Category Archives: BSides Detroit 13

BSides Detroit 13 Episode 21

Chris (@rattis) is our last guest before BSides Detroit 13. In this episode, Chris chats with Wolfgang Goerlich about last year’s podcast, Chris’s work as the EMU IA president, and what Chris has planned for this year’s lockpick village. For those participating in the CTF, stay tuned for hints on the physical challenges.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 20

David Schwartzberg (@DSchwartzberg) is this week’s podcast guest. David discusses GrrCON, ZeuS bot Exploit Kit Command & Control, and David’s book: Computers for Kids: Something In, Something Out. David will be giving his talk, Zeus C&C for Tech Support, on Saturday.

We end the podcast with an announcement from BSides: BSides Detroit Kids. In conjunction with Brain Monkeys, BSides Detroit is hosting a full day of workshops for kids ages 8-12. The sessions include Scratch Arcade, Kids CAD Lego, and Sumo Battle Bots. The event is poised to introduce the next generation to compute and hardware hacking. Tickets are available below.

Zeus C&C for Tech Support Abstract: Inspired by Adam Johnson’s presentation at GrrCON 2011 titled “ZeuS – Inside Command and Control” on how to build a ZeuS bot Exploit Kit Command & Control. I thought it would be fun to use this newly gained knowledge to build a C&C in an effort to provide tech support for my family members. Have you been in that situation where everyone you know comes to you with their computer problems? Just because you have a knack for technology, people you know seem to think that you enjoy fixing all their problems, most self-inflicted. Welp, here’s your chance to help them and have some real fun. This mostly hand’s on demonstration will walk through setting up your very own C&C and configuring the basic settings to get you started. When ready to rock, you will learn how to fun while fixing their problems. Live malware will be used during this presentation so make sure you turn off your WiFi.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 19

James Foster joins Wolfgang Goerlich on the podcast to discuss trust relationships. How does pass-the-hash actually work? James: “Before I did security assessments and pen testing, I knew about some of these problems. I think a lot of Windows admins and defenders do. But I did not fully understand their implications and I did not fully understand their impact. And that is the reason I want to do this talk.” Listen to learn more.

Abstract: What’s a trust relationship? Explicit ones are easy — these you setup explicitly and on purpose, like when you want Domain A to trust Domain B for authentication. It’s the implicit ones that will get you, the ones you didn’t setup on purpose. Like when you have the same local administrator password on a bunch of systems (own one, own them all!). Or when a domain admin leaves an access token behind on some user’s workstation (user owns the domain!). If you support or defend Windows systems, you should know about the different kinds of implicit trusts in Windows (accounts, cached credentials and access tokens) and how to reduce your risks from them. Oh, and you know the phase of an APT-style attack after the end user’s workstation is compromised but before they own your domain? The one that is sometimes glossed over with the phrases “lateral movement” and “privilege escalation”? Oftentimes, this happens by exploiting trust relationships.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 18

Fresh from BSides Chicago’s New and Local track, Eve Adams joins us on the BSides Detroit podcast. Eve covers her Chicago experience, explains a bit about what she does (and why she is better than Willy Wonka), and gives a preview of her talk: Hack the Hustle.

Abstract: While information security is widely considered a negative-unemployment industry (it’s actually closer to 3%), most of us will look for a job at some point. Seasoned technical recruiter Eve Adams (@HackerHuntress) provides infosec-specific insight on writing resumes that get you the kind of attention you want, getting short-listed for cool positions before they’re even posted, strategically riding infosec employment trends, and how to most effectively work with those delightful recruiters. This talk will have something for those just entering the workforce, mid-career security professionals, and former VAX hackers alike!

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 17

On this episode, J Wolfgang Goerlich interviews the BSides Detroit 13 business keynote speaker. His talk is Creating a security culture – a holistic view on security.

Kai Roer, the founder and Senior Partner of The Roer Group, is a European author and speaker. He has delivered speeches and trainings in more than 20 countries on four continents. Kai speaks about leadership, communication and security. He is a guest lecturer at two universities in Europe, and have consulted organizations of all sizes since 1994. Kai maintain an infosec blog at http://roer.com You can also follow him on twitter as @kairoer.

Abstract: All the talk about security awareness training the past year has boosted the idea that training is futile and a waste of time. What are the mechanisms that drive security? Can we point to areas in psychology that relates to how we treat security? Are we, the infosec community, the best resource to teach security? This talk will boggle your mind, and possibly turn everything you know and believe about users, security and awareness upside down

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 16

Jeff Multz, Director of North America Midmarket Sales for Dell SecureWorks, joins the podcast to discuss his talk: The Ever-evolving Threat Landscape. SecureWorks provides Jeff with a unique vantage point for watching the threats evolve, given they monitor literally billions of events daily. Combining real life examples with the things he learned from watching Terminator movies, Jeff explains how criminal hacking is changing and how businesses can respond. As Jeff says, “It is not about technology. It is about humanity.”

Abstract: Hacking has gone from a sport to a high-income business where criminals in the underground net millions of dollars a year. The days of just needing anti-virus and firewalls are long gone as security threats can double in a year and have become so sophisticated and stealthy that hackers could be inside a network for years without notice. In this presentation, Jeff Multz will show you how the threat landscape has changed in the past decade, and what malware can do to your network today that was unheard of just a few years ago. You’ll see why the regulatory agencies continue to increase their security guidelines and why just having firewalls and IDS/IPS systems are not enough. Dell SecureWorks, which sells no products, will teach you about the latest threats and vectors for attacks to help you understand what you need to do to block them.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 15

This week’s episode is a special cross-post with our friends at BSides Chicago. We discuss both events, the success of our collaborations, the CTF, and Hackers on a Train. Check it out here, and also be sure to visit SecureChicago.

BSides Detroit 13 Episode 14

Raphael Mudge (@armitagehacker) brings us up to speed on Metasploit, Armitage, and Cobalt Strike. He then introduces his new workshop: Armitage and Cobalt Strike. “My idea of hacking is taking the tactics, techniques, and procedures that different threats are using today and using them against our organizations to understand how our controls stand up when exercised in concert by a sophisticated adversary.” Listen in and find out how Cobalt Strike makes this possible.

Abstract: The Metasploit Framework is a must-have tool for penetration testers. Armitage builds a workflow on top of the Metasploit Framework and exposes its most advanced capabilities. Cobalt Strike augments Armitage with tools to simulate advanced persistent threat-style targeted attacks. This lab oriented class will introduce you to the penetration testing process from the perspectives of Armitage and Cobalt Strike. You’ll learn how to craft an attack package, deliver it to a target, spy on a user, attack systems from a foothold, and abuse trust relationships to gain access.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 13

Mark Stanislav (@markstanislav) joins the podcast to discuss the evolution in his thinking about ethical hacking, responsible disclosure, and the value of combining both red team and blue team responsibilities. Mark then shares a few tips from his talk, So You Want to Hire a Penetration Tester: 10 Tips for Success.

Abstract: Whether due to compliance needs, best practices, or customer demand, penetration testing is an increasing requirement for many organizations. The process of hiring and working with an Ethical Hacking (EH) services company is much like every other IT contracting process at first glance, but has a number of important details to consider from company selection through post-penetration remediation. Come learn from a penetration tester the types of information that will allow your organization to have the best experience possible when going through the sometimes agonizing, always interesting, process of a penetration test. Most importantly, questions will be highly encouraged so that your concerns and thoughts can be addressed during this presentation.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 12

Kevin Poniatowski joins the podcast to talk about the value of good information security training and his talk, How I Learned to Stop Worrying and Love BYOD. Kevin is with Safelight and has a unique and well-informed view of training and BYOD.

Abstract:

“Tweeting from the pub using my work Twitter account seemed like a good idea at the time.”

“How could our customer data be stolen? No one knows my iPhone pin except me.”

“After I send off this email to sales, I’m going to download Angry Chinese Birds. It’s free!”

It’s becoming more and more common for staff to bring their own devices to work, and blending their personal data with sensitive organizational data. What could possibly go wrong? Lack of user education concerning both physical and cyber threats to mobile devices and the sensitive data stored within them is creating an epidemic of embarrassment to organizations. This presentation will highlight the dangers of an untrained staff bringing their own devices to work and the steps that could be taken to mitigate the risk of lost data, compromised devices, and embarrassing Twitter posts.

For more information about BSides Detroit 13, please see: