We are pleased to announce our accepted Packet Hacking Village (PHV)
Talks at DEF CON 31. Times and location of talks will be announced
soon.
**********
Title: Pwning the Pwners with Mindware
Speaker: Frank "D9" DiGiovanni
Abstract: Traditionally the cyber attacker has an asymmetric advantage
over the cyber defender. But does it have to be that way? Is it
possible for the cyber defender to take an "offensive stance." This
talk will show how the emerging science of cyberpsychology and the
leveraging of AI can provide the defender with the ability to pwn the
most vulnerable component in the cyberattack kill chain, the attack's
human operator. Leveraging the DoD's "Tularosa Study," this talk will
cover a theoretical framework for achieving this objective, outline an
operational vignette, and then cover some the specifics for such an
approach.
Speaker Bio: Forty-one years of government service, Frank DiGiovanni
is a retired USAF Colonel and DoD Senior Executive Service. Co-Led
with the DoD CIO the development of the SecDef's DoD Cyber Workforce
Strategy. Built from scratch a six-month DoD Cyber Operations training
course, repurposed DEFCON's CTF and CTP technical architecture to
support DoD cyber operations training, and now working advanced cyber
R&D projects in private sector. UPENN doctoral dissertation examined
what makes hackers extraordinary unique from the average human
population.
**********
Title: The Importance of Arts and Crafts in ThreatOps
Speaker: Pete Hay, Editor-in-Chief, TheCyber.Report
Abstract: Cybersecurity professionals spend an huge amount of time
attempting to use a visual medium to communicate complicated concepts
in a simple yet information-dense manner. However if you ask 10
analysts to map out the same incident, you'll get 10 divergent
diagrams. In this presentation we present a method of leveling-up your
cybersecurity-related arts and crafts skills: effectively diagramming
incidents, threat reports, threat intel, and reporting to support
full-spectrum ThreatOps.
Speaker Bio: In addition to being SimSpace's Principal Security
Strategist, Pete is the Co-Founder & Editor-in-Chief of
TheCyber.Report. Pete has an extensive & diverse background in
technology driven fields including Computer Network Operations (CNO),
Network Forensics, & Nuclear Chemistry, as well as one of the few
patents issued in Cybersecurity & ZTA. A life-long learner & security
enthusiast, Pete helps Fortune 10 banks test & refine their security
postures, while running TheCyber.Report as a passion project.
**********
Title: Death by 1000 Likes: How Much Do You Really Leak in Social
Media?
Speaker: Will Kay
Abstract: As lonely Aussies attending our first Defcon last year, we
were frequently drawn to the hilarity/uniquness of the Wall of Sheep
board. One of our group suggested people leaking at the con was super
entertaining, but what about throughout the rest of the year? We
decided to use the time between DC30 and DC31 scraping the r/defcon
subreddit to create the Wall of Sheep - online edition.
Speaker Bio: Will works for a private security consultancy in
Australia. He is cybersecurity advisor and insider threat
consultant. His professional career began many years ago in military
intelligence to which he owes his knowledge of traditional targeting
methods. The organisation and team he works for today provides
security awareness and reinforcement training. His passion is removing
the weakness that exists across society to social engineering
techniques, and believes a more secure and prosperous future begins
with people.
**********
Title: OSINT for Physical Security Intelligence
Speakers: Mike Raggo, Security Researcher, SilentSignals; Chet Hosmer,
Chief Scientist
Abstract: Organizations seek rapid intelligence about critical
situations that impact their teams, locations, or assets. Yet when it
comes to OSINT we find organizations performing Open Source
Information gathering; wasting time sifting through data to get to the
actionable intelligence. In this presentation we demonstrate how to
collect curated data and eliminate 99% of the time spent on
preliminary data analysis. Furthermore, all of this data can be
combined to perform trending and predictive analysis for natural
disasters, geo-political situations, or business risk. The goal is to
provide attendees with ideas for formulating new approaches for
physical security OSINT.
Speaker Bios: Michael T. Raggo has over 30 years of security research
experience. During this time, he has uncovered and ethically disclosed
vulnerabilities in products including Samsung, Checkpoint, and
Netgear. Michael is the author of "Mobile Data Loss: Threats &
Countermeasures" and "Data Hiding" for Syngress Book. He is also a
frequent presenter at security conferences, including Black Hat, DEF
CON, Gartner, RSA, DoD Cyber Crime, OWASP, SANS. He was also awarded
the Pentagon's Certificate of Appreciation.
Chet Hosmer is an international author, educator, researcher, and
founder of Python Forensics, Inc., a non-profit research institute
focused on the collaborative development of open source investigative
technologies using the Python programming language. Chet is also a
Visiting Professor at Utica College in the Cybersecurity Graduate
Program, where his research and teaching is focused on data hiding,
active cyber defense and security of industrial control
systems. Additionally, Chet is an Adjunct Professor at Champlain
College in the Digital Forensics Graduate Program, where his research
and teaching is focused on solving hard digital investigation problems
using the Python programming language.
**********
Title: WINE Pairing with Malware
Speaker: Jared Stroud, Lead Security Engineer, The MITRE Corporation
Abstract: The growing popularity of playing AAA Windows video games on
Linux has increased the compatibility of tools such as WINE and
Proton. These same platforms that enable the latest games to run also
can be used to execute the latest Malware. This talk will walk
through configuring an environment to rapidly collect IoCs from
unknown samples without having to use expensive sandboxes. Learn how
to leverage your favorite UNIX tools to awk, grep, and pipe your way
to extracting valuable forensic evidence without submitting your
samples to $VENDOR. More on the offensive side? Come see how to
shorten the feedback loop from idea generation, to testing and finally
deployment!
Speaker Bio: Jared Stroud is a Lead Security Engineer at The MITRE
Corporation tackling problems related to Container and Kubernetes
security. Jared also contributes to ATT&CK via Adversary Emulation
for Linux threats.
Packet Hacking Village Talks at DEF CON 31
Talks at DEF CON 31. Times and location of talks will be announced
soon.
**********
Title: Pwning the Pwners with Mindware
Speaker: Frank "D9" DiGiovanni
Abstract: Traditionally the cyber attacker has an asymmetric advantage
over the cyber defender. But does it have to be that way? Is it
possible for the cyber defender to take an "offensive stance." This
talk will show how the emerging science of cyberpsychology and the
leveraging of AI can provide the defender with the ability to pwn the
most vulnerable component in the cyberattack kill chain, the attack's
human operator. Leveraging the DoD's "Tularosa Study," this talk will
cover a theoretical framework for achieving this objective, outline an
operational vignette, and then cover some the specifics for such an
approach.
Speaker Bio: Forty-one years of government service, Frank DiGiovanni
is a retired USAF Colonel and DoD Senior Executive Service. Co-Led
with the DoD CIO the development of the SecDef's DoD Cyber Workforce
Strategy. Built from scratch a six-month DoD Cyber Operations training
course, repurposed DEFCON's CTF and CTP technical architecture to
support DoD cyber operations training, and now working advanced cyber
R&D projects in private sector. UPENN doctoral dissertation examined
what makes hackers extraordinary unique from the average human
population.
**********
Title: The Importance of Arts and Crafts in ThreatOps
Speaker: Pete Hay, Editor-in-Chief, TheCyber.Report
Abstract: Cybersecurity professionals spend an huge amount of time
attempting to use a visual medium to communicate complicated concepts
in a simple yet information-dense manner. However if you ask 10
analysts to map out the same incident, you'll get 10 divergent
diagrams. In this presentation we present a method of leveling-up your
cybersecurity-related arts and crafts skills: effectively diagramming
incidents, threat reports, threat intel, and reporting to support
full-spectrum ThreatOps.
