Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Security B-Sides London 2014

29th April 2014 (that’s a Tuesday)
Kensington and Chelsea Town Hall, Hornton Street, London, W8 7NX
View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Tuesday, April 29
 

9:45am

Introduction to BSides London 2014
Limited Capacity seats available

Paul and Thomas welcome you to the day's event

Speakers
PB

Paul Batson

Director, Security B-Sides London
avatar for Thomas Fischeer

Thomas Fischeer

Global Security Advocate & Principal Threat Researcher, Digital Guardian
With over 25+ years experience, Thomas has a unique view on security in the enterprise with experience in multi domains from policy and risk management,  secure development and incident response and forensics. Thomas has held roles varying from security architect in large fortune 500 company to consultant for both industry vendors and consulting organisations. Thomas currently plays a lead role in advising customers while investigating... Read More →


Tuesday April 29, 2014 9:45am - 10:00am
Great Hall The Town Hall, Hornton Street, London W8 7NX

10:00am

Viruses! Malware! And threats! Oh my!
Limited Capacity seats available

The current proliferation of malware and other threats have created an entire economy for cybercriminals; in today’s world, the reality is that a determined adversary can always get in. This talk will discuss tactics for detection and containment, and includes a threat history review covering the last five decades.

Speakers
avatar for Trey Ford

Trey Ford

Global Security Strategist, Rapid7
Trey Ford is the Global Security Strategist at Rapid7, providing security expertise across the company and community. In this role he educates consumers and businesses about the latest risks and vulnerability research, while also gathering valuable insight from the security community to help shape the direction and vision of Rapid7. | | Prior to this role, Trey was the General Manager of Black Hat, the most technical and relevant global... Read More →


Tuesday April 29, 2014 10:00am - 11:00am
Great Hall The Town Hall, Hornton Street, London W8 7NX

11:00am

How Much Are You Worth
Limited Capacity filling up

A look into how I went from having $440,000 in my bank account to scoping out the cyber underworld into the late hours. I will be answering the question "How much are you worth to a cyber criminal and what do they want from you"

Moderators
avatar for Adrian

Adrian

Event Director, Sense/Net Ltd, Cortex Insight, alien8 Security, Aprire Bicycles

Speakers
KB

Kurtis Brown

Support Manager


Tuesday April 29, 2014 11:00am - 11:15am
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

11:00am

LOL (Layers On Layers) - bypassing endpoint security for fun and profit
Limited Capacity seats available

Over the past many years, there've been a plethora of security solutions available for Windows-based endpoints; many users and
administrators have difficulty in assessing their strengths and weaknesses. Interestingly, many of these solutions are basically
helpless against kernelmode malicious code. Each kernel patch/0day creates a hole for organizations that goes unnoticed by most.

In this talk, we will take the recent public exploit for EPATHOBJ Windows kernel vulnerability and show that with some tweaks, we can use it to bypass application sandboxes, AV, HIPS, rootkit detectors, EMET and SMEP - even if these solutions are stacked one upon other. We simply keep on tweaking the exploit until we bypass _every security software_ that you would expect on a corporate user machine. This highlights the fact that "defense in depth" based on simultaneous deployment of multiple solutions sharing the same weakness is not satisfactory; we postulate the need for defensive methods that are immune to kernelmode exploits, and discuss the possible implementations.

The issue is far from theoretical - the modern malware (e.g. TDL4) is already using this particular EPATHOBJ exploit to gain
privileges. Also, the Windows kernel vulnerabilities are frequent, and this is not going to change anytime soon - we have to live
with them and be able to defend against them.

Speakers
avatar for Rafal Wojtczuk

Rafal Wojtczuk

Principal Security Architect, Bromium, Inc.
Rafal Wojtczuk has over 15 years of experience with computer security. Specializing primarily in kernel and virtualization security, over the years he has disclosed many security vulnerabilities in popular operating system kernels and virtualization software. He is also well known for his articles on advanced exploitation techniques, including novel methods for exploiting buffer overflows in partially randomized address space environments... Read More →


Tuesday April 29, 2014 11:00am - 11:45am
Small Hall The Town Hall, Hornton Street, London W8 7NX

11:00am

Privacy: State of the (performance) Art.
Limited Capacity seats available

Privacy is a basic human right; our democracy has the secret ballot at its very foundation. This critical right is at risk and is being infringed by governments and big business. How can you protect yourself in the electronic and physical world? How practical are the current defences? Can you live a normal life and retain the dignity of being free from surveillance?
(Some of the tools and techniques may also be useful during the singularity/robot uprising but are presented for information only, any use may be subject to local legal restrictions and Stephen, for one, will not be held responsible should you alienate our new computer overlords.)
[Presentation may include bright flashing lights, bad 70's haircuts and the kind of critique of current GCHQ/NSA policy that puts DV clearance at risk.]

Speakers
avatar for Stephen Bonner

Stephen Bonner

Partner, KPMG
Stephen Bonner is a Partner in the Cyber team at KPMG where he leads a team focused on Financial Services. Before KPMG he was Group Head of Information Risk Management at Barclays. He was inducted into the InfoSec “Hall of Fame” in 2010 and was number 1 on the SC/ISC2 ‘Most Influential 2010’ list. He ran the London Marathon in 2011, raising over £15k for Whitehat/Childline. This year, he is training to climb Mount Kilimanjaro in aid of... Read More →


Tuesday April 29, 2014 11:00am - 12:00pm
Great Hall The Town Hall, Hornton Street, London W8 7NX

11:00am

Lightning Talks
Limited Capacity seats available

Tuesday April 29, 2014 11:00am - 1:15pm
Council Chamber The Town Hall, Hornton Street, London W8 7NX

11:00am

Foundational Packetry: Building packets with Scapy
Limited Capacity full

Attendees will learn to build all sorts of packets with the goal being to grab a web page after building a packet from scratch. Basics will be covered with DNS, HTTP and other such shenanigans getting a deeper look.

Speakers
avatar for Matt

Matt

Security Monkey
Dongs


Tuesday April 29, 2014 11:00am - 1:15pm
Committee Room 3 The Town Hall, Hornton Street, London W8 7NX

11:00am

Mobile Application Testing Consideration
Limited Capacity full

A quick dive into the world of mobile application testing, focusing on Android but with consideration for Windows Mobile, BB10 and iOS. It will be based on Portcullis' mobile application testing methodology although it will cover much of the equivalent OWASP methodology of which I am a contributor. It will cover testing from a network perspective as well as how you assess the attack surface an application presents locally.

Speakers
TB

Tim Brown

Portcullis Computer Security Ltd
Tim Brown has been working as an senior information security consultant at Portcullis 10 almost years, having previously worked in financial institutions and telcos. He is a certified CREST Team Leader allowing him to perform all manner of security assessments including policy reviews, infrastructure testing, host hardening, product reviews, source code audits, application assessments and hardware reviews. As Head Of Research at Portcullis is... Read More →


Tuesday April 29, 2014 11:00am - 1:15pm
Committee Room 5 The Town Hall, Hornton Street, London W8 7NX

11:00am

Practical Regular Expressions
Limited Capacity full

Reg Ex for Red and Blue Teamers.

Speakers
CM

Campbell Murray

Technical Director, Encription Limited
Penetration tester and technical director with many years of experience in multiple security fields. A frequent public speaker in information security and mentor.


Tuesday April 29, 2014 11:00am - 1:15pm
Committee Room 4 The Town Hall, Hornton Street, London W8 7NX

11:15am

Run-time tools to aid application security assessments
Limited Capacity full

Sasha Zivojinovic will walk you through common tracing tools and their
use in day-to-day application security assessments. This talk will guide
you through run-time tracing concepts and their practical applications
in real world testing scenarios.


Tuesday April 29, 2014 11:15am - 11:30am
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

11:30am

Copenhagen and Becks for Cybersecurity
Limited Capacity seats available

This talk is to introduce Copenhagen School of Security Research and Ulrich Beck in the light and for the understanding of the contemporary concept of Cybersecurity. It might also consider approaches to research the balance of cyberpower.

Moderators
Speakers
avatar for Kristo Helasvuo

Kristo Helasvuo

Chairman of the Board, Konsulttitoimisto Puhettako Oy
Political Science, Cyber security, Globalisation, Cosmopolitanism, Humanism, Good food and beer. You will find me if you try, dont hesitate to contact.


Tuesday April 29, 2014 11:30am - 11:45am
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

11:45am

A Look at Modern Warfare
Limited Capacity full

A look at the overall costs of modern warfare. Comparing different vectors of cyber warfare to the costs involved with regular warfare. 

Moderators
Speakers
KG

Kaitlyn Garratley

Ethical Hacking and Countermeasurs, Abertay University
heyyaaa :)


Tuesday April 29, 2014 11:45am - 12:00pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

11:45am

CSRFT, A Toolkit for CSRF vulnerabilities
Limited Capacity seats available

Cross Site Request Forgery vulnerabilities are a growing danger and yet there aren't virtually any tools allowing for easy and fast proof of concept prototyping.
Therefore, my talk is dedicated to a tool that I'm currently developing to create a generic platform for CSRF vulnerability works.
The project has been developed with Python, js/NodeJS, and configuration files are in JSON format.
I'll also present a HTTP proxy I developed that you can combine with the toolkit to inject malicious iframe in each page the user is browsing.

Moreover, most of the people think that those vulnerabilities are not relevant if the user is not logged into the vulnerable platform.
However, I'll explain how, with my custom toolkit, you can take advantage of those vulnerabilities even if the user is not (yet) connected to the platform.

During the talk, i'll present the tool, its purpose, give several demos on how to use it and show its real strengths such as performing complex CSRF exploitation techniques using custom scenarios designed for the conference.


###

I already presented some of my work at DeepSec but I didn't present the HTTP proxy I developed and how to combine it with my toolkit.
So it will be quite new.

Speakers
avatar for Paul AMAR

Paul AMAR

Student
I am still a student in computer Science and passionate about Information Security. | My main interest for the moment is about Web vulnerabilities.


Tuesday April 29, 2014 11:45am - 12:30pm
Small Hall The Town Hall, Hornton Street, London W8 7NX

12:00pm

Introducing Opabinia (SSLAuditor4)
Limited Capacity seats available

Checking for SSL issues form part of most infrastructure and web application assessments. However, these checks often aren't detailed enough and can miss important issues. This is often due to a perception of being of less importance than other tests and the need to combine manual checks against multiple tools.

This talk will introduce SSLAuditor4/Opabinia, a tool that I have developed to automate SSL checks, making the task easier for the tester, while improving the accuracy and level of output. Opabina will also perform an in-depth assessment of SSL and RDP services irrespective of the size of scope and can be used by administrators to identify expired and expiring certs on their servers.

Moderators
DS

David Stubley

CEO, 7 Elements

Speakers

Tuesday April 29, 2014 12:00pm - 12:15pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

12:00pm

Insecure out of the box: Leveraging Android manufacturer's mistakes to attack corporate networks
Limited Capacity seats available

We have long known that Android can be affected by malware. Most users are now aware that they need to take care about what they install on their phones. But what about a brand new device that’s fresh out of the box? We will show that for two flagship Android devices, they are not as secure as people might suppose.
Android has been through a security revolution in the last year in response to an avalanche of malware designed to take advantage of its permissive behaviour. We will talk through the latest advances in what is by far the world quickest selling mobile platform. We will then look at how the race for new features and functionality is undermining security in the latest Android devices.
Finally we will look at how attackers can use these weaknesses to go beyond the realm of a person’s personal device and into their employer’s corporate network."

Speakers
RM

Robert Miller

MWR InfoSecurity
Robert has worked for MWR Infosecurity since 2011, with a strong focus on Android device and application security. He co-runs MWR's Android Secure Development training course, and works with major application developers and device manufacturers in producing security critical products and services. | | Robert has presented in both private corporate and public events in everything from teaching members of the public how to stay safe from... Read More →


Tuesday April 29, 2014 12:00pm - 12:45pm
Great Hall The Town Hall, Hornton Street, London W8 7NX

12:15pm

When a noob becomes aware…
Limited Capacity filling up

This talk is about my experiences trying to build/develop a security awareness program and what I have learned doing it thus far.

Moderators
Speakers

Tuesday April 29, 2014 12:15pm - 12:30pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

12:30pm

Using Configuration Management to Pivot and Persist
Limited Capacity filling up

While configuration management tools remove the repetition and pain of updating systems, they also provide a valuable target to hackers. Using configuration management tools, a hacker can guarantee permanent access to a system and expand his control of the network. This talk will cover installing backdoors, adding users and reintroducing vulnerabilities via CFEngine and Puppet.

Moderators
Speakers

Tuesday April 29, 2014 12:30pm - 12:45pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

12:30pm

Honeywords: Detectable Password Theft
Limited Capacity seats available

Password theft is an ever increasing problem. One of the challenges of password theft is detecting it. A possible solution to this problem is the use of “Honeywords”.

Honeywords would act in a similar way to a Honeypot on a network, allowing password thefts to be detected by offering purposely seeded “fake” passwords and watching for their usage in a system.

Should one of these passwords be used, the system can flag this for investigation or possibly some automated action to mitigate immediate risk.

This talk examines the implementation of Honeywords, the effectiveness of it as a solution and how the concept can be extended to prevent password dumps being used across services.

Speakers
avatar for Gavin Holt

Gavin Holt

Student, Abertay University
Long haired Scottish Hacker, Developer and Security Enthusiast on a mission to educate developers about best practice, the importance of not trusting users and of writing awesome, efficient and secure code . | Student at the University of Abertay Dundee and Vice President of the Abertay Ethical Hacking Society. Loves all things Web Apps and Big Data.


Tuesday April 29, 2014 12:30pm - 1:15pm
Small Hall The Town Hall, Hornton Street, London W8 7NX

12:45pm

InfoSec is a Board responsibility
Limited Capacity seats available

InfoSec as a governance issue, not just a function of an IT department.
Focus on selling InfoSec to senior management. Speaking 'board talk' not 'tech talk'.
Dealing with objections; these can be positives, it means your audience paid attention.
Tailoring InfoSec proposals for approval by focusing on measurable benefits, highlighting risk mitigation, cost reduction, compliance with corporate objectives.


Tuesday April 29, 2014 12:45pm - 1:00pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

12:45pm

Poor Man's Static Analysis
Limited Capacity seats available

When you're hunting for bugs, let's face it - grepping for strcpy just doesn't cut it anymore. Instead of waiting for unsafe memory management functions to come back into fashion like moustaches or mustard coloured corduroys, I decided to check in with "the future", and see what it had to offer me.

What I found was a sea of similarly puzzled individuals, bizarre terminology, and a number of code snippets that would only compile on specific, different versions of libraries. So I set about piecing together what I could, and ended up producing a working tool in a fairly short period of time.

This talk shows what can be achieved if you want to build static analysis tools, and you don't want to spend a load of money or upload all your precious code to "the cloud". I will be making sense of the complex terminology surrounding this field, and detailing my struggles and conquests building a fast, flexible, and most importantly usable static analysis tool, all for free.

If you're interested, but you wouldn't know a TranslationUnit from a bar of soap, this is the talk for you!

Speakers
avatar for Jon Butler

Jon Butler

Head of Research, MWR InfoSecurity
| Jon is Head of Research for MWR in the UK. He spends his time breaking and fixing the software and hardware that underpins most of the shiny things we've come to depend on, like browsers, payment terminals and smart phones. In a past life, he was a keen binary reverse engineer, but lately has come to enjoy having access to the source code.


Tuesday April 29, 2014 12:45pm - 1:15pm
Great Hall The Town Hall, Hornton Street, London W8 7NX

1:00pm

Crawling Metadata with Recon-ng
Limited Capacity seats available

This talk will discuss my plugin for Recon-ng, metadamn.py, that
aims to use Bing's API to scrape target sites for documents and
download and extract metadata from them. Along the way I will

discuss what metadata is, some of the difficulties I experienced,
and my future plans for the project.

Moderators
Speakers
avatar for Grant Willcox

Grant Willcox

Graduate
Graduate of Northumbria University interested in developing new programs with Python, conducting and blogging about exploit development. I also tend to also tweet quite a bit about news and other stuff that matters to me. Interested in learning web security, windows internals, and reverse engineering.


Tuesday April 29, 2014 1:00pm - 1:15pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

2:00pm

Game-Based CTFs - Engaging University Students in InfoSec
Limited Capacity seats available

Current Computer Science and Engineering courses do not develop or introduce Information Security as a career field, if at all. In addition, the focus is on 'getting root', with no emphasis on what comes after.

This talk details development efforts by a team of students at the University of Bristol to create novel Game-based Capture the Flag Competitions. The aim of these competitions is to introduce students to practical Information Security in addition to providing visible feedback following successful post-exploitation.

This talk will feature white water kayaking, pictures of students looking at computers seriously, and of course; USB controlled missile launchers.

Moderators
Speakers
avatar for Joseph Greenwood

Joseph Greenwood

Sponsored Undergraduate, Royal Navy


Tuesday April 29, 2014 2:00pm - 2:15pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

2:00pm

Women in Security Panel
Limited Capacity seats available

The Lightning Track will be hosting a Panel with our community sponsor «Women in Security». The Panel will be held around 14:00 and will focus on the experience of mentoring and being a mentee helping promote and attract Women into the Information Security domain.

Raj Patel, UK Operations Security Manager, SocGen
Ioana Tugui, Security Consultant at BAE Systems Applied Intelligence

Berta Papp will be moderating the panel, on behalf of the WiS
The panel discussion will focus on Individual approaches to professional development for (not just) Women in IT Security 

Moderators
avatar for Women In Security

Women In Security

Community, Women In Security

Speakers
RP

Raj Patel

UK Operations Security Manager, Societe Generale


Tuesday April 29, 2014 2:00pm - 2:30pm
Council Chamber The Town Hall, Hornton Street, London W8 7NX

2:00pm

Easy Way to Bypass Anti-Virus Systems
Limited Capacity seats available

Malicious software is all around us. It permeates the Internet by riding on data transmissions. Once you communicate, you risk getting in touch with malware (another name for malicious software). This is why every single one of us, be it individual, company or organisation, runs anti-virus software. The idea is to have specialised software detect malware, so all the bad things are kept out of your network and away from your end-points. So much for the theory. In practice any self- respecting attacker can evade anti-virus filters by a variety of means, depending on their skills and resources. Security researchers know about this fact. Stuxnet and Flame were a proof for sceptics (and a failure of the whole anti-virus industry). How can this be?


All IT security professionals know that antivirus systems can be avoided. However, a few of them knows that it is very easy to do. (If it is easy to do, it's impact is huge!) In this presentation I will, on the spot, fully bypass several antivirus systems using basic techniques! I will bypass: signatures detection, emulation/virtualization, sandboxing, firewalls. How much time (development) is needed for it, for this result? Not more than 15 hours without a cent of investment! If I could do this, anyone can do this... so I think we have to focus to this problem.


Using these easy technique I can create a 'dropper' what can deliver any kind of Metasploit (or anything else) shellcode and bypass several well-know antivirust in real-life and full bypass the VirusTotal.com detection where a detection rate in 0.

In my presentation I use 6 virtual machines and 9 real-time demos. Resulting the audience always have a big fun and surprise when they see the most well-know systems to fall - and the challanges what the AVs cannot solved are ridiculously simple and old. So the IT professionals think too much about the systems which they rely on and which cost so much.

Speakers
AM

Attila Marosi

Attila Marosi has always been working in information security field since he started working. As a lieutenant of active duty he worked for years on special information security tasks occuring within the SSNS. Newly he was transferred to the just established GovCERT-Hungary, wich is an additional national level in the internationally known system of CERT offices. He has several international certificates such as CEH, ECSA, OSCP, OSCE. During his... Read More →


Tuesday April 29, 2014 2:00pm - 2:45pm
Great Hall The Town Hall, Hornton Street, London W8 7NX

2:00pm

Continuous Security Testing in a Devops World
Limited Capacity seats available


Devops and Continuous Integration practices present unique challenges to security teams, such as when to perform a penetration test when new code is deployed to production hundreds of times per day? In order to match the speed of development, security teams need to rethink their approach to testing.

This talk will present the BDD-Security framework which is designed to solve some of these challenges by providing security teams and developers with the tools to:
a) Specify the security requirements in a human readable form
b) Make those same requirements executable tests that can be run against a target application
c) Record and test business logic vulnerabilities
c) Integrate these tests into continuous integration and continuous deployment environments so that security testing can be performed continuously and on-demand.

The BDD-Security framework is not a web scanner. It is a testing framework built on JBehave, Selenium and OWASP ZAP that translates the world of security requirements into something that developers understand: executable tests, written in English.

The talk will include a live demonstration of configuring and running the BDD-Security framework to test a web application and will also show how to integrate it with the Jenkins CI server so that security tests are run after every new code commit.

Speakers
avatar for Stephen de Vries

Stephen de Vries

Founder, CEO, Continuum Security SL
Stephen is the founder of Continuum Security and focussed on building AppSec tools to support security in the SDLC, including the IriusRisk threat modeling tool and BDD-Security open source security testing framework. | | His background is in software development and security testing of web and mobile applications. He has worked at Corsaire, KPMG and on the ISS/IBM X-Force team and contributed to the OWASP Java project, ASVS and the testing... Read More →


Tuesday April 29, 2014 2:00pm - 3:00pm
Small Hall The Town Hall, Hornton Street, London W8 7NX

2:00pm

Death by Slide Deck
Limited Capacity full

This short workshop looks at how bad presentations make for bad talks. Its a shame, as most people who give talks spend little time thinking about the visual effects of terrible slide decks and how they can detract from the message they're trying to deliver. Over the years i have seen countless crap slide decks, and a handful of amazing ones. This workshop will aim to help you give a good talk that isn't death by powerpoint!

Speakers
avatar for Alba 13

Alba 13

Community, Alba 13 Research Labs


Tuesday April 29, 2014 2:00pm - 3:00pm
Committee Room 4 The Town Hall, Hornton Street, London W8 7NX

2:00pm

Exploit Dev 101
Limited Capacity full

This will quickly go through finding exploits using fuzzing and debuggers. We'll play with crash dumps and reverse engineer a simple network protocol. To make things interesting, we'll build a custom shellcode, exploit an exotic class of vulnerabilities and bypass common protection mechanism. Hopefully we'll also have fun.
The takeaway from this workshop is to get you interested in more advanced exploitation processes. Participants will be expected to have the following skills: Medium level x86 assembly knowledge
Basic Python Scripting
Basic understanding of C programming concepts
Familiar with Olly/Immunity

Speakers
LI

Liviu Itoafa

Security Engineer, Encription
Penetration Tester with a passion for security and technical issues. Areas of interest relate to ethical hacking, investigating security incidents and researching software vulnerabilities. I became a coding enthusiast a long time ago when I found out you can do game cheats by patching binaries. Since then, I enjoy programming stuff for fun, fuzzing applications and reverse engineering.


Tuesday April 29, 2014 2:00pm - 4:00pm
Committee Room 5 The Town Hall, Hornton Street, London W8 7NX

2:00pm

Nice, Nice, Baby - Moving on from Vanilla Testing
Limited Capacity full

Aimed at novice to intermediate testers, this workshop aims to provide the attendee with the ability to move on from basic exploitation techniques.

The workshop will take the format of a presentation, coupled with a hands on section, allowing the attendees to attempt to utilise the techniques explained.

"Bug hunting" will also be covered, with an explanation of how this can help hone skills in a "real life" environment, while potentially gaining income. - Mixture of presentation / hands on workshop
- Attendees must have a laptop with JAVA installed
- 1 day full license of Burp Provided courtesty of Portswigger

Speakers
avatar for John Carroll

John Carroll

Ninja Derp, The Gentleman Hackers Club
0
MW

Mike Woodhead

Professional Unprofessional, CQrity LTD


Tuesday April 29, 2014 2:00pm - 4:00pm
Committee Room 3 The Town Hall, Hornton Street, London W8 7NX

2:15pm

Probe to Pwn
Limited Capacity full

The aim of the talk will be to cover mobile and wireless attack
methods from target identification to device compromise and everything
in between. The end goal is to make the audience aware of the various
attacks possible and the mitigation methods that can be put in place.

Topics to be covered:
- Mobile device traffic sniffing
- Rogue Access Point attacks
- State surveillance
- Corporate Network Pivoting

Moderators
DS

Dominic Spill

Dominic Spill has been building packet sniffers and researching wireless security since 2007. He has been a security researcher and the lead developer for Ubertooth for the past two years while also working on Daisho, FCC.io and USBProxy.

Speakers
avatar for Cam Buchanan

Cam Buchanan

Principal Consultant, BAE Systems Applied Intelligence
I'm a ex-RAF penetration tester with a passion for breaking organisations. I love broad-brush exercises covering multiple exercises and getting knee-deep in stuff. | | I also write and have a book coming out soon on setting up Assault Courses for Penetration Testers.


Tuesday April 29, 2014 2:15pm - 2:30pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

2:30pm

Why information security should be important to all of us
Limited Capacity seats available

The talk will be a brief over view of how information security as an impact on all of our lives. From the stay at home mum, who does all her shopping on line, to the business person who runs an e-tailer.

The talk will try to show how information security should be an important part of all of our lives. Our passwords, our identity, a companies repetition are all require good information security management, on an individual level. .


Tuesday April 29, 2014 2:30pm - 2:45pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

2:30pm

Lightning Talks
Limited Capacity seats available

Tuesday April 29, 2014 2:30pm - 6:00pm
Council Chamber The Town Hall, Hornton Street, London W8 7NX

2:45pm

Zero-Day Surprises via your Supply Chain!!!
Limited Capacity filling up

My talk is about third party threats such as suppliers, contractors, temporary workers e.t.c, exploiting vulnerabilities within a company's supply chain and the approach that can be taken in implementing a Supplier management programme to better manage third party relationships and mitigate third party security risks.

Moderators
AK

Alan King

Security Concepts
Married with Children!!

Speakers

Tuesday April 29, 2014 2:45pm - 3:00pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

2:45pm

A Day In The Life (Of A Security Researcher)
Limited Capacity seats available

Ever wonder how to find vulnerabilities? In 2013, I averaged 4-6 CVE assignments each month and in this presentation I will go over general tips and tricks I have found most effective at locating unknown vulnerabilities. Vulnerabilities explored will include web vulnerabilities (XS*, command-injection, SQLi, etc) and C/C++ application vulnerabilities (memory corruption, logic errors, etc). To demonstrate the effectiveness of these techniques, I will provide examples vulnerabilities along with the path which led me to finding them without the use of commercial analysis tools. I will also discuss some of my experiences working with vendors and developers to harden their products.

Speakers
avatar for Craig Young

Craig Young

Security Researcher, Tripwire
Craig Young is a computer security researcher with Tripwire's Vulnerability and Exposures Research Team (VERT). He identified and responsibly disclosed hundreds of vulnerabilities in products from Google, IBM, NETGEAR, Adobe, HP, Apple, and others. His research resulted in numerous CVE assignments and repeated recognition in the Google Application Security Hall of Fame. Craig won in track 0 and track 1 of the SOHOpelessly Broken contest at DEF... Read More →


Tuesday April 29, 2014 2:45pm - 3:45pm
Great Hall The Town Hall, Hornton Street, London W8 7NX

3:00pm

SIEM - Making the White Elephant Dance
Limited Capacity filling up

A lot of organizations have invested significant amounts of money in procuring a SIEM solution. While the initial trigger of meeting the compliance check box has been met, most organizations typically use less than 15-20% of the functionality provided by a SIEM tool.

I intend to demonstrate some examples on how small changes can result in a singing/dancing SIEM solution covering a large number of use cases.

Moderators
avatar for Ollie Whitehouse

Ollie Whitehouse

Associate Director
Ollie is a middle manager, did some stuff he thought was cool back in the day and generally maintains an unhealthy compulsion for what is now known as cyber security. Having worked for consultancies, a security product firm and a major mobile device OEM he has stories to tell for any occasion (where any is security related).

Speakers

Tuesday April 29, 2014 3:00pm - 3:15pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

3:00pm

Tor: Attacks and Countermeasures
Limited Capacity seats available

Tor is an anonymisation network which allows users to browse the internet without their true IP
address being identified. Tor also allows those in countries who censor the internet to bypass that
censorship both by allowing users to access censored sites and to host websites which would
otherwise land them in jail if it were possible to trace them.

Initially, I will talk about how Tor works explaining the infrastructure and high-level protocol. I will
also introduce Tor Hidden Services, untraceable websites, and how this service is provided within
the network. Briefly, I then touch on the Silk Road and Freedom hosting hidden sites.

Secondly, I will talk about I will explain how countries such as China and Iran have attempted to
block Tor and what steps have been taken to minimise this. I will also explain attacks against the Tor
users and network infrastructure that have been developed in academia (and the community) along
with defences that can be deployed to minimise the risks.

Finally, I will cover how the FBI took down Silk Road and delivered an exploit that was able to
deanonymise visitors to Tor hidden services – covering the Firefox exploit and shellcode.





Speakers
avatar for Dr Gareth Owen

Dr Gareth Owen

Senior Lecturer, University of Portsmouth
I'm the course leader for the Forensic Computing degrees and a cyber security researcher with specific interests in reverse engineering and memory forensics.


Tuesday April 29, 2014 3:00pm - 3:45pm
Small Hall The Town Hall, Hornton Street, London W8 7NX

3:00pm

Extracting Configs From Common Remote Access Trojans
Limited Capacity full

Following on from the technical talk - See the matching CfP

This Workshop will take you through the steps required to extract and decode the Configuration settings from common Remote Access Trojans and create share able IOC's

Staring with a Group effort the Instructor will lead you through all the steps required using a simple Publicly available RAT. You will be shown how to use simple debugging techniques and a few lines of python to get the information you require. Finally showing you methods that will achieve identical results without looking at a single line of assembly.

Once the group has created a working decoder each participant will be given their own random sample of a RAT to figure out and decode.

The final wrap up will deal with Creating IOC's on the artifacts you find.

Speakers
avatar for Kevin Breen

Kevin Breen

MalwareAnalyst, Independant researcher
Kevin is a Malware and Forensic Analyst working for a large UK CERT. He is interested in all things cyber security and occasionally blogs about such things. | Outside of work he is a geek and is keen to contribute to the open source community where he is able. He is also very lucky he has a wife that lets him run his lab at home. | Read https://techanarchy.net, tweet @kevthehermit and fork https://github.com/kevthehermit


Tuesday April 29, 2014 3:00pm - 4:00pm
Committee Room 4 The Town Hall, Hornton Street, London W8 7NX

3:15pm

Is privacy still a thing?
Limited Capacity filling up

It seems that security agencies around the world want to spy on you anywhere you go. Not just them, private marketing companies are also doing it and who does it better is a good question. This talk will cover the methods of tracking you on the internet. You will also learn about some popular countermeasures that you can employ to stay off the radar.

Moderators
JC

Jonathan Care

Security Wrangler

Speakers

Tuesday April 29, 2014 3:15pm - 3:30pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

3:30pm

A Multidisciplinary Perspective on Cybersecurity
Limited Capacity filling up

Is there an explanation as to why Internet users open unsolicited emails and fall victim to phishing campaigns? This presentation aims to introduce studies done by human geographers, psychologists and behavioural economists, and how we can improve the cyberspace from a multidisciplinary approach.

Moderators
avatar for Thomas Fischeer

Thomas Fischeer

Global Security Advocate & Principal Threat Researcher, Digital Guardian
With over 25+ years experience, Thomas has a unique view on security in the enterprise with experience in multi domains from policy and risk management,  secure development and incident response and forensics. Thomas has held roles varying from security architect in large fortune 500 company to consultant for both industry vendors and consulting organisations. Thomas currently plays a lead role in advising customers while investigating... Read More →

Speakers
avatar for Emil Tan

Emil Tan

Student, Royal Holloway, University of London


Tuesday April 29, 2014 3:30pm - 3:45pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

4:00pm

The Joy of Passwords (with Sign Language)
Limited Capacity seats available

About the use of password, its weakness and how to improve on.

Moderators
TL

Thom Langford

Director, Sapient

Speakers
avatar for Joseph Gwynne-Jones

Joseph Gwynne-Jones

Student, Leeds Metropolitan University


Tuesday April 29, 2014 4:00pm - 4:15pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

4:00pm

Exploit Development - Abusing the Stack
Limited Capacity full

A step by step workstop showing the process of finding vulnerabilities within binary applications.

From Fuzzing to creating a Remote Code Execution exploits we will be emersing ourselves within the world of the computer memory to craft custom exploit code using a variety of different payloads.

Tuesday April 29, 2014 4:00pm - 5:00pm
Committee Room 3 The Town Hall, Hornton Street, London W8 7NX

4:00pm

Metasploit: You can look like Hugh Jackman too!
Limited Capacity full

You know about computers and stuff. You replaced some characters from your password so it reads 'Sw0rdf1sh' now. You know there are hundreds of tools out there, but you only have one lifetime to explore them all…

This is where the Metasploit Framework comes in. One framework to rule them all...

During this practical workshop session you will learn about the various stages of a pentest, and how the various puzzle pieces fit together. By using a centralised tool like the Metasploit Framework we can concentrate on results rather than effort. By the end of this workshop, you will have an understanding of the Metasploit Framework, how it can aid you in increasing your overall security and last but not least; You will be more bitter, but much wiser!

Speakers
PW

Patryck Winkelmolen

Consultant, Snow B.V.
Patryck Winkelmolen is most famous for winning the 2013 Eurotrash Security Podcast contest, which in turn allowed him to visit BSidesLondon2013. Despite all the fame, success and groupies that came with winning the prize he remained quite humble and down to earth.. | | Patryck spends most of his days in Amsterdam. By day, he works as a consultant for the largest ISP The Netherlands can offer. He loves huge companies, because those are the... Read More →


Tuesday April 29, 2014 4:00pm - 5:00pm
Committee Room 4 The Town Hall, Hornton Street, London W8 7NX

4:00pm

Advanced Password Cracking
Limited Capacity full

This workshop is aimed at Penetration testers/security enthusiasts who would like to learn more about Hashcat suite.
It will cover the following tools from Hashcat Suite:
• hashcat
• hashcat-utils
• oclHashcat *
• maskprocessor
• statsprocessor
It will be suitable for an audience of 8 – 10 people and will last (1 or 2) hours.
The workshop will start with a brief review of the whole toolset of Hashcat Suite, the hardware requirements and Hashcat capabilities. We will then go over the tools and apply techniques against hash lists that were collected from various online sources (pastebin, forums etc). In brief, people attending the workshop will then be able to gather wordlists , learn to identify patterns , generate rulesets and fully utilise all the tools that hashcat family suite provides. The attendees will then have the opportunity to try those tools. The tools will be available to download or from USB sticks that will be supplied on that day.

Speakers
YC

Yiannis Chrysanthou

Pentester, KPMG LLP


Tuesday April 29, 2014 4:00pm - 5:30pm
Committee Room 5 The Town Hall, Hornton Street, London W8 7NX

4:15pm

RFID Hacking - An Introduction
Limited Capacity full

Always wanted to play around with RFID as it is everywhere these days? Here are a few tips to help you get started.

Moderators
avatar for Chris John Riley

Chris John Riley

Evil Thinker, Evil inc.
I'm just this guys, you know! | | @ChrisJohnRiley

Speakers

Tuesday April 29, 2014 4:15pm - 4:30pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

4:15pm

Breaking Binary Protocols and Bad Crypto
Limited Capacity seats available

This talk is a running account of a few weeks spent attacking and reverse-engineering a widely deployed network device. I went from having little knowledge of the system, to producing some powerful and interesting exploits. The focus of this talk is more towards how the issues were found, rather than the issues themselves. To that end, a generic set of hints and tips will be proposed for analysing and attacking binary protocols, including a method for classifying and identifying unknown cryptography used on data.

Currently the issues that will be presented in this talk are being worked on with the vendor. It is hoped that by the time that BSidesLondon takes place we will be in a position to openly talk about specifics of the issues in question and the fixes that have been implemented. If this is not the case then the talk will not disclose the specific product or vendor, but instead cover the techniques and interesting finds in a manner that is in line with our co-ordinated disclosure programme.

Speakers
avatar for Graham Sutherland

Graham Sutherland

Penetration Tester, Portcullis Computer Security
Graham Sutherland is a penetration tester working for Portcullis Computer Security in London. Before making the career move to security, he spent several years paying his dues as a developer. He is primarily self-taught and spent the best part of a decade doing independent security research, primarily focusing on Windows applications, embedded systems, binary network protocols, and cryptography.


Tuesday April 29, 2014 4:15pm - 5:00pm
Great Hall The Town Hall, Hornton Street, London W8 7NX

4:15pm

Top 10 Epic Fails in Identity
Limited Capacity seats available

How we do Identity (and authentication) is well screwed-up, with the big names in the industry just as culpable as the smaller ones.

Paul will detail the top 10 “Epic Fails” that our industry has implemented, is implementing and plans to implement; together with real life examples of why all of these are a **really bad idea**.

He will also look at what you could be doing differently today, and also look at what we should be doing tomorrow to fix the problems.

Paul will draw on the original work of the Jericho Forum Commandments (2004), the Identity commandments (2009) as well as the Cloud Security Alliance “Guidance” v3.0 Domain 12 for which he was the editor.

Speakers
avatar for Paul Simmonds

Paul Simmonds

CEO, Global Identity Foundation
Paul is the CEO of the Global Identity Foundation, as well as a consulting CISO. He co-founded the Jericho Forum and was previously the Global CISO for both AstraZeneca and ICI. | He’s been awarded both “Chief Security Officer of the Year” and "Best Security Implementation" at the SC Magazine Awards and is twice listed as one of Network World’s “most powerful people in networking”. | Paul sits on the global... Read More →


Tuesday April 29, 2014 4:15pm - 5:00pm
Small Hall The Town Hall, Hornton Street, London W8 7NX

4:30pm

Privacy Through Choice: Something for the Masses
Limited Capacity seats available

An independent, community-driven and open source project that aims to allow users to make informed choices when it comes to the privacy and security of their online data.

Moderators
Speakers
avatar for Fraser Scott

Fraser Scott

Senior Systems Engineer, Burberry
Sysadmin that codes. Background in a variety of industries, I work mostly with open source tech. Strong interests in infosec, especially Opsec.


Tuesday April 29, 2014 4:30pm - 4:45pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

4:45pm

CSP Analysis - Attacking XSS Mitigation
Limited Capacity seats available

This talk will give a short introduction into the "Content Security Policy" HTTP header. We will take a look at the known attack types and find out if implementing it is really worth the hassle.

Moderators
Speakers
avatar for Frederic Mohr

Frederic Mohr

Information Security Officer, CHIP Digital GmbH


Tuesday April 29, 2014 4:45pm - 5:00pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

5:00pm

The Secret Life of iOS Apps
Limited Capacity filling up

In the past, a number of popular iOS apps have come under scrutiny for leaking various items of private data through network connections.  This presentation briefly outlines what and how this happens, the potential risks involved and why this matters.  A small selection of popular and well known iOS apps underwent network traffic monitoring and the latter part of this presentation outlines the results and their implications.

Moderators
avatar for Steve Lord

Steve Lord

Co-Founder, 44CON

Speakers
MB

Malcolm Buchanan

Penetration Tester, BT


Tuesday April 29, 2014 5:00pm - 5:15pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

5:00pm

Defensive Security Research is Sexy Too (& Real Sign of Skill)
Limited Capacity seats available

This brief (30 to 45 minutes) presentation will discuss why security research shouldn't always be about the root. Firstly we'll look at the some of the goals of applied defensive research and basically why it is so damn interesting. We'll show how it applies from the lowest level OS internals through to the highest level hipster paradise. The presentation will then at look at some previous problems and the types of research that had to occur in order to come up with applied solution. Finally Ollie will zoom through some problems that there exist either only partial solutions for, deserve more focus or current solutions are sub par to get your creative juices flowing..

Speakers
avatar for Ollie Whitehouse

Ollie Whitehouse

Associate Director
Ollie is a middle manager, did some stuff he thought was cool back in the day and generally maintains an unhealthy compulsion for what is now known as cyber security. Having worked for consultancies, a security product firm and a major mobile device OEM he has stories to tell for any occasion (where any is security related).


