This document outlines information gathered at the most recent AtlSecCon, on 4/27-28/2017 and some interesting findings and presentations performed by the speakers there:
Day 1:
Keynote Talk - The biggest take away that I received from this was two fold: Educate your employees/non-technical folk in a method that they understand and rather than just tell them you have to do X, tell them why your doing X and how by not doing X, that Y/Z will occur in plain terms. And that security starts and ends with your users, so if your not doing the first portion right, you can place all of the fanciest UTM and latest and greatest white/black boxes in front/in your infrastructure and it will simply not matter.
Cracking Locks like your on CSI: Cyber - This was interesting but was very much a if you have physical security, then it all goes out the window anyways talk. Concept was that using smart-locks, such as those with keypads could be easily circumvented from the outside either to fail open or to literally work like one of the locks off CSI Cyber where he plugs in a device and it magically unlocks. Not totally up my field, but cool none the less.
Murder by Vehicle - This was quite an eye opener, basically came to the formulation that smart cars can be hacked. Now, with that said, I've seen on Youtube where a buddy opens up his PC with looks to be a Serial Cable connected to the CAN and is able to make it slow down/accelerate/ect, but the crazy piece in all this is the amount of details that the presenter went into within reason explaining all of the items that can now be controller across this un-secure CAN table within car. (Think of the CAN as a literal network bus, where anyone can talk to anything on it.) As more cars and more modules get digitalized instead of being a physical controller then we run into the issue that it can be controlled. Examples that was brought up was E-Breaks, Acceleration and Cruise Control just to name a few.
Malware Research using OSINT and Open Source Tools - This was a presentation by my personally favorite malware researcher Raul Alvarez, he was explaining some of the common tools that are available for researching Malware and finding out what and how things work. Some of the products mentioned was Virtualbox, Cuckoo, OllyDbg, x64 OllyDbg and Immunity Dbg. He performed a presentation of using Cuckoo, Ubuntu and Virtualbox with an example of Petra showing how Cuckoo will take screenshots and break down the file changes/ect.
Vaccinating the IoT - This presentation was interesting as it outlined where everything is now connected to the internet, and its never actually properly secured, who is liable when things break. This goes kinda in-tie with Murder by Vehicle, but basically runs into the problem of as IoT devices get made, and security flaws are found out, they are never actually patched.
Closing Keynote - This ending keynote outlined the importance and ease of deployment of containers and their use in development, along with performing an additional secure environment where applications and items can run/work out of.
Will follow up with Pt 2 sometime today.
Day 1:
Keynote Talk - The biggest take away that I received from this was two fold: Educate your employees/non-technical folk in a method that they understand and rather than just tell them you have to do X, tell them why your doing X and how by not doing X, that Y/Z will occur in plain terms. And that security starts and ends with your users, so if your not doing the first portion right, you can place all of the fanciest UTM and latest and greatest white/black boxes in front/in your infrastructure and it will simply not matter.
Cracking Locks like your on CSI: Cyber - This was interesting but was very much a if you have physical security, then it all goes out the window anyways talk. Concept was that using smart-locks, such as those with keypads could be easily circumvented from the outside either to fail open or to literally work like one of the locks off CSI Cyber where he plugs in a device and it magically unlocks. Not totally up my field, but cool none the less.
Murder by Vehicle - This was quite an eye opener, basically came to the formulation that smart cars can be hacked. Now, with that said, I've seen on Youtube where a buddy opens up his PC with looks to be a Serial Cable connected to the CAN and is able to make it slow down/accelerate/ect, but the crazy piece in all this is the amount of details that the presenter went into within reason explaining all of the items that can now be controller across this un-secure CAN table within car. (Think of the CAN as a literal network bus, where anyone can talk to anything on it.) As more cars and more modules get digitalized instead of being a physical controller then we run into the issue that it can be controlled. Examples that was brought up was E-Breaks, Acceleration and Cruise Control just to name a few.
Malware Research using OSINT and Open Source Tools - This was a presentation by my personally favorite malware researcher Raul Alvarez, he was explaining some of the common tools that are available for researching Malware and finding out what and how things work. Some of the products mentioned was Virtualbox, Cuckoo, OllyDbg, x64 OllyDbg and Immunity Dbg. He performed a presentation of using Cuckoo, Ubuntu and Virtualbox with an example of Petra showing how Cuckoo will take screenshots and break down the file changes/ect.
Vaccinating the IoT - This presentation was interesting as it outlined where everything is now connected to the internet, and its never actually properly secured, who is liable when things break. This goes kinda in-tie with Murder by Vehicle, but basically runs into the problem of as IoT devices get made, and security flaws are found out, they are never actually patched.
Closing Keynote - This ending keynote outlined the importance and ease of deployment of containers and their use in development, along with performing an additional secure environment where applications and items can run/work out of.
Will follow up with Pt 2 sometime today.
Comments
Post a Comment