Category Archives: Speakers

BSides Detroit 13 Episode 20

David Schwartzberg (@DSchwartzberg) is this week’s podcast guest. David discusses GrrCON, ZeuS bot Exploit Kit Command & Control, and David’s book: Computers for Kids: Something In, Something Out. David will be giving his talk, Zeus C&C for Tech Support, on Saturday.

We end the podcast with an announcement from BSides: BSides Detroit Kids. In conjunction with Brain Monkeys, BSides Detroit is hosting a full day of workshops for kids ages 8-12. The sessions include Scratch Arcade, Kids CAD Lego, and Sumo Battle Bots. The event is poised to introduce the next generation to compute and hardware hacking. Tickets are available below.

Zeus C&C for Tech Support Abstract: Inspired by Adam Johnson’s presentation at GrrCON 2011 titled “ZeuS – Inside Command and Control” on how to build a ZeuS bot Exploit Kit Command & Control. I thought it would be fun to use this newly gained knowledge to build a C&C in an effort to provide tech support for my family members. Have you been in that situation where everyone you know comes to you with their computer problems? Just because you have a knack for technology, people you know seem to think that you enjoy fixing all their problems, most self-inflicted. Welp, here’s your chance to help them and have some real fun. This mostly hand’s on demonstration will walk through setting up your very own C&C and configuring the basic settings to get you started. When ready to rock, you will learn how to fun while fixing their problems. Live malware will be used during this presentation so make sure you turn off your WiFi.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 19

James Foster joins Wolfgang Goerlich on the podcast to discuss trust relationships. How does pass-the-hash actually work? James: “Before I did security assessments and pen testing, I knew about some of these problems. I think a lot of Windows admins and defenders do. But I did not fully understand their implications and I did not fully understand their impact. And that is the reason I want to do this talk.” Listen to learn more.

Abstract: What’s a trust relationship? Explicit ones are easy — these you setup explicitly and on purpose, like when you want Domain A to trust Domain B for authentication. It’s the implicit ones that will get you, the ones you didn’t setup on purpose. Like when you have the same local administrator password on a bunch of systems (own one, own them all!). Or when a domain admin leaves an access token behind on some user’s workstation (user owns the domain!). If you support or defend Windows systems, you should know about the different kinds of implicit trusts in Windows (accounts, cached credentials and access tokens) and how to reduce your risks from them. Oh, and you know the phase of an APT-style attack after the end user’s workstation is compromised but before they own your domain? The one that is sometimes glossed over with the phrases “lateral movement” and “privilege escalation”? Oftentimes, this happens by exploiting trust relationships.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 18

Fresh from BSides Chicago’s New and Local track, Eve Adams joins us on the BSides Detroit podcast. Eve covers her Chicago experience, explains a bit about what she does (and why she is better than Willy Wonka), and gives a preview of her talk: Hack the Hustle.

Abstract: While information security is widely considered a negative-unemployment industry (it’s actually closer to 3%), most of us will look for a job at some point. Seasoned technical recruiter Eve Adams (@HackerHuntress) provides infosec-specific insight on writing resumes that get you the kind of attention you want, getting short-listed for cool positions before they’re even posted, strategically riding infosec employment trends, and how to most effectively work with those delightful recruiters. This talk will have something for those just entering the workforce, mid-career security professionals, and former VAX hackers alike!

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 17

On this episode, J Wolfgang Goerlich interviews the BSides Detroit 13 business keynote speaker. His talk is Creating a security culture – a holistic view on security.

Kai Roer, the founder and Senior Partner of The Roer Group, is a European author and speaker. He has delivered speeches and trainings in more than 20 countries on four continents. Kai speaks about leadership, communication and security. He is a guest lecturer at two universities in Europe, and have consulted organizations of all sizes since 1994. Kai maintain an infosec blog at You can also follow him on twitter as @kairoer.

Abstract: All the talk about security awareness training the past year has boosted the idea that training is futile and a waste of time. What are the mechanisms that drive security? Can we point to areas in psychology that relates to how we treat security? Are we, the infosec community, the best resource to teach security? This talk will boggle your mind, and possibly turn everything you know and believe about users, security and awareness upside down

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 16

Jeff Multz, Director of North America Midmarket Sales for Dell SecureWorks, joins the podcast to discuss his talk: The Ever-evolving Threat Landscape. SecureWorks provides Jeff with a unique vantage point for watching the threats evolve, given they monitor literally billions of events daily. Combining real life examples with the things he learned from watching Terminator movies, Jeff explains how criminal hacking is changing and how businesses can respond. As Jeff says, “It is not about technology. It is about humanity.”

