. \nEngaging and exploring APIs
    3. \n
  3. \nEnumerate the API Attack Surface
    4. \n
  4. \nDemystifying the OWASP Top 10 for APIs
    5. \n
  5. \nExploring GraphQL
    6. \n
  6. \nCapture The Flag Exercise
    7. \n
\nOur training is delivered via SensePost, the specialist ethical hacking team of Orange Cyberdefense. We have trained thousands of students for the past two decades about the art of offensive and defensive approaches. It’s safe to say we enjoy teaching others how to pwn networks and applications. Our courses are developed from the work we perform for clients, so that you get a better understanding of how to exploit real-world scenarios.
\nJoin us and hack hard!
\n\nTrainer(s) bio\n:
\nSensePost Training
\nSensePost, an elite ethical hacking team of Orange Cyberdefense have been training internationally since 2002. We pride ourselves on ensuring our content, our training environment and trainers are all epic in every way possible. The trainers you will meet are working penetration testers, responsible for numerous tools, talks and 0day releases. This provides you with real experiences from the field along with actual practitioners who will be able to support you in a wide range of real-world security discussions. We have years of experience building environments and labs tailored for learning, after all education is at the core of SensePost and Orange Cyberdefense.
\nPast content:
\nThis training was delivered at Def Con Trainings 2022 in Las Vegas.
\nNo links to previous training as the Def Con site has been modified.
\n\nTrainer(s) social media links\n:
\n\nhttps://twitter.com/\n\nsensepost_train\n : @\nsensepost_train\n
\n\nhttps://twitter.com/sensepost\n : @\nsensepost\n
\n\nhttps://twitter.com/orangecyberdef\n : @\norangecyberdef\n
\n
\n\nOutline\n:
\nDetailed course outline (for Def Con training review use only, please do not share publicly.)
\n
\nThis course consists of 6 High level Modules, +-26 Key concepts and +-30 Practicals.
\nModule 1: Introduction To API
\n* What is an API?
\n* The API ecosystem
\n* Threat model of an API
\n* Review of code representing an API endpoint
\nPractical 1 – What to do with APIs:
\nThis practical engages candidates to look for open APIs and how they could use at least threee APIs withinin a ficticoinal scenario business / operational environment.
\nModule 2: Engaging with the Target API:
\n* Setup and configure Postman, cURL and Burp to connect to target API
\n* Demonstrate the various HTTP headers
\n* Interacting with Swagger
\n* Demonstrate the various HTTP methods
\n* Discuss the use of JWT for authetnication
\nPractical 2 – Abusing a JWT :
\nThe practical would focus on creating a JWT to authenticate against an endpoint. In addition, the cracking of a JWT to target weak encryption protocols. Lastly how to resign the JWT and use with subsequent abuses.
\nModule 3: Enumerate API Attack Surface:
\n* Creating wordlists to enumerate endpoints
\n* Fuzzing endpoints to identify hidden endpoints
\n* Use of tools to create wordlists
\nPractical 3 – Using cewl and mentalist to create a wordlist:
\nThe identification of endpoints are ciritical to enumerate the attack surface of APIs. This practical demonstrates the use of tools to create custom wordlists.
\nModule 4: Demystify the OWASP Top 10 for API:
\nCandidates would be exposed to the most common vulnerabilities targeting APIs. These vulnerabilities would be put into context through the use cases and allow candidates to perform the attack to get a better understanding. The focus would also be on identiifying mitigation strategies to address the risk.
\n* Unpack the OWASP Top 10 for APIs
\n* Analyze the vulnerability: Broken Object Level Authorization
\n* Analyze the vulnerability: Broken User Authentication
\n* Analyze the vulnerability: Broken Function Level Authorization
\n* Analyze the vulnerability: Excessive Data Exposure
\n* Analyze the vulnerability: Lack of Resources & Rate Limiting
\n* Analyze the vulnerability: Mass Assignment
\n* Analyze the vulnerability: Security Misconfiguration
\n* Analyze the vulnerability: Injection
\n* Analyze the vulnerability: Improper Assets Management
\n* Analyze the vulnerability: Insufficient Logging & Monitoring
\nPractical 4 – Getting to know the top vulnerabiliites for APIs :
\nThe practicals are part of the module decribing each vulnerability. The use cases were developed to practically demonstrate each vulnerability and give the candidate opportunity to experience each vulnerability. This in turrn would create awareness on how to test for each of these vulnerabilites.
\n* Practical review of Use Case: Unauthorized Enumeration and Viewing
\n* Practical review of Use Case: Insecure JSON Web token (JWT) configuration
\n* Practical review of Use Case: Weak password complexity
\n* Practical review of Use Case: Authentication susceptible to brute force attack
\n* Practical review of Use Case: OTP Bypass
\n* Practical review of Use Case: Escalate Privileges to gain Administrative Access
\n* Practical review of Use Case: API Response contains Unfilter Data
\n* Practical review of Use Case: API Response contains Unnecessary Data
\n* Practical review of Use Case: Impact of Zipbombing
\n* Practical review of Use Case: Rate Limiting - Abuse Number of Calls to End Point
\n* Practical review of Use Case: Rate Limiting Enabled
\n* Practical review of Use Case: Privilege Escalation
\n* Practical review of Use Case: HTTP OPTIONS Method Enabled
\n* Practical review of Use Case: Verbose Error Messages
\n* Practical review of Use Case: Outdated Application Servers
\n* Practical review of Use Case: Overly permissive Cross-Origin resource sharing (CORS)
\n* Practical review of Use Case: SQL Injection
\n* Practical review of Use Case: XXE Injection
\n* Practical review of Use Case: Command Injection
\n* Practical review of Use Case: Ennumerate API to identify deprecated endpoints
\n* Practical review of Use Case: No authentication required to acces endpoint
\n* Practical review of Use Case: Logging of data
\n* Practical review of Use Case: Logs containing sensitive data
\n* Practical review of Use Case: Logs does not have sufficient data
\nModule 5: Exploring GraphQL from a security perspective:
\n* Introduction to GraphQL
\n* Describing the various vulnerabilities associated with GraphQL
\n* Discuss various techniques to secure GraphQL
\nPractical 5 – Introspection for the Win
\nCandidate would be provided with an endpoint to explore the various vulnerabilities. This includes:\nModule 6: Capture the Flag:
\nThe course concludes with candidates participating in a capture the flag where secret documents of a target company needs to be found. The candidates would use knowledge acquired during the course to apply this and exploit vulnerabilities within the exposed API.
\n\nTechnical difficulty\n:
\nIntermediate
\n\nSuggested Prerequisites\n:
\nRequires students to have a solid working understanding of the Linux command line and basic web hacking skills.
\nThis is an intermediate course in penetration testing of APIs. No security related experience is required but a technical understanding of computers, networks, Linux and Windows are a must.
\nPlease ensure you are comfortable with the Linux command line before enrolling for this course. You will be executing some commands from the command line when executing cURL to interact with the APIs.
\n
\n\nWhat students should bring\n:
\nYou should bring a laptop with a working modern browser like Firefox or Chrome to access the APIs and online lab.
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: TBA
\n- 16 hours of training with a certificate of completion.
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(480,'\'Seth Law & Ken Johnson - Practical Code Review $2,000\'','\'https://forum.defcon.org/node/245900\'','\'https://forum.defcon.org/node/245900\'','','','','\'\nURL=\nhttps://training.defcon.org/products...al-code-review\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nPractical Code Review
\n
\n\nDescription\n:
\nThis course introduces a proven methodology and framework for performing a secure code review, as well as addressing common challenges in modern secure code review.
\n
\n\nTraining description\n:
\nLearn a proven methodology for discovering vulnerabilities in code through secure code reviews against any language or framework, no matter the amount of code. Whether analyzing code as a consultant, internal resource, or bug bounty researcher, enhance your bug-hunting techniques and code review skills using a strategy surpassing security review checks covered by language-specific guidance and automated tools plagued by false positives. During the training, you will learn and practice a methodology developed by Seth and Ken (co-hosts of the Absolute AppSec podcast) to find bugs in hundreds of code bases, including web3, mobile, and web applications. Students gain the confidence to take on code-review projects, knowing how to organize their limited time, avoiding unnecessary time sinks and focusing on an application’s security-relevant files and functions.
\n
\n
\n\nTrainer(s) bio\n:
\nKen Johnson:
\nKen Johnson has been hacking web applications professionally for 14 years and given security training for 11 of those years. Ken is both a breaker and builder and is the CTO & Co-Founder of DryRun Security. Previously, Ken was a Director with GitHub\'s Product Security Engineering team and has held both technical and leadership roles both within the consulting world as well as a corporate defender. Previously, Ken has spoken at RSA, You Sh0t the Sheriff, Insomnihack, CERN, DerbyCon, AppSec USA, AppSec DC, AppSec California, DevOpsDays DC, LASCON, RubyNation, and numerous Ruby, OWASP, and AWS events about appsec, devops security, and AWS security. Ken\'s current passion project is the Absolute AppSec podcast with Seth Law.
\n
\n
\nSeth Law:
\nSeth Law is an experienced Application Security Professional with over 15 years of experience in the computer security industry. During this time, Seth has worked within multiple disciplines in the security field, from software development to network protection, both as a manager and individual contributor. Seth has honed his application security skills using offensive and defensive techniques, including tool development. Seth is the founder and principal of Redpoint Security, hosts the Absolute AppSec podcast with Ken Johnson, and is a regular speaker at developer meetups and security events, including Blackhat, Defcon, CactusCon, and other regional conferences.
\nPast training:
\n• OWASP AppSec USA 2018
\n• Global AppSec Amsterdam
\n• AppSec California 2019
\n• OWASP Virtual AppSec Days 2020
\n• AppSec Day
\n• Blackhat USA (2020/2021)
\n• KernelCon 2022
\n• LocoMocoSec 2022
\n• DEF CON 2022 LV
\nAbsolute AppSec Channel is a good place to get an idea of how we present. \nhttps://www.youtube.com/c/AbsoluteAppSec\n
\n
\nA good primer on some of the content is Ken doing a walkthrough of the framework taught in the following video attached to our podcast channel:
\n\nhttps://www.youtube.com/watch?v=f6UOBCJ9pjw\n
\n\nTrainer(s) social media links\n:
\n\nhttps://twitter.com/sethlaw\n (Seth)
\n\nhttps://twitter.com/cktricky\n (Ken)
\n\nhttps://twitter.com/absoluteappsec\n (Absolute AppSec Podcast)
\n
\n\nOutline\n:
\n\nDay 1:\n
\n- Overview (1 hour)
\n- Introductions, Philosophy, Expectations, Setup
\n- Code Review Methodology
\n- Overview (30 minutes)
\n- Introduction, General Principles, Risk Assessment, Notes, Exercise
\n- Information Gathering (1.5 hours)
\n- Activities, Application Mapping, Mapping Exercise, Authorization Functions, Authorization
\nFunctions Exercise
\n- Authorization (1.5 hours)
\n- Authorization Review Activities, Vulnerabilities, Checklists, Exercise
\n- Authentication (1.5 hours)
\n- Authentication Review Activities, Vulnerabilities, Checklists, Exercise
\n- Auditing (30 minutes)
\n- Auditing Review Activities, Vulnerabilities, Checklists, Exercise
\n- Injection (1 hours)
\n- Injection Review Activities, Vulnerabilities, Checklists, Exercise
\n\nDay 2:\n
\n- Methodology Continued
\n- Cryptography (30 minutes)
\n- Cryptographic Review Activities, Vulnerabilities, Checklists, Exercise
\n- Configuration (30 minutes)
\n- Configuration Review Activities, Vulnerabilities, Checklists
\n- Technical Hands-On Review (3 hours)
\n- Vulnerable Task Manager Class Review
\n- Group Projects - Review of Open Source Applications (3 hours)
\n- Presentation of Group Projects (1 hour)
\n
\n\nTechnical difficulty\n:
\nIntermediate.
\n
\n\nSuggested Prerequisites\n:
\nAttendees must have knowledge of the OWASP Top 10, SANS CWE Top 25, and other common vulnerabilities.
\nAttendees should be familiar with the development process (SDLC) and where security code reviews fit into the process. Attendees must have experience using an IDE, running command-line tools, and be able to read application source code.
\n
\n\nWhat students should bring\n:
\nLaptop capable of running an IDE.
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Seth Law & Ken Johnson
\n- 16 hours of training with a certificate of completion.
\n- Note: Classes that do not meet their minimum class size by July 15 will be canceled, please register early
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(482,'\'Kerry Hazelton - Cloud Forensics Workshop and CTF Challenge: Lab Rat Edition\'','\'https://forum.defcon.org/node/245898\'','\'https://forum.defcon.org/node/245898\'','','','','\'\nURL=\nhttps://training.defcon.org/products...ab-rat-edition\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\n
\nCloud Forensics Workshop and CTF Challenge: Lab Rat Edition
\n
\n\nDescription\n: (covers)
\n
\nHow the Cloud has evolved from large-scale virtual servers to smaller containers.
\n
\nHow small board computers or IoT devices can extend beyond the logical boundary of a Cloud.
\n
\nHow to mirror and capture valuable packet data within a virtual environment.
\n
\nHow to obtain and analyze a forensic image, memory capture, and metadata from a virtual instance.
\n
\nHow to obtain and analyze a forensic image from a container and from a small-board computer.
\n
\nHow to analyze logged API calls, storage access logs, metrics, traffic flows, and server logs look for evidence of suspicious activity.
\n
\nKey similarities and differences between the three major Cloud Service Providers.
\n
\nRecommended best practices for writing the after-action reports.
\n
\nFinally, contest where students apply their knowledge.
\n
\n\nTraining description\n:
\n
\nNow in its sixth iteration since its initial launch at BSides DC in October 2017, the Cloud Forensics Workshop and CTF Challenge have been a regular feature at multiple security conferences across the country where security professionals learn the core concepts of digital forensics and incident response in a Cloud computing environment. The newest version of this training session takes place over the course of two days, with Day Zero focusing on topics including how the Cloud has evolved from large-scale virtual servers to smaller, more scalable Docker or Kubernetes containers; how small board computers or IoT devices can extend beyond the logical boundary of a Cloud to gather and analyze critical data such as room temperature, humidity levels, or power levels from attached sensors before relaying the information back to the Cloud; how to mirror and capture valuable packet data within a virtual environment; how to obtain and analyze a forensic image, memory capture, and metadata from a virtual instance; how to obtain and analyze a forensic image from a container and from a small-board computer; how to analyze logged API calls, storage access logs, metrics, traffic flows, and server logs look for evidence of suspicious activity; recommended vendor and industry best practices for locking down a compromised Cloud environment; key similarities and differences between the three major Cloud Service Providers; and recommended best practices for writing the after-action reports. Day Zero will also feature plenty of hands-on lab exercises for students where they will gain practical experience on common open-source tools and techniques used in the field.
\n
\n
\nDay One will be the "capstone" where students will form teams and take on the CTF Challenge itself - an all-day competition where students can expect to be tested on not only what they learned from the day before, but combine it with their own experiences and knowledge as they tackle multiple puzzles of varying difficulty to earn points while competing for honors and prizes.
\n
\nPast content:
\n
\nPrior versions of this training have been taught at BSides DC (2017, 2019); BSides Charm (2018); BSides NoVA (2019, 2020); HOU.SEC.CON (2019); BSides KC (2019, 2022); BSides Idaho Falls (2019, 2021); BSides Tampa (2020); CyberjutsuCon (2022). The current version of this class ("Lab Rat Edition") is currently scheduled to be taught at BSides Tampa and HackMiamiCon.
\n
\nBSidesDC 2017 - \nhttps://bsidesdc2017.busyconf.com/sc...41c9127a000268\n
\n
\n
\nBSidesDC 2019 - \nhttps://bsidesdc2019.busyconf.com/sc...54b6b4a30000ac\n
\n
\n
\nBSidesCharm 2018 - \nhttps://bsidescharm.org/archive/2018...forensics.html\n
\n
\n
\nBSidesNoVA 2019 - \nhttps://bsidesnova2019con.busyconf.c...8fd2450200005c\n
\n
\n
\nBSidesNoVA 2020 - \nhttps://bsidesnova2020.busyconf.com/...d21794d800001b\n
\n
\n
\nHOU.SEC.CON 2019 - \nhttps://web.archive.org/web/20190327171857/http://houstonseccon.org/training/\n
\n
\n
\nBSidesKC 2019 - \nhttps://bsideskc2019.busyconf.com/sc...ebbd459000010d\n
\n
\n
\nBSidesKC 2022 - \nhttps://bsideskc.org/activities/\n \n(listed under "Trainings and Workshops")\n
\n
\n
\n
\nBSides Idaho Falls 2021 - \nhttps://web.archive.org/web/20210923110258/https://www.bsidesidahofalls.org/cfw.html\n
\n
\n\nTrainer(s) bio\n:
\n
\nKerry Hazelton has spent nearly twenty-five years of his career between Information Technology and Security, developing a deep knowledge of systems and network support, data center operations, Cloud computing, digital forensics, and incident response. As such, he considers himself a “cybersecurity enthusiast” due to his desire and motivation to read up on the latest trends within the industry, to learn about a new exploit or tool, or his willingness to teach and share with others his experiences over the years. He created the Cloud Forensics Workshop and CTF Challenge in 2017, which is a technical workshop that focuses on learning about the science of cloud forensics and its real-world applications, followed by a Capture-the-Flag competition to gauge his students’ comprehension and critical-thinking skills by solving multiple forensics puzzles in a race against each other within the allotted amount of time.
\n
\nHe can be found posting his random thoughts on gaming, hacking, or life in general via Twitter under the handle of @\nProfKilroy\n.
\n
\n\nTrainer(s) social media links\n:
\n
\n\nhttps://twitter.com/ProfKilroy\n
\n\nhttps://infosec.exchange/@professor_kilroy\n
\n
\n\nOutline\n:
\n
\n\nDay 1\n: (Day 0)
\n
\nTraining Day (Day 0) - Labs and Group Discussion (each lab will run about 30 to 45 minutes, group discussions about 5 to 10 minutes)
\n
\n
\n**Group discussion: How the Cloud has Become a Lot Smaller (Bigger?)
\n
\n**Lab One: Configuring Traffic Mirroring and using Wireshark to capture and analyze the data
\n
\n**Lab Two: Analysis of Logs to Identify Potential Indicators of Compromise
\n
\n**Lab Three: Cloud account isolation using Organizational Units and Service Control Policies
\n
\n**Group discussion: Key similarities and differences between AWS, Azure, and GCP
\n
\n**Group discussion: How to identify Indicators of Compromise, Vendor and Industry Best Practices to Locking Down an Environment
\n
\n**Lab Four: Acquisition and analysis of forensic evidence from a compromised virtual server: forensic image, memory capture, metadata
\n
\n**Lab Five: Acquisition and analysis of forensic evidence from containers and IoT/Edge Devices
\n
\n**Group Discussion: Encryption vs encoding, Steganography (under which conditions will we see evidence of encryption, encoding, or data exfiltration using steganography)
\n
\n
\n**Lab Six: Analysis of Portable Executable files using CFF Explorer
\n
\n**Lab Seven: How Cloud-native tools such as Athena, Detective, Security Hub, and their Azure/GCP counterparts can help identify potential issues in the Cloud
\n
\n**Group Discussion: After-Action Reporting
\n
\n**Recap/Q&A Session
\n
\nStudents will pre-register for the CTF Challenge after the end of the training session. I will be available to assist with registration issues.
\n
\n\nDay 2\n: (Day 1)
\n
\nAll-day CTF Challenge. Students will be given pre-configured forensic images, PCAPs, logs, and other files to dissect as they will need to extract artifacts I will designate as "flags" in order to earn points. The top three teams will earn prizes, and a special prize will be awarded to the person who turns in the highest individual score.
\n
\n
\n\nTechnical difficulty\n:
\n
\nIntermediate to Advanced.
\n
\n\nSuggested Prerequisites\n:
\n
\nIt is recommended students have a good understanding of Cloud environments and/or digital forensics. It is also recommended that students have some prior experience with tools such as Wireshark, TSK/Autopsy, Volatility and/or YARA, and examining portable executables or malware (but not necessary).
\n
\nWhite papers can include those readily available from AWS, Microsoft, and/or Google regarding Cloud environments. I also recommend researching white papers published by Cado Security (as a side note, it was one of their early white papers I came across which helped form the foundation of this class. I have a standing agreement with them to refer to their material and give them credit, but I cannot use their tools and attempt to pass them off as my own) and by Dr. Raymond Choo at UTSA. Of course, there\'s always YouTube where students can take a crash course in learning about how to use tools such as TSK/Autopsy, Volatility, and YARA.
\n
\n\nWhat students should bring\n:
\n
\nStudents will need to bring their laptops with them. Minimum specs should be at least an 8th or 9th generation Intel i5 processor (or AMD equivalent) and 16GB of RAM. A Windows environment is preferred, but attendees are welcome to use MacOS or their personal flavor of Linux.
\n
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Kerry Hazelton
\n
\n- 16 hours of training with a certificate of completion.
\n
\n
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
\n​\n\n\n\n\n\n\n\n\''),(483,'\'Chris Greer - TCP/IP Deep Dive for Ethical Hackers – Featuring Wireshark $1,400\'','\'https://forum.defcon.org/node/245897\'','\'https://forum.defcon.org/node/245897\'','','','','\'\nURL=\nhttps://training.defcon.org/products...ring-wireshark\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\n
\n\nDescription\n:
\n
\nWe’re going to rip open pcaps with Wireshark and learn how this protocol really works.
\n
\n\nTraining description\n:
\n
\nAlmost every attack, intrusion, scan, and exfiltration involves the TCP protocol at some point. Whether we are hacking a system and need to better understand how networks/systems are enumerated and IDS’s do their thing, or we are defending our domain from a botnet attack, a deep understanding of the TCP protocol will help us do our jobs better and faster. In this course, get ready to go deep into TCP. We’re going to rip open pcaps with Wireshark and learn how this protocol really works. Don’t worry, there is FAR more to learn past the three-way handshake! We will learn how the MSS works, receive windows, selective acknowledgements, retransmissions, and much, much more! We will examine how TCP scan, OS enumeration, exfiltration, and C2 traffic looks on the wire, and how TCP fields can help us to filter for it fast. This will be an action-packed, hands-on course for Wireshark beginners as well as seasoned pros who want to pick up some new tricks. There is something for all experience levels in this course, although it will be targeted to the early-intermediate cybersecurity professional.
\n
\n\nTrainer(s) bio\n:
\n
\nChris Greer is a Packet Head. He is a Packet Analyst and Trainer for Packet Pioneer, a Wireshark University partner, and has a passion for digging into the packet-weeds and finding answers to network and cybersecurity problems. Chris has a YouTube channel where he focuses on videos showing how to use Wireshark to examine TCP connections, options, and unusual behaviors, as well as spotting scans, analyzing malware, and other IOC’s in the traffic. His approach to training is that if you aren’t having fun doing something, you won’t retain what you are learning, so he strives to bring as much hands-on and humor to the classroom as possible. Chris remembers what it was like to look at Wireshark for the first time, and knows how complicated packet analysis can be. With that in mind, he has designed an easy-to-follow course that will appeal both to the beginner and more advanced Packet Person.
\n
\nPast content:
\n
\nTCP Fundamentals (from Sharkfest – Approx 120 attendees): \nhttps://youtu.be/xdQ9sgpkrX8\n
\nTCP Congestion Control Explained- Advanced TCP Concepts: \nhttps://youtu.be/LNeZZZ_oslI\n
\nAnalyzing NMAP with Wireshark: \nhttps://youtu.be/RxoQTV74s1c\n
\n
\n
\n\nTrainer(s) social media links\n:
\n
\n\nhttps://twitter.com/packetpioneer\n
\n\nhttps://www.youtube.com/c/ChrisGreer\n
\n\nhttps://www.linkedin.com/in/cgreer/\n
\n
\n\nOutline\n:
\n
\n\nDay 1\n: (Each topic has a hands-on lab)
\n
\nCore Wireshark Concepts
\n
\nThe OSI Model and Protocol Headers
\nCapture Methods in a switched environment –Configuring a ring buffers with dumpcap
\n
\nConfiguring a Hacking Profile in Wireshark
\nCreating Custom Columns and Display filters
\n
\nCore Protocols
\nARP / IP / ICMP / DHCP / DNS Overview
\n
\nTCP Analysis
\n
\n\nDay 2\n:
\n
\n
\nTCP Analysis (continued)
\n
\nThe Handshake and Options
\nSequence and Acknowledgement
\nSACK and Dup Acks
\n
\nResets and Fins – how connections are torn down
\n
\nWhat Firewalls and IDS look for – War Stories
\n
\nAnalyzing Attack Traffic – Threat Hunting
\n
\nPackets and the MITRE ATT&CK framework
\n
\nConfiguring GeoIP
\n
\nCatching an NMAP scan – Stealth, Null, Xmas, and Connect
\n
\nHow OS Enumeration works and how to catch it
\n
\nAnalyzing Malware Behavior on the Wire – Trickbot, Emotet and more
\n
\n\nTechnical difficulty\n:
\n
\nThis is an intermediate course that will not leave the beginner behind. The labs are also designed so more experienced users will not get bored. There will be CTF-style questions to keep them busy.
\n
\n\nSuggested Prerequisites\n:
\n
\n[]
\n
\n\nWhat students should bring\n:
\n
\nLaptop with a recent copy of Wireshark from wireshark.org.
\n
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Chris Greer
\n- 16 hours of training with a certificate of completion for some classes
\n
\n- 2 coffee breaks are provided per day
\n
\n- Note: Food is not included
\n
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
\n​\n\n\n\n\n\n\n\n\''),(484,'\'Ruben Gonzalez - Hacking Cryptography $2,000\'','\'https://forum.defcon.org/node/245896\'','\'https://forum.defcon.org/node/245896\'','','','','\'\nURL=\nhttps://training.defcon.org/products...g-cryptography\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\n
\nHacking Cryptography
\n
\n\nDescription\n:
\n
\nWe\'ll deep-dive into modern cryptography. We\'ll learn how it works, how it is often times misused and how that leads to exploitable bugs.
\nMoreover, participants will learn how common cryptography screwups can be exploited.
\n
\n\nTraining description\n:
\n
\nCryptography is everywhere, whether you like it or not. Our laptops, phones, printers, cars, bank cards and washing machines use cryptography to authenticate, keep things confidential and make sure messages aren’t tampered with. However, very often developers, pentesters, system designers and code auditors are confronted with cryptography without having the gear to properly assess security of a specific use case.
\n
\nDuring this training we\'ll deep-dive into modern cryptography. We\'ll learn how it works, how it is often times misused and how that leads to exploitable bugs.
\nMoreover, participants will learn how common cryptography screwups can be exploited. To foster skills, participants will write their own exploits and use them on real world systems provided by us.
\n
\nThe first day will prepare you for (ab)using cryptography in products and services by going over the basic terminology, explaining modern primitives and showing common misuses of those primitives. You\'ll learn about tools and techniques to abuse such misuses along the way. On day two, we\'ll move on to more advanced primitives used in asymmetric cryptography and see how everything we have learned is employed in protocols and standards (such as TLS, JWT and FIDO).
\n
\nCertificate: At the end of the course participants can take a test to certify their knowledge.
\n
\n
\nPrevious Training: This training was previously held at private corporations.
