News / packet hacking village

Overview

The Wall of Sheep would like to announce a call for virtual presentations from Thursday, August 6th to Sunday, August 9th. Packet Hacking (Virtual) Village Talks goal is to deliver talks that increase security awareness and provide skills that can be immediately applied after the conference. Our audience ranges from those who are new to security to the most seasoned practitioners in the security industry. Introductory talks are welcome.

Topics of interest include:

• Tools and techniques on network sniffing, intrusion detection, monitoring, forensics, log analysis
• General Digital Forensics and Incident Response (DFIR) talks
• Threat hunting
• Incident response process and procedures and/or recovery
• Hands-on spy level makup art (e.g., wigs, prosthetic noses, etc.)
• How to do refresh your system without losing all your stuff and eliminate malware
• Setting up cloud backups that withstand ransomware attacks
• How to justify hacking / security tools in the corporate world
• How to use regulatory compliance requirements in your favor to enhance your overall funding and security posture
• Security awareness program success and failure stories
• Tools for data collection and visualization
• Purple and blue teaming
• Business continuity planning for cyber war

The Wall of Sheep will not accept product or vendor related pitches. If your talk is a thinly-veiled advertisement for a product or service your company is offering, please do not apply!

All accepted talks will be announced, recorded, and published by Aries Security, LLC. Please see our YouTube channel for all talks from previous years: https://www.youtube.com/channel/UCnL9S5Wv_dNvO381slSA06w.

The Call for Presentations will close on Friday, June 26th at 11:59 PM PDT. The list of talks will be finalized and published on Wednesday, July 15th.

Speaking Format

Each presentation slot is 1 hour maximum, including time for Q&A. If we have time and it is in line with our goals mentioned above, then there is a good chance you will be selected.

To submit a presentation, please provide the following information in the form below to cfp2020[at]wallofsheep[dot]com

Primary Speaker Name:

Primary Speaker Title and Company (if applicable):

Primary Speaker Email Address:

Primary Speaker Phone Number (to contact you if necessary during the conference):

Primary Speaker Twitter name (if you want it known if you are accepted):

Additional Speakers' name(s), titles, and social information:

Additional Email Addresses:

Is there a specific day or time you MUST speak by?

Name of Presentation:

Length of presentation: (20 minutes or 50 minutes)

Abstract (100 words MAXIMUM, absolutely necessary):

Your abstract will be used for the website. Summarize what your presentation will cover. Attendees will read this to get an idea of what they should know before your presentation, and what they will learn after. Use this to inform about how technical your talk is. This abstract is the primary way people will be drawn to your session. CFP reviews like to see what tools will be used and what materials you suggest to read in advance to get the most out of your presentation.

Speaker's Bio(s):

This text will be used for the website and printed materials and should be written in the third person. Cover any professional history that is relevant to the presentation, including past jobs, tools that you have written, etc. Let people know who you are and why you are qualified to speak on your topic. Presentations that are submitted without biographies will not be considered.

Detailed Outline:

You must provide a detailed outline containing the main points and navigation through your talk. Show how you intend to begin, where you intend to lead the audience and how you plan to get there. The outline may be provided in a separate attachment and may be as simple as a text file or as detailed as a "bare bones" presentation. The better your outline then the better we are able to best review your presentation against other submissions (and the higher chance you have of being accepted). SUBMISSION NOTE: Presentations that are submitted without abstracts, outlines, or speaker bios (e.g., that have only PDFs, PPTs, or white papers attached or only point to a URL) will not be considered.

Supporting File(s):

Additional supporting materials such as code, white papers, proof of concept, etc. must be sent along with this email to cfp2020[at]wallofsheep[dot]com to be considered. Note that additional files that may help in the selection process should be included. We are not asking for a complete presentation for this initial submission. That will only be required if you are selected for presenting.

Terms and Conditions

By submitting you agree to the Terms and Conditions below. Please read and accept these terms by inserting your name in the appropriate area, otherwise your application will be considered incomplete and returned to you.

