BSidesChicago 2017

A host of sources, threaten our networks. Most common is the use of wireless networks within our enterprises. Sure, it’s convenient, however, many organizations create vulnerabilities because of their wireless networks, sometimes exposing sensitive information that is valuable to criminals. A lot of this started with "War–Driving”, but there are more and more vehicles/methods that attackers are using today that it’s hard to keep up with them. So, let’s just call it “War-XXXing”. Obviously, this begs a couple of questions. What is War–XXXing? Where can it lead? How can I protect my infrastructure?

Nearly every day we hear about another compromise of a system that involves a breakdown of security. In many cases, the reason for compromise can be traced back to vulnerabilities that were not found or understood and not mitigated. The attacker(s) used those vulnerabilities to carry out threats against the system.

Threat modeling is a way of thinking about what can go wrong and how to prevent it. Instinctively, we all think this way in regard to our own personal security and safety. When it comes to building or evaluating information systems, we need to develop a similar mindset. In this session, Robert provides practical strategies to develop a threat modeling mindset by: understanding a system, identifying threats, identifying vulnerabilities, determining mitigations and applying the mitigations through risk management.

Phishing and other social engineering scams continue to proliferate and evolve with new hybrid attacks despite the best efforts of endpoint security and gateway solutions to block them. How do you keep up and what are the most effective methods for securing your organization to combat cyber crime?

This session will educate attendees about classic and current social engineering trends. It will also look at recent attacks and how the organizations could have better protected themselves.

This is not a highly technical talk, but neither is the problem it addresses. The session is intended for an intermediate experience level and will examine:
•         Current phishing trends
•         Vishing and Smishing attacks
•         CEO Fraud and W2 Scams
•         Effective mitigation strategies
•         How your end-users can be mobilized as your last line of defense. 

Bridging the socio-technical divide is imperative to creating a secure future. The thing is, technologists and "normals" (i.e. non-technical folk, whom I've also heard called "Muggles" at cons-- because that's not demeaning or anything) work differently. We think differently. We speak differently. And until we're able to show normals that we understand their needs and are here to help, they will continue to view us with mistrust.

That, of course, requires that technologists actually be able to understand their needs. In my talk, I leverage insights from cognitive science, psychology, economics, design and other disciplines to help techies and infosec professionals engage with normals, be they executives or users, companies, customers or kids.

This topic should be considered because it is critical to the future of information security. Security won't work until it works for everyone, which includes the non-technical folks who shy away at any mention of "cybersecurity," "hackers," or "two-factor authentication."
 
Technologists are realizing this, and we are at the beginning of a shift in the infosec community: user experience and user interface designers are finding roles at cybersecurity companies; we're seeing tools with dashboards, not the command prompt. But successful user adoption requires education, interaction, and trust-- and that only comes with real-life, in-person interactions. 

This talk will be a tool review of x-ways forensics. Even though this is commercial software, I found it to be crucial in every single one of my investigations. Forensics is a tough field in that there are few tools that can only be viewed or demo’ed if you are part of an organization or have money to purchase the software. I will show the latest version of x-ways forensics and how it can be used in an investigation. I will also do some small comparisons with encase, autopsy, and forensics explorer to show the differences. This will be beneficial to someone beginning in forensics as I will be going over some forensic techniques or someone who does forensics but has not had the ability to try x-ways. 

This talk will demonstrate how easy identity theft has become because of OSINT and the ability to easily social engineer and grab meta data. It will cover how an attacker uses OSINT to build targeted attacks.  How an attacker builds a profile using software to represent their data about you. How an attacker uses data points to pivot from one source to another online. The target was a random target that was picked. Not only does it cover his current activity but his cached activity which enables attackers to target him. The story will show how an initial search to a complete PWNAGE was done on the individual because of a random blog that was discovered. This talk also shows how easily I was able to find his company's email format, private IP addresses which could of completely allowed me to own his companies network because his company allowed BYOD. It will cover how you can better prepare and protect yourself.

More threat data is being produced today than in any time in history. It becomes nearly impossible to gauge whether the threat is relevant to you or not. 

The human factor is highly important, but some automation needed to help with such big datasets. Security analysts should act fast and block the important indicators of compromise.
 
Our talk will cover real-life examples on how to prioritize the activities as well as best practices for TIPs (threat intel platforms), enrichment tools, internal security feeds, and scoring.