\n
\n\nTrainer(s) bio\n:
\n
\nRuben Gonzalez (Lead Trainer, He/Him):
\n
\n* 10 years in offensive security research
\n* Bug hunter for cryptography code
\n* Lead trainer at Neodyme.io
\n* Auditor of crypto code for multiple large industry projects
\n* Part-time PhD candidate for cryptographic implementations at the Max Planck Institute
\n* Multi-time DEFCON CTF finalist (team Sauercloud)
\n* Twitter: redrocket_ctf
\n
\nTim Schmidt (Support Trainer, He/Him):
\n
\n* 5 years in vulnerability research
\n* Tinkerer and Hardware Hacker
\n* Profound interest in real-world attacks on cryptography
\n* Multi-time DEFCON CTF finalist (team Sauercloud)
\n* Trainer at Neodyme.io
\n
\n\nTrainer(s) social media links\n:
\n
\n\nOutline\n:
\n
\n\nDay 1\n:
\n
\n
\n* Introduction to Cryptography
\n* Basic Terminology
\n* Security Guarantees
\n* Composition of Primitives
\n* Attack Categorization
\n
\n* Working with Crypto Tools
\n* Manipulating Raw Bits and Bytes in the Terminal
\n* Using OpenSSL on the command line
\n* Introduction to Cyber Chef
\n* **Challenge Lab: OpenSSL and Cyber Chef**
\n
\n* Symmetric Crypto
\n* Stream Ciphers
\n* Introduction to Stream Ciphers
\n* The One Time Pad and XOR Ciphers
\n* Leveraging Partially Known Plaintext
\n* Modern Stream Ciphers: Salsa20/Chacha, RC4
\n* Nonce Reuse Attacks
\n* **Challenge Lab: (Ab)using Stream Ciphers**
\n* Block Ciphers
\n* Introduction to Block Ciphers (AES, 3DES)
\n* Modes of Operation (ECB, CBC, CTR, XTS)
\n* Bit Flipping & Nonce Reuse Attacks
\n* Padding Oracle Attacks
\n* **Challenge Lab: (Ab)using Block Ciphers**
\n* Encrypting Data at Rest
\n* (Compression) Side Channel Attacks
\n
\n* Hash Functions and Message Authentication Codes
\n* Introduction to Hash Functions
\n* Collision Attacks (SHA1/MD5)
\n* Length Extension Attacks
\n* Password Recovery with Rainbow Table Attacks
\n* SHA3, SHAKE and Sponge Constructions
\n* **Challenge Lab: (Ab)using Hash Functions and PW Cracking**
\n
\n* Introduction to Message Authentication Codes
\n* Introduction to Message Authentication Codes
\n* Pitfalls on trivial constructions
\n* Authenticated Encryption Modes
\n* **Challenge Lab: (Ab)using MACs and AuthEnc**
\n
\n* Entropy and Randomness
\n* Generating Secure Keys
\n* Introduction to the Linux Entropy Pool
\n* Misuse of Pseudo Random Number Generators
\n* Linear Congruential Generators
\n* Mersenne Twister
\n* Linear Feedback Shift Registers
\n* The Dual EC DRBG Backdoor
\n* **Challenge Lab: Keys and Randomness**
\n
\n\nDay 2\n:
\n
\n* Asymmetric Crypto / RSA
\n* Introduction to RSA
\n* Key Formats
\n* Basic Attacks on (Textbook) RSA
\n* Key Sizes and Brute Force
\n* RSA PKCS1.5 Signatures
\n* Padding/Bleichenbacher Attacks on RSA
\n* **Challenge Lab: RSA**
\n
\n* Asymmetric Crypto / ECC
\n* Introduction to Elliptic Curve Cryptography
\n* The Java ECC Screwup
\n* Exploiting ecDSA Nonce Reuse
\n* Invalid Point Attacks
\n* **Challenge Lab: ECC**
\n
\n* Public Key Infrastructure and Certificates
\n* Introduction to Certificates
\n* x509 Certificate Structure and Features
\n* Common Certificate Pitfall Examples
\n* Chain of Trust and PKI services
\n* TOFU Principle and Man-In-The-Middle Threats
\n* **Challenge Lab: Certificates and PubKeys**
\n
\n* Crypto Applications / Protocols
\n* High-level view on TLS
\n* High-level view on VPNs: IKE and Wireguard
\n* Choosing Security Parameters for Protocols
\n
\n* Crypto Applications / JWT
\n* Introduction to JWT
\n* Common JWT Implementation Bugs
\n* **Challenge Lab: Exploiting JWT**
\n
\n* Crypto Applications / WebAuthn, FIDO and TOTPs
\n* Introduction to Password-Less Authentication
\n* TOTP Algorithms and Seeds
\n* Understanding and Deploying FIDO2 and WebAuthn
\n* Footguns Regarding Password-Less
\n* **Challenge Lab: (Ab)using FIDO**
\n
\n* Outlook
\n* Sneak Peak at Post Quantum Crypto
\n* Upcoming Protocols and Primitives
\n
\n* Farewell
\n* **Presentation of Take Home Challenges**
\n* Recap - Cryptography
\n
\n\nTechnical difficulty\n:
\n
\nBeginner to intermediate
\n
\n\nSuggested Prerequisites\n:
\n
\nThe contents are compressed, but no prior knowledge of cryptography is needed. Every subject is introduced before attacks are presented.
\nStudents should be familiar with at least one scripting language (e.g. Bash or Python) and have a basic understanding of computer networks.
\n
\n\nWhat students should bring\n:
\n
\nParticipants should bring a laptop with administrator/root access to install software.
\n
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Ruben Gonzalez
\n
\n
\n- 16 hours of training with a certificate of completion.
\n
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n
\n
\n
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
\n​\n\n\n\n\n\n\n\n\''),(488,'\'Davide Cioccia - Hackable.sol: Smart Contract Hacking in Solidity $1,500\'','\'https://forum.defcon.org/node/245892\'','\'https://forum.defcon.org/node/245892\'','','','','\'\nURL=\nhttps://training.defcon.org/products...ng-in-solidity\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nHackable.sol: Smart Contract Hacking in Solidity
\n
\n\nDescription\n:
\nIdentify vulnerabilities in Smart Contracts written in Solidity
\n
\n\nTraining description\n:
\nA 2-day full hands-on training where you will learn how to identify vulnerabilities in Smart Contracts written in Solidity. During the course, we will go over 12 labs inspired by the major hacks that saw companies lose millions of dollars, implement Smart Contracts, but also perform security reviews and detect security flaws using manual analysis and automated tools.
\n
\nSome of the scenarios we will go through:
\n
\nThe list below contains some of the vulnerabilities that we will identify and fix in the labs:\n\nTrainer(s) bio\n:
\nDavide Cioccia is the founder of dcodx, a cybersecurity firm focusing on bridging the gap between development and security, working together with development teams to create and promote the DevSecOps security culture.
\n
\nHe is one of the first contributors to the OWASP Mobile Security Testing Guide and member of the SANS advisory board and Chapter Lead of DevSecCon Netherlands. He is also a speaker at international security conferences like BlackHat, OWASP AppSec, DevSecCon, Hacktivity and regional OWASP security events, where he presented different approaches and tools to automate mobile security testing in CI/CD, detect and prevent phishing attacks and automate infrastructure security in the release cycles.
\n
\nOn the personal side he loves to play racket sports, from tennis to padel, from ping pong to beach tennis. So hit him up for a match if you are in the Netherlands.
\n\nhttps://www.devseccon.com/chapters/dsc-netherlands/\n
\n\nhttps://appsecus2018.sched.com/event...-cicd-pipeline\n
\n\nhttps://www.blackhat.com/eu-18/arsen...-cioccia-36753\n
\n
\n\nTrainer(s) social media links\n:
\n\nhttps://www.linkedin.com/in/davidecioccia/\n
\n\nhttps://twitter.com/davide107\n
\n
\n\nOutline\n:
\nIntro to Ethereum and smart contracts
\nCourse introduction
\nBitcoin vs Ethereum
\nETH history: The Four stages of development
\nPOW vs POS
\nSharding and Beacon Chain
\nDocking
\nSmart Contracts part 1
\nSmart Contracts basics
\nEthereum Smart Contracts and Solidity
\nEVM
\n
\nAccounts, Transactions and Gas
\nStorage, Memory and Stack
\nVSCode and Remix IDE
\nLAB: Functions visibility in Solidity
\nLAB: Our first smart contract
\nSmart Contracts part 2
\nTypes, Enum and Events
\nMappings
\nInheritance
\nModifiers
\nSCW registry: the Smart Contracts CWE
\nReentrancy vulnerability: the DAO hack
\nLAB: Steal all my money (Reentrancy attack)
\nThe Open Zeppelin ReentrancyGuard Smart Contract
\nInterfaces
\nLAB: Block Timestamp Manipulation Vulnerability
\nAuthorization
\nAuthorization in Smart Contracts
\nThe Open Zeppelin Authorization Contracts
\nLAB: Authorization done properly
\nLAB: Tx.origin: Authorization bypass
\nDoS
\nSELFDESTRUCT
\nDoS With Block Gas Limit
\nDoS with Failed Call
\nMore vulnerabilities
\nInteger Overflow and Underflow
\nLAB: Integer Overflow exploitation to drain smart contracts
\nLAB: BatchTransfer Overflow (CVE-2018–10299)
\nLibraries
\nIntroduction to embedded and linked libraries
\nLAB: Delegatecall vs Call
\nLAB: Exploiting Proxy contracts and Delegate calls
\nSecurity auditing
\nManual vs automated audit.
\nIntroduction to Smart Contract reverse engineering
\nLAB: Tools: mythril
\nLAB: Tools: slither
\n
\nHow to build a comprehensive security auditing report
\nHack them all
\nFinal Smart Contract Hacking Challenge
\n
\n\nTechnical difficulty\n:
\nThe course is for beginners/intermediate that have some knowledge about smart contracts
\nKnowledge of the topics below is only recommended but not mandatory for this course.
\nBlockchain
\nSmart contracts and Remix IDE
\nBasic understanding of decentralized applications and their applicability
\n\nSuggested Prerequisites\n:
\nThe course starts from the basics of the blockchain and smart contracts.
\nUseful resources:
\n
\n- \nhttps://docs.soliditylang.org/en/v0.8.13/\n
\n- \nhttps://ethereum.org/\n
\n
\n\nWhat students should bring\n:
\n- Laptop with at least:
\n8 GB RAM
\n- Chrome Browser
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n:Davide Cioccia
\n- 16 hours of training with a certificate of completion.
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''),(489,'\'Madhu Akula - A Practical Approach to Breaking & Pwning Kubernetes Clusters $2,800\'','\'https://forum.defcon.org/node/245891\'','\'https://forum.defcon.org/node/245891\'','','','','\'\nURL=\nhttps://training.defcon.org/products...tes-clusters-2\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nA Practical Approach to Breaking & Pwning Kubernetes Clusters
\n
\n\nDescription\n:
\nTactics, Techniques, and Procedures (TTPs) to attack and assess Kubernetes clusters environments at different layers.
\n
\n\nTraining description\n:
\nThe adoption of Kubernetes use in production has increased to 83% from a survey by CNCF. Still, most security teams struggle to understand these modern technologies.
\nIn this real-world scenario-based training, each participant will be learning Tactics, Techniques, and Procedures (TTPs) to attack and assess Kubernetes clusters environments at different layers like Supply chain, Infrastructure, Runtime, and many others. Starting from simple recon to gaining access to microservices, sensitive data, escaping containers, escalating to clusters privileges, and even its underlying cloud environments.
\nBy end of the training, participants will be able to apply their knowledge to perform architecture reviews, security assessments, red team exercises, and pen-testing engagements on Kubernetes Clusters and Containersed environments successfully. Also, the trainer will provide step by step guide (Digital Book) with resources and references to further your learning.
\n
\n\nTrainer(s) bio\n:
\nMadhu Akula is a pragmatic security leader and creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and Cloud Native Security Architect with extensive experience. Also, he is an active member of the international security, DevOps, and Cloud Native communities (null, DevSecOps, AllDayDevOps, AWS, CNCF, USENIX, etc). He holds industry certifications like CKA (Certified Kubernetes Administrator), CKS (Certified Kubernetes Security Specialist), OSCP (Offensive Security Certified Professional), etc.
\n
\nMadhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON 24, 26, 27, 28, 29 & 30, BlackHat 2018, 19, 21 & 22, USENIX LISA 2018, 19 & 21, SANS Cloud Security Summit 2021 & 2022, O’Reilly Velocity EU 2019, Github Satellite 2020, Appsec EU (2018, 19 & 22), All Day DevOps (2016, 17, 18, 19, 20 & 21), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18), Nullcon 2018, 19, 21 & 22, SACON, Serverless Summit, null and multiple others.
\n
\nHis research has identified vulnerabilities in over 200+ companies and organizations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP, Adobe, etc. and is credited with multiple CVE’s, Acknowledgements, and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. He is the technical reviewer for Learn Kubernetes Security, Practical Ansible2 books by Packt Pub. Also won 1st prize for building an Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.
\n\nTrainer(s) social media links\n:
\n\nhttps://twitter.com/madhuakula\n
\n\nhttps://www.linkedin.com/in/madhuakula/\n
\n\nhttps://github.com/madhuakula\n
\nPrevious content:
\nBlackhat\nDEF CON TRAININGS LV 2022\n\nOutline\n:
\n\nSection-1\n:
\n* Kubernetes 101 - Fasttrack Edition
\n* Security Architecture review & Attack Trees using MITRE ATT&CK framework
\n* `kubectl` kung-fu to explore the cluster
\n* Attacking the supply chain by exploiting private registry
\n* Pwning the container images and gaining access to the cluster
\n* Exploiting security misconfigurations in the cluster
\n\nSection-2\n:
\n* Escaping out of the container to the host system to gain more privileges
\n* Bypassing NSP and gaining unauthorized access to other microservices
\n* Lateral movement from container to node and then complete cluster access
\n* Escalating from ServiceAccount to more RBAC privileges (No least privileges)
\n* Helm with Tiller service = ClusterPwn (Complete cluster takeover)
\n* Gaining access to k8s volumes, logs of the services, and sensitive data
\n* From application vulnerability to cloud provider access (attack chain)
\n\nSection-3\n:
\n* Hacker Container - The Swiss Army knife for hacking Kubernetes Clusters
\n* Exploiting Kubernetes Secrets and gaining access to third-party services
\n* DoS the services and cluster nodes by resources exemption
\n* Understanding Admission controller and possible attack surface around Webhooks
\n* Persisting in the clusters using Sidecar/Cronjob/DaemonSets
\n* Defense evasion techniques for Kubernetes Cluster environments
\n* Some useful hacks around `kubectl` (cheatsheet will be provided)
\n\nSection-4\n:
\n* Tools, and techniques beyond manual exploitation and analysis
\n* KubeAudit, KubeSec, popeye, trivy, dockle, rakkess, linters, and many others...
\n* Performing Docker & K8S CIS benchmarks to find all the possible security risks
\n* Auditing the cluster security posture from Code to Production running cluster
\n* Real-World case studies of Kubernetes Hacking, Vulnerabilities, and Exploits
\n* Best practices, Recommendations based on the Security Maturity
\n* Resources & references to further your attacks, exploitation, more learning
\n
\n\nTechnical difficulty\n:
\nIntermediate\n\nSuggested Prerequisites\n:
\nMy DEFCON 26 workshop on Attacking & Auditing Docker Containers Using Open Source tools and its video available at \nhttps://www.youtube.com/watch?v=ru7GicI5iyI\n
\n
\n\nWhat students should bring\n:
\nStudents will need a laptop with Wi-Fi capability.
\nI will be providing students with\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Madhu Akula
\n- 16 hours of training with a certificate of completion.
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included.
\n
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
\n​\n\n\n\n\n\n\n\n\''),(490,'\'Software Defined Radios 101 $2,500\'','\'https://forum.defcon.org/node/245890\'','\'https://forum.defcon.org/node/245890\'','','','','\'\nURL=\nhttps://training.defcon.org/products...ned-radios-101\n
\n
\n\n\n\n\n\n\nOriginally posted by \nURL\n\n\n\nName of Training\n:
\nSoftware Defined Radios 101
\n\nDescription\n:
\nThis class is a beginner\'s introduction to practical Software Defined Radio (SDR) applications and development with an emphasis on hands-on learning. If you have ever been curious about the invisible world of radio waves and signals all around you, but didn\'t know where to begin, then this course is for you. Students can expect to learn about basic RF theory and SDR architecture before moving on to hands-on development with real radios. Over the two-day course, the instructor will guide students through progressively more complicated RF concepts and waveforms, culminating in a small capstone CTF exercise. Students will be provided with a HackRF SDR for the duration of the class but will need to bring their own laptop to interface with the radio. VMs will be made available to students to download before class, along with an OS setup guide for those that prefer a bare-metal install. The VM/OS will have all the required drivers and frameworks to interface with the radio hardware, allowing us to jump right into hands-on exercises. My intent for this course is to lower the barrier of entry associated with RF hacking and give beginning students a practical understanding of RF and DSP applications with SDRs.
\n\nTraining description\n:
\nThis class is a beginner\'s introduction to practical Software Defined Radio (SDR) applications and development with an emphasis on hands-on learning. I am a firm believer that hands-on learning is the best type, so I have this course structured around multiple labs/exercises based on real world signals. I picked the HackRF SDR as the course radio because it is probably the best hobbyist radio for the price point, and is fairly easy to work with. I plan on front-loading the first block with any RF theory/lecture and quickly move onto basic signal analysis with a few open-source tools. We will then dive into GNUradio, first just using pre-made blocks, but eventually writing our own. The course will end with a capstone CTF that can double as a test for issuing a certificate.
\n\nTrainer(s) bio\n:
\nRichard currently works as a research scientist focusing on radio communications and digital signals processing applications. Before making the jump to research, he was a RF engineer and embedded software developer working on prototype radio systems and DSP frameworks. He is passionate about radios and wireless technology and will happily talk for hours on the subject if given the chance.
\n\nTrainer(s) social media links\n:
\n[]
\n
\n\nOutline\n:
\n\nDAY 1\n:
\nHours 1-2:
\n- Introduction to RF theory, waveforms, and basic modulation schemes (AM, FM, FSK, PSK, OOK)
\n- Nyquist sampling and aliasing
\n- A brief overview of Euler and complex numbers
\n- IQ sampling theory
\n- Overview of common Software Defined Radio architectures (what a LO is, overview of ADCs, how samples work, ect)
\n
\nHours 3-4:
\n- Introduction to GQRX and interfacing with the SDR
\n- Exercise/lab 1: All Along the Watchtower
\n- Basic demodulation in GQRX
\n- Exercise/lab 2: Imperial March
\n- Introduction to spectrum scanning
\n
\nHours 5-6
\n- Intro to capturing raw signals with your SDR
\n- Intro to inspecting raw signals
\n- Exercise/lab 3: Car Key Fobs
\n- Advanced signals inspection using Python and Inspectrum
\n- Exercise/lab 4: Burst IoT modem
\n
\nHours 7-8
\n- Introduction to GNUradio
\n- Key GNUradio flow graph components:
\n- Sources/sinks
\n- Filters
\n- Exercise/lab 5: Remove the Noise
\n- Demodulators
\n- Exercise/lab 6: FM Demod to a File
\n- Exercise/lab 7: AM Demod to a File
\n
\n\nDAY 2\n:
\nHours 1-2
\n- continue GNUradio flow graph components
\n- review filters, demodulation, sources/sinks
\n- Resamplers and resampling theory
\n- Long Exercise/lab 8: Putting it all together: FM radio in GNUradio
\n
\nHours 3-4:
\n- Introduction to out-of-tree modules
\n- Extending GNUradio through scripting and custom blocks
\n- Exercise/lab 9: Custom Python Blocks 1: Custom Demodulator
\n- Exercise/lab 10: Custom Python Blocks 2: Burst Extractor
\n- Advanced topics in RF: Control flow and RF mixing
\n
\nHours 5-6
\n- Extending GNUradio with OOT modules from the open-source community
\n- Exercise/lab 11: ADSB interception using an OOT block
\n- Advanced topics in RF: Correlation and Convolution
\n- Exercise/lab 11: Matched Filter Correlation
\n- Next steps: introduction to clock synchronization and data recovery
\n
\nHours 7-8
\n- Capstone exercise: RF Capture-the-Flag (CTF)
\n
\n\nTechnical difficulty\n:
\nBeginner. No specific skill or experience needed. We will do some Python programming, but nothing beyond some basic programs.
\n
\n\nSuggested Prerequisites\n:
\nBefore the class I will be sending out a VM/OS setup guide along with a short RF intro, just so everyone starts off at the same place.
\n
\n\nWhat students should bring\n:
\nStudents will need to bring a laptop capable of running a VMware or VirtualBox VM (VMs will be sent out before the class). You may also follow the instructor-provided installation guide for a bare-metal OS if you prefer. Recommended specifications for the laptop are:
\n- 4 core processor
\n- 8 GB of RAM
\n- at least 30 GB of free HDD/SSD space
\n- one free USB port for the SDR
\n
\nStudents should also bring a pair of headphones for listening to their SDR during the course; this is necessary in a classroom setting to keep the volume at a reasonable level.
\n
\n\nDATE\n: August 14th-15th 2023
\n\nTIME\n: 8am to 5pm PDT
\n\nVENUE\n: Caesars Forum, Las Vegas, NV
\n\nTRAINER\n: Richard
\n- 16 hours of training with a certificate of completion.
\n- 2 coffee breaks are provided per day
\n- Note: Food is not included
\n
\n\nRegistration terms and conditions\n:
\n
\nTrainings are refundable before July 1st, the processing fee is $250.
\n
\nTrainings are non-refundable after July 10th, 2023.
\n
\nTraining tickets may be transferred. Please email us for specifics.
\n
\nFailure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
\n
\nBy purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.\n\n\n\n\n\n\n\n\''); /*!40000 ALTER TABLE `training` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `vendors` -- DROP TABLE IF EXISTS `vendors`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `vendors` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(100) COLLATE utf8_unicode_ci NOT NULL, `description` varchar(5000) COLLATE utf8_unicode_ci NOT NULL, `linktitle` varchar(60) COLLATE utf8_unicode_ci DEFAULT NULL, `link` varchar(60) COLLATE utf8_unicode_ci DEFAULT NULL, `PicName` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `PicURL` varchar(256) COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=6253 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `vendors` -- LOCK TABLES `vendors` WRITE; /*!40000 ALTER TABLE `vendors` DISABLE KEYS */; INSERT INTO `vendors` VALUES (6210,'\'Black Hills Information Security\'','\'Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game.\'',NULL,NULL,'\'x_blackhills.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fx_blackhills.png?alt=media\''),(6211,'\'DEF CON 31 CFP Review Panel\'','\'\'',NULL,NULL,'NULL','NULL'),(6212,'\'DEF CON 31 CFP Review Panel\'','\'\'',NULL,NULL,'NULL','NULL'),(6213,'\'DEF CON Communications\'','\'The content associated with this organization is content that is appearing on a main stage during DEF CON 31, or has otherwise been specifically blessed by the conference. It was not organized by a village.\'',NULL,NULL,'NULL','NULL'),(6214,'\'Hacker Warehouse\'','\'HACKER WAREHOUSE is your one stop shop for hacking equipment. We understand the importance of tools and gear which is why we carry only the highest quality gear from the best brands in the industry. From RF Hacking to Hardware Hacking to Lock Picks, we carry equipment that all hackers need. Check us out at HackerWarehouse.com.\'',NULL,NULL,'\'n_hackerwarehouse.jpg\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_hackerwarehouse.jpg?alt=media\''),(6215,'\'HotWAN\'','\'HotWAN is offering 3 main products:\r\n\r\n1) Video Jig (Prototype) - Protect the Human Against Intrusive AI\r\n\r\n2) Pen Test Assistant (rev 3) - Automation of Open Source Hacker Tools, Mind Maps, Manual Testing Aid for Red Teams and Penetration Testers. Now, Virtual Machine and Raspberry Pi4 options\r\n\r\n3) Boot Monkey (rev 2) - Wireless Robotic Finger for laptop\'s power button and anti- screenlocking mechanism\'',NULL,NULL,'\'n_hotwan.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_hotwan.png?alt=media\''),(6216,'\'No Starch Press, Inc.\'','\'No Starch Press has been publishing the finest in geek entertainment since 1994. Come by to see our latest books, t-shirts and swag, and meet some of authors and our founder, Bill Pollock. Everything is discounted!\'',NULL,NULL,'\'n_nostarchpress_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_nostarchpress_black.png?alt=media\''),(6217,'\'EFF\'','\'EFF is the leading defender of online civil liberties. We promote innovator rights, defend free expression, fight illegal surveillance, and protect rights and freedoms as our use of technology grows.\'',NULL,NULL,'\'n_eff.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_eff.png?alt=media\''),(6218,'\'Capitol Technology University\'','\'Capitol Tech, accredited, non-profit university, offers over 17 cybersecurity degree programs at the bachelors, masters and doctoral level. Capitol Tech is one of the few universities in the nation offering cyberpsychology and offensive cyber engineering.\'',NULL,NULL,'\'x_capitol.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fx_capitol.png?alt=media\''),(6219,'\'OpenVPN\'','\'OpenVPN® is a leading global private networking and cybersecurity company that allows organizations to truly safeguard their assets in a dynamic, cost effective, and scalable way. With more than 60 million downloads of the core open source software and over 20,000 commercial customers, OpenVPN is changing the way the world thinks about online security.\'',NULL,NULL,'\'x_openvpn.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fx_openvpn.png?alt=media\''),(6220,'\'Hack The Box\'','\'Hack The Box is a leading gamified cybersecurity upskilling, certification, and talent assessment platform enabling individuals, businesses, government institutions, and universities to sharpen their offensive and defensive security expertise. They bring together the largest global cybersecurity community of more than 2M platform members and is on a mission to create and connect cyber-ready humans and organizations through highly engaging hacking experiences that cultivate out-of-the-box thinking. For more information, please visit hackthebox.com.\'',NULL,NULL,'\'x_hackthebox.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fx_hackthebox.png?alt=media\''),(6221,'\'University of Advancing Technology\'','\'UAT is an elite intimate private college in Tempe, AZ focused on educating students in advancing technology who desire to innovate in the areas of emerging technology disciplines including Advancing Computer Science, Information Security, Game and New Media technologies.\'',NULL,NULL,'\'x_uat.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fx_uat.png?alt=media\''),(6222,'\'Transportation Security Administration\'','\'TSA is leading the U.S. Government in a new effort to improve cybersecurity resilience by using outcome-focused measures in an effort that facilitates performance, rather than a prescriptive one-size-fits all approach. Stop by our booth and hear more about TSA and opportunities we might have available.\'',NULL,NULL,'\'x_tsa.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fx_tsa.png?alt=media\''),(6223,'\'Lacework\'','\'Lacework offers the data-driven security platform for the cloud and is the leading cloud-native application protection platform (CNAPP) solution. Only Lacework can collect, analyze, and accurately correlate data — without requiring manually written rules — across an organization’s cloud and Kubernetes environments, and narrow it down to the security events that matter.\'',NULL,NULL,'\'x_lacework.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fx_lacework.png?alt=media\''),(6224,'\'Ascent-Portal\'','\'Ascent-Portal provides an automated governance, security, and compliance platform that simplifies risk management and streamlines compliance. With the Ascent-Portal platform’s real-time compliance scoring, you can easily monitor your compliance posture and immediately identify areas for improvement, all while ensuring team accountability and reducing the compliance workload.\'',NULL,NULL,'\'x_ascentportal.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fx_ascentportal.png?alt=media\''),(6225,'\'Science & Design, Inc.\'','\'Science & Design is a new non-profit that builds free and open-source, public-interest software and helps other non-profits do the same. Our members have worked on ubiquitous software, including OnionShare, DDoSecrets, CalyxOS, Signal, Riseup, and more. Stop by our booth to learn about our organization, get a free usability consultation for your software, and participate in user research!\'',NULL,NULL,'\'n_sciencedesign_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_sciencedesign_black.png?alt=media\''),(6226,'\'HackerBoxes\'','\'HackerBoxes is the monthly subscription box for hardware hacking, DIY electronics, cybersecurity, and hacker culture. Each monthly HackerBox includes a carefully curated collection of projects, components, modules, tools, supplies, and exclusive items. HackerBox hackers connect online as a community of experience, support, and ideas. Your HackerBox subscription is like having a tiny hacker convention in your mailbox every month.\'',NULL,NULL,'\'n_hackerboxes.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_hackerboxes.png?alt=media\''),(6227,'\'Miscreants LLC\'','\'Miscreants is creating clothing for hackers heavily influenced by streetwear and security culture, looking to document the past, present, and future of cybersecurity history. As a brand, we strive to deliver original pieces that belong in your closet for decades.\'',NULL,NULL,'\'n_miscreants.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_miscreants.png?alt=media\''),(6228,'\'Cigent Technology, Inc.\'','\'Cigent, leaders in data recovery and removal, have built a storage device (for laptops, desktops, external media) with built-in data security. The drive by default makes data \"invisible\" - unreadable at the sector level, requiring MFA and Cigent software to access the storage. Advanced key creation and storage methodology have been implemented making it virtually impossible(?) to access the key. Additionally there is a dedicated microprocessor that monitors for attempts to wipe or clone the drive, boot off of an alternate OS, or ransom the drive - the drive automatically protects the data if it is attacked. It also has full drive erasure with unique firmware verification that confirms every block was truly wiped. Oh and wait - there\'s more...!\'',NULL,NULL,'\'n_cigent.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_cigent.png?alt=media\''),(6229,'\'Netool LLC\'','\'The netool.io Pro2, network engineering in your pocket. Connects to your iOS or Android device to detect a list of protocol including Tagged VLANs, CDP, LLDP, DHCP and more. Configure switches by a press of a button.\'',NULL,NULL,'\'n_netool.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_netool.png?alt=media\''),(6230,'\'Cryptocurrency Hackers\'','\'Experience modern finance technology first hand by visiting the Cryptocurrency Hackers stand at the Defcon vendor area. We distribute items relating to a number of projects including Monero, Bitcoin, Ethereum, and others. Show your cryptohacker colours with high quality wearables and custom badges. Try new devices and electronics, with access to the designers on site. Inform yourself of cryptocurrency science by exploring our infocard display rack. Our stand is your one stop shop for cryptocurrency hacker items and information.\'',NULL,NULL,'\'n_cryptocurrencyhackers_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_cryptocurrencyhackers_black.png?alt=media\''),(6231,'\'SLNT Inc.\'','\'SLNT Faraday products empower humanity to reclaim their right to disconnect. Our effortless signal blocking gear fits into everyday routines, making navigating modern life safer and healthier.\'',NULL,NULL,'\'n_slnt.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_slnt.png?alt=media\''),(6232,'\'Salty Security\'','\'Salty Security offers uniquely themed and originally designed merchandise that caters to the hacker mindset and lifestyle. Come by our booth for all your sticker, apparel and tech gadget needs, or find us online at https://saltysecurity.com!\'',NULL,NULL,'\'n_salty_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_salty_black.png?alt=media\''),(6233,'\'Xcape, Inc.\'','\'Pentesting products and services made by hackers for hackers. Cellular products and services for the sneakiest out of band connectivity on engagements.\'',NULL,NULL,'\'n_Xcape_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_Xcape_black.png?alt=media\''),(6234,'\'BoardSRC LLC\'','\'Boardsource offers custom mechanical keyboards and accessories for mechanical keyboard enthusiasts. With products ranging from DIY kits to premium aluminum boards, you\'re sure to find something that interests you whether you\'re new to the hobby or a seasoned veteran.\'',NULL,NULL,'\'n_boardsource.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_boardsource.png?alt=media\''),(6235,'\'Start9 Labs, Inc\'','\'Privacy and free speech are fundamental human rights and essential ingredients for a free society. Human history demonstrates that, when entrusted to others, these rights are invariably denied, resulting in great suffering. As such, it is necessary for individuals to protect their own privacy and right to speak freely. Fortunately, modern technologies, in the form of personal computers, encryption, and open, decentralized network protocols such as the Internet and Bitcoin, make this a real possibility. What is needed is a revolution in personal computing away from the current, hosted, custodial model that breeds dependency and corruption, towards a decentralized model, where individuals have absolute control over their data and communications. Start9 is empowering the community behind this movement with open source tools and education.\'',NULL,NULL,'\'n_start9.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_start9.png?alt=media\''),(6236,'\'The Calyx Institute\'','\'The Calyx Institute\'s mission is to educate the public about privacy in digital communications and to develop tools that anyone can use. By embracing \"privacy by design,\" we help make digital security and privacy more accessible to everyone. Members who support our nonprofit mission receive great membership perks like a hotspot with unlimited mobile data, a Pixel phone with CalyxOS privacy-focused operating system pre-installed, and more. Visit https://calyxinstitute.org/ or stop by our booth to learn more!\'',NULL,NULL,'\'n_calyx.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_calyx.png?alt=media\''),(6237,'\'XXX.VPN\'','\'We all know the only VPN you can 100% trust is the one you setup yourself. The next best option is VPN.XXX! No accounts and no storage of personal information and no logging ever! Whether you\'re a hacker, security professional, or simply someone who wants to protect their personal information, our VPN client is the solution for you. Our VPN client also features a direct connection to the TOR network, giving you even more options for anonymous browsing.\'',NULL,NULL,'\'n_vpn.xxx_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_vpn.xxx_black.png?alt=media\''),(6238,'\'SPARROWS Lock Picks\'','\'Manufacturer of Lock Picks & COVERT ENTRY TOOLS\r\n\r\nWith the largest selection of lock picks, covert entry and SERE tools available at DEF CON it¹s guaranteed we will have gear you have not seen before. New tools and classics will be on display and available for sale in a hands on environment. Our Product range covers Custom toolsets, Dimple picks, Disc Picks, Entry Tools, Practice locks, Bypass tools, Urban Escape & Evasion hardware and items that until recently were sales restricted. SPARROWS LOCK PICKS will be displaying a full range of gear including the newly released All Access bump keys, Dimple picks and The Monkey Paw. The \"Folder\" prototype will also be available for its first public viewing. All products will be demonstrated at various times and can be personally tested for use and Efficacy.\'',NULL,NULL,'\'n_sparrows.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_sparrows.png?alt=media\''),(6239,'\'PhysSec Education (Physical Security Village)\'','\'The Physical Security Village (formerly Lock Bypass Village) will be present in the vendor area too this year, loaded with physical hacking gear! We will have bypass tools, common keyed-alike keys, handcuffs, village swag, and more. We’ll have hands-on exhibits in the Village area where you can go and try out your new toys right away, without ever leaving DEF CON! Whether you’re new to hacking the physical world, or a seasoned pro, we’re sure we’ll have something for your needs (or at least… something you really want but totally don’t need).\r\n\r\nAll proceeds go towards the cost of putting on the village each year.\'',NULL,NULL,'\'n_physsec_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_physsec_black.png?alt=media\''),(6240,'\'DesignFlaw\'','\'Purveyors of limited edition clothing, music, art, stickers and more. Unique 0-day swag just for DEF CON 31. Follow the music in the vending area to find our booth!\'',NULL,NULL,'\'n_shadowvex.jpg\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_shadowvex.jpg?alt=media\''),(6241,'\'The Tor Project, Inc.\'','\'The Tor Project is a nonprofit developing free and open source software to protect people from tracking, censorship, and surveillance online. Tor’s mission is to advance human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, supporting their unrestricted availability and use, and furthering their scientific and popular understanding. Stop by our table to learn more, pick up some gear, and find out how you can get involved.\'',NULL,NULL,'\'n_thetorproject_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_thetorproject_black.png?alt=media\''),(6242,'\'Hak5 LLC\'','\'Discover the devices that have found their way into the hearts and tool-kits of the modern hacker. Notable for ease of use. Celebrated by geek culture. From comprehensive WiFi audits to covert network implants and physical access mayhem - Hak5 Gear gets the job done.\'',NULL,NULL,'\'n_hak5_logo_on_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_hak5_logo_on_black.png?alt=media\''),(6243,'\'1BitSquared LLC\'','\'1BitSquared\'s mission is to provide high quality, cutting edge, affordable, Open-Source Hardware and Software for Embedded Hardware engineers and hackers. Our systems are designed for advanced hobbyists, as well as University and civilian research programs as well as educational programs.\'',NULL,NULL,'NULL','NULL'),(6244,'\'The OWASP Foundation Inc.\'','\'The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.\'',NULL,NULL,'\'n_owasp.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_owasp.png?alt=media\''),(6245,'\'The SecOps Inc.\'','\'The SecOps Group (https://secops.group) is a globally recognized IT security company having vast experience of providing cyber security consultancy and education services. Our core business comprises two units, consultancy and education. The SecOps Group offer CREST accredited security consultancy services and through our exams, we provide an authentic and credible certification program that is up-to-date and represents real life business risks. The SecOps Group also runs a free pentest learning platform called “Vulnmachines”. \r\n\r\nPlease see our booth at Defcon and ask us how you can take a FREE exam.\'',NULL,NULL,'\'n_thesecopsgroup_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_thesecopsgroup_black.png?alt=media\''),(6246,'\'The Open Organisation of Lockpickers\'','\'The Open Organisation Of Lockpickers is back as always, offering a wide selection of tasty lock goodies for both the novice and master lockpicker! A variety of commercial picks, handmade picks, custom designs, practice locks, handcuffs, cutaways, and other neat tools will be available for your perusing and enjoyment! Stop by our table for interactive demos of this fine lockpicking gear or just to pick up a T-shirt and show your support for locksport. All sales exclusively benefit Toool, a 501(c)3 non-profit organization. You can purchase picks from many fine vendors, but ours is the only table where you know that 100% of your money goes directly back to the hacker community.\'',NULL,NULL,'NULL','NULL'),(6247,'\'Bizarre Magic Inc.\'','\'Brian Brushwood, host of National Geographic\'s Hacking the System, Discovery\'s Scam School, The Modern Rogue on YouTube, and most importantly: the podcast \"World\'s Greatest Con.\" We can\'t say why, but you should probably get caught up on that podcast before DEF CON.\'',NULL,NULL,'NULL','NULL'),(6248,'\'Mar Williams\'','\'Mar Williams is DEFCON\'s resident artist, created this year\'s official DEFCON badge, and has had a hand in informing the aesthetic of the conference since DC17. You can find their art throughout the hallways, on defcon tshirts, stickers and other swag. Mar will have high quality, signed prints of their DEFCON art available, as well as a selection of other art, stickers, plushes, and vaguely cat shaped baubles. Follow @spuxo on IG or patreon.com/spux\'',NULL,NULL,'\'n_marwilliams.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_marwilliams.png?alt=media\''),(6249,'\'Keyport, Inc.\'','\'Keyport® combines keys, pocket tools, & smart tech into one secure everyday multi-tool. We will be selling our latest modular product line (co-branded DEFCON 31 Editions) including the Keyport Pivot, Slide, Modules, Inserts, and accessories.\'',NULL,NULL,'\'n_keyport.jpg\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_keyport.jpg?alt=media\''),(6250,'\'Nuand LLC\'','\'Nuand is proud to join DEFCON this year and present new bladeRF products! Our versatile and high-performance bladeRF platform empowers researchers, developers, and security professionals to explore the wireless spectrum like never before. With capabilities that extend from radio-frequency analysis to security, our open-source ecosystem fosters innovation in radio communication and cybersecurity. Visit our booth to experience firsthand the power of bladeRF and meet our team of experts, who are passionate about providing the tools necessary to unlock new frontiers in wireless technology.\'',NULL,NULL,'NULL','NULL'),(6251,'\'Women in Security and Privacy\'','\'Women in Security and Privacy is a global non-profit committed to advancing women and underrepresented communities to lead the future of privacy and security. WISP\'s annual programming includes educational and skills workshops, mentoring and networking events, and career advancement and leadership training. WISP also provides stipends and scholarships for women and people from underrepresented communities to attend conferences and to receive training and certifications.\'',NULL,NULL,'\'n_WISP_black.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_WISP_black.png?alt=media\''),(6252,'\'SquareX Pte Ltd\'','\'SquareX presents \"Hackers: Superheroes of the Digital Age\" - a hacker comic book series that explores the often-misunderstood world of Hackers and Hacking. The series challenges the negative portrayal of hackers in mainstream media and showcases them as individuals who want to take on world problems with the one weapon they have — knowledge! Follow along as our protagonists navigate the complexities of being vigilante hackers and learn about the inner workings of real-life hacks. This thrilling series will have you on the edge of your seat, but beware: not everything goes as expected! Get a glimpse into the world of hacking and see these superheroes in a whole new light.\'',NULL,NULL,'\'n_squarex.png\'','\'https://firebasestorage.googleapis.com/v0/b/hackertest-5a202.appspot.com/o/DEFCON31%2Fn_squarex.png?alt=media\''); /*!40000 ALTER TABLE `vendors` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `villages` -- DROP TABLE IF EXISTS `villages`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `villages` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Activated` tinyint(1) NOT NULL, `Name` varchar(45) COLLATE utf8_unicode_ci NOT NULL, `JSONname` varchar(45) COLLATE utf8_unicode_ci NOT NULL, `TagName` varchar(5) COLLATE utf8_unicode_ci NOT NULL, `HomePage` varchar(70) COLLATE utf8_unicode_ci NOT NULL, `SchedulePage` varchar(90) COLLATE utf8_unicode_ci NOT NULL, `Map` enum('Harrahs','Linq','FlamingoLowerLevel','FlamingoThirdFloor','CaesarsForumBR','CaesarsSummitBR','CaesarsAcademyBR','CaesarsAllianceBR','None') COLLATE utf8_unicode_ci NOT NULL, `Mode` enum('Virtual','IRL','Hybrid','') COLLATE utf8_unicode_ci NOT NULL, `DCVillagesPage` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `DCForumPage` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL, `DCDiscordChan` varchar(70) COLLATE utf8_unicode_ci NOT NULL, `DCDiscordChanName` varchar(35) COLLATE utf8_unicode_ci NOT NULL, `SocialMediaLink1` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `SocialMediaLink2` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `SocialMediaLink3` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `SocialMediaLink4` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `SocialMediaLink5` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `SocialMediaLink6` varchar(80) COLLATE utf8_unicode_ci NOT NULL, `SocialMediaLink7` varchar(80) COLLATE utf8_unicode_ci NOT NULL, `VideoStreamSIte` enum('dcdiscord','villdiscord','youtube','twitch','dcdiscordyoutubetwitch') COLLATE utf8_unicode_ci DEFAULT NULL, `VIdeoStreamURL` varchar(90) COLLATE utf8_unicode_ci NOT NULL, `ThurHours` varchar(20) COLLATE utf8_unicode_ci NOT NULL, `FriHours` varchar(20) COLLATE utf8_unicode_ci NOT NULL, `SatHours` varchar(20) COLLATE utf8_unicode_ci NOT NULL, `SunHours` varchar(20) COLLATE utf8_unicode_ci NOT NULL, `Venue` varchar(30) COLLATE utf8_unicode_ci NOT NULL, `VillageLoc` varchar(100) COLLATE utf8_unicode_ci NOT NULL, `TalkLoc` varchar(50) COLLATE utf8_unicode_ci NOT NULL, `VillageDesc` text COLLATE utf8_unicode_ci NOT NULL, `DCVillageDescLink` varchar(60) COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`ID`), UNIQUE KEY `TagName` (`TagName`) ) ENGINE=InnoDB AUTO_INCREMENT=59 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `villages` -- LOCK TABLES `villages` WRITE; /*!40000 ALTER TABLE `villages` DISABLE KEYS */; INSERT INTO `villages` VALUES (2,1,'Aerospace Village','','ASV','https://aerospacevillage.org/','https://www.aerospacevillage.org/defcon-31-talks','CaesarsSummitBR','IRL','','https://forum.defcon.org/node/244860','https://discord.com/channels/708208267699945503/732393044363444264','#av-lounge-bar-text','https://twitter.com/secureaerospace','https://www.linkedin.com/company/aerospace-village/','https://twitter.com/hack_a_sat','https://discord.gg/gV4EWuk','https://www.youtube.com/c/AerospaceVillage','','',NULL,'','','','','','','Caesars Forum - Summit - 208-214 - Aerospace Village','','\'\n. \n\n\n\"Aerospace\n\n\n\n
\n
\n
\n.
\n
\nAerospace Village
\n
\nWhen: Friday to Sat 10:00 - 18:00, Sunday 10:00 to 14:00
\nWhere: Summit Ballroom, Forum
\n
\nTwitter: @secureaerospace
\nWebsite: \nwww.aerospacevillage.org\n
\n
\n
\nThe aviation and space industries, security researchers, and the public share a common goal: safe, reliable, and trustworthy aviation and space operations. For too long, negative perceptions and fractured trust on all sides have held back collaboration between the aviation, space, and security researcher communities that has advanced safety, reliability, and security of other industries. As the traditional domains of aviation safety and cybersecurity increasingly overlap, more effective collaboration between stakeholders ensures we will be safer, sooner, together.
\n
\nThrough the Aerospace Village, the security research community invites industry leaders, researchers and academia interested in aviation and space security, safety, and resilience to attend, understand, collaborate together to achieve our common goals. Empathy and understanding build common ground, while acts and words likely to increase division between these two communities undermine these efforts. The Aerospace Village welcomes those who seek to improve aviation and space security, safety, and resilience through positive, productive collaboration among all ecosystem stakeholders.
\n
\nOur Goal
\nThe Aerospace Village is a volunteer team of hackers, pilots, and policy advisors who come from the public and private sectors. We believe the flying public deserves safe, reliable, and trustworthy air travel which is highly dependent on secure aviation and space operations.
\n
\nOur Mission
\n- Create, sustain, and grow an inclusive community focused on aerospace cybersecurity;
\n- Inspire the next generation of aerospace cybersecurity leaders;
\n- Promote and develop aerospace cybersecurity expertise and knowledge.
\n
\nThe Aerospace Village will do this by:
\n
\n- Building connections, trust, and understanding among all Village participants.
\n- Developing aerospace security skills among DEF CON attendees through workshops and hands-on activities.
\n- Promoting constructive dialog through talks and interaction.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nSummit Ballroom, Forum\n\n\n\'',''),(3,1,'Artificial Intelligence Village','A.I. Village','AIV','https://aivillage.org/','https://aivillage.org/defcon31/','CaesarsAcademyBR','IRL','','https://forum.defcon.org/node/244776','https://discord.com/channels/708208267699945503/732733090568339536','#aiv-general-text','https://twitter.com/aivillage_dc','https://www.twitch.tv/aivillage','https://www.youtube.com/channel/UCBUw0vVET-kB7LPj_XsNQ9Q','https://discord.com/invite/GX5fhfT','','','','twitch','','','','','','','Caesars Forum - Academy - 401-406 - AI Village','','\'\n\n\n\n\"AI\n\n\n\n
\n
\n
\nA.I. Village
\n
\nWhen: Friday & Saturday: 10:00-18:00, Sunday: 10:00-12:00
\nWhere: Forums 401-406
\nTwitter: \n@aivillage_dc\n
\nWebsite: \nhttps://aivillage.org/\n
\n​
\nAI has exploded in the last couple years and is a new and unique attack surface for hackers. Come learn how ChatGPT, StableDiffusion, malware detectors, ML firewalls, and other AI based products work and how to break them. We will have talks sharing the latest research on these almost futuristic topics, as well as talks on developments in AI in traditional security. We will also host workshops for security experts new to AI to get you up to speed. New to this year are demo stations showing off how various AI technologies work including the guts of large language models, text to image models, and malware detectors. We will also host Prompt Detective where you learn prompt engineering to get various LLMs to perform tasks for you, including ones they are trained not to do.
\n
\nWe are also running the Generative Red Team, the largest ever in person assessment for any group of AI models.​\nAttached Files\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 10:00\n\n\n\nEnds\n\nAugust 11, 2023 18:00\n\n\n\nLocation\n\nForums 401-406\n\n\n\'',''),(4,1,'AppSec Village','','APV','https://www.appsecvillage.com/','https://www.appsecvillage.com/events/dc-2023','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244879','https://discord.com/channels/708208267699945503/790973922949726228','#asv-general-text','https://twitter.com/AppSec_Village','https://linkedin.com/company/appsecvillage','https://www.youtube.com/c/AppSecVillage','https://discord.gg/5XY8qYXd7R','','','',NULL,'','','','','','','Flamingo - Savoy - AppSec Village','','\'\n. \n\n\n\"AppSec\n\n\n\n
\n
\n
\n
\n
\n
\n
\n.
\nAppsec Village
\n
\nWhen: Friday to Sat 10:00 - 20:00, Sunday 10:00 to 14:00
\nWhere: Savoy in Flamingo
\nTwitter: \n@AppSec_Village\n
\nWebsite: \nhttps://www.appsecvillage.com/\n
\n
\nThe first four AppSec Villages at DEF CON were a resounding success. We
\nlearned that whether in person or online, our AppSec community is fantastic.
\nWe are pumped to be back bigger and better.
\n
\nCome immerse yourself in everything the world of application security has
\nto offer. Whether you are a red, blue, or purple teamer, come learn from the
\nbest of the best to exploit software vulnerabilities and secure software.
\nSoftware is everywhere, and Application Security vulnerabilities are lurking
\naround every corner, making the software attack surface attractive for
\nabuse. If you are just an AppSec n00b or launch deserialization attacks for
\nfun and profit, you will find something to tickle your interest at the
\nAppSec Village.
\n
\nSoftware runs the world. Everything from IoT, medical devices, the power
\ngrid, smart cars, and voting apps - all have software behind them. Such a
\nvariety of topics will be reflected in our cadre of guest speakers
\nrepresenting all backgrounds and walks of life.
\n
\nAppSec Village welcomes all travelers to choose from talks and workshops by
\nexpert community members, an all-AppSec-focused CTF, contests that challenge
\nyour mind and your skillz, and more. Bring your thirst for knowledge and
\npassion for breaking things, and your visit to AppSec Village will be
\nthrilling!​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nSavoy in Flamingo\n\n\n\'',''),(6,1,'Blacks in Cybersecurity','Blacks In Cybersecurity Village','BICV','https://www.blacksincyberconf.com/bic-village','https://www.blacksincyberconf.com/bic-village','CaesarsAllianceBR','IRL','','https://forum.defcon.org/node/244885','','','https://twitter.com/BlackInCyberCo1','https://www.instagram.com/blackincyberconf/','https://www.twitch.tv/blacksincybersecurity','https://www.youtube.com/channel/UCEBEQ0oRA2LPnc2wm2TO5IA','https://www.linkedin.com/company/blackincyberconference','https://www.patreon.com/blacksincybersecurity','https://www.facebook.com/blackincyberconf/',NULL,'','','','','','','Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village','','\'\n. \n\n\n\"Black\n\n\n\n
\n
\n
\n
\n
\n
\n
\n.
\n
\nBlacks In Cyber Village
\n
\nWhen: Friday: 10:00 AM – 18:00 PM, Saturday: 10:00 AM – 18:00 PM, Sunday: Closed
\nWhere: Alliance 301-303 Forum
\n
\nTwitter: \n@BlackInCyberCo1\n
\nWebsite: \nwww.blacksincyberconf.com/bic-village\n
\n
\nThe Blacks In Cybersecurity (B.I.C.) Village is excited to present at DEF CON 31 in highlighting the ingenuity of the Black and minority communities by way of the presentation of personal hobbyist exploration, research, work experience and contributions that translate to innovation and new perspectives in Cybersecurity.
\n
\nOur village mission is to bring together Black practitioners in the Cybersecurity field to share knowledge, best practices, and experiences. We are committed to building a community of support, mentorship, and collaboration, and to developing the next generation of Black cybersecurity professionals.
\n
\nOur village works to create a space to allow for more diverse hobbyists and professionals to engage and contribute. The village seeks to discuss issues in disparity that affect education, literacy, privacy & safety in the digital world as well as be a conducive environment to normalize the discussion of deficiency or prejudices for minority communities.
\nOur village offerings will include a themed CTF competition, talks throughout the conference duration and opportunities for interactive learning! \n\n\n\"Click\n\n\n\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 10:00\n\n\n\nEnds\n\nAugust 12, 2023 18:00\n\n\n\nLocation\n\nAlliance 301-303 Forum\n\n\n\'',''),(7,1,'Bio Hacking Village','Biohacking Village','BHV','https://www.villageb.io/','https://www.villageb.io/defcon31-2023','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244865','https://discord.com/channels/708208267699945503/735273390528528415','#bhv-orientation-text','http://twitter.com/dc_bhv','https://www.linkedin.com/company/biohacking-village','http://youtube.com/biohackingvillage','https://www.twitch.tv/biohackingvillage','https://discord.gg/Q8ubDb5','https://www.instagram.com/biohacking_village/','https://open.spotify.com/show/1xSdh2493Wyec3beEIrFuc?si=ibr2bb7NR5macXKzfEAYdA',NULL,'','','','','','','Flamingo - Laughlin I,II,III - Biohacking Village','','\'\n. \n\n\n\"Biohacking\n\n\n\n
\n
\n
\n
\n
\n.
\n
\nBiohacking Village
\n
\nWhen: Friday: 10-1800, Saturday: 10-1800 Sunday: 10-1400
\nWhere: Laughlin, Flamingo
\n
\nTwitter: @dc_bhv
\nWebsite: \nhttps://villageb.io\n
\n
\nTHE BIOHACKING VILLAGE, a 501(C)3 organization, (EIN:83-3941279), is uniquely poised to inform global conversations in health care cybersecurity research. The Biohacking Village brings forth compelling issues in emerging biotechnology, regulations, medical and pharmaceutical manufacturing, cybersecurity, and citizen science. We have been a platform for pursuing greater depth in the bioeconomy, exploring new avenues for
\ncollaborations, and innovation. Our participants and attendees include: patients, clinicians, hackers, manufacturers, regulators, hospital administrators, and others seeking healthier futures through meaningful technology. This community delivers hands-on, strident learning labs to influence healthcare, industry, and manufacturing.
\n
\n
\nDEVICE LAB
\nA highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.
\n
\n
\nCAPTURE THE FLAG
\nFeaturing the virtual learning environment of St. Elvis Hospital, the CTF offers protocol, regulatory, and biological challenges to access and assess vulnerabilities in real devices.