Grant of Copyright Use

I warrant that the above work has not been previously published elsewhere, or if it has, that I have obtained permission for its publication Aries Security, LLC. and that I will promptly supply Aries Security, LLC. with wording for crediting the original publication and copyright owner. If I am selected for presentation, I hereby give Aries Security, LLC. permission to duplicate, record and redistribute this presentation, which includes, but is not limited to, the conference proceedings, conference CD, video, audio, and hand-outs to the conference attendees for educational, on-line, and all other purposes.

Terms of Speaking Requirements

1. I will submit a completed (and possibly updated) presentation and a reference to all of the tool(s), law(s), Web sites and/or publications referenced to at the end of my talk and as described in this CFP submission by noon PST, Wednesday, July 15th, 2020.

2. I will submit a final Abstract and Biography to the Wall of Sheep by noon PST, Wednesday, July 15th, 2020.

3. I will include a detailed bibliography as either a separate document or included within the presentation of all resources cited and/or used in my presentation.

4. I will complete my presentation within the time allocated to me - not running over the time allocation.

I, (insert your name here), have read and understand and agree to the terms as detailed in the Agreement to Terms of Speaking Requirements. In the case that a speaker is a child under the age of 13 years old: in compliance with the Children's Online Privacy Protection Act (COPPA) regulations, http://www.coppa.org, any child under age 13 must have parental consent for the collection, use, or disclosure of that child's personal information by a website. Parent/Guardian Consent: I (insert parent/guardian's name here) am the parent or guardian of the minor/s named above. I have read and understand and agree to the terms as detailed in the Agreement to Terms of Speaking Requirements.

Overview

The Wall of Sheep would like to announce a call for Workshops at DEF CON 28 in Las Vegas, NV from Thursday, August 6th to Sunday, August 9th. The Packet Hacking Village Workshop's goal is to deliver hands-on training sessions that increase security awareness and provide skills that can be immediately applied after the conference. Our audience ranges from those who are new to security to the most seasoned practitioners in the security industry. Introductory workshops are welcome! A very nominal fee will be charged for advanced registration of these workshops. However, all proceeds will go directly to Hackers for Charity. This is your chance to give back to the community in multiple ways!

The hands-on workshops area will have 40 computers pre-loaded with the necessary tools so attendees will not need to bring their own laptop. There will be one computer available for the presenter that is a mirror of the attendees. The mirror laptop will be displayed on one screen; a second projected display and hookups is available for you to present your material. We will be able to pre-load any software (within reason) including one virtual machine for your presentation. The computers will boot Kali Linux. While network access is available to all machines, it should not be relied upon for your presentation... this is DEF CON after all. :)

Topics of interest include:

• Tools for Network sniffing, intrusion detection, monitoring, reverse engineering, forensics, penetration testing, data collection and visualization
• Purple teaming
• Secure Software Development
• Training in hacking/security tools and their usage in the corporate world
• Programming for security practitioners
• Tool/task automation and optimization
• Incident response process and procedures

The Wall of Sheep will not accept product or vendor related pitches. If your content is a thinly-veiled advertisement for a product or service your company is offering, please do not apply!

The Call for Workshops will close on Friday, June 12th at 11:59 PM PDT. The list of talks will be finalized and published on Friday, June 26th.

Speaking Format

Each teaching slot is 1, 1.5 or 2 hours maximum, including time for Q&A. If we have time and it is in line with our goals mentioned above, then there is a good chance you will be selected.

To submit a workshop, please provide the following information in the form below to cfw2020[at]wallofsheep[dot]com

Primary Speaker Name:

Primary Speaker Title and Company (if applicable):

Primary Speaker Email Address:

Primary Speaker Phone Number (to contact you if necessary during the conference):

Primary Speaker Twitter name (if you want it known if you are accepted):

Additional Speakers' name(s), titles, and social information:

Additional Email Addresses:

Is there a specific day or time you MUST speak by?

Name of Workshop:

Length of Workshop:

(1, 1.5, or 2 hours)

How many VMs do you require on each student's laptop?

(0, 1, 2, 3+, unknown)

Abstract:

Your abstract will be used for the website and printed materials. Summarize what your workshop will cover. Attendees will read this to get an idea of what they should know before your presentation, and what they will learn after. Use this to inform about how technical your talk is. This abstract is the primary way people will be drawn to your session. CFW reviewers like to see what tools will be used and what materials you suggest to read in advance to get the most out of your presentation.

