Los Angeles/2014 Meetings
---July 2014 tbd
Cashing Out – How Malware is Used to Attack ATMs
Recently a group of 10 criminals were arrested in Mexico for infecting ATMs with malware and, like a scene from a movie, emptying the ATMs of cash. A group of Ukrainian hackers were also arrested in China using another ATM infecting scheme. This talk will discuss recent ATM malware that has been discovered, how it works and how the attackers are leveraging infected ATMs.
Since the proof is in the pudding, Liam will bring a physical, one tonne, ATM for a demonstration of how these threats work in the real world, by dispensing cash via a text message!
Speaker: Liam O'Murchu
Liam manages a team of reverse engineers investigating the latest malicious attacks and analyzing cutting edge malware. He was formerly Manager of Security Response Operations for North America at Symantec, where he had responsibility for ensuring immediate response to computer security incidents of all size involving malicious software.
---May 28, 2014, Symantec Offices, Culver City
Cloud Security Through Threat Modeling
One of the most effective tools developers can implement in their security development lifecycle programs is threat modeling. Robert will discuss how effective threat modeling techniques enable developers to uncover security vulnerabilities before code is even written. Together they will reveal how threat modeling also applies to cloud environments. Whether building a hybrid model, purely commodity cloud, or Virtual Private Cloud (VPC) environment, threat modeling helps identify the attack surface area and likely threat vectors. Finally, they will explain to attendees that threat modeling allows developers and operations personnel to address vulnerabilities as enterprises migrate to the cloud.
Speaker: Robert Zigweid
Robert Zigweid As an IOActive Director of Services, Robert Zigweid is responsible to both perform and ensure quality on engagements, working with clients to discover and solve network and application problems that threaten their business goals and assets. Mr. Zigweid is an accomplished developer and application tester, with advanced skills in the creation and analysis of systems architecture and threat modeling.
In addition to his direct efforts on penetration tests, security reviews, and network and application audits, Mr. Zigweid frequently contributes to the advancement of more stable, secure systems through his research and development. His research‹and the resultant presentations at top industry conferences‹furthers the formal understanding of application and network security for audiences at varying levels of technical fluency.
Mr. Zigweid also helped develop IOActive's secure coding and Software Development Lifecycle training courses, sharing his deep understanding of industry best practices and guidelines to help our clients develop applications capable of resisting both internal and external threats.
---April 23, 2014, Symantec Offices, Culver City
Stop Chasing Vulnerabilities – Getting Started with Continuous Application Security
For too long, application security has been “experts-only” and practiced one-app-at-a-time. But modern software development, both technology and process, is mostly incompatible with this old approach and legacy appsec tools. Software development has been transformed by practices like Continuous Integration and Continuous Integration, and the time has come to bring these efficiencies to security. In this talk, Jeff will show you how you can transition to a “Continuous Application Security” approach that generates assurance automatically across an entire application security portfolio. Jeff will demonstrate how both open-source and commercial tools (including OWASP ZAP, Mozilla’s Minion, Gauntlt, and others) can be integrated to provide a comprehensive real time application security dashboard. With this approach, we can leverage the power of big data analytics to gain unprecedented insight into enterprise application security and finally focus on enterprise application security strategy rather than simply chasing the next XSS.
Speaker: Jeff Williams
Jeff Williams has over 20 years of experience in software development and security. Jeff is a founder and CTO of Contrast Security, offering a revolutionary application security technology that accurately identifies vulnerabilities at portfolio scale without requiring experts. Prior to founding Contrast, Jeff was a founder and CEO at Aspect Security. In addition, Jeff helped found the OWASP Foundation where he served as the Global Chair for 8 years and created many open-source standards, tools, libraries, and guidelines – including the OWASP Top Ten.
---March 26, 2014, Symantec Offices, Culver City
Monitoring and protecting Windows Web Servers with OMENS
OMENS is a utility that monitors and protects Windows web servers from attackers. It is a practical system designed by someone directly responsible for defending high value public facing web servers. In this talk D0n Quix0te will discuss why he took the unique approaches that OMENS uses. He will also demo installing and using this relatively simple but effective piece of free software.
Speaker: D0n Quix0te is the author and creator of OMENS.
D0n Quix0te is the author and creator of OMENS. He has more than 25 years of experience in architecting, installing, maintaining, and defending high value targets. Currently he is an Incident Response Analyst for a Fortune 500 entertainment company. Prior to that he spent more than 20 years architecting and securing systems for NASA and Lockheed.
---February 19, 2014, Symantec Offices, Culver City
Building a shield of security - Vulnerability Management by the numbers and dumb robots
This presentation discusses how builders, breakers and defenders should look at vulnerability management when attempting to keep hackers at bay?? We shall discuss the most common vulnerabilities which are not detected by security tools nor automation but nevertheless are common and can be used to commit real fraud resulting in financial loss. We will look at some real world examples from the trenches, discuss business logic and authorisation testing, how we approach these and why automation does not work to detect such critical issues. We will see that Web Application Firewalls are ineffective against such attacks and why the only practical solution is to apply a layered approach across the SDLC and by focusing on the application as a logical state machine.
Speaker: Rahim Jina - BCC Risk Advisory
Rahim has been an active member of OWASP since 2008 and has contributed to many projects such as the OWASP Security Code Review Guide and is an ex-board member of the Irish Chapter. Previously Rahim was a senior security consultant at a ?big 4? professional services firm and more recently, the head of security for Fonality Inc, a VoIP service provider based in Los Angeles. Rahim is currently a director for BCC Risk Advisory (bccriskadvisory.com), based in Dublin, Ireland. He is also responsible for the security architecture of the edgescan.com vulnerability management solution.
---January 2014, Symantec Offices, Culver City