\n
\n
\nCATALYST LAB
\nProviding interaction with thought leaders from the medical device and citizen science communities through training and hands-on workshops and solutions design, to cover the entirety of the biomedical device and security ecosystem.
\n
\n
\nSPEAKER LAB
\nFostering critical thinking, problem solving, human interaction literacy, ethics debates, creativity, and collaboration. Subject matter experts and researchers share the future of their research, reflecting the biological technologies and emerging threats.
\n
\n
\nTABLETOP EXERCISES
\nExperiential and immersive sessions of increasing complexity and difficulty regarding vulnerabilities in a series of Machiavellian healthcare industry scenarios.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nLaughlin, Flamingo\n\n\n\n\n\'',''),(8,1,'Blue Team Village','','BTV','https://blueteamvillage.org/','https://cfc.blueteamvillage.org/dc31/schedule/#','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244855','https://discord.com/channels/708208267699945503/732454317658734613','#btv-general-text','https://twitter.com/BlueTeamVillage','https://twitch.tv/blueteamvillage','https://www.youtube.com/c/blueteamvillage','https://discord.gg/blueteamvillage','','https://discord.com/invite/blueteamvillage','','twitch','','','','','','','Flamingo - Sunset - Scenic - Blue Team Village','','\'\n. \n\n\n\"Blue\n\n\n\n
\n
\n
\n.​
\n
\nWhen: Friday to Sat 10:00 - 20:00, Sunday 10:00 to 14:00
\nWhere: Scenic, Flamingo
\n
\nTwitter: \n@BlueTemVillage\n
\nWebsite: \nhttps://blueteamvillage.org/\n
\nDEFCON Social: @\nblueteamvillage@defcon.social\n
\n
\nBlue Team Village (BTV)
\n
\nWelcome to the other side of the hacking mirror. Blue Team Village (BTV) is both a place and a community built for and by people who defend computer systems, networks, and people against cyber-attacks. It\'s a place to gather, talk, share, and learn from each other about the latest tools, technologies, and tactics that our community can use to detect attackers and prevent them from achieving their goals.
\nProject Obsidian – BTV’s Home-Grown Content
\n
\nThe Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Malware Analysis, Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH). Deep dive into technical topics through workshops and exercises that provide practical hands-on experience across each discipline. Project Obsidian workshops provide cybersecurity training that will enable attendees to develop skills needed to be successful in their current and/or future role.
\n
\nTwo of the most valuable takeaways are how to strategically approach a task and the operational processes that support the objectives behind each task. Knowing ‘how’ to do something is only part of the challenge. Knowing ‘when’ and ‘why’ to perform certain tasks adds necessary context to develop the full story of defensive cybersecurity.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nScenic, Flamingo\n\n\n\'',''),(9,1,'Car Hacking Village','','CHV','https://www.carhackingvillage.com/','https://www.carhackingvillage.com/defcon-31-talks','CaesarsSummitBR','IRL','','https://forum.defcon.org/node/244891','https://discord.com/channels/708208267699945503/732722838942777474','#chv-general-text','https://twitter.com/CarHackVillage/','http://youtube.com/@carhackingvillage','','','','https://discord.gg/JWCcTAM','',NULL,'','','','','','','Caesars Forum - Summit - 234 - Car Hacking Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n.
\nCarhacking Village
\n
\nWhen: Friday 10:00 - 17:00, Saturday 10:00 - 17:00, Sunday 10:00 - 12:00
\nWhere: Contest Area, Forums​
\n
\nTwitter: \n@CarHackVillage\n
\nWebsite: \nhttps://www.carhackingvillage.com/\n
\n
\nA group of professional and hobbyist car hackers who work together to provide
\nhands-on, interactive car hacking learning, hardware, and interactive contests. The
\nprimary goal of the Car Hacking Village is to build a community around discovering
\nweaknesses and exposing vulnerabilities that could significantly impact the safety and
\nsecurity of all drivers and passengers on the road today. Educating security researchers
\non the functionality of vehicle systems coupled with providing them with the opportunity
\nto gain hands-on experience working side by side with experts in this field is a plus for
\nthe attendees.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 12:00\n\n\n\nLocation\n\nContest Area, Forums​\n\n\n\n\n\'',''),(11,1,'Cloud Village','','CLV','https://cloud-village.org/','https://cloud-village.org/#talks','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244897','https://discord.com/channels/708208267699945503/732733373172285520','#cloudv-general-text','https://twitter.com/cloudvillage_dc','https://www.youtube.com/cloudvillage_dc','https://discord.gg/EygUDJABee','','','','','youtube','','','','','','','Flamingo - Mesquite - Cloud Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n.
\nCloud Village
\n
\nWhen: Friday: 10:00 - 17:00, Saturday: 10:00 - 17:00, Sunday: 10:00 - 13:00
\nWhere: Mesquite, Flamingo
\n
\nTwitter: \n@cloudvillage_dc\n
\nWebsite: \nhttps://cloud-village.org\n
\n
\nWith the industry’s rapid growth in cloud infrastructure, the presence of an open platform to discuss and showcase cloud research becomes a necessity. Cloud village is an open platform for researchers interested in the area of cloud security. We plan to organise talks, tool demos, CTF and workshops around Cloud Security and
\nadvancements.
\n
\nOur CTF will be a jeopardy style 2.5 days contest where participants will have to solve challenges around Cloud infrastructure, security, recon, etc. These challenges will cover different cloud platforms including AWS, GCP, Azure, Digital Ocean, etc. We will also reward our top 3 teams with awards.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 13:00\n\n\n\nLocation\n\nMesquite, Flamingo\n\n\n\n\n\'',''),(13,1,'Crypto Privacy Village','Crypto & Privacy Village','CPV','https://cryptovillage.org/','https://cryptovillage.org/','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244871','https://discord.com/channels/708208267699945503/732734002011832320','#cpv-general-text','https://twitter.com/cryptovillage','https://cryptovillage.slack.com/','https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ','https://www.twitch.tv/cryptovillage/','','','','youtube','','','','','','','Flamingo - Sunset - Vista - Crypto & Privacy Village','','\'\n. \n\n\n\"Crypto\n\n\n\n
\n
\n
\n.​
\nCrypto & Privacy Village
\n
\nWhen: Friday: 10 - 20:00, Saturday: 10 - 20:00, Sunday: 10 - 14:00
\nWhere: Vista, Flamingo
\n
\nTwitter: @cryptovillage
\nWebsite: \nhttps://cryptovillage.org\n
\nDEFCON social: @\ncryptovillage@defcon.social\n
\n
\nLaunched in 2014, Crypto & Privacy Village (CPV) is a community-run village centered on privacy and cryptography that aims to educate and inform the general public, students, educators, hackers, security and privacy professionals, and policymakers. We provide a unique hybrid space that features talks; a chill space for relaxing with friends, doing CTFs, and cross-industry networking; the Gold Bug Challenge and desk for hints and support; privacy-related art installations; and an information desk for questions about privacy and cryptography. Come talk with us about facial recognition technology, privacy enhancing clothing, or crypto backdoor laws!​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nWhere: Vista, Flamingo\n\n\n\'',''),(14,1,'Data Duplication Village','','DDV','https://dcddv.org/','https://dcddv.org/dc31-schedule','CaesarsSummitBR','IRL','','https://forum.defcon.org/node/244903','https://discord.com/channels/708208267699945503/732732641694056478','#ddv-general-text','https://twitter.com/DDV_DC','https://www.twitch.tv/defcon_groups','https://discord.gg/bsX4QXf3rD','https://www.youtube.com/channel/UCRQRZ6AmjZmaRYR_MUggmwA','','','',NULL,'','','','','','','Caesars Forum - Summit - 231 - Data Dupe Vlg','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n.
\nData Duplication Village
\n
\nWhen:
\nThursday: 4:00pm to 7:00pm
\nFriday: 10:00am to 5:00pm
\nSaturday: 10:00am to 5:00pm
\nSunday: 10:00am to 11:00am (last chance pickup)
\nWhere: Academy 410, Forum
\n
\nTwitter: \n@DDV_DC\n
\n
\nThe Data Duplication Village is ready for DC 31! We have all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you\'re looking for something to fill up all your unused storage, we have a few nice hash tables and all of the DefCon talks. Add to that just about every other security con talk known to human-kind! We provide a "free-to-you" service where of direct access to terabytes of useful data to help build those hacking skills.
\n
\nCheck the schedule and/or dcddv.org for the most up-to-date information.
\n
\nHOW IT WORKS
\nThe DDV provides a core set of drive duplicators and data content options. We accept 6TB and larger drives on a first come, first served basis and duplicate \'till we can no longer see straight. Bring in your blank SATA3 drives - check them in early - to get the data you want. Come back in about 24 hours to pick up your data-packed drive. Space allowing, we\'ll accept drives all the way through until Saturday morning - but remember, it\'s FIFO - get those drives in early!
\n
\nWHAT YOU GET
\nWe\'re working on more content right up until the last minute but for dc29, we provided:
\n- 6TB drive 1-3: All past hacking convention videos that DT could find, built on last years collection and always adding more for your data consuming appetite.
\n- 6TB drive 2-3: freerainbowtables.com hash tables (1-2)
\n- 6TB drive 3-3: GSM A5/1 hash tables plus remaining freerainbowtables.com data (2-2)
\nThe DC 30 content will be posted at dcddv.org once finalized
\n
\nDT and KnightOwl post the up-to-date details in the DC Forum thread and you are encouraged to ask any questions you have there as con approaches.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 11:00\n\n\n\nLocation\n\nAcademy 410, Forum\n\n\n\'',''),(16,1,'Ham Radio Village','','HRV','https://hamvillage.org/','','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244915','https://discord.com/channels/708208267699945503/732733631667372103','#hrv-ctf-nye','https://twitter.com/HamRadioVillage','https://www.twitch.tv/HamRadioVillage','','','','https://discord.gg/hrv','','twitch','','','','','','','Flamingo - Virginia City - Ham Radio Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n.
\nHam Radio Village
\n
\nWhen:
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\nSunday: 10:00 to 14:00
\nWhere: Virginia City, Flamingo
\n
\nTwitter: \n@HamRadioVillage\n
\nDEFCON Social:\nhttps://defcon.social/@HamRadioVillage\n
\nWebsite: \nhttps://hamvillage.org\n
\n
\nHam radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, Ham Radio Village is here to support advancement of the hobby with a cybersecurity slant. Everything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. In the HRV, you can learn hand-on with topics such as how to legally use a radio to send commands to a satellite, communicating around the globe when no other methods exist, and how to send and receive real-time location data without relying on any cellular networks. You can put your skills to the test by trying to find the hidden transmitters in the Ham Radio Fox Hunt contest, as well as transmitting memes over the airwaves to defcon attendees. We provide license testing services for those looking to become licensed or upgrade their license class, as well as guidance on how to hack on the medium to achieve the best results and have the most fun!​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nVirginia City, Flamingo\n\n\n\'',''),(17,1,'Hardware Hacking and Solder Skills Villages','Hardware Hacking Village','HHV','https://dchhv.org/','https://dchhv.org/schedule/schedule.html','CaesarsAllianceBR','IRL','','https://forum.defcon.org/node/244921','https://discord.com/channels/708208267699945503/732728536149786665','#hhv-welcome-text','https://twitter.com/DC_HHV','','','','','','',NULL,'','','','','','','Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n.
\nHardware Hacking Village & Soldering Skills Village
\n
\nWhen:
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\nSunday: 10:00 - 13:00
\n
\nWhere: 312, 311, 320, Forums
\nTwitter: \n@DC_HHV\n​
\nWebsite: \nhttps://dchhv.org\n
\n
\nEvery day our lives become more connected to consumer hardware. Everyday the approved uses of that hardware are reduced, while the real capabilities expand. Come discover hardware hacking tricks and tips regain some of that capacity, and make your own use for things! We have interactive demos to help you learn new skills.
\n
\nWe have challenges to compete against fellow attendees. We have some tools to help with your fever dream modifications. Come share what you know and learn something new.
\n
\nDetails @ \ndchhv.org​\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 13:00\n\n\n\nLocation\n\n312, 311, 320, Forums\n\n\n\'',''),(18,1,'Industrial Control Systems Village','ICS Village','ICSV','https://www.icsvillage.com/','https://www.icsvillage.com/defconevents/def-con-31','CaesarsAllianceBR','IRL','','https://forum.defcon.org/node/244927','https://discord.com/channels/708208267699945503/735938018514567178','#ics-101-text','https://twitter.com/ICS_Village','https://www.linkedin.com/company/icsvillage/','https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw','https://www.twitch.tv/ics_village','','','',NULL,'','','','','','','Caesars Forum - Alliance - 313-319 - ICS Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n.
\nICS Village
\n
\nWhen:
\nFriday: 10-8
\nSaturday: 10-8
\nSunday: 10-2
\nWhere: 414,415, 416, 417, 418, 419, Forums
\n
\nTwitter: \n@ics_village\n
\nWebsite: \nwww.icsvillage.com\n
\n
\nMission. ICS Village is a non-profit organization with the purpose of providing education and awareness of Industrial Control System security.
\n
\nConnecting public, industry, media, policymakers, and others directly with ICS systems and experts.
\nProviding educational tools and materials to increase understanding among media, policymakers, and general population.
\nProviding access to ICS for security researchers to learn and test.
\nHands on instruction for industry to defend ICS systems.
\n
\n
\nWhy. High profile Industrial Controls Systems security issues have grabbed headlines and sparked changes throughout the global supply chain. The ICS Village allows defenders of any experience level to understand these systems and how to better prepare and respond to the changing threat landscape.
\n
\nExhibits. Interactive simulated ICS environments, such as Hack the Plan(e)t and Howdy Neighbor, provide safe yet realistic examples to preserve safe, secure, and reliable operations. We bring real components such as Programmable Logic Controllers (PLC), Human Machine Interfaces (HMI), Remote Telemetry Units (RTU), actuators, to simulate a realistic environment throughout different industrial sectors. Visitors can connect their laptops to assess these ICS devices with common security scanners, network sniffers to sniff the industrial traffic, and more!
\n
\nThe Village provides workshops, talks, and training classes.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\n414,415, 416, 417, 418, 419, Forums\n\n\n\'',''),(19,1,'Internet Of Things Village','IoT Village','IOTV','https://www.iotvillage.org/','','CaesarsAllianceBR','IRL','','https://forum.defcon.org/node/244939','https://discord.com/channels/708208267699945503/732734565604655114','#iotv-hangout-zone-text','https://twitter.com/iotvillage','https://twitter.com/ISEsecurity','https://twitter.com/Villageidiotlab','https://www.linkedin.com/showcase/iotvillage','https://www.twitch.tv/iotvillage','https://www.youtube.com/c/IoTVillage/videos','https://discord.gg/EFKbNFrFaN',NULL,'','','','','','','Caesars Forum - Alliance - 307-310 - IOT Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n
\n.
\nIoT Village
\n
\nWhen:
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\nSunday: 10:00 - 15:00
\nWhere: 307-310, Forums
\n
\nTwitter: \n@IoTvillage\n
\nWebsite: \nhttps://www.iotvillage.org/\n
\n
\n
\nIoT Village advocates for advancing security in the Internet of Things (IoT) industry through bringing researchers and industry together. IoT Village hosts talks by expert security researchers, interactive hacking labs, live bug hunting in the latest IoT tech, and competitive IoT hacking contests. Over the years IoT Village has served as a platform to showcase and uncover hundreds of new vulnerabilities, giving attendees the opportunity to learn about the most innovative techniques to both hack and secure IoT. IoT Village is organized by security consulting and research firm, \nIndependent Security Evaluators (ISE)\n.
\n
\nIoT Village will have our 4 time black badge CTF, 101 labs, live bug hunting, hands on hacking demos, and more!
\n​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 15:00\n\n\n\nLocation\n\n307-310, Forums\n\n\n\'',''),(20,1,'Physical Security Village','','PSV','https://www.physsec.org/','','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244958','https://discord.com/channels/708208267699945503/732732893830447175','#lbv-social-text','https://twitter.com/physsec','https://www.twitch.tv/bypassvillage','https://linkedin.com/company/physsec','','','','',NULL,'https://www.twitch.tv/bypassvillage','','','','','','Flamingo - Carson City - Physical Security Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n.
\nPhysical Security Village
\n
\nWhen: Friday to Sat 10:00 - 20:00, Sunday 10:00 to 14:00
\nWhere: Carson city I & II ,Flamingo
\nTwitter: \n@physsec\n
\nWebsite: \nhttps://physsec.org\n
\n
\nThe Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself.
\n
\nWe’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside.
\nLooking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nCarson city I & II ,Flamingo\n\n\n\n\n\'',''),(22,1,'Lock Pick Village','Lockpick Village','LPV','https://www.toool.us/','','Linq','IRL','','https://forum.defcon.org/node/244933','https://discord.com/channels/708208267699945503/732734164780056708','#lpv-general-text','https://twitter.com/toool','https://www.twitch.tv/toool_us','https://youtube.com/c/TOOOL-US','','','','',NULL,'','','','','','','LINQ - 5th Floor / BLOQ - Lockpick Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n.
\nLockpick Village
\n
\nWhen:
\nFriday: 10:00-18:00
\nSaturday: 10:00-18:00
\nSunday: 10:00-14:00
\nWhere: Bloq, Linq
\n
\nTwitter: \n@toool\n
\nWebsite: \nhttps://www.toool.us/\n
\n
\nWant to tinker with locks and tools the likes of which you\'ve only seen in movies featuring secret agents, daring heists, or covert entry teams?
\n
\nThen come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.
\n
\nThe Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.
\n
\nExperts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.
\n​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nBloq, Linq\n\n\n\'',''),(23,1,'Packet Hacking Village','','PHV','https://www.wallofsheep.com/','https://www.wallofsheep.com/pages/dc31#talks','CaesarsAcademyBR','IRL','','https://forum.defcon.org/node/244945','https://discord.com/channels/708208267699945503/708242376883306526','#phv-infobooth-text','http://www.twitter.com/wallofsheep','https://www.facebook.com/wallofsheep','https://youtube.com/wallofsheep','https://twitch.tv/wallofsheep','https://www.periscope.tv/wallofsheep','https://wallofsheep.tumblr.com/','https://www.instagram.com/wallofsheep/','dcdiscordyoutubetwitch','','','','','','','Caesars Forum - Academy - 411-414 - Packet Hacking Village','','\'\n. \n\n\n\"\"\n\n\n\n
\n
\n
\n
\n
\n
\n.
\nThe Packet Hacking Village
\n
\nWhen:
\nFriday: 9am - 6pm
\nSaturday: 9am - 6pm
\nSunday: 9am - 1pm
\nWhere: Forum 413
\n
\nTwitter:
\nWebsite: \nhttps://www.wallofsheep.com\n
\n
\nThe Packet Hacking Village is where you’ll find network shenanigans and a whole lot more. There’s exciting events, live music, competitions with awesome prizes, and tons of giveaways. PHV welcomes all DEF CON attendees and there is something for every level of security enthusiast from beginners to those seeking a black badge. Wall of Sheep gives attendees a friendly reminder to practice safe computing through strong end-to-end encryption. PHV Speakers, Workshops, and Walkthrough Workshops delivers high quality content for all skill levels. Packet Detective and Packet Inspector offers hands-on exercises to help anyone develop or improve their Packet-Fu. WoSDJCo has some of the hottest DJs at con spinning live for your enjoyment. Finally... Capture The Packet, the ultimate cyber defense competition that has been honored by DEF CON as a black badge event for seven of the eight years of it’s run.
\n​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 09:00\n\n\n\nEnds\n\nAugust 13, 2023 13:00\n\n\n\nLocation\n\nForum 413\n\n\n\'',''),(24,1,'Password Village','','PWV','https://passwordvillage.org/','','CaesarsSummitBR','IRL','','https://forum.defcon.org/node/244967','https://discord.com/channels/708208267699945503/732733760742621214','#pwdv-general-text','https://twitter.com/PasswordVillage','https://twitch.tv/passwordvillage','https://www.youtube.com/channel/UCqVng_SmexXf4TW3AVdMIyQ','','','','',NULL,'','','','','','','Caesars Forum - Summit - 236 - Password Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n.
\nPassword Village
\n
\nWhen:
\nFriday: 10:00 - 20:00
\nSaturday: 10:00 - 20:00
\nSunday: 10:00 - 14:00
\nWhere: Contest Area, Forums
\n
\nTwitter: \n@passwordvillage\n
\nWebsite: \nhttps://passwordvillage.org\n
\n
\nThe Password Village provides training, discussion, and hands-on
\naccess to hardware and techniques utilized in modern password cracking,
\nwith an emphasis on how password cracking relates to your job function
\nand the real world . No laptop? No problem! Feel free to use one of our
\nterminals to access a pre-configured GPGPU environment to run password
\nattacks against simulated real-world passwords. Village staff and
\nexpert volunteers will be standing by to assist you with on-the-spot
\ntraining and introductions to Hashcat, as well as other FOSS cracking
\napplications. Already a password cracking aficionado? Feel free to
\ngive a lightning talk, show off your skills, help a n00b learn the
\nbasics, or engage in riveting conversation with other password crackers.​
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nContest Area, Forums\n\n\n\'',''),(25,1,'Payment Village','Payment Village (Virtual Only)','PYV','https://www.paymentvillage.org/','','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244951','https://discord.com/channels/708208267699945503/732733473558626314','#payv-labs-text','https://twitter.com/paymentvillage','https://www.twitch.tv/paymentvillage','https://www.youtube.com/channel/UCivO-5rpPcv89Wt8okBW21Q','https://t.me/paymentvillage','','','',NULL,'','','','','','','Flamingo - Virginia City - Payment Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n
\n.
\nPayment Village
\n
\nWhen:
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\nSunday: 10:00 - 15:00
\nWhere: Contest Area, Forums
\nTwitter: \n@paymentvillage\n
\nWebsite: \nhttps://www.paymentvillage.org/\n
\n
\nPayment technologies are an integral part of our lives, yet few of us know much about them. Have you ever wanted to learn how payments work? Do you know how criminals bypass security mechanisms on Point of Sales terminals, ATM’s and digital wallets?
\n
\nPayment technologies are an integral part of our lives, yet few of us know much about them. Have you ever wanted to learn how payments work? Do you know how criminals bypass security mechanisms on Point of Sales terminals, ATM’s and digital wallets? Come to the Payment Village and learn about the history of payments. We’ll teach you how hackers gain access to banking endpoints, bypass fraud detection mechanisms, and ultimately, grab the money!
\n​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 15:00\n\n\n\nLocation\n\nContest Area, Forums\n\n\n\'',''),(26,1,'Recon Village','','RCV','https://www.reconvillage.org/','https://reconvillage.org/recon-village-talks-2023-defcon-31/','Linq','IRL','','https://forum.defcon.org/node/245016','https://discord.com/channels/708208267699945503/732733566051418193','#rv-general-text','https://twitter.com/ReconVillage','https://www.facebook.com/reconvillage','https://www.youtube.com/reconvillage/','','','','',NULL,'','','','','','','LINQ - 3rd flr - Social B and C - Recon Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n.
\nRecon Village
\n
\nWhen:
\nFriday - 10:00 AM - 18:00 PM
\nSaturday - 10:00 AM - 18:00 PM
\nSunday - 10:00 AM - 13:00 PM
\nWhere: Social B and Social C, Linq
\n
\nTwitter: \n@reconvillage\n
\nWebsite: \nhttps://reconvillage.org\n
\n
\nRecon Village is an Open Space with Talks, Live Demos, Workshops, Discussions, CTFs, etc., with a common focus on Reconnaissance. The core objective of this village is to spread awareness about the importance of reconnaissance and open-source intelligence (OSINT) and demonstrate how even a small piece of information about a target can cause catastrophic damage to individuals and organizations.
\n
\nAs recon is a vital phase for infosec as well as investigations, folks should definitely have this skill set in their arsenal. People should check out Recon Village, as they get to learn novel point/recon techniques, play hands-on CTF, and, most of all, have fun. At RV, we keep things simple, and the focus is on generating quality content using talks, CTF, hackathons, etc.
\n
\nWe will also have our Jeopardy Style OSINT CTF Contest throughout the Village timings. Based on the feedback from last year, we plan to make the CTF more challenging this year. The challenges will be around harvesting information about target organizations, their employee\'s social media profiles, their public svn/gits, password breach dumps, darknet, paste(s) etc., followed by active exploitation, bug hunting, investigation and pentest scenarios of virtual targets. All the target organizations, employees, servers, etc., will be created by our team and hence will not attract any legal issues.
\n
\nSimilar to the previous years, there will be Awesome rewards for CTF winners, along with free t-shirts, stickers, village coins, and other schwag which attendees can grab and show off.
\n
\nWe will be making changes to our badge as well. P.S. We will not be selling it, though.
\n
\nThis year, we will also be running some large-scale recon projects to analyze patterns across the internet.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 13:00\n\n\n\nLocation\n\nSocial B and Social C, Linq\n\n\n\'',''),(27,1,'Radio Frequency Village','','RFV','https://rfhackers.com/','','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/244984','https://discord.com/channels/708208267699945503/732732595493666826','#rfv-general-text','https://twitter.com/rfhackers','https://twitter.com/rf_ctf','','','https://wiki.brandmeister.network/index.php/TalkGroup/98638','https://discordapp.com/invite/JjPQhKy','',NULL,'','','','','','','Flamingo - Eldorado - Radio Frequency Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n.
\nRadio Frequency Village
\n
\nWhen: Friday to Sat 10:00 - 20:00, Sunday 10:00 to 14:00
\nWhere: Eldorado, Flamingo
\nTwitter: \n@rfhackers\n
\nWebsite: \nhttps://rfhackers.com\n
\n
\nAfter 16 years of evolution, from the WiFi Village, to the Wireless
\nVillage, RF Hackers Sanctuary presents: The Radio Frequency Village at
\nDEFCON. The Radio Frequency Village is an environment where
\npeople come to learn about the security of radio frequency (RF)
\ntransmissions, which includes wireless technology, applications of
\nsoftware defined radio (SDR), Bluetooth (BT), Zigbee, WiFi, Z-wave,
\nRFID, IR and other protocols within the usable RF spectrum. As a
\nsecurity community we have grown beyond WiFi, and even beyond
\nBluetooth and Zigbee. The RF Village includes talks on all manner of
\nradio frequency command and control as well as communication systems.
\nWhile everyone knows about the WiFi and Bluetooth attack surfaces,
\nmost of us rely on many additional technologies every day. RF Hackers
\nSanctuary is supported by a group of experts in the area of
\ninformation security as it relates to RF technologies. RF Hackers
\nSanctuary’s common purpose is to provide an environment in which
\nparticipants may explore these technologies with a focus on improving
\ntheir skills through offense and defense. These learning environments
\nare provided in the form of guest speakers, panels, and Radio
\nFrequency Capture the Flag games, to promote learning on cutting edge
\ntopics as it relates to radio communications. We promise to still
\nprovide free WiFi.
\n
\n\nhttps://rfhackers.com/the-crew\n​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nEldorado, Flamingo\n\n\n\n\n\'',''),(30,1,'Social Engineering Village','Social Engineering Community Village','SEV','https://www.se.community/','https://www.se.community/schedule/','Linq','IRL','','https://forum.defcon.org/node/245028','https://discord.com/channels/708208267699945503/732733952867172382','#sev-general-text','https://twitter.com/sec_defcon','https://www.youtube.com/channel/UCFlepVHh7k5rBRTXwDrHyJA','https://www.twitch.tv/se_community','','','https://www.linkedin.com/company/social-engineering-community/','https://www.facebook.com/Social-Engineering-Community-108883855139272',NULL,'','','','','','','LINQ - 3rd flr - Social A - Social Engineering Community','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n.
\n
\nSocial Engineering Community Village
\n
\nHours:
\nFriday: 0830 – 1800
\nSaturday: 0830 – 1800 and party from 2100 - 0000 (Forums room 117/118)
\nSunday: 1000 to 1400
\n
\nLocation:
\nIn the Social Engineering Community Village (LINQ Hotel, 3rd floor, room Social A)
\n
\nDescription:
\nWelcome to the Social Engineering Community! The SEC village focuses purely on the human aspect of security, Social Engineering, with the goal of enabling people of all ages and backgrounds interested in the subject matter with a venue to learn, discuss, and practice this craft.
\n
\nThis year, over the course of three days at DEF CON, you can expect the following events to take place in the village:
\n
\n- Vishing Competition (#SECVC) – This competition is where prior selected teams (who have already put WEEKS of work into the competition) place live phone calls inside a soundproof booth in front of SEC audience members with the goal of eliciting as many objectives as possible. Highest score, wins! This competition takes place only on Friday.
\n
\n- Youth Challenge – Anyone 18 and under is invited to play, where they can compete and learn about more than just social engineering; our challenges include areas in cryptography, network security, ... and don\'t worry, you won\'t be alone. We\'ve worked with other villages so you can get help you need and learn on the way!
\n
\n- Cold Calls – This event lets DEF CON attendees sign up in the village (first come, first serve style) to place live phone calls inside of the soundproof booth. We provide the target and phone number, then give a few objectives (easy, medium, and hard), and start a countdown timer to see if they have the skills to get information from a stranger, with no preparation. There is nothing to prepare for, just bring yourself!
\n
\n- SE Improv – Struggling to think on your feet? Discover the art of improvisation and transform every conversation into an opportunity! On Saturday, the improv team will start by presenting the benefits of utilizing Improv with Social Engineering and then have the opportunity for audience participation.
\n
\n- Presentations – Come listen from folks in the field and get a glimpse of the newest techniques and perspectives in our presentations and panels hosted various times between Friday and Saturday in the village.
\n
\n- Social Engineering Community Party (80\'s theme) – Want to hang out without the loud music so that you can actually have a conversation? *Put on your raddest 80s gear* and join the Social Engineering Community for a themed get-together for a chance to hang out and meet new people! We\'ll have a cash bar with both boozy and booze-free options. Forums room 117/118.
\n
\nPlease check out our website and Twitter account to learn more and view the detailed schedule.
\n
\nWebsite: \nhttps://www.se.community/\n​
\nTwitter: @\nsec_defcon\n​​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nLINQ Hotel, 3rd floor, room Social A\n\n\n\'',''),(31,1,'Voting Village','Voting Machine Village','VMV','','','CaesarsAcademyBR','IRL','','https://forum.defcon.org/node/245034','https://discord.com/channels/708208267699945503/732733881148506164','#vmhv-general-text','https://twitter.com/votingvillagedc','https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg','','','','','',NULL,'https://www.youtube.com/channel/UCnDevqsxt3sO8chqS5MGvwg','','','','','','Caesars Forum - Academy - 415-418 - Voting Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n.
\nVoting Village
\n
\nWhen:
\nFriday: 10:00 - 20:00
\nSaturday: 10:00 - 20:00
\nSunday: 10:00 - 14:00
\nWhere: 415-418, Forums
\n
\nTwitter: \n@VotingVillageDC\n
\n
\nVoting Village is an interactive educational environment that provides the public with the unique opportunity to have a hands-on experience with our current Election Infrastructure. Attendees will be able to interact with multiple different types of voting systems, all of which are currently in use across the country today. Hackers will have the opportunity to test how secure these voting systems truly are, and will report to the Voting Village Lead\'s any vulnerabilities they find. Voting Village explores all aspects of election security and works to promote a more secure democracy. Attendees of Voting Village will also have access to Harri Hursti, the world\'s premier hacker and leading election and cyber security expert who has successfully hacked voting machines on multiple occasions. Aside from Harri, attendees will have the option of joining us for our speaker track (TALKS) that will take place every day except for the last Sunday of DEFCON. Our speaker track represents the most relevant government agencies and the top media outlets. Additionally, there will be multiple showings of Harri\'s HBO documentary, Kill Chain: The Cyber War on America\'s Elections. We will also have two Capture The Flags (CONTESTS) taking place throughout DEFCON.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\n415-418, Forums\n\n\n\n\n\'',''),(32,1,'Social Activities: Parties/Meetups','','SOC','','','CaesarsForumBR','Hybrid','','https://forum.defcon.org/node/244769','','','','','','','','','',NULL,'','','','','','','','','',''),(33,1,'Music','','MUS','https://defconmusic.org','https://defconmusic.org/def-con-31-music-lineup/','None','Hybrid','',NULL,'','','http://www.twitter.com/defcon_music','https://www.youtube.com/channel/UCgKdcBC_lR6yxZzyehcLgsA','https://www.twitch.tv/defcon_music','https://www.twitch.tv/defcon_chill','','','',NULL,'','','','','','','','','Music Link All the Things: \r\n\r\nhttps://www.twitch.tv/defcon_music\r\nhttps://www.twitch.tv/defcon_chill\r\nhttp://www.defconmusic.org/',''),(34,1,'DEF CON Workshops','','WS','https://forum.defcon.org/node/244772','','FlamingoLowerLevel','IRL','',NULL,'','','','','','','','','',NULL,'','','','','','','','','',''),(35,1,'DEF CON DemoLabs','','DL','https://forum.defcon.org/node/244767','','CaesarsSummitBR','Hybrid','',NULL,'','','','','','','','','',NULL,'','','','','','','','','',''),(36,1,'DEF CON Talks','','DC','https://defcon.org/html/defcon-31/dc-31-index.html','https://defcon.org/html/defcon-31/dc-31-schedule.html','Harrahs','Hybrid','',NULL,'','','https://twitter.com/defcon','https://www.facebook.com/defcon','https://www.youtube.com/user/DEFCONConference','http://www.reddit.com/r/defcon','https://www.instagram.com/wearedefcon/','https://discord.gg/defcon','',NULL,'','','','','','','','','',''),(37,1,'Contests','','CON','','','CaesarsSummitBR','Hybrid','',NULL,'','','','','','','','','',NULL,'','','','','','','','','',''),(39,1,'Misc','','MISC','','','None','','',NULL,'','','','','','','','','',NULL,'','','','','','','','','',''),(42,1,'Red Team Village','','RTV','https://redteamvillage.io/','https://redteamvillage.io/schedule.html','FlamingoThirdFloor','IRL','','https://forum.defcon.org/node/245022','','','https://twitter.com/RedTeamVillage_','https://www.youtube.com/redteamvillage','https://www.twitch.tv/redteamvillage','https://discord.gg/redteamvillage','','','',NULL,'','','','','','','Flamingo - Sunset-Twilight Ballroom - Red Team Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n
\n
\n.
\nRed Team Village
\n
\nWhen:
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\nSunday: 10:00 to 12:00
\nWhere: Scenic, Flamingo
\n
\nTwitter: \n@RedTeamVillage_\n
\nWebsite: \nhttps://redteamvillage.io\n
\n
\nFriday: 10:00 - 18:00
\nSaturday: 10:00 - 18:00
\n
\nThe Red Team Village is focused on training the art of critical thinking, collaboration, and strategy in offensive security. The RTV brings together information security professionals to share new tactics and techniques in offensive security. Hundreds of volunteers from around the world generate and share content with other offensively minded individuals in our workshops, trainings, talks, and conferences.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 12:00\n\n\n\nLocation\n\nScenic, Flamingo\n\n\n\n\n\'',''),(43,1,'Tamper Evident Village','Tamper Evident Village','TEV','','','Linq','IRL','','https://forum.defcon.org/node/245000','','','','','','','','','',NULL,'','','','','','','LINQ - 5th Floor / BLOQ - Tamper Evident Village','','\'\n.
\n.
\nTamper Evident Village
\n
\nWhen: Friday to Sat 10:00 - 20:00, Sunday 10:00 to 14:00
\nWhere: Bloq, Linq
\n
\nTamper-evident" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with "tamper resistant" or "tamper proof" technologies which attempt to prevent tampering in the first place. Referred to individually as "seals," many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.
\n
\nThe Tamper-Evident Village includes the following contests and events:
\n
\nThe Box; an electronic tamper challenge. An extremely realistic explosive with traps, alarms, and a timer ticking down. One mistake and BOOM, you\'re dead. Make every second count! Sign ups on-site when the TEV begins.
\n
\nTamper-Evident King of the Hill; a full-featured tamper challenge. Tamper single items at your leisure and attempt to beat the current best. There can be only ONE! No sign ups required, play on-site when the TEV begins.
\n
\nBadge Counterfeiting Contest; submit your best forgery of a DEF CON human badge. Other target badges are also available for those looking for more counterfeit fun!
\n
\nFor your viewing pleasure, collections of high-security tamper-evident seals from around the world.
\n
\nSit-down presentations & demonstrations on various aspects of tamper-evident seals and methods to defeat them.
\n
\nHands-on fun with adhesive seals, mechanical seals, envelopes, and evidence bags.​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nBloq, Linq\n\n\n\n\n\'',''),(44,1,'Quantum Village','','QTV','https://quantumvillage.org/','','Linq','IRL','','https://forum.defcon.org/node/244973','','','https://twitter.com/quantum_village','https://discord.gg/6WUjH5cBXu','https://www.linkedin.com/company/quantumvillage/','https://youtube.com/@quantum_village/','','','',NULL,'','','','','','','LINQ - 3rd flr - Quantum Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n.
\nQuantum Village
\n
\nWhen:
\nFriday: 1000-1900
\nSaturday: 1000-1900
\nSunday: 1000-1300
\nWhere: Innovation, Linq
\n
\nTwitter: \n@quantum_village\n
\nWebsite: \nhttps://quantumvillage.org/\n
\n
\n
\nThis is the safe space for anyone to discover, learn, create and break all things around Quantum Technologies. We are committed to helping raise awareness and involvement in the quantum industry and with quantum technologies. We know that in order to avoid the mistakes of past technological surges, we have to engage as many people with as wide a variety of interests and backgrounds as possible.
\nTo date, very few (if any) people have actually hacked a quantum computer, and we want to change that! Something we demonstrated last year was that quantum computers are only a small part ‘magic’ - the rest are familiar API and tech stack technologies we see everywhere. These devices are set to become more and more commonplace as more time, money, and intelligence is spent on improving them - so let’s get quantum hacking!
\nOur ethos is to encourage participants to engage, explore, and discuss topics surrounding this new and burgeoning technology ecosphere that is in many ways very different from what has gone before in technical revolutions - but there are many hallmarks that are the same, and which we can use to shape this new paradigm of computing. That conversation is essential to bring before some of the most talented and brilliant technologists going; the hackers at DEF CON.
\nWe have built on many of the things that were popular last year, but have also improved things and sought feedback from participants to make things even better this coming year! We were standing room only last year, with very popular events and debates alongside our workshops and talks, and we would like to build on the positive energy and momentum that comes from the Quantum Hackers.
\nWe have many ideas for what we want to do with QV this year, and here are some of the more exciting ones:
\n
\n- Another Quantum CTF - this time, with more resources, more challenges, and a secret project QOLOSSUS challenge that we are collaborating on with some very cool people to build and add to the challenges and immersive labs.
\n- We plan to bring a real quantum computer and quantum devices to hack! - now that there are commercially available devices and enough interest in DEF CON from quantum computing companies we have engaged with, we believe this is a real possibility.
\n- We are also attempting to arrange to bring and demonstrate quantum devices that explore how the second quantum revolution that is underway will affect everything from sensors to data storage, and in industries as diverse as tunnel digging to healthcare.
\n- Our first badge - A mesh networked collaborative group Quantum Simulator with a Quantum Networking simulation working with experts and research groups we are building a collaborative experimental platform for people to explore (and wear) quantum computing.
\n- We want to have an ice breaker Quantini time cocktail hour for folks with Quantum Computer Music - this would be a great way for Quantum Hackers at DEF CON to have fun and meet others.
\n- We are considering a return with some more workshops, more debates, and more introductory sessions - developing on from what we presented last year, but showing new developments in both theory and practical quantum hacking and quantum tech. Our aim is to make learning this area as hands-on as possible.
\n- We are also planning on expanding significantly the work on Quantum Life - more sessions, and more engagement to realise more of the ways that quantum technologies will affect our lives, society at large, and consider ideas of privacy, anonymity, integrity, and beyond, in a post-quantum world.​
\n
\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 13:00\n\n\n\nLocation\n\nInnovation, Linq\n\n\n\'',''),(50,1,'Policy Village','Policy@DEFCON.org','PLV','https://defcon.org/policy/','https://twitter.com/DEFCONPolicy/status/1686024040023003136?s=20','CaesarsSummitBR','IRL',' ','https://forum.defcon.org/node/244979','','','https://twitter.com/DEFCONPolicy','https://www.defcon.org/html/links/dc-policy.html','','','','','',NULL,'','','','','','','Caesars Forum - Summit - 218-219 - Policy Rotunda','','\'\n. \n\n\n\"\"\n\n\n\n
\n
\n
\n.
\nPolicy@DEFCON
\n
\nWhen: Friday to Sat 10:00 - 20:00, Sunday 10:00 to 13:00,
\nWhere: 213-223, Forums
\nWebsite: \nhttps://www.defcon.org/html/links/dc-policy.html\n
\n
\n
\nPolicy@DEFCON
\n\nhttps://www.defcon.org/html/links/dc-policy.html\n
\n
\nHackers are early users and abusers of technology, and that technology is now critical to modern life. As governments make policy decisions about technology Hackers, researchers and academics need to be part of that conversation before decisions are made, not after policies are implemented. To do that DEF CON is a place for everyone on the policy and technology spectrum to interact, learn from each other, and improve technology.
\n
\nPolicy will build connections across and between technical and policy experts and provide opportunities for attendees interested in learning more about how policy and technology intersect and to examine the challenges at this intersection.
\n
\nOur Policy program will consist of Main stage presentation and panels, daytime sessions in our policy track, and some evening lounges that will provide an off the record and more intimate setting to have policy-focused conversation​
\n
\nTech policy is going to happen and we believe including diverse expert voices will improve outcomes across the policy-technology spectrum by bridging the gap between technical and policy practitioners. Senior government officials, policy experts, nonprofit and the private sector, security researchers, hackers, academics and technologists from around the world all come together at Policy @ DEF CON.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 13:00\n\n\n\nLocation\n\n213-223, Forums\n\n\n\'',''),(51,1,'MisInformation Village','','MIV','https://www.misinformationvillage.com/','https://www.misinformationvillage.com/defcon31/','CaesarsSummitBR','IRL','','https://forum.defcon.org/node/245077','','','https://twitter.com/Misinfovillage','https://defcon.social/@misinformationvillage','','','','','',NULL,'','','','','','','Caesars Forum - Summit - 224 - Misinfo Village','','\'\n..
\nMisinformation Village
\n
\nWhen:
\nFriday 10:00-20:00
\nSaturday 10:00-20:00
\nSunday 10:00-14:00
\n
\nWhere: Contests, Forums.
\n
\nWebsite: \nwww.misinformationvillage.com\n
\nSocial: X / Twit @\nMisinformationvillage\n
\ndefcon.social: @\nmisinformationvillage\n
\nE-mail: \nmisinformationvillage@gmail.com\n​
\n
\nMisinformation is a snowballing, mutating information problem that is affecting human communications, social relationships and has real-world consequences. Misinformation, disinformation and malinformation campaigns undermine democratic institutions, legitimate elections results, public health and public health responses and has created a space for the rise of autocratic regimes and warfare.
\nWe will apply our organizational skills and subject matter expertise to bring together experts from different professions, governments, civil society and private enterprise to come together and create a platform to define and combat misinformation, explore and align missions and tactics to achieve this goal.​
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nContests, Forums\n\n\n\'',''),(54,1,'Paid Training','','PT','https://defcontrainings.myshopify.com/collections/all','','None','IRL','','https://forum.defcon.org/node/244768','','','','','','','','','',NULL,'','','','','','','','','',''),(55,1,'DEF CON Groups VR','','DCGVR','https://www.dcgvr.org/','https://www.dcgvr.org/','Harrahs','Virtual','',' ','','','https://twitter.com/DCGVR','https://www.twitch.tv/defcon_groups','https://discord.gg/bsX4QXf3rD','https://www.youtube.com/channel/UCRQRZ6AmjZmaRYR_MUggmwA','','','',NULL,'','','','','','','','','',''),(56,1,'Embedded Systems Village','Embedded Systems Village','ESV','','','Linq','','','https://forum.defcon.org/node/244910','','','https://twitter.com/EmbeddedVillage','','','','','','',NULL,'','','','','','','LINQ - 3rd flr - Evolution - Embedded Systems Village','','\'\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n.
\nEmbedded Systems Village
\n
\nTwitter: \n@EmbeddedVillage\n
\n
\nWhen:
\nFriday: 0900 - 1800
\nSaturday: 0900 – 1800
\nSunday: 0900 - 1400
\nCTF ONLY in-person. Some labs will be made available virtually.
\nWhere: Linq Evolution
\n
\nEmbedded systems exist at the intersection of hardware and software, built to accomplish a specific task. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is key to performing security research on these devices.
\n
\nEmbedded Systems Village advances the security of embedded systems by hosting hands-on hacking workshops, showcasing new security research demos, and organizing exciting hacking contests to educate attendees and manufacturers on the approach hackers use to attack these devices. Attendees will leave the village with an understanding of how to reduce complex, exotic devices to their underlying embedded components and to extract the information required to use the tools and techniques taught at other villages where embedded systems are on display.
\n
\nWhat we will bring:
\nLabs: We have a lab platform that brings everyone from every skill level to the same playing field with step by step instructions that aim to teach individuals specific techniques and skills in a hands-on manner.
\n
\nInteractive Hacking Content: We want to showcase the weird and cool in the embedded device world, and provide an opportunity for hackers to get hands-on experience hacking them.
\n
\nContests: We are working on a brand new CTF contest that will support everyone from the casual player (i.e. someone that only wants to drop in for a few minutes) all the way to the hardcore teams that are willing to spend their full DEF CON engaged in our challenges.
\nExpect unique devices, new challenge formats and full DEF CON worth of fun.​
\n
\nExpect unique devices, new challenge formats and that WOW factor that our CTFs have had in the past. Building on our lessons learned and experience over the years, we are confident that this track will not disappoint!​
\n
\n. \n\n\n\"Click\n\n\n\n
\n
\n
\n.​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 09:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nLinq Evolution\n\n\n\'',''),(57,1,'Telecom Village','','TCV','https://telecomvillage.com/','https://telecomvillage.com/#schedule','FlamingoThirdFloor','','','https://forum.defcon.org/node/244995','','','https://twitter.com/TelecomVillage','','','','','','',NULL,'','','','','','','Flamingo - Virginia City - Telecom Village','','\'\n.
\n.
\nTelecom Village
\n
\nWhen:
\nFriday: 10:00 – 20 :00
\nSaturday: 10:00 - 20:00
\nSunday: 10:00 – 13:00
\nWhere: Virginia City, Flamingo
\nWebsite: TELECOMVILLAGE.COM
\n
\nCFP will be open from 1st of May 2023 to 15th of June2023 .
\nwebsite address : telecomvillage.com
\nCFP url :\nhttps://docs.google.com/forms/d/e/1F...78UoA/viewform\n​
\n
\nThe Telecom Village’s primary focus would be around Telecom Security. We plan to host multiple hands on events as part of the village so as to give participants an overview security specific challenges in a Telcom Network. This includes: CTFs in telecom signaling security and another one in Private 5G and select set of talks (5), spread across two days.
\nWe are planning a workshop over a day where we will be giving an overview of the 4G/5G network and its security. There will be a small CTF for SS7, Diameter attack on the 3G/4G network and 5G network. The workshop and CTF will focus on use of open-source tools so as to ensure that this Niche within the Security Industry is taken to wider audience.
\n
\nIn the village, we will also be hosting a 4G/5G live network which will have Live Radio and 4G/5G Core. Attendees will be able to understand the call flow of Telecom and the Weaknesses in the call flows.
\n
\n
\n​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 13:00\n\n\n\nLocation\n\nVirginia City, Flamingo\n\n\n\'',''),(58,1,'XR Village','','XRV','https://xrvillage.org/','','CaesarsSummitBR','','','https://forum.defcon.org/node/245207','','','https://twitter.com/XRVillage','https://www.linkedin.com/company/xr-village/','','','','','',NULL,'','','','','','','Caesars Forum - Summit - 206 - XR Village','','\'\n.. \n\n\n\"Click\n\n\n\n
\n
\n
\n
\n
\n..
\nWhen:
\nFriday: 10:00 – 20:00
\nSaturday: 10:00 – 20:00
\nSunday: 10:00 – 14:00
\n
\nWhere: Contest Area, Forums
\n
\nTwitter: \n@XRVillage\n
\nWebsite: \nhttps://xrvillage.org/\n
\n
\nAugmented reality (AR), virtual reality (VR), collectively referred to extended reality (XR) technologies have the potential to revolutionize the way we interact with the world around us. However, as with any new technology, there are security and privacy concerns that must be addressed.
\nThese concerns include data privacy, hacking of haptic hardware, software, and XR Infrastructure and public safety. In XR systems, personal information, such as location data and biometric information, can be collected and shared without the user\'s knowledge or consent.
\nCurrent XR development platforms for these technologies do not allow for built in security, safety, and privacy.
\n
\nThe XRVillage was created to:
\n
\nThe Vision
\nTo promote Security, Privacy, and Safety for XR software, hardware, and environments including the Metaverse, through awareness, education, policy and legal coordination, and exploitation and remediation of known and unknown vulnerabilities.
\n
\nThe Mission
\nProvide access to XR devices and applications for the security community for vulnerability testing; provide guidance & collaborative recommendations back to Policy makers, legislators, law enforcement, vendors, users, and the world on best Security, Privacy, and Safety practices in XR
\n
\nAt the Defcon31 XRVillage hackers can expect expert XR security talks, policy and legal discussions, and a Hands-on Haptics Hackathon. XR devices will be on hand to demonstrate applications and environments such as BadVR w/Microsoft HoloLens (Example) showing virtual visibility to all surrounding WIFI networks via AR. They and others will show what is already being built in XR environments that may, or may not cross a line for privacy, safety, and security in the space. Specific breakout sessions will be available for hackers to discuss current efforts by XR Vendors to address security concerns.
\n
\nExpert XR Security Talks will focus on exploitation of XR in the wild: What’s been done and what’s coming.
\nA Policy & Legislation panel of Global Governments and Law Enforcement Agencies will discuss challenges with current policies, and their limitations in enforcing privacy, safety, and security in XR. The panel will include a lengthy Q&A for hackers to present their thoughts.
\nHackers will get their hands dirty with the Hands-On Haptics Hackathon. They will be given XR headsets within a test environment to identify specific vulnerabilities; with extra credit to anyone who finds new ones.
\nHackers will have many different elements of XR to immerse themselves in, challenge their preconceptions of XR, and inspire them to learn more.
\n​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 13, 2023 10:00\n\n\n\nEnds\n\nAugust 13, 2023 14:00\n\n\n\nLocation\n\nContest Area, Forums\n\n\n\'',''); /*!40000 ALTER TABLE `villages` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `workshops` -- DROP TABLE IF EXISTS `workshops`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `workshops` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Name` varchar(200) COLLATE utf8_unicode_ci NOT NULL, `ForumPage` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `ForumArticle` varchar(40) COLLATE utf8_unicode_ci NOT NULL, `Twitter` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `Webpage` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `Weblink` varchar(60) COLLATE utf8_unicode_ci NOT NULL, `ImagePath` varchar(30) COLLATE utf8_unicode_ci NOT NULL, `Descript` varchar(15000) COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=1587 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `workshops` -- LOCK TABLES `workshops` WRITE; /*!40000 ALTER TABLE `workshops` DISABLE KEYS */; INSERT INTO `workshops` VALUES (1552,'\'Guillaume Ross, Austin Kelleher, Adam Pierson - Starbase: open source graph security analysis\'','\'https://forum.defcon.org/node/246045\'','\'https://forum.defcon.org/node/246045\'','','','','','\'\n
\nTitle: Guillaume Ross, Austin Kelleher, Adam Pierson - Starbase: open source graph security analysis
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/guillau...=oddtdtcreator\n
\n
\nMax Class Size: 70
\n
\n
\n
\n
\nAbstract:
\n
\nSecurity teams are overwhelmed with data. How does a user account relate to a server, an application? Does this vulnerability put this important data at risk, or does it simply expose a few systems we care about much less? Who really has access to these files? This is vulnerable, but the firewall won’t let traffic to the service, or will it?
\n
\n
\n
\n
\nThese types of questions are very difficult to answer in a vacuum as they require context. With the power of graphs, and Starbase, an open source graph security analysis tool, we will be able to import the data that allows us to answer them using the graph.
\n
\n
\n
\n
\nJohn Lambert said “Defenders think in lists, attackers think in graphs”. Join us, so we can get a lot more people thinking in graphs!
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students:
\n
\nAbility to use Docker when provided with commands. Basic understanding of IT and security issues in cloud environments.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A laptop with Docker as well as a few docker images pulled in advance.
\n
\nDue to the brittle nature of conference Wi-Fi, we’d send instructions in advance, so as many people as possible will have downloaded it.
\n
\n
\n
\n
\nBio:
\n
\nGuillaume has worked on the blue-team side of security for close to two decades now, and loves to do things because they MATTER and not just because everyone else in security is doing the same. He leads the security and IT teams at JupiterOne.
\n
\n
\n
\n
\nAustin Kelleher is a Principal Software Engineer as well as a founding member at JupiterOne. He leads the team responsible for maintaining 100+ open-source projects at JupiterOne. His background has primarily been focused on developing cloud-based software systems and tools that interact with graphs for security analysis. Prior to moving to the security industry, Austin was an engineer at eBay building Marko and Lasso, which are the open-source web tools that power the eBay.com web experience.
\n
\n
\n
\n
\nAdam Pierson is a Senior Software Engineer at JupiterOne. His diverse experience includes time as an embedded software engineer, an R&D analyst working on adopting emerging technologies within large corporate IT environments, and as a developer demonstrating the value of using graph databases to solve complex problems. Currently he is on JupiterOne’s Integration team working on development tools and continuing work on the open-source Starbase project.
\n
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1553,'\'Michael Solomon, Michael Register - Digital Forensics and Incident Response Against the Digital...\'','\'https://forum.defcon.org/node/246016\'','\'https://forum.defcon.org/node/246016\'','','','','','\'\nMichael Solomon, Michael Register - Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil
\n
\n
\nTitle: Michael Solomon, Michael Register - Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/michael...=oddtdtcreator\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nAre you ready to step into the shoes of a cybersecurity or incident response analyst? Whether you\'re new to investigation or looking to take your analysis skills to the next level, we\'ve got an exciting opportunity for you! Join mR_F0r3n51c5 and S3curityNerd for a four-hour class that will take you on a journey through the world of malware analysis and investigation.
