Name: Rob Ragan @sweepthatleg
Title: Lord of the Bing: Taking back search engine hacking from Google and Bing
Abstract: During World War II the CIA created a special information intelligence unit to exploit information gathered from openly available sources. One classic example of the team’s resourcefulness was the ability to determine whether Allied forces had successfully bombed bridges leading into Paris based on increasing orange prices. Since…
Name: Rob Ragan @sweepthatleg
Title: Lord of the Bing: Taking back search engine hacking from Google and Bing
Abstract: During World War II the CIA created a special information intelligence unit to exploit information gathered from openly available sources. One classic example of the team’s resourcefulness was the ability to determine whether Allied forces had successfully bombed bridges leading into Paris based on increasing orange prices. Since…
Name: Dave Shackleford @daveshackleford & Rick Hayes @ISDPodcast
Title: Testing Exfiltration: Recreating Outbound Evil
Abstract: For years, security professionals have worried about protecting the perimeter, as well as systems and applications, from external threats. Insider threats have become much more prevalent now, as have stealthy sophisticated attacks and malware. Much to-do has been made of solutions like DLP and IPS, but are they really…
Name: Christopher Elisan @tophs
Title: Malware Factory – A Peek at the Dark side of the Force
Abstract: Every year, the number of unique malware samples being discovered by anti-virus vendors grows more astounding. In 2010, 50,000 to 60,000 unique samples per day are fast becoming the norm and many of them are targeting enterprise businesses. This keeps every enterprise security team awake at night and it is a big challenge for anti-virus vendors,…
Name: Dave Kennedy @dave_rel1k and Eric Smith @infosecmafia
Title: Strategic Penetration Testing: All up in your shiz.
Abstract: The term penetration testing has become one of the many “buzz” words used incorrectly within security policies, regulations and consulting services for a number of years now. Over time the value of the service has been lost partially due to improper testing techniques and methodologies, false expectations, inadequate skill…
Name: Chris Nickerson @indi303
Title: Top 5 Ways to Steal a Company “Forget root, I want it all”.
Abstract: This will be a highly interactive talk with the audience! The corporate landscape is built on a toothpick pillar and it is time to point it out. This talk will challenge the audience to find flaws in pictures/videos, identify universal weak points in culture and design, as well as go through the top 5 ways to completely take over most of the…
Name: Mike Doyle @fe3mike
Title: Pivoting arbitrary tools with Socket Proxy
Abstract: An attack platform can host many tools for reconnaissance, enumeration, vulnerability analysis, and exploitation. These are all too frequently left at the doorstep of the target network once the first host is compromised. Socket Proxy is a post-exploitation pivot tool for leveraging the versatility of your attack platform in the network context of a compromised…
Name: Martin Fisher @armorguy
Title: Why We Suck At Incident Response (and How To Suck Less)
Abstract: If we're honest with ourselves we generally suck at Incident Response. We'll discuss people, process, and tools and reveal the secret to creating teams and techniques that will help us suck less at IR.
Name: Thomas Cross
Title: Unauthorized Internet Wiretapping: Exploiting Lawful Intercept
Abstract: For many years people have been debating whether or not surveillance capabilities should be built into the Internet. Cypherpunks see a future of perfect end to end encryption while telecom companies are hard at work building surveillance interfaces into their networks. Do these lawful intercept interfaces create unnecessary security risks?
This talk…
Just think about it… What if you were trapped under something heavy and the mouse was out of your reach? Scary, right? That's exactly why we have these keyboard shortcuts so you can still use Vimeo until the help arrives.