Tuesday April 29, 2014 5:00pm - 5:45pm
Small Hall The Town Hall, Hornton Street, London W8 7NX

5:00pm

Finux's Historical Tour of IDS Evasion, Insertions, and Other Oddities
Limited Capacity seats available

Roll up, Roll up, my Lords, Ladies and Gentleman, come see the bizarre and wondrous marvels that the Cirque de Vendeurs Sécurité has to offer. Tales of miracle machines that can see into the future and tell their masters of all the dangers they face. Devices so wise that they can see the very threats of tyrants and evil doers before they've even been thought of. Contraptions that possess a mystical sixth sense that can see every footstep and action a would be assailant takes before any deadly blow is delivered. These miracle machines that give defenders a suit of armour that mean the wearer needs no warrior skills in defending their castles. Come see for yourself, and purchase one of the miracle wondrous machines!

Although the above sounds ludicrous and out of place, it isn't that far fetched from a lot of the literature produced by Network Intrusion Prevention/Detection System vendors. This talk looks at the very long and fruitful history the world of network detection systems has to offer (you'll be surprised they're nearly 4 decades old). With a overview of just some of the failings these systems have had over the years, and how these failures shaped their development. At places this talk will be cynical and it won't win any friends from vendors, but attendees will be given enough background information to understand why detection systems like IDS/IPS can work, but why they're set to fail all at the same time.

Poor testing and the general acceptance by nearly everyone within the security industry that these systems can't deliver is only the beginning of their history of fail. I intend to discuss why certain evasion techniques worked, and why they will continue to work until we understand the inherent problems. Consider this talk a historical journey with one eye fixed on the future.

Speakers
avatar for Alba 13

Alba 13

Community, Alba 13 Research Labs


Tuesday April 29, 2014 5:00pm - 6:00pm
Great Hall The Town Hall, Hornton Street, London W8 7NX

5:00pm

Connect Dradis to everything: API, universal file upload and Excel (!)
Limited Capacity full

The next version of Dradis will ship with an API to allow you to push data in from external sources. Learn about it and how to start using it (Metasploit integration? Sure! Push using `curl` from Bash or inside your python script? Why not!).

If HTTP APIs are not your thing, we'll also be introducing a new universal file upload so you can output your results into a file and feed them to Dradis directly. Learn about this new feature, the file format and how to make your tools and scripts compatible with very little effort.

Finally, you'll also learn how to get your results into Excel. Don't roll your eyes just yet. I know, nobody likes Excel... well except *the Business* (and maybe *the Client*), meaning there is a good chance you'll be asked to provide your findings in Excel format sooner or later. Learn how to do this in the most effortless and painless way, so you can get on with your hacking efforts.

Dradis is an open-source framework to enable you to work efficiently by gathering information from different tools and presenting it in a variety of formats. We currently support Burp Scanner, Nessus, NeXpose, Nikto, Nmap, OpenVAS, OSVDB, Qualys, Retina, SureCheck, VulnDB HQ, w3af, wXf and Zed Attack Proxy but with what you'll learn in this workshop you'll be able to connect Dradis to any other tool and present the information in any way you need.

Dradis is written in Rails so this is a great chance to learn a bit about Rails and how Rails apps work under the covers.

Speakers
avatar for Daniel Martin

Daniel Martin

Founder, Security Roots Ltd.
Daniel has been in the industry for the last twelve years. He created and open-sourced Dradis in 2007 and has been working on it every day since. | | His focus used to be application security, these days he's busy taking care of Security Roots operations. Daniel is passionate about open source and the Ruby programming language. He has presented at DC4420 and DEFCON and has been a webapp security trainer at BlackHat.


Tuesday April 29, 2014 5:00pm - 6:00pm
Committee Room 4 The Town Hall, Hornton Street, London W8 7NX

5:00pm

Getting at serial consoles in embedded devices
Limited Capacity full

A talk on embedded devices and their use of serial consoles lasting for perhaps 20 minutes, some demonstration of finding consoles in a few different bits of kit, vsat modems, routers, media players etc. Opportunities for interested folks to have a go at doing this themselves and getting to grips with what hardware they will need to start picking away at hardware to find the consoles and get root.

Speakers
PM

Paul Marsh

SecQuest InfoSec
Paul works as a pentester of things for SecQuest infosec. In a previous life, he spent a great number of years in the IBM EMEA x-force hacking team, breaking more things. His interests include satellite hacking, hardware breaking, CNC machine building, POTS and VoIP telephony and of course infosec. He wont hear a bad word said about the iSeries / AS400 either! Paul has presented at a few European security conferences and to closed groups on a... Read More →


Tuesday April 29, 2014 5:00pm - 6:00pm
Committee Room 3 The Town Hall, Hornton Street, London W8 7NX

5:15pm

Social Engineering | Phishing Stories
Limited Capacity full

The talk will be about phishing, touching on the basics and types of attacks. It will mainly include some of the phishing stories from jobs that I've done and the effectiveness of phishing being used on larger social engineering engagements.

Moderators
Speakers

Tuesday April 29, 2014 5:15pm - 5:30pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX

5:30pm

Teaching Kids Programming and Cyber Security
Limited Capacity full

The UK is currently experiencing a shortage of skilled cyber security professionals and plans are afoot to teach children cyber security from a much younger age. ECPC (Early Computer Programming Club) has been doing this for the past 6 months in primary schools across South Yorkshire. The aim is to help and develop schools and the students to deliver and teach programming from a young age with resources such as Scratch (MIT), Espresso coding and Code.org. Our talk will be based on the efforts we have taken into schools carrying out talks and after-school clubs to teach programming and additionally incorporate cyber security into their learning. The aim is to ensure cyber security is an area of the UK IT industry that is equipped long term for future generations and the country as a whole for long-term enonomic growth.

Moderators
Speakers
avatar for Dalian Terry

Dalian Terry

Student, Sheffield Hallam University
Student at Sheffield Hallam University as well as ongoing into a role at Sec-1 Ltd, UK as a penetration tester.


Tuesday April 29, 2014 5:30pm - 5:45pm
Committee Room 2 The Town Hall, Hornton Street, London W8 7NX