Equipment Needs & Special Requests:

The Wall of Sheep will provide laptops pre-loaded with software for the attendees, you will have 1 projected laptop setup the same as the attendees for demonstration, 1 projector feed for your laptop/material, and microphones. The laptops will boot Kali; please let us know if there is any software you will need pre-loaded on the workshop laptops. If you have a VM, please make sure it works with VirtualBox. One month before DEF CON, you will be asked to provide all software so it can be pre-loaded on the systems. Changes to your software configuration cannot be made after this time or during the conference.  We cannot accept workshops that require multiple VMs to be running simultaneously.

Speaker's Bio(s):

This text will be used for the website and printed materials and should be written in the third person. Cover any professional history that is relevant to the presentation, including past jobs, tools that you have written, etc. Let people know who you are and why you are qualified to speak on your topic. Presentations that are submitted without biographies will not be considered.

Detailed Outline:

You must provide a detailed outline containing the main points and navigation through your workshop. Show how you intend to begin, where you intend to lead the audience and how you plan to get there. The outline may be provided in a separate attachment and may be as simple as a text file or as detailed as a "bare bones" presentation. The better your outline then the better we are able to best review your presentation against other submissions (and the higher chance you have of being accepted). SUBMISSION NOTE: Presentations that are submitted without abstracts, outlines, or speaker bios (e.g., that have only PDFs, PPTs, or white papers attached or only point to a URL) will not be considered.

Supporting File(s):

Additional supporting materials such as code, white papers, proof of concept, etc. should be sent along with this email to cfw2020[at]wallofsheep[dot]com. Note that additional files that may help in the selection process should be included. We are not asking for a complete presentation for this initial submission. That will only be required if you are selected for presenting.

Note:

Attendees will be allowed to pre-register for the workshop prior to DEF CON; there will be a small charge with the proceeds going to a charity of the Packet Hacking Village's choice.

Terms and Conditions

By submitting you agree to the Terms and Conditions below. Please read and accept these terms by inserting your name in the appropriate area, otherwise your application will be considered incomplete and returned to you.

Grant of Copyright Use

I warrant that the above work has not been previously published elsewhere, or if it has, that I have obtained permission for its publication Aries Security, LLC. and that I will promptly supply Aries Security, LLC. with wording for crediting the original publication and copyright owner. If I am selected for presentation, I hereby give Aries Security, LLC. permission to duplicate, record and redistribute this presentation, which includes, but is not limited to, the conference proceedings, conference CD, video, audio, and hand-outs to the conference attendees for educational, on-line, and all other purposes.

Terms of Speaking Requirements

1. I will submit a completed (and possibly updated) presentation and a reference to all of the tool(s), law(s), Web sites and/or publications referenced to at the end of my talk and as described in this CFW submission by noon PST, June 30th, 2020.

2. I will submit a final Abstract and Biography to the Wall of Sheep by noon PST, June 30th, 2020.

3. I will include a detailed bibliography as either a separate document or included within the presentation of all resources cited and/or used in my presentation.

4. I will complete my presentation within the time allocated to me - not running over the time allocation.

5. I understand that the Wall of Sheep will provide 1 Laptop pre-loaded with software with a projector feed, 1 LCD projector feed, and microphones. I understand that I am responsible for providing all other necessary equipment, including laptops and machines (with VGA output), to complete my presentation.

6. I understand that I will be responsible for my own hotel and travel expenses, and admissions to the DEF CON Conference.

Yes, I, (insert primary speaker name), have read and agree to the Grant of Copyright Use.

I, (insert your name here), have read and understand and agree to the terms as detailed in the Agreement to Terms of Speaking Requirements.

In the case that a speaker is a child under the age of 13 years old: in compliance with the Children's Online Privacy Protection Act (COPPA) regulations, http://www.coppa.org, any child under age 13 must have parental consent for the collection, use, or disclosure of that child's personal information by a website. Parent/Guardian Consent: I (insert parent/guardian's name here) am the parent or guardian of the minor/s named above. I have read and understand and agree to the terms as detailed in the Agreement to Terms of Speaking Requirements.

Overview

The Wall of Sheep would like to announce a call for presentations at DEF CON 28 in Las Vegas, NV from Thursday, August 6th to Sunday, August 9th. Packet Hacking Village Talks goal is to deliver talks that increase security awareness and provide skills that can be immediately applied after the conference. Our audience ranges from those who are new to security to the most seasoned practitioners in the security industry. Introductory talks are welcome.

Topics of interest include:

• Tools and techniques on network sniffing, intrusion detection, monitoring, forensics, log analysis
• General Digital Forensics and Incident Response (DFIR) talks
• Threat hunting
• Incident response process and procedures and/or recovery
• Hands-on spy level makup art (e.g., wigs, prosthetic noses, etc.)
• How to do refresh your system without losing all your stuff and eliminate malware
• Setting up cloud backups that withstand ransomware attacks
• How to justify hacking / security tools in the corporate world
• How to use regulatory compliance requirements in your favor to enhance your overall funding and security posture
• Security awareness program success and failure stories
• Tools for data collection and visualization
• Purple and blue teaming
• Business continuity planning for cyber war

The Wall of Sheep will not accept product or vendor related pitches. If your talk is a thinly-veiled advertisement for a product or service your company is offering, please do not apply!

All accepted talks will be announced, recorded, and published by Aries Security, LLC. Please see our YouTube channel for all talks from previous years: https://www.youtube.com/channel/UCnL9S5Wv_dNvO381slSA06w.

The Call for Presentations will close on Friday, June 12th at 11:59 PM PST. The list of talks will be finalized and published on Friday, June 28th.

Speaking Format

Each presentation slot is 1 hour maximum, including time for Q&A. If we have time and it is in line with our goals mentioned above, then there is a good chance you will be selected.

To submit a presentation, please provide the following information in the form below to cfp2020[at]wallofsheep[dot]com

Primary Speaker Name:

Primary Speaker Title and Company (if applicable):

Primary Speaker Email Address:

Primary Speaker Phone Number (to contact you if necessary during the conference):

Primary Speaker Twitter name (if you want it known if you are accepted):

Additional Speakers' name(s), titles, and social information:

Additional Email Addresses:

Is there a specific day or time you MUST speak by?

Name of Presentation:

Length of presentation: (20 minutes or 50 minutes)

Abstract (100 words MAXIMUM, absolutely necessary for printing purposes):

Your abstract will be used for the website and printed materials. Summarize what your presentation will cover. Attendees will read this to get an idea of what they should know before your presentation, and what they will learn after. Use this to inform about how technical your talk is. This abstract is the primary way people will be drawn to your session. CFP reviews like to see what tools will be used and what materials you suggest to read in advance to get the most out of your presentation.

Equipment Needs & Special Requests:

The Wall of Sheep will provide 1 projector feed, and microphones. If you need to use multiple outputs for a demo, please mention this below.

Speaker's Bio(s):

This text will be used for the website and printed materials and should be written in the third person. Cover any professional history that is relevant to the presentation, including past jobs, tools that you have written, etc. Let people know who you are and why you are qualified to speak on your topic. Presentations that are submitted without biographies will not be considered.

Detailed Outline:

You must provide a detailed outline containing the main points and navigation through your talk. Show how you intend to begin, where you intend to lead the audience and how you plan to get there. The outline may be provided in a separate attachment and may be as simple as a text file or as detailed as a "bare bones" presentation. The better your outline then the better we are able to best review your presentation against other submissions (and the higher chance you have of being accepted). SUBMISSION NOTE: Presentations that are submitted without abstracts, outlines, or speaker bios (e.g., that have only PDFs, PPTs, or white papers attached or only point to a URL) will not be considered.

Supporting File(s):

Additional supporting materials such as code, white papers, proof of concept, etc. must be sent along with this email to <strongcfp2020[at]wallofsheep[dot]com to be considered. Note that additional files that may help in the selection process should be included. We are not asking for a complete presentation for this initial submission. That will only be required if you are selected for presenting.

Terms and Conditions

By submitting you agree to the Terms and Conditions below. Please read and accept these terms by inserting your name in the appropriate area, otherwise your application will be considered incomplete and returned to you.

Grant of Copyright Use

I warrant that the above work has not been previously published elsewhere, or if it has, that I have obtained permission for its publication Aries Security, LLC. and that I will promptly supply Aries Security, LLC. with wording for crediting the original publication and copyright owner. If I am selected for presentation, I hereby give Aries Security, LLC. permission to duplicate, record and redistribute this presentation, which includes, but is not limited to, the conference proceedings, conference CD, video, audio, and hand-outs to the conference attendees for educational, on-line, and all other purposes.

Terms of Speaking Requirements

1. I will submit a completed (and possibly updated) presentation and a reference to all of the tool(s), law(s), Web sites and/or publications referenced to at the end of my talk and as described in this CFP submission by noon PST, June 26th, 2020.

2. I will submit a final Abstract and Biography to the Wall of Sheep by noon PST, June 26th, 2020.

3. I will include a detailed bibliography as either a separate document or included within the presentation of all resources cited and/or used in my presentation.

4. I will complete my presentation within the time allocated to me - not running over the time allocation.

5. I understand that the Wall of Sheep will provide 1 LCD projector feed, 2 screens, and microphones. I understand that I am responsible for providing all other necessary equipment, including laptops and machines (with VGA output), to complete my presentation.

6. I understand that I will be responsible for my own hotel and travel expenses, and admissions to the DEF CON Conference.

Yes, I, (insert primary speaker name), have read and agree to the Grant of Copyright Use.

I, (insert your name here), have read and understand and agree to the terms as detailed in the Agreement to Terms of Speaking Requirements. In the case that a speaker is a child under the age of 13 years old: in compliance with the Children's Online Privacy Protection Act (COPPA) regulations, http://www.coppa.org, any child under age 13 must have parental consent for the collection, use, or disclosure of that child's personal information by a website. Parent/Guardian Consent: I (insert parent/guardian's name here) am the parent or guardian of the minor/s named above. I have read and understand and agree to the terms as detailed in the Agreement to Terms of Speaking Requirements.

DJ Bios

phreakocious (@phreakocious, https://mixcloud.com/phreakocious)

phreakocious is just this guy, you know?

Yurk (@yurkmeister, https://soundcloud.com/yurkmeister)

DJ / Producer from San Juan, Puerto Rico. Now resides in Brooklyn, New York.

tense future (@tensefutur3, https://soundcloud.com/tensefuture)

Los Angeles, CA. The soundtrack to autonomous vehicle gridlock.

kampf (@nerd_show, https://www.mixcloud.com/NerdShow/)

Resident Chillout DJ with SomaFM on Fluid and DEF CON Radio. Vinyl hangover cure.

DJ %27 (@djpercent27, https://www.mixcloud.com/djpercent27)

DJing since the 80s, Performed at chill out and pool at DEFCON XX, XXI. DEFCON XXIII.

Tineh Nimjeh (@tinehnimjeh, https://soundcloud.com/tinehnimjeh)

With 20+ years djing, including residencies at various nightclubs, Tineh Nimjeh live sets will always get your body moving. Tineh is an active member of DC562, and works in Vulnerability Management.

Icetre Normal (https://www.facebook.com/icetre.normal/, https://soundcloud.com/icetre-normal)

Icetre has been dj'ing since defcon 13. One of Icetre's superpowers is rearranging space and time in the process of epic party creation. He isn't always available to chat, as he may be being smuggled past hotel security for his own safety. When not digging in the crate to field a request for Freebird, Icetre is usually being asked to turn down the volume on his house and electro beats.

Yesterday & Tomorrow (@wompapmow, https://soundcloud.com/tomorrow-yesterday)

DJ duo inspired by the masters, they seek to bring listeners on a journey ranging from the depths of techno to the expansive sounds of progressive house

Terrestrial Access Network (https://soundcloud.com/collinsullivan, https://soundcloud.com/shockedatmusic)

Classic Electro - "If network packets were to dance, they would surely dance to this..."

CIRCO - [Cisco Implant Raspberry Controlled Operations]

Emilio Couto, eKio Security

Designed under Raspberry Pi and aimed for Red Team Ops, we take advantage of “Sec/Net/Dev/Ops” enterprise tools to capture network credentials in a stealth mode. Using a low profile hardware & electronics camouflaged as simple network outlet box to be sitting under/over a desk. CIRCO include different techniques for network data exfiltration to avoid detection. This tool gather information and use a combination of honeypots to trick Automation Systems to give us their network credentials!