Abstract: Hacking has gone from a sport to a high-income business where criminals in the underground net millions of dollars a year. The days of just needing anti-virus and firewalls are long gone as security threats can double in a year and have become so sophisticated and stealthy that hackers could be inside a network for years without notice. In this presentation, Jeff Multz will show you how the threat landscape has changed in the past decade, and what malware can do to your network today that was unheard of just a few years ago. You’ll see why the regulatory agencies continue to increase their security guidelines and why just having firewalls and IDS/IPS systems are not enough. Dell SecureWorks, which sells no products, will teach you about the latest threats and vectors for attacks to help you understand what you need to do to block them.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 13

Mark Stanislav (@markstanislav) joins the podcast to discuss the evolution in his thinking about ethical hacking, responsible disclosure, and the value of combining both red team and blue team responsibilities. Mark then shares a few tips from his talk, So You Want to Hire a Penetration Tester: 10 Tips for Success.

Abstract: Whether due to compliance needs, best practices, or customer demand, penetration testing is an increasing requirement for many organizations. The process of hiring and working with an Ethical Hacking (EH) services company is much like every other IT contracting process at first glance, but has a number of important details to consider from company selection through post-penetration remediation. Come learn from a penetration tester the types of information that will allow your organization to have the best experience possible when going through the sometimes agonizing, always interesting, process of a penetration test. Most importantly, questions will be highly encouraged so that your concerns and thoughts can be addressed during this presentation.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 12

Kevin Poniatowski joins the podcast to talk about the value of good information security training and his talk, How I Learned to Stop Worrying and Love BYOD. Kevin is with Safelight and has a unique and well-informed view of training and BYOD.


“Tweeting from the pub using my work Twitter account seemed like a good idea at the time.”

“How could our customer data be stolen? No one knows my iPhone pin except me.”

“After I send off this email to sales, I’m going to download Angry Chinese Birds. It’s free!”

It’s becoming more and more common for staff to bring their own devices to work, and blending their personal data with sensitive organizational data. What could possibly go wrong? Lack of user education concerning both physical and cyber threats to mobile devices and the sensitive data stored within them is creating an epidemic of embarrassment to organizations. This presentation will highlight the dangers of an untrained staff bringing their own devices to work and the steps that could be taken to mitigate the risk of lost data, compromised devices, and embarrassing Twitter posts.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 11

Matt Johnson (@mwjcomputing) is this week’s podcast guest. Matt discusses the #MiSec BSides Detroit dinner, the value of blue team defenses, and, of course, PowerShell. Matt is the founder of the Michigan PowerShell User Group and has submitted a talk to BSides Detroit 13 titled Incident Management with PowerShell.

Abstract. Have you seen the latest scare? The Java 0-day exploit that allows attackers to execute code on your computer? Now scares come and scares go. But let’s suppose for a moment your servers were infected using this exploit. How could your administrators detect the attack? How do you recover? Even better, what could have been done beforehand and how could you prevent this from happening again?

Incident Management , of course, is the security practice that seeks to answer these questions. In Windows server environments, PowerShell is the way Incident Management gets put into practice. This session will introduce InfoSec professionals and systems administrators to PowerShell’s security features. Using the Java 0-day exploit as a driver, we will walk through the lifecycle of an incident. The audience will leave with information on the policy and practice of Incident Management with PowerShell.

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 10

Steve Aiello joins the BSides podcast to chat about his talk, Building Securable Infrastructures. A return to first principles, Steve looks into how designing security from the beginning and considering security holistically leads to lower costs and stronger security postures. It may not be sexy but it works. And as Wolfgang Goerlich says, “Working is the new sexy.”

Abstract. This session asks the question: “How do I design my environment to be securable?” Until computing systems are designed and built with security and in mind we will be trapped in a cycle of post implementation Band-Aid style fixes. Without designing infrastructures from the ground up with security in mind and real attempt to defend against directed attacks will be largely unsuccessful.

  • How do we evaluate products in a systematic manor to eliminate vulnerabilities we invite into our environments?
  • Where is money more wisely spent: on developing quality security policies and guidelines? Or on buying, configuring, and maintaining security products?
  • What are critical questions that we should be asking our vendors when we are evaluating new products for our environments?

For more information about BSides Detroit 13, please see:

BSides Detroit 13 Episode 09

This week’s guest, James Siegel (WolfFlight), joins Wolfgang to chat about CCDC, the value of hallway con, and building security awareness in the “Bring Your Own” age. James also previews his talk on OSSEC and host-based intrusion detection, titled: Looking Through the Peephole.

Abstract. Many professionals simply rely on AV and other similar solutions to let them know if they are being digitally assaulted. Those tools rely on heuristics and signatures. OSSEC will be used to demonstrate Host-based Intrusion Detection. The act of actively monitoring the systems behavior to determine if something outside of normal activity or the baseline is occurring and to alert the user or designated personnel.

For more information about BSides Detroit 13, please see: