Security BSides is Coming Memphis

Wednesday, August 22, 2012

Security BSides

Bbb285308604bc5fbb9b43590d0501f6

Register for Security BSides Memphis today!

Invite your friends by posting this on Twitter: "#BSidesMemphis  Saturday, September 15, 2012"

Where: Southwest Tennessee Community College - 5983 Macon Cove, Memphis, TN 38134

Cost: Free (as always!)

We are looking for presenters: Please visit BSidesMemphis CFP for more information.

We love sponsors: We are looking for sponsors to make this event possible. Please contact us for sponsorship! Click here for the Sponsorship Kit

We are looking for volunteers: Email bsidesmemphis AT gmail.com

About the Event:

Each BSides is a community-driven framework for building events for and by information security community members.

The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration.

It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. You don’t want to miss it!

Talks

Speaker: Amol Sarwate

Title: SCADA Security: Why is it so hard?

Abstract: This talk will present technical security challenges faced by organizations that have SCADA, critical infrastructure or control systems installations. It will provide examples of attacks and examples of security controls for the same. The talk will introduce an open-source tool to help identify and inventory SCADA systems.

The presentation will begin by introducing SCADA systems under the hood including RTU, IED, PLC, FEP, PCS, DCS, HMI, sensors, data historians and other SCADA components. The presenter will categories these components into distinct groups based on the functionality that each component provides.

The presenter will review the security implications on each of these groups and identify where most of the threats lie. The presentation will take a packet level dive into SCADA protocols like MODBUS and DNP3 and study their security implications. The presentation will give example of attacks that can be carried out against each group and component. The presenter will release an updated version of an open-source tool to identify and inventory SCADA systems using the protocols discussed in this presentation.

The presenter will then focus on real world examples of successful and not-so-successful implementations of security controls with SCADA systems. This will include examples of what some large organizations have done, and a discussion about why SCADA security cannot be deciphered just by tools or technical solution.

The presentation will conclude with guidance on how control system owners can start implementing additional measures to get to an acceptable security.Attendees who are in charge of control system infrastructure will get insight on what worked and what did not for other organizations.

Engineers who are in-charge of security for control systems will get a better technical insight of SCADA protocols and components and can use the open source tool that is introduced. Attendees who are new to control systems will get an excellent overview of security complexities of control systems.

 

Speaker: Spencer McIntyre

Title: How I Learned To Stop Worrying and Love the Smart Meter

Abstract: The "Power Grid" is a growing topic in the security industry and Advanced Metering Infrastructure (AMI) is a topic that hasn't been discussed to its full potential. This presentation will discuss the types of vulnerabilities that have been found in Smart Meters, and give examples from real world assessments we’ve conducted.

Different methods of accessing the meter will be presented such as over the optical interface and the Zigbee wireless radio. In addition, we will discuss a testing methodology we’ve developed which covers Smart Meter testing.

 

Speaker: Prutha Parikh

Title: Attacking Apache Reverse Proxy

Abstract: This talk will discuss the Apache Reverse Proxy vulnerability (CVE-2011-4317) that I discovered while developing vulnerability signatures for Apache. Depending on the reverse proxy configuration, the vulnerability allows access to internal systems from the Internet.

The presentation will start with discussion on reverse proxies and look at some older reverse proxy vulnerabilities and patches. It will go into the thought process behind bypassing the latest patch to discover a new vulnerability to remotely gain access to the internal network. It will also describe the tools, techniques and ideas that went behind discovering the new variant of the vulnerability and constructing a proof of concept to exploit the issue.

Along with exploring the root cause of the issue, it also talks about the issue from an attacker’s perspective and finally recommends protection mechanisms against the attack. The talk will also give the audience a peek into the process of vulnerability signature creation and discovering new vulnerabilities.

 

Speaker: James Kegel

Title: The Myth of WiFi Security

Abstract: This talk will aim to inform the user about the risks associated with the convenience of operating a wireless network in the 802.11 spectrum. The presentation will briefly cover the different types of attacks, the different types of WiFi encryption schemes, and the associated attack vectors currently being used in the wild to exploit them. The presenter will cover the different tools needed to perform the attacks manually, and give a brief explanation of the commands associated and about what is going on in the background to accomplish the goal of the attack, with examples of how this would take place in a real world scenario.

The presenter will brief the audience of what would motivate a potential attacker, and offer them a chance to get inside of the head of a wireless hacker, whether they be whitehat or blackhat. At the conclusion of the presentation the presenter will give a checklist to determine how safe your wireless network is, and a few criteria to decide if one would actually need a wireless network for their network deployment, as well as a few simple steps to take in securing your network.

Some of the topics, terms and tools discussed will be: WEP, WPA, Tkip, PSK, Cisco Leap, Rainbow Tables/Time Memory Tradeoff, Brute Force, Arp Replay, Arp Poisoning/Man in the Middle, Rogue Access Points, Packet sniffing with TCPDump and Wireshark, Automated attacks with WiFite, Manual attacks with Aircrack-ng suite, Network Disruption with MDK3, Network Mapping with Nmap. A few prerequisites would be a basic familiarity with the command line, and a basic understanding of 802.11 Wireless technology.

 

Speaker: Matt Presson

Title: Building a Database Security Program

Abstract: In today's world of Information Security, we implement technical controls almost everywhere. As such, you would probably be hard pressed to find an up-to-date InfoSec department that didn't manage firewalls, IDS/IPS systems, Web Application Firewalls, HIDS/HIPS, AV for clients and servers, and full disk encryption for laptops. While these types of systems can be useful, in most cases they fail to prevent a company's IP and customer data from being stolen by attackers.

This talk will present a model that can be used by companies to effectively detect and prevent such breaches by implementing a database security program focused on business integration, proactive security controls, and continuous monitoring and alerting. Examined will be the key focus areas of the program along with how each provides greater visibility to security and the business, and makes it possible to respond quicker to potential security incidents - potentially preventing a breach altogether.

 

Speaker: James Ruffer

Title: Attacking Corp America using Social Media

Abstract:James F. Ruffer III is well-known ethical hacker with a special interest in social engineering and social media hacking. He is a regular presence on the USA weekly (Chicago NBC radio), Memphis NBC TV, and Memphis Clicks and Coffee, where he talks on security issues.

Also, James has published widely on security topics, includingsocialmediasecurity.com, FBI Infragard, and connectedcops.net. James has spoken at several security events, including Phreaknic, Infosec Chicago, Memphis CyberExpo. Extending his expertise into the app world, James has publish apps for datalossdb.org,ihackcharities.org, and exoticliability.

James is currently on the board of Memphis OWASP and Memphis ISSA, and he serves as VP of IT for a financial institute. His past experience also includes CTO social media/mobile development, Encryption Engineer for fortune 500, and forensics engineer for fortune 50 company.

Register for Security BSides Memphis today!

Possibly Related Articles:
8058
Security Training
Information Security
Hacking Training Penetration Testing Security Infosec Education Security BSides BSidesMemphis
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.