Emilio Couto (Twitter: @ekio_jp) is a Security Consultant with more than 20 years of experience in the network and security field. Born and raised in Argentina, he is currently located in Japan where multitasking between language, culture and technologies is a must. Over the last decade focusing mainly on Finance IT. In his spare time he enjoys playing with RFID, computers and home made IoT devices. Over the last 5 years presenting tools in conferences (Black Hat Asia, HITB, AV Tokyo and SECCON)

Generating Personalized Wordlists With NLP by Analyzing Tweets

Utku Sen, R&D Lead at Tear Security

Adversaries need to have a wordlist or combination-generation tool while conducting password guessing attacks. To narrow the combination pool, researchers developed a method named "mask attack" where the attacker needs to assume a password's structure. Even if it narrows the combination pool significantly, it can be still too large to use for online attacks or offline attacks with low hardware resources. Rhodiola tool is developed to narrow the combination pool by creating a personalized wordlist for target people. It finds interest areas of a given user by analyzing his/her tweets, and builds a personalized wordlist.

Utku Sen (Twitter: @utkusen) is a security researcher who is mostly focused on application security, network security and tool development. He presented his different tools and researches in Black Hat USA Arsenal, DEF CON Demo Labs and Packet Hacking Village in recent years. He's also nominated for Pwnie Awards on "Best Backdoor" category in 2016. He is currently working for Tear Security.

Leveraging Passive Network Mapping with Raspberry Pi and Python

Chet Hosmer, Owner of Python Forensics

Mapping of network assets and their behaviors is a vital step needed for the prevention and response to cyber-attacks. Today active tools like NMAP are used to discover network assets, however, these methods take a momentary snapshot of network devices. By passively monitoring network activity the discovery of rogue devices, aberrant behavior, and emerging threats is possible. This talk and demonstration will utilize a Raspberry Pi and a custom Python solution to map network assets and their behaviors and demonstration the identification of rogue devices and unauthorized behaviors.

Chet Hosmer (Twitter: @chethosmer) is an international author, educator & researcher, and founder of Python Forensics, Inc., a non-profit research institute focused on the collaborative development of open source investigative technologies using the Python programming language. Chet is also a Visiting Professor at Utica College in the Cybersecurity Graduate Program, where his research and teaching is focused on data hiding, active cyber defense and security of industrial control systems. Additionally, Chet is an Adjunct Professor at Champlain College in the Digital Forensics Graduate Program, where his research and teaching is focused on solving hard digital investigation problems using the Python programming language.

Bestsellers in the Underground Economy - Measuring Malware Popularity by Forum

Winnona DeSombre, Threat Intelligence Researcher at Recorded Future

While you can patch against malware infecting your tech stack or targeting your competitors, what about malware that hasn't been in the news? This presentation will cover what malware and tools are popular among underground forum members based on prevalence in forum ads, how malware presence differs between forums, and why understanding that difference matters.

Winnona DeSombre (Twitter: @__winn) is an Asia Pacific threat intelligence researcher at Recorded Future, focusing on Chinese underground hacking communities and East Asian cyber espionage campaigns. She was recently featured in Threatcare's "Tribe of Hackers" book, containing career advice from some of the world's best information security professionals.

Phishing Freakonomics

Russell Butturini

This presentation is the story of the success and failures of building a security awareness program at a Top 20 CPA firm, and finding "the hidden side" of why users fail phishing exercises (both simulated and not!). The presentation will cover how Elasticsearch was used to correlate awareness training, phishing test, and HR data together, examine real results from this work, and the improvements that were made to improve user awareness and reduce phishing related security incidents.

Russell Butturini (Twitter: @tcstoolhax0r) is head of information security for a top 20 CPA and financial services firm. He has authored tools for both red and blue teams with his C- and Python coding skills. His most popular tool, NoSQLMap, was featured in the Hacker Playbook 2.

Solving Crimes with Wireless GeoFencing and Multi-Zone Correlation Analytics

Gleb Esman, Senior Project Manager, Fraud Analytics and Research at Splunk Inc.

The presentation will introduce viewer to geofencing - the technique successfully used by law enforcement agencies to pinpoint suspects in an array of anonymous metadata coming from wireless devices. The presentation will teach viewer how to build such system from scratch using freely downloadable analytical tools. Different ways to visually define GeoFencing zones and investigation constraints will be explained. Samples of working scripts, search queries, data formats and working dashboard layouts will be provided.

Gleb Esman (Twitter: @gesman) helps to guide research, product planning and development efforts in the areas of fraud detection, data security analytics and investigations at Splunk Inc. Currently Gleb manages number of security projects in healthcare space such as drugs and opioids diversion platform and healthcare privacy monitoring platform. Before Splunk Gleb was engaged at Morgan Stanley overseeing fraud detection platform and enterprise wide data analytics systems within retail banking space. During his career, Gleb worked in a various positions at a number of enterprises involved in research and development of solutions against advanced malware and computer viruses as well as solutions for secure payments and data protection in e-commerce space. Gleb is an author of several patents in Deep Learning, Security, Behavior Biometrics and Healthcare Data Analytics.

StegoAugmented Malware

Mike Raggo, CSO at 802 Secure
Chet Hosmer, Owner of Python Forensics

As adversaries look for new methods of creating malware, steganography has seen a resurgence. In this session, we'll review this black art and uncover recent steganographic malware weaponizing techniques. We'll cover techniques that include file and image embedding techniques invisible to malware and intrusion detection systems, methods of exploiting weak networking protocols for covert communications, mischievous IoT devices, and cloud data hiding methods. But we don't stop there, our organic research has uncovered numerous other ways in which malware could be embedded in an effort to prepare threat researchers with the knowledge to improve their tools and fortify their networks.

Mike Raggo (Twitter: @DataHiding) is Chief Security Officer at 802 Secure and has over 20 years of security research experience. His current focus is wireless IoT threats impacting the enterprise. Michael is the author of "Mobile Data Loss: Threats & Countermeasures" and "Data Hiding" for Syngress Books, and contributing author for "Information Security the Complete Reference 2nd Edition". A former security trainer, Michael has briefed international defense agencies including the FBI and Pentagon, and is a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, DoD Cyber Crime, OWASP, HackCon, and SANS.

Chet Hosmer (Twitter: @chethosmer) is an international author, educator & researcher, and founder of Python Forensics, Inc., a non-profit research institute focused on the collaborative development of open source investigative technologies using the Python programming language. Chet is also a Visiting Professor at Utica College in the Cybersecurity Graduate Program, where his research and teaching is focused on data hiding, active cyber defense and security of industrial control systems. Additionally, Chet is an Adjunct Professor at Champlain College in the Digital Forensics Graduate Program, where his research and teaching is focused on solving hard digital investigation problems using the Python programming language.

Wi-Fi Threat Modelling and Monitoring (WiNT)

Besim Altinok, Barikat Internet Security
Can Kurnaz, Senior Cybersecurity Consultant at KPMG Netherlands

With the widespread use of wireless Internet access, we see that the use of portable technologies is rapidly increasing. Increasing public networks and facilitating access to these networks have attracted the attention of attackers. Due to easy availability of mature honeypot creation tools, this attack is a slam dunk for even the most novice of Wi-Fi attackers. Enterprise security products have tried but failed to solve this problem with rule and lockdown based approaches. In this talk, we are going to tell a story experienced about Wi-Fi network attackers. We will practically demonstrate how using new detection and deception techniques we can make Wi-Fi clients and environmentally secure.

Besim Altinok (Twitter: @AltnokBesim) has been researching Wi-Fi security for over a decade. He created WiPi-Hunter project against Wi-Fi hackers. He is the author of a book on Wi-Fi security. Besim's work on wireless security has been published in ArkaKapi Magazine and others. He has also spoken at top conferences including BlackHat Europe, ASIA, Defcon, and others. Besim ALTINOK works currently at BARIKAT Internet Security in Turkey. Besim also founded Pentester Training project.

Can Kurnaz (Twitter: @0x43414e) is conducting penetration tests from internet and internal networks to web-based applications, network infrastructures, wireless devices, IoT devices and operational technology infrastructures such as ICS/SCADA systems and components.