\n
\nIn today\'s ever-evolving threat landscape, malware continues to be a weapon of choice for various types of threat actors. Our class leverages forensic and malware analysis fundamentals to teach students how to investigate a compromised Windows system. To ensure the most up-to-date learning experience, the class authors have carefully selected fresh malware samples trending in 2023.
\n
\nBy the end of this class, you\'ll have the skills to:
\n
\n· Build analysis skills that leverage complex scenarios and improve comprehension
\n
\n· Practically acquire data in a forensically sound manner
\n
\n· Identify common areas of malware persistence
\n
\n· Gather evidence and create a timeline to characterize how the system was compromised
\n
\n· Participate in a hand-to-keyboard combat capstone where you\'ll be given an image of a compromised Windows system and demonstrate your newly acquired analysis skills.
\n
\nDon\'t miss this opportunity to gain hands-on experience and take your analysis skills to the next level. Join us and discover the exciting world of forensic analysis and investigation!
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students:
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate:
\n
\n- Students will be required to download material (e.g., Virtual Machine). Students will be given a URL for download access.
\n
\n- Regarding the downloaded virtual machines, these should be imported into your virtual machine software and ready before the start of class. If any additional technical support is needed, the instructors will make themselves available online.
\n
\n- Students must have a laptop that meets the following requirements:
\n
\n- A 64-bit CPU running at 2GHz or more. The students will be running one virtual machine on their host laptop.
\n
\n- Have the ability to update BIOS settings. Specifically, enable virtualization technology such as "Intel-VT."
\n
\n- The student must be able to access their system\'s BIOS if it is password protected. This is in case of changes being necessary.
\n
\n- 8 GB (Gigabytes) of RAM or higher
\n
\n- At least one open and working USB Type-A port
\n
\n- 50 Gigabytes of free hard drive space, allowing you the ability to host the VMs we distribute
\n
\n- Students must have Local Administrator Access on their system.
\n
\n- Wireless 802.11 Capability
\n
\n- A host operating system that is running Windows 10+, Linux, or macOS 10.4 or later.
\n
\n- Virtualization software is required. The supplied VMs have been built for out-of-the-box comparability with VMWare Workstation or Player. Students may use other software if they choose, but they may have to troubleshoot unpredictable issues. Instructors cannot guarantee compatibility with all virtualization software suites.
\n
\nAt a minimum, the following VM features will be needed:
\n
\n- NATted networking from VM to Internet
\n
\n- Copy and Paste of text and files between the Host machine and VM
\n
\n
\n
\n
\n
\nBios:
\n
\nMichael Solomon, also known as mR_F0r3n51c5, is a Threat Hunter with over 12 years of experience in Cyber Operations, Digital Forensics & Incident Response (DFIR), and Threat Hunting. His passion lies in helping to shape the next generation of cybersecurity analysts for a safer tomorrow.
\n
\n
\n
\n
\nMichael Register, known as S3curityNerd, with 7 years of combined experience in IT, Networking, and Cybersecurity. He holds multiple certifications and actively conducts post-exploitation research to enhance threat hunting operations.
\n
\n
\n
\n​​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1556,'\'Max Kersten - DotNet Malware Analysis Masterclass\'','\'https://forum.defcon.org/node/246044\'','\'https://forum.defcon.org/node/246044\'','','','','','\'\n
\nTitle: Max Kersten - DotNet Malware Analysis Masterclass
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/max-ker...=oddtdtcreator\n
\n
\nMax Class Size: 35
\n
\n
\n
\n
\nAbstract:
\n
\nDotNet based malware originally started out as a novelty, but has shown it is here to stay. With DotNet malware being used by APT actors and script kiddies, and anything in-between, it is safe to say that one will encounter it sooner rather than later. This four-hour workshop primarily focuses on the analyst mindset and fundamental knowledge, including topics such as loaders, unpacking, obfuscation, DotNet internals, and (un)managed hooks. In short, one will learn how to analyse DotNet malware, and write automatic unpackers. As such, this class is perfect for aspiring and beginning analysts, while also providing background information and additional techniques for intermediate analysts.
\n
\nThe workshop’s materials will partially consist of actual malware samples, the precautions for which will be explained in-detail during the workshop, ensuring the safety and integrity of the systems of the attendees. A laptop with a preinstalled VM based Windows 10 trial, along with the community edition of Visual Studio (2019 or later) and the DotNet Framework runtime for version 3.5 and later. Other tools, such as dnSpyEx, de4dot, and DotDumper, can be downloaded during the workshop, as these are insignificant in size.
\n
\nKnowing how to read VB.NET/C# is a prerequisite. Being able to write in C# is preferred, but the workshop can be followed without being able to, although a part of the exercises cannot be completed without it.
\n
\nQuestions about the workshop can be asked via my open Twitter DMs: @Libranalysis (\nhttps://twitter.com/Libranalysis\n)
\n
\n
\n
\n
\nSkill Level: Beginner to Intermediate
\n
\nPrerequisites for students:
\n
\n- Have sufficient disk space and RAM to run one Windows 10 VM, along with a few gigabyte additional extra space
\n
\n- Be able to understand VB.NET/C# and preferably (though not mandatory) be able to write in either of those languages
\n
\n- Be able to run a Windows 10 VM
\n
\n- Have a Windows 10 VM preinstalled in a virtual environment of choice (i.e., VirtualBox, VMWare)
\n
\n- Have Visual Studio (2019 or later) installed, along with the DotNet Framework 3.5 and higher
\n
\n- Analysis tools will be provided (i.e. open-source tools such as dnSpyEx) as their file size is minimal
\n
\n- Malware samples and exercises will be provided on-location
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A laptop capable of running one Windows 10 VM, with the above-mentioned programs installed, and sufficient free disk space
\n
\n
\n
\n
\nBio:
\n
\nMax Kersten is a malware analyst, blogger, and speaker who aims to make malware analysis more approachable for those who are starting. In 2019, Max graduated cum laude with a bachelor\'s in IT & Cyber Security, during which Max also worked as an Android malware analyst. Currently, Max works as a malware analyst at Trellix, where he analyses APT malware and creates open-source tooling to aid such research. Over the past few years, Max spoke at international conferences, such as Black Hat Arsenal (USA, EU, MEA, Asia), Botconf, Confidence-Conference, HackYeahPL, and HackFestCA. Additionally, he gave guest lectures and workshops for several universities and private entities.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 14:00\n\n\n\nEnds\n\nAugust 10, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1557,'\'Maxwell Dulin, Nathan Kirkland, Zachary Minneker, Kenzie Dolan, Elizabeth St. Germain - House...\'','\'https://forum.defcon.org/node/246043\'','\'https://forum.defcon.org/node/246043\'','','','','','\'\n
\nTitle: Maxwell Dulin, Nathan Kirkland, Zachary Minneker, Kenzie Dolan, Elizabeth St. Germain - House of Heap Exploitation
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/maxwell...=oddtdtcreator\n
\n
\nMax Class Size: 90
\n
\n
\n
\n
\nAbstract:
\n
\nHeap exploitation is an incredibly powerful tool for a hacker. As exploit mitigations have made exploitation more difficult, modern exploit development has moved to the heap. However, heap exploitation is a major wall in the binary exploitation journey because of its complexity. To conquer this difficultly, the workshop tackles the complexity head on by diving into the weeds of the allocator directly, taking on many hands-on exercises/challenges and creating easy to grasp diagrams to understand all of the concepts.
\n
\n
\n
\n
\nThis workshop is for learning heap exploit development in glibc Malloc, which is the default allocator on most Linux distributions. With this hands-on introduction into glibc Malloc heap exploitation you will learn how the allocator functions, heap specific vulnerability classes and to pwn with a variety of techniques. To make the material easy to consumable, there are many hands-on exercises, a pre-built virtual machine with everything necessary for binary exploitation and an immense amount of visuals for explaining the material. After taking this course you will understand the internals of the glibc Malloc allocator, be able to uncover heap memory vulnerabilities and pwn the heap with a variety of techniques, with the capability to go further into the art afterwards.
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students:
\n
\n- Basic computer science background (x86_64 assembly, stack, programming skills in C & Python)
\n
\n- Basic binary exploitation skills (buffer overflow exploitation, ROP, ASLR, etc.)
\n
\n- Familiar with Linux developer tools such as the command line, Python scripting and GDB.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate:
\n
\n- Laptop with enough power for a moderately sized Linux VM:
\n
\n- ARM based MacOS has support through either QEMU or servers that people can use.
\n
\n- Administrative access to the laptop
\n
\n- 8GB RAM minimum
\n
\n- 30GB harddrive space
\n
\n- Virtualbox or another virtualization platform installed
\n
\n
\n
\n
\nBio:
\n
\nMaxwell Dulin (also known as Strikeout) loves hacking all things under the sun. In his day job, he works as a security engineer primarily focused on web applications. But at night, he leaves the tangled web into the open space of radio signals, garage doors, scoreboards, RC cars, and pwn challenges. From the latter, he gained enough expertise to create a heap exploitation course that has been delivered at a number of security conferences, including DEFCON. In his spare time, he has found Linux kernel 0-days, and reverse engineered numerous wireless devices. To summarize, if you put something in front of him, he\'ll find a way to break it and make it do what he wants.
\n
\n
\n
\n
\nRaised on a steady diet of video game modding, when Nathan found programming as a teenager, he fit right into it. Legend says he still keeps his coffee (and tear) stained 1980s edition of The C Programming Language by K&R stored in a box somewhere. A few borrowed Kevin Mitnick books later, he had a new interest, and began spending more and more time searching for buffer overflows and SQL injections. Many coffee fueled sleepless nights later, he had earned OSCP, and graduated highschool a few months later. After a few more years of working towards a math degree and trying fervently to teach himself cryptanalysis, he decided to head back to the types of fun hacking problems that were his real first love, and has worked at Security Innovation ever since.
\n
\n
\n
\n
\nZachary Minneker is a security researcher and security engineer at Security Innovation. His first computer was a PowerPC Macintosh, an ISA which he continues to defend to this day. At Security Innovation, he has performed security assessments on a variety of systems, including robots for kids, audio transcription codecs, and electronic medical systems. He has previous experience administrating electronic medical systems, and deep experience in fuzzing, reverse engineering, and protocol analysis. His research has focused on techniques for in-memory fuzzing, macOS sandbox security, and IPC methods.
\n
\n
\n
\n
\nKenzie Dolan works for Security Innovation as a Security Engineer focusing on engagements ranging from IoT hacking to kiosk exploitation. Her current research interests include emerging threats against Mobile and IoT devices. She has a degree in Computer and Information Science from University of Oregon. In her free time, Kenzie enjoys composing music, playing video games or hiking in the greater Seattle area.
\n
\n
\n
\n
\nElizabeth St. Germain started hacking from a young age when very few inputs were sanitized. She worked in systems administration and video game development before settling into hacking as a career. She now focuses her time on web and hardware hacking, with a desire to explore the security impacts that video games can have on consumers. Most of her free time is split between either min/maxing games, competing in CTFs, exploring urban areas and nature, or making music.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 09:00\n\n\n\nEnds\n\nAugust 11, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1558,'\'Sam Bowne, Elizabeth Biddlecome,Kaitlyn Handelman, Irvin Lemus - Introduction to Exploit Development\'','\'https://forum.defcon.org/node/246042\'','\'https://forum.defcon.org/node/246042\'','','','','','\'\n
\nTitle: Sam Bowne, Elizabeth Biddlecome, Kaitlyn Handelman, Irvin Lemus - Introduction to Exploit Development
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/sam-bow...=oddtdtcreator\n
\n
\nMax Class Size: 90
\n
\n
\n
\n
\nAbstract:
\n
\nLearn how to take control of Windows and Linux servers running vulnerable software, in a hands-on CTF-style workshop. We begin with easy command injections and SQL injections, and proceed through binary exploits including buffer overflows on the stack and the heap, format string vulnerabilities, and race conditions.
\n
\nWe will exploit 32-bit and 64-bit Intel and ARM systems, and software in PHP, Python, C++, and DOT NET. We will examine modern Windows defenses in detail, including ASLR, DEP, stack cookies, and SEHOP. We will also write Rust programs and see how they prevent memory corruption vulnerabilities.
\n
\nPrevious experience with C and assembly language is helpful but not required. Participants will need a laptop that can run VMware or VirtualBox virtual machines.
\n
\nAll materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students: Familiarity with C programming and assembly language is helpful, but not essential.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A laptop capable of running a virtual machine in VMware or VirtualBox.
\n
\n
\n
\n
\nBios:
\n
\nSam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.
\n
\nCredentials: PhD, CISSP, DEF CON Black Badge Co-Winner
\n
\n
\n
\n
\nElizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
\n
\n
\n
\n
\nKaitlyn Handelman is an offensive security engineer at Amazon. Her focus is cybersecurity in space. In addition to traditional penetration testing, Kaitlyn works on physical devices and RF signals. In her free time, she enjoys ham radio, astronomy, and her cat, Astrocat.
\n
\n
\n
\n
\nIrvin Lemus, CISSP is a Cyber Range Engineer at By Light IT Professional Services, training military personnel through international cyber security exercises. Irvin has been in the field
\n
\nsince 2006, involved with cybersecurity competitions since 2015 as a trainer, coach, and mentor. He also has taught IT and Cybersecurity courses at Coastline and Cabrillo
\n
\nColleges. He is the BACCC Cyber Competitions Regional Coordinator, Board member at Pacific Hackers and is a speaker at DEFCON. He describes himself as, "A professional troublemaker who loves hacking all the things."
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1559,'\'Sam Bowne, Elizabeth Biddlecome, Kaitlyn Handelman, Irvin Lemus - Machine Learning for N00bs\'','\'https://forum.defcon.org/node/246041\'','\'https://forum.defcon.org/node/246041\'','','','','','\'\n
\nTitle: Sam Bowne, Elizabeth Biddlecome, Kaitlyn Handelman, Irvin Lemus - Machine Learning for N00bs
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/sam-bow...=oddtdtcreator\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nEvery technical product is now incorporating machine learning at an explosive rate. But most people, even those with strong technical skills, don\'t understand how it works, what its capabilities are, and what security risks come with it. In this workshop, we\'ll make machine learning models using simple Python scripts, train them, and evaluate their value. Projects include computer vision, breaking a CAPTCHA, deblurring images, regression, and classification tasks. We
\n
\nwill perform poisoning and evasion attacks on machine learning systems, and implement deep neural rejection to block such attacks.
\n
\n
\n
\n
\nNo experience with programming or machine learning is required, and the only software required is a Web browser. We will use TensorFlow on free Google Colab cloud systems.
\n
\nAll materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students: None
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A computer with a Web browser
\n
\n
\n
\n
\nBios:
\n
\nSam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.
\n
\nCredentials: PhD, CISSP, DEF CON Black Badge Co-Winner
\n
\n
\n
\n
\nElizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
\n
\n
\n
\n
\nKaitlyn Handelman is an offensive security engineer at Amazon. Her focus is cybersecurity in space. In addition to traditional penetration testing, Kaitlyn works on physical devices and RF signals. In her free time, she enjoys ham radio, astronomy, and her cat, Astrocat.
\n
\n
\n
\n
\nIrvin Lemus, CISSP is a Cyber Range Engineer at By Light IT Professional Services, training military personnel through international cyber security exercises. Irvin has been in the field
\n
\nsince 2006, involved with cybersecurity competitions since 2015 as a trainer, coach, and mentor. He also has taught IT and Cybersecurity courses at Coastline and Cabrillo
\n
\nColleges. He is the BACCC Cyber Competitions Regional Coordinator, Board member at Pacific Hackers and is a speaker at DEFCON. He describes himself as, "A professional troublemaker who loves hacking all the things."
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1560,'\'Harley Geiger, Amit Elazari - How hackers can send feedback directly to policymakers like the pros\'','\'https://forum.defcon.org/node/246040\'','\'https://forum.defcon.org/node/246040\'','','','','','\'\n
\nTitle: Harley Geiger, Amit Elazari - How hackers can send feedback directly to policymakers like the pros
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/harley-...=oddtdtcreator\n
\n
\nMax Class Size: 70
\n
\n
\n
\n
\nAbstract:
\n
\nThe first official comments on security policy live from DEF CON. The workshop will show hackers how to go through the process of submitting official comments to regulations and legislation.
\n
\nMeeting with policymakers is only one way to make your voice heard. There are also formal channels for submitting written feedback on policy proposals that become a critical part of the record for regulations. These channels are open to the public, but non-policy professionals don’t always know how to access or make the most effective use of them.
\n
\nThis workshop will walk security researchers through the process of using regulations.gov and congress.gov to find open opportunities to influence regulations, and actually submit official comments via those channels from the workshop. The workshop will also talk through how to form an advocacy strategy to amplify the impact of the comments - for example, how to find the right policymakers and staff to follow up with.
\n
\nThe workshop will be led by policy professionals with deep ties to the security community.
\n
\n
\n
\n
\nSkill Level: All Levels
\n
\nPrerequisites for students: None
\n
\nMaterials or Equipment students will need to bring to participate: To walk through the process and/or submit comments, bring a laptop, iPad, or other connected device you can type on.
\n
\n
\n
\n
\nBios:
\n
\nHarley Geiger is Counsel and Senior Director at Venable, LLP, where he leads the Security Research Legal Defense Fund and the Hacking Policy Council and counsels clients on a variety of cybersecurity issues. Prior to this, Geiger was Senior Director for Public Policy at Rapid7, where he worked to expand adoption of vulnerability disclosure and legal protections for security research. Geiger also worked as Senior Legislative Counsel in the U.S. House of Representatives, where he drafted Aaron’s Law, and served as Advocacy Director at the Center for Democracy & Technology.
\n
\n
\n
\n
\nDr. Amit Elazari is Co-Founder and CEO of OpenPolicy, the world first tech-enabled policy and advocacy company, aiming to democratize access to information concerning future regulation action, policy and lobbying to entities of all sizes by leveraging scale and technology. Prior to OpenPolicy, she served as Head of Cybersecurity Policy for Intel Corp and chaired the Cybersecurity Committee for the Information Technology Industry Council (ITI) among others. She holds a Doctoral Degree in the Law (JSD) from Berkeley Law, and graduated summa cum laude with three prior degrees in law and business. Her research appeared in leading academic journals, key conferences such as RSAC, Black Hat, DEFCON, Bsides, and USENIX, and was featured at the WSJ and NYT. She co-founded Disclose.io, a non-profit that foster adoptions of legal protections for good-faith security research. Amit has a diverse background in technical, policy, and legal roles, and practiced Hi-tech, Venture Capital, and M&A law at Israel\'s largest law firm, Goldfarb Gross Seligman & Co.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1561,'\'Josh Kamdjou, Alfie Champion - Email Detection Engineering and Threat Hunting Inbox\'','\'https://forum.defcon.org/node/246039\'','\'https://forum.defcon.org/node/246039\'','','','','','\'\n
\nTitle: Josh Kamdjou, Alfie Champion - Email Detection Engineering and Threat Hunting Inbox
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/josh-ka...=oddtdtcreator\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nEmail remains the #1 initial access vector for commodity malware and nation state actors. Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to emerging attacker activity and novel offensive tradecraft.
\n
\nIn this workshop, attendees will be given detailed insight into the latest techniques used to deliver prevalent malware strains, including QakBot and Emotet, and will hunt through email data to identify this malicious activity, developing rules to detect and block these attacks.
\n
\nInitially attendees will be introduced to the foundational technologies that enable threat hunting, detection engineering, and response in the email domain, before being given access to the email data of a fictitious company seeded with benign and real-world attack data. Throughout the day, participants will learn to hunt common phishing techniques including:
\n
\n- VIP Impersonations
\n
\n- HTML smuggling via links/attachments
\n
\n- Malicious VBA macros
\n
\n- OneNote / LNK file malware (attachments, and links to auto-downloads)
\n
\n- PDF attachments with embedded links to malware (PDF -> URL -> ZIP -> WSF)
\n
\n- Lookalike domains / homoglyph attacks
\n
\n- Credential phishing
\n
\n- Password protected archives
\n
\n- Exploits (e.g. CVE-2023-23397, CVE-2021-40444)
\n
\n- Fake invoices (Geek Squad)
\n
\n
\n
\n
\nAttendees will be guided through the rule creation process, utilizing free and open detection engines including Sublime and Yara, and will be introduced to the signals and email attributes that can be used to craft high-fidelity rules, including targeted user groups, sentiment analysis, sender domain age, and attachment analysis. Having completed the workshop, attendees will have a strong understanding of the tools and techniques at their disposal to defend their organizations from all manor of email threats.
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students: N/A. The training will cater to security practitioners with any level of technical experience. While a general understanding of email threats will be advantageous, all offensive and defensive techniques and tools in the training will be introduced at a foundational level and built on throughout the day.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Attendees should bring their own laptops in order to be hands-on, preloaded with Docker. Instructions to run the Docker images from Github will be shared. All tools used in this lab are free and/or open-source.
\n
\n
\n
\n
\nBio:
\n
\nJosh has been doing offensive security-related things for the past 12 years. He\'s spent most of his professional career breaking into networks via spear-phishing and other methods, and building software for both the public (Department of Defense) and private sectors. Josh is the Founder and CEO of Sublime Security, and in his private life enjoys weight lifting, Martial Arts, soccer, and spending time with his niece and nephew.
\n
\n
\n
\n
\nAlfie specializes in the delivery of attack detection and adversary emulation services, actively contributing education content, tooling and blogs to further the industry. He has previously worked with organisations across multiple industry verticals to uplift and validate their detective capability through red or purple team engagements, and now leads the global adversary emulation function at a FTSE 250 company. He has previously spoken at BlackHat USA, RSA and Blue Team Con 2022, among others, and is the co-founder of DelivrTo.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 09:00\n\n\n\nEnds\n\nAugust 12, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1563,'\'Chris Greer - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works\'','\'https://forum.defcon.org/node/246038\'','\'https://forum.defcon.org/node/246038\'','','','','','\'\n
\nTitle: Chris Greer - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/chris-g...=oddtdtcreator\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nLet\'s break out Wireshark and dig deep in to the TCP and IP protocols. This skill is critical for anyone interested in any area of cybersecurity, no matter the color of the hat. Almost all enumeration, scans, incident response, and traffic forensics require the analyst to dig into and interpret TCP conversations. When enumerating an environment, identifying key TCP/IP indicators in protocol headers can also help when passively fingerprinting systems.
\n
\n
\n
\n
\nIn this workshop we will roll back our sleeves and learn how TCP/IP really works - the handshake, options, sequence/ack numbers, retransmissions, TTL, and much more. This workshop welcomes all cybersecurity and wireshark experience levels.
\n
\n
\n
\n
\nSkill Level: Beginner to Intermediate
\n
\nPrerequisites for students: Just a laptop with a copy of Wireshark. I will provide the sample pcaps for analysis.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Laptop
\n
\n
\n
\n
\nBio:
\n
\nChris Greer is a network analyst and Wireshark instructor for Packet Pioneer, a Wireshark University partner. He has focused much of his career at the transport layer, specifically TCP, specializing in how this core protocol works to deliver applications, services, and attacks between systems. Chris is a regular speaker at Sharkfest - the
\n
\nWireshark Developer and User Conference. He has presented at DEFCON and other industry conferences and regularly posts Wireshark analysis tips to his YouTube channel.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1564,'\'Rodrigo Montoro - Protecting the AWS ecosystem - Misconfigurations, IAM, and Monitoring\'','\'https://forum.defcon.org/node/246037\'','\'https://forum.defcon.org/node/246037\'','','','','','\'\n
\nTitle: Rodrigo Montoro - Protecting the AWS ecosystem - Misconfigurations, IAM, and Monitoring
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/rodrigo...s-668351787187\n
\n
\nMax Class Size: 60
\n
\n
\n
\n
\nAbstract:
\n
\nCloud providers\' ecosystems have brought a lot of new challenges to companies and Security teams. Many new attack vectors create known and unknown attack vectors, generating a considerable need for further research and detection in this field.
\n
\nIn the current cloud security world, access keys are the new perimeter, and permissions associated with those keys are the limits. In many real-world scenarios, leaked access keys are the initial vectors to get into an organization\'s cloud environments. Therefore, the least privilege and detection in real-time becomes critical.
\n
\nSpecifically, in AWS, we are talking about more than three hundred (300+) services that an attacker could create their specific attack path to achieve their goal. Considering this chaotic scenario, we developed this workshop to teach how to mitigate those new vectors and improve the company\'s overall cloud security posture. The workshop will cover misconfigurations, AWS IAM (Identity and Access Management) least privilege, and control plane (Cloudtrail) monitoring.
\n
\nThis workshop will help organizations improve their cloud security posture in these three fields - misconfigurations, IAM permissions management, and control plane monitoring. There will be practical demonstrations, hands-on labs, and some Capture The Flag (CTF) to practice incident response.
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students: AWS basic to intermediate knowledge
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Just bring a laptop. Demonstrations and Capture The Flag (CTF) exercises will be executed in my AWS account and using CTFd.
\n
\n
\n
\n
\nBio:
\n
\nRodrigo Montoro has over 23 years of experience in Information Technology and Computer Security. For most of his career, he has worked with open-source security software (firewalls, IDS, IPS, HIDS, log management, endpoint monitoring), incident detection & response, and Cloud Security. Currently is Head of Threat & Detection Research at Clavis Security. Before that, he worked as Cloud Researcher at Tenchi Security, Head of Research and Development at Apura Cyber Intelligence, SOC/Researcher at Tempest Security, Senior Security Administrator at Sucuri, and Researcher at Spiderlabs. Author of 2 patented technologies involving innovation in the detection field. One is related to discovering malicious digital documents. The second one is in how to analyze malicious HTTP traffic. Rodrigo has spoken at several open source and security conferences (Defcon Cloud Village, OWASP AppSec, SANS (DFIR, SIEM Summit & CloudSecNext), Toorcon (USA), H2HC (São Paulo and Mexico), SecTor (Canada), CNASI, SOURCE, ZonCon (Amazon Internal Conference), Blackhat Brazil, BSides (Las Vegas e SP)).
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 09:00\n\n\n\nEnds\n\nAugust 10, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1565,'\'Yoann DEQUEKER - Malware development on secured environment - Write, adapt, overcome\'','\'https://forum.defcon.org/node/246036\'','\'https://forum.defcon.org/node/246036\'','','','','','\'\n
\nTitle: Yoann DEQUEKER - Malware development on secured environment - Write, adapt, overcome
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/yoann-d...=oddtdtcreator\n
\n
\nMax Class Size: 35
\n
\n
\n
\n
\nAbstract:
\n
\nThis workshop will give an initiation to offensive malware development in C/C++ and how it is possible to adapt the approach depending on the security solution that must be tackled down. Different methods such as ModuleStomping, DLL Injection, Threadless Injection and Hardware Breakpoint for dehooking will be seen.
\n
\nThe idea is to start with a basic malware performing process injection and apply additional techniques to start evading EDR. At each step, some analysis on the malware will be performed to understand the differences at the system level and the IOC detected by the EDR.
\n
\nAt the end of this workshop, you will have all the knowledge needed to develop your own malware and adapt it to the targeted environment to escape from the basic pattern and spawn your beacons as if EDR didn\'t exist.
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students: Some basic C/C++ knowledge and an entry level skills on Windows OS.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A Computer with VisualStudio Community or an equivalent compiler, WinDBG and a Windows System (Virtual machine might be better)
\n
\n
\n
\n
\nBio:
\n
\nYoann Dequeker is a red team operator at Wavestone for 4 years entitled with OSCP certification and several HTB RedTeam Prolabs. Aside from his different RedTeam operations against CAC40 companies leading him to develop several custom malware to evade EDR to ease C2 beacon deployment or phishing campaigns, he speaks at conferences such as LeHack as a Malware Development speaker and is actively sharing his knowledge on social media under the OtterHacker pseudonym.
\n
\nBeside his contribution to opensource project such as the implementation of TDO secret extraction on Impacket, he spends time playing with several EDR to understand the pros and cons of the different malware development techniques in order to craft and use the payload the most adapted to the targeted environment.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1566,'\'Wes McGrew - The Joy of Reverse Engineering: Learning With Ghidra and WinDbg\'','\'https://forum.defcon.org/node/246035\'','\'https://forum.defcon.org/node/246035\'','','','','','\'\n
\nTitle: Wes McGrew - The Joy of Reverse Engineering: Learning With Ghidra and WinDbg
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/wes-mcg...s-668400352447\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nWhile it can be intimidating to "get into" software reverse engineering (RE), it can be very rewarding. Reverse engineering skills will serve you well in malicious software analysis, vulnerability discovery, exploit development, bypassing host-based protection, and in approaching many other interesting and useful problems in hacking. Being able to study how software works, without source code or documentation, will give you the confidence that there is nothing about a computer system you can\'t understand, if you simply apply enough time and effort. Beyond all of this: it\'s fun. Every malicious program becomes a new and interesting puzzle to "solve".
\n
\nThe purpose of this workshop is to introduce software reverse engineering to the attendees, using static and dynamic techniques with the Ghidra disassembler and WinDbg debugger. No prior experience in reverse engineering is necessary. There will be few slides--concepts and techniques will be illustrated within the Ghidra and WinDbg environments, and attendees can follow along with their own laptops and virtual environments. We will cover the following topics:
\n
\n- Software Reverse Engineering concepts and terminology
\n
\n- Setting up WinDbg and Ghidra
\n
\n- The execution environment (CPU, Virtual Memory, Linking and Loading)
\n
\n- C constructs, as seen in disassembled code
\n
\n- Combining static and dynamic analysis to understand and document compiled binary code
\n
\n- Methodology and approaches for reverse engineering large programs
\n
\n- Hands-on malware analysis
\n
\n- How to approach a "new-to-you" architecture
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students: No previous reverse engineering experience required. Basic familiarity with programming in a high-level language is necessary (C preferred, Scripting languages like Python would be okay).
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A laptop with a fresh Windows 10 Virtual Machine.
\n
\n- Being able to dedicate 8GB RAM to the VM (meaning, you probably have 16GB in your laptop) will make the experience smoother, but you can get by with 4GB
\n
\n- 10 GB storage free in the VM (after installing Windows)
\n
\n- Administrative privileges
\n
\n- Ability to copy exercise files from USB
\n
\nWe will be working with live malware samples. Depending on your comfort level with this, bring a "burner" laptop, use a clean drive, or plan on doing a clean install before and after the workshop.
\n
\n
\n
\n
\nBio:
\n
\nDr. Wesley McGrew directs research, development, and offensive cyber operations as Senior Cybersecurity Fellow for MartinFed. He has presented on topics of penetration testing and and malware analysis at DEF CON and Black Hat USA and taught a self-designed course on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. Wesley has a Ph.D. in Computer Science from Mississippi State University for his research in vulnerability analysis of SCADA HMI systems.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 14:00\n\n\n\nEnds\n\nAugust 12, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1567,'\'Sergei Frankoff, Sean Wilson - Applied Emulation - A Practical Approach to Emulating Malware\'','\'https://forum.defcon.org/node/246034\'','\'https://forum.defcon.org/node/246034\'','','','','','\'\n
\nTitle: Sergei Frankoff, Sean Wilson - Applied Emulation - A Practical Approach to Emulating Malware
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/sergei-...=oddtdtcreator\n
\n
\nMax Class Size: 50
\n
\n
\n
\n
\nAbstract:
\n
\nBinary emulation is now a must-have tool for malware analysts. With a few lines of Python you can unpack binaries, skip analysis of complex algorithms, and automatically extract the configuration data from malware! It’s not too good to be true, but there is a little preparation work involved…
\n
\nIn this workshop you will set up your own emulation environment (using Python) and work through a series of common malware analysis tasks such as unpacking, and malware configuration extraction. The workshop starts simple using Unicorn to emulate x86 shellcode, and builds to a final project where syscall hooking is used with Dumpulator to automatically extract C2s from malware.
\n
\nThis workshop is aimed at malware analysts and reverse engineers who are interested in learning more about emulation and how it can be used to automate some reverse engineering workflows. Students must be able to write basic Python scripts, and have a working knowledge of the Windows OS. Familiarity with Windows malware, assembly, and debugging are strongly recommended. If you have opened malware in a debugger before you will feel right at home here.
\n
\nYou will be provided with detailed virtual machine setup instructions prior to the workshop. Please make sure to bring a laptop that meets the following requirements.
\n
\n- Your laptop must have VirtualBox or VMWare installed and working prior to the start of the course.
\n
\n- Your laptop must have at least 60GB of disk space free.
\n
\n- Your laptop must also be able to mount USB storage devices. (Make sure you have the appropriate dongle if you need one.)
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students: Students must be able to write basic Python scripts and have a basic understanding of the Windows operating system. Familiarity with a Windows malware, debugging, and assembly would also be a significant benefit.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Students must bring a laptop capable of running a Windows virtual machine with the following configuration. Time will be given to troubleshoot lab setup issues but it is strongly recommended that students have the following setup prior to the workshop.
\n
\n
\n
\n
\n[Host Setup]
\n
\n- The laptop must have VirtualBox or VMWare installed and working prior to class.
\n
\n- The laptop must have at least 60GB of disk space free.
\n
\n- The laptop must be able to mount USB storage devices (ensure you have the appropriate dongle if you need one).
\n
\n
\n
\n
\n[ VM Install ]
\n
\n- Download a free Windows 11 VM from Microsoft (\nhttps://developer.microsoft.com/en-u...tual-machines/\n)
\n
\n- You can also use a Windows VM of your choice (Windows 10 is also ok)
\n
\n
\n
\n
\n[ VM Install for Mac - Apple Silicon Only (M1, M2)]
\n
\n- If you have a new Apple Silicon MacBook you will are limited to running an ARM Windows VM
\n
\n- ARM Windows VMs are suitable for the workshop and you can follow our installation guide on YouTube (\nhttps://youtu.be/0eR8yrDLV5M\n)
\n
\n
\n
\n
\n[VM Setup]
\n
\n- Install x64dbg in your VM (\nhttps://x64dbg.com/\n)
\n
\n- Install a free version of IDA in your VM (\nhttps://hex-rays.com/ida-free/\n)
\n
\n- Install a version of Python > 3.8.x in your VM (\nhttps://www.python.org/\n)
\n
\n
\n
\n
\nBios:
\n
\nSergei is a co-founder of OpenAnalysis Inc. When he is not reverse engineering malware Sergei is focused on building automation tools for malware analysis, and producing tutorials for the OALABS YouTube channel. With over a decade in the security industry Sergei has extensive experience working at the intersection of incident response and threat intelligence.
\n
\n
\n
\n
\nSean, a co-founder of OpenAnalysis Inc., splits his time between reverse engineering, tracking malware and building automated malware analysis systems. Sean brings over a decade of experience working in a number of incident response, malware analysis and reverse engineering roles.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 09:00\n\n\n\nEnds\n\nAugust 10, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1568,'\'Ryan Holeman - Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'https://forum.defcon.org/node/246033\'','\'https://forum.defcon.org/node/246033\'','','','','','\'\n
\nTitle: Ryan Holeman - Learning to Hack Bluetooth Low Energy with BLE CTF
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/ryan-ho...=oddtdtcreator\n
\n
\nMax Class Size: 90
\n
\n
\n
\n
\nAbstract:
\n
\nBLE CTF is a series of Bluetooth Low Energy challenges in a capture-the-flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user.
\n
\nOver the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, training, and conferences have utilized it as an educational platform and CTF. As an open source, low-cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.
\n
\nThis workshop will teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. For this workshop, we will undergo a series of exercises to teach beginner students new concepts and allow more seasoned users to try new tools and techniques. After completing this workshop, you should have a good solid understanding of how to interact with and hack on BLE devices in the wild.
\n
\nIf you have done BLE CTF in the past, this class is still valuable. For advanced users, we offer BLE CTF Infinity, a sequel to BLE CTF. The workshop will also showcase new hardware platforms and client tools for interacting with and completing the exercises.
\n
\nTo prepare for the workshop, please follow the setup documentation located at \nhttps://github.com/hackgnar/ble_ctf/...kshop_setup.md\n
\n
\n
\n
\n
\nSkill Level: Beginner to Intermediate
\n
\nPrerequisites for students: To prepare for the workshop, please follow the setup documentation located at \nhttps://github.com/hackgnar/ble_ctf/...kshop_setup.md\n
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate:Preferably a Linux box with a Bluetooth controller or a Bluetooth USB dongle. An OSX or Windows machine with a Linux VM and USB passthough works as well but should be setup and tested before the workshop.
\n
\n
\n
\n
\nBio:
\n
\nRyan Holeman resides in Austin, Texas, where he works as the CISO for the peer-to-peer payment platform Strike. He is currently pursuing a Ph.D. in cyber defense from Dakota State University. He has spoken at respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon. You can keep up with his current activity, open source contributions, and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, and shredding local skateparks.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1569,'\'Ryan Chapman, Aaron Rosenmund, Brandon DeVault - Active Directory Attacks: The Good, The Bad, and...\'','\'https://forum.defcon.org/node/246032\'','\'https://forum.defcon.org/node/246032\'','','','','','\'\n
\nTitle: Ryan Chapman, Aaron Rosenmund, Brandon DeVault - Active Directory Attacks: The Good, The Bad, and The LOLwut
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/ryan-ch...=oddtdtcreator\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nThreat actors such as ransomware affiliates around the world are carrying out attacks on Active Directory (AD) at scale. When doing so, such actors often stick to the mainstream in terms of attack methodologies and tooling. But… that’s lame! Why borrow tactics, techniques, and procedures (TTPs) that are so well known and thus readily detectable?! Come hang out with us as we provide an overview of AD, show the most common attack scenarios, then show you how to detect and prevent those very attacks. Stick around as we then transition to covering what you could, and should, be doing instead.
\n
\nWe will be providing a remote network range to which you will connect. Once in the range, you will be acting as the ransomware threat actor, “pentester” as they like to call themselves. You will carry out attacks such as enumeration via Bloodhound, credential discovery and compromise, pass the hash attacks, and kerberoasting via common tools such as Mimikatz & Rubeus. After carrying out the attacks yourself, you’ll then learn how to prevent and detect those very attacks. We’ll then show you custom-developed methods to carry out the same attacks without the reliance on well-known TTPs/tools. And even better, we’ll show you how you could, at least where it’s even possible, detect the more custom/advanced methodologies.
\n
\nJoin us if you are a blue teamer, red teamer, purple teamer, cyber defender, DFIR analyst… basically anyone who wants (or needs!) to learn to defend and/or attack Active Directory. Come for the tech, stay for the humor. See ya there!
\n
\n
\n
\n
\nSkill Level: Intermediate to Advanced
\n
\nPrerequisites for students: The primary requirement for this course is a desire to learn and the determination to tackle challenging problems. In addition, having some familiarization with the following topics will help students maximize their time in this course:
\n
\n- A general background in Digital Forensics & Incident Response (DFIR)
\n
\n- Familiarity with blue team-oriented tools
\n
\n- An understanding of general networking concepts
\n
\n- Familiarity with Active Directory – though we’ll cover everything students need to know
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate:
\n
\n- A laptop with Linux/Windows/Mac desktop environment
\n
\n- Networking capability: Students will be connecting to a remote network range – They will need a wireless NIC (assuming the workshop area provides Wi-Fi, not not we’ll need to know) that can be enabled along with administrator privileges on their system
\n
\n- IMPORTANT: This workshop relies on network connectivity. Any student not able to connect to our range will be unable to follow along with the hands-on portion of the workshop.
\n
\n
\n
\n
\nBios:
\n
\nRyan Chapman is the author of SANS’ “FOR528: Ransomware for Incident Responders” course, teaches SANS’ “FOR610: Reverse Engineering Malware” course, works as a principal incident response consultant for $dayJob, and helps run the CactusCon conference in Phoenix, Arizona, USA. Ryan has a passion for life-long learning, loves to teach people about ransomware-related attacks, and enjoys pulling apart malware. He has presented workshops at DefCon and other conferences in the past and knows how to create a step-by-step instruction set to maximize hands-on learning.
\n
\n
\n
\n
\nAaron Rosenmund is the Director of Security Research and Content for Pluralsight, where he has also authored over 115 courses and technical labs across offensive and defensive security operations topics. Part time work includes service as an Cyber Warfare Operations office in the Delaware Air National guard, where he has also lead a 100+ member red team for the largest cyber exercise in the Nation, Cybershield. 4 years of highly rated talks and workshops have earned him the Distinguished speaker title from RSAC, and he looks forward to returning for the 3rd year to Defcon Workshops to bring practical emulation and testing capabilities to the people who need it most.
\n
\n
\n
\n
\nBrandon DeVault is a security researcher, blue teamer, and educator. Currently works as an author for Pluralsight and member of the FL Air National Guard. Prior experience includes work at Elastic and multiple deployments with Special Operations Command.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 09:00\n\n\n\nEnds\n\nAugust 12, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1570,'\'Robert Koehlmoos - Getting into Trouble with Machine Learning Models\'','\'https://forum.defcon.org/node/246031\'','\'https://forum.defcon.org/node/246031\'','','','','','\'\n
\nTitle: Robert Koehlmoos - Getting into Trouble with Machine Learning Models
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/robert-...=oddtdtcreator\n
\n
\nMax Class Size: 20
\n
\n
\n
\n
\nAbstract:
\n
\nThis workshop is a beginner\'s introduction to deep learning with neural networks, going from fundamentals to the latest in models for image editing, object recognition, and automated pen testing using large language models. It starts with an introduction to the theory behind deep learning, with a few toy examples to give students a feel for how these systems are built. From there we shift focus to a tour of state of the art models with a focus on running open source models locally independent of proprietary corporate systems. These systems include captcha defeat, video search and tracking, and image editing, among others. Finally, students perform a pen testing capstone using AutoGPT and HuggingGPT to understand the latest in emergent large language model reasoning capabilities. Students should have a basic understanding of how to write Python code, the class will build from there. A laptop with 8Gb of RAM and 100GB of free space will be sufficient. Students may bring laptops with more powerful GPUs, but online resources will be available for more GPU intensive models.
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students: None, this workshop will walk through all steps required to use and apply the models.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A laptop with at least 8Gb of RAM and 100GB available hard drive space. Must also be able to run a Linux based VM. This isn\'t meant to be a high bar, free online resources will be used to supplement their laptop for larger models.
\n
\n
\n
\n
\nStudents will need an OpenAI API token, which will require setting up a paid account with OpenAI. The final cost for API using in this class should be no more than $5. I wish there was not a requirement for this, but unfortunately some of the cutting edge application I want students to experiment with are only available in high enough quality using OpenAI\'s products. This may change between this submission and the start date of the class at the rate of current AI advancement.
\n
\n
\n
\n
\nBio:
\n
\nRob works as a lead machine learning engineer focusing on deep learning applications, primarily with language translation. His team works with the full pipeline of training, productionizing, and deploying machine learning applications. He is happy not only talking about theory and research but also the practicalities of model selection and designing products to meet user needs. He previously worked as a data scientist and has strong opinions about effective uses of data visualization and good UI design. He is only a little afraid of AI taking over everything.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 09:00\n\n\n\nEnds\n\nAugust 11, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1571,'\'Raúl Calvo Laorden - Advanced WiFi Attacks for Red Team Professionals\'','\'https://forum.defcon.org/node/246030\'','\'https://forum.defcon.org/node/246030\'','','','','','\'\n
\nTitle: Raúl Calvo Laorden - Advanced WiFi Attacks for Red Team Professionals
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/raul-ca...=oddtdtcreator\n
\n
\nMax Class Size: 70
\n
\n
\n
\n
\nAbstract:
\n
\nWireless networks have become ubiquitous in today\'s world, and Red Teams are increasingly using advanced WiFi attacks to gain unauthorized access to these networks. This workshop will focus on advanced WiFi attacks utilized by Red Teams to gain access to wireless networks. Participants will learn how to conduct WiFi reconnaissance, identify misconfigurations in wireless networks, create Rogue APs for launching phishing attacks, bypass WIDS, and more. The workshop is entirely virtual, and participants will have access to a lab environment where they can experiment safely. Participants must have prior knowledge of WiFi attacks on Open, WEP, and WPA2-PSK networks. The workshop covers advanced techniques for WiFi reconnaissance, creating custom TLS certificates, Rogue AP attacks, MSCHAPv2 Relay attacks, password spraying, ESSID stripping, and more. The workshop also covers the importance of Wireless Intrusion Detection Systems for Blue Teams and an example using Nzyme. Overall, this workshop is ideal for Red Team professionals looking to enhance their WiFi attack skills and stay ahead of the game.
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students: All participants in participating in this workshop must have a basic understanding of Linux, 802.11 protocol and Wireshark. Additionally, they must have prior knowledge of WiFi attacks on Open, WEP, and WPA2-PSK networks.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Participants must have access to a computer with a reliable internet connection and a virtualization software such as VirtualBox or VMware.
\n
\n
\n
\n
\nBio:
\n
\nRaúl Calvo Laorden is a Spanish Senior Cybersecurity Analyst (Pentester) who is known in the online community as r4ulcl. He has a keen interest in hacking, particularly in Active Directory (AD), WiFi, and Radio Frequency (RF). Raúl enjoys working with Docker and git. He also has a passion for music, video games, and tinkering with electronic devices.
\n
\nRaúl is the author of WiFiChallenge Lab, a 100% virtualized realistic lab designed for learning and practicing wifi hacking (presented in RootedCON 2022). He is also the creator of wifi_db, a script that parses Aircrack-ng captures into a SQLite database, extracting valuable information such as handshakes, MGT identities, interesting relations between APs, clients and their probes, WPS information, and a global view of all the APs seen. Additionally, he holds the OSCP and CRTP certifications.
\n
\nIn his free time, Raúl dedicates himself to programming hacking and cybersecurity tools. He also maintains his own micro-datacenter consisting of multiple servers and services where he continually learns and practices new technologies.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 14:00\n\n\n\nEnds\n\nAugust 11, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1572,'\'Phil Young - These Port Scans are Trash: Improving Nmap by Writing New Scripts and Libraries\'','\'https://forum.defcon.org/node/246029\'','\'https://forum.defcon.org/node/246029\'','','','','','\'\n
\nTitle: Phil Young - These Port Scans are Trash: Improving Nmap by Writing New Scripts and Libraries
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 1400 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/phil-yo...=oddtdtcreator\n
\n
\nMax Class Size: 30
\n
\n
\n
\n
\nAbstract:
\n
\nDoes anyone know how old Nmap is? If you guessed 20 years old, you’d be wrong! It’s been around since 1997 when it was first released in Phrack magazine. Since the beginning, it\'s been through multiple iterations and an entire community has developed around it. One of the most important additions to Nmap was the ability to add custom scripts. Changing Nmap from a simple port scanner to the swiss army knife of network scanners. Oftentimes, when zero days pop up, someone will write an nmap script to identify vulnerable servers within minutes. If you’ve ever wondered how people write Nmap scripts, what it would take to write your own and how you can use them, this workshop is for you.
\n
\nAttendees in this workshop will learn how to understand and update the Nmap probe file, how to write Lua scripts (which Nmap scripting uses), how to write Nmap scripts to supplement the probe file, interact with custom services and ultimately write multiple Nmap scripts to do fun stuff with ports. Once attendees have a firm grasp of the Nmap scripting engine they will be introduced to writing Nmap libraries for use by their various scripts. This workshop contains many instructor lead labs so that attendees can see their code in action. To make this workshop worthwhile, a custom service running on a port has been created which the labs will allow you to probe and identify as the course goes on.
\n
\nNmap is the workhorse behind the scenes for so many pentesters, but the resources for writing scripts are limited. The hope is that by offering this workshop, more people will be able to write Nmap scripts for the betterment of all hackingkind.
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students: Some basic understanding of how to write code (python, C, Lua, etc), how to use the Linux command line.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A laptop capable of running a linux VM
\n
\n
\n
\n
\nBio:
\n
\nPhilip Young, aka Soldier of FORTRAN, is a leading expert in all things mainframe hacking. Having spoken and taught at conferences around the world, including DEFCON, RSA, BlackHat and keynoting at both SHARE and GSE Europe, he has established himself as the thought leader in mainframe penetration testing. Since 2013 Philip has released tools to aid in the testing of mainframe security and contributed to multiple opensource projects including Nmap, allowing those with little mainframe capabilities the chance to test their mainframes. He created the Nmap TN3270 library which enabled Nmap to scan and fingerprint z/OS mainframes and SNA networks. His hope is that through education others will create new libraries and scripts to force corporations to fix their shit.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 14:00\n\n\n\nEnds\n\nAugust 10, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1574,'\'Maria Uretsky, Kavia Venkatesh, Sajjad "JJ" Arshad, Olivier Tuchon - Android App Hacking - Hack...\'','\'https://forum.defcon.org/node/246028\'','\'https://forum.defcon.org/node/246028\'','','','','','\'\n
\nTitle: Maria Uretsky, Kavia Venkatesh, Sajjad "JJ" Arshad, Olivier Tuchon - Android App Hacking - Hacking for Good!
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 0900-1300 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/maria-u...=oddtdtcreator\n
\n
\nMax Class Size: 50
\n
\n
\n
\n
\nAbstract:
\n
\nWelcome to the world of Android Hacking! This is a hands-on workshop designed to introduce you to the knowledge, tools and techniques for analyzing and exploiting vulnerabilities in Android applications.
\n
\nThe workshop will start by presenting hacking for good, insights on the Android bug bounty, then it will cover the basic concepts of Android applications, walk you through industry standard tools and techniques and then let you experiment on your own with our Android reverse engineering CTF!
\n
\n
\n
\n
\nCome and hack with us!
\n
\nThe workshop requires no prior knowledge of Android or reverse engineering.
\n
\n
\n
\n
\nSkill Level: Beginner to Intermediate
\n
\nPrerequisites for students: Before the workshop, students should follow the setup instructions to ensure they can start working on the CTFs in the workshop.
\n\nhttps://tinyurl.com/aah-setup\n
\n
\nThere is no pre-required knowledge.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Laptop with 20+ GB free hard disk space 4+ GB RAM
\n
\nMac. Windows 7/8 , Ubuntu 12.x + (64 bit Operating System),
\n
\nADB, apktool, Python & pip, JDK, jadx, Burp Suite, Wireshark, Frida, Ghidra
\n
\nAdministrative access on your laptop
\n
\n
\n
\n
\nBio:
\n
\nMaria Uretsky is leading the Android Vulnerability Rewards program at Google. Her passion is to break all the things before the bad actors do, to ensure they are kept out. During her 10+ years of software engineering and security work, she has been part of Google Cloud Security, Azure Sentinel, Windows Defender and AVG.
\n
\n
\n
\n
\nKavia Venkatesh is a Technical Program Manager on the Android Security Team at Google where she leads the execution of the Android Security Release Program aka Android Security Bulletin. Over the last 7+ years has led numerous security initiatives. Now, she\'s passionate about sharing her knowledge with the world.
\n
\n
\n
\n
\nJJ is a Senior Security SWE at Google\'s Android Security & Privacy team where he is developing tools to fight abuse in Android with focus on JavaScript-based frameworks. He has also designed CTF challenges and helped organize GoogleCTF in the past few years. Before Google, he was a Cybersecurity researcher at iSecLab and earned his PhD in Cybersecurity from Northeastern University, Boston, MA. Some domains he is active in are large-scale web security & privacy measurement, program analysis, and Malware detection.
\n
\n
\n
\n
\nOlivier Tuchon is a Security Engineer on the Android Vulnerability Research team. Olivier has been working at Google for almost 5 years, he started by chasing malware/PHA in the Play Store and into the wild (OffMarket) with a speciality in Stalkerware. Now, Olivier looks for vulnerabilities in 3P Android applications. Before Google, Olivier had been a Security Engineer in the French Army for 12 years.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 09:00\n\n\n\nEnds\n\nAugust 11, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\''),(1575,'\'Kristy Westphal - Analysis 101 for Incident Responders\'','\'https://forum.defcon.org/node/246027\'','\'https://forum.defcon.org/node/246027\'','','','','','\'\n
\nTitle: Kristy Westphal - Analysis 101 for Incident Responders
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 1400-1800 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/kristy-...=oddtdtcreator\n
\n
\nMax Class Size: 90
\n
\n
\n
\n
\nAbstract:
\n
\nYou have a theory about something you have found while roaming the network or conducting your own hackfest, but how do you go about proving it? This workshop will be a hands-on journey deep into the world of analysis. While analysis is a bit of an art form, there are methods that can be applied to make it less of a gut feeling and more of a scientific approach to support your hypothesis. From network forensics to log analysis to endpoint forensics and cloud log analysis, we will review numerous quick methods (including some analysis wizardry with R) to gain context over the data you have gathered and apply critical thinking in an attempt to find the answers. Sometimes, the answers weren’t meant to be found, but we’ll also discuss how to make the best of any conclusion that you reach.
\n
\n
\n
\n
\nSkill Level: Beginner to Intermediate
\n
\nPrerequisites for students: A curiosity for security!
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Will need a laptop with Wireshark and R installed.
\n
\n
\n
\n
\nBio:
\n
\nKristy Westphal is a versatile information technology professional with specific experience in providing advisory and management services in the area of information security and risk is currently employed as the Vice President, Security Operations at a financial services company. Specializing in leadership and program development, specific expertise in security areas includes: process analysis, risk assessments, security awareness programs, operating system security, network security, incident handling, vulnerability analysis and policy development.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 14:00\n\n\n\nEnds\n\nAugust 10, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\''),(1576,'\'James Hawk, Lander Beyer, Daniel Costantini - Hide your kids, turn off your Wi-Fi, they Rogue...\'','\'https://forum.defcon.org/node/246026\'','\'https://forum.defcon.org/node/246026\'','','','','','\'\n
\nTitle: James Hawk, Lander Beyer, Daniel Costantini - Hide your kids, turn off your Wi-Fi, they Rogue APing up in here
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 1400-1800 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/james-h...=oddtdtcreator\n
\n
\nMax Class Size: 25
\n
\n
\n
\n
\nAbstract:
\n
\nThis workshop will teach you how to deploy Rogue APs in your client\'s environment. Using Rogue APs lets you test your client\'s Wireless Intrusion Detection System, passwords, wireless phishing education, and overall wireless security. We will discuss Rogue AP Tactics, Techniques, and Procedures, and how and why they work. In this workshop we will walk through setting up an OPEN, CAPTIVE PORTAL, WPA2, and 802.1x Rogue AP. We will also go over OWE and WPA3-SAE transition mode Rogue APs.
\n
\nThe primary goal is setting up Rogue APs to harvest credentials. In the workshop, we will walk through a scenario at a client’s site, then set up a Rogue AP to harvest users’ credentials for the various networks at the site. We will go through how to crack the harvested credentials. We will be using EAPHAMMER, HOSTAPD-MANA, WIFIPHISHER, and AIRBASE-NG for the Rogue AP portion, HASHCAT, AIRCRACK-NG, and JOHN for the cracking portion. This workshop is for beginners, but participants should have basic Linux and 802.11 knowledge and be comfortable using virtual machines.
\n
\n
\n
\n
\nRecommended reading/viewing:
\n
\n\nhttps://posts.specterops.io/modern-w...s-35a8571550ee\n
\n
\n\nhttps://sensepost.com/blog/2015/impr...ks-mana-1%2F2/\n
\n
\n\nhttps://www.youtube.com/watch?v=i2-jReLBSVk\n
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students: None
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate:
\n
\nLaptop with 8 GBS RAM
\n
\nVirtual Box / VMware Installed
\n
\nWireless card with Access Point Mode and monitor mode. Recommended chip set AWUS036ACM.
\n
\n
\n
\n
\nBios:
\n
\nJames Hawk (He/Him) is a Senior Consultant with Mandiant, within Proactive Services. He is the wireless subject matter expert for his team. James has led and contributed to dozens of assessments (Red Teams and Pen Tests). He has developed internal training and tool updates for 802.11 for his company. James is a 20-year veteran of the U.S. Army and has over 10 years hands-on experience in wireless technologies. James is always researching/testing 802.11 attacks against his home lab. He is a fan of hockey, LetterKenny, and almost anything sci-fi.
\n
\n
\n
\n
\nLander Beyer (He/Him) is the Manager of Mandiant’s Proactive Services team within their Global Government section. Lander has performed dozens of penetration testing services against State, Local, and Education (SLED) organizations, to include wireless and physical assessments. Lander is a cyber branch warrant officer in the California Army National Guard, and a proud husband and father of two. He enjoys table tennis, long walks in the rain, and Domain Admin.
\n
\n
\n
\n
\nDaniel Costantini is a Principal Consultant with Mandiant, within Proactive Services. He is a Red Team/Penetration Testing subject matter expert in a variety of disciplines. Daniel has led and contributed to over a hundred Penetration/Red Team assessments. Over the years he has gained vast experience in living off the land, application, web, and network penetration testing. He continues, to strengthen his expertise in advanced wireless assessments. Daniel is a 17-year veteran of the United States Air Force (USAF) with ten of those years on active-duty and continues to serve in the United States Air Force Reserves. He has performed Penetration tests for USAF while on active duty and as a civilian contractor. He enjoys spending time with his family, playing games, and relaxing in front of the television.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 14:00\n\n\n\nEnds\n\nAugust 10, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\''),(1577,'\'Jake "Hubble" Krasnov, Dylan "CyberStryke" Butler, Kevin “Kent” Clark - Long Live the Empire...\'','\'https://forum.defcon.org/node/246025\'','\'https://forum.defcon.org/node/246025\'','','','','','\'\n
\nTitle: Jake "Hubble" Krasnov, Dylan "CyberStryke" Butler, Kevin “Kent” Clark - Long Live the Empire: A C2 Workshop for Modern Red Teaming
\n
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/jake-hu...=oddtdtcreator\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nCommand and Control (C2) is a crucial component of modern Red Teams and Advanced Persistent Threats (APTs), enabling persistent connections to target networks and facilitating the spread of control throughout the infrastructure. This comprehensive workshop will provide an in-depth understanding of C2 concepts by utilizing the open-source Empire C2 framework. Participants will gain valuable insights into the deployment, features, and real-world application of C2 in offensive security. Attendees will learn how to leverage the powerful Empire framework to create, customize, and execute advanced attack scenarios, honing their skills as red team operators.
\n
\nThe workshop will cover a range of topics, from setting up Empire, understanding listeners, stagers, and agents, to exploring Empire\'s modules and evasion techniques. Participants will engage in hands-on exercises, building their proficiency in configuring and deploying Empire servers, interacting with clients, and implementing various listeners and modules. The workshop will culminate in a mini Capture-The-Flag (CTF) challenge, where attendees will apply their newfound knowledge in a cloud-hosted environment provided by the instructors.
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students: Basic computer abilities
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Laptop with a Kali Linux VM
\n
\n
\n
\n
\nBios:
\n
\nJake "Hubbl3" Krasnov is the Red Team Operations Lead at BC Security. He has spent the first half of his career as an Astronautical Engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. Hubbl3 has presented at DEF CON, where he taught courses on offensive PowerShell and has been recognized by Microsoft for his discovery of a vulnerability in AMSI. Jake has authored numerous tools, including Invoke-PrintDemon and Invoke-ZeroLogon, and is the co-author of a cybersecurity blog at \nhttps://www.bc-security.org/blog/\n.
\n
\n
\n
\n
\nKevin “Kent” Clark is a Security Consultant with TrustedSec and Red Team Instructor with BC Security. His previous work includes Penetration Testing and Red Team Operator, focusing on initial access and active directory exploitation. Kevin contributes to open-source tools such as PowerShell Empire and publishes custom security toolkits such as Badrats and WindowsBinaryReplacements. Kevin authors a cybersecurity blog at \nhttps://henpeebin.com/kevin/blog\n.
\n
\n
\n
\n
\nDylan "CyberStryke" Butler is an Offensive Infrastructure Developer at BC Security. He began his career as a software engineer, developing high-performance systems for major tech companies. His passion for cybersecurity led him to specialize in offensive infrastructure development, where he now designs and builds robust frameworks to support red team operations.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 09:00\n\n\n\nEnds\n\nAugust 11, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1578,'\'Eigentourist - Hacking The Metal: An Intro to ARM Assembly Language Programming\'','\'https://forum.defcon.org/node/246024\'','\'https://forum.defcon.org/node/246024\'','','','','','\'\n
\nTitle: Eigentourist - Hacking The Metal: An Intro to ARM Assembly Language Programming
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/eigento...=oddtdtcreator\n
\n
\nMax Class Size: 60
\n
\n
\n
\n
\nAbstract:
\n
\n"RISC architecture is gonna change everything."
\n
\n"Yeah. RISC is good."
\n
\nSo said Angelina Jolie and Jonny Lee Miller in 1995. And while many of us weren\'t looking, RISC quietly changed everything.
\n
\nThis workshop will teach an introduction to low-level programming on the CPU that runs your favorite mobile games, apps, and everything else on your personal devices -- and is now creeping onto the desktop and into the datacenters that run the world.
\n
\nWe will write assembly code for ARM CPUs, and run it on an emulated Raspberry Pi, using the QEMU emulator. In the process, we will learn the key differences between ARM and the Intel CPUs running our workstations and servers. We will also learn to parallelize operations using the Neon coprocessor, and communicate with devices via the Raspberry\'s GPIO pins. Finally, we will explore and debug some misbehaving code, and in the end, we will emerge with a deeper understanding of low-level operations as they occur on the devices that play a vital role in our present and our future.
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students: Some previous coding experience is helpful, but mostly, a healthy curiosity
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Laptop with wifi connectivity, if wishing to participate
\n
\n
\n
\n
\nBio:
\n
\nEigentourist is a programmer who learned the craft in the early 1980s. He began formal education in computer science when the height of software engineering discipline meant avoiding the use of GOTO statements. Over the course of his career, he has created code of beautiful simplicity and elegance, and of horrific complexity and unpredictability. Sometimes it\'s hard to tell which was which. Today, he works on systems integration and engineering in the healthcare industry.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 09:00\n\n\n\nEnds\n\nAugust 10, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1579,'\'Christopher Forte, Robert Fitzpatrick - The Petting Zoo: Breaking into CTFs\'','\'https://forum.defcon.org/node/246023\'','\'https://forum.defcon.org/node/246023\'','','','','','\'\n
\nTitle: Christopher Forte, Robert Fitzpatrick - The Petting Zoo: Breaking into CTFs
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/christo...=oddtdtcreator\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nBreaking into the capture the flag (CTF) world can be daunting and many people are overwhelmed when faced with participation in these events and challenges. With how beneficial the various challenges can be to both beginners and seasoned professionals, we want to demystify this world and help people get the most out of them.
\n
\nThis workshop will start with an overview of the CTF landscape, why we do them, and what value they have in the scope of the hacking community. This presentation will include various resources and a few simple demos to show how to approach a CTF and how it may differ from "real world" hacking challenges that many of us face in our professions. Next, a short CTF will be hosted to give attendees hands-on experience solving challenges with the ability to ask for help and will be guided through the approach to successfully navigating these challenges. Upon completion, the group will have worked through various types of hacking challenges and will have the confidence to participate in other CTFs hosted throughout the year.
\n
\nAreas of focus will include:
\n
\n* Common platforms and formats
\n
\n* Overview of online resources, repositories, and how to progress
\n
\n* Common tools used in CTFs and hacking challenges
\n
\n* Basics of web challenges
\n
\n* Basics of binary exploitation and reversing challenges
\n
\n* Basics of cryptographic challenges
\n
\n* Basics of forensic and network traffic challenges
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students:
\n
\n- Be curious about CTFs and have a very basic knowledge of or exposure to fundamental topics (e.g., Linux, websites, networking, data encoding and encryption)
\n
\n- Exposure to the above concepts will help during the workshop defined CTF challenges but is not required for the workshop
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate:
\n
\n- Laptop
\n
\n- Debian-based Virtual Machine (e.g., Kali) is recommended
\n
\n- Virtualized environment or Kali is not required but Kali will provide all the tools useful in solving the challenges and help standardize available tools. All challenge solutions will be possible using default Kali installations.
\n
\n- A limited number of Kali-Chromebooks and hosted resources will be available for those having issues or unable to bring their own systems.
\n
\n
\n
\n
\nBios:
\n
\nChristopher Forte is a security researcher and a junky for learning, participating in CTFs, and solving challenges. He is curious, loves teaching others, and has a passion for breaking things. As a resident of Las Vegas, Christopher co-founded DC702, is the local Chapter President of TOOOL, and enjoys introducing people to the world of hacking and lock picking.
\n
\n
\n
\n
\nRobert Fitzpatrick is a military veteran of over 20 years. He began his cyber life leading the Information Assurance office, and quickly moved up to run the Network Operations Center, as well as the Network Test and Evaluation center. He has built multiple operations centers in both homeland and austere locations, purchased satellite infrastructures, and led vulnerability investigations for classified networks. He is also a co-founder of DC702 and enjoys training new students on an eclectic array of subjects surrounding his interests.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 09:00\n\n\n\nEnds\n\nAugust 12, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1580,'\'Arnaud SOULLIE, Alexandrine TORRENTS - Pentesting Inductiral Control Systems: OCP-U-HACK\'','\'https://forum.defcon.org/node/246022\'','\'https://forum.defcon.org/node/246022\'','','','','','\'\n
\nTitle: Arnaud SOULLIE, Alexandrine TORRENTS - Pentesting Inductiral Control Systems: OCP-U-HACK
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/arnaud-...=oddtdtcreator\n
\n
\nMax Class Size: 40
\n
\n
\n
\n
\nAbstract:
\n
\nLet’s capture the flag, literally! In this workshop you’ll participate in an engaging CTF during which you’ll take control of a robotic arm to capture a real flag on a model train!
\n
\n
\n
\n
\nTo do so, we’ll start with an introduction to Industrial Control Systems to discover the specific components, the network architectures, and even program a PLC simulator.
\n
\n
\n
\n
\nWe’ll then discover some ICS-specific protocols, with a focus on OPC-UA, a modern ICS protocol.
\n
\n
\n
\n
\nFinally, you’ll connect to our ICS setup composed of real ICS hardware and software and compete against other attendees to capture the flags with robotic hands!
\n
\n
\n
\n
\nSkill Level: Beginner
\n
\nPrerequisites for students: No specific knowledge is required
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: Students should have a laptop capable of running 64-bits virtual machines
\n
\n
\n
\n
\nBio:
\n
\nArnaud Soullié (@arnaudsoullie) is a Senior Manager at Wavestone, a global consulting company. For 12 years, he has been performing security assessments and pentests on all types of targets. He started specializing in ICS cybersecurity 10 years ago. He spoke and taught workshops at numerous security conferences on ICS topics : BlackHat Europe, BruCon, CS3STHLM, BSides Las Vegas, DEFCON... He is also the creator of the DYODE project, an open­source data diode aimed at ICS. He has been teaching ICS cybersecurity training since 2015.
\n
\n
\n
\n
\nAlexandrine Torrents is a cybersecurity expert at Wavestone. She started as a penetration tester, and performed several cybersecurity assessments on ICS. She worked on a few ICS models to demonstrate attacks on PLCs and developed a particular tool to request Siemens PLCs. Then, she started working at securing ICS, especially in the scope of the French military law, helping companies offering a vital service to the nation to comply with security rules. Now, Alexandrine works with different industrial CISOs on their cybersecurity projects: defining secure architectures, hardening systems, implementing detection mechanisms. She is also IEC 62443 certified and still performs assessments on multiple environments.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 09:00\n\n\n\nEnds\n\nAugust 10, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1581,'\'Anthony Rose, Gannon “Dorf” Gebauer, Vincent "Vinnybod" Rose - Snakes on a Screen: Taming...\'','\'https://forum.defcon.org/node/246021\'','\'https://forum.defcon.org/node/246021\'','','','','','\'\nTitle: Anthony Rose, Gannon “Dorf” Gebauer, Vincent "Vinnybod" Rose - Snakes on a Screen: Taming Offensive IronPython Techniques
\nScheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 0900 PDT
\nEventBrite Link: \nhttps://www.eventbrite.com/e/anthony...=oddtdtcreator\n
\nMax Class Size: 80
\n
\nAbstract:
\nIronPython is a powerful and flexible programming language that has been increasingly used by attackers due to its ability to bypass security controls. This practical workshop will explore the inner workings of IronPython and its unique features that enable sophisticated offensive techniques. Participants will gain hands-on experience in developing IronPython payloads that can evade modern security controls and execute malicious code on target systems.
\nThe workshop will cover the following topics:
\n1. Introduction to IronPython: Basic syntax and usage of IronPython, and how it can be used in offensive scenarios.
\n2. BYOI and DLR: Bring Your Own Interpreter (BYOI) and Dynamic Language Runtime (DLR) concepts and their role in developing offensive payloads.
\n3. Malware Development with IronPython: Develop sophisticated payloads that can bypass modern security controls and execute malicious code on target systems.
\n4. Anti-Forensics and Evasion Techniques: Techniques to make the payloads more resilient to forensic analysis and detection.
\n5. Advanced Techniques: Advanced techniques like using IronPython with C# and PowerShell and integrating the payloads with other offensive tools.
\nThis workshop is designed for offensive security professionals, red teamers, penetration testers, and anyone interested in exploring the capabilities of IronPython for offensive purposes. Participants should have a basic understanding of Python and programming concepts. By the end of the workshop, participants will have a deeper understanding of IronPython and its capabilities for developing offensive payloads.
\n
\nSkill Level: Intermediate
\nPrerequisites for students: A familiarity with python is preferred, but not required.
\n
\nMaterials or Equipment students will need to bring to participate: Laptop with Windows or other Windows VM
\n
\nBios:
\nAnthony "Coin" Rose, CISSP, is the Director of Security Researcher at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA conferences. Anthony is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing wide-spread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at \nhttps://www.bc-security.org/blog/\n.
\n
\nGannon “Dorf” Gebauer is a Security Consultant at BC Security and specializes in threat intelligence and embedded system testing. He has led teams through the Cyber Patriot, a USAF CTF that tests both defense and offensive capabilities. Currently, his expertise is focused on building automation tools for range deployments. Dorf has taught courses at both, Blackhat and DEF CON.
\n
\nVincent "Vinnybod" Rose is the Lead Developer for Empire and Starkiller. He is a software engineer with a decade of expertise in building highly scalable cloud services, improving developer operations, and building automation. Recently, his focus has been on the reliability and stability of the Empire C2 server in the most recent major update (Empire 5). Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at \nhttps://www.bc-security.org/blog/\n.
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 11, 2023 09:00\n\n\n\nEnds\n\nAugust 11, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1582,'\'Adrian Wood, David Mitchell - Creating and uncovering malicious containers Redux\'','\'https://forum.defcon.org/node/246020\'','\'https://forum.defcon.org/node/246020\'','','','','','\'\n
\nTitle: Adrian Wood, David Mitchell - Creating and uncovering malicious containers Redux
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/adrian-...=oddtdtcreator\n
\n
\nMax Class Size: 90
\n
\n
\n
\n
\nAbstract:
\n
\nContainers allow bad actors access to an excellent delivery mechanism for malware deployment in organizations, offering a wide variety of detection avoidance and persistence mechanisms. Fear not protectors, containers also offer ways to detect these, but can be fraught with challenges. Whether you\'re red, blue or just container curious this workshop is for you.
\n
\nIn this workshop, you will get hands-on with containers and kubernetes, - starting with introductory content - learning how they work, where and how to hide or find things, how to identify indicators of compromise, indicators of attack, and how to apply analysis to gain a deeper understanding of container malware and what is going on inside containers.
\n
\nThis workshop will utilize the Google Cloud Platform alongside command line operands and a small amount of open source tooling to learn both offensive and defense techniques on containers. By the end, you’ll have a solid mental model of how containers work, how they are managed and deployed, and be equipped with the ability to analyze container images, identify problems, attack container supply chains and identify familiar patterns. Ultimately, these skills will allow you to generate valuable insights for your organization’s defense or aid you in your next attack.
\n
\nThis course is designed to take you deep into the world of containers, making tooling like Kubernetes much more intuitive and easy to understand.There’s lots of labs which will be used to reinforce your learnings,in both attack and defense and the course comes with very detailed notes and instructions for setup which you can repeat on your own time. This course will provide references to scripts that make certain tasks easier, but we will be challenging you to learn the process and reasoning behind them rather than relying on automation.
\n
\nAttendees will be provided with all the lab material used in the course in digital format, including labs, guides and virtual machine setup.
\n
\n
\n
\n
\nSkill Level: Beginner to Intermediate
\n
\nPrerequisites for students: None! the class is well designed to allow those with little to no linux, kubernetes or cloud familiarity to follow along, but a basic familiarity with Linux and terminal will allow attendees to focus on the work.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A Google Cloud free tier account (basically a fresh gmail account), and an internet connected computer. We will send out instructions to attendees prior to the class, so they can be ready on the day.
\n
\n
\n
\n
\nBios:
\n
\nAdrian Wood, aka threlfall, discovered a love for hacking from cracking and modding video games and from the encouragement of online friends. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive research team at a US bank, where he was very interested in appsec, container security, CI/CD security and also founded their bug bounty program. He currently works for Dropbox, working on their red team. In his free time, he enjoys playing saxophone, working on vintage cars, and fly-fishing.
\n
\n
\n
\n
\nDavid Mitchell, aka digish0, started his hacking career as a script kiddie running 7th Sphere in mIRC in high school. Later falling in with some Linux/RedHat nerds at a local 2600 group at college while studying CS, etc. He got into Linux, started an IT career, later rediscovering his hacking script kiddie roots when a local hacker space opened up and shared members with a lockpicking group that worked in infosec as penetration testers, etc where he discovered he could get paid to do the things he liked doing in high school/college. He now works professionally as a red team member and cyber security researcher at a large financial institution. The rest of the time he spends being a dad/husband, trying not to get injured in Muay Thai/BJJ or mountain biking, and listening to either very expensive or very cheap vinyl.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 09:00\n\n\n\nEnds\n\nAugust 12, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1583,'\'Angus Strom, Troy Defty - Flipping the Coin: Red and Blue Teaming in Windows Environments\'','\'https://forum.defcon.org/node/246019\'','\'https://forum.defcon.org/node/246019\'','','','','','\'\n
\nTitle: Angus Strom, Troy Defty - Flipping the Coin: Red and Blue Teaming in Windows Environments
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 1400-1800 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/angus-s...=oddtdtcreator\n
\n
\nMax Class Size: 40
\n
\n
\n
\n
\nAbstract:
\n
\nRed and blue are two sides of the same coin. Offensive and defensive teams deliver the best results when working together; sharing knowledge, ideas, and understanding with each other. And a core part of this information exchange is understanding each respective perspective. This is the overarching theme of the workshop; attackers thinking like defenders, and defenders thinking like attackers.
\n
\nBy the end of the workshop, attendees will:
\n
\n1. Understand and perform common offensive attacks (supported by the Metasploit Framework) against Windows Domains, including:\n
\n2. Understand the process of detecting attacks against Windows infrastructure, including how to design and implement their own detection rules based on attendees’ previous attacks, using:\n
\n3. Understand and appreciate how the actions and processes of red and blue teams are interlinked, for the greater collective good. Recommended (but not required) prior reading:\n
\n
\n
\n
\nSkill Level: Beginner to Intermediate
\n
\nPrerequisites for students:
\n
\nBasic understanding of the Linux and Windows command line, and some basic knowledge of IP networking and routing. A basic understanding of Active Directory and exposure to the Metasploit Framework/Meterpreter are beneficial, but not required.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate:
\n
\nLaptop, 8GB RAM, OpenVPN Client, Remote Desktop Protocol (RDP) client. It is strongly recommended that attendees have local administrative rights to their device.
\n
\nAn Internet connection is also required; DEF CON’s (authenticated) WiFi network will suffice, however attendees should consider alternative options in favour of resiliency (e.g. tethering/hotspotting cell phones).
\n
\n
\n
\n
\nBios:
\n
\nAngus (0x10f2c_) is currently a Senior Security Engineer working at a tech company. He obtained a love for all things computers by scavenging computer parts from local garbage pickups as a kid, and then trying to make them work together without blowing up. Angus eventually realised that a career could be made out of his skills hacking together poorly written LUA code in Garry’s mod, and finished a Bachelors in Network Security. In his professional career Angus has 5+ years working in Security Consulting, working across many industries and gaining many shells. More recently Angus has made the move to a security engineer focused role. When not hacking he loves to ski on the little snow that Australia has, and loves to paint small miniatures while listening to Drone Metal.
\n
\n
\n
\n
\nHaving worked in the UK and Australian InfoSec industries for just over a decade, and following 8 and a half years of red teaming, Troy jumped the proverbial fence from red to blue, and is currently a Security Engineering Manager at a tech company. His interest and experience is in detection engineering, red teaming, threat modelling, hardware, and assessing ICS environments. Other interests include music, electronics, the outdoors, travel, rugby, CTF, and being bad at golf.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 14:00\n\n\n\nEnds\n\nAugust 10, 2023 18:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\''),(1585,'\'Matt Cheung - Introduction to Cryptographic Attacks\'','\'https://forum.defcon.org/node/246018\'','\'https://forum.defcon.org/node/246018\'','','','','','\'\n
\nTitle: Matt Cheung - Introduction to Cryptographic Attacks
\n
\nScheduled Date and Time (Pacific Standard): Thursday, August 10, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/matt-ch...=oddtdtcreator\n
\n
\nMax Class Size: 30
\n
\n
\n
\n
\nAbstract:
\n
\nUsing cryptography is often a subtle practice and mistakes can result in significant vulnerabilities. This workshop will cover many of these vulnerabilities which have shown up in the real world, including CVE-2020-0601. This will be a hands-on workshop where you will implement the attacks after each one is explained. I will provide a VM with Python dependencies and skeleton code included so you can focus on implementing the attack. A good way to determine if this workshop is for you is to look at the challenges at cryptopals.com and see if those look interesting, but you could use in person help understanding the attacks. While not a strict subset of those challenges, there is significant overlap. Participants should have VMWare, VirtualBox, or some other VM software installed.
\n
\n
\n
\n
\nSkill Level: Beginner to Intermediate
\n
\nPrerequisites for students: Students should be comfortable with modular arithmetic and the properties of XOR. Experience in Python or other similar language will be a plus.
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate: A laptop with VMWare or VirtualBox installed and capable of running a VM.
\n
\n
\n
\n
\nBio:
\n
\nMatt Cheung started developing his interest in cryptography during an internship in 2011. He worked on implementation of a secure multi-party protocol by adding elliptic curve support to an existing secure text pattern matching protocol. Implementation weaknesses were not a priority and this concerned Matt. This concern prompted him to learn about cryptographic attacks from Dan Boneh\'s crypto 1 course offered on Coursera and the Matasano/cryptopals challenges. From this experience he has given workshops at the Boston Application Security Conference, BSidesLV, DEF CON, and the Crypto and Privacy Village.
\n
\n
\n
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 10, 2023 09:00\n\n\n\nEnds\n\nAugust 10, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''),(1586,'\'Maxine Filcher, Zach Reavis - BLE Security 201\'','\'https://forum.defcon.org/node/246017\'','\'https://forum.defcon.org/node/246017\'','','','','','\'\n
\nTitle: Maxine Filcher, Zach Reavis - BLE Security 201
\n
\nScheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 0900 PDT
\n
\nEventBrite Link: \nhttps://www.eventbrite.com/e/maxine-...=oddtdtcreator\n
\n
\nMax Class Size: 80
\n
\n
\n
\n
\nAbstract:
\n
\nThere have been plenty of talks on intro BLE security topics, it’s time for us to put it to use. This workshop will serve as a refresher for the BLE skills gained in previous talks, while walking students to the next level through utilizing BLE as an initial ingress vector to compromise a simulated corporate network. Come join us while we demonstrate the importance of investigating all wireless protocols in your corporate environment.
\n
\n
\n
\n
\nSkill Level: Intermediate
\n
\nPrerequisites for students: None
\n
\n
\n
\n
\nMaterials or Equipment students will need to bring to participate:
\n
\nLaptop
\n
\nAndroid Phone
\n
\n
\n
\n
\nBio:
\n
\nMaxine, or Freqy, is a US Army Veteran, possessing a master\'s degree in Cybersecurity and is widely recognized for her expertise in wireless security. In sharing her knowledge, she has delivered many presentations over the last five years, exploring various facets of wireless security. Maxine\'s grasp of BLE security has helped her play pivotal roles in assisting numerous large-scale corporations in fortifying the security of consumer devices that are ubiquitous to millions of households worldwide
\n
\n
\n
\n
\nZach, also known as justadequate, is an OSCP-certified wireless security expert specializing in waveform reverse engineering, exploit development, and embedded systems penetration testing. Demonstrating in-depth knowledge and experience in these areas, he has worked in both consulting and formal security test and engineering roles to develop, assess, and secure systems ranging from aircraft to SCADA/ICS to IoT/home-use devices deployed around the world.
\n​\n\n\n\n\n\n\n\n\n\n\n\n\nStarts\n\nAugust 12, 2023 09:00\n\n\n\nEnds\n\nAugust 12, 2023 13:00\n\n\n\nLocation\n\nLas Vegas, NV, DEF CON 31\n\n\n\n\n\''); /*!40000 ALTER TABLE `workshops` ENABLE KEYS */; UNLOCK TABLES; -- -- GTID state at the end of the backup -- SET @@GLOBAL.GTID_PURGED='b4148ec7-37aa-11e6-bdd9-003048850f62:1-897773, f9f9d5a4-23aa-11e5-b61b-0021856cfce2:1-316626'; /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; -- Dump completed on 2023-08-12 13:03:47