Speaker Bio: In addition to being SimSpace's Principal Security
Strategist, Pete is the Co-Founder & Editor-in-Chief of
TheCyber.Report. Pete has an extensive & diverse background in
technology driven fields including Computer Network Operations (CNO),
Network Forensics, & Nuclear Chemistry, as well as one of the few
patents issued in Cybersecurity & ZTA. A life-long learner & security
enthusiast, Pete helps Fortune 10 banks test & refine their security
postures, while running TheCyber.Report as a passion project.
**********
Title: Death by 1000 Likes: How Much Do You Really Leak in Social
Media?
Speaker: Will Kay
Abstract: As lonely Aussies attending our first Defcon last year, we
were frequently drawn to the hilarity/uniquness of the Wall of Sheep
board. One of our group suggested people leaking at the con was super
entertaining, but what about throughout the rest of the year? We
decided to use the time between DC30 and DC31 scraping the r/defcon
subreddit to create the Wall of Sheep - online edition.
Speaker Bio: Will works for a private security consultancy in
Australia. He is cybersecurity advisor and insider threat
consultant. His professional career began many years ago in military
intelligence to which he owes his knowledge of traditional targeting
methods. The organisation and team he works for today provides
security awareness and reinforcement training. His passion is removing
the weakness that exists across society to social engineering
techniques, and believes a more secure and prosperous future begins
with people.
**********
Title: OSINT for Physical Security Intelligence
Speakers: Mike Raggo, Security Researcher, SilentSignals; Chet Hosmer,
Chief Scientist
Abstract: Organizations seek rapid intelligence about critical
situations that impact their teams, locations, or assets. Yet when it
comes to OSINT we find organizations performing Open Source
Information gathering; wasting time sifting through data to get to the
actionable intelligence. In this presentation we demonstrate how to
collect curated data and eliminate 99% of the time spent on
preliminary data analysis. Furthermore, all of this data can be
combined to perform trending and predictive analysis for natural
disasters, geo-political situations, or business risk. The goal is to
provide attendees with ideas for formulating new approaches for
physical security OSINT.
Speaker Bios: Michael T. Raggo has over 30 years of security research
experience. During this time, he has uncovered and ethically disclosed
vulnerabilities in products including Samsung, Checkpoint, and
Netgear. Michael is the author of "Mobile Data Loss: Threats &
Countermeasures" and "Data Hiding" for Syngress Book. He is also a
frequent presenter at security conferences, including Black Hat, DEF
CON, Gartner, RSA, DoD Cyber Crime, OWASP, SANS. He was also awarded
the Pentagon's Certificate of Appreciation.
Chet Hosmer is an international author, educator, researcher, and
founder of Python Forensics, Inc., a non-profit research institute
focused on the collaborative development of open source investigative
technologies using the Python programming language. Chet is also a
Visiting Professor at Utica College in the Cybersecurity Graduate
Program, where his research and teaching is focused on data hiding,
active cyber defense and security of industrial control
systems. Additionally, Chet is an Adjunct Professor at Champlain
College in the Digital Forensics Graduate Program, where his research
and teaching is focused on solving hard digital investigation problems
using the Python programming language.
**********
Title: WINE Pairing with Malware
Speaker: Jared Stroud, Lead Security Engineer, The MITRE Corporation
Abstract: The growing popularity of playing AAA Windows video games on
Linux has increased the compatibility of tools such as WINE and
Proton. These same platforms that enable the latest games to run also
can be used to execute the latest Malware. This talk will walk
through configuring an environment to rapidly collect IoCs from
unknown samples without having to use expensive sandboxes. Learn how
to leverage your favorite UNIX tools to awk, grep, and pipe your way
to extracting valuable forensic evidence without submitting your
samples to $VENDOR. More on the offensive side? Come see how to
shorten the feedback loop from idea generation, to testing and finally
deployment!
Speaker Bio: Jared Stroud is a Lead Security Engineer at The MITRE
Corporation tackling problems related to Container and Kubernetes
security. Jared also contributes to ATT&CK via Adversary Emulation
for